diff --git a/agent/asm/mocks/secretsmanagerapi_mocks.go b/agent/asm/mocks/secretsmanagerapi_mocks.go index cc599bae910..b123d2a8efb 100644 --- a/agent/asm/mocks/secretsmanagerapi_mocks.go +++ b/agent/asm/mocks/secretsmanagerapi_mocks.go @@ -50,6 +50,89 @@ func (m *MockSecretsManagerAPI) EXPECT() *MockSecretsManagerAPIMockRecorder { return m.recorder } +// BatchGetSecretValue mocks base method. +func (m *MockSecretsManagerAPI) BatchGetSecretValue(arg0 *secretsmanager.BatchGetSecretValueInput) (*secretsmanager.BatchGetSecretValueOutput, error) { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "BatchGetSecretValue", arg0) + ret0, _ := ret[0].(*secretsmanager.BatchGetSecretValueOutput) + ret1, _ := ret[1].(error) + return ret0, ret1 +} + +// BatchGetSecretValue indicates an expected call of BatchGetSecretValue. +func (mr *MockSecretsManagerAPIMockRecorder) BatchGetSecretValue(arg0 interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "BatchGetSecretValue", reflect.TypeOf((*MockSecretsManagerAPI)(nil).BatchGetSecretValue), arg0) +} + +// BatchGetSecretValuePages mocks base method. +func (m *MockSecretsManagerAPI) BatchGetSecretValuePages(arg0 *secretsmanager.BatchGetSecretValueInput, arg1 func(*secretsmanager.BatchGetSecretValueOutput, bool) bool) error { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "BatchGetSecretValuePages", arg0, arg1) + ret0, _ := ret[0].(error) + return ret0 +} + +// BatchGetSecretValuePages indicates an expected call of BatchGetSecretValuePages. +func (mr *MockSecretsManagerAPIMockRecorder) BatchGetSecretValuePages(arg0, arg1 interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "BatchGetSecretValuePages", reflect.TypeOf((*MockSecretsManagerAPI)(nil).BatchGetSecretValuePages), arg0, arg1) +} + +// BatchGetSecretValuePagesWithContext mocks base method. +func (m *MockSecretsManagerAPI) BatchGetSecretValuePagesWithContext(arg0 context.Context, arg1 *secretsmanager.BatchGetSecretValueInput, arg2 func(*secretsmanager.BatchGetSecretValueOutput, bool) bool, arg3 ...request.Option) error { + m.ctrl.T.Helper() + varargs := []interface{}{arg0, arg1, arg2} + for _, a := range arg3 { + varargs = append(varargs, a) + } + ret := m.ctrl.Call(m, "BatchGetSecretValuePagesWithContext", varargs...) + ret0, _ := ret[0].(error) + return ret0 +} + +// BatchGetSecretValuePagesWithContext indicates an expected call of BatchGetSecretValuePagesWithContext. +func (mr *MockSecretsManagerAPIMockRecorder) BatchGetSecretValuePagesWithContext(arg0, arg1, arg2 interface{}, arg3 ...interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + varargs := append([]interface{}{arg0, arg1, arg2}, arg3...) + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "BatchGetSecretValuePagesWithContext", reflect.TypeOf((*MockSecretsManagerAPI)(nil).BatchGetSecretValuePagesWithContext), varargs...) +} + +// BatchGetSecretValueRequest mocks base method. +func (m *MockSecretsManagerAPI) BatchGetSecretValueRequest(arg0 *secretsmanager.BatchGetSecretValueInput) (*request.Request, *secretsmanager.BatchGetSecretValueOutput) { + m.ctrl.T.Helper() + ret := m.ctrl.Call(m, "BatchGetSecretValueRequest", arg0) + ret0, _ := ret[0].(*request.Request) + ret1, _ := ret[1].(*secretsmanager.BatchGetSecretValueOutput) + return ret0, ret1 +} + +// BatchGetSecretValueRequest indicates an expected call of BatchGetSecretValueRequest. +func (mr *MockSecretsManagerAPIMockRecorder) BatchGetSecretValueRequest(arg0 interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "BatchGetSecretValueRequest", reflect.TypeOf((*MockSecretsManagerAPI)(nil).BatchGetSecretValueRequest), arg0) +} + +// BatchGetSecretValueWithContext mocks base method. +func (m *MockSecretsManagerAPI) BatchGetSecretValueWithContext(arg0 context.Context, arg1 *secretsmanager.BatchGetSecretValueInput, arg2 ...request.Option) (*secretsmanager.BatchGetSecretValueOutput, error) { + m.ctrl.T.Helper() + varargs := []interface{}{arg0, arg1} + for _, a := range arg2 { + varargs = append(varargs, a) + } + ret := m.ctrl.Call(m, "BatchGetSecretValueWithContext", varargs...) + ret0, _ := ret[0].(*secretsmanager.BatchGetSecretValueOutput) + ret1, _ := ret[1].(error) + return ret0, ret1 +} + +// BatchGetSecretValueWithContext indicates an expected call of BatchGetSecretValueWithContext. +func (mr *MockSecretsManagerAPIMockRecorder) BatchGetSecretValueWithContext(arg0, arg1 interface{}, arg2 ...interface{}) *gomock.Call { + mr.mock.ctrl.T.Helper() + varargs := append([]interface{}{arg0, arg1}, arg2...) + return mr.mock.ctrl.RecordCallWithMethodType(mr.mock, "BatchGetSecretValueWithContext", reflect.TypeOf((*MockSecretsManagerAPI)(nil).BatchGetSecretValueWithContext), varargs...) +} + // CancelRotateSecret mocks base method. func (m *MockSecretsManagerAPI) CancelRotateSecret(arg0 *secretsmanager.CancelRotateSecretInput) (*secretsmanager.CancelRotateSecretOutput, error) { m.ctrl.T.Helper() diff --git a/agent/go.mod b/agent/go.mod index 812549be737..a7d951ebce1 100644 --- a/agent/go.mod +++ b/agent/go.mod @@ -4,7 +4,7 @@ go 1.19 require ( github.com/aws/amazon-ecs-agent/ecs-agent v0.0.0 - github.com/aws/aws-sdk-go v1.44.173 + github.com/aws/aws-sdk-go v1.51.3 github.com/awslabs/go-config-generator-for-fluentd-and-fluentbit v0.0.0-20210308162251-8959c62cb8f9 github.com/cihub/seelog v0.0.0-20170130134532-f561c5e57575 github.com/container-storage-interface/spec v1.8.0 diff --git a/agent/go.sum b/agent/go.sum index 12cb28f6311..c99f7a4aa06 100644 --- a/agent/go.sum +++ b/agent/go.sum @@ -7,8 +7,8 @@ github.com/alecthomas/template v0.0.0-20190718012654-fb15b899a751/go.mod h1:LOuy github.com/alecthomas/units v0.0.0-20151022065526-2efee857e7cf/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0= github.com/alecthomas/units v0.0.0-20190717042225-c3de453c63f4/go.mod h1:ybxpYRFXyAe+OPACYpWeL0wqObRcbAqCMya13uyzqw0= github.com/alecthomas/units v0.0.0-20190924025748-f65c72e2690d/go.mod h1:rBZYJk541a8SKzHPHnH3zbiI+7dagKZ0cgpgrD7Fyho= -github.com/aws/aws-sdk-go v1.44.173 h1:8kXIxvQnBpGhmR3Eof6SnCKgR0q5/L/3Qbv9vAC5wic= -github.com/aws/aws-sdk-go v1.44.173/go.mod h1:aVsgQcEevwlmQ7qHE9I3h+dtQgpqhFB+i8Phjh7fkwI= +github.com/aws/aws-sdk-go v1.51.3 h1:OqSyEXcJwf/XhZNVpMRgKlLA9nmbo5X8dwbll4RWxq8= +github.com/aws/aws-sdk-go v1.51.3/go.mod h1:LF8svs817+Nz+DmiMQKTO3ubZ/6IaTpq3TjupRn3Eqk= github.com/awslabs/go-config-generator-for-fluentd-and-fluentbit v0.0.0-20210308162251-8959c62cb8f9 h1:BKngsktYtIiCpkptsC6xzc9ZqleZTofjqrjJWPIiVwA= github.com/awslabs/go-config-generator-for-fluentd-and-fluentbit v0.0.0-20210308162251-8959c62cb8f9/go.mod h1:pHmn5q2flnnJgAQUoD3Hys3Fe3uoZnSwRy+Irb5Awak= github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q= @@ -222,7 +222,6 @@ github.com/vishvananda/netns v0.0.4/go.mod h1:SpkAiCQRtJ6TvvxPnOSyH3BMl6unz3xZla github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.3.5/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k= -github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY= go.etcd.io/bbolt v1.3.9 h1:8x7aARPEXiXbHmtUwAIv7eV2fQFHrLLavdiJ3uzJXoI= go.etcd.io/bbolt v1.3.9/go.mod h1:zaO32+Ti0PK1ivdPtgMESzuzL2VPoIG1PCQNvOdo/dE= go.uber.org/goleak v1.1.12 h1:gZAh5/EyT/HQwlpkCy6wTpqfH9H8Lz8zbm3dZh+OyzA= @@ -230,11 +229,9 @@ golang.org/x/crypto v0.0.0-20180904163835-0709b304e793/go.mod h1:6SG95UA2DQfeDnf golang.org/x/crypto v0.0.0-20190308221718-c2843e01d9a2/go.mod h1:djNgcEr1/C05ACkg1iLfiJU5Ep61QUkGW8qpdssI0+w= golang.org/x/crypto v0.0.0-20191011191535-87dc89f01550/go.mod h1:yigFU9vqHzYiE8UmvKecakEJjdnWj3jj499lnFckfCI= golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= -golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= -golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4= golang.org/x/mod v0.12.0 h1:rmsUpXtvNzj340zd98LZ4KntptpfRHwpFOHG188oHXc= golang.org/x/mod v0.12.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= @@ -248,11 +245,8 @@ golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLL golang.org/x/net v0.0.0-20200520004742-59133d7f0dd7/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A= golang.org/x/net v0.0.0-20200625001655-4c5254603344/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA= golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= -golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96bSt6lcn1PtDYWL6XObtHCRCNQM= golang.org/x/net v0.0.0-20210428140749-89ef3d95e781/go.mod h1:OJAsFXCWl8Ukc7SiCT/9KSuxbyM7479/AVlXFRxuMCk= -golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= -golang.org/x/net v0.1.0/go.mod h1:Cx3nUiGt4eDBEyega/BKRp+/AlGL8hYe7U9odMt2Cco= golang.org/x/net v0.17.0 h1:pVaXccu2ozPjCXewfr1S7xza/zcXTity9cCdXQYSjIM= golang.org/x/net v0.17.0/go.mod h1:NxSsAGuq816PNPmqtQdLE42eU2Fs7NoRIZrHJAlaCOE= golang.org/x/oauth2 v0.0.0-20190226205417-e64efc72b421/go.mod h1:gOpvHmFTYa4IltrdGE7lF6nIHvwfUNPOp7c8zoXwtLw= @@ -264,7 +258,6 @@ golang.org/x/sync v0.0.0-20190911185100-cd5d95a43a6e/go.mod h1:RxMgew5VJxzue5/jJ golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20201207232520-09787c993a3a/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.5.0 h1:60k92dhOjHxJkrqnwsfl8KuaHbn/5dl0lUPUklKo3qE= golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20180909124046-d0be0721c37e/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= @@ -291,23 +284,15 @@ golang.org/x/sys v0.0.0-20210330210617-4fbd30eecc44/go.mod h1:h1NjWce9XRLGQEsW7w golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210510120138-977fb7262007/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20210603081109-ebe580a85c40/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220908164124-27713097b956/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.1.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.13.0 h1:Af8nKPmuFypiUBjVoU9V20FiaFXOcuZI21p0ycVYYGE= golang.org/x/sys v0.13.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= -golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= -golang.org/x/term v0.1.0/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= -golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= -golang.org/x/text v0.4.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= golang.org/x/text v0.13.0 h1:ablQoSUd0tRdKxZewP80B+BaqeKJuVhuRxj/dkrun3k= golang.org/x/text v0.13.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE= golang.org/x/time v0.3.0 h1:rg5rLMjNzMS1RkNLzCG38eapWhnYLFYXDXj2gOlr8j4= @@ -318,7 +303,6 @@ golang.org/x/tools v0.0.0-20200619180055-7c47624df98f/go.mod h1:EkVYQZoAsY45+roY golang.org/x/tools v0.0.0-20201224043029-2b0845dc783e/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= golang.org/x/tools v0.1.1/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= -golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc= golang.org/x/tools v0.12.0 h1:YW6HUoUmYBpwSgyaGaZq1fHjrBjX1rlpZ54T6mu2kss= golang.org/x/tools v0.12.0/go.mod h1:Sc0INKfu04TlqNoRA1hgpFZbhYXHPr4V5DzpSBTPqQM= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= diff --git a/agent/vendor/github.com/aws/aws-sdk-go/aws/auth/bearer/token.go b/agent/vendor/github.com/aws/aws-sdk-go/aws/auth/bearer/token.go new file mode 100644 index 00000000000..dd950a286fb --- /dev/null +++ b/agent/vendor/github.com/aws/aws-sdk-go/aws/auth/bearer/token.go @@ -0,0 +1,50 @@ +package bearer + +import ( + "github.com/aws/aws-sdk-go/aws" + "time" +) + +// Token provides a type wrapping a bearer token and expiration metadata. +type Token struct { + Value string + + CanExpire bool + Expires time.Time +} + +// Expired returns if the token's Expires time is before or equal to the time +// provided. If CanExpire is false, Expired will always return false. +func (t Token) Expired(now time.Time) bool { + if !t.CanExpire { + return false + } + now = now.Round(0) + return now.Equal(t.Expires) || now.After(t.Expires) +} + +// TokenProvider provides interface for retrieving bearer tokens. +type TokenProvider interface { + RetrieveBearerToken(aws.Context) (Token, error) +} + +// TokenProviderFunc provides a helper utility to wrap a function as a type +// that implements the TokenProvider interface. +type TokenProviderFunc func(aws.Context) (Token, error) + +// RetrieveBearerToken calls the wrapped function, returning the Token or +// error. +func (fn TokenProviderFunc) RetrieveBearerToken(ctx aws.Context) (Token, error) { + return fn(ctx) +} + +// StaticTokenProvider provides a utility for wrapping a static bearer token +// value within an implementation of a token provider. +type StaticTokenProvider struct { + Token Token +} + +// RetrieveBearerToken returns the static token specified. +func (s StaticTokenProvider) RetrieveBearerToken(aws.Context) (Token, error) { + return s.Token, nil +} diff --git a/agent/vendor/github.com/aws/aws-sdk-go/aws/config.go b/agent/vendor/github.com/aws/aws-sdk-go/aws/config.go index 4818ea427e3..c483e0cb8e6 100644 --- a/agent/vendor/github.com/aws/aws-sdk-go/aws/config.go +++ b/agent/vendor/github.com/aws/aws-sdk-go/aws/config.go @@ -20,16 +20,16 @@ type RequestRetryer interface{} // A Config provides service configuration for service clients. By default, // all clients will use the defaults.DefaultConfig structure. // -// // Create Session with MaxRetries configuration to be shared by multiple -// // service clients. -// sess := session.Must(session.NewSession(&aws.Config{ -// MaxRetries: aws.Int(3), -// })) +// // Create Session with MaxRetries configuration to be shared by multiple +// // service clients. +// sess := session.Must(session.NewSession(&aws.Config{ +// MaxRetries: aws.Int(3), +// })) // -// // Create S3 service client with a specific Region. -// svc := s3.New(sess, &aws.Config{ -// Region: aws.String("us-west-2"), -// }) +// // Create S3 service client with a specific Region. +// svc := s3.New(sess, &aws.Config{ +// Region: aws.String("us-west-2"), +// }) type Config struct { // Enables verbose error printing of all credential chain errors. // Should be used when wanting to see all errors while attempting to @@ -192,6 +192,23 @@ type Config struct { // EC2MetadataDisableTimeoutOverride *bool + // Set this to `false` to disable EC2Metadata client from falling back to IMDSv1. + // By default, EC2 role credentials will fall back to IMDSv1 as needed for backwards compatibility. + // You can disable this behavior by explicitly setting this flag to `false`. When false, the EC2Metadata + // client will return any errors encountered from attempting to fetch a token instead of silently + // using the insecure data flow of IMDSv1. + // + // Example: + // sess := session.Must(session.NewSession(aws.NewConfig() + // .WithEC2MetadataEnableFallback(false))) + // + // svc := s3.New(sess) + // + // See [configuring IMDS] for more information. + // + // [configuring IMDS]: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/configuring-instance-metadata-service.html + EC2MetadataEnableFallback *bool + // Instructs the endpoint to be generated for a service client to // be the dual stack endpoint. The dual stack endpoint will support // both IPv4 and IPv6 addressing. @@ -283,16 +300,16 @@ type Config struct { // NewConfig returns a new Config pointer that can be chained with builder // methods to set multiple configuration values inline without using pointers. // -// // Create Session with MaxRetries configuration to be shared by multiple -// // service clients. -// sess := session.Must(session.NewSession(aws.NewConfig(). -// WithMaxRetries(3), -// )) +// // Create Session with MaxRetries configuration to be shared by multiple +// // service clients. +// sess := session.Must(session.NewSession(aws.NewConfig(). +// WithMaxRetries(3), +// )) // -// // Create S3 service client with a specific Region. -// svc := s3.New(sess, aws.NewConfig(). -// WithRegion("us-west-2"), -// ) +// // Create S3 service client with a specific Region. +// svc := s3.New(sess, aws.NewConfig(). +// WithRegion("us-west-2"), +// ) func NewConfig() *Config { return &Config{} } @@ -425,6 +442,17 @@ func (c *Config) WithUseDualStack(enable bool) *Config { return c } +// WithUseFIPSEndpoint sets a config UseFIPSEndpoint value returning a Config +// pointer for chaining. +func (c *Config) WithUseFIPSEndpoint(enable bool) *Config { + if enable { + c.UseFIPSEndpoint = endpoints.FIPSEndpointStateEnabled + } else { + c.UseFIPSEndpoint = endpoints.FIPSEndpointStateDisabled + } + return c +} + // WithEC2MetadataDisableTimeoutOverride sets a config EC2MetadataDisableTimeoutOverride value // returning a Config pointer for chaining. func (c *Config) WithEC2MetadataDisableTimeoutOverride(enable bool) *Config { @@ -432,6 +460,13 @@ func (c *Config) WithEC2MetadataDisableTimeoutOverride(enable bool) *Config { return c } +// WithEC2MetadataEnableFallback sets a config EC2MetadataEnableFallback value +// returning a Config pointer for chaining. +func (c *Config) WithEC2MetadataEnableFallback(v bool) *Config { + c.EC2MetadataEnableFallback = &v + return c +} + // WithSleepDelay overrides the function used to sleep while waiting for the // next retry. Defaults to time.Sleep. func (c *Config) WithSleepDelay(fn func(time.Duration)) *Config { @@ -576,6 +611,10 @@ func mergeInConfig(dst *Config, other *Config) { dst.EC2MetadataDisableTimeoutOverride = other.EC2MetadataDisableTimeoutOverride } + if other.EC2MetadataEnableFallback != nil { + dst.EC2MetadataEnableFallback = other.EC2MetadataEnableFallback + } + if other.SleepDelay != nil { dst.SleepDelay = other.SleepDelay } diff --git a/agent/vendor/github.com/aws/aws-sdk-go/aws/corehandlers/awsinternal.go b/agent/vendor/github.com/aws/aws-sdk-go/aws/corehandlers/awsinternal.go new file mode 100644 index 00000000000..140242dd1b8 --- /dev/null +++ b/agent/vendor/github.com/aws/aws-sdk-go/aws/corehandlers/awsinternal.go @@ -0,0 +1,4 @@ +// DO NOT EDIT +package corehandlers + +const isAwsInternal = "" \ No newline at end of file diff --git a/agent/vendor/github.com/aws/aws-sdk-go/aws/corehandlers/user_agent.go b/agent/vendor/github.com/aws/aws-sdk-go/aws/corehandlers/user_agent.go index ab69c7a6f38..ac842c55d89 100644 --- a/agent/vendor/github.com/aws/aws-sdk-go/aws/corehandlers/user_agent.go +++ b/agent/vendor/github.com/aws/aws-sdk-go/aws/corehandlers/user_agent.go @@ -35,3 +35,13 @@ var AddHostExecEnvUserAgentHander = request.NamedHandler{ request.AddToUserAgent(r, execEnvUAKey+"/"+v) }, } + +var AddAwsInternal = request.NamedHandler{ + Name: "core.AddAwsInternal", + Fn: func(r *request.Request) { + if len(isAwsInternal) == 0 { + return + } + request.AddToUserAgent(r, isAwsInternal) + }, +} diff --git a/agent/vendor/github.com/aws/aws-sdk-go/aws/credentials/endpointcreds/provider.go b/agent/vendor/github.com/aws/aws-sdk-go/aws/credentials/endpointcreds/provider.go index 785f30d8e6c..329f788a38a 100644 --- a/agent/vendor/github.com/aws/aws-sdk-go/aws/credentials/endpointcreds/provider.go +++ b/agent/vendor/github.com/aws/aws-sdk-go/aws/credentials/endpointcreds/provider.go @@ -31,6 +31,8 @@ package endpointcreds import ( "encoding/json" + "fmt" + "strings" "time" "github.com/aws/aws-sdk-go/aws" @@ -69,7 +71,37 @@ type Provider struct { // Optional authorization token value if set will be used as the value of // the Authorization header of the endpoint credential request. + // + // When constructed from environment, the provider will use the value of + // AWS_CONTAINER_AUTHORIZATION_TOKEN environment variable as the token + // + // Will be overridden if AuthorizationTokenProvider is configured AuthorizationToken string + + // Optional auth provider func to dynamically load the auth token from a file + // everytime a credential is retrieved + // + // When constructed from environment, the provider will read and use the content + // of the file pointed to by AWS_CONTAINER_AUTHORIZATION_TOKEN_FILE environment variable + // as the auth token everytime credentials are retrieved + // + // Will override AuthorizationToken if configured + AuthorizationTokenProvider AuthTokenProvider +} + +// AuthTokenProvider defines an interface to dynamically load a value to be passed +// for the Authorization header of a credentials request. +type AuthTokenProvider interface { + GetToken() (string, error) +} + +// TokenProviderFunc is a func type implementing AuthTokenProvider interface +// and enables customizing token provider behavior +type TokenProviderFunc func() (string, error) + +// GetToken func retrieves auth token according to TokenProviderFunc implementation +func (p TokenProviderFunc) GetToken() (string, error) { + return p() } // NewProviderClient returns a credentials Provider for retrieving AWS credentials @@ -164,7 +196,20 @@ func (p *Provider) getCredentials(ctx aws.Context) (*getCredentialsOutput, error req := p.Client.NewRequest(op, nil, out) req.SetContext(ctx) req.HTTPRequest.Header.Set("Accept", "application/json") - if authToken := p.AuthorizationToken; len(authToken) != 0 { + + authToken := p.AuthorizationToken + var err error + if p.AuthorizationTokenProvider != nil { + authToken, err = p.AuthorizationTokenProvider.GetToken() + if err != nil { + return nil, fmt.Errorf("get authorization token: %v", err) + } + } + + if strings.ContainsAny(authToken, "\r\n") { + return nil, fmt.Errorf("authorization token contains invalid newline sequence") + } + if len(authToken) != 0 { req.HTTPRequest.Header.Set("Authorization", authToken) } diff --git a/agent/vendor/github.com/aws/aws-sdk-go/aws/credentials/processcreds/provider.go b/agent/vendor/github.com/aws/aws-sdk-go/aws/credentials/processcreds/provider.go index e6248360029..18694f07f7f 100644 --- a/agent/vendor/github.com/aws/aws-sdk-go/aws/credentials/processcreds/provider.go +++ b/agent/vendor/github.com/aws/aws-sdk-go/aws/credentials/processcreds/provider.go @@ -226,12 +226,24 @@ func NewCredentialsCommand(command *exec.Cmd, options ...func(*ProcessProvider)) return credentials.NewCredentials(p) } -type credentialProcessResponse struct { - Version int - AccessKeyID string `json:"AccessKeyId"` +// A CredentialProcessResponse is the AWS credentials format that must be +// returned when executing an external credential_process. +type CredentialProcessResponse struct { + // As of this writing, the Version key must be set to 1. This might + // increment over time as the structure evolves. + Version int + + // The access key ID that identifies the temporary security credentials. + AccessKeyID string `json:"AccessKeyId"` + + // The secret access key that can be used to sign requests. SecretAccessKey string - SessionToken string - Expiration *time.Time + + // The token that users must pass to the service API to use the temporary credentials. + SessionToken string + + // The date on which the current credentials expire. + Expiration *time.Time } // Retrieve executes the 'credential_process' and returns the credentials. @@ -242,7 +254,7 @@ func (p *ProcessProvider) Retrieve() (credentials.Value, error) { } // Serialize and validate response - resp := &credentialProcessResponse{} + resp := &CredentialProcessResponse{} if err = json.Unmarshal(out, resp); err != nil { return credentials.Value{ProviderName: ProviderName}, awserr.New( ErrCodeProcessProviderParse, diff --git a/agent/vendor/github.com/aws/aws-sdk-go/aws/credentials/ssocreds/provider.go b/agent/vendor/github.com/aws/aws-sdk-go/aws/credentials/ssocreds/provider.go index 6eda2a5557f..4138e725dde 100644 --- a/agent/vendor/github.com/aws/aws-sdk-go/aws/credentials/ssocreds/provider.go +++ b/agent/vendor/github.com/aws/aws-sdk-go/aws/credentials/ssocreds/provider.go @@ -4,13 +4,13 @@ import ( "crypto/sha1" "encoding/hex" "encoding/json" - "fmt" "io/ioutil" "path/filepath" "strings" "time" "github.com/aws/aws-sdk-go/aws" + "github.com/aws/aws-sdk-go/aws/auth/bearer" "github.com/aws/aws-sdk-go/aws/awserr" "github.com/aws/aws-sdk-go/aws/client" "github.com/aws/aws-sdk-go/aws/credentials" @@ -55,6 +55,19 @@ type Provider struct { // The URL that points to the organization's AWS Single Sign-On (AWS SSO) user portal. StartURL string + + // The filepath the cached token will be retrieved from. If unset Provider will + // use the startURL to determine the filepath at. + // + // ~/.aws/sso/cache/.json + // + // If custom cached token filepath is used, the Provider's startUrl + // parameter will be ignored. + CachedTokenFilepath string + + // Used by the SSOCredentialProvider if a token configuration + // profile is used in the shared config + TokenProvider bearer.TokenProvider } // NewCredentials returns a new AWS Single Sign-On (AWS SSO) credential provider. The ConfigProvider is expected to be configured @@ -89,13 +102,31 @@ func (p *Provider) Retrieve() (credentials.Value, error) { // RetrieveWithContext retrieves temporary AWS credentials from the configured Amazon Single Sign-On (AWS SSO) user portal // by exchanging the accessToken present in ~/.aws/sso/cache. func (p *Provider) RetrieveWithContext(ctx credentials.Context) (credentials.Value, error) { - tokenFile, err := loadTokenFile(p.StartURL) - if err != nil { - return credentials.Value{}, err + var accessToken *string + if p.TokenProvider != nil { + token, err := p.TokenProvider.RetrieveBearerToken(ctx) + if err != nil { + return credentials.Value{}, err + } + accessToken = &token.Value + } else { + if p.CachedTokenFilepath == "" { + cachedTokenFilePath, err := getCachedFilePath(p.StartURL) + if err != nil { + return credentials.Value{}, err + } + p.CachedTokenFilepath = cachedTokenFilePath + } + + tokenFile, err := loadTokenFile(p.CachedTokenFilepath) + if err != nil { + return credentials.Value{}, err + } + accessToken = &tokenFile.AccessToken } output, err := p.Client.GetRoleCredentialsWithContext(ctx, &sso.GetRoleCredentialsInput{ - AccessToken: &tokenFile.AccessToken, + AccessToken: accessToken, AccountId: &p.AccountID, RoleName: &p.RoleName, }) @@ -114,32 +145,13 @@ func (p *Provider) RetrieveWithContext(ctx credentials.Context) (credentials.Val }, nil } -func getCacheFileName(url string) (string, error) { +func getCachedFilePath(startUrl string) (string, error) { hash := sha1.New() - _, err := hash.Write([]byte(url)) + _, err := hash.Write([]byte(startUrl)) if err != nil { return "", err } - return strings.ToLower(hex.EncodeToString(hash.Sum(nil))) + ".json", nil -} - -type rfc3339 time.Time - -func (r *rfc3339) UnmarshalJSON(bytes []byte) error { - var value string - - if err := json.Unmarshal(bytes, &value); err != nil { - return err - } - - parse, err := time.Parse(time.RFC3339, value) - if err != nil { - return fmt.Errorf("expected RFC3339 timestamp: %v", err) - } - - *r = rfc3339(parse) - - return nil + return filepath.Join(defaultCacheLocation(), strings.ToLower(hex.EncodeToString(hash.Sum(nil)))+".json"), nil } type token struct { @@ -153,13 +165,8 @@ func (t token) Expired() bool { return nowTime().Round(0).After(time.Time(t.ExpiresAt)) } -func loadTokenFile(startURL string) (t token, err error) { - key, err := getCacheFileName(startURL) - if err != nil { - return token{}, awserr.New(ErrCodeSSOProviderInvalidToken, invalidTokenMessage, err) - } - - fileBytes, err := ioutil.ReadFile(filepath.Join(defaultCacheLocation(), key)) +func loadTokenFile(cachedTokenPath string) (t token, err error) { + fileBytes, err := ioutil.ReadFile(cachedTokenPath) if err != nil { return token{}, awserr.New(ErrCodeSSOProviderInvalidToken, invalidTokenMessage, err) } diff --git a/agent/vendor/github.com/aws/aws-sdk-go/aws/credentials/ssocreds/sso_cached_token.go b/agent/vendor/github.com/aws/aws-sdk-go/aws/credentials/ssocreds/sso_cached_token.go new file mode 100644 index 00000000000..f6fa88451af --- /dev/null +++ b/agent/vendor/github.com/aws/aws-sdk-go/aws/credentials/ssocreds/sso_cached_token.go @@ -0,0 +1,237 @@ +package ssocreds + +import ( + "crypto/sha1" + "encoding/hex" + "encoding/json" + "fmt" + "github.com/aws/aws-sdk-go/internal/shareddefaults" + "io/ioutil" + "os" + "path/filepath" + "strconv" + "strings" + "time" +) + +var resolvedOsUserHomeDir = shareddefaults.UserHomeDir + +// StandardCachedTokenFilepath returns the filepath for the cached SSO token file, or +// error if unable get derive the path. Key that will be used to compute a SHA1 +// value that is hex encoded. +// +// Derives the filepath using the Key as: +// +// ~/.aws/sso/cache/.json +func StandardCachedTokenFilepath(key string) (string, error) { + homeDir := resolvedOsUserHomeDir() + if len(homeDir) == 0 { + return "", fmt.Errorf("unable to get USER's home directory for cached token") + } + hash := sha1.New() + if _, err := hash.Write([]byte(key)); err != nil { + return "", fmt.Errorf("unable to compute cached token filepath key SHA1 hash, %v", err) + } + + cacheFilename := strings.ToLower(hex.EncodeToString(hash.Sum(nil))) + ".json" + + return filepath.Join(homeDir, ".aws", "sso", "cache", cacheFilename), nil +} + +type tokenKnownFields struct { + AccessToken string `json:"accessToken,omitempty"` + ExpiresAt *rfc3339 `json:"expiresAt,omitempty"` + + RefreshToken string `json:"refreshToken,omitempty"` + ClientID string `json:"clientId,omitempty"` + ClientSecret string `json:"clientSecret,omitempty"` +} + +type cachedToken struct { + tokenKnownFields + UnknownFields map[string]interface{} `json:"-"` +} + +// MarshalJSON provides custom marshalling because the standard library Go marshaller ignores unknown/unspecified fields +// when marshalling from a struct: https://pkg.go.dev/encoding/json#Marshal +// This function adds some extra validation to the known fields and captures unknown fields. +func (t cachedToken) MarshalJSON() ([]byte, error) { + fields := map[string]interface{}{} + + setTokenFieldString(fields, "accessToken", t.AccessToken) + setTokenFieldRFC3339(fields, "expiresAt", t.ExpiresAt) + + setTokenFieldString(fields, "refreshToken", t.RefreshToken) + setTokenFieldString(fields, "clientId", t.ClientID) + setTokenFieldString(fields, "clientSecret", t.ClientSecret) + + for k, v := range t.UnknownFields { + if _, ok := fields[k]; ok { + return nil, fmt.Errorf("unknown token field %v, duplicates known field", k) + } + fields[k] = v + } + + return json.Marshal(fields) +} + +func setTokenFieldString(fields map[string]interface{}, key, value string) { + if value == "" { + return + } + fields[key] = value +} +func setTokenFieldRFC3339(fields map[string]interface{}, key string, value *rfc3339) { + if value == nil { + return + } + fields[key] = value +} + +// UnmarshalJSON provides custom unmarshalling because the standard library Go unmarshaller ignores unknown/unspecified +// fields when unmarshalling from a struct: https://pkg.go.dev/encoding/json#Unmarshal +// This function adds some extra validation to the known fields and captures unknown fields. +func (t *cachedToken) UnmarshalJSON(b []byte) error { + var fields map[string]interface{} + if err := json.Unmarshal(b, &fields); err != nil { + return nil + } + + t.UnknownFields = map[string]interface{}{} + + for k, v := range fields { + var err error + switch k { + case "accessToken": + err = getTokenFieldString(v, &t.AccessToken) + case "expiresAt": + err = getTokenFieldRFC3339(v, &t.ExpiresAt) + case "refreshToken": + err = getTokenFieldString(v, &t.RefreshToken) + case "clientId": + err = getTokenFieldString(v, &t.ClientID) + case "clientSecret": + err = getTokenFieldString(v, &t.ClientSecret) + default: + t.UnknownFields[k] = v + } + + if err != nil { + return fmt.Errorf("field %q, %v", k, err) + } + } + + return nil +} + +func getTokenFieldString(v interface{}, value *string) error { + var ok bool + *value, ok = v.(string) + if !ok { + return fmt.Errorf("expect value to be string, got %T", v) + } + return nil +} + +func getTokenFieldRFC3339(v interface{}, value **rfc3339) error { + var stringValue string + if err := getTokenFieldString(v, &stringValue); err != nil { + return err + } + + timeValue, err := parseRFC3339(stringValue) + if err != nil { + return err + } + + *value = &timeValue + return nil +} + +func loadCachedToken(filename string) (cachedToken, error) { + fileBytes, err := ioutil.ReadFile(filename) + if err != nil { + return cachedToken{}, fmt.Errorf("failed to read cached SSO token file, %v", err) + } + + var t cachedToken + if err := json.Unmarshal(fileBytes, &t); err != nil { + return cachedToken{}, fmt.Errorf("failed to parse cached SSO token file, %v", err) + } + + if len(t.AccessToken) == 0 || t.ExpiresAt == nil || time.Time(*t.ExpiresAt).IsZero() { + return cachedToken{}, fmt.Errorf( + "cached SSO token must contain accessToken and expiresAt fields") + } + + return t, nil +} + +func storeCachedToken(filename string, t cachedToken, fileMode os.FileMode) (err error) { + tmpFilename := filename + ".tmp-" + strconv.FormatInt(nowTime().UnixNano(), 10) + if err := writeCacheFile(tmpFilename, fileMode, t); err != nil { + return err + } + + if err := os.Rename(tmpFilename, filename); err != nil { + return fmt.Errorf("failed to replace old cached SSO token file, %v", err) + } + + return nil +} + +func writeCacheFile(filename string, fileMode os.FileMode, t cachedToken) (err error) { + var f *os.File + f, err = os.OpenFile(filename, os.O_CREATE|os.O_TRUNC|os.O_RDWR, fileMode) + if err != nil { + return fmt.Errorf("failed to create cached SSO token file %v", err) + } + + defer func() { + closeErr := f.Close() + if err == nil && closeErr != nil { + err = fmt.Errorf("failed to close cached SSO token file, %v", closeErr) + } + }() + + encoder := json.NewEncoder(f) + + if err = encoder.Encode(t); err != nil { + return fmt.Errorf("failed to serialize cached SSO token, %v", err) + } + + return nil +} + +type rfc3339 time.Time + +// UnmarshalJSON decode rfc3339 from JSON format +func (r *rfc3339) UnmarshalJSON(bytes []byte) error { + var value string + var err error + + if err = json.Unmarshal(bytes, &value); err != nil { + return err + } + + *r, err = parseRFC3339(value) + return err +} + +func parseRFC3339(v string) (rfc3339, error) { + parsed, err := time.Parse(time.RFC3339, v) + if err != nil { + return rfc3339{}, fmt.Errorf("expected RFC3339 timestamp: %v", err) + } + + return rfc3339(parsed), nil +} + +// MarshalJSON encode rfc3339 to JSON format time +func (r *rfc3339) MarshalJSON() ([]byte, error) { + value := time.Time(*r).Format(time.RFC3339) + + // Use JSON unmarshal to unescape the quoted value making use of JSON's + // quoting rules. + return json.Marshal(value) +} diff --git a/agent/vendor/github.com/aws/aws-sdk-go/aws/credentials/ssocreds/token_provider.go b/agent/vendor/github.com/aws/aws-sdk-go/aws/credentials/ssocreds/token_provider.go new file mode 100644 index 00000000000..3388b78b4f4 --- /dev/null +++ b/agent/vendor/github.com/aws/aws-sdk-go/aws/credentials/ssocreds/token_provider.go @@ -0,0 +1,148 @@ +package ssocreds + +import ( + "fmt" + "os" + "time" + + "github.com/aws/aws-sdk-go/aws" + "github.com/aws/aws-sdk-go/aws/auth/bearer" + "github.com/aws/aws-sdk-go/service/ssooidc" +) + +// CreateTokenAPIClient provides the interface for the SSOTokenProvider's API +// client for calling CreateToken operation to refresh the SSO token. +type CreateTokenAPIClient interface { + CreateToken(input *ssooidc.CreateTokenInput) (*ssooidc.CreateTokenOutput, error) +} + +// SSOTokenProviderOptions provides the options for configuring the +// SSOTokenProvider. +type SSOTokenProviderOptions struct { + // Client that can be overridden + Client CreateTokenAPIClient + + // The path the file containing the cached SSO token will be read from. + // Initialized the NewSSOTokenProvider's cachedTokenFilepath parameter. + CachedTokenFilepath string +} + +// SSOTokenProvider provides a utility for refreshing SSO AccessTokens for +// Bearer Authentication. The SSOTokenProvider can only be used to refresh +// already cached SSO Tokens. This utility cannot perform the initial SSO +// create token. +// +// The initial SSO create token should be preformed with the AWS CLI before the +// Go application using the SSOTokenProvider will need to retrieve the SSO +// token. If the AWS CLI has not created the token cache file, this provider +// will return an error when attempting to retrieve the cached token. +// +// This provider will attempt to refresh the cached SSO token periodically if +// needed when RetrieveBearerToken is called. +// +// A utility such as the AWS CLI must be used to initially create the SSO +// session and cached token file. +// https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-sso.html +type SSOTokenProvider struct { + options SSOTokenProviderOptions +} + +// NewSSOTokenProvider returns an initialized SSOTokenProvider that will +// periodically refresh the SSO token cached stored in the cachedTokenFilepath. +// The cachedTokenFilepath file's content will be rewritten by the token +// provider when the token is refreshed. +// +// The client must be configured for the AWS region the SSO token was created for. +func NewSSOTokenProvider(client CreateTokenAPIClient, cachedTokenFilepath string, optFns ...func(o *SSOTokenProviderOptions)) *SSOTokenProvider { + options := SSOTokenProviderOptions{ + Client: client, + CachedTokenFilepath: cachedTokenFilepath, + } + for _, fn := range optFns { + fn(&options) + } + + provider := &SSOTokenProvider{ + options: options, + } + + return provider +} + +// RetrieveBearerToken returns the SSO token stored in the cachedTokenFilepath +// the SSOTokenProvider was created with. If the token has expired +// RetrieveBearerToken will attempt to refresh it. If the token cannot be +// refreshed or is not present an error will be returned. +// +// A utility such as the AWS CLI must be used to initially create the SSO +// session and cached token file. https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-sso.html +func (p *SSOTokenProvider) RetrieveBearerToken(ctx aws.Context) (bearer.Token, error) { + cachedToken, err := loadCachedToken(p.options.CachedTokenFilepath) + if err != nil { + return bearer.Token{}, err + } + + if cachedToken.ExpiresAt != nil && nowTime().After(time.Time(*cachedToken.ExpiresAt)) { + cachedToken, err = p.refreshToken(cachedToken) + if err != nil { + return bearer.Token{}, fmt.Errorf("refresh cached SSO token failed, %v", err) + } + } + + expiresAt := toTime((*time.Time)(cachedToken.ExpiresAt)) + return bearer.Token{ + Value: cachedToken.AccessToken, + CanExpire: !expiresAt.IsZero(), + Expires: expiresAt, + }, nil +} + +func (p *SSOTokenProvider) refreshToken(token cachedToken) (cachedToken, error) { + if token.ClientSecret == "" || token.ClientID == "" || token.RefreshToken == "" { + return cachedToken{}, fmt.Errorf("cached SSO token is expired, or not present, and cannot be refreshed") + } + + createResult, err := p.options.Client.CreateToken(&ssooidc.CreateTokenInput{ + ClientId: &token.ClientID, + ClientSecret: &token.ClientSecret, + RefreshToken: &token.RefreshToken, + GrantType: aws.String("refresh_token"), + }) + if err != nil { + return cachedToken{}, fmt.Errorf("unable to refresh SSO token, %v", err) + } + if createResult.ExpiresIn == nil { + return cachedToken{}, fmt.Errorf("missing required field ExpiresIn") + } + if createResult.AccessToken == nil { + return cachedToken{}, fmt.Errorf("missing required field AccessToken") + } + if createResult.RefreshToken == nil { + return cachedToken{}, fmt.Errorf("missing required field RefreshToken") + } + + expiresAt := nowTime().Add(time.Duration(*createResult.ExpiresIn) * time.Second) + + token.AccessToken = *createResult.AccessToken + token.ExpiresAt = (*rfc3339)(&expiresAt) + token.RefreshToken = *createResult.RefreshToken + + fileInfo, err := os.Stat(p.options.CachedTokenFilepath) + if err != nil { + return cachedToken{}, fmt.Errorf("failed to stat cached SSO token file %v", err) + } + + if err = storeCachedToken(p.options.CachedTokenFilepath, token, fileInfo.Mode()); err != nil { + return cachedToken{}, fmt.Errorf("unable to cache refreshed SSO token, %v", err) + } + + return token, nil +} + +func toTime(p *time.Time) (v time.Time) { + if p == nil { + return v + } + + return *p +} diff --git a/agent/vendor/github.com/aws/aws-sdk-go/aws/credentials/stscreds/assume_role_provider.go b/agent/vendor/github.com/aws/aws-sdk-go/aws/credentials/stscreds/assume_role_provider.go index 260a37cbbab..86db488defa 100644 --- a/agent/vendor/github.com/aws/aws-sdk-go/aws/credentials/stscreds/assume_role_provider.go +++ b/agent/vendor/github.com/aws/aws-sdk-go/aws/credentials/stscreds/assume_role_provider.go @@ -9,7 +9,7 @@ to refresh the credentials will be synchronized. But, the SDK is unable to ensure synchronous usage of the AssumeRoleProvider if the value is shared between multiple Credentials, Sessions or service clients. -Assume Role +# Assume Role To assume an IAM role using STS with the SDK you can create a new Credentials with the SDKs's stscreds package. @@ -27,7 +27,7 @@ with the SDKs's stscreds package. // from assumed role. svc := s3.New(sess, &aws.Config{Credentials: creds}) -Assume Role with static MFA Token +# Assume Role with static MFA Token To assume an IAM role with a MFA token you can either specify a MFA token code directly or provide a function to prompt the user each time the credentials @@ -49,7 +49,7 @@ credentials. // from assumed role. svc := s3.New(sess, &aws.Config{Credentials: creds}) -Assume Role with MFA Token Provider +# Assume Role with MFA Token Provider To assume an IAM role with MFA for longer running tasks where the credentials may need to be refreshed setting the TokenProvider field of AssumeRoleProvider @@ -74,7 +74,6 @@ single Credentials with an AssumeRoleProvider can be shared safely. // Create service client value configured for credentials // from assumed role. svc := s3.New(sess, &aws.Config{Credentials: creds}) - */ package stscreds @@ -199,6 +198,10 @@ type AssumeRoleProvider struct { // or an Amazon Resource Name (ARN) for a virtual device (such as arn:aws:iam::123456789012:mfa/user). SerialNumber *string + // The SourceIdentity which is used to identity a persistent identity through the whole session. + // For more details see https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_control-access_monitor.html + SourceIdentity *string + // The value provided by the MFA device, if the trust policy of the role being // assumed requires MFA (that is, if the policy includes a condition that tests // for MFA). If the role being assumed requires MFA and if the TokenCode value @@ -320,6 +323,7 @@ func (p *AssumeRoleProvider) RetrieveWithContext(ctx credentials.Context) (crede Tags: p.Tags, PolicyArns: p.PolicyArns, TransitiveTagKeys: p.TransitiveTagKeys, + SourceIdentity: p.SourceIdentity, } if p.Policy != nil { input.Policy = p.Policy diff --git a/agent/vendor/github.com/aws/aws-sdk-go/aws/defaults/defaults.go b/agent/vendor/github.com/aws/aws-sdk-go/aws/defaults/defaults.go index 23bb639e018..1ba80b57609 100644 --- a/agent/vendor/github.com/aws/aws-sdk-go/aws/defaults/defaults.go +++ b/agent/vendor/github.com/aws/aws-sdk-go/aws/defaults/defaults.go @@ -9,6 +9,7 @@ package defaults import ( "fmt" + "io/ioutil" "net" "net/http" "net/url" @@ -74,6 +75,7 @@ func Handlers() request.Handlers { handlers.Validate.PushBackNamed(corehandlers.ValidateEndpointHandler) handlers.Validate.AfterEachFn = request.HandlerListStopOnError handlers.Build.PushBackNamed(corehandlers.SDKVersionUserAgentHandler) + handlers.Build.PushBackNamed(corehandlers.AddAwsInternal) handlers.Build.PushBackNamed(corehandlers.AddHostExecEnvUserAgentHander) handlers.Build.AfterEachFn = request.HandlerListStopOnError handlers.Sign.PushBackNamed(corehandlers.BuildContentLengthHandler) @@ -114,9 +116,31 @@ func CredProviders(cfg *aws.Config, handlers request.Handlers) []credentials.Pro const ( httpProviderAuthorizationEnvVar = "AWS_CONTAINER_AUTHORIZATION_TOKEN" + httpProviderAuthFileEnvVar = "AWS_CONTAINER_AUTHORIZATION_TOKEN_FILE" httpProviderEnvVar = "AWS_CONTAINER_CREDENTIALS_FULL_URI" ) +// direct representation of the IPv4 address for the ECS container +// "169.254.170.2" +var ecsContainerIPv4 net.IP = []byte{ + 169, 254, 170, 2, +} + +// direct representation of the IPv4 address for the EKS container +// "169.254.170.23" +var eksContainerIPv4 net.IP = []byte{ + 169, 254, 170, 23, +} + +// direct representation of the IPv6 address for the EKS container +// "fd00:ec2::23" +var eksContainerIPv6 net.IP = []byte{ + 0xFD, 0, 0xE, 0xC2, + 0, 0, 0, 0, + 0, 0, 0, 0, + 0, 0, 0, 0x23, +} + // RemoteCredProvider returns a credentials provider for the default remote // endpoints such as EC2 or ECS Roles. func RemoteCredProvider(cfg aws.Config, handlers request.Handlers) credentials.Provider { @@ -134,19 +158,22 @@ func RemoteCredProvider(cfg aws.Config, handlers request.Handlers) credentials.P var lookupHostFn = net.LookupHost -func isLoopbackHost(host string) (bool, error) { - ip := net.ParseIP(host) - if ip != nil { - return ip.IsLoopback(), nil +// isAllowedHost allows host to be loopback or known ECS/EKS container IPs +// +// host can either be an IP address OR an unresolved hostname - resolution will +// be automatically performed in the latter case +func isAllowedHost(host string) (bool, error) { + if ip := net.ParseIP(host); ip != nil { + return isIPAllowed(ip), nil } - // Host is not an ip, perform lookup addrs, err := lookupHostFn(host) if err != nil { return false, err } + for _, addr := range addrs { - if !net.ParseIP(addr).IsLoopback() { + if ip := net.ParseIP(addr); ip == nil || !isIPAllowed(ip) { return false, nil } } @@ -154,6 +181,13 @@ func isLoopbackHost(host string) (bool, error) { return true, nil } +func isIPAllowed(ip net.IP) bool { + return ip.IsLoopback() || + ip.Equal(ecsContainerIPv4) || + ip.Equal(eksContainerIPv4) || + ip.Equal(eksContainerIPv6) +} + func localHTTPCredProvider(cfg aws.Config, handlers request.Handlers, u string) credentials.Provider { var errMsg string @@ -164,10 +198,12 @@ func localHTTPCredProvider(cfg aws.Config, handlers request.Handlers, u string) host := aws.URLHostname(parsed) if len(host) == 0 { errMsg = "unable to parse host from local HTTP cred provider URL" - } else if isLoopback, loopbackErr := isLoopbackHost(host); loopbackErr != nil { - errMsg = fmt.Sprintf("failed to resolve host %q, %v", host, loopbackErr) - } else if !isLoopback { - errMsg = fmt.Sprintf("invalid endpoint host, %q, only loopback hosts are allowed.", host) + } else if parsed.Scheme == "http" { + if isAllowedHost, allowHostErr := isAllowedHost(host); allowHostErr != nil { + errMsg = fmt.Sprintf("failed to resolve host %q, %v", host, allowHostErr) + } else if !isAllowedHost { + errMsg = fmt.Sprintf("invalid endpoint host, %q, only loopback/ecs/eks hosts are allowed.", host) + } } } @@ -189,6 +225,15 @@ func httpCredProvider(cfg aws.Config, handlers request.Handlers, u string) crede func(p *endpointcreds.Provider) { p.ExpiryWindow = 5 * time.Minute p.AuthorizationToken = os.Getenv(httpProviderAuthorizationEnvVar) + if authFilePath := os.Getenv(httpProviderAuthFileEnvVar); authFilePath != "" { + p.AuthorizationTokenProvider = endpointcreds.TokenProviderFunc(func() (string, error) { + if contents, err := ioutil.ReadFile(authFilePath); err != nil { + return "", fmt.Errorf("failed to read authorization token from %v: %v", authFilePath, err) + } else { + return string(contents), nil + } + }) + } }, ) } diff --git a/agent/vendor/github.com/aws/aws-sdk-go/aws/ec2metadata/service.go b/agent/vendor/github.com/aws/aws-sdk-go/aws/ec2metadata/service.go index df63bade104..f4cc8751d04 100644 --- a/agent/vendor/github.com/aws/aws-sdk-go/aws/ec2metadata/service.go +++ b/agent/vendor/github.com/aws/aws-sdk-go/aws/ec2metadata/service.go @@ -57,13 +57,13 @@ type EC2Metadata struct { // New creates a new instance of the EC2Metadata client with a session. // This client is safe to use across multiple goroutines. // -// // Example: -// // Create a EC2Metadata client from just a session. -// svc := ec2metadata.New(mySession) // -// // Create a EC2Metadata client with additional configuration -// svc := ec2metadata.New(mySession, aws.NewConfig().WithLogLevel(aws.LogDebugHTTPBody)) +// // Create a EC2Metadata client from just a session. +// svc := ec2metadata.New(mySession) +// +// // Create a EC2Metadata client with additional configuration +// svc := ec2metadata.New(mySession, aws.NewConfig().WithLogLevel(aws.LogDebugHTTPBody)) func New(p client.ConfigProvider, cfgs ...*aws.Config) *EC2Metadata { c := p.ClientConfig(ServiceName, cfgs...) return NewClient(*c.Config, c.Handlers, c.Endpoint, c.SigningRegion) diff --git a/agent/vendor/github.com/aws/aws-sdk-go/aws/ec2metadata/token_provider.go b/agent/vendor/github.com/aws/aws-sdk-go/aws/ec2metadata/token_provider.go index 4b29f190bf9..f1f9ba4ec58 100644 --- a/agent/vendor/github.com/aws/aws-sdk-go/aws/ec2metadata/token_provider.go +++ b/agent/vendor/github.com/aws/aws-sdk-go/aws/ec2metadata/token_provider.go @@ -1,6 +1,8 @@ package ec2metadata import ( + "fmt" + "github.com/aws/aws-sdk-go/aws" "net/http" "sync/atomic" "time" @@ -33,11 +35,15 @@ func newTokenProvider(c *EC2Metadata, duration time.Duration) *tokenProvider { return &tokenProvider{client: c, configuredTTL: duration} } +// check if fallback is enabled +func (t *tokenProvider) fallbackEnabled() bool { + return t.client.Config.EC2MetadataEnableFallback == nil || *t.client.Config.EC2MetadataEnableFallback +} + // fetchTokenHandler fetches token for EC2Metadata service client by default. func (t *tokenProvider) fetchTokenHandler(r *request.Request) { - // short-circuits to insecure data flow if tokenProvider is disabled. - if v := atomic.LoadUint32(&t.disabled); v == 1 { + if v := atomic.LoadUint32(&t.disabled); v == 1 && t.fallbackEnabled() { return } @@ -49,23 +55,23 @@ func (t *tokenProvider) fetchTokenHandler(r *request.Request) { output, err := t.client.getToken(r.Context(), t.configuredTTL) if err != nil { + // only attempt fallback to insecure data flow if IMDSv1 is enabled + if !t.fallbackEnabled() { + r.Error = awserr.New("EC2MetadataError", "failed to get IMDSv2 token and fallback to IMDSv1 is disabled", err) + return + } - // change the disabled flag on token provider to true, - // when error is request timeout error. + // change the disabled flag on token provider to true and fallback if requestFailureError, ok := err.(awserr.RequestFailure); ok { switch requestFailureError.StatusCode() { case http.StatusForbidden, http.StatusNotFound, http.StatusMethodNotAllowed: atomic.StoreUint32(&t.disabled, 1) + if t.client.Config.LogLevel.Matches(aws.LogDebugWithDeprecated) { + t.client.Config.Logger.Log(fmt.Sprintf("WARN: failed to get session token, falling back to IMDSv1: %v", requestFailureError)) + } case http.StatusBadRequest: r.Error = requestFailureError } - - // Check if request timed out while waiting for response - if e, ok := requestFailureError.OrigErr().(awserr.Error); ok { - if e.Code() == request.ErrCodeRequestError { - atomic.StoreUint32(&t.disabled, 1) - } - } } return } diff --git a/agent/vendor/github.com/aws/aws-sdk-go/aws/endpoints/defaults.go b/agent/vendor/github.com/aws/aws-sdk-go/aws/endpoints/defaults.go index 917df74ae10..1047722cacd 100644 --- a/agent/vendor/github.com/aws/aws-sdk-go/aws/endpoints/defaults.go +++ b/agent/vendor/github.com/aws/aws-sdk-go/aws/endpoints/defaults.go @@ -13,6 +13,8 @@ const ( AwsUsGovPartitionID = "aws-us-gov" // AWS GovCloud (US) partition. AwsIsoPartitionID = "aws-iso" // AWS ISO (US) partition. AwsIsoBPartitionID = "aws-iso-b" // AWS ISOB (US) partition. + AwsIsoEPartitionID = "aws-iso-e" // AWS ISOE (Europe) partition. + AwsIsoFPartitionID = "aws-iso-f" // AWS ISOF partition. ) // AWS Standard partition's regions. @@ -27,7 +29,9 @@ const ( ApSoutheast1RegionID = "ap-southeast-1" // Asia Pacific (Singapore). ApSoutheast2RegionID = "ap-southeast-2" // Asia Pacific (Sydney). ApSoutheast3RegionID = "ap-southeast-3" // Asia Pacific (Jakarta). + ApSoutheast4RegionID = "ap-southeast-4" // Asia Pacific (Melbourne). CaCentral1RegionID = "ca-central-1" // Canada (Central). + CaWest1RegionID = "ca-west-1" // Canada West (Calgary). EuCentral1RegionID = "eu-central-1" // Europe (Frankfurt). EuCentral2RegionID = "eu-central-2" // Europe (Zurich). EuNorth1RegionID = "eu-north-1" // Europe (Stockholm). @@ -36,6 +40,7 @@ const ( EuWest1RegionID = "eu-west-1" // Europe (Ireland). EuWest2RegionID = "eu-west-2" // Europe (London). EuWest3RegionID = "eu-west-3" // Europe (Paris). + IlCentral1RegionID = "il-central-1" // Israel (Tel Aviv). MeCentral1RegionID = "me-central-1" // Middle East (UAE). MeSouth1RegionID = "me-south-1" // Middle East (Bahrain). SaEast1RegionID = "sa-east-1" // South America (Sao Paulo). @@ -68,8 +73,14 @@ const ( UsIsobEast1RegionID = "us-isob-east-1" // US ISOB East (Ohio). ) +// AWS ISOE (Europe) partition's regions. +const () + +// AWS ISOF partition's regions. +const () + // DefaultResolver returns an Endpoint resolver that will be able -// to resolve endpoints for: AWS Standard, AWS China, AWS GovCloud (US), AWS ISO (US), and AWS ISOB (US). +// to resolve endpoints for: AWS Standard, AWS China, AWS GovCloud (US), AWS ISO (US), AWS ISOB (US), AWS ISOE (Europe), and AWS ISOF. // // Use DefaultPartitions() to get the list of the default partitions. func DefaultResolver() Resolver { @@ -77,7 +88,7 @@ func DefaultResolver() Resolver { } // DefaultPartitions returns a list of the partitions the SDK is bundled -// with. The available partitions are: AWS Standard, AWS China, AWS GovCloud (US), AWS ISO (US), and AWS ISOB (US). +// with. The available partitions are: AWS Standard, AWS China, AWS GovCloud (US), AWS ISO (US), AWS ISOB (US), AWS ISOE (Europe), and AWS ISOF. // // partitions := endpoints.DefaultPartitions // for _, p := range partitions { @@ -93,6 +104,8 @@ var defaultPartitions = partitions{ awsusgovPartition, awsisoPartition, awsisobPartition, + awsisoePartition, + awsisofPartition, } // AwsPartition returns the Resolver for AWS Standard. @@ -106,7 +119,7 @@ var awsPartition = partition{ DNSSuffix: "amazonaws.com", RegionRegex: regionRegex{ Regexp: func() *regexp.Regexp { - reg, _ := regexp.Compile("^(us|eu|ap|sa|ca|me|af)\\-\\w+\\-\\d+$") + reg, _ := regexp.Compile("^(us|eu|ap|sa|ca|me|af|il)\\-\\w+\\-\\d+$") return reg }(), }, @@ -172,9 +185,15 @@ var awsPartition = partition{ "ap-southeast-3": region{ Description: "Asia Pacific (Jakarta)", }, + "ap-southeast-4": region{ + Description: "Asia Pacific (Melbourne)", + }, "ca-central-1": region{ Description: "Canada (Central)", }, + "ca-west-1": region{ + Description: "Canada West (Calgary)", + }, "eu-central-1": region{ Description: "Europe (Frankfurt)", }, @@ -199,6 +218,9 @@ var awsPartition = partition{ "eu-west-3": region{ Description: "Europe (Paris)", }, + "il-central-1": region{ + Description: "Israel (Tel Aviv)", + }, "me-central-1": region{ Description: "Middle East (UAE)", }, @@ -261,6 +283,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, @@ -270,6 +295,9 @@ var awsPartition = partition{ }: endpoint{ Hostname: "access-analyzer-fips.ca-central-1.amazonaws.com", }, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, @@ -339,6 +367,9 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, endpointKey{ Region: "me-central-1", }: endpoint{}, @@ -432,6 +463,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, @@ -450,6 +484,24 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "acm-fips.ca-west-1.amazonaws.com", + }, + endpointKey{ + Region: "ca-west-1-fips", + }: endpoint{ + Hostname: "acm-fips.ca-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-west-1", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "eu-central-1", }: endpoint{}, @@ -474,6 +526,9 @@ var awsPartition = partition{ endpointKey{ Region: "eu-west-3", }: endpoint{}, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, endpointKey{ Region: "me-central-1", }: endpoint{}, @@ -582,6 +637,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-south-1", }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, endpointKey{ Region: "ap-southeast-1", }: endpoint{}, @@ -591,6 +649,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, @@ -600,15 +661,30 @@ var awsPartition = partition{ }: endpoint{ Hostname: "acm-pca-fips.ca-central-1.amazonaws.com", }, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "acm-pca-fips.ca-west-1.amazonaws.com", + }, endpointKey{ Region: "eu-central-1", }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, endpointKey{ Region: "eu-north-1", }: endpoint{}, endpointKey{ Region: "eu-south-1", }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, endpointKey{ Region: "eu-west-1", }: endpoint{}, @@ -627,6 +703,15 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "fips-ca-west-1", + }: endpoint{ + Hostname: "acm-pca-fips.ca-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-west-1", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "fips-us-east-1", }: endpoint{ @@ -663,6 +748,9 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, endpointKey{ Region: "me-central-1", }: endpoint{}, @@ -710,6 +798,13 @@ var awsPartition = partition{ }, }, }, + "agreement-marketplace": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + }, + }, "airflow": service{ Endpoints: serviceEndpoints{ endpointKey{ @@ -846,6 +941,9 @@ var awsPartition = partition{ endpointKey{ Region: "eu-north-1", }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, endpointKey{ Region: "eu-west-1", }: endpoint{}, @@ -901,6 +999,9 @@ var awsPartition = partition{ endpointKey{ Region: "eu-north-1", }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, endpointKey{ Region: "eu-west-1", }: endpoint{}, @@ -935,6 +1036,15 @@ var awsPartition = partition{ endpointKey{ Region: "ap-northeast-1", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, endpointKey{ Region: "eu-west-1", }: endpoint{}, @@ -980,6 +1090,21 @@ var awsPartition = partition{ endpointKey{ Region: "ca-central-1", }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "api.detective-fips.ca-central-1.amazonaws.com", + }, + endpointKey{ + Region: "ca-central-1-fips", + }: endpoint{ + Hostname: "api.detective-fips.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "eu-central-1", }: endpoint{}, @@ -998,6 +1123,9 @@ var awsPartition = partition{ endpointKey{ Region: "eu-west-3", }: endpoint{}, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, endpointKey{ Region: "me-south-1", }: endpoint{}, @@ -1168,6 +1296,14 @@ var awsPartition = partition{ Region: "ap-southeast-3", }, }, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{ + Hostname: "api.ecr.ap-southeast-4.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-southeast-4", + }, + }, endpointKey{ Region: "ca-central-1", }: endpoint{ @@ -1176,6 +1312,14 @@ var awsPartition = partition{ Region: "ca-central-1", }, }, + endpointKey{ + Region: "ca-west-1", + }: endpoint{ + Hostname: "api.ecr.ca-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-west-1", + }, + }, endpointKey{ Region: "dkr-us-east-1", }: endpoint{ @@ -1384,6 +1528,14 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{ + Hostname: "api.ecr.il-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "il-central-1", + }, + }, endpointKey{ Region: "me-central-1", }: endpoint{ @@ -1733,24 +1885,54 @@ var awsPartition = partition{ }, "api.mediatailor": service{ Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, endpointKey{ Region: "ap-northeast-1", }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, endpointKey{ Region: "ap-southeast-1", }: endpoint{}, endpointKey{ Region: "ap-southeast-2", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, endpointKey{ Region: "eu-west-1", }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, endpointKey{ Region: "us-east-1", }: endpoint{}, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, endpointKey{ Region: "us-west-2", }: endpoint{}, @@ -1768,6 +1950,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-south-1", }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, endpointKey{ Region: "us-east-1", }: endpoint{}, @@ -1801,6 +1986,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-south-1", }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, endpointKey{ Region: "ap-southeast-1", }: endpoint{}, @@ -1810,18 +1998,30 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, endpointKey{ Region: "eu-north-1", }: endpoint{}, endpointKey{ Region: "eu-south-1", }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, endpointKey{ Region: "eu-west-1", }: endpoint{}, @@ -1831,6 +2031,9 @@ var awsPartition = partition{ endpointKey{ Region: "eu-west-3", }: endpoint{}, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, endpointKey{ Region: "me-central-1", }: endpoint{}, @@ -2011,6 +2214,9 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, endpointKey{ Region: "me-south-1", }: endpoint{}, @@ -2087,6 +2293,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, @@ -2096,6 +2305,15 @@ var awsPartition = partition{ }: endpoint{ Hostname: "apigateway-fips.ca-central-1.amazonaws.com", }, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "apigateway-fips.ca-west-1.amazonaws.com", + }, endpointKey{ Region: "eu-central-1", }: endpoint{}, @@ -2129,6 +2347,15 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "fips-ca-west-1", + }: endpoint{ + Hostname: "apigateway-fips.ca-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-west-1", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "fips-us-east-1", }: endpoint{ @@ -2165,6 +2392,9 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, endpointKey{ Region: "me-central-1", }: endpoint{}, @@ -2278,9 +2508,15 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, @@ -2305,6 +2541,9 @@ var awsPartition = partition{ endpointKey{ Region: "eu-west-3", }: endpoint{}, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, endpointKey{ Region: "me-central-1", }: endpoint{}, @@ -2348,24 +2587,42 @@ var awsPartition = partition{ endpointKey{ Region: "ap-south-1", }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, endpointKey{ Region: "ap-southeast-1", }: endpoint{}, endpointKey{ Region: "ap-southeast-2", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, endpointKey{ Region: "eu-north-1", }: endpoint{}, endpointKey{ Region: "eu-south-1", }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, endpointKey{ Region: "eu-west-1", }: endpoint{}, @@ -2375,6 +2632,12 @@ var awsPartition = partition{ endpointKey{ Region: "eu-west-3", }: endpoint{}, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, endpointKey{ Region: "me-south-1", }: endpoint{}, @@ -2430,21 +2693,81 @@ var awsPartition = partition{ endpointKey{ Region: "eu-west-3", }: endpoint{}, + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "appflow-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ + Hostname: "appflow-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-1", + }: endpoint{ + Hostname: "appflow-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "appflow-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "sa-east-1", }: endpoint{}, endpointKey{ Region: "us-east-1", }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "appflow-fips.us-east-1.amazonaws.com", + }, endpointKey{ Region: "us-east-2", }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "appflow-fips.us-east-2.amazonaws.com", + }, endpointKey{ Region: "us-west-1", }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "appflow-fips.us-west-1.amazonaws.com", + }, endpointKey{ Region: "us-west-2", }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "appflow-fips.us-west-2.amazonaws.com", + }, }, }, "application-autoscaling": service{ @@ -2484,9 +2807,15 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, @@ -2511,6 +2840,9 @@ var awsPartition = partition{ endpointKey{ Region: "eu-west-3", }: endpoint{}, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, endpointKey{ Region: "me-central-1", }: endpoint{}, @@ -2554,24 +2886,36 @@ var awsPartition = partition{ endpointKey{ Region: "ap-south-1", }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, endpointKey{ Region: "ap-southeast-1", }: endpoint{}, endpointKey{ Region: "ap-southeast-2", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, endpointKey{ Region: "eu-north-1", }: endpoint{}, endpointKey{ Region: "eu-south-1", }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, endpointKey{ Region: "eu-west-1", }: endpoint{}, @@ -2581,6 +2925,9 @@ var awsPartition = partition{ endpointKey{ Region: "eu-west-3", }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, endpointKey{ Region: "me-south-1", }: endpoint{}, @@ -2768,6 +3115,15 @@ var awsPartition = partition{ }: endpoint{ Hostname: "appmesh.eu-west-3.api.aws", }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "il-central-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "appmesh.il-central-1.api.aws", + }, endpointKey{ Region: "me-south-1", }: endpoint{}, @@ -2913,9 +3269,27 @@ var awsPartition = partition{ endpointKey{ Region: "ap-northeast-1", }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, endpointKey{ Region: "eu-west-1", }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, endpointKey{ Region: "fips-us-east-1", }: endpoint{ @@ -3082,6 +3456,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-south-1", }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, endpointKey{ Region: "ap-southeast-1", }: endpoint{}, @@ -3091,18 +3468,27 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, endpointKey{ Region: "eu-north-1", }: endpoint{}, endpointKey{ Region: "eu-south-1", }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, endpointKey{ Region: "eu-west-1", }: endpoint{}, @@ -3112,6 +3498,12 @@ var awsPartition = partition{ endpointKey{ Region: "eu-west-3", }: endpoint{}, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, endpointKey{ Region: "me-south-1", }: endpoint{}, @@ -3142,6 +3534,12 @@ var awsPartition = partition{ endpointKey{ Region: "ap-northeast-1", }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, endpointKey{ Region: "ap-southeast-1", }: endpoint{}, @@ -3160,6 +3558,12 @@ var awsPartition = partition{ endpointKey{ Region: "eu-west-2", }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, endpointKey{ Region: "us-east-1", }: endpoint{}, @@ -3173,30 +3577,90 @@ var awsPartition = partition{ }, "arc-zonal-shift": service{ Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, endpointKey{ Region: "ap-northeast-1", }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, endpointKey{ Region: "ap-southeast-2", }: endpoint{}, endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, endpointKey{ Region: "eu-north-1", }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, endpointKey{ Region: "eu-west-1", }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, endpointKey{ Region: "us-east-1", }: endpoint{}, endpointKey{ Region: "us-east-2", }: endpoint{}, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, endpointKey{ Region: "us-west-2", }: endpoint{}, @@ -3258,6 +3722,15 @@ var awsPartition = partition{ }: endpoint{ Hostname: "athena.ap-south-1.api.aws", }, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "athena.ap-south-2.api.aws", + }, endpointKey{ Region: "ap-southeast-1", }: endpoint{}, @@ -3285,6 +3758,15 @@ var awsPartition = partition{ }: endpoint{ Hostname: "athena.ap-southeast-3.api.aws", }, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "athena.ap-southeast-4.api.aws", + }, endpointKey{ Region: "ca-central-1", }: endpoint{}, @@ -3294,6 +3776,15 @@ var awsPartition = partition{ }: endpoint{ Hostname: "athena.ca-central-1.api.aws", }, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "athena.ca-west-1.api.aws", + }, endpointKey{ Region: "eu-central-1", }: endpoint{}, @@ -3303,6 +3794,15 @@ var awsPartition = partition{ }: endpoint{ Hostname: "athena.eu-central-1.api.aws", }, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "athena.eu-central-2.api.aws", + }, endpointKey{ Region: "eu-north-1", }: endpoint{}, @@ -3321,6 +3821,15 @@ var awsPartition = partition{ }: endpoint{ Hostname: "athena.eu-south-1.api.aws", }, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "athena.eu-south-2.api.aws", + }, endpointKey{ Region: "eu-west-1", }: endpoint{}, @@ -3384,6 +3893,24 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "il-central-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "athena.il-central-1.api.aws", + }, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "athena.me-central-1.api.aws", + }, endpointKey{ Region: "me-south-1", }: endpoint{}, @@ -3417,6 +3944,12 @@ var awsPartition = partition{ }: endpoint{ Hostname: "athena-fips.us-east-1.amazonaws.com", }, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant | dualStackVariant, + }: endpoint{ + Hostname: "athena-fips.us-east-1.api.aws", + }, endpointKey{ Region: "us-east-2", }: endpoint{}, @@ -3432,6 +3965,12 @@ var awsPartition = partition{ }: endpoint{ Hostname: "athena-fips.us-east-2.amazonaws.com", }, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant | dualStackVariant, + }: endpoint{ + Hostname: "athena-fips.us-east-2.api.aws", + }, endpointKey{ Region: "us-west-1", }: endpoint{}, @@ -3447,6 +3986,12 @@ var awsPartition = partition{ }: endpoint{ Hostname: "athena-fips.us-west-1.amazonaws.com", }, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant | dualStackVariant, + }: endpoint{ + Hostname: "athena-fips.us-west-1.api.aws", + }, endpointKey{ Region: "us-west-2", }: endpoint{}, @@ -3462,6 +4007,12 @@ var awsPartition = partition{ }: endpoint{ Hostname: "athena-fips.us-west-2.amazonaws.com", }, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant | dualStackVariant, + }: endpoint{ + Hostname: "athena-fips.us-west-2.api.aws", + }, }, }, "auditmanager": service{ @@ -3494,104 +4045,263 @@ var awsPartition = partition{ Region: "us-east-1", }: endpoint{}, endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - }, - }, - "autoscaling": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - Protocols: []string{"http", "https"}, + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "auditmanager-fips.us-east-1.amazonaws.com", }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-south-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-3", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-2", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, + Region: "us-east-1-fips", + }: endpoint{ + Hostname: "auditmanager-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, + }, endpointKey{ - Region: "eu-west-2", + Region: "us-east-2", }: endpoint{}, endpointKey{ - Region: "eu-west-3", - }: endpoint{}, + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "auditmanager-fips.us-east-2.amazonaws.com", + }, endpointKey{ - Region: "me-central-1", - }: endpoint{}, + Region: "us-east-2-fips", + }: endpoint{ + Hostname: "auditmanager-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + Deprecated: boxedTrue, + }, endpointKey{ - Region: "me-south-1", + Region: "us-west-1", }: endpoint{}, endpointKey{ - Region: "sa-east-1", - }: endpoint{}, + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "auditmanager-fips.us-west-1.amazonaws.com", + }, endpointKey{ - Region: "us-east-1", - }: endpoint{}, + Region: "us-west-1-fips", + }: endpoint{ + Hostname: "auditmanager-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + Deprecated: boxedTrue, + }, endpointKey{ - Region: "us-east-2", + Region: "us-west-2", }: endpoint{}, endpointKey{ - Region: "us-west-1", - }: endpoint{}, + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "auditmanager-fips.us-west-2.amazonaws.com", + }, endpointKey{ - Region: "us-west-2", - }: endpoint{}, + Region: "us-west-2-fips", + }: endpoint{ + Hostname: "auditmanager-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, }, }, - "autoscaling-plans": service{ + "autoscaling": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + Protocols: []string{"http", "https"}, + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "autoscaling-fips.ca-central-1.amazonaws.com", + }, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "autoscaling-fips.ca-west-1.amazonaws.com", + }, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "fips-ca-central-1", + }: endpoint{ + Hostname: "autoscaling-fips.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-ca-west-1", + }: endpoint{ + Hostname: "autoscaling-fips.ca-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "autoscaling-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ + Hostname: "autoscaling-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-1", + }: endpoint{ + Hostname: "autoscaling-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "autoscaling-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "autoscaling-fips.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "autoscaling-fips.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "autoscaling-fips.us-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "autoscaling-fips.us-west-2.amazonaws.com", + }, + }, + }, + "autoscaling-plans": service{ Defaults: endpointDefaults{ defaultKey{}: endpoint{ Protocols: []string{"http", "https"}, @@ -3686,6 +4396,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-south-1", }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, endpointKey{ Region: "ap-southeast-1", }: endpoint{}, @@ -3695,18 +4408,30 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, endpointKey{ Region: "eu-north-1", }: endpoint{}, endpointKey{ Region: "eu-south-1", }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, endpointKey{ Region: "eu-west-1", }: endpoint{}, @@ -3716,6 +4441,12 @@ var awsPartition = partition{ endpointKey{ Region: "eu-west-3", }: endpoint{}, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, endpointKey{ Region: "me-south-1", }: endpoint{}, @@ -3805,15 +4536,84 @@ var awsPartition = partition{ }, "backupstorage": service{ Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, endpointKey{ Region: "eu-west-1", }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, endpointKey{ Region: "us-east-1", }: endpoint{}, endpointKey{ Region: "us-east-2", }: endpoint{}, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, endpointKey{ Region: "us-west-2", }: endpoint{}, @@ -3847,6 +4647,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-south-1", }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, endpointKey{ Region: "ap-southeast-1", }: endpoint{}, @@ -3856,18 +4659,30 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, endpointKey{ Region: "eu-north-1", }: endpoint{}, endpointKey{ Region: "eu-south-1", }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, endpointKey{ Region: "eu-west-1", }: endpoint{}, @@ -3913,6 +4728,12 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, endpointKey{ Region: "me-south-1", }: endpoint{}, @@ -3957,6 +4778,137 @@ var awsPartition = partition{ }, }, }, + "bedrock": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "bedrock-ap-northeast-1", + }: endpoint{ + Hostname: "bedrock.ap-northeast-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-northeast-1", + }, + }, + endpointKey{ + Region: "bedrock-ap-southeast-1", + }: endpoint{ + Hostname: "bedrock.ap-southeast-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-southeast-1", + }, + }, + endpointKey{ + Region: "bedrock-eu-central-1", + }: endpoint{ + Hostname: "bedrock.eu-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-central-1", + }, + }, + endpointKey{ + Region: "bedrock-fips-us-east-1", + }: endpoint{ + Hostname: "bedrock-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + endpointKey{ + Region: "bedrock-fips-us-west-2", + }: endpoint{ + Hostname: "bedrock-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, + endpointKey{ + Region: "bedrock-runtime-ap-northeast-1", + }: endpoint{ + Hostname: "bedrock-runtime.ap-northeast-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-northeast-1", + }, + }, + endpointKey{ + Region: "bedrock-runtime-ap-southeast-1", + }: endpoint{ + Hostname: "bedrock-runtime.ap-southeast-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-southeast-1", + }, + }, + endpointKey{ + Region: "bedrock-runtime-eu-central-1", + }: endpoint{ + Hostname: "bedrock-runtime.eu-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-central-1", + }, + }, + endpointKey{ + Region: "bedrock-runtime-fips-us-east-1", + }: endpoint{ + Hostname: "bedrock-runtime-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + endpointKey{ + Region: "bedrock-runtime-fips-us-west-2", + }: endpoint{ + Hostname: "bedrock-runtime-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, + endpointKey{ + Region: "bedrock-runtime-us-east-1", + }: endpoint{ + Hostname: "bedrock-runtime.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + endpointKey{ + Region: "bedrock-runtime-us-west-2", + }: endpoint{ + Hostname: "bedrock-runtime.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, + endpointKey{ + Region: "bedrock-us-east-1", + }: endpoint{ + Hostname: "bedrock.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + endpointKey{ + Region: "bedrock-us-west-2", + }: endpoint{ + Hostname: "bedrock.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + }, + }, "billingconductor": service{ PartitionEndpoint: "aws-global", IsRegionalized: boxedFalse, @@ -4003,12 +4955,47 @@ var awsPartition = partition{ }, "cases": service{ Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + + Deprecated: boxedTrue, + }, endpointKey{ Region: "us-east-1", }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{}, endpointKey{ Region: "us-west-2", }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{}, }, }, "cassandra": service{ @@ -4140,6 +5127,43 @@ var awsPartition = partition{ }, }, }, + "cleanrooms": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + }, + }, "cloud9": service{ Endpoints: serviceEndpoints{ endpointKey{ @@ -4187,6 +5211,9 @@ var awsPartition = partition{ endpointKey{ Region: "eu-west-3", }: endpoint{}, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, endpointKey{ Region: "me-south-1", }: endpoint{}, @@ -4239,6 +5266,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, @@ -4248,6 +5278,15 @@ var awsPartition = partition{ }: endpoint{ Hostname: "cloudcontrolapi-fips.ca-central-1.amazonaws.com", }, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "cloudcontrolapi-fips.ca-west-1.amazonaws.com", + }, endpointKey{ Region: "eu-central-1", }: endpoint{}, @@ -4281,6 +5320,15 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "fips-ca-west-1", + }: endpoint{ + Hostname: "cloudcontrolapi-fips.ca-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-west-1", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "fips-us-east-1", }: endpoint{ @@ -4317,6 +5365,9 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, endpointKey{ Region: "me-central-1", }: endpoint{}, @@ -4427,9 +5478,15 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, @@ -4454,6 +5511,9 @@ var awsPartition = partition{ endpointKey{ Region: "eu-west-3", }: endpoint{}, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, endpointKey{ Region: "me-central-1", }: endpoint{}, @@ -4586,6 +5646,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-south-1", }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, endpointKey{ Region: "ap-southeast-1", }: endpoint{}, @@ -4619,6 +5682,9 @@ var awsPartition = partition{ endpointKey{ Region: "eu-west-3", }: endpoint{}, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, endpointKey{ Region: "me-central-1", }: endpoint{}, @@ -4708,9 +5774,15 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, @@ -4771,6 +5843,9 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, endpointKey{ Region: "me-central-1", }: endpoint{}, @@ -4818,6 +5893,79 @@ var awsPartition = partition{ }, }, }, + "cloudtrail-data": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + }, + }, "codeartifact": service{ Endpoints: serviceEndpoints{ endpointKey{ @@ -4881,6 +6029,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-south-1", }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, endpointKey{ Region: "ap-southeast-1", }: endpoint{}, @@ -4890,18 +6041,27 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, endpointKey{ Region: "eu-north-1", }: endpoint{}, endpointKey{ Region: "eu-south-1", }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, endpointKey{ Region: "eu-west-1", }: endpoint{}, @@ -4911,6 +6071,12 @@ var awsPartition = partition{ endpointKey{ Region: "eu-west-3", }: endpoint{}, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, endpointKey{ Region: "me-south-1", }: endpoint{}, @@ -5022,12 +6188,18 @@ var awsPartition = partition{ endpointKey{ Region: "ap-south-1", }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, endpointKey{ Region: "ap-southeast-1", }: endpoint{}, endpointKey{ Region: "ap-southeast-2", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, @@ -5073,6 +6245,12 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, endpointKey{ Region: "me-south-1", }: endpoint{}, @@ -5185,9 +6363,15 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, @@ -5212,6 +6396,9 @@ var awsPartition = partition{ endpointKey{ Region: "eu-west-3", }: endpoint{}, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, endpointKey{ Region: "me-central-1", }: endpoint{}, @@ -5331,6 +6518,9 @@ var awsPartition = partition{ }, "codepipeline": service{ Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, endpointKey{ Region: "ap-east-1", }: endpoint{}, @@ -5340,15 +6530,27 @@ var awsPartition = partition{ endpointKey{ Region: "ap-northeast-2", }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, endpointKey{ Region: "ap-south-1", }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, endpointKey{ Region: "ap-southeast-1", }: endpoint{}, endpointKey{ Region: "ap-southeast-2", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, @@ -5361,12 +6563,18 @@ var awsPartition = partition{ endpointKey{ Region: "eu-central-1", }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, endpointKey{ Region: "eu-north-1", }: endpoint{}, endpointKey{ Region: "eu-south-1", }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, endpointKey{ Region: "eu-west-1", }: endpoint{}, @@ -5421,6 +6629,15 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, endpointKey{ Region: "sa-east-1", }: endpoint{}, @@ -5531,6 +6748,9 @@ var awsPartition = partition{ endpointKey{ Region: "eu-north-1", }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, endpointKey{ Region: "eu-west-1", }: endpoint{}, @@ -5617,12 +6837,18 @@ var awsPartition = partition{ }, "cognito-identity": service{ Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, endpointKey{ Region: "ap-northeast-1", }: endpoint{}, endpointKey{ Region: "ap-northeast-2", }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, endpointKey{ Region: "ap-south-1", }: endpoint{}, @@ -5632,12 +6858,18 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-2", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, endpointKey{ Region: "eu-north-1", }: endpoint{}, @@ -5671,6 +6903,15 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "fips-us-west-1", + }: endpoint{ + Hostname: "cognito-identity-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "fips-us-west-2", }: endpoint{ @@ -5680,6 +6921,12 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, endpointKey{ Region: "me-south-1", }: endpoint{}, @@ -5707,6 +6954,12 @@ var awsPartition = partition{ endpointKey{ Region: "us-west-1", }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "cognito-identity-fips.us-west-1.amazonaws.com", + }, endpointKey{ Region: "us-west-2", }: endpoint{}, @@ -5720,12 +6973,18 @@ var awsPartition = partition{ }, "cognito-idp": service{ Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, endpointKey{ Region: "ap-northeast-1", }: endpoint{}, endpointKey{ Region: "ap-northeast-2", }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, endpointKey{ Region: "ap-south-1", }: endpoint{}, @@ -5735,12 +6994,18 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-2", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, endpointKey{ Region: "eu-north-1", }: endpoint{}, @@ -5792,6 +7057,12 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, endpointKey{ Region: "me-south-1", }: endpoint{}, @@ -5971,12 +7242,27 @@ var awsPartition = partition{ endpointKey{ Region: "ca-central-1", }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "comprehendmedical-fips.ca-central-1.amazonaws.com", + }, endpointKey{ Region: "eu-west-1", }: endpoint{}, endpointKey{ Region: "eu-west-2", }: endpoint{}, + endpointKey{ + Region: "fips-ca-central-1", + }: endpoint{ + Hostname: "comprehendmedical-fips.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "fips-us-east-1", }: endpoint{ @@ -6083,6 +7369,14 @@ var awsPartition = partition{ Region: "ap-south-1", }, }, + endpointKey{ + Region: "ap-south-2", + }: endpoint{ + Hostname: "compute-optimizer.ap-south-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-south-2", + }, + }, endpointKey{ Region: "ap-southeast-1", }: endpoint{ @@ -6099,6 +7393,22 @@ var awsPartition = partition{ Region: "ap-southeast-2", }, }, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{ + Hostname: "compute-optimizer.ap-southeast-3.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-southeast-3", + }, + }, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{ + Hostname: "compute-optimizer.ap-southeast-4.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-southeast-4", + }, + }, endpointKey{ Region: "ca-central-1", }: endpoint{ @@ -6115,6 +7425,14 @@ var awsPartition = partition{ Region: "eu-central-1", }, }, + endpointKey{ + Region: "eu-central-2", + }: endpoint{ + Hostname: "compute-optimizer.eu-central-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-central-2", + }, + }, endpointKey{ Region: "eu-north-1", }: endpoint{ @@ -6131,6 +7449,14 @@ var awsPartition = partition{ Region: "eu-south-1", }, }, + endpointKey{ + Region: "eu-south-2", + }: endpoint{ + Hostname: "compute-optimizer.eu-south-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-south-2", + }, + }, endpointKey{ Region: "eu-west-1", }: endpoint{ @@ -6155,6 +7481,22 @@ var awsPartition = partition{ Region: "eu-west-3", }, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{ + Hostname: "compute-optimizer.il-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "il-central-1", + }, + }, + endpointKey{ + Region: "me-central-1", + }: endpoint{ + Hostname: "compute-optimizer.me-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "me-central-1", + }, + }, endpointKey{ Region: "me-south-1", }: endpoint{ @@ -6237,9 +7579,15 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, @@ -6300,6 +7648,9 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, endpointKey{ Region: "me-central-1", }: endpoint{}, @@ -6373,12 +7724,42 @@ var awsPartition = partition{ endpointKey{ Region: "eu-west-2", }: endpoint{}, + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "connect-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "connect-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "us-east-1", }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "connect-fips.us-east-1.amazonaws.com", + }, endpointKey{ Region: "us-west-2", }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "connect-fips.us-west-2.amazonaws.com", + }, }, }, "connect-campaigns": service{ @@ -6386,6 +7767,12 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-2", }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, endpointKey{ Region: "eu-west-2", }: endpoint{}, @@ -6435,6 +7822,12 @@ var awsPartition = partition{ endpointKey{ Region: "ap-northeast-2", }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, endpointKey{ Region: "ap-southeast-2", }: endpoint{}, @@ -6457,21 +7850,39 @@ var awsPartition = partition{ }, "controltower": service{ Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, endpointKey{ Region: "ap-northeast-1", }: endpoint{}, endpointKey{ Region: "ap-northeast-2", }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, endpointKey{ Region: "ap-south-1", }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, endpointKey{ Region: "ap-southeast-1", }: endpoint{}, endpointKey{ Region: "ap-southeast-2", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, @@ -6493,9 +7904,18 @@ var awsPartition = partition{ endpointKey{ Region: "eu-central-1", }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, endpointKey{ Region: "eu-north-1", }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, endpointKey{ Region: "eu-west-1", }: endpoint{}, @@ -6505,6 +7925,15 @@ var awsPartition = partition{ endpointKey{ Region: "eu-west-3", }: endpoint{}, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, endpointKey{ Region: "sa-east-1", }: endpoint{}, @@ -6544,6 +7973,24 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "controltower-fips.us-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-west-1-fips", + }: endpoint{ + Hostname: "controltower-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "us-west-2", }: endpoint{}, @@ -6564,6 +8011,18 @@ var awsPartition = partition{ }, }, }, + "cost-optimization-hub": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-east-1", + }: endpoint{ + Hostname: "cost-optimization-hub.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + }, + }, "cur": service{ Endpoints: serviceEndpoints{ endpointKey{ @@ -7076,6 +8535,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-south-1", }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, endpointKey{ Region: "ap-southeast-1", }: endpoint{}, @@ -7085,6 +8547,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, @@ -7094,15 +8559,30 @@ var awsPartition = partition{ }: endpoint{ Hostname: "datasync-fips.ca-central-1.amazonaws.com", }, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "datasync-fips.ca-west-1.amazonaws.com", + }, endpointKey{ Region: "eu-central-1", }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, endpointKey{ Region: "eu-north-1", }: endpoint{}, endpointKey{ Region: "eu-south-1", }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, endpointKey{ Region: "eu-west-1", }: endpoint{}, @@ -7121,6 +8601,15 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "fips-ca-west-1", + }: endpoint{ + Hostname: "datasync-fips.ca-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-west-1", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "fips-us-east-1", }: endpoint{ @@ -7157,6 +8646,9 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, endpointKey{ Region: "me-central-1", }: endpoint{}, @@ -7204,6 +8696,190 @@ var awsPartition = partition{ }, }, }, + "datazone": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + DNSSuffix: "api.aws", + }, + defaultKey{ + Variant: fipsVariant, + }: endpoint{ + Hostname: "{service}-fips.{region}.{dnsSuffix}", + DNSSuffix: "api.aws", + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{ + Hostname: "datazone.af-south-1.api.aws", + }, + endpointKey{ + Region: "ap-east-1", + }: endpoint{ + Hostname: "datazone.ap-east-1.api.aws", + }, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{ + Hostname: "datazone.ap-northeast-1.api.aws", + }, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{ + Hostname: "datazone.ap-northeast-2.api.aws", + }, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{ + Hostname: "datazone.ap-northeast-3.api.aws", + }, + endpointKey{ + Region: "ap-south-1", + }: endpoint{ + Hostname: "datazone.ap-south-1.api.aws", + }, + endpointKey{ + Region: "ap-south-2", + }: endpoint{ + Hostname: "datazone.ap-south-2.api.aws", + }, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{ + Hostname: "datazone.ap-southeast-1.api.aws", + }, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{ + Hostname: "datazone.ap-southeast-2.api.aws", + }, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{ + Hostname: "datazone.ap-southeast-3.api.aws", + }, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{ + Hostname: "datazone.ap-southeast-4.api.aws", + }, + endpointKey{ + Region: "ca-central-1", + }: endpoint{ + Hostname: "datazone.ca-central-1.api.aws", + }, + endpointKey{ + Region: "ca-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "datazone-fips.ca-central-1.amazonaws.com", + }, + endpointKey{ + Region: "ca-west-1", + }: endpoint{ + Hostname: "datazone.ca-west-1.api.aws", + }, + endpointKey{ + Region: "eu-central-1", + }: endpoint{ + Hostname: "datazone.eu-central-1.api.aws", + }, + endpointKey{ + Region: "eu-central-2", + }: endpoint{ + Hostname: "datazone.eu-central-2.api.aws", + }, + endpointKey{ + Region: "eu-north-1", + }: endpoint{ + Hostname: "datazone.eu-north-1.api.aws", + }, + endpointKey{ + Region: "eu-south-1", + }: endpoint{ + Hostname: "datazone.eu-south-1.api.aws", + }, + endpointKey{ + Region: "eu-south-2", + }: endpoint{ + Hostname: "datazone.eu-south-2.api.aws", + }, + endpointKey{ + Region: "eu-west-1", + }: endpoint{ + Hostname: "datazone.eu-west-1.api.aws", + }, + endpointKey{ + Region: "eu-west-2", + }: endpoint{ + Hostname: "datazone.eu-west-2.api.aws", + }, + endpointKey{ + Region: "eu-west-3", + }: endpoint{ + Hostname: "datazone.eu-west-3.api.aws", + }, + endpointKey{ + Region: "il-central-1", + }: endpoint{ + Hostname: "datazone.il-central-1.api.aws", + }, + endpointKey{ + Region: "me-central-1", + }: endpoint{ + Hostname: "datazone.me-central-1.api.aws", + }, + endpointKey{ + Region: "me-south-1", + }: endpoint{ + Hostname: "datazone.me-south-1.api.aws", + }, + endpointKey{ + Region: "sa-east-1", + }: endpoint{ + Hostname: "datazone.sa-east-1.api.aws", + }, + endpointKey{ + Region: "us-east-1", + }: endpoint{ + Hostname: "datazone.us-east-1.api.aws", + }, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "datazone-fips.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{ + Hostname: "datazone.us-east-2.api.aws", + }, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "datazone-fips.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-1", + }: endpoint{ + Hostname: "datazone.us-west-1.api.aws", + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{ + Hostname: "datazone.us-west-2.api.aws", + }, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "datazone-fips.us-west-2.amazonaws.com", + }, + }, + }, "dax": service{ Endpoints: serviceEndpoints{ endpointKey{ @@ -7279,6 +8955,12 @@ var awsPartition = partition{ endpointKey{ Region: "ca-central-1", }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "devops-guru-fips.ca-central-1.amazonaws.com", + }, endpointKey{ Region: "eu-central-1", }: endpoint{}, @@ -7294,6 +8976,15 @@ var awsPartition = partition{ endpointKey{ Region: "eu-west-3", }: endpoint{}, + endpointKey{ + Region: "fips-ca-central-1", + }: endpoint{ + Hostname: "devops-guru-fips.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "fips-us-east-1", }: endpoint{ @@ -7312,6 +9003,15 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "fips-us-west-1", + }: endpoint{ + Hostname: "devops-guru-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "fips-us-west-2", }: endpoint{ @@ -7345,6 +9045,12 @@ var awsPartition = partition{ endpointKey{ Region: "us-west-1", }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "devops-guru-fips.us-west-1.amazonaws.com", + }, endpointKey{ Region: "us-west-2", }: endpoint{}, @@ -7388,9 +9094,15 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, @@ -7451,6 +9163,9 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, endpointKey{ Region: "me-central-1", }: endpoint{}, @@ -7543,6 +9258,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-south-1", }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, endpointKey{ Region: "ap-southeast-1", }: endpoint{}, @@ -7552,18 +9270,30 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, endpointKey{ Region: "eu-north-1", }: endpoint{}, endpointKey{ Region: "eu-south-1", }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, endpointKey{ Region: "eu-west-1", }: endpoint{}, @@ -7573,6 +9303,9 @@ var awsPartition = partition{ endpointKey{ Region: "eu-west-3", }: endpoint{}, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, endpointKey{ Region: "me-central-1", }: endpoint{}, @@ -7628,9 +9361,15 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, endpointKey{ Region: "dms", }: endpoint{ @@ -7682,6 +9421,9 @@ var awsPartition = partition{ endpointKey{ Region: "eu-west-3", }: endpoint{}, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, endpointKey{ Region: "me-central-1", }: endpoint{}, @@ -7902,74 +9644,7 @@ var awsPartition = partition{ Region: "ap-south-1", }: endpoint{}, endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-3", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - }, - }, - "ds": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", + Region: "ap-south-2", }: endpoint{}, endpointKey{ Region: "ap-southeast-1", @@ -7981,179 +9656,11 @@ var awsPartition = partition{ Region: "ap-southeast-3", }: endpoint{}, endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "ds-fips.ca-central-1.amazonaws.com", - }, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "fips-ca-central-1", - }: endpoint{ - Hostname: "ds-fips.ca-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-1", - }: endpoint{ - Hostname: "ds-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-2", - }: endpoint{ - Hostname: "ds-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-1", - }: endpoint{ - Hostname: "ds-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-2", - }: endpoint{ - Hostname: "ds-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "me-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "ds-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "ds-fips.us-east-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "ds-fips.us-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "ds-fips.us-west-2.amazonaws.com", - }, - }, - }, - "dynamodb": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - Protocols: []string{"http", "https"}, - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-south-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-3", + Region: "ap-southeast-4", }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "dynamodb-fips.ca-central-1.amazonaws.com", - }, - endpointKey{ - Region: "ca-central-1-fips", - }: endpoint{ - Hostname: "dynamodb-fips.ca-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, - Deprecated: boxedTrue, - }, endpointKey{ Region: "eu-central-1", }: endpoint{}, @@ -8178,6 +9685,376 @@ var awsPartition = partition{ endpointKey{ Region: "eu-west-3", }: endpoint{}, + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "drs-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ + Hostname: "drs-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-1", + }: endpoint{ + Hostname: "drs-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "drs-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "drs-fips.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "drs-fips.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "drs-fips.us-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "drs-fips.us-west-2.amazonaws.com", + }, + }, + }, + "ds": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "ds-fips.ca-central-1.amazonaws.com", + }, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "ds-fips.ca-west-1.amazonaws.com", + }, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "fips-ca-central-1", + }: endpoint{ + Hostname: "ds-fips.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-ca-west-1", + }: endpoint{ + Hostname: "ds-fips.ca-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "ds-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ + Hostname: "ds-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-1", + }: endpoint{ + Hostname: "ds-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "ds-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "ds-fips.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "ds-fips.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "ds-fips.us-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "ds-fips.us-west-2.amazonaws.com", + }, + }, + }, + "dynamodb": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + Protocols: []string{"http", "https"}, + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "dynamodb-fips.ca-central-1.amazonaws.com", + }, + endpointKey{ + Region: "ca-central-1-fips", + }: endpoint{ + Hostname: "dynamodb-fips.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "dynamodb-fips.ca-west-1.amazonaws.com", + }, + endpointKey{ + Region: "ca-west-1-fips", + }: endpoint{ + Hostname: "dynamodb-fips.ca-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, endpointKey{ Region: "local", }: endpoint{ @@ -8290,6 +10167,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-south-1", }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, endpointKey{ Region: "ap-southeast-1", }: endpoint{}, @@ -8299,6 +10179,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, @@ -8308,15 +10191,30 @@ var awsPartition = partition{ }: endpoint{ Hostname: "ebs-fips.ca-central-1.amazonaws.com", }, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "ebs-fips.ca-west-1.amazonaws.com", + }, endpointKey{ Region: "eu-central-1", }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, endpointKey{ Region: "eu-north-1", }: endpoint{}, endpointKey{ Region: "eu-south-1", }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, endpointKey{ Region: "eu-west-1", }: endpoint{}, @@ -8335,6 +10233,15 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "fips-ca-west-1", + }: endpoint{ + Hostname: "ebs-fips.ca-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-west-1", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "fips-us-east-1", }: endpoint{ @@ -8371,6 +10278,9 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, endpointKey{ Region: "me-central-1", }: endpoint{}, @@ -8461,6 +10371,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, @@ -8470,6 +10383,15 @@ var awsPartition = partition{ }: endpoint{ Hostname: "ec2-fips.ca-central-1.amazonaws.com", }, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "ec2-fips.ca-west-1.amazonaws.com", + }, endpointKey{ Region: "eu-central-1", }: endpoint{}, @@ -8509,6 +10431,15 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "fips-ca-west-1", + }: endpoint{ + Hostname: "ec2-fips.ca-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-west-1", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "fips-us-east-1", }: endpoint{ @@ -8545,6 +10476,9 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, endpointKey{ Region: "me-central-1", }: endpoint{}, @@ -8648,9 +10582,15 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, @@ -8711,6 +10651,9 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, endpointKey{ Region: "me-central-1", }: endpoint{}, @@ -8811,6 +10754,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-south-1", }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, endpointKey{ Region: "ap-southeast-1", }: endpoint{}, @@ -8820,18 +10766,30 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, endpointKey{ Region: "eu-north-1", }: endpoint{}, endpointKey{ Region: "eu-south-1", }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, endpointKey{ Region: "eu-west-1", }: endpoint{}, @@ -8877,6 +10835,9 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, endpointKey{ Region: "me-central-1", }: endpoint{}, @@ -8924,6 +10885,166 @@ var awsPartition = partition{ }, }, }, + "eks-auth": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + DNSSuffix: "api.aws", + }, + defaultKey{ + Variant: fipsVariant, + }: endpoint{ + Hostname: "{service}-fips.{region}.{dnsSuffix}", + DNSSuffix: "api.aws", + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{ + Hostname: "eks-auth.af-south-1.api.aws", + }, + endpointKey{ + Region: "ap-east-1", + }: endpoint{ + Hostname: "eks-auth.ap-east-1.api.aws", + }, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{ + Hostname: "eks-auth.ap-northeast-1.api.aws", + }, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{ + Hostname: "eks-auth.ap-northeast-2.api.aws", + }, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{ + Hostname: "eks-auth.ap-northeast-3.api.aws", + }, + endpointKey{ + Region: "ap-south-1", + }: endpoint{ + Hostname: "eks-auth.ap-south-1.api.aws", + }, + endpointKey{ + Region: "ap-south-2", + }: endpoint{ + Hostname: "eks-auth.ap-south-2.api.aws", + }, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{ + Hostname: "eks-auth.ap-southeast-1.api.aws", + }, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{ + Hostname: "eks-auth.ap-southeast-2.api.aws", + }, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{ + Hostname: "eks-auth.ap-southeast-3.api.aws", + }, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{ + Hostname: "eks-auth.ap-southeast-4.api.aws", + }, + endpointKey{ + Region: "ca-central-1", + }: endpoint{ + Hostname: "eks-auth.ca-central-1.api.aws", + }, + endpointKey{ + Region: "ca-west-1", + }: endpoint{ + Hostname: "eks-auth.ca-west-1.api.aws", + }, + endpointKey{ + Region: "eu-central-1", + }: endpoint{ + Hostname: "eks-auth.eu-central-1.api.aws", + }, + endpointKey{ + Region: "eu-central-2", + }: endpoint{ + Hostname: "eks-auth.eu-central-2.api.aws", + }, + endpointKey{ + Region: "eu-north-1", + }: endpoint{ + Hostname: "eks-auth.eu-north-1.api.aws", + }, + endpointKey{ + Region: "eu-south-1", + }: endpoint{ + Hostname: "eks-auth.eu-south-1.api.aws", + }, + endpointKey{ + Region: "eu-south-2", + }: endpoint{ + Hostname: "eks-auth.eu-south-2.api.aws", + }, + endpointKey{ + Region: "eu-west-1", + }: endpoint{ + Hostname: "eks-auth.eu-west-1.api.aws", + }, + endpointKey{ + Region: "eu-west-2", + }: endpoint{ + Hostname: "eks-auth.eu-west-2.api.aws", + }, + endpointKey{ + Region: "eu-west-3", + }: endpoint{ + Hostname: "eks-auth.eu-west-3.api.aws", + }, + endpointKey{ + Region: "il-central-1", + }: endpoint{ + Hostname: "eks-auth.il-central-1.api.aws", + }, + endpointKey{ + Region: "me-central-1", + }: endpoint{ + Hostname: "eks-auth.me-central-1.api.aws", + }, + endpointKey{ + Region: "me-south-1", + }: endpoint{ + Hostname: "eks-auth.me-south-1.api.aws", + }, + endpointKey{ + Region: "sa-east-1", + }: endpoint{ + Hostname: "eks-auth.sa-east-1.api.aws", + }, + endpointKey{ + Region: "us-east-1", + }: endpoint{ + Hostname: "eks-auth.us-east-1.api.aws", + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{ + Hostname: "eks-auth.us-east-2.api.aws", + }, + endpointKey{ + Region: "us-west-1", + }: endpoint{ + Hostname: "eks-auth.us-west-1.api.aws", + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{ + Hostname: "eks-auth.us-west-2.api.aws", + }, + }, + }, "elasticache": service{ Endpoints: serviceEndpoints{ endpointKey{ @@ -8956,9 +11077,15 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, @@ -8992,6 +11119,9 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, endpointKey{ Region: "me-central-1", }: endpoint{}, @@ -9161,6 +11291,9 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, endpointKey{ Region: "me-south-1", }: endpoint{}, @@ -9261,6 +11394,15 @@ var awsPartition = partition{ }: endpoint{ Hostname: "elasticfilesystem-fips.ap-south-1.amazonaws.com", }, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "elasticfilesystem-fips.ap-south-2.amazonaws.com", + }, endpointKey{ Region: "ap-southeast-1", }: endpoint{}, @@ -9288,6 +11430,15 @@ var awsPartition = partition{ }: endpoint{ Hostname: "elasticfilesystem-fips.ap-southeast-3.amazonaws.com", }, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + Variant: fipsVariant, + }: endpoint{ + Hostname: "elasticfilesystem-fips.ap-southeast-4.amazonaws.com", + }, endpointKey{ Region: "ca-central-1", }: endpoint{}, @@ -9297,6 +11448,15 @@ var awsPartition = partition{ }: endpoint{ Hostname: "elasticfilesystem-fips.ca-central-1.amazonaws.com", }, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "elasticfilesystem-fips.ca-west-1.amazonaws.com", + }, endpointKey{ Region: "eu-central-1", }: endpoint{}, @@ -9333,6 +11493,15 @@ var awsPartition = partition{ }: endpoint{ Hostname: "elasticfilesystem-fips.eu-south-1.amazonaws.com", }, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "elasticfilesystem-fips.eu-south-2.amazonaws.com", + }, endpointKey{ Region: "eu-west-1", }: endpoint{}, @@ -9414,6 +11583,15 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "fips-ap-south-2", + }: endpoint{ + Hostname: "elasticfilesystem-fips.ap-south-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-south-2", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "fips-ap-southeast-1", }: endpoint{ @@ -9441,6 +11619,15 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "fips-ap-southeast-4", + }: endpoint{ + Hostname: "elasticfilesystem-fips.ap-southeast-4.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-southeast-4", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "fips-ca-central-1", }: endpoint{ @@ -9450,6 +11637,15 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "fips-ca-west-1", + }: endpoint{ + Hostname: "elasticfilesystem-fips.ca-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-west-1", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "fips-eu-central-1", }: endpoint{ @@ -9486,6 +11682,15 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "fips-eu-south-2", + }: endpoint{ + Hostname: "elasticfilesystem-fips.eu-south-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-south-2", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "fips-eu-west-1", }: endpoint{ @@ -9513,6 +11718,15 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "fips-il-central-1", + }: endpoint{ + Hostname: "elasticfilesystem-fips.il-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "il-central-1", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "fips-me-central-1", }: endpoint{ @@ -9576,6 +11790,15 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "il-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "elasticfilesystem-fips.il-central-1.amazonaws.com", + }, endpointKey{ Region: "me-central-1", }: endpoint{}, @@ -9678,9 +11901,15 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, @@ -9741,6 +11970,9 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, endpointKey{ Region: "me-central-1", }: endpoint{}, @@ -9826,6 +12058,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, @@ -9835,6 +12070,15 @@ var awsPartition = partition{ }: endpoint{ Hostname: "elasticmapreduce-fips.ca-central-1.amazonaws.com", }, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "elasticmapreduce-fips.ca-west-1.amazonaws.com", + }, endpointKey{ Region: "eu-central-1", }: endpoint{ @@ -9870,6 +12114,15 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "fips-ca-west-1", + }: endpoint{ + Hostname: "elasticmapreduce-fips.ca-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-west-1", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "fips-us-east-1", }: endpoint{ @@ -9906,6 +12159,9 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, endpointKey{ Region: "me-central-1", }: endpoint{}, @@ -9930,6 +12186,12 @@ var awsPartition = partition{ endpointKey{ Region: "us-east-2", }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "elasticmapreduce.us-east-2.api.aws", + }, endpointKey{ Region: "us-east-2", Variant: fipsVariant, @@ -10013,6 +12275,12 @@ var awsPartition = partition{ endpointKey{ Region: "ca-central-1", }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "email-fips.ca-central-1.amazonaws.com", + }, endpointKey{ Region: "eu-central-1", }: endpoint{}, @@ -10031,6 +12299,15 @@ var awsPartition = partition{ endpointKey{ Region: "eu-west-3", }: endpoint{}, + endpointKey{ + Region: "fips-ca-central-1", + }: endpoint{ + Hostname: "email-fips.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "fips-us-east-1", }: endpoint{ @@ -10040,6 +12317,24 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ + Hostname: "email-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-1", + }: endpoint{ + Hostname: "email-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "fips-us-west-2", }: endpoint{ @@ -10049,6 +12344,9 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, endpointKey{ Region: "me-south-1", }: endpoint{}, @@ -10067,9 +12365,21 @@ var awsPartition = partition{ endpointKey{ Region: "us-east-2", }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "email-fips.us-east-2.amazonaws.com", + }, endpointKey{ Region: "us-west-1", }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "email-fips.us-west-1.amazonaws.com", + }, endpointKey{ Region: "us-west-2", }: endpoint{}, @@ -10083,12 +12393,21 @@ var awsPartition = partition{ }, "emr-containers": service{ Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, endpointKey{ Region: "ap-northeast-1", }: endpoint{}, endpointKey{ Region: "ap-northeast-2", }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, endpointKey{ Region: "ap-south-1", }: endpoint{}, @@ -10098,6 +12417,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-2", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, @@ -10113,6 +12435,12 @@ var awsPartition = partition{ endpointKey{ Region: "eu-north-1", }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, endpointKey{ Region: "eu-west-1", }: endpoint{}, @@ -10167,6 +12495,12 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, endpointKey{ Region: "sa-east-1", }: endpoint{}, @@ -10210,12 +12544,21 @@ var awsPartition = partition{ }, "emr-serverless": service{ Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, endpointKey{ Region: "ap-northeast-1", }: endpoint{}, endpointKey{ Region: "ap-northeast-2", }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, endpointKey{ Region: "ap-south-1", }: endpoint{}, @@ -10225,6 +12568,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-2", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, @@ -10240,6 +12586,12 @@ var awsPartition = partition{ endpointKey{ Region: "eu-north-1", }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, endpointKey{ Region: "eu-west-1", }: endpoint{}, @@ -10294,6 +12646,12 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, endpointKey{ Region: "sa-east-1", }: endpoint{}, @@ -10350,6 +12708,340 @@ var awsPartition = partition{ }, }, "es": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "af-south-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "aos.af-south-1.api.aws", + }, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "aos.ap-east-1.api.aws", + }, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "aos.ap-northeast-1.api.aws", + }, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "aos.ap-northeast-2.api.aws", + }, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "aos.ap-northeast-3.api.aws", + }, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "aos.ap-south-1.api.aws", + }, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "aos.ap-south-2.api.aws", + }, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "aos.ap-southeast-1.api.aws", + }, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "aos.ap-southeast-2.api.aws", + }, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "aos.ap-southeast-3.api.aws", + }, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "aos.ap-southeast-4.api.aws", + }, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "aos.ca-central-1.api.aws", + }, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "aos.ca-west-1.api.aws", + }, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "aos.eu-central-1.api.aws", + }, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "aos.eu-central-2.api.aws", + }, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "aos.eu-north-1.api.aws", + }, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "aos.eu-south-1.api.aws", + }, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "aos.eu-south-2.api.aws", + }, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "aos.eu-west-1.api.aws", + }, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "aos.eu-west-2.api.aws", + }, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "aos.eu-west-3.api.aws", + }, + endpointKey{ + Region: "fips", + }: endpoint{ + Hostname: "es-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "il-central-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "aos.il-central-1.api.aws", + }, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "aos.me-central-1.api.aws", + }, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "aos.me-south-1.api.aws", + }, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "aos.sa-east-1.api.aws", + }, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "aos.us-east-1.api.aws", + }, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "es-fips.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-1-fips", + }: endpoint{ + Hostname: "es-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "aos.us-east-2.api.aws", + }, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "es-fips.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-east-2-fips", + }: endpoint{ + Hostname: "es-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "aos.us-west-1.api.aws", + }, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "es-fips.us-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-west-1-fips", + }: endpoint{ + Hostname: "es-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "aos.us-west-2.api.aws", + }, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "es-fips.us-west-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2-fips", + }: endpoint{ + Hostname: "es-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, + }, + }, + "events": service{ Endpoints: serviceEndpoints{ endpointKey{ Region: "af-south-1", @@ -10382,158 +13074,13 @@ var awsPartition = partition{ Region: "ap-southeast-3", }: endpoint{}, endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-2", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "fips", - }: endpoint{ - Hostname: "es-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "me-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "es-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-1-fips", - }: endpoint{ - Hostname: "es-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "es-fips.us-east-2.amazonaws.com", - }, - endpointKey{ - Region: "us-east-2-fips", - }: endpoint{ - Hostname: "es-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "es-fips.us-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-west-1-fips", - }: endpoint{ - Hostname: "es-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "es-fips.us-west-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2-fips", - }: endpoint{ - Hostname: "es-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - }, - }, - "events": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", + Region: "ap-southeast-4", }: endpoint{}, endpointKey{ - Region: "ap-south-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-3", + Region: "ca-central-1", }: endpoint{}, endpointKey{ - Region: "ca-central-1", + Region: "ca-west-1", }: endpoint{}, endpointKey{ Region: "eu-central-1", @@ -10595,6 +13142,9 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, endpointKey{ Region: "me-central-1", }: endpoint{}, @@ -10693,12 +13243,27 @@ var awsPartition = partition{ }, "finspace": service{ Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, endpointKey{ Region: "eu-west-1", }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, endpointKey{ Region: "us-east-1", }: endpoint{}, @@ -10749,6 +13314,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-south-1", }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, endpointKey{ Region: "ap-southeast-1", }: endpoint{}, @@ -10758,18 +13326,30 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, endpointKey{ Region: "eu-north-1", }: endpoint{}, endpointKey{ Region: "eu-south-1", }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, endpointKey{ Region: "eu-west-1", }: endpoint{}, @@ -10815,6 +13395,9 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, endpointKey{ Region: "me-central-1", }: endpoint{}, @@ -10917,6 +13500,9 @@ var awsPartition = partition{ }: endpoint{ Hostname: "fms-fips.ap-south-1.amazonaws.com", }, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, endpointKey{ Region: "ap-southeast-1", }: endpoint{}, @@ -10935,6 +13521,12 @@ var awsPartition = partition{ }: endpoint{ Hostname: "fms-fips.ap-southeast-2.amazonaws.com", }, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, @@ -10953,6 +13545,9 @@ var awsPartition = partition{ }: endpoint{ Hostname: "fms-fips.eu-central-1.amazonaws.com", }, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, endpointKey{ Region: "eu-north-1", }: endpoint{}, @@ -10965,6 +13560,9 @@ var awsPartition = partition{ }: endpoint{ Hostname: "fms-fips.eu-south-1.amazonaws.com", }, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, endpointKey{ Region: "eu-west-1", }: endpoint{}, @@ -11163,6 +13761,12 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, endpointKey{ Region: "me-south-1", }: endpoint{}, @@ -11419,6 +14023,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-south-1", }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, endpointKey{ Region: "ap-southeast-1", }: endpoint{}, @@ -11428,6 +14035,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, @@ -11440,12 +14050,18 @@ var awsPartition = partition{ endpointKey{ Region: "eu-central-1", }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, endpointKey{ Region: "eu-north-1", }: endpoint{}, endpointKey{ Region: "eu-south-1", }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, endpointKey{ Region: "eu-west-1", }: endpoint{}, @@ -11545,6 +14161,12 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, endpointKey{ Region: "me-south-1", }: endpoint{}, @@ -11746,16 +14368,6 @@ var awsPartition = partition{ }: endpoint{}, }, }, - "gamesparks": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - }, - }, "geo": service{ Endpoints: serviceEndpoints{ endpointKey{ @@ -11969,6 +14581,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-south-1", }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, endpointKey{ Region: "ap-southeast-1", }: endpoint{}, @@ -11978,18 +14593,30 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, endpointKey{ Region: "eu-north-1", }: endpoint{}, endpointKey{ Region: "eu-south-1", }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, endpointKey{ Region: "eu-west-1", }: endpoint{}, @@ -12035,6 +14662,12 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, endpointKey{ Region: "me-south-1", }: endpoint{}, @@ -12189,6 +14822,12 @@ var awsPartition = partition{ endpointKey{ Region: "ca-central-1", }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "greengrass-fips.ca-central-1.amazonaws.com", + }, endpointKey{ Region: "eu-central-1", }: endpoint{}, @@ -12198,15 +14837,69 @@ var awsPartition = partition{ endpointKey{ Region: "eu-west-2", }: endpoint{}, + endpointKey{ + Region: "fips-ca-central-1", + }: endpoint{ + Hostname: "greengrass-fips.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "greengrass-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ + Hostname: "greengrass-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "greengrass-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "us-east-1", }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "greengrass-fips.us-east-1.amazonaws.com", + }, endpointKey{ Region: "us-east-2", }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "greengrass-fips.us-east-2.amazonaws.com", + }, endpointKey{ Region: "us-west-2", }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "greengrass-fips.us-west-2.amazonaws.com", + }, }, }, "groundstation": service{ @@ -12320,6 +15013,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-south-1", }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, endpointKey{ Region: "ap-southeast-1", }: endpoint{}, @@ -12329,9 +15025,15 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, @@ -12344,6 +15046,9 @@ var awsPartition = partition{ endpointKey{ Region: "eu-south-1", }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, endpointKey{ Region: "eu-west-1", }: endpoint{}, @@ -12353,6 +15058,9 @@ var awsPartition = partition{ endpointKey{ Region: "eu-west-3", }: endpoint{}, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, endpointKey{ Region: "me-central-1", }: endpoint{}, @@ -12490,6 +15198,9 @@ var awsPartition = partition{ }, }, Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, endpointKey{ Region: "us-east-1", }: endpoint{}, @@ -12597,6 +15308,9 @@ var awsPartition = partition{ endpointKey{ Region: "af-south-1", }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, endpointKey{ Region: "ap-northeast-1", }: endpoint{}, @@ -12609,6 +15323,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-south-1", }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, endpointKey{ Region: "ap-southeast-1", }: endpoint{}, @@ -12618,18 +15335,27 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, endpointKey{ Region: "eu-north-1", }: endpoint{}, endpointKey{ Region: "eu-south-1", }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, endpointKey{ Region: "eu-west-1", }: endpoint{}, @@ -12639,6 +15365,15 @@ var awsPartition = partition{ endpointKey{ Region: "eu-west-3", }: endpoint{}, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, endpointKey{ Region: "sa-east-1", }: endpoint{}, @@ -12648,6 +15383,9 @@ var awsPartition = partition{ endpointKey{ Region: "us-east-2", }: endpoint{}, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, endpointKey{ Region: "us-west-2", }: endpoint{}, @@ -12877,6 +15615,9 @@ var awsPartition = partition{ }, "inspector2": service{ Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, endpointKey{ Region: "ap-east-1", }: endpoint{}, @@ -12886,6 +15627,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-northeast-2", }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, endpointKey{ Region: "ap-south-1", }: endpoint{}, @@ -12895,12 +15639,18 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-2", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, endpointKey{ Region: "eu-north-1", }: endpoint{}, @@ -12916,6 +15666,42 @@ var awsPartition = partition{ endpointKey{ Region: "eu-west-3", }: endpoint{}, + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "inspector2-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ + Hostname: "inspector2-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-1", + }: endpoint{ + Hostname: "inspector2-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "inspector2-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "me-south-1", }: endpoint{}, @@ -12925,25 +15711,232 @@ var awsPartition = partition{ endpointKey{ Region: "us-east-1", }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "inspector2-fips.us-east-1.amazonaws.com", + }, endpointKey{ Region: "us-east-2", }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "inspector2-fips.us-east-2.amazonaws.com", + }, endpointKey{ Region: "us-west-1", }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "inspector2-fips.us-west-1.amazonaws.com", + }, endpointKey{ Region: "us-west-2", }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "inspector2-fips.us-west-2.amazonaws.com", + }, }, }, - "iot": service{ + "internetmonitor": service{ Defaults: endpointDefaults{ defaultKey{}: endpoint{ - CredentialScope: credentialScope{ - Service: "execute-api", - }, + DNSSuffix: "api.aws", + }, + defaultKey{ + Variant: fipsVariant, + }: endpoint{ + Hostname: "{service}-fips.{region}.{dnsSuffix}", + DNSSuffix: "api.aws", + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{ + Hostname: "internetmonitor.af-south-1.api.aws", + }, + endpointKey{ + Region: "ap-east-1", + }: endpoint{ + Hostname: "internetmonitor.ap-east-1.api.aws", + }, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{ + Hostname: "internetmonitor.ap-northeast-1.api.aws", + }, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{ + Hostname: "internetmonitor.ap-northeast-2.api.aws", + }, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{ + Hostname: "internetmonitor.ap-northeast-3.api.aws", + }, + endpointKey{ + Region: "ap-south-1", + }: endpoint{ + Hostname: "internetmonitor.ap-south-1.api.aws", + }, + endpointKey{ + Region: "ap-south-2", + }: endpoint{ + Hostname: "internetmonitor.ap-south-2.api.aws", + }, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{ + Hostname: "internetmonitor.ap-southeast-1.api.aws", + }, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{ + Hostname: "internetmonitor.ap-southeast-2.api.aws", + }, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{ + Hostname: "internetmonitor.ap-southeast-3.api.aws", + }, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{ + Hostname: "internetmonitor.ap-southeast-4.api.aws", + }, + endpointKey{ + Region: "ca-central-1", + }: endpoint{ + Hostname: "internetmonitor.ca-central-1.api.aws", + }, + endpointKey{ + Region: "ca-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "internetmonitor-fips.ca-central-1.amazonaws.com", + }, + endpointKey{ + Region: "ca-west-1", + }: endpoint{ + Hostname: "internetmonitor.ca-west-1.api.aws", + }, + endpointKey{ + Region: "eu-central-1", + }: endpoint{ + Hostname: "internetmonitor.eu-central-1.api.aws", + }, + endpointKey{ + Region: "eu-central-2", + }: endpoint{ + Hostname: "internetmonitor.eu-central-2.api.aws", + }, + endpointKey{ + Region: "eu-north-1", + }: endpoint{ + Hostname: "internetmonitor.eu-north-1.api.aws", + }, + endpointKey{ + Region: "eu-south-1", + }: endpoint{ + Hostname: "internetmonitor.eu-south-1.api.aws", + }, + endpointKey{ + Region: "eu-south-2", + }: endpoint{ + Hostname: "internetmonitor.eu-south-2.api.aws", + }, + endpointKey{ + Region: "eu-west-1", + }: endpoint{ + Hostname: "internetmonitor.eu-west-1.api.aws", + }, + endpointKey{ + Region: "eu-west-2", + }: endpoint{ + Hostname: "internetmonitor.eu-west-2.api.aws", + }, + endpointKey{ + Region: "eu-west-3", + }: endpoint{ + Hostname: "internetmonitor.eu-west-3.api.aws", + }, + endpointKey{ + Region: "il-central-1", + }: endpoint{ + Hostname: "internetmonitor.il-central-1.api.aws", + }, + endpointKey{ + Region: "me-central-1", + }: endpoint{ + Hostname: "internetmonitor.me-central-1.api.aws", + }, + endpointKey{ + Region: "me-south-1", + }: endpoint{ + Hostname: "internetmonitor.me-south-1.api.aws", + }, + endpointKey{ + Region: "sa-east-1", + }: endpoint{ + Hostname: "internetmonitor.sa-east-1.api.aws", + }, + endpointKey{ + Region: "us-east-1", + }: endpoint{ + Hostname: "internetmonitor.us-east-1.api.aws", + }, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "internetmonitor-fips.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{ + Hostname: "internetmonitor.us-east-2.api.aws", + }, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "internetmonitor-fips.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-1", + }: endpoint{ + Hostname: "internetmonitor.us-west-1.api.aws", + }, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "internetmonitor-fips.us-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{ + Hostname: "internetmonitor.us-west-2.api.aws", + }, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "internetmonitor-fips.us-west-2.amazonaws.com", }, }, + }, + "iot": service{ Endpoints: serviceEndpoints{ endpointKey{ Region: "ap-east-1", @@ -12991,45 +15984,35 @@ var awsPartition = partition{ Region: "fips-ca-central-1", }: endpoint{ Hostname: "iot-fips.ca-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Service: "execute-api", - }, + Deprecated: boxedTrue, }, endpointKey{ Region: "fips-us-east-1", }: endpoint{ Hostname: "iot-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Service: "execute-api", - }, + Deprecated: boxedTrue, }, endpointKey{ Region: "fips-us-east-2", }: endpoint{ Hostname: "iot-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Service: "execute-api", - }, + Deprecated: boxedTrue, }, endpointKey{ Region: "fips-us-west-1", }: endpoint{ Hostname: "iot-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Service: "execute-api", - }, + Deprecated: boxedTrue, }, endpointKey{ Region: "fips-us-west-2", }: endpoint{ Hostname: "iot-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Service: "execute-api", - }, + Deprecated: boxedTrue, }, endpointKey{ @@ -13389,16 +16372,6 @@ var awsPartition = partition{ }: endpoint{}, }, }, - "iotroborunner": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - }, - }, "iotsecuredtunneling": service{ Defaults: endpointDefaults{ defaultKey{}: endpoint{}, @@ -13668,24 +16641,239 @@ var awsPartition = partition{ }, "iottwinmaker": service{ Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, endpointKey{ Region: "ap-southeast-1", }: endpoint{}, endpointKey{ Region: "ap-southeast-2", }: endpoint{}, + endpointKey{ + Region: "api-ap-northeast-1", + }: endpoint{ + Hostname: "api.iottwinmaker.ap-northeast-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-northeast-1", + }, + }, + endpointKey{ + Region: "api-ap-northeast-2", + }: endpoint{ + Hostname: "api.iottwinmaker.ap-northeast-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-northeast-2", + }, + }, + endpointKey{ + Region: "api-ap-south-1", + }: endpoint{ + Hostname: "api.iottwinmaker.ap-south-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-south-1", + }, + }, + endpointKey{ + Region: "api-ap-southeast-1", + }: endpoint{ + Hostname: "api.iottwinmaker.ap-southeast-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-southeast-1", + }, + }, + endpointKey{ + Region: "api-ap-southeast-2", + }: endpoint{ + Hostname: "api.iottwinmaker.ap-southeast-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-southeast-2", + }, + }, + endpointKey{ + Region: "api-eu-central-1", + }: endpoint{ + Hostname: "api.iottwinmaker.eu-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-central-1", + }, + }, + endpointKey{ + Region: "api-eu-west-1", + }: endpoint{ + Hostname: "api.iottwinmaker.eu-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-west-1", + }, + }, + endpointKey{ + Region: "api-us-east-1", + }: endpoint{ + Hostname: "api.iottwinmaker.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + endpointKey{ + Region: "api-us-west-2", + }: endpoint{ + Hostname: "api.iottwinmaker.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, + endpointKey{ + Region: "data-ap-northeast-1", + }: endpoint{ + Hostname: "data.iottwinmaker.ap-northeast-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-northeast-1", + }, + }, + endpointKey{ + Region: "data-ap-northeast-2", + }: endpoint{ + Hostname: "data.iottwinmaker.ap-northeast-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-northeast-2", + }, + }, + endpointKey{ + Region: "data-ap-south-1", + }: endpoint{ + Hostname: "data.iottwinmaker.ap-south-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-south-1", + }, + }, + endpointKey{ + Region: "data-ap-southeast-1", + }: endpoint{ + Hostname: "data.iottwinmaker.ap-southeast-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-southeast-1", + }, + }, + endpointKey{ + Region: "data-ap-southeast-2", + }: endpoint{ + Hostname: "data.iottwinmaker.ap-southeast-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-southeast-2", + }, + }, + endpointKey{ + Region: "data-eu-central-1", + }: endpoint{ + Hostname: "data.iottwinmaker.eu-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-central-1", + }, + }, + endpointKey{ + Region: "data-eu-west-1", + }: endpoint{ + Hostname: "data.iottwinmaker.eu-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-west-1", + }, + }, + endpointKey{ + Region: "data-us-east-1", + }: endpoint{ + Hostname: "data.iottwinmaker.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + endpointKey{ + Region: "data-us-west-2", + }: endpoint{ + Hostname: "data.iottwinmaker.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, endpointKey{ Region: "eu-central-1", }: endpoint{}, endpointKey{ Region: "eu-west-1", }: endpoint{}, + endpointKey{ + Region: "fips-api-us-east-1", + }: endpoint{ + Hostname: "api.iottwinmaker-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + endpointKey{ + Region: "fips-api-us-west-2", + }: endpoint{ + Hostname: "api.iottwinmaker-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, + endpointKey{ + Region: "fips-data-us-east-1", + }: endpoint{ + Hostname: "data.iottwinmaker-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + endpointKey{ + Region: "fips-data-us-west-2", + }: endpoint{ + Hostname: "data.iottwinmaker-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "iottwinmaker-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "iottwinmaker-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "us-east-1", }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "iottwinmaker-fips.us-east-1.amazonaws.com", + }, endpointKey{ Region: "us-west-2", }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "iottwinmaker-fips.us-west-2.amazonaws.com", + }, }, }, "iotwireless": service{ @@ -13782,6 +16970,31 @@ var awsPartition = partition{ }: endpoint{}, }, }, + "ivsrealtime": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + }, + }, "kafka": service{ Endpoints: serviceEndpoints{ endpointKey{ @@ -13802,6 +17015,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-south-1", }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, endpointKey{ Region: "ap-southeast-1", }: endpoint{}, @@ -13811,18 +17027,33 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "kafka-fips.ca-central-1.amazonaws.com", + }, endpointKey{ Region: "eu-central-1", }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, endpointKey{ Region: "eu-north-1", }: endpoint{}, endpointKey{ Region: "eu-south-1", }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, endpointKey{ Region: "eu-west-1", }: endpoint{}, @@ -13832,6 +17063,57 @@ var awsPartition = partition{ endpointKey{ Region: "eu-west-3", }: endpoint{}, + endpointKey{ + Region: "fips-ca-central-1", + }: endpoint{ + Hostname: "kafka-fips.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "kafka-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ + Hostname: "kafka-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-1", + }: endpoint{ + Hostname: "kafka-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "kafka-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, endpointKey{ Region: "me-south-1", }: endpoint{}, @@ -13841,15 +17123,39 @@ var awsPartition = partition{ endpointKey{ Region: "us-east-1", }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "kafka-fips.us-east-1.amazonaws.com", + }, endpointKey{ Region: "us-east-2", }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "kafka-fips.us-east-2.amazonaws.com", + }, endpointKey{ Region: "us-west-1", }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "kafka-fips.us-west-1.amazonaws.com", + }, endpointKey{ Region: "us-west-2", }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "kafka-fips.us-west-2.amazonaws.com", + }, }, }, "kafkaconnect": service{ @@ -13906,6 +17212,9 @@ var awsPartition = partition{ }, "kendra": service{ Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, endpointKey{ Region: "ap-south-1", }: endpoint{}, @@ -13921,6 +17230,9 @@ var awsPartition = partition{ endpointKey{ Region: "eu-west-1", }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, endpointKey{ Region: "fips-us-east-1", }: endpoint{ @@ -13977,6 +17289,180 @@ var awsPartition = partition{ }, }, }, + "kendra-ranking": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + DNSSuffix: "api.aws", + }, + defaultKey{ + Variant: fipsVariant, + }: endpoint{ + Hostname: "{service}-fips.{region}.{dnsSuffix}", + DNSSuffix: "api.aws", + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{ + Hostname: "kendra-ranking.af-south-1.api.aws", + }, + endpointKey{ + Region: "ap-east-1", + }: endpoint{ + Hostname: "kendra-ranking.ap-east-1.api.aws", + }, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{ + Hostname: "kendra-ranking.ap-northeast-1.api.aws", + }, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{ + Hostname: "kendra-ranking.ap-northeast-2.api.aws", + }, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{ + Hostname: "kendra-ranking.ap-northeast-3.api.aws", + }, + endpointKey{ + Region: "ap-south-1", + }: endpoint{ + Hostname: "kendra-ranking.ap-south-1.api.aws", + }, + endpointKey{ + Region: "ap-south-2", + }: endpoint{ + Hostname: "kendra-ranking.ap-south-2.api.aws", + }, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{ + Hostname: "kendra-ranking.ap-southeast-1.api.aws", + }, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{ + Hostname: "kendra-ranking.ap-southeast-2.api.aws", + }, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{ + Hostname: "kendra-ranking.ap-southeast-3.api.aws", + }, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{ + Hostname: "kendra-ranking.ap-southeast-4.api.aws", + }, + endpointKey{ + Region: "ca-central-1", + }: endpoint{ + Hostname: "kendra-ranking.ca-central-1.api.aws", + }, + endpointKey{ + Region: "ca-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "kendra-ranking-fips.ca-central-1.api.aws", + }, + endpointKey{ + Region: "ca-west-1", + }: endpoint{ + Hostname: "kendra-ranking.ca-west-1.api.aws", + }, + endpointKey{ + Region: "eu-central-2", + }: endpoint{ + Hostname: "kendra-ranking.eu-central-2.api.aws", + }, + endpointKey{ + Region: "eu-north-1", + }: endpoint{ + Hostname: "kendra-ranking.eu-north-1.api.aws", + }, + endpointKey{ + Region: "eu-south-1", + }: endpoint{ + Hostname: "kendra-ranking.eu-south-1.api.aws", + }, + endpointKey{ + Region: "eu-south-2", + }: endpoint{ + Hostname: "kendra-ranking.eu-south-2.api.aws", + }, + endpointKey{ + Region: "eu-west-1", + }: endpoint{ + Hostname: "kendra-ranking.eu-west-1.api.aws", + }, + endpointKey{ + Region: "eu-west-3", + }: endpoint{ + Hostname: "kendra-ranking.eu-west-3.api.aws", + }, + endpointKey{ + Region: "il-central-1", + }: endpoint{ + Hostname: "kendra-ranking.il-central-1.api.aws", + }, + endpointKey{ + Region: "me-central-1", + }: endpoint{ + Hostname: "kendra-ranking.me-central-1.api.aws", + }, + endpointKey{ + Region: "me-south-1", + }: endpoint{ + Hostname: "kendra-ranking.me-south-1.api.aws", + }, + endpointKey{ + Region: "sa-east-1", + }: endpoint{ + Hostname: "kendra-ranking.sa-east-1.api.aws", + }, + endpointKey{ + Region: "us-east-1", + }: endpoint{ + Hostname: "kendra-ranking.us-east-1.api.aws", + }, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "kendra-ranking-fips.us-east-1.api.aws", + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{ + Hostname: "kendra-ranking.us-east-2.api.aws", + }, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "kendra-ranking-fips.us-east-2.api.aws", + }, + endpointKey{ + Region: "us-west-1", + }: endpoint{ + Hostname: "kendra-ranking.us-west-1.api.aws", + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{ + Hostname: "kendra-ranking.us-west-2.api.aws", + }, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "kendra-ranking-fips.us-west-2.api.aws", + }, + }, + }, "kinesis": service{ Endpoints: serviceEndpoints{ endpointKey{ @@ -14009,9 +17495,15 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, @@ -14072,6 +17564,9 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, endpointKey{ Region: "me-central-1", }: endpoint{}, @@ -14139,6 +17634,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-south-1", }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, endpointKey{ Region: "ap-southeast-1", }: endpoint{}, @@ -14148,18 +17646,30 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, endpointKey{ Region: "eu-north-1", }: endpoint{}, endpointKey{ Region: "eu-south-1", }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, endpointKey{ Region: "eu-west-1", }: endpoint{}, @@ -14169,6 +17679,12 @@ var awsPartition = partition{ endpointKey{ Region: "eu-west-3", }: endpoint{}, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, endpointKey{ Region: "me-south-1", }: endpoint{}, @@ -14432,6 +17948,15 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + Variant: fipsVariant, + }: endpoint{ + Hostname: "kms-fips.ap-southeast-4.amazonaws.com", + }, endpointKey{ Region: "ap-southeast-4-fips", }: endpoint{ @@ -14459,6 +17984,24 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "kms-fips.ca-west-1.amazonaws.com", + }, + endpointKey{ + Region: "ca-west-1-fips", + }: endpoint{ + Hostname: "kms-fips.ca-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-west-1", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "eu-central-1", }: endpoint{}, @@ -14603,6 +18146,24 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "il-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "kms-fips.il-central-1.amazonaws.com", + }, + endpointKey{ + Region: "il-central-1-fips", + }: endpoint{ + Hostname: "kms-fips.il-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "il-central-1", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "me-central-1", }: endpoint{}, @@ -14751,24 +18312,42 @@ var awsPartition = partition{ endpointKey{ Region: "ap-south-1", }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, endpointKey{ Region: "ap-southeast-1", }: endpoint{}, endpointKey{ Region: "ap-southeast-2", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, endpointKey{ Region: "eu-north-1", }: endpoint{}, endpointKey{ Region: "eu-south-1", }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, endpointKey{ Region: "eu-west-1", }: endpoint{}, @@ -14814,6 +18393,12 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, endpointKey{ Region: "me-south-1", }: endpoint{}, @@ -14950,6 +18535,15 @@ var awsPartition = partition{ }: endpoint{ Hostname: "lambda.ap-southeast-3.api.aws", }, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "lambda.ap-southeast-4.api.aws", + }, endpointKey{ Region: "ca-central-1", }: endpoint{}, @@ -14959,6 +18553,15 @@ var awsPartition = partition{ }: endpoint{ Hostname: "lambda.ca-central-1.api.aws", }, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "lambda.ca-west-1.api.aws", + }, endpointKey{ Region: "eu-central-1", }: endpoint{}, @@ -15067,6 +18670,15 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "il-central-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "lambda.il-central-1.api.aws", + }, endpointKey{ Region: "me-central-1", }: endpoint{}, @@ -15176,6 +18788,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-south-1", }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, endpointKey{ Region: "ap-southeast-1", }: endpoint{}, @@ -15185,18 +18800,27 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, endpointKey{ Region: "eu-north-1", }: endpoint{}, endpointKey{ Region: "eu-south-1", }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, endpointKey{ Region: "eu-west-1", }: endpoint{}, @@ -15242,6 +18866,12 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, endpointKey{ Region: "me-south-1", }: endpoint{}, @@ -15288,6 +18918,12 @@ var awsPartition = partition{ }, "license-manager-linux-subscriptions": service{ Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, endpointKey{ Region: "ap-northeast-1", }: endpoint{}, @@ -15300,21 +18936,42 @@ var awsPartition = partition{ endpointKey{ Region: "ap-south-1", }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, endpointKey{ Region: "ap-southeast-1", }: endpoint{}, endpointKey{ Region: "ap-southeast-2", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, endpointKey{ Region: "eu-north-1", }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, endpointKey{ Region: "eu-west-1", }: endpoint{}, @@ -15360,6 +19017,15 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, endpointKey{ Region: "sa-east-1", }: endpoint{}, @@ -15421,24 +19087,39 @@ var awsPartition = partition{ endpointKey{ Region: "ap-south-1", }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, endpointKey{ Region: "ap-southeast-1", }: endpoint{}, endpointKey{ Region: "ap-southeast-2", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, endpointKey{ Region: "eu-north-1", }: endpoint{}, endpointKey{ Region: "eu-south-1", }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, endpointKey{ Region: "eu-west-1", }: endpoint{}, @@ -15484,6 +19165,12 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, endpointKey{ Region: "me-south-1", }: endpoint{}, @@ -15579,60 +19266,222 @@ var awsPartition = partition{ endpointKey{ Region: "af-south-1", }: endpoint{}, + endpointKey{ + Region: "af-south-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "logs.af-south-1.api.aws", + }, endpointKey{ Region: "ap-east-1", }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "logs.ap-east-1.api.aws", + }, endpointKey{ Region: "ap-northeast-1", }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "logs.ap-northeast-1.api.aws", + }, endpointKey{ Region: "ap-northeast-2", }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "logs.ap-northeast-2.api.aws", + }, endpointKey{ Region: "ap-northeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "logs.ap-northeast-3.api.aws", + }, endpointKey{ Region: "ap-south-1", }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "logs.ap-south-1.api.aws", + }, endpointKey{ Region: "ap-south-2", }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "logs.ap-south-2.api.aws", + }, endpointKey{ Region: "ap-southeast-1", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "logs.ap-southeast-1.api.aws", + }, endpointKey{ Region: "ap-southeast-2", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "logs.ap-southeast-2.api.aws", + }, endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "logs.ap-southeast-3.api.aws", + }, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "logs.ap-southeast-4.api.aws", + }, endpointKey{ Region: "ca-central-1", }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "logs.ca-central-1.api.aws", + }, + endpointKey{ + Region: "ca-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "logs-fips.ca-central-1.amazonaws.com", + }, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "logs.ca-west-1.api.aws", + }, + endpointKey{ + Region: "ca-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "logs-fips.ca-west-1.amazonaws.com", + }, endpointKey{ Region: "eu-central-1", }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "logs.eu-central-1.api.aws", + }, endpointKey{ Region: "eu-central-2", }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "logs.eu-central-2.api.aws", + }, endpointKey{ Region: "eu-north-1", }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "logs.eu-north-1.api.aws", + }, endpointKey{ Region: "eu-south-1", }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "logs.eu-south-1.api.aws", + }, endpointKey{ Region: "eu-south-2", }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "logs.eu-south-2.api.aws", + }, endpointKey{ Region: "eu-west-1", }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "logs.eu-west-1.api.aws", + }, endpointKey{ Region: "eu-west-2", }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "logs.eu-west-2.api.aws", + }, endpointKey{ Region: "eu-west-3", }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "logs.eu-west-3.api.aws", + }, + endpointKey{ + Region: "fips-ca-central-1", + }: endpoint{ + Hostname: "logs-fips.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-ca-west-1", + }: endpoint{ + Hostname: "logs-fips.ca-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-west-1", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "fips-us-east-1", }: endpoint{ @@ -15669,18 +19518,51 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "il-central-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "logs.il-central-1.api.aws", + }, endpointKey{ Region: "me-central-1", }: endpoint{}, + endpointKey{ + Region: "me-central-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "logs.me-central-1.api.aws", + }, endpointKey{ Region: "me-south-1", }: endpoint{}, + endpointKey{ + Region: "me-south-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "logs.me-south-1.api.aws", + }, endpointKey{ Region: "sa-east-1", }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "logs.sa-east-1.api.aws", + }, endpointKey{ Region: "us-east-1", }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "logs.us-east-1.api.aws", + }, endpointKey{ Region: "us-east-1", Variant: fipsVariant, @@ -15690,6 +19572,12 @@ var awsPartition = partition{ endpointKey{ Region: "us-east-2", }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "logs.us-east-2.api.aws", + }, endpointKey{ Region: "us-east-2", Variant: fipsVariant, @@ -15699,6 +19587,12 @@ var awsPartition = partition{ endpointKey{ Region: "us-west-1", }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "logs.us-west-1.api.aws", + }, endpointKey{ Region: "us-west-1", Variant: fipsVariant, @@ -15708,6 +19602,12 @@ var awsPartition = partition{ endpointKey{ Region: "us-west-2", }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "logs.us-west-2.api.aws", + }, endpointKey{ Region: "us-west-2", Variant: fipsVariant, @@ -15787,9 +19687,18 @@ var awsPartition = partition{ }, "m2": service{ Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, endpointKey{ Region: "ap-northeast-1", }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, endpointKey{ Region: "ap-south-1", }: endpoint{}, @@ -15809,6 +19718,15 @@ var awsPartition = partition{ endpointKey{ Region: "eu-central-1", }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, endpointKey{ Region: "eu-west-1", }: endpoint{}, @@ -15830,12 +19748,27 @@ var awsPartition = partition{ Deprecated: boxedTrue, }, + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ + + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-1", + }: endpoint{ + + Deprecated: boxedTrue, + }, endpointKey{ Region: "fips-us-west-2", }: endpoint{ Deprecated: boxedTrue, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, endpointKey{ Region: "sa-east-1", }: endpoint{}, @@ -15846,6 +19779,20 @@ var awsPartition = partition{ Region: "us-east-1", Variant: fipsVariant, }: endpoint{}, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{}, endpointKey{ Region: "us-west-2", }: endpoint{}, @@ -15865,46 +19812,6 @@ var awsPartition = partition{ }: endpoint{}, }, }, - "macie": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "fips-us-east-1", - }: endpoint{ - Hostname: "macie-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-2", - }: endpoint{ - Hostname: "macie-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "macie-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "macie-fips.us-west-2.amazonaws.com", - }, - }, - }, "macie2": service{ Endpoints: serviceEndpoints{ endpointKey{ @@ -15988,6 +19895,9 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, endpointKey{ Region: "me-south-1", }: endpoint{}, @@ -16054,6 +19964,13 @@ var awsPartition = partition{ }: endpoint{}, }, }, + "managedblockchain-query": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + }, + }, "marketplacecommerceanalytics": service{ Endpoints: serviceEndpoints{ endpointKey{ @@ -16109,6 +20026,9 @@ var awsPartition = partition{ }, "mediaconnect": service{ Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, endpointKey{ Region: "ap-east-1", }: endpoint{}, @@ -16118,15 +20038,27 @@ var awsPartition = partition{ endpointKey{ Region: "ap-northeast-2", }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, endpointKey{ Region: "ap-south-1", }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, endpointKey{ Region: "ap-southeast-1", }: endpoint{}, endpointKey{ Region: "ap-southeast-2", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, @@ -16142,6 +20074,9 @@ var awsPartition = partition{ endpointKey{ Region: "eu-west-3", }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, endpointKey{ Region: "sa-east-1", }: endpoint{}, @@ -16170,6 +20105,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-northeast-2", }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, endpointKey{ Region: "ap-south-1", }: endpoint{}, @@ -16179,6 +20117,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-2", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, @@ -16297,6 +20238,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-northeast-2", }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, endpointKey{ Region: "ap-south-1", }: endpoint{}, @@ -16306,6 +20250,12 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-2", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, @@ -16388,6 +20338,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-northeast-2", }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, endpointKey{ Region: "ap-south-1", }: endpoint{}, @@ -16397,6 +20350,12 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-2", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, @@ -16437,6 +20396,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-northeast-2", }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, endpointKey{ Region: "ap-south-1", }: endpoint{}, @@ -16446,6 +20408,70 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-2", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + }, + }, + "mediapackagev2": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, @@ -16511,12 +20537,33 @@ var awsPartition = partition{ }, "meetings-chime": service{ Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, endpointKey{ Region: "ap-southeast-1", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, endpointKey{ Region: "us-east-1", }: endpoint{}, @@ -16685,6 +20732,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, @@ -16712,6 +20762,9 @@ var awsPartition = partition{ endpointKey{ Region: "eu-west-3", }: endpoint{}, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, endpointKey{ Region: "me-central-1", }: endpoint{}, @@ -16755,6 +20808,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-south-1", }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, endpointKey{ Region: "ap-southeast-1", }: endpoint{}, @@ -16764,24 +20820,42 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, endpointKey{ Region: "eu-north-1", }: endpoint{}, endpointKey{ Region: "eu-south-1", }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, endpointKey{ Region: "eu-west-1", }: endpoint{}, endpointKey{ Region: "eu-west-2", }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, endpointKey{ Region: "me-central-1", }: endpoint{}, @@ -16850,6 +20924,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-south-1", }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, endpointKey{ Region: "ap-southeast-1", }: endpoint{}, @@ -16859,18 +20936,27 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, endpointKey{ Region: "eu-north-1", }: endpoint{}, endpointKey{ Region: "eu-south-1", }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, endpointKey{ Region: "eu-west-1", }: endpoint{}, @@ -16916,6 +21002,12 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, endpointKey{ Region: "me-south-1", }: endpoint{}, @@ -17164,9 +21256,15 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, @@ -17227,6 +21325,9 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, endpointKey{ Region: "me-central-1", }: endpoint{}, @@ -17294,6 +21395,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-south-1", }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, endpointKey{ Region: "ap-southeast-1", }: endpoint{}, @@ -17303,18 +21407,27 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, endpointKey{ Region: "eu-north-1", }: endpoint{}, endpointKey{ Region: "eu-south-1", }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, endpointKey{ Region: "eu-west-1", }: endpoint{}, @@ -17360,6 +21473,9 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, endpointKey{ Region: "me-central-1", }: endpoint{}, @@ -17588,6 +21704,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-south-1", }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, endpointKey{ Region: "ap-southeast-1", }: endpoint{}, @@ -17597,6 +21716,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, @@ -17609,12 +21731,18 @@ var awsPartition = partition{ endpointKey{ Region: "eu-central-1", }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, endpointKey{ Region: "eu-north-1", }: endpoint{}, endpointKey{ Region: "eu-south-1", }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, endpointKey{ Region: "eu-west-1", }: endpoint{}, @@ -17669,6 +21797,12 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, endpointKey{ Region: "me-south-1", }: endpoint{}, @@ -17725,6 +21859,24 @@ var awsPartition = partition{ Region: "us-west-2", }, }, + endpointKey{ + Region: "aws-global", + Variant: fipsVariant, + }: endpoint{ + Hostname: "networkmanager-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, + endpointKey{ + Region: "fips-aws-global", + }: endpoint{ + Hostname: "networkmanager-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, }, }, "nimble": service{ @@ -17732,18 +21884,33 @@ var awsPartition = partition{ endpointKey{ Region: "ap-northeast-1", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, endpointKey{ Region: "ap-southeast-2", }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, endpointKey{ Region: "eu-west-2", }: endpoint{}, endpointKey{ Region: "us-east-1", }: endpoint{}, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, endpointKey{ Region: "us-west-2", }: endpoint{}, @@ -17781,9 +21948,15 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, @@ -17808,6 +21981,9 @@ var awsPartition = partition{ endpointKey{ Region: "eu-west-3", }: endpoint{}, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, endpointKey{ Region: "me-central-1", }: endpoint{}, @@ -17905,6 +22081,14 @@ var awsPartition = partition{ Region: "ap-southeast-3", }, }, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{ + Hostname: "oidc.ap-southeast-4.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-southeast-4", + }, + }, endpointKey{ Region: "ca-central-1", }: endpoint{ @@ -17921,6 +22105,14 @@ var awsPartition = partition{ Region: "eu-central-1", }, }, + endpointKey{ + Region: "eu-central-2", + }: endpoint{ + Hostname: "oidc.eu-central-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-central-2", + }, + }, endpointKey{ Region: "eu-north-1", }: endpoint{ @@ -17961,6 +22153,22 @@ var awsPartition = partition{ Region: "eu-west-3", }, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{ + Hostname: "oidc.il-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "il-central-1", + }, + }, + endpointKey{ + Region: "me-central-1", + }: endpoint{ + Hostname: "oidc.me-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "me-central-1", + }, + }, endpointKey{ Region: "me-south-1", }: endpoint{ @@ -18011,6 +22219,102 @@ var awsPartition = partition{ }, }, }, + "omics": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{ + Hostname: "omics.ap-southeast-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-southeast-1", + }, + }, + endpointKey{ + Region: "eu-central-1", + }: endpoint{ + Hostname: "omics.eu-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-central-1", + }, + }, + endpointKey{ + Region: "eu-west-1", + }: endpoint{ + Hostname: "omics.eu-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-west-1", + }, + }, + endpointKey{ + Region: "eu-west-2", + }: endpoint{ + Hostname: "omics.eu-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-west-2", + }, + }, + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "omics-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "omics-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "il-central-1", + }: endpoint{ + Hostname: "omics.il-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "il-central-1", + }, + }, + endpointKey{ + Region: "us-east-1", + }: endpoint{ + Hostname: "omics.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "omics-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{ + Hostname: "omics.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "omics-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, + }, + }, "opsworks": service{ Endpoints: serviceEndpoints{ endpointKey{ @@ -18123,6 +22427,55 @@ var awsPartition = partition{ }, }, }, + "osis": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + }, + }, "outposts": service{ Endpoints: serviceEndpoints{ endpointKey{ @@ -18224,6 +22577,12 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, endpointKey{ Region: "me-south-1", }: endpoint{}, @@ -18401,9 +22760,15 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, @@ -18428,6 +22793,9 @@ var awsPartition = partition{ endpointKey{ Region: "eu-west-3", }: endpoint{}, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, endpointKey{ Region: "me-central-1", }: endpoint{}, @@ -18610,6 +22978,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-south-1", }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, endpointKey{ Region: "ap-southeast-1", }: endpoint{}, @@ -18625,12 +22996,18 @@ var awsPartition = partition{ endpointKey{ Region: "eu-central-1", }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, endpointKey{ Region: "eu-north-1", }: endpoint{}, endpointKey{ Region: "eu-south-1", }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, endpointKey{ Region: "eu-west-1", }: endpoint{}, @@ -18677,6 +23054,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-northeast-2", }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, endpointKey{ Region: "ap-south-1", }: endpoint{}, @@ -18858,6 +23238,14 @@ var awsPartition = partition{ Region: "ap-southeast-3", }, }, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{ + Hostname: "portal.sso.ap-southeast-4.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-southeast-4", + }, + }, endpointKey{ Region: "ca-central-1", }: endpoint{ @@ -18874,6 +23262,14 @@ var awsPartition = partition{ Region: "eu-central-1", }, }, + endpointKey{ + Region: "eu-central-2", + }: endpoint{ + Hostname: "portal.sso.eu-central-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-central-2", + }, + }, endpointKey{ Region: "eu-north-1", }: endpoint{ @@ -18914,6 +23310,22 @@ var awsPartition = partition{ Region: "eu-west-3", }, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{ + Hostname: "portal.sso.il-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "il-central-1", + }, + }, + endpointKey{ + Region: "me-central-1", + }: endpoint{ + Hostname: "portal.sso.me-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "me-central-1", + }, + }, endpointKey{ Region: "me-south-1", }: endpoint{ @@ -18964,6 +23376,19 @@ var awsPartition = partition{ }, }, }, + "private-networks": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + }, + }, "profile": service{ Endpoints: serviceEndpoints{ endpointKey{ @@ -18984,18 +23409,63 @@ var awsPartition = partition{ endpointKey{ Region: "ca-central-1", }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "profile-fips.ca-central-1.amazonaws.com", + }, endpointKey{ Region: "eu-central-1", }: endpoint{}, endpointKey{ Region: "eu-west-2", }: endpoint{}, + endpointKey{ + Region: "fips-ca-central-1", + }: endpoint{ + Hostname: "profile-fips.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "profile-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "profile-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "us-east-1", }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "profile-fips.us-east-1.amazonaws.com", + }, endpointKey{ Region: "us-west-2", }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "profile-fips.us-west-2.amazonaws.com", + }, }, }, "projects.iot1click": service{ @@ -19060,6 +23530,166 @@ var awsPartition = partition{ }: endpoint{}, }, }, + "qbusiness": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + DNSSuffix: "api.aws", + }, + defaultKey{ + Variant: fipsVariant, + }: endpoint{ + Hostname: "{service}-fips.{region}.{dnsSuffix}", + DNSSuffix: "api.aws", + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{ + Hostname: "qbusiness.af-south-1.api.aws", + }, + endpointKey{ + Region: "ap-east-1", + }: endpoint{ + Hostname: "qbusiness.ap-east-1.api.aws", + }, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{ + Hostname: "qbusiness.ap-northeast-1.api.aws", + }, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{ + Hostname: "qbusiness.ap-northeast-2.api.aws", + }, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{ + Hostname: "qbusiness.ap-northeast-3.api.aws", + }, + endpointKey{ + Region: "ap-south-1", + }: endpoint{ + Hostname: "qbusiness.ap-south-1.api.aws", + }, + endpointKey{ + Region: "ap-south-2", + }: endpoint{ + Hostname: "qbusiness.ap-south-2.api.aws", + }, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{ + Hostname: "qbusiness.ap-southeast-1.api.aws", + }, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{ + Hostname: "qbusiness.ap-southeast-2.api.aws", + }, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{ + Hostname: "qbusiness.ap-southeast-3.api.aws", + }, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{ + Hostname: "qbusiness.ap-southeast-4.api.aws", + }, + endpointKey{ + Region: "ca-central-1", + }: endpoint{ + Hostname: "qbusiness.ca-central-1.api.aws", + }, + endpointKey{ + Region: "ca-west-1", + }: endpoint{ + Hostname: "qbusiness.ca-west-1.api.aws", + }, + endpointKey{ + Region: "eu-central-1", + }: endpoint{ + Hostname: "qbusiness.eu-central-1.api.aws", + }, + endpointKey{ + Region: "eu-central-2", + }: endpoint{ + Hostname: "qbusiness.eu-central-2.api.aws", + }, + endpointKey{ + Region: "eu-north-1", + }: endpoint{ + Hostname: "qbusiness.eu-north-1.api.aws", + }, + endpointKey{ + Region: "eu-south-1", + }: endpoint{ + Hostname: "qbusiness.eu-south-1.api.aws", + }, + endpointKey{ + Region: "eu-south-2", + }: endpoint{ + Hostname: "qbusiness.eu-south-2.api.aws", + }, + endpointKey{ + Region: "eu-west-1", + }: endpoint{ + Hostname: "qbusiness.eu-west-1.api.aws", + }, + endpointKey{ + Region: "eu-west-2", + }: endpoint{ + Hostname: "qbusiness.eu-west-2.api.aws", + }, + endpointKey{ + Region: "eu-west-3", + }: endpoint{ + Hostname: "qbusiness.eu-west-3.api.aws", + }, + endpointKey{ + Region: "il-central-1", + }: endpoint{ + Hostname: "qbusiness.il-central-1.api.aws", + }, + endpointKey{ + Region: "me-central-1", + }: endpoint{ + Hostname: "qbusiness.me-central-1.api.aws", + }, + endpointKey{ + Region: "me-south-1", + }: endpoint{ + Hostname: "qbusiness.me-south-1.api.aws", + }, + endpointKey{ + Region: "sa-east-1", + }: endpoint{ + Hostname: "qbusiness.sa-east-1.api.aws", + }, + endpointKey{ + Region: "us-east-1", + }: endpoint{ + Hostname: "qbusiness.us-east-1.api.aws", + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{ + Hostname: "qbusiness.us-east-2.api.aws", + }, + endpointKey{ + Region: "us-west-1", + }: endpoint{ + Hostname: "qbusiness.us-west-1.api.aws", + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{ + Hostname: "qbusiness.us-west-2.api.aws", + }, + }, + }, "qldb": service{ Endpoints: serviceEndpoints{ endpointKey{ @@ -19174,9 +23804,6 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-2", }: endpoint{}, - endpointKey{ - Region: "api", - }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, @@ -19241,6 +23868,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, @@ -19250,6 +23880,15 @@ var awsPartition = partition{ }: endpoint{ Hostname: "ram-fips.ca-central-1.amazonaws.com", }, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "ram-fips.ca-west-1.amazonaws.com", + }, endpointKey{ Region: "eu-central-1", }: endpoint{}, @@ -19283,6 +23922,15 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "fips-ca-west-1", + }: endpoint{ + Hostname: "ram-fips.ca-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-west-1", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "fips-us-east-1", }: endpoint{ @@ -19319,6 +23967,9 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, endpointKey{ Region: "me-central-1", }: endpoint{}, @@ -19398,6 +24049,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, @@ -19407,6 +24061,15 @@ var awsPartition = partition{ }: endpoint{ Hostname: "rbin-fips.ca-central-1.amazonaws.com", }, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "rbin-fips.ca-west-1.amazonaws.com", + }, endpointKey{ Region: "eu-central-1", }: endpoint{}, @@ -19440,6 +24103,15 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "fips-ca-west-1", + }: endpoint{ + Hostname: "rbin-fips.ca-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-west-1", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "fips-us-east-1", }: endpoint{ @@ -19476,6 +24148,9 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, endpointKey{ Region: "me-central-1", }: endpoint{}, @@ -19555,6 +24230,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, @@ -19573,6 +24251,24 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "rds-fips.ca-west-1.amazonaws.com", + }, + endpointKey{ + Region: "ca-west-1-fips", + }: endpoint{ + Hostname: "rds-fips.ca-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-west-1", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "eu-central-1", }: endpoint{}, @@ -19597,6 +24293,9 @@ var awsPartition = partition{ endpointKey{ Region: "eu-west-3", }: endpoint{}, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, endpointKey{ Region: "me-central-1", }: endpoint{}, @@ -19612,6 +24311,15 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "rds-fips.ca-west-1", + }: endpoint{ + Hostname: "rds-fips.ca-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-west-1", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "rds-fips.us-east-1", }: endpoint{ @@ -19666,6 +24374,24 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "rds.ca-west-1", + }: endpoint{ + CredentialScope: credentialScope{ + Region: "ca-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "rds.ca-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "rds-fips.ca-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-west-1", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "rds.us-east-1", }: endpoint{ @@ -19956,6 +24682,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, @@ -19965,6 +24694,15 @@ var awsPartition = partition{ }: endpoint{ Hostname: "redshift-fips.ca-central-1.amazonaws.com", }, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "redshift-fips.ca-west-1.amazonaws.com", + }, endpointKey{ Region: "eu-central-1", }: endpoint{}, @@ -19998,6 +24736,15 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "fips-ca-west-1", + }: endpoint{ + Hostname: "redshift-fips.ca-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-west-1", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "fips-us-east-1", }: endpoint{ @@ -20034,6 +24781,9 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, endpointKey{ Region: "me-central-1", }: endpoint{}, @@ -20089,12 +24839,24 @@ var awsPartition = partition{ endpointKey{ Region: "ap-northeast-2", }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, endpointKey{ Region: "ap-southeast-1", }: endpoint{}, endpointKey{ Region: "ap-southeast-2", }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "redshift-serverless-fips.ca-central-1.amazonaws.com", + }, endpointKey{ Region: "eu-central-1", }: endpoint{}, @@ -20107,15 +24869,90 @@ var awsPartition = partition{ endpointKey{ Region: "eu-west-2", }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "fips-ca-central-1", + }: endpoint{ + Hostname: "redshift-serverless-fips.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "redshift-serverless-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ + Hostname: "redshift-serverless-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-1", + }: endpoint{ + Hostname: "redshift-serverless-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "redshift-serverless-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "us-east-1", }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "redshift-serverless-fips.us-east-1.amazonaws.com", + }, endpointKey{ Region: "us-east-2", }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "redshift-serverless-fips.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "redshift-serverless-fips.us-west-1.amazonaws.com", + }, endpointKey{ Region: "us-west-2", }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "redshift-serverless-fips.us-west-2.amazonaws.com", + }, }, }, "rekognition": service{ @@ -20162,6 +24999,9 @@ var awsPartition = partition{ endpointKey{ Region: "eu-west-2", }: endpoint{}, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, endpointKey{ Region: "rekognition-fips.ca-central-1", }: endpoint{ @@ -20436,123 +25276,64 @@ var awsPartition = partition{ }, }, "resource-explorer-2": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - DNSSuffix: "api.aws", - }, - defaultKey{ - Variant: fipsVariant, - }: endpoint{ - Hostname: "{service}-fips.{region}.{dnsSuffix}", - DNSSuffix: "api.aws", - }, - }, Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{ - Hostname: "resource-explorer-2.af-south-1.api.aws", - }, - endpointKey{ - Region: "ap-east-1", - }: endpoint{ - Hostname: "resource-explorer-2.ap-east-1.api.aws", - }, endpointKey{ Region: "ap-northeast-1", - }: endpoint{ - Hostname: "resource-explorer-2.ap-northeast-1.api.aws", - }, + }: endpoint{}, endpointKey{ Region: "ap-northeast-2", - }: endpoint{ - Hostname: "resource-explorer-2.ap-northeast-2.api.aws", - }, + }: endpoint{}, endpointKey{ Region: "ap-northeast-3", - }: endpoint{ - Hostname: "resource-explorer-2.ap-northeast-3.api.aws", - }, + }: endpoint{}, endpointKey{ Region: "ap-south-1", - }: endpoint{ - Hostname: "resource-explorer-2.ap-south-1.api.aws", - }, - endpointKey{ - Region: "ap-south-2", - }: endpoint{ - Hostname: "resource-explorer-2.ap-south-2.api.aws", - }, + }: endpoint{}, endpointKey{ Region: "ap-southeast-1", - }: endpoint{ - Hostname: "resource-explorer-2.ap-southeast-1.api.aws", - }, + }: endpoint{}, endpointKey{ Region: "ap-southeast-2", - }: endpoint{ - Hostname: "resource-explorer-2.ap-southeast-2.api.aws", - }, + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, endpointKey{ Region: "ca-central-1", - }: endpoint{ - Hostname: "resource-explorer-2.ca-central-1.api.aws", - }, + }: endpoint{}, endpointKey{ Region: "eu-central-1", - }: endpoint{ - Hostname: "resource-explorer-2.eu-central-1.api.aws", - }, - endpointKey{ - Region: "eu-central-2", - }: endpoint{ - Hostname: "resource-explorer-2.eu-central-2.api.aws", - }, + }: endpoint{}, endpointKey{ Region: "eu-north-1", - }: endpoint{ - Hostname: "resource-explorer-2.eu-north-1.api.aws", - }, + }: endpoint{}, endpointKey{ Region: "eu-west-1", - }: endpoint{ - Hostname: "resource-explorer-2.eu-west-1.api.aws", - }, + }: endpoint{}, endpointKey{ Region: "eu-west-2", - }: endpoint{ - Hostname: "resource-explorer-2.eu-west-2.api.aws", - }, + }: endpoint{}, endpointKey{ Region: "eu-west-3", - }: endpoint{ - Hostname: "resource-explorer-2.eu-west-3.api.aws", - }, + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, endpointKey{ Region: "sa-east-1", - }: endpoint{ - Hostname: "resource-explorer-2.sa-east-1.api.aws", - }, + }: endpoint{}, endpointKey{ Region: "us-east-1", - }: endpoint{ - Hostname: "resource-explorer-2.us-east-1.api.aws", - }, + }: endpoint{}, endpointKey{ Region: "us-east-2", - }: endpoint{ - Hostname: "resource-explorer-2.us-east-2.api.aws", - }, + }: endpoint{}, endpointKey{ Region: "us-west-1", - }: endpoint{ - Hostname: "resource-explorer-2.us-west-1.api.aws", - }, + }: endpoint{}, endpointKey{ Region: "us-west-2", - }: endpoint{ - Hostname: "resource-explorer-2.us-west-2.api.aws", - }, + }: endpoint{}, }, }, "resource-groups": service{ @@ -20575,6 +25356,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-south-1", }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, endpointKey{ Region: "ap-southeast-1", }: endpoint{}, @@ -20584,18 +25368,30 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, endpointKey{ Region: "eu-north-1", }: endpoint{}, endpointKey{ Region: "eu-south-1", }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, endpointKey{ Region: "eu-west-1", }: endpoint{}, @@ -20641,6 +25437,9 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, endpointKey{ Region: "me-central-1", }: endpoint{}, @@ -20733,6 +25532,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-south-1", }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, endpointKey{ Region: "ap-southeast-1", }: endpoint{}, @@ -20742,18 +25544,30 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, endpointKey{ Region: "eu-north-1", }: endpoint{}, endpointKey{ Region: "eu-south-1", }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, endpointKey{ Region: "eu-west-1", }: endpoint{}, @@ -20763,6 +25577,48 @@ var awsPartition = partition{ endpointKey{ Region: "eu-west-3", }: endpoint{}, + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "rolesanywhere-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ + Hostname: "rolesanywhere-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-1", + }: endpoint{ + Hostname: "rolesanywhere-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "rolesanywhere-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, endpointKey{ Region: "me-south-1", }: endpoint{}, @@ -20772,15 +25628,39 @@ var awsPartition = partition{ endpointKey{ Region: "us-east-1", }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "rolesanywhere-fips.us-east-1.amazonaws.com", + }, endpointKey{ Region: "us-east-2", }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "rolesanywhere-fips.us-east-2.amazonaws.com", + }, endpointKey{ Region: "us-west-1", }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "rolesanywhere-fips.us-west-1.amazonaws.com", + }, endpointKey{ Region: "us-west-2", }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "rolesanywhere-fips.us-west-2.amazonaws.com", + }, }, }, "route53": service{ @@ -20859,6 +25739,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-south-1", }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, endpointKey{ Region: "ap-southeast-1", }: endpoint{}, @@ -20868,18 +25751,30 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, endpointKey{ Region: "eu-north-1", }: endpoint{}, endpointKey{ Region: "eu-south-1", }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, endpointKey{ Region: "eu-west-1", }: endpoint{}, @@ -20889,6 +25784,12 @@ var awsPartition = partition{ endpointKey{ Region: "eu-west-3", }: endpoint{}, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, endpointKey{ Region: "me-south-1", }: endpoint{}, @@ -21081,6 +25982,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-south-1", }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, endpointKey{ Region: "ap-southeast-1", }: endpoint{}, @@ -21090,18 +25994,30 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, endpointKey{ Region: "eu-north-1", }: endpoint{}, endpointKey{ Region: "eu-south-1", }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, endpointKey{ Region: "eu-west-1", }: endpoint{}, @@ -21111,6 +26027,9 @@ var awsPartition = partition{ endpointKey{ Region: "eu-west-3", }: endpoint{}, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, endpointKey{ Region: "me-central-1", }: endpoint{}, @@ -21322,6 +26241,15 @@ var awsPartition = partition{ }: endpoint{ Hostname: "s3.dualstack.ap-southeast-3.amazonaws.com", }, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "s3.dualstack.ap-southeast-4.amazonaws.com", + }, endpointKey{ Region: "aws-global", }: endpoint{ @@ -21352,6 +26280,27 @@ var awsPartition = partition{ }: endpoint{ Hostname: "s3-fips.dualstack.ca-central-1.amazonaws.com", }, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "s3.dualstack.ca-west-1.amazonaws.com", + }, + endpointKey{ + Region: "ca-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "s3-fips.ca-west-1.amazonaws.com", + }, + endpointKey{ + Region: "ca-west-1", + Variant: fipsVariant | dualStackVariant, + }: endpoint{ + Hostname: "s3-fips.dualstack.ca-west-1.amazonaws.com", + }, endpointKey{ Region: "eu-central-1", }: endpoint{}, @@ -21437,6 +26386,15 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "fips-ca-west-1", + }: endpoint{ + Hostname: "s3-fips.ca-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-west-1", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "fips-us-east-1", }: endpoint{ @@ -21473,6 +26431,15 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "il-central-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "s3.dualstack.il-central-1.amazonaws.com", + }, endpointKey{ Region: "me-central-1", }: endpoint{}, @@ -22121,55 +27088,123 @@ var awsPartition = partition{ endpointKey{ Region: "af-south-1", }: endpoint{}, + endpointKey{ + Region: "af-south-1", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "ap-east-1", }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "ap-northeast-1", }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "ap-northeast-2", }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "ap-northeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "ap-south-1", }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "ap-southeast-1", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "ap-southeast-2", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "ca-central-1", Variant: fipsVariant, }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + Variant: fipsVariant | dualStackVariant, + }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "eu-north-1", }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "eu-south-1", }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "eu-west-1", }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "eu-west-2", }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "eu-west-3", }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "fips-ca-central-1", }: endpoint{ @@ -22200,40 +27235,87 @@ var awsPartition = partition{ Deprecated: boxedTrue, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "il-central-1", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "me-south-1", }: endpoint{}, + endpointKey{ + Region: "me-south-1", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "sa-east-1", }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "us-east-1", }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "us-east-1", Variant: fipsVariant, }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant | dualStackVariant, + }: endpoint{}, endpointKey{ Region: "us-east-2", }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "us-east-2", Variant: fipsVariant, }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant | dualStackVariant, + }: endpoint{}, endpointKey{ Region: "us-west-1", }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "us-west-1", Variant: fipsVariant, }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant | dualStackVariant, + }: endpoint{}, endpointKey{ Region: "us-west-2", }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "us-west-2", Variant: fipsVariant, }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant | dualStackVariant, + }: endpoint{}, }, }, "sagemaker-geospatial": service{ @@ -22259,30 +27341,84 @@ var awsPartition = partition{ }, "scheduler": service{ Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, endpointKey{ Region: "ap-northeast-1", }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, endpointKey{ Region: "ap-southeast-1", }: endpoint{}, endpointKey{ Region: "ap-southeast-2", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, endpointKey{ Region: "eu-north-1", }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, endpointKey{ Region: "eu-west-1", }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, endpointKey{ Region: "us-east-1", }: endpoint{}, endpointKey{ Region: "us-east-2", }: endpoint{}, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, endpointKey{ Region: "us-west-2", }: endpoint{}, @@ -22290,6 +27426,9 @@ var awsPartition = partition{ }, "schemas": service{ Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, endpointKey{ Region: "ap-east-1", }: endpoint{}, @@ -22299,6 +27438,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-northeast-2", }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, endpointKey{ Region: "ap-south-1", }: endpoint{}, @@ -22308,15 +27450,27 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-2", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, endpointKey{ Region: "eu-north-1", }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, endpointKey{ Region: "eu-west-1", }: endpoint{}, @@ -22326,6 +27480,12 @@ var awsPartition = partition{ endpointKey{ Region: "eu-west-3", }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, endpointKey{ Region: "sa-east-1", }: endpoint{}, @@ -22384,154 +27544,288 @@ var awsPartition = partition{ endpointKey{ Region: "af-south-1", }: endpoint{}, + endpointKey{ + Region: "af-south-1", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "ap-east-1", }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "ap-northeast-1", }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "ap-northeast-2", }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "ap-northeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "ap-south-1", }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "ap-south-2", }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "ap-southeast-1", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "ap-southeast-2", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + Variant: dualStackVariant, + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "ca-central-1", Variant: fipsVariant, + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + Variant: fipsVariant | dualStackVariant, + }: endpoint{}, + endpointKey{ + Region: "ca-central-1-fips", }: endpoint{ - Hostname: "secretsmanager-fips.ca-central-1.amazonaws.com", + + Deprecated: boxedTrue, }, endpointKey{ - Region: "ca-central-1-fips", + Region: "ca-west-1", + }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + Variant: dualStackVariant, + }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + Variant: fipsVariant, + }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + Variant: fipsVariant | dualStackVariant, + }: endpoint{}, + endpointKey{ + Region: "ca-west-1-fips", }: endpoint{ - Hostname: "secretsmanager-fips.ca-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, + Deprecated: boxedTrue, }, endpointKey{ Region: "eu-central-1", }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "eu-central-2", }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "eu-north-1", }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "eu-south-1", }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "eu-south-2", }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "eu-west-1", }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "eu-west-2", }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "eu-west-3", }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + Variant: dualStackVariant, + }: endpoint{}, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "il-central-1", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "me-central-1", }: endpoint{}, + endpointKey{ + Region: "me-central-1", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "me-south-1", }: endpoint{}, + endpointKey{ + Region: "me-south-1", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "sa-east-1", }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "us-east-1", }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "us-east-1", Variant: fipsVariant, - }: endpoint{ - Hostname: "secretsmanager-fips.us-east-1.amazonaws.com", - }, + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant | dualStackVariant, + }: endpoint{}, endpointKey{ Region: "us-east-1-fips", }: endpoint{ - Hostname: "secretsmanager-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, + Deprecated: boxedTrue, }, endpointKey{ Region: "us-east-2", }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "us-east-2", Variant: fipsVariant, - }: endpoint{ - Hostname: "secretsmanager-fips.us-east-2.amazonaws.com", - }, + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant | dualStackVariant, + }: endpoint{}, endpointKey{ Region: "us-east-2-fips", }: endpoint{ - Hostname: "secretsmanager-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, + Deprecated: boxedTrue, }, endpointKey{ Region: "us-west-1", }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "us-west-1", Variant: fipsVariant, - }: endpoint{ - Hostname: "secretsmanager-fips.us-west-1.amazonaws.com", - }, + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant | dualStackVariant, + }: endpoint{}, endpointKey{ Region: "us-west-1-fips", }: endpoint{ - Hostname: "secretsmanager-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, + Deprecated: boxedTrue, }, endpointKey{ Region: "us-west-2", }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "us-west-2", Variant: fipsVariant, - }: endpoint{ - Hostname: "secretsmanager-fips.us-west-2.amazonaws.com", - }, + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant | dualStackVariant, + }: endpoint{}, endpointKey{ Region: "us-west-2-fips", }: endpoint{ - Hostname: "secretsmanager-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, + Deprecated: boxedTrue, }, }, @@ -22556,6 +27850,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-south-1", }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, endpointKey{ Region: "ap-southeast-1", }: endpoint{}, @@ -22565,18 +27862,30 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, endpointKey{ Region: "eu-north-1", }: endpoint{}, endpointKey{ Region: "eu-south-1", }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, endpointKey{ Region: "eu-west-1", }: endpoint{}, @@ -22622,6 +27931,12 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, endpointKey{ Region: "me-south-1", }: endpoint{}, @@ -22671,24 +27986,114 @@ var awsPartition = partition{ endpointKey{ Region: "ap-northeast-1", }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, endpointKey{ Region: "ap-southeast-2", }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, endpointKey{ Region: "eu-west-1", }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "securitylake-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ + Hostname: "securitylake-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-1", + }: endpoint{ + Hostname: "securitylake-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "securitylake-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, endpointKey{ Region: "us-east-1", }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "securitylake-fips.us-east-1.amazonaws.com", + }, endpointKey{ Region: "us-east-2", }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "securitylake-fips.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "securitylake-fips.us-west-1.amazonaws.com", + }, endpointKey{ Region: "us-west-2", }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "securitylake-fips.us-west-2.amazonaws.com", + }, }, }, "serverlessrepo": service{ @@ -22810,6 +28215,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-south-1", }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, endpointKey{ Region: "ap-southeast-1", }: endpoint{}, @@ -22819,18 +28227,27 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, endpointKey{ Region: "eu-north-1", }: endpoint{}, endpointKey{ Region: "eu-south-1", }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, endpointKey{ Region: "eu-west-1", }: endpoint{}, @@ -22840,6 +28257,12 @@ var awsPartition = partition{ endpointKey{ Region: "eu-west-3", }: endpoint{}, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, endpointKey{ Region: "me-south-1", }: endpoint{}, @@ -22940,6 +28363,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-south-1", }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, endpointKey{ Region: "ap-southeast-1", }: endpoint{}, @@ -22949,6 +28375,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, @@ -22958,15 +28387,24 @@ var awsPartition = partition{ }: endpoint{ Hostname: "servicecatalog-appregistry-fips.ca-central-1.amazonaws.com", }, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, endpointKey{ Region: "eu-north-1", }: endpoint{}, endpointKey{ Region: "eu-south-1", }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, endpointKey{ Region: "eu-west-1", }: endpoint{}, @@ -23021,6 +28459,12 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, endpointKey{ Region: "me-south-1", }: endpoint{}, @@ -23074,7 +28518,7 @@ var awsPartition = partition{ Region: "af-south-1", Variant: dualStackVariant, }: endpoint{ - Hostname: "servicediscovery.af-south-1.amazonaws.com", + Hostname: "servicediscovery.af-south-1.api.aws", }, endpointKey{ Region: "ap-east-1", @@ -23083,7 +28527,7 @@ var awsPartition = partition{ Region: "ap-east-1", Variant: dualStackVariant, }: endpoint{ - Hostname: "servicediscovery.ap-east-1.amazonaws.com", + Hostname: "servicediscovery.ap-east-1.api.aws", }, endpointKey{ Region: "ap-northeast-1", @@ -23092,7 +28536,7 @@ var awsPartition = partition{ Region: "ap-northeast-1", Variant: dualStackVariant, }: endpoint{ - Hostname: "servicediscovery.ap-northeast-1.amazonaws.com", + Hostname: "servicediscovery.ap-northeast-1.api.aws", }, endpointKey{ Region: "ap-northeast-2", @@ -23101,7 +28545,7 @@ var awsPartition = partition{ Region: "ap-northeast-2", Variant: dualStackVariant, }: endpoint{ - Hostname: "servicediscovery.ap-northeast-2.amazonaws.com", + Hostname: "servicediscovery.ap-northeast-2.api.aws", }, endpointKey{ Region: "ap-northeast-3", @@ -23110,7 +28554,7 @@ var awsPartition = partition{ Region: "ap-northeast-3", Variant: dualStackVariant, }: endpoint{ - Hostname: "servicediscovery.ap-northeast-3.amazonaws.com", + Hostname: "servicediscovery.ap-northeast-3.api.aws", }, endpointKey{ Region: "ap-south-1", @@ -23119,7 +28563,7 @@ var awsPartition = partition{ Region: "ap-south-1", Variant: dualStackVariant, }: endpoint{ - Hostname: "servicediscovery.ap-south-1.amazonaws.com", + Hostname: "servicediscovery.ap-south-1.api.aws", }, endpointKey{ Region: "ap-south-2", @@ -23128,7 +28572,7 @@ var awsPartition = partition{ Region: "ap-south-2", Variant: dualStackVariant, }: endpoint{ - Hostname: "servicediscovery.ap-south-2.amazonaws.com", + Hostname: "servicediscovery.ap-south-2.api.aws", }, endpointKey{ Region: "ap-southeast-1", @@ -23137,7 +28581,7 @@ var awsPartition = partition{ Region: "ap-southeast-1", Variant: dualStackVariant, }: endpoint{ - Hostname: "servicediscovery.ap-southeast-1.amazonaws.com", + Hostname: "servicediscovery.ap-southeast-1.api.aws", }, endpointKey{ Region: "ap-southeast-2", @@ -23146,7 +28590,7 @@ var awsPartition = partition{ Region: "ap-southeast-2", Variant: dualStackVariant, }: endpoint{ - Hostname: "servicediscovery.ap-southeast-2.amazonaws.com", + Hostname: "servicediscovery.ap-southeast-2.api.aws", }, endpointKey{ Region: "ap-southeast-3", @@ -23155,7 +28599,16 @@ var awsPartition = partition{ Region: "ap-southeast-3", Variant: dualStackVariant, }: endpoint{ - Hostname: "servicediscovery.ap-southeast-3.amazonaws.com", + Hostname: "servicediscovery.ap-southeast-3.api.aws", + }, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "servicediscovery.ap-southeast-4.api.aws", }, endpointKey{ Region: "ca-central-1", @@ -23164,7 +28617,7 @@ var awsPartition = partition{ Region: "ca-central-1", Variant: dualStackVariant, }: endpoint{ - Hostname: "servicediscovery.ca-central-1.amazonaws.com", + Hostname: "servicediscovery.ca-central-1.api.aws", }, endpointKey{ Region: "ca-central-1", @@ -23172,6 +28625,12 @@ var awsPartition = partition{ }: endpoint{ Hostname: "servicediscovery-fips.ca-central-1.amazonaws.com", }, + endpointKey{ + Region: "ca-central-1", + Variant: fipsVariant | dualStackVariant, + }: endpoint{ + Hostname: "servicediscovery-fips.ca-central-1.api.aws", + }, endpointKey{ Region: "ca-central-1-fips", }: endpoint{ @@ -23188,7 +28647,7 @@ var awsPartition = partition{ Region: "eu-central-1", Variant: dualStackVariant, }: endpoint{ - Hostname: "servicediscovery.eu-central-1.amazonaws.com", + Hostname: "servicediscovery.eu-central-1.api.aws", }, endpointKey{ Region: "eu-central-2", @@ -23197,7 +28656,7 @@ var awsPartition = partition{ Region: "eu-central-2", Variant: dualStackVariant, }: endpoint{ - Hostname: "servicediscovery.eu-central-2.amazonaws.com", + Hostname: "servicediscovery.eu-central-2.api.aws", }, endpointKey{ Region: "eu-north-1", @@ -23206,7 +28665,7 @@ var awsPartition = partition{ Region: "eu-north-1", Variant: dualStackVariant, }: endpoint{ - Hostname: "servicediscovery.eu-north-1.amazonaws.com", + Hostname: "servicediscovery.eu-north-1.api.aws", }, endpointKey{ Region: "eu-south-1", @@ -23215,7 +28674,7 @@ var awsPartition = partition{ Region: "eu-south-1", Variant: dualStackVariant, }: endpoint{ - Hostname: "servicediscovery.eu-south-1.amazonaws.com", + Hostname: "servicediscovery.eu-south-1.api.aws", }, endpointKey{ Region: "eu-south-2", @@ -23224,7 +28683,7 @@ var awsPartition = partition{ Region: "eu-south-2", Variant: dualStackVariant, }: endpoint{ - Hostname: "servicediscovery.eu-south-2.amazonaws.com", + Hostname: "servicediscovery.eu-south-2.api.aws", }, endpointKey{ Region: "eu-west-1", @@ -23233,7 +28692,7 @@ var awsPartition = partition{ Region: "eu-west-1", Variant: dualStackVariant, }: endpoint{ - Hostname: "servicediscovery.eu-west-1.amazonaws.com", + Hostname: "servicediscovery.eu-west-1.api.aws", }, endpointKey{ Region: "eu-west-2", @@ -23242,7 +28701,7 @@ var awsPartition = partition{ Region: "eu-west-2", Variant: dualStackVariant, }: endpoint{ - Hostname: "servicediscovery.eu-west-2.amazonaws.com", + Hostname: "servicediscovery.eu-west-2.api.aws", }, endpointKey{ Region: "eu-west-3", @@ -23251,7 +28710,16 @@ var awsPartition = partition{ Region: "eu-west-3", Variant: dualStackVariant, }: endpoint{ - Hostname: "servicediscovery.eu-west-3.amazonaws.com", + Hostname: "servicediscovery.eu-west-3.api.aws", + }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "il-central-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "servicediscovery.il-central-1.api.aws", }, endpointKey{ Region: "me-central-1", @@ -23260,7 +28728,7 @@ var awsPartition = partition{ Region: "me-central-1", Variant: dualStackVariant, }: endpoint{ - Hostname: "servicediscovery.me-central-1.amazonaws.com", + Hostname: "servicediscovery.me-central-1.api.aws", }, endpointKey{ Region: "me-south-1", @@ -23269,7 +28737,7 @@ var awsPartition = partition{ Region: "me-south-1", Variant: dualStackVariant, }: endpoint{ - Hostname: "servicediscovery.me-south-1.amazonaws.com", + Hostname: "servicediscovery.me-south-1.api.aws", }, endpointKey{ Region: "sa-east-1", @@ -23278,34 +28746,7 @@ var awsPartition = partition{ Region: "sa-east-1", Variant: dualStackVariant, }: endpoint{ - Hostname: "servicediscovery.sa-east-1.amazonaws.com", - }, - endpointKey{ - Region: "servicediscovery", - }: endpoint{ - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "servicediscovery", - Variant: fipsVariant, - }: endpoint{ - Hostname: "servicediscovery-fips.ca-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "servicediscovery-fips", - }: endpoint{ - Hostname: "servicediscovery-fips.ca-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, - Deprecated: boxedTrue, + Hostname: "servicediscovery.sa-east-1.api.aws", }, endpointKey{ Region: "us-east-1", @@ -23314,7 +28755,7 @@ var awsPartition = partition{ Region: "us-east-1", Variant: dualStackVariant, }: endpoint{ - Hostname: "servicediscovery.us-east-1.amazonaws.com", + Hostname: "servicediscovery.us-east-1.api.aws", }, endpointKey{ Region: "us-east-1", @@ -23322,6 +28763,12 @@ var awsPartition = partition{ }: endpoint{ Hostname: "servicediscovery-fips.us-east-1.amazonaws.com", }, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant | dualStackVariant, + }: endpoint{ + Hostname: "servicediscovery-fips.us-east-1.api.aws", + }, endpointKey{ Region: "us-east-1-fips", }: endpoint{ @@ -23338,7 +28785,7 @@ var awsPartition = partition{ Region: "us-east-2", Variant: dualStackVariant, }: endpoint{ - Hostname: "servicediscovery.us-east-2.amazonaws.com", + Hostname: "servicediscovery.us-east-2.api.aws", }, endpointKey{ Region: "us-east-2", @@ -23346,6 +28793,12 @@ var awsPartition = partition{ }: endpoint{ Hostname: "servicediscovery-fips.us-east-2.amazonaws.com", }, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant | dualStackVariant, + }: endpoint{ + Hostname: "servicediscovery-fips.us-east-2.api.aws", + }, endpointKey{ Region: "us-east-2-fips", }: endpoint{ @@ -23362,7 +28815,7 @@ var awsPartition = partition{ Region: "us-west-1", Variant: dualStackVariant, }: endpoint{ - Hostname: "servicediscovery.us-west-1.amazonaws.com", + Hostname: "servicediscovery.us-west-1.api.aws", }, endpointKey{ Region: "us-west-1", @@ -23370,6 +28823,12 @@ var awsPartition = partition{ }: endpoint{ Hostname: "servicediscovery-fips.us-west-1.amazonaws.com", }, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant | dualStackVariant, + }: endpoint{ + Hostname: "servicediscovery-fips.us-west-1.api.aws", + }, endpointKey{ Region: "us-west-1-fips", }: endpoint{ @@ -23386,7 +28845,7 @@ var awsPartition = partition{ Region: "us-west-2", Variant: dualStackVariant, }: endpoint{ - Hostname: "servicediscovery.us-west-2.amazonaws.com", + Hostname: "servicediscovery.us-west-2.api.aws", }, endpointKey{ Region: "us-west-2", @@ -23394,6 +28853,12 @@ var awsPartition = partition{ }: endpoint{ Hostname: "servicediscovery-fips.us-west-2.amazonaws.com", }, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant | dualStackVariant, + }: endpoint{ + Hostname: "servicediscovery-fips.us-west-2.api.aws", + }, endpointKey{ Region: "us-west-2-fips", }: endpoint{ @@ -23430,6 +28895,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-south-1", }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, endpointKey{ Region: "ap-southeast-1", }: endpoint{}, @@ -23439,18 +28907,30 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, endpointKey{ Region: "eu-north-1", }: endpoint{}, endpointKey{ Region: "eu-south-1", }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, endpointKey{ Region: "eu-west-1", }: endpoint{}, @@ -23460,6 +28940,9 @@ var awsPartition = partition{ endpointKey{ Region: "eu-west-3", }: endpoint{}, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, endpointKey{ Region: "me-central-1", }: endpoint{}, @@ -23603,6 +29086,322 @@ var awsPartition = partition{ }, }, }, + "signer": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "signer-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ + Hostname: "signer-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-1", + }: endpoint{ + Hostname: "signer-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "signer-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-verification-us-east-1", + }: endpoint{ + Hostname: "verification.signer-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + endpointKey{ + Region: "fips-verification-us-east-2", + }: endpoint{ + Hostname: "verification.signer-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + }, + endpointKey{ + Region: "fips-verification-us-west-1", + }: endpoint{ + Hostname: "verification.signer-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + }, + endpointKey{ + Region: "fips-verification-us-west-2", + }: endpoint{ + Hostname: "verification.signer-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "signer-fips.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "signer-fips.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "signer-fips.us-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "signer-fips.us-west-2.amazonaws.com", + }, + endpointKey{ + Region: "verification-af-south-1", + }: endpoint{ + Hostname: "verification.signer.af-south-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "af-south-1", + }, + }, + endpointKey{ + Region: "verification-ap-east-1", + }: endpoint{ + Hostname: "verification.signer.ap-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-east-1", + }, + }, + endpointKey{ + Region: "verification-ap-northeast-1", + }: endpoint{ + Hostname: "verification.signer.ap-northeast-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-northeast-1", + }, + }, + endpointKey{ + Region: "verification-ap-northeast-2", + }: endpoint{ + Hostname: "verification.signer.ap-northeast-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-northeast-2", + }, + }, + endpointKey{ + Region: "verification-ap-south-1", + }: endpoint{ + Hostname: "verification.signer.ap-south-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-south-1", + }, + }, + endpointKey{ + Region: "verification-ap-southeast-1", + }: endpoint{ + Hostname: "verification.signer.ap-southeast-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-southeast-1", + }, + }, + endpointKey{ + Region: "verification-ap-southeast-2", + }: endpoint{ + Hostname: "verification.signer.ap-southeast-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-southeast-2", + }, + }, + endpointKey{ + Region: "verification-ca-central-1", + }: endpoint{ + Hostname: "verification.signer.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + }, + endpointKey{ + Region: "verification-eu-central-1", + }: endpoint{ + Hostname: "verification.signer.eu-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-central-1", + }, + }, + endpointKey{ + Region: "verification-eu-north-1", + }: endpoint{ + Hostname: "verification.signer.eu-north-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-north-1", + }, + }, + endpointKey{ + Region: "verification-eu-south-1", + }: endpoint{ + Hostname: "verification.signer.eu-south-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-south-1", + }, + }, + endpointKey{ + Region: "verification-eu-west-1", + }: endpoint{ + Hostname: "verification.signer.eu-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-west-1", + }, + }, + endpointKey{ + Region: "verification-eu-west-2", + }: endpoint{ + Hostname: "verification.signer.eu-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-west-2", + }, + }, + endpointKey{ + Region: "verification-eu-west-3", + }: endpoint{ + Hostname: "verification.signer.eu-west-3.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-west-3", + }, + }, + endpointKey{ + Region: "verification-me-south-1", + }: endpoint{ + Hostname: "verification.signer.me-south-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "me-south-1", + }, + }, + endpointKey{ + Region: "verification-sa-east-1", + }: endpoint{ + Hostname: "verification.signer.sa-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "sa-east-1", + }, + }, + endpointKey{ + Region: "verification-us-east-1", + }: endpoint{ + Hostname: "verification.signer.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + endpointKey{ + Region: "verification-us-east-2", + }: endpoint{ + Hostname: "verification.signer.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + }, + endpointKey{ + Region: "verification-us-west-1", + }: endpoint{ + Hostname: "verification.signer.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + }, + endpointKey{ + Region: "verification-us-west-2", + }: endpoint{ + Hostname: "verification.signer.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, + }, + }, "simspaceweaver": service{ Endpoints: serviceEndpoints{ endpointKey{ @@ -23634,10 +29433,29 @@ var awsPartition = partition{ "sms": service{ Endpoints: serviceEndpoints{ endpointKey{ - Region: "af-south-1", + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "sms-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-west-2", }: endpoint{}, endpointKey{ - Region: "ap-east-1", + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "sms-fips.us-west-2.amazonaws.com", + }, + }, + }, + "sms-voice": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", }: endpoint{}, endpointKey{ Region: "ap-northeast-1", @@ -23645,27 +29463,51 @@ var awsPartition = partition{ endpointKey{ Region: "ap-northeast-2", }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, endpointKey{ Region: "ap-south-1", }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, endpointKey{ Region: "ap-southeast-1", }: endpoint{}, endpointKey{ Region: "ap-southeast-2", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "sms-voice-fips.ca-central-1.amazonaws.com", + }, endpointKey{ Region: "eu-central-1", }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, endpointKey{ Region: "eu-north-1", }: endpoint{}, endpointKey{ Region: "eu-south-1", }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, endpointKey{ Region: "eu-west-1", }: endpoint{}, @@ -23675,10 +29517,19 @@ var awsPartition = partition{ endpointKey{ Region: "eu-west-3", }: endpoint{}, + endpointKey{ + Region: "fips-ca-central-1", + }: endpoint{ + Hostname: "sms-voice-fips.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "fips-us-east-1", }: endpoint{ - Hostname: "sms-fips.us-east-1.amazonaws.com", + Hostname: "sms-voice-fips.us-east-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-east-1", }, @@ -23687,7 +29538,7 @@ var awsPartition = partition{ endpointKey{ Region: "fips-us-east-2", }: endpoint{ - Hostname: "sms-fips.us-east-2.amazonaws.com", + Hostname: "sms-voice-fips.us-east-2.amazonaws.com", CredentialScope: credentialScope{ Region: "us-east-2", }, @@ -23696,7 +29547,7 @@ var awsPartition = partition{ endpointKey{ Region: "fips-us-west-1", }: endpoint{ - Hostname: "sms-fips.us-west-1.amazonaws.com", + Hostname: "sms-voice-fips.us-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-west-1", }, @@ -23705,12 +29556,18 @@ var awsPartition = partition{ endpointKey{ Region: "fips-us-west-2", }: endpoint{ - Hostname: "sms-fips.us-west-2.amazonaws.com", + Hostname: "sms-voice-fips.us-west-2.amazonaws.com", CredentialScope: credentialScope{ Region: "us-west-2", }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, endpointKey{ Region: "me-south-1", }: endpoint{}, @@ -23724,7 +29581,7 @@ var awsPartition = partition{ Region: "us-east-1", Variant: fipsVariant, }: endpoint{ - Hostname: "sms-fips.us-east-1.amazonaws.com", + Hostname: "sms-voice-fips.us-east-1.amazonaws.com", }, endpointKey{ Region: "us-east-2", @@ -23733,7 +29590,7 @@ var awsPartition = partition{ Region: "us-east-2", Variant: fipsVariant, }: endpoint{ - Hostname: "sms-fips.us-east-2.amazonaws.com", + Hostname: "sms-voice-fips.us-east-2.amazonaws.com", }, endpointKey{ Region: "us-west-1", @@ -23742,86 +29599,7 @@ var awsPartition = partition{ Region: "us-west-1", Variant: fipsVariant, }: endpoint{ - Hostname: "sms-fips.us-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "sms-fips.us-west-2.amazonaws.com", - }, - }, - }, - "sms-voice": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "sms-voice-fips.ca-central-1.amazonaws.com", - }, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "fips-ca-central-1", - }: endpoint{ - Hostname: "sms-voice-fips.ca-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-1", - }: endpoint{ - Hostname: "sms-voice-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-2", - }: endpoint{ - Hostname: "sms-voice-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "sms-voice-fips.us-east-1.amazonaws.com", + Hostname: "sms-voice-fips.us-west-1.amazonaws.com", }, endpointKey{ Region: "us-west-2", @@ -24094,6 +29872,9 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, endpointKey{ Region: "sa-east-1", }: endpoint{}, @@ -24178,9 +29959,21 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "sns-fips.ca-west-1.amazonaws.com", + }, endpointKey{ Region: "eu-central-1", }: endpoint{}, @@ -24205,6 +29998,15 @@ var awsPartition = partition{ endpointKey{ Region: "eu-west-3", }: endpoint{}, + endpointKey{ + Region: "fips-ca-west-1", + }: endpoint{ + Hostname: "sns-fips.ca-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-west-1", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "fips-us-east-1", }: endpoint{ @@ -24241,6 +30043,9 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, endpointKey{ Region: "me-central-1", }: endpoint{}, @@ -24326,9 +30131,15 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, @@ -24389,6 +30200,9 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, endpointKey{ Region: "me-central-1", }: endpoint{}, @@ -24471,6 +30285,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, @@ -24480,6 +30297,15 @@ var awsPartition = partition{ }: endpoint{ Hostname: "ssm-fips.ca-central-1.amazonaws.com", }, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "ssm-fips.ca-west-1.amazonaws.com", + }, endpointKey{ Region: "eu-central-1", }: endpoint{}, @@ -24513,6 +30339,15 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "fips-ca-west-1", + }: endpoint{ + Hostname: "ssm-fips.ca-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-west-1", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "fips-us-east-1", }: endpoint{ @@ -24549,6 +30384,9 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, endpointKey{ Region: "me-central-1", }: endpoint{}, @@ -24596,6 +30434,118 @@ var awsPartition = partition{ }, }, }, + "ssm-contacts": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "ssm-contacts-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ + Hostname: "ssm-contacts-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-1", + }: endpoint{ + Hostname: "ssm-contacts-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "ssm-contacts-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "ssm-contacts-fips.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "ssm-contacts-fips.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "ssm-contacts-fips.us-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "ssm-contacts-fips.us-west-2.amazonaws.com", + }, + }, + }, "ssm-incidents": service{ Endpoints: serviceEndpoints{ endpointKey{ @@ -24616,6 +30566,12 @@ var awsPartition = partition{ endpointKey{ Region: "ca-central-1", }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "ssm-incidents-fips.ca-central-1.amazonaws.com", + }, endpointKey{ Region: "eu-central-1", }: endpoint{}, @@ -24631,28 +30587,235 @@ var awsPartition = partition{ endpointKey{ Region: "eu-west-3", }: endpoint{}, + endpointKey{ + Region: "fips-ca-central-1", + }: endpoint{ + Hostname: "ssm-incidents-fips.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "ssm-incidents-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ + Hostname: "ssm-incidents-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-1", + }: endpoint{ + Hostname: "ssm-incidents-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "ssm-incidents-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "sa-east-1", }: endpoint{}, endpointKey{ Region: "us-east-1", }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "ssm-incidents-fips.us-east-1.amazonaws.com", + }, endpointKey{ Region: "us-east-2", }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "ssm-incidents-fips.us-east-2.amazonaws.com", + }, endpointKey{ Region: "us-west-1", }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "ssm-incidents-fips.us-west-1.amazonaws.com", + }, endpointKey{ Region: "us-west-2", }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "ssm-incidents-fips.us-west-2.amazonaws.com", + }, }, }, "ssm-sap": service{ Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "ssm-sap-fips.ca-central-1.amazonaws.com", + }, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "fips-ca-central-1", + }: endpoint{ + Hostname: "ssm-sap-fips.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "ssm-sap-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ + Hostname: "ssm-sap-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-1", + }: endpoint{ + Hostname: "ssm-sap-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "ssm-sap-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, endpointKey{ Region: "us-east-1", }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "ssm-sap-fips.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "ssm-sap-fips.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "ssm-sap-fips.us-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "ssm-sap-fips.us-west-2.amazonaws.com", + }, }, }, "sso": service{ @@ -24684,12 +30847,18 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, endpointKey{ Region: "eu-north-1", }: endpoint{}, @@ -24705,6 +30874,12 @@ var awsPartition = partition{ endpointKey{ Region: "eu-west-3", }: endpoint{}, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, endpointKey{ Region: "me-south-1", }: endpoint{}, @@ -24757,9 +30932,15 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, @@ -24820,6 +31001,9 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, endpointKey{ Region: "me-central-1", }: endpoint{}, @@ -24887,6 +31071,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-south-1", }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, endpointKey{ Region: "ap-southeast-1", }: endpoint{}, @@ -24896,6 +31083,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, @@ -24917,12 +31107,18 @@ var awsPartition = partition{ endpointKey{ Region: "eu-central-1", }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, endpointKey{ Region: "eu-north-1", }: endpoint{}, endpointKey{ Region: "eu-south-1", }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, endpointKey{ Region: "eu-west-1", }: endpoint{}, @@ -24933,14 +31129,8 @@ var awsPartition = partition{ Region: "eu-west-3", }: endpoint{}, endpointKey{ - Region: "fips", - }: endpoint{ - Hostname: "storagegateway-fips.ca-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, - Deprecated: boxedTrue, - }, + Region: "il-central-1", + }: endpoint{}, endpointKey{ Region: "me-central-1", }: endpoint{}, @@ -25064,9 +31254,15 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, @@ -25091,6 +31287,9 @@ var awsPartition = partition{ endpointKey{ Region: "eu-west-3", }: endpoint{}, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, endpointKey{ Region: "local", }: endpoint{ @@ -25156,6 +31355,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "aws-global", }: endpoint{ @@ -25167,6 +31369,9 @@ var awsPartition = partition{ endpointKey{ Region: "ca-central-1", }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, @@ -25191,6 +31396,9 @@ var awsPartition = partition{ endpointKey{ Region: "eu-west-3", }: endpoint{}, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, endpointKey{ Region: "me-central-1", }: endpoint{}, @@ -25332,9 +31540,15 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, @@ -25395,6 +31609,9 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, endpointKey{ Region: "me-central-1", }: endpoint{}, @@ -25474,9 +31691,15 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, @@ -25537,6 +31760,9 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, endpointKey{ Region: "me-central-1", }: endpoint{}, @@ -25616,9 +31842,15 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, @@ -25643,6 +31875,9 @@ var awsPartition = partition{ endpointKey{ Region: "eu-west-3", }: endpoint{}, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, endpointKey{ Region: "me-central-1", }: endpoint{}, @@ -25784,6 +32019,65 @@ var awsPartition = partition{ }, }, }, + "thinclient": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + }, + }, + "tnb": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + }, + }, "transcribe": service{ Defaults: endpointDefaults{ defaultKey{}: endpoint{ @@ -25933,12 +32227,21 @@ var awsPartition = partition{ }, "transcribestreaming": service{ Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, endpointKey{ Region: "ap-northeast-1", }: endpoint{}, endpointKey{ Region: "ap-northeast-2", }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, endpointKey{ Region: "ap-southeast-2", }: endpoint{}, @@ -26096,6 +32399,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-south-1", }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, endpointKey{ Region: "ap-southeast-1", }: endpoint{}, @@ -26105,6 +32411,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, @@ -26117,12 +32426,18 @@ var awsPartition = partition{ endpointKey{ Region: "eu-central-1", }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, endpointKey{ Region: "eu-north-1", }: endpoint{}, endpointKey{ Region: "eu-south-1", }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, endpointKey{ Region: "eu-west-1", }: endpoint{}, @@ -26177,6 +32492,12 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, endpointKey{ Region: "me-south-1", }: endpoint{}, @@ -26323,6 +32644,91 @@ var awsPartition = partition{ }, }, }, + "verifiedpermissions": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + }, + }, "voice-chime": service{ Endpoints: serviceEndpoints{ endpointKey{ @@ -26334,6 +32740,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-1", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, @@ -26472,6 +32881,43 @@ var awsPartition = partition{ }, }, }, + "vpc-lattice": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + }, + }, "waf": service{ PartitionEndpoint: "aws-global", IsRegionalized: boxedFalse, @@ -26635,6 +33081,23 @@ var awsPartition = partition{ Region: "ap-south-1", }, }, + endpointKey{ + Region: "ap-south-2", + }: endpoint{ + Hostname: "waf-regional.ap-south-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-south-2", + }, + }, + endpointKey{ + Region: "ap-south-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "waf-regional-fips.ap-south-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-south-2", + }, + }, endpointKey{ Region: "ap-southeast-1", }: endpoint{ @@ -26686,6 +33149,23 @@ var awsPartition = partition{ Region: "ap-southeast-3", }, }, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{ + Hostname: "waf-regional.ap-southeast-4.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-southeast-4", + }, + }, + endpointKey{ + Region: "ap-southeast-4", + Variant: fipsVariant, + }: endpoint{ + Hostname: "waf-regional-fips.ap-southeast-4.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-southeast-4", + }, + }, endpointKey{ Region: "ca-central-1", }: endpoint{ @@ -26720,6 +33200,23 @@ var awsPartition = partition{ Region: "eu-central-1", }, }, + endpointKey{ + Region: "eu-central-2", + }: endpoint{ + Hostname: "waf-regional.eu-central-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-central-2", + }, + }, + endpointKey{ + Region: "eu-central-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "waf-regional-fips.eu-central-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-central-2", + }, + }, endpointKey{ Region: "eu-north-1", }: endpoint{ @@ -26754,6 +33251,23 @@ var awsPartition = partition{ Region: "eu-south-1", }, }, + endpointKey{ + Region: "eu-south-2", + }: endpoint{ + Hostname: "waf-regional.eu-south-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-south-2", + }, + }, + endpointKey{ + Region: "eu-south-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "waf-regional-fips.eu-south-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-south-2", + }, + }, endpointKey{ Region: "eu-west-1", }: endpoint{ @@ -26859,6 +33373,15 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "fips-ap-south-2", + }: endpoint{ + Hostname: "waf-regional-fips.ap-south-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-south-2", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "fips-ap-southeast-1", }: endpoint{ @@ -26886,6 +33409,15 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "fips-ap-southeast-4", + }: endpoint{ + Hostname: "waf-regional-fips.ap-southeast-4.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-southeast-4", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "fips-ca-central-1", }: endpoint{ @@ -26904,6 +33436,15 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "fips-eu-central-2", + }: endpoint{ + Hostname: "waf-regional-fips.eu-central-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-central-2", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "fips-eu-north-1", }: endpoint{ @@ -26922,6 +33463,15 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "fips-eu-south-2", + }: endpoint{ + Hostname: "waf-regional-fips.eu-south-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-south-2", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "fips-eu-west-1", }: endpoint{ @@ -26949,6 +33499,24 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "fips-il-central-1", + }: endpoint{ + Hostname: "waf-regional-fips.il-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "il-central-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-me-central-1", + }: endpoint{ + Hostname: "waf-regional-fips.me-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "me-central-1", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "fips-me-south-1", }: endpoint{ @@ -27003,6 +33571,40 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{ + Hostname: "waf-regional.il-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "il-central-1", + }, + }, + endpointKey{ + Region: "il-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "waf-regional-fips.il-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "il-central-1", + }, + }, + endpointKey{ + Region: "me-central-1", + }: endpoint{ + Hostname: "waf-regional.me-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "me-central-1", + }, + }, + endpointKey{ + Region: "me-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "waf-regional-fips.me-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "me-central-1", + }, + }, endpointKey{ Region: "me-south-1", }: endpoint{ @@ -27211,6 +33813,23 @@ var awsPartition = partition{ Region: "ap-south-1", }, }, + endpointKey{ + Region: "ap-south-2", + }: endpoint{ + Hostname: "wafv2.ap-south-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-south-2", + }, + }, + endpointKey{ + Region: "ap-south-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "wafv2-fips.ap-south-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-south-2", + }, + }, endpointKey{ Region: "ap-southeast-1", }: endpoint{ @@ -27262,6 +33881,23 @@ var awsPartition = partition{ Region: "ap-southeast-3", }, }, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{ + Hostname: "wafv2.ap-southeast-4.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-southeast-4", + }, + }, + endpointKey{ + Region: "ap-southeast-4", + Variant: fipsVariant, + }: endpoint{ + Hostname: "wafv2-fips.ap-southeast-4.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-southeast-4", + }, + }, endpointKey{ Region: "ca-central-1", }: endpoint{ @@ -27296,6 +33932,23 @@ var awsPartition = partition{ Region: "eu-central-1", }, }, + endpointKey{ + Region: "eu-central-2", + }: endpoint{ + Hostname: "wafv2.eu-central-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-central-2", + }, + }, + endpointKey{ + Region: "eu-central-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "wafv2-fips.eu-central-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-central-2", + }, + }, endpointKey{ Region: "eu-north-1", }: endpoint{ @@ -27330,6 +33983,23 @@ var awsPartition = partition{ Region: "eu-south-1", }, }, + endpointKey{ + Region: "eu-south-2", + }: endpoint{ + Hostname: "wafv2.eu-south-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-south-2", + }, + }, + endpointKey{ + Region: "eu-south-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "wafv2-fips.eu-south-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-south-2", + }, + }, endpointKey{ Region: "eu-west-1", }: endpoint{ @@ -27435,6 +34105,15 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "fips-ap-south-2", + }: endpoint{ + Hostname: "wafv2-fips.ap-south-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-south-2", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "fips-ap-southeast-1", }: endpoint{ @@ -27462,6 +34141,15 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "fips-ap-southeast-4", + }: endpoint{ + Hostname: "wafv2-fips.ap-southeast-4.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-southeast-4", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "fips-ca-central-1", }: endpoint{ @@ -27480,6 +34168,15 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "fips-eu-central-2", + }: endpoint{ + Hostname: "wafv2-fips.eu-central-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-central-2", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "fips-eu-north-1", }: endpoint{ @@ -27498,6 +34195,15 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "fips-eu-south-2", + }: endpoint{ + Hostname: "wafv2-fips.eu-south-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-south-2", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "fips-eu-west-1", }: endpoint{ @@ -27525,6 +34231,24 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "fips-il-central-1", + }: endpoint{ + Hostname: "wafv2-fips.il-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "il-central-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-me-central-1", + }: endpoint{ + Hostname: "wafv2-fips.me-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "me-central-1", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "fips-me-south-1", }: endpoint{ @@ -27579,6 +34303,40 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{ + Hostname: "wafv2.il-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "il-central-1", + }, + }, + endpointKey{ + Region: "il-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "wafv2-fips.il-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "il-central-1", + }, + }, + endpointKey{ + Region: "me-central-1", + }: endpoint{ + Hostname: "wafv2.me-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "me-central-1", + }, + }, + endpointKey{ + Region: "me-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "wafv2-fips.me-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "me-central-1", + }, + }, endpointKey{ Region: "me-south-1", }: endpoint{ @@ -27746,9 +34504,18 @@ var awsPartition = partition{ endpointKey{ Region: "ap-northeast-1", }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, endpointKey{ Region: "ap-southeast-2", }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, @@ -27770,9 +34537,18 @@ var awsPartition = partition{ endpointKey{ Region: "ui-ap-northeast-1", }: endpoint{}, + endpointKey{ + Region: "ui-ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ui-ap-southeast-1", + }: endpoint{}, endpointKey{ Region: "ui-ap-southeast-2", }: endpoint{}, + endpointKey{ + Region: "ui-ca-central-1", + }: endpoint{}, endpointKey{ Region: "ui-eu-central-1", }: endpoint{}, @@ -27921,6 +34697,9 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, endpointKey{ Region: "sa-east-1", }: endpoint{}, @@ -28010,9 +34789,15 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, @@ -28073,6 +34858,9 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, endpointKey{ Region: "me-central-1", }: endpoint{}, @@ -28212,6 +35000,16 @@ var awscnPartition = partition{ }: endpoint{}, }, }, + "airflow": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + }, + }, "api.ecr": service{ Endpoints: serviceEndpoints{ endpointKey{ @@ -28232,6 +35030,20 @@ var awscnPartition = partition{ }, }, }, + "api.pricing": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + CredentialScope: credentialScope{ + Service: "pricing", + }, + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + }, + }, "api.sagemaker": service{ Endpoints: serviceEndpoints{ endpointKey{ @@ -28339,6 +35151,16 @@ var awscnPartition = partition{ }: endpoint{}, }, }, + "arc-zonal-shift": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + }, + }, "athena": service{ Endpoints: serviceEndpoints{ endpointKey{ @@ -28401,6 +35223,16 @@ var awscnPartition = partition{ }: endpoint{}, }, }, + "backupstorage": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + }, + }, "batch": service{ Endpoints: serviceEndpoints{ endpointKey{ @@ -28590,7 +35422,10 @@ var awscnPartition = partition{ Endpoints: serviceEndpoints{ endpointKey{ Region: "cn-north-1", - }: endpoint{}, + }: endpoint{ + Hostname: "data.ats.iot.cn-north-1.amazonaws.com.cn", + Protocols: []string{"https"}, + }, endpointKey{ Region: "cn-northwest-1", }: endpoint{}, @@ -28626,6 +35461,31 @@ var awscnPartition = partition{ }: endpoint{}, }, }, + "datazone": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + DNSSuffix: "api.amazonwebservices.com.cn", + }, + defaultKey{ + Variant: fipsVariant, + }: endpoint{ + Hostname: "{service}-fips.{region}.{dnsSuffix}", + DNSSuffix: "api.amazonwebservices.com.cn", + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{ + Hostname: "datazone.cn-north-1.api.amazonwebservices.com.cn", + }, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{ + Hostname: "datazone.cn-northwest-1.api.amazonwebservices.com.cn", + }, + }, + }, "dax": service{ Endpoints: serviceEndpoints{ endpointKey{ @@ -28753,6 +35613,31 @@ var awscnPartition = partition{ }: endpoint{}, }, }, + "eks-auth": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + DNSSuffix: "api.amazonwebservices.com.cn", + }, + defaultKey{ + Variant: fipsVariant, + }: endpoint{ + Hostname: "{service}-fips.{region}.{dnsSuffix}", + DNSSuffix: "api.amazonwebservices.com.cn", + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{ + Hostname: "eks-auth.cn-north-1.api.amazonwebservices.com.cn", + }, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{ + Hostname: "eks-auth.cn-northwest-1.api.amazonwebservices.com.cn", + }, + }, + }, "elasticache": service{ Endpoints: serviceEndpoints{ endpointKey{ @@ -28838,9 +35723,21 @@ var awscnPartition = partition{ endpointKey{ Region: "cn-north-1", }: endpoint{}, + endpointKey{ + Region: "cn-north-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "elasticmapreduce.cn-north-1.api.amazonwebservices.com.cn", + }, endpointKey{ Region: "cn-northwest-1", }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "elasticmapreduce.cn-northwest-1.api.amazonwebservices.com.cn", + }, }, }, "emr-containers": service{ @@ -28853,14 +35750,36 @@ var awscnPartition = partition{ }: endpoint{}, }, }, + "emr-serverless": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + }, + }, "es": service{ Endpoints: serviceEndpoints{ endpointKey{ Region: "cn-north-1", }: endpoint{}, + endpointKey{ + Region: "cn-north-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "aos.cn-north-1.api.amazonwebservices.com.cn", + }, endpointKey{ Region: "cn-northwest-1", }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "aos.cn-northwest-1.api.amazonwebservices.com.cn", + }, }, }, "events": service{ @@ -29018,14 +35937,52 @@ var awscnPartition = partition{ }, }, }, - "iot": service{ + "identitystore": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + }, + }, + "inspector2": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + }, + }, + "internetmonitor": service{ Defaults: endpointDefaults{ defaultKey{}: endpoint{ - CredentialScope: credentialScope{ - Service: "execute-api", - }, + DNSSuffix: "api.amazonwebservices.com.cn", + }, + defaultKey{ + Variant: fipsVariant, + }: endpoint{ + Hostname: "{service}-fips.{region}.{dnsSuffix}", + DNSSuffix: "api.amazonwebservices.com.cn", + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{ + Hostname: "internetmonitor.cn-north-1.api.amazonwebservices.com.cn", + }, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{ + Hostname: "internetmonitor.cn-northwest-1.api.amazonwebservices.com.cn", }, }, + }, + "iot": service{ Endpoints: serviceEndpoints{ endpointKey{ Region: "cn-north-1", @@ -29078,6 +36035,29 @@ var awscnPartition = partition{ }: endpoint{}, }, }, + "iottwinmaker": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "api-cn-north-1", + }: endpoint{ + Hostname: "api.iottwinmaker.cn-north-1.amazonaws.com.cn", + CredentialScope: credentialScope{ + Region: "cn-north-1", + }, + }, + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "data-cn-north-1", + }: endpoint{ + Hostname: "data.iottwinmaker.cn-north-1.amazonaws.com.cn", + CredentialScope: credentialScope{ + Region: "cn-north-1", + }, + }, + }, + }, "kafka": service{ Endpoints: serviceEndpoints{ endpointKey{ @@ -29088,6 +36068,31 @@ var awscnPartition = partition{ }: endpoint{}, }, }, + "kendra-ranking": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + DNSSuffix: "api.amazonwebservices.com.cn", + }, + defaultKey{ + Variant: fipsVariant, + }: endpoint{ + Hostname: "{service}-fips.{region}.{dnsSuffix}", + DNSSuffix: "api.amazonwebservices.com.cn", + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{ + Hostname: "kendra-ranking.cn-north-1.api.amazonwebservices.com.cn", + }, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{ + Hostname: "kendra-ranking.cn-northwest-1.api.amazonwebservices.com.cn", + }, + }, + }, "kinesis": service{ Endpoints: serviceEndpoints{ endpointKey{ @@ -29108,6 +36113,13 @@ var awscnPartition = partition{ }: endpoint{}, }, }, + "kinesisvideo": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + }, + }, "kms": service{ Endpoints: serviceEndpoints{ endpointKey{ @@ -29160,6 +36172,16 @@ var awscnPartition = partition{ }: endpoint{}, }, }, + "license-manager-linux-subscriptions": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + }, + }, "logs": service{ Endpoints: serviceEndpoints{ endpointKey{ @@ -29247,6 +36269,46 @@ var awscnPartition = partition{ }, }, }, + "network-firewall": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + }, + }, + "oam": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + }, + }, + "oidc": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{ + Hostname: "oidc.cn-north-1.amazonaws.com.cn", + CredentialScope: credentialScope{ + Region: "cn-north-1", + }, + }, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{ + Hostname: "oidc.cn-northwest-1.amazonaws.com.cn", + CredentialScope: credentialScope{ + Region: "cn-northwest-1", + }, + }, + }, + }, "organizations": service{ PartitionEndpoint: "aws-cn-global", IsRegionalized: boxedFalse, @@ -29278,6 +36340,16 @@ var awscnPartition = partition{ }: endpoint{}, }, }, + "pipes": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + }, + }, "polly": service{ Endpoints: serviceEndpoints{ endpointKey{ @@ -29285,6 +36357,58 @@ var awscnPartition = partition{ }: endpoint{}, }, }, + "portal.sso": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{ + Hostname: "portal.sso.cn-north-1.amazonaws.com.cn", + CredentialScope: credentialScope{ + Region: "cn-north-1", + }, + }, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{ + Hostname: "portal.sso.cn-northwest-1.amazonaws.com.cn", + CredentialScope: credentialScope{ + Region: "cn-northwest-1", + }, + }, + }, + }, + "qbusiness": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + DNSSuffix: "api.amazonwebservices.com.cn", + }, + defaultKey{ + Variant: fipsVariant, + }: endpoint{ + Hostname: "{service}-fips.{region}.{dnsSuffix}", + DNSSuffix: "api.amazonwebservices.com.cn", + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{ + Hostname: "qbusiness.cn-north-1.api.amazonwebservices.com.cn", + }, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{ + Hostname: "qbusiness.cn-northwest-1.api.amazonwebservices.com.cn", + }, + }, + }, + "quicksight": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + }, + }, "ram": service{ Endpoints: serviceEndpoints{ endpointKey{ @@ -29325,32 +36449,24 @@ var awscnPartition = partition{ }: endpoint{}, }, }, - "resource-explorer-2": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - DNSSuffix: "api.amazonwebservices.com.cn", - }, - defaultKey{ - Variant: fipsVariant, - }: endpoint{ - Hostname: "{service}-fips.{region}.{dnsSuffix}", - DNSSuffix: "api.amazonwebservices.com.cn", - }, + "redshift-serverless": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, }, + }, + "resource-groups": service{ Endpoints: serviceEndpoints{ endpointKey{ Region: "cn-north-1", - }: endpoint{ - Hostname: "resource-explorer-2.cn-north-1.api.amazonwebservices.com.cn", - }, + }: endpoint{}, endpointKey{ Region: "cn-northwest-1", - }: endpoint{ - Hostname: "resource-explorer-2.cn-northwest-1.api.amazonwebservices.com.cn", - }, + }: endpoint{}, }, }, - "resource-groups": service{ + "rolesanywhere": service{ Endpoints: serviceEndpoints{ endpointKey{ Region: "cn-north-1", @@ -29491,14 +36607,53 @@ var awscnPartition = partition{ }, }, }, + "savingsplans": service{ + IsRegionalized: boxedTrue, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{ + Hostname: "savingsplans.cn-north-1.amazonaws.com.cn", + CredentialScope: credentialScope{ + Region: "cn-north-1", + }, + }, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{ + Hostname: "savingsplans.cn-northwest-1.amazonaws.com.cn", + CredentialScope: credentialScope{ + Region: "cn-northwest-1", + }, + }, + }, + }, + "schemas": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + }, + }, "secretsmanager": service{ Endpoints: serviceEndpoints{ endpointKey{ Region: "cn-north-1", }: endpoint{}, + endpointKey{ + Region: "cn-north-1", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "cn-northwest-1", }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + Variant: dualStackVariant, + }: endpoint{}, }, }, "securityhub": service{ @@ -29549,7 +36704,7 @@ var awscnPartition = partition{ Region: "cn-north-1", Variant: dualStackVariant, }: endpoint{ - Hostname: "servicediscovery.cn-north-1.amazonaws.com.cn", + Hostname: "servicediscovery.cn-north-1.api.amazonwebservices.com.cn", }, endpointKey{ Region: "cn-northwest-1", @@ -29558,11 +36713,26 @@ var awscnPartition = partition{ Region: "cn-northwest-1", Variant: dualStackVariant, }: endpoint{ - Hostname: "servicediscovery.cn-northwest-1.amazonaws.com.cn", + Hostname: "servicediscovery.cn-northwest-1.api.amazonwebservices.com.cn", }, }, }, - "sms": service{ + "servicequotas": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + Protocols: []string{"https"}, + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + }, + }, + "signer": service{ Endpoints: serviceEndpoints{ endpointKey{ Region: "cn-north-1", @@ -29570,6 +36740,29 @@ var awscnPartition = partition{ endpointKey{ Region: "cn-northwest-1", }: endpoint{}, + endpointKey{ + Region: "verification-cn-north-1", + }: endpoint{ + Hostname: "verification.signer.cn-north-1.amazonaws.com.cn", + CredentialScope: credentialScope{ + Region: "cn-north-1", + }, + }, + endpointKey{ + Region: "verification-cn-northwest-1", + }: endpoint{ + Hostname: "verification.signer.cn-northwest-1.amazonaws.com.cn", + CredentialScope: credentialScope{ + Region: "cn-northwest-1", + }, + }, + }, + }, + "sms": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, }, }, "snowball": service{ @@ -29653,14 +36846,36 @@ var awscnPartition = partition{ }: endpoint{}, }, }, + "sso": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + }, + }, "states": service{ Endpoints: serviceEndpoints{ endpointKey{ Region: "cn-north-1", }: endpoint{}, + endpointKey{ + Region: "cn-north-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "states.cn-north-1.api.amazonwebservices.com.cn", + }, endpointKey{ Region: "cn-northwest-1", }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "states.cn-northwest-1.api.amazonwebservices.com.cn", + }, }, }, "storagegateway": service{ @@ -29986,6 +37201,24 @@ var awsusgovPartition = partition{ Region: "us-gov-east-1", }, }, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "access-analyzer.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + }, + endpointKey{ + Region: "us-gov-east-1-fips", + }: endpoint{ + Hostname: "access-analyzer.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "us-gov-west-1", }: endpoint{ @@ -29994,6 +37227,24 @@ var awsusgovPartition = partition{ Region: "us-gov-west-1", }, }, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "access-analyzer.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, + endpointKey{ + Region: "us-gov-west-1-fips", + }: endpoint{ + Hostname: "access-analyzer.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + Deprecated: boxedTrue, + }, }, }, "acm": service{ @@ -30248,6 +37499,9 @@ var awsusgovPartition = partition{ }, }, Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, endpointKey{ Region: "us-gov-west-1", }: endpoint{}, @@ -30395,12 +37649,42 @@ var awsusgovPartition = partition{ }, "appconfigdata": service{ Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-gov-east-1", + }: endpoint{ + Hostname: "appconfigdata.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-gov-west-1", + }: endpoint{ + Hostname: "appconfigdata.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "us-gov-east-1", }: endpoint{}, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "appconfigdata.us-gov-east-1.amazonaws.com", + }, endpointKey{ Region: "us-gov-west-1", }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "appconfigdata.us-gov-west-1.amazonaws.com", + }, }, }, "application-autoscaling": service{ @@ -30417,13 +37701,45 @@ var awsusgovPartition = partition{ endpointKey{ Region: "us-gov-east-1", }: endpoint{ + Hostname: "application-autoscaling.us-gov-east-1.amazonaws.com", Protocols: []string{"http", "https"}, }, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "application-autoscaling.us-gov-east-1.amazonaws.com", + Protocols: []string{"http", "https"}, + }, + endpointKey{ + Region: "us-gov-east-1-fips", + }: endpoint{ + Hostname: "application-autoscaling.us-gov-east-1.amazonaws.com", + Protocols: []string{"http", "https"}, + + Deprecated: boxedTrue, + }, endpointKey{ Region: "us-gov-west-1", }: endpoint{ + Hostname: "application-autoscaling.us-gov-west-1.amazonaws.com", Protocols: []string{"http", "https"}, }, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "application-autoscaling.us-gov-west-1.amazonaws.com", + Protocols: []string{"http", "https"}, + }, + endpointKey{ + Region: "us-gov-west-1-fips", + }: endpoint{ + Hostname: "application-autoscaling.us-gov-west-1.amazonaws.com", + Protocols: []string{"http", "https"}, + + Deprecated: boxedTrue, + }, }, }, "applicationinsights": service{ @@ -30465,6 +37781,24 @@ var awsusgovPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "appstream2-fips.us-gov-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-gov-east-1-fips", + }: endpoint{ + Hostname: "appstream2-fips.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "us-gov-west-1", }: endpoint{}, @@ -30485,6 +37819,16 @@ var awsusgovPartition = partition{ }, }, }, + "arc-zonal-shift": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + }, + }, "athena": service{ Endpoints: serviceEndpoints{ endpointKey{ @@ -30520,6 +37864,12 @@ var awsusgovPartition = partition{ }: endpoint{ Hostname: "athena-fips.us-gov-east-1.amazonaws.com", }, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant | dualStackVariant, + }: endpoint{ + Hostname: "athena-fips.us-gov-east-1.api.aws", + }, endpointKey{ Region: "us-gov-west-1", }: endpoint{}, @@ -30535,6 +37885,12 @@ var awsusgovPartition = partition{ }: endpoint{ Hostname: "athena-fips.us-gov-west-1.amazonaws.com", }, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant | dualStackVariant, + }: endpoint{ + Hostname: "athena-fips.us-gov-west-1.api.aws", + }, }, }, "autoscaling": service{ @@ -30598,6 +37954,16 @@ var awsusgovPartition = partition{ }: endpoint{}, }, }, + "backupstorage": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + }, + }, "batch": service{ Defaults: endpointDefaults{ defaultKey{}: endpoint{}, @@ -30646,6 +38012,13 @@ var awsusgovPartition = partition{ }, }, }, + "bedrock": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + }, + }, "cassandra": service{ Endpoints: serviceEndpoints{ endpointKey{ @@ -30656,6 +38029,24 @@ var awsusgovPartition = partition{ Region: "us-gov-east-1", }, }, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "cassandra.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + }, + endpointKey{ + Region: "us-gov-east-1-fips", + }: endpoint{ + Hostname: "cassandra.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "us-gov-west-1", }: endpoint{ @@ -30664,6 +38055,24 @@ var awsusgovPartition = partition{ Region: "us-gov-west-1", }, }, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "cassandra.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, + endpointKey{ + Region: "us-gov-west-1-fips", + }: endpoint{ + Hostname: "cassandra.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + Deprecated: boxedTrue, + }, }, }, "cloudcontrolapi": service{ @@ -30711,6 +38120,21 @@ var awsusgovPartition = partition{ endpointKey{ Region: "us-gov-west-1", }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "clouddirectory.us-gov-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-gov-west-1-fips", + }: endpoint{ + Hostname: "clouddirectory.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + Deprecated: boxedTrue, + }, }, }, "cloudformation": service{ @@ -30723,6 +38147,24 @@ var awsusgovPartition = partition{ Region: "us-gov-east-1", }, }, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "cloudformation.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + }, + endpointKey{ + Region: "us-gov-east-1-fips", + }: endpoint{ + Hostname: "cloudformation.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "us-gov-west-1", }: endpoint{ @@ -30731,6 +38173,24 @@ var awsusgovPartition = partition{ Region: "us-gov-west-1", }, }, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "cloudformation.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, + endpointKey{ + Region: "us-gov-west-1-fips", + }: endpoint{ + Hostname: "cloudformation.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + Deprecated: boxedTrue, + }, }, }, "cloudhsm": service{ @@ -30936,6 +38396,15 @@ var awsusgovPartition = partition{ }, "codepipeline": service{ Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-gov-east-1", + }: endpoint{ + Hostname: "codepipeline-fips.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "fips-us-gov-west-1", }: endpoint{ @@ -30945,6 +38414,15 @@ var awsusgovPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "codepipeline-fips.us-gov-east-1.amazonaws.com", + }, endpointKey{ Region: "us-gov-west-1", }: endpoint{}, @@ -30956,6 +38434,13 @@ var awsusgovPartition = partition{ }, }, }, + "codestar-connections": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + }, + }, "cognito-identity": service{ Endpoints: serviceEndpoints{ endpointKey{ @@ -31049,6 +38534,26 @@ var awsusgovPartition = partition{ }, }, }, + "compute-optimizer": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{ + Hostname: "compute-optimizer-fips.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{ + Hostname: "compute-optimizer-fips.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, + }, + }, "config": service{ Defaults: endpointDefaults{ defaultKey{}: endpoint{}, @@ -31099,9 +38604,24 @@ var awsusgovPartition = partition{ }, "connect": service{ Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-gov-west-1", + }: endpoint{ + Hostname: "connect.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "us-gov-west-1", }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "connect.us-gov-west-1.amazonaws.com", + }, }, }, "controltower": service{ @@ -31204,9 +38724,24 @@ var awsusgovPartition = partition{ }, "databrew": service{ Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-gov-west-1", + }: endpoint{ + Hostname: "databrew.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "us-gov-west-1", }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "databrew.us-gov-west-1.amazonaws.com", + }, }, }, "datasync": service{ @@ -31249,6 +38784,31 @@ var awsusgovPartition = partition{ }, }, }, + "datazone": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + DNSSuffix: "api.aws", + }, + defaultKey{ + Variant: fipsVariant, + }: endpoint{ + Hostname: "{service}-fips.{region}.{dnsSuffix}", + DNSSuffix: "api.aws", + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{ + Hostname: "datazone.us-gov-east-1.api.aws", + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{ + Hostname: "datazone.us-gov-west-1.api.aws", + }, + }, + }, "directconnect": service{ Endpoints: serviceEndpoints{ endpointKey{ @@ -31274,9 +38834,39 @@ var awsusgovPartition = partition{ endpointKey{ Region: "us-gov-east-1", }: endpoint{}, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "dlm.us-gov-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-gov-east-1-fips", + }: endpoint{ + Hostname: "dlm.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "us-gov-west-1", }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "dlm.us-gov-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-gov-west-1-fips", + }: endpoint{ + Hostname: "dlm.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + Deprecated: boxedTrue, + }, }, }, "dms": service{ @@ -31366,6 +38956,46 @@ var awsusgovPartition = partition{ }, }, }, + "drs": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-gov-east-1", + }: endpoint{ + Hostname: "drs-fips.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-gov-west-1", + }: endpoint{ + Hostname: "drs-fips.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "drs-fips.us-gov-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "drs-fips.us-gov-west-1.amazonaws.com", + }, + }, + }, "ds": service{ Endpoints: serviceEndpoints{ endpointKey{ @@ -31601,6 +39231,31 @@ var awsusgovPartition = partition{ }, }, }, + "eks-auth": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + DNSSuffix: "api.aws", + }, + defaultKey{ + Variant: fipsVariant, + }: endpoint{ + Hostname: "{service}-fips.{region}.{dnsSuffix}", + DNSSuffix: "api.aws", + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{ + Hostname: "eks-auth.us-gov-east-1.api.aws", + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{ + Hostname: "eks-auth.us-gov-west-1.api.aws", + }, + }, + }, "elasticache": service{ Defaults: endpointDefaults{ defaultKey{}: endpoint{}, @@ -31653,6 +39308,24 @@ var awsusgovPartition = partition{ Region: "us-gov-east-1", }, }, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "elasticbeanstalk.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + }, + endpointKey{ + Region: "us-gov-east-1-fips", + }: endpoint{ + Hostname: "elasticbeanstalk.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "us-gov-west-1", }: endpoint{ @@ -31661,6 +39334,24 @@ var awsusgovPartition = partition{ Region: "us-gov-west-1", }, }, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "elasticbeanstalk.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, + endpointKey{ + Region: "us-gov-west-1-fips", + }: endpoint{ + Hostname: "elasticbeanstalk.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + Deprecated: boxedTrue, + }, }, }, "elasticfilesystem": service{ @@ -31785,6 +39476,12 @@ var awsusgovPartition = partition{ endpointKey{ Region: "us-gov-east-1", }: endpoint{}, + endpointKey{ + Region: "us-gov-east-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "elasticmapreduce.us-gov-east-1.api.aws", + }, endpointKey{ Region: "us-gov-east-1", Variant: fipsVariant, @@ -31796,6 +39493,13 @@ var awsusgovPartition = partition{ }: endpoint{ Protocols: []string{"https"}, }, + endpointKey{ + Region: "us-gov-west-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "elasticmapreduce.us-gov-west-1.api.aws", + Protocols: []string{"https"}, + }, endpointKey{ Region: "us-gov-west-1", Variant: fipsVariant, @@ -31827,6 +39531,26 @@ var awsusgovPartition = partition{ }, }, }, + "emr-containers": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + }, + }, + "emr-serverless": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + }, + }, "es": service{ Endpoints: serviceEndpoints{ endpointKey{ @@ -31841,6 +39565,12 @@ var awsusgovPartition = partition{ endpointKey{ Region: "us-gov-east-1", }: endpoint{}, + endpointKey{ + Region: "us-gov-east-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "aos.us-gov-east-1.api.aws", + }, endpointKey{ Region: "us-gov-east-1", Variant: fipsVariant, @@ -31859,6 +39589,12 @@ var awsusgovPartition = partition{ endpointKey{ Region: "us-gov-west-1", }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "aos.us-gov-west-1.api.aws", + }, endpointKey{ Region: "us-gov-west-1", Variant: fipsVariant, @@ -32095,24 +39831,68 @@ var awsusgovPartition = partition{ }, }, }, + "geo": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-gov-west-1", + }: endpoint{ + Hostname: "geo-fips.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "geo-fips.us-gov-west-1.amazonaws.com", + }, + }, + }, "glacier": service{ Endpoints: serviceEndpoints{ endpointKey{ - Region: "us-gov-east-1", + Region: "fips-us-gov-east-1", }: endpoint{ Hostname: "glacier.us-gov-east-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-east-1", }, + Deprecated: boxedTrue, }, endpointKey{ - Region: "us-gov-west-1", + Region: "fips-us-gov-west-1", }: endpoint{ - Hostname: "glacier.us-gov-west-1.amazonaws.com", - Protocols: []string{"http", "https"}, + Hostname: "glacier.us-gov-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-west-1", }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "glacier.us-gov-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{ + Protocols: []string{"http", "https"}, + }, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "glacier.us-gov-west-1.amazonaws.com", + Protocols: []string{"http", "https"}, }, }, }, @@ -32139,21 +39919,45 @@ var awsusgovPartition = partition{ endpointKey{ Region: "us-gov-east-1", }: endpoint{}, + endpointKey{ + Region: "us-gov-east-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "glue.us-gov-east-1.api.aws", + }, endpointKey{ Region: "us-gov-east-1", Variant: fipsVariant, }: endpoint{ Hostname: "glue-fips.us-gov-east-1.amazonaws.com", }, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant | dualStackVariant, + }: endpoint{ + Hostname: "glue-fips.us-gov-east-1.api.aws", + }, endpointKey{ Region: "us-gov-west-1", }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "glue.us-gov-west-1.api.aws", + }, endpointKey{ Region: "us-gov-west-1", Variant: fipsVariant, }: endpoint{ Hostname: "glue-fips.us-gov-west-1.amazonaws.com", }, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant | dualStackVariant, + }: endpoint{ + Hostname: "glue-fips.us-gov-west-1.api.aws", + }, }, }, "greengrass": service{ @@ -32183,36 +39987,38 @@ var awsusgovPartition = partition{ endpointKey{ Region: "fips-us-gov-east-1", }: endpoint{ - Hostname: "greengrass-fips.us-gov-east-1.amazonaws.com", + Hostname: "greengrass.us-gov-east-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-east-1", }, Deprecated: boxedTrue, }, endpointKey{ - Region: "us-gov-east-1", + Region: "fips-us-gov-west-1", }: endpoint{ - Hostname: "greengrass.us-gov-east-1.amazonaws.com", + Hostname: "greengrass.us-gov-west-1.amazonaws.com", CredentialScope: credentialScope{ - Region: "us-gov-east-1", + Region: "us-gov-west-1", }, + Deprecated: boxedTrue, }, + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, endpointKey{ Region: "us-gov-east-1", Variant: fipsVariant, }: endpoint{ - Hostname: "greengrass-fips.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, + Hostname: "greengrass.us-gov-east-1.amazonaws.com", }, endpointKey{ Region: "us-gov-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, }: endpoint{ Hostname: "greengrass.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, }, }, }, @@ -32269,7 +40075,21 @@ var awsusgovPartition = partition{ }, }, "health": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + SSLCommonName: "health.us-gov-west-1.amazonaws.com", + Protocols: []string{"https"}, + }, + }, Endpoints: serviceEndpoints{ + endpointKey{ + Region: "aws-us-gov-global", + }: endpoint{ + Hostname: "global.health.us-gov.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, endpointKey{ Region: "fips-us-gov-west-1", }: endpoint{ @@ -32411,6 +40231,21 @@ var awsusgovPartition = partition{ endpointKey{ Region: "us-gov-west-1", }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "ingest.timestream.us-gov-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-gov-west-1-fips", + }: endpoint{ + Hostname: "ingest.timestream.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + Deprecated: boxedTrue, + }, }, }, "inspector": service{ @@ -32453,31 +40288,85 @@ var awsusgovPartition = partition{ }, }, }, - "iot": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ + "inspector2": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-gov-east-1", + }: endpoint{ + Hostname: "inspector2-fips.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-gov-west-1", + }: endpoint{ + Hostname: "inspector2-fips.us-gov-west-1.amazonaws.com", CredentialScope: credentialScope{ - Service: "execute-api", + Region: "us-gov-west-1", }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "inspector2-fips.us-gov-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "inspector2-fips.us-gov-west-1.amazonaws.com", + }, + }, + }, + "internetmonitor": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + DNSSuffix: "api.aws", + }, + defaultKey{ + Variant: fipsVariant, + }: endpoint{ + Hostname: "{service}-fips.{region}.{dnsSuffix}", + DNSSuffix: "api.aws", }, }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{ + Hostname: "internetmonitor.us-gov-east-1.api.aws", + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{ + Hostname: "internetmonitor.us-gov-west-1.api.aws", + }, + }, + }, + "iot": service{ Endpoints: serviceEndpoints{ endpointKey{ Region: "fips-us-gov-east-1", }: endpoint{ Hostname: "iot-fips.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Service: "execute-api", - }, + Deprecated: boxedTrue, }, endpointKey{ Region: "fips-us-gov-west-1", }: endpoint{ Hostname: "iot-fips.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Service: "execute-api", - }, + Deprecated: boxedTrue, }, endpointKey{ @@ -32622,14 +40511,114 @@ var awsusgovPartition = partition{ }, }, }, + "iottwinmaker": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "api-us-gov-west-1", + }: endpoint{ + Hostname: "api.iottwinmaker.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, + endpointKey{ + Region: "data-us-gov-west-1", + }: endpoint{ + Hostname: "data.iottwinmaker.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, + endpointKey{ + Region: "fips-api-us-gov-west-1", + }: endpoint{ + Hostname: "api.iottwinmaker-fips.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, + endpointKey{ + Region: "fips-data-us-gov-west-1", + }: endpoint{ + Hostname: "data.iottwinmaker-fips.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, + endpointKey{ + Region: "fips-us-gov-west-1", + }: endpoint{ + Hostname: "iottwinmaker-fips.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "iottwinmaker-fips.us-gov-west-1.amazonaws.com", + }, + }, + }, "kafka": service{ Endpoints: serviceEndpoints{ endpointKey{ Region: "us-gov-east-1", - }: endpoint{}, + }: endpoint{ + Hostname: "kafka.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + }, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "kafka.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + }, + endpointKey{ + Region: "us-gov-east-1-fips", + }: endpoint{ + Hostname: "kafka.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "us-gov-west-1", - }: endpoint{}, + }: endpoint{ + Hostname: "kafka.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "kafka.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, + endpointKey{ + Region: "us-gov-west-1-fips", + }: endpoint{ + Hostname: "kafka.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + Deprecated: boxedTrue, + }, }, }, "kendra": service{ @@ -32654,8 +40643,51 @@ var awsusgovPartition = partition{ }, }, }, + "kendra-ranking": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + DNSSuffix: "api.aws", + }, + defaultKey{ + Variant: fipsVariant, + }: endpoint{ + Hostname: "{service}-fips.{region}.{dnsSuffix}", + DNSSuffix: "api.aws", + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{ + Hostname: "kendra-ranking.us-gov-east-1.api.aws", + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{ + Hostname: "kendra-ranking.us-gov-west-1.api.aws", + }, + }, + }, "kinesis": service{ Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-gov-east-1", + }: endpoint{ + Hostname: "kinesis.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-gov-west-1", + }: endpoint{ + Hostname: "kinesis.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "us-gov-east-1", }: endpoint{ @@ -32664,6 +40696,15 @@ var awsusgovPartition = partition{ Region: "us-gov-east-1", }, }, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "kinesis.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + }, endpointKey{ Region: "us-gov-west-1", }: endpoint{ @@ -32672,6 +40713,15 @@ var awsusgovPartition = partition{ Region: "us-gov-west-1", }, }, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "kinesis.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, }, }, "kinesisanalytics": service{ @@ -32756,21 +40806,45 @@ var awsusgovPartition = partition{ endpointKey{ Region: "us-gov-east-1", }: endpoint{}, + endpointKey{ + Region: "us-gov-east-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "lakeformation.us-gov-east-1.api.aws", + }, endpointKey{ Region: "us-gov-east-1", Variant: fipsVariant, }: endpoint{ Hostname: "lakeformation-fips.us-gov-east-1.amazonaws.com", }, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant | dualStackVariant, + }: endpoint{ + Hostname: "lakeformation-fips.us-gov-east-1.api.aws", + }, endpointKey{ Region: "us-gov-west-1", }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "lakeformation.us-gov-west-1.api.aws", + }, endpointKey{ Region: "us-gov-west-1", Variant: fipsVariant, }: endpoint{ Hostname: "lakeformation-fips.us-gov-west-1.amazonaws.com", }, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant | dualStackVariant, + }: endpoint{ + Hostname: "lakeformation-fips.us-gov-west-1.api.aws", + }, }, }, "lambda": service{ @@ -32865,6 +40939,16 @@ var awsusgovPartition = partition{ }, }, }, + "license-manager-linux-subscriptions": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + }, + }, "logs": service{ Endpoints: serviceEndpoints{ endpointKey{ @@ -32905,6 +40989,36 @@ var awsusgovPartition = partition{ }, }, }, + "m2": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-gov-east-1", + }: endpoint{ + + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-gov-west-1", + }: endpoint{ + + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{}, + }, + }, "managedblockchain": service{ Endpoints: serviceEndpoints{ endpointKey{ @@ -32915,12 +41029,22 @@ var awsusgovPartition = partition{ "mediaconvert": service{ Endpoints: serviceEndpoints{ endpointKey{ - Region: "us-gov-west-1", + Region: "fips-us-gov-west-1", }: endpoint{ Hostname: "mediaconvert.us-gov-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-west-1", }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "mediaconvert.us-gov-west-1.amazonaws.com", }, }, }, @@ -32991,6 +41115,46 @@ var awsusgovPartition = partition{ }: endpoint{}, }, }, + "mgn": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-gov-east-1", + }: endpoint{ + Hostname: "mgn-fips.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-gov-west-1", + }: endpoint{ + Hostname: "mgn-fips.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "mgn-fips.us-gov-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "mgn-fips.us-gov-west-1.amazonaws.com", + }, + }, + }, "models.lex": service{ Defaults: endpointDefaults{ defaultKey{}: endpoint{ @@ -33188,6 +41352,24 @@ var awsusgovPartition = partition{ Region: "us-gov-west-1", }, }, + endpointKey{ + Region: "aws-us-gov-global", + Variant: fipsVariant, + }: endpoint{ + Hostname: "networkmanager.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, + endpointKey{ + Region: "fips-aws-us-gov-global", + }: endpoint{ + Hostname: "networkmanager.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + Deprecated: boxedTrue, + }, }, }, "oidc": service{ @@ -33245,32 +41427,62 @@ var awsusgovPartition = partition{ "outposts": service{ Endpoints: serviceEndpoints{ endpointKey{ - Region: "us-gov-east-1", + Region: "fips-us-gov-east-1", }: endpoint{ Hostname: "outposts.us-gov-east-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-east-1", }, + Deprecated: boxedTrue, }, endpointKey{ - Region: "us-gov-west-1", + Region: "fips-us-gov-west-1", }: endpoint{ Hostname: "outposts.us-gov-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-west-1", }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "outposts.us-gov-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "outposts.us-gov-west-1.amazonaws.com", }, }, }, "participant.connect": service{ Endpoints: serviceEndpoints{ endpointKey{ - Region: "us-gov-west-1", + Region: "fips-us-gov-west-1", }: endpoint{ Hostname: "participant.connect.us-gov-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-west-1", }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "participant.connect.us-gov-west-1.amazonaws.com", }, }, }, @@ -33363,6 +41575,31 @@ var awsusgovPartition = partition{ }, }, }, + "qbusiness": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + DNSSuffix: "api.aws", + }, + defaultKey{ + Variant: fipsVariant, + }: endpoint{ + Hostname: "{service}-fips.{region}.{dnsSuffix}", + DNSSuffix: "api.aws", + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{ + Hostname: "qbusiness.us-gov-east-1.api.aws", + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{ + Hostname: "qbusiness.us-gov-west-1.api.aws", + }, + }, + }, "quicksight": service{ Endpoints: serviceEndpoints{ endpointKey{ @@ -33383,6 +41620,24 @@ var awsusgovPartition = partition{ Region: "us-gov-east-1", }, }, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "ram.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + }, + endpointKey{ + Region: "us-gov-east-1-fips", + }: endpoint{ + Hostname: "ram.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "us-gov-west-1", }: endpoint{ @@ -33391,6 +41646,24 @@ var awsusgovPartition = partition{ Region: "us-gov-west-1", }, }, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "ram.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, + endpointKey{ + Region: "us-gov-west-1-fips", + }: endpoint{ + Hostname: "ram.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + Deprecated: boxedTrue, + }, }, }, "rbin": service{ @@ -33568,28 +41841,43 @@ var awsusgovPartition = partition{ }, }, }, - "resource-explorer-2": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - DNSSuffix: "api.aws", + "resiliencehub": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-gov-east-1", + }: endpoint{ + Hostname: "resiliencehub-fips.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + Deprecated: boxedTrue, }, - defaultKey{ - Variant: fipsVariant, + endpointKey{ + Region: "fips-us-gov-west-1", }: endpoint{ - Hostname: "{service}-fips.{region}.{dnsSuffix}", - DNSSuffix: "api.aws", + Hostname: "resiliencehub-fips.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + Deprecated: boxedTrue, }, - }, - Endpoints: serviceEndpoints{ endpointKey{ Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, }: endpoint{ - Hostname: "resource-explorer-2.us-gov-east-1.api.aws", + Hostname: "resiliencehub-fips.us-gov-east-1.amazonaws.com", }, endpointKey{ Region: "us-gov-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, }: endpoint{ - Hostname: "resource-explorer-2.us-gov-west-1.api.aws", + Hostname: "resiliencehub-fips.us-gov-west-1.amazonaws.com", }, }, }, @@ -33648,6 +41936,46 @@ var awsusgovPartition = partition{ }: endpoint{}, }, }, + "rolesanywhere": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-gov-east-1", + }: endpoint{ + Hostname: "rolesanywhere-fips.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-gov-west-1", + }: endpoint{ + Hostname: "rolesanywhere-fips.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "rolesanywhere-fips.us-gov-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "rolesanywhere-fips.us-gov-west-1.amazonaws.com", + }, + }, + }, "route53": service{ PartitionEndpoint: "aws-us-gov-global", IsRegionalized: boxedFalse, @@ -33685,9 +42013,35 @@ var awsusgovPartition = partition{ endpointKey{ Region: "us-gov-east-1", }: endpoint{}, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "route53resolver.us-gov-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-gov-east-1-fips", + }: endpoint{ + Hostname: "route53resolver.us-gov-east-1.amazonaws.com", + + Deprecated: boxedTrue, + }, endpointKey{ Region: "us-gov-west-1", }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "route53resolver.us-gov-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-gov-west-1-fips", + }: endpoint{ + Hostname: "route53resolver.us-gov-west-1.amazonaws.com", + + Deprecated: boxedTrue, + }, }, }, "runtime.lex": service{ @@ -33737,6 +42091,9 @@ var awsusgovPartition = partition{ }, }, Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, endpointKey{ Region: "us-gov-west-1", }: endpoint{}, @@ -33979,17 +42336,33 @@ var awsusgovPartition = partition{ endpointKey{ Region: "us-gov-east-1", }: endpoint{}, + endpointKey{ + Region: "us-gov-east-1", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "us-gov-east-1", Variant: fipsVariant, }: endpoint{}, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant | dualStackVariant, + }: endpoint{}, endpointKey{ Region: "us-gov-west-1", }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "us-gov-west-1", Variant: fipsVariant, }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant | dualStackVariant, + }: endpoint{}, }, }, "secretsmanager": service{ @@ -33997,37 +42370,43 @@ var awsusgovPartition = partition{ endpointKey{ Region: "us-gov-east-1", }: endpoint{}, + endpointKey{ + Region: "us-gov-east-1", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "us-gov-east-1", Variant: fipsVariant, - }: endpoint{ - Hostname: "secretsmanager-fips.us-gov-east-1.amazonaws.com", - }, + }: endpoint{}, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant | dualStackVariant, + }: endpoint{}, endpointKey{ Region: "us-gov-east-1-fips", }: endpoint{ - Hostname: "secretsmanager-fips.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, + Deprecated: boxedTrue, }, endpointKey{ Region: "us-gov-west-1", }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "us-gov-west-1", Variant: fipsVariant, - }: endpoint{ - Hostname: "secretsmanager-fips.us-gov-west-1.amazonaws.com", - }, + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant | dualStackVariant, + }: endpoint{}, endpointKey{ Region: "us-gov-west-1-fips", }: endpoint{ - Hostname: "secretsmanager-fips.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, + Deprecated: boxedTrue, }, }, @@ -34081,21 +42460,45 @@ var awsusgovPartition = partition{ Endpoints: serviceEndpoints{ endpointKey{ Region: "us-gov-east-1", + }: endpoint{ + Protocols: []string{"https"}, + }, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, }: endpoint{ Hostname: "serverlessrepo.us-gov-east-1.amazonaws.com", Protocols: []string{"https"}, + }, + endpointKey{ + Region: "us-gov-east-1-fips", + }: endpoint{ + Hostname: "serverlessrepo.us-gov-east-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-east-1", }, + Deprecated: boxedTrue, }, endpointKey{ Region: "us-gov-west-1", + }: endpoint{ + Protocols: []string{"https"}, + }, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, }: endpoint{ Hostname: "serverlessrepo.us-gov-west-1.amazonaws.com", Protocols: []string{"https"}, + }, + endpointKey{ + Region: "us-gov-west-1-fips", + }: endpoint{ + Hostname: "serverlessrepo.us-gov-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-west-1", }, + Deprecated: boxedTrue, }, }, }, @@ -34193,7 +42596,7 @@ var awsusgovPartition = partition{ Region: "us-gov-east-1", Variant: dualStackVariant, }: endpoint{ - Hostname: "servicediscovery.us-gov-east-1.amazonaws.com", + Hostname: "servicediscovery.us-gov-east-1.api.aws", }, endpointKey{ Region: "us-gov-east-1", @@ -34201,6 +42604,12 @@ var awsusgovPartition = partition{ }: endpoint{ Hostname: "servicediscovery-fips.us-gov-east-1.amazonaws.com", }, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant | dualStackVariant, + }: endpoint{ + Hostname: "servicediscovery-fips.us-gov-east-1.api.aws", + }, endpointKey{ Region: "us-gov-east-1-fips", }: endpoint{ @@ -34217,7 +42626,7 @@ var awsusgovPartition = partition{ Region: "us-gov-west-1", Variant: dualStackVariant, }: endpoint{ - Hostname: "servicediscovery.us-gov-west-1.amazonaws.com", + Hostname: "servicediscovery.us-gov-west-1.api.aws", }, endpointKey{ Region: "us-gov-west-1", @@ -34225,6 +42634,12 @@ var awsusgovPartition = partition{ }: endpoint{ Hostname: "servicediscovery-fips.us-gov-west-1.amazonaws.com", }, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant | dualStackVariant, + }: endpoint{ + Hostname: "servicediscovery-fips.us-gov-west-1.api.aws", + }, endpointKey{ Region: "us-gov-west-1-fips", }: endpoint{ @@ -34287,12 +42702,22 @@ var awsusgovPartition = partition{ }, }, }, - "sms": service{ + "signer": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + }, + }, + "simspaceweaver": service{ Endpoints: serviceEndpoints{ endpointKey{ Region: "fips-us-gov-east-1", }: endpoint{ - Hostname: "sms-fips.us-gov-east-1.amazonaws.com", + Hostname: "simspaceweaver.us-gov-east-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-east-1", }, @@ -34301,7 +42726,7 @@ var awsusgovPartition = partition{ endpointKey{ Region: "fips-us-gov-west-1", }: endpoint{ - Hostname: "sms-fips.us-gov-west-1.amazonaws.com", + Hostname: "simspaceweaver.us-gov-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-west-1", }, @@ -34314,7 +42739,29 @@ var awsusgovPartition = partition{ Region: "us-gov-east-1", Variant: fipsVariant, }: endpoint{ - Hostname: "sms-fips.us-gov-east-1.amazonaws.com", + Hostname: "simspaceweaver.us-gov-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "simspaceweaver.us-gov-west-1.amazonaws.com", + }, + }, + }, + "sms": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-gov-west-1", + }: endpoint{ + Hostname: "sms-fips.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + Deprecated: boxedTrue, }, endpointKey{ Region: "us-gov-west-1", @@ -34329,6 +42776,15 @@ var awsusgovPartition = partition{ }, "sms-voice": service{ Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-gov-east-1", + }: endpoint{ + Hostname: "sms-voice-fips.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "fips-us-gov-west-1", }: endpoint{ @@ -34338,6 +42794,15 @@ var awsusgovPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "sms-voice-fips.us-gov-east-1.amazonaws.com", + }, endpointKey{ Region: "us-gov-west-1", }: endpoint{}, @@ -34421,14 +42886,14 @@ var awsusgovPartition = partition{ endpointKey{ Region: "us-gov-west-1", }: endpoint{ - Protocols: []string{"http", "https"}, + Protocols: []string{"https"}, }, endpointKey{ Region: "us-gov-west-1", Variant: fipsVariant, }: endpoint{ Hostname: "sns.us-gov-west-1.amazonaws.com", - Protocols: []string{"http", "https"}, + Protocols: []string{"https"}, }, }, }, @@ -34520,6 +42985,24 @@ var awsusgovPartition = partition{ Region: "us-gov-east-1", }, }, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "sso.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + }, + endpointKey{ + Region: "us-gov-east-1-fips", + }: endpoint{ + Hostname: "sso.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "us-gov-west-1", }: endpoint{ @@ -34528,6 +43011,24 @@ var awsusgovPartition = partition{ Region: "us-gov-west-1", }, }, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "sso.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, + endpointKey{ + Region: "us-gov-west-1-fips", + }: endpoint{ + Hostname: "sso.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + Deprecated: boxedTrue, + }, }, }, "states": service{ @@ -34772,6 +43273,24 @@ var awsusgovPartition = partition{ Region: "us-gov-east-1", }, }, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "swf.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + }, + endpointKey{ + Region: "us-gov-east-1-fips", + }: endpoint{ + Hostname: "swf.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "us-gov-west-1", }: endpoint{ @@ -34780,6 +43299,24 @@ var awsusgovPartition = partition{ Region: "us-gov-west-1", }, }, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "swf.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, + endpointKey{ + Region: "us-gov-west-1-fips", + }: endpoint{ + Hostname: "swf.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + Deprecated: boxedTrue, + }, }, }, "synthetics": service{ @@ -35124,6 +43661,15 @@ var awsusgovPartition = partition{ }, "workspaces": service{ Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-gov-east-1", + }: endpoint{ + Hostname: "workspaces-fips.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "fips-us-gov-west-1", }: endpoint{ @@ -35133,6 +43679,15 @@ var awsusgovPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "workspaces-fips.us-gov-east-1.amazonaws.com", + }, endpointKey{ Region: "us-gov-west-1", }: endpoint{}, @@ -35246,6 +43801,20 @@ var awsisoPartition = partition{ }, }, }, + "api.pricing": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + CredentialScope: credentialScope{ + Service: "pricing", + }, + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-iso-east-1", + }: endpoint{}, + }, + }, "api.sagemaker": service{ Endpoints: serviceEndpoints{ endpointKey{ @@ -35295,6 +43864,23 @@ var awsisoPartition = partition{ }: endpoint{}, }, }, + "arc-zonal-shift": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-iso-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-iso-west-1", + }: endpoint{}, + }, + }, + "athena": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-iso-east-1", + }: endpoint{}, + }, + }, "autoscaling": service{ Endpoints: serviceEndpoints{ endpointKey{ @@ -35307,6 +43893,16 @@ var awsisoPartition = partition{ }: endpoint{}, }, }, + "cloudcontrolapi": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-iso-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-iso-west-1", + }: endpoint{}, + }, + }, "cloudformation": service{ Endpoints: serviceEndpoints{ endpointKey{ @@ -35366,6 +43962,46 @@ var awsisoPartition = partition{ }: endpoint{}, }, }, + "datasync": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-iso-east-1", + }: endpoint{ + Hostname: "datasync-fips.us-iso-east-1.c2s.ic.gov", + CredentialScope: credentialScope{ + Region: "us-iso-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-iso-west-1", + }: endpoint{ + Hostname: "datasync-fips.us-iso-west-1.c2s.ic.gov", + CredentialScope: credentialScope{ + Region: "us-iso-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-iso-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-iso-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "datasync-fips.us-iso-east-1.c2s.ic.gov", + }, + endpointKey{ + Region: "us-iso-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-iso-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "datasync-fips.us-iso-west-1.c2s.ic.gov", + }, + }, + }, "directconnect": service{ Endpoints: serviceEndpoints{ endpointKey{ @@ -35376,6 +44012,16 @@ var awsisoPartition = partition{ }: endpoint{}, }, }, + "dlm": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-iso-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-iso-west-1", + }: endpoint{}, + }, + }, "dms": service{ Defaults: endpointDefaults{ defaultKey{}: endpoint{}, @@ -35478,6 +44124,9 @@ var awsisoPartition = partition{ endpointKey{ Region: "us-iso-east-1", }: endpoint{}, + endpointKey{ + Region: "us-iso-west-1", + }: endpoint{}, }, }, "ec2": service{ @@ -35510,6 +44159,9 @@ var awsisoPartition = partition{ endpointKey{ Region: "us-iso-east-1", }: endpoint{}, + endpointKey{ + Region: "us-iso-west-1", + }: endpoint{}, }, }, "elasticache": service{ @@ -35576,14 +44228,45 @@ var awsisoPartition = partition{ }, "elasticmapreduce": service{ Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-iso-east-1", + }: endpoint{ + Hostname: "elasticmapreduce.us-iso-east-1.c2s.ic.gov", + CredentialScope: credentialScope{ + Region: "us-iso-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-iso-west-1", + }: endpoint{ + Hostname: "elasticmapreduce.us-iso-west-1.c2s.ic.gov", + CredentialScope: credentialScope{ + Region: "us-iso-west-1", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "us-iso-east-1", }: endpoint{ Protocols: []string{"https"}, }, + endpointKey{ + Region: "us-iso-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "elasticmapreduce.us-iso-east-1.c2s.ic.gov", + Protocols: []string{"https"}, + }, endpointKey{ Region: "us-iso-west-1", }: endpoint{}, + endpointKey{ + Region: "us-iso-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "elasticmapreduce.us-iso-west-1.c2s.ic.gov", + }, }, }, "es": service{ @@ -35635,6 +44318,19 @@ var awsisoPartition = partition{ }: endpoint{}, }, }, + "guardduty": service{ + IsRegionalized: boxedTrue, + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + Protocols: []string{"https"}, + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-iso-east-1", + }: endpoint{}, + }, + }, "health": service{ Endpoints: serviceEndpoints{ endpointKey{ @@ -35730,6 +44426,9 @@ var awsisoPartition = partition{ endpointKey{ Region: "us-iso-east-1", }: endpoint{}, + endpointKey{ + Region: "us-iso-west-1", + }: endpoint{}, }, }, "logs": service{ @@ -35782,25 +44481,219 @@ var awsisoPartition = partition{ }, "ram": service{ Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-iso-east-1", + }: endpoint{ + Hostname: "ram-fips.us-iso-east-1.c2s.ic.gov", + CredentialScope: credentialScope{ + Region: "us-iso-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-iso-west-1", + }: endpoint{ + Hostname: "ram-fips.us-iso-west-1.c2s.ic.gov", + CredentialScope: credentialScope{ + Region: "us-iso-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-iso-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-iso-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "ram-fips.us-iso-east-1.c2s.ic.gov", + }, + endpointKey{ + Region: "us-iso-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-iso-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "ram-fips.us-iso-west-1.c2s.ic.gov", + }, + }, + }, + "rbin": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-iso-east-1", + }: endpoint{ + Hostname: "rbin-fips.us-iso-east-1.c2s.ic.gov", + CredentialScope: credentialScope{ + Region: "us-iso-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-iso-west-1", + }: endpoint{ + Hostname: "rbin-fips.us-iso-west-1.c2s.ic.gov", + CredentialScope: credentialScope{ + Region: "us-iso-west-1", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "us-iso-east-1", }: endpoint{}, + endpointKey{ + Region: "us-iso-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "rbin-fips.us-iso-east-1.c2s.ic.gov", + }, endpointKey{ Region: "us-iso-west-1", }: endpoint{}, + endpointKey{ + Region: "us-iso-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "rbin-fips.us-iso-west-1.c2s.ic.gov", + }, }, }, "rds": service{ Endpoints: serviceEndpoints{ + endpointKey{ + Region: "rds-fips.us-iso-east-1", + }: endpoint{ + Hostname: "rds-fips.us-iso-east-1.c2s.ic.gov", + CredentialScope: credentialScope{ + Region: "us-iso-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "rds-fips.us-iso-west-1", + }: endpoint{ + Hostname: "rds-fips.us-iso-west-1.c2s.ic.gov", + CredentialScope: credentialScope{ + Region: "us-iso-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "rds.us-iso-east-1", + }: endpoint{ + CredentialScope: credentialScope{ + Region: "us-iso-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "rds.us-iso-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "rds-fips.us-iso-east-1.c2s.ic.gov", + CredentialScope: credentialScope{ + Region: "us-iso-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "rds.us-iso-west-1", + }: endpoint{ + CredentialScope: credentialScope{ + Region: "us-iso-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "rds.us-iso-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "rds-fips.us-iso-west-1.c2s.ic.gov", + CredentialScope: credentialScope{ + Region: "us-iso-west-1", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "us-iso-east-1", }: endpoint{}, + endpointKey{ + Region: "us-iso-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "rds-fips.us-iso-east-1.c2s.ic.gov", + }, + endpointKey{ + Region: "us-iso-east-1-fips", + }: endpoint{ + Hostname: "rds-fips.us-iso-east-1.c2s.ic.gov", + CredentialScope: credentialScope{ + Region: "us-iso-east-1", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "us-iso-west-1", }: endpoint{}, + endpointKey{ + Region: "us-iso-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "rds-fips.us-iso-west-1.c2s.ic.gov", + }, + endpointKey{ + Region: "us-iso-west-1-fips", + }: endpoint{ + Hostname: "rds-fips.us-iso-west-1.c2s.ic.gov", + CredentialScope: credentialScope{ + Region: "us-iso-west-1", + }, + Deprecated: boxedTrue, + }, }, }, "redshift": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-iso-east-1", + }: endpoint{ + Hostname: "redshift-fips.us-iso-east-1.c2s.ic.gov", + CredentialScope: credentialScope{ + Region: "us-iso-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-iso-west-1", + }: endpoint{ + Hostname: "redshift-fips.us-iso-west-1.c2s.ic.gov", + CredentialScope: credentialScope{ + Region: "us-iso-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-iso-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-iso-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "redshift-fips.us-iso-east-1.c2s.ic.gov", + }, + endpointKey{ + Region: "us-iso-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-iso-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "redshift-fips.us-iso-west-1.c2s.ic.gov", + }, + }, + }, + "resource-groups": service{ Endpoints: serviceEndpoints{ endpointKey{ Region: "us-iso-east-1", @@ -35829,6 +44722,9 @@ var awsisoPartition = partition{ endpointKey{ Region: "us-iso-east-1", }: endpoint{}, + endpointKey{ + Region: "us-iso-west-1", + }: endpoint{}, }, }, "runtime.sagemaker": service{ @@ -35845,15 +44741,61 @@ var awsisoPartition = partition{ }, }, Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-iso-east-1", + }: endpoint{ + Hostname: "s3-fips.us-iso-east-1.c2s.ic.gov", + CredentialScope: credentialScope{ + Region: "us-iso-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-iso-west-1", + }: endpoint{ + Hostname: "s3-fips.us-iso-west-1.c2s.ic.gov", + CredentialScope: credentialScope{ + Region: "us-iso-west-1", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "us-iso-east-1", }: endpoint{ Protocols: []string{"http", "https"}, SignatureVersions: []string{"s3v4"}, }, + endpointKey{ + Region: "us-iso-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "s3-fips.us-iso-east-1.c2s.ic.gov", + Protocols: []string{"http", "https"}, + SignatureVersions: []string{"s3v4"}, + }, + endpointKey{ + Region: "us-iso-east-1", + Variant: fipsVariant | dualStackVariant, + }: endpoint{ + Hostname: "s3-fips.dualstack.us-iso-east-1.c2s.ic.gov", + Protocols: []string{"http", "https"}, + SignatureVersions: []string{"s3v4"}, + }, endpointKey{ Region: "us-iso-west-1", }: endpoint{}, + endpointKey{ + Region: "us-iso-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "s3-fips.us-iso-west-1.c2s.ic.gov", + }, + endpointKey{ + Region: "us-iso-west-1", + Variant: fipsVariant | dualStackVariant, + }: endpoint{ + Hostname: "s3-fips.dualstack.us-iso-west-1.c2s.ic.gov", + }, }, }, "secretsmanager": service{ @@ -35861,6 +44803,9 @@ var awsisoPartition = partition{ endpointKey{ Region: "us-iso-east-1", }: endpoint{}, + endpointKey{ + Region: "us-iso-west-1", + }: endpoint{}, }, }, "snowball": service{ @@ -35975,6 +44920,16 @@ var awsisoPartition = partition{ }, }, "tagging": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-iso-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-iso-west-1", + }: endpoint{}, + }, + }, + "textract": service{ Endpoints: serviceEndpoints{ endpointKey{ Region: "us-iso-east-1", @@ -36073,6 +45028,27 @@ var awsisobPartition = partition{ }, }, }, + "api.pricing": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + CredentialScope: credentialScope{ + Service: "pricing", + }, + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-isob-east-1", + }: endpoint{}, + }, + }, + "api.sagemaker": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-isob-east-1", + }: endpoint{}, + }, + }, "appconfig": service{ Endpoints: serviceEndpoints{ endpointKey{ @@ -36099,6 +45075,13 @@ var awsisobPartition = partition{ }: endpoint{}, }, }, + "arc-zonal-shift": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-isob-east-1", + }: endpoint{}, + }, + }, "autoscaling": service{ Defaults: endpointDefaults{ defaultKey{}: endpoint{ @@ -36111,6 +45094,13 @@ var awsisobPartition = partition{ }: endpoint{}, }, }, + "cloudcontrolapi": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-isob-east-1", + }: endpoint{}, + }, + }, "cloudformation": service{ Endpoints: serviceEndpoints{ endpointKey{ @@ -36146,6 +45136,13 @@ var awsisobPartition = partition{ }: endpoint{}, }, }, + "dlm": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-isob-east-1", + }: endpoint{}, + }, + }, "dms": service{ Defaults: endpointDefaults{ defaultKey{}: endpoint{}, @@ -36300,9 +45297,24 @@ var awsisobPartition = partition{ }, "elasticmapreduce": service{ Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-isob-east-1", + }: endpoint{ + Hostname: "elasticmapreduce.us-isob-east-1.sc2s.sgov.gov", + CredentialScope: credentialScope{ + Region: "us-isob-east-1", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "us-isob-east-1", }: endpoint{}, + endpointKey{ + Region: "us-isob-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "elasticmapreduce.us-isob-east-1.sc2s.sgov.gov", + }, }, }, "es": service{ @@ -36434,25 +45446,126 @@ var awsisobPartition = partition{ }: endpoint{}, }, }, + "outposts": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-isob-east-1", + }: endpoint{}, + }, + }, "ram": service{ Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-isob-east-1", + }: endpoint{ + Hostname: "ram-fips.us-isob-east-1.sc2s.sgov.gov", + CredentialScope: credentialScope{ + Region: "us-isob-east-1", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "us-isob-east-1", }: endpoint{}, + endpointKey{ + Region: "us-isob-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "ram-fips.us-isob-east-1.sc2s.sgov.gov", + }, + }, + }, + "rbin": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-isob-east-1", + }: endpoint{ + Hostname: "rbin-fips.us-isob-east-1.sc2s.sgov.gov", + CredentialScope: credentialScope{ + Region: "us-isob-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-isob-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-isob-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "rbin-fips.us-isob-east-1.sc2s.sgov.gov", + }, }, }, "rds": service{ Endpoints: serviceEndpoints{ + endpointKey{ + Region: "rds-fips.us-isob-east-1", + }: endpoint{ + Hostname: "rds-fips.us-isob-east-1.sc2s.sgov.gov", + CredentialScope: credentialScope{ + Region: "us-isob-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "rds.us-isob-east-1", + }: endpoint{ + CredentialScope: credentialScope{ + Region: "us-isob-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "rds.us-isob-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "rds-fips.us-isob-east-1.sc2s.sgov.gov", + CredentialScope: credentialScope{ + Region: "us-isob-east-1", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "us-isob-east-1", }: endpoint{}, + endpointKey{ + Region: "us-isob-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "rds-fips.us-isob-east-1.sc2s.sgov.gov", + }, + endpointKey{ + Region: "us-isob-east-1-fips", + }: endpoint{ + Hostname: "rds-fips.us-isob-east-1.sc2s.sgov.gov", + CredentialScope: credentialScope{ + Region: "us-isob-east-1", + }, + Deprecated: boxedTrue, + }, }, }, "redshift": service{ Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-isob-east-1", + }: endpoint{ + Hostname: "redshift-fips.us-isob-east-1.sc2s.sgov.gov", + CredentialScope: credentialScope{ + Region: "us-isob-east-1", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "us-isob-east-1", }: endpoint{}, + endpointKey{ + Region: "us-isob-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "redshift-fips.us-isob-east-1.sc2s.sgov.gov", + }, }, }, "resource-groups": service{ @@ -36483,6 +45596,13 @@ var awsisobPartition = partition{ }: endpoint{}, }, }, + "runtime.sagemaker": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-isob-east-1", + }: endpoint{}, + }, + }, "s3": service{ Defaults: endpointDefaults{ defaultKey{}: endpoint{ @@ -36490,6 +45610,34 @@ var awsisobPartition = partition{ SignatureVersions: []string{"s3v4"}, }, }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-isob-east-1", + }: endpoint{ + Hostname: "s3-fips.us-isob-east-1.sc2s.sgov.gov", + CredentialScope: credentialScope{ + Region: "us-isob-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-isob-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-isob-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "s3-fips.us-isob-east-1.sc2s.sgov.gov", + }, + endpointKey{ + Region: "us-isob-east-1", + Variant: fipsVariant | dualStackVariant, + }: endpoint{ + Hostname: "s3-fips.dualstack.us-isob-east-1.sc2s.sgov.gov", + }, + }, + }, + "secretsmanager": service{ Endpoints: serviceEndpoints{ endpointKey{ Region: "us-isob-east-1", @@ -36542,6 +45690,37 @@ var awsisobPartition = partition{ }: endpoint{}, }, }, + "storagegateway": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips", + }: endpoint{ + Hostname: "storagegateway-fips.us-isob-east-1.sc2s.sgov.gov", + CredentialScope: credentialScope{ + Region: "us-isob-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-isob-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-isob-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "storagegateway-fips.us-isob-east-1.sc2s.sgov.gov", + }, + endpointKey{ + Region: "us-isob-east-1-fips", + }: endpoint{ + Hostname: "storagegateway-fips.us-isob-east-1.sc2s.sgov.gov", + CredentialScope: credentialScope{ + Region: "us-isob-east-1", + }, + Deprecated: boxedTrue, + }, + }, + }, "streams.dynamodb": service{ Defaults: endpointDefaults{ defaultKey{}: endpoint{ @@ -36607,3 +45786,71 @@ var awsisobPartition = partition{ }, }, } + +// AwsIsoEPartition returns the Resolver for AWS ISOE (Europe). +func AwsIsoEPartition() Partition { + return awsisoePartition.Partition() +} + +var awsisoePartition = partition{ + ID: "aws-iso-e", + Name: "AWS ISOE (Europe)", + DNSSuffix: "cloud.adc-e.uk", + RegionRegex: regionRegex{ + Regexp: func() *regexp.Regexp { + reg, _ := regexp.Compile("^eu\\-isoe\\-\\w+\\-\\d+$") + return reg + }(), + }, + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + Hostname: "{service}.{region}.{dnsSuffix}", + Protocols: []string{"https"}, + SignatureVersions: []string{"v4"}, + }, + defaultKey{ + Variant: fipsVariant, + }: endpoint{ + Hostname: "{service}-fips.{region}.{dnsSuffix}", + DNSSuffix: "cloud.adc-e.uk", + Protocols: []string{"https"}, + SignatureVersions: []string{"v4"}, + }, + }, + Regions: regions{}, + Services: services{}, +} + +// AwsIsoFPartition returns the Resolver for AWS ISOF. +func AwsIsoFPartition() Partition { + return awsisofPartition.Partition() +} + +var awsisofPartition = partition{ + ID: "aws-iso-f", + Name: "AWS ISOF", + DNSSuffix: "csp.hci.ic.gov", + RegionRegex: regionRegex{ + Regexp: func() *regexp.Regexp { + reg, _ := regexp.Compile("^us\\-isof\\-\\w+\\-\\d+$") + return reg + }(), + }, + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + Hostname: "{service}.{region}.{dnsSuffix}", + Protocols: []string{"https"}, + SignatureVersions: []string{"v4"}, + }, + defaultKey{ + Variant: fipsVariant, + }: endpoint{ + Hostname: "{service}-fips.{region}.{dnsSuffix}", + DNSSuffix: "csp.hci.ic.gov", + Protocols: []string{"https"}, + SignatureVersions: []string{"v4"}, + }, + }, + Regions: regions{}, + Services: services{}, +} diff --git a/agent/vendor/github.com/aws/aws-sdk-go/aws/session/credentials.go b/agent/vendor/github.com/aws/aws-sdk-go/aws/session/credentials.go index 1d3f4c3adc3..ea8e3537658 100644 --- a/agent/vendor/github.com/aws/aws-sdk-go/aws/session/credentials.go +++ b/agent/vendor/github.com/aws/aws-sdk-go/aws/session/credentials.go @@ -14,6 +14,7 @@ import ( "github.com/aws/aws-sdk-go/aws/defaults" "github.com/aws/aws-sdk-go/aws/request" "github.com/aws/aws-sdk-go/internal/shareddefaults" + "github.com/aws/aws-sdk-go/service/ssooidc" "github.com/aws/aws-sdk-go/service/sts" ) @@ -23,6 +24,10 @@ type CredentialsProviderOptions struct { // WebIdentityRoleProviderOptions configures a WebIdentityRoleProvider, // such as setting its ExpiryWindow. WebIdentityRoleProviderOptions func(*stscreds.WebIdentityRoleProvider) + + // ProcessProviderOptions configures a ProcessProvider, + // such as setting its Timeout. + ProcessProviderOptions func(*processcreds.ProcessProvider) } func resolveCredentials(cfg *aws.Config, @@ -33,7 +38,7 @@ func resolveCredentials(cfg *aws.Config, switch { case len(sessOpts.Profile) != 0: - // User explicitly provided an Profile in the session's configuration + // User explicitly provided a Profile in the session's configuration // so load that profile from shared config first. // Github(aws/aws-sdk-go#2727) return resolveCredsFromProfile(cfg, envCfg, sharedCfg, handlers, sessOpts) @@ -134,7 +139,11 @@ func resolveCredsFromProfile(cfg *aws.Config, case len(sharedCfg.CredentialProcess) != 0: // Get credentials from CredentialProcess - creds = processcreds.NewCredentials(sharedCfg.CredentialProcess) + var optFns []func(*processcreds.ProcessProvider) + if sessOpts.CredentialsProviderOptions != nil && sessOpts.CredentialsProviderOptions.ProcessProviderOptions != nil { + optFns = append(optFns, sessOpts.CredentialsProviderOptions.ProcessProviderOptions) + } + creds = processcreds.NewCredentials(sharedCfg.CredentialProcess, optFns...) default: // Fallback to default credentials provider, include mock errors for @@ -173,8 +182,28 @@ func resolveSSOCredentials(cfg *aws.Config, sharedCfg sharedConfig, handlers req return nil, err } + var optFns []func(provider *ssocreds.Provider) cfgCopy := cfg.Copy() - cfgCopy.Region = &sharedCfg.SSORegion + + if sharedCfg.SSOSession != nil { + cfgCopy.Region = &sharedCfg.SSOSession.SSORegion + cachedPath, err := ssocreds.StandardCachedTokenFilepath(sharedCfg.SSOSession.Name) + if err != nil { + return nil, err + } + // create oidcClient with AnonymousCredentials to avoid recursively resolving credentials + mySession := Must(NewSession(&aws.Config{ + Credentials: credentials.AnonymousCredentials, + })) + oidcClient := ssooidc.New(mySession, cfgCopy) + tokenProvider := ssocreds.NewSSOTokenProvider(oidcClient, cachedPath) + optFns = append(optFns, func(p *ssocreds.Provider) { + p.TokenProvider = tokenProvider + p.CachedTokenFilepath = cachedPath + }) + } else { + cfgCopy.Region = &sharedCfg.SSORegion + } return ssocreds.NewCredentials( &Session{ @@ -184,6 +213,7 @@ func resolveSSOCredentials(cfg *aws.Config, sharedCfg sharedConfig, handlers req sharedCfg.SSOAccountID, sharedCfg.SSORoleName, sharedCfg.SSOStartURL, + optFns..., ), nil } diff --git a/agent/vendor/github.com/aws/aws-sdk-go/aws/session/env_config.go b/agent/vendor/github.com/aws/aws-sdk-go/aws/session/env_config.go index d6fa24776cf..93bb5de6470 100644 --- a/agent/vendor/github.com/aws/aws-sdk-go/aws/session/env_config.go +++ b/agent/vendor/github.com/aws/aws-sdk-go/aws/session/env_config.go @@ -171,6 +171,12 @@ type envConfig struct { // AWS_EC2_METADATA_SERVICE_ENDPOINT_MODE=IPv6 EC2IMDSEndpointMode endpoints.EC2IMDSEndpointModeState + // Specifies that IMDS clients should not fallback to IMDSv1 if token + // requests fail. + // + // AWS_EC2_METADATA_V1_DISABLED=true + EC2IMDSv1Disabled *bool + // Specifies that SDK clients must resolve a dual-stack endpoint for // services. // @@ -251,6 +257,9 @@ var ( ec2IMDSEndpointModeEnvKey = []string{ "AWS_EC2_METADATA_SERVICE_ENDPOINT_MODE", } + ec2MetadataV1DisabledEnvKey = []string{ + "AWS_EC2_METADATA_V1_DISABLED", + } useCABundleKey = []string{ "AWS_CA_BUNDLE", } @@ -393,6 +402,7 @@ func envConfigLoad(enableSharedConfig bool) (envConfig, error) { if err := setEC2IMDSEndpointMode(&cfg.EC2IMDSEndpointMode, ec2IMDSEndpointModeEnvKey); err != nil { return envConfig{}, err } + setBoolPtrFromEnvVal(&cfg.EC2IMDSv1Disabled, ec2MetadataV1DisabledEnvKey) if err := setUseDualStackEndpointFromEnvVal(&cfg.UseDualStackEndpoint, awsUseDualStackEndpoint); err != nil { return cfg, err @@ -414,6 +424,24 @@ func setFromEnvVal(dst *string, keys []string) { } } +func setBoolPtrFromEnvVal(dst **bool, keys []string) { + for _, k := range keys { + value := os.Getenv(k) + if len(value) == 0 { + continue + } + + switch { + case strings.EqualFold(value, "false"): + *dst = new(bool) + **dst = false + case strings.EqualFold(value, "true"): + *dst = new(bool) + **dst = true + } + } +} + func setEC2IMDSEndpointMode(mode *endpoints.EC2IMDSEndpointModeState, keys []string) error { for _, k := range keys { value := os.Getenv(k) diff --git a/agent/vendor/github.com/aws/aws-sdk-go/aws/session/session.go b/agent/vendor/github.com/aws/aws-sdk-go/aws/session/session.go index 4293dbe10bd..3c88dee526d 100644 --- a/agent/vendor/github.com/aws/aws-sdk-go/aws/session/session.go +++ b/agent/vendor/github.com/aws/aws-sdk-go/aws/session/session.go @@ -37,7 +37,7 @@ const ( // ErrSharedConfigSourceCollision will be returned if a section contains both // source_profile and credential_source -var ErrSharedConfigSourceCollision = awserr.New(ErrCodeSharedConfig, "only one credential type may be specified per profile: source profile, credential source, credential process, web identity token, or sso", nil) +var ErrSharedConfigSourceCollision = awserr.New(ErrCodeSharedConfig, "only one credential type may be specified per profile: source profile, credential source, credential process, web identity token", nil) // ErrSharedConfigECSContainerEnvVarEmpty will be returned if the environment // variables are empty and Environment was set as the credential source @@ -174,7 +174,6 @@ const ( // Options provides the means to control how a Session is created and what // configuration values will be loaded. -// type Options struct { // Provides config values for the SDK to use when creating service clients // and making API requests to services. Any value set in with this field @@ -224,7 +223,7 @@ type Options struct { // from stdin for the MFA token code. // // This field is only used if the shared configuration is enabled, and - // the config enables assume role wit MFA via the mfa_serial field. + // the config enables assume role with MFA via the mfa_serial field. AssumeRoleTokenProvider func() (string, error) // When the SDK's shared config is configured to assume a role this option @@ -322,24 +321,24 @@ type Options struct { // credentials file. Enabling the Shared Config will also allow the Session // to be built with retrieving credentials with AssumeRole set in the config. // -// // Equivalent to session.New -// sess := session.Must(session.NewSessionWithOptions(session.Options{})) +// // Equivalent to session.New +// sess := session.Must(session.NewSessionWithOptions(session.Options{})) // -// // Specify profile to load for the session's config -// sess := session.Must(session.NewSessionWithOptions(session.Options{ -// Profile: "profile_name", -// })) +// // Specify profile to load for the session's config +// sess := session.Must(session.NewSessionWithOptions(session.Options{ +// Profile: "profile_name", +// })) // -// // Specify profile for config and region for requests -// sess := session.Must(session.NewSessionWithOptions(session.Options{ -// Config: aws.Config{Region: aws.String("us-east-1")}, -// Profile: "profile_name", -// })) +// // Specify profile for config and region for requests +// sess := session.Must(session.NewSessionWithOptions(session.Options{ +// Config: aws.Config{Region: aws.String("us-east-1")}, +// Profile: "profile_name", +// })) // -// // Force enable Shared Config support -// sess := session.Must(session.NewSessionWithOptions(session.Options{ -// SharedConfigState: session.SharedConfigEnable, -// })) +// // Force enable Shared Config support +// sess := session.Must(session.NewSessionWithOptions(session.Options{ +// SharedConfigState: session.SharedConfigEnable, +// })) func NewSessionWithOptions(opts Options) (*Session, error) { var envCfg envConfig var err error @@ -375,7 +374,7 @@ func NewSessionWithOptions(opts Options) (*Session, error) { // This helper is intended to be used in variable initialization to load the // Session and configuration at startup. Such as: // -// var sess = session.Must(session.NewSession()) +// var sess = session.Must(session.NewSession()) func Must(sess *Session, err error) *Session { if err != nil { panic(err) @@ -780,14 +779,12 @@ func mergeConfigSrcs(cfg, userCfg *aws.Config, cfg.EndpointResolver = wrapEC2IMDSEndpoint(cfg.EndpointResolver, ec2IMDSEndpoint, endpointMode) } - // Configure credentials if not already set by the user when creating the - // Session. - if cfg.Credentials == credentials.AnonymousCredentials && userCfg.Credentials == nil { - creds, err := resolveCredentials(cfg, envCfg, sharedCfg, handlers, sessOpts) - if err != nil { - return err - } - cfg.Credentials = creds + cfg.EC2MetadataEnableFallback = userCfg.EC2MetadataEnableFallback + if cfg.EC2MetadataEnableFallback == nil && envCfg.EC2IMDSv1Disabled != nil { + cfg.EC2MetadataEnableFallback = aws.Bool(!*envCfg.EC2IMDSv1Disabled) + } + if cfg.EC2MetadataEnableFallback == nil && sharedCfg.EC2IMDSv1Disabled != nil { + cfg.EC2MetadataEnableFallback = aws.Bool(!*sharedCfg.EC2IMDSv1Disabled) } cfg.S3UseARNRegion = userCfg.S3UseARNRegion @@ -812,6 +809,17 @@ func mergeConfigSrcs(cfg, userCfg *aws.Config, } } + // Configure credentials if not already set by the user when creating the Session. + // Credentials are resolved last such that all _resolved_ config values are propagated to credential providers. + // ticket: P83606045 + if cfg.Credentials == credentials.AnonymousCredentials && userCfg.Credentials == nil { + creds, err := resolveCredentials(cfg, envCfg, sharedCfg, handlers, sessOpts) + if err != nil { + return err + } + cfg.Credentials = creds + } + return nil } @@ -845,8 +853,8 @@ func initHandlers(s *Session) { // and handlers. If any additional configs are provided they will be merged // on top of the Session's copied config. // -// // Create a copy of the current Session, configured for the us-west-2 region. -// sess.Copy(&aws.Config{Region: aws.String("us-west-2")}) +// // Create a copy of the current Session, configured for the us-west-2 region. +// sess.Copy(&aws.Config{Region: aws.String("us-west-2")}) func (s *Session) Copy(cfgs ...*aws.Config) *Session { newSession := &Session{ Config: s.Config.Copy(cfgs...), diff --git a/agent/vendor/github.com/aws/aws-sdk-go/aws/session/shared_config.go b/agent/vendor/github.com/aws/aws-sdk-go/aws/session/shared_config.go index 424c82b4d34..f3ce8183dd9 100644 --- a/agent/vendor/github.com/aws/aws-sdk-go/aws/session/shared_config.go +++ b/agent/vendor/github.com/aws/aws-sdk-go/aws/session/shared_config.go @@ -26,6 +26,13 @@ const ( roleSessionNameKey = `role_session_name` // optional roleDurationSecondsKey = "duration_seconds" // optional + // Prefix to be used for SSO sections. These are supposed to only exist in + // the shared config file, not the credentials file. + ssoSectionPrefix = `sso-session ` + + // AWS Single Sign-On (AWS SSO) group + ssoSessionNameKey = "sso_session" + // AWS Single Sign-On (AWS SSO) group ssoAccountIDKey = "sso_account_id" ssoRegionKey = "sso_region" @@ -73,6 +80,9 @@ const ( // EC2 IMDS Endpoint ec2MetadataServiceEndpointKey = "ec2_metadata_service_endpoint" + // ECS IMDSv1 disable fallback + ec2MetadataV1DisabledKey = "ec2_metadata_v1_disabled" + // Use DualStack Endpoint Resolution useDualStackEndpoint = "use_dualstack_endpoint" @@ -99,6 +109,10 @@ type sharedConfig struct { CredentialProcess string WebIdentityTokenFile string + // SSO session options + SSOSessionName string + SSOSession *ssoSession + SSOAccountID string SSORegion string SSORoleName string @@ -168,6 +182,12 @@ type sharedConfig struct { // ec2_metadata_service_endpoint=http://fd00:ec2::254 EC2IMDSEndpoint string + // Specifies that IMDS clients should not fallback to IMDSv1 if token + // requests fail. + // + // ec2_metadata_v1_disabled=true + EC2IMDSv1Disabled *bool + // Specifies that SDK clients must resolve a dual-stack endpoint for // services. // @@ -186,6 +206,20 @@ type sharedConfigFile struct { IniData ini.Sections } +// SSOSession provides the shared configuration parameters of the sso-session +// section. +type ssoSession struct { + Name string + SSORegion string + SSOStartURL string +} + +func (s *ssoSession) setFromIniSection(section ini.Section) { + updateString(&s.Name, section, ssoSessionNameKey) + updateString(&s.SSORegion, section, ssoRegionKey) + updateString(&s.SSOStartURL, section, ssoStartURL) +} + // loadSharedConfig retrieves the configuration from the list of files using // the profile provided. The order the files are listed will determine // precedence. Values in subsequent files will overwrite values defined in @@ -266,13 +300,13 @@ func (cfg *sharedConfig) setFromIniFiles(profiles map[string]struct{}, profile s // profile only have credential provider options. cfg.clearAssumeRoleOptions() } else { - // First time a profile has been seen, It must either be a assume role - // credentials, or SSO. Assert if the credential type requires a role ARN, - // the ARN is also set, or validate that the SSO configuration is complete. + // First time a profile has been seen. Assert if the credential type + // requires a role ARN, the ARN is also set if err := cfg.validateCredentialsConfig(profile); err != nil { return err } } + profiles[profile] = struct{}{} if err := cfg.validateCredentialType(); err != nil { @@ -308,6 +342,30 @@ func (cfg *sharedConfig) setFromIniFiles(profiles map[string]struct{}, profile s cfg.SourceProfile = srcCfg } + // If the profile contains an SSO session parameter, the session MUST exist + // as a section in the config file. Load the SSO session using the name + // provided. If the session section is not found or incomplete an error + // will be returned. + if cfg.hasSSOTokenProviderConfiguration() { + skippedFiles = 0 + for _, f := range files { + section, ok := f.IniData.GetSection(fmt.Sprintf(ssoSectionPrefix + strings.TrimSpace(cfg.SSOSessionName))) + if ok { + var ssoSession ssoSession + ssoSession.setFromIniSection(section) + ssoSession.Name = cfg.SSOSessionName + cfg.SSOSession = &ssoSession + break + } + skippedFiles++ + } + if skippedFiles == len(files) { + // If all files were skipped because the sso session section is not found, return + // the sso section not found error. + return fmt.Errorf("failed to find SSO session section, %v", cfg.SSOSessionName) + } + } + return nil } @@ -340,8 +398,15 @@ func (cfg *sharedConfig) setFromIniFile(profile string, file sharedConfigFile, e updateString(&cfg.Region, section, regionKey) updateString(&cfg.CustomCABundle, section, customCABundleKey) + // we're retaining a behavioral quirk with this field that existed before + // the removal of literal parsing for (aws-sdk-go-v2/#2276): + // - if the key is missing, the config field will not be set + // - if the key is set to a non-numeric, the config field will be set to 0 if section.Has(roleDurationSecondsKey) { - d := time.Duration(section.Int(roleDurationSecondsKey)) * time.Second + var d time.Duration + if v, ok := section.Int(roleDurationSecondsKey); ok { + d = time.Duration(v) * time.Second + } cfg.AssumeRoleDuration = &d } @@ -363,6 +428,10 @@ func (cfg *sharedConfig) setFromIniFile(profile string, file sharedConfigFile, e cfg.S3UsEast1RegionalEndpoint = sre } + // AWS Single Sign-On (AWS SSO) + // SSO session options + updateString(&cfg.SSOSessionName, section, ssoSessionNameKey) + // AWS Single Sign-On (AWS SSO) updateString(&cfg.SSOAccountID, section, ssoAccountIDKey) updateString(&cfg.SSORegion, section, ssoRegionKey) @@ -374,6 +443,7 @@ func (cfg *sharedConfig) setFromIniFile(profile string, file sharedConfigFile, e ec2MetadataServiceEndpointModeKey, file.Filename, err) } updateString(&cfg.EC2IMDSEndpoint, section, ec2MetadataServiceEndpointKey) + updateBoolPtr(&cfg.EC2IMDSv1Disabled, section, ec2MetadataV1DisabledKey) updateUseDualStackEndpoint(&cfg.UseDualStackEndpoint, section, useDualStackEndpoint) @@ -461,32 +531,20 @@ func (cfg *sharedConfig) validateCredentialType() error { } func (cfg *sharedConfig) validateSSOConfiguration() error { - if !cfg.hasSSOConfiguration() { + if cfg.hasSSOTokenProviderConfiguration() { + err := cfg.validateSSOTokenProviderConfiguration() + if err != nil { + return err + } return nil } - var missing []string - if len(cfg.SSOAccountID) == 0 { - missing = append(missing, ssoAccountIDKey) - } - - if len(cfg.SSORegion) == 0 { - missing = append(missing, ssoRegionKey) - } - - if len(cfg.SSORoleName) == 0 { - missing = append(missing, ssoRoleNameKey) - } - - if len(cfg.SSOStartURL) == 0 { - missing = append(missing, ssoStartURL) - } - - if len(missing) > 0 { - return fmt.Errorf("profile %q is configured to use SSO but is missing required configuration: %s", - cfg.Profile, strings.Join(missing, ", ")) + if cfg.hasLegacySSOConfiguration() { + err := cfg.validateLegacySSOConfiguration() + if err != nil { + return err + } } - return nil } @@ -525,15 +583,76 @@ func (cfg *sharedConfig) clearAssumeRoleOptions() { } func (cfg *sharedConfig) hasSSOConfiguration() bool { - switch { - case len(cfg.SSOAccountID) != 0: - case len(cfg.SSORegion) != 0: - case len(cfg.SSORoleName) != 0: - case len(cfg.SSOStartURL) != 0: - default: - return false + return cfg.hasSSOTokenProviderConfiguration() || cfg.hasLegacySSOConfiguration() +} + +func (c *sharedConfig) hasSSOTokenProviderConfiguration() bool { + return len(c.SSOSessionName) > 0 +} + +func (c *sharedConfig) hasLegacySSOConfiguration() bool { + return len(c.SSORegion) > 0 || len(c.SSOAccountID) > 0 || len(c.SSOStartURL) > 0 || len(c.SSORoleName) > 0 +} + +func (c *sharedConfig) validateSSOTokenProviderConfiguration() error { + var missing []string + + if len(c.SSOSessionName) == 0 { + missing = append(missing, ssoSessionNameKey) } - return true + + if c.SSOSession == nil { + missing = append(missing, ssoSectionPrefix) + } else { + if len(c.SSOSession.SSORegion) == 0 { + missing = append(missing, ssoRegionKey) + } + + if len(c.SSOSession.SSOStartURL) == 0 { + missing = append(missing, ssoStartURL) + } + } + + if len(missing) > 0 { + return fmt.Errorf("profile %q is configured to use SSO but is missing required configuration: %s", + c.Profile, strings.Join(missing, ", ")) + } + + if len(c.SSORegion) > 0 && c.SSORegion != c.SSOSession.SSORegion { + return fmt.Errorf("%s in profile %q must match %s in %s", ssoRegionKey, c.Profile, ssoRegionKey, ssoSectionPrefix) + } + + if len(c.SSOStartURL) > 0 && c.SSOStartURL != c.SSOSession.SSOStartURL { + return fmt.Errorf("%s in profile %q must match %s in %s", ssoStartURL, c.Profile, ssoStartURL, ssoSectionPrefix) + } + + return nil +} + +func (c *sharedConfig) validateLegacySSOConfiguration() error { + var missing []string + + if len(c.SSORegion) == 0 { + missing = append(missing, ssoRegionKey) + } + + if len(c.SSOStartURL) == 0 { + missing = append(missing, ssoStartURL) + } + + if len(c.SSOAccountID) == 0 { + missing = append(missing, ssoAccountIDKey) + } + + if len(c.SSORoleName) == 0 { + missing = append(missing, ssoRoleNameKey) + } + + if len(missing) > 0 { + return fmt.Errorf("profile %q is configured to use SSO but is missing required configuration: %s", + c.Profile, strings.Join(missing, ", ")) + } + return nil } func oneOrNone(bs ...bool) bool { @@ -566,7 +685,10 @@ func updateBool(dst *bool, section ini.Section, key string) { if !section.Has(key) { return } - *dst = section.Bool(key) + + // retains pre-(aws-sdk-go-v2#2276) behavior where non-bool value would resolve to false + v, _ := section.Bool(key) + *dst = v } // updateBoolPtr will only update the dst with the value in the section key, @@ -575,8 +697,11 @@ func updateBoolPtr(dst **bool, section ini.Section, key string) { if !section.Has(key) { return } + + // retains pre-(aws-sdk-go-v2#2276) behavior where non-bool value would resolve to false + v, _ := section.Bool(key) *dst = new(bool) - **dst = section.Bool(key) + **dst = v } // SharedConfigLoadError is an error for the shared config file failed to load. @@ -703,7 +828,8 @@ func updateUseDualStackEndpoint(dst *endpoints.DualStackEndpointState, section i return } - if section.Bool(key) { + // retains pre-(aws-sdk-go-v2/#2276) behavior where non-bool value would resolve to false + if v, _ := section.Bool(key); v { *dst = endpoints.DualStackEndpointStateEnabled } else { *dst = endpoints.DualStackEndpointStateDisabled @@ -719,7 +845,8 @@ func updateUseFIPSEndpoint(dst *endpoints.FIPSEndpointState, section ini.Section return } - if section.Bool(key) { + // retains pre-(aws-sdk-go-v2/#2276) behavior where non-bool value would resolve to false + if v, _ := section.Bool(key); v { *dst = endpoints.FIPSEndpointStateEnabled } else { *dst = endpoints.FIPSEndpointStateDisabled diff --git a/agent/vendor/github.com/aws/aws-sdk-go/aws/signer/v4/v4.go b/agent/vendor/github.com/aws/aws-sdk-go/aws/signer/v4/v4.go index 4d78162c034..b542df93156 100644 --- a/agent/vendor/github.com/aws/aws-sdk-go/aws/signer/v4/v4.go +++ b/agent/vendor/github.com/aws/aws-sdk-go/aws/signer/v4/v4.go @@ -3,21 +3,21 @@ // Provides request signing for request that need to be signed with // AWS V4 Signatures. // -// Standalone Signer +// # Standalone Signer // // Generally using the signer outside of the SDK should not require any additional // logic when using Go v1.5 or higher. The signer does this by taking advantage // of the URL.EscapedPath method. If your request URI requires additional escaping -// you many need to use the URL.Opaque to define what the raw URI should be sent +// you may need to use the URL.Opaque to define what the raw URI should be sent // to the service as. // // The signer will first check the URL.Opaque field, and use its value if set. // The signer does require the URL.Opaque field to be set in the form of: // -// "///" +// "///" // -// // e.g. -// "//example.com/some/path" +// // e.g. +// "//example.com/some/path" // // The leading "//" and hostname are required or the URL.Opaque escaping will // not work correctly. @@ -125,6 +125,7 @@ var requiredSignedHeaders = rules{ "X-Amz-Copy-Source-Server-Side-Encryption-Customer-Algorithm": struct{}{}, "X-Amz-Copy-Source-Server-Side-Encryption-Customer-Key": struct{}{}, "X-Amz-Copy-Source-Server-Side-Encryption-Customer-Key-Md5": struct{}{}, + "X-Amz-Expected-Bucket-Owner": struct{}{}, "X-Amz-Grant-Full-control": struct{}{}, "X-Amz-Grant-Read": struct{}{}, "X-Amz-Grant-Read-Acp": struct{}{}, @@ -135,6 +136,7 @@ var requiredSignedHeaders = rules{ "X-Amz-Request-Payer": struct{}{}, "X-Amz-Server-Side-Encryption": struct{}{}, "X-Amz-Server-Side-Encryption-Aws-Kms-Key-Id": struct{}{}, + "X-Amz-Server-Side-Encryption-Context": struct{}{}, "X-Amz-Server-Side-Encryption-Customer-Algorithm": struct{}{}, "X-Amz-Server-Side-Encryption-Customer-Key": struct{}{}, "X-Amz-Server-Side-Encryption-Customer-Key-Md5": struct{}{}, @@ -695,7 +697,8 @@ func (ctx *signingCtx) buildBodyDigest() error { includeSHA256Header := ctx.unsignedPayload || ctx.ServiceName == "s3" || ctx.ServiceName == "s3-object-lambda" || - ctx.ServiceName == "glacier" + ctx.ServiceName == "glacier" || + ctx.ServiceName == "s3-outposts" s3Presign := ctx.isPresign && (ctx.ServiceName == "s3" || diff --git a/agent/vendor/github.com/aws/aws-sdk-go/aws/version.go b/agent/vendor/github.com/aws/aws-sdk-go/aws/version.go index a59400a2b03..28f1c9a02f1 100644 --- a/agent/vendor/github.com/aws/aws-sdk-go/aws/version.go +++ b/agent/vendor/github.com/aws/aws-sdk-go/aws/version.go @@ -5,4 +5,4 @@ package aws const SDKName = "aws-sdk-go" // SDKVersion is the version of this SDK -const SDKVersion = "1.44.173" +const SDKVersion = "1.51.3" diff --git a/agent/vendor/github.com/aws/aws-sdk-go/internal/ini/literal_tokens.go b/agent/vendor/github.com/aws/aws-sdk-go/internal/ini/literal_tokens.go index 34a481afbd4..b1b686086a9 100644 --- a/agent/vendor/github.com/aws/aws-sdk-go/internal/ini/literal_tokens.go +++ b/agent/vendor/github.com/aws/aws-sdk-go/internal/ini/literal_tokens.go @@ -154,11 +154,11 @@ func (v ValueType) String() string { // ValueType enums const ( NoneType = ValueType(iota) - DecimalType - IntegerType + DecimalType // deprecated + IntegerType // deprecated StringType QuotedStringType - BoolType + BoolType // deprecated ) // Value is a union container @@ -166,9 +166,9 @@ type Value struct { Type ValueType raw []rune - integer int64 - decimal float64 - boolean bool + integer int64 // deprecated + decimal float64 // deprecated + boolean bool // deprecated str string } @@ -253,24 +253,6 @@ func newLitToken(b []rune) (Token, int, error) { } token = newToken(TokenLit, b[:n], QuotedStringType) - } else if isNumberValue(b) { - var base int - base, n, err = getNumericalValue(b) - if err != nil { - return token, 0, err - } - - value := b[:n] - vType := IntegerType - if contains(value, '.') || hasExponent(value) { - vType = DecimalType - } - token = newToken(TokenLit, value, vType) - token.base = base - } else if isBoolValue(b) { - n, err = getBoolValue(b) - - token = newToken(TokenLit, b[:n], BoolType) } else { n, err = getValue(b) token = newToken(TokenLit, b[:n], StringType) @@ -280,18 +262,33 @@ func newLitToken(b []rune) (Token, int, error) { } // IntValue returns an integer value -func (v Value) IntValue() int64 { - return v.integer +func (v Value) IntValue() (int64, bool) { + i, err := strconv.ParseInt(string(v.raw), 0, 64) + if err != nil { + return 0, false + } + return i, true } // FloatValue returns a float value -func (v Value) FloatValue() float64 { - return v.decimal +func (v Value) FloatValue() (float64, bool) { + f, err := strconv.ParseFloat(string(v.raw), 64) + if err != nil { + return 0, false + } + return f, true } // BoolValue returns a bool value -func (v Value) BoolValue() bool { - return v.boolean +func (v Value) BoolValue() (bool, bool) { + // we don't use ParseBool as it recognizes more than what we've + // historically supported + if isCaselessLitValue(runesTrue, v.raw) { + return true, true + } else if isCaselessLitValue(runesFalse, v.raw) { + return false, true + } + return false, false } func isTrimmable(r rune) bool { diff --git a/agent/vendor/github.com/aws/aws-sdk-go/internal/ini/visitor.go b/agent/vendor/github.com/aws/aws-sdk-go/internal/ini/visitor.go index 081cf433424..1d08e138aba 100644 --- a/agent/vendor/github.com/aws/aws-sdk-go/internal/ini/visitor.go +++ b/agent/vendor/github.com/aws/aws-sdk-go/internal/ini/visitor.go @@ -145,17 +145,17 @@ func (t Section) ValueType(k string) (ValueType, bool) { } // Bool returns a bool value at k -func (t Section) Bool(k string) bool { +func (t Section) Bool(k string) (bool, bool) { return t.values[k].BoolValue() } // Int returns an integer value at k -func (t Section) Int(k string) int64 { +func (t Section) Int(k string) (int64, bool) { return t.values[k].IntValue() } // Float64 returns a float value at k -func (t Section) Float64(k string) float64 { +func (t Section) Float64(k string) (float64, bool) { return t.values[k].FloatValue() } diff --git a/agent/vendor/github.com/aws/aws-sdk-go/private/model/api/api.go b/agent/vendor/github.com/aws/aws-sdk-go/private/model/api/api.go index e888979cd1f..f2e30429406 100644 --- a/agent/vendor/github.com/aws/aws-sdk-go/private/model/api/api.go +++ b/agent/vendor/github.com/aws/aws-sdk-go/private/model/api/api.go @@ -95,11 +95,11 @@ type Metadata struct { EndpointsID string ServiceID string - NoResolveEndpoint bool + NoResolveEndpoint bool AWSQueryCompatible *awsQueryCompatible } -type awsQueryCompatible struct {} +type awsQueryCompatible struct{} // ProtocolSettings define how the SDK should handle requests in the context // of of a protocol. @@ -950,12 +950,100 @@ const ( {{- end }} `)) +// A tplAPIErrors is the top level template for the API +var tplAPIErrorsSQS = template.Must(template.New("api").Parse(` +const ( + {{- range $_, $s := $.ShapeListErrors }} + + // {{ $s.ErrorCodeName }} for service response error code + {{- if eq $s.ErrorCodeName "ErrCodeBatchEntryIdsNotDistinct" }} + // "AWS.SimpleQueueService.BatchEntryIdsNotDistinct". + {{- else if eq $s.ErrorCodeName "ErrCodeBatchRequestTooLong" }} + // "AWS.SimpleQueueService.BatchRequestTooLong". + {{- else if eq $s.ErrorCodeName "ErrCodeEmptyBatchRequest" }} + // "AWS.SimpleQueueService.EmptyBatchRequest". + {{- else if eq $s.ErrorCodeName "ErrCodeInvalidBatchEntryId" }} + // "AWS.SimpleQueueService.InvalidBatchEntryId". + {{- else if eq $s.ErrorCodeName "ErrCodeMessageNotInflight" }} + // "AWS.SimpleQueueService.MessageNotInflight". + {{- else if eq $s.ErrorCodeName "ErrCodePurgeQueueInProgress" }} + // "AWS.SimpleQueueService.PurgeQueueInProgress". + {{- else if eq $s.ErrorCodeName "ErrCodeQueueDeletedRecently" }} + // "AWS.SimpleQueueService.QueueDeletedRecently". + {{- else if eq $s.ErrorCodeName "ErrCodeQueueDoesNotExist" }} + // "AWS.SimpleQueueService.NonExistentQueue". + {{- else if eq $s.ErrorCodeName "ErrCodeTooManyEntriesInBatchRequest" }} + // "AWS.SimpleQueueService.TooManyEntriesInBatchRequest". + {{- else if eq $s.ErrorCodeName "ErrCodeUnsupportedOperation" }} + // "AWS.SimpleQueueService.UnsupportedOperation". + {{- else if eq $s.ErrorCodeName "ErrCodeQueueNameExists" }} + // "QueueAlreadyExists". + {{- else }} + // {{ printf "%q" $s.ErrorName }}. + {{- end }} + {{ if $s.Docstring -}} + // + {{ $s.Docstring }} + {{ end -}} + + + {{- if eq $s.ErrorCodeName "ErrCodeBatchEntryIdsNotDistinct" -}} + {{ $s.ErrorCodeName }} = "AWS.SimpleQueueService.BatchEntryIdsNotDistinct" + {{- else if eq $s.ErrorCodeName "ErrCodeBatchRequestTooLong" -}} + {{ $s.ErrorCodeName }} = "AWS.SimpleQueueService.BatchRequestTooLong" + {{- else if eq $s.ErrorCodeName "ErrCodeEmptyBatchRequest" -}} + {{ $s.ErrorCodeName }} = "AWS.SimpleQueueService.EmptyBatchRequest" + {{- else if eq $s.ErrorCodeName "ErrCodeInvalidBatchEntryId" -}} + {{ $s.ErrorCodeName }} = "AWS.SimpleQueueService.InvalidBatchEntryId" + {{- else if eq $s.ErrorCodeName "ErrCodeMessageNotInflight" -}} + {{ $s.ErrorCodeName }} = "AWS.SimpleQueueService.MessageNotInflight" + {{- else if eq $s.ErrorCodeName "ErrCodePurgeQueueInProgress" -}} + {{ $s.ErrorCodeName }} = "AWS.SimpleQueueService.PurgeQueueInProgress" + {{- else if eq $s.ErrorCodeName "ErrCodeQueueDeletedRecently" -}} + {{ $s.ErrorCodeName }} = "AWS.SimpleQueueService.QueueDeletedRecently" + {{- else if eq $s.ErrorCodeName "ErrCodeQueueDoesNotExist" -}} + {{ $s.ErrorCodeName }} = "AWS.SimpleQueueService.NonExistentQueue" + {{- else if eq $s.ErrorCodeName "ErrCodeTooManyEntriesInBatchRequest" -}} + {{ $s.ErrorCodeName }} = "AWS.SimpleQueueService.TooManyEntriesInBatchRequest" + {{- else if eq $s.ErrorCodeName "ErrCodeUnsupportedOperation" -}} + {{ $s.ErrorCodeName }} = "AWS.SimpleQueueService.UnsupportedOperation" + {{- else if eq $s.ErrorCodeName "ErrCodeQueueNameExists" -}} + {{ $s.ErrorCodeName }} = "QueueAlreadyExists" + {{- else -}} + {{ $s.ErrorCodeName }} = {{ printf "%q" $s.ErrorName }} + {{- end -}} + {{- end }} +) + +{{- if $.WithGeneratedTypedErrors }} + {{- $_ := $.AddSDKImport "private/protocol" }} + + var exceptionFromCode = map[string]func(protocol.ResponseMetadata)error { + {{- range $_, $s := $.ShapeListErrors }} + "{{ $s.ErrorName }}": newError{{ $s.ShapeName }}, + {{- end }} + } + {{- if .Metadata.AWSQueryCompatible }} + var queryExceptionFromCode = map[string]func(protocol.ResponseMetadata, string)error { + {{- range $_, $s := $.ShapeListErrors }} + "{{ $s.ErrorName }}": newQueryCompatibleError{{ $s.ShapeName }}, + {{- end }} + } + {{- end }} +{{- end }} +`)) + // APIErrorsGoCode returns the Go code for the errors.go file. func (a *API) APIErrorsGoCode() string { a.resetImports() var buf bytes.Buffer - err := tplAPIErrors.Execute(&buf, a) + var err error + if a.Metadata.ServiceID == "SQS" { + err = tplAPIErrorsSQS.Execute(&buf, a) + } else { + err = tplAPIErrors.Execute(&buf, a) + } if err != nil { panic(err) diff --git a/agent/vendor/github.com/aws/aws-sdk-go/private/model/api/eventstream_tmpl.go b/agent/vendor/github.com/aws/aws-sdk-go/private/model/api/eventstream_tmpl.go index 64846cfaaa8..fe3c19c4857 100644 --- a/agent/vendor/github.com/aws/aws-sdk-go/private/model/api/eventstream_tmpl.go +++ b/agent/vendor/github.com/aws/aws-sdk-go/private/model/api/eventstream_tmpl.go @@ -22,8 +22,14 @@ func renderEventStreamAPI(w io.Writer, op *Operation) error { op.API.AddSDKImport("private/protocol/eventstream") op.API.AddSDKImport("private/protocol/eventstream/eventstreamapi") + // usages of these imports are conditional - generate a compile-only + // reference to avoid potential unused imports: + // - awserr is only used for input streams or json protocols + // - time is only used for input streams or if an event payload has a + // timestamp field w.Write([]byte(` var _ awserr.Error +var _ time.Time `)) return eventStreamAPITmpl.Execute(w, op) diff --git a/agent/vendor/github.com/aws/aws-sdk-go/private/model/api/pagination.go b/agent/vendor/github.com/aws/aws-sdk-go/private/model/api/pagination.go index 4c338ab16d7..a31089ee344 100644 --- a/agent/vendor/github.com/aws/aws-sdk-go/private/model/api/pagination.go +++ b/agent/vendor/github.com/aws/aws-sdk-go/private/model/api/pagination.go @@ -58,6 +58,9 @@ func (p *paginationDefinitions) setup() error { if e.InputTokens == nil || e.OutputTokens == nil { continue } + if _, ok := p.Operations[n]; !ok { + continue + } paginator := e switch t := paginator.InputTokens.(type) { @@ -83,11 +86,7 @@ func (p *paginationDefinitions) setup() error { paginator.OutputTokens = toks } - if o, ok := p.Operations[n]; ok { - o.Paginator = &paginator - } else { - return fmt.Errorf("unknown operation for paginator, %s", n) - } + p.Operations[n].Paginator = &paginator } return nil diff --git a/agent/vendor/github.com/aws/aws-sdk-go/private/model/api/smoke.go b/agent/vendor/github.com/aws/aws-sdk-go/private/model/api/smoke.go index 5b8e79b1b37..b25b08dafac 100644 --- a/agent/vendor/github.com/aws/aws-sdk-go/private/model/api/smoke.go +++ b/agent/vendor/github.com/aws/aws-sdk-go/private/model/api/smoke.go @@ -173,6 +173,7 @@ func (a *API) APISmokeTestsGoCode() string { var smokeTestTmpl = template.Must(template.New(`smokeTestTmpl`).Parse(` {{- range $i, $testCase := $.TestCases }} {{- $op := index $.API.Operations $testCase.OpName }} + {{- if $op }} func TestInteg_{{ printf "%02d" $i }}_{{ $op.ExportedName }}(t *testing.T) { ctx, cancelFn := context.WithTimeout(context.Background(), 5 *time.Second) defer cancelFn() @@ -206,5 +207,6 @@ var smokeTestTmpl = template.Must(template.New(`smokeTestTmpl`).Parse(` } {{- end }} } + {{- end }} {{- end }} `)) diff --git a/agent/vendor/github.com/aws/aws-sdk-go/private/model/api/waiters.go b/agent/vendor/github.com/aws/aws-sdk-go/private/model/api/waiters.go index 33ccd8cec55..1da730837fc 100644 --- a/agent/vendor/github.com/aws/aws-sdk-go/private/model/api/waiters.go +++ b/agent/vendor/github.com/aws/aws-sdk-go/private/model/api/waiters.go @@ -98,8 +98,7 @@ func (p *waiterDefinitions) setup() error { e.OperationName = p.ExportableName(e.OperationName) e.Operation = p.API.Operations[e.OperationName] if e.Operation == nil { - return fmt.Errorf("unknown operation %s for waiter %s", - e.OperationName, n) + continue } p.API.Waiters = append(p.API.Waiters, e) } diff --git a/agent/vendor/github.com/aws/aws-sdk-go/private/protocol/jsonrpc/unmarshal_error.go b/agent/vendor/github.com/aws/aws-sdk-go/private/protocol/jsonrpc/unmarshal_error.go index 4f933f2a1c4..9c1ccde54ae 100644 --- a/agent/vendor/github.com/aws/aws-sdk-go/private/protocol/jsonrpc/unmarshal_error.go +++ b/agent/vendor/github.com/aws/aws-sdk-go/private/protocol/jsonrpc/unmarshal_error.go @@ -22,7 +22,7 @@ const ( // UnmarshalTypedError provides unmarshaling errors API response errors // for both typed and untyped errors. type UnmarshalTypedError struct { - exceptions map[string]func(protocol.ResponseMetadata) error + exceptions map[string]func(protocol.ResponseMetadata) error queryExceptions map[string]func(protocol.ResponseMetadata, string) error } @@ -30,11 +30,13 @@ type UnmarshalTypedError struct { // set of exception names to the error unmarshalers func NewUnmarshalTypedError(exceptions map[string]func(protocol.ResponseMetadata) error) *UnmarshalTypedError { return &UnmarshalTypedError{ - exceptions: exceptions, + exceptions: exceptions, queryExceptions: map[string]func(protocol.ResponseMetadata, string) error{}, } } +// NewUnmarshalTypedErrorWithOptions works similar to NewUnmarshalTypedError applying options to the UnmarshalTypedError +// before returning it func NewUnmarshalTypedErrorWithOptions(exceptions map[string]func(protocol.ResponseMetadata) error, optFns ...func(*UnmarshalTypedError)) *UnmarshalTypedError { unmarshaledError := NewUnmarshalTypedError(exceptions) for _, fn := range optFns { @@ -43,6 +45,11 @@ func NewUnmarshalTypedErrorWithOptions(exceptions map[string]func(protocol.Respo return unmarshaledError } +// WithQueryCompatibility is a helper function to construct a functional option for use with NewUnmarshalTypedErrorWithOptions. +// The queryExceptions given act as an override for unmarshalling errors when query compatible error codes are found. +// See also [awsQueryCompatible trait] +// +// [awsQueryCompatible trait]: https://smithy.io/2.0/aws/protocols/aws-query-protocol.html#aws-protocols-awsquerycompatible-trait func WithQueryCompatibility(queryExceptions map[string]func(protocol.ResponseMetadata, string) error) func(*UnmarshalTypedError) { return func(typedError *UnmarshalTypedError) { typedError.queryExceptions = queryExceptions diff --git a/agent/vendor/github.com/aws/aws-sdk-go/private/protocol/rest/build.go b/agent/vendor/github.com/aws/aws-sdk-go/private/protocol/rest/build.go index 1d273ff0ec6..ecc521f88f1 100644 --- a/agent/vendor/github.com/aws/aws-sdk-go/private/protocol/rest/build.go +++ b/agent/vendor/github.com/aws/aws-sdk-go/private/protocol/rest/build.go @@ -287,6 +287,10 @@ func convertType(v reflect.Value, tag reflect.StructTag) (str string, err error) if tag.Get("location") != "header" || tag.Get("enum") == "" { return "", fmt.Errorf("%T is only supported with location header and enum shapes", value) } + if len(value) == 0 { + return "", errValueNotSet + } + buff := &bytes.Buffer{} for i, sv := range value { if sv == nil || len(*sv) == 0 { diff --git a/agent/vendor/github.com/aws/aws-sdk-go/private/protocol/restjson/unmarshal_error.go b/agent/vendor/github.com/aws/aws-sdk-go/private/protocol/restjson/unmarshal_error.go index d756d8cc529..5366a646d9c 100644 --- a/agent/vendor/github.com/aws/aws-sdk-go/private/protocol/restjson/unmarshal_error.go +++ b/agent/vendor/github.com/aws/aws-sdk-go/private/protocol/restjson/unmarshal_error.go @@ -2,6 +2,7 @@ package restjson import ( "bytes" + "encoding/json" "io" "io/ioutil" "net/http" @@ -40,52 +41,30 @@ func (u *UnmarshalTypedError) UnmarshalError( resp *http.Response, respMeta protocol.ResponseMetadata, ) (error, error) { - - code := resp.Header.Get(errorTypeHeader) - msg := resp.Header.Get(errorMessageHeader) - - body := resp.Body - if len(code) == 0 { - // If unable to get code from HTTP headers have to parse JSON message - // to determine what kind of exception this will be. - var buf bytes.Buffer - var jsonErr jsonErrorResponse - teeReader := io.TeeReader(resp.Body, &buf) - err := jsonutil.UnmarshalJSONError(&jsonErr, teeReader) - if err != nil { - return nil, err - } - - body = ioutil.NopCloser(&buf) - code = jsonErr.Code - msg = jsonErr.Message + code, msg, err := unmarshalErrorInfo(resp) + if err != nil { + return nil, err } - // If code has colon separators remove them so can compare against modeled - // exception names. - code = strings.SplitN(code, ":", 2)[0] - - if fn, ok := u.exceptions[code]; ok { - // If exception code is know, use associated constructor to get a value - // for the exception that the JSON body can be unmarshaled into. - v := fn(respMeta) - if err := jsonutil.UnmarshalJSONCaseInsensitive(v, body); err != nil { - return nil, err - } + fn, ok := u.exceptions[code] + if !ok { + return awserr.NewRequestFailure( + awserr.New(code, msg, nil), + respMeta.StatusCode, + respMeta.RequestID, + ), nil + } - if err := rest.UnmarshalResponse(resp, v, true); err != nil { - return nil, err - } + v := fn(respMeta) + if err := jsonutil.UnmarshalJSONCaseInsensitive(v, resp.Body); err != nil { + return nil, err + } - return v, nil + if err := rest.UnmarshalResponse(resp, v, true); err != nil { + return nil, err } - // fallback to unmodeled generic exceptions - return awserr.NewRequestFailure( - awserr.New(code, msg, nil), - respMeta.StatusCode, - respMeta.RequestID, - ), nil + return v, nil } // UnmarshalErrorHandler is a named request handler for unmarshaling restjson @@ -99,36 +78,80 @@ var UnmarshalErrorHandler = request.NamedHandler{ func UnmarshalError(r *request.Request) { defer r.HTTPResponse.Body.Close() - var jsonErr jsonErrorResponse - err := jsonutil.UnmarshalJSONError(&jsonErr, r.HTTPResponse.Body) + code, msg, err := unmarshalErrorInfo(r.HTTPResponse) if err != nil { r.Error = awserr.NewRequestFailure( - awserr.New(request.ErrCodeSerialization, - "failed to unmarshal response error", err), + awserr.New(request.ErrCodeSerialization, "failed to unmarshal response error", err), r.HTTPResponse.StatusCode, r.RequestID, ) return } - code := r.HTTPResponse.Header.Get(errorTypeHeader) - if code == "" { - code = jsonErr.Code - } - msg := r.HTTPResponse.Header.Get(errorMessageHeader) - if msg == "" { - msg = jsonErr.Message - } - - code = strings.SplitN(code, ":", 2)[0] r.Error = awserr.NewRequestFailure( - awserr.New(code, jsonErr.Message, nil), + awserr.New(code, msg, nil), r.HTTPResponse.StatusCode, r.RequestID, ) } type jsonErrorResponse struct { + Type string `json:"__type"` Code string `json:"code"` Message string `json:"message"` } + +func (j *jsonErrorResponse) SanitizedCode() string { + code := j.Code + if len(j.Type) > 0 { + code = j.Type + } + return sanitizeCode(code) +} + +// Remove superfluous components from a restJson error code. +// - If a : character is present, then take only the contents before the +// first : character in the value. +// - If a # character is present, then take only the contents after the first +// # character in the value. +// +// All of the following error values resolve to FooError: +// - FooError +// - FooError:http://internal.amazon.com/coral/com.amazon.coral.validate/ +// - aws.protocoltests.restjson#FooError +// - aws.protocoltests.restjson#FooError:http://internal.amazon.com/coral/com.amazon.coral.validate/ +func sanitizeCode(code string) string { + noColon := strings.SplitN(code, ":", 2)[0] + hashSplit := strings.SplitN(noColon, "#", 2) + return hashSplit[len(hashSplit)-1] +} + +// attempt to garner error details from the response, preferring header values +// when present +func unmarshalErrorInfo(resp *http.Response) (code string, msg string, err error) { + code = sanitizeCode(resp.Header.Get(errorTypeHeader)) + msg = resp.Header.Get(errorMessageHeader) + if len(code) > 0 && len(msg) > 0 { + return + } + + // a modeled error will have to be re-deserialized later, so the body must + // be preserved + var buf bytes.Buffer + tee := io.TeeReader(resp.Body, &buf) + defer func() { resp.Body = ioutil.NopCloser(&buf) }() + + var jsonErr jsonErrorResponse + if decodeErr := json.NewDecoder(tee).Decode(&jsonErr); decodeErr != nil && decodeErr != io.EOF { + err = awserr.NewUnmarshalError(decodeErr, "failed to decode response body", buf.Bytes()) + return + } + + if len(code) == 0 { + code = jsonErr.SanitizedCode() + } + if len(msg) == 0 { + msg = jsonErr.Message + } + return +} diff --git a/agent/vendor/github.com/aws/aws-sdk-go/service/cloudwatchlogs/api.go b/agent/vendor/github.com/aws/aws-sdk-go/service/cloudwatchlogs/api.go index 4f74a992bcc..93f1dca6feb 100644 --- a/agent/vendor/github.com/aws/aws-sdk-go/service/cloudwatchlogs/api.go +++ b/agent/vendor/github.com/aws/aws-sdk-go/service/cloudwatchlogs/api.go @@ -3,13 +3,22 @@ package cloudwatchlogs import ( + "bytes" "fmt" + "io" + "sync" + "time" "github.com/aws/aws-sdk-go/aws" + "github.com/aws/aws-sdk-go/aws/awserr" "github.com/aws/aws-sdk-go/aws/awsutil" + "github.com/aws/aws-sdk-go/aws/client" "github.com/aws/aws-sdk-go/aws/request" "github.com/aws/aws-sdk-go/private/protocol" + "github.com/aws/aws-sdk-go/private/protocol/eventstream" + "github.com/aws/aws-sdk-go/private/protocol/eventstream/eventstreamapi" "github.com/aws/aws-sdk-go/private/protocol/jsonrpc" + "github.com/aws/aws-sdk-go/private/protocol/rest" ) const opAssociateKmsKey = "AssociateKmsKey" @@ -56,18 +65,44 @@ func (c *CloudWatchLogs) AssociateKmsKeyRequest(input *AssociateKmsKeyInput) (re // AssociateKmsKey API operation for Amazon CloudWatch Logs. // -// Associates the specified KMS key with the specified log group. -// -// Associating a KMS key with a log group overrides any existing associations -// between the log group and a KMS key. After a KMS key is associated with a -// log group, all newly ingested data for the log group is encrypted using the -// KMS key. This association is stored as long as the data encrypted with the -// KMS keyis still within CloudWatch Logs. This enables CloudWatch Logs to decrypt -// this data whenever it is requested. +// Associates the specified KMS key with either one log group in the account, +// or with all stored CloudWatch Logs query insights results in the account. +// +// When you use AssociateKmsKey, you specify either the logGroupName parameter +// or the resourceIdentifier parameter. You can't specify both of those parameters +// in the same operation. +// +// - Specify the logGroupName parameter to cause all log events stored in +// the log group to be encrypted with that key. Only the log events ingested +// after the key is associated are encrypted with that key. Associating a +// KMS key with a log group overrides any existing associations between the +// log group and a KMS key. After a KMS key is associated with a log group, +// all newly ingested data for the log group is encrypted using the KMS key. +// This association is stored as long as the data encrypted with the KMS +// key is still within CloudWatch Logs. This enables CloudWatch Logs to decrypt +// this data whenever it is requested. Associating a key with a log group +// does not cause the results of queries of that log group to be encrypted +// with that key. To have query results encrypted with a KMS key, you must +// use an AssociateKmsKey operation with the resourceIdentifier parameter +// that specifies a query-result resource. +// +// - Specify the resourceIdentifier parameter with a query-result resource, +// to use that key to encrypt the stored results of all future StartQuery +// (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_StartQuery.html) +// operations in the account. The response from a GetQueryResults (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_GetQueryResults.html) +// operation will still return the query results in plain text. Even if you +// have not associated a key with your query results, the query results are +// encrypted when stored, using the default CloudWatch Logs method. If you +// run a query from a monitoring account that queries logs in a source account, +// the query results key from the monitoring account, if any, is used. +// +// If you delete the key that is used to encrypt log events or log group query +// results, then all the associated stored log events or query results that +// were encrypted with that key will be unencryptable and unusable. // // CloudWatch Logs supports only symmetric KMS keys. Do not use an associate -// an asymmetric KMS key with your log group. For more information, see Using -// Symmetric and Asymmetric Keys (https://docs.aws.amazon.com/kms/latest/developerguide/symmetric-asymmetric.html). +// an asymmetric KMS key with your log group or query results. For more information, +// see Using Symmetric and Asymmetric Keys (https://docs.aws.amazon.com/kms/latest/developerguide/symmetric-asymmetric.html). // // It can take up to 5 minutes for this operation to take effect. // @@ -209,6 +244,137 @@ func (c *CloudWatchLogs) CancelExportTaskWithContext(ctx aws.Context, input *Can return out, req.Send() } +const opCreateDelivery = "CreateDelivery" + +// CreateDeliveryRequest generates a "aws/request.Request" representing the +// client's request for the CreateDelivery operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See CreateDelivery for more information on using the CreateDelivery +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the CreateDeliveryRequest method. +// req, resp := client.CreateDeliveryRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/CreateDelivery +func (c *CloudWatchLogs) CreateDeliveryRequest(input *CreateDeliveryInput) (req *request.Request, output *CreateDeliveryOutput) { + op := &request.Operation{ + Name: opCreateDelivery, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &CreateDeliveryInput{} + } + + output = &CreateDeliveryOutput{} + req = c.newRequest(op, input, output) + return +} + +// CreateDelivery API operation for Amazon CloudWatch Logs. +// +// Creates a delivery. A delivery is a connection between a logical delivery +// source and a logical delivery destination that you have already created. +// +// Only some Amazon Web Services services support being configured as a delivery +// source using this operation. These services are listed as Supported [V2 Permissions] +// in the table at Enabling logging from Amazon Web Services services. (https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/AWS-logs-and-resource-policy.html) +// +// A delivery destination can represent a log group in CloudWatch Logs, an Amazon +// S3 bucket, or a delivery stream in Firehose. +// +// To configure logs delivery between a supported Amazon Web Services service +// and a destination, you must do the following: +// +// - Create a delivery source, which is a logical object that represents +// the resource that is actually sending the logs. For more information, +// see PutDeliverySource (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutDeliverySource.html). +// +// - Create a delivery destination, which is a logical object that represents +// the actual delivery destination. For more information, see PutDeliveryDestination +// (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutDeliveryDestination.html). +// +// - If you are delivering logs cross-account, you must use PutDeliveryDestinationPolicy +// (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutDeliveryDestinationPolicy.html) +// in the destination account to assign an IAM policy to the destination. +// This policy allows delivery to that destination. +// +// - Use CreateDelivery to create a delivery by pairing exactly one delivery +// source and one delivery destination. +// +// You can configure a single delivery source to send logs to multiple destinations +// by creating multiple deliveries. You can also create multiple deliveries +// to configure multiple delivery sources to send logs to the same delivery +// destination. +// +// You can't update an existing delivery. You can only create and delete deliveries. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon CloudWatch Logs's +// API operation CreateDelivery for usage and error information. +// +// Returned Error Types: +// +// - ServiceUnavailableException +// The service cannot complete the request. +// +// - ConflictException +// This operation attempted to create a resource that already exists. +// +// - ResourceNotFoundException +// The specified resource does not exist. +// +// - ValidationException +// One of the parameters for the request is not valid. +// +// - AccessDeniedException +// You don't have sufficient permissions to perform this action. +// +// - ServiceQuotaExceededException +// This request exceeds a service quota. +// +// - ThrottlingException +// The request was throttled because of quota limits. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/CreateDelivery +func (c *CloudWatchLogs) CreateDelivery(input *CreateDeliveryInput) (*CreateDeliveryOutput, error) { + req, out := c.CreateDeliveryRequest(input) + return out, req.Send() +} + +// CreateDeliveryWithContext is the same as CreateDelivery with the addition of +// the ability to pass a context and additional request options. +// +// See CreateDelivery for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *CloudWatchLogs) CreateDeliveryWithContext(ctx aws.Context, input *CreateDeliveryInput, opts ...request.Option) (*CreateDeliveryOutput, error) { + req, out := c.CreateDeliveryRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opCreateExportTask = "CreateExportTask" // CreateExportTaskRequest generates a "aws/request.Request" representing the @@ -326,6 +492,125 @@ func (c *CloudWatchLogs) CreateExportTaskWithContext(ctx aws.Context, input *Cre return out, req.Send() } +const opCreateLogAnomalyDetector = "CreateLogAnomalyDetector" + +// CreateLogAnomalyDetectorRequest generates a "aws/request.Request" representing the +// client's request for the CreateLogAnomalyDetector operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See CreateLogAnomalyDetector for more information on using the CreateLogAnomalyDetector +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the CreateLogAnomalyDetectorRequest method. +// req, resp := client.CreateLogAnomalyDetectorRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/CreateLogAnomalyDetector +func (c *CloudWatchLogs) CreateLogAnomalyDetectorRequest(input *CreateLogAnomalyDetectorInput) (req *request.Request, output *CreateLogAnomalyDetectorOutput) { + op := &request.Operation{ + Name: opCreateLogAnomalyDetector, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &CreateLogAnomalyDetectorInput{} + } + + output = &CreateLogAnomalyDetectorOutput{} + req = c.newRequest(op, input, output) + return +} + +// CreateLogAnomalyDetector API operation for Amazon CloudWatch Logs. +// +// Creates an anomaly detector that regularly scans one or more log groups and +// look for patterns and anomalies in the logs. +// +// An anomaly detector can help surface issues by automatically discovering +// anomalies in your log event traffic. An anomaly detector uses machine learning +// algorithms to scan log events and find patterns. A pattern is a shared text +// structure that recurs among your log fields. Patterns provide a useful tool +// for analyzing large sets of logs because a large number of log events can +// often be compressed into a few patterns. +// +// The anomaly detector uses pattern recognition to find anomalies, which are +// unusual log events. It uses the evaluationFrequency to compare current log +// events and patterns with trained baselines. +// +// Fields within a pattern are called tokens. Fields that vary within a pattern, +// such as a request ID or timestamp, are referred to as dynamic tokens and +// represented by <*>. +// +// The following is an example of a pattern: +// +// [INFO] Request time: <*> ms +// +// This pattern represents log events like [INFO] Request time: 327 ms and other +// similar log events that differ only by the number, in this csse 327. When +// the pattern is displayed, the different numbers are replaced by <*> +// +// Any parts of log events that are masked as sensitive data are not scanned +// for anomalies. For more information about masking sensitive data, see Help +// protect sensitive log data with masking (https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/mask-sensitive-log-data.html). +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon CloudWatch Logs's +// API operation CreateLogAnomalyDetector for usage and error information. +// +// Returned Error Types: +// +// - InvalidParameterException +// A parameter is specified incorrectly. +// +// - ResourceNotFoundException +// The specified resource does not exist. +// +// - ServiceUnavailableException +// The service cannot complete the request. +// +// - OperationAbortedException +// Multiple concurrent requests to update the same resource were in conflict. +// +// - LimitExceededException +// You have reached the maximum number of resources that can be created. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/CreateLogAnomalyDetector +func (c *CloudWatchLogs) CreateLogAnomalyDetector(input *CreateLogAnomalyDetectorInput) (*CreateLogAnomalyDetectorOutput, error) { + req, out := c.CreateLogAnomalyDetectorRequest(input) + return out, req.Send() +} + +// CreateLogAnomalyDetectorWithContext is the same as CreateLogAnomalyDetector with the addition of +// the ability to pass a context and additional request options. +// +// See CreateLogAnomalyDetector for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *CloudWatchLogs) CreateLogAnomalyDetectorWithContext(ctx aws.Context, input *CreateLogAnomalyDetectorInput, opts ...request.Option) (*CreateLogAnomalyDetectorOutput, error) { + req, out := c.CreateLogAnomalyDetectorRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opCreateLogGroup = "CreateLogGroup" // CreateLogGroupRequest generates a "aws/request.Request" representing the @@ -370,8 +655,8 @@ func (c *CloudWatchLogs) CreateLogGroupRequest(input *CreateLogGroupInput) (req // CreateLogGroup API operation for Amazon CloudWatch Logs. // -// Creates a log group with the specified name. You can create up to 20,000 -// log groups per account. +// Creates a log group with the specified name. You can create up to 1,000,000 +// log groups per Region per account. // // You must use the following guidelines when naming a log group: // @@ -384,6 +669,8 @@ func (c *CloudWatchLogs) CreateLogGroupRequest(input *CreateLogGroupInput) (req // '_' (underscore), '-' (hyphen), '/' (forward slash), '.' (period), and // '#' (number sign) // +// - Log group names can't start with the string aws/ +// // When you create a log group, by default the log events in the log group do // not expire. To set a retention policy so that events expire and are deleted // after a specified time, use PutRetentionPolicy (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutRetentionPolicy.html). @@ -393,8 +680,8 @@ func (c *CloudWatchLogs) CreateLogGroupRequest(input *CreateLogGroupInput) (req // with the KMS key is still within CloudWatch Logs. This enables CloudWatch // Logs to decrypt this data whenever it is requested. // -// If you attempt to associate a KMS key with the log group but the KMS keydoes -// not exist or the KMS key is disabled, you receive an InvalidParameterException +// If you attempt to associate a KMS key with the log group but the KMS key +// does not exist or the KMS key is disabled, you receive an InvalidParameterException // error. // // CloudWatch Logs supports only symmetric KMS keys. Do not associate an asymmetric @@ -550,602 +837,642 @@ func (c *CloudWatchLogs) CreateLogStreamWithContext(ctx aws.Context, input *Crea return out, req.Send() } -const opDeleteDataProtectionPolicy = "DeleteDataProtectionPolicy" +const opDeleteAccountPolicy = "DeleteAccountPolicy" -// DeleteDataProtectionPolicyRequest generates a "aws/request.Request" representing the -// client's request for the DeleteDataProtectionPolicy operation. The "output" return +// DeleteAccountPolicyRequest generates a "aws/request.Request" representing the +// client's request for the DeleteAccountPolicy operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // -// See DeleteDataProtectionPolicy for more information on using the DeleteDataProtectionPolicy +// See DeleteAccountPolicy for more information on using the DeleteAccountPolicy // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // -// // Example sending a request using the DeleteDataProtectionPolicyRequest method. -// req, resp := client.DeleteDataProtectionPolicyRequest(params) +// // Example sending a request using the DeleteAccountPolicyRequest method. +// req, resp := client.DeleteAccountPolicyRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // -// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/DeleteDataProtectionPolicy -func (c *CloudWatchLogs) DeleteDataProtectionPolicyRequest(input *DeleteDataProtectionPolicyInput) (req *request.Request, output *DeleteDataProtectionPolicyOutput) { +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/DeleteAccountPolicy +func (c *CloudWatchLogs) DeleteAccountPolicyRequest(input *DeleteAccountPolicyInput) (req *request.Request, output *DeleteAccountPolicyOutput) { op := &request.Operation{ - Name: opDeleteDataProtectionPolicy, + Name: opDeleteAccountPolicy, HTTPMethod: "POST", HTTPPath: "/", } if input == nil { - input = &DeleteDataProtectionPolicyInput{} + input = &DeleteAccountPolicyInput{} } - output = &DeleteDataProtectionPolicyOutput{} + output = &DeleteAccountPolicyOutput{} req = c.newRequest(op, input, output) req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) return } -// DeleteDataProtectionPolicy API operation for Amazon CloudWatch Logs. +// DeleteAccountPolicy API operation for Amazon CloudWatch Logs. // -// Deletes the data protection policy from the specified log group. +// Deletes a CloudWatch Logs account policy. This stops the policy from applying +// to all log groups or a subset of log groups in the account. Log-group level +// policies will still be in effect. // -// For more information about data protection policies, see PutDataProtectionPolicy -// (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutDataProtectionPolicy.html). +// To use this operation, you must be signed on with the correct permissions +// depending on the type of policy that you are deleting. +// +// - To delete a data protection policy, you must have the logs:DeleteDataProtectionPolicy +// and logs:DeleteAccountPolicy permissions. +// +// - To delete a subscription filter policy, you must have the logs:DeleteSubscriptionFilter +// and logs:DeleteAccountPolicy permissions. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for Amazon CloudWatch Logs's -// API operation DeleteDataProtectionPolicy for usage and error information. +// API operation DeleteAccountPolicy for usage and error information. // // Returned Error Types: // // - InvalidParameterException // A parameter is specified incorrectly. // -// - OperationAbortedException -// Multiple concurrent requests to update the same resource were in conflict. -// // - ResourceNotFoundException // The specified resource does not exist. // // - ServiceUnavailableException // The service cannot complete the request. // -// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/DeleteDataProtectionPolicy -func (c *CloudWatchLogs) DeleteDataProtectionPolicy(input *DeleteDataProtectionPolicyInput) (*DeleteDataProtectionPolicyOutput, error) { - req, out := c.DeleteDataProtectionPolicyRequest(input) +// - OperationAbortedException +// Multiple concurrent requests to update the same resource were in conflict. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/DeleteAccountPolicy +func (c *CloudWatchLogs) DeleteAccountPolicy(input *DeleteAccountPolicyInput) (*DeleteAccountPolicyOutput, error) { + req, out := c.DeleteAccountPolicyRequest(input) return out, req.Send() } -// DeleteDataProtectionPolicyWithContext is the same as DeleteDataProtectionPolicy with the addition of +// DeleteAccountPolicyWithContext is the same as DeleteAccountPolicy with the addition of // the ability to pass a context and additional request options. // -// See DeleteDataProtectionPolicy for details on how to use this API operation. +// See DeleteAccountPolicy for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. -func (c *CloudWatchLogs) DeleteDataProtectionPolicyWithContext(ctx aws.Context, input *DeleteDataProtectionPolicyInput, opts ...request.Option) (*DeleteDataProtectionPolicyOutput, error) { - req, out := c.DeleteDataProtectionPolicyRequest(input) +func (c *CloudWatchLogs) DeleteAccountPolicyWithContext(ctx aws.Context, input *DeleteAccountPolicyInput, opts ...request.Option) (*DeleteAccountPolicyOutput, error) { + req, out := c.DeleteAccountPolicyRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } -const opDeleteDestination = "DeleteDestination" +const opDeleteDataProtectionPolicy = "DeleteDataProtectionPolicy" -// DeleteDestinationRequest generates a "aws/request.Request" representing the -// client's request for the DeleteDestination operation. The "output" return +// DeleteDataProtectionPolicyRequest generates a "aws/request.Request" representing the +// client's request for the DeleteDataProtectionPolicy operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // -// See DeleteDestination for more information on using the DeleteDestination +// See DeleteDataProtectionPolicy for more information on using the DeleteDataProtectionPolicy // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // -// // Example sending a request using the DeleteDestinationRequest method. -// req, resp := client.DeleteDestinationRequest(params) +// // Example sending a request using the DeleteDataProtectionPolicyRequest method. +// req, resp := client.DeleteDataProtectionPolicyRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // -// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/DeleteDestination -func (c *CloudWatchLogs) DeleteDestinationRequest(input *DeleteDestinationInput) (req *request.Request, output *DeleteDestinationOutput) { +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/DeleteDataProtectionPolicy +func (c *CloudWatchLogs) DeleteDataProtectionPolicyRequest(input *DeleteDataProtectionPolicyInput) (req *request.Request, output *DeleteDataProtectionPolicyOutput) { op := &request.Operation{ - Name: opDeleteDestination, + Name: opDeleteDataProtectionPolicy, HTTPMethod: "POST", HTTPPath: "/", } if input == nil { - input = &DeleteDestinationInput{} + input = &DeleteDataProtectionPolicyInput{} } - output = &DeleteDestinationOutput{} + output = &DeleteDataProtectionPolicyOutput{} req = c.newRequest(op, input, output) req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) return } -// DeleteDestination API operation for Amazon CloudWatch Logs. +// DeleteDataProtectionPolicy API operation for Amazon CloudWatch Logs. // -// Deletes the specified destination, and eventually disables all the subscription -// filters that publish to it. This operation does not delete the physical resource -// encapsulated by the destination. +// Deletes the data protection policy from the specified log group. +// +// For more information about data protection policies, see PutDataProtectionPolicy +// (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutDataProtectionPolicy.html). // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for Amazon CloudWatch Logs's -// API operation DeleteDestination for usage and error information. +// API operation DeleteDataProtectionPolicy for usage and error information. // // Returned Error Types: // // - InvalidParameterException // A parameter is specified incorrectly. // -// - ResourceNotFoundException -// The specified resource does not exist. -// // - OperationAbortedException // Multiple concurrent requests to update the same resource were in conflict. // +// - ResourceNotFoundException +// The specified resource does not exist. +// // - ServiceUnavailableException // The service cannot complete the request. // -// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/DeleteDestination -func (c *CloudWatchLogs) DeleteDestination(input *DeleteDestinationInput) (*DeleteDestinationOutput, error) { - req, out := c.DeleteDestinationRequest(input) +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/DeleteDataProtectionPolicy +func (c *CloudWatchLogs) DeleteDataProtectionPolicy(input *DeleteDataProtectionPolicyInput) (*DeleteDataProtectionPolicyOutput, error) { + req, out := c.DeleteDataProtectionPolicyRequest(input) return out, req.Send() } -// DeleteDestinationWithContext is the same as DeleteDestination with the addition of +// DeleteDataProtectionPolicyWithContext is the same as DeleteDataProtectionPolicy with the addition of // the ability to pass a context and additional request options. // -// See DeleteDestination for details on how to use this API operation. +// See DeleteDataProtectionPolicy for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. -func (c *CloudWatchLogs) DeleteDestinationWithContext(ctx aws.Context, input *DeleteDestinationInput, opts ...request.Option) (*DeleteDestinationOutput, error) { - req, out := c.DeleteDestinationRequest(input) +func (c *CloudWatchLogs) DeleteDataProtectionPolicyWithContext(ctx aws.Context, input *DeleteDataProtectionPolicyInput, opts ...request.Option) (*DeleteDataProtectionPolicyOutput, error) { + req, out := c.DeleteDataProtectionPolicyRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } -const opDeleteLogGroup = "DeleteLogGroup" +const opDeleteDelivery = "DeleteDelivery" -// DeleteLogGroupRequest generates a "aws/request.Request" representing the -// client's request for the DeleteLogGroup operation. The "output" return +// DeleteDeliveryRequest generates a "aws/request.Request" representing the +// client's request for the DeleteDelivery operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // -// See DeleteLogGroup for more information on using the DeleteLogGroup +// See DeleteDelivery for more information on using the DeleteDelivery // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // -// // Example sending a request using the DeleteLogGroupRequest method. -// req, resp := client.DeleteLogGroupRequest(params) +// // Example sending a request using the DeleteDeliveryRequest method. +// req, resp := client.DeleteDeliveryRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // -// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/DeleteLogGroup -func (c *CloudWatchLogs) DeleteLogGroupRequest(input *DeleteLogGroupInput) (req *request.Request, output *DeleteLogGroupOutput) { +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/DeleteDelivery +func (c *CloudWatchLogs) DeleteDeliveryRequest(input *DeleteDeliveryInput) (req *request.Request, output *DeleteDeliveryOutput) { op := &request.Operation{ - Name: opDeleteLogGroup, + Name: opDeleteDelivery, HTTPMethod: "POST", HTTPPath: "/", } if input == nil { - input = &DeleteLogGroupInput{} + input = &DeleteDeliveryInput{} } - output = &DeleteLogGroupOutput{} + output = &DeleteDeliveryOutput{} req = c.newRequest(op, input, output) req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) return } -// DeleteLogGroup API operation for Amazon CloudWatch Logs. +// DeleteDelivery API operation for Amazon CloudWatch Logs. // -// Deletes the specified log group and permanently deletes all the archived -// log events associated with the log group. +// Deletes s delivery. A delivery is a connection between a logical delivery +// source and a logical delivery destination. Deleting a delivery only deletes +// the connection between the delivery source and delivery destination. It does +// not delete the delivery destination or the delivery source. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for Amazon CloudWatch Logs's -// API operation DeleteLogGroup for usage and error information. +// API operation DeleteDelivery for usage and error information. // // Returned Error Types: // -// - InvalidParameterException -// A parameter is specified incorrectly. -// // - ResourceNotFoundException // The specified resource does not exist. // -// - OperationAbortedException -// Multiple concurrent requests to update the same resource were in conflict. -// // - ServiceUnavailableException // The service cannot complete the request. // -// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/DeleteLogGroup -func (c *CloudWatchLogs) DeleteLogGroup(input *DeleteLogGroupInput) (*DeleteLogGroupOutput, error) { - req, out := c.DeleteLogGroupRequest(input) +// - ConflictException +// This operation attempted to create a resource that already exists. +// +// - ValidationException +// One of the parameters for the request is not valid. +// +// - ServiceQuotaExceededException +// This request exceeds a service quota. +// +// - ThrottlingException +// The request was throttled because of quota limits. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/DeleteDelivery +func (c *CloudWatchLogs) DeleteDelivery(input *DeleteDeliveryInput) (*DeleteDeliveryOutput, error) { + req, out := c.DeleteDeliveryRequest(input) return out, req.Send() } -// DeleteLogGroupWithContext is the same as DeleteLogGroup with the addition of +// DeleteDeliveryWithContext is the same as DeleteDelivery with the addition of // the ability to pass a context and additional request options. // -// See DeleteLogGroup for details on how to use this API operation. +// See DeleteDelivery for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. -func (c *CloudWatchLogs) DeleteLogGroupWithContext(ctx aws.Context, input *DeleteLogGroupInput, opts ...request.Option) (*DeleteLogGroupOutput, error) { - req, out := c.DeleteLogGroupRequest(input) +func (c *CloudWatchLogs) DeleteDeliveryWithContext(ctx aws.Context, input *DeleteDeliveryInput, opts ...request.Option) (*DeleteDeliveryOutput, error) { + req, out := c.DeleteDeliveryRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } -const opDeleteLogStream = "DeleteLogStream" +const opDeleteDeliveryDestination = "DeleteDeliveryDestination" -// DeleteLogStreamRequest generates a "aws/request.Request" representing the -// client's request for the DeleteLogStream operation. The "output" return +// DeleteDeliveryDestinationRequest generates a "aws/request.Request" representing the +// client's request for the DeleteDeliveryDestination operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // -// See DeleteLogStream for more information on using the DeleteLogStream +// See DeleteDeliveryDestination for more information on using the DeleteDeliveryDestination // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // -// // Example sending a request using the DeleteLogStreamRequest method. -// req, resp := client.DeleteLogStreamRequest(params) +// // Example sending a request using the DeleteDeliveryDestinationRequest method. +// req, resp := client.DeleteDeliveryDestinationRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // -// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/DeleteLogStream -func (c *CloudWatchLogs) DeleteLogStreamRequest(input *DeleteLogStreamInput) (req *request.Request, output *DeleteLogStreamOutput) { +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/DeleteDeliveryDestination +func (c *CloudWatchLogs) DeleteDeliveryDestinationRequest(input *DeleteDeliveryDestinationInput) (req *request.Request, output *DeleteDeliveryDestinationOutput) { op := &request.Operation{ - Name: opDeleteLogStream, + Name: opDeleteDeliveryDestination, HTTPMethod: "POST", HTTPPath: "/", } if input == nil { - input = &DeleteLogStreamInput{} + input = &DeleteDeliveryDestinationInput{} } - output = &DeleteLogStreamOutput{} + output = &DeleteDeliveryDestinationOutput{} req = c.newRequest(op, input, output) req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) return } -// DeleteLogStream API operation for Amazon CloudWatch Logs. +// DeleteDeliveryDestination API operation for Amazon CloudWatch Logs. // -// Deletes the specified log stream and permanently deletes all the archived -// log events associated with the log stream. +// Deletes a delivery destination. A delivery is a connection between a logical +// delivery source and a logical delivery destination. +// +// You can't delete a delivery destination if any current deliveries are associated +// with it. To find whether any deliveries are associated with this delivery +// destination, use the DescribeDeliveries (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_DescribeDeliveries.html) +// operation and check the deliveryDestinationArn field in the results. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for Amazon CloudWatch Logs's -// API operation DeleteLogStream for usage and error information. +// API operation DeleteDeliveryDestination for usage and error information. // // Returned Error Types: // -// - InvalidParameterException -// A parameter is specified incorrectly. -// // - ResourceNotFoundException // The specified resource does not exist. // -// - OperationAbortedException -// Multiple concurrent requests to update the same resource were in conflict. -// // - ServiceUnavailableException // The service cannot complete the request. // -// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/DeleteLogStream -func (c *CloudWatchLogs) DeleteLogStream(input *DeleteLogStreamInput) (*DeleteLogStreamOutput, error) { - req, out := c.DeleteLogStreamRequest(input) +// - ConflictException +// This operation attempted to create a resource that already exists. +// +// - ValidationException +// One of the parameters for the request is not valid. +// +// - ServiceQuotaExceededException +// This request exceeds a service quota. +// +// - ThrottlingException +// The request was throttled because of quota limits. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/DeleteDeliveryDestination +func (c *CloudWatchLogs) DeleteDeliveryDestination(input *DeleteDeliveryDestinationInput) (*DeleteDeliveryDestinationOutput, error) { + req, out := c.DeleteDeliveryDestinationRequest(input) return out, req.Send() } -// DeleteLogStreamWithContext is the same as DeleteLogStream with the addition of +// DeleteDeliveryDestinationWithContext is the same as DeleteDeliveryDestination with the addition of // the ability to pass a context and additional request options. // -// See DeleteLogStream for details on how to use this API operation. +// See DeleteDeliveryDestination for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. -func (c *CloudWatchLogs) DeleteLogStreamWithContext(ctx aws.Context, input *DeleteLogStreamInput, opts ...request.Option) (*DeleteLogStreamOutput, error) { - req, out := c.DeleteLogStreamRequest(input) +func (c *CloudWatchLogs) DeleteDeliveryDestinationWithContext(ctx aws.Context, input *DeleteDeliveryDestinationInput, opts ...request.Option) (*DeleteDeliveryDestinationOutput, error) { + req, out := c.DeleteDeliveryDestinationRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } -const opDeleteMetricFilter = "DeleteMetricFilter" +const opDeleteDeliveryDestinationPolicy = "DeleteDeliveryDestinationPolicy" -// DeleteMetricFilterRequest generates a "aws/request.Request" representing the -// client's request for the DeleteMetricFilter operation. The "output" return +// DeleteDeliveryDestinationPolicyRequest generates a "aws/request.Request" representing the +// client's request for the DeleteDeliveryDestinationPolicy operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // -// See DeleteMetricFilter for more information on using the DeleteMetricFilter +// See DeleteDeliveryDestinationPolicy for more information on using the DeleteDeliveryDestinationPolicy // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // -// // Example sending a request using the DeleteMetricFilterRequest method. -// req, resp := client.DeleteMetricFilterRequest(params) +// // Example sending a request using the DeleteDeliveryDestinationPolicyRequest method. +// req, resp := client.DeleteDeliveryDestinationPolicyRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // -// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/DeleteMetricFilter -func (c *CloudWatchLogs) DeleteMetricFilterRequest(input *DeleteMetricFilterInput) (req *request.Request, output *DeleteMetricFilterOutput) { +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/DeleteDeliveryDestinationPolicy +func (c *CloudWatchLogs) DeleteDeliveryDestinationPolicyRequest(input *DeleteDeliveryDestinationPolicyInput) (req *request.Request, output *DeleteDeliveryDestinationPolicyOutput) { op := &request.Operation{ - Name: opDeleteMetricFilter, + Name: opDeleteDeliveryDestinationPolicy, HTTPMethod: "POST", HTTPPath: "/", } if input == nil { - input = &DeleteMetricFilterInput{} + input = &DeleteDeliveryDestinationPolicyInput{} } - output = &DeleteMetricFilterOutput{} + output = &DeleteDeliveryDestinationPolicyOutput{} req = c.newRequest(op, input, output) req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) return } -// DeleteMetricFilter API operation for Amazon CloudWatch Logs. +// DeleteDeliveryDestinationPolicy API operation for Amazon CloudWatch Logs. // -// Deletes the specified metric filter. +// Deletes a delivery destination policy. For more information about these policies, +// see PutDeliveryDestinationPolicy (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutDeliveryDestinationPolicy.html). // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for Amazon CloudWatch Logs's -// API operation DeleteMetricFilter for usage and error information. +// API operation DeleteDeliveryDestinationPolicy for usage and error information. // // Returned Error Types: // -// - InvalidParameterException -// A parameter is specified incorrectly. +// - ServiceUnavailableException +// The service cannot complete the request. +// +// - ValidationException +// One of the parameters for the request is not valid. // // - ResourceNotFoundException // The specified resource does not exist. // -// - OperationAbortedException -// Multiple concurrent requests to update the same resource were in conflict. -// -// - ServiceUnavailableException -// The service cannot complete the request. +// - ConflictException +// This operation attempted to create a resource that already exists. // -// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/DeleteMetricFilter -func (c *CloudWatchLogs) DeleteMetricFilter(input *DeleteMetricFilterInput) (*DeleteMetricFilterOutput, error) { - req, out := c.DeleteMetricFilterRequest(input) +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/DeleteDeliveryDestinationPolicy +func (c *CloudWatchLogs) DeleteDeliveryDestinationPolicy(input *DeleteDeliveryDestinationPolicyInput) (*DeleteDeliveryDestinationPolicyOutput, error) { + req, out := c.DeleteDeliveryDestinationPolicyRequest(input) return out, req.Send() } -// DeleteMetricFilterWithContext is the same as DeleteMetricFilter with the addition of +// DeleteDeliveryDestinationPolicyWithContext is the same as DeleteDeliveryDestinationPolicy with the addition of // the ability to pass a context and additional request options. // -// See DeleteMetricFilter for details on how to use this API operation. +// See DeleteDeliveryDestinationPolicy for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. -func (c *CloudWatchLogs) DeleteMetricFilterWithContext(ctx aws.Context, input *DeleteMetricFilterInput, opts ...request.Option) (*DeleteMetricFilterOutput, error) { - req, out := c.DeleteMetricFilterRequest(input) +func (c *CloudWatchLogs) DeleteDeliveryDestinationPolicyWithContext(ctx aws.Context, input *DeleteDeliveryDestinationPolicyInput, opts ...request.Option) (*DeleteDeliveryDestinationPolicyOutput, error) { + req, out := c.DeleteDeliveryDestinationPolicyRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } -const opDeleteQueryDefinition = "DeleteQueryDefinition" +const opDeleteDeliverySource = "DeleteDeliverySource" -// DeleteQueryDefinitionRequest generates a "aws/request.Request" representing the -// client's request for the DeleteQueryDefinition operation. The "output" return +// DeleteDeliverySourceRequest generates a "aws/request.Request" representing the +// client's request for the DeleteDeliverySource operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // -// See DeleteQueryDefinition for more information on using the DeleteQueryDefinition +// See DeleteDeliverySource for more information on using the DeleteDeliverySource // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // -// // Example sending a request using the DeleteQueryDefinitionRequest method. -// req, resp := client.DeleteQueryDefinitionRequest(params) +// // Example sending a request using the DeleteDeliverySourceRequest method. +// req, resp := client.DeleteDeliverySourceRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // -// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/DeleteQueryDefinition -func (c *CloudWatchLogs) DeleteQueryDefinitionRequest(input *DeleteQueryDefinitionInput) (req *request.Request, output *DeleteQueryDefinitionOutput) { +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/DeleteDeliverySource +func (c *CloudWatchLogs) DeleteDeliverySourceRequest(input *DeleteDeliverySourceInput) (req *request.Request, output *DeleteDeliverySourceOutput) { op := &request.Operation{ - Name: opDeleteQueryDefinition, + Name: opDeleteDeliverySource, HTTPMethod: "POST", HTTPPath: "/", } if input == nil { - input = &DeleteQueryDefinitionInput{} + input = &DeleteDeliverySourceInput{} } - output = &DeleteQueryDefinitionOutput{} + output = &DeleteDeliverySourceOutput{} req = c.newRequest(op, input, output) + req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) return } -// DeleteQueryDefinition API operation for Amazon CloudWatch Logs. +// DeleteDeliverySource API operation for Amazon CloudWatch Logs. // -// Deletes a saved CloudWatch Logs Insights query definition. A query definition -// contains details about a saved CloudWatch Logs Insights query. -// -// Each DeleteQueryDefinition operation can delete one query definition. +// Deletes a delivery source. A delivery is a connection between a logical delivery +// source and a logical delivery destination. // -// You must have the logs:DeleteQueryDefinition permission to be able to perform -// this operation. +// You can't delete a delivery source if any current deliveries are associated +// with it. To find whether any deliveries are associated with this delivery +// source, use the DescribeDeliveries (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_DescribeDeliveries.html) +// operation and check the deliverySourceName field in the results. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for Amazon CloudWatch Logs's -// API operation DeleteQueryDefinition for usage and error information. +// API operation DeleteDeliverySource for usage and error information. // // Returned Error Types: // -// - InvalidParameterException -// A parameter is specified incorrectly. -// // - ResourceNotFoundException // The specified resource does not exist. // // - ServiceUnavailableException // The service cannot complete the request. // -// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/DeleteQueryDefinition -func (c *CloudWatchLogs) DeleteQueryDefinition(input *DeleteQueryDefinitionInput) (*DeleteQueryDefinitionOutput, error) { - req, out := c.DeleteQueryDefinitionRequest(input) +// - ConflictException +// This operation attempted to create a resource that already exists. +// +// - ValidationException +// One of the parameters for the request is not valid. +// +// - ServiceQuotaExceededException +// This request exceeds a service quota. +// +// - ThrottlingException +// The request was throttled because of quota limits. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/DeleteDeliverySource +func (c *CloudWatchLogs) DeleteDeliverySource(input *DeleteDeliverySourceInput) (*DeleteDeliverySourceOutput, error) { + req, out := c.DeleteDeliverySourceRequest(input) return out, req.Send() } -// DeleteQueryDefinitionWithContext is the same as DeleteQueryDefinition with the addition of +// DeleteDeliverySourceWithContext is the same as DeleteDeliverySource with the addition of // the ability to pass a context and additional request options. // -// See DeleteQueryDefinition for details on how to use this API operation. +// See DeleteDeliverySource for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. -func (c *CloudWatchLogs) DeleteQueryDefinitionWithContext(ctx aws.Context, input *DeleteQueryDefinitionInput, opts ...request.Option) (*DeleteQueryDefinitionOutput, error) { - req, out := c.DeleteQueryDefinitionRequest(input) +func (c *CloudWatchLogs) DeleteDeliverySourceWithContext(ctx aws.Context, input *DeleteDeliverySourceInput, opts ...request.Option) (*DeleteDeliverySourceOutput, error) { + req, out := c.DeleteDeliverySourceRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } -const opDeleteResourcePolicy = "DeleteResourcePolicy" +const opDeleteDestination = "DeleteDestination" -// DeleteResourcePolicyRequest generates a "aws/request.Request" representing the -// client's request for the DeleteResourcePolicy operation. The "output" return +// DeleteDestinationRequest generates a "aws/request.Request" representing the +// client's request for the DeleteDestination operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // -// See DeleteResourcePolicy for more information on using the DeleteResourcePolicy +// See DeleteDestination for more information on using the DeleteDestination // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // -// // Example sending a request using the DeleteResourcePolicyRequest method. -// req, resp := client.DeleteResourcePolicyRequest(params) +// // Example sending a request using the DeleteDestinationRequest method. +// req, resp := client.DeleteDestinationRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // -// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/DeleteResourcePolicy -func (c *CloudWatchLogs) DeleteResourcePolicyRequest(input *DeleteResourcePolicyInput) (req *request.Request, output *DeleteResourcePolicyOutput) { +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/DeleteDestination +func (c *CloudWatchLogs) DeleteDestinationRequest(input *DeleteDestinationInput) (req *request.Request, output *DeleteDestinationOutput) { op := &request.Operation{ - Name: opDeleteResourcePolicy, + Name: opDeleteDestination, HTTPMethod: "POST", HTTPPath: "/", } if input == nil { - input = &DeleteResourcePolicyInput{} + input = &DeleteDestinationInput{} } - output = &DeleteResourcePolicyOutput{} + output = &DeleteDestinationOutput{} req = c.newRequest(op, input, output) req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) return } -// DeleteResourcePolicy API operation for Amazon CloudWatch Logs. +// DeleteDestination API operation for Amazon CloudWatch Logs. // -// Deletes a resource policy from this account. This revokes the access of the -// identities in that policy to put log events to this account. +// Deletes the specified destination, and eventually disables all the subscription +// filters that publish to it. This operation does not delete the physical resource +// encapsulated by the destination. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for Amazon CloudWatch Logs's -// API operation DeleteResourcePolicy for usage and error information. +// API operation DeleteDestination for usage and error information. // // Returned Error Types: // @@ -1155,86 +1482,86 @@ func (c *CloudWatchLogs) DeleteResourcePolicyRequest(input *DeleteResourcePolicy // - ResourceNotFoundException // The specified resource does not exist. // +// - OperationAbortedException +// Multiple concurrent requests to update the same resource were in conflict. +// // - ServiceUnavailableException // The service cannot complete the request. // -// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/DeleteResourcePolicy -func (c *CloudWatchLogs) DeleteResourcePolicy(input *DeleteResourcePolicyInput) (*DeleteResourcePolicyOutput, error) { - req, out := c.DeleteResourcePolicyRequest(input) +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/DeleteDestination +func (c *CloudWatchLogs) DeleteDestination(input *DeleteDestinationInput) (*DeleteDestinationOutput, error) { + req, out := c.DeleteDestinationRequest(input) return out, req.Send() } -// DeleteResourcePolicyWithContext is the same as DeleteResourcePolicy with the addition of +// DeleteDestinationWithContext is the same as DeleteDestination with the addition of // the ability to pass a context and additional request options. // -// See DeleteResourcePolicy for details on how to use this API operation. +// See DeleteDestination for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. -func (c *CloudWatchLogs) DeleteResourcePolicyWithContext(ctx aws.Context, input *DeleteResourcePolicyInput, opts ...request.Option) (*DeleteResourcePolicyOutput, error) { - req, out := c.DeleteResourcePolicyRequest(input) +func (c *CloudWatchLogs) DeleteDestinationWithContext(ctx aws.Context, input *DeleteDestinationInput, opts ...request.Option) (*DeleteDestinationOutput, error) { + req, out := c.DeleteDestinationRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } -const opDeleteRetentionPolicy = "DeleteRetentionPolicy" +const opDeleteLogAnomalyDetector = "DeleteLogAnomalyDetector" -// DeleteRetentionPolicyRequest generates a "aws/request.Request" representing the -// client's request for the DeleteRetentionPolicy operation. The "output" return +// DeleteLogAnomalyDetectorRequest generates a "aws/request.Request" representing the +// client's request for the DeleteLogAnomalyDetector operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // -// See DeleteRetentionPolicy for more information on using the DeleteRetentionPolicy +// See DeleteLogAnomalyDetector for more information on using the DeleteLogAnomalyDetector // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // -// // Example sending a request using the DeleteRetentionPolicyRequest method. -// req, resp := client.DeleteRetentionPolicyRequest(params) +// // Example sending a request using the DeleteLogAnomalyDetectorRequest method. +// req, resp := client.DeleteLogAnomalyDetectorRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // -// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/DeleteRetentionPolicy -func (c *CloudWatchLogs) DeleteRetentionPolicyRequest(input *DeleteRetentionPolicyInput) (req *request.Request, output *DeleteRetentionPolicyOutput) { +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/DeleteLogAnomalyDetector +func (c *CloudWatchLogs) DeleteLogAnomalyDetectorRequest(input *DeleteLogAnomalyDetectorInput) (req *request.Request, output *DeleteLogAnomalyDetectorOutput) { op := &request.Operation{ - Name: opDeleteRetentionPolicy, + Name: opDeleteLogAnomalyDetector, HTTPMethod: "POST", HTTPPath: "/", } if input == nil { - input = &DeleteRetentionPolicyInput{} + input = &DeleteLogAnomalyDetectorInput{} } - output = &DeleteRetentionPolicyOutput{} + output = &DeleteLogAnomalyDetectorOutput{} req = c.newRequest(op, input, output) req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) return } -// DeleteRetentionPolicy API operation for Amazon CloudWatch Logs. -// -// Deletes the specified retention policy. +// DeleteLogAnomalyDetector API operation for Amazon CloudWatch Logs. // -// Log events do not expire if they belong to log groups without a retention -// policy. +// Deletes the specified CloudWatch Logs anomaly detector. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for Amazon CloudWatch Logs's -// API operation DeleteRetentionPolicy for usage and error information. +// API operation DeleteLogAnomalyDetector for usage and error information. // // Returned Error Types: // @@ -1244,86 +1571,87 @@ func (c *CloudWatchLogs) DeleteRetentionPolicyRequest(input *DeleteRetentionPoli // - ResourceNotFoundException // The specified resource does not exist. // -// - OperationAbortedException -// Multiple concurrent requests to update the same resource were in conflict. -// // - ServiceUnavailableException // The service cannot complete the request. // -// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/DeleteRetentionPolicy -func (c *CloudWatchLogs) DeleteRetentionPolicy(input *DeleteRetentionPolicyInput) (*DeleteRetentionPolicyOutput, error) { - req, out := c.DeleteRetentionPolicyRequest(input) +// - OperationAbortedException +// Multiple concurrent requests to update the same resource were in conflict. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/DeleteLogAnomalyDetector +func (c *CloudWatchLogs) DeleteLogAnomalyDetector(input *DeleteLogAnomalyDetectorInput) (*DeleteLogAnomalyDetectorOutput, error) { + req, out := c.DeleteLogAnomalyDetectorRequest(input) return out, req.Send() } -// DeleteRetentionPolicyWithContext is the same as DeleteRetentionPolicy with the addition of +// DeleteLogAnomalyDetectorWithContext is the same as DeleteLogAnomalyDetector with the addition of // the ability to pass a context and additional request options. // -// See DeleteRetentionPolicy for details on how to use this API operation. +// See DeleteLogAnomalyDetector for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. -func (c *CloudWatchLogs) DeleteRetentionPolicyWithContext(ctx aws.Context, input *DeleteRetentionPolicyInput, opts ...request.Option) (*DeleteRetentionPolicyOutput, error) { - req, out := c.DeleteRetentionPolicyRequest(input) +func (c *CloudWatchLogs) DeleteLogAnomalyDetectorWithContext(ctx aws.Context, input *DeleteLogAnomalyDetectorInput, opts ...request.Option) (*DeleteLogAnomalyDetectorOutput, error) { + req, out := c.DeleteLogAnomalyDetectorRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } -const opDeleteSubscriptionFilter = "DeleteSubscriptionFilter" +const opDeleteLogGroup = "DeleteLogGroup" -// DeleteSubscriptionFilterRequest generates a "aws/request.Request" representing the -// client's request for the DeleteSubscriptionFilter operation. The "output" return +// DeleteLogGroupRequest generates a "aws/request.Request" representing the +// client's request for the DeleteLogGroup operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // -// See DeleteSubscriptionFilter for more information on using the DeleteSubscriptionFilter +// See DeleteLogGroup for more information on using the DeleteLogGroup // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // -// // Example sending a request using the DeleteSubscriptionFilterRequest method. -// req, resp := client.DeleteSubscriptionFilterRequest(params) +// // Example sending a request using the DeleteLogGroupRequest method. +// req, resp := client.DeleteLogGroupRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // -// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/DeleteSubscriptionFilter -func (c *CloudWatchLogs) DeleteSubscriptionFilterRequest(input *DeleteSubscriptionFilterInput) (req *request.Request, output *DeleteSubscriptionFilterOutput) { +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/DeleteLogGroup +func (c *CloudWatchLogs) DeleteLogGroupRequest(input *DeleteLogGroupInput) (req *request.Request, output *DeleteLogGroupOutput) { op := &request.Operation{ - Name: opDeleteSubscriptionFilter, + Name: opDeleteLogGroup, HTTPMethod: "POST", HTTPPath: "/", } if input == nil { - input = &DeleteSubscriptionFilterInput{} + input = &DeleteLogGroupInput{} } - output = &DeleteSubscriptionFilterOutput{} + output = &DeleteLogGroupOutput{} req = c.newRequest(op, input, output) req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) return } -// DeleteSubscriptionFilter API operation for Amazon CloudWatch Logs. +// DeleteLogGroup API operation for Amazon CloudWatch Logs. // -// Deletes the specified subscription filter. +// Deletes the specified log group and permanently deletes all the archived +// log events associated with the log group. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for Amazon CloudWatch Logs's -// API operation DeleteSubscriptionFilter for usage and error information. +// API operation DeleteLogGroup for usage and error information. // // Returned Error Types: // @@ -1339,470 +1667,440 @@ func (c *CloudWatchLogs) DeleteSubscriptionFilterRequest(input *DeleteSubscripti // - ServiceUnavailableException // The service cannot complete the request. // -// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/DeleteSubscriptionFilter -func (c *CloudWatchLogs) DeleteSubscriptionFilter(input *DeleteSubscriptionFilterInput) (*DeleteSubscriptionFilterOutput, error) { - req, out := c.DeleteSubscriptionFilterRequest(input) +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/DeleteLogGroup +func (c *CloudWatchLogs) DeleteLogGroup(input *DeleteLogGroupInput) (*DeleteLogGroupOutput, error) { + req, out := c.DeleteLogGroupRequest(input) return out, req.Send() } -// DeleteSubscriptionFilterWithContext is the same as DeleteSubscriptionFilter with the addition of +// DeleteLogGroupWithContext is the same as DeleteLogGroup with the addition of // the ability to pass a context and additional request options. // -// See DeleteSubscriptionFilter for details on how to use this API operation. +// See DeleteLogGroup for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. -func (c *CloudWatchLogs) DeleteSubscriptionFilterWithContext(ctx aws.Context, input *DeleteSubscriptionFilterInput, opts ...request.Option) (*DeleteSubscriptionFilterOutput, error) { - req, out := c.DeleteSubscriptionFilterRequest(input) +func (c *CloudWatchLogs) DeleteLogGroupWithContext(ctx aws.Context, input *DeleteLogGroupInput, opts ...request.Option) (*DeleteLogGroupOutput, error) { + req, out := c.DeleteLogGroupRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } -const opDescribeDestinations = "DescribeDestinations" +const opDeleteLogStream = "DeleteLogStream" -// DescribeDestinationsRequest generates a "aws/request.Request" representing the -// client's request for the DescribeDestinations operation. The "output" return +// DeleteLogStreamRequest generates a "aws/request.Request" representing the +// client's request for the DeleteLogStream operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // -// See DescribeDestinations for more information on using the DescribeDestinations +// See DeleteLogStream for more information on using the DeleteLogStream // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // -// // Example sending a request using the DescribeDestinationsRequest method. -// req, resp := client.DescribeDestinationsRequest(params) +// // Example sending a request using the DeleteLogStreamRequest method. +// req, resp := client.DeleteLogStreamRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // -// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/DescribeDestinations -func (c *CloudWatchLogs) DescribeDestinationsRequest(input *DescribeDestinationsInput) (req *request.Request, output *DescribeDestinationsOutput) { +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/DeleteLogStream +func (c *CloudWatchLogs) DeleteLogStreamRequest(input *DeleteLogStreamInput) (req *request.Request, output *DeleteLogStreamOutput) { op := &request.Operation{ - Name: opDescribeDestinations, + Name: opDeleteLogStream, HTTPMethod: "POST", HTTPPath: "/", - Paginator: &request.Paginator{ - InputTokens: []string{"nextToken"}, - OutputTokens: []string{"nextToken"}, - LimitToken: "limit", - TruncationToken: "", - }, } if input == nil { - input = &DescribeDestinationsInput{} + input = &DeleteLogStreamInput{} } - output = &DescribeDestinationsOutput{} + output = &DeleteLogStreamOutput{} req = c.newRequest(op, input, output) + req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) return } -// DescribeDestinations API operation for Amazon CloudWatch Logs. +// DeleteLogStream API operation for Amazon CloudWatch Logs. // -// Lists all your destinations. The results are ASCII-sorted by destination -// name. +// Deletes the specified log stream and permanently deletes all the archived +// log events associated with the log stream. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for Amazon CloudWatch Logs's -// API operation DescribeDestinations for usage and error information. +// API operation DeleteLogStream for usage and error information. // // Returned Error Types: // // - InvalidParameterException // A parameter is specified incorrectly. // +// - ResourceNotFoundException +// The specified resource does not exist. +// +// - OperationAbortedException +// Multiple concurrent requests to update the same resource were in conflict. +// // - ServiceUnavailableException // The service cannot complete the request. // -// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/DescribeDestinations -func (c *CloudWatchLogs) DescribeDestinations(input *DescribeDestinationsInput) (*DescribeDestinationsOutput, error) { - req, out := c.DescribeDestinationsRequest(input) +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/DeleteLogStream +func (c *CloudWatchLogs) DeleteLogStream(input *DeleteLogStreamInput) (*DeleteLogStreamOutput, error) { + req, out := c.DeleteLogStreamRequest(input) return out, req.Send() } -// DescribeDestinationsWithContext is the same as DescribeDestinations with the addition of +// DeleteLogStreamWithContext is the same as DeleteLogStream with the addition of // the ability to pass a context and additional request options. // -// See DescribeDestinations for details on how to use this API operation. +// See DeleteLogStream for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. -func (c *CloudWatchLogs) DescribeDestinationsWithContext(ctx aws.Context, input *DescribeDestinationsInput, opts ...request.Option) (*DescribeDestinationsOutput, error) { - req, out := c.DescribeDestinationsRequest(input) +func (c *CloudWatchLogs) DeleteLogStreamWithContext(ctx aws.Context, input *DeleteLogStreamInput, opts ...request.Option) (*DeleteLogStreamOutput, error) { + req, out := c.DeleteLogStreamRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } -// DescribeDestinationsPages iterates over the pages of a DescribeDestinations operation, -// calling the "fn" function with the response data for each page. To stop -// iterating, return false from the fn function. -// -// See DescribeDestinations method for more information on how to use this operation. -// -// Note: This operation can generate multiple requests to a service. -// -// // Example iterating over at most 3 pages of a DescribeDestinations operation. -// pageNum := 0 -// err := client.DescribeDestinationsPages(params, -// func(page *cloudwatchlogs.DescribeDestinationsOutput, lastPage bool) bool { -// pageNum++ -// fmt.Println(page) -// return pageNum <= 3 -// }) -func (c *CloudWatchLogs) DescribeDestinationsPages(input *DescribeDestinationsInput, fn func(*DescribeDestinationsOutput, bool) bool) error { - return c.DescribeDestinationsPagesWithContext(aws.BackgroundContext(), input, fn) -} - -// DescribeDestinationsPagesWithContext same as DescribeDestinationsPages except -// it takes a Context and allows setting request options on the pages. -// -// The context must be non-nil and will be used for request cancellation. If -// the context is nil a panic will occur. In the future the SDK may create -// sub-contexts for http.Requests. See https://golang.org/pkg/context/ -// for more information on using Contexts. -func (c *CloudWatchLogs) DescribeDestinationsPagesWithContext(ctx aws.Context, input *DescribeDestinationsInput, fn func(*DescribeDestinationsOutput, bool) bool, opts ...request.Option) error { - p := request.Pagination{ - EndPageOnSameToken: true, - NewRequest: func() (*request.Request, error) { - var inCpy *DescribeDestinationsInput - if input != nil { - tmp := *input - inCpy = &tmp - } - req, _ := c.DescribeDestinationsRequest(inCpy) - req.SetContext(ctx) - req.ApplyOptions(opts...) - return req, nil - }, - } - - for p.Next() { - if !fn(p.Page().(*DescribeDestinationsOutput), !p.HasNextPage()) { - break - } - } - - return p.Err() -} - -const opDescribeExportTasks = "DescribeExportTasks" +const opDeleteMetricFilter = "DeleteMetricFilter" -// DescribeExportTasksRequest generates a "aws/request.Request" representing the -// client's request for the DescribeExportTasks operation. The "output" return +// DeleteMetricFilterRequest generates a "aws/request.Request" representing the +// client's request for the DeleteMetricFilter operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // -// See DescribeExportTasks for more information on using the DescribeExportTasks +// See DeleteMetricFilter for more information on using the DeleteMetricFilter // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // -// // Example sending a request using the DescribeExportTasksRequest method. -// req, resp := client.DescribeExportTasksRequest(params) +// // Example sending a request using the DeleteMetricFilterRequest method. +// req, resp := client.DeleteMetricFilterRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // -// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/DescribeExportTasks -func (c *CloudWatchLogs) DescribeExportTasksRequest(input *DescribeExportTasksInput) (req *request.Request, output *DescribeExportTasksOutput) { +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/DeleteMetricFilter +func (c *CloudWatchLogs) DeleteMetricFilterRequest(input *DeleteMetricFilterInput) (req *request.Request, output *DeleteMetricFilterOutput) { op := &request.Operation{ - Name: opDescribeExportTasks, + Name: opDeleteMetricFilter, HTTPMethod: "POST", HTTPPath: "/", } if input == nil { - input = &DescribeExportTasksInput{} + input = &DeleteMetricFilterInput{} } - output = &DescribeExportTasksOutput{} + output = &DeleteMetricFilterOutput{} req = c.newRequest(op, input, output) + req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) return } -// DescribeExportTasks API operation for Amazon CloudWatch Logs. +// DeleteMetricFilter API operation for Amazon CloudWatch Logs. // -// Lists the specified export tasks. You can list all your export tasks or filter -// the results based on task ID or task status. +// Deletes the specified metric filter. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for Amazon CloudWatch Logs's -// API operation DescribeExportTasks for usage and error information. +// API operation DeleteMetricFilter for usage and error information. // // Returned Error Types: // // - InvalidParameterException // A parameter is specified incorrectly. // +// - ResourceNotFoundException +// The specified resource does not exist. +// +// - OperationAbortedException +// Multiple concurrent requests to update the same resource were in conflict. +// // - ServiceUnavailableException // The service cannot complete the request. // -// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/DescribeExportTasks -func (c *CloudWatchLogs) DescribeExportTasks(input *DescribeExportTasksInput) (*DescribeExportTasksOutput, error) { - req, out := c.DescribeExportTasksRequest(input) +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/DeleteMetricFilter +func (c *CloudWatchLogs) DeleteMetricFilter(input *DeleteMetricFilterInput) (*DeleteMetricFilterOutput, error) { + req, out := c.DeleteMetricFilterRequest(input) return out, req.Send() } -// DescribeExportTasksWithContext is the same as DescribeExportTasks with the addition of +// DeleteMetricFilterWithContext is the same as DeleteMetricFilter with the addition of // the ability to pass a context and additional request options. // -// See DescribeExportTasks for details on how to use this API operation. +// See DeleteMetricFilter for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. -func (c *CloudWatchLogs) DescribeExportTasksWithContext(ctx aws.Context, input *DescribeExportTasksInput, opts ...request.Option) (*DescribeExportTasksOutput, error) { - req, out := c.DescribeExportTasksRequest(input) +func (c *CloudWatchLogs) DeleteMetricFilterWithContext(ctx aws.Context, input *DeleteMetricFilterInput, opts ...request.Option) (*DeleteMetricFilterOutput, error) { + req, out := c.DeleteMetricFilterRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } -const opDescribeLogGroups = "DescribeLogGroups" +const opDeleteQueryDefinition = "DeleteQueryDefinition" -// DescribeLogGroupsRequest generates a "aws/request.Request" representing the -// client's request for the DescribeLogGroups operation. The "output" return +// DeleteQueryDefinitionRequest generates a "aws/request.Request" representing the +// client's request for the DeleteQueryDefinition operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // -// See DescribeLogGroups for more information on using the DescribeLogGroups +// See DeleteQueryDefinition for more information on using the DeleteQueryDefinition // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // -// // Example sending a request using the DescribeLogGroupsRequest method. -// req, resp := client.DescribeLogGroupsRequest(params) +// // Example sending a request using the DeleteQueryDefinitionRequest method. +// req, resp := client.DeleteQueryDefinitionRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // -// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/DescribeLogGroups -func (c *CloudWatchLogs) DescribeLogGroupsRequest(input *DescribeLogGroupsInput) (req *request.Request, output *DescribeLogGroupsOutput) { +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/DeleteQueryDefinition +func (c *CloudWatchLogs) DeleteQueryDefinitionRequest(input *DeleteQueryDefinitionInput) (req *request.Request, output *DeleteQueryDefinitionOutput) { op := &request.Operation{ - Name: opDescribeLogGroups, + Name: opDeleteQueryDefinition, HTTPMethod: "POST", HTTPPath: "/", - Paginator: &request.Paginator{ - InputTokens: []string{"nextToken"}, - OutputTokens: []string{"nextToken"}, - LimitToken: "limit", - TruncationToken: "", - }, } if input == nil { - input = &DescribeLogGroupsInput{} + input = &DeleteQueryDefinitionInput{} } - output = &DescribeLogGroupsOutput{} + output = &DeleteQueryDefinitionOutput{} req = c.newRequest(op, input, output) return } -// DescribeLogGroups API operation for Amazon CloudWatch Logs. +// DeleteQueryDefinition API operation for Amazon CloudWatch Logs. // -// Lists the specified log groups. You can list all your log groups or filter -// the results by prefix. The results are ASCII-sorted by log group name. +// Deletes a saved CloudWatch Logs Insights query definition. A query definition +// contains details about a saved CloudWatch Logs Insights query. // -// CloudWatch Logs doesn’t support IAM policies that control access to the -// DescribeLogGroups action by using the aws:ResourceTag/key-name condition -// key. Other CloudWatch Logs actions do support the use of the aws:ResourceTag/key-name -// condition key to control access. For more information about using tags to -// control access, see Controlling access to Amazon Web Services resources using -// tags (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_tags.html). +// Each DeleteQueryDefinition operation can delete one query definition. // -// If you are using CloudWatch cross-account observability, you can use this -// operation in a monitoring account and view data from the linked source accounts. -// For more information, see CloudWatch cross-account observability (https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-Unified-Cross-Account.html). +// You must have the logs:DeleteQueryDefinition permission to be able to perform +// this operation. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for Amazon CloudWatch Logs's -// API operation DescribeLogGroups for usage and error information. +// API operation DeleteQueryDefinition for usage and error information. // // Returned Error Types: // // - InvalidParameterException // A parameter is specified incorrectly. // +// - ResourceNotFoundException +// The specified resource does not exist. +// // - ServiceUnavailableException // The service cannot complete the request. // -// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/DescribeLogGroups -func (c *CloudWatchLogs) DescribeLogGroups(input *DescribeLogGroupsInput) (*DescribeLogGroupsOutput, error) { - req, out := c.DescribeLogGroupsRequest(input) +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/DeleteQueryDefinition +func (c *CloudWatchLogs) DeleteQueryDefinition(input *DeleteQueryDefinitionInput) (*DeleteQueryDefinitionOutput, error) { + req, out := c.DeleteQueryDefinitionRequest(input) return out, req.Send() } -// DescribeLogGroupsWithContext is the same as DescribeLogGroups with the addition of +// DeleteQueryDefinitionWithContext is the same as DeleteQueryDefinition with the addition of // the ability to pass a context and additional request options. // -// See DescribeLogGroups for details on how to use this API operation. +// See DeleteQueryDefinition for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. -func (c *CloudWatchLogs) DescribeLogGroupsWithContext(ctx aws.Context, input *DescribeLogGroupsInput, opts ...request.Option) (*DescribeLogGroupsOutput, error) { - req, out := c.DescribeLogGroupsRequest(input) +func (c *CloudWatchLogs) DeleteQueryDefinitionWithContext(ctx aws.Context, input *DeleteQueryDefinitionInput, opts ...request.Option) (*DeleteQueryDefinitionOutput, error) { + req, out := c.DeleteQueryDefinitionRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } -// DescribeLogGroupsPages iterates over the pages of a DescribeLogGroups operation, -// calling the "fn" function with the response data for each page. To stop -// iterating, return false from the fn function. +const opDeleteResourcePolicy = "DeleteResourcePolicy" + +// DeleteResourcePolicyRequest generates a "aws/request.Request" representing the +// client's request for the DeleteResourcePolicy operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. // -// See DescribeLogGroups method for more information on how to use this operation. +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. // -// Note: This operation can generate multiple requests to a service. +// See DeleteResourcePolicy for more information on using the DeleteResourcePolicy +// API call, and error handling. // -// // Example iterating over at most 3 pages of a DescribeLogGroups operation. -// pageNum := 0 -// err := client.DescribeLogGroupsPages(params, -// func(page *cloudwatchlogs.DescribeLogGroupsOutput, lastPage bool) bool { -// pageNum++ -// fmt.Println(page) -// return pageNum <= 3 -// }) -func (c *CloudWatchLogs) DescribeLogGroupsPages(input *DescribeLogGroupsInput, fn func(*DescribeLogGroupsOutput, bool) bool) error { - return c.DescribeLogGroupsPagesWithContext(aws.BackgroundContext(), input, fn) +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the DeleteResourcePolicyRequest method. +// req, resp := client.DeleteResourcePolicyRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/DeleteResourcePolicy +func (c *CloudWatchLogs) DeleteResourcePolicyRequest(input *DeleteResourcePolicyInput) (req *request.Request, output *DeleteResourcePolicyOutput) { + op := &request.Operation{ + Name: opDeleteResourcePolicy, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &DeleteResourcePolicyInput{} + } + + output = &DeleteResourcePolicyOutput{} + req = c.newRequest(op, input, output) + req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) + return } -// DescribeLogGroupsPagesWithContext same as DescribeLogGroupsPages except -// it takes a Context and allows setting request options on the pages. +// DeleteResourcePolicy API operation for Amazon CloudWatch Logs. +// +// Deletes a resource policy from this account. This revokes the access of the +// identities in that policy to put log events to this account. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon CloudWatch Logs's +// API operation DeleteResourcePolicy for usage and error information. +// +// Returned Error Types: +// +// - InvalidParameterException +// A parameter is specified incorrectly. +// +// - ResourceNotFoundException +// The specified resource does not exist. +// +// - ServiceUnavailableException +// The service cannot complete the request. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/DeleteResourcePolicy +func (c *CloudWatchLogs) DeleteResourcePolicy(input *DeleteResourcePolicyInput) (*DeleteResourcePolicyOutput, error) { + req, out := c.DeleteResourcePolicyRequest(input) + return out, req.Send() +} + +// DeleteResourcePolicyWithContext is the same as DeleteResourcePolicy with the addition of +// the ability to pass a context and additional request options. +// +// See DeleteResourcePolicy for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. -func (c *CloudWatchLogs) DescribeLogGroupsPagesWithContext(ctx aws.Context, input *DescribeLogGroupsInput, fn func(*DescribeLogGroupsOutput, bool) bool, opts ...request.Option) error { - p := request.Pagination{ - EndPageOnSameToken: true, - NewRequest: func() (*request.Request, error) { - var inCpy *DescribeLogGroupsInput - if input != nil { - tmp := *input - inCpy = &tmp - } - req, _ := c.DescribeLogGroupsRequest(inCpy) - req.SetContext(ctx) - req.ApplyOptions(opts...) - return req, nil - }, - } - - for p.Next() { - if !fn(p.Page().(*DescribeLogGroupsOutput), !p.HasNextPage()) { - break - } - } - - return p.Err() +func (c *CloudWatchLogs) DeleteResourcePolicyWithContext(ctx aws.Context, input *DeleteResourcePolicyInput, opts ...request.Option) (*DeleteResourcePolicyOutput, error) { + req, out := c.DeleteResourcePolicyRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() } -const opDescribeLogStreams = "DescribeLogStreams" +const opDeleteRetentionPolicy = "DeleteRetentionPolicy" -// DescribeLogStreamsRequest generates a "aws/request.Request" representing the -// client's request for the DescribeLogStreams operation. The "output" return +// DeleteRetentionPolicyRequest generates a "aws/request.Request" representing the +// client's request for the DeleteRetentionPolicy operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // -// See DescribeLogStreams for more information on using the DescribeLogStreams +// See DeleteRetentionPolicy for more information on using the DeleteRetentionPolicy // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // -// // Example sending a request using the DescribeLogStreamsRequest method. -// req, resp := client.DescribeLogStreamsRequest(params) +// // Example sending a request using the DeleteRetentionPolicyRequest method. +// req, resp := client.DeleteRetentionPolicyRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // -// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/DescribeLogStreams -func (c *CloudWatchLogs) DescribeLogStreamsRequest(input *DescribeLogStreamsInput) (req *request.Request, output *DescribeLogStreamsOutput) { +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/DeleteRetentionPolicy +func (c *CloudWatchLogs) DeleteRetentionPolicyRequest(input *DeleteRetentionPolicyInput) (req *request.Request, output *DeleteRetentionPolicyOutput) { op := &request.Operation{ - Name: opDescribeLogStreams, + Name: opDeleteRetentionPolicy, HTTPMethod: "POST", HTTPPath: "/", - Paginator: &request.Paginator{ - InputTokens: []string{"nextToken"}, - OutputTokens: []string{"nextToken"}, - LimitToken: "limit", - TruncationToken: "", - }, } if input == nil { - input = &DescribeLogStreamsInput{} + input = &DeleteRetentionPolicyInput{} } - output = &DescribeLogStreamsOutput{} + output = &DeleteRetentionPolicyOutput{} req = c.newRequest(op, input, output) + req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) return } -// DescribeLogStreams API operation for Amazon CloudWatch Logs. -// -// Lists the log streams for the specified log group. You can list all the log -// streams or filter the results by prefix. You can also control how the results -// are ordered. +// DeleteRetentionPolicy API operation for Amazon CloudWatch Logs. // -// This operation has a limit of five transactions per second, after which transactions -// are throttled. +// Deletes the specified retention policy. // -// If you are using CloudWatch cross-account observability, you can use this -// operation in a monitoring account and view data from the linked source accounts. -// For more information, see CloudWatch cross-account observability (https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-Unified-Cross-Account.html). +// Log events do not expire if they belong to log groups without a retention +// policy. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for Amazon CloudWatch Logs's -// API operation DescribeLogStreams for usage and error information. +// API operation DeleteRetentionPolicy for usage and error information. // // Returned Error Types: // @@ -1812,142 +2110,86 @@ func (c *CloudWatchLogs) DescribeLogStreamsRequest(input *DescribeLogStreamsInpu // - ResourceNotFoundException // The specified resource does not exist. // +// - OperationAbortedException +// Multiple concurrent requests to update the same resource were in conflict. +// // - ServiceUnavailableException // The service cannot complete the request. // -// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/DescribeLogStreams -func (c *CloudWatchLogs) DescribeLogStreams(input *DescribeLogStreamsInput) (*DescribeLogStreamsOutput, error) { - req, out := c.DescribeLogStreamsRequest(input) +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/DeleteRetentionPolicy +func (c *CloudWatchLogs) DeleteRetentionPolicy(input *DeleteRetentionPolicyInput) (*DeleteRetentionPolicyOutput, error) { + req, out := c.DeleteRetentionPolicyRequest(input) return out, req.Send() } -// DescribeLogStreamsWithContext is the same as DescribeLogStreams with the addition of +// DeleteRetentionPolicyWithContext is the same as DeleteRetentionPolicy with the addition of // the ability to pass a context and additional request options. // -// See DescribeLogStreams for details on how to use this API operation. +// See DeleteRetentionPolicy for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. -func (c *CloudWatchLogs) DescribeLogStreamsWithContext(ctx aws.Context, input *DescribeLogStreamsInput, opts ...request.Option) (*DescribeLogStreamsOutput, error) { - req, out := c.DescribeLogStreamsRequest(input) +func (c *CloudWatchLogs) DeleteRetentionPolicyWithContext(ctx aws.Context, input *DeleteRetentionPolicyInput, opts ...request.Option) (*DeleteRetentionPolicyOutput, error) { + req, out := c.DeleteRetentionPolicyRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } -// DescribeLogStreamsPages iterates over the pages of a DescribeLogStreams operation, -// calling the "fn" function with the response data for each page. To stop -// iterating, return false from the fn function. -// -// See DescribeLogStreams method for more information on how to use this operation. -// -// Note: This operation can generate multiple requests to a service. -// -// // Example iterating over at most 3 pages of a DescribeLogStreams operation. -// pageNum := 0 -// err := client.DescribeLogStreamsPages(params, -// func(page *cloudwatchlogs.DescribeLogStreamsOutput, lastPage bool) bool { -// pageNum++ -// fmt.Println(page) -// return pageNum <= 3 -// }) -func (c *CloudWatchLogs) DescribeLogStreamsPages(input *DescribeLogStreamsInput, fn func(*DescribeLogStreamsOutput, bool) bool) error { - return c.DescribeLogStreamsPagesWithContext(aws.BackgroundContext(), input, fn) -} - -// DescribeLogStreamsPagesWithContext same as DescribeLogStreamsPages except -// it takes a Context and allows setting request options on the pages. -// -// The context must be non-nil and will be used for request cancellation. If -// the context is nil a panic will occur. In the future the SDK may create -// sub-contexts for http.Requests. See https://golang.org/pkg/context/ -// for more information on using Contexts. -func (c *CloudWatchLogs) DescribeLogStreamsPagesWithContext(ctx aws.Context, input *DescribeLogStreamsInput, fn func(*DescribeLogStreamsOutput, bool) bool, opts ...request.Option) error { - p := request.Pagination{ - EndPageOnSameToken: true, - NewRequest: func() (*request.Request, error) { - var inCpy *DescribeLogStreamsInput - if input != nil { - tmp := *input - inCpy = &tmp - } - req, _ := c.DescribeLogStreamsRequest(inCpy) - req.SetContext(ctx) - req.ApplyOptions(opts...) - return req, nil - }, - } - - for p.Next() { - if !fn(p.Page().(*DescribeLogStreamsOutput), !p.HasNextPage()) { - break - } - } - - return p.Err() -} - -const opDescribeMetricFilters = "DescribeMetricFilters" +const opDeleteSubscriptionFilter = "DeleteSubscriptionFilter" -// DescribeMetricFiltersRequest generates a "aws/request.Request" representing the -// client's request for the DescribeMetricFilters operation. The "output" return +// DeleteSubscriptionFilterRequest generates a "aws/request.Request" representing the +// client's request for the DeleteSubscriptionFilter operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // -// See DescribeMetricFilters for more information on using the DescribeMetricFilters +// See DeleteSubscriptionFilter for more information on using the DeleteSubscriptionFilter // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // -// // Example sending a request using the DescribeMetricFiltersRequest method. -// req, resp := client.DescribeMetricFiltersRequest(params) +// // Example sending a request using the DeleteSubscriptionFilterRequest method. +// req, resp := client.DeleteSubscriptionFilterRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // -// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/DescribeMetricFilters -func (c *CloudWatchLogs) DescribeMetricFiltersRequest(input *DescribeMetricFiltersInput) (req *request.Request, output *DescribeMetricFiltersOutput) { +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/DeleteSubscriptionFilter +func (c *CloudWatchLogs) DeleteSubscriptionFilterRequest(input *DeleteSubscriptionFilterInput) (req *request.Request, output *DeleteSubscriptionFilterOutput) { op := &request.Operation{ - Name: opDescribeMetricFilters, + Name: opDeleteSubscriptionFilter, HTTPMethod: "POST", HTTPPath: "/", - Paginator: &request.Paginator{ - InputTokens: []string{"nextToken"}, - OutputTokens: []string{"nextToken"}, - LimitToken: "limit", - TruncationToken: "", - }, } if input == nil { - input = &DescribeMetricFiltersInput{} + input = &DeleteSubscriptionFilterInput{} } - output = &DescribeMetricFiltersOutput{} + output = &DeleteSubscriptionFilterOutput{} req = c.newRequest(op, input, output) + req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) return } -// DescribeMetricFilters API operation for Amazon CloudWatch Logs. +// DeleteSubscriptionFilter API operation for Amazon CloudWatch Logs. // -// Lists the specified metric filters. You can list all of the metric filters -// or filter the results by log name, prefix, metric name, or metric namespace. -// The results are ASCII-sorted by filter name. +// Deletes the specified subscription filter. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for Amazon CloudWatch Logs's -// API operation DescribeMetricFilters for usage and error information. +// API operation DeleteSubscriptionFilter for usage and error information. // // Returned Error Types: // @@ -1957,366 +2199,305 @@ func (c *CloudWatchLogs) DescribeMetricFiltersRequest(input *DescribeMetricFilte // - ResourceNotFoundException // The specified resource does not exist. // +// - OperationAbortedException +// Multiple concurrent requests to update the same resource were in conflict. +// // - ServiceUnavailableException // The service cannot complete the request. // -// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/DescribeMetricFilters -func (c *CloudWatchLogs) DescribeMetricFilters(input *DescribeMetricFiltersInput) (*DescribeMetricFiltersOutput, error) { - req, out := c.DescribeMetricFiltersRequest(input) +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/DeleteSubscriptionFilter +func (c *CloudWatchLogs) DeleteSubscriptionFilter(input *DeleteSubscriptionFilterInput) (*DeleteSubscriptionFilterOutput, error) { + req, out := c.DeleteSubscriptionFilterRequest(input) return out, req.Send() } -// DescribeMetricFiltersWithContext is the same as DescribeMetricFilters with the addition of +// DeleteSubscriptionFilterWithContext is the same as DeleteSubscriptionFilter with the addition of // the ability to pass a context and additional request options. // -// See DescribeMetricFilters for details on how to use this API operation. +// See DeleteSubscriptionFilter for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. -func (c *CloudWatchLogs) DescribeMetricFiltersWithContext(ctx aws.Context, input *DescribeMetricFiltersInput, opts ...request.Option) (*DescribeMetricFiltersOutput, error) { - req, out := c.DescribeMetricFiltersRequest(input) +func (c *CloudWatchLogs) DeleteSubscriptionFilterWithContext(ctx aws.Context, input *DeleteSubscriptionFilterInput, opts ...request.Option) (*DeleteSubscriptionFilterOutput, error) { + req, out := c.DeleteSubscriptionFilterRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } -// DescribeMetricFiltersPages iterates over the pages of a DescribeMetricFilters operation, -// calling the "fn" function with the response data for each page. To stop -// iterating, return false from the fn function. +const opDescribeAccountPolicies = "DescribeAccountPolicies" + +// DescribeAccountPoliciesRequest generates a "aws/request.Request" representing the +// client's request for the DescribeAccountPolicies operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. // -// See DescribeMetricFilters method for more information on how to use this operation. +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. // -// Note: This operation can generate multiple requests to a service. +// See DescribeAccountPolicies for more information on using the DescribeAccountPolicies +// API call, and error handling. // -// // Example iterating over at most 3 pages of a DescribeMetricFilters operation. -// pageNum := 0 -// err := client.DescribeMetricFiltersPages(params, -// func(page *cloudwatchlogs.DescribeMetricFiltersOutput, lastPage bool) bool { -// pageNum++ -// fmt.Println(page) -// return pageNum <= 3 -// }) -func (c *CloudWatchLogs) DescribeMetricFiltersPages(input *DescribeMetricFiltersInput, fn func(*DescribeMetricFiltersOutput, bool) bool) error { - return c.DescribeMetricFiltersPagesWithContext(aws.BackgroundContext(), input, fn) -} - -// DescribeMetricFiltersPagesWithContext same as DescribeMetricFiltersPages except -// it takes a Context and allows setting request options on the pages. +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. // -// The context must be non-nil and will be used for request cancellation. If -// the context is nil a panic will occur. In the future the SDK may create -// sub-contexts for http.Requests. See https://golang.org/pkg/context/ -// for more information on using Contexts. -func (c *CloudWatchLogs) DescribeMetricFiltersPagesWithContext(ctx aws.Context, input *DescribeMetricFiltersInput, fn func(*DescribeMetricFiltersOutput, bool) bool, opts ...request.Option) error { - p := request.Pagination{ - EndPageOnSameToken: true, - NewRequest: func() (*request.Request, error) { - var inCpy *DescribeMetricFiltersInput - if input != nil { - tmp := *input - inCpy = &tmp - } - req, _ := c.DescribeMetricFiltersRequest(inCpy) - req.SetContext(ctx) - req.ApplyOptions(opts...) - return req, nil - }, - } - - for p.Next() { - if !fn(p.Page().(*DescribeMetricFiltersOutput), !p.HasNextPage()) { - break - } - } - - return p.Err() -} - -const opDescribeQueries = "DescribeQueries" - -// DescribeQueriesRequest generates a "aws/request.Request" representing the -// client's request for the DescribeQueries operation. The "output" return -// value will be populated with the request's response once the request completes -// successfully. -// -// Use "Send" method on the returned Request to send the API call to the service. -// the "output" return value is not valid until after Send returns without error. -// -// See DescribeQueries for more information on using the DescribeQueries -// API call, and error handling. -// -// This method is useful when you want to inject custom logic or configuration -// into the SDK's request lifecycle. Such as custom headers, or retry logic. -// -// // Example sending a request using the DescribeQueriesRequest method. -// req, resp := client.DescribeQueriesRequest(params) +// // Example sending a request using the DescribeAccountPoliciesRequest method. +// req, resp := client.DescribeAccountPoliciesRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // -// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/DescribeQueries -func (c *CloudWatchLogs) DescribeQueriesRequest(input *DescribeQueriesInput) (req *request.Request, output *DescribeQueriesOutput) { +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/DescribeAccountPolicies +func (c *CloudWatchLogs) DescribeAccountPoliciesRequest(input *DescribeAccountPoliciesInput) (req *request.Request, output *DescribeAccountPoliciesOutput) { op := &request.Operation{ - Name: opDescribeQueries, + Name: opDescribeAccountPolicies, HTTPMethod: "POST", HTTPPath: "/", } if input == nil { - input = &DescribeQueriesInput{} + input = &DescribeAccountPoliciesInput{} } - output = &DescribeQueriesOutput{} + output = &DescribeAccountPoliciesOutput{} req = c.newRequest(op, input, output) return } -// DescribeQueries API operation for Amazon CloudWatch Logs. +// DescribeAccountPolicies API operation for Amazon CloudWatch Logs. // -// Returns a list of CloudWatch Logs Insights queries that are scheduled, running, -// or have been run recently in this account. You can request all queries or -// limit it to queries of a specific log group or queries with a certain status. +// Returns a list of all CloudWatch Logs account policies in the account. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for Amazon CloudWatch Logs's -// API operation DescribeQueries for usage and error information. +// API operation DescribeAccountPolicies for usage and error information. // // Returned Error Types: // // - InvalidParameterException // A parameter is specified incorrectly. // +// - OperationAbortedException +// Multiple concurrent requests to update the same resource were in conflict. +// // - ResourceNotFoundException // The specified resource does not exist. // // - ServiceUnavailableException // The service cannot complete the request. // -// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/DescribeQueries -func (c *CloudWatchLogs) DescribeQueries(input *DescribeQueriesInput) (*DescribeQueriesOutput, error) { - req, out := c.DescribeQueriesRequest(input) +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/DescribeAccountPolicies +func (c *CloudWatchLogs) DescribeAccountPolicies(input *DescribeAccountPoliciesInput) (*DescribeAccountPoliciesOutput, error) { + req, out := c.DescribeAccountPoliciesRequest(input) return out, req.Send() } -// DescribeQueriesWithContext is the same as DescribeQueries with the addition of +// DescribeAccountPoliciesWithContext is the same as DescribeAccountPolicies with the addition of // the ability to pass a context and additional request options. // -// See DescribeQueries for details on how to use this API operation. +// See DescribeAccountPolicies for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. -func (c *CloudWatchLogs) DescribeQueriesWithContext(ctx aws.Context, input *DescribeQueriesInput, opts ...request.Option) (*DescribeQueriesOutput, error) { - req, out := c.DescribeQueriesRequest(input) +func (c *CloudWatchLogs) DescribeAccountPoliciesWithContext(ctx aws.Context, input *DescribeAccountPoliciesInput, opts ...request.Option) (*DescribeAccountPoliciesOutput, error) { + req, out := c.DescribeAccountPoliciesRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } -const opDescribeQueryDefinitions = "DescribeQueryDefinitions" +const opDescribeDeliveries = "DescribeDeliveries" -// DescribeQueryDefinitionsRequest generates a "aws/request.Request" representing the -// client's request for the DescribeQueryDefinitions operation. The "output" return +// DescribeDeliveriesRequest generates a "aws/request.Request" representing the +// client's request for the DescribeDeliveries operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // -// See DescribeQueryDefinitions for more information on using the DescribeQueryDefinitions +// See DescribeDeliveries for more information on using the DescribeDeliveries // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // -// // Example sending a request using the DescribeQueryDefinitionsRequest method. -// req, resp := client.DescribeQueryDefinitionsRequest(params) +// // Example sending a request using the DescribeDeliveriesRequest method. +// req, resp := client.DescribeDeliveriesRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // -// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/DescribeQueryDefinitions -func (c *CloudWatchLogs) DescribeQueryDefinitionsRequest(input *DescribeQueryDefinitionsInput) (req *request.Request, output *DescribeQueryDefinitionsOutput) { +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/DescribeDeliveries +func (c *CloudWatchLogs) DescribeDeliveriesRequest(input *DescribeDeliveriesInput) (req *request.Request, output *DescribeDeliveriesOutput) { op := &request.Operation{ - Name: opDescribeQueryDefinitions, + Name: opDescribeDeliveries, HTTPMethod: "POST", HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"nextToken"}, + OutputTokens: []string{"nextToken"}, + LimitToken: "limit", + TruncationToken: "", + }, } if input == nil { - input = &DescribeQueryDefinitionsInput{} + input = &DescribeDeliveriesInput{} } - output = &DescribeQueryDefinitionsOutput{} + output = &DescribeDeliveriesOutput{} req = c.newRequest(op, input, output) return } -// DescribeQueryDefinitions API operation for Amazon CloudWatch Logs. +// DescribeDeliveries API operation for Amazon CloudWatch Logs. // -// This operation returns a paginated list of your saved CloudWatch Logs Insights -// query definitions. +// Retrieves a list of the deliveries that have been created in the account. // -// You can use the queryDefinitionNamePrefix parameter to limit the results -// to only the query definitions that have names that start with a certain string. +// A delivery is a connection between a delivery source (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutDeliverySource.html) +// and a delivery destination (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutDeliveryDestination.html). +// +// A delivery source represents an Amazon Web Services resource that sends logs +// to an logs delivery destination. The destination can be CloudWatch Logs, +// Amazon S3, or Firehose. Only some Amazon Web Services services support being +// configured as a delivery source. These services are listed in Enable logging +// from Amazon Web Services services. (https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/AWS-logs-and-resource-policy.html) // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for Amazon CloudWatch Logs's -// API operation DescribeQueryDefinitions for usage and error information. +// API operation DescribeDeliveries for usage and error information. // // Returned Error Types: // -// - InvalidParameterException -// A parameter is specified incorrectly. -// // - ServiceUnavailableException // The service cannot complete the request. // -// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/DescribeQueryDefinitions -func (c *CloudWatchLogs) DescribeQueryDefinitions(input *DescribeQueryDefinitionsInput) (*DescribeQueryDefinitionsOutput, error) { - req, out := c.DescribeQueryDefinitionsRequest(input) +// - ServiceQuotaExceededException +// This request exceeds a service quota. +// +// - ValidationException +// One of the parameters for the request is not valid. +// +// - ThrottlingException +// The request was throttled because of quota limits. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/DescribeDeliveries +func (c *CloudWatchLogs) DescribeDeliveries(input *DescribeDeliveriesInput) (*DescribeDeliveriesOutput, error) { + req, out := c.DescribeDeliveriesRequest(input) return out, req.Send() } -// DescribeQueryDefinitionsWithContext is the same as DescribeQueryDefinitions with the addition of +// DescribeDeliveriesWithContext is the same as DescribeDeliveries with the addition of // the ability to pass a context and additional request options. // -// See DescribeQueryDefinitions for details on how to use this API operation. +// See DescribeDeliveries for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. -func (c *CloudWatchLogs) DescribeQueryDefinitionsWithContext(ctx aws.Context, input *DescribeQueryDefinitionsInput, opts ...request.Option) (*DescribeQueryDefinitionsOutput, error) { - req, out := c.DescribeQueryDefinitionsRequest(input) +func (c *CloudWatchLogs) DescribeDeliveriesWithContext(ctx aws.Context, input *DescribeDeliveriesInput, opts ...request.Option) (*DescribeDeliveriesOutput, error) { + req, out := c.DescribeDeliveriesRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } -const opDescribeResourcePolicies = "DescribeResourcePolicies" - -// DescribeResourcePoliciesRequest generates a "aws/request.Request" representing the -// client's request for the DescribeResourcePolicies operation. The "output" return -// value will be populated with the request's response once the request completes -// successfully. -// -// Use "Send" method on the returned Request to send the API call to the service. -// the "output" return value is not valid until after Send returns without error. -// -// See DescribeResourcePolicies for more information on using the DescribeResourcePolicies -// API call, and error handling. -// -// This method is useful when you want to inject custom logic or configuration -// into the SDK's request lifecycle. Such as custom headers, or retry logic. -// -// // Example sending a request using the DescribeResourcePoliciesRequest method. -// req, resp := client.DescribeResourcePoliciesRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/DescribeResourcePolicies -func (c *CloudWatchLogs) DescribeResourcePoliciesRequest(input *DescribeResourcePoliciesInput) (req *request.Request, output *DescribeResourcePoliciesOutput) { - op := &request.Operation{ - Name: opDescribeResourcePolicies, - HTTPMethod: "POST", - HTTPPath: "/", - } - - if input == nil { - input = &DescribeResourcePoliciesInput{} - } - - output = &DescribeResourcePoliciesOutput{} - req = c.newRequest(op, input, output) - return -} - -// DescribeResourcePolicies API operation for Amazon CloudWatch Logs. -// -// Lists the resource policies in this account. -// -// Returns awserr.Error for service API and SDK errors. Use runtime type assertions -// with awserr.Error's Code and Message methods to get detailed information about -// the error. -// -// See the AWS API reference guide for Amazon CloudWatch Logs's -// API operation DescribeResourcePolicies for usage and error information. -// -// Returned Error Types: +// DescribeDeliveriesPages iterates over the pages of a DescribeDeliveries operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. // -// - InvalidParameterException -// A parameter is specified incorrectly. +// See DescribeDeliveries method for more information on how to use this operation. // -// - ServiceUnavailableException -// The service cannot complete the request. +// Note: This operation can generate multiple requests to a service. // -// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/DescribeResourcePolicies -func (c *CloudWatchLogs) DescribeResourcePolicies(input *DescribeResourcePoliciesInput) (*DescribeResourcePoliciesOutput, error) { - req, out := c.DescribeResourcePoliciesRequest(input) - return out, req.Send() +// // Example iterating over at most 3 pages of a DescribeDeliveries operation. +// pageNum := 0 +// err := client.DescribeDeliveriesPages(params, +// func(page *cloudwatchlogs.DescribeDeliveriesOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +func (c *CloudWatchLogs) DescribeDeliveriesPages(input *DescribeDeliveriesInput, fn func(*DescribeDeliveriesOutput, bool) bool) error { + return c.DescribeDeliveriesPagesWithContext(aws.BackgroundContext(), input, fn) } -// DescribeResourcePoliciesWithContext is the same as DescribeResourcePolicies with the addition of -// the ability to pass a context and additional request options. -// -// See DescribeResourcePolicies for details on how to use this API operation. +// DescribeDeliveriesPagesWithContext same as DescribeDeliveriesPages except +// it takes a Context and allows setting request options on the pages. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. -func (c *CloudWatchLogs) DescribeResourcePoliciesWithContext(ctx aws.Context, input *DescribeResourcePoliciesInput, opts ...request.Option) (*DescribeResourcePoliciesOutput, error) { - req, out := c.DescribeResourcePoliciesRequest(input) - req.SetContext(ctx) - req.ApplyOptions(opts...) - return out, req.Send() +func (c *CloudWatchLogs) DescribeDeliveriesPagesWithContext(ctx aws.Context, input *DescribeDeliveriesInput, fn func(*DescribeDeliveriesOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + EndPageOnSameToken: true, + NewRequest: func() (*request.Request, error) { + var inCpy *DescribeDeliveriesInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.DescribeDeliveriesRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*DescribeDeliveriesOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() } -const opDescribeSubscriptionFilters = "DescribeSubscriptionFilters" +const opDescribeDeliveryDestinations = "DescribeDeliveryDestinations" -// DescribeSubscriptionFiltersRequest generates a "aws/request.Request" representing the -// client's request for the DescribeSubscriptionFilters operation. The "output" return +// DescribeDeliveryDestinationsRequest generates a "aws/request.Request" representing the +// client's request for the DescribeDeliveryDestinations operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // -// See DescribeSubscriptionFilters for more information on using the DescribeSubscriptionFilters +// See DescribeDeliveryDestinations for more information on using the DescribeDeliveryDestinations // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // -// // Example sending a request using the DescribeSubscriptionFiltersRequest method. -// req, resp := client.DescribeSubscriptionFiltersRequest(params) +// // Example sending a request using the DescribeDeliveryDestinationsRequest method. +// req, resp := client.DescribeDeliveryDestinationsRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // -// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/DescribeSubscriptionFilters -func (c *CloudWatchLogs) DescribeSubscriptionFiltersRequest(input *DescribeSubscriptionFiltersInput) (req *request.Request, output *DescribeSubscriptionFiltersOutput) { +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/DescribeDeliveryDestinations +func (c *CloudWatchLogs) DescribeDeliveryDestinationsRequest(input *DescribeDeliveryDestinationsInput) (req *request.Request, output *DescribeDeliveryDestinationsOutput) { op := &request.Operation{ - Name: opDescribeSubscriptionFilters, + Name: opDescribeDeliveryDestinations, HTTPMethod: "POST", HTTPPath: "/", Paginator: &request.Paginator{ @@ -2328,97 +2509,99 @@ func (c *CloudWatchLogs) DescribeSubscriptionFiltersRequest(input *DescribeSubsc } if input == nil { - input = &DescribeSubscriptionFiltersInput{} + input = &DescribeDeliveryDestinationsInput{} } - output = &DescribeSubscriptionFiltersOutput{} + output = &DescribeDeliveryDestinationsOutput{} req = c.newRequest(op, input, output) return } -// DescribeSubscriptionFilters API operation for Amazon CloudWatch Logs. +// DescribeDeliveryDestinations API operation for Amazon CloudWatch Logs. // -// Lists the subscription filters for the specified log group. You can list -// all the subscription filters or filter the results by prefix. The results -// are ASCII-sorted by filter name. +// Retrieves a list of the delivery destinations that have been created in the +// account. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for Amazon CloudWatch Logs's -// API operation DescribeSubscriptionFilters for usage and error information. +// API operation DescribeDeliveryDestinations for usage and error information. // // Returned Error Types: // -// - InvalidParameterException -// A parameter is specified incorrectly. -// -// - ResourceNotFoundException -// The specified resource does not exist. -// // - ServiceUnavailableException // The service cannot complete the request. // -// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/DescribeSubscriptionFilters -func (c *CloudWatchLogs) DescribeSubscriptionFilters(input *DescribeSubscriptionFiltersInput) (*DescribeSubscriptionFiltersOutput, error) { - req, out := c.DescribeSubscriptionFiltersRequest(input) +// - ServiceQuotaExceededException +// This request exceeds a service quota. +// +// - ValidationException +// One of the parameters for the request is not valid. +// +// - ThrottlingException +// The request was throttled because of quota limits. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/DescribeDeliveryDestinations +func (c *CloudWatchLogs) DescribeDeliveryDestinations(input *DescribeDeliveryDestinationsInput) (*DescribeDeliveryDestinationsOutput, error) { + req, out := c.DescribeDeliveryDestinationsRequest(input) return out, req.Send() } -// DescribeSubscriptionFiltersWithContext is the same as DescribeSubscriptionFilters with the addition of +// DescribeDeliveryDestinationsWithContext is the same as DescribeDeliveryDestinations with the addition of // the ability to pass a context and additional request options. // -// See DescribeSubscriptionFilters for details on how to use this API operation. +// See DescribeDeliveryDestinations for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. -func (c *CloudWatchLogs) DescribeSubscriptionFiltersWithContext(ctx aws.Context, input *DescribeSubscriptionFiltersInput, opts ...request.Option) (*DescribeSubscriptionFiltersOutput, error) { - req, out := c.DescribeSubscriptionFiltersRequest(input) +func (c *CloudWatchLogs) DescribeDeliveryDestinationsWithContext(ctx aws.Context, input *DescribeDeliveryDestinationsInput, opts ...request.Option) (*DescribeDeliveryDestinationsOutput, error) { + req, out := c.DescribeDeliveryDestinationsRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } -// DescribeSubscriptionFiltersPages iterates over the pages of a DescribeSubscriptionFilters operation, +// DescribeDeliveryDestinationsPages iterates over the pages of a DescribeDeliveryDestinations operation, // calling the "fn" function with the response data for each page. To stop // iterating, return false from the fn function. // -// See DescribeSubscriptionFilters method for more information on how to use this operation. +// See DescribeDeliveryDestinations method for more information on how to use this operation. // // Note: This operation can generate multiple requests to a service. // -// // Example iterating over at most 3 pages of a DescribeSubscriptionFilters operation. +// // Example iterating over at most 3 pages of a DescribeDeliveryDestinations operation. // pageNum := 0 -// err := client.DescribeSubscriptionFiltersPages(params, -// func(page *cloudwatchlogs.DescribeSubscriptionFiltersOutput, lastPage bool) bool { +// err := client.DescribeDeliveryDestinationsPages(params, +// func(page *cloudwatchlogs.DescribeDeliveryDestinationsOutput, lastPage bool) bool { // pageNum++ // fmt.Println(page) // return pageNum <= 3 // }) -func (c *CloudWatchLogs) DescribeSubscriptionFiltersPages(input *DescribeSubscriptionFiltersInput, fn func(*DescribeSubscriptionFiltersOutput, bool) bool) error { - return c.DescribeSubscriptionFiltersPagesWithContext(aws.BackgroundContext(), input, fn) +func (c *CloudWatchLogs) DescribeDeliveryDestinationsPages(input *DescribeDeliveryDestinationsInput, fn func(*DescribeDeliveryDestinationsOutput, bool) bool) error { + return c.DescribeDeliveryDestinationsPagesWithContext(aws.BackgroundContext(), input, fn) } -// DescribeSubscriptionFiltersPagesWithContext same as DescribeSubscriptionFiltersPages except +// DescribeDeliveryDestinationsPagesWithContext same as DescribeDeliveryDestinationsPages except // it takes a Context and allows setting request options on the pages. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. -func (c *CloudWatchLogs) DescribeSubscriptionFiltersPagesWithContext(ctx aws.Context, input *DescribeSubscriptionFiltersInput, fn func(*DescribeSubscriptionFiltersOutput, bool) bool, opts ...request.Option) error { +func (c *CloudWatchLogs) DescribeDeliveryDestinationsPagesWithContext(ctx aws.Context, input *DescribeDeliveryDestinationsInput, fn func(*DescribeDeliveryDestinationsOutput, bool) bool, opts ...request.Option) error { p := request.Pagination{ EndPageOnSameToken: true, NewRequest: func() (*request.Request, error) { - var inCpy *DescribeSubscriptionFiltersInput + var inCpy *DescribeDeliveryDestinationsInput if input != nil { tmp := *input inCpy = &tmp } - req, _ := c.DescribeSubscriptionFiltersRequest(inCpy) + req, _ := c.DescribeDeliveryDestinationsRequest(inCpy) req.SetContext(ctx) req.ApplyOptions(opts...) return req, nil @@ -2426,7 +2609,7 @@ func (c *CloudWatchLogs) DescribeSubscriptionFiltersPagesWithContext(ctx aws.Con } for p.Next() { - if !fn(p.Page().(*DescribeSubscriptionFiltersOutput), !p.HasNextPage()) { + if !fn(p.Page().(*DescribeDeliveryDestinationsOutput), !p.HasNextPage()) { break } } @@ -2434,130 +2617,180 @@ func (c *CloudWatchLogs) DescribeSubscriptionFiltersPagesWithContext(ctx aws.Con return p.Err() } -const opDisassociateKmsKey = "DisassociateKmsKey" +const opDescribeDeliverySources = "DescribeDeliverySources" -// DisassociateKmsKeyRequest generates a "aws/request.Request" representing the -// client's request for the DisassociateKmsKey operation. The "output" return +// DescribeDeliverySourcesRequest generates a "aws/request.Request" representing the +// client's request for the DescribeDeliverySources operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // -// See DisassociateKmsKey for more information on using the DisassociateKmsKey +// See DescribeDeliverySources for more information on using the DescribeDeliverySources // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // -// // Example sending a request using the DisassociateKmsKeyRequest method. -// req, resp := client.DisassociateKmsKeyRequest(params) +// // Example sending a request using the DescribeDeliverySourcesRequest method. +// req, resp := client.DescribeDeliverySourcesRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // -// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/DisassociateKmsKey -func (c *CloudWatchLogs) DisassociateKmsKeyRequest(input *DisassociateKmsKeyInput) (req *request.Request, output *DisassociateKmsKeyOutput) { +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/DescribeDeliverySources +func (c *CloudWatchLogs) DescribeDeliverySourcesRequest(input *DescribeDeliverySourcesInput) (req *request.Request, output *DescribeDeliverySourcesOutput) { op := &request.Operation{ - Name: opDisassociateKmsKey, + Name: opDescribeDeliverySources, HTTPMethod: "POST", HTTPPath: "/", - } + Paginator: &request.Paginator{ + InputTokens: []string{"nextToken"}, + OutputTokens: []string{"nextToken"}, + LimitToken: "limit", + TruncationToken: "", + }, + } if input == nil { - input = &DisassociateKmsKeyInput{} + input = &DescribeDeliverySourcesInput{} } - output = &DisassociateKmsKeyOutput{} + output = &DescribeDeliverySourcesOutput{} req = c.newRequest(op, input, output) - req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) return } -// DisassociateKmsKey API operation for Amazon CloudWatch Logs. -// -// Disassociates the associated KMS key from the specified log group. +// DescribeDeliverySources API operation for Amazon CloudWatch Logs. // -// After the KMS key is disassociated from the log group, CloudWatch Logs stops -// encrypting newly ingested data for the log group. All previously ingested -// data remains encrypted, and CloudWatch Logs requires permissions for the -// KMS key whenever the encrypted data is requested. -// -// Note that it can take up to 5 minutes for this operation to take effect. +// Retrieves a list of the delivery sources that have been created in the account. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for Amazon CloudWatch Logs's -// API operation DisassociateKmsKey for usage and error information. +// API operation DescribeDeliverySources for usage and error information. // // Returned Error Types: // -// - InvalidParameterException -// A parameter is specified incorrectly. +// - ServiceUnavailableException +// The service cannot complete the request. // -// - ResourceNotFoundException -// The specified resource does not exist. +// - ServiceQuotaExceededException +// This request exceeds a service quota. // -// - OperationAbortedException -// Multiple concurrent requests to update the same resource were in conflict. +// - ValidationException +// One of the parameters for the request is not valid. // -// - ServiceUnavailableException -// The service cannot complete the request. +// - ThrottlingException +// The request was throttled because of quota limits. // -// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/DisassociateKmsKey -func (c *CloudWatchLogs) DisassociateKmsKey(input *DisassociateKmsKeyInput) (*DisassociateKmsKeyOutput, error) { - req, out := c.DisassociateKmsKeyRequest(input) +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/DescribeDeliverySources +func (c *CloudWatchLogs) DescribeDeliverySources(input *DescribeDeliverySourcesInput) (*DescribeDeliverySourcesOutput, error) { + req, out := c.DescribeDeliverySourcesRequest(input) return out, req.Send() } -// DisassociateKmsKeyWithContext is the same as DisassociateKmsKey with the addition of +// DescribeDeliverySourcesWithContext is the same as DescribeDeliverySources with the addition of // the ability to pass a context and additional request options. // -// See DisassociateKmsKey for details on how to use this API operation. +// See DescribeDeliverySources for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. -func (c *CloudWatchLogs) DisassociateKmsKeyWithContext(ctx aws.Context, input *DisassociateKmsKeyInput, opts ...request.Option) (*DisassociateKmsKeyOutput, error) { - req, out := c.DisassociateKmsKeyRequest(input) +func (c *CloudWatchLogs) DescribeDeliverySourcesWithContext(ctx aws.Context, input *DescribeDeliverySourcesInput, opts ...request.Option) (*DescribeDeliverySourcesOutput, error) { + req, out := c.DescribeDeliverySourcesRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } -const opFilterLogEvents = "FilterLogEvents" +// DescribeDeliverySourcesPages iterates over the pages of a DescribeDeliverySources operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See DescribeDeliverySources method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a DescribeDeliverySources operation. +// pageNum := 0 +// err := client.DescribeDeliverySourcesPages(params, +// func(page *cloudwatchlogs.DescribeDeliverySourcesOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +func (c *CloudWatchLogs) DescribeDeliverySourcesPages(input *DescribeDeliverySourcesInput, fn func(*DescribeDeliverySourcesOutput, bool) bool) error { + return c.DescribeDeliverySourcesPagesWithContext(aws.BackgroundContext(), input, fn) +} -// FilterLogEventsRequest generates a "aws/request.Request" representing the -// client's request for the FilterLogEvents operation. The "output" return +// DescribeDeliverySourcesPagesWithContext same as DescribeDeliverySourcesPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *CloudWatchLogs) DescribeDeliverySourcesPagesWithContext(ctx aws.Context, input *DescribeDeliverySourcesInput, fn func(*DescribeDeliverySourcesOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + EndPageOnSameToken: true, + NewRequest: func() (*request.Request, error) { + var inCpy *DescribeDeliverySourcesInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.DescribeDeliverySourcesRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*DescribeDeliverySourcesOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + +const opDescribeDestinations = "DescribeDestinations" + +// DescribeDestinationsRequest generates a "aws/request.Request" representing the +// client's request for the DescribeDestinations operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // -// See FilterLogEvents for more information on using the FilterLogEvents +// See DescribeDestinations for more information on using the DescribeDestinations // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // -// // Example sending a request using the FilterLogEventsRequest method. -// req, resp := client.FilterLogEventsRequest(params) +// // Example sending a request using the DescribeDestinationsRequest method. +// req, resp := client.DescribeDestinationsRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // -// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/FilterLogEvents -func (c *CloudWatchLogs) FilterLogEventsRequest(input *FilterLogEventsInput) (req *request.Request, output *FilterLogEventsOutput) { +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/DescribeDestinations +func (c *CloudWatchLogs) DescribeDestinationsRequest(input *DescribeDestinationsInput) (req *request.Request, output *DescribeDestinationsOutput) { op := &request.Operation{ - Name: opFilterLogEvents, + Name: opDescribeDestinations, HTTPMethod: "POST", HTTPPath: "/", Paginator: &request.Paginator{ @@ -2569,114 +2802,93 @@ func (c *CloudWatchLogs) FilterLogEventsRequest(input *FilterLogEventsInput) (re } if input == nil { - input = &FilterLogEventsInput{} + input = &DescribeDestinationsInput{} } - output = &FilterLogEventsOutput{} + output = &DescribeDestinationsOutput{} req = c.newRequest(op, input, output) return } -// FilterLogEvents API operation for Amazon CloudWatch Logs. -// -// Lists log events from the specified log group. You can list all the log events -// or filter the results using a filter pattern, a time range, and the name -// of the log stream. -// -// You must have the logs;FilterLogEvents permission to perform this operation. -// -// By default, this operation returns as many log events as can fit in 1 MB -// (up to 10,000 log events) or all the events found within the specified time -// range. If the results include a token, that means there are more log events -// available. You can get additional results by specifying the token in a subsequent -// call. This operation can return empty results while there are more log events -// available through the token. -// -// The returned log events are sorted by event timestamp, the timestamp when -// the event was ingested by CloudWatch Logs, and the ID of the PutLogEvents -// request. +// DescribeDestinations API operation for Amazon CloudWatch Logs. // -// If you are using CloudWatch cross-account observability, you can use this -// operation in a monitoring account and view data from the linked source accounts. -// For more information, see CloudWatch cross-account observability (https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-Unified-Cross-Account.html). +// Lists all your destinations. The results are ASCII-sorted by destination +// name. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for Amazon CloudWatch Logs's -// API operation FilterLogEvents for usage and error information. +// API operation DescribeDestinations for usage and error information. // // Returned Error Types: // // - InvalidParameterException // A parameter is specified incorrectly. // -// - ResourceNotFoundException -// The specified resource does not exist. -// // - ServiceUnavailableException // The service cannot complete the request. // -// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/FilterLogEvents -func (c *CloudWatchLogs) FilterLogEvents(input *FilterLogEventsInput) (*FilterLogEventsOutput, error) { - req, out := c.FilterLogEventsRequest(input) +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/DescribeDestinations +func (c *CloudWatchLogs) DescribeDestinations(input *DescribeDestinationsInput) (*DescribeDestinationsOutput, error) { + req, out := c.DescribeDestinationsRequest(input) return out, req.Send() } -// FilterLogEventsWithContext is the same as FilterLogEvents with the addition of +// DescribeDestinationsWithContext is the same as DescribeDestinations with the addition of // the ability to pass a context and additional request options. // -// See FilterLogEvents for details on how to use this API operation. +// See DescribeDestinations for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. -func (c *CloudWatchLogs) FilterLogEventsWithContext(ctx aws.Context, input *FilterLogEventsInput, opts ...request.Option) (*FilterLogEventsOutput, error) { - req, out := c.FilterLogEventsRequest(input) +func (c *CloudWatchLogs) DescribeDestinationsWithContext(ctx aws.Context, input *DescribeDestinationsInput, opts ...request.Option) (*DescribeDestinationsOutput, error) { + req, out := c.DescribeDestinationsRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } -// FilterLogEventsPages iterates over the pages of a FilterLogEvents operation, +// DescribeDestinationsPages iterates over the pages of a DescribeDestinations operation, // calling the "fn" function with the response data for each page. To stop // iterating, return false from the fn function. // -// See FilterLogEvents method for more information on how to use this operation. +// See DescribeDestinations method for more information on how to use this operation. // // Note: This operation can generate multiple requests to a service. // -// // Example iterating over at most 3 pages of a FilterLogEvents operation. +// // Example iterating over at most 3 pages of a DescribeDestinations operation. // pageNum := 0 -// err := client.FilterLogEventsPages(params, -// func(page *cloudwatchlogs.FilterLogEventsOutput, lastPage bool) bool { +// err := client.DescribeDestinationsPages(params, +// func(page *cloudwatchlogs.DescribeDestinationsOutput, lastPage bool) bool { // pageNum++ // fmt.Println(page) // return pageNum <= 3 // }) -func (c *CloudWatchLogs) FilterLogEventsPages(input *FilterLogEventsInput, fn func(*FilterLogEventsOutput, bool) bool) error { - return c.FilterLogEventsPagesWithContext(aws.BackgroundContext(), input, fn) +func (c *CloudWatchLogs) DescribeDestinationsPages(input *DescribeDestinationsInput, fn func(*DescribeDestinationsOutput, bool) bool) error { + return c.DescribeDestinationsPagesWithContext(aws.BackgroundContext(), input, fn) } -// FilterLogEventsPagesWithContext same as FilterLogEventsPages except +// DescribeDestinationsPagesWithContext same as DescribeDestinationsPages except // it takes a Context and allows setting request options on the pages. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. -func (c *CloudWatchLogs) FilterLogEventsPagesWithContext(ctx aws.Context, input *FilterLogEventsInput, fn func(*FilterLogEventsOutput, bool) bool, opts ...request.Option) error { +func (c *CloudWatchLogs) DescribeDestinationsPagesWithContext(ctx aws.Context, input *DescribeDestinationsInput, fn func(*DescribeDestinationsOutput, bool) bool, opts ...request.Option) error { p := request.Pagination{ EndPageOnSameToken: true, NewRequest: func() (*request.Request, error) { - var inCpy *FilterLogEventsInput + var inCpy *DescribeDestinationsInput if input != nil { tmp := *input inCpy = &tmp } - req, _ := c.FilterLogEventsRequest(inCpy) + req, _ := c.DescribeDestinationsRequest(inCpy) req.SetContext(ctx) req.ApplyOptions(opts...) return req, nil @@ -2684,7 +2896,7 @@ func (c *CloudWatchLogs) FilterLogEventsPagesWithContext(ctx aws.Context, input } for p.Next() { - if !fn(p.Page().(*FilterLogEventsOutput), !p.HasNextPage()) { + if !fn(p.Page().(*DescribeDestinationsOutput), !p.HasNextPage()) { break } } @@ -2692,151 +2904,147 @@ func (c *CloudWatchLogs) FilterLogEventsPagesWithContext(ctx aws.Context, input return p.Err() } -const opGetDataProtectionPolicy = "GetDataProtectionPolicy" +const opDescribeExportTasks = "DescribeExportTasks" -// GetDataProtectionPolicyRequest generates a "aws/request.Request" representing the -// client's request for the GetDataProtectionPolicy operation. The "output" return +// DescribeExportTasksRequest generates a "aws/request.Request" representing the +// client's request for the DescribeExportTasks operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // -// See GetDataProtectionPolicy for more information on using the GetDataProtectionPolicy +// See DescribeExportTasks for more information on using the DescribeExportTasks // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // -// // Example sending a request using the GetDataProtectionPolicyRequest method. -// req, resp := client.GetDataProtectionPolicyRequest(params) +// // Example sending a request using the DescribeExportTasksRequest method. +// req, resp := client.DescribeExportTasksRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // -// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/GetDataProtectionPolicy -func (c *CloudWatchLogs) GetDataProtectionPolicyRequest(input *GetDataProtectionPolicyInput) (req *request.Request, output *GetDataProtectionPolicyOutput) { +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/DescribeExportTasks +func (c *CloudWatchLogs) DescribeExportTasksRequest(input *DescribeExportTasksInput) (req *request.Request, output *DescribeExportTasksOutput) { op := &request.Operation{ - Name: opGetDataProtectionPolicy, + Name: opDescribeExportTasks, HTTPMethod: "POST", HTTPPath: "/", } if input == nil { - input = &GetDataProtectionPolicyInput{} + input = &DescribeExportTasksInput{} } - output = &GetDataProtectionPolicyOutput{} + output = &DescribeExportTasksOutput{} req = c.newRequest(op, input, output) return } -// GetDataProtectionPolicy API operation for Amazon CloudWatch Logs. +// DescribeExportTasks API operation for Amazon CloudWatch Logs. // -// Returns information about a log group data protection policy. +// Lists the specified export tasks. You can list all your export tasks or filter +// the results based on task ID or task status. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for Amazon CloudWatch Logs's -// API operation GetDataProtectionPolicy for usage and error information. +// API operation DescribeExportTasks for usage and error information. // // Returned Error Types: // // - InvalidParameterException // A parameter is specified incorrectly. // -// - OperationAbortedException -// Multiple concurrent requests to update the same resource were in conflict. -// -// - ResourceNotFoundException -// The specified resource does not exist. -// // - ServiceUnavailableException // The service cannot complete the request. // -// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/GetDataProtectionPolicy -func (c *CloudWatchLogs) GetDataProtectionPolicy(input *GetDataProtectionPolicyInput) (*GetDataProtectionPolicyOutput, error) { - req, out := c.GetDataProtectionPolicyRequest(input) +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/DescribeExportTasks +func (c *CloudWatchLogs) DescribeExportTasks(input *DescribeExportTasksInput) (*DescribeExportTasksOutput, error) { + req, out := c.DescribeExportTasksRequest(input) return out, req.Send() } -// GetDataProtectionPolicyWithContext is the same as GetDataProtectionPolicy with the addition of +// DescribeExportTasksWithContext is the same as DescribeExportTasks with the addition of // the ability to pass a context and additional request options. // -// See GetDataProtectionPolicy for details on how to use this API operation. +// See DescribeExportTasks for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. -func (c *CloudWatchLogs) GetDataProtectionPolicyWithContext(ctx aws.Context, input *GetDataProtectionPolicyInput, opts ...request.Option) (*GetDataProtectionPolicyOutput, error) { - req, out := c.GetDataProtectionPolicyRequest(input) +func (c *CloudWatchLogs) DescribeExportTasksWithContext(ctx aws.Context, input *DescribeExportTasksInput, opts ...request.Option) (*DescribeExportTasksOutput, error) { + req, out := c.DescribeExportTasksRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } -const opGetLogEvents = "GetLogEvents" +const opDescribeLogGroups = "DescribeLogGroups" -// GetLogEventsRequest generates a "aws/request.Request" representing the -// client's request for the GetLogEvents operation. The "output" return +// DescribeLogGroupsRequest generates a "aws/request.Request" representing the +// client's request for the DescribeLogGroups operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // -// See GetLogEvents for more information on using the GetLogEvents +// See DescribeLogGroups for more information on using the DescribeLogGroups // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // -// // Example sending a request using the GetLogEventsRequest method. -// req, resp := client.GetLogEventsRequest(params) +// // Example sending a request using the DescribeLogGroupsRequest method. +// req, resp := client.DescribeLogGroupsRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // -// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/GetLogEvents -func (c *CloudWatchLogs) GetLogEventsRequest(input *GetLogEventsInput) (req *request.Request, output *GetLogEventsOutput) { +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/DescribeLogGroups +func (c *CloudWatchLogs) DescribeLogGroupsRequest(input *DescribeLogGroupsInput) (req *request.Request, output *DescribeLogGroupsOutput) { op := &request.Operation{ - Name: opGetLogEvents, + Name: opDescribeLogGroups, HTTPMethod: "POST", HTTPPath: "/", Paginator: &request.Paginator{ InputTokens: []string{"nextToken"}, - OutputTokens: []string{"nextForwardToken"}, + OutputTokens: []string{"nextToken"}, LimitToken: "limit", TruncationToken: "", }, } if input == nil { - input = &GetLogEventsInput{} + input = &DescribeLogGroupsInput{} } - output = &GetLogEventsOutput{} + output = &DescribeLogGroupsOutput{} req = c.newRequest(op, input, output) return } -// GetLogEvents API operation for Amazon CloudWatch Logs. +// DescribeLogGroups API operation for Amazon CloudWatch Logs. // -// Lists log events from the specified log stream. You can list all of the log -// events or filter using a time range. +// Lists the specified log groups. You can list all your log groups or filter +// the results by prefix. The results are ASCII-sorted by log group name. // -// By default, this operation returns as many log events as can fit in a response -// size of 1MB (up to 10,000 log events). You can get additional log events -// by specifying one of the tokens in a subsequent call. This operation can -// return empty results while there are more log events available through the -// token. +// CloudWatch Logs doesn’t support IAM policies that control access to the +// DescribeLogGroups action by using the aws:ResourceTag/key-name condition +// key. Other CloudWatch Logs actions do support the use of the aws:ResourceTag/key-name +// condition key to control access. For more information about using tags to +// control access, see Controlling access to Amazon Web Services resources using +// tags (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_tags.html). // // If you are using CloudWatch cross-account observability, you can use this // operation in a monitoring account and view data from the linked source accounts. @@ -2847,78 +3055,75 @@ func (c *CloudWatchLogs) GetLogEventsRequest(input *GetLogEventsInput) (req *req // the error. // // See the AWS API reference guide for Amazon CloudWatch Logs's -// API operation GetLogEvents for usage and error information. +// API operation DescribeLogGroups for usage and error information. // // Returned Error Types: // // - InvalidParameterException // A parameter is specified incorrectly. // -// - ResourceNotFoundException -// The specified resource does not exist. -// // - ServiceUnavailableException // The service cannot complete the request. // -// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/GetLogEvents -func (c *CloudWatchLogs) GetLogEvents(input *GetLogEventsInput) (*GetLogEventsOutput, error) { - req, out := c.GetLogEventsRequest(input) +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/DescribeLogGroups +func (c *CloudWatchLogs) DescribeLogGroups(input *DescribeLogGroupsInput) (*DescribeLogGroupsOutput, error) { + req, out := c.DescribeLogGroupsRequest(input) return out, req.Send() } -// GetLogEventsWithContext is the same as GetLogEvents with the addition of +// DescribeLogGroupsWithContext is the same as DescribeLogGroups with the addition of // the ability to pass a context and additional request options. // -// See GetLogEvents for details on how to use this API operation. +// See DescribeLogGroups for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. -func (c *CloudWatchLogs) GetLogEventsWithContext(ctx aws.Context, input *GetLogEventsInput, opts ...request.Option) (*GetLogEventsOutput, error) { - req, out := c.GetLogEventsRequest(input) +func (c *CloudWatchLogs) DescribeLogGroupsWithContext(ctx aws.Context, input *DescribeLogGroupsInput, opts ...request.Option) (*DescribeLogGroupsOutput, error) { + req, out := c.DescribeLogGroupsRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } -// GetLogEventsPages iterates over the pages of a GetLogEvents operation, +// DescribeLogGroupsPages iterates over the pages of a DescribeLogGroups operation, // calling the "fn" function with the response data for each page. To stop // iterating, return false from the fn function. // -// See GetLogEvents method for more information on how to use this operation. +// See DescribeLogGroups method for more information on how to use this operation. // // Note: This operation can generate multiple requests to a service. // -// // Example iterating over at most 3 pages of a GetLogEvents operation. +// // Example iterating over at most 3 pages of a DescribeLogGroups operation. // pageNum := 0 -// err := client.GetLogEventsPages(params, -// func(page *cloudwatchlogs.GetLogEventsOutput, lastPage bool) bool { +// err := client.DescribeLogGroupsPages(params, +// func(page *cloudwatchlogs.DescribeLogGroupsOutput, lastPage bool) bool { // pageNum++ // fmt.Println(page) // return pageNum <= 3 // }) -func (c *CloudWatchLogs) GetLogEventsPages(input *GetLogEventsInput, fn func(*GetLogEventsOutput, bool) bool) error { - return c.GetLogEventsPagesWithContext(aws.BackgroundContext(), input, fn) +func (c *CloudWatchLogs) DescribeLogGroupsPages(input *DescribeLogGroupsInput, fn func(*DescribeLogGroupsOutput, bool) bool) error { + return c.DescribeLogGroupsPagesWithContext(aws.BackgroundContext(), input, fn) } -// GetLogEventsPagesWithContext same as GetLogEventsPages except +// DescribeLogGroupsPagesWithContext same as DescribeLogGroupsPages except // it takes a Context and allows setting request options on the pages. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. -func (c *CloudWatchLogs) GetLogEventsPagesWithContext(ctx aws.Context, input *GetLogEventsInput, fn func(*GetLogEventsOutput, bool) bool, opts ...request.Option) error { +func (c *CloudWatchLogs) DescribeLogGroupsPagesWithContext(ctx aws.Context, input *DescribeLogGroupsInput, fn func(*DescribeLogGroupsOutput, bool) bool, opts ...request.Option) error { p := request.Pagination{ EndPageOnSameToken: true, NewRequest: func() (*request.Request, error) { - var inCpy *GetLogEventsInput + var inCpy *DescribeLogGroupsInput if input != nil { tmp := *input inCpy = &tmp } - req, _ := c.GetLogEventsRequest(inCpy) + req, _ := c.DescribeLogGroupsRequest(inCpy) req.SetContext(ctx) req.ApplyOptions(opts...) return req, nil @@ -2926,7 +3131,7 @@ func (c *CloudWatchLogs) GetLogEventsPagesWithContext(ctx aws.Context, input *Ge } for p.Next() { - if !fn(p.Page().(*GetLogEventsOutput), !p.HasNextPage()) { + if !fn(p.Page().(*DescribeLogGroupsOutput), !p.HasNextPage()) { break } } @@ -2934,60 +3139,65 @@ func (c *CloudWatchLogs) GetLogEventsPagesWithContext(ctx aws.Context, input *Ge return p.Err() } -const opGetLogGroupFields = "GetLogGroupFields" +const opDescribeLogStreams = "DescribeLogStreams" -// GetLogGroupFieldsRequest generates a "aws/request.Request" representing the -// client's request for the GetLogGroupFields operation. The "output" return +// DescribeLogStreamsRequest generates a "aws/request.Request" representing the +// client's request for the DescribeLogStreams operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // -// See GetLogGroupFields for more information on using the GetLogGroupFields +// See DescribeLogStreams for more information on using the DescribeLogStreams // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // -// // Example sending a request using the GetLogGroupFieldsRequest method. -// req, resp := client.GetLogGroupFieldsRequest(params) +// // Example sending a request using the DescribeLogStreamsRequest method. +// req, resp := client.DescribeLogStreamsRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // -// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/GetLogGroupFields -func (c *CloudWatchLogs) GetLogGroupFieldsRequest(input *GetLogGroupFieldsInput) (req *request.Request, output *GetLogGroupFieldsOutput) { +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/DescribeLogStreams +func (c *CloudWatchLogs) DescribeLogStreamsRequest(input *DescribeLogStreamsInput) (req *request.Request, output *DescribeLogStreamsOutput) { op := &request.Operation{ - Name: opGetLogGroupFields, + Name: opDescribeLogStreams, HTTPMethod: "POST", HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"nextToken"}, + OutputTokens: []string{"nextToken"}, + LimitToken: "limit", + TruncationToken: "", + }, } if input == nil { - input = &GetLogGroupFieldsInput{} + input = &DescribeLogStreamsInput{} } - output = &GetLogGroupFieldsOutput{} + output = &DescribeLogStreamsOutput{} req = c.newRequest(op, input, output) return } -// GetLogGroupFields API operation for Amazon CloudWatch Logs. +// DescribeLogStreams API operation for Amazon CloudWatch Logs. // -// Returns a list of the fields that are included in log events in the specified -// log group. Includes the percentage of log events that contain each field. -// The search is limited to a time period that you specify. +// Lists the log streams for the specified log group. You can list all the log +// streams or filter the results by prefix. You can also control how the results +// are ordered. // -// In the results, fields that start with @ are fields generated by CloudWatch -// Logs. For example, @timestamp is the timestamp of each log event. For more -// information about the fields that are generated by CloudWatch logs, see Supported -// Logs and Discovered Fields (https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CWL_AnalyzeLogData-discoverable-fields.html). +// You can specify the log group to search by using either logGroupIdentifier +// or logGroupName. You must include one of these two parameters, but you can't +// include both. // -// The response results are sorted by the frequency percentage, starting with -// the highest percentage. +// This operation has a limit of five transactions per second, after which transactions +// are throttled. // // If you are using CloudWatch cross-account observability, you can use this // operation in a monitoring account and view data from the linked source accounts. @@ -2998,204 +3208,291 @@ func (c *CloudWatchLogs) GetLogGroupFieldsRequest(input *GetLogGroupFieldsInput) // the error. // // See the AWS API reference guide for Amazon CloudWatch Logs's -// API operation GetLogGroupFields for usage and error information. +// API operation DescribeLogStreams for usage and error information. // // Returned Error Types: // // - InvalidParameterException // A parameter is specified incorrectly. // -// - LimitExceededException -// You have reached the maximum number of resources that can be created. -// // - ResourceNotFoundException // The specified resource does not exist. // // - ServiceUnavailableException // The service cannot complete the request. // -// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/GetLogGroupFields -func (c *CloudWatchLogs) GetLogGroupFields(input *GetLogGroupFieldsInput) (*GetLogGroupFieldsOutput, error) { - req, out := c.GetLogGroupFieldsRequest(input) +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/DescribeLogStreams +func (c *CloudWatchLogs) DescribeLogStreams(input *DescribeLogStreamsInput) (*DescribeLogStreamsOutput, error) { + req, out := c.DescribeLogStreamsRequest(input) return out, req.Send() } -// GetLogGroupFieldsWithContext is the same as GetLogGroupFields with the addition of +// DescribeLogStreamsWithContext is the same as DescribeLogStreams with the addition of // the ability to pass a context and additional request options. // -// See GetLogGroupFields for details on how to use this API operation. +// See DescribeLogStreams for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. -func (c *CloudWatchLogs) GetLogGroupFieldsWithContext(ctx aws.Context, input *GetLogGroupFieldsInput, opts ...request.Option) (*GetLogGroupFieldsOutput, error) { - req, out := c.GetLogGroupFieldsRequest(input) +func (c *CloudWatchLogs) DescribeLogStreamsWithContext(ctx aws.Context, input *DescribeLogStreamsInput, opts ...request.Option) (*DescribeLogStreamsOutput, error) { + req, out := c.DescribeLogStreamsRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } -const opGetLogRecord = "GetLogRecord" +// DescribeLogStreamsPages iterates over the pages of a DescribeLogStreams operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See DescribeLogStreams method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a DescribeLogStreams operation. +// pageNum := 0 +// err := client.DescribeLogStreamsPages(params, +// func(page *cloudwatchlogs.DescribeLogStreamsOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +func (c *CloudWatchLogs) DescribeLogStreamsPages(input *DescribeLogStreamsInput, fn func(*DescribeLogStreamsOutput, bool) bool) error { + return c.DescribeLogStreamsPagesWithContext(aws.BackgroundContext(), input, fn) +} -// GetLogRecordRequest generates a "aws/request.Request" representing the -// client's request for the GetLogRecord operation. The "output" return +// DescribeLogStreamsPagesWithContext same as DescribeLogStreamsPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *CloudWatchLogs) DescribeLogStreamsPagesWithContext(ctx aws.Context, input *DescribeLogStreamsInput, fn func(*DescribeLogStreamsOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + EndPageOnSameToken: true, + NewRequest: func() (*request.Request, error) { + var inCpy *DescribeLogStreamsInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.DescribeLogStreamsRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*DescribeLogStreamsOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + +const opDescribeMetricFilters = "DescribeMetricFilters" + +// DescribeMetricFiltersRequest generates a "aws/request.Request" representing the +// client's request for the DescribeMetricFilters operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // -// See GetLogRecord for more information on using the GetLogRecord +// See DescribeMetricFilters for more information on using the DescribeMetricFilters // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // -// // Example sending a request using the GetLogRecordRequest method. -// req, resp := client.GetLogRecordRequest(params) +// // Example sending a request using the DescribeMetricFiltersRequest method. +// req, resp := client.DescribeMetricFiltersRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // -// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/GetLogRecord -func (c *CloudWatchLogs) GetLogRecordRequest(input *GetLogRecordInput) (req *request.Request, output *GetLogRecordOutput) { +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/DescribeMetricFilters +func (c *CloudWatchLogs) DescribeMetricFiltersRequest(input *DescribeMetricFiltersInput) (req *request.Request, output *DescribeMetricFiltersOutput) { op := &request.Operation{ - Name: opGetLogRecord, + Name: opDescribeMetricFilters, HTTPMethod: "POST", HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"nextToken"}, + OutputTokens: []string{"nextToken"}, + LimitToken: "limit", + TruncationToken: "", + }, } if input == nil { - input = &GetLogRecordInput{} + input = &DescribeMetricFiltersInput{} } - output = &GetLogRecordOutput{} + output = &DescribeMetricFiltersOutput{} req = c.newRequest(op, input, output) return } -// GetLogRecord API operation for Amazon CloudWatch Logs. -// -// Retrieves all of the fields and values of a single log event. All fields -// are retrieved, even if the original query that produced the logRecordPointer -// retrieved only a subset of fields. Fields are returned as field name/field -// value pairs. +// DescribeMetricFilters API operation for Amazon CloudWatch Logs. // -// The full unparsed log event is returned within @message. +// Lists the specified metric filters. You can list all of the metric filters +// or filter the results by log name, prefix, metric name, or metric namespace. +// The results are ASCII-sorted by filter name. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for Amazon CloudWatch Logs's -// API operation GetLogRecord for usage and error information. +// API operation DescribeMetricFilters for usage and error information. // // Returned Error Types: // // - InvalidParameterException // A parameter is specified incorrectly. // -// - LimitExceededException -// You have reached the maximum number of resources that can be created. -// // - ResourceNotFoundException // The specified resource does not exist. // // - ServiceUnavailableException // The service cannot complete the request. // -// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/GetLogRecord -func (c *CloudWatchLogs) GetLogRecord(input *GetLogRecordInput) (*GetLogRecordOutput, error) { - req, out := c.GetLogRecordRequest(input) +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/DescribeMetricFilters +func (c *CloudWatchLogs) DescribeMetricFilters(input *DescribeMetricFiltersInput) (*DescribeMetricFiltersOutput, error) { + req, out := c.DescribeMetricFiltersRequest(input) return out, req.Send() } -// GetLogRecordWithContext is the same as GetLogRecord with the addition of +// DescribeMetricFiltersWithContext is the same as DescribeMetricFilters with the addition of // the ability to pass a context and additional request options. // -// See GetLogRecord for details on how to use this API operation. +// See DescribeMetricFilters for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. -func (c *CloudWatchLogs) GetLogRecordWithContext(ctx aws.Context, input *GetLogRecordInput, opts ...request.Option) (*GetLogRecordOutput, error) { - req, out := c.GetLogRecordRequest(input) +func (c *CloudWatchLogs) DescribeMetricFiltersWithContext(ctx aws.Context, input *DescribeMetricFiltersInput, opts ...request.Option) (*DescribeMetricFiltersOutput, error) { + req, out := c.DescribeMetricFiltersRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } -const opGetQueryResults = "GetQueryResults" - -// GetQueryResultsRequest generates a "aws/request.Request" representing the -// client's request for the GetQueryResults operation. The "output" return -// value will be populated with the request's response once the request completes -// successfully. -// -// Use "Send" method on the returned Request to send the API call to the service. -// the "output" return value is not valid until after Send returns without error. -// -// See GetQueryResults for more information on using the GetQueryResults -// API call, and error handling. -// -// This method is useful when you want to inject custom logic or configuration -// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// DescribeMetricFiltersPages iterates over the pages of a DescribeMetricFilters operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. // -// // Example sending a request using the GetQueryResultsRequest method. -// req, resp := client.GetQueryResultsRequest(params) +// See DescribeMetricFilters method for more information on how to use this operation. // -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } +// Note: This operation can generate multiple requests to a service. // -// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/GetQueryResults -func (c *CloudWatchLogs) GetQueryResultsRequest(input *GetQueryResultsInput) (req *request.Request, output *GetQueryResultsOutput) { - op := &request.Operation{ - Name: opGetQueryResults, - HTTPMethod: "POST", - HTTPPath: "/", - } +// // Example iterating over at most 3 pages of a DescribeMetricFilters operation. +// pageNum := 0 +// err := client.DescribeMetricFiltersPages(params, +// func(page *cloudwatchlogs.DescribeMetricFiltersOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +func (c *CloudWatchLogs) DescribeMetricFiltersPages(input *DescribeMetricFiltersInput, fn func(*DescribeMetricFiltersOutput, bool) bool) error { + return c.DescribeMetricFiltersPagesWithContext(aws.BackgroundContext(), input, fn) +} - if input == nil { - input = &GetQueryResultsInput{} - } +// DescribeMetricFiltersPagesWithContext same as DescribeMetricFiltersPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *CloudWatchLogs) DescribeMetricFiltersPagesWithContext(ctx aws.Context, input *DescribeMetricFiltersInput, fn func(*DescribeMetricFiltersOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + EndPageOnSameToken: true, + NewRequest: func() (*request.Request, error) { + var inCpy *DescribeMetricFiltersInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.DescribeMetricFiltersRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } - output = &GetQueryResultsOutput{} - req = c.newRequest(op, input, output) - return + for p.Next() { + if !fn(p.Page().(*DescribeMetricFiltersOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() } -// GetQueryResults API operation for Amazon CloudWatch Logs. +const opDescribeQueries = "DescribeQueries" + +// DescribeQueriesRequest generates a "aws/request.Request" representing the +// client's request for the DescribeQueries operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. // -// Returns the results from the specified query. +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. // -// Only the fields requested in the query are returned, along with a @ptr field, -// which is the identifier for the log record. You can use the value of @ptr -// in a GetLogRecord (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_GetLogRecord.html) -// operation to get the full log record. +// See DescribeQueries for more information on using the DescribeQueries +// API call, and error handling. // -// GetQueryResults does not start running a query. To run a query, use StartQuery -// (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_StartQuery.html). +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. // -// If the value of the Status field in the output is Running, this operation -// returns only partial results. If you see a value of Scheduled or Running -// for the status, you can retry the operation later to see the final results. +// // Example sending a request using the DescribeQueriesRequest method. +// req, resp := client.DescribeQueriesRequest(params) // -// If you are using CloudWatch cross-account observability, you can use this -// operation in a monitoring account to start queries in linked source accounts. -// For more information, see CloudWatch cross-account observability (https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-Unified-Cross-Account.html). +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/DescribeQueries +func (c *CloudWatchLogs) DescribeQueriesRequest(input *DescribeQueriesInput) (req *request.Request, output *DescribeQueriesOutput) { + op := &request.Operation{ + Name: opDescribeQueries, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &DescribeQueriesInput{} + } + + output = &DescribeQueriesOutput{} + req = c.newRequest(op, input, output) + return +} + +// DescribeQueries API operation for Amazon CloudWatch Logs. +// +// Returns a list of CloudWatch Logs Insights queries that are scheduled, running, +// or have been run recently in this account. You can request all queries or +// limit it to queries of a specific log group or queries with a certain status. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for Amazon CloudWatch Logs's -// API operation GetQueryResults for usage and error information. +// API operation DescribeQueries for usage and error information. // // Returned Error Types: // @@ -3208,613 +3505,679 @@ func (c *CloudWatchLogs) GetQueryResultsRequest(input *GetQueryResultsInput) (re // - ServiceUnavailableException // The service cannot complete the request. // -// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/GetQueryResults -func (c *CloudWatchLogs) GetQueryResults(input *GetQueryResultsInput) (*GetQueryResultsOutput, error) { - req, out := c.GetQueryResultsRequest(input) +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/DescribeQueries +func (c *CloudWatchLogs) DescribeQueries(input *DescribeQueriesInput) (*DescribeQueriesOutput, error) { + req, out := c.DescribeQueriesRequest(input) return out, req.Send() } -// GetQueryResultsWithContext is the same as GetQueryResults with the addition of +// DescribeQueriesWithContext is the same as DescribeQueries with the addition of // the ability to pass a context and additional request options. // -// See GetQueryResults for details on how to use this API operation. +// See DescribeQueries for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. -func (c *CloudWatchLogs) GetQueryResultsWithContext(ctx aws.Context, input *GetQueryResultsInput, opts ...request.Option) (*GetQueryResultsOutput, error) { - req, out := c.GetQueryResultsRequest(input) +func (c *CloudWatchLogs) DescribeQueriesWithContext(ctx aws.Context, input *DescribeQueriesInput, opts ...request.Option) (*DescribeQueriesOutput, error) { + req, out := c.DescribeQueriesRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } -const opListTagsForResource = "ListTagsForResource" +const opDescribeQueryDefinitions = "DescribeQueryDefinitions" -// ListTagsForResourceRequest generates a "aws/request.Request" representing the -// client's request for the ListTagsForResource operation. The "output" return +// DescribeQueryDefinitionsRequest generates a "aws/request.Request" representing the +// client's request for the DescribeQueryDefinitions operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // -// See ListTagsForResource for more information on using the ListTagsForResource +// See DescribeQueryDefinitions for more information on using the DescribeQueryDefinitions // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // -// // Example sending a request using the ListTagsForResourceRequest method. -// req, resp := client.ListTagsForResourceRequest(params) +// // Example sending a request using the DescribeQueryDefinitionsRequest method. +// req, resp := client.DescribeQueryDefinitionsRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // -// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/ListTagsForResource -func (c *CloudWatchLogs) ListTagsForResourceRequest(input *ListTagsForResourceInput) (req *request.Request, output *ListTagsForResourceOutput) { +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/DescribeQueryDefinitions +func (c *CloudWatchLogs) DescribeQueryDefinitionsRequest(input *DescribeQueryDefinitionsInput) (req *request.Request, output *DescribeQueryDefinitionsOutput) { op := &request.Operation{ - Name: opListTagsForResource, + Name: opDescribeQueryDefinitions, HTTPMethod: "POST", HTTPPath: "/", } if input == nil { - input = &ListTagsForResourceInput{} + input = &DescribeQueryDefinitionsInput{} } - output = &ListTagsForResourceOutput{} + output = &DescribeQueryDefinitionsOutput{} req = c.newRequest(op, input, output) return } -// ListTagsForResource API operation for Amazon CloudWatch Logs. +// DescribeQueryDefinitions API operation for Amazon CloudWatch Logs. // -// Displays the tags associated with a CloudWatch Logs resource. Currently, -// log groups and destinations support tagging. +// This operation returns a paginated list of your saved CloudWatch Logs Insights +// query definitions. You can retrieve query definitions from the current account +// or from a source account that is linked to the current account. +// +// You can use the queryDefinitionNamePrefix parameter to limit the results +// to only the query definitions that have names that start with a certain string. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for Amazon CloudWatch Logs's -// API operation ListTagsForResource for usage and error information. +// API operation DescribeQueryDefinitions for usage and error information. // // Returned Error Types: // // - InvalidParameterException // A parameter is specified incorrectly. // -// - ResourceNotFoundException -// The specified resource does not exist. -// // - ServiceUnavailableException // The service cannot complete the request. // -// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/ListTagsForResource -func (c *CloudWatchLogs) ListTagsForResource(input *ListTagsForResourceInput) (*ListTagsForResourceOutput, error) { - req, out := c.ListTagsForResourceRequest(input) +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/DescribeQueryDefinitions +func (c *CloudWatchLogs) DescribeQueryDefinitions(input *DescribeQueryDefinitionsInput) (*DescribeQueryDefinitionsOutput, error) { + req, out := c.DescribeQueryDefinitionsRequest(input) return out, req.Send() } -// ListTagsForResourceWithContext is the same as ListTagsForResource with the addition of +// DescribeQueryDefinitionsWithContext is the same as DescribeQueryDefinitions with the addition of // the ability to pass a context and additional request options. // -// See ListTagsForResource for details on how to use this API operation. +// See DescribeQueryDefinitions for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. -func (c *CloudWatchLogs) ListTagsForResourceWithContext(ctx aws.Context, input *ListTagsForResourceInput, opts ...request.Option) (*ListTagsForResourceOutput, error) { - req, out := c.ListTagsForResourceRequest(input) +func (c *CloudWatchLogs) DescribeQueryDefinitionsWithContext(ctx aws.Context, input *DescribeQueryDefinitionsInput, opts ...request.Option) (*DescribeQueryDefinitionsOutput, error) { + req, out := c.DescribeQueryDefinitionsRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } -const opListTagsLogGroup = "ListTagsLogGroup" +const opDescribeResourcePolicies = "DescribeResourcePolicies" -// ListTagsLogGroupRequest generates a "aws/request.Request" representing the -// client's request for the ListTagsLogGroup operation. The "output" return +// DescribeResourcePoliciesRequest generates a "aws/request.Request" representing the +// client's request for the DescribeResourcePolicies operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // -// See ListTagsLogGroup for more information on using the ListTagsLogGroup +// See DescribeResourcePolicies for more information on using the DescribeResourcePolicies // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // -// // Example sending a request using the ListTagsLogGroupRequest method. -// req, resp := client.ListTagsLogGroupRequest(params) +// // Example sending a request using the DescribeResourcePoliciesRequest method. +// req, resp := client.DescribeResourcePoliciesRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // -// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/ListTagsLogGroup -// -// Deprecated: Please use the generic tagging API ListTagsForResource -func (c *CloudWatchLogs) ListTagsLogGroupRequest(input *ListTagsLogGroupInput) (req *request.Request, output *ListTagsLogGroupOutput) { - if c.Client.Config.Logger != nil { - c.Client.Config.Logger.Log("This operation, ListTagsLogGroup, has been deprecated") - } +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/DescribeResourcePolicies +func (c *CloudWatchLogs) DescribeResourcePoliciesRequest(input *DescribeResourcePoliciesInput) (req *request.Request, output *DescribeResourcePoliciesOutput) { op := &request.Operation{ - Name: opListTagsLogGroup, + Name: opDescribeResourcePolicies, HTTPMethod: "POST", HTTPPath: "/", } if input == nil { - input = &ListTagsLogGroupInput{} + input = &DescribeResourcePoliciesInput{} } - output = &ListTagsLogGroupOutput{} + output = &DescribeResourcePoliciesOutput{} req = c.newRequest(op, input, output) return } -// ListTagsLogGroup API operation for Amazon CloudWatch Logs. -// -// The ListTagsLogGroup operation is on the path to deprecation. We recommend -// that you use ListTagsForResource (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_ListTagsForResource.html) -// instead. +// DescribeResourcePolicies API operation for Amazon CloudWatch Logs. // -// Lists the tags for the specified log group. +// Lists the resource policies in this account. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for Amazon CloudWatch Logs's -// API operation ListTagsLogGroup for usage and error information. +// API operation DescribeResourcePolicies for usage and error information. // // Returned Error Types: // -// - ResourceNotFoundException -// The specified resource does not exist. +// - InvalidParameterException +// A parameter is specified incorrectly. // // - ServiceUnavailableException // The service cannot complete the request. // -// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/ListTagsLogGroup -// -// Deprecated: Please use the generic tagging API ListTagsForResource -func (c *CloudWatchLogs) ListTagsLogGroup(input *ListTagsLogGroupInput) (*ListTagsLogGroupOutput, error) { - req, out := c.ListTagsLogGroupRequest(input) +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/DescribeResourcePolicies +func (c *CloudWatchLogs) DescribeResourcePolicies(input *DescribeResourcePoliciesInput) (*DescribeResourcePoliciesOutput, error) { + req, out := c.DescribeResourcePoliciesRequest(input) return out, req.Send() } -// ListTagsLogGroupWithContext is the same as ListTagsLogGroup with the addition of +// DescribeResourcePoliciesWithContext is the same as DescribeResourcePolicies with the addition of // the ability to pass a context and additional request options. // -// See ListTagsLogGroup for details on how to use this API operation. +// See DescribeResourcePolicies for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. -// -// Deprecated: Please use the generic tagging API ListTagsForResource -func (c *CloudWatchLogs) ListTagsLogGroupWithContext(ctx aws.Context, input *ListTagsLogGroupInput, opts ...request.Option) (*ListTagsLogGroupOutput, error) { - req, out := c.ListTagsLogGroupRequest(input) +func (c *CloudWatchLogs) DescribeResourcePoliciesWithContext(ctx aws.Context, input *DescribeResourcePoliciesInput, opts ...request.Option) (*DescribeResourcePoliciesOutput, error) { + req, out := c.DescribeResourcePoliciesRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } -const opPutDataProtectionPolicy = "PutDataProtectionPolicy" +const opDescribeSubscriptionFilters = "DescribeSubscriptionFilters" -// PutDataProtectionPolicyRequest generates a "aws/request.Request" representing the -// client's request for the PutDataProtectionPolicy operation. The "output" return +// DescribeSubscriptionFiltersRequest generates a "aws/request.Request" representing the +// client's request for the DescribeSubscriptionFilters operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // -// See PutDataProtectionPolicy for more information on using the PutDataProtectionPolicy +// See DescribeSubscriptionFilters for more information on using the DescribeSubscriptionFilters // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // -// // Example sending a request using the PutDataProtectionPolicyRequest method. -// req, resp := client.PutDataProtectionPolicyRequest(params) +// // Example sending a request using the DescribeSubscriptionFiltersRequest method. +// req, resp := client.DescribeSubscriptionFiltersRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // -// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/PutDataProtectionPolicy -func (c *CloudWatchLogs) PutDataProtectionPolicyRequest(input *PutDataProtectionPolicyInput) (req *request.Request, output *PutDataProtectionPolicyOutput) { +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/DescribeSubscriptionFilters +func (c *CloudWatchLogs) DescribeSubscriptionFiltersRequest(input *DescribeSubscriptionFiltersInput) (req *request.Request, output *DescribeSubscriptionFiltersOutput) { op := &request.Operation{ - Name: opPutDataProtectionPolicy, + Name: opDescribeSubscriptionFilters, HTTPMethod: "POST", HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"nextToken"}, + OutputTokens: []string{"nextToken"}, + LimitToken: "limit", + TruncationToken: "", + }, } if input == nil { - input = &PutDataProtectionPolicyInput{} + input = &DescribeSubscriptionFiltersInput{} } - output = &PutDataProtectionPolicyOutput{} + output = &DescribeSubscriptionFiltersOutput{} req = c.newRequest(op, input, output) return } -// PutDataProtectionPolicy API operation for Amazon CloudWatch Logs. +// DescribeSubscriptionFilters API operation for Amazon CloudWatch Logs. // -// Creates a data protection policy for the specified log group. A data protection -// policy can help safeguard sensitive data that's ingested by the log group -// by auditing and masking the sensitive log data. +// Lists the subscription filters for the specified log group. You can list +// all the subscription filters or filter the results by prefix. The results +// are ASCII-sorted by filter name. // -// Sensitive data is detected and masked when it is ingested into the log group. -// When you set a data protection policy, log events ingested into the log group -// before that time are not masked. -// -// By default, when a user views a log event that includes masked data, the -// sensitive data is replaced by asterisks. A user who has the logs:Unmask permission -// can use a GetLogEvents (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_GetLogEvents.html) -// or FilterLogEvents (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_FilterLogEvents.html) -// operation with the unmask parameter set to true to view the unmasked log -// events. Users with the logs:Unmask can also view unmasked data in the CloudWatch -// Logs console by running a CloudWatch Logs Insights query with the unmask -// query command. -// -// For more information, including a list of types of data that can be audited -// and masked, see Protect sensitive log data with masking (https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/mask-sensitive-log-data.html). -// -// Returns awserr.Error for service API and SDK errors. Use runtime type assertions -// with awserr.Error's Code and Message methods to get detailed information about -// the error. +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. // // See the AWS API reference guide for Amazon CloudWatch Logs's -// API operation PutDataProtectionPolicy for usage and error information. +// API operation DescribeSubscriptionFilters for usage and error information. // // Returned Error Types: // // - InvalidParameterException // A parameter is specified incorrectly. // -// - LimitExceededException -// You have reached the maximum number of resources that can be created. -// -// - OperationAbortedException -// Multiple concurrent requests to update the same resource were in conflict. -// // - ResourceNotFoundException // The specified resource does not exist. // // - ServiceUnavailableException // The service cannot complete the request. // -// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/PutDataProtectionPolicy -func (c *CloudWatchLogs) PutDataProtectionPolicy(input *PutDataProtectionPolicyInput) (*PutDataProtectionPolicyOutput, error) { - req, out := c.PutDataProtectionPolicyRequest(input) +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/DescribeSubscriptionFilters +func (c *CloudWatchLogs) DescribeSubscriptionFilters(input *DescribeSubscriptionFiltersInput) (*DescribeSubscriptionFiltersOutput, error) { + req, out := c.DescribeSubscriptionFiltersRequest(input) return out, req.Send() } -// PutDataProtectionPolicyWithContext is the same as PutDataProtectionPolicy with the addition of +// DescribeSubscriptionFiltersWithContext is the same as DescribeSubscriptionFilters with the addition of // the ability to pass a context and additional request options. // -// See PutDataProtectionPolicy for details on how to use this API operation. +// See DescribeSubscriptionFilters for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. -func (c *CloudWatchLogs) PutDataProtectionPolicyWithContext(ctx aws.Context, input *PutDataProtectionPolicyInput, opts ...request.Option) (*PutDataProtectionPolicyOutput, error) { - req, out := c.PutDataProtectionPolicyRequest(input) +func (c *CloudWatchLogs) DescribeSubscriptionFiltersWithContext(ctx aws.Context, input *DescribeSubscriptionFiltersInput, opts ...request.Option) (*DescribeSubscriptionFiltersOutput, error) { + req, out := c.DescribeSubscriptionFiltersRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } -const opPutDestination = "PutDestination" +// DescribeSubscriptionFiltersPages iterates over the pages of a DescribeSubscriptionFilters operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See DescribeSubscriptionFilters method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a DescribeSubscriptionFilters operation. +// pageNum := 0 +// err := client.DescribeSubscriptionFiltersPages(params, +// func(page *cloudwatchlogs.DescribeSubscriptionFiltersOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +func (c *CloudWatchLogs) DescribeSubscriptionFiltersPages(input *DescribeSubscriptionFiltersInput, fn func(*DescribeSubscriptionFiltersOutput, bool) bool) error { + return c.DescribeSubscriptionFiltersPagesWithContext(aws.BackgroundContext(), input, fn) +} -// PutDestinationRequest generates a "aws/request.Request" representing the -// client's request for the PutDestination operation. The "output" return +// DescribeSubscriptionFiltersPagesWithContext same as DescribeSubscriptionFiltersPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *CloudWatchLogs) DescribeSubscriptionFiltersPagesWithContext(ctx aws.Context, input *DescribeSubscriptionFiltersInput, fn func(*DescribeSubscriptionFiltersOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + EndPageOnSameToken: true, + NewRequest: func() (*request.Request, error) { + var inCpy *DescribeSubscriptionFiltersInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.DescribeSubscriptionFiltersRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*DescribeSubscriptionFiltersOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + +const opDisassociateKmsKey = "DisassociateKmsKey" + +// DisassociateKmsKeyRequest generates a "aws/request.Request" representing the +// client's request for the DisassociateKmsKey operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // -// See PutDestination for more information on using the PutDestination +// See DisassociateKmsKey for more information on using the DisassociateKmsKey // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // -// // Example sending a request using the PutDestinationRequest method. -// req, resp := client.PutDestinationRequest(params) +// // Example sending a request using the DisassociateKmsKeyRequest method. +// req, resp := client.DisassociateKmsKeyRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // -// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/PutDestination -func (c *CloudWatchLogs) PutDestinationRequest(input *PutDestinationInput) (req *request.Request, output *PutDestinationOutput) { +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/DisassociateKmsKey +func (c *CloudWatchLogs) DisassociateKmsKeyRequest(input *DisassociateKmsKeyInput) (req *request.Request, output *DisassociateKmsKeyOutput) { op := &request.Operation{ - Name: opPutDestination, + Name: opDisassociateKmsKey, HTTPMethod: "POST", HTTPPath: "/", } if input == nil { - input = &PutDestinationInput{} + input = &DisassociateKmsKeyInput{} } - output = &PutDestinationOutput{} + output = &DisassociateKmsKeyOutput{} req = c.newRequest(op, input, output) + req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) return } -// PutDestination API operation for Amazon CloudWatch Logs. -// -// Creates or updates a destination. This operation is used only to create destinations -// for cross-account subscriptions. -// -// A destination encapsulates a physical resource (such as an Amazon Kinesis -// stream). With a destination, you can subscribe to a real-time stream of log -// events for a different account, ingested using PutLogEvents (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutLogEvents.html). +// DisassociateKmsKey API operation for Amazon CloudWatch Logs. // -// Through an access policy, a destination controls what is written to it. By -// default, PutDestination does not set any access policy with the destination, -// which means a cross-account user cannot call PutSubscriptionFilter (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutSubscriptionFilter.html) -// against this destination. To enable this, the destination owner must call -// PutDestinationPolicy (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutDestinationPolicy.html) -// after PutDestination. +// Disassociates the specified KMS key from the specified log group or from +// all CloudWatch Logs Insights query results in the account. +// +// When you use DisassociateKmsKey, you specify either the logGroupName parameter +// or the resourceIdentifier parameter. You can't specify both of those parameters +// in the same operation. +// +// - Specify the logGroupName parameter to stop using the KMS key to encrypt +// future log events ingested and stored in the log group. Instead, they +// will be encrypted with the default CloudWatch Logs method. The log events +// that were ingested while the key was associated with the log group are +// still encrypted with that key. Therefore, CloudWatch Logs will need permissions +// for the key whenever that data is accessed. +// +// - Specify the resourceIdentifier parameter with the query-result resource +// to stop using the KMS key to encrypt the results of all future StartQuery +// (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_StartQuery.html) +// operations in the account. They will instead be encrypted with the default +// CloudWatch Logs method. The results from queries that ran while the key +// was associated with the account are still encrypted with that key. Therefore, +// CloudWatch Logs will need permissions for the key whenever that data is +// accessed. // -// To perform a PutDestination operation, you must also have the iam:PassRole -// permission. +// It can take up to 5 minutes for this operation to take effect. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for Amazon CloudWatch Logs's -// API operation PutDestination for usage and error information. +// API operation DisassociateKmsKey for usage and error information. // // Returned Error Types: // // - InvalidParameterException // A parameter is specified incorrectly. // +// - ResourceNotFoundException +// The specified resource does not exist. +// // - OperationAbortedException // Multiple concurrent requests to update the same resource were in conflict. // // - ServiceUnavailableException // The service cannot complete the request. // -// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/PutDestination -func (c *CloudWatchLogs) PutDestination(input *PutDestinationInput) (*PutDestinationOutput, error) { - req, out := c.PutDestinationRequest(input) +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/DisassociateKmsKey +func (c *CloudWatchLogs) DisassociateKmsKey(input *DisassociateKmsKeyInput) (*DisassociateKmsKeyOutput, error) { + req, out := c.DisassociateKmsKeyRequest(input) return out, req.Send() } -// PutDestinationWithContext is the same as PutDestination with the addition of +// DisassociateKmsKeyWithContext is the same as DisassociateKmsKey with the addition of // the ability to pass a context and additional request options. // -// See PutDestination for details on how to use this API operation. +// See DisassociateKmsKey for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. -func (c *CloudWatchLogs) PutDestinationWithContext(ctx aws.Context, input *PutDestinationInput, opts ...request.Option) (*PutDestinationOutput, error) { - req, out := c.PutDestinationRequest(input) +func (c *CloudWatchLogs) DisassociateKmsKeyWithContext(ctx aws.Context, input *DisassociateKmsKeyInput, opts ...request.Option) (*DisassociateKmsKeyOutput, error) { + req, out := c.DisassociateKmsKeyRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } -const opPutDestinationPolicy = "PutDestinationPolicy" +const opFilterLogEvents = "FilterLogEvents" -// PutDestinationPolicyRequest generates a "aws/request.Request" representing the -// client's request for the PutDestinationPolicy operation. The "output" return +// FilterLogEventsRequest generates a "aws/request.Request" representing the +// client's request for the FilterLogEvents operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // -// See PutDestinationPolicy for more information on using the PutDestinationPolicy +// See FilterLogEvents for more information on using the FilterLogEvents // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // -// // Example sending a request using the PutDestinationPolicyRequest method. -// req, resp := client.PutDestinationPolicyRequest(params) +// // Example sending a request using the FilterLogEventsRequest method. +// req, resp := client.FilterLogEventsRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // -// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/PutDestinationPolicy -func (c *CloudWatchLogs) PutDestinationPolicyRequest(input *PutDestinationPolicyInput) (req *request.Request, output *PutDestinationPolicyOutput) { +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/FilterLogEvents +func (c *CloudWatchLogs) FilterLogEventsRequest(input *FilterLogEventsInput) (req *request.Request, output *FilterLogEventsOutput) { op := &request.Operation{ - Name: opPutDestinationPolicy, + Name: opFilterLogEvents, HTTPMethod: "POST", HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"nextToken"}, + OutputTokens: []string{"nextToken"}, + LimitToken: "limit", + TruncationToken: "", + }, } if input == nil { - input = &PutDestinationPolicyInput{} + input = &FilterLogEventsInput{} } - output = &PutDestinationPolicyOutput{} + output = &FilterLogEventsOutput{} req = c.newRequest(op, input, output) - req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) return } -// PutDestinationPolicy API operation for Amazon CloudWatch Logs. +// FilterLogEvents API operation for Amazon CloudWatch Logs. // -// Creates or updates an access policy associated with an existing destination. -// An access policy is an IAM policy document (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies_overview.html) -// that is used to authorize claims to register a subscription filter against -// a given destination. +// Lists log events from the specified log group. You can list all the log events +// or filter the results using a filter pattern, a time range, and the name +// of the log stream. +// +// You must have the logs:FilterLogEvents permission to perform this operation. +// +// You can specify the log group to search by using either logGroupIdentifier +// or logGroupName. You must include one of these two parameters, but you can't +// include both. +// +// By default, this operation returns as many log events as can fit in 1 MB +// (up to 10,000 log events) or all the events found within the specified time +// range. If the results include a token, that means there are more log events +// available. You can get additional results by specifying the token in a subsequent +// call. This operation can return empty results while there are more log events +// available through the token. +// +// The returned log events are sorted by event timestamp, the timestamp when +// the event was ingested by CloudWatch Logs, and the ID of the PutLogEvents +// request. +// +// If you are using CloudWatch cross-account observability, you can use this +// operation in a monitoring account and view data from the linked source accounts. +// For more information, see CloudWatch cross-account observability (https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-Unified-Cross-Account.html). // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for Amazon CloudWatch Logs's -// API operation PutDestinationPolicy for usage and error information. +// API operation FilterLogEvents for usage and error information. // // Returned Error Types: // // - InvalidParameterException // A parameter is specified incorrectly. // -// - OperationAbortedException -// Multiple concurrent requests to update the same resource were in conflict. +// - ResourceNotFoundException +// The specified resource does not exist. // // - ServiceUnavailableException // The service cannot complete the request. // -// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/PutDestinationPolicy -func (c *CloudWatchLogs) PutDestinationPolicy(input *PutDestinationPolicyInput) (*PutDestinationPolicyOutput, error) { - req, out := c.PutDestinationPolicyRequest(input) +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/FilterLogEvents +func (c *CloudWatchLogs) FilterLogEvents(input *FilterLogEventsInput) (*FilterLogEventsOutput, error) { + req, out := c.FilterLogEventsRequest(input) return out, req.Send() } -// PutDestinationPolicyWithContext is the same as PutDestinationPolicy with the addition of +// FilterLogEventsWithContext is the same as FilterLogEvents with the addition of // the ability to pass a context and additional request options. // -// See PutDestinationPolicy for details on how to use this API operation. +// See FilterLogEvents for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. -func (c *CloudWatchLogs) PutDestinationPolicyWithContext(ctx aws.Context, input *PutDestinationPolicyInput, opts ...request.Option) (*PutDestinationPolicyOutput, error) { - req, out := c.PutDestinationPolicyRequest(input) +func (c *CloudWatchLogs) FilterLogEventsWithContext(ctx aws.Context, input *FilterLogEventsInput, opts ...request.Option) (*FilterLogEventsOutput, error) { + req, out := c.FilterLogEventsRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } -const opPutLogEvents = "PutLogEvents" - -// PutLogEventsRequest generates a "aws/request.Request" representing the -// client's request for the PutLogEvents operation. The "output" return -// value will be populated with the request's response once the request completes -// successfully. -// -// Use "Send" method on the returned Request to send the API call to the service. -// the "output" return value is not valid until after Send returns without error. +// FilterLogEventsPages iterates over the pages of a FilterLogEvents operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. // -// See PutLogEvents for more information on using the PutLogEvents -// API call, and error handling. +// See FilterLogEvents method for more information on how to use this operation. // -// This method is useful when you want to inject custom logic or configuration -// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// Note: This operation can generate multiple requests to a service. // -// // Example sending a request using the PutLogEventsRequest method. -// req, resp := client.PutLogEventsRequest(params) +// // Example iterating over at most 3 pages of a FilterLogEvents operation. +// pageNum := 0 +// err := client.FilterLogEventsPages(params, +// func(page *cloudwatchlogs.FilterLogEventsOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +func (c *CloudWatchLogs) FilterLogEventsPages(input *FilterLogEventsInput, fn func(*FilterLogEventsOutput, bool) bool) error { + return c.FilterLogEventsPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// FilterLogEventsPagesWithContext same as FilterLogEventsPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *CloudWatchLogs) FilterLogEventsPagesWithContext(ctx aws.Context, input *FilterLogEventsInput, fn func(*FilterLogEventsOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + EndPageOnSameToken: true, + NewRequest: func() (*request.Request, error) { + var inCpy *FilterLogEventsInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.FilterLogEventsRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*FilterLogEventsOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + +const opGetDataProtectionPolicy = "GetDataProtectionPolicy" + +// GetDataProtectionPolicyRequest generates a "aws/request.Request" representing the +// client's request for the GetDataProtectionPolicy operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See GetDataProtectionPolicy for more information on using the GetDataProtectionPolicy +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the GetDataProtectionPolicyRequest method. +// req, resp := client.GetDataProtectionPolicyRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // -// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/PutLogEvents -func (c *CloudWatchLogs) PutLogEventsRequest(input *PutLogEventsInput) (req *request.Request, output *PutLogEventsOutput) { +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/GetDataProtectionPolicy +func (c *CloudWatchLogs) GetDataProtectionPolicyRequest(input *GetDataProtectionPolicyInput) (req *request.Request, output *GetDataProtectionPolicyOutput) { op := &request.Operation{ - Name: opPutLogEvents, + Name: opGetDataProtectionPolicy, HTTPMethod: "POST", HTTPPath: "/", } if input == nil { - input = &PutLogEventsInput{} + input = &GetDataProtectionPolicyInput{} } - output = &PutLogEventsOutput{} + output = &GetDataProtectionPolicyOutput{} req = c.newRequest(op, input, output) return } -// PutLogEvents API operation for Amazon CloudWatch Logs. -// -// Uploads a batch of log events to the specified log stream. -// -// The sequence token is now ignored in PutLogEvents actions. PutLogEvents actions -// are always accepted and never return InvalidSequenceTokenException or DataAlreadyAcceptedException -// even if the sequence token is not valid. You can use parallel PutLogEvents -// actions on the same log stream. -// -// The batch of events must satisfy the following constraints: -// -// - The maximum batch size is 1,048,576 bytes. This size is calculated as -// the sum of all event messages in UTF-8, plus 26 bytes for each log event. -// -// - None of the log events in the batch can be more than 2 hours in the -// future. -// -// - None of the log events in the batch can be more than 14 days in the -// past. Also, none of the log events can be from earlier than the retention -// period of the log group. -// -// - The log events in the batch must be in chronological order by their -// timestamp. The timestamp is the time that the event occurred, expressed -// as the number of milliseconds after Jan 1, 1970 00:00:00 UTC. (In Amazon -// Web Services Tools for PowerShell and the Amazon Web Services SDK for -// .NET, the timestamp is specified in .NET format: yyyy-mm-ddThh:mm:ss. -// For example, 2017-09-15T13:45:30.) -// -// - A batch of log events in a single request cannot span more than 24 hours. -// Otherwise, the operation fails. -// -// - The maximum number of log events in a batch is 10,000. -// -// - The quota of five requests per second per log stream has been removed. -// Instead, PutLogEvents actions are throttled based on a per-second per-account -// quota. You can request an increase to the per-second throttling quota -// by using the Service Quotas service. +// GetDataProtectionPolicy API operation for Amazon CloudWatch Logs. // -// If a call to PutLogEvents returns "UnrecognizedClientException" the most -// likely cause is a non-valid Amazon Web Services access key ID or secret key. +// Returns information about a log group data protection policy. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for Amazon CloudWatch Logs's -// API operation PutLogEvents for usage and error information. +// API operation GetDataProtectionPolicy for usage and error information. // // Returned Error Types: // // - InvalidParameterException // A parameter is specified incorrectly. // -// - InvalidSequenceTokenException -// The sequence token is not valid. You can get the correct sequence token in -// the expectedSequenceToken field in the InvalidSequenceTokenException message. -// -// PutLogEvents actions are now always accepted and never return InvalidSequenceTokenException -// regardless of receiving an invalid sequence token. -// -// - DataAlreadyAcceptedException -// The event was already logged. -// -// PutLogEvents actions are now always accepted and never return DataAlreadyAcceptedException -// regardless of whether a given batch of log events has already been accepted. +// - OperationAbortedException +// Multiple concurrent requests to update the same resource were in conflict. // // - ResourceNotFoundException // The specified resource does not exist. @@ -3822,513 +4185,451 @@ func (c *CloudWatchLogs) PutLogEventsRequest(input *PutLogEventsInput) (req *req // - ServiceUnavailableException // The service cannot complete the request. // -// - UnrecognizedClientException -// The most likely cause is an Amazon Web Services access key ID or secret key -// that's not valid. -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/PutLogEvents -func (c *CloudWatchLogs) PutLogEvents(input *PutLogEventsInput) (*PutLogEventsOutput, error) { - req, out := c.PutLogEventsRequest(input) +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/GetDataProtectionPolicy +func (c *CloudWatchLogs) GetDataProtectionPolicy(input *GetDataProtectionPolicyInput) (*GetDataProtectionPolicyOutput, error) { + req, out := c.GetDataProtectionPolicyRequest(input) return out, req.Send() } -// PutLogEventsWithContext is the same as PutLogEvents with the addition of +// GetDataProtectionPolicyWithContext is the same as GetDataProtectionPolicy with the addition of // the ability to pass a context and additional request options. // -// See PutLogEvents for details on how to use this API operation. +// See GetDataProtectionPolicy for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. -func (c *CloudWatchLogs) PutLogEventsWithContext(ctx aws.Context, input *PutLogEventsInput, opts ...request.Option) (*PutLogEventsOutput, error) { - req, out := c.PutLogEventsRequest(input) +func (c *CloudWatchLogs) GetDataProtectionPolicyWithContext(ctx aws.Context, input *GetDataProtectionPolicyInput, opts ...request.Option) (*GetDataProtectionPolicyOutput, error) { + req, out := c.GetDataProtectionPolicyRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } -const opPutMetricFilter = "PutMetricFilter" +const opGetDelivery = "GetDelivery" -// PutMetricFilterRequest generates a "aws/request.Request" representing the -// client's request for the PutMetricFilter operation. The "output" return +// GetDeliveryRequest generates a "aws/request.Request" representing the +// client's request for the GetDelivery operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // -// See PutMetricFilter for more information on using the PutMetricFilter +// See GetDelivery for more information on using the GetDelivery // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // -// // Example sending a request using the PutMetricFilterRequest method. -// req, resp := client.PutMetricFilterRequest(params) +// // Example sending a request using the GetDeliveryRequest method. +// req, resp := client.GetDeliveryRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // -// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/PutMetricFilter -func (c *CloudWatchLogs) PutMetricFilterRequest(input *PutMetricFilterInput) (req *request.Request, output *PutMetricFilterOutput) { +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/GetDelivery +func (c *CloudWatchLogs) GetDeliveryRequest(input *GetDeliveryInput) (req *request.Request, output *GetDeliveryOutput) { op := &request.Operation{ - Name: opPutMetricFilter, + Name: opGetDelivery, HTTPMethod: "POST", HTTPPath: "/", } if input == nil { - input = &PutMetricFilterInput{} + input = &GetDeliveryInput{} } - output = &PutMetricFilterOutput{} + output = &GetDeliveryOutput{} req = c.newRequest(op, input, output) - req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) return } -// PutMetricFilter API operation for Amazon CloudWatch Logs. -// -// Creates or updates a metric filter and associates it with the specified log -// group. With metric filters, you can configure rules to extract metric data -// from log events ingested through PutLogEvents (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutLogEvents.html). -// -// The maximum number of metric filters that can be associated with a log group -// is 100. -// -// When you create a metric filter, you can also optionally assign a unit and -// dimensions to the metric that is created. +// GetDelivery API operation for Amazon CloudWatch Logs. // -// Metrics extracted from log events are charged as custom metrics. To prevent -// unexpected high charges, do not specify high-cardinality fields such as IPAddress -// or requestID as dimensions. Each different value found for a dimension is -// treated as a separate metric and accrues charges as a separate custom metric. +// Returns complete information about one logical delivery. A delivery is a +// connection between a delivery source (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutDeliverySource.html) +// and a delivery destination (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutDeliveryDestination.html). // -// CloudWatch Logs disables a metric filter if it generates 1,000 different -// name/value pairs for your specified dimensions within a certain amount of -// time. This helps to prevent accidental high charges. +// A delivery source represents an Amazon Web Services resource that sends logs +// to an logs delivery destination. The destination can be CloudWatch Logs, +// Amazon S3, or Firehose. Only some Amazon Web Services services support being +// configured as a delivery source. These services are listed in Enable logging +// from Amazon Web Services services. (https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/AWS-logs-and-resource-policy.html) // -// You can also set up a billing alarm to alert you if your charges are higher -// than expected. For more information, see Creating a Billing Alarm to Monitor -// Your Estimated Amazon Web Services Charges (https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/monitor_estimated_charges_with_cloudwatch.html). +// You need to specify the delivery id in this operation. You can find the IDs +// of the deliveries in your account with the DescribeDeliveries (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_DescribeDeliveries.html) +// operation. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for Amazon CloudWatch Logs's -// API operation PutMetricFilter for usage and error information. +// API operation GetDelivery for usage and error information. // // Returned Error Types: // -// - InvalidParameterException -// A parameter is specified incorrectly. -// // - ResourceNotFoundException // The specified resource does not exist. // -// - OperationAbortedException -// Multiple concurrent requests to update the same resource were in conflict. -// -// - LimitExceededException -// You have reached the maximum number of resources that can be created. -// // - ServiceUnavailableException // The service cannot complete the request. // -// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/PutMetricFilter -func (c *CloudWatchLogs) PutMetricFilter(input *PutMetricFilterInput) (*PutMetricFilterOutput, error) { - req, out := c.PutMetricFilterRequest(input) +// - ValidationException +// One of the parameters for the request is not valid. +// +// - ServiceQuotaExceededException +// This request exceeds a service quota. +// +// - ThrottlingException +// The request was throttled because of quota limits. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/GetDelivery +func (c *CloudWatchLogs) GetDelivery(input *GetDeliveryInput) (*GetDeliveryOutput, error) { + req, out := c.GetDeliveryRequest(input) return out, req.Send() } -// PutMetricFilterWithContext is the same as PutMetricFilter with the addition of +// GetDeliveryWithContext is the same as GetDelivery with the addition of // the ability to pass a context and additional request options. // -// See PutMetricFilter for details on how to use this API operation. +// See GetDelivery for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. -func (c *CloudWatchLogs) PutMetricFilterWithContext(ctx aws.Context, input *PutMetricFilterInput, opts ...request.Option) (*PutMetricFilterOutput, error) { - req, out := c.PutMetricFilterRequest(input) +func (c *CloudWatchLogs) GetDeliveryWithContext(ctx aws.Context, input *GetDeliveryInput, opts ...request.Option) (*GetDeliveryOutput, error) { + req, out := c.GetDeliveryRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } -const opPutQueryDefinition = "PutQueryDefinition" +const opGetDeliveryDestination = "GetDeliveryDestination" -// PutQueryDefinitionRequest generates a "aws/request.Request" representing the -// client's request for the PutQueryDefinition operation. The "output" return +// GetDeliveryDestinationRequest generates a "aws/request.Request" representing the +// client's request for the GetDeliveryDestination operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // -// See PutQueryDefinition for more information on using the PutQueryDefinition +// See GetDeliveryDestination for more information on using the GetDeliveryDestination // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // -// // Example sending a request using the PutQueryDefinitionRequest method. -// req, resp := client.PutQueryDefinitionRequest(params) +// // Example sending a request using the GetDeliveryDestinationRequest method. +// req, resp := client.GetDeliveryDestinationRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // -// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/PutQueryDefinition -func (c *CloudWatchLogs) PutQueryDefinitionRequest(input *PutQueryDefinitionInput) (req *request.Request, output *PutQueryDefinitionOutput) { +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/GetDeliveryDestination +func (c *CloudWatchLogs) GetDeliveryDestinationRequest(input *GetDeliveryDestinationInput) (req *request.Request, output *GetDeliveryDestinationOutput) { op := &request.Operation{ - Name: opPutQueryDefinition, + Name: opGetDeliveryDestination, HTTPMethod: "POST", HTTPPath: "/", } if input == nil { - input = &PutQueryDefinitionInput{} + input = &GetDeliveryDestinationInput{} } - output = &PutQueryDefinitionOutput{} + output = &GetDeliveryDestinationOutput{} req = c.newRequest(op, input, output) return } -// PutQueryDefinition API operation for Amazon CloudWatch Logs. -// -// Creates or updates a query definition for CloudWatch Logs Insights. For more -// information, see Analyzing Log Data with CloudWatch Logs Insights (https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/AnalyzingLogData.html). -// -// To update a query definition, specify its queryDefinitionId in your request. -// The values of name, queryString, and logGroupNames are changed to the values -// that you specify in your update operation. No current values are retained -// from the current query definition. For example, imagine updating a current -// query definition that includes log groups. If you don't specify the logGroupNames -// parameter in your update operation, the query definition changes to contain -// no log groups. +// GetDeliveryDestination API operation for Amazon CloudWatch Logs. // -// You must have the logs:PutQueryDefinition permission to be able to perform -// this operation. +// Retrieves complete information about one delivery destination. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for Amazon CloudWatch Logs's -// API operation PutQueryDefinition for usage and error information. +// API operation GetDeliveryDestination for usage and error information. // // Returned Error Types: // -// - InvalidParameterException -// A parameter is specified incorrectly. -// -// - LimitExceededException -// You have reached the maximum number of resources that can be created. -// // - ResourceNotFoundException // The specified resource does not exist. // // - ServiceUnavailableException // The service cannot complete the request. // -// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/PutQueryDefinition -func (c *CloudWatchLogs) PutQueryDefinition(input *PutQueryDefinitionInput) (*PutQueryDefinitionOutput, error) { - req, out := c.PutQueryDefinitionRequest(input) +// - ValidationException +// One of the parameters for the request is not valid. +// +// - ServiceQuotaExceededException +// This request exceeds a service quota. +// +// - ThrottlingException +// The request was throttled because of quota limits. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/GetDeliveryDestination +func (c *CloudWatchLogs) GetDeliveryDestination(input *GetDeliveryDestinationInput) (*GetDeliveryDestinationOutput, error) { + req, out := c.GetDeliveryDestinationRequest(input) return out, req.Send() } -// PutQueryDefinitionWithContext is the same as PutQueryDefinition with the addition of +// GetDeliveryDestinationWithContext is the same as GetDeliveryDestination with the addition of // the ability to pass a context and additional request options. // -// See PutQueryDefinition for details on how to use this API operation. +// See GetDeliveryDestination for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. -func (c *CloudWatchLogs) PutQueryDefinitionWithContext(ctx aws.Context, input *PutQueryDefinitionInput, opts ...request.Option) (*PutQueryDefinitionOutput, error) { - req, out := c.PutQueryDefinitionRequest(input) +func (c *CloudWatchLogs) GetDeliveryDestinationWithContext(ctx aws.Context, input *GetDeliveryDestinationInput, opts ...request.Option) (*GetDeliveryDestinationOutput, error) { + req, out := c.GetDeliveryDestinationRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } -const opPutResourcePolicy = "PutResourcePolicy" +const opGetDeliveryDestinationPolicy = "GetDeliveryDestinationPolicy" -// PutResourcePolicyRequest generates a "aws/request.Request" representing the -// client's request for the PutResourcePolicy operation. The "output" return +// GetDeliveryDestinationPolicyRequest generates a "aws/request.Request" representing the +// client's request for the GetDeliveryDestinationPolicy operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // -// See PutResourcePolicy for more information on using the PutResourcePolicy +// See GetDeliveryDestinationPolicy for more information on using the GetDeliveryDestinationPolicy // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // -// // Example sending a request using the PutResourcePolicyRequest method. -// req, resp := client.PutResourcePolicyRequest(params) +// // Example sending a request using the GetDeliveryDestinationPolicyRequest method. +// req, resp := client.GetDeliveryDestinationPolicyRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // -// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/PutResourcePolicy -func (c *CloudWatchLogs) PutResourcePolicyRequest(input *PutResourcePolicyInput) (req *request.Request, output *PutResourcePolicyOutput) { +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/GetDeliveryDestinationPolicy +func (c *CloudWatchLogs) GetDeliveryDestinationPolicyRequest(input *GetDeliveryDestinationPolicyInput) (req *request.Request, output *GetDeliveryDestinationPolicyOutput) { op := &request.Operation{ - Name: opPutResourcePolicy, + Name: opGetDeliveryDestinationPolicy, HTTPMethod: "POST", HTTPPath: "/", } if input == nil { - input = &PutResourcePolicyInput{} + input = &GetDeliveryDestinationPolicyInput{} } - output = &PutResourcePolicyOutput{} + output = &GetDeliveryDestinationPolicyOutput{} req = c.newRequest(op, input, output) return } -// PutResourcePolicy API operation for Amazon CloudWatch Logs. +// GetDeliveryDestinationPolicy API operation for Amazon CloudWatch Logs. // -// Creates or updates a resource policy allowing other Amazon Web Services services -// to put log events to this account, such as Amazon Route 53. An account can -// have up to 10 resource policies per Amazon Web Services Region. +// Retrieves the delivery destination policy assigned to the delivery destination +// that you specify. For more information about delivery destinations and their +// policies, see PutDeliveryDestinationPolicy (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutDeliveryDestinationPolicy.html). // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for Amazon CloudWatch Logs's -// API operation PutResourcePolicy for usage and error information. +// API operation GetDeliveryDestinationPolicy for usage and error information. // // Returned Error Types: // -// - InvalidParameterException -// A parameter is specified incorrectly. -// -// - LimitExceededException -// You have reached the maximum number of resources that can be created. -// // - ServiceUnavailableException // The service cannot complete the request. // -// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/PutResourcePolicy -func (c *CloudWatchLogs) PutResourcePolicy(input *PutResourcePolicyInput) (*PutResourcePolicyOutput, error) { - req, out := c.PutResourcePolicyRequest(input) +// - ValidationException +// One of the parameters for the request is not valid. +// +// - ResourceNotFoundException +// The specified resource does not exist. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/GetDeliveryDestinationPolicy +func (c *CloudWatchLogs) GetDeliveryDestinationPolicy(input *GetDeliveryDestinationPolicyInput) (*GetDeliveryDestinationPolicyOutput, error) { + req, out := c.GetDeliveryDestinationPolicyRequest(input) return out, req.Send() } -// PutResourcePolicyWithContext is the same as PutResourcePolicy with the addition of +// GetDeliveryDestinationPolicyWithContext is the same as GetDeliveryDestinationPolicy with the addition of // the ability to pass a context and additional request options. // -// See PutResourcePolicy for details on how to use this API operation. +// See GetDeliveryDestinationPolicy for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. -func (c *CloudWatchLogs) PutResourcePolicyWithContext(ctx aws.Context, input *PutResourcePolicyInput, opts ...request.Option) (*PutResourcePolicyOutput, error) { - req, out := c.PutResourcePolicyRequest(input) +func (c *CloudWatchLogs) GetDeliveryDestinationPolicyWithContext(ctx aws.Context, input *GetDeliveryDestinationPolicyInput, opts ...request.Option) (*GetDeliveryDestinationPolicyOutput, error) { + req, out := c.GetDeliveryDestinationPolicyRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } -const opPutRetentionPolicy = "PutRetentionPolicy" +const opGetDeliverySource = "GetDeliverySource" -// PutRetentionPolicyRequest generates a "aws/request.Request" representing the -// client's request for the PutRetentionPolicy operation. The "output" return +// GetDeliverySourceRequest generates a "aws/request.Request" representing the +// client's request for the GetDeliverySource operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // -// See PutRetentionPolicy for more information on using the PutRetentionPolicy +// See GetDeliverySource for more information on using the GetDeliverySource // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // -// // Example sending a request using the PutRetentionPolicyRequest method. -// req, resp := client.PutRetentionPolicyRequest(params) +// // Example sending a request using the GetDeliverySourceRequest method. +// req, resp := client.GetDeliverySourceRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // -// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/PutRetentionPolicy -func (c *CloudWatchLogs) PutRetentionPolicyRequest(input *PutRetentionPolicyInput) (req *request.Request, output *PutRetentionPolicyOutput) { +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/GetDeliverySource +func (c *CloudWatchLogs) GetDeliverySourceRequest(input *GetDeliverySourceInput) (req *request.Request, output *GetDeliverySourceOutput) { op := &request.Operation{ - Name: opPutRetentionPolicy, + Name: opGetDeliverySource, HTTPMethod: "POST", HTTPPath: "/", } if input == nil { - input = &PutRetentionPolicyInput{} + input = &GetDeliverySourceInput{} } - output = &PutRetentionPolicyOutput{} + output = &GetDeliverySourceOutput{} req = c.newRequest(op, input, output) - req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) return } -// PutRetentionPolicy API operation for Amazon CloudWatch Logs. -// -// Sets the retention of the specified log group. With a retention policy, you -// can configure the number of days for which to retain log events in the specified -// log group. -// -// CloudWatch Logs doesn’t immediately delete log events when they reach their -// retention setting. It typically takes up to 72 hours after that before log -// events are deleted, but in rare situations might take longer. +// GetDeliverySource API operation for Amazon CloudWatch Logs. // -// To illustrate, imagine that you change a log group to have a longer retention -// setting when it contains log events that are past the expiration date, but -// haven’t been deleted. Those log events will take up to 72 hours to be deleted -// after the new retention date is reached. To make sure that log data is deleted -// permanently, keep a log group at its lower retention setting until 72 hours -// after the previous retention period ends. Alternatively, wait to change the -// retention setting until you confirm that the earlier log events are deleted. +// Retrieves complete information about one delivery source. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for Amazon CloudWatch Logs's -// API operation PutRetentionPolicy for usage and error information. +// API operation GetDeliverySource for usage and error information. // // Returned Error Types: // -// - InvalidParameterException -// A parameter is specified incorrectly. -// // - ResourceNotFoundException // The specified resource does not exist. // -// - OperationAbortedException -// Multiple concurrent requests to update the same resource were in conflict. -// // - ServiceUnavailableException // The service cannot complete the request. // -// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/PutRetentionPolicy -func (c *CloudWatchLogs) PutRetentionPolicy(input *PutRetentionPolicyInput) (*PutRetentionPolicyOutput, error) { - req, out := c.PutRetentionPolicyRequest(input) +// - ValidationException +// One of the parameters for the request is not valid. +// +// - ServiceQuotaExceededException +// This request exceeds a service quota. +// +// - ThrottlingException +// The request was throttled because of quota limits. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/GetDeliverySource +func (c *CloudWatchLogs) GetDeliverySource(input *GetDeliverySourceInput) (*GetDeliverySourceOutput, error) { + req, out := c.GetDeliverySourceRequest(input) return out, req.Send() } -// PutRetentionPolicyWithContext is the same as PutRetentionPolicy with the addition of +// GetDeliverySourceWithContext is the same as GetDeliverySource with the addition of // the ability to pass a context and additional request options. // -// See PutRetentionPolicy for details on how to use this API operation. +// See GetDeliverySource for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. -func (c *CloudWatchLogs) PutRetentionPolicyWithContext(ctx aws.Context, input *PutRetentionPolicyInput, opts ...request.Option) (*PutRetentionPolicyOutput, error) { - req, out := c.PutRetentionPolicyRequest(input) +func (c *CloudWatchLogs) GetDeliverySourceWithContext(ctx aws.Context, input *GetDeliverySourceInput, opts ...request.Option) (*GetDeliverySourceOutput, error) { + req, out := c.GetDeliverySourceRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } -const opPutSubscriptionFilter = "PutSubscriptionFilter" +const opGetLogAnomalyDetector = "GetLogAnomalyDetector" -// PutSubscriptionFilterRequest generates a "aws/request.Request" representing the -// client's request for the PutSubscriptionFilter operation. The "output" return +// GetLogAnomalyDetectorRequest generates a "aws/request.Request" representing the +// client's request for the GetLogAnomalyDetector operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // -// See PutSubscriptionFilter for more information on using the PutSubscriptionFilter +// See GetLogAnomalyDetector for more information on using the GetLogAnomalyDetector // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // -// // Example sending a request using the PutSubscriptionFilterRequest method. -// req, resp := client.PutSubscriptionFilterRequest(params) +// // Example sending a request using the GetLogAnomalyDetectorRequest method. +// req, resp := client.GetLogAnomalyDetectorRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // -// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/PutSubscriptionFilter -func (c *CloudWatchLogs) PutSubscriptionFilterRequest(input *PutSubscriptionFilterInput) (req *request.Request, output *PutSubscriptionFilterOutput) { +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/GetLogAnomalyDetector +func (c *CloudWatchLogs) GetLogAnomalyDetectorRequest(input *GetLogAnomalyDetectorInput) (req *request.Request, output *GetLogAnomalyDetectorOutput) { op := &request.Operation{ - Name: opPutSubscriptionFilter, + Name: opGetLogAnomalyDetector, HTTPMethod: "POST", HTTPPath: "/", } if input == nil { - input = &PutSubscriptionFilterInput{} + input = &GetLogAnomalyDetectorInput{} } - output = &PutSubscriptionFilterOutput{} + output = &GetLogAnomalyDetectorOutput{} req = c.newRequest(op, input, output) - req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) return } -// PutSubscriptionFilter API operation for Amazon CloudWatch Logs. -// -// Creates or updates a subscription filter and associates it with the specified -// log group. With subscription filters, you can subscribe to a real-time stream -// of log events ingested through PutLogEvents (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutLogEvents.html) -// and have them delivered to a specific destination. When log events are sent -// to the receiving service, they are Base64 encoded and compressed with the -// GZIP format. -// -// The following destinations are supported for subscription filters: -// -// - An Amazon Kinesis data stream belonging to the same account as the subscription -// filter, for same-account delivery. -// -// - A logical destination that belongs to a different account, for cross-account -// delivery. -// -// - An Amazon Kinesis Data Firehose delivery stream that belongs to the -// same account as the subscription filter, for same-account delivery. -// -// - An Lambda function that belongs to the same account as the subscription -// filter, for same-account delivery. -// -// Each log group can have up to two subscription filters associated with it. -// If you are updating an existing filter, you must specify the correct name -// in filterName. +// GetLogAnomalyDetector API operation for Amazon CloudWatch Logs. // -// To perform a PutSubscriptionFilter operation, you must also have the iam:PassRole -// permission. +// Retrieves information about the log anomaly detector that you specify. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for Amazon CloudWatch Logs's -// API operation PutSubscriptionFilter for usage and error information. +// API operation GetLogAnomalyDetector for usage and error information. // // Returned Error Types: // @@ -4338,412 +4639,460 @@ func (c *CloudWatchLogs) PutSubscriptionFilterRequest(input *PutSubscriptionFilt // - ResourceNotFoundException // The specified resource does not exist. // -// - OperationAbortedException -// Multiple concurrent requests to update the same resource were in conflict. -// -// - LimitExceededException -// You have reached the maximum number of resources that can be created. -// // - ServiceUnavailableException // The service cannot complete the request. // -// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/PutSubscriptionFilter -func (c *CloudWatchLogs) PutSubscriptionFilter(input *PutSubscriptionFilterInput) (*PutSubscriptionFilterOutput, error) { - req, out := c.PutSubscriptionFilterRequest(input) +// - OperationAbortedException +// Multiple concurrent requests to update the same resource were in conflict. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/GetLogAnomalyDetector +func (c *CloudWatchLogs) GetLogAnomalyDetector(input *GetLogAnomalyDetectorInput) (*GetLogAnomalyDetectorOutput, error) { + req, out := c.GetLogAnomalyDetectorRequest(input) return out, req.Send() } -// PutSubscriptionFilterWithContext is the same as PutSubscriptionFilter with the addition of +// GetLogAnomalyDetectorWithContext is the same as GetLogAnomalyDetector with the addition of // the ability to pass a context and additional request options. // -// See PutSubscriptionFilter for details on how to use this API operation. +// See GetLogAnomalyDetector for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. -func (c *CloudWatchLogs) PutSubscriptionFilterWithContext(ctx aws.Context, input *PutSubscriptionFilterInput, opts ...request.Option) (*PutSubscriptionFilterOutput, error) { - req, out := c.PutSubscriptionFilterRequest(input) +func (c *CloudWatchLogs) GetLogAnomalyDetectorWithContext(ctx aws.Context, input *GetLogAnomalyDetectorInput, opts ...request.Option) (*GetLogAnomalyDetectorOutput, error) { + req, out := c.GetLogAnomalyDetectorRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } -const opStartQuery = "StartQuery" +const opGetLogEvents = "GetLogEvents" -// StartQueryRequest generates a "aws/request.Request" representing the -// client's request for the StartQuery operation. The "output" return +// GetLogEventsRequest generates a "aws/request.Request" representing the +// client's request for the GetLogEvents operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // -// See StartQuery for more information on using the StartQuery +// See GetLogEvents for more information on using the GetLogEvents // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // -// // Example sending a request using the StartQueryRequest method. -// req, resp := client.StartQueryRequest(params) +// // Example sending a request using the GetLogEventsRequest method. +// req, resp := client.GetLogEventsRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // -// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/StartQuery -func (c *CloudWatchLogs) StartQueryRequest(input *StartQueryInput) (req *request.Request, output *StartQueryOutput) { +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/GetLogEvents +func (c *CloudWatchLogs) GetLogEventsRequest(input *GetLogEventsInput) (req *request.Request, output *GetLogEventsOutput) { op := &request.Operation{ - Name: opStartQuery, + Name: opGetLogEvents, HTTPMethod: "POST", HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"nextToken"}, + OutputTokens: []string{"nextForwardToken"}, + LimitToken: "limit", + TruncationToken: "", + }, } if input == nil { - input = &StartQueryInput{} + input = &GetLogEventsInput{} } - output = &StartQueryOutput{} + output = &GetLogEventsOutput{} req = c.newRequest(op, input, output) return } -// StartQuery API operation for Amazon CloudWatch Logs. -// -// Schedules a query of a log group using CloudWatch Logs Insights. You specify -// the log group and time range to query and the query string to use. +// GetLogEvents API operation for Amazon CloudWatch Logs. // -// For more information, see CloudWatch Logs Insights Query Syntax (https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CWL_QuerySyntax.html). +// Lists log events from the specified log stream. You can list all of the log +// events or filter using a time range. // -// Queries time out after 15 minutes of runtime. If your queries are timing -// out, reduce the time range being searched or partition your query into a -// number of queries. +// By default, this operation returns as many log events as can fit in a response +// size of 1MB (up to 10,000 log events). You can get additional log events +// by specifying one of the tokens in a subsequent call. This operation can +// return empty results while there are more log events available through the +// token. // // If you are using CloudWatch cross-account observability, you can use this -// operation in a monitoring account to start a query in a linked source account. +// operation in a monitoring account and view data from the linked source accounts. // For more information, see CloudWatch cross-account observability (https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-Unified-Cross-Account.html). -// For a cross-account StartQuery operation, the query definition must be defined -// in the monitoring account. // -// You can have up to 20 concurrent CloudWatch Logs insights queries, including -// queries that have been added to dashboards. +// You can specify the log group to search by using either logGroupIdentifier +// or logGroupName. You must include one of these two parameters, but you can't +// include both. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for Amazon CloudWatch Logs's -// API operation StartQuery for usage and error information. +// API operation GetLogEvents for usage and error information. // // Returned Error Types: // -// - MalformedQueryException -// The query string is not valid. Details about this error are displayed in -// a QueryCompileError object. For more information, see QueryCompileError (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_QueryCompileError.html). -// -// For more information about valid query syntax, see CloudWatch Logs Insights -// Query Syntax (https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CWL_QuerySyntax.html). -// // - InvalidParameterException // A parameter is specified incorrectly. // -// - LimitExceededException -// You have reached the maximum number of resources that can be created. -// // - ResourceNotFoundException // The specified resource does not exist. // // - ServiceUnavailableException // The service cannot complete the request. // -// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/StartQuery -func (c *CloudWatchLogs) StartQuery(input *StartQueryInput) (*StartQueryOutput, error) { - req, out := c.StartQueryRequest(input) +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/GetLogEvents +func (c *CloudWatchLogs) GetLogEvents(input *GetLogEventsInput) (*GetLogEventsOutput, error) { + req, out := c.GetLogEventsRequest(input) return out, req.Send() } -// StartQueryWithContext is the same as StartQuery with the addition of +// GetLogEventsWithContext is the same as GetLogEvents with the addition of // the ability to pass a context and additional request options. // -// See StartQuery for details on how to use this API operation. +// See GetLogEvents for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. -func (c *CloudWatchLogs) StartQueryWithContext(ctx aws.Context, input *StartQueryInput, opts ...request.Option) (*StartQueryOutput, error) { - req, out := c.StartQueryRequest(input) +func (c *CloudWatchLogs) GetLogEventsWithContext(ctx aws.Context, input *GetLogEventsInput, opts ...request.Option) (*GetLogEventsOutput, error) { + req, out := c.GetLogEventsRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } -const opStopQuery = "StopQuery" +// GetLogEventsPages iterates over the pages of a GetLogEvents operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See GetLogEvents method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a GetLogEvents operation. +// pageNum := 0 +// err := client.GetLogEventsPages(params, +// func(page *cloudwatchlogs.GetLogEventsOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +func (c *CloudWatchLogs) GetLogEventsPages(input *GetLogEventsInput, fn func(*GetLogEventsOutput, bool) bool) error { + return c.GetLogEventsPagesWithContext(aws.BackgroundContext(), input, fn) +} -// StopQueryRequest generates a "aws/request.Request" representing the -// client's request for the StopQuery operation. The "output" return +// GetLogEventsPagesWithContext same as GetLogEventsPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *CloudWatchLogs) GetLogEventsPagesWithContext(ctx aws.Context, input *GetLogEventsInput, fn func(*GetLogEventsOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + EndPageOnSameToken: true, + NewRequest: func() (*request.Request, error) { + var inCpy *GetLogEventsInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.GetLogEventsRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*GetLogEventsOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + +const opGetLogGroupFields = "GetLogGroupFields" + +// GetLogGroupFieldsRequest generates a "aws/request.Request" representing the +// client's request for the GetLogGroupFields operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // -// See StopQuery for more information on using the StopQuery +// See GetLogGroupFields for more information on using the GetLogGroupFields // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // -// // Example sending a request using the StopQueryRequest method. -// req, resp := client.StopQueryRequest(params) +// // Example sending a request using the GetLogGroupFieldsRequest method. +// req, resp := client.GetLogGroupFieldsRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // -// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/StopQuery -func (c *CloudWatchLogs) StopQueryRequest(input *StopQueryInput) (req *request.Request, output *StopQueryOutput) { +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/GetLogGroupFields +func (c *CloudWatchLogs) GetLogGroupFieldsRequest(input *GetLogGroupFieldsInput) (req *request.Request, output *GetLogGroupFieldsOutput) { op := &request.Operation{ - Name: opStopQuery, + Name: opGetLogGroupFields, HTTPMethod: "POST", HTTPPath: "/", } if input == nil { - input = &StopQueryInput{} + input = &GetLogGroupFieldsInput{} } - output = &StopQueryOutput{} + output = &GetLogGroupFieldsOutput{} req = c.newRequest(op, input, output) return } -// StopQuery API operation for Amazon CloudWatch Logs. -// -// Stops a CloudWatch Logs Insights query that is in progress. If the query -// has already ended, the operation returns an error indicating that the specified -// query is not running. +// GetLogGroupFields API operation for Amazon CloudWatch Logs. // -// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// Returns a list of the fields that are included in log events in the specified +// log group. Includes the percentage of log events that contain each field. +// The search is limited to a time period that you specify. +// +// You can specify the log group to search by using either logGroupIdentifier +// or logGroupName. You must specify one of these parameters, but you can't +// specify both. +// +// In the results, fields that start with @ are fields generated by CloudWatch +// Logs. For example, @timestamp is the timestamp of each log event. For more +// information about the fields that are generated by CloudWatch logs, see Supported +// Logs and Discovered Fields (https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CWL_AnalyzeLogData-discoverable-fields.html). +// +// The response results are sorted by the frequency percentage, starting with +// the highest percentage. +// +// If you are using CloudWatch cross-account observability, you can use this +// operation in a monitoring account and view data from the linked source accounts. +// For more information, see CloudWatch cross-account observability (https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-Unified-Cross-Account.html). +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for Amazon CloudWatch Logs's -// API operation StopQuery for usage and error information. +// API operation GetLogGroupFields for usage and error information. // // Returned Error Types: // // - InvalidParameterException // A parameter is specified incorrectly. // +// - LimitExceededException +// You have reached the maximum number of resources that can be created. +// // - ResourceNotFoundException // The specified resource does not exist. // // - ServiceUnavailableException // The service cannot complete the request. // -// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/StopQuery -func (c *CloudWatchLogs) StopQuery(input *StopQueryInput) (*StopQueryOutput, error) { - req, out := c.StopQueryRequest(input) +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/GetLogGroupFields +func (c *CloudWatchLogs) GetLogGroupFields(input *GetLogGroupFieldsInput) (*GetLogGroupFieldsOutput, error) { + req, out := c.GetLogGroupFieldsRequest(input) return out, req.Send() } -// StopQueryWithContext is the same as StopQuery with the addition of +// GetLogGroupFieldsWithContext is the same as GetLogGroupFields with the addition of // the ability to pass a context and additional request options. // -// See StopQuery for details on how to use this API operation. +// See GetLogGroupFields for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. -func (c *CloudWatchLogs) StopQueryWithContext(ctx aws.Context, input *StopQueryInput, opts ...request.Option) (*StopQueryOutput, error) { - req, out := c.StopQueryRequest(input) +func (c *CloudWatchLogs) GetLogGroupFieldsWithContext(ctx aws.Context, input *GetLogGroupFieldsInput, opts ...request.Option) (*GetLogGroupFieldsOutput, error) { + req, out := c.GetLogGroupFieldsRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } -const opTagLogGroup = "TagLogGroup" +const opGetLogRecord = "GetLogRecord" -// TagLogGroupRequest generates a "aws/request.Request" representing the -// client's request for the TagLogGroup operation. The "output" return +// GetLogRecordRequest generates a "aws/request.Request" representing the +// client's request for the GetLogRecord operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // -// See TagLogGroup for more information on using the TagLogGroup +// See GetLogRecord for more information on using the GetLogRecord // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // -// // Example sending a request using the TagLogGroupRequest method. -// req, resp := client.TagLogGroupRequest(params) +// // Example sending a request using the GetLogRecordRequest method. +// req, resp := client.GetLogRecordRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // -// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/TagLogGroup -// -// Deprecated: Please use the generic tagging API TagResource -func (c *CloudWatchLogs) TagLogGroupRequest(input *TagLogGroupInput) (req *request.Request, output *TagLogGroupOutput) { - if c.Client.Config.Logger != nil { - c.Client.Config.Logger.Log("This operation, TagLogGroup, has been deprecated") - } +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/GetLogRecord +func (c *CloudWatchLogs) GetLogRecordRequest(input *GetLogRecordInput) (req *request.Request, output *GetLogRecordOutput) { op := &request.Operation{ - Name: opTagLogGroup, + Name: opGetLogRecord, HTTPMethod: "POST", HTTPPath: "/", } if input == nil { - input = &TagLogGroupInput{} + input = &GetLogRecordInput{} } - output = &TagLogGroupOutput{} + output = &GetLogRecordOutput{} req = c.newRequest(op, input, output) - req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) return } -// TagLogGroup API operation for Amazon CloudWatch Logs. -// -// The TagLogGroup operation is on the path to deprecation. We recommend that -// you use TagResource (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_TagResource.html) -// instead. -// -// Adds or updates the specified tags for the specified log group. -// -// To list the tags for a log group, use ListTagsForResource (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_ListTagsForResource.html). -// To remove tags, use UntagResource (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_UntagResource.html). +// GetLogRecord API operation for Amazon CloudWatch Logs. // -// For more information about tags, see Tag Log Groups in Amazon CloudWatch -// Logs (https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/Working-with-log-groups-and-streams.html#log-group-tagging) -// in the Amazon CloudWatch Logs User Guide. +// Retrieves all of the fields and values of a single log event. All fields +// are retrieved, even if the original query that produced the logRecordPointer +// retrieved only a subset of fields. Fields are returned as field name/field +// value pairs. // -// CloudWatch Logs doesn’t support IAM policies that prevent users from assigning -// specified tags to log groups using the aws:Resource/key-name or aws:TagKeys -// condition keys. For more information about using tags to control access, -// see Controlling access to Amazon Web Services resources using tags (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_tags.html). +// The full unparsed log event is returned within @message. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for Amazon CloudWatch Logs's -// API operation TagLogGroup for usage and error information. +// API operation GetLogRecord for usage and error information. // // Returned Error Types: // -// - ResourceNotFoundException -// The specified resource does not exist. -// // - InvalidParameterException // A parameter is specified incorrectly. // -// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/TagLogGroup +// - LimitExceededException +// You have reached the maximum number of resources that can be created. // -// Deprecated: Please use the generic tagging API TagResource -func (c *CloudWatchLogs) TagLogGroup(input *TagLogGroupInput) (*TagLogGroupOutput, error) { - req, out := c.TagLogGroupRequest(input) +// - ResourceNotFoundException +// The specified resource does not exist. +// +// - ServiceUnavailableException +// The service cannot complete the request. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/GetLogRecord +func (c *CloudWatchLogs) GetLogRecord(input *GetLogRecordInput) (*GetLogRecordOutput, error) { + req, out := c.GetLogRecordRequest(input) return out, req.Send() } -// TagLogGroupWithContext is the same as TagLogGroup with the addition of +// GetLogRecordWithContext is the same as GetLogRecord with the addition of // the ability to pass a context and additional request options. // -// See TagLogGroup for details on how to use this API operation. +// See GetLogRecord for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. -// -// Deprecated: Please use the generic tagging API TagResource -func (c *CloudWatchLogs) TagLogGroupWithContext(ctx aws.Context, input *TagLogGroupInput, opts ...request.Option) (*TagLogGroupOutput, error) { - req, out := c.TagLogGroupRequest(input) +func (c *CloudWatchLogs) GetLogRecordWithContext(ctx aws.Context, input *GetLogRecordInput, opts ...request.Option) (*GetLogRecordOutput, error) { + req, out := c.GetLogRecordRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } -const opTagResource = "TagResource" +const opGetQueryResults = "GetQueryResults" -// TagResourceRequest generates a "aws/request.Request" representing the -// client's request for the TagResource operation. The "output" return +// GetQueryResultsRequest generates a "aws/request.Request" representing the +// client's request for the GetQueryResults operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // -// See TagResource for more information on using the TagResource +// See GetQueryResults for more information on using the GetQueryResults // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // -// // Example sending a request using the TagResourceRequest method. -// req, resp := client.TagResourceRequest(params) +// // Example sending a request using the GetQueryResultsRequest method. +// req, resp := client.GetQueryResultsRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // -// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/TagResource -func (c *CloudWatchLogs) TagResourceRequest(input *TagResourceInput) (req *request.Request, output *TagResourceOutput) { +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/GetQueryResults +func (c *CloudWatchLogs) GetQueryResultsRequest(input *GetQueryResultsInput) (req *request.Request, output *GetQueryResultsOutput) { op := &request.Operation{ - Name: opTagResource, + Name: opGetQueryResults, HTTPMethod: "POST", HTTPPath: "/", } if input == nil { - input = &TagResourceInput{} + input = &GetQueryResultsInput{} } - output = &TagResourceOutput{} + output = &GetQueryResultsOutput{} req = c.newRequest(op, input, output) - req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) return } -// TagResource API operation for Amazon CloudWatch Logs. +// GetQueryResults API operation for Amazon CloudWatch Logs. // -// Assigns one or more tags (key-value pairs) to the specified CloudWatch Logs -// resource. Currently, the only CloudWatch Logs resources that can be tagged -// are log groups and destinations. +// Returns the results from the specified query. // -// Tags can help you organize and categorize your resources. You can also use -// them to scope user permissions by granting a user permission to access or -// change only resources with certain tag values. +// Only the fields requested in the query are returned, along with a @ptr field, +// which is the identifier for the log record. You can use the value of @ptr +// in a GetLogRecord (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_GetLogRecord.html) +// operation to get the full log record. // -// Tags don't have any semantic meaning to Amazon Web Services and are interpreted -// strictly as strings of characters. +// GetQueryResults does not start running a query. To run a query, use StartQuery +// (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_StartQuery.html). +// For more information about how long results of previous queries are available, +// see CloudWatch Logs quotas (https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/cloudwatch_limits_cwl.html). // -// You can use the TagResource action with a resource that already has tags. -// If you specify a new tag key for the alarm, this tag is appended to the list -// of tags associated with the alarm. If you specify a tag key that is already -// associated with the alarm, the new tag value that you specify replaces the -// previous value for that tag. +// If the value of the Status field in the output is Running, this operation +// returns only partial results. If you see a value of Scheduled or Running +// for the status, you can retry the operation later to see the final results. // -// You can associate as many as 50 tags with a CloudWatch Logs resource. +// If you are using CloudWatch cross-account observability, you can use this +// operation in a monitoring account to start queries in linked source accounts. +// For more information, see CloudWatch cross-account observability (https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-Unified-Cross-Account.html). // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for Amazon CloudWatch Logs's -// API operation TagResource for usage and error information. +// API operation GetQueryResults for usage and error information. // // Returned Error Types: // @@ -4756,266 +5105,374 @@ func (c *CloudWatchLogs) TagResourceRequest(input *TagResourceInput) (req *reque // - ServiceUnavailableException // The service cannot complete the request. // -// - TooManyTagsException -// A resource can have no more than 50 tags. -// -// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/TagResource -func (c *CloudWatchLogs) TagResource(input *TagResourceInput) (*TagResourceOutput, error) { - req, out := c.TagResourceRequest(input) +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/GetQueryResults +func (c *CloudWatchLogs) GetQueryResults(input *GetQueryResultsInput) (*GetQueryResultsOutput, error) { + req, out := c.GetQueryResultsRequest(input) return out, req.Send() } -// TagResourceWithContext is the same as TagResource with the addition of +// GetQueryResultsWithContext is the same as GetQueryResults with the addition of // the ability to pass a context and additional request options. // -// See TagResource for details on how to use this API operation. +// See GetQueryResults for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. -func (c *CloudWatchLogs) TagResourceWithContext(ctx aws.Context, input *TagResourceInput, opts ...request.Option) (*TagResourceOutput, error) { - req, out := c.TagResourceRequest(input) +func (c *CloudWatchLogs) GetQueryResultsWithContext(ctx aws.Context, input *GetQueryResultsInput, opts ...request.Option) (*GetQueryResultsOutput, error) { + req, out := c.GetQueryResultsRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } -const opTestMetricFilter = "TestMetricFilter" +const opListAnomalies = "ListAnomalies" -// TestMetricFilterRequest generates a "aws/request.Request" representing the -// client's request for the TestMetricFilter operation. The "output" return +// ListAnomaliesRequest generates a "aws/request.Request" representing the +// client's request for the ListAnomalies operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // -// See TestMetricFilter for more information on using the TestMetricFilter +// See ListAnomalies for more information on using the ListAnomalies // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // -// // Example sending a request using the TestMetricFilterRequest method. -// req, resp := client.TestMetricFilterRequest(params) +// // Example sending a request using the ListAnomaliesRequest method. +// req, resp := client.ListAnomaliesRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // -// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/TestMetricFilter -func (c *CloudWatchLogs) TestMetricFilterRequest(input *TestMetricFilterInput) (req *request.Request, output *TestMetricFilterOutput) { +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/ListAnomalies +func (c *CloudWatchLogs) ListAnomaliesRequest(input *ListAnomaliesInput) (req *request.Request, output *ListAnomaliesOutput) { op := &request.Operation{ - Name: opTestMetricFilter, + Name: opListAnomalies, HTTPMethod: "POST", HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"nextToken"}, + OutputTokens: []string{"nextToken"}, + LimitToken: "limit", + TruncationToken: "", + }, } if input == nil { - input = &TestMetricFilterInput{} + input = &ListAnomaliesInput{} } - output = &TestMetricFilterOutput{} + output = &ListAnomaliesOutput{} req = c.newRequest(op, input, output) return } -// TestMetricFilter API operation for Amazon CloudWatch Logs. +// ListAnomalies API operation for Amazon CloudWatch Logs. // -// Tests the filter pattern of a metric filter against a sample of log event -// messages. You can use this operation to validate the correctness of a metric -// filter pattern. +// Returns a list of anomalies that log anomaly detectors have found. For details +// about the structure format of each anomaly object that is returned, see the +// example in this section. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for Amazon CloudWatch Logs's -// API operation TestMetricFilter for usage and error information. +// API operation ListAnomalies for usage and error information. // // Returned Error Types: // // - InvalidParameterException // A parameter is specified incorrectly. // +// - ResourceNotFoundException +// The specified resource does not exist. +// // - ServiceUnavailableException // The service cannot complete the request. // -// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/TestMetricFilter -func (c *CloudWatchLogs) TestMetricFilter(input *TestMetricFilterInput) (*TestMetricFilterOutput, error) { - req, out := c.TestMetricFilterRequest(input) +// - OperationAbortedException +// Multiple concurrent requests to update the same resource were in conflict. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/ListAnomalies +func (c *CloudWatchLogs) ListAnomalies(input *ListAnomaliesInput) (*ListAnomaliesOutput, error) { + req, out := c.ListAnomaliesRequest(input) return out, req.Send() } -// TestMetricFilterWithContext is the same as TestMetricFilter with the addition of +// ListAnomaliesWithContext is the same as ListAnomalies with the addition of // the ability to pass a context and additional request options. // -// See TestMetricFilter for details on how to use this API operation. +// See ListAnomalies for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. -func (c *CloudWatchLogs) TestMetricFilterWithContext(ctx aws.Context, input *TestMetricFilterInput, opts ...request.Option) (*TestMetricFilterOutput, error) { - req, out := c.TestMetricFilterRequest(input) +func (c *CloudWatchLogs) ListAnomaliesWithContext(ctx aws.Context, input *ListAnomaliesInput, opts ...request.Option) (*ListAnomaliesOutput, error) { + req, out := c.ListAnomaliesRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } -const opUntagLogGroup = "UntagLogGroup" - -// UntagLogGroupRequest generates a "aws/request.Request" representing the -// client's request for the UntagLogGroup operation. The "output" return -// value will be populated with the request's response once the request completes -// successfully. -// -// Use "Send" method on the returned Request to send the API call to the service. -// the "output" return value is not valid until after Send returns without error. -// -// See UntagLogGroup for more information on using the UntagLogGroup -// API call, and error handling. +// ListAnomaliesPages iterates over the pages of a ListAnomalies operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. // -// This method is useful when you want to inject custom logic or configuration -// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// See ListAnomalies method for more information on how to use this operation. // -// // Example sending a request using the UntagLogGroupRequest method. -// req, resp := client.UntagLogGroupRequest(params) +// Note: This operation can generate multiple requests to a service. // -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } +// // Example iterating over at most 3 pages of a ListAnomalies operation. +// pageNum := 0 +// err := client.ListAnomaliesPages(params, +// func(page *cloudwatchlogs.ListAnomaliesOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +func (c *CloudWatchLogs) ListAnomaliesPages(input *ListAnomaliesInput, fn func(*ListAnomaliesOutput, bool) bool) error { + return c.ListAnomaliesPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// ListAnomaliesPagesWithContext same as ListAnomaliesPages except +// it takes a Context and allows setting request options on the pages. // -// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/UntagLogGroup -// -// Deprecated: Please use the generic tagging API UntagResource -func (c *CloudWatchLogs) UntagLogGroupRequest(input *UntagLogGroupInput) (req *request.Request, output *UntagLogGroupOutput) { - if c.Client.Config.Logger != nil { - c.Client.Config.Logger.Log("This operation, UntagLogGroup, has been deprecated") +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *CloudWatchLogs) ListAnomaliesPagesWithContext(ctx aws.Context, input *ListAnomaliesInput, fn func(*ListAnomaliesOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + EndPageOnSameToken: true, + NewRequest: func() (*request.Request, error) { + var inCpy *ListAnomaliesInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.ListAnomaliesRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*ListAnomaliesOutput), !p.HasNextPage()) { + break + } } + + return p.Err() +} + +const opListLogAnomalyDetectors = "ListLogAnomalyDetectors" + +// ListLogAnomalyDetectorsRequest generates a "aws/request.Request" representing the +// client's request for the ListLogAnomalyDetectors operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See ListLogAnomalyDetectors for more information on using the ListLogAnomalyDetectors +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the ListLogAnomalyDetectorsRequest method. +// req, resp := client.ListLogAnomalyDetectorsRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/ListLogAnomalyDetectors +func (c *CloudWatchLogs) ListLogAnomalyDetectorsRequest(input *ListLogAnomalyDetectorsInput) (req *request.Request, output *ListLogAnomalyDetectorsOutput) { op := &request.Operation{ - Name: opUntagLogGroup, + Name: opListLogAnomalyDetectors, HTTPMethod: "POST", HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"nextToken"}, + OutputTokens: []string{"nextToken"}, + LimitToken: "limit", + TruncationToken: "", + }, } if input == nil { - input = &UntagLogGroupInput{} + input = &ListLogAnomalyDetectorsInput{} } - output = &UntagLogGroupOutput{} + output = &ListLogAnomalyDetectorsOutput{} req = c.newRequest(op, input, output) - req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) return } -// UntagLogGroup API operation for Amazon CloudWatch Logs. -// -// The UntagLogGroup operation is on the path to deprecation. We recommend that -// you use UntagResource (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_UntagResource.html) -// instead. -// -// Removes the specified tags from the specified log group. +// ListLogAnomalyDetectors API operation for Amazon CloudWatch Logs. // -// To list the tags for a log group, use ListTagsForResource (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_ListTagsForResource.html). -// To add tags, use TagResource (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_TagResource.html). -// -// CloudWatch Logs doesn’t support IAM policies that prevent users from assigning -// specified tags to log groups using the aws:Resource/key-name or aws:TagKeys -// condition keys. +// Retrieves a list of the log anomaly detectors in the account. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for Amazon CloudWatch Logs's -// API operation UntagLogGroup for usage and error information. +// API operation ListLogAnomalyDetectors for usage and error information. // // Returned Error Types: +// +// - InvalidParameterException +// A parameter is specified incorrectly. +// // - ResourceNotFoundException // The specified resource does not exist. // -// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/UntagLogGroup +// - ServiceUnavailableException +// The service cannot complete the request. // -// Deprecated: Please use the generic tagging API UntagResource -func (c *CloudWatchLogs) UntagLogGroup(input *UntagLogGroupInput) (*UntagLogGroupOutput, error) { - req, out := c.UntagLogGroupRequest(input) +// - OperationAbortedException +// Multiple concurrent requests to update the same resource were in conflict. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/ListLogAnomalyDetectors +func (c *CloudWatchLogs) ListLogAnomalyDetectors(input *ListLogAnomalyDetectorsInput) (*ListLogAnomalyDetectorsOutput, error) { + req, out := c.ListLogAnomalyDetectorsRequest(input) return out, req.Send() } -// UntagLogGroupWithContext is the same as UntagLogGroup with the addition of +// ListLogAnomalyDetectorsWithContext is the same as ListLogAnomalyDetectors with the addition of // the ability to pass a context and additional request options. // -// See UntagLogGroup for details on how to use this API operation. +// See ListLogAnomalyDetectors for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. -// -// Deprecated: Please use the generic tagging API UntagResource -func (c *CloudWatchLogs) UntagLogGroupWithContext(ctx aws.Context, input *UntagLogGroupInput, opts ...request.Option) (*UntagLogGroupOutput, error) { - req, out := c.UntagLogGroupRequest(input) +func (c *CloudWatchLogs) ListLogAnomalyDetectorsWithContext(ctx aws.Context, input *ListLogAnomalyDetectorsInput, opts ...request.Option) (*ListLogAnomalyDetectorsOutput, error) { + req, out := c.ListLogAnomalyDetectorsRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } -const opUntagResource = "UntagResource" +// ListLogAnomalyDetectorsPages iterates over the pages of a ListLogAnomalyDetectors operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See ListLogAnomalyDetectors method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a ListLogAnomalyDetectors operation. +// pageNum := 0 +// err := client.ListLogAnomalyDetectorsPages(params, +// func(page *cloudwatchlogs.ListLogAnomalyDetectorsOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +func (c *CloudWatchLogs) ListLogAnomalyDetectorsPages(input *ListLogAnomalyDetectorsInput, fn func(*ListLogAnomalyDetectorsOutput, bool) bool) error { + return c.ListLogAnomalyDetectorsPagesWithContext(aws.BackgroundContext(), input, fn) +} -// UntagResourceRequest generates a "aws/request.Request" representing the -// client's request for the UntagResource operation. The "output" return +// ListLogAnomalyDetectorsPagesWithContext same as ListLogAnomalyDetectorsPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *CloudWatchLogs) ListLogAnomalyDetectorsPagesWithContext(ctx aws.Context, input *ListLogAnomalyDetectorsInput, fn func(*ListLogAnomalyDetectorsOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + EndPageOnSameToken: true, + NewRequest: func() (*request.Request, error) { + var inCpy *ListLogAnomalyDetectorsInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.ListLogAnomalyDetectorsRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*ListLogAnomalyDetectorsOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + +const opListTagsForResource = "ListTagsForResource" + +// ListTagsForResourceRequest generates a "aws/request.Request" representing the +// client's request for the ListTagsForResource operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // -// See UntagResource for more information on using the UntagResource +// See ListTagsForResource for more information on using the ListTagsForResource // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // -// // Example sending a request using the UntagResourceRequest method. -// req, resp := client.UntagResourceRequest(params) +// // Example sending a request using the ListTagsForResourceRequest method. +// req, resp := client.ListTagsForResourceRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // -// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/UntagResource -func (c *CloudWatchLogs) UntagResourceRequest(input *UntagResourceInput) (req *request.Request, output *UntagResourceOutput) { +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/ListTagsForResource +func (c *CloudWatchLogs) ListTagsForResourceRequest(input *ListTagsForResourceInput) (req *request.Request, output *ListTagsForResourceOutput) { op := &request.Operation{ - Name: opUntagResource, + Name: opListTagsForResource, HTTPMethod: "POST", HTTPPath: "/", } if input == nil { - input = &UntagResourceInput{} + input = &ListTagsForResourceInput{} } - output = &UntagResourceOutput{} + output = &ListTagsForResourceOutput{} req = c.newRequest(op, input, output) - req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) return } -// UntagResource API operation for Amazon CloudWatch Logs. +// ListTagsForResource API operation for Amazon CloudWatch Logs. // -// Removes one or more tags from the specified resource. +// Displays the tags associated with a CloudWatch Logs resource. Currently, +// log groups and destinations support tagging. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for Amazon CloudWatch Logs's -// API operation UntagResource for usage and error information. +// API operation ListTagsForResource for usage and error information. // // Returned Error Types: // @@ -5028,96 +5485,6897 @@ func (c *CloudWatchLogs) UntagResourceRequest(input *UntagResourceInput) (req *r // - ServiceUnavailableException // The service cannot complete the request. // -// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/UntagResource -func (c *CloudWatchLogs) UntagResource(input *UntagResourceInput) (*UntagResourceOutput, error) { - req, out := c.UntagResourceRequest(input) +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/ListTagsForResource +func (c *CloudWatchLogs) ListTagsForResource(input *ListTagsForResourceInput) (*ListTagsForResourceOutput, error) { + req, out := c.ListTagsForResourceRequest(input) return out, req.Send() } -// UntagResourceWithContext is the same as UntagResource with the addition of +// ListTagsForResourceWithContext is the same as ListTagsForResource with the addition of // the ability to pass a context and additional request options. // -// See UntagResource for details on how to use this API operation. +// See ListTagsForResource for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. -func (c *CloudWatchLogs) UntagResourceWithContext(ctx aws.Context, input *UntagResourceInput, opts ...request.Option) (*UntagResourceOutput, error) { - req, out := c.UntagResourceRequest(input) +func (c *CloudWatchLogs) ListTagsForResourceWithContext(ctx aws.Context, input *ListTagsForResourceInput, opts ...request.Option) (*ListTagsForResourceOutput, error) { + req, out := c.ListTagsForResourceRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } -type AssociateKmsKeyInput struct { - _ struct{} `type:"structure"` - - // The Amazon Resource Name (ARN) of the KMS key to use when encrypting log - // data. This must be a symmetric KMS key. For more information, see Amazon - // Resource Names (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html#arn-syntax-kms) - // and Using Symmetric and Asymmetric Keys (https://docs.aws.amazon.com/kms/latest/developerguide/symmetric-asymmetric.html). - // - // KmsKeyId is a required field - KmsKeyId *string `locationName:"kmsKeyId" type:"string" required:"true"` - - // The name of the log group. - // - // LogGroupName is a required field - LogGroupName *string `locationName:"logGroupName" min:"1" type:"string" required:"true"` -} +const opListTagsLogGroup = "ListTagsLogGroup" -// String returns the string representation. +// ListTagsLogGroupRequest generates a "aws/request.Request" representing the +// client's request for the ListTagsLogGroup operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. // -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s AssociateKmsKeyInput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. // -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s AssociateKmsKeyInput) GoString() string { - return s.String() -} - -// Validate inspects the fields of the type to determine if they are valid. -func (s *AssociateKmsKeyInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "AssociateKmsKeyInput"} - if s.KmsKeyId == nil { - invalidParams.Add(request.NewErrParamRequired("KmsKeyId")) - } - if s.LogGroupName == nil { - invalidParams.Add(request.NewErrParamRequired("LogGroupName")) +// See ListTagsLogGroup for more information on using the ListTagsLogGroup +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the ListTagsLogGroupRequest method. +// req, resp := client.ListTagsLogGroupRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/ListTagsLogGroup +// +// Deprecated: Please use the generic tagging API ListTagsForResource +func (c *CloudWatchLogs) ListTagsLogGroupRequest(input *ListTagsLogGroupInput) (req *request.Request, output *ListTagsLogGroupOutput) { + if c.Client.Config.Logger != nil { + c.Client.Config.Logger.Log("This operation, ListTagsLogGroup, has been deprecated") } - if s.LogGroupName != nil && len(*s.LogGroupName) < 1 { - invalidParams.Add(request.NewErrParamMinLen("LogGroupName", 1)) + op := &request.Operation{ + Name: opListTagsLogGroup, + HTTPMethod: "POST", + HTTPPath: "/", } - if invalidParams.Len() > 0 { - return invalidParams + if input == nil { + input = &ListTagsLogGroupInput{} } - return nil + + output = &ListTagsLogGroupOutput{} + req = c.newRequest(op, input, output) + return +} + +// ListTagsLogGroup API operation for Amazon CloudWatch Logs. +// +// The ListTagsLogGroup operation is on the path to deprecation. We recommend +// that you use ListTagsForResource (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_ListTagsForResource.html) +// instead. +// +// Lists the tags for the specified log group. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon CloudWatch Logs's +// API operation ListTagsLogGroup for usage and error information. +// +// Returned Error Types: +// +// - ResourceNotFoundException +// The specified resource does not exist. +// +// - ServiceUnavailableException +// The service cannot complete the request. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/ListTagsLogGroup +// +// Deprecated: Please use the generic tagging API ListTagsForResource +func (c *CloudWatchLogs) ListTagsLogGroup(input *ListTagsLogGroupInput) (*ListTagsLogGroupOutput, error) { + req, out := c.ListTagsLogGroupRequest(input) + return out, req.Send() +} + +// ListTagsLogGroupWithContext is the same as ListTagsLogGroup with the addition of +// the ability to pass a context and additional request options. +// +// See ListTagsLogGroup for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +// +// Deprecated: Please use the generic tagging API ListTagsForResource +func (c *CloudWatchLogs) ListTagsLogGroupWithContext(ctx aws.Context, input *ListTagsLogGroupInput, opts ...request.Option) (*ListTagsLogGroupOutput, error) { + req, out := c.ListTagsLogGroupRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opPutAccountPolicy = "PutAccountPolicy" + +// PutAccountPolicyRequest generates a "aws/request.Request" representing the +// client's request for the PutAccountPolicy operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See PutAccountPolicy for more information on using the PutAccountPolicy +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the PutAccountPolicyRequest method. +// req, resp := client.PutAccountPolicyRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/PutAccountPolicy +func (c *CloudWatchLogs) PutAccountPolicyRequest(input *PutAccountPolicyInput) (req *request.Request, output *PutAccountPolicyOutput) { + op := &request.Operation{ + Name: opPutAccountPolicy, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &PutAccountPolicyInput{} + } + + output = &PutAccountPolicyOutput{} + req = c.newRequest(op, input, output) + return +} + +// PutAccountPolicy API operation for Amazon CloudWatch Logs. +// +// Creates an account-level data protection policy or subscription filter policy +// that applies to all log groups or a subset of log groups in the account. +// +// # Data protection policy +// +// A data protection policy can help safeguard sensitive data that's ingested +// by your log groups by auditing and masking the sensitive log data. Each account +// can have only one account-level data protection policy. +// +// Sensitive data is detected and masked when it is ingested into a log group. +// When you set a data protection policy, log events ingested into the log groups +// before that time are not masked. +// +// If you use PutAccountPolicy to create a data protection policy for your whole +// account, it applies to both existing log groups and all log groups that are +// created later in this account. The account-level policy is applied to existing +// log groups with eventual consistency. It might take up to 5 minutes before +// sensitive data in existing log groups begins to be masked. +// +// By default, when a user views a log event that includes masked data, the +// sensitive data is replaced by asterisks. A user who has the logs:Unmask permission +// can use a GetLogEvents (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_GetLogEvents.html) +// or FilterLogEvents (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_FilterLogEvents.html) +// operation with the unmask parameter set to true to view the unmasked log +// events. Users with the logs:Unmask can also view unmasked data in the CloudWatch +// Logs console by running a CloudWatch Logs Insights query with the unmask +// query command. +// +// For more information, including a list of types of data that can be audited +// and masked, see Protect sensitive log data with masking (https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/mask-sensitive-log-data.html). +// +// To use the PutAccountPolicy operation for a data protection policy, you must +// be signed on with the logs:PutDataProtectionPolicy and logs:PutAccountPolicy +// permissions. +// +// The PutAccountPolicy operation applies to all log groups in the account. +// You can use PutDataProtectionPolicy (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutDataProtectionPolicy.html) +// to create a data protection policy that applies to just one log group. If +// a log group has its own data protection policy and the account also has an +// account-level data protection policy, then the two policies are cumulative. +// Any sensitive term specified in either policy is masked. +// +// # Subscription filter policy +// +// A subscription filter policy sets up a real-time feed of log events from +// CloudWatch Logs to other Amazon Web Services services. Account-level subscription +// filter policies apply to both existing log groups and log groups that are +// created later in this account. Supported destinations are Kinesis Data Streams, +// Firehose, and Lambda. When log events are sent to the receiving service, +// they are Base64 encoded and compressed with the GZIP format. +// +// The following destinations are supported for subscription filters: +// +// - An Kinesis Data Streams data stream in the same account as the subscription +// policy, for same-account delivery. +// +// - An Firehose data stream in the same account as the subscription policy, +// for same-account delivery. +// +// - A Lambda function in the same account as the subscription policy, for +// same-account delivery. +// +// - A logical destination in a different account created with PutDestination +// (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutDestination.html), +// for cross-account delivery. Kinesis Data Streams and Firehose are supported +// as logical destinations. +// +// Each account can have one account-level subscription filter policy. If you +// are updating an existing filter, you must specify the correct name in PolicyName. +// To perform a PutAccountPolicy subscription filter operation for any destination +// except a Lambda function, you must also have the iam:PassRole permission. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon CloudWatch Logs's +// API operation PutAccountPolicy for usage and error information. +// +// Returned Error Types: +// +// - InvalidParameterException +// A parameter is specified incorrectly. +// +// - OperationAbortedException +// Multiple concurrent requests to update the same resource were in conflict. +// +// - ServiceUnavailableException +// The service cannot complete the request. +// +// - LimitExceededException +// You have reached the maximum number of resources that can be created. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/PutAccountPolicy +func (c *CloudWatchLogs) PutAccountPolicy(input *PutAccountPolicyInput) (*PutAccountPolicyOutput, error) { + req, out := c.PutAccountPolicyRequest(input) + return out, req.Send() +} + +// PutAccountPolicyWithContext is the same as PutAccountPolicy with the addition of +// the ability to pass a context and additional request options. +// +// See PutAccountPolicy for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *CloudWatchLogs) PutAccountPolicyWithContext(ctx aws.Context, input *PutAccountPolicyInput, opts ...request.Option) (*PutAccountPolicyOutput, error) { + req, out := c.PutAccountPolicyRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opPutDataProtectionPolicy = "PutDataProtectionPolicy" + +// PutDataProtectionPolicyRequest generates a "aws/request.Request" representing the +// client's request for the PutDataProtectionPolicy operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See PutDataProtectionPolicy for more information on using the PutDataProtectionPolicy +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the PutDataProtectionPolicyRequest method. +// req, resp := client.PutDataProtectionPolicyRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/PutDataProtectionPolicy +func (c *CloudWatchLogs) PutDataProtectionPolicyRequest(input *PutDataProtectionPolicyInput) (req *request.Request, output *PutDataProtectionPolicyOutput) { + op := &request.Operation{ + Name: opPutDataProtectionPolicy, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &PutDataProtectionPolicyInput{} + } + + output = &PutDataProtectionPolicyOutput{} + req = c.newRequest(op, input, output) + return +} + +// PutDataProtectionPolicy API operation for Amazon CloudWatch Logs. +// +// Creates a data protection policy for the specified log group. A data protection +// policy can help safeguard sensitive data that's ingested by the log group +// by auditing and masking the sensitive log data. +// +// Sensitive data is detected and masked when it is ingested into the log group. +// When you set a data protection policy, log events ingested into the log group +// before that time are not masked. +// +// By default, when a user views a log event that includes masked data, the +// sensitive data is replaced by asterisks. A user who has the logs:Unmask permission +// can use a GetLogEvents (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_GetLogEvents.html) +// or FilterLogEvents (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_FilterLogEvents.html) +// operation with the unmask parameter set to true to view the unmasked log +// events. Users with the logs:Unmask can also view unmasked data in the CloudWatch +// Logs console by running a CloudWatch Logs Insights query with the unmask +// query command. +// +// For more information, including a list of types of data that can be audited +// and masked, see Protect sensitive log data with masking (https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/mask-sensitive-log-data.html). +// +// The PutDataProtectionPolicy operation applies to only the specified log group. +// You can also use PutAccountPolicy (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutAccountPolicy.html) +// to create an account-level data protection policy that applies to all log +// groups in the account, including both existing log groups and log groups +// that are created level. If a log group has its own data protection policy +// and the account also has an account-level data protection policy, then the +// two policies are cumulative. Any sensitive term specified in either policy +// is masked. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon CloudWatch Logs's +// API operation PutDataProtectionPolicy for usage and error information. +// +// Returned Error Types: +// +// - InvalidParameterException +// A parameter is specified incorrectly. +// +// - LimitExceededException +// You have reached the maximum number of resources that can be created. +// +// - OperationAbortedException +// Multiple concurrent requests to update the same resource were in conflict. +// +// - ResourceNotFoundException +// The specified resource does not exist. +// +// - ServiceUnavailableException +// The service cannot complete the request. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/PutDataProtectionPolicy +func (c *CloudWatchLogs) PutDataProtectionPolicy(input *PutDataProtectionPolicyInput) (*PutDataProtectionPolicyOutput, error) { + req, out := c.PutDataProtectionPolicyRequest(input) + return out, req.Send() +} + +// PutDataProtectionPolicyWithContext is the same as PutDataProtectionPolicy with the addition of +// the ability to pass a context and additional request options. +// +// See PutDataProtectionPolicy for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *CloudWatchLogs) PutDataProtectionPolicyWithContext(ctx aws.Context, input *PutDataProtectionPolicyInput, opts ...request.Option) (*PutDataProtectionPolicyOutput, error) { + req, out := c.PutDataProtectionPolicyRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opPutDeliveryDestination = "PutDeliveryDestination" + +// PutDeliveryDestinationRequest generates a "aws/request.Request" representing the +// client's request for the PutDeliveryDestination operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See PutDeliveryDestination for more information on using the PutDeliveryDestination +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the PutDeliveryDestinationRequest method. +// req, resp := client.PutDeliveryDestinationRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/PutDeliveryDestination +func (c *CloudWatchLogs) PutDeliveryDestinationRequest(input *PutDeliveryDestinationInput) (req *request.Request, output *PutDeliveryDestinationOutput) { + op := &request.Operation{ + Name: opPutDeliveryDestination, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &PutDeliveryDestinationInput{} + } + + output = &PutDeliveryDestinationOutput{} + req = c.newRequest(op, input, output) + return +} + +// PutDeliveryDestination API operation for Amazon CloudWatch Logs. +// +// Creates or updates a logical delivery destination. A delivery destination +// is an Amazon Web Services resource that represents an Amazon Web Services +// service that logs can be sent to. CloudWatch Logs, Amazon S3, and Firehose +// are supported as logs delivery destinations. +// +// To configure logs delivery between a supported Amazon Web Services service +// and a destination, you must do the following: +// +// - Create a delivery source, which is a logical object that represents +// the resource that is actually sending the logs. For more information, +// see PutDeliverySource (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutDeliverySource.html). +// +// - Use PutDeliveryDestination to create a delivery destination, which is +// a logical object that represents the actual delivery destination. +// +// - If you are delivering logs cross-account, you must use PutDeliveryDestinationPolicy +// (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutDeliveryDestinationPolicy.html) +// in the destination account to assign an IAM policy to the destination. +// This policy allows delivery to that destination. +// +// - Use CreateDelivery to create a delivery by pairing exactly one delivery +// source and one delivery destination. For more information, see CreateDelivery +// (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_CreateDelivery.html). +// +// You can configure a single delivery source to send logs to multiple destinations +// by creating multiple deliveries. You can also create multiple deliveries +// to configure multiple delivery sources to send logs to the same delivery +// destination. +// +// Only some Amazon Web Services services support being configured as a delivery +// source. These services are listed as Supported [V2 Permissions] in the table +// at Enabling logging from Amazon Web Services services. (https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/AWS-logs-and-resource-policy.html) +// +// If you use this operation to update an existing delivery destination, all +// the current delivery destination parameters are overwritten with the new +// parameter values that you specify. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon CloudWatch Logs's +// API operation PutDeliveryDestination for usage and error information. +// +// Returned Error Types: +// +// - ServiceUnavailableException +// The service cannot complete the request. +// +// - ConflictException +// This operation attempted to create a resource that already exists. +// +// - ValidationException +// One of the parameters for the request is not valid. +// +// - ServiceQuotaExceededException +// This request exceeds a service quota. +// +// - ThrottlingException +// The request was throttled because of quota limits. +// +// - ResourceNotFoundException +// The specified resource does not exist. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/PutDeliveryDestination +func (c *CloudWatchLogs) PutDeliveryDestination(input *PutDeliveryDestinationInput) (*PutDeliveryDestinationOutput, error) { + req, out := c.PutDeliveryDestinationRequest(input) + return out, req.Send() +} + +// PutDeliveryDestinationWithContext is the same as PutDeliveryDestination with the addition of +// the ability to pass a context and additional request options. +// +// See PutDeliveryDestination for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *CloudWatchLogs) PutDeliveryDestinationWithContext(ctx aws.Context, input *PutDeliveryDestinationInput, opts ...request.Option) (*PutDeliveryDestinationOutput, error) { + req, out := c.PutDeliveryDestinationRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opPutDeliveryDestinationPolicy = "PutDeliveryDestinationPolicy" + +// PutDeliveryDestinationPolicyRequest generates a "aws/request.Request" representing the +// client's request for the PutDeliveryDestinationPolicy operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See PutDeliveryDestinationPolicy for more information on using the PutDeliveryDestinationPolicy +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the PutDeliveryDestinationPolicyRequest method. +// req, resp := client.PutDeliveryDestinationPolicyRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/PutDeliveryDestinationPolicy +func (c *CloudWatchLogs) PutDeliveryDestinationPolicyRequest(input *PutDeliveryDestinationPolicyInput) (req *request.Request, output *PutDeliveryDestinationPolicyOutput) { + op := &request.Operation{ + Name: opPutDeliveryDestinationPolicy, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &PutDeliveryDestinationPolicyInput{} + } + + output = &PutDeliveryDestinationPolicyOutput{} + req = c.newRequest(op, input, output) + return +} + +// PutDeliveryDestinationPolicy API operation for Amazon CloudWatch Logs. +// +// Creates and assigns an IAM policy that grants permissions to CloudWatch Logs +// to deliver logs cross-account to a specified destination in this account. +// To configure the delivery of logs from an Amazon Web Services service in +// another account to a logs delivery destination in the current account, you +// must do the following: +// +// - Create a delivery source, which is a logical object that represents +// the resource that is actually sending the logs. For more information, +// see PutDeliverySource (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutDeliverySource.html). +// +// - Create a delivery destination, which is a logical object that represents +// the actual delivery destination. For more information, see PutDeliveryDestination +// (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutDeliveryDestination.html). +// +// - Use this operation in the destination account to assign an IAM policy +// to the destination. This policy allows delivery to that destination. +// +// - Create a delivery by pairing exactly one delivery source and one delivery +// destination. For more information, see CreateDelivery (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_CreateDelivery.html). +// +// Only some Amazon Web Services services support being configured as a delivery +// source. These services are listed as Supported [V2 Permissions] in the table +// at Enabling logging from Amazon Web Services services. (https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/AWS-logs-and-resource-policy.html) +// +// The contents of the policy must include two statements. One statement enables +// general logs delivery, and the other allows delivery to the chosen destination. +// See the examples for the needed policies. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon CloudWatch Logs's +// API operation PutDeliveryDestinationPolicy for usage and error information. +// +// Returned Error Types: +// +// - ServiceUnavailableException +// The service cannot complete the request. +// +// - ValidationException +// One of the parameters for the request is not valid. +// +// - ResourceNotFoundException +// The specified resource does not exist. +// +// - ConflictException +// This operation attempted to create a resource that already exists. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/PutDeliveryDestinationPolicy +func (c *CloudWatchLogs) PutDeliveryDestinationPolicy(input *PutDeliveryDestinationPolicyInput) (*PutDeliveryDestinationPolicyOutput, error) { + req, out := c.PutDeliveryDestinationPolicyRequest(input) + return out, req.Send() +} + +// PutDeliveryDestinationPolicyWithContext is the same as PutDeliveryDestinationPolicy with the addition of +// the ability to pass a context and additional request options. +// +// See PutDeliveryDestinationPolicy for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *CloudWatchLogs) PutDeliveryDestinationPolicyWithContext(ctx aws.Context, input *PutDeliveryDestinationPolicyInput, opts ...request.Option) (*PutDeliveryDestinationPolicyOutput, error) { + req, out := c.PutDeliveryDestinationPolicyRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opPutDeliverySource = "PutDeliverySource" + +// PutDeliverySourceRequest generates a "aws/request.Request" representing the +// client's request for the PutDeliverySource operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See PutDeliverySource for more information on using the PutDeliverySource +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the PutDeliverySourceRequest method. +// req, resp := client.PutDeliverySourceRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/PutDeliverySource +func (c *CloudWatchLogs) PutDeliverySourceRequest(input *PutDeliverySourceInput) (req *request.Request, output *PutDeliverySourceOutput) { + op := &request.Operation{ + Name: opPutDeliverySource, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &PutDeliverySourceInput{} + } + + output = &PutDeliverySourceOutput{} + req = c.newRequest(op, input, output) + return +} + +// PutDeliverySource API operation for Amazon CloudWatch Logs. +// +// Creates or updates a logical delivery source. A delivery source represents +// an Amazon Web Services resource that sends logs to an logs delivery destination. +// The destination can be CloudWatch Logs, Amazon S3, or Firehose. +// +// To configure logs delivery between a delivery destination and an Amazon Web +// Services service that is supported as a delivery source, you must do the +// following: +// +// - Use PutDeliverySource to create a delivery source, which is a logical +// object that represents the resource that is actually sending the logs. +// +// - Use PutDeliveryDestination to create a delivery destination, which is +// a logical object that represents the actual delivery destination. For +// more information, see PutDeliveryDestination (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutDeliveryDestination.html). +// +// - If you are delivering logs cross-account, you must use PutDeliveryDestinationPolicy +// (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutDeliveryDestinationPolicy.html) +// in the destination account to assign an IAM policy to the destination. +// This policy allows delivery to that destination. +// +// - Use CreateDelivery to create a delivery by pairing exactly one delivery +// source and one delivery destination. For more information, see CreateDelivery +// (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_CreateDelivery.html). +// +// You can configure a single delivery source to send logs to multiple destinations +// by creating multiple deliveries. You can also create multiple deliveries +// to configure multiple delivery sources to send logs to the same delivery +// destination. +// +// Only some Amazon Web Services services support being configured as a delivery +// source. These services are listed as Supported [V2 Permissions] in the table +// at Enabling logging from Amazon Web Services services. (https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/AWS-logs-and-resource-policy.html) +// +// If you use this operation to update an existing delivery source, all the +// current delivery source parameters are overwritten with the new parameter +// values that you specify. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon CloudWatch Logs's +// API operation PutDeliverySource for usage and error information. +// +// Returned Error Types: +// +// - ServiceUnavailableException +// The service cannot complete the request. +// +// - ConflictException +// This operation attempted to create a resource that already exists. +// +// - ValidationException +// One of the parameters for the request is not valid. +// +// - ServiceQuotaExceededException +// This request exceeds a service quota. +// +// - ResourceNotFoundException +// The specified resource does not exist. +// +// - ThrottlingException +// The request was throttled because of quota limits. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/PutDeliverySource +func (c *CloudWatchLogs) PutDeliverySource(input *PutDeliverySourceInput) (*PutDeliverySourceOutput, error) { + req, out := c.PutDeliverySourceRequest(input) + return out, req.Send() +} + +// PutDeliverySourceWithContext is the same as PutDeliverySource with the addition of +// the ability to pass a context and additional request options. +// +// See PutDeliverySource for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *CloudWatchLogs) PutDeliverySourceWithContext(ctx aws.Context, input *PutDeliverySourceInput, opts ...request.Option) (*PutDeliverySourceOutput, error) { + req, out := c.PutDeliverySourceRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opPutDestination = "PutDestination" + +// PutDestinationRequest generates a "aws/request.Request" representing the +// client's request for the PutDestination operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See PutDestination for more information on using the PutDestination +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the PutDestinationRequest method. +// req, resp := client.PutDestinationRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/PutDestination +func (c *CloudWatchLogs) PutDestinationRequest(input *PutDestinationInput) (req *request.Request, output *PutDestinationOutput) { + op := &request.Operation{ + Name: opPutDestination, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &PutDestinationInput{} + } + + output = &PutDestinationOutput{} + req = c.newRequest(op, input, output) + return +} + +// PutDestination API operation for Amazon CloudWatch Logs. +// +// Creates or updates a destination. This operation is used only to create destinations +// for cross-account subscriptions. +// +// A destination encapsulates a physical resource (such as an Amazon Kinesis +// stream). With a destination, you can subscribe to a real-time stream of log +// events for a different account, ingested using PutLogEvents (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutLogEvents.html). +// +// Through an access policy, a destination controls what is written to it. By +// default, PutDestination does not set any access policy with the destination, +// which means a cross-account user cannot call PutSubscriptionFilter (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutSubscriptionFilter.html) +// against this destination. To enable this, the destination owner must call +// PutDestinationPolicy (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutDestinationPolicy.html) +// after PutDestination. +// +// To perform a PutDestination operation, you must also have the iam:PassRole +// permission. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon CloudWatch Logs's +// API operation PutDestination for usage and error information. +// +// Returned Error Types: +// +// - InvalidParameterException +// A parameter is specified incorrectly. +// +// - OperationAbortedException +// Multiple concurrent requests to update the same resource were in conflict. +// +// - ServiceUnavailableException +// The service cannot complete the request. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/PutDestination +func (c *CloudWatchLogs) PutDestination(input *PutDestinationInput) (*PutDestinationOutput, error) { + req, out := c.PutDestinationRequest(input) + return out, req.Send() +} + +// PutDestinationWithContext is the same as PutDestination with the addition of +// the ability to pass a context and additional request options. +// +// See PutDestination for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *CloudWatchLogs) PutDestinationWithContext(ctx aws.Context, input *PutDestinationInput, opts ...request.Option) (*PutDestinationOutput, error) { + req, out := c.PutDestinationRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opPutDestinationPolicy = "PutDestinationPolicy" + +// PutDestinationPolicyRequest generates a "aws/request.Request" representing the +// client's request for the PutDestinationPolicy operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See PutDestinationPolicy for more information on using the PutDestinationPolicy +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the PutDestinationPolicyRequest method. +// req, resp := client.PutDestinationPolicyRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/PutDestinationPolicy +func (c *CloudWatchLogs) PutDestinationPolicyRequest(input *PutDestinationPolicyInput) (req *request.Request, output *PutDestinationPolicyOutput) { + op := &request.Operation{ + Name: opPutDestinationPolicy, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &PutDestinationPolicyInput{} + } + + output = &PutDestinationPolicyOutput{} + req = c.newRequest(op, input, output) + req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) + return +} + +// PutDestinationPolicy API operation for Amazon CloudWatch Logs. +// +// Creates or updates an access policy associated with an existing destination. +// An access policy is an IAM policy document (https://docs.aws.amazon.com/IAM/latest/UserGuide/policies_overview.html) +// that is used to authorize claims to register a subscription filter against +// a given destination. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon CloudWatch Logs's +// API operation PutDestinationPolicy for usage and error information. +// +// Returned Error Types: +// +// - InvalidParameterException +// A parameter is specified incorrectly. +// +// - OperationAbortedException +// Multiple concurrent requests to update the same resource were in conflict. +// +// - ServiceUnavailableException +// The service cannot complete the request. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/PutDestinationPolicy +func (c *CloudWatchLogs) PutDestinationPolicy(input *PutDestinationPolicyInput) (*PutDestinationPolicyOutput, error) { + req, out := c.PutDestinationPolicyRequest(input) + return out, req.Send() +} + +// PutDestinationPolicyWithContext is the same as PutDestinationPolicy with the addition of +// the ability to pass a context and additional request options. +// +// See PutDestinationPolicy for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *CloudWatchLogs) PutDestinationPolicyWithContext(ctx aws.Context, input *PutDestinationPolicyInput, opts ...request.Option) (*PutDestinationPolicyOutput, error) { + req, out := c.PutDestinationPolicyRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opPutLogEvents = "PutLogEvents" + +// PutLogEventsRequest generates a "aws/request.Request" representing the +// client's request for the PutLogEvents operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See PutLogEvents for more information on using the PutLogEvents +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the PutLogEventsRequest method. +// req, resp := client.PutLogEventsRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/PutLogEvents +func (c *CloudWatchLogs) PutLogEventsRequest(input *PutLogEventsInput) (req *request.Request, output *PutLogEventsOutput) { + op := &request.Operation{ + Name: opPutLogEvents, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &PutLogEventsInput{} + } + + output = &PutLogEventsOutput{} + req = c.newRequest(op, input, output) + return +} + +// PutLogEvents API operation for Amazon CloudWatch Logs. +// +// Uploads a batch of log events to the specified log stream. +// +// The sequence token is now ignored in PutLogEvents actions. PutLogEvents actions +// are always accepted and never return InvalidSequenceTokenException or DataAlreadyAcceptedException +// even if the sequence token is not valid. You can use parallel PutLogEvents +// actions on the same log stream. +// +// The batch of events must satisfy the following constraints: +// +// - The maximum batch size is 1,048,576 bytes. This size is calculated as +// the sum of all event messages in UTF-8, plus 26 bytes for each log event. +// +// - None of the log events in the batch can be more than 2 hours in the +// future. +// +// - None of the log events in the batch can be more than 14 days in the +// past. Also, none of the log events can be from earlier than the retention +// period of the log group. +// +// - The log events in the batch must be in chronological order by their +// timestamp. The timestamp is the time that the event occurred, expressed +// as the number of milliseconds after Jan 1, 1970 00:00:00 UTC. (In Amazon +// Web Services Tools for PowerShell and the Amazon Web Services SDK for +// .NET, the timestamp is specified in .NET format: yyyy-mm-ddThh:mm:ss. +// For example, 2017-09-15T13:45:30.) +// +// - A batch of log events in a single request cannot span more than 24 hours. +// Otherwise, the operation fails. +// +// - Each log event can be no larger than 256 KB. +// +// - The maximum number of log events in a batch is 10,000. +// +// - The quota of five requests per second per log stream has been removed. +// Instead, PutLogEvents actions are throttled based on a per-second per-account +// quota. You can request an increase to the per-second throttling quota +// by using the Service Quotas service. +// +// If a call to PutLogEvents returns "UnrecognizedClientException" the most +// likely cause is a non-valid Amazon Web Services access key ID or secret key. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon CloudWatch Logs's +// API operation PutLogEvents for usage and error information. +// +// Returned Error Types: +// +// - InvalidParameterException +// A parameter is specified incorrectly. +// +// - InvalidSequenceTokenException +// The sequence token is not valid. You can get the correct sequence token in +// the expectedSequenceToken field in the InvalidSequenceTokenException message. +// +// PutLogEvents actions are now always accepted and never return InvalidSequenceTokenException +// regardless of receiving an invalid sequence token. +// +// - DataAlreadyAcceptedException +// The event was already logged. +// +// PutLogEvents actions are now always accepted and never return DataAlreadyAcceptedException +// regardless of whether a given batch of log events has already been accepted. +// +// - ResourceNotFoundException +// The specified resource does not exist. +// +// - ServiceUnavailableException +// The service cannot complete the request. +// +// - UnrecognizedClientException +// The most likely cause is an Amazon Web Services access key ID or secret key +// that's not valid. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/PutLogEvents +func (c *CloudWatchLogs) PutLogEvents(input *PutLogEventsInput) (*PutLogEventsOutput, error) { + req, out := c.PutLogEventsRequest(input) + return out, req.Send() +} + +// PutLogEventsWithContext is the same as PutLogEvents with the addition of +// the ability to pass a context and additional request options. +// +// See PutLogEvents for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *CloudWatchLogs) PutLogEventsWithContext(ctx aws.Context, input *PutLogEventsInput, opts ...request.Option) (*PutLogEventsOutput, error) { + req, out := c.PutLogEventsRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opPutMetricFilter = "PutMetricFilter" + +// PutMetricFilterRequest generates a "aws/request.Request" representing the +// client's request for the PutMetricFilter operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See PutMetricFilter for more information on using the PutMetricFilter +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the PutMetricFilterRequest method. +// req, resp := client.PutMetricFilterRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/PutMetricFilter +func (c *CloudWatchLogs) PutMetricFilterRequest(input *PutMetricFilterInput) (req *request.Request, output *PutMetricFilterOutput) { + op := &request.Operation{ + Name: opPutMetricFilter, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &PutMetricFilterInput{} + } + + output = &PutMetricFilterOutput{} + req = c.newRequest(op, input, output) + req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) + return +} + +// PutMetricFilter API operation for Amazon CloudWatch Logs. +// +// Creates or updates a metric filter and associates it with the specified log +// group. With metric filters, you can configure rules to extract metric data +// from log events ingested through PutLogEvents (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutLogEvents.html). +// +// The maximum number of metric filters that can be associated with a log group +// is 100. +// +// When you create a metric filter, you can also optionally assign a unit and +// dimensions to the metric that is created. +// +// Metrics extracted from log events are charged as custom metrics. To prevent +// unexpected high charges, do not specify high-cardinality fields such as IPAddress +// or requestID as dimensions. Each different value found for a dimension is +// treated as a separate metric and accrues charges as a separate custom metric. +// +// CloudWatch Logs might disable a metric filter if it generates 1,000 different +// name/value pairs for your specified dimensions within one hour. +// +// You can also set up a billing alarm to alert you if your charges are higher +// than expected. For more information, see Creating a Billing Alarm to Monitor +// Your Estimated Amazon Web Services Charges (https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/monitor_estimated_charges_with_cloudwatch.html). +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon CloudWatch Logs's +// API operation PutMetricFilter for usage and error information. +// +// Returned Error Types: +// +// - InvalidParameterException +// A parameter is specified incorrectly. +// +// - ResourceNotFoundException +// The specified resource does not exist. +// +// - OperationAbortedException +// Multiple concurrent requests to update the same resource were in conflict. +// +// - LimitExceededException +// You have reached the maximum number of resources that can be created. +// +// - ServiceUnavailableException +// The service cannot complete the request. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/PutMetricFilter +func (c *CloudWatchLogs) PutMetricFilter(input *PutMetricFilterInput) (*PutMetricFilterOutput, error) { + req, out := c.PutMetricFilterRequest(input) + return out, req.Send() +} + +// PutMetricFilterWithContext is the same as PutMetricFilter with the addition of +// the ability to pass a context and additional request options. +// +// See PutMetricFilter for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *CloudWatchLogs) PutMetricFilterWithContext(ctx aws.Context, input *PutMetricFilterInput, opts ...request.Option) (*PutMetricFilterOutput, error) { + req, out := c.PutMetricFilterRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opPutQueryDefinition = "PutQueryDefinition" + +// PutQueryDefinitionRequest generates a "aws/request.Request" representing the +// client's request for the PutQueryDefinition operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See PutQueryDefinition for more information on using the PutQueryDefinition +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the PutQueryDefinitionRequest method. +// req, resp := client.PutQueryDefinitionRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/PutQueryDefinition +func (c *CloudWatchLogs) PutQueryDefinitionRequest(input *PutQueryDefinitionInput) (req *request.Request, output *PutQueryDefinitionOutput) { + op := &request.Operation{ + Name: opPutQueryDefinition, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &PutQueryDefinitionInput{} + } + + output = &PutQueryDefinitionOutput{} + req = c.newRequest(op, input, output) + return +} + +// PutQueryDefinition API operation for Amazon CloudWatch Logs. +// +// Creates or updates a query definition for CloudWatch Logs Insights. For more +// information, see Analyzing Log Data with CloudWatch Logs Insights (https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/AnalyzingLogData.html). +// +// To update a query definition, specify its queryDefinitionId in your request. +// The values of name, queryString, and logGroupNames are changed to the values +// that you specify in your update operation. No current values are retained +// from the current query definition. For example, imagine updating a current +// query definition that includes log groups. If you don't specify the logGroupNames +// parameter in your update operation, the query definition changes to contain +// no log groups. +// +// You must have the logs:PutQueryDefinition permission to be able to perform +// this operation. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon CloudWatch Logs's +// API operation PutQueryDefinition for usage and error information. +// +// Returned Error Types: +// +// - InvalidParameterException +// A parameter is specified incorrectly. +// +// - LimitExceededException +// You have reached the maximum number of resources that can be created. +// +// - ResourceNotFoundException +// The specified resource does not exist. +// +// - ServiceUnavailableException +// The service cannot complete the request. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/PutQueryDefinition +func (c *CloudWatchLogs) PutQueryDefinition(input *PutQueryDefinitionInput) (*PutQueryDefinitionOutput, error) { + req, out := c.PutQueryDefinitionRequest(input) + return out, req.Send() +} + +// PutQueryDefinitionWithContext is the same as PutQueryDefinition with the addition of +// the ability to pass a context and additional request options. +// +// See PutQueryDefinition for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *CloudWatchLogs) PutQueryDefinitionWithContext(ctx aws.Context, input *PutQueryDefinitionInput, opts ...request.Option) (*PutQueryDefinitionOutput, error) { + req, out := c.PutQueryDefinitionRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opPutResourcePolicy = "PutResourcePolicy" + +// PutResourcePolicyRequest generates a "aws/request.Request" representing the +// client's request for the PutResourcePolicy operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See PutResourcePolicy for more information on using the PutResourcePolicy +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the PutResourcePolicyRequest method. +// req, resp := client.PutResourcePolicyRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/PutResourcePolicy +func (c *CloudWatchLogs) PutResourcePolicyRequest(input *PutResourcePolicyInput) (req *request.Request, output *PutResourcePolicyOutput) { + op := &request.Operation{ + Name: opPutResourcePolicy, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &PutResourcePolicyInput{} + } + + output = &PutResourcePolicyOutput{} + req = c.newRequest(op, input, output) + return +} + +// PutResourcePolicy API operation for Amazon CloudWatch Logs. +// +// Creates or updates a resource policy allowing other Amazon Web Services services +// to put log events to this account, such as Amazon Route 53. An account can +// have up to 10 resource policies per Amazon Web Services Region. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon CloudWatch Logs's +// API operation PutResourcePolicy for usage and error information. +// +// Returned Error Types: +// +// - InvalidParameterException +// A parameter is specified incorrectly. +// +// - LimitExceededException +// You have reached the maximum number of resources that can be created. +// +// - ServiceUnavailableException +// The service cannot complete the request. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/PutResourcePolicy +func (c *CloudWatchLogs) PutResourcePolicy(input *PutResourcePolicyInput) (*PutResourcePolicyOutput, error) { + req, out := c.PutResourcePolicyRequest(input) + return out, req.Send() +} + +// PutResourcePolicyWithContext is the same as PutResourcePolicy with the addition of +// the ability to pass a context and additional request options. +// +// See PutResourcePolicy for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *CloudWatchLogs) PutResourcePolicyWithContext(ctx aws.Context, input *PutResourcePolicyInput, opts ...request.Option) (*PutResourcePolicyOutput, error) { + req, out := c.PutResourcePolicyRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opPutRetentionPolicy = "PutRetentionPolicy" + +// PutRetentionPolicyRequest generates a "aws/request.Request" representing the +// client's request for the PutRetentionPolicy operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See PutRetentionPolicy for more information on using the PutRetentionPolicy +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the PutRetentionPolicyRequest method. +// req, resp := client.PutRetentionPolicyRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/PutRetentionPolicy +func (c *CloudWatchLogs) PutRetentionPolicyRequest(input *PutRetentionPolicyInput) (req *request.Request, output *PutRetentionPolicyOutput) { + op := &request.Operation{ + Name: opPutRetentionPolicy, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &PutRetentionPolicyInput{} + } + + output = &PutRetentionPolicyOutput{} + req = c.newRequest(op, input, output) + req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) + return +} + +// PutRetentionPolicy API operation for Amazon CloudWatch Logs. +// +// Sets the retention of the specified log group. With a retention policy, you +// can configure the number of days for which to retain log events in the specified +// log group. +// +// CloudWatch Logs doesn’t immediately delete log events when they reach their +// retention setting. It typically takes up to 72 hours after that before log +// events are deleted, but in rare situations might take longer. +// +// To illustrate, imagine that you change a log group to have a longer retention +// setting when it contains log events that are past the expiration date, but +// haven’t been deleted. Those log events will take up to 72 hours to be deleted +// after the new retention date is reached. To make sure that log data is deleted +// permanently, keep a log group at its lower retention setting until 72 hours +// after the previous retention period ends. Alternatively, wait to change the +// retention setting until you confirm that the earlier log events are deleted. +// +// When log events reach their retention setting they are marked for deletion. +// After they are marked for deletion, they do not add to your archival storage +// costs anymore, even if they are not actually deleted until later. These log +// events marked for deletion are also not included when you use an API to retrieve +// the storedBytes value to see how many bytes a log group is storing. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon CloudWatch Logs's +// API operation PutRetentionPolicy for usage and error information. +// +// Returned Error Types: +// +// - InvalidParameterException +// A parameter is specified incorrectly. +// +// - ResourceNotFoundException +// The specified resource does not exist. +// +// - OperationAbortedException +// Multiple concurrent requests to update the same resource were in conflict. +// +// - ServiceUnavailableException +// The service cannot complete the request. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/PutRetentionPolicy +func (c *CloudWatchLogs) PutRetentionPolicy(input *PutRetentionPolicyInput) (*PutRetentionPolicyOutput, error) { + req, out := c.PutRetentionPolicyRequest(input) + return out, req.Send() +} + +// PutRetentionPolicyWithContext is the same as PutRetentionPolicy with the addition of +// the ability to pass a context and additional request options. +// +// See PutRetentionPolicy for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *CloudWatchLogs) PutRetentionPolicyWithContext(ctx aws.Context, input *PutRetentionPolicyInput, opts ...request.Option) (*PutRetentionPolicyOutput, error) { + req, out := c.PutRetentionPolicyRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opPutSubscriptionFilter = "PutSubscriptionFilter" + +// PutSubscriptionFilterRequest generates a "aws/request.Request" representing the +// client's request for the PutSubscriptionFilter operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See PutSubscriptionFilter for more information on using the PutSubscriptionFilter +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the PutSubscriptionFilterRequest method. +// req, resp := client.PutSubscriptionFilterRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/PutSubscriptionFilter +func (c *CloudWatchLogs) PutSubscriptionFilterRequest(input *PutSubscriptionFilterInput) (req *request.Request, output *PutSubscriptionFilterOutput) { + op := &request.Operation{ + Name: opPutSubscriptionFilter, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &PutSubscriptionFilterInput{} + } + + output = &PutSubscriptionFilterOutput{} + req = c.newRequest(op, input, output) + req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) + return +} + +// PutSubscriptionFilter API operation for Amazon CloudWatch Logs. +// +// Creates or updates a subscription filter and associates it with the specified +// log group. With subscription filters, you can subscribe to a real-time stream +// of log events ingested through PutLogEvents (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutLogEvents.html) +// and have them delivered to a specific destination. When log events are sent +// to the receiving service, they are Base64 encoded and compressed with the +// GZIP format. +// +// The following destinations are supported for subscription filters: +// +// - An Amazon Kinesis data stream belonging to the same account as the subscription +// filter, for same-account delivery. +// +// - A logical destination created with PutDestination (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutDestination.html) +// that belongs to a different account, for cross-account delivery. We currently +// support Kinesis Data Streams and Firehose as logical destinations. +// +// - An Amazon Kinesis Data Firehose delivery stream that belongs to the +// same account as the subscription filter, for same-account delivery. +// +// - An Lambda function that belongs to the same account as the subscription +// filter, for same-account delivery. +// +// Each log group can have up to two subscription filters associated with it. +// If you are updating an existing filter, you must specify the correct name +// in filterName. +// +// To perform a PutSubscriptionFilter operation for any destination except a +// Lambda function, you must also have the iam:PassRole permission. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon CloudWatch Logs's +// API operation PutSubscriptionFilter for usage and error information. +// +// Returned Error Types: +// +// - InvalidParameterException +// A parameter is specified incorrectly. +// +// - ResourceNotFoundException +// The specified resource does not exist. +// +// - OperationAbortedException +// Multiple concurrent requests to update the same resource were in conflict. +// +// - LimitExceededException +// You have reached the maximum number of resources that can be created. +// +// - ServiceUnavailableException +// The service cannot complete the request. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/PutSubscriptionFilter +func (c *CloudWatchLogs) PutSubscriptionFilter(input *PutSubscriptionFilterInput) (*PutSubscriptionFilterOutput, error) { + req, out := c.PutSubscriptionFilterRequest(input) + return out, req.Send() +} + +// PutSubscriptionFilterWithContext is the same as PutSubscriptionFilter with the addition of +// the ability to pass a context and additional request options. +// +// See PutSubscriptionFilter for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *CloudWatchLogs) PutSubscriptionFilterWithContext(ctx aws.Context, input *PutSubscriptionFilterInput, opts ...request.Option) (*PutSubscriptionFilterOutput, error) { + req, out := c.PutSubscriptionFilterRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opStartLiveTail = "StartLiveTail" + +// StartLiveTailRequest generates a "aws/request.Request" representing the +// client's request for the StartLiveTail operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See StartLiveTail for more information on using the StartLiveTail +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the StartLiveTailRequest method. +// req, resp := client.StartLiveTailRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/StartLiveTail +func (c *CloudWatchLogs) StartLiveTailRequest(input *StartLiveTailInput) (req *request.Request, output *StartLiveTailOutput) { + op := &request.Operation{ + Name: opStartLiveTail, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &StartLiveTailInput{} + } + + output = &StartLiveTailOutput{} + req = c.newRequest(op, input, output) + + es := NewStartLiveTailEventStream() + output.eventStream = es + + req.Handlers.Send.Swap(client.LogHTTPResponseHandler.Name, client.LogHTTPResponseHeaderHandler) + req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, rest.UnmarshalHandler) + req.Handlers.Unmarshal.PushBack(es.runOutputStream) + es.output = output + req.Handlers.Unmarshal.PushBack(es.recvInitialEvent) + req.Handlers.Unmarshal.PushBack(es.runOnStreamPartClose) + req.Handlers.Build.PushBackNamed(protocol.NewHostPrefixHandler("streaming-", nil)) + req.Handlers.Build.PushBackNamed(protocol.ValidateEndpointHostHandler) + return +} + +// StartLiveTail API operation for Amazon CloudWatch Logs. +// +// Starts a Live Tail streaming session for one or more log groups. A Live Tail +// session returns a stream of log events that have been recently ingested in +// the log groups. For more information, see Use Live Tail to view logs in near +// real time (https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatchLogs_LiveTail.html). +// +// The response to this operation is a response stream, over which the server +// sends live log events and the client receives them. +// +// The following objects are sent over the stream: +// +// - A single LiveTailSessionStart (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_LiveTailSessionStart.html) +// object is sent at the start of the session. +// +// - Every second, a LiveTailSessionUpdate (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_LiveTailSessionUpdate.html) +// object is sent. Each of these objects contains an array of the actual +// log events. If no new log events were ingested in the past second, the +// LiveTailSessionUpdate object will contain an empty array. The array of +// log events contained in a LiveTailSessionUpdate can include as many as +// 500 log events. If the number of log events matching the request exceeds +// 500 per second, the log events are sampled down to 500 log events to be +// included in each LiveTailSessionUpdate object. If your client consumes +// the log events slower than the server produces them, CloudWatch Logs buffers +// up to 10 LiveTailSessionUpdate events or 5000 log events, after which +// it starts dropping the oldest events. +// +// - A SessionStreamingException (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_SessionStreamingException.html) +// object is returned if an unknown error occurs on the server side. +// +// - A SessionTimeoutException (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_SessionTimeoutException.html) +// object is returned when the session times out, after it has been kept +// open for three hours. +// +// You can end a session before it times out by closing the session stream or +// by closing the client that is receiving the stream. The session also ends +// if the established connection between the client and the server breaks. +// +// For examples of using an SDK to start a Live Tail session, see Start a Live +// Tail session using an Amazon Web Services SDK (https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/example_cloudwatch-logs_StartLiveTail_section.html). +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon CloudWatch Logs's +// API operation StartLiveTail for usage and error information. +// +// Returned Error Types: +// +// - AccessDeniedException +// You don't have sufficient permissions to perform this action. +// +// - InvalidParameterException +// A parameter is specified incorrectly. +// +// - ResourceNotFoundException +// The specified resource does not exist. +// +// - LimitExceededException +// You have reached the maximum number of resources that can be created. +// +// - InvalidOperationException +// The operation is not valid on the specified resource. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/StartLiveTail +func (c *CloudWatchLogs) StartLiveTail(input *StartLiveTailInput) (*StartLiveTailOutput, error) { + req, out := c.StartLiveTailRequest(input) + return out, req.Send() +} + +// StartLiveTailWithContext is the same as StartLiveTail with the addition of +// the ability to pass a context and additional request options. +// +// See StartLiveTail for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *CloudWatchLogs) StartLiveTailWithContext(ctx aws.Context, input *StartLiveTailInput, opts ...request.Option) (*StartLiveTailOutput, error) { + req, out := c.StartLiveTailRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +var _ awserr.Error +var _ time.Time + +// StartLiveTailEventStream provides the event stream handling for the StartLiveTail. +// +// For testing and mocking the event stream this type should be initialized via +// the NewStartLiveTailEventStream constructor function. Using the functional options +// to pass in nested mock behavior. +type StartLiveTailEventStream struct { + + // Reader is the EventStream reader for the StartLiveTailResponseStream + // events. This value is automatically set by the SDK when the API call is made + // Use this member when unit testing your code with the SDK to mock out the + // EventStream Reader. + // + // Must not be nil. + Reader StartLiveTailResponseStreamReader + + outputReader io.ReadCloser + output *StartLiveTailOutput + + done chan struct{} + closeOnce sync.Once + err *eventstreamapi.OnceError +} + +// NewStartLiveTailEventStream initializes an StartLiveTailEventStream. +// This function should only be used for testing and mocking the StartLiveTailEventStream +// stream within your application. +// +// The Reader member must be set before reading events from the stream. +// +// es := NewStartLiveTailEventStream(func(o *StartLiveTailEventStream){ +// es.Reader = myMockStreamReader +// }) +func NewStartLiveTailEventStream(opts ...func(*StartLiveTailEventStream)) *StartLiveTailEventStream { + es := &StartLiveTailEventStream{ + done: make(chan struct{}), + err: eventstreamapi.NewOnceError(), + } + + for _, fn := range opts { + fn(es) + } + + return es +} + +func (es *StartLiveTailEventStream) runOnStreamPartClose(r *request.Request) { + if es.done == nil { + return + } + go es.waitStreamPartClose() + +} + +func (es *StartLiveTailEventStream) waitStreamPartClose() { + var outputErrCh <-chan struct{} + if v, ok := es.Reader.(interface{ ErrorSet() <-chan struct{} }); ok { + outputErrCh = v.ErrorSet() + } + var outputClosedCh <-chan struct{} + if v, ok := es.Reader.(interface{ Closed() <-chan struct{} }); ok { + outputClosedCh = v.Closed() + } + + select { + case <-es.done: + case <-outputErrCh: + es.err.SetError(es.Reader.Err()) + es.Close() + case <-outputClosedCh: + if err := es.Reader.Err(); err != nil { + es.err.SetError(es.Reader.Err()) + } + es.Close() + } +} + +type eventTypeForStartLiveTailEventStreamOutputEvent struct { + unmarshalerForEvent func(string) (eventstreamapi.Unmarshaler, error) + output *StartLiveTailOutput +} + +func (e eventTypeForStartLiveTailEventStreamOutputEvent) UnmarshalerForEventName(eventType string) (eventstreamapi.Unmarshaler, error) { + if eventType == "initial-response" { + return e.output, nil + } + return e.unmarshalerForEvent(eventType) +} + +// Events returns a channel to read events from. +// +// These events are: +// +// - LiveTailSessionStart +// - LiveTailSessionUpdate +// - StartLiveTailResponseStreamUnknownEvent +func (es *StartLiveTailEventStream) Events() <-chan StartLiveTailResponseStreamEvent { + return es.Reader.Events() +} + +func (es *StartLiveTailEventStream) runOutputStream(r *request.Request) { + var opts []func(*eventstream.Decoder) + if r.Config.Logger != nil && r.Config.LogLevel.Matches(aws.LogDebugWithEventStreamBody) { + opts = append(opts, eventstream.DecodeWithLogger(r.Config.Logger)) + } + + unmarshalerForEvent := unmarshalerForStartLiveTailResponseStreamEvent{ + metadata: protocol.ResponseMetadata{ + StatusCode: r.HTTPResponse.StatusCode, + RequestID: r.RequestID, + }, + }.UnmarshalerForEventName + unmarshalerForEvent = eventTypeForStartLiveTailEventStreamOutputEvent{ + unmarshalerForEvent: unmarshalerForEvent, + output: es.output, + }.UnmarshalerForEventName + + decoder := eventstream.NewDecoder(r.HTTPResponse.Body, opts...) + eventReader := eventstreamapi.NewEventReader(decoder, + protocol.HandlerPayloadUnmarshal{ + Unmarshalers: r.Handlers.UnmarshalStream, + }, + unmarshalerForEvent, + ) + + es.outputReader = r.HTTPResponse.Body + es.Reader = newReadStartLiveTailResponseStream(eventReader) +} +func (es *StartLiveTailEventStream) recvInitialEvent(r *request.Request) { + // Wait for the initial response event, which must be the first + // event to be received from the API. + select { + case event, ok := <-es.Events(): + if !ok { + return + } + + v, ok := event.(*StartLiveTailOutput) + if !ok || v == nil { + r.Error = awserr.New( + request.ErrCodeSerialization, + fmt.Sprintf("invalid event, %T, expect %T, %v", + event, (*StartLiveTailOutput)(nil), v), + nil, + ) + return + } + + *es.output = *v + es.output.eventStream = es + } +} + +// Close closes the stream. This will also cause the stream to be closed. +// Close must be called when done using the stream API. Not calling Close +// may result in resource leaks. +// +// You can use the closing of the Reader's Events channel to terminate your +// application's read from the API's stream. +func (es *StartLiveTailEventStream) Close() (err error) { + es.closeOnce.Do(es.safeClose) + return es.Err() +} + +func (es *StartLiveTailEventStream) safeClose() { + if es.done != nil { + close(es.done) + } + + es.Reader.Close() + if es.outputReader != nil { + es.outputReader.Close() + } +} + +// Err returns any error that occurred while reading or writing EventStream +// Events from the service API's response. Returns nil if there were no errors. +func (es *StartLiveTailEventStream) Err() error { + if err := es.err.Err(); err != nil { + return err + } + if err := es.Reader.Err(); err != nil { + return err + } + + return nil +} + +const opStartQuery = "StartQuery" + +// StartQueryRequest generates a "aws/request.Request" representing the +// client's request for the StartQuery operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See StartQuery for more information on using the StartQuery +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the StartQueryRequest method. +// req, resp := client.StartQueryRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/StartQuery +func (c *CloudWatchLogs) StartQueryRequest(input *StartQueryInput) (req *request.Request, output *StartQueryOutput) { + op := &request.Operation{ + Name: opStartQuery, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &StartQueryInput{} + } + + output = &StartQueryOutput{} + req = c.newRequest(op, input, output) + return +} + +// StartQuery API operation for Amazon CloudWatch Logs. +// +// Schedules a query of a log group using CloudWatch Logs Insights. You specify +// the log group and time range to query and the query string to use. +// +// For more information, see CloudWatch Logs Insights Query Syntax (https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CWL_QuerySyntax.html). +// +// After you run a query using StartQuery, the query results are stored by CloudWatch +// Logs. You can use GetQueryResults (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_GetQueryResults.html) +// to retrieve the results of a query, using the queryId that StartQuery returns. +// +// If you have associated a KMS key with the query results in this account, +// then StartQuery (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_StartQuery.html) +// uses that key to encrypt the results when it stores them. If no key is associated +// with query results, the query results are encrypted with the default CloudWatch +// Logs encryption method. +// +// Queries time out after 60 minutes of runtime. If your queries are timing +// out, reduce the time range being searched or partition your query into a +// number of queries. +// +// If you are using CloudWatch cross-account observability, you can use this +// operation in a monitoring account to start a query in a linked source account. +// For more information, see CloudWatch cross-account observability (https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-Unified-Cross-Account.html). +// For a cross-account StartQuery operation, the query definition must be defined +// in the monitoring account. +// +// You can have up to 30 concurrent CloudWatch Logs insights queries, including +// queries that have been added to dashboards. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon CloudWatch Logs's +// API operation StartQuery for usage and error information. +// +// Returned Error Types: +// +// - MalformedQueryException +// The query string is not valid. Details about this error are displayed in +// a QueryCompileError object. For more information, see QueryCompileError (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_QueryCompileError.html). +// +// For more information about valid query syntax, see CloudWatch Logs Insights +// Query Syntax (https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CWL_QuerySyntax.html). +// +// - InvalidParameterException +// A parameter is specified incorrectly. +// +// - LimitExceededException +// You have reached the maximum number of resources that can be created. +// +// - ResourceNotFoundException +// The specified resource does not exist. +// +// - ServiceUnavailableException +// The service cannot complete the request. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/StartQuery +func (c *CloudWatchLogs) StartQuery(input *StartQueryInput) (*StartQueryOutput, error) { + req, out := c.StartQueryRequest(input) + return out, req.Send() +} + +// StartQueryWithContext is the same as StartQuery with the addition of +// the ability to pass a context and additional request options. +// +// See StartQuery for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *CloudWatchLogs) StartQueryWithContext(ctx aws.Context, input *StartQueryInput, opts ...request.Option) (*StartQueryOutput, error) { + req, out := c.StartQueryRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opStopQuery = "StopQuery" + +// StopQueryRequest generates a "aws/request.Request" representing the +// client's request for the StopQuery operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See StopQuery for more information on using the StopQuery +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the StopQueryRequest method. +// req, resp := client.StopQueryRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/StopQuery +func (c *CloudWatchLogs) StopQueryRequest(input *StopQueryInput) (req *request.Request, output *StopQueryOutput) { + op := &request.Operation{ + Name: opStopQuery, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &StopQueryInput{} + } + + output = &StopQueryOutput{} + req = c.newRequest(op, input, output) + return +} + +// StopQuery API operation for Amazon CloudWatch Logs. +// +// Stops a CloudWatch Logs Insights query that is in progress. If the query +// has already ended, the operation returns an error indicating that the specified +// query is not running. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon CloudWatch Logs's +// API operation StopQuery for usage and error information. +// +// Returned Error Types: +// +// - InvalidParameterException +// A parameter is specified incorrectly. +// +// - ResourceNotFoundException +// The specified resource does not exist. +// +// - ServiceUnavailableException +// The service cannot complete the request. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/StopQuery +func (c *CloudWatchLogs) StopQuery(input *StopQueryInput) (*StopQueryOutput, error) { + req, out := c.StopQueryRequest(input) + return out, req.Send() +} + +// StopQueryWithContext is the same as StopQuery with the addition of +// the ability to pass a context and additional request options. +// +// See StopQuery for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *CloudWatchLogs) StopQueryWithContext(ctx aws.Context, input *StopQueryInput, opts ...request.Option) (*StopQueryOutput, error) { + req, out := c.StopQueryRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opTagLogGroup = "TagLogGroup" + +// TagLogGroupRequest generates a "aws/request.Request" representing the +// client's request for the TagLogGroup operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See TagLogGroup for more information on using the TagLogGroup +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the TagLogGroupRequest method. +// req, resp := client.TagLogGroupRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/TagLogGroup +// +// Deprecated: Please use the generic tagging API TagResource +func (c *CloudWatchLogs) TagLogGroupRequest(input *TagLogGroupInput) (req *request.Request, output *TagLogGroupOutput) { + if c.Client.Config.Logger != nil { + c.Client.Config.Logger.Log("This operation, TagLogGroup, has been deprecated") + } + op := &request.Operation{ + Name: opTagLogGroup, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &TagLogGroupInput{} + } + + output = &TagLogGroupOutput{} + req = c.newRequest(op, input, output) + req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) + return +} + +// TagLogGroup API operation for Amazon CloudWatch Logs. +// +// The TagLogGroup operation is on the path to deprecation. We recommend that +// you use TagResource (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_TagResource.html) +// instead. +// +// Adds or updates the specified tags for the specified log group. +// +// To list the tags for a log group, use ListTagsForResource (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_ListTagsForResource.html). +// To remove tags, use UntagResource (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_UntagResource.html). +// +// For more information about tags, see Tag Log Groups in Amazon CloudWatch +// Logs (https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/Working-with-log-groups-and-streams.html#log-group-tagging) +// in the Amazon CloudWatch Logs User Guide. +// +// CloudWatch Logs doesn’t support IAM policies that prevent users from assigning +// specified tags to log groups using the aws:Resource/key-name or aws:TagKeys +// condition keys. For more information about using tags to control access, +// see Controlling access to Amazon Web Services resources using tags (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_tags.html). +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon CloudWatch Logs's +// API operation TagLogGroup for usage and error information. +// +// Returned Error Types: +// +// - ResourceNotFoundException +// The specified resource does not exist. +// +// - InvalidParameterException +// A parameter is specified incorrectly. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/TagLogGroup +// +// Deprecated: Please use the generic tagging API TagResource +func (c *CloudWatchLogs) TagLogGroup(input *TagLogGroupInput) (*TagLogGroupOutput, error) { + req, out := c.TagLogGroupRequest(input) + return out, req.Send() +} + +// TagLogGroupWithContext is the same as TagLogGroup with the addition of +// the ability to pass a context and additional request options. +// +// See TagLogGroup for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +// +// Deprecated: Please use the generic tagging API TagResource +func (c *CloudWatchLogs) TagLogGroupWithContext(ctx aws.Context, input *TagLogGroupInput, opts ...request.Option) (*TagLogGroupOutput, error) { + req, out := c.TagLogGroupRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opTagResource = "TagResource" + +// TagResourceRequest generates a "aws/request.Request" representing the +// client's request for the TagResource operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See TagResource for more information on using the TagResource +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the TagResourceRequest method. +// req, resp := client.TagResourceRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/TagResource +func (c *CloudWatchLogs) TagResourceRequest(input *TagResourceInput) (req *request.Request, output *TagResourceOutput) { + op := &request.Operation{ + Name: opTagResource, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &TagResourceInput{} + } + + output = &TagResourceOutput{} + req = c.newRequest(op, input, output) + req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) + return +} + +// TagResource API operation for Amazon CloudWatch Logs. +// +// Assigns one or more tags (key-value pairs) to the specified CloudWatch Logs +// resource. Currently, the only CloudWatch Logs resources that can be tagged +// are log groups and destinations. +// +// Tags can help you organize and categorize your resources. You can also use +// them to scope user permissions by granting a user permission to access or +// change only resources with certain tag values. +// +// Tags don't have any semantic meaning to Amazon Web Services and are interpreted +// strictly as strings of characters. +// +// You can use the TagResource action with a resource that already has tags. +// If you specify a new tag key for the alarm, this tag is appended to the list +// of tags associated with the alarm. If you specify a tag key that is already +// associated with the alarm, the new tag value that you specify replaces the +// previous value for that tag. +// +// You can associate as many as 50 tags with a CloudWatch Logs resource. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon CloudWatch Logs's +// API operation TagResource for usage and error information. +// +// Returned Error Types: +// +// - InvalidParameterException +// A parameter is specified incorrectly. +// +// - ResourceNotFoundException +// The specified resource does not exist. +// +// - ServiceUnavailableException +// The service cannot complete the request. +// +// - TooManyTagsException +// A resource can have no more than 50 tags. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/TagResource +func (c *CloudWatchLogs) TagResource(input *TagResourceInput) (*TagResourceOutput, error) { + req, out := c.TagResourceRequest(input) + return out, req.Send() +} + +// TagResourceWithContext is the same as TagResource with the addition of +// the ability to pass a context and additional request options. +// +// See TagResource for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *CloudWatchLogs) TagResourceWithContext(ctx aws.Context, input *TagResourceInput, opts ...request.Option) (*TagResourceOutput, error) { + req, out := c.TagResourceRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opTestMetricFilter = "TestMetricFilter" + +// TestMetricFilterRequest generates a "aws/request.Request" representing the +// client's request for the TestMetricFilter operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See TestMetricFilter for more information on using the TestMetricFilter +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the TestMetricFilterRequest method. +// req, resp := client.TestMetricFilterRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/TestMetricFilter +func (c *CloudWatchLogs) TestMetricFilterRequest(input *TestMetricFilterInput) (req *request.Request, output *TestMetricFilterOutput) { + op := &request.Operation{ + Name: opTestMetricFilter, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &TestMetricFilterInput{} + } + + output = &TestMetricFilterOutput{} + req = c.newRequest(op, input, output) + return +} + +// TestMetricFilter API operation for Amazon CloudWatch Logs. +// +// Tests the filter pattern of a metric filter against a sample of log event +// messages. You can use this operation to validate the correctness of a metric +// filter pattern. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon CloudWatch Logs's +// API operation TestMetricFilter for usage and error information. +// +// Returned Error Types: +// +// - InvalidParameterException +// A parameter is specified incorrectly. +// +// - ServiceUnavailableException +// The service cannot complete the request. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/TestMetricFilter +func (c *CloudWatchLogs) TestMetricFilter(input *TestMetricFilterInput) (*TestMetricFilterOutput, error) { + req, out := c.TestMetricFilterRequest(input) + return out, req.Send() +} + +// TestMetricFilterWithContext is the same as TestMetricFilter with the addition of +// the ability to pass a context and additional request options. +// +// See TestMetricFilter for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *CloudWatchLogs) TestMetricFilterWithContext(ctx aws.Context, input *TestMetricFilterInput, opts ...request.Option) (*TestMetricFilterOutput, error) { + req, out := c.TestMetricFilterRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opUntagLogGroup = "UntagLogGroup" + +// UntagLogGroupRequest generates a "aws/request.Request" representing the +// client's request for the UntagLogGroup operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See UntagLogGroup for more information on using the UntagLogGroup +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the UntagLogGroupRequest method. +// req, resp := client.UntagLogGroupRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/UntagLogGroup +// +// Deprecated: Please use the generic tagging API UntagResource +func (c *CloudWatchLogs) UntagLogGroupRequest(input *UntagLogGroupInput) (req *request.Request, output *UntagLogGroupOutput) { + if c.Client.Config.Logger != nil { + c.Client.Config.Logger.Log("This operation, UntagLogGroup, has been deprecated") + } + op := &request.Operation{ + Name: opUntagLogGroup, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &UntagLogGroupInput{} + } + + output = &UntagLogGroupOutput{} + req = c.newRequest(op, input, output) + req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) + return +} + +// UntagLogGroup API operation for Amazon CloudWatch Logs. +// +// The UntagLogGroup operation is on the path to deprecation. We recommend that +// you use UntagResource (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_UntagResource.html) +// instead. +// +// Removes the specified tags from the specified log group. +// +// To list the tags for a log group, use ListTagsForResource (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_ListTagsForResource.html). +// To add tags, use TagResource (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_TagResource.html). +// +// CloudWatch Logs doesn’t support IAM policies that prevent users from assigning +// specified tags to log groups using the aws:Resource/key-name or aws:TagKeys +// condition keys. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon CloudWatch Logs's +// API operation UntagLogGroup for usage and error information. +// +// Returned Error Types: +// - ResourceNotFoundException +// The specified resource does not exist. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/UntagLogGroup +// +// Deprecated: Please use the generic tagging API UntagResource +func (c *CloudWatchLogs) UntagLogGroup(input *UntagLogGroupInput) (*UntagLogGroupOutput, error) { + req, out := c.UntagLogGroupRequest(input) + return out, req.Send() +} + +// UntagLogGroupWithContext is the same as UntagLogGroup with the addition of +// the ability to pass a context and additional request options. +// +// See UntagLogGroup for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +// +// Deprecated: Please use the generic tagging API UntagResource +func (c *CloudWatchLogs) UntagLogGroupWithContext(ctx aws.Context, input *UntagLogGroupInput, opts ...request.Option) (*UntagLogGroupOutput, error) { + req, out := c.UntagLogGroupRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opUntagResource = "UntagResource" + +// UntagResourceRequest generates a "aws/request.Request" representing the +// client's request for the UntagResource operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See UntagResource for more information on using the UntagResource +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the UntagResourceRequest method. +// req, resp := client.UntagResourceRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/UntagResource +func (c *CloudWatchLogs) UntagResourceRequest(input *UntagResourceInput) (req *request.Request, output *UntagResourceOutput) { + op := &request.Operation{ + Name: opUntagResource, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &UntagResourceInput{} + } + + output = &UntagResourceOutput{} + req = c.newRequest(op, input, output) + req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) + return +} + +// UntagResource API operation for Amazon CloudWatch Logs. +// +// Removes one or more tags from the specified resource. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon CloudWatch Logs's +// API operation UntagResource for usage and error information. +// +// Returned Error Types: +// +// - InvalidParameterException +// A parameter is specified incorrectly. +// +// - ResourceNotFoundException +// The specified resource does not exist. +// +// - ServiceUnavailableException +// The service cannot complete the request. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/UntagResource +func (c *CloudWatchLogs) UntagResource(input *UntagResourceInput) (*UntagResourceOutput, error) { + req, out := c.UntagResourceRequest(input) + return out, req.Send() +} + +// UntagResourceWithContext is the same as UntagResource with the addition of +// the ability to pass a context and additional request options. +// +// See UntagResource for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *CloudWatchLogs) UntagResourceWithContext(ctx aws.Context, input *UntagResourceInput, opts ...request.Option) (*UntagResourceOutput, error) { + req, out := c.UntagResourceRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opUpdateAnomaly = "UpdateAnomaly" + +// UpdateAnomalyRequest generates a "aws/request.Request" representing the +// client's request for the UpdateAnomaly operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See UpdateAnomaly for more information on using the UpdateAnomaly +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the UpdateAnomalyRequest method. +// req, resp := client.UpdateAnomalyRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/UpdateAnomaly +func (c *CloudWatchLogs) UpdateAnomalyRequest(input *UpdateAnomalyInput) (req *request.Request, output *UpdateAnomalyOutput) { + op := &request.Operation{ + Name: opUpdateAnomaly, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &UpdateAnomalyInput{} + } + + output = &UpdateAnomalyOutput{} + req = c.newRequest(op, input, output) + req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) + return +} + +// UpdateAnomaly API operation for Amazon CloudWatch Logs. +// +// Use this operation to suppress anomaly detection for a specified anomaly +// or pattern. If you suppress an anomaly, CloudWatch Logs won’t report new +// occurrences of that anomaly and won't update that anomaly with new data. +// If you suppress a pattern, CloudWatch Logs won’t report any anomalies related +// to that pattern. +// +// You must specify either anomalyId or patternId, but you can't specify both +// parameters in the same operation. +// +// If you have previously used this operation to suppress detection of a pattern +// or anomaly, you can use it again to cause CloudWatch Logs to end the suppression. +// To do this, use this operation and specify the anomaly or pattern to stop +// suppressing, and omit the suppressionType and suppressionPeriod parameters. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon CloudWatch Logs's +// API operation UpdateAnomaly for usage and error information. +// +// Returned Error Types: +// +// - InvalidParameterException +// A parameter is specified incorrectly. +// +// - ResourceNotFoundException +// The specified resource does not exist. +// +// - ServiceUnavailableException +// The service cannot complete the request. +// +// - OperationAbortedException +// Multiple concurrent requests to update the same resource were in conflict. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/UpdateAnomaly +func (c *CloudWatchLogs) UpdateAnomaly(input *UpdateAnomalyInput) (*UpdateAnomalyOutput, error) { + req, out := c.UpdateAnomalyRequest(input) + return out, req.Send() +} + +// UpdateAnomalyWithContext is the same as UpdateAnomaly with the addition of +// the ability to pass a context and additional request options. +// +// See UpdateAnomaly for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *CloudWatchLogs) UpdateAnomalyWithContext(ctx aws.Context, input *UpdateAnomalyInput, opts ...request.Option) (*UpdateAnomalyOutput, error) { + req, out := c.UpdateAnomalyRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opUpdateLogAnomalyDetector = "UpdateLogAnomalyDetector" + +// UpdateLogAnomalyDetectorRequest generates a "aws/request.Request" representing the +// client's request for the UpdateLogAnomalyDetector operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See UpdateLogAnomalyDetector for more information on using the UpdateLogAnomalyDetector +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the UpdateLogAnomalyDetectorRequest method. +// req, resp := client.UpdateLogAnomalyDetectorRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/UpdateLogAnomalyDetector +func (c *CloudWatchLogs) UpdateLogAnomalyDetectorRequest(input *UpdateLogAnomalyDetectorInput) (req *request.Request, output *UpdateLogAnomalyDetectorOutput) { + op := &request.Operation{ + Name: opUpdateLogAnomalyDetector, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &UpdateLogAnomalyDetectorInput{} + } + + output = &UpdateLogAnomalyDetectorOutput{} + req = c.newRequest(op, input, output) + req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) + return +} + +// UpdateLogAnomalyDetector API operation for Amazon CloudWatch Logs. +// +// Updates an existing log anomaly detector. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon CloudWatch Logs's +// API operation UpdateLogAnomalyDetector for usage and error information. +// +// Returned Error Types: +// +// - InvalidParameterException +// A parameter is specified incorrectly. +// +// - ResourceNotFoundException +// The specified resource does not exist. +// +// - ServiceUnavailableException +// The service cannot complete the request. +// +// - OperationAbortedException +// Multiple concurrent requests to update the same resource were in conflict. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/logs-2014-03-28/UpdateLogAnomalyDetector +func (c *CloudWatchLogs) UpdateLogAnomalyDetector(input *UpdateLogAnomalyDetectorInput) (*UpdateLogAnomalyDetectorOutput, error) { + req, out := c.UpdateLogAnomalyDetectorRequest(input) + return out, req.Send() +} + +// UpdateLogAnomalyDetectorWithContext is the same as UpdateLogAnomalyDetector with the addition of +// the ability to pass a context and additional request options. +// +// See UpdateLogAnomalyDetector for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *CloudWatchLogs) UpdateLogAnomalyDetectorWithContext(ctx aws.Context, input *UpdateLogAnomalyDetectorInput, opts ...request.Option) (*UpdateLogAnomalyDetectorOutput, error) { + req, out := c.UpdateLogAnomalyDetectorRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +// You don't have sufficient permissions to perform this action. +type AccessDeniedException struct { + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` + + Message_ *string `locationName:"message" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s AccessDeniedException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s AccessDeniedException) GoString() string { + return s.String() +} + +func newErrorAccessDeniedException(v protocol.ResponseMetadata) error { + return &AccessDeniedException{ + RespMetadata: v, + } +} + +// Code returns the exception type name. +func (s *AccessDeniedException) Code() string { + return "AccessDeniedException" +} + +// Message returns the exception's message. +func (s *AccessDeniedException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s *AccessDeniedException) OrigErr() error { + return nil +} + +func (s *AccessDeniedException) Error() string { + return fmt.Sprintf("%s: %s", s.Code(), s.Message()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s *AccessDeniedException) StatusCode() int { + return s.RespMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s *AccessDeniedException) RequestID() string { + return s.RespMetadata.RequestID +} + +// A structure that contains information about one CloudWatch Logs account policy. +type AccountPolicy struct { + _ struct{} `type:"structure"` + + // The Amazon Web Services account ID that the policy applies to. + AccountId *string `locationName:"accountId" min:"12" type:"string"` + + // The date and time that this policy was most recently updated. + LastUpdatedTime *int64 `locationName:"lastUpdatedTime" type:"long"` + + // The policy document for this account policy. + // + // The JSON specified in policyDocument can be up to 30,720 characters. + PolicyDocument *string `locationName:"policyDocument" type:"string"` + + // The name of the account policy. + PolicyName *string `locationName:"policyName" type:"string"` + + // The type of policy for this account policy. + PolicyType *string `locationName:"policyType" type:"string" enum:"PolicyType"` + + // The scope of the account policy. + Scope *string `locationName:"scope" type:"string" enum:"Scope"` + + // The log group selection criteria for this subscription filter policy. + SelectionCriteria *string `locationName:"selectionCriteria" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s AccountPolicy) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s AccountPolicy) GoString() string { + return s.String() +} + +// SetAccountId sets the AccountId field's value. +func (s *AccountPolicy) SetAccountId(v string) *AccountPolicy { + s.AccountId = &v + return s +} + +// SetLastUpdatedTime sets the LastUpdatedTime field's value. +func (s *AccountPolicy) SetLastUpdatedTime(v int64) *AccountPolicy { + s.LastUpdatedTime = &v + return s +} + +// SetPolicyDocument sets the PolicyDocument field's value. +func (s *AccountPolicy) SetPolicyDocument(v string) *AccountPolicy { + s.PolicyDocument = &v + return s +} + +// SetPolicyName sets the PolicyName field's value. +func (s *AccountPolicy) SetPolicyName(v string) *AccountPolicy { + s.PolicyName = &v + return s +} + +// SetPolicyType sets the PolicyType field's value. +func (s *AccountPolicy) SetPolicyType(v string) *AccountPolicy { + s.PolicyType = &v + return s +} + +// SetScope sets the Scope field's value. +func (s *AccountPolicy) SetScope(v string) *AccountPolicy { + s.Scope = &v + return s +} + +// SetSelectionCriteria sets the SelectionCriteria field's value. +func (s *AccountPolicy) SetSelectionCriteria(v string) *AccountPolicy { + s.SelectionCriteria = &v + return s +} + +// This structure represents one anomaly that has been found by a logs anomaly +// detector. +// +// For more information about patterns and anomalies, see CreateLogAnomalyDetector +// (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_CreateLogAnomalyDetector.html). +type Anomaly struct { + _ struct{} `type:"structure"` + + // Specifies whether this anomaly is still ongoing. + // + // Active is a required field + Active *bool `locationName:"active" type:"boolean" required:"true"` + + // The ARN of the anomaly detector that identified this anomaly. + // + // AnomalyDetectorArn is a required field + AnomalyDetectorArn *string `locationName:"anomalyDetectorArn" min:"1" type:"string" required:"true"` + + // The unique ID that CloudWatch Logs assigned to this anomaly. + // + // AnomalyId is a required field + AnomalyId *string `locationName:"anomalyId" min:"36" type:"string" required:"true"` + + // A human-readable description of the anomaly. This description is generated + // by CloudWatch Logs. + // + // Description is a required field + Description *string `locationName:"description" min:"1" type:"string" required:"true"` + + // The date and time when the anomaly detector first saw this anomaly. It is + // specified as epoch time, which is the number of seconds since January 1, + // 1970, 00:00:00 UTC. + // + // FirstSeen is a required field + FirstSeen *int64 `locationName:"firstSeen" type:"long" required:"true"` + + // A map showing times when the anomaly detector ran, and the number of occurrences + // of this anomaly that were detected at each of those runs. The times are specified + // in epoch time, which is the number of seconds since January 1, 1970, 00:00:00 + // UTC. + // + // Histogram is a required field + Histogram map[string]*int64 `locationName:"histogram" type:"map" required:"true"` + + // If this anomaly is suppressed, this field is true if the suppression is because + // the pattern is suppressed. If false, then only this particular anomaly is + // suppressed. + IsPatternLevelSuppression *bool `locationName:"isPatternLevelSuppression" type:"boolean"` + + // The date and time when the anomaly detector most recently saw this anomaly. + // It is specified as epoch time, which is the number of seconds since January + // 1, 1970, 00:00:00 UTC. + // + // LastSeen is a required field + LastSeen *int64 `locationName:"lastSeen" type:"long" required:"true"` + + // An array of ARNS of the log groups that contained log events considered to + // be part of this anomaly. + // + // LogGroupArnList is a required field + LogGroupArnList []*string `locationName:"logGroupArnList" type:"list" required:"true"` + + // An array of sample log event messages that are considered to be part of this + // anomaly. + // + // LogSamples is a required field + LogSamples []*LogEvent `locationName:"logSamples" type:"list" required:"true"` + + // The ID of the pattern used to help identify this anomaly. + // + // PatternId is a required field + PatternId *string `locationName:"patternId" min:"32" type:"string" required:"true"` + + // The pattern used to help identify this anomaly, in regular expression format. + PatternRegex *string `locationName:"patternRegex" min:"1" type:"string"` + + // The pattern used to help identify this anomaly, in string format. + // + // PatternString is a required field + PatternString *string `locationName:"patternString" min:"1" type:"string" required:"true"` + + // An array of structures where each structure contains information about one + // token that makes up the pattern. + // + // PatternTokens is a required field + PatternTokens []*PatternToken `locationName:"patternTokens" type:"list" required:"true"` + + // The priority level of this anomaly, as determined by CloudWatch Logs. Priority + // is computed based on log severity labels such as FATAL and ERROR and the + // amount of deviation from the baseline. Possible values are HIGH, MEDIUM, + // and LOW. + Priority *string `locationName:"priority" min:"1" type:"string"` + + // Indicates the current state of this anomaly. If it is still being treated + // as an anomaly, the value is Active. If you have suppressed this anomaly by + // using the UpdateAnomaly (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_UpdateAnomaly.html) + // operation, the value is Suppressed. If this behavior is now considered to + // be normal, the value is Baseline. + // + // State is a required field + State *string `locationName:"state" type:"string" required:"true" enum:"State"` + + // Indicates whether this anomaly is currently suppressed. To suppress an anomaly, + // use UpdateAnomaly (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_UpdateAnomaly.html). + Suppressed *bool `locationName:"suppressed" type:"boolean"` + + // If the anomaly is suppressed, this indicates when it was suppressed. + SuppressedDate *int64 `locationName:"suppressedDate" type:"long"` + + // If the anomaly is suppressed, this indicates when the suppression will end. + // If this value is 0, the anomaly was suppressed with no expiration, with the + // INFINITE value. + SuppressedUntil *int64 `locationName:"suppressedUntil" type:"long"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s Anomaly) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s Anomaly) GoString() string { + return s.String() +} + +// SetActive sets the Active field's value. +func (s *Anomaly) SetActive(v bool) *Anomaly { + s.Active = &v + return s +} + +// SetAnomalyDetectorArn sets the AnomalyDetectorArn field's value. +func (s *Anomaly) SetAnomalyDetectorArn(v string) *Anomaly { + s.AnomalyDetectorArn = &v + return s +} + +// SetAnomalyId sets the AnomalyId field's value. +func (s *Anomaly) SetAnomalyId(v string) *Anomaly { + s.AnomalyId = &v + return s +} + +// SetDescription sets the Description field's value. +func (s *Anomaly) SetDescription(v string) *Anomaly { + s.Description = &v + return s +} + +// SetFirstSeen sets the FirstSeen field's value. +func (s *Anomaly) SetFirstSeen(v int64) *Anomaly { + s.FirstSeen = &v + return s +} + +// SetHistogram sets the Histogram field's value. +func (s *Anomaly) SetHistogram(v map[string]*int64) *Anomaly { + s.Histogram = v + return s +} + +// SetIsPatternLevelSuppression sets the IsPatternLevelSuppression field's value. +func (s *Anomaly) SetIsPatternLevelSuppression(v bool) *Anomaly { + s.IsPatternLevelSuppression = &v + return s +} + +// SetLastSeen sets the LastSeen field's value. +func (s *Anomaly) SetLastSeen(v int64) *Anomaly { + s.LastSeen = &v + return s +} + +// SetLogGroupArnList sets the LogGroupArnList field's value. +func (s *Anomaly) SetLogGroupArnList(v []*string) *Anomaly { + s.LogGroupArnList = v + return s +} + +// SetLogSamples sets the LogSamples field's value. +func (s *Anomaly) SetLogSamples(v []*LogEvent) *Anomaly { + s.LogSamples = v + return s +} + +// SetPatternId sets the PatternId field's value. +func (s *Anomaly) SetPatternId(v string) *Anomaly { + s.PatternId = &v + return s +} + +// SetPatternRegex sets the PatternRegex field's value. +func (s *Anomaly) SetPatternRegex(v string) *Anomaly { + s.PatternRegex = &v + return s +} + +// SetPatternString sets the PatternString field's value. +func (s *Anomaly) SetPatternString(v string) *Anomaly { + s.PatternString = &v + return s +} + +// SetPatternTokens sets the PatternTokens field's value. +func (s *Anomaly) SetPatternTokens(v []*PatternToken) *Anomaly { + s.PatternTokens = v + return s +} + +// SetPriority sets the Priority field's value. +func (s *Anomaly) SetPriority(v string) *Anomaly { + s.Priority = &v + return s +} + +// SetState sets the State field's value. +func (s *Anomaly) SetState(v string) *Anomaly { + s.State = &v + return s +} + +// SetSuppressed sets the Suppressed field's value. +func (s *Anomaly) SetSuppressed(v bool) *Anomaly { + s.Suppressed = &v + return s +} + +// SetSuppressedDate sets the SuppressedDate field's value. +func (s *Anomaly) SetSuppressedDate(v int64) *Anomaly { + s.SuppressedDate = &v + return s +} + +// SetSuppressedUntil sets the SuppressedUntil field's value. +func (s *Anomaly) SetSuppressedUntil(v int64) *Anomaly { + s.SuppressedUntil = &v + return s +} + +// Contains information about one anomaly detector in the account. +type AnomalyDetector struct { + _ struct{} `type:"structure"` + + // The ARN of the anomaly detector. + AnomalyDetectorArn *string `locationName:"anomalyDetectorArn" min:"1" type:"string"` + + // Specifies the current status of the anomaly detector. To pause an anomaly + // detector, use the enabled parameter in the UpdateLogAnomalyDetector (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_UpdateLogAnomalyDetector.html) + // operation. + AnomalyDetectorStatus *string `locationName:"anomalyDetectorStatus" type:"string" enum:"AnomalyDetectorStatus"` + + // The number of days used as the life cycle of anomalies. After this time, + // anomalies are automatically baselined and the anomaly detector model will + // treat new occurrences of similar event as normal. + AnomalyVisibilityTime *int64 `locationName:"anomalyVisibilityTime" min:"7" type:"long"` + + // The date and time when this anomaly detector was created. + CreationTimeStamp *int64 `locationName:"creationTimeStamp" type:"long"` + + // The name of the anomaly detector. + DetectorName *string `locationName:"detectorName" min:"1" type:"string"` + + // Specifies how often the anomaly detector runs and look for anomalies. + EvaluationFrequency *string `locationName:"evaluationFrequency" type:"string" enum:"EvaluationFrequency"` + + // A symbolic description of how CloudWatch Logs should interpret the data in + // each log event. For example, a log event can contain timestamps, IP addresses, + // strings, and so on. You use the filter pattern to specify what to look for + // in the log event message. + FilterPattern *string `locationName:"filterPattern" type:"string"` + + // The ID of the KMS key assigned to this anomaly detector, if any. + KmsKeyId *string `locationName:"kmsKeyId" type:"string"` + + // The date and time when this anomaly detector was most recently modified. + LastModifiedTimeStamp *int64 `locationName:"lastModifiedTimeStamp" type:"long"` + + // A list of the ARNs of the log groups that this anomaly detector watches. + LogGroupArnList []*string `locationName:"logGroupArnList" type:"list"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s AnomalyDetector) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s AnomalyDetector) GoString() string { + return s.String() +} + +// SetAnomalyDetectorArn sets the AnomalyDetectorArn field's value. +func (s *AnomalyDetector) SetAnomalyDetectorArn(v string) *AnomalyDetector { + s.AnomalyDetectorArn = &v + return s +} + +// SetAnomalyDetectorStatus sets the AnomalyDetectorStatus field's value. +func (s *AnomalyDetector) SetAnomalyDetectorStatus(v string) *AnomalyDetector { + s.AnomalyDetectorStatus = &v + return s +} + +// SetAnomalyVisibilityTime sets the AnomalyVisibilityTime field's value. +func (s *AnomalyDetector) SetAnomalyVisibilityTime(v int64) *AnomalyDetector { + s.AnomalyVisibilityTime = &v + return s +} + +// SetCreationTimeStamp sets the CreationTimeStamp field's value. +func (s *AnomalyDetector) SetCreationTimeStamp(v int64) *AnomalyDetector { + s.CreationTimeStamp = &v + return s +} + +// SetDetectorName sets the DetectorName field's value. +func (s *AnomalyDetector) SetDetectorName(v string) *AnomalyDetector { + s.DetectorName = &v + return s +} + +// SetEvaluationFrequency sets the EvaluationFrequency field's value. +func (s *AnomalyDetector) SetEvaluationFrequency(v string) *AnomalyDetector { + s.EvaluationFrequency = &v + return s +} + +// SetFilterPattern sets the FilterPattern field's value. +func (s *AnomalyDetector) SetFilterPattern(v string) *AnomalyDetector { + s.FilterPattern = &v + return s +} + +// SetKmsKeyId sets the KmsKeyId field's value. +func (s *AnomalyDetector) SetKmsKeyId(v string) *AnomalyDetector { + s.KmsKeyId = &v + return s +} + +// SetLastModifiedTimeStamp sets the LastModifiedTimeStamp field's value. +func (s *AnomalyDetector) SetLastModifiedTimeStamp(v int64) *AnomalyDetector { + s.LastModifiedTimeStamp = &v + return s +} + +// SetLogGroupArnList sets the LogGroupArnList field's value. +func (s *AnomalyDetector) SetLogGroupArnList(v []*string) *AnomalyDetector { + s.LogGroupArnList = v + return s +} + +type AssociateKmsKeyInput struct { + _ struct{} `type:"structure"` + + // The Amazon Resource Name (ARN) of the KMS key to use when encrypting log + // data. This must be a symmetric KMS key. For more information, see Amazon + // Resource Names (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html#arn-syntax-kms) + // and Using Symmetric and Asymmetric Keys (https://docs.aws.amazon.com/kms/latest/developerguide/symmetric-asymmetric.html). + // + // KmsKeyId is a required field + KmsKeyId *string `locationName:"kmsKeyId" type:"string" required:"true"` + + // The name of the log group. + // + // In your AssociateKmsKey operation, you must specify either the resourceIdentifier + // parameter or the logGroup parameter, but you can't specify both. + LogGroupName *string `locationName:"logGroupName" min:"1" type:"string"` + + // Specifies the target for this operation. You must specify one of the following: + // + // * Specify the following ARN to have future GetQueryResults (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_GetQueryResults.html) + // operations in this account encrypt the results with the specified KMS + // key. Replace REGION and ACCOUNT_ID with your Region and account ID. arn:aws:logs:REGION:ACCOUNT_ID:query-result:* + // + // * Specify the ARN of a log group to have CloudWatch Logs use the KMS key + // to encrypt log events that are ingested and stored by that log group. + // The log group ARN must be in the following format. Replace REGION and + // ACCOUNT_ID with your Region and account ID. arn:aws:logs:REGION:ACCOUNT_ID:log-group:LOG_GROUP_NAME + // + // In your AssociateKmsKey operation, you must specify either the resourceIdentifier + // parameter or the logGroup parameter, but you can't specify both. + ResourceIdentifier *string `locationName:"resourceIdentifier" min:"1" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s AssociateKmsKeyInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s AssociateKmsKeyInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *AssociateKmsKeyInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "AssociateKmsKeyInput"} + if s.KmsKeyId == nil { + invalidParams.Add(request.NewErrParamRequired("KmsKeyId")) + } + if s.LogGroupName != nil && len(*s.LogGroupName) < 1 { + invalidParams.Add(request.NewErrParamMinLen("LogGroupName", 1)) + } + if s.ResourceIdentifier != nil && len(*s.ResourceIdentifier) < 1 { + invalidParams.Add(request.NewErrParamMinLen("ResourceIdentifier", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetKmsKeyId sets the KmsKeyId field's value. +func (s *AssociateKmsKeyInput) SetKmsKeyId(v string) *AssociateKmsKeyInput { + s.KmsKeyId = &v + return s +} + +// SetLogGroupName sets the LogGroupName field's value. +func (s *AssociateKmsKeyInput) SetLogGroupName(v string) *AssociateKmsKeyInput { + s.LogGroupName = &v + return s +} + +// SetResourceIdentifier sets the ResourceIdentifier field's value. +func (s *AssociateKmsKeyInput) SetResourceIdentifier(v string) *AssociateKmsKeyInput { + s.ResourceIdentifier = &v + return s +} + +type AssociateKmsKeyOutput struct { + _ struct{} `type:"structure"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s AssociateKmsKeyOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s AssociateKmsKeyOutput) GoString() string { + return s.String() +} + +type CancelExportTaskInput struct { + _ struct{} `type:"structure"` + + // The ID of the export task. + // + // TaskId is a required field + TaskId *string `locationName:"taskId" min:"1" type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CancelExportTaskInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CancelExportTaskInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *CancelExportTaskInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "CancelExportTaskInput"} + if s.TaskId == nil { + invalidParams.Add(request.NewErrParamRequired("TaskId")) + } + if s.TaskId != nil && len(*s.TaskId) < 1 { + invalidParams.Add(request.NewErrParamMinLen("TaskId", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetTaskId sets the TaskId field's value. +func (s *CancelExportTaskInput) SetTaskId(v string) *CancelExportTaskInput { + s.TaskId = &v + return s +} + +type CancelExportTaskOutput struct { + _ struct{} `type:"structure"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CancelExportTaskOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CancelExportTaskOutput) GoString() string { + return s.String() +} + +// This operation attempted to create a resource that already exists. +type ConflictException struct { + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` + + Message_ *string `locationName:"message" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ConflictException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ConflictException) GoString() string { + return s.String() +} + +func newErrorConflictException(v protocol.ResponseMetadata) error { + return &ConflictException{ + RespMetadata: v, + } +} + +// Code returns the exception type name. +func (s *ConflictException) Code() string { + return "ConflictException" +} + +// Message returns the exception's message. +func (s *ConflictException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s *ConflictException) OrigErr() error { + return nil +} + +func (s *ConflictException) Error() string { + return fmt.Sprintf("%s: %s", s.Code(), s.Message()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s *ConflictException) StatusCode() int { + return s.RespMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s *ConflictException) RequestID() string { + return s.RespMetadata.RequestID +} + +type CreateDeliveryInput struct { + _ struct{} `type:"structure"` + + // The ARN of the delivery destination to use for this delivery. + // + // DeliveryDestinationArn is a required field + DeliveryDestinationArn *string `locationName:"deliveryDestinationArn" type:"string" required:"true"` + + // The name of the delivery source to use for this delivery. + // + // DeliverySourceName is a required field + DeliverySourceName *string `locationName:"deliverySourceName" min:"1" type:"string" required:"true"` + + // An optional list of key-value pairs to associate with the resource. + // + // For more information about tagging, see Tagging Amazon Web Services resources + // (https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) + Tags map[string]*string `locationName:"tags" min:"1" type:"map"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CreateDeliveryInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CreateDeliveryInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *CreateDeliveryInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "CreateDeliveryInput"} + if s.DeliveryDestinationArn == nil { + invalidParams.Add(request.NewErrParamRequired("DeliveryDestinationArn")) + } + if s.DeliverySourceName == nil { + invalidParams.Add(request.NewErrParamRequired("DeliverySourceName")) + } + if s.DeliverySourceName != nil && len(*s.DeliverySourceName) < 1 { + invalidParams.Add(request.NewErrParamMinLen("DeliverySourceName", 1)) + } + if s.Tags != nil && len(s.Tags) < 1 { + invalidParams.Add(request.NewErrParamMinLen("Tags", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDeliveryDestinationArn sets the DeliveryDestinationArn field's value. +func (s *CreateDeliveryInput) SetDeliveryDestinationArn(v string) *CreateDeliveryInput { + s.DeliveryDestinationArn = &v + return s +} + +// SetDeliverySourceName sets the DeliverySourceName field's value. +func (s *CreateDeliveryInput) SetDeliverySourceName(v string) *CreateDeliveryInput { + s.DeliverySourceName = &v + return s +} + +// SetTags sets the Tags field's value. +func (s *CreateDeliveryInput) SetTags(v map[string]*string) *CreateDeliveryInput { + s.Tags = v + return s +} + +type CreateDeliveryOutput struct { + _ struct{} `type:"structure"` + + // A structure that contains information about the delivery that you just created. + Delivery *Delivery `locationName:"delivery" type:"structure"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CreateDeliveryOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CreateDeliveryOutput) GoString() string { + return s.String() +} + +// SetDelivery sets the Delivery field's value. +func (s *CreateDeliveryOutput) SetDelivery(v *Delivery) *CreateDeliveryOutput { + s.Delivery = v + return s +} + +type CreateExportTaskInput struct { + _ struct{} `type:"structure"` + + // The name of S3 bucket for the exported log data. The bucket must be in the + // same Amazon Web Services Region. + // + // Destination is a required field + Destination *string `locationName:"destination" min:"1" type:"string" required:"true"` + + // The prefix used as the start of the key for every object exported. If you + // don't specify a value, the default is exportedlogs. + DestinationPrefix *string `locationName:"destinationPrefix" type:"string"` + + // The start time of the range for the request, expressed as the number of milliseconds + // after Jan 1, 1970 00:00:00 UTC. Events with a timestamp earlier than this + // time are not exported. + // + // From is a required field + From *int64 `locationName:"from" type:"long" required:"true"` + + // The name of the log group. + // + // LogGroupName is a required field + LogGroupName *string `locationName:"logGroupName" min:"1" type:"string" required:"true"` + + // Export only log streams that match the provided prefix. If you don't specify + // a value, no prefix filter is applied. + LogStreamNamePrefix *string `locationName:"logStreamNamePrefix" min:"1" type:"string"` + + // The name of the export task. + TaskName *string `locationName:"taskName" min:"1" type:"string"` + + // The end time of the range for the request, expressed as the number of milliseconds + // after Jan 1, 1970 00:00:00 UTC. Events with a timestamp later than this time + // are not exported. + // + // You must specify a time that is not earlier than when this log group was + // created. + // + // To is a required field + To *int64 `locationName:"to" type:"long" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CreateExportTaskInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CreateExportTaskInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *CreateExportTaskInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "CreateExportTaskInput"} + if s.Destination == nil { + invalidParams.Add(request.NewErrParamRequired("Destination")) + } + if s.Destination != nil && len(*s.Destination) < 1 { + invalidParams.Add(request.NewErrParamMinLen("Destination", 1)) + } + if s.From == nil { + invalidParams.Add(request.NewErrParamRequired("From")) + } + if s.LogGroupName == nil { + invalidParams.Add(request.NewErrParamRequired("LogGroupName")) + } + if s.LogGroupName != nil && len(*s.LogGroupName) < 1 { + invalidParams.Add(request.NewErrParamMinLen("LogGroupName", 1)) + } + if s.LogStreamNamePrefix != nil && len(*s.LogStreamNamePrefix) < 1 { + invalidParams.Add(request.NewErrParamMinLen("LogStreamNamePrefix", 1)) + } + if s.TaskName != nil && len(*s.TaskName) < 1 { + invalidParams.Add(request.NewErrParamMinLen("TaskName", 1)) + } + if s.To == nil { + invalidParams.Add(request.NewErrParamRequired("To")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDestination sets the Destination field's value. +func (s *CreateExportTaskInput) SetDestination(v string) *CreateExportTaskInput { + s.Destination = &v + return s +} + +// SetDestinationPrefix sets the DestinationPrefix field's value. +func (s *CreateExportTaskInput) SetDestinationPrefix(v string) *CreateExportTaskInput { + s.DestinationPrefix = &v + return s +} + +// SetFrom sets the From field's value. +func (s *CreateExportTaskInput) SetFrom(v int64) *CreateExportTaskInput { + s.From = &v + return s +} + +// SetLogGroupName sets the LogGroupName field's value. +func (s *CreateExportTaskInput) SetLogGroupName(v string) *CreateExportTaskInput { + s.LogGroupName = &v + return s +} + +// SetLogStreamNamePrefix sets the LogStreamNamePrefix field's value. +func (s *CreateExportTaskInput) SetLogStreamNamePrefix(v string) *CreateExportTaskInput { + s.LogStreamNamePrefix = &v + return s +} + +// SetTaskName sets the TaskName field's value. +func (s *CreateExportTaskInput) SetTaskName(v string) *CreateExportTaskInput { + s.TaskName = &v + return s +} + +// SetTo sets the To field's value. +func (s *CreateExportTaskInput) SetTo(v int64) *CreateExportTaskInput { + s.To = &v + return s +} + +type CreateExportTaskOutput struct { + _ struct{} `type:"structure"` + + // The ID of the export task. + TaskId *string `locationName:"taskId" min:"1" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CreateExportTaskOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CreateExportTaskOutput) GoString() string { + return s.String() +} + +// SetTaskId sets the TaskId field's value. +func (s *CreateExportTaskOutput) SetTaskId(v string) *CreateExportTaskOutput { + s.TaskId = &v + return s +} + +type CreateLogAnomalyDetectorInput struct { + _ struct{} `type:"structure"` + + // The number of days to have visibility on an anomaly. After this time period + // has elapsed for an anomaly, it will be automatically baselined and the anomaly + // detector will treat new occurrences of a similar anomaly as normal. Therefore, + // if you do not correct the cause of an anomaly during the time period specified + // in anomalyVisibilityTime, it will be considered normal going forward and + // will not be detected as an anomaly. + AnomalyVisibilityTime *int64 `locationName:"anomalyVisibilityTime" min:"7" type:"long"` + + // A name for this anomaly detector. + DetectorName *string `locationName:"detectorName" min:"1" type:"string"` + + // Specifies how often the anomaly detector is to run and look for anomalies. + // Set this value according to the frequency that the log group receives new + // logs. For example, if the log group receives new log events every 10 minutes, + // then 15 minutes might be a good setting for evaluationFrequency . + EvaluationFrequency *string `locationName:"evaluationFrequency" type:"string" enum:"EvaluationFrequency"` + + // You can use this parameter to limit the anomaly detection model to examine + // only log events that match the pattern you specify here. For more information, + // see Filter and Pattern Syntax (https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/FilterAndPatternSyntax.html). + FilterPattern *string `locationName:"filterPattern" type:"string"` + + // Optionally assigns a KMS key to secure this anomaly detector and its findings. + // If a key is assigned, the anomalies found and the model used by this detector + // are encrypted at rest with the key. If a key is assigned to an anomaly detector, + // a user must have permissions for both this key and for the anomaly detector + // to retrieve information about the anomalies that it finds. + // + // For more information about using a KMS key and to see the required IAM policy, + // see Use a KMS key with an anomaly detector (https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/LogsAnomalyDetection-KMS.html). + KmsKeyId *string `locationName:"kmsKeyId" type:"string"` + + // An array containing the ARN of the log group that this anomaly detector will + // watch. You can specify only one log group ARN. + // + // LogGroupArnList is a required field + LogGroupArnList []*string `locationName:"logGroupArnList" type:"list" required:"true"` + + // An optional list of key-value pairs to associate with the resource. + // + // For more information about tagging, see Tagging Amazon Web Services resources + // (https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) + Tags map[string]*string `locationName:"tags" min:"1" type:"map"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CreateLogAnomalyDetectorInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CreateLogAnomalyDetectorInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *CreateLogAnomalyDetectorInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "CreateLogAnomalyDetectorInput"} + if s.AnomalyVisibilityTime != nil && *s.AnomalyVisibilityTime < 7 { + invalidParams.Add(request.NewErrParamMinValue("AnomalyVisibilityTime", 7)) + } + if s.DetectorName != nil && len(*s.DetectorName) < 1 { + invalidParams.Add(request.NewErrParamMinLen("DetectorName", 1)) + } + if s.LogGroupArnList == nil { + invalidParams.Add(request.NewErrParamRequired("LogGroupArnList")) + } + if s.Tags != nil && len(s.Tags) < 1 { + invalidParams.Add(request.NewErrParamMinLen("Tags", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetAnomalyVisibilityTime sets the AnomalyVisibilityTime field's value. +func (s *CreateLogAnomalyDetectorInput) SetAnomalyVisibilityTime(v int64) *CreateLogAnomalyDetectorInput { + s.AnomalyVisibilityTime = &v + return s +} + +// SetDetectorName sets the DetectorName field's value. +func (s *CreateLogAnomalyDetectorInput) SetDetectorName(v string) *CreateLogAnomalyDetectorInput { + s.DetectorName = &v + return s +} + +// SetEvaluationFrequency sets the EvaluationFrequency field's value. +func (s *CreateLogAnomalyDetectorInput) SetEvaluationFrequency(v string) *CreateLogAnomalyDetectorInput { + s.EvaluationFrequency = &v + return s +} + +// SetFilterPattern sets the FilterPattern field's value. +func (s *CreateLogAnomalyDetectorInput) SetFilterPattern(v string) *CreateLogAnomalyDetectorInput { + s.FilterPattern = &v + return s +} + +// SetKmsKeyId sets the KmsKeyId field's value. +func (s *CreateLogAnomalyDetectorInput) SetKmsKeyId(v string) *CreateLogAnomalyDetectorInput { + s.KmsKeyId = &v + return s +} + +// SetLogGroupArnList sets the LogGroupArnList field's value. +func (s *CreateLogAnomalyDetectorInput) SetLogGroupArnList(v []*string) *CreateLogAnomalyDetectorInput { + s.LogGroupArnList = v + return s +} + +// SetTags sets the Tags field's value. +func (s *CreateLogAnomalyDetectorInput) SetTags(v map[string]*string) *CreateLogAnomalyDetectorInput { + s.Tags = v + return s +} + +type CreateLogAnomalyDetectorOutput struct { + _ struct{} `type:"structure"` + + // The ARN of the log anomaly detector that you just created. + AnomalyDetectorArn *string `locationName:"anomalyDetectorArn" min:"1" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CreateLogAnomalyDetectorOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CreateLogAnomalyDetectorOutput) GoString() string { + return s.String() +} + +// SetAnomalyDetectorArn sets the AnomalyDetectorArn field's value. +func (s *CreateLogAnomalyDetectorOutput) SetAnomalyDetectorArn(v string) *CreateLogAnomalyDetectorOutput { + s.AnomalyDetectorArn = &v + return s +} + +type CreateLogGroupInput struct { + _ struct{} `type:"structure"` + + // The Amazon Resource Name (ARN) of the KMS key to use when encrypting log + // data. For more information, see Amazon Resource Names (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html#arn-syntax-kms). + KmsKeyId *string `locationName:"kmsKeyId" type:"string"` + + // Use this parameter to specify the log group class for this log group. There + // are two classes: + // + // * The Standard log class supports all CloudWatch Logs features. + // + // * The Infrequent Access log class supports a subset of CloudWatch Logs + // features and incurs lower costs. + // + // If you omit this parameter, the default of STANDARD is used. + // + // The value of logGroupClass can't be changed after a log group is created. + // + // For details about the features supported by each class, see Log classes (https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch_Logs_Log_Classes.html) + LogGroupClass *string `locationName:"logGroupClass" type:"string" enum:"LogGroupClass"` + + // A name for the log group. + // + // LogGroupName is a required field + LogGroupName *string `locationName:"logGroupName" min:"1" type:"string" required:"true"` + + // The key-value pairs to use for the tags. + // + // You can grant users access to certain log groups while preventing them from + // accessing other log groups. To do so, tag your groups and use IAM policies + // that refer to those tags. To assign tags when you create a log group, you + // must have either the logs:TagResource or logs:TagLogGroup permission. For + // more information about tagging, see Tagging Amazon Web Services resources + // (https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html). For more + // information about using tags to control access, see Controlling access to + // Amazon Web Services resources using tags (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_tags.html). + Tags map[string]*string `locationName:"tags" min:"1" type:"map"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CreateLogGroupInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CreateLogGroupInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *CreateLogGroupInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "CreateLogGroupInput"} + if s.LogGroupName == nil { + invalidParams.Add(request.NewErrParamRequired("LogGroupName")) + } + if s.LogGroupName != nil && len(*s.LogGroupName) < 1 { + invalidParams.Add(request.NewErrParamMinLen("LogGroupName", 1)) + } + if s.Tags != nil && len(s.Tags) < 1 { + invalidParams.Add(request.NewErrParamMinLen("Tags", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil } // SetKmsKeyId sets the KmsKeyId field's value. -func (s *AssociateKmsKeyInput) SetKmsKeyId(v string) *AssociateKmsKeyInput { +func (s *CreateLogGroupInput) SetKmsKeyId(v string) *CreateLogGroupInput { s.KmsKeyId = &v return s } +// SetLogGroupClass sets the LogGroupClass field's value. +func (s *CreateLogGroupInput) SetLogGroupClass(v string) *CreateLogGroupInput { + s.LogGroupClass = &v + return s +} + +// SetLogGroupName sets the LogGroupName field's value. +func (s *CreateLogGroupInput) SetLogGroupName(v string) *CreateLogGroupInput { + s.LogGroupName = &v + return s +} + +// SetTags sets the Tags field's value. +func (s *CreateLogGroupInput) SetTags(v map[string]*string) *CreateLogGroupInput { + s.Tags = v + return s +} + +type CreateLogGroupOutput struct { + _ struct{} `type:"structure"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CreateLogGroupOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CreateLogGroupOutput) GoString() string { + return s.String() +} + +type CreateLogStreamInput struct { + _ struct{} `type:"structure"` + + // The name of the log group. + // + // LogGroupName is a required field + LogGroupName *string `locationName:"logGroupName" min:"1" type:"string" required:"true"` + + // The name of the log stream. + // + // LogStreamName is a required field + LogStreamName *string `locationName:"logStreamName" min:"1" type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CreateLogStreamInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CreateLogStreamInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *CreateLogStreamInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "CreateLogStreamInput"} + if s.LogGroupName == nil { + invalidParams.Add(request.NewErrParamRequired("LogGroupName")) + } + if s.LogGroupName != nil && len(*s.LogGroupName) < 1 { + invalidParams.Add(request.NewErrParamMinLen("LogGroupName", 1)) + } + if s.LogStreamName == nil { + invalidParams.Add(request.NewErrParamRequired("LogStreamName")) + } + if s.LogStreamName != nil && len(*s.LogStreamName) < 1 { + invalidParams.Add(request.NewErrParamMinLen("LogStreamName", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetLogGroupName sets the LogGroupName field's value. +func (s *CreateLogStreamInput) SetLogGroupName(v string) *CreateLogStreamInput { + s.LogGroupName = &v + return s +} + +// SetLogStreamName sets the LogStreamName field's value. +func (s *CreateLogStreamInput) SetLogStreamName(v string) *CreateLogStreamInput { + s.LogStreamName = &v + return s +} + +type CreateLogStreamOutput struct { + _ struct{} `type:"structure"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CreateLogStreamOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CreateLogStreamOutput) GoString() string { + return s.String() +} + +// The event was already logged. +// +// PutLogEvents actions are now always accepted and never return DataAlreadyAcceptedException +// regardless of whether a given batch of log events has already been accepted. +type DataAlreadyAcceptedException struct { + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` + + ExpectedSequenceToken *string `locationName:"expectedSequenceToken" min:"1" type:"string"` + + Message_ *string `locationName:"message" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DataAlreadyAcceptedException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DataAlreadyAcceptedException) GoString() string { + return s.String() +} + +func newErrorDataAlreadyAcceptedException(v protocol.ResponseMetadata) error { + return &DataAlreadyAcceptedException{ + RespMetadata: v, + } +} + +// Code returns the exception type name. +func (s *DataAlreadyAcceptedException) Code() string { + return "DataAlreadyAcceptedException" +} + +// Message returns the exception's message. +func (s *DataAlreadyAcceptedException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s *DataAlreadyAcceptedException) OrigErr() error { + return nil +} + +func (s *DataAlreadyAcceptedException) Error() string { + return fmt.Sprintf("%s: %s\n%s", s.Code(), s.Message(), s.String()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s *DataAlreadyAcceptedException) StatusCode() int { + return s.RespMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s *DataAlreadyAcceptedException) RequestID() string { + return s.RespMetadata.RequestID +} + +type DeleteAccountPolicyInput struct { + _ struct{} `type:"structure"` + + // The name of the policy to delete. + // + // PolicyName is a required field + PolicyName *string `locationName:"policyName" type:"string" required:"true"` + + // The type of policy to delete. + // + // PolicyType is a required field + PolicyType *string `locationName:"policyType" type:"string" required:"true" enum:"PolicyType"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DeleteAccountPolicyInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DeleteAccountPolicyInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DeleteAccountPolicyInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DeleteAccountPolicyInput"} + if s.PolicyName == nil { + invalidParams.Add(request.NewErrParamRequired("PolicyName")) + } + if s.PolicyType == nil { + invalidParams.Add(request.NewErrParamRequired("PolicyType")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetPolicyName sets the PolicyName field's value. +func (s *DeleteAccountPolicyInput) SetPolicyName(v string) *DeleteAccountPolicyInput { + s.PolicyName = &v + return s +} + +// SetPolicyType sets the PolicyType field's value. +func (s *DeleteAccountPolicyInput) SetPolicyType(v string) *DeleteAccountPolicyInput { + s.PolicyType = &v + return s +} + +type DeleteAccountPolicyOutput struct { + _ struct{} `type:"structure"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DeleteAccountPolicyOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DeleteAccountPolicyOutput) GoString() string { + return s.String() +} + +type DeleteDataProtectionPolicyInput struct { + _ struct{} `type:"structure"` + + // The name or ARN of the log group that you want to delete the data protection + // policy for. + // + // LogGroupIdentifier is a required field + LogGroupIdentifier *string `locationName:"logGroupIdentifier" min:"1" type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DeleteDataProtectionPolicyInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DeleteDataProtectionPolicyInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DeleteDataProtectionPolicyInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DeleteDataProtectionPolicyInput"} + if s.LogGroupIdentifier == nil { + invalidParams.Add(request.NewErrParamRequired("LogGroupIdentifier")) + } + if s.LogGroupIdentifier != nil && len(*s.LogGroupIdentifier) < 1 { + invalidParams.Add(request.NewErrParamMinLen("LogGroupIdentifier", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetLogGroupIdentifier sets the LogGroupIdentifier field's value. +func (s *DeleteDataProtectionPolicyInput) SetLogGroupIdentifier(v string) *DeleteDataProtectionPolicyInput { + s.LogGroupIdentifier = &v + return s +} + +type DeleteDataProtectionPolicyOutput struct { + _ struct{} `type:"structure"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DeleteDataProtectionPolicyOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DeleteDataProtectionPolicyOutput) GoString() string { + return s.String() +} + +type DeleteDeliveryDestinationInput struct { + _ struct{} `type:"structure"` + + // The name of the delivery destination that you want to delete. You can find + // a list of delivery destionation names by using the DescribeDeliveryDestinations + // (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_DescribeDeliveryDestinations.html) + // operation. + // + // Name is a required field + Name *string `locationName:"name" min:"1" type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DeleteDeliveryDestinationInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DeleteDeliveryDestinationInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DeleteDeliveryDestinationInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DeleteDeliveryDestinationInput"} + if s.Name == nil { + invalidParams.Add(request.NewErrParamRequired("Name")) + } + if s.Name != nil && len(*s.Name) < 1 { + invalidParams.Add(request.NewErrParamMinLen("Name", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetName sets the Name field's value. +func (s *DeleteDeliveryDestinationInput) SetName(v string) *DeleteDeliveryDestinationInput { + s.Name = &v + return s +} + +type DeleteDeliveryDestinationOutput struct { + _ struct{} `type:"structure"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DeleteDeliveryDestinationOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DeleteDeliveryDestinationOutput) GoString() string { + return s.String() +} + +type DeleteDeliveryDestinationPolicyInput struct { + _ struct{} `type:"structure"` + + // The name of the delivery destination that you want to delete the policy for. + // + // DeliveryDestinationName is a required field + DeliveryDestinationName *string `locationName:"deliveryDestinationName" min:"1" type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DeleteDeliveryDestinationPolicyInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DeleteDeliveryDestinationPolicyInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DeleteDeliveryDestinationPolicyInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DeleteDeliveryDestinationPolicyInput"} + if s.DeliveryDestinationName == nil { + invalidParams.Add(request.NewErrParamRequired("DeliveryDestinationName")) + } + if s.DeliveryDestinationName != nil && len(*s.DeliveryDestinationName) < 1 { + invalidParams.Add(request.NewErrParamMinLen("DeliveryDestinationName", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDeliveryDestinationName sets the DeliveryDestinationName field's value. +func (s *DeleteDeliveryDestinationPolicyInput) SetDeliveryDestinationName(v string) *DeleteDeliveryDestinationPolicyInput { + s.DeliveryDestinationName = &v + return s +} + +type DeleteDeliveryDestinationPolicyOutput struct { + _ struct{} `type:"structure"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DeleteDeliveryDestinationPolicyOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DeleteDeliveryDestinationPolicyOutput) GoString() string { + return s.String() +} + +type DeleteDeliveryInput struct { + _ struct{} `type:"structure"` + + // The unique ID of the delivery to delete. You can find the ID of a delivery + // with the DescribeDeliveries (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_DescribeDeliveries.html) + // operation. + // + // Id is a required field + Id *string `locationName:"id" min:"1" type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DeleteDeliveryInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DeleteDeliveryInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DeleteDeliveryInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DeleteDeliveryInput"} + if s.Id == nil { + invalidParams.Add(request.NewErrParamRequired("Id")) + } + if s.Id != nil && len(*s.Id) < 1 { + invalidParams.Add(request.NewErrParamMinLen("Id", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetId sets the Id field's value. +func (s *DeleteDeliveryInput) SetId(v string) *DeleteDeliveryInput { + s.Id = &v + return s +} + +type DeleteDeliveryOutput struct { + _ struct{} `type:"structure"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DeleteDeliveryOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DeleteDeliveryOutput) GoString() string { + return s.String() +} + +type DeleteDeliverySourceInput struct { + _ struct{} `type:"structure"` + + // The name of the delivery source that you want to delete. + // + // Name is a required field + Name *string `locationName:"name" min:"1" type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DeleteDeliverySourceInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DeleteDeliverySourceInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DeleteDeliverySourceInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DeleteDeliverySourceInput"} + if s.Name == nil { + invalidParams.Add(request.NewErrParamRequired("Name")) + } + if s.Name != nil && len(*s.Name) < 1 { + invalidParams.Add(request.NewErrParamMinLen("Name", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetName sets the Name field's value. +func (s *DeleteDeliverySourceInput) SetName(v string) *DeleteDeliverySourceInput { + s.Name = &v + return s +} + +type DeleteDeliverySourceOutput struct { + _ struct{} `type:"structure"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DeleteDeliverySourceOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DeleteDeliverySourceOutput) GoString() string { + return s.String() +} + +type DeleteDestinationInput struct { + _ struct{} `type:"structure"` + + // The name of the destination. + // + // DestinationName is a required field + DestinationName *string `locationName:"destinationName" min:"1" type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DeleteDestinationInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DeleteDestinationInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DeleteDestinationInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DeleteDestinationInput"} + if s.DestinationName == nil { + invalidParams.Add(request.NewErrParamRequired("DestinationName")) + } + if s.DestinationName != nil && len(*s.DestinationName) < 1 { + invalidParams.Add(request.NewErrParamMinLen("DestinationName", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDestinationName sets the DestinationName field's value. +func (s *DeleteDestinationInput) SetDestinationName(v string) *DeleteDestinationInput { + s.DestinationName = &v + return s +} + +type DeleteDestinationOutput struct { + _ struct{} `type:"structure"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DeleteDestinationOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DeleteDestinationOutput) GoString() string { + return s.String() +} + +type DeleteLogAnomalyDetectorInput struct { + _ struct{} `type:"structure"` + + // The ARN of the anomaly detector to delete. You can find the ARNs of log anomaly + // detectors in your account by using the ListLogAnomalyDetectors (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_ListLogAnomalyDetectors.html) + // operation. + // + // AnomalyDetectorArn is a required field + AnomalyDetectorArn *string `locationName:"anomalyDetectorArn" min:"1" type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DeleteLogAnomalyDetectorInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DeleteLogAnomalyDetectorInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DeleteLogAnomalyDetectorInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DeleteLogAnomalyDetectorInput"} + if s.AnomalyDetectorArn == nil { + invalidParams.Add(request.NewErrParamRequired("AnomalyDetectorArn")) + } + if s.AnomalyDetectorArn != nil && len(*s.AnomalyDetectorArn) < 1 { + invalidParams.Add(request.NewErrParamMinLen("AnomalyDetectorArn", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetAnomalyDetectorArn sets the AnomalyDetectorArn field's value. +func (s *DeleteLogAnomalyDetectorInput) SetAnomalyDetectorArn(v string) *DeleteLogAnomalyDetectorInput { + s.AnomalyDetectorArn = &v + return s +} + +type DeleteLogAnomalyDetectorOutput struct { + _ struct{} `type:"structure"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DeleteLogAnomalyDetectorOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DeleteLogAnomalyDetectorOutput) GoString() string { + return s.String() +} + +type DeleteLogGroupInput struct { + _ struct{} `type:"structure"` + + // The name of the log group. + // + // LogGroupName is a required field + LogGroupName *string `locationName:"logGroupName" min:"1" type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DeleteLogGroupInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DeleteLogGroupInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DeleteLogGroupInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DeleteLogGroupInput"} + if s.LogGroupName == nil { + invalidParams.Add(request.NewErrParamRequired("LogGroupName")) + } + if s.LogGroupName != nil && len(*s.LogGroupName) < 1 { + invalidParams.Add(request.NewErrParamMinLen("LogGroupName", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetLogGroupName sets the LogGroupName field's value. +func (s *DeleteLogGroupInput) SetLogGroupName(v string) *DeleteLogGroupInput { + s.LogGroupName = &v + return s +} + +type DeleteLogGroupOutput struct { + _ struct{} `type:"structure"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DeleteLogGroupOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DeleteLogGroupOutput) GoString() string { + return s.String() +} + +type DeleteLogStreamInput struct { + _ struct{} `type:"structure"` + + // The name of the log group. + // + // LogGroupName is a required field + LogGroupName *string `locationName:"logGroupName" min:"1" type:"string" required:"true"` + + // The name of the log stream. + // + // LogStreamName is a required field + LogStreamName *string `locationName:"logStreamName" min:"1" type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DeleteLogStreamInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DeleteLogStreamInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DeleteLogStreamInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DeleteLogStreamInput"} + if s.LogGroupName == nil { + invalidParams.Add(request.NewErrParamRequired("LogGroupName")) + } + if s.LogGroupName != nil && len(*s.LogGroupName) < 1 { + invalidParams.Add(request.NewErrParamMinLen("LogGroupName", 1)) + } + if s.LogStreamName == nil { + invalidParams.Add(request.NewErrParamRequired("LogStreamName")) + } + if s.LogStreamName != nil && len(*s.LogStreamName) < 1 { + invalidParams.Add(request.NewErrParamMinLen("LogStreamName", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetLogGroupName sets the LogGroupName field's value. +func (s *DeleteLogStreamInput) SetLogGroupName(v string) *DeleteLogStreamInput { + s.LogGroupName = &v + return s +} + +// SetLogStreamName sets the LogStreamName field's value. +func (s *DeleteLogStreamInput) SetLogStreamName(v string) *DeleteLogStreamInput { + s.LogStreamName = &v + return s +} + +type DeleteLogStreamOutput struct { + _ struct{} `type:"structure"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DeleteLogStreamOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DeleteLogStreamOutput) GoString() string { + return s.String() +} + +type DeleteMetricFilterInput struct { + _ struct{} `type:"structure"` + + // The name of the metric filter. + // + // FilterName is a required field + FilterName *string `locationName:"filterName" min:"1" type:"string" required:"true"` + + // The name of the log group. + // + // LogGroupName is a required field + LogGroupName *string `locationName:"logGroupName" min:"1" type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DeleteMetricFilterInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DeleteMetricFilterInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DeleteMetricFilterInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DeleteMetricFilterInput"} + if s.FilterName == nil { + invalidParams.Add(request.NewErrParamRequired("FilterName")) + } + if s.FilterName != nil && len(*s.FilterName) < 1 { + invalidParams.Add(request.NewErrParamMinLen("FilterName", 1)) + } + if s.LogGroupName == nil { + invalidParams.Add(request.NewErrParamRequired("LogGroupName")) + } + if s.LogGroupName != nil && len(*s.LogGroupName) < 1 { + invalidParams.Add(request.NewErrParamMinLen("LogGroupName", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetFilterName sets the FilterName field's value. +func (s *DeleteMetricFilterInput) SetFilterName(v string) *DeleteMetricFilterInput { + s.FilterName = &v + return s +} + +// SetLogGroupName sets the LogGroupName field's value. +func (s *DeleteMetricFilterInput) SetLogGroupName(v string) *DeleteMetricFilterInput { + s.LogGroupName = &v + return s +} + +type DeleteMetricFilterOutput struct { + _ struct{} `type:"structure"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DeleteMetricFilterOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DeleteMetricFilterOutput) GoString() string { + return s.String() +} + +type DeleteQueryDefinitionInput struct { + _ struct{} `type:"structure"` + + // The ID of the query definition that you want to delete. You can use DescribeQueryDefinitions + // (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_DescribeQueryDefinitions.html) + // to retrieve the IDs of your saved query definitions. + // + // QueryDefinitionId is a required field + QueryDefinitionId *string `locationName:"queryDefinitionId" type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DeleteQueryDefinitionInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DeleteQueryDefinitionInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DeleteQueryDefinitionInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DeleteQueryDefinitionInput"} + if s.QueryDefinitionId == nil { + invalidParams.Add(request.NewErrParamRequired("QueryDefinitionId")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetQueryDefinitionId sets the QueryDefinitionId field's value. +func (s *DeleteQueryDefinitionInput) SetQueryDefinitionId(v string) *DeleteQueryDefinitionInput { + s.QueryDefinitionId = &v + return s +} + +type DeleteQueryDefinitionOutput struct { + _ struct{} `type:"structure"` + + // A value of TRUE indicates that the operation succeeded. FALSE indicates that + // the operation failed. + Success *bool `locationName:"success" type:"boolean"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DeleteQueryDefinitionOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DeleteQueryDefinitionOutput) GoString() string { + return s.String() +} + +// SetSuccess sets the Success field's value. +func (s *DeleteQueryDefinitionOutput) SetSuccess(v bool) *DeleteQueryDefinitionOutput { + s.Success = &v + return s +} + +type DeleteResourcePolicyInput struct { + _ struct{} `type:"structure"` + + // The name of the policy to be revoked. This parameter is required. + PolicyName *string `locationName:"policyName" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DeleteResourcePolicyInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DeleteResourcePolicyInput) GoString() string { + return s.String() +} + +// SetPolicyName sets the PolicyName field's value. +func (s *DeleteResourcePolicyInput) SetPolicyName(v string) *DeleteResourcePolicyInput { + s.PolicyName = &v + return s +} + +type DeleteResourcePolicyOutput struct { + _ struct{} `type:"structure"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DeleteResourcePolicyOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DeleteResourcePolicyOutput) GoString() string { + return s.String() +} + +type DeleteRetentionPolicyInput struct { + _ struct{} `type:"structure"` + + // The name of the log group. + // + // LogGroupName is a required field + LogGroupName *string `locationName:"logGroupName" min:"1" type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DeleteRetentionPolicyInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DeleteRetentionPolicyInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DeleteRetentionPolicyInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DeleteRetentionPolicyInput"} + if s.LogGroupName == nil { + invalidParams.Add(request.NewErrParamRequired("LogGroupName")) + } + if s.LogGroupName != nil && len(*s.LogGroupName) < 1 { + invalidParams.Add(request.NewErrParamMinLen("LogGroupName", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetLogGroupName sets the LogGroupName field's value. +func (s *DeleteRetentionPolicyInput) SetLogGroupName(v string) *DeleteRetentionPolicyInput { + s.LogGroupName = &v + return s +} + +type DeleteRetentionPolicyOutput struct { + _ struct{} `type:"structure"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DeleteRetentionPolicyOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DeleteRetentionPolicyOutput) GoString() string { + return s.String() +} + +type DeleteSubscriptionFilterInput struct { + _ struct{} `type:"structure"` + + // The name of the subscription filter. + // + // FilterName is a required field + FilterName *string `locationName:"filterName" min:"1" type:"string" required:"true"` + + // The name of the log group. + // + // LogGroupName is a required field + LogGroupName *string `locationName:"logGroupName" min:"1" type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DeleteSubscriptionFilterInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DeleteSubscriptionFilterInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DeleteSubscriptionFilterInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DeleteSubscriptionFilterInput"} + if s.FilterName == nil { + invalidParams.Add(request.NewErrParamRequired("FilterName")) + } + if s.FilterName != nil && len(*s.FilterName) < 1 { + invalidParams.Add(request.NewErrParamMinLen("FilterName", 1)) + } + if s.LogGroupName == nil { + invalidParams.Add(request.NewErrParamRequired("LogGroupName")) + } + if s.LogGroupName != nil && len(*s.LogGroupName) < 1 { + invalidParams.Add(request.NewErrParamMinLen("LogGroupName", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetFilterName sets the FilterName field's value. +func (s *DeleteSubscriptionFilterInput) SetFilterName(v string) *DeleteSubscriptionFilterInput { + s.FilterName = &v + return s +} + +// SetLogGroupName sets the LogGroupName field's value. +func (s *DeleteSubscriptionFilterInput) SetLogGroupName(v string) *DeleteSubscriptionFilterInput { + s.LogGroupName = &v + return s +} + +type DeleteSubscriptionFilterOutput struct { + _ struct{} `type:"structure"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DeleteSubscriptionFilterOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DeleteSubscriptionFilterOutput) GoString() string { + return s.String() +} + +// This structure contains information about one delivery in your account. +// +// A delivery is a connection between a logical delivery source and a logical +// delivery destination. +// +// For more information, see CreateDelivery (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_CreateDelivery.html). +// +// You can't update an existing delivery. You can only create and delete deliveries. +type Delivery struct { + _ struct{} `type:"structure"` + + // The Amazon Resource Name (ARN) that uniquely identifies this delivery. + Arn *string `locationName:"arn" type:"string"` + + // The ARN of the delivery destination that is associated with this delivery. + DeliveryDestinationArn *string `locationName:"deliveryDestinationArn" type:"string"` + + // Displays whether the delivery destination associated with this delivery is + // CloudWatch Logs, Amazon S3, or Firehose. + DeliveryDestinationType *string `locationName:"deliveryDestinationType" type:"string" enum:"DeliveryDestinationType"` + + // The name of the delivery source that is associated with this delivery. + DeliverySourceName *string `locationName:"deliverySourceName" min:"1" type:"string"` + + // The unique ID that identifies this delivery in your account. + Id *string `locationName:"id" min:"1" type:"string"` + + // The tags that have been assigned to this delivery. + Tags map[string]*string `locationName:"tags" min:"1" type:"map"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s Delivery) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s Delivery) GoString() string { + return s.String() +} + +// SetArn sets the Arn field's value. +func (s *Delivery) SetArn(v string) *Delivery { + s.Arn = &v + return s +} + +// SetDeliveryDestinationArn sets the DeliveryDestinationArn field's value. +func (s *Delivery) SetDeliveryDestinationArn(v string) *Delivery { + s.DeliveryDestinationArn = &v + return s +} + +// SetDeliveryDestinationType sets the DeliveryDestinationType field's value. +func (s *Delivery) SetDeliveryDestinationType(v string) *Delivery { + s.DeliveryDestinationType = &v + return s +} + +// SetDeliverySourceName sets the DeliverySourceName field's value. +func (s *Delivery) SetDeliverySourceName(v string) *Delivery { + s.DeliverySourceName = &v + return s +} + +// SetId sets the Id field's value. +func (s *Delivery) SetId(v string) *Delivery { + s.Id = &v + return s +} + +// SetTags sets the Tags field's value. +func (s *Delivery) SetTags(v map[string]*string) *Delivery { + s.Tags = v + return s +} + +// This structure contains information about one delivery destination in your +// account. A delivery destination is an Amazon Web Services resource that represents +// an Amazon Web Services service that logs can be sent to. CloudWatch Logs, +// Amazon S3, are supported as Firehose delivery destinations. +// +// To configure logs delivery between a supported Amazon Web Services service +// and a destination, you must do the following: +// +// - Create a delivery source, which is a logical object that represents +// the resource that is actually sending the logs. For more information, +// see PutDeliverySource (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutDeliverySource.html). +// +// - Create a delivery destination, which is a logical object that represents +// the actual delivery destination. +// +// - If you are delivering logs cross-account, you must use PutDeliveryDestinationPolicy +// (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutDeliveryDestinationPolicy.html) +// in the destination account to assign an IAM policy to the destination. +// This policy allows delivery to that destination. +// +// - Create a delivery by pairing exactly one delivery source and one delivery +// destination. For more information, see CreateDelivery (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_CreateDelivery.html). +// +// You can configure a single delivery source to send logs to multiple destinations +// by creating multiple deliveries. You can also create multiple deliveries +// to configure multiple delivery sources to send logs to the same delivery +// destination. +type DeliveryDestination struct { + _ struct{} `type:"structure"` + + // The Amazon Resource Name (ARN) that uniquely identifies this delivery destination. + Arn *string `locationName:"arn" type:"string"` + + // A structure that contains the ARN of the Amazon Web Services resource that + // will receive the logs. + DeliveryDestinationConfiguration *DeliveryDestinationConfiguration `locationName:"deliveryDestinationConfiguration" type:"structure"` + + // Displays whether this delivery destination is CloudWatch Logs, Amazon S3, + // or Firehose. + DeliveryDestinationType *string `locationName:"deliveryDestinationType" type:"string" enum:"DeliveryDestinationType"` + + // The name of this delivery destination. + Name *string `locationName:"name" min:"1" type:"string"` + + // The format of the logs that are sent to this delivery destination. + OutputFormat *string `locationName:"outputFormat" type:"string" enum:"OutputFormat"` + + // The tags that have been assigned to this delivery destination. + Tags map[string]*string `locationName:"tags" min:"1" type:"map"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DeliveryDestination) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DeliveryDestination) GoString() string { + return s.String() +} + +// SetArn sets the Arn field's value. +func (s *DeliveryDestination) SetArn(v string) *DeliveryDestination { + s.Arn = &v + return s +} + +// SetDeliveryDestinationConfiguration sets the DeliveryDestinationConfiguration field's value. +func (s *DeliveryDestination) SetDeliveryDestinationConfiguration(v *DeliveryDestinationConfiguration) *DeliveryDestination { + s.DeliveryDestinationConfiguration = v + return s +} + +// SetDeliveryDestinationType sets the DeliveryDestinationType field's value. +func (s *DeliveryDestination) SetDeliveryDestinationType(v string) *DeliveryDestination { + s.DeliveryDestinationType = &v + return s +} + +// SetName sets the Name field's value. +func (s *DeliveryDestination) SetName(v string) *DeliveryDestination { + s.Name = &v + return s +} + +// SetOutputFormat sets the OutputFormat field's value. +func (s *DeliveryDestination) SetOutputFormat(v string) *DeliveryDestination { + s.OutputFormat = &v + return s +} + +// SetTags sets the Tags field's value. +func (s *DeliveryDestination) SetTags(v map[string]*string) *DeliveryDestination { + s.Tags = v + return s +} + +// A structure that contains information about one logs delivery destination. +type DeliveryDestinationConfiguration struct { + _ struct{} `type:"structure"` + + // The ARN of the Amazon Web Services destination that this delivery destination + // represents. That Amazon Web Services destination can be a log group in CloudWatch + // Logs, an Amazon S3 bucket, or a delivery stream in Firehose. + // + // DestinationResourceArn is a required field + DestinationResourceArn *string `locationName:"destinationResourceArn" type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DeliveryDestinationConfiguration) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DeliveryDestinationConfiguration) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DeliveryDestinationConfiguration) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DeliveryDestinationConfiguration"} + if s.DestinationResourceArn == nil { + invalidParams.Add(request.NewErrParamRequired("DestinationResourceArn")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDestinationResourceArn sets the DestinationResourceArn field's value. +func (s *DeliveryDestinationConfiguration) SetDestinationResourceArn(v string) *DeliveryDestinationConfiguration { + s.DestinationResourceArn = &v + return s +} + +// This structure contains information about one delivery source in your account. +// A delivery source is an Amazon Web Services resource that sends logs to an +// Amazon Web Services destination. The destination can be CloudWatch Logs, +// Amazon S3, or Firehose. +// +// Only some Amazon Web Services services support being configured as a delivery +// source. These services are listed as Supported [V2 Permissions] in the table +// at Enabling logging from Amazon Web Services services. (https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/AWS-logs-and-resource-policy.html) +// +// To configure logs delivery between a supported Amazon Web Services service +// and a destination, you must do the following: +// +// - Create a delivery source, which is a logical object that represents +// the resource that is actually sending the logs. For more information, +// see PutDeliverySource (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutDeliverySource.html). +// +// - Create a delivery destination, which is a logical object that represents +// the actual delivery destination. For more information, see PutDeliveryDestination +// (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutDeliveryDestination.html). +// +// - If you are delivering logs cross-account, you must use PutDeliveryDestinationPolicy +// (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutDeliveryDestinationPolicy.html) +// in the destination account to assign an IAM policy to the destination. +// This policy allows delivery to that destination. +// +// - Create a delivery by pairing exactly one delivery source and one delivery +// destination. For more information, see CreateDelivery (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_CreateDelivery.html). +// +// You can configure a single delivery source to send logs to multiple destinations +// by creating multiple deliveries. You can also create multiple deliveries +// to configure multiple delivery sources to send logs to the same delivery +// destination. +type DeliverySource struct { + _ struct{} `type:"structure"` + + // The Amazon Resource Name (ARN) that uniquely identifies this delivery source. + Arn *string `locationName:"arn" type:"string"` + + // The type of log that the source is sending. For valid values for this parameter, + // see the documentation for the source service. + LogType *string `locationName:"logType" min:"1" type:"string"` + + // The unique name of the delivery source. + Name *string `locationName:"name" min:"1" type:"string"` + + // This array contains the ARN of the Amazon Web Services resource that sends + // logs and is represented by this delivery source. Currently, only one ARN + // can be in the array. + ResourceArns []*string `locationName:"resourceArns" type:"list"` + + // The Amazon Web Services service that is sending logs. + Service *string `locationName:"service" min:"1" type:"string"` + + // The tags that have been assigned to this delivery source. + Tags map[string]*string `locationName:"tags" min:"1" type:"map"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DeliverySource) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DeliverySource) GoString() string { + return s.String() +} + +// SetArn sets the Arn field's value. +func (s *DeliverySource) SetArn(v string) *DeliverySource { + s.Arn = &v + return s +} + +// SetLogType sets the LogType field's value. +func (s *DeliverySource) SetLogType(v string) *DeliverySource { + s.LogType = &v + return s +} + +// SetName sets the Name field's value. +func (s *DeliverySource) SetName(v string) *DeliverySource { + s.Name = &v + return s +} + +// SetResourceArns sets the ResourceArns field's value. +func (s *DeliverySource) SetResourceArns(v []*string) *DeliverySource { + s.ResourceArns = v + return s +} + +// SetService sets the Service field's value. +func (s *DeliverySource) SetService(v string) *DeliverySource { + s.Service = &v + return s +} + +// SetTags sets the Tags field's value. +func (s *DeliverySource) SetTags(v map[string]*string) *DeliverySource { + s.Tags = v + return s +} + +type DescribeAccountPoliciesInput struct { + _ struct{} `type:"structure"` + + // If you are using an account that is set up as a monitoring account for CloudWatch + // unified cross-account observability, you can use this to specify the account + // ID of a source account. If you do, the operation returns the account policy + // for the specified account. Currently, you can specify only one account ID + // in this parameter. + // + // If you omit this parameter, only the policy in the current account is returned. + AccountIdentifiers []*string `locationName:"accountIdentifiers" type:"list"` + + // Use this parameter to limit the returned policies to only the policy with + // the name that you specify. + PolicyName *string `locationName:"policyName" type:"string"` + + // Use this parameter to limit the returned policies to only the policies that + // match the policy type that you specify. + // + // PolicyType is a required field + PolicyType *string `locationName:"policyType" type:"string" required:"true" enum:"PolicyType"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DescribeAccountPoliciesInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DescribeAccountPoliciesInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DescribeAccountPoliciesInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DescribeAccountPoliciesInput"} + if s.PolicyType == nil { + invalidParams.Add(request.NewErrParamRequired("PolicyType")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetAccountIdentifiers sets the AccountIdentifiers field's value. +func (s *DescribeAccountPoliciesInput) SetAccountIdentifiers(v []*string) *DescribeAccountPoliciesInput { + s.AccountIdentifiers = v + return s +} + +// SetPolicyName sets the PolicyName field's value. +func (s *DescribeAccountPoliciesInput) SetPolicyName(v string) *DescribeAccountPoliciesInput { + s.PolicyName = &v + return s +} + +// SetPolicyType sets the PolicyType field's value. +func (s *DescribeAccountPoliciesInput) SetPolicyType(v string) *DescribeAccountPoliciesInput { + s.PolicyType = &v + return s +} + +type DescribeAccountPoliciesOutput struct { + _ struct{} `type:"structure"` + + // An array of structures that contain information about the CloudWatch Logs + // account policies that match the specified filters. + AccountPolicies []*AccountPolicy `locationName:"accountPolicies" type:"list"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DescribeAccountPoliciesOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DescribeAccountPoliciesOutput) GoString() string { + return s.String() +} + +// SetAccountPolicies sets the AccountPolicies field's value. +func (s *DescribeAccountPoliciesOutput) SetAccountPolicies(v []*AccountPolicy) *DescribeAccountPoliciesOutput { + s.AccountPolicies = v + return s +} + +type DescribeDeliveriesInput struct { + _ struct{} `type:"structure"` + + // Optionally specify the maximum number of deliveries to return in the response. + Limit *int64 `locationName:"limit" min:"1" type:"integer"` + + // The token for the next set of items to return. The token expires after 24 + // hours. + NextToken *string `locationName:"nextToken" min:"1" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DescribeDeliveriesInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DescribeDeliveriesInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DescribeDeliveriesInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DescribeDeliveriesInput"} + if s.Limit != nil && *s.Limit < 1 { + invalidParams.Add(request.NewErrParamMinValue("Limit", 1)) + } + if s.NextToken != nil && len(*s.NextToken) < 1 { + invalidParams.Add(request.NewErrParamMinLen("NextToken", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetLimit sets the Limit field's value. +func (s *DescribeDeliveriesInput) SetLimit(v int64) *DescribeDeliveriesInput { + s.Limit = &v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeDeliveriesInput) SetNextToken(v string) *DescribeDeliveriesInput { + s.NextToken = &v + return s +} + +type DescribeDeliveriesOutput struct { + _ struct{} `type:"structure"` + + // An array of structures. Each structure contains information about one delivery + // in the account. + Deliveries []*Delivery `locationName:"deliveries" type:"list"` + + // The token for the next set of items to return. The token expires after 24 + // hours. + NextToken *string `locationName:"nextToken" min:"1" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DescribeDeliveriesOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DescribeDeliveriesOutput) GoString() string { + return s.String() +} + +// SetDeliveries sets the Deliveries field's value. +func (s *DescribeDeliveriesOutput) SetDeliveries(v []*Delivery) *DescribeDeliveriesOutput { + s.Deliveries = v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeDeliveriesOutput) SetNextToken(v string) *DescribeDeliveriesOutput { + s.NextToken = &v + return s +} + +type DescribeDeliveryDestinationsInput struct { + _ struct{} `type:"structure"` + + // Optionally specify the maximum number of delivery destinations to return + // in the response. + Limit *int64 `locationName:"limit" min:"1" type:"integer"` + + // The token for the next set of items to return. The token expires after 24 + // hours. + NextToken *string `locationName:"nextToken" min:"1" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DescribeDeliveryDestinationsInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DescribeDeliveryDestinationsInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DescribeDeliveryDestinationsInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DescribeDeliveryDestinationsInput"} + if s.Limit != nil && *s.Limit < 1 { + invalidParams.Add(request.NewErrParamMinValue("Limit", 1)) + } + if s.NextToken != nil && len(*s.NextToken) < 1 { + invalidParams.Add(request.NewErrParamMinLen("NextToken", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetLimit sets the Limit field's value. +func (s *DescribeDeliveryDestinationsInput) SetLimit(v int64) *DescribeDeliveryDestinationsInput { + s.Limit = &v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeDeliveryDestinationsInput) SetNextToken(v string) *DescribeDeliveryDestinationsInput { + s.NextToken = &v + return s +} + +type DescribeDeliveryDestinationsOutput struct { + _ struct{} `type:"structure"` + + // An array of structures. Each structure contains information about one delivery + // destination in the account. + DeliveryDestinations []*DeliveryDestination `locationName:"deliveryDestinations" type:"list"` + + // The token for the next set of items to return. The token expires after 24 + // hours. + NextToken *string `locationName:"nextToken" min:"1" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DescribeDeliveryDestinationsOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DescribeDeliveryDestinationsOutput) GoString() string { + return s.String() +} + +// SetDeliveryDestinations sets the DeliveryDestinations field's value. +func (s *DescribeDeliveryDestinationsOutput) SetDeliveryDestinations(v []*DeliveryDestination) *DescribeDeliveryDestinationsOutput { + s.DeliveryDestinations = v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeDeliveryDestinationsOutput) SetNextToken(v string) *DescribeDeliveryDestinationsOutput { + s.NextToken = &v + return s +} + +type DescribeDeliverySourcesInput struct { + _ struct{} `type:"structure"` + + // Optionally specify the maximum number of delivery sources to return in the + // response. + Limit *int64 `locationName:"limit" min:"1" type:"integer"` + + // The token for the next set of items to return. The token expires after 24 + // hours. + NextToken *string `locationName:"nextToken" min:"1" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DescribeDeliverySourcesInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DescribeDeliverySourcesInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DescribeDeliverySourcesInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DescribeDeliverySourcesInput"} + if s.Limit != nil && *s.Limit < 1 { + invalidParams.Add(request.NewErrParamMinValue("Limit", 1)) + } + if s.NextToken != nil && len(*s.NextToken) < 1 { + invalidParams.Add(request.NewErrParamMinLen("NextToken", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetLimit sets the Limit field's value. +func (s *DescribeDeliverySourcesInput) SetLimit(v int64) *DescribeDeliverySourcesInput { + s.Limit = &v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeDeliverySourcesInput) SetNextToken(v string) *DescribeDeliverySourcesInput { + s.NextToken = &v + return s +} + +type DescribeDeliverySourcesOutput struct { + _ struct{} `type:"structure"` + + // An array of structures. Each structure contains information about one delivery + // source in the account. + DeliverySources []*DeliverySource `locationName:"deliverySources" type:"list"` + + // The token for the next set of items to return. The token expires after 24 + // hours. + NextToken *string `locationName:"nextToken" min:"1" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DescribeDeliverySourcesOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DescribeDeliverySourcesOutput) GoString() string { + return s.String() +} + +// SetDeliverySources sets the DeliverySources field's value. +func (s *DescribeDeliverySourcesOutput) SetDeliverySources(v []*DeliverySource) *DescribeDeliverySourcesOutput { + s.DeliverySources = v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeDeliverySourcesOutput) SetNextToken(v string) *DescribeDeliverySourcesOutput { + s.NextToken = &v + return s +} + +type DescribeDestinationsInput struct { + _ struct{} `type:"structure"` + + // The prefix to match. If you don't specify a value, no prefix filter is applied. + DestinationNamePrefix *string `min:"1" type:"string"` + + // The maximum number of items returned. If you don't specify a value, the default + // maximum value of 50 items is used. + Limit *int64 `locationName:"limit" min:"1" type:"integer"` + + // The token for the next set of items to return. (You received this token from + // a previous call.) + NextToken *string `locationName:"nextToken" min:"1" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DescribeDestinationsInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DescribeDestinationsInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DescribeDestinationsInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DescribeDestinationsInput"} + if s.DestinationNamePrefix != nil && len(*s.DestinationNamePrefix) < 1 { + invalidParams.Add(request.NewErrParamMinLen("DestinationNamePrefix", 1)) + } + if s.Limit != nil && *s.Limit < 1 { + invalidParams.Add(request.NewErrParamMinValue("Limit", 1)) + } + if s.NextToken != nil && len(*s.NextToken) < 1 { + invalidParams.Add(request.NewErrParamMinLen("NextToken", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDestinationNamePrefix sets the DestinationNamePrefix field's value. +func (s *DescribeDestinationsInput) SetDestinationNamePrefix(v string) *DescribeDestinationsInput { + s.DestinationNamePrefix = &v + return s +} + +// SetLimit sets the Limit field's value. +func (s *DescribeDestinationsInput) SetLimit(v int64) *DescribeDestinationsInput { + s.Limit = &v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeDestinationsInput) SetNextToken(v string) *DescribeDestinationsInput { + s.NextToken = &v + return s +} + +type DescribeDestinationsOutput struct { + _ struct{} `type:"structure"` + + // The destinations. + Destinations []*Destination `locationName:"destinations" type:"list"` + + // The token for the next set of items to return. The token expires after 24 + // hours. + NextToken *string `locationName:"nextToken" min:"1" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DescribeDestinationsOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DescribeDestinationsOutput) GoString() string { + return s.String() +} + +// SetDestinations sets the Destinations field's value. +func (s *DescribeDestinationsOutput) SetDestinations(v []*Destination) *DescribeDestinationsOutput { + s.Destinations = v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeDestinationsOutput) SetNextToken(v string) *DescribeDestinationsOutput { + s.NextToken = &v + return s +} + +type DescribeExportTasksInput struct { + _ struct{} `type:"structure"` + + // The maximum number of items returned. If you don't specify a value, the default + // is up to 50 items. + Limit *int64 `locationName:"limit" min:"1" type:"integer"` + + // The token for the next set of items to return. (You received this token from + // a previous call.) + NextToken *string `locationName:"nextToken" min:"1" type:"string"` + + // The status code of the export task. Specifying a status code filters the + // results to zero or more export tasks. + StatusCode *string `locationName:"statusCode" type:"string" enum:"ExportTaskStatusCode"` + + // The ID of the export task. Specifying a task ID filters the results to one + // or zero export tasks. + TaskId *string `locationName:"taskId" min:"1" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DescribeExportTasksInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DescribeExportTasksInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DescribeExportTasksInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DescribeExportTasksInput"} + if s.Limit != nil && *s.Limit < 1 { + invalidParams.Add(request.NewErrParamMinValue("Limit", 1)) + } + if s.NextToken != nil && len(*s.NextToken) < 1 { + invalidParams.Add(request.NewErrParamMinLen("NextToken", 1)) + } + if s.TaskId != nil && len(*s.TaskId) < 1 { + invalidParams.Add(request.NewErrParamMinLen("TaskId", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetLimit sets the Limit field's value. +func (s *DescribeExportTasksInput) SetLimit(v int64) *DescribeExportTasksInput { + s.Limit = &v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeExportTasksInput) SetNextToken(v string) *DescribeExportTasksInput { + s.NextToken = &v + return s +} + +// SetStatusCode sets the StatusCode field's value. +func (s *DescribeExportTasksInput) SetStatusCode(v string) *DescribeExportTasksInput { + s.StatusCode = &v + return s +} + +// SetTaskId sets the TaskId field's value. +func (s *DescribeExportTasksInput) SetTaskId(v string) *DescribeExportTasksInput { + s.TaskId = &v + return s +} + +type DescribeExportTasksOutput struct { + _ struct{} `type:"structure"` + + // The export tasks. + ExportTasks []*ExportTask `locationName:"exportTasks" type:"list"` + + // The token for the next set of items to return. The token expires after 24 + // hours. + NextToken *string `locationName:"nextToken" min:"1" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DescribeExportTasksOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DescribeExportTasksOutput) GoString() string { + return s.String() +} + +// SetExportTasks sets the ExportTasks field's value. +func (s *DescribeExportTasksOutput) SetExportTasks(v []*ExportTask) *DescribeExportTasksOutput { + s.ExportTasks = v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeExportTasksOutput) SetNextToken(v string) *DescribeExportTasksOutput { + s.NextToken = &v + return s +} + +type DescribeLogGroupsInput struct { + _ struct{} `type:"structure"` + + // When includeLinkedAccounts is set to True, use this parameter to specify + // the list of accounts to search. You can specify as many as 20 account IDs + // in the array. + AccountIdentifiers []*string `locationName:"accountIdentifiers" type:"list"` + + // If you are using a monitoring account, set this to True to have the operation + // return log groups in the accounts listed in accountIdentifiers. + // + // If this parameter is set to true and accountIdentifiers contains a null value, + // the operation returns all log groups in the monitoring account and all log + // groups in all source accounts that are linked to the monitoring account. + IncludeLinkedAccounts *bool `locationName:"includeLinkedAccounts" type:"boolean"` + + // The maximum number of items returned. If you don't specify a value, the default + // is up to 50 items. + Limit *int64 `locationName:"limit" min:"1" type:"integer"` + + // Specifies the log group class for this log group. There are two classes: + // + // * The Standard log class supports all CloudWatch Logs features. + // + // * The Infrequent Access log class supports a subset of CloudWatch Logs + // features and incurs lower costs. + // + // For details about the features supported by each class, see Log classes (https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch_Logs_Log_Classes.html) + LogGroupClass *string `locationName:"logGroupClass" type:"string" enum:"LogGroupClass"` + + // If you specify a string for this parameter, the operation returns only log + // groups that have names that match the string based on a case-sensitive substring + // search. For example, if you specify Foo, log groups named FooBar, aws/Foo, + // and GroupFoo would match, but foo, F/o/o and Froo would not match. + // + // If you specify logGroupNamePattern in your request, then only arn, creationTime, + // and logGroupName are included in the response. + // + // logGroupNamePattern and logGroupNamePrefix are mutually exclusive. Only one + // of these parameters can be passed. + LogGroupNamePattern *string `locationName:"logGroupNamePattern" type:"string"` + + // The prefix to match. + // + // logGroupNamePrefix and logGroupNamePattern are mutually exclusive. Only one + // of these parameters can be passed. + LogGroupNamePrefix *string `locationName:"logGroupNamePrefix" min:"1" type:"string"` + + // The token for the next set of items to return. (You received this token from + // a previous call.) + NextToken *string `locationName:"nextToken" min:"1" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DescribeLogGroupsInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DescribeLogGroupsInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DescribeLogGroupsInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DescribeLogGroupsInput"} + if s.Limit != nil && *s.Limit < 1 { + invalidParams.Add(request.NewErrParamMinValue("Limit", 1)) + } + if s.LogGroupNamePrefix != nil && len(*s.LogGroupNamePrefix) < 1 { + invalidParams.Add(request.NewErrParamMinLen("LogGroupNamePrefix", 1)) + } + if s.NextToken != nil && len(*s.NextToken) < 1 { + invalidParams.Add(request.NewErrParamMinLen("NextToken", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetAccountIdentifiers sets the AccountIdentifiers field's value. +func (s *DescribeLogGroupsInput) SetAccountIdentifiers(v []*string) *DescribeLogGroupsInput { + s.AccountIdentifiers = v + return s +} + +// SetIncludeLinkedAccounts sets the IncludeLinkedAccounts field's value. +func (s *DescribeLogGroupsInput) SetIncludeLinkedAccounts(v bool) *DescribeLogGroupsInput { + s.IncludeLinkedAccounts = &v + return s +} + +// SetLimit sets the Limit field's value. +func (s *DescribeLogGroupsInput) SetLimit(v int64) *DescribeLogGroupsInput { + s.Limit = &v + return s +} + +// SetLogGroupClass sets the LogGroupClass field's value. +func (s *DescribeLogGroupsInput) SetLogGroupClass(v string) *DescribeLogGroupsInput { + s.LogGroupClass = &v + return s +} + +// SetLogGroupNamePattern sets the LogGroupNamePattern field's value. +func (s *DescribeLogGroupsInput) SetLogGroupNamePattern(v string) *DescribeLogGroupsInput { + s.LogGroupNamePattern = &v + return s +} + +// SetLogGroupNamePrefix sets the LogGroupNamePrefix field's value. +func (s *DescribeLogGroupsInput) SetLogGroupNamePrefix(v string) *DescribeLogGroupsInput { + s.LogGroupNamePrefix = &v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeLogGroupsInput) SetNextToken(v string) *DescribeLogGroupsInput { + s.NextToken = &v + return s +} + +type DescribeLogGroupsOutput struct { + _ struct{} `type:"structure"` + + // The log groups. + // + // If the retentionInDays value is not included for a log group, then that log + // group's events do not expire. + LogGroups []*LogGroup `locationName:"logGroups" type:"list"` + + // The token for the next set of items to return. The token expires after 24 + // hours. + NextToken *string `locationName:"nextToken" min:"1" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DescribeLogGroupsOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DescribeLogGroupsOutput) GoString() string { + return s.String() +} + +// SetLogGroups sets the LogGroups field's value. +func (s *DescribeLogGroupsOutput) SetLogGroups(v []*LogGroup) *DescribeLogGroupsOutput { + s.LogGroups = v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeLogGroupsOutput) SetNextToken(v string) *DescribeLogGroupsOutput { + s.NextToken = &v + return s +} + +type DescribeLogStreamsInput struct { + _ struct{} `type:"structure"` + + // If the value is true, results are returned in descending order. If the value + // is to false, results are returned in ascending order. The default value is + // false. + Descending *bool `locationName:"descending" type:"boolean"` + + // The maximum number of items returned. If you don't specify a value, the default + // is up to 50 items. + Limit *int64 `locationName:"limit" min:"1" type:"integer"` + + // Specify either the name or ARN of the log group to view. If the log group + // is in a source account and you are using a monitoring account, you must use + // the log group ARN. + // + // You must include either logGroupIdentifier or logGroupName, but not both. + LogGroupIdentifier *string `locationName:"logGroupIdentifier" min:"1" type:"string"` + + // The name of the log group. + // + // You must include either logGroupIdentifier or logGroupName, but not both. + LogGroupName *string `locationName:"logGroupName" min:"1" type:"string"` + + // The prefix to match. + // + // If orderBy is LastEventTime, you cannot specify this parameter. + LogStreamNamePrefix *string `locationName:"logStreamNamePrefix" min:"1" type:"string"` + + // The token for the next set of items to return. (You received this token from + // a previous call.) + NextToken *string `locationName:"nextToken" min:"1" type:"string"` + + // If the value is LogStreamName, the results are ordered by log stream name. + // If the value is LastEventTime, the results are ordered by the event time. + // The default value is LogStreamName. + // + // If you order the results by event time, you cannot specify the logStreamNamePrefix + // parameter. + // + // lastEventTimestamp represents the time of the most recent log event in the + // log stream in CloudWatch Logs. This number is expressed as the number of + // milliseconds after Jan 1, 1970 00:00:00 UTC. lastEventTimestamp updates on + // an eventual consistency basis. It typically updates in less than an hour + // from ingestion, but in rare situations might take longer. + OrderBy *string `locationName:"orderBy" type:"string" enum:"OrderBy"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DescribeLogStreamsInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DescribeLogStreamsInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DescribeLogStreamsInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DescribeLogStreamsInput"} + if s.Limit != nil && *s.Limit < 1 { + invalidParams.Add(request.NewErrParamMinValue("Limit", 1)) + } + if s.LogGroupIdentifier != nil && len(*s.LogGroupIdentifier) < 1 { + invalidParams.Add(request.NewErrParamMinLen("LogGroupIdentifier", 1)) + } + if s.LogGroupName != nil && len(*s.LogGroupName) < 1 { + invalidParams.Add(request.NewErrParamMinLen("LogGroupName", 1)) + } + if s.LogStreamNamePrefix != nil && len(*s.LogStreamNamePrefix) < 1 { + invalidParams.Add(request.NewErrParamMinLen("LogStreamNamePrefix", 1)) + } + if s.NextToken != nil && len(*s.NextToken) < 1 { + invalidParams.Add(request.NewErrParamMinLen("NextToken", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDescending sets the Descending field's value. +func (s *DescribeLogStreamsInput) SetDescending(v bool) *DescribeLogStreamsInput { + s.Descending = &v + return s +} + +// SetLimit sets the Limit field's value. +func (s *DescribeLogStreamsInput) SetLimit(v int64) *DescribeLogStreamsInput { + s.Limit = &v + return s +} + +// SetLogGroupIdentifier sets the LogGroupIdentifier field's value. +func (s *DescribeLogStreamsInput) SetLogGroupIdentifier(v string) *DescribeLogStreamsInput { + s.LogGroupIdentifier = &v + return s +} + +// SetLogGroupName sets the LogGroupName field's value. +func (s *DescribeLogStreamsInput) SetLogGroupName(v string) *DescribeLogStreamsInput { + s.LogGroupName = &v + return s +} + +// SetLogStreamNamePrefix sets the LogStreamNamePrefix field's value. +func (s *DescribeLogStreamsInput) SetLogStreamNamePrefix(v string) *DescribeLogStreamsInput { + s.LogStreamNamePrefix = &v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeLogStreamsInput) SetNextToken(v string) *DescribeLogStreamsInput { + s.NextToken = &v + return s +} + +// SetOrderBy sets the OrderBy field's value. +func (s *DescribeLogStreamsInput) SetOrderBy(v string) *DescribeLogStreamsInput { + s.OrderBy = &v + return s +} + +type DescribeLogStreamsOutput struct { + _ struct{} `type:"structure"` + + // The log streams. + LogStreams []*LogStream `locationName:"logStreams" type:"list"` + + // The token for the next set of items to return. The token expires after 24 + // hours. + NextToken *string `locationName:"nextToken" min:"1" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DescribeLogStreamsOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DescribeLogStreamsOutput) GoString() string { + return s.String() +} + +// SetLogStreams sets the LogStreams field's value. +func (s *DescribeLogStreamsOutput) SetLogStreams(v []*LogStream) *DescribeLogStreamsOutput { + s.LogStreams = v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeLogStreamsOutput) SetNextToken(v string) *DescribeLogStreamsOutput { + s.NextToken = &v + return s +} + +type DescribeMetricFiltersInput struct { + _ struct{} `type:"structure"` + + // The prefix to match. CloudWatch Logs uses the value that you set here only + // if you also include the logGroupName parameter in your request. + FilterNamePrefix *string `locationName:"filterNamePrefix" min:"1" type:"string"` + + // The maximum number of items returned. If you don't specify a value, the default + // is up to 50 items. + Limit *int64 `locationName:"limit" min:"1" type:"integer"` + + // The name of the log group. + LogGroupName *string `locationName:"logGroupName" min:"1" type:"string"` + + // Filters results to include only those with the specified metric name. If + // you include this parameter in your request, you must also include the metricNamespace + // parameter. + MetricName *string `locationName:"metricName" type:"string"` + + // Filters results to include only those in the specified namespace. If you + // include this parameter in your request, you must also include the metricName + // parameter. + MetricNamespace *string `locationName:"metricNamespace" type:"string"` + + // The token for the next set of items to return. (You received this token from + // a previous call.) + NextToken *string `locationName:"nextToken" min:"1" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DescribeMetricFiltersInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DescribeMetricFiltersInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DescribeMetricFiltersInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DescribeMetricFiltersInput"} + if s.FilterNamePrefix != nil && len(*s.FilterNamePrefix) < 1 { + invalidParams.Add(request.NewErrParamMinLen("FilterNamePrefix", 1)) + } + if s.Limit != nil && *s.Limit < 1 { + invalidParams.Add(request.NewErrParamMinValue("Limit", 1)) + } + if s.LogGroupName != nil && len(*s.LogGroupName) < 1 { + invalidParams.Add(request.NewErrParamMinLen("LogGroupName", 1)) + } + if s.NextToken != nil && len(*s.NextToken) < 1 { + invalidParams.Add(request.NewErrParamMinLen("NextToken", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetFilterNamePrefix sets the FilterNamePrefix field's value. +func (s *DescribeMetricFiltersInput) SetFilterNamePrefix(v string) *DescribeMetricFiltersInput { + s.FilterNamePrefix = &v + return s +} + +// SetLimit sets the Limit field's value. +func (s *DescribeMetricFiltersInput) SetLimit(v int64) *DescribeMetricFiltersInput { + s.Limit = &v + return s +} + // SetLogGroupName sets the LogGroupName field's value. -func (s *AssociateKmsKeyInput) SetLogGroupName(v string) *AssociateKmsKeyInput { +func (s *DescribeMetricFiltersInput) SetLogGroupName(v string) *DescribeMetricFiltersInput { s.LogGroupName = &v return s } -type AssociateKmsKeyOutput struct { +// SetMetricName sets the MetricName field's value. +func (s *DescribeMetricFiltersInput) SetMetricName(v string) *DescribeMetricFiltersInput { + s.MetricName = &v + return s +} + +// SetMetricNamespace sets the MetricNamespace field's value. +func (s *DescribeMetricFiltersInput) SetMetricNamespace(v string) *DescribeMetricFiltersInput { + s.MetricNamespace = &v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeMetricFiltersInput) SetNextToken(v string) *DescribeMetricFiltersInput { + s.NextToken = &v + return s +} + +type DescribeMetricFiltersOutput struct { _ struct{} `type:"structure"` + + // The metric filters. + MetricFilters []*MetricFilter `locationName:"metricFilters" type:"list"` + + // The token for the next set of items to return. The token expires after 24 + // hours. + NextToken *string `locationName:"nextToken" min:"1" type:"string"` } // String returns the string representation. @@ -5125,7 +12383,7 @@ type AssociateKmsKeyOutput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s AssociateKmsKeyOutput) String() string { +func (s DescribeMetricFiltersOutput) String() string { return awsutil.Prettify(s) } @@ -5134,17 +12392,38 @@ func (s AssociateKmsKeyOutput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s AssociateKmsKeyOutput) GoString() string { +func (s DescribeMetricFiltersOutput) GoString() string { return s.String() } -type CancelExportTaskInput struct { +// SetMetricFilters sets the MetricFilters field's value. +func (s *DescribeMetricFiltersOutput) SetMetricFilters(v []*MetricFilter) *DescribeMetricFiltersOutput { + s.MetricFilters = v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeMetricFiltersOutput) SetNextToken(v string) *DescribeMetricFiltersOutput { + s.NextToken = &v + return s +} + +type DescribeQueriesInput struct { _ struct{} `type:"structure"` - // The ID of the export task. - // - // TaskId is a required field - TaskId *string `locationName:"taskId" min:"1" type:"string" required:"true"` + // Limits the returned queries to only those for the specified log group. + LogGroupName *string `locationName:"logGroupName" min:"1" type:"string"` + + // Limits the number of returned queries to the specified number. + MaxResults *int64 `locationName:"maxResults" min:"1" type:"integer"` + + // The token for the next set of items to return. The token expires after 24 + // hours. + NextToken *string `locationName:"nextToken" min:"1" type:"string"` + + // Limits the returned queries to only those that have the specified status. + // Valid values are Cancelled, Complete, Failed, Running, and Scheduled. + Status *string `locationName:"status" type:"string" enum:"QueryStatus"` } // String returns the string representation. @@ -5152,7 +12431,7 @@ type CancelExportTaskInput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s CancelExportTaskInput) String() string { +func (s DescribeQueriesInput) String() string { return awsutil.Prettify(s) } @@ -5161,18 +12440,21 @@ func (s CancelExportTaskInput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s CancelExportTaskInput) GoString() string { +func (s DescribeQueriesInput) GoString() string { return s.String() } // Validate inspects the fields of the type to determine if they are valid. -func (s *CancelExportTaskInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "CancelExportTaskInput"} - if s.TaskId == nil { - invalidParams.Add(request.NewErrParamRequired("TaskId")) +func (s *DescribeQueriesInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DescribeQueriesInput"} + if s.LogGroupName != nil && len(*s.LogGroupName) < 1 { + invalidParams.Add(request.NewErrParamMinLen("LogGroupName", 1)) } - if s.TaskId != nil && len(*s.TaskId) < 1 { - invalidParams.Add(request.NewErrParamMinLen("TaskId", 1)) + if s.MaxResults != nil && *s.MaxResults < 1 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1)) + } + if s.NextToken != nil && len(*s.NextToken) < 1 { + invalidParams.Add(request.NewErrParamMinLen("NextToken", 1)) } if invalidParams.Len() > 0 { @@ -5181,14 +12463,39 @@ func (s *CancelExportTaskInput) Validate() error { return nil } -// SetTaskId sets the TaskId field's value. -func (s *CancelExportTaskInput) SetTaskId(v string) *CancelExportTaskInput { - s.TaskId = &v +// SetLogGroupName sets the LogGroupName field's value. +func (s *DescribeQueriesInput) SetLogGroupName(v string) *DescribeQueriesInput { + s.LogGroupName = &v return s } -type CancelExportTaskOutput struct { +// SetMaxResults sets the MaxResults field's value. +func (s *DescribeQueriesInput) SetMaxResults(v int64) *DescribeQueriesInput { + s.MaxResults = &v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeQueriesInput) SetNextToken(v string) *DescribeQueriesInput { + s.NextToken = &v + return s +} + +// SetStatus sets the Status field's value. +func (s *DescribeQueriesInput) SetStatus(v string) *DescribeQueriesInput { + s.Status = &v + return s +} + +type DescribeQueriesOutput struct { _ struct{} `type:"structure"` + + // The token for the next set of items to return. The token expires after 24 + // hours. + NextToken *string `locationName:"nextToken" min:"1" type:"string"` + + // The list of queries that match the request. + Queries []*QueryInfo `locationName:"queries" type:"list"` } // String returns the string representation. @@ -5196,7 +12503,7 @@ type CancelExportTaskOutput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s CancelExportTaskOutput) String() string { +func (s DescribeQueriesOutput) String() string { return awsutil.Prettify(s) } @@ -5205,51 +12512,35 @@ func (s CancelExportTaskOutput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s CancelExportTaskOutput) GoString() string { +func (s DescribeQueriesOutput) GoString() string { return s.String() } -type CreateExportTaskInput struct { - _ struct{} `type:"structure"` - - // The name of S3 bucket for the exported log data. The bucket must be in the - // same Amazon Web Services Region. - // - // Destination is a required field - Destination *string `locationName:"destination" min:"1" type:"string" required:"true"` - - // The prefix used as the start of the key for every object exported. If you - // don't specify a value, the default is exportedlogs. - DestinationPrefix *string `locationName:"destinationPrefix" type:"string"` - - // The start time of the range for the request, expressed as the number of milliseconds - // after Jan 1, 1970 00:00:00 UTC. Events with a timestamp earlier than this - // time are not exported. - // - // From is a required field - From *int64 `locationName:"from" type:"long" required:"true"` - - // The name of the log group. - // - // LogGroupName is a required field - LogGroupName *string `locationName:"logGroupName" min:"1" type:"string" required:"true"` +// SetNextToken sets the NextToken field's value. +func (s *DescribeQueriesOutput) SetNextToken(v string) *DescribeQueriesOutput { + s.NextToken = &v + return s +} - // Export only log streams that match the provided prefix. If you don't specify - // a value, no prefix filter is applied. - LogStreamNamePrefix *string `locationName:"logStreamNamePrefix" min:"1" type:"string"` +// SetQueries sets the Queries field's value. +func (s *DescribeQueriesOutput) SetQueries(v []*QueryInfo) *DescribeQueriesOutput { + s.Queries = v + return s +} - // The name of the export task. - TaskName *string `locationName:"taskName" min:"1" type:"string"` +type DescribeQueryDefinitionsInput struct { + _ struct{} `type:"structure"` - // The end time of the range for the request, expressed as the number of milliseconds - // after Jan 1, 1970 00:00:00 UTC. Events with a timestamp later than this time - // are not exported. - // - // You must specify a time that is not earlier than when this log group was - // created. - // - // To is a required field - To *int64 `locationName:"to" type:"long" required:"true"` + // Limits the number of returned query definitions to the specified number. + MaxResults *int64 `locationName:"maxResults" min:"1" type:"integer"` + + // The token for the next set of items to return. The token expires after 24 + // hours. + NextToken *string `locationName:"nextToken" min:"1" type:"string"` + + // Use this parameter to filter your results to only the query definitions that + // have names that start with the prefix you specify. + QueryDefinitionNamePrefix *string `locationName:"queryDefinitionNamePrefix" min:"1" type:"string"` } // String returns the string representation. @@ -5257,7 +12548,7 @@ type CreateExportTaskInput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s CreateExportTaskInput) String() string { +func (s DescribeQueryDefinitionsInput) String() string { return awsutil.Prettify(s) } @@ -5266,36 +12557,21 @@ func (s CreateExportTaskInput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s CreateExportTaskInput) GoString() string { +func (s DescribeQueryDefinitionsInput) GoString() string { return s.String() } // Validate inspects the fields of the type to determine if they are valid. -func (s *CreateExportTaskInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "CreateExportTaskInput"} - if s.Destination == nil { - invalidParams.Add(request.NewErrParamRequired("Destination")) - } - if s.Destination != nil && len(*s.Destination) < 1 { - invalidParams.Add(request.NewErrParamMinLen("Destination", 1)) - } - if s.From == nil { - invalidParams.Add(request.NewErrParamRequired("From")) - } - if s.LogGroupName == nil { - invalidParams.Add(request.NewErrParamRequired("LogGroupName")) - } - if s.LogGroupName != nil && len(*s.LogGroupName) < 1 { - invalidParams.Add(request.NewErrParamMinLen("LogGroupName", 1)) - } - if s.LogStreamNamePrefix != nil && len(*s.LogStreamNamePrefix) < 1 { - invalidParams.Add(request.NewErrParamMinLen("LogStreamNamePrefix", 1)) +func (s *DescribeQueryDefinitionsInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DescribeQueryDefinitionsInput"} + if s.MaxResults != nil && *s.MaxResults < 1 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1)) } - if s.TaskName != nil && len(*s.TaskName) < 1 { - invalidParams.Add(request.NewErrParamMinLen("TaskName", 1)) + if s.NextToken != nil && len(*s.NextToken) < 1 { + invalidParams.Add(request.NewErrParamMinLen("NextToken", 1)) } - if s.To == nil { - invalidParams.Add(request.NewErrParamRequired("To")) + if s.QueryDefinitionNamePrefix != nil && len(*s.QueryDefinitionNamePrefix) < 1 { + invalidParams.Add(request.NewErrParamMinLen("QueryDefinitionNamePrefix", 1)) } if invalidParams.Len() > 0 { @@ -5304,53 +12580,33 @@ func (s *CreateExportTaskInput) Validate() error { return nil } -// SetDestination sets the Destination field's value. -func (s *CreateExportTaskInput) SetDestination(v string) *CreateExportTaskInput { - s.Destination = &v - return s -} - -// SetDestinationPrefix sets the DestinationPrefix field's value. -func (s *CreateExportTaskInput) SetDestinationPrefix(v string) *CreateExportTaskInput { - s.DestinationPrefix = &v - return s -} - -// SetFrom sets the From field's value. -func (s *CreateExportTaskInput) SetFrom(v int64) *CreateExportTaskInput { - s.From = &v - return s -} - -// SetLogGroupName sets the LogGroupName field's value. -func (s *CreateExportTaskInput) SetLogGroupName(v string) *CreateExportTaskInput { - s.LogGroupName = &v - return s -} - -// SetLogStreamNamePrefix sets the LogStreamNamePrefix field's value. -func (s *CreateExportTaskInput) SetLogStreamNamePrefix(v string) *CreateExportTaskInput { - s.LogStreamNamePrefix = &v +// SetMaxResults sets the MaxResults field's value. +func (s *DescribeQueryDefinitionsInput) SetMaxResults(v int64) *DescribeQueryDefinitionsInput { + s.MaxResults = &v return s } -// SetTaskName sets the TaskName field's value. -func (s *CreateExportTaskInput) SetTaskName(v string) *CreateExportTaskInput { - s.TaskName = &v +// SetNextToken sets the NextToken field's value. +func (s *DescribeQueryDefinitionsInput) SetNextToken(v string) *DescribeQueryDefinitionsInput { + s.NextToken = &v return s } -// SetTo sets the To field's value. -func (s *CreateExportTaskInput) SetTo(v int64) *CreateExportTaskInput { - s.To = &v +// SetQueryDefinitionNamePrefix sets the QueryDefinitionNamePrefix field's value. +func (s *DescribeQueryDefinitionsInput) SetQueryDefinitionNamePrefix(v string) *DescribeQueryDefinitionsInput { + s.QueryDefinitionNamePrefix = &v return s } -type CreateExportTaskOutput struct { +type DescribeQueryDefinitionsOutput struct { _ struct{} `type:"structure"` - // The ID of the export task. - TaskId *string `locationName:"taskId" min:"1" type:"string"` + // The token for the next set of items to return. The token expires after 24 + // hours. + NextToken *string `locationName:"nextToken" min:"1" type:"string"` + + // The list of query definitions that match your request. + QueryDefinitions []*QueryDefinition `locationName:"queryDefinitions" type:"list"` } // String returns the string representation. @@ -5358,7 +12614,7 @@ type CreateExportTaskOutput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s CreateExportTaskOutput) String() string { +func (s DescribeQueryDefinitionsOutput) String() string { return awsutil.Prettify(s) } @@ -5367,39 +12623,32 @@ func (s CreateExportTaskOutput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s CreateExportTaskOutput) GoString() string { +func (s DescribeQueryDefinitionsOutput) GoString() string { return s.String() } -// SetTaskId sets the TaskId field's value. -func (s *CreateExportTaskOutput) SetTaskId(v string) *CreateExportTaskOutput { - s.TaskId = &v +// SetNextToken sets the NextToken field's value. +func (s *DescribeQueryDefinitionsOutput) SetNextToken(v string) *DescribeQueryDefinitionsOutput { + s.NextToken = &v return s } -type CreateLogGroupInput struct { - _ struct{} `type:"structure"` +// SetQueryDefinitions sets the QueryDefinitions field's value. +func (s *DescribeQueryDefinitionsOutput) SetQueryDefinitions(v []*QueryDefinition) *DescribeQueryDefinitionsOutput { + s.QueryDefinitions = v + return s +} - // The Amazon Resource Name (ARN) of the KMS key to use when encrypting log - // data. For more information, see Amazon Resource Names (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html#arn-syntax-kms). - KmsKeyId *string `locationName:"kmsKeyId" type:"string"` +type DescribeResourcePoliciesInput struct { + _ struct{} `type:"structure"` - // The name of the log group. - // - // LogGroupName is a required field - LogGroupName *string `locationName:"logGroupName" min:"1" type:"string" required:"true"` + // The maximum number of resource policies to be displayed with one call of + // this API. + Limit *int64 `locationName:"limit" min:"1" type:"integer"` - // The key-value pairs to use for the tags. - // - // You can grant users access to certain log groups while preventing them from - // accessing other log groups. To do so, tag your groups and use IAM policies - // that refer to those tags. To assign tags when you create a log group, you - // must have either the logs:TagResource or logs:TagLogGroup permission. For - // more information about tagging, see Tagging Amazon Web Services resources - // (https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html). For more - // information about using tags to control access, see Controlling access to - // Amazon Web Services resources using tags (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_tags.html). - Tags map[string]*string `locationName:"tags" min:"1" type:"map"` + // The token for the next set of items to return. The token expires after 24 + // hours. + NextToken *string `locationName:"nextToken" min:"1" type:"string"` } // String returns the string representation. @@ -5407,7 +12656,7 @@ type CreateLogGroupInput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s CreateLogGroupInput) String() string { +func (s DescribeResourcePoliciesInput) String() string { return awsutil.Prettify(s) } @@ -5416,21 +12665,18 @@ func (s CreateLogGroupInput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s CreateLogGroupInput) GoString() string { +func (s DescribeResourcePoliciesInput) GoString() string { return s.String() } // Validate inspects the fields of the type to determine if they are valid. -func (s *CreateLogGroupInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "CreateLogGroupInput"} - if s.LogGroupName == nil { - invalidParams.Add(request.NewErrParamRequired("LogGroupName")) - } - if s.LogGroupName != nil && len(*s.LogGroupName) < 1 { - invalidParams.Add(request.NewErrParamMinLen("LogGroupName", 1)) +func (s *DescribeResourcePoliciesInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DescribeResourcePoliciesInput"} + if s.Limit != nil && *s.Limit < 1 { + invalidParams.Add(request.NewErrParamMinValue("Limit", 1)) } - if s.Tags != nil && len(s.Tags) < 1 { - invalidParams.Add(request.NewErrParamMinLen("Tags", 1)) + if s.NextToken != nil && len(*s.NextToken) < 1 { + invalidParams.Add(request.NewErrParamMinLen("NextToken", 1)) } if invalidParams.Len() > 0 { @@ -5439,26 +12685,27 @@ func (s *CreateLogGroupInput) Validate() error { return nil } -// SetKmsKeyId sets the KmsKeyId field's value. -func (s *CreateLogGroupInput) SetKmsKeyId(v string) *CreateLogGroupInput { - s.KmsKeyId = &v - return s -} - -// SetLogGroupName sets the LogGroupName field's value. -func (s *CreateLogGroupInput) SetLogGroupName(v string) *CreateLogGroupInput { - s.LogGroupName = &v +// SetLimit sets the Limit field's value. +func (s *DescribeResourcePoliciesInput) SetLimit(v int64) *DescribeResourcePoliciesInput { + s.Limit = &v return s } -// SetTags sets the Tags field's value. -func (s *CreateLogGroupInput) SetTags(v map[string]*string) *CreateLogGroupInput { - s.Tags = v +// SetNextToken sets the NextToken field's value. +func (s *DescribeResourcePoliciesInput) SetNextToken(v string) *DescribeResourcePoliciesInput { + s.NextToken = &v return s } -type CreateLogGroupOutput struct { +type DescribeResourcePoliciesOutput struct { _ struct{} `type:"structure"` + + // The token for the next set of items to return. The token expires after 24 + // hours. + NextToken *string `locationName:"nextToken" min:"1" type:"string"` + + // The resource policies that exist in this account. + ResourcePolicies []*ResourcePolicy `locationName:"resourcePolicies" type:"list"` } // String returns the string representation. @@ -5466,7 +12713,7 @@ type CreateLogGroupOutput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s CreateLogGroupOutput) String() string { +func (s DescribeResourcePoliciesOutput) String() string { return awsutil.Prettify(s) } @@ -5475,22 +12722,40 @@ func (s CreateLogGroupOutput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s CreateLogGroupOutput) GoString() string { +func (s DescribeResourcePoliciesOutput) GoString() string { return s.String() } -type CreateLogStreamInput struct { +// SetNextToken sets the NextToken field's value. +func (s *DescribeResourcePoliciesOutput) SetNextToken(v string) *DescribeResourcePoliciesOutput { + s.NextToken = &v + return s +} + +// SetResourcePolicies sets the ResourcePolicies field's value. +func (s *DescribeResourcePoliciesOutput) SetResourcePolicies(v []*ResourcePolicy) *DescribeResourcePoliciesOutput { + s.ResourcePolicies = v + return s +} + +type DescribeSubscriptionFiltersInput struct { _ struct{} `type:"structure"` + // The prefix to match. If you don't specify a value, no prefix filter is applied. + FilterNamePrefix *string `locationName:"filterNamePrefix" min:"1" type:"string"` + + // The maximum number of items returned. If you don't specify a value, the default + // is up to 50 items. + Limit *int64 `locationName:"limit" min:"1" type:"integer"` + // The name of the log group. // // LogGroupName is a required field LogGroupName *string `locationName:"logGroupName" min:"1" type:"string" required:"true"` - // The name of the log stream. - // - // LogStreamName is a required field - LogStreamName *string `locationName:"logStreamName" min:"1" type:"string" required:"true"` + // The token for the next set of items to return. (You received this token from + // a previous call.) + NextToken *string `locationName:"nextToken" min:"1" type:"string"` } // String returns the string representation. @@ -5498,7 +12763,7 @@ type CreateLogStreamInput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s CreateLogStreamInput) String() string { +func (s DescribeSubscriptionFiltersInput) String() string { return awsutil.Prettify(s) } @@ -5507,24 +12772,27 @@ func (s CreateLogStreamInput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s CreateLogStreamInput) GoString() string { +func (s DescribeSubscriptionFiltersInput) GoString() string { return s.String() } // Validate inspects the fields of the type to determine if they are valid. -func (s *CreateLogStreamInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "CreateLogStreamInput"} +func (s *DescribeSubscriptionFiltersInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DescribeSubscriptionFiltersInput"} + if s.FilterNamePrefix != nil && len(*s.FilterNamePrefix) < 1 { + invalidParams.Add(request.NewErrParamMinLen("FilterNamePrefix", 1)) + } + if s.Limit != nil && *s.Limit < 1 { + invalidParams.Add(request.NewErrParamMinValue("Limit", 1)) + } if s.LogGroupName == nil { invalidParams.Add(request.NewErrParamRequired("LogGroupName")) } if s.LogGroupName != nil && len(*s.LogGroupName) < 1 { invalidParams.Add(request.NewErrParamMinLen("LogGroupName", 1)) } - if s.LogStreamName == nil { - invalidParams.Add(request.NewErrParamRequired("LogStreamName")) - } - if s.LogStreamName != nil && len(*s.LogStreamName) < 1 { - invalidParams.Add(request.NewErrParamMinLen("LogStreamName", 1)) + if s.NextToken != nil && len(*s.NextToken) < 1 { + invalidParams.Add(request.NewErrParamMinLen("NextToken", 1)) } if invalidParams.Len() > 0 { @@ -5533,20 +12801,39 @@ func (s *CreateLogStreamInput) Validate() error { return nil } +// SetFilterNamePrefix sets the FilterNamePrefix field's value. +func (s *DescribeSubscriptionFiltersInput) SetFilterNamePrefix(v string) *DescribeSubscriptionFiltersInput { + s.FilterNamePrefix = &v + return s +} + +// SetLimit sets the Limit field's value. +func (s *DescribeSubscriptionFiltersInput) SetLimit(v int64) *DescribeSubscriptionFiltersInput { + s.Limit = &v + return s +} + // SetLogGroupName sets the LogGroupName field's value. -func (s *CreateLogStreamInput) SetLogGroupName(v string) *CreateLogStreamInput { +func (s *DescribeSubscriptionFiltersInput) SetLogGroupName(v string) *DescribeSubscriptionFiltersInput { s.LogGroupName = &v return s } -// SetLogStreamName sets the LogStreamName field's value. -func (s *CreateLogStreamInput) SetLogStreamName(v string) *CreateLogStreamInput { - s.LogStreamName = &v +// SetNextToken sets the NextToken field's value. +func (s *DescribeSubscriptionFiltersInput) SetNextToken(v string) *DescribeSubscriptionFiltersInput { + s.NextToken = &v return s } -type CreateLogStreamOutput struct { +type DescribeSubscriptionFiltersOutput struct { _ struct{} `type:"structure"` + + // The token for the next set of items to return. The token expires after 24 + // hours. + NextToken *string `locationName:"nextToken" min:"1" type:"string"` + + // The subscription filters. + SubscriptionFilters []*SubscriptionFilter `locationName:"subscriptionFilters" type:"list"` } // String returns the string representation. @@ -5554,7 +12841,7 @@ type CreateLogStreamOutput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s CreateLogStreamOutput) String() string { +func (s DescribeSubscriptionFiltersOutput) String() string { return awsutil.Prettify(s) } @@ -5563,21 +12850,46 @@ func (s CreateLogStreamOutput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s CreateLogStreamOutput) GoString() string { +func (s DescribeSubscriptionFiltersOutput) GoString() string { return s.String() } -// The event was already logged. -// -// PutLogEvents actions are now always accepted and never return DataAlreadyAcceptedException -// regardless of whether a given batch of log events has already been accepted. -type DataAlreadyAcceptedException struct { - _ struct{} `type:"structure"` - RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` +// SetNextToken sets the NextToken field's value. +func (s *DescribeSubscriptionFiltersOutput) SetNextToken(v string) *DescribeSubscriptionFiltersOutput { + s.NextToken = &v + return s +} - ExpectedSequenceToken *string `locationName:"expectedSequenceToken" min:"1" type:"string"` +// SetSubscriptionFilters sets the SubscriptionFilters field's value. +func (s *DescribeSubscriptionFiltersOutput) SetSubscriptionFilters(v []*SubscriptionFilter) *DescribeSubscriptionFiltersOutput { + s.SubscriptionFilters = v + return s +} - Message_ *string `locationName:"message" type:"string"` +// Represents a cross-account destination that receives subscription log events. +type Destination struct { + _ struct{} `type:"structure"` + + // An IAM policy document that governs which Amazon Web Services accounts can + // create subscription filters against this destination. + AccessPolicy *string `locationName:"accessPolicy" min:"1" type:"string"` + + // The ARN of this destination. + Arn *string `locationName:"arn" type:"string"` + + // The creation time of the destination, expressed as the number of milliseconds + // after Jan 1, 1970 00:00:00 UTC. + CreationTime *int64 `locationName:"creationTime" type:"long"` + + // The name of the destination. + DestinationName *string `locationName:"destinationName" min:"1" type:"string"` + + // A role for impersonation, used when delivering log events to the target. + RoleArn *string `locationName:"roleArn" min:"1" type:"string"` + + // The Amazon Resource Name (ARN) of the physical target where the log events + // are delivered (for example, a Kinesis stream). + TargetArn *string `locationName:"targetArn" min:"1" type:"string"` } // String returns the string representation. @@ -5585,7 +12897,7 @@ type DataAlreadyAcceptedException struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s DataAlreadyAcceptedException) String() string { +func (s Destination) String() string { return awsutil.Prettify(s) } @@ -5594,56 +12906,72 @@ func (s DataAlreadyAcceptedException) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s DataAlreadyAcceptedException) GoString() string { +func (s Destination) GoString() string { return s.String() } -func newErrorDataAlreadyAcceptedException(v protocol.ResponseMetadata) error { - return &DataAlreadyAcceptedException{ - RespMetadata: v, - } -} - -// Code returns the exception type name. -func (s *DataAlreadyAcceptedException) Code() string { - return "DataAlreadyAcceptedException" +// SetAccessPolicy sets the AccessPolicy field's value. +func (s *Destination) SetAccessPolicy(v string) *Destination { + s.AccessPolicy = &v + return s } -// Message returns the exception's message. -func (s *DataAlreadyAcceptedException) Message() string { - if s.Message_ != nil { - return *s.Message_ - } - return "" +// SetArn sets the Arn field's value. +func (s *Destination) SetArn(v string) *Destination { + s.Arn = &v + return s } -// OrigErr always returns nil, satisfies awserr.Error interface. -func (s *DataAlreadyAcceptedException) OrigErr() error { - return nil +// SetCreationTime sets the CreationTime field's value. +func (s *Destination) SetCreationTime(v int64) *Destination { + s.CreationTime = &v + return s } -func (s *DataAlreadyAcceptedException) Error() string { - return fmt.Sprintf("%s: %s\n%s", s.Code(), s.Message(), s.String()) +// SetDestinationName sets the DestinationName field's value. +func (s *Destination) SetDestinationName(v string) *Destination { + s.DestinationName = &v + return s } -// Status code returns the HTTP status code for the request's response error. -func (s *DataAlreadyAcceptedException) StatusCode() int { - return s.RespMetadata.StatusCode +// SetRoleArn sets the RoleArn field's value. +func (s *Destination) SetRoleArn(v string) *Destination { + s.RoleArn = &v + return s } -// RequestID returns the service's response RequestID for request. -func (s *DataAlreadyAcceptedException) RequestID() string { - return s.RespMetadata.RequestID +// SetTargetArn sets the TargetArn field's value. +func (s *Destination) SetTargetArn(v string) *Destination { + s.TargetArn = &v + return s } -type DeleteDataProtectionPolicyInput struct { +type DisassociateKmsKeyInput struct { _ struct{} `type:"structure"` - // The name or ARN of the log group that you want to delete the data protection - // policy for. + // The name of the log group. // - // LogGroupIdentifier is a required field - LogGroupIdentifier *string `locationName:"logGroupIdentifier" min:"1" type:"string" required:"true"` + // In your DisassociateKmsKey operation, you must specify either the resourceIdentifier + // parameter or the logGroup parameter, but you can't specify both. + LogGroupName *string `locationName:"logGroupName" min:"1" type:"string"` + + // Specifies the target for this operation. You must specify one of the following: + // + // * Specify the ARN of a log group to stop having CloudWatch Logs use the + // KMS key to encrypt log events that are ingested and stored by that log + // group. After you run this operation, CloudWatch Logs encrypts ingested + // log events with the default CloudWatch Logs method. The log group ARN + // must be in the following format. Replace REGION and ACCOUNT_ID with your + // Region and account ID. arn:aws:logs:REGION:ACCOUNT_ID:log-group:LOG_GROUP_NAME + // + // * Specify the following ARN to stop using this key to encrypt the results + // of future StartQuery (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_StartQuery.html) + // operations in this account. Replace REGION and ACCOUNT_ID with your Region + // and account ID. arn:aws:logs:REGION:ACCOUNT_ID:query-result:* + // + // In your DisssociateKmsKey operation, you must specify either the resourceIdentifier + // parameter or the logGroup parameter, but you can't specify both. + ResourceIdentifier *string `locationName:"resourceIdentifier" min:"1" type:"string"` } // String returns the string representation. @@ -5651,7 +12979,7 @@ type DeleteDataProtectionPolicyInput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s DeleteDataProtectionPolicyInput) String() string { +func (s DisassociateKmsKeyInput) String() string { return awsutil.Prettify(s) } @@ -5660,18 +12988,18 @@ func (s DeleteDataProtectionPolicyInput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s DeleteDataProtectionPolicyInput) GoString() string { +func (s DisassociateKmsKeyInput) GoString() string { return s.String() } // Validate inspects the fields of the type to determine if they are valid. -func (s *DeleteDataProtectionPolicyInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "DeleteDataProtectionPolicyInput"} - if s.LogGroupIdentifier == nil { - invalidParams.Add(request.NewErrParamRequired("LogGroupIdentifier")) +func (s *DisassociateKmsKeyInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DisassociateKmsKeyInput"} + if s.LogGroupName != nil && len(*s.LogGroupName) < 1 { + invalidParams.Add(request.NewErrParamMinLen("LogGroupName", 1)) } - if s.LogGroupIdentifier != nil && len(*s.LogGroupIdentifier) < 1 { - invalidParams.Add(request.NewErrParamMinLen("LogGroupIdentifier", 1)) + if s.ResourceIdentifier != nil && len(*s.ResourceIdentifier) < 1 { + invalidParams.Add(request.NewErrParamMinLen("ResourceIdentifier", 1)) } if invalidParams.Len() > 0 { @@ -5680,13 +13008,19 @@ func (s *DeleteDataProtectionPolicyInput) Validate() error { return nil } -// SetLogGroupIdentifier sets the LogGroupIdentifier field's value. -func (s *DeleteDataProtectionPolicyInput) SetLogGroupIdentifier(v string) *DeleteDataProtectionPolicyInput { - s.LogGroupIdentifier = &v +// SetLogGroupName sets the LogGroupName field's value. +func (s *DisassociateKmsKeyInput) SetLogGroupName(v string) *DisassociateKmsKeyInput { + s.LogGroupName = &v return s } -type DeleteDataProtectionPolicyOutput struct { +// SetResourceIdentifier sets the ResourceIdentifier field's value. +func (s *DisassociateKmsKeyInput) SetResourceIdentifier(v string) *DisassociateKmsKeyInput { + s.ResourceIdentifier = &v + return s +} + +type DisassociateKmsKeyOutput struct { _ struct{} `type:"structure"` } @@ -5695,7 +13029,7 @@ type DeleteDataProtectionPolicyOutput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s DeleteDataProtectionPolicyOutput) String() string { +func (s DisassociateKmsKeyOutput) String() string { return awsutil.Prettify(s) } @@ -5704,17 +13038,42 @@ func (s DeleteDataProtectionPolicyOutput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s DeleteDataProtectionPolicyOutput) GoString() string { +func (s DisassociateKmsKeyOutput) GoString() string { return s.String() } -type DeleteDestinationInput struct { +// Represents an export task. +type ExportTask struct { _ struct{} `type:"structure"` - // The name of the destination. - // - // DestinationName is a required field - DestinationName *string `locationName:"destinationName" min:"1" type:"string" required:"true"` + // The name of the S3 bucket to which the log data was exported. + Destination *string `locationName:"destination" min:"1" type:"string"` + + // The prefix that was used as the start of Amazon S3 key for every object exported. + DestinationPrefix *string `locationName:"destinationPrefix" type:"string"` + + // Execution information about the export task. + ExecutionInfo *ExportTaskExecutionInfo `locationName:"executionInfo" type:"structure"` + + // The start time, expressed as the number of milliseconds after Jan 1, 1970 + // 00:00:00 UTC. Events with a timestamp before this time are not exported. + From *int64 `locationName:"from" type:"long"` + + // The name of the log group from which logs data was exported. + LogGroupName *string `locationName:"logGroupName" min:"1" type:"string"` + + // The status of the export task. + Status *ExportTaskStatus `locationName:"status" type:"structure"` + + // The ID of the export task. + TaskId *string `locationName:"taskId" min:"1" type:"string"` + + // The name of the export task. + TaskName *string `locationName:"taskName" min:"1" type:"string"` + + // The end time, expressed as the number of milliseconds after Jan 1, 1970 00:00:00 + // UTC. Events with a timestamp later than this time are not exported. + To *int64 `locationName:"to" type:"long"` } // String returns the string representation. @@ -5722,7 +13081,7 @@ type DeleteDestinationInput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s DeleteDestinationInput) String() string { +func (s ExportTask) String() string { return awsutil.Prettify(s) } @@ -5731,34 +13090,75 @@ func (s DeleteDestinationInput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s DeleteDestinationInput) GoString() string { +func (s ExportTask) GoString() string { return s.String() } -// Validate inspects the fields of the type to determine if they are valid. -func (s *DeleteDestinationInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "DeleteDestinationInput"} - if s.DestinationName == nil { - invalidParams.Add(request.NewErrParamRequired("DestinationName")) - } - if s.DestinationName != nil && len(*s.DestinationName) < 1 { - invalidParams.Add(request.NewErrParamMinLen("DestinationName", 1)) - } +// SetDestination sets the Destination field's value. +func (s *ExportTask) SetDestination(v string) *ExportTask { + s.Destination = &v + return s +} - if invalidParams.Len() > 0 { - return invalidParams - } - return nil +// SetDestinationPrefix sets the DestinationPrefix field's value. +func (s *ExportTask) SetDestinationPrefix(v string) *ExportTask { + s.DestinationPrefix = &v + return s } -// SetDestinationName sets the DestinationName field's value. -func (s *DeleteDestinationInput) SetDestinationName(v string) *DeleteDestinationInput { - s.DestinationName = &v +// SetExecutionInfo sets the ExecutionInfo field's value. +func (s *ExportTask) SetExecutionInfo(v *ExportTaskExecutionInfo) *ExportTask { + s.ExecutionInfo = v + return s +} + +// SetFrom sets the From field's value. +func (s *ExportTask) SetFrom(v int64) *ExportTask { + s.From = &v + return s +} + +// SetLogGroupName sets the LogGroupName field's value. +func (s *ExportTask) SetLogGroupName(v string) *ExportTask { + s.LogGroupName = &v + return s +} + +// SetStatus sets the Status field's value. +func (s *ExportTask) SetStatus(v *ExportTaskStatus) *ExportTask { + s.Status = v + return s +} + +// SetTaskId sets the TaskId field's value. +func (s *ExportTask) SetTaskId(v string) *ExportTask { + s.TaskId = &v + return s +} + +// SetTaskName sets the TaskName field's value. +func (s *ExportTask) SetTaskName(v string) *ExportTask { + s.TaskName = &v + return s +} + +// SetTo sets the To field's value. +func (s *ExportTask) SetTo(v int64) *ExportTask { + s.To = &v return s } -type DeleteDestinationOutput struct { +// Represents the status of an export task. +type ExportTaskExecutionInfo struct { _ struct{} `type:"structure"` + + // The completion time of the export task, expressed as the number of milliseconds + // after Jan 1, 1970 00:00:00 UTC. + CompletionTime *int64 `locationName:"completionTime" type:"long"` + + // The creation time of the export task, expressed as the number of milliseconds + // after Jan 1, 1970 00:00:00 UTC. + CreationTime *int64 `locationName:"creationTime" type:"long"` } // String returns the string representation. @@ -5766,7 +13166,7 @@ type DeleteDestinationOutput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s DeleteDestinationOutput) String() string { +func (s ExportTaskExecutionInfo) String() string { return awsutil.Prettify(s) } @@ -5775,17 +13175,31 @@ func (s DeleteDestinationOutput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s DeleteDestinationOutput) GoString() string { +func (s ExportTaskExecutionInfo) GoString() string { return s.String() } -type DeleteLogGroupInput struct { +// SetCompletionTime sets the CompletionTime field's value. +func (s *ExportTaskExecutionInfo) SetCompletionTime(v int64) *ExportTaskExecutionInfo { + s.CompletionTime = &v + return s +} + +// SetCreationTime sets the CreationTime field's value. +func (s *ExportTaskExecutionInfo) SetCreationTime(v int64) *ExportTaskExecutionInfo { + s.CreationTime = &v + return s +} + +// Represents the status of an export task. +type ExportTaskStatus struct { _ struct{} `type:"structure"` - // The name of the log group. - // - // LogGroupName is a required field - LogGroupName *string `locationName:"logGroupName" min:"1" type:"string" required:"true"` + // The status code of the export task. + Code *string `locationName:"code" type:"string" enum:"ExportTaskStatusCode"` + + // The status message related to the status code. + Message *string `locationName:"message" type:"string"` } // String returns the string representation. @@ -5793,7 +13207,7 @@ type DeleteLogGroupInput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s DeleteLogGroupInput) String() string { +func (s ExportTaskStatus) String() string { return awsutil.Prettify(s) } @@ -5802,66 +13216,93 @@ func (s DeleteLogGroupInput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s DeleteLogGroupInput) GoString() string { +func (s ExportTaskStatus) GoString() string { return s.String() } -// Validate inspects the fields of the type to determine if they are valid. -func (s *DeleteLogGroupInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "DeleteLogGroupInput"} - if s.LogGroupName == nil { - invalidParams.Add(request.NewErrParamRequired("LogGroupName")) - } - if s.LogGroupName != nil && len(*s.LogGroupName) < 1 { - invalidParams.Add(request.NewErrParamMinLen("LogGroupName", 1)) - } - - if invalidParams.Len() > 0 { - return invalidParams - } - return nil +// SetCode sets the Code field's value. +func (s *ExportTaskStatus) SetCode(v string) *ExportTaskStatus { + s.Code = &v + return s } -// SetLogGroupName sets the LogGroupName field's value. -func (s *DeleteLogGroupInput) SetLogGroupName(v string) *DeleteLogGroupInput { - s.LogGroupName = &v +// SetMessage sets the Message field's value. +func (s *ExportTaskStatus) SetMessage(v string) *ExportTaskStatus { + s.Message = &v return s } -type DeleteLogGroupOutput struct { +type FilterLogEventsInput struct { _ struct{} `type:"structure"` -} -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s DeleteLogGroupOutput) String() string { - return awsutil.Prettify(s) -} + // The end of the time range, expressed as the number of milliseconds after + // Jan 1, 1970 00:00:00 UTC. Events with a timestamp later than this time are + // not returned. + EndTime *int64 `locationName:"endTime" type:"long"` -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s DeleteLogGroupOutput) GoString() string { - return s.String() -} + // The filter pattern to use. For more information, see Filter and Pattern Syntax + // (https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/FilterAndPatternSyntax.html). + // + // If not provided, all the events are matched. + FilterPattern *string `locationName:"filterPattern" type:"string"` -type DeleteLogStreamInput struct { - _ struct{} `type:"structure"` + // If the value is true, the operation attempts to provide responses that contain + // events from multiple log streams within the log group, interleaved in a single + // response. If the value is false, all the matched log events in the first + // log stream are searched first, then those in the next log stream, and so + // on. + // + // Important As of June 17, 2019, this parameter is ignored and the value is + // assumed to be true. The response from this operation always interleaves events + // from multiple log streams within a log group. + // + // Deprecated: Starting on June 17, 2019, this parameter will be ignored and the value will be assumed to be true. The response from this operation will always interleave events from multiple log streams within a log group. + Interleaved *bool `locationName:"interleaved" deprecated:"true" type:"boolean"` - // The name of the log group. + // The maximum number of events to return. The default is 10,000 events. + Limit *int64 `locationName:"limit" min:"1" type:"integer"` + + // Specify either the name or ARN of the log group to view log events from. + // If the log group is in a source account and you are using a monitoring account, + // you must use the log group ARN. // - // LogGroupName is a required field - LogGroupName *string `locationName:"logGroupName" min:"1" type:"string" required:"true"` + // You must include either logGroupIdentifier or logGroupName, but not both. + LogGroupIdentifier *string `locationName:"logGroupIdentifier" min:"1" type:"string"` - // The name of the log stream. + // The name of the log group to search. // - // LogStreamName is a required field - LogStreamName *string `locationName:"logStreamName" min:"1" type:"string" required:"true"` + // You must include either logGroupIdentifier or logGroupName, but not both. + LogGroupName *string `locationName:"logGroupName" min:"1" type:"string"` + + // Filters the results to include only events from log streams that have names + // starting with this prefix. + // + // If you specify a value for both logStreamNamePrefix and logStreamNames, but + // the value for logStreamNamePrefix does not match any log stream names specified + // in logStreamNames, the action returns an InvalidParameterException error. + LogStreamNamePrefix *string `locationName:"logStreamNamePrefix" min:"1" type:"string"` + + // Filters the results to only logs from the log streams in this list. + // + // If you specify a value for both logStreamNamePrefix and logStreamNames, the + // action returns an InvalidParameterException error. + LogStreamNames []*string `locationName:"logStreamNames" min:"1" type:"list"` + + // The token for the next set of events to return. (You received this token + // from a previous call.) + NextToken *string `locationName:"nextToken" min:"1" type:"string"` + + // The start of the time range, expressed as the number of milliseconds after + // Jan 1, 1970 00:00:00 UTC. Events with a timestamp before this time are not + // returned. + StartTime *int64 `locationName:"startTime" type:"long"` + + // Specify true to display the log event fields with all sensitive data unmasked + // and visible. The default is false. + // + // To use this operation with this parameter, you must be signed into an account + // with the logs:Unmask permission. + Unmask *bool `locationName:"unmask" type:"boolean"` } // String returns the string representation. @@ -5869,7 +13310,7 @@ type DeleteLogStreamInput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s DeleteLogStreamInput) String() string { +func (s FilterLogEventsInput) String() string { return awsutil.Prettify(s) } @@ -5878,24 +13319,30 @@ func (s DeleteLogStreamInput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s DeleteLogStreamInput) GoString() string { +func (s FilterLogEventsInput) GoString() string { return s.String() } // Validate inspects the fields of the type to determine if they are valid. -func (s *DeleteLogStreamInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "DeleteLogStreamInput"} - if s.LogGroupName == nil { - invalidParams.Add(request.NewErrParamRequired("LogGroupName")) +func (s *FilterLogEventsInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "FilterLogEventsInput"} + if s.Limit != nil && *s.Limit < 1 { + invalidParams.Add(request.NewErrParamMinValue("Limit", 1)) + } + if s.LogGroupIdentifier != nil && len(*s.LogGroupIdentifier) < 1 { + invalidParams.Add(request.NewErrParamMinLen("LogGroupIdentifier", 1)) } if s.LogGroupName != nil && len(*s.LogGroupName) < 1 { invalidParams.Add(request.NewErrParamMinLen("LogGroupName", 1)) } - if s.LogStreamName == nil { - invalidParams.Add(request.NewErrParamRequired("LogStreamName")) + if s.LogStreamNamePrefix != nil && len(*s.LogStreamNamePrefix) < 1 { + invalidParams.Add(request.NewErrParamMinLen("LogStreamNamePrefix", 1)) } - if s.LogStreamName != nil && len(*s.LogStreamName) < 1 { - invalidParams.Add(request.NewErrParamMinLen("LogStreamName", 1)) + if s.LogStreamNames != nil && len(s.LogStreamNames) < 1 { + invalidParams.Add(request.NewErrParamMinLen("LogStreamNames", 1)) + } + if s.NextToken != nil && len(*s.NextToken) < 1 { + invalidParams.Add(request.NewErrParamMinLen("NextToken", 1)) } if invalidParams.Len() > 0 { @@ -5904,52 +13351,88 @@ func (s *DeleteLogStreamInput) Validate() error { return nil } +// SetEndTime sets the EndTime field's value. +func (s *FilterLogEventsInput) SetEndTime(v int64) *FilterLogEventsInput { + s.EndTime = &v + return s +} + +// SetFilterPattern sets the FilterPattern field's value. +func (s *FilterLogEventsInput) SetFilterPattern(v string) *FilterLogEventsInput { + s.FilterPattern = &v + return s +} + +// SetInterleaved sets the Interleaved field's value. +func (s *FilterLogEventsInput) SetInterleaved(v bool) *FilterLogEventsInput { + s.Interleaved = &v + return s +} + +// SetLimit sets the Limit field's value. +func (s *FilterLogEventsInput) SetLimit(v int64) *FilterLogEventsInput { + s.Limit = &v + return s +} + +// SetLogGroupIdentifier sets the LogGroupIdentifier field's value. +func (s *FilterLogEventsInput) SetLogGroupIdentifier(v string) *FilterLogEventsInput { + s.LogGroupIdentifier = &v + return s +} + // SetLogGroupName sets the LogGroupName field's value. -func (s *DeleteLogStreamInput) SetLogGroupName(v string) *DeleteLogStreamInput { +func (s *FilterLogEventsInput) SetLogGroupName(v string) *FilterLogEventsInput { s.LogGroupName = &v return s } -// SetLogStreamName sets the LogStreamName field's value. -func (s *DeleteLogStreamInput) SetLogStreamName(v string) *DeleteLogStreamInput { - s.LogStreamName = &v +// SetLogStreamNamePrefix sets the LogStreamNamePrefix field's value. +func (s *FilterLogEventsInput) SetLogStreamNamePrefix(v string) *FilterLogEventsInput { + s.LogStreamNamePrefix = &v return s } -type DeleteLogStreamOutput struct { - _ struct{} `type:"structure"` +// SetLogStreamNames sets the LogStreamNames field's value. +func (s *FilterLogEventsInput) SetLogStreamNames(v []*string) *FilterLogEventsInput { + s.LogStreamNames = v + return s } -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s DeleteLogStreamOutput) String() string { - return awsutil.Prettify(s) +// SetNextToken sets the NextToken field's value. +func (s *FilterLogEventsInput) SetNextToken(v string) *FilterLogEventsInput { + s.NextToken = &v + return s } -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s DeleteLogStreamOutput) GoString() string { - return s.String() +// SetStartTime sets the StartTime field's value. +func (s *FilterLogEventsInput) SetStartTime(v int64) *FilterLogEventsInput { + s.StartTime = &v + return s } -type DeleteMetricFilterInput struct { +// SetUnmask sets the Unmask field's value. +func (s *FilterLogEventsInput) SetUnmask(v bool) *FilterLogEventsInput { + s.Unmask = &v + return s +} + +type FilterLogEventsOutput struct { _ struct{} `type:"structure"` - // The name of the metric filter. - // - // FilterName is a required field - FilterName *string `locationName:"filterName" min:"1" type:"string" required:"true"` + // The matched events. + Events []*FilteredLogEvent `locationName:"events" type:"list"` + + // The token to use when requesting the next set of items. The token expires + // after 24 hours. + NextToken *string `locationName:"nextToken" min:"1" type:"string"` - // The name of the log group. + // Important As of May 15, 2020, this parameter is no longer supported. This + // parameter returns an empty list. // - // LogGroupName is a required field - LogGroupName *string `locationName:"logGroupName" min:"1" type:"string" required:"true"` + // Indicates which log streams have been searched and whether each has been + // searched completely. + SearchedLogStreams []*SearchedLogStream `locationName:"searchedLogStreams" type:"list"` } // String returns the string representation. @@ -5957,7 +13440,7 @@ type DeleteMetricFilterInput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s DeleteMetricFilterInput) String() string { +func (s FilterLogEventsOutput) String() string { return awsutil.Prettify(s) } @@ -5966,46 +13449,48 @@ func (s DeleteMetricFilterInput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s DeleteMetricFilterInput) GoString() string { +func (s FilterLogEventsOutput) GoString() string { return s.String() } -// Validate inspects the fields of the type to determine if they are valid. -func (s *DeleteMetricFilterInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "DeleteMetricFilterInput"} - if s.FilterName == nil { - invalidParams.Add(request.NewErrParamRequired("FilterName")) - } - if s.FilterName != nil && len(*s.FilterName) < 1 { - invalidParams.Add(request.NewErrParamMinLen("FilterName", 1)) - } - if s.LogGroupName == nil { - invalidParams.Add(request.NewErrParamRequired("LogGroupName")) - } - if s.LogGroupName != nil && len(*s.LogGroupName) < 1 { - invalidParams.Add(request.NewErrParamMinLen("LogGroupName", 1)) - } - - if invalidParams.Len() > 0 { - return invalidParams - } - return nil +// SetEvents sets the Events field's value. +func (s *FilterLogEventsOutput) SetEvents(v []*FilteredLogEvent) *FilterLogEventsOutput { + s.Events = v + return s } -// SetFilterName sets the FilterName field's value. -func (s *DeleteMetricFilterInput) SetFilterName(v string) *DeleteMetricFilterInput { - s.FilterName = &v +// SetNextToken sets the NextToken field's value. +func (s *FilterLogEventsOutput) SetNextToken(v string) *FilterLogEventsOutput { + s.NextToken = &v return s } -// SetLogGroupName sets the LogGroupName field's value. -func (s *DeleteMetricFilterInput) SetLogGroupName(v string) *DeleteMetricFilterInput { - s.LogGroupName = &v +// SetSearchedLogStreams sets the SearchedLogStreams field's value. +func (s *FilterLogEventsOutput) SetSearchedLogStreams(v []*SearchedLogStream) *FilterLogEventsOutput { + s.SearchedLogStreams = v return s } -type DeleteMetricFilterOutput struct { +// Represents a matched event. +type FilteredLogEvent struct { _ struct{} `type:"structure"` + + // The ID of the event. + EventId *string `locationName:"eventId" type:"string"` + + // The time the event was ingested, expressed as the number of milliseconds + // after Jan 1, 1970 00:00:00 UTC. + IngestionTime *int64 `locationName:"ingestionTime" type:"long"` + + // The name of the log stream to which this event belongs. + LogStreamName *string `locationName:"logStreamName" min:"1" type:"string"` + + // The data contained in the log event. + Message *string `locationName:"message" min:"1" type:"string"` + + // The time the event occurred, expressed as the number of milliseconds after + // Jan 1, 1970 00:00:00 UTC. + Timestamp *int64 `locationName:"timestamp" type:"long"` } // String returns the string representation. @@ -6013,7 +13498,7 @@ type DeleteMetricFilterOutput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s DeleteMetricFilterOutput) String() string { +func (s FilteredLogEvent) String() string { return awsutil.Prettify(s) } @@ -6022,19 +13507,48 @@ func (s DeleteMetricFilterOutput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s DeleteMetricFilterOutput) GoString() string { +func (s FilteredLogEvent) GoString() string { return s.String() } -type DeleteQueryDefinitionInput struct { +// SetEventId sets the EventId field's value. +func (s *FilteredLogEvent) SetEventId(v string) *FilteredLogEvent { + s.EventId = &v + return s +} + +// SetIngestionTime sets the IngestionTime field's value. +func (s *FilteredLogEvent) SetIngestionTime(v int64) *FilteredLogEvent { + s.IngestionTime = &v + return s +} + +// SetLogStreamName sets the LogStreamName field's value. +func (s *FilteredLogEvent) SetLogStreamName(v string) *FilteredLogEvent { + s.LogStreamName = &v + return s +} + +// SetMessage sets the Message field's value. +func (s *FilteredLogEvent) SetMessage(v string) *FilteredLogEvent { + s.Message = &v + return s +} + +// SetTimestamp sets the Timestamp field's value. +func (s *FilteredLogEvent) SetTimestamp(v int64) *FilteredLogEvent { + s.Timestamp = &v + return s +} + +type GetDataProtectionPolicyInput struct { _ struct{} `type:"structure"` - // The ID of the query definition that you want to delete. You can use DescribeQueryDefinitions - // (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_DescribeQueryDefinitions.html) - // to retrieve the IDs of your saved query definitions. + // The name or ARN of the log group that contains the data protection policy + // that you want to see. // - // QueryDefinitionId is a required field - QueryDefinitionId *string `locationName:"queryDefinitionId" type:"string" required:"true"` + // LogGroupIdentifier is a required field + LogGroupIdentifier *string `locationName:"logGroupIdentifier" min:"1" type:"string" required:"true"` } // String returns the string representation. @@ -6042,7 +13556,7 @@ type DeleteQueryDefinitionInput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s DeleteQueryDefinitionInput) String() string { +func (s GetDataProtectionPolicyInput) String() string { return awsutil.Prettify(s) } @@ -6051,15 +13565,18 @@ func (s DeleteQueryDefinitionInput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s DeleteQueryDefinitionInput) GoString() string { +func (s GetDataProtectionPolicyInput) GoString() string { return s.String() } // Validate inspects the fields of the type to determine if they are valid. -func (s *DeleteQueryDefinitionInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "DeleteQueryDefinitionInput"} - if s.QueryDefinitionId == nil { - invalidParams.Add(request.NewErrParamRequired("QueryDefinitionId")) +func (s *GetDataProtectionPolicyInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "GetDataProtectionPolicyInput"} + if s.LogGroupIdentifier == nil { + invalidParams.Add(request.NewErrParamRequired("LogGroupIdentifier")) + } + if s.LogGroupIdentifier != nil && len(*s.LogGroupIdentifier) < 1 { + invalidParams.Add(request.NewErrParamMinLen("LogGroupIdentifier", 1)) } if invalidParams.Len() > 0 { @@ -6068,18 +13585,23 @@ func (s *DeleteQueryDefinitionInput) Validate() error { return nil } -// SetQueryDefinitionId sets the QueryDefinitionId field's value. -func (s *DeleteQueryDefinitionInput) SetQueryDefinitionId(v string) *DeleteQueryDefinitionInput { - s.QueryDefinitionId = &v +// SetLogGroupIdentifier sets the LogGroupIdentifier field's value. +func (s *GetDataProtectionPolicyInput) SetLogGroupIdentifier(v string) *GetDataProtectionPolicyInput { + s.LogGroupIdentifier = &v return s } -type DeleteQueryDefinitionOutput struct { +type GetDataProtectionPolicyOutput struct { _ struct{} `type:"structure"` - // A value of TRUE indicates that the operation succeeded. FALSE indicates that - // the operation failed. - Success *bool `locationName:"success" type:"boolean"` + // The date and time that this policy was most recently updated. + LastUpdatedTime *int64 `locationName:"lastUpdatedTime" type:"long"` + + // The log group name or ARN that you specified in your request. + LogGroupIdentifier *string `locationName:"logGroupIdentifier" min:"1" type:"string"` + + // The data protection policy document for this log group. + PolicyDocument *string `locationName:"policyDocument" type:"string"` } // String returns the string representation. @@ -6087,7 +13609,7 @@ type DeleteQueryDefinitionOutput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s DeleteQueryDefinitionOutput) String() string { +func (s GetDataProtectionPolicyOutput) String() string { return awsutil.Prettify(s) } @@ -6096,21 +13618,35 @@ func (s DeleteQueryDefinitionOutput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s DeleteQueryDefinitionOutput) GoString() string { +func (s GetDataProtectionPolicyOutput) GoString() string { return s.String() } -// SetSuccess sets the Success field's value. -func (s *DeleteQueryDefinitionOutput) SetSuccess(v bool) *DeleteQueryDefinitionOutput { - s.Success = &v +// SetLastUpdatedTime sets the LastUpdatedTime field's value. +func (s *GetDataProtectionPolicyOutput) SetLastUpdatedTime(v int64) *GetDataProtectionPolicyOutput { + s.LastUpdatedTime = &v return s } -type DeleteResourcePolicyInput struct { +// SetLogGroupIdentifier sets the LogGroupIdentifier field's value. +func (s *GetDataProtectionPolicyOutput) SetLogGroupIdentifier(v string) *GetDataProtectionPolicyOutput { + s.LogGroupIdentifier = &v + return s +} + +// SetPolicyDocument sets the PolicyDocument field's value. +func (s *GetDataProtectionPolicyOutput) SetPolicyDocument(v string) *GetDataProtectionPolicyOutput { + s.PolicyDocument = &v + return s +} + +type GetDeliveryDestinationInput struct { _ struct{} `type:"structure"` - // The name of the policy to be revoked. This parameter is required. - PolicyName *string `locationName:"policyName" type:"string"` + // The name of the delivery destination that you want to retrieve. + // + // Name is a required field + Name *string `locationName:"name" min:"1" type:"string" required:"true"` } // String returns the string representation. @@ -6118,7 +13654,7 @@ type DeleteResourcePolicyInput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s DeleteResourcePolicyInput) String() string { +func (s GetDeliveryDestinationInput) String() string { return awsutil.Prettify(s) } @@ -6127,18 +13663,37 @@ func (s DeleteResourcePolicyInput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s DeleteResourcePolicyInput) GoString() string { +func (s GetDeliveryDestinationInput) GoString() string { return s.String() } -// SetPolicyName sets the PolicyName field's value. -func (s *DeleteResourcePolicyInput) SetPolicyName(v string) *DeleteResourcePolicyInput { - s.PolicyName = &v +// Validate inspects the fields of the type to determine if they are valid. +func (s *GetDeliveryDestinationInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "GetDeliveryDestinationInput"} + if s.Name == nil { + invalidParams.Add(request.NewErrParamRequired("Name")) + } + if s.Name != nil && len(*s.Name) < 1 { + invalidParams.Add(request.NewErrParamMinLen("Name", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetName sets the Name field's value. +func (s *GetDeliveryDestinationInput) SetName(v string) *GetDeliveryDestinationInput { + s.Name = &v return s } -type DeleteResourcePolicyOutput struct { +type GetDeliveryDestinationOutput struct { _ struct{} `type:"structure"` + + // A structure containing information about the delivery destination. + DeliveryDestination *DeliveryDestination `locationName:"deliveryDestination" type:"structure"` } // String returns the string representation. @@ -6146,7 +13701,7 @@ type DeleteResourcePolicyOutput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s DeleteResourcePolicyOutput) String() string { +func (s GetDeliveryDestinationOutput) String() string { return awsutil.Prettify(s) } @@ -6155,17 +13710,24 @@ func (s DeleteResourcePolicyOutput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s DeleteResourcePolicyOutput) GoString() string { +func (s GetDeliveryDestinationOutput) GoString() string { return s.String() } -type DeleteRetentionPolicyInput struct { +// SetDeliveryDestination sets the DeliveryDestination field's value. +func (s *GetDeliveryDestinationOutput) SetDeliveryDestination(v *DeliveryDestination) *GetDeliveryDestinationOutput { + s.DeliveryDestination = v + return s +} + +type GetDeliveryDestinationPolicyInput struct { _ struct{} `type:"structure"` - // The name of the log group. + // The name of the delivery destination that you want to retrieve the policy + // of. // - // LogGroupName is a required field - LogGroupName *string `locationName:"logGroupName" min:"1" type:"string" required:"true"` + // DeliveryDestinationName is a required field + DeliveryDestinationName *string `locationName:"deliveryDestinationName" min:"1" type:"string" required:"true"` } // String returns the string representation. @@ -6173,7 +13735,7 @@ type DeleteRetentionPolicyInput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s DeleteRetentionPolicyInput) String() string { +func (s GetDeliveryDestinationPolicyInput) String() string { return awsutil.Prettify(s) } @@ -6182,18 +13744,18 @@ func (s DeleteRetentionPolicyInput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s DeleteRetentionPolicyInput) GoString() string { +func (s GetDeliveryDestinationPolicyInput) GoString() string { return s.String() } // Validate inspects the fields of the type to determine if they are valid. -func (s *DeleteRetentionPolicyInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "DeleteRetentionPolicyInput"} - if s.LogGroupName == nil { - invalidParams.Add(request.NewErrParamRequired("LogGroupName")) +func (s *GetDeliveryDestinationPolicyInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "GetDeliveryDestinationPolicyInput"} + if s.DeliveryDestinationName == nil { + invalidParams.Add(request.NewErrParamRequired("DeliveryDestinationName")) } - if s.LogGroupName != nil && len(*s.LogGroupName) < 1 { - invalidParams.Add(request.NewErrParamMinLen("LogGroupName", 1)) + if s.DeliveryDestinationName != nil && len(*s.DeliveryDestinationName) < 1 { + invalidParams.Add(request.NewErrParamMinLen("DeliveryDestinationName", 1)) } if invalidParams.Len() > 0 { @@ -6202,14 +13764,17 @@ func (s *DeleteRetentionPolicyInput) Validate() error { return nil } -// SetLogGroupName sets the LogGroupName field's value. -func (s *DeleteRetentionPolicyInput) SetLogGroupName(v string) *DeleteRetentionPolicyInput { - s.LogGroupName = &v +// SetDeliveryDestinationName sets the DeliveryDestinationName field's value. +func (s *GetDeliveryDestinationPolicyInput) SetDeliveryDestinationName(v string) *GetDeliveryDestinationPolicyInput { + s.DeliveryDestinationName = &v return s } -type DeleteRetentionPolicyOutput struct { +type GetDeliveryDestinationPolicyOutput struct { _ struct{} `type:"structure"` + + // The IAM policy for this delivery destination. + Policy *Policy `locationName:"policy" type:"structure"` } // String returns the string representation. @@ -6217,7 +13782,7 @@ type DeleteRetentionPolicyOutput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s DeleteRetentionPolicyOutput) String() string { +func (s GetDeliveryDestinationPolicyOutput) String() string { return awsutil.Prettify(s) } @@ -6226,22 +13791,23 @@ func (s DeleteRetentionPolicyOutput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s DeleteRetentionPolicyOutput) GoString() string { +func (s GetDeliveryDestinationPolicyOutput) GoString() string { return s.String() } -type DeleteSubscriptionFilterInput struct { - _ struct{} `type:"structure"` +// SetPolicy sets the Policy field's value. +func (s *GetDeliveryDestinationPolicyOutput) SetPolicy(v *Policy) *GetDeliveryDestinationPolicyOutput { + s.Policy = v + return s +} - // The name of the subscription filter. - // - // FilterName is a required field - FilterName *string `locationName:"filterName" min:"1" type:"string" required:"true"` +type GetDeliveryInput struct { + _ struct{} `type:"structure"` - // The name of the log group. + // The ID of the delivery that you want to retrieve. // - // LogGroupName is a required field - LogGroupName *string `locationName:"logGroupName" min:"1" type:"string" required:"true"` + // Id is a required field + Id *string `locationName:"id" min:"1" type:"string" required:"true"` } // String returns the string representation. @@ -6249,7 +13815,7 @@ type DeleteSubscriptionFilterInput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s DeleteSubscriptionFilterInput) String() string { +func (s GetDeliveryInput) String() string { return awsutil.Prettify(s) } @@ -6258,24 +13824,18 @@ func (s DeleteSubscriptionFilterInput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s DeleteSubscriptionFilterInput) GoString() string { +func (s GetDeliveryInput) GoString() string { return s.String() } - -// Validate inspects the fields of the type to determine if they are valid. -func (s *DeleteSubscriptionFilterInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "DeleteSubscriptionFilterInput"} - if s.FilterName == nil { - invalidParams.Add(request.NewErrParamRequired("FilterName")) - } - if s.FilterName != nil && len(*s.FilterName) < 1 { - invalidParams.Add(request.NewErrParamMinLen("FilterName", 1)) - } - if s.LogGroupName == nil { - invalidParams.Add(request.NewErrParamRequired("LogGroupName")) + +// Validate inspects the fields of the type to determine if they are valid. +func (s *GetDeliveryInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "GetDeliveryInput"} + if s.Id == nil { + invalidParams.Add(request.NewErrParamRequired("Id")) } - if s.LogGroupName != nil && len(*s.LogGroupName) < 1 { - invalidParams.Add(request.NewErrParamMinLen("LogGroupName", 1)) + if s.Id != nil && len(*s.Id) < 1 { + invalidParams.Add(request.NewErrParamMinLen("Id", 1)) } if invalidParams.Len() > 0 { @@ -6284,20 +13844,17 @@ func (s *DeleteSubscriptionFilterInput) Validate() error { return nil } -// SetFilterName sets the FilterName field's value. -func (s *DeleteSubscriptionFilterInput) SetFilterName(v string) *DeleteSubscriptionFilterInput { - s.FilterName = &v - return s -} - -// SetLogGroupName sets the LogGroupName field's value. -func (s *DeleteSubscriptionFilterInput) SetLogGroupName(v string) *DeleteSubscriptionFilterInput { - s.LogGroupName = &v +// SetId sets the Id field's value. +func (s *GetDeliveryInput) SetId(v string) *GetDeliveryInput { + s.Id = &v return s } -type DeleteSubscriptionFilterOutput struct { +type GetDeliveryOutput struct { _ struct{} `type:"structure"` + + // A structure that contains information about the delivery. + Delivery *Delivery `locationName:"delivery" type:"structure"` } // String returns the string representation. @@ -6305,7 +13862,7 @@ type DeleteSubscriptionFilterOutput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s DeleteSubscriptionFilterOutput) String() string { +func (s GetDeliveryOutput) String() string { return awsutil.Prettify(s) } @@ -6314,23 +13871,23 @@ func (s DeleteSubscriptionFilterOutput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s DeleteSubscriptionFilterOutput) GoString() string { +func (s GetDeliveryOutput) GoString() string { return s.String() } -type DescribeDestinationsInput struct { - _ struct{} `type:"structure"` - - // The prefix to match. If you don't specify a value, no prefix filter is applied. - DestinationNamePrefix *string `min:"1" type:"string"` +// SetDelivery sets the Delivery field's value. +func (s *GetDeliveryOutput) SetDelivery(v *Delivery) *GetDeliveryOutput { + s.Delivery = v + return s +} - // The maximum number of items returned. If you don't specify a value, the default - // maximum value of 50 items is used. - Limit *int64 `locationName:"limit" min:"1" type:"integer"` +type GetDeliverySourceInput struct { + _ struct{} `type:"structure"` - // The token for the next set of items to return. (You received this token from - // a previous call.) - NextToken *string `locationName:"nextToken" min:"1" type:"string"` + // The name of the delivery source that you want to retrieve. + // + // Name is a required field + Name *string `locationName:"name" min:"1" type:"string" required:"true"` } // String returns the string representation. @@ -6338,7 +13895,7 @@ type DescribeDestinationsInput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s DescribeDestinationsInput) String() string { +func (s GetDeliverySourceInput) String() string { return awsutil.Prettify(s) } @@ -6347,21 +13904,18 @@ func (s DescribeDestinationsInput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s DescribeDestinationsInput) GoString() string { +func (s GetDeliverySourceInput) GoString() string { return s.String() } // Validate inspects the fields of the type to determine if they are valid. -func (s *DescribeDestinationsInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "DescribeDestinationsInput"} - if s.DestinationNamePrefix != nil && len(*s.DestinationNamePrefix) < 1 { - invalidParams.Add(request.NewErrParamMinLen("DestinationNamePrefix", 1)) - } - if s.Limit != nil && *s.Limit < 1 { - invalidParams.Add(request.NewErrParamMinValue("Limit", 1)) +func (s *GetDeliverySourceInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "GetDeliverySourceInput"} + if s.Name == nil { + invalidParams.Add(request.NewErrParamRequired("Name")) } - if s.NextToken != nil && len(*s.NextToken) < 1 { - invalidParams.Add(request.NewErrParamMinLen("NextToken", 1)) + if s.Name != nil && len(*s.Name) < 1 { + invalidParams.Add(request.NewErrParamMinLen("Name", 1)) } if invalidParams.Len() > 0 { @@ -6370,33 +13924,17 @@ func (s *DescribeDestinationsInput) Validate() error { return nil } -// SetDestinationNamePrefix sets the DestinationNamePrefix field's value. -func (s *DescribeDestinationsInput) SetDestinationNamePrefix(v string) *DescribeDestinationsInput { - s.DestinationNamePrefix = &v - return s -} - -// SetLimit sets the Limit field's value. -func (s *DescribeDestinationsInput) SetLimit(v int64) *DescribeDestinationsInput { - s.Limit = &v - return s -} - -// SetNextToken sets the NextToken field's value. -func (s *DescribeDestinationsInput) SetNextToken(v string) *DescribeDestinationsInput { - s.NextToken = &v +// SetName sets the Name field's value. +func (s *GetDeliverySourceInput) SetName(v string) *GetDeliverySourceInput { + s.Name = &v return s } -type DescribeDestinationsOutput struct { +type GetDeliverySourceOutput struct { _ struct{} `type:"structure"` - // The destinations. - Destinations []*Destination `locationName:"destinations" type:"list"` - - // The token for the next set of items to return. The token expires after 24 - // hours. - NextToken *string `locationName:"nextToken" min:"1" type:"string"` + // A structure containing information about the delivery source. + DeliverySource *DeliverySource `locationName:"deliverySource" type:"structure"` } // String returns the string representation. @@ -6404,7 +13942,7 @@ type DescribeDestinationsOutput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s DescribeDestinationsOutput) String() string { +func (s GetDeliverySourceOutput) String() string { return awsutil.Prettify(s) } @@ -6413,40 +13951,26 @@ func (s DescribeDestinationsOutput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s DescribeDestinationsOutput) GoString() string { +func (s GetDeliverySourceOutput) GoString() string { return s.String() } -// SetDestinations sets the Destinations field's value. -func (s *DescribeDestinationsOutput) SetDestinations(v []*Destination) *DescribeDestinationsOutput { - s.Destinations = v - return s -} - -// SetNextToken sets the NextToken field's value. -func (s *DescribeDestinationsOutput) SetNextToken(v string) *DescribeDestinationsOutput { - s.NextToken = &v +// SetDeliverySource sets the DeliverySource field's value. +func (s *GetDeliverySourceOutput) SetDeliverySource(v *DeliverySource) *GetDeliverySourceOutput { + s.DeliverySource = v return s } -type DescribeExportTasksInput struct { +type GetLogAnomalyDetectorInput struct { _ struct{} `type:"structure"` - // The maximum number of items returned. If you don't specify a value, the default - // is up to 50 items. - Limit *int64 `locationName:"limit" min:"1" type:"integer"` - - // The token for the next set of items to return. (You received this token from - // a previous call.) - NextToken *string `locationName:"nextToken" min:"1" type:"string"` - - // The status code of the export task. Specifying a status code filters the - // results to zero or more export tasks. - StatusCode *string `locationName:"statusCode" type:"string" enum:"ExportTaskStatusCode"` - - // The ID of the export task. Specifying a task ID filters the results to one - // or zero export tasks. - TaskId *string `locationName:"taskId" min:"1" type:"string"` + // The ARN of the anomaly detector to retrieve information about. You can find + // the ARNs of log anomaly detectors in your account by using the ListLogAnomalyDetectors + // (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_ListLogAnomalyDetectors.html) + // operation. + // + // AnomalyDetectorArn is a required field + AnomalyDetectorArn *string `locationName:"anomalyDetectorArn" min:"1" type:"string" required:"true"` } // String returns the string representation. @@ -6454,7 +13978,7 @@ type DescribeExportTasksInput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s DescribeExportTasksInput) String() string { +func (s GetLogAnomalyDetectorInput) String() string { return awsutil.Prettify(s) } @@ -6463,21 +13987,18 @@ func (s DescribeExportTasksInput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s DescribeExportTasksInput) GoString() string { +func (s GetLogAnomalyDetectorInput) GoString() string { return s.String() } // Validate inspects the fields of the type to determine if they are valid. -func (s *DescribeExportTasksInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "DescribeExportTasksInput"} - if s.Limit != nil && *s.Limit < 1 { - invalidParams.Add(request.NewErrParamMinValue("Limit", 1)) - } - if s.NextToken != nil && len(*s.NextToken) < 1 { - invalidParams.Add(request.NewErrParamMinLen("NextToken", 1)) +func (s *GetLogAnomalyDetectorInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "GetLogAnomalyDetectorInput"} + if s.AnomalyDetectorArn == nil { + invalidParams.Add(request.NewErrParamRequired("AnomalyDetectorArn")) } - if s.TaskId != nil && len(*s.TaskId) < 1 { - invalidParams.Add(request.NewErrParamMinLen("TaskId", 1)) + if s.AnomalyDetectorArn != nil && len(*s.AnomalyDetectorArn) < 1 { + invalidParams.Add(request.NewErrParamMinLen("AnomalyDetectorArn", 1)) } if invalidParams.Len() > 0 { @@ -6486,39 +14007,52 @@ func (s *DescribeExportTasksInput) Validate() error { return nil } -// SetLimit sets the Limit field's value. -func (s *DescribeExportTasksInput) SetLimit(v int64) *DescribeExportTasksInput { - s.Limit = &v +// SetAnomalyDetectorArn sets the AnomalyDetectorArn field's value. +func (s *GetLogAnomalyDetectorInput) SetAnomalyDetectorArn(v string) *GetLogAnomalyDetectorInput { + s.AnomalyDetectorArn = &v return s } -// SetNextToken sets the NextToken field's value. -func (s *DescribeExportTasksInput) SetNextToken(v string) *DescribeExportTasksInput { - s.NextToken = &v - return s -} +type GetLogAnomalyDetectorOutput struct { + _ struct{} `type:"structure"` -// SetStatusCode sets the StatusCode field's value. -func (s *DescribeExportTasksInput) SetStatusCode(v string) *DescribeExportTasksInput { - s.StatusCode = &v - return s -} + // Specifies whether the anomaly detector is currently active. To change its + // status, use the enabled parameter in the UpdateLogAnomalyDetector (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_UpdateLogAnomalyDetector.html) + // operation. + AnomalyDetectorStatus *string `locationName:"anomalyDetectorStatus" type:"string" enum:"AnomalyDetectorStatus"` -// SetTaskId sets the TaskId field's value. -func (s *DescribeExportTasksInput) SetTaskId(v string) *DescribeExportTasksInput { - s.TaskId = &v - return s -} + // The number of days used as the life cycle of anomalies. After this time, + // anomalies are automatically baselined and the anomaly detector model will + // treat new occurrences of similar event as normal. + AnomalyVisibilityTime *int64 `locationName:"anomalyVisibilityTime" min:"7" type:"long"` -type DescribeExportTasksOutput struct { - _ struct{} `type:"structure"` + // The date and time when this anomaly detector was created. + CreationTimeStamp *int64 `locationName:"creationTimeStamp" type:"long"` - // The export tasks. - ExportTasks []*ExportTask `locationName:"exportTasks" type:"list"` + // The name of the log anomaly detector + DetectorName *string `locationName:"detectorName" min:"1" type:"string"` - // The token for the next set of items to return. The token expires after 24 - // hours. - NextToken *string `locationName:"nextToken" min:"1" type:"string"` + // Specifies how often the anomaly detector runs and look for anomalies. Set + // this value according to the frequency that the log group receives new logs. + // For example, if the log group receives new log events every 10 minutes, then + // setting evaluationFrequency to FIFTEEN_MIN might be appropriate. + EvaluationFrequency *string `locationName:"evaluationFrequency" type:"string" enum:"EvaluationFrequency"` + + // A symbolic description of how CloudWatch Logs should interpret the data in + // each log event. For example, a log event can contain timestamps, IP addresses, + // strings, and so on. You use the filter pattern to specify what to look for + // in the log event message. + FilterPattern *string `locationName:"filterPattern" type:"string"` + + // The ID of the KMS key assigned to this anomaly detector, if any. + KmsKeyId *string `locationName:"kmsKeyId" type:"string"` + + // The date and time when this anomaly detector was most recently modified. + LastModifiedTimeStamp *int64 `locationName:"lastModifiedTimeStamp" type:"long"` + + // An array of structures, where each structure contains the ARN of a log group + // associated with this anomaly detector. + LogGroupArnList []*string `locationName:"logGroupArnList" type:"list"` } // String returns the string representation. @@ -6526,7 +14060,7 @@ type DescribeExportTasksOutput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s DescribeExportTasksOutput) String() string { +func (s GetLogAnomalyDetectorOutput) String() string { return awsutil.Prettify(s) } @@ -6535,63 +14069,118 @@ func (s DescribeExportTasksOutput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s DescribeExportTasksOutput) GoString() string { +func (s GetLogAnomalyDetectorOutput) GoString() string { return s.String() } -// SetExportTasks sets the ExportTasks field's value. -func (s *DescribeExportTasksOutput) SetExportTasks(v []*ExportTask) *DescribeExportTasksOutput { - s.ExportTasks = v +// SetAnomalyDetectorStatus sets the AnomalyDetectorStatus field's value. +func (s *GetLogAnomalyDetectorOutput) SetAnomalyDetectorStatus(v string) *GetLogAnomalyDetectorOutput { + s.AnomalyDetectorStatus = &v return s } -// SetNextToken sets the NextToken field's value. -func (s *DescribeExportTasksOutput) SetNextToken(v string) *DescribeExportTasksOutput { - s.NextToken = &v +// SetAnomalyVisibilityTime sets the AnomalyVisibilityTime field's value. +func (s *GetLogAnomalyDetectorOutput) SetAnomalyVisibilityTime(v int64) *GetLogAnomalyDetectorOutput { + s.AnomalyVisibilityTime = &v return s } -type DescribeLogGroupsInput struct { - _ struct{} `type:"structure"` +// SetCreationTimeStamp sets the CreationTimeStamp field's value. +func (s *GetLogAnomalyDetectorOutput) SetCreationTimeStamp(v int64) *GetLogAnomalyDetectorOutput { + s.CreationTimeStamp = &v + return s +} - // When includeLinkedAccounts is set to True, use this parameter to specify - // the list of accounts to search. You can specify as many as 20 account IDs - // in the array. - AccountIdentifiers []*string `locationName:"accountIdentifiers" type:"list"` +// SetDetectorName sets the DetectorName field's value. +func (s *GetLogAnomalyDetectorOutput) SetDetectorName(v string) *GetLogAnomalyDetectorOutput { + s.DetectorName = &v + return s +} - // If you are using a monitoring account, set this to True to have the operation - // return log groups in the accounts listed in accountIdentifiers. - // - // If this parameter is set to true and accountIdentifiers contains a null value, - // the operation returns all log groups in the monitoring account and all log - // groups in all source accounts that are linked to the monitoring account. - // - // If you specify includeLinkedAccounts in your request, then metricFilterCount, - // retentionInDays, and storedBytes are not included in the response. - IncludeLinkedAccounts *bool `locationName:"includeLinkedAccounts" type:"boolean"` +// SetEvaluationFrequency sets the EvaluationFrequency field's value. +func (s *GetLogAnomalyDetectorOutput) SetEvaluationFrequency(v string) *GetLogAnomalyDetectorOutput { + s.EvaluationFrequency = &v + return s +} - // The maximum number of items returned. If you don't specify a value, the default - // is up to 50 items. +// SetFilterPattern sets the FilterPattern field's value. +func (s *GetLogAnomalyDetectorOutput) SetFilterPattern(v string) *GetLogAnomalyDetectorOutput { + s.FilterPattern = &v + return s +} + +// SetKmsKeyId sets the KmsKeyId field's value. +func (s *GetLogAnomalyDetectorOutput) SetKmsKeyId(v string) *GetLogAnomalyDetectorOutput { + s.KmsKeyId = &v + return s +} + +// SetLastModifiedTimeStamp sets the LastModifiedTimeStamp field's value. +func (s *GetLogAnomalyDetectorOutput) SetLastModifiedTimeStamp(v int64) *GetLogAnomalyDetectorOutput { + s.LastModifiedTimeStamp = &v + return s +} + +// SetLogGroupArnList sets the LogGroupArnList field's value. +func (s *GetLogAnomalyDetectorOutput) SetLogGroupArnList(v []*string) *GetLogAnomalyDetectorOutput { + s.LogGroupArnList = v + return s +} + +type GetLogEventsInput struct { + _ struct{} `type:"structure"` + + // The end of the time range, expressed as the number of milliseconds after + // Jan 1, 1970 00:00:00 UTC. Events with a timestamp equal to or later than + // this time are not included. + EndTime *int64 `locationName:"endTime" type:"long"` + + // The maximum number of log events returned. If you don't specify a limit, + // the default is as many log events as can fit in a response size of 1 MB (up + // to 10,000 log events). Limit *int64 `locationName:"limit" min:"1" type:"integer"` - // If you specify a string for this parameter, the operation returns only log - // groups that have names that match the string based on a case-sensitive substring - // search. For example, if you specify Foo, log groups named FooBar, aws/Foo, - // and GroupFoo would match, but foo, F/o/o and Froo would not match. + // Specify either the name or ARN of the log group to view events from. If the + // log group is in a source account and you are using a monitoring account, + // you must use the log group ARN. // - // logGroupNamePattern and logGroupNamePrefix are mutually exclusive. Only one - // of these parameters can be passed. - LogGroupNamePattern *string `locationName:"logGroupNamePattern" type:"string"` + // You must include either logGroupIdentifier or logGroupName, but not both. + LogGroupIdentifier *string `locationName:"logGroupIdentifier" min:"1" type:"string"` - // The prefix to match. + // The name of the log group. // - // logGroupNamePrefix and logGroupNamePattern are mutually exclusive. Only one - // of these parameters can be passed. - LogGroupNamePrefix *string `locationName:"logGroupNamePrefix" min:"1" type:"string"` + // You must include either logGroupIdentifier or logGroupName, but not both. + LogGroupName *string `locationName:"logGroupName" min:"1" type:"string"` + + // The name of the log stream. + // + // LogStreamName is a required field + LogStreamName *string `locationName:"logStreamName" min:"1" type:"string" required:"true"` // The token for the next set of items to return. (You received this token from // a previous call.) NextToken *string `locationName:"nextToken" min:"1" type:"string"` + + // If the value is true, the earliest log events are returned first. If the + // value is false, the latest log events are returned first. The default value + // is false. + // + // If you are using a previous nextForwardToken value as the nextToken in this + // operation, you must specify true for startFromHead. + StartFromHead *bool `locationName:"startFromHead" type:"boolean"` + + // The start of the time range, expressed as the number of milliseconds after + // Jan 1, 1970 00:00:00 UTC. Events with a timestamp equal to this time or later + // than this time are included. Events with a timestamp earlier than this time + // are not included. + StartTime *int64 `locationName:"startTime" type:"long"` + + // Specify true to display the log event fields with all sensitive data unmasked + // and visible. The default is false. + // + // To use this operation with this parameter, you must be signed into an account + // with the logs:Unmask permission. + Unmask *bool `locationName:"unmask" type:"boolean"` } // String returns the string representation. @@ -6599,7 +14188,7 @@ type DescribeLogGroupsInput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s DescribeLogGroupsInput) String() string { +func (s GetLogEventsInput) String() string { return awsutil.Prettify(s) } @@ -6608,18 +14197,27 @@ func (s DescribeLogGroupsInput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s DescribeLogGroupsInput) GoString() string { +func (s GetLogEventsInput) GoString() string { return s.String() } // Validate inspects the fields of the type to determine if they are valid. -func (s *DescribeLogGroupsInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "DescribeLogGroupsInput"} +func (s *GetLogEventsInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "GetLogEventsInput"} if s.Limit != nil && *s.Limit < 1 { invalidParams.Add(request.NewErrParamMinValue("Limit", 1)) } - if s.LogGroupNamePrefix != nil && len(*s.LogGroupNamePrefix) < 1 { - invalidParams.Add(request.NewErrParamMinLen("LogGroupNamePrefix", 1)) + if s.LogGroupIdentifier != nil && len(*s.LogGroupIdentifier) < 1 { + invalidParams.Add(request.NewErrParamMinLen("LogGroupIdentifier", 1)) + } + if s.LogGroupName != nil && len(*s.LogGroupName) < 1 { + invalidParams.Add(request.NewErrParamMinLen("LogGroupName", 1)) + } + if s.LogStreamName == nil { + invalidParams.Add(request.NewErrParamRequired("LogStreamName")) + } + if s.LogStreamName != nil && len(*s.LogStreamName) < 1 { + invalidParams.Add(request.NewErrParamMinLen("LogStreamName", 1)) } if s.NextToken != nil && len(*s.NextToken) < 1 { invalidParams.Add(request.NewErrParamMinLen("NextToken", 1)) @@ -6631,54 +14229,75 @@ func (s *DescribeLogGroupsInput) Validate() error { return nil } -// SetAccountIdentifiers sets the AccountIdentifiers field's value. -func (s *DescribeLogGroupsInput) SetAccountIdentifiers(v []*string) *DescribeLogGroupsInput { - s.AccountIdentifiers = v +// SetEndTime sets the EndTime field's value. +func (s *GetLogEventsInput) SetEndTime(v int64) *GetLogEventsInput { + s.EndTime = &v return s } -// SetIncludeLinkedAccounts sets the IncludeLinkedAccounts field's value. -func (s *DescribeLogGroupsInput) SetIncludeLinkedAccounts(v bool) *DescribeLogGroupsInput { - s.IncludeLinkedAccounts = &v +// SetLimit sets the Limit field's value. +func (s *GetLogEventsInput) SetLimit(v int64) *GetLogEventsInput { + s.Limit = &v return s } -// SetLimit sets the Limit field's value. -func (s *DescribeLogGroupsInput) SetLimit(v int64) *DescribeLogGroupsInput { - s.Limit = &v +// SetLogGroupIdentifier sets the LogGroupIdentifier field's value. +func (s *GetLogEventsInput) SetLogGroupIdentifier(v string) *GetLogEventsInput { + s.LogGroupIdentifier = &v return s } -// SetLogGroupNamePattern sets the LogGroupNamePattern field's value. -func (s *DescribeLogGroupsInput) SetLogGroupNamePattern(v string) *DescribeLogGroupsInput { - s.LogGroupNamePattern = &v +// SetLogGroupName sets the LogGroupName field's value. +func (s *GetLogEventsInput) SetLogGroupName(v string) *GetLogEventsInput { + s.LogGroupName = &v return s } -// SetLogGroupNamePrefix sets the LogGroupNamePrefix field's value. -func (s *DescribeLogGroupsInput) SetLogGroupNamePrefix(v string) *DescribeLogGroupsInput { - s.LogGroupNamePrefix = &v +// SetLogStreamName sets the LogStreamName field's value. +func (s *GetLogEventsInput) SetLogStreamName(v string) *GetLogEventsInput { + s.LogStreamName = &v return s } // SetNextToken sets the NextToken field's value. -func (s *DescribeLogGroupsInput) SetNextToken(v string) *DescribeLogGroupsInput { +func (s *GetLogEventsInput) SetNextToken(v string) *GetLogEventsInput { s.NextToken = &v return s } -type DescribeLogGroupsOutput struct { +// SetStartFromHead sets the StartFromHead field's value. +func (s *GetLogEventsInput) SetStartFromHead(v bool) *GetLogEventsInput { + s.StartFromHead = &v + return s +} + +// SetStartTime sets the StartTime field's value. +func (s *GetLogEventsInput) SetStartTime(v int64) *GetLogEventsInput { + s.StartTime = &v + return s +} + +// SetUnmask sets the Unmask field's value. +func (s *GetLogEventsInput) SetUnmask(v bool) *GetLogEventsInput { + s.Unmask = &v + return s +} + +type GetLogEventsOutput struct { _ struct{} `type:"structure"` - // The log groups. - // - // If the retentionInDays value is not included for a log group, then that log - // group's events do not expire. - LogGroups []*LogGroup `locationName:"logGroups" type:"list"` + // The events. + Events []*OutputLogEvent `locationName:"events" type:"list"` - // The token for the next set of items to return. The token expires after 24 - // hours. - NextToken *string `locationName:"nextToken" min:"1" type:"string"` + // The token for the next set of items in the backward direction. The token + // expires after 24 hours. This token is not null. If you have reached the end + // of the stream, it returns the same token you passed in. + NextBackwardToken *string `locationName:"nextBackwardToken" min:"1" type:"string"` + + // The token for the next set of items in the forward direction. The token expires + // after 24 hours. If you have reached the end of the stream, it returns the + // same token you passed in. + NextForwardToken *string `locationName:"nextForwardToken" min:"1" type:"string"` } // String returns the string representation. @@ -6686,7 +14305,7 @@ type DescribeLogGroupsOutput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s DescribeLogGroupsOutput) String() string { +func (s GetLogEventsOutput) String() string { return awsutil.Prettify(s) } @@ -6695,72 +14314,50 @@ func (s DescribeLogGroupsOutput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s DescribeLogGroupsOutput) GoString() string { +func (s GetLogEventsOutput) GoString() string { return s.String() } -// SetLogGroups sets the LogGroups field's value. -func (s *DescribeLogGroupsOutput) SetLogGroups(v []*LogGroup) *DescribeLogGroupsOutput { - s.LogGroups = v +// SetEvents sets the Events field's value. +func (s *GetLogEventsOutput) SetEvents(v []*OutputLogEvent) *GetLogEventsOutput { + s.Events = v return s } -// SetNextToken sets the NextToken field's value. -func (s *DescribeLogGroupsOutput) SetNextToken(v string) *DescribeLogGroupsOutput { - s.NextToken = &v +// SetNextBackwardToken sets the NextBackwardToken field's value. +func (s *GetLogEventsOutput) SetNextBackwardToken(v string) *GetLogEventsOutput { + s.NextBackwardToken = &v return s } -type DescribeLogStreamsInput struct { - _ struct{} `type:"structure"` - - // If the value is true, results are returned in descending order. If the value - // is to false, results are returned in ascending order. The default value is - // false. - Descending *bool `locationName:"descending" type:"boolean"` +// SetNextForwardToken sets the NextForwardToken field's value. +func (s *GetLogEventsOutput) SetNextForwardToken(v string) *GetLogEventsOutput { + s.NextForwardToken = &v + return s +} - // The maximum number of items returned. If you don't specify a value, the default - // is up to 50 items. - Limit *int64 `locationName:"limit" min:"1" type:"integer"` +type GetLogGroupFieldsInput struct { + _ struct{} `type:"structure"` // Specify either the name or ARN of the log group to view. If the log group - // is in a source account and you are using a monitoring account, you must use - // the log group ARN. + // is in a source account and you are using a monitoring account, you must specify + // the ARN. // - // If you specify values for both logGroupName and logGroupIdentifier, the action - // returns an InvalidParameterException error. + // You must include either logGroupIdentifier or logGroupName, but not both. LogGroupIdentifier *string `locationName:"logGroupIdentifier" min:"1" type:"string"` - // The name of the log group. - // - // If you specify values for both logGroupName and logGroupIdentifier, the action - // returns an InvalidParameterException error. - // - // LogGroupName is a required field - LogGroupName *string `locationName:"logGroupName" min:"1" type:"string" required:"true"` - - // The prefix to match. + // The name of the log group to search. // - // If orderBy is LastEventTime, you cannot specify this parameter. - LogStreamNamePrefix *string `locationName:"logStreamNamePrefix" min:"1" type:"string"` - - // The token for the next set of items to return. (You received this token from - // a previous call.) - NextToken *string `locationName:"nextToken" min:"1" type:"string"` + // You must include either logGroupIdentifier or logGroupName, but not both. + LogGroupName *string `locationName:"logGroupName" min:"1" type:"string"` - // If the value is LogStreamName, the results are ordered by log stream name. - // If the value is LastEventTime, the results are ordered by the event time. - // The default value is LogStreamName. - // - // If you order the results by event time, you cannot specify the logStreamNamePrefix - // parameter. + // The time to set as the center of the query. If you specify time, the 8 minutes + // before and 8 minutes after this time are searched. If you omit time, the + // most recent 15 minutes up to the current time are searched. // - // lastEventTimestamp represents the time of the most recent log event in the - // log stream in CloudWatch Logs. This number is expressed as the number of - // milliseconds after Jan 1, 1970 00:00:00 UTC. lastEventTimestamp updates on - // an eventual consistency basis. It typically updates in less than an hour - // from ingestion, but in rare situations might take longer. - OrderBy *string `locationName:"orderBy" type:"string" enum:"OrderBy"` + // The time value is specified as epoch time, which is the number of seconds + // since January 1, 1970, 00:00:00 UTC. + Time *int64 `locationName:"time" type:"long"` } // String returns the string representation. @@ -6768,7 +14365,7 @@ type DescribeLogStreamsInput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s DescribeLogStreamsInput) String() string { +func (s GetLogGroupFieldsInput) String() string { return awsutil.Prettify(s) } @@ -6777,31 +14374,19 @@ func (s DescribeLogStreamsInput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s DescribeLogStreamsInput) GoString() string { +func (s GetLogGroupFieldsInput) GoString() string { return s.String() } // Validate inspects the fields of the type to determine if they are valid. -func (s *DescribeLogStreamsInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "DescribeLogStreamsInput"} - if s.Limit != nil && *s.Limit < 1 { - invalidParams.Add(request.NewErrParamMinValue("Limit", 1)) - } +func (s *GetLogGroupFieldsInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "GetLogGroupFieldsInput"} if s.LogGroupIdentifier != nil && len(*s.LogGroupIdentifier) < 1 { invalidParams.Add(request.NewErrParamMinLen("LogGroupIdentifier", 1)) } - if s.LogGroupName == nil { - invalidParams.Add(request.NewErrParamRequired("LogGroupName")) - } if s.LogGroupName != nil && len(*s.LogGroupName) < 1 { invalidParams.Add(request.NewErrParamMinLen("LogGroupName", 1)) } - if s.LogStreamNamePrefix != nil && len(*s.LogStreamNamePrefix) < 1 { - invalidParams.Add(request.NewErrParamMinLen("LogStreamNamePrefix", 1)) - } - if s.NextToken != nil && len(*s.NextToken) < 1 { - invalidParams.Add(request.NewErrParamMinLen("NextToken", 1)) - } if invalidParams.Len() > 0 { return invalidParams @@ -6809,57 +14394,31 @@ func (s *DescribeLogStreamsInput) Validate() error { return nil } -// SetDescending sets the Descending field's value. -func (s *DescribeLogStreamsInput) SetDescending(v bool) *DescribeLogStreamsInput { - s.Descending = &v - return s -} - -// SetLimit sets the Limit field's value. -func (s *DescribeLogStreamsInput) SetLimit(v int64) *DescribeLogStreamsInput { - s.Limit = &v - return s -} - // SetLogGroupIdentifier sets the LogGroupIdentifier field's value. -func (s *DescribeLogStreamsInput) SetLogGroupIdentifier(v string) *DescribeLogStreamsInput { +func (s *GetLogGroupFieldsInput) SetLogGroupIdentifier(v string) *GetLogGroupFieldsInput { s.LogGroupIdentifier = &v return s } // SetLogGroupName sets the LogGroupName field's value. -func (s *DescribeLogStreamsInput) SetLogGroupName(v string) *DescribeLogStreamsInput { +func (s *GetLogGroupFieldsInput) SetLogGroupName(v string) *GetLogGroupFieldsInput { s.LogGroupName = &v return s } -// SetLogStreamNamePrefix sets the LogStreamNamePrefix field's value. -func (s *DescribeLogStreamsInput) SetLogStreamNamePrefix(v string) *DescribeLogStreamsInput { - s.LogStreamNamePrefix = &v - return s -} - -// SetNextToken sets the NextToken field's value. -func (s *DescribeLogStreamsInput) SetNextToken(v string) *DescribeLogStreamsInput { - s.NextToken = &v - return s -} - -// SetOrderBy sets the OrderBy field's value. -func (s *DescribeLogStreamsInput) SetOrderBy(v string) *DescribeLogStreamsInput { - s.OrderBy = &v +// SetTime sets the Time field's value. +func (s *GetLogGroupFieldsInput) SetTime(v int64) *GetLogGroupFieldsInput { + s.Time = &v return s } -type DescribeLogStreamsOutput struct { +type GetLogGroupFieldsOutput struct { _ struct{} `type:"structure"` - // The log streams. - LogStreams []*LogStream `locationName:"logStreams" type:"list"` - - // The token for the next set of items to return. The token expires after 24 - // hours. - NextToken *string `locationName:"nextToken" min:"1" type:"string"` + // The array of fields found in the query. Each object in the array contains + // the name of the field, along with the percentage of time it appeared in the + // log events that were queried. + LogGroupFields []*LogGroupField `locationName:"logGroupFields" type:"list"` } // String returns the string representation. @@ -6867,7 +14426,7 @@ type DescribeLogStreamsOutput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s DescribeLogStreamsOutput) String() string { +func (s GetLogGroupFieldsOutput) String() string { return awsutil.Prettify(s) } @@ -6876,49 +14435,33 @@ func (s DescribeLogStreamsOutput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s DescribeLogStreamsOutput) GoString() string { +func (s GetLogGroupFieldsOutput) GoString() string { return s.String() } -// SetLogStreams sets the LogStreams field's value. -func (s *DescribeLogStreamsOutput) SetLogStreams(v []*LogStream) *DescribeLogStreamsOutput { - s.LogStreams = v - return s -} - -// SetNextToken sets the NextToken field's value. -func (s *DescribeLogStreamsOutput) SetNextToken(v string) *DescribeLogStreamsOutput { - s.NextToken = &v +// SetLogGroupFields sets the LogGroupFields field's value. +func (s *GetLogGroupFieldsOutput) SetLogGroupFields(v []*LogGroupField) *GetLogGroupFieldsOutput { + s.LogGroupFields = v return s } -type DescribeMetricFiltersInput struct { +type GetLogRecordInput struct { _ struct{} `type:"structure"` - // The prefix to match. CloudWatch Logs uses the value that you set here only - // if you also include the logGroupName parameter in your request. - FilterNamePrefix *string `locationName:"filterNamePrefix" min:"1" type:"string"` - - // The maximum number of items returned. If you don't specify a value, the default - // is up to 50 items. - Limit *int64 `locationName:"limit" min:"1" type:"integer"` - - // The name of the log group. - LogGroupName *string `locationName:"logGroupName" min:"1" type:"string"` - - // Filters results to include only those with the specified metric name. If - // you include this parameter in your request, you must also include the metricNamespace - // parameter. - MetricName *string `locationName:"metricName" type:"string"` - - // Filters results to include only those in the specified namespace. If you - // include this parameter in your request, you must also include the metricName - // parameter. - MetricNamespace *string `locationName:"metricNamespace" type:"string"` + // The pointer corresponding to the log event record you want to retrieve. You + // get this from the response of a GetQueryResults operation. In that response, + // the value of the @ptr field for a log event is the value to use as logRecordPointer + // to retrieve that complete log event record. + // + // LogRecordPointer is a required field + LogRecordPointer *string `locationName:"logRecordPointer" type:"string" required:"true"` - // The token for the next set of items to return. (You received this token from - // a previous call.) - NextToken *string `locationName:"nextToken" min:"1" type:"string"` + // Specify true to display the log event fields with all sensitive data unmasked + // and visible. The default is false. + // + // To use this operation with this parameter, you must be signed into an account + // with the logs:Unmask permission. + Unmask *bool `locationName:"unmask" type:"boolean"` } // String returns the string representation. @@ -6926,7 +14469,7 @@ type DescribeMetricFiltersInput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s DescribeMetricFiltersInput) String() string { +func (s GetLogRecordInput) String() string { return awsutil.Prettify(s) } @@ -6935,24 +14478,15 @@ func (s DescribeMetricFiltersInput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s DescribeMetricFiltersInput) GoString() string { +func (s GetLogRecordInput) GoString() string { return s.String() } // Validate inspects the fields of the type to determine if they are valid. -func (s *DescribeMetricFiltersInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "DescribeMetricFiltersInput"} - if s.FilterNamePrefix != nil && len(*s.FilterNamePrefix) < 1 { - invalidParams.Add(request.NewErrParamMinLen("FilterNamePrefix", 1)) - } - if s.Limit != nil && *s.Limit < 1 { - invalidParams.Add(request.NewErrParamMinValue("Limit", 1)) - } - if s.LogGroupName != nil && len(*s.LogGroupName) < 1 { - invalidParams.Add(request.NewErrParamMinLen("LogGroupName", 1)) - } - if s.NextToken != nil && len(*s.NextToken) < 1 { - invalidParams.Add(request.NewErrParamMinLen("NextToken", 1)) +func (s *GetLogRecordInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "GetLogRecordInput"} + if s.LogRecordPointer == nil { + invalidParams.Add(request.NewErrParamRequired("LogRecordPointer")) } if invalidParams.Len() > 0 { @@ -6961,51 +14495,56 @@ func (s *DescribeMetricFiltersInput) Validate() error { return nil } -// SetFilterNamePrefix sets the FilterNamePrefix field's value. -func (s *DescribeMetricFiltersInput) SetFilterNamePrefix(v string) *DescribeMetricFiltersInput { - s.FilterNamePrefix = &v +// SetLogRecordPointer sets the LogRecordPointer field's value. +func (s *GetLogRecordInput) SetLogRecordPointer(v string) *GetLogRecordInput { + s.LogRecordPointer = &v return s } -// SetLimit sets the Limit field's value. -func (s *DescribeMetricFiltersInput) SetLimit(v int64) *DescribeMetricFiltersInput { - s.Limit = &v +// SetUnmask sets the Unmask field's value. +func (s *GetLogRecordInput) SetUnmask(v bool) *GetLogRecordInput { + s.Unmask = &v return s } -// SetLogGroupName sets the LogGroupName field's value. -func (s *DescribeMetricFiltersInput) SetLogGroupName(v string) *DescribeMetricFiltersInput { - s.LogGroupName = &v - return s +type GetLogRecordOutput struct { + _ struct{} `type:"structure"` + + // The requested log event, as a JSON string. + LogRecord map[string]*string `locationName:"logRecord" type:"map"` } -// SetMetricName sets the MetricName field's value. -func (s *DescribeMetricFiltersInput) SetMetricName(v string) *DescribeMetricFiltersInput { - s.MetricName = &v - return s +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GetLogRecordOutput) String() string { + return awsutil.Prettify(s) } -// SetMetricNamespace sets the MetricNamespace field's value. -func (s *DescribeMetricFiltersInput) SetMetricNamespace(v string) *DescribeMetricFiltersInput { - s.MetricNamespace = &v - return s +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GetLogRecordOutput) GoString() string { + return s.String() } -// SetNextToken sets the NextToken field's value. -func (s *DescribeMetricFiltersInput) SetNextToken(v string) *DescribeMetricFiltersInput { - s.NextToken = &v +// SetLogRecord sets the LogRecord field's value. +func (s *GetLogRecordOutput) SetLogRecord(v map[string]*string) *GetLogRecordOutput { + s.LogRecord = v return s } -type DescribeMetricFiltersOutput struct { +type GetQueryResultsInput struct { _ struct{} `type:"structure"` - // The metric filters. - MetricFilters []*MetricFilter `locationName:"metricFilters" type:"list"` - - // The token for the next set of items to return. The token expires after 24 - // hours. - NextToken *string `locationName:"nextToken" min:"1" type:"string"` + // The ID number of the query. + // + // QueryId is a required field + QueryId *string `locationName:"queryId" type:"string" required:"true"` } // String returns the string representation. @@ -7013,7 +14552,7 @@ type DescribeMetricFiltersOutput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s DescribeMetricFiltersOutput) String() string { +func (s GetQueryResultsInput) String() string { return awsutil.Prettify(s) } @@ -7022,37 +14561,58 @@ func (s DescribeMetricFiltersOutput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s DescribeMetricFiltersOutput) GoString() string { +func (s GetQueryResultsInput) GoString() string { return s.String() } -// SetMetricFilters sets the MetricFilters field's value. -func (s *DescribeMetricFiltersOutput) SetMetricFilters(v []*MetricFilter) *DescribeMetricFiltersOutput { - s.MetricFilters = v - return s +// Validate inspects the fields of the type to determine if they are valid. +func (s *GetQueryResultsInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "GetQueryResultsInput"} + if s.QueryId == nil { + invalidParams.Add(request.NewErrParamRequired("QueryId")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil } -// SetNextToken sets the NextToken field's value. -func (s *DescribeMetricFiltersOutput) SetNextToken(v string) *DescribeMetricFiltersOutput { - s.NextToken = &v +// SetQueryId sets the QueryId field's value. +func (s *GetQueryResultsInput) SetQueryId(v string) *GetQueryResultsInput { + s.QueryId = &v return s } -type DescribeQueriesInput struct { +type GetQueryResultsOutput struct { _ struct{} `type:"structure"` - // Limits the returned queries to only those for the specified log group. - LogGroupName *string `locationName:"logGroupName" min:"1" type:"string"` + // If you associated an KMS key with the CloudWatch Logs Insights query results + // in this account, this field displays the ARN of the key that's used to encrypt + // the query results when StartQuery (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_StartQuery.html) + // stores them. + EncryptionKey *string `locationName:"encryptionKey" type:"string"` - // Limits the number of returned queries to the specified number. - MaxResults *int64 `locationName:"maxResults" min:"1" type:"integer"` + // The log events that matched the query criteria during the most recent time + // it ran. + // + // The results value is an array of arrays. Each log event is one object in + // the top-level array. Each of these log event objects is an array of field/value + // pairs. + Results [][]*ResultField `locationName:"results" type:"list"` - // The token for the next set of items to return. The token expires after 24 - // hours. - NextToken *string `locationName:"nextToken" min:"1" type:"string"` + // Includes the number of log events scanned by the query, the number of log + // events that matched the query criteria, and the total number of bytes in + // the scanned log events. These values reflect the full raw results of the + // query. + Statistics *QueryStatistics `locationName:"statistics" type:"structure"` - // Limits the returned queries to only those that have the specified status. - // Valid values are Cancelled, Complete, Failed, Running, and Scheduled. + // The status of the most recent running of the query. Possible values are Cancelled, + // Complete, Failed, Running, Scheduled, Timeout, and Unknown. + // + // Queries time out after 60 minutes of runtime. To avoid having your queries + // time out, reduce the time range being searched or partition your query into + // a number of queries. Status *string `locationName:"status" type:"string" enum:"QueryStatus"` } @@ -7061,7 +14621,7 @@ type DescribeQueriesInput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s DescribeQueriesInput) String() string { +func (s GetQueryResultsOutput) String() string { return awsutil.Prettify(s) } @@ -7070,62 +14630,49 @@ func (s DescribeQueriesInput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s DescribeQueriesInput) GoString() string { +func (s GetQueryResultsOutput) GoString() string { return s.String() } -// Validate inspects the fields of the type to determine if they are valid. -func (s *DescribeQueriesInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "DescribeQueriesInput"} - if s.LogGroupName != nil && len(*s.LogGroupName) < 1 { - invalidParams.Add(request.NewErrParamMinLen("LogGroupName", 1)) - } - if s.MaxResults != nil && *s.MaxResults < 1 { - invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1)) - } - if s.NextToken != nil && len(*s.NextToken) < 1 { - invalidParams.Add(request.NewErrParamMinLen("NextToken", 1)) - } - - if invalidParams.Len() > 0 { - return invalidParams - } - return nil -} - -// SetLogGroupName sets the LogGroupName field's value. -func (s *DescribeQueriesInput) SetLogGroupName(v string) *DescribeQueriesInput { - s.LogGroupName = &v +// SetEncryptionKey sets the EncryptionKey field's value. +func (s *GetQueryResultsOutput) SetEncryptionKey(v string) *GetQueryResultsOutput { + s.EncryptionKey = &v return s } -// SetMaxResults sets the MaxResults field's value. -func (s *DescribeQueriesInput) SetMaxResults(v int64) *DescribeQueriesInput { - s.MaxResults = &v +// SetResults sets the Results field's value. +func (s *GetQueryResultsOutput) SetResults(v [][]*ResultField) *GetQueryResultsOutput { + s.Results = v return s } -// SetNextToken sets the NextToken field's value. -func (s *DescribeQueriesInput) SetNextToken(v string) *DescribeQueriesInput { - s.NextToken = &v +// SetStatistics sets the Statistics field's value. +func (s *GetQueryResultsOutput) SetStatistics(v *QueryStatistics) *GetQueryResultsOutput { + s.Statistics = v return s } // SetStatus sets the Status field's value. -func (s *DescribeQueriesInput) SetStatus(v string) *DescribeQueriesInput { +func (s *GetQueryResultsOutput) SetStatus(v string) *GetQueryResultsOutput { s.Status = &v return s } -type DescribeQueriesOutput struct { +// Represents a log event, which is a record of activity that was recorded by +// the application or resource being monitored. +type InputLogEvent struct { _ struct{} `type:"structure"` - // The token for the next set of items to return. The token expires after 24 - // hours. - NextToken *string `locationName:"nextToken" min:"1" type:"string"` + // The raw event message. Each log event can be no larger than 256 KB. + // + // Message is a required field + Message *string `locationName:"message" min:"1" type:"string" required:"true"` - // The list of queries that match the request. - Queries []*QueryInfo `locationName:"queries" type:"list"` + // The time the event occurred, expressed as the number of milliseconds after + // Jan 1, 1970 00:00:00 UTC. + // + // Timestamp is a required field + Timestamp *int64 `locationName:"timestamp" type:"long" required:"true"` } // String returns the string representation. @@ -7133,7 +14680,7 @@ type DescribeQueriesOutput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s DescribeQueriesOutput) String() string { +func (s InputLogEvent) String() string { return awsutil.Prettify(s) } @@ -7142,35 +14689,47 @@ func (s DescribeQueriesOutput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s DescribeQueriesOutput) GoString() string { +func (s InputLogEvent) GoString() string { return s.String() } -// SetNextToken sets the NextToken field's value. -func (s *DescribeQueriesOutput) SetNextToken(v string) *DescribeQueriesOutput { - s.NextToken = &v - return s +// Validate inspects the fields of the type to determine if they are valid. +func (s *InputLogEvent) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "InputLogEvent"} + if s.Message == nil { + invalidParams.Add(request.NewErrParamRequired("Message")) + } + if s.Message != nil && len(*s.Message) < 1 { + invalidParams.Add(request.NewErrParamMinLen("Message", 1)) + } + if s.Timestamp == nil { + invalidParams.Add(request.NewErrParamRequired("Timestamp")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil } -// SetQueries sets the Queries field's value. -func (s *DescribeQueriesOutput) SetQueries(v []*QueryInfo) *DescribeQueriesOutput { - s.Queries = v +// SetMessage sets the Message field's value. +func (s *InputLogEvent) SetMessage(v string) *InputLogEvent { + s.Message = &v return s } -type DescribeQueryDefinitionsInput struct { - _ struct{} `type:"structure"` - - // Limits the number of returned query definitions to the specified number. - MaxResults *int64 `locationName:"maxResults" min:"1" type:"integer"` - - // The token for the next set of items to return. The token expires after 24 - // hours. - NextToken *string `locationName:"nextToken" min:"1" type:"string"` +// SetTimestamp sets the Timestamp field's value. +func (s *InputLogEvent) SetTimestamp(v int64) *InputLogEvent { + s.Timestamp = &v + return s +} - // Use this parameter to filter your results to only the query definitions that - // have names that start with the prefix you specify. - QueryDefinitionNamePrefix *string `locationName:"queryDefinitionNamePrefix" min:"1" type:"string"` +// The operation is not valid on the specified resource. +type InvalidOperationException struct { + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` + + Message_ *string `locationName:"message" type:"string"` } // String returns the string representation. @@ -7178,7 +14737,7 @@ type DescribeQueryDefinitionsInput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s DescribeQueryDefinitionsInput) String() string { +func (s InvalidOperationException) String() string { return awsutil.Prettify(s) } @@ -7187,56 +14746,54 @@ func (s DescribeQueryDefinitionsInput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s DescribeQueryDefinitionsInput) GoString() string { +func (s InvalidOperationException) GoString() string { return s.String() } -// Validate inspects the fields of the type to determine if they are valid. -func (s *DescribeQueryDefinitionsInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "DescribeQueryDefinitionsInput"} - if s.MaxResults != nil && *s.MaxResults < 1 { - invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1)) - } - if s.NextToken != nil && len(*s.NextToken) < 1 { - invalidParams.Add(request.NewErrParamMinLen("NextToken", 1)) - } - if s.QueryDefinitionNamePrefix != nil && len(*s.QueryDefinitionNamePrefix) < 1 { - invalidParams.Add(request.NewErrParamMinLen("QueryDefinitionNamePrefix", 1)) +func newErrorInvalidOperationException(v protocol.ResponseMetadata) error { + return &InvalidOperationException{ + RespMetadata: v, } +} - if invalidParams.Len() > 0 { - return invalidParams +// Code returns the exception type name. +func (s *InvalidOperationException) Code() string { + return "InvalidOperationException" +} + +// Message returns the exception's message. +func (s *InvalidOperationException) Message() string { + if s.Message_ != nil { + return *s.Message_ } - return nil + return "" } -// SetMaxResults sets the MaxResults field's value. -func (s *DescribeQueryDefinitionsInput) SetMaxResults(v int64) *DescribeQueryDefinitionsInput { - s.MaxResults = &v - return s +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s *InvalidOperationException) OrigErr() error { + return nil } -// SetNextToken sets the NextToken field's value. -func (s *DescribeQueryDefinitionsInput) SetNextToken(v string) *DescribeQueryDefinitionsInput { - s.NextToken = &v - return s +func (s *InvalidOperationException) Error() string { + return fmt.Sprintf("%s: %s", s.Code(), s.Message()) } -// SetQueryDefinitionNamePrefix sets the QueryDefinitionNamePrefix field's value. -func (s *DescribeQueryDefinitionsInput) SetQueryDefinitionNamePrefix(v string) *DescribeQueryDefinitionsInput { - s.QueryDefinitionNamePrefix = &v - return s +// Status code returns the HTTP status code for the request's response error. +func (s *InvalidOperationException) StatusCode() int { + return s.RespMetadata.StatusCode } -type DescribeQueryDefinitionsOutput struct { - _ struct{} `type:"structure"` +// RequestID returns the service's response RequestID for request. +func (s *InvalidOperationException) RequestID() string { + return s.RespMetadata.RequestID +} - // The token for the next set of items to return. The token expires after 24 - // hours. - NextToken *string `locationName:"nextToken" min:"1" type:"string"` +// A parameter is specified incorrectly. +type InvalidParameterException struct { + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` - // The list of query definitions that match your request. - QueryDefinitions []*QueryDefinition `locationName:"queryDefinitions" type:"list"` + Message_ *string `locationName:"message" type:"string"` } // String returns the string representation. @@ -7244,7 +14801,7 @@ type DescribeQueryDefinitionsOutput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s DescribeQueryDefinitionsOutput) String() string { +func (s InvalidParameterException) String() string { return awsutil.Prettify(s) } @@ -7253,32 +14810,60 @@ func (s DescribeQueryDefinitionsOutput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s DescribeQueryDefinitionsOutput) GoString() string { +func (s InvalidParameterException) GoString() string { return s.String() } -// SetNextToken sets the NextToken field's value. -func (s *DescribeQueryDefinitionsOutput) SetNextToken(v string) *DescribeQueryDefinitionsOutput { - s.NextToken = &v - return s +func newErrorInvalidParameterException(v protocol.ResponseMetadata) error { + return &InvalidParameterException{ + RespMetadata: v, + } } -// SetQueryDefinitions sets the QueryDefinitions field's value. -func (s *DescribeQueryDefinitionsOutput) SetQueryDefinitions(v []*QueryDefinition) *DescribeQueryDefinitionsOutput { - s.QueryDefinitions = v - return s +// Code returns the exception type name. +func (s *InvalidParameterException) Code() string { + return "InvalidParameterException" } -type DescribeResourcePoliciesInput struct { - _ struct{} `type:"structure"` +// Message returns the exception's message. +func (s *InvalidParameterException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} - // The maximum number of resource policies to be displayed with one call of - // this API. - Limit *int64 `locationName:"limit" min:"1" type:"integer"` +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s *InvalidParameterException) OrigErr() error { + return nil +} - // The token for the next set of items to return. The token expires after 24 - // hours. - NextToken *string `locationName:"nextToken" min:"1" type:"string"` +func (s *InvalidParameterException) Error() string { + return fmt.Sprintf("%s: %s", s.Code(), s.Message()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s *InvalidParameterException) StatusCode() int { + return s.RespMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s *InvalidParameterException) RequestID() string { + return s.RespMetadata.RequestID +} + +// The sequence token is not valid. You can get the correct sequence token in +// the expectedSequenceToken field in the InvalidSequenceTokenException message. +// +// PutLogEvents actions are now always accepted and never return InvalidSequenceTokenException +// regardless of receiving an invalid sequence token. +type InvalidSequenceTokenException struct { + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` + + ExpectedSequenceToken *string `locationName:"expectedSequenceToken" min:"1" type:"string"` + + Message_ *string `locationName:"message" type:"string"` } // String returns the string representation. @@ -7286,7 +14871,7 @@ type DescribeResourcePoliciesInput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s DescribeResourcePoliciesInput) String() string { +func (s InvalidSequenceTokenException) String() string { return awsutil.Prettify(s) } @@ -7295,47 +14880,54 @@ func (s DescribeResourcePoliciesInput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s DescribeResourcePoliciesInput) GoString() string { +func (s InvalidSequenceTokenException) GoString() string { return s.String() } -// Validate inspects the fields of the type to determine if they are valid. -func (s *DescribeResourcePoliciesInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "DescribeResourcePoliciesInput"} - if s.Limit != nil && *s.Limit < 1 { - invalidParams.Add(request.NewErrParamMinValue("Limit", 1)) - } - if s.NextToken != nil && len(*s.NextToken) < 1 { - invalidParams.Add(request.NewErrParamMinLen("NextToken", 1)) +func newErrorInvalidSequenceTokenException(v protocol.ResponseMetadata) error { + return &InvalidSequenceTokenException{ + RespMetadata: v, } +} - if invalidParams.Len() > 0 { - return invalidParams +// Code returns the exception type name. +func (s *InvalidSequenceTokenException) Code() string { + return "InvalidSequenceTokenException" +} + +// Message returns the exception's message. +func (s *InvalidSequenceTokenException) Message() string { + if s.Message_ != nil { + return *s.Message_ } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s *InvalidSequenceTokenException) OrigErr() error { return nil } -// SetLimit sets the Limit field's value. -func (s *DescribeResourcePoliciesInput) SetLimit(v int64) *DescribeResourcePoliciesInput { - s.Limit = &v - return s +func (s *InvalidSequenceTokenException) Error() string { + return fmt.Sprintf("%s: %s\n%s", s.Code(), s.Message(), s.String()) } -// SetNextToken sets the NextToken field's value. -func (s *DescribeResourcePoliciesInput) SetNextToken(v string) *DescribeResourcePoliciesInput { - s.NextToken = &v - return s +// Status code returns the HTTP status code for the request's response error. +func (s *InvalidSequenceTokenException) StatusCode() int { + return s.RespMetadata.StatusCode } -type DescribeResourcePoliciesOutput struct { - _ struct{} `type:"structure"` +// RequestID returns the service's response RequestID for request. +func (s *InvalidSequenceTokenException) RequestID() string { + return s.RespMetadata.RequestID +} - // The token for the next set of items to return. The token expires after 24 - // hours. - NextToken *string `locationName:"nextToken" min:"1" type:"string"` +// You have reached the maximum number of resources that can be created. +type LimitExceededException struct { + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` - // The resource policies that exist in this account. - ResourcePolicies []*ResourcePolicy `locationName:"resourcePolicies" type:"list"` + Message_ *string `locationName:"message" type:"string"` } // String returns the string representation. @@ -7343,7 +14935,7 @@ type DescribeResourcePoliciesOutput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s DescribeResourcePoliciesOutput) String() string { +func (s LimitExceededException) String() string { return awsutil.Prettify(s) } @@ -7352,40 +14944,66 @@ func (s DescribeResourcePoliciesOutput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s DescribeResourcePoliciesOutput) GoString() string { +func (s LimitExceededException) GoString() string { return s.String() } -// SetNextToken sets the NextToken field's value. -func (s *DescribeResourcePoliciesOutput) SetNextToken(v string) *DescribeResourcePoliciesOutput { - s.NextToken = &v - return s +func newErrorLimitExceededException(v protocol.ResponseMetadata) error { + return &LimitExceededException{ + RespMetadata: v, + } } -// SetResourcePolicies sets the ResourcePolicies field's value. -func (s *DescribeResourcePoliciesOutput) SetResourcePolicies(v []*ResourcePolicy) *DescribeResourcePoliciesOutput { - s.ResourcePolicies = v - return s +// Code returns the exception type name. +func (s *LimitExceededException) Code() string { + return "LimitExceededException" } -type DescribeSubscriptionFiltersInput struct { +// Message returns the exception's message. +func (s *LimitExceededException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s *LimitExceededException) OrigErr() error { + return nil +} + +func (s *LimitExceededException) Error() string { + return fmt.Sprintf("%s: %s", s.Code(), s.Message()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s *LimitExceededException) StatusCode() int { + return s.RespMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s *LimitExceededException) RequestID() string { + return s.RespMetadata.RequestID +} + +type ListAnomaliesInput struct { _ struct{} `type:"structure"` - // The prefix to match. If you don't specify a value, no prefix filter is applied. - FilterNamePrefix *string `locationName:"filterNamePrefix" min:"1" type:"string"` + // Use this to optionally limit the results to only the anomalies found by a + // certain anomaly detector. + AnomalyDetectorArn *string `locationName:"anomalyDetectorArn" min:"1" type:"string"` - // The maximum number of items returned. If you don't specify a value, the default - // is up to 50 items. + // The maximum number of items to return. If you don't specify a value, the + // default maximum value of 50 items is used. Limit *int64 `locationName:"limit" min:"1" type:"integer"` - // The name of the log group. - // - // LogGroupName is a required field - LogGroupName *string `locationName:"logGroupName" min:"1" type:"string" required:"true"` - - // The token for the next set of items to return. (You received this token from - // a previous call.) + // The token for the next set of items to return. The token expires after 24 + // hours. NextToken *string `locationName:"nextToken" min:"1" type:"string"` + + // You can specify this parameter if you want to the operation to return only + // anomalies that are currently either suppressed or unsuppressed. + SuppressionState *string `locationName:"suppressionState" type:"string" enum:"SuppressionState"` } // String returns the string representation. @@ -7393,7 +15011,7 @@ type DescribeSubscriptionFiltersInput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s DescribeSubscriptionFiltersInput) String() string { +func (s ListAnomaliesInput) String() string { return awsutil.Prettify(s) } @@ -7402,25 +15020,19 @@ func (s DescribeSubscriptionFiltersInput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s DescribeSubscriptionFiltersInput) GoString() string { +func (s ListAnomaliesInput) GoString() string { return s.String() } // Validate inspects the fields of the type to determine if they are valid. -func (s *DescribeSubscriptionFiltersInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "DescribeSubscriptionFiltersInput"} - if s.FilterNamePrefix != nil && len(*s.FilterNamePrefix) < 1 { - invalidParams.Add(request.NewErrParamMinLen("FilterNamePrefix", 1)) +func (s *ListAnomaliesInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "ListAnomaliesInput"} + if s.AnomalyDetectorArn != nil && len(*s.AnomalyDetectorArn) < 1 { + invalidParams.Add(request.NewErrParamMinLen("AnomalyDetectorArn", 1)) } if s.Limit != nil && *s.Limit < 1 { invalidParams.Add(request.NewErrParamMinValue("Limit", 1)) } - if s.LogGroupName == nil { - invalidParams.Add(request.NewErrParamRequired("LogGroupName")) - } - if s.LogGroupName != nil && len(*s.LogGroupName) < 1 { - invalidParams.Add(request.NewErrParamMinLen("LogGroupName", 1)) - } if s.NextToken != nil && len(*s.NextToken) < 1 { invalidParams.Add(request.NewErrParamMinLen("NextToken", 1)) } @@ -7431,39 +15043,40 @@ func (s *DescribeSubscriptionFiltersInput) Validate() error { return nil } -// SetFilterNamePrefix sets the FilterNamePrefix field's value. -func (s *DescribeSubscriptionFiltersInput) SetFilterNamePrefix(v string) *DescribeSubscriptionFiltersInput { - s.FilterNamePrefix = &v +// SetAnomalyDetectorArn sets the AnomalyDetectorArn field's value. +func (s *ListAnomaliesInput) SetAnomalyDetectorArn(v string) *ListAnomaliesInput { + s.AnomalyDetectorArn = &v return s } // SetLimit sets the Limit field's value. -func (s *DescribeSubscriptionFiltersInput) SetLimit(v int64) *DescribeSubscriptionFiltersInput { +func (s *ListAnomaliesInput) SetLimit(v int64) *ListAnomaliesInput { s.Limit = &v return s } -// SetLogGroupName sets the LogGroupName field's value. -func (s *DescribeSubscriptionFiltersInput) SetLogGroupName(v string) *DescribeSubscriptionFiltersInput { - s.LogGroupName = &v +// SetNextToken sets the NextToken field's value. +func (s *ListAnomaliesInput) SetNextToken(v string) *ListAnomaliesInput { + s.NextToken = &v return s } -// SetNextToken sets the NextToken field's value. -func (s *DescribeSubscriptionFiltersInput) SetNextToken(v string) *DescribeSubscriptionFiltersInput { - s.NextToken = &v +// SetSuppressionState sets the SuppressionState field's value. +func (s *ListAnomaliesInput) SetSuppressionState(v string) *ListAnomaliesInput { + s.SuppressionState = &v return s } -type DescribeSubscriptionFiltersOutput struct { +type ListAnomaliesOutput struct { _ struct{} `type:"structure"` + // An array of structures, where each structure contains information about one + // anomaly that a log anomaly detector has found. + Anomalies []*Anomaly `locationName:"anomalies" type:"list"` + // The token for the next set of items to return. The token expires after 24 // hours. NextToken *string `locationName:"nextToken" min:"1" type:"string"` - - // The subscription filters. - SubscriptionFilters []*SubscriptionFilter `locationName:"subscriptionFilters" type:"list"` } // String returns the string representation. @@ -7471,7 +15084,7 @@ type DescribeSubscriptionFiltersOutput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s DescribeSubscriptionFiltersOutput) String() string { +func (s ListAnomaliesOutput) String() string { return awsutil.Prettify(s) } @@ -7480,109 +15093,36 @@ func (s DescribeSubscriptionFiltersOutput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s DescribeSubscriptionFiltersOutput) GoString() string { +func (s ListAnomaliesOutput) GoString() string { return s.String() } -// SetNextToken sets the NextToken field's value. -func (s *DescribeSubscriptionFiltersOutput) SetNextToken(v string) *DescribeSubscriptionFiltersOutput { - s.NextToken = &v +// SetAnomalies sets the Anomalies field's value. +func (s *ListAnomaliesOutput) SetAnomalies(v []*Anomaly) *ListAnomaliesOutput { + s.Anomalies = v return s } -// SetSubscriptionFilters sets the SubscriptionFilters field's value. -func (s *DescribeSubscriptionFiltersOutput) SetSubscriptionFilters(v []*SubscriptionFilter) *DescribeSubscriptionFiltersOutput { - s.SubscriptionFilters = v +// SetNextToken sets the NextToken field's value. +func (s *ListAnomaliesOutput) SetNextToken(v string) *ListAnomaliesOutput { + s.NextToken = &v return s } -// Represents a cross-account destination that receives subscription log events. -type Destination struct { +type ListLogAnomalyDetectorsInput struct { _ struct{} `type:"structure"` - // An IAM policy document that governs which Amazon Web Services accounts can - // create subscription filters against this destination. - AccessPolicy *string `locationName:"accessPolicy" min:"1" type:"string"` - - // The ARN of this destination. - Arn *string `locationName:"arn" type:"string"` - - // The creation time of the destination, expressed as the number of milliseconds - // after Jan 1, 1970 00:00:00 UTC. - CreationTime *int64 `locationName:"creationTime" type:"long"` - - // The name of the destination. - DestinationName *string `locationName:"destinationName" min:"1" type:"string"` - - // A role for impersonation, used when delivering log events to the target. - RoleArn *string `locationName:"roleArn" min:"1" type:"string"` - - // The Amazon Resource Name (ARN) of the physical target where the log events - // are delivered (for example, a Kinesis stream). - TargetArn *string `locationName:"targetArn" min:"1" type:"string"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s Destination) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s Destination) GoString() string { - return s.String() -} - -// SetAccessPolicy sets the AccessPolicy field's value. -func (s *Destination) SetAccessPolicy(v string) *Destination { - s.AccessPolicy = &v - return s -} - -// SetArn sets the Arn field's value. -func (s *Destination) SetArn(v string) *Destination { - s.Arn = &v - return s -} - -// SetCreationTime sets the CreationTime field's value. -func (s *Destination) SetCreationTime(v int64) *Destination { - s.CreationTime = &v - return s -} - -// SetDestinationName sets the DestinationName field's value. -func (s *Destination) SetDestinationName(v string) *Destination { - s.DestinationName = &v - return s -} - -// SetRoleArn sets the RoleArn field's value. -func (s *Destination) SetRoleArn(v string) *Destination { - s.RoleArn = &v - return s -} - -// SetTargetArn sets the TargetArn field's value. -func (s *Destination) SetTargetArn(v string) *Destination { - s.TargetArn = &v - return s -} + // Use this to optionally filter the results to only include anomaly detectors + // that are associated with the specified log group. + FilterLogGroupArn *string `locationName:"filterLogGroupArn" min:"1" type:"string"` -type DisassociateKmsKeyInput struct { - _ struct{} `type:"structure"` + // The maximum number of items to return. If you don't specify a value, the + // default maximum value of 50 items is used. + Limit *int64 `locationName:"limit" min:"1" type:"integer"` - // The name of the log group. - // - // LogGroupName is a required field - LogGroupName *string `locationName:"logGroupName" min:"1" type:"string" required:"true"` + // The token for the next set of items to return. The token expires after 24 + // hours. + NextToken *string `locationName:"nextToken" min:"1" type:"string"` } // String returns the string representation. @@ -7590,7 +15130,7 @@ type DisassociateKmsKeyInput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s DisassociateKmsKeyInput) String() string { +func (s ListLogAnomalyDetectorsInput) String() string { return awsutil.Prettify(s) } @@ -7599,18 +15139,21 @@ func (s DisassociateKmsKeyInput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s DisassociateKmsKeyInput) GoString() string { +func (s ListLogAnomalyDetectorsInput) GoString() string { return s.String() } // Validate inspects the fields of the type to determine if they are valid. -func (s *DisassociateKmsKeyInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "DisassociateKmsKeyInput"} - if s.LogGroupName == nil { - invalidParams.Add(request.NewErrParamRequired("LogGroupName")) +func (s *ListLogAnomalyDetectorsInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "ListLogAnomalyDetectorsInput"} + if s.FilterLogGroupArn != nil && len(*s.FilterLogGroupArn) < 1 { + invalidParams.Add(request.NewErrParamMinLen("FilterLogGroupArn", 1)) } - if s.LogGroupName != nil && len(*s.LogGroupName) < 1 { - invalidParams.Add(request.NewErrParamMinLen("LogGroupName", 1)) + if s.Limit != nil && *s.Limit < 1 { + invalidParams.Add(request.NewErrParamMinValue("Limit", 1)) + } + if s.NextToken != nil && len(*s.NextToken) < 1 { + invalidParams.Add(request.NewErrParamMinLen("NextToken", 1)) } if invalidParams.Len() > 0 { @@ -7619,66 +15162,34 @@ func (s *DisassociateKmsKeyInput) Validate() error { return nil } -// SetLogGroupName sets the LogGroupName field's value. -func (s *DisassociateKmsKeyInput) SetLogGroupName(v string) *DisassociateKmsKeyInput { - s.LogGroupName = &v +// SetFilterLogGroupArn sets the FilterLogGroupArn field's value. +func (s *ListLogAnomalyDetectorsInput) SetFilterLogGroupArn(v string) *ListLogAnomalyDetectorsInput { + s.FilterLogGroupArn = &v return s } -type DisassociateKmsKeyOutput struct { - _ struct{} `type:"structure"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s DisassociateKmsKeyOutput) String() string { - return awsutil.Prettify(s) +// SetLimit sets the Limit field's value. +func (s *ListLogAnomalyDetectorsInput) SetLimit(v int64) *ListLogAnomalyDetectorsInput { + s.Limit = &v + return s } -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s DisassociateKmsKeyOutput) GoString() string { - return s.String() +// SetNextToken sets the NextToken field's value. +func (s *ListLogAnomalyDetectorsInput) SetNextToken(v string) *ListLogAnomalyDetectorsInput { + s.NextToken = &v + return s } -// Represents an export task. -type ExportTask struct { +type ListLogAnomalyDetectorsOutput struct { _ struct{} `type:"structure"` - // The name of the S3 bucket to which the log data was exported. - Destination *string `locationName:"destination" min:"1" type:"string"` - - // The prefix that was used as the start of Amazon S3 key for every object exported. - DestinationPrefix *string `locationName:"destinationPrefix" type:"string"` - - // Execution information about the export task. - ExecutionInfo *ExportTaskExecutionInfo `locationName:"executionInfo" type:"structure"` - - // The start time, expressed as the number of milliseconds after Jan 1, 1970 - // 00:00:00 UTC. Events with a timestamp before this time are not exported. - From *int64 `locationName:"from" type:"long"` - - // The name of the log group from which logs data was exported. - LogGroupName *string `locationName:"logGroupName" min:"1" type:"string"` - - // The status of the export task. - Status *ExportTaskStatus `locationName:"status" type:"structure"` - - // The ID of the export task. - TaskId *string `locationName:"taskId" min:"1" type:"string"` - - // The name of the export task. - TaskName *string `locationName:"taskName" min:"1" type:"string"` + // An array of structures, where each structure in the array contains information + // about one anomaly detector. + AnomalyDetectors []*AnomalyDetector `locationName:"anomalyDetectors" type:"list"` - // The end time, expressed as the number of milliseconds after Jan 1, 1970 00:00:00 - // UTC. Events with a timestamp later than this time are not exported. - To *int64 `locationName:"to" type:"long"` + // The token for the next set of items to return. The token expires after 24 + // hours. + NextToken *string `locationName:"nextToken" min:"1" type:"string"` } // String returns the string representation. @@ -7686,7 +15197,7 @@ type ExportTask struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s ExportTask) String() string { +func (s ListLogAnomalyDetectorsOutput) String() string { return awsutil.Prettify(s) } @@ -7695,75 +15206,36 @@ func (s ExportTask) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s ExportTask) GoString() string { +func (s ListLogAnomalyDetectorsOutput) GoString() string { return s.String() } -// SetDestination sets the Destination field's value. -func (s *ExportTask) SetDestination(v string) *ExportTask { - s.Destination = &v - return s -} - -// SetDestinationPrefix sets the DestinationPrefix field's value. -func (s *ExportTask) SetDestinationPrefix(v string) *ExportTask { - s.DestinationPrefix = &v - return s -} - -// SetExecutionInfo sets the ExecutionInfo field's value. -func (s *ExportTask) SetExecutionInfo(v *ExportTaskExecutionInfo) *ExportTask { - s.ExecutionInfo = v - return s -} - -// SetFrom sets the From field's value. -func (s *ExportTask) SetFrom(v int64) *ExportTask { - s.From = &v - return s -} - -// SetLogGroupName sets the LogGroupName field's value. -func (s *ExportTask) SetLogGroupName(v string) *ExportTask { - s.LogGroupName = &v - return s -} - -// SetStatus sets the Status field's value. -func (s *ExportTask) SetStatus(v *ExportTaskStatus) *ExportTask { - s.Status = v - return s -} - -// SetTaskId sets the TaskId field's value. -func (s *ExportTask) SetTaskId(v string) *ExportTask { - s.TaskId = &v - return s -} - -// SetTaskName sets the TaskName field's value. -func (s *ExportTask) SetTaskName(v string) *ExportTask { - s.TaskName = &v +// SetAnomalyDetectors sets the AnomalyDetectors field's value. +func (s *ListLogAnomalyDetectorsOutput) SetAnomalyDetectors(v []*AnomalyDetector) *ListLogAnomalyDetectorsOutput { + s.AnomalyDetectors = v return s } -// SetTo sets the To field's value. -func (s *ExportTask) SetTo(v int64) *ExportTask { - s.To = &v +// SetNextToken sets the NextToken field's value. +func (s *ListLogAnomalyDetectorsOutput) SetNextToken(v string) *ListLogAnomalyDetectorsOutput { + s.NextToken = &v return s -} - -// Represents the status of an export task. -type ExportTaskExecutionInfo struct { - _ struct{} `type:"structure"` +} - // The completion time of the export task, expressed as the number of milliseconds - // after Jan 1, 1970 00:00:00 UTC. - CompletionTime *int64 `locationName:"completionTime" type:"long"` +type ListTagsForResourceInput struct { + _ struct{} `type:"structure"` - // The creation time of the export task, expressed as the number of milliseconds - // after Jan 1, 1970 00:00:00 UTC. - CreationTime *int64 `locationName:"creationTime" type:"long"` + // The ARN of the resource that you want to view tags for. + // + // The ARN format of a log group is arn:aws:logs:Region:account-id:log-group:log-group-name + // + // The ARN format of a destination is arn:aws:logs:Region:account-id:destination:destination-name + // + // For more information about ARN format, see CloudWatch Logs resources and + // operations (https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/iam-access-control-overview-cwl.html). + // + // ResourceArn is a required field + ResourceArn *string `locationName:"resourceArn" min:"1" type:"string" required:"true"` } // String returns the string representation. @@ -7771,7 +15243,7 @@ type ExportTaskExecutionInfo struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s ExportTaskExecutionInfo) String() string { +func (s ListTagsForResourceInput) String() string { return awsutil.Prettify(s) } @@ -7780,31 +15252,37 @@ func (s ExportTaskExecutionInfo) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s ExportTaskExecutionInfo) GoString() string { +func (s ListTagsForResourceInput) GoString() string { return s.String() } -// SetCompletionTime sets the CompletionTime field's value. -func (s *ExportTaskExecutionInfo) SetCompletionTime(v int64) *ExportTaskExecutionInfo { - s.CompletionTime = &v - return s +// Validate inspects the fields of the type to determine if they are valid. +func (s *ListTagsForResourceInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "ListTagsForResourceInput"} + if s.ResourceArn == nil { + invalidParams.Add(request.NewErrParamRequired("ResourceArn")) + } + if s.ResourceArn != nil && len(*s.ResourceArn) < 1 { + invalidParams.Add(request.NewErrParamMinLen("ResourceArn", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil } -// SetCreationTime sets the CreationTime field's value. -func (s *ExportTaskExecutionInfo) SetCreationTime(v int64) *ExportTaskExecutionInfo { - s.CreationTime = &v +// SetResourceArn sets the ResourceArn field's value. +func (s *ListTagsForResourceInput) SetResourceArn(v string) *ListTagsForResourceInput { + s.ResourceArn = &v return s } -// Represents the status of an export task. -type ExportTaskStatus struct { +type ListTagsForResourceOutput struct { _ struct{} `type:"structure"` - // The status code of the export task. - Code *string `locationName:"code" type:"string" enum:"ExportTaskStatusCode"` - - // The status message related to the status code. - Message *string `locationName:"message" type:"string"` + // The list of tags associated with the requested resource.> + Tags map[string]*string `locationName:"tags" min:"1" type:"map"` } // String returns the string representation. @@ -7812,7 +15290,7 @@ type ExportTaskStatus struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s ExportTaskStatus) String() string { +func (s ListTagsForResourceOutput) String() string { return awsutil.Prettify(s) } @@ -7821,97 +15299,24 @@ func (s ExportTaskStatus) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s ExportTaskStatus) GoString() string { +func (s ListTagsForResourceOutput) GoString() string { return s.String() } -// SetCode sets the Code field's value. -func (s *ExportTaskStatus) SetCode(v string) *ExportTaskStatus { - s.Code = &v - return s -} - -// SetMessage sets the Message field's value. -func (s *ExportTaskStatus) SetMessage(v string) *ExportTaskStatus { - s.Message = &v +// SetTags sets the Tags field's value. +func (s *ListTagsForResourceOutput) SetTags(v map[string]*string) *ListTagsForResourceOutput { + s.Tags = v return s } -type FilterLogEventsInput struct { - _ struct{} `type:"structure"` - - // The end of the time range, expressed as the number of milliseconds after - // Jan 1, 1970 00:00:00 UTC. Events with a timestamp later than this time are - // not returned. - EndTime *int64 `locationName:"endTime" type:"long"` - - // The filter pattern to use. For more information, see Filter and Pattern Syntax - // (https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/FilterAndPatternSyntax.html). - // - // If not provided, all the events are matched. - FilterPattern *string `locationName:"filterPattern" type:"string"` - - // If the value is true, the operation attempts to provide responses that contain - // events from multiple log streams within the log group, interleaved in a single - // response. If the value is false, all the matched log events in the first - // log stream are searched first, then those in the next log stream, and so - // on. - // - // Important As of June 17, 2019, this parameter is ignored and the value is - // assumed to be true. The response from this operation always interleaves events - // from multiple log streams within a log group. - // - // Deprecated: Starting on June 17, 2019, this parameter will be ignored and the value will be assumed to be true. The response from this operation will always interleave events from multiple log streams within a log group. - Interleaved *bool `locationName:"interleaved" deprecated:"true" type:"boolean"` - - // The maximum number of events to return. The default is 10,000 events. - Limit *int64 `locationName:"limit" min:"1" type:"integer"` - - // Specify either the name or ARN of the log group to view log events from. - // If the log group is in a source account and you are using a monitoring account, - // you must use the log group ARN. - // - // If you specify values for both logGroupName and logGroupIdentifier, the action - // returns an InvalidParameterException error. - LogGroupIdentifier *string `locationName:"logGroupIdentifier" min:"1" type:"string"` +// Deprecated: Please use the generic tagging API model ListTagsForResourceRequest and ListTagsForResourceResponse +type ListTagsLogGroupInput struct { + _ struct{} `deprecated:"true" type:"structure"` - // The name of the log group to search. - // - // If you specify values for both logGroupName and logGroupIdentifier, the action - // returns an InvalidParameterException error. + // The name of the log group. // // LogGroupName is a required field LogGroupName *string `locationName:"logGroupName" min:"1" type:"string" required:"true"` - - // Filters the results to include only events from log streams that have names - // starting with this prefix. - // - // If you specify a value for both logStreamNamePrefix and logStreamNames, but - // the value for logStreamNamePrefix does not match any log stream names specified - // in logStreamNames, the action returns an InvalidParameterException error. - LogStreamNamePrefix *string `locationName:"logStreamNamePrefix" min:"1" type:"string"` - - // Filters the results to only logs from the log streams in this list. - // - // If you specify a value for both logStreamNamePrefix and logStreamNames, the - // action returns an InvalidParameterException error. - LogStreamNames []*string `locationName:"logStreamNames" min:"1" type:"list"` - - // The token for the next set of events to return. (You received this token - // from a previous call.) - NextToken *string `locationName:"nextToken" min:"1" type:"string"` - - // The start of the time range, expressed as the number of milliseconds after - // Jan 1, 1970 00:00:00 UTC. Events with a timestamp before this time are not - // returned. - StartTime *int64 `locationName:"startTime" type:"long"` - - // Specify true to display the log event fields with all sensitive data unmasked - // and visible. The default is false. - // - // To use this operation with this parameter, you must be signed into an account - // with the logs:Unmask permission. - Unmask *bool `locationName:"unmask" type:"boolean"` } // String returns the string representation. @@ -7919,7 +15324,7 @@ type FilterLogEventsInput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s FilterLogEventsInput) String() string { +func (s ListTagsLogGroupInput) String() string { return awsutil.Prettify(s) } @@ -7928,34 +15333,19 @@ func (s FilterLogEventsInput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s FilterLogEventsInput) GoString() string { +func (s ListTagsLogGroupInput) GoString() string { return s.String() } // Validate inspects the fields of the type to determine if they are valid. -func (s *FilterLogEventsInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "FilterLogEventsInput"} - if s.Limit != nil && *s.Limit < 1 { - invalidParams.Add(request.NewErrParamMinValue("Limit", 1)) - } - if s.LogGroupIdentifier != nil && len(*s.LogGroupIdentifier) < 1 { - invalidParams.Add(request.NewErrParamMinLen("LogGroupIdentifier", 1)) - } +func (s *ListTagsLogGroupInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "ListTagsLogGroupInput"} if s.LogGroupName == nil { invalidParams.Add(request.NewErrParamRequired("LogGroupName")) } if s.LogGroupName != nil && len(*s.LogGroupName) < 1 { invalidParams.Add(request.NewErrParamMinLen("LogGroupName", 1)) } - if s.LogStreamNamePrefix != nil && len(*s.LogStreamNamePrefix) < 1 { - invalidParams.Add(request.NewErrParamMinLen("LogStreamNamePrefix", 1)) - } - if s.LogStreamNames != nil && len(s.LogStreamNames) < 1 { - invalidParams.Add(request.NewErrParamMinLen("LogStreamNames", 1)) - } - if s.NextToken != nil && len(*s.NextToken) < 1 { - invalidParams.Add(request.NewErrParamMinLen("NextToken", 1)) - } if invalidParams.Len() > 0 { return invalidParams @@ -7963,88 +15353,127 @@ func (s *FilterLogEventsInput) Validate() error { return nil } -// SetEndTime sets the EndTime field's value. -func (s *FilterLogEventsInput) SetEndTime(v int64) *FilterLogEventsInput { - s.EndTime = &v +// SetLogGroupName sets the LogGroupName field's value. +func (s *ListTagsLogGroupInput) SetLogGroupName(v string) *ListTagsLogGroupInput { + s.LogGroupName = &v return s } -// SetFilterPattern sets the FilterPattern field's value. -func (s *FilterLogEventsInput) SetFilterPattern(v string) *FilterLogEventsInput { - s.FilterPattern = &v - return s +// Deprecated: Please use the generic tagging API model ListTagsForResourceRequest and ListTagsForResourceResponse +type ListTagsLogGroupOutput struct { + _ struct{} `deprecated:"true" type:"structure"` + + // The tags for the log group. + Tags map[string]*string `locationName:"tags" min:"1" type:"map"` } -// SetInterleaved sets the Interleaved field's value. -func (s *FilterLogEventsInput) SetInterleaved(v bool) *FilterLogEventsInput { - s.Interleaved = &v - return s +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ListTagsLogGroupOutput) String() string { + return awsutil.Prettify(s) } -// SetLimit sets the Limit field's value. -func (s *FilterLogEventsInput) SetLimit(v int64) *FilterLogEventsInput { - s.Limit = &v - return s +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ListTagsLogGroupOutput) GoString() string { + return s.String() } -// SetLogGroupIdentifier sets the LogGroupIdentifier field's value. -func (s *FilterLogEventsInput) SetLogGroupIdentifier(v string) *FilterLogEventsInput { - s.LogGroupIdentifier = &v +// SetTags sets the Tags field's value. +func (s *ListTagsLogGroupOutput) SetTags(v map[string]*string) *ListTagsLogGroupOutput { + s.Tags = v return s } -// SetLogGroupName sets the LogGroupName field's value. -func (s *FilterLogEventsInput) SetLogGroupName(v string) *FilterLogEventsInput { - s.LogGroupName = &v - return s +// This object contains the information for one log event returned in a Live +// Tail stream. +type LiveTailSessionLogEvent struct { + _ struct{} `type:"structure"` + + // The timestamp specifying when this log event was ingested into the log group. + IngestionTime *int64 `locationName:"ingestionTime" type:"long"` + + // The name or ARN of the log group that ingested this log event. + LogGroupIdentifier *string `locationName:"logGroupIdentifier" min:"1" type:"string"` + + // The name of the log stream that ingested this log event. + LogStreamName *string `locationName:"logStreamName" min:"1" type:"string"` + + // The log event message text. + Message *string `locationName:"message" min:"1" type:"string"` + + // The timestamp specifying when this log event was created. + Timestamp *int64 `locationName:"timestamp" type:"long"` } -// SetLogStreamNamePrefix sets the LogStreamNamePrefix field's value. -func (s *FilterLogEventsInput) SetLogStreamNamePrefix(v string) *FilterLogEventsInput { - s.LogStreamNamePrefix = &v +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s LiveTailSessionLogEvent) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s LiveTailSessionLogEvent) GoString() string { + return s.String() +} + +// SetIngestionTime sets the IngestionTime field's value. +func (s *LiveTailSessionLogEvent) SetIngestionTime(v int64) *LiveTailSessionLogEvent { + s.IngestionTime = &v return s } -// SetLogStreamNames sets the LogStreamNames field's value. -func (s *FilterLogEventsInput) SetLogStreamNames(v []*string) *FilterLogEventsInput { - s.LogStreamNames = v +// SetLogGroupIdentifier sets the LogGroupIdentifier field's value. +func (s *LiveTailSessionLogEvent) SetLogGroupIdentifier(v string) *LiveTailSessionLogEvent { + s.LogGroupIdentifier = &v return s } -// SetNextToken sets the NextToken field's value. -func (s *FilterLogEventsInput) SetNextToken(v string) *FilterLogEventsInput { - s.NextToken = &v +// SetLogStreamName sets the LogStreamName field's value. +func (s *LiveTailSessionLogEvent) SetLogStreamName(v string) *LiveTailSessionLogEvent { + s.LogStreamName = &v return s } -// SetStartTime sets the StartTime field's value. -func (s *FilterLogEventsInput) SetStartTime(v int64) *FilterLogEventsInput { - s.StartTime = &v +// SetMessage sets the Message field's value. +func (s *LiveTailSessionLogEvent) SetMessage(v string) *LiveTailSessionLogEvent { + s.Message = &v return s } -// SetUnmask sets the Unmask field's value. -func (s *FilterLogEventsInput) SetUnmask(v bool) *FilterLogEventsInput { - s.Unmask = &v +// SetTimestamp sets the Timestamp field's value. +func (s *LiveTailSessionLogEvent) SetTimestamp(v int64) *LiveTailSessionLogEvent { + s.Timestamp = &v return s } -type FilterLogEventsOutput struct { +// This object contains the metadata for one LiveTailSessionUpdate structure. +// It indicates whether that update includes only a sample of 500 log events +// out of a larger number of ingested log events, or if it contains all of the +// matching log events ingested during that second of time. +type LiveTailSessionMetadata struct { _ struct{} `type:"structure"` - // The matched events. - Events []*FilteredLogEvent `locationName:"events" type:"list"` - - // The token to use when requesting the next set of items. The token expires - // after 24 hours. - NextToken *string `locationName:"nextToken" min:"1" type:"string"` - - // Important As of May 15, 2020, this parameter is no longer supported. This - // parameter returns an empty list. + // If this is true, then more than 500 log events matched the request for this + // update, and the sessionResults includes a sample of 500 of those events. // - // Indicates which log streams have been searched and whether each has been - // searched completely. - SearchedLogStreams []*SearchedLogStream `locationName:"searchedLogStreams" type:"list"` + // If this is false, then 500 or fewer log events matched the request for this + // update, so no sampling was necessary. In this case, the sessionResults array + // includes all log events that matched your request during this time. + Sampled *bool `locationName:"sampled" type:"boolean"` } // String returns the string representation. @@ -8052,7 +15481,7 @@ type FilterLogEventsOutput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s FilterLogEventsOutput) String() string { +func (s LiveTailSessionMetadata) String() string { return awsutil.Prettify(s) } @@ -8061,48 +15490,49 @@ func (s FilterLogEventsOutput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s FilterLogEventsOutput) GoString() string { +func (s LiveTailSessionMetadata) GoString() string { return s.String() } -// SetEvents sets the Events field's value. -func (s *FilterLogEventsOutput) SetEvents(v []*FilteredLogEvent) *FilterLogEventsOutput { - s.Events = v - return s -} - -// SetNextToken sets the NextToken field's value. -func (s *FilterLogEventsOutput) SetNextToken(v string) *FilterLogEventsOutput { - s.NextToken = &v - return s -} - -// SetSearchedLogStreams sets the SearchedLogStreams field's value. -func (s *FilterLogEventsOutput) SetSearchedLogStreams(v []*SearchedLogStream) *FilterLogEventsOutput { - s.SearchedLogStreams = v +// SetSampled sets the Sampled field's value. +func (s *LiveTailSessionMetadata) SetSampled(v bool) *LiveTailSessionMetadata { + s.Sampled = &v return s } -// Represents a matched event. -type FilteredLogEvent struct { +// This object contains information about this Live Tail session, including +// the log groups included and the log stream filters, if any. +type LiveTailSessionStart struct { _ struct{} `type:"structure"` - // The ID of the event. - EventId *string `locationName:"eventId" type:"string"` - - // The time the event was ingested, expressed as the number of milliseconds - // after Jan 1, 1970 00:00:00 UTC. - IngestionTime *int64 `locationName:"ingestionTime" type:"long"` - - // The name of the log stream to which this event belongs. - LogStreamName *string `locationName:"logStreamName" min:"1" type:"string"` + // An optional pattern to filter the results to include only log events that + // match the pattern. For example, a filter pattern of error 404 displays only + // log events that include both error and 404. + // + // For more information about filter pattern syntax, see Filter and Pattern + // Syntax (https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/FilterAndPatternSyntax.html). + LogEventFilterPattern *string `locationName:"logEventFilterPattern" type:"string"` + + // An array of the names and ARNs of the log groups included in this Live Tail + // session. + LogGroupIdentifiers []*string `locationName:"logGroupIdentifiers" min:"1" type:"list"` + + // If your StartLiveTail operation request included a logStreamNamePrefixes + // parameter that filtered the session to only include log streams that have + // names that start with certain prefixes, these prefixes are listed here. + LogStreamNamePrefixes []*string `locationName:"logStreamNamePrefixes" min:"1" type:"list"` + + // If your StartLiveTail operation request included a logStreamNames parameter + // that filtered the session to only include certain log streams, these streams + // are listed here. + LogStreamNames []*string `locationName:"logStreamNames" min:"1" type:"list"` - // The data contained in the log event. - Message *string `locationName:"message" min:"1" type:"string"` + // The unique ID generated by CloudWatch Logs to identify this Live Tail session + // request. + RequestId *string `locationName:"requestId" type:"string"` - // The time the event occurred, expressed as the number of milliseconds after - // Jan 1, 1970 00:00:00 UTC. - Timestamp *int64 `locationName:"timestamp" type:"long"` + // The unique ID generated by CloudWatch Logs to identify this Live Tail session. + SessionId *string `locationName:"sessionId" type:"string"` } // String returns the string representation. @@ -8110,7 +15540,7 @@ type FilteredLogEvent struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s FilteredLogEvent) String() string { +func (s LiveTailSessionStart) String() string { return awsutil.Prettify(s) } @@ -8119,48 +15549,89 @@ func (s FilteredLogEvent) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s FilteredLogEvent) GoString() string { +func (s LiveTailSessionStart) GoString() string { return s.String() } -// SetEventId sets the EventId field's value. -func (s *FilteredLogEvent) SetEventId(v string) *FilteredLogEvent { - s.EventId = &v +// SetLogEventFilterPattern sets the LogEventFilterPattern field's value. +func (s *LiveTailSessionStart) SetLogEventFilterPattern(v string) *LiveTailSessionStart { + s.LogEventFilterPattern = &v return s } -// SetIngestionTime sets the IngestionTime field's value. -func (s *FilteredLogEvent) SetIngestionTime(v int64) *FilteredLogEvent { - s.IngestionTime = &v +// SetLogGroupIdentifiers sets the LogGroupIdentifiers field's value. +func (s *LiveTailSessionStart) SetLogGroupIdentifiers(v []*string) *LiveTailSessionStart { + s.LogGroupIdentifiers = v return s } -// SetLogStreamName sets the LogStreamName field's value. -func (s *FilteredLogEvent) SetLogStreamName(v string) *FilteredLogEvent { - s.LogStreamName = &v +// SetLogStreamNamePrefixes sets the LogStreamNamePrefixes field's value. +func (s *LiveTailSessionStart) SetLogStreamNamePrefixes(v []*string) *LiveTailSessionStart { + s.LogStreamNamePrefixes = v return s } -// SetMessage sets the Message field's value. -func (s *FilteredLogEvent) SetMessage(v string) *FilteredLogEvent { - s.Message = &v +// SetLogStreamNames sets the LogStreamNames field's value. +func (s *LiveTailSessionStart) SetLogStreamNames(v []*string) *LiveTailSessionStart { + s.LogStreamNames = v return s } -// SetTimestamp sets the Timestamp field's value. -func (s *FilteredLogEvent) SetTimestamp(v int64) *FilteredLogEvent { - s.Timestamp = &v +// SetRequestId sets the RequestId field's value. +func (s *LiveTailSessionStart) SetRequestId(v string) *LiveTailSessionStart { + s.RequestId = &v return s } -type GetDataProtectionPolicyInput struct { +// SetSessionId sets the SessionId field's value. +func (s *LiveTailSessionStart) SetSessionId(v string) *LiveTailSessionStart { + s.SessionId = &v + return s +} + +// The LiveTailSessionStart is and event in the StartLiveTailResponseStream group of events. +func (s *LiveTailSessionStart) eventStartLiveTailResponseStream() {} + +// UnmarshalEvent unmarshals the EventStream Message into the LiveTailSessionStart value. +// This method is only used internally within the SDK's EventStream handling. +func (s *LiveTailSessionStart) UnmarshalEvent( + payloadUnmarshaler protocol.PayloadUnmarshaler, + msg eventstream.Message, +) error { + if err := payloadUnmarshaler.UnmarshalPayload( + bytes.NewReader(msg.Payload), s, + ); err != nil { + return err + } + return nil +} + +// MarshalEvent marshals the type into an stream event value. This method +// should only used internally within the SDK's EventStream handling. +func (s *LiveTailSessionStart) MarshalEvent(pm protocol.PayloadMarshaler) (msg eventstream.Message, err error) { + msg.Headers.Set(eventstreamapi.MessageTypeHeader, eventstream.StringValue(eventstreamapi.EventMessageType)) + var buf bytes.Buffer + if err = pm.MarshalPayload(&buf, s); err != nil { + return eventstream.Message{}, err + } + msg.Payload = buf.Bytes() + return msg, err +} + +// This object contains the log events and metadata for a Live Tail session. +type LiveTailSessionUpdate struct { _ struct{} `type:"structure"` - // The name or ARN of the log group that contains the data protection policy - // that you want to see. + // This object contains the session metadata for a Live Tail session. + SessionMetadata *LiveTailSessionMetadata `locationName:"sessionMetadata" type:"structure"` + + // An array, where each member of the array includes the information for one + // log event in the Live Tail session. // - // LogGroupIdentifier is a required field - LogGroupIdentifier *string `locationName:"logGroupIdentifier" min:"1" type:"string" required:"true"` + // A sessionResults array can include as many as 500 log events. If the number + // of log events matching the request exceeds 500 per second, the log events + // are sampled down to 500 log events to be included in each sessionUpdate structure. + SessionResults []*LiveTailSessionLogEvent `locationName:"sessionResults" type:"list"` } // String returns the string representation. @@ -8168,7 +15639,7 @@ type GetDataProtectionPolicyInput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s GetDataProtectionPolicyInput) String() string { +func (s LiveTailSessionUpdate) String() string { return awsutil.Prettify(s) } @@ -8177,43 +15648,61 @@ func (s GetDataProtectionPolicyInput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s GetDataProtectionPolicyInput) GoString() string { +func (s LiveTailSessionUpdate) GoString() string { return s.String() } -// Validate inspects the fields of the type to determine if they are valid. -func (s *GetDataProtectionPolicyInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "GetDataProtectionPolicyInput"} - if s.LogGroupIdentifier == nil { - invalidParams.Add(request.NewErrParamRequired("LogGroupIdentifier")) - } - if s.LogGroupIdentifier != nil && len(*s.LogGroupIdentifier) < 1 { - invalidParams.Add(request.NewErrParamMinLen("LogGroupIdentifier", 1)) - } +// SetSessionMetadata sets the SessionMetadata field's value. +func (s *LiveTailSessionUpdate) SetSessionMetadata(v *LiveTailSessionMetadata) *LiveTailSessionUpdate { + s.SessionMetadata = v + return s +} - if invalidParams.Len() > 0 { - return invalidParams +// SetSessionResults sets the SessionResults field's value. +func (s *LiveTailSessionUpdate) SetSessionResults(v []*LiveTailSessionLogEvent) *LiveTailSessionUpdate { + s.SessionResults = v + return s +} + +// The LiveTailSessionUpdate is and event in the StartLiveTailResponseStream group of events. +func (s *LiveTailSessionUpdate) eventStartLiveTailResponseStream() {} + +// UnmarshalEvent unmarshals the EventStream Message into the LiveTailSessionUpdate value. +// This method is only used internally within the SDK's EventStream handling. +func (s *LiveTailSessionUpdate) UnmarshalEvent( + payloadUnmarshaler protocol.PayloadUnmarshaler, + msg eventstream.Message, +) error { + if err := payloadUnmarshaler.UnmarshalPayload( + bytes.NewReader(msg.Payload), s, + ); err != nil { + return err } return nil } -// SetLogGroupIdentifier sets the LogGroupIdentifier field's value. -func (s *GetDataProtectionPolicyInput) SetLogGroupIdentifier(v string) *GetDataProtectionPolicyInput { - s.LogGroupIdentifier = &v - return s +// MarshalEvent marshals the type into an stream event value. This method +// should only used internally within the SDK's EventStream handling. +func (s *LiveTailSessionUpdate) MarshalEvent(pm protocol.PayloadMarshaler) (msg eventstream.Message, err error) { + msg.Headers.Set(eventstreamapi.MessageTypeHeader, eventstream.StringValue(eventstreamapi.EventMessageType)) + var buf bytes.Buffer + if err = pm.MarshalPayload(&buf, s); err != nil { + return eventstream.Message{}, err + } + msg.Payload = buf.Bytes() + return msg, err } -type GetDataProtectionPolicyOutput struct { +// This structure contains the information for one sample log event that is +// associated with an anomaly found by a log anomaly detector. +type LogEvent struct { _ struct{} `type:"structure"` - // The date and time that this policy was most recently updated. - LastUpdatedTime *int64 `locationName:"lastUpdatedTime" type:"long"` - - // The log group name or ARN that you specified in your request. - LogGroupIdentifier *string `locationName:"logGroupIdentifier" min:"1" type:"string"` + // The message content of the log event. + Message *string `locationName:"message" min:"1" type:"string"` - // The data protection policy document for this log group. - PolicyDocument *string `locationName:"policyDocument" type:"string"` + // The time stamp of the log event. + Timestamp *int64 `locationName:"timestamp" type:"long"` } // String returns the string representation. @@ -8221,7 +15710,7 @@ type GetDataProtectionPolicyOutput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s GetDataProtectionPolicyOutput) String() string { +func (s LogEvent) String() string { return awsutil.Prettify(s) } @@ -8230,86 +15719,94 @@ func (s GetDataProtectionPolicyOutput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s GetDataProtectionPolicyOutput) GoString() string { +func (s LogEvent) GoString() string { return s.String() } -// SetLastUpdatedTime sets the LastUpdatedTime field's value. -func (s *GetDataProtectionPolicyOutput) SetLastUpdatedTime(v int64) *GetDataProtectionPolicyOutput { - s.LastUpdatedTime = &v - return s -} - -// SetLogGroupIdentifier sets the LogGroupIdentifier field's value. -func (s *GetDataProtectionPolicyOutput) SetLogGroupIdentifier(v string) *GetDataProtectionPolicyOutput { - s.LogGroupIdentifier = &v +// SetMessage sets the Message field's value. +func (s *LogEvent) SetMessage(v string) *LogEvent { + s.Message = &v return s } -// SetPolicyDocument sets the PolicyDocument field's value. -func (s *GetDataProtectionPolicyOutput) SetPolicyDocument(v string) *GetDataProtectionPolicyOutput { - s.PolicyDocument = &v +// SetTimestamp sets the Timestamp field's value. +func (s *LogEvent) SetTimestamp(v int64) *LogEvent { + s.Timestamp = &v return s } -type GetLogEventsInput struct { +// Represents a log group. +type LogGroup struct { _ struct{} `type:"structure"` - // The end of the time range, expressed as the number of milliseconds after - // Jan 1, 1970 00:00:00 UTC. Events with a timestamp equal to or later than - // this time are not included. - EndTime *int64 `locationName:"endTime" type:"long"` + // The Amazon Resource Name (ARN) of the log group. This version of the ARN + // includes a trailing :* after the log group name. + // + // Use this version to refer to the ARN in IAM policies when specifying permissions + // for most API actions. The exception is when specifying permissions for TagResource + // (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_TagResource.html), + // UntagResource (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_UntagResource.html), + // and ListTagsForResource (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_ListTagsForResource.html). + // The permissions for those three actions require the ARN version that doesn't + // include a trailing :*. + Arn *string `locationName:"arn" type:"string"` - // The maximum number of log events returned. If you don't specify a limit, - // the default is as many log events as can fit in a response size of 1 MB (up - // to 10,000 log events). - Limit *int64 `locationName:"limit" min:"1" type:"integer"` + // The creation time of the log group, expressed as the number of milliseconds + // after Jan 1, 1970 00:00:00 UTC. + CreationTime *int64 `locationName:"creationTime" type:"long"` - // Specify either the name or ARN of the log group to view events from. If the - // log group is in a source account and you are using a monitoring account, - // you must use the log group ARN. - // - // If you specify values for both logGroupName and logGroupIdentifier, the action - // returns an InvalidParameterException error. - LogGroupIdentifier *string `locationName:"logGroupIdentifier" min:"1" type:"string"` + // Displays whether this log group has a protection policy, or whether it had + // one in the past. For more information, see PutDataProtectionPolicy (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutDataProtectionPolicy.html). + DataProtectionStatus *string `locationName:"dataProtectionStatus" type:"string" enum:"DataProtectionStatus"` - // The name of the log group. + // Displays all the properties that this log group has inherited from account-level + // settings. + InheritedProperties []*string `locationName:"inheritedProperties" type:"list" enum:"InheritedProperty"` + + // The Amazon Resource Name (ARN) of the KMS key to use when encrypting log + // data. + KmsKeyId *string `locationName:"kmsKeyId" type:"string"` + + // The Amazon Resource Name (ARN) of the log group. This version of the ARN + // doesn't include a trailing :* after the log group name. // - // If you specify values for both logGroupName and logGroupIdentifier, the action - // returns an InvalidParameterException error. + // Use this version to refer to the ARN in the following situations: // - // LogGroupName is a required field - LogGroupName *string `locationName:"logGroupName" min:"1" type:"string" required:"true"` - - // The name of the log stream. + // * In the logGroupIdentifier input field in many CloudWatch Logs APIs. // - // LogStreamName is a required field - LogStreamName *string `locationName:"logStreamName" min:"1" type:"string" required:"true"` - - // The token for the next set of items to return. (You received this token from - // a previous call.) - NextToken *string `locationName:"nextToken" min:"1" type:"string"` + // * In the resourceArn field in tagging APIs + // + // * In IAM policies, when specifying permissions for TagResource (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_TagResource.html), + // UntagResource (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_UntagResource.html), + // and ListTagsForResource (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_ListTagsForResource.html). + LogGroupArn *string `locationName:"logGroupArn" type:"string"` - // If the value is true, the earliest log events are returned first. If the - // value is false, the latest log events are returned first. The default value - // is false. + // This specifies the log group class for this log group. There are two classes: // - // If you are using a previous nextForwardToken value as the nextToken in this - // operation, you must specify true for startFromHead. - StartFromHead *bool `locationName:"startFromHead" type:"boolean"` + // * The Standard log class supports all CloudWatch Logs features. + // + // * The Infrequent Access log class supports a subset of CloudWatch Logs + // features and incurs lower costs. + // + // For details about the features supported by each class, see Log classes (https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch_Logs_Log_Classes.html) + LogGroupClass *string `locationName:"logGroupClass" type:"string" enum:"LogGroupClass"` - // The start of the time range, expressed as the number of milliseconds after - // Jan 1, 1970 00:00:00 UTC. Events with a timestamp equal to this time or later - // than this time are included. Events with a timestamp earlier than this time - // are not included. - StartTime *int64 `locationName:"startTime" type:"long"` + // The name of the log group. + LogGroupName *string `locationName:"logGroupName" min:"1" type:"string"` - // Specify true to display the log event fields with all sensitive data unmasked - // and visible. The default is false. + // The number of metric filters. + MetricFilterCount *int64 `locationName:"metricFilterCount" type:"integer"` + + // The number of days to retain the log events in the specified log group. Possible + // values are: 1, 3, 5, 7, 14, 30, 60, 90, 120, 150, 180, 365, 400, 545, 731, + // 1096, 1827, 2192, 2557, 2922, 3288, and 3653. // - // To use this operation with this parameter, you must be signed into an account - // with the logs:Unmask permission. - Unmask *bool `locationName:"unmask" type:"boolean"` + // To set a log group so that its log events do not expire, use DeleteRetentionPolicy + // (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_DeleteRetentionPolicy.html). + RetentionInDays *int64 `locationName:"retentionInDays" type:"integer"` + + // The number of bytes stored. + StoredBytes *int64 `locationName:"storedBytes" type:"long"` } // String returns the string representation. @@ -8317,119 +15814,95 @@ type GetLogEventsInput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s GetLogEventsInput) String() string { +func (s LogGroup) String() string { return awsutil.Prettify(s) } // GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s GetLogEventsInput) GoString() string { - return s.String() -} - -// Validate inspects the fields of the type to determine if they are valid. -func (s *GetLogEventsInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "GetLogEventsInput"} - if s.Limit != nil && *s.Limit < 1 { - invalidParams.Add(request.NewErrParamMinValue("Limit", 1)) - } - if s.LogGroupIdentifier != nil && len(*s.LogGroupIdentifier) < 1 { - invalidParams.Add(request.NewErrParamMinLen("LogGroupIdentifier", 1)) - } - if s.LogGroupName == nil { - invalidParams.Add(request.NewErrParamRequired("LogGroupName")) - } - if s.LogGroupName != nil && len(*s.LogGroupName) < 1 { - invalidParams.Add(request.NewErrParamMinLen("LogGroupName", 1)) - } - if s.LogStreamName == nil { - invalidParams.Add(request.NewErrParamRequired("LogStreamName")) - } - if s.LogStreamName != nil && len(*s.LogStreamName) < 1 { - invalidParams.Add(request.NewErrParamMinLen("LogStreamName", 1)) - } - if s.NextToken != nil && len(*s.NextToken) < 1 { - invalidParams.Add(request.NewErrParamMinLen("NextToken", 1)) - } +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s LogGroup) GoString() string { + return s.String() +} - if invalidParams.Len() > 0 { - return invalidParams - } - return nil +// SetArn sets the Arn field's value. +func (s *LogGroup) SetArn(v string) *LogGroup { + s.Arn = &v + return s } -// SetEndTime sets the EndTime field's value. -func (s *GetLogEventsInput) SetEndTime(v int64) *GetLogEventsInput { - s.EndTime = &v +// SetCreationTime sets the CreationTime field's value. +func (s *LogGroup) SetCreationTime(v int64) *LogGroup { + s.CreationTime = &v return s } -// SetLimit sets the Limit field's value. -func (s *GetLogEventsInput) SetLimit(v int64) *GetLogEventsInput { - s.Limit = &v +// SetDataProtectionStatus sets the DataProtectionStatus field's value. +func (s *LogGroup) SetDataProtectionStatus(v string) *LogGroup { + s.DataProtectionStatus = &v return s } -// SetLogGroupIdentifier sets the LogGroupIdentifier field's value. -func (s *GetLogEventsInput) SetLogGroupIdentifier(v string) *GetLogEventsInput { - s.LogGroupIdentifier = &v +// SetInheritedProperties sets the InheritedProperties field's value. +func (s *LogGroup) SetInheritedProperties(v []*string) *LogGroup { + s.InheritedProperties = v return s } -// SetLogGroupName sets the LogGroupName field's value. -func (s *GetLogEventsInput) SetLogGroupName(v string) *GetLogEventsInput { - s.LogGroupName = &v +// SetKmsKeyId sets the KmsKeyId field's value. +func (s *LogGroup) SetKmsKeyId(v string) *LogGroup { + s.KmsKeyId = &v return s } -// SetLogStreamName sets the LogStreamName field's value. -func (s *GetLogEventsInput) SetLogStreamName(v string) *GetLogEventsInput { - s.LogStreamName = &v +// SetLogGroupArn sets the LogGroupArn field's value. +func (s *LogGroup) SetLogGroupArn(v string) *LogGroup { + s.LogGroupArn = &v return s } -// SetNextToken sets the NextToken field's value. -func (s *GetLogEventsInput) SetNextToken(v string) *GetLogEventsInput { - s.NextToken = &v +// SetLogGroupClass sets the LogGroupClass field's value. +func (s *LogGroup) SetLogGroupClass(v string) *LogGroup { + s.LogGroupClass = &v return s } -// SetStartFromHead sets the StartFromHead field's value. -func (s *GetLogEventsInput) SetStartFromHead(v bool) *GetLogEventsInput { - s.StartFromHead = &v +// SetLogGroupName sets the LogGroupName field's value. +func (s *LogGroup) SetLogGroupName(v string) *LogGroup { + s.LogGroupName = &v return s } -// SetStartTime sets the StartTime field's value. -func (s *GetLogEventsInput) SetStartTime(v int64) *GetLogEventsInput { - s.StartTime = &v +// SetMetricFilterCount sets the MetricFilterCount field's value. +func (s *LogGroup) SetMetricFilterCount(v int64) *LogGroup { + s.MetricFilterCount = &v return s } -// SetUnmask sets the Unmask field's value. -func (s *GetLogEventsInput) SetUnmask(v bool) *GetLogEventsInput { - s.Unmask = &v +// SetRetentionInDays sets the RetentionInDays field's value. +func (s *LogGroup) SetRetentionInDays(v int64) *LogGroup { + s.RetentionInDays = &v return s } -type GetLogEventsOutput struct { - _ struct{} `type:"structure"` +// SetStoredBytes sets the StoredBytes field's value. +func (s *LogGroup) SetStoredBytes(v int64) *LogGroup { + s.StoredBytes = &v + return s +} - // The events. - Events []*OutputLogEvent `locationName:"events" type:"list"` +// The fields contained in log events found by a GetLogGroupFields operation, +// along with the percentage of queried log events in which each field appears. +type LogGroupField struct { + _ struct{} `type:"structure"` - // The token for the next set of items in the backward direction. The token - // expires after 24 hours. This token is not null. If you have reached the end - // of the stream, it returns the same token you passed in. - NextBackwardToken *string `locationName:"nextBackwardToken" min:"1" type:"string"` + // The name of a log field. + Name *string `locationName:"name" type:"string"` - // The token for the next set of items in the forward direction. The token expires - // after 24 hours. If you have reached the end of the stream, it returns the - // same token you passed in. - NextForwardToken *string `locationName:"nextForwardToken" min:"1" type:"string"` + // The percentage of log events queried that contained the field. + Percent *int64 `locationName:"percent" type:"integer"` } // String returns the string representation. @@ -8437,7 +15910,7 @@ type GetLogEventsOutput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s GetLogEventsOutput) String() string { +func (s LogGroupField) String() string { return awsutil.Prettify(s) } @@ -8446,54 +15919,69 @@ func (s GetLogEventsOutput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s GetLogEventsOutput) GoString() string { +func (s LogGroupField) GoString() string { return s.String() } -// SetEvents sets the Events field's value. -func (s *GetLogEventsOutput) SetEvents(v []*OutputLogEvent) *GetLogEventsOutput { - s.Events = v - return s -} - -// SetNextBackwardToken sets the NextBackwardToken field's value. -func (s *GetLogEventsOutput) SetNextBackwardToken(v string) *GetLogEventsOutput { - s.NextBackwardToken = &v +// SetName sets the Name field's value. +func (s *LogGroupField) SetName(v string) *LogGroupField { + s.Name = &v return s } -// SetNextForwardToken sets the NextForwardToken field's value. -func (s *GetLogEventsOutput) SetNextForwardToken(v string) *GetLogEventsOutput { - s.NextForwardToken = &v +// SetPercent sets the Percent field's value. +func (s *LogGroupField) SetPercent(v int64) *LogGroupField { + s.Percent = &v return s } -type GetLogGroupFieldsInput struct { +// Represents a log stream, which is a sequence of log events from a single +// emitter of logs. +type LogStream struct { _ struct{} `type:"structure"` - // Specify either the name or ARN of the log group to view. If the log group - // is in a source account and you are using a monitoring account, you must specify - // the ARN. - // - // If you specify values for both logGroupName and logGroupIdentifier, the action - // returns an InvalidParameterException error. - LogGroupIdentifier *string `locationName:"logGroupIdentifier" min:"1" type:"string"` + // The Amazon Resource Name (ARN) of the log stream. + Arn *string `locationName:"arn" type:"string"` - // The name of the log group to search. + // The creation time of the stream, expressed as the number of milliseconds + // after Jan 1, 1970 00:00:00 UTC. + CreationTime *int64 `locationName:"creationTime" type:"long"` + + // The time of the first event, expressed as the number of milliseconds after + // Jan 1, 1970 00:00:00 UTC. + FirstEventTimestamp *int64 `locationName:"firstEventTimestamp" type:"long"` + + // The time of the most recent log event in the log stream in CloudWatch Logs. + // This number is expressed as the number of milliseconds after Jan 1, 1970 + // 00:00:00 UTC. The lastEventTime value updates on an eventual consistency + // basis. It typically updates in less than an hour from ingestion, but in rare + // situations might take longer. + LastEventTimestamp *int64 `locationName:"lastEventTimestamp" type:"long"` + + // The ingestion time, expressed as the number of milliseconds after Jan 1, + // 1970 00:00:00 UTC The lastIngestionTime value updates on an eventual consistency + // basis. It typically updates in less than an hour after ingestion, but in + // rare situations might take longer. + LastIngestionTime *int64 `locationName:"lastIngestionTime" type:"long"` + + // The name of the log stream. + LogStreamName *string `locationName:"logStreamName" min:"1" type:"string"` + + // The number of bytes stored. // - // If you specify values for both logGroupName and logGroupIdentifier, the action - // returns an InvalidParameterException error. + // Important: As of June 17, 2019, this parameter is no longer supported for + // log streams, and is always reported as zero. This change applies only to + // log streams. The storedBytes parameter for log groups is not affected. // - // LogGroupName is a required field - LogGroupName *string `locationName:"logGroupName" min:"1" type:"string" required:"true"` + // Deprecated: Starting on June 17, 2019, this parameter will be deprecated for log streams, and will be reported as zero. This change applies only to log streams. The storedBytes parameter for log groups is not affected. + StoredBytes *int64 `locationName:"storedBytes" deprecated:"true" type:"long"` - // The time to set as the center of the query. If you specify time, the 15 minutes - // before this time are queries. If you omit time, the 8 minutes before and - // 8 minutes after this time are searched. + // The sequence token. // - // The time value is specified as epoch time, which is the number of seconds - // since January 1, 1970, 00:00:00 UTC. - Time *int64 `locationName:"time" type:"long"` + // The sequence token is now ignored in PutLogEvents actions. PutLogEvents actions + // are always accepted regardless of receiving an invalid sequence token. You + // don't need to obtain uploadSequenceToken to use a PutLogEvents action. + UploadSequenceToken *string `locationName:"uploadSequenceToken" min:"1" type:"string"` } // String returns the string representation. @@ -8501,7 +15989,7 @@ type GetLogGroupFieldsInput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s GetLogGroupFieldsInput) String() string { +func (s LogStream) String() string { return awsutil.Prettify(s) } @@ -8510,97 +15998,71 @@ func (s GetLogGroupFieldsInput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s GetLogGroupFieldsInput) GoString() string { +func (s LogStream) GoString() string { return s.String() } -// Validate inspects the fields of the type to determine if they are valid. -func (s *GetLogGroupFieldsInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "GetLogGroupFieldsInput"} - if s.LogGroupIdentifier != nil && len(*s.LogGroupIdentifier) < 1 { - invalidParams.Add(request.NewErrParamMinLen("LogGroupIdentifier", 1)) - } - if s.LogGroupName == nil { - invalidParams.Add(request.NewErrParamRequired("LogGroupName")) - } - if s.LogGroupName != nil && len(*s.LogGroupName) < 1 { - invalidParams.Add(request.NewErrParamMinLen("LogGroupName", 1)) - } - - if invalidParams.Len() > 0 { - return invalidParams - } - return nil +// SetArn sets the Arn field's value. +func (s *LogStream) SetArn(v string) *LogStream { + s.Arn = &v + return s } -// SetLogGroupIdentifier sets the LogGroupIdentifier field's value. -func (s *GetLogGroupFieldsInput) SetLogGroupIdentifier(v string) *GetLogGroupFieldsInput { - s.LogGroupIdentifier = &v +// SetCreationTime sets the CreationTime field's value. +func (s *LogStream) SetCreationTime(v int64) *LogStream { + s.CreationTime = &v return s } -// SetLogGroupName sets the LogGroupName field's value. -func (s *GetLogGroupFieldsInput) SetLogGroupName(v string) *GetLogGroupFieldsInput { - s.LogGroupName = &v +// SetFirstEventTimestamp sets the FirstEventTimestamp field's value. +func (s *LogStream) SetFirstEventTimestamp(v int64) *LogStream { + s.FirstEventTimestamp = &v return s } -// SetTime sets the Time field's value. -func (s *GetLogGroupFieldsInput) SetTime(v int64) *GetLogGroupFieldsInput { - s.Time = &v +// SetLastEventTimestamp sets the LastEventTimestamp field's value. +func (s *LogStream) SetLastEventTimestamp(v int64) *LogStream { + s.LastEventTimestamp = &v return s } -type GetLogGroupFieldsOutput struct { - _ struct{} `type:"structure"` - - // The array of fields found in the query. Each object in the array contains - // the name of the field, along with the percentage of time it appeared in the - // log events that were queried. - LogGroupFields []*LogGroupField `locationName:"logGroupFields" type:"list"` +// SetLastIngestionTime sets the LastIngestionTime field's value. +func (s *LogStream) SetLastIngestionTime(v int64) *LogStream { + s.LastIngestionTime = &v + return s } -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s GetLogGroupFieldsOutput) String() string { - return awsutil.Prettify(s) +// SetLogStreamName sets the LogStreamName field's value. +func (s *LogStream) SetLogStreamName(v string) *LogStream { + s.LogStreamName = &v + return s } -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s GetLogGroupFieldsOutput) GoString() string { - return s.String() +// SetStoredBytes sets the StoredBytes field's value. +func (s *LogStream) SetStoredBytes(v int64) *LogStream { + s.StoredBytes = &v + return s } -// SetLogGroupFields sets the LogGroupFields field's value. -func (s *GetLogGroupFieldsOutput) SetLogGroupFields(v []*LogGroupField) *GetLogGroupFieldsOutput { - s.LogGroupFields = v +// SetUploadSequenceToken sets the UploadSequenceToken field's value. +func (s *LogStream) SetUploadSequenceToken(v string) *LogStream { + s.UploadSequenceToken = &v return s } -type GetLogRecordInput struct { - _ struct{} `type:"structure"` - - // The pointer corresponding to the log event record you want to retrieve. You - // get this from the response of a GetQueryResults operation. In that response, - // the value of the @ptr field for a log event is the value to use as logRecordPointer - // to retrieve that complete log event record. - // - // LogRecordPointer is a required field - LogRecordPointer *string `locationName:"logRecordPointer" type:"string" required:"true"` +// The query string is not valid. Details about this error are displayed in +// a QueryCompileError object. For more information, see QueryCompileError (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_QueryCompileError.html). +// +// For more information about valid query syntax, see CloudWatch Logs Insights +// Query Syntax (https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CWL_QuerySyntax.html). +type MalformedQueryException struct { + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` - // Specify true to display the log event fields with all sensitive data unmasked - // and visible. The default is false. - // - // To use this operation with this parameter, you must be signed into an account - // with the logs:Unmask permission. - Unmask *bool `locationName:"unmask" type:"boolean"` + Message_ *string `locationName:"message" type:"string"` + + // Reserved. + QueryCompileError *QueryCompileError `locationName:"queryCompileError" type:"structure"` } // String returns the string representation. @@ -8608,7 +16070,7 @@ type GetLogRecordInput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s GetLogRecordInput) String() string { +func (s MalformedQueryException) String() string { return awsutil.Prettify(s) } @@ -8617,40 +16079,72 @@ func (s GetLogRecordInput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s GetLogRecordInput) GoString() string { +func (s MalformedQueryException) GoString() string { return s.String() } -// Validate inspects the fields of the type to determine if they are valid. -func (s *GetLogRecordInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "GetLogRecordInput"} - if s.LogRecordPointer == nil { - invalidParams.Add(request.NewErrParamRequired("LogRecordPointer")) +func newErrorMalformedQueryException(v protocol.ResponseMetadata) error { + return &MalformedQueryException{ + RespMetadata: v, } +} - if invalidParams.Len() > 0 { - return invalidParams +// Code returns the exception type name. +func (s *MalformedQueryException) Code() string { + return "MalformedQueryException" +} + +// Message returns the exception's message. +func (s *MalformedQueryException) Message() string { + if s.Message_ != nil { + return *s.Message_ } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s *MalformedQueryException) OrigErr() error { return nil } -// SetLogRecordPointer sets the LogRecordPointer field's value. -func (s *GetLogRecordInput) SetLogRecordPointer(v string) *GetLogRecordInput { - s.LogRecordPointer = &v - return s +func (s *MalformedQueryException) Error() string { + return fmt.Sprintf("%s: %s\n%s", s.Code(), s.Message(), s.String()) } -// SetUnmask sets the Unmask field's value. -func (s *GetLogRecordInput) SetUnmask(v bool) *GetLogRecordInput { - s.Unmask = &v - return s +// Status code returns the HTTP status code for the request's response error. +func (s *MalformedQueryException) StatusCode() int { + return s.RespMetadata.StatusCode } -type GetLogRecordOutput struct { +// RequestID returns the service's response RequestID for request. +func (s *MalformedQueryException) RequestID() string { + return s.RespMetadata.RequestID +} + +// Metric filters express how CloudWatch Logs would extract metric observations +// from ingested log events and transform them into metric data in a CloudWatch +// metric. +type MetricFilter struct { _ struct{} `type:"structure"` - // The requested log event, as a JSON string. - LogRecord map[string]*string `locationName:"logRecord" type:"map"` + // The creation time of the metric filter, expressed as the number of milliseconds + // after Jan 1, 1970 00:00:00 UTC. + CreationTime *int64 `locationName:"creationTime" type:"long"` + + // The name of the metric filter. + FilterName *string `locationName:"filterName" min:"1" type:"string"` + + // A symbolic description of how CloudWatch Logs should interpret the data in + // each log event. For example, a log event can contain timestamps, IP addresses, + // strings, and so on. You use the filter pattern to specify what to look for + // in the log event message. + FilterPattern *string `locationName:"filterPattern" type:"string"` + + // The name of the log group. + LogGroupName *string `locationName:"logGroupName" min:"1" type:"string"` + + // The metric transformations. + MetricTransformations []*MetricTransformation `locationName:"metricTransformations" min:"1" type:"list"` } // String returns the string representation. @@ -8658,7 +16152,7 @@ type GetLogRecordOutput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s GetLogRecordOutput) String() string { +func (s MetricFilter) String() string { return awsutil.Prettify(s) } @@ -8667,86 +16161,52 @@ func (s GetLogRecordOutput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s GetLogRecordOutput) GoString() string { +func (s MetricFilter) GoString() string { return s.String() } -// SetLogRecord sets the LogRecord field's value. -func (s *GetLogRecordOutput) SetLogRecord(v map[string]*string) *GetLogRecordOutput { - s.LogRecord = v +// SetCreationTime sets the CreationTime field's value. +func (s *MetricFilter) SetCreationTime(v int64) *MetricFilter { + s.CreationTime = &v return s } -type GetQueryResultsInput struct { - _ struct{} `type:"structure"` - - // The ID number of the query. - // - // QueryId is a required field - QueryId *string `locationName:"queryId" type:"string" required:"true"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s GetQueryResultsInput) String() string { - return awsutil.Prettify(s) +// SetFilterName sets the FilterName field's value. +func (s *MetricFilter) SetFilterName(v string) *MetricFilter { + s.FilterName = &v + return s } -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s GetQueryResultsInput) GoString() string { - return s.String() +// SetFilterPattern sets the FilterPattern field's value. +func (s *MetricFilter) SetFilterPattern(v string) *MetricFilter { + s.FilterPattern = &v + return s } -// Validate inspects the fields of the type to determine if they are valid. -func (s *GetQueryResultsInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "GetQueryResultsInput"} - if s.QueryId == nil { - invalidParams.Add(request.NewErrParamRequired("QueryId")) - } - - if invalidParams.Len() > 0 { - return invalidParams - } - return nil +// SetLogGroupName sets the LogGroupName field's value. +func (s *MetricFilter) SetLogGroupName(v string) *MetricFilter { + s.LogGroupName = &v + return s } -// SetQueryId sets the QueryId field's value. -func (s *GetQueryResultsInput) SetQueryId(v string) *GetQueryResultsInput { - s.QueryId = &v +// SetMetricTransformations sets the MetricTransformations field's value. +func (s *MetricFilter) SetMetricTransformations(v []*MetricTransformation) *MetricFilter { + s.MetricTransformations = v return s } -type GetQueryResultsOutput struct { +// Represents a matched event. +type MetricFilterMatchRecord struct { _ struct{} `type:"structure"` - // The log events that matched the query criteria during the most recent time - // it ran. - // - // The results value is an array of arrays. Each log event is one object in - // the top-level array. Each of these log event objects is an array of field/value - // pairs. - Results [][]*ResultField `locationName:"results" type:"list"` + // The raw event data. + EventMessage *string `locationName:"eventMessage" min:"1" type:"string"` - // Includes the number of log events scanned by the query, the number of log - // events that matched the query criteria, and the total number of bytes in - // the log events that were scanned. These values reflect the full raw results - // of the query. - Statistics *QueryStatistics `locationName:"statistics" type:"structure"` + // The event number. + EventNumber *int64 `locationName:"eventNumber" type:"long"` - // The status of the most recent running of the query. Possible values are Cancelled, - // Complete, Failed, Running, Scheduled, Timeout, and Unknown. - // - // Queries time out after 15 minutes of runtime. To avoid having your queries - // time out, reduce the time range being searched or partition your query into - // a number of queries. - Status *string `locationName:"status" type:"string" enum:"QueryStatus"` + // The values extracted from the event data by the filter. + ExtractedValues map[string]*string `locationName:"extractedValues" type:"map"` } // String returns the string representation. @@ -8754,7 +16214,7 @@ type GetQueryResultsOutput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s GetQueryResultsOutput) String() string { +func (s MetricFilterMatchRecord) String() string { return awsutil.Prettify(s) } @@ -8763,43 +16223,74 @@ func (s GetQueryResultsOutput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s GetQueryResultsOutput) GoString() string { +func (s MetricFilterMatchRecord) GoString() string { return s.String() } -// SetResults sets the Results field's value. -func (s *GetQueryResultsOutput) SetResults(v [][]*ResultField) *GetQueryResultsOutput { - s.Results = v +// SetEventMessage sets the EventMessage field's value. +func (s *MetricFilterMatchRecord) SetEventMessage(v string) *MetricFilterMatchRecord { + s.EventMessage = &v return s } -// SetStatistics sets the Statistics field's value. -func (s *GetQueryResultsOutput) SetStatistics(v *QueryStatistics) *GetQueryResultsOutput { - s.Statistics = v +// SetEventNumber sets the EventNumber field's value. +func (s *MetricFilterMatchRecord) SetEventNumber(v int64) *MetricFilterMatchRecord { + s.EventNumber = &v return s } -// SetStatus sets the Status field's value. -func (s *GetQueryResultsOutput) SetStatus(v string) *GetQueryResultsOutput { - s.Status = &v +// SetExtractedValues sets the ExtractedValues field's value. +func (s *MetricFilterMatchRecord) SetExtractedValues(v map[string]*string) *MetricFilterMatchRecord { + s.ExtractedValues = v return s } -// Represents a log event, which is a record of activity that was recorded by -// the application or resource being monitored. -type InputLogEvent struct { +// Indicates how to transform ingested log events to metric data in a CloudWatch +// metric. +type MetricTransformation struct { _ struct{} `type:"structure"` - // The raw event message. + // (Optional) The value to emit when a filter pattern does not match a log event. + // This value can be null. + DefaultValue *float64 `locationName:"defaultValue" type:"double"` + + // The fields to use as dimensions for the metric. One metric filter can include + // as many as three dimensions. // - // Message is a required field - Message *string `locationName:"message" min:"1" type:"string" required:"true"` + // Metrics extracted from log events are charged as custom metrics. To prevent + // unexpected high charges, do not specify high-cardinality fields such as IPAddress + // or requestID as dimensions. Each different value found for a dimension is + // treated as a separate metric and accrues charges as a separate custom metric. + // + // CloudWatch Logs disables a metric filter if it generates 1000 different name/value + // pairs for your specified dimensions within a certain amount of time. This + // helps to prevent accidental high charges. + // + // You can also set up a billing alarm to alert you if your charges are higher + // than expected. For more information, see Creating a Billing Alarm to Monitor + // Your Estimated Amazon Web Services Charges (https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/monitor_estimated_charges_with_cloudwatch.html). + Dimensions map[string]*string `locationName:"dimensions" type:"map"` - // The time the event occurred, expressed as the number of milliseconds after - // Jan 1, 1970 00:00:00 UTC. + // The name of the CloudWatch metric. // - // Timestamp is a required field - Timestamp *int64 `locationName:"timestamp" type:"long" required:"true"` + // MetricName is a required field + MetricName *string `locationName:"metricName" type:"string" required:"true"` + + // A custom namespace to contain your metric in CloudWatch. Use namespaces to + // group together metrics that are similar. For more information, see Namespaces + // (https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/cloudwatch_concepts.html#Namespace). + // + // MetricNamespace is a required field + MetricNamespace *string `locationName:"metricNamespace" type:"string" required:"true"` + + // The value to publish to the CloudWatch metric when a filter pattern matches + // a log event. + // + // MetricValue is a required field + MetricValue *string `locationName:"metricValue" type:"string" required:"true"` + + // The unit to assign to the metric. If you omit this, the unit is set as None. + Unit *string `locationName:"unit" type:"string" enum:"StandardUnit"` } // String returns the string representation. @@ -8807,7 +16298,7 @@ type InputLogEvent struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s InputLogEvent) String() string { +func (s MetricTransformation) String() string { return awsutil.Prettify(s) } @@ -8816,21 +16307,21 @@ func (s InputLogEvent) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s InputLogEvent) GoString() string { +func (s MetricTransformation) GoString() string { return s.String() } // Validate inspects the fields of the type to determine if they are valid. -func (s *InputLogEvent) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "InputLogEvent"} - if s.Message == nil { - invalidParams.Add(request.NewErrParamRequired("Message")) +func (s *MetricTransformation) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "MetricTransformation"} + if s.MetricName == nil { + invalidParams.Add(request.NewErrParamRequired("MetricName")) } - if s.Message != nil && len(*s.Message) < 1 { - invalidParams.Add(request.NewErrParamMinLen("Message", 1)) + if s.MetricNamespace == nil { + invalidParams.Add(request.NewErrParamRequired("MetricNamespace")) } - if s.Timestamp == nil { - invalidParams.Add(request.NewErrParamRequired("Timestamp")) + if s.MetricValue == nil { + invalidParams.Add(request.NewErrParamRequired("MetricValue")) } if invalidParams.Len() > 0 { @@ -8839,20 +16330,44 @@ func (s *InputLogEvent) Validate() error { return nil } -// SetMessage sets the Message field's value. -func (s *InputLogEvent) SetMessage(v string) *InputLogEvent { - s.Message = &v +// SetDefaultValue sets the DefaultValue field's value. +func (s *MetricTransformation) SetDefaultValue(v float64) *MetricTransformation { + s.DefaultValue = &v return s } -// SetTimestamp sets the Timestamp field's value. -func (s *InputLogEvent) SetTimestamp(v int64) *InputLogEvent { - s.Timestamp = &v +// SetDimensions sets the Dimensions field's value. +func (s *MetricTransformation) SetDimensions(v map[string]*string) *MetricTransformation { + s.Dimensions = v return s } -// The operation is not valid on the specified resource. -type InvalidOperationException struct { +// SetMetricName sets the MetricName field's value. +func (s *MetricTransformation) SetMetricName(v string) *MetricTransformation { + s.MetricName = &v + return s +} + +// SetMetricNamespace sets the MetricNamespace field's value. +func (s *MetricTransformation) SetMetricNamespace(v string) *MetricTransformation { + s.MetricNamespace = &v + return s +} + +// SetMetricValue sets the MetricValue field's value. +func (s *MetricTransformation) SetMetricValue(v string) *MetricTransformation { + s.MetricValue = &v + return s +} + +// SetUnit sets the Unit field's value. +func (s *MetricTransformation) SetUnit(v string) *MetricTransformation { + s.Unit = &v + return s +} + +// Multiple concurrent requests to update the same resource were in conflict. +type OperationAbortedException struct { _ struct{} `type:"structure"` RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` @@ -8864,7 +16379,7 @@ type InvalidOperationException struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s InvalidOperationException) String() string { +func (s OperationAbortedException) String() string { return awsutil.Prettify(s) } @@ -8873,23 +16388,23 @@ func (s InvalidOperationException) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s InvalidOperationException) GoString() string { +func (s OperationAbortedException) GoString() string { return s.String() } -func newErrorInvalidOperationException(v protocol.ResponseMetadata) error { - return &InvalidOperationException{ +func newErrorOperationAbortedException(v protocol.ResponseMetadata) error { + return &OperationAbortedException{ RespMetadata: v, } } // Code returns the exception type name. -func (s *InvalidOperationException) Code() string { - return "InvalidOperationException" +func (s *OperationAbortedException) Code() string { + return "OperationAbortedException" } // Message returns the exception's message. -func (s *InvalidOperationException) Message() string { +func (s *OperationAbortedException) Message() string { if s.Message_ != nil { return *s.Message_ } @@ -8897,30 +16412,38 @@ func (s *InvalidOperationException) Message() string { } // OrigErr always returns nil, satisfies awserr.Error interface. -func (s *InvalidOperationException) OrigErr() error { +func (s *OperationAbortedException) OrigErr() error { return nil } -func (s *InvalidOperationException) Error() string { +func (s *OperationAbortedException) Error() string { return fmt.Sprintf("%s: %s", s.Code(), s.Message()) } // Status code returns the HTTP status code for the request's response error. -func (s *InvalidOperationException) StatusCode() int { +func (s *OperationAbortedException) StatusCode() int { return s.RespMetadata.StatusCode } // RequestID returns the service's response RequestID for request. -func (s *InvalidOperationException) RequestID() string { +func (s *OperationAbortedException) RequestID() string { return s.RespMetadata.RequestID } -// A parameter is specified incorrectly. -type InvalidParameterException struct { - _ struct{} `type:"structure"` - RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` +// Represents a log event. +type OutputLogEvent struct { + _ struct{} `type:"structure"` - Message_ *string `locationName:"message" type:"string"` + // The time the event was ingested, expressed as the number of milliseconds + // after Jan 1, 1970 00:00:00 UTC. + IngestionTime *int64 `locationName:"ingestionTime" type:"long"` + + // The data contained in the log event. + Message *string `locationName:"message" min:"1" type:"string"` + + // The time the event occurred, expressed as the number of milliseconds after + // Jan 1, 1970 00:00:00 UTC. + Timestamp *int64 `locationName:"timestamp" type:"long"` } // String returns the string representation. @@ -8928,7 +16451,7 @@ type InvalidParameterException struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s InvalidParameterException) String() string { +func (s OutputLogEvent) String() string { return awsutil.Prettify(s) } @@ -8937,60 +16460,101 @@ func (s InvalidParameterException) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s InvalidParameterException) GoString() string { +func (s OutputLogEvent) GoString() string { return s.String() } -func newErrorInvalidParameterException(v protocol.ResponseMetadata) error { - return &InvalidParameterException{ - RespMetadata: v, - } +// SetIngestionTime sets the IngestionTime field's value. +func (s *OutputLogEvent) SetIngestionTime(v int64) *OutputLogEvent { + s.IngestionTime = &v + return s } -// Code returns the exception type name. -func (s *InvalidParameterException) Code() string { - return "InvalidParameterException" +// SetMessage sets the Message field's value. +func (s *OutputLogEvent) SetMessage(v string) *OutputLogEvent { + s.Message = &v + return s } -// Message returns the exception's message. -func (s *InvalidParameterException) Message() string { - if s.Message_ != nil { - return *s.Message_ - } - return "" +// SetTimestamp sets the Timestamp field's value. +func (s *OutputLogEvent) SetTimestamp(v int64) *OutputLogEvent { + s.Timestamp = &v + return s } -// OrigErr always returns nil, satisfies awserr.Error interface. -func (s *InvalidParameterException) OrigErr() error { - return nil +// A tructures that contains information about one pattern token related to +// an anomaly. +// +// For more information about patterns and tokens, see CreateLogAnomalyDetector +// (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_CreateLogAnomalyDetector.html). +type PatternToken struct { + _ struct{} `type:"structure"` + + // For a dynamic token, this indicates where in the pattern that this token + // appears, related to other dynamic tokens. The dynamic token that appears + // first has a value of 1, the one that appears second is 2, and so on. + DynamicTokenPosition *int64 `locationName:"dynamicTokenPosition" type:"integer"` + + // Contains the values found for a dynamic token, and the number of times each + // value was found. + Enumerations map[string]*int64 `locationName:"enumerations" type:"map"` + + // Specifies whether this is a dynamic token. + IsDynamic *bool `locationName:"isDynamic" type:"boolean"` + + // The string represented by this token. If this is a dynamic token, the value + // will be <*> + TokenString *string `locationName:"tokenString" min:"1" type:"string"` } -func (s *InvalidParameterException) Error() string { - return fmt.Sprintf("%s: %s", s.Code(), s.Message()) +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s PatternToken) String() string { + return awsutil.Prettify(s) } -// Status code returns the HTTP status code for the request's response error. -func (s *InvalidParameterException) StatusCode() int { - return s.RespMetadata.StatusCode +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s PatternToken) GoString() string { + return s.String() } -// RequestID returns the service's response RequestID for request. -func (s *InvalidParameterException) RequestID() string { - return s.RespMetadata.RequestID +// SetDynamicTokenPosition sets the DynamicTokenPosition field's value. +func (s *PatternToken) SetDynamicTokenPosition(v int64) *PatternToken { + s.DynamicTokenPosition = &v + return s } -// The sequence token is not valid. You can get the correct sequence token in -// the expectedSequenceToken field in the InvalidSequenceTokenException message. -// -// PutLogEvents actions are now always accepted and never return InvalidSequenceTokenException -// regardless of receiving an invalid sequence token. -type InvalidSequenceTokenException struct { - _ struct{} `type:"structure"` - RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` +// SetEnumerations sets the Enumerations field's value. +func (s *PatternToken) SetEnumerations(v map[string]*int64) *PatternToken { + s.Enumerations = v + return s +} - ExpectedSequenceToken *string `locationName:"expectedSequenceToken" min:"1" type:"string"` +// SetIsDynamic sets the IsDynamic field's value. +func (s *PatternToken) SetIsDynamic(v bool) *PatternToken { + s.IsDynamic = &v + return s +} - Message_ *string `locationName:"message" type:"string"` +// SetTokenString sets the TokenString field's value. +func (s *PatternToken) SetTokenString(v string) *PatternToken { + s.TokenString = &v + return s +} + +// A structure that contains information about one delivery destination policy. +type Policy struct { + _ struct{} `type:"structure"` + + // The contents of the delivery destination policy. + DeliveryDestinationPolicy *string `locationName:"deliveryDestinationPolicy" min:"1" type:"string"` } // String returns the string representation. @@ -8998,7 +16562,7 @@ type InvalidSequenceTokenException struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s InvalidSequenceTokenException) String() string { +func (s Policy) String() string { return awsutil.Prettify(s) } @@ -9007,54 +16571,185 @@ func (s InvalidSequenceTokenException) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s InvalidSequenceTokenException) GoString() string { +func (s Policy) GoString() string { return s.String() } -func newErrorInvalidSequenceTokenException(v protocol.ResponseMetadata) error { - return &InvalidSequenceTokenException{ - RespMetadata: v, - } +// SetDeliveryDestinationPolicy sets the DeliveryDestinationPolicy field's value. +func (s *Policy) SetDeliveryDestinationPolicy(v string) *Policy { + s.DeliveryDestinationPolicy = &v + return s } -// Code returns the exception type name. -func (s *InvalidSequenceTokenException) Code() string { - return "InvalidSequenceTokenException" +type PutAccountPolicyInput struct { + _ struct{} `type:"structure"` + + // Specify the policy, in JSON. + // + // Data protection policy + // + // A data protection policy must include two JSON blocks: + // + // * The first block must include both a DataIdentifer array and an Operation + // property with an Audit action. The DataIdentifer array lists the types + // of sensitive data that you want to mask. For more information about the + // available options, see Types of data that you can mask (https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/mask-sensitive-log-data-types.html). + // The Operation property with an Audit action is required to find the sensitive + // data terms. This Audit action must contain a FindingsDestination object. + // You can optionally use that FindingsDestination object to list one or + // more destinations to send audit findings to. If you specify destinations + // such as log groups, Firehose streams, and S3 buckets, they must already + // exist. + // + // * The second block must include both a DataIdentifer array and an Operation + // property with an Deidentify action. The DataIdentifer array must exactly + // match the DataIdentifer array in the first block of the policy. The Operation + // property with the Deidentify action is what actually masks the data, and + // it must contain the "MaskConfig": {} object. The "MaskConfig": {} object + // must be empty. + // + // For an example data protection policy, see the Examples section on this page. + // + // The contents of the two DataIdentifer arrays must match exactly. + // + // In addition to the two JSON blocks, the policyDocument can also include Name, + // Description, and Version fields. The Name is different than the operation's + // policyName parameter, and is used as a dimension when CloudWatch Logs reports + // audit findings metrics to CloudWatch. + // + // The JSON specified in policyDocument can be up to 30,720 characters long. + // + // Subscription filter policy + // + // A subscription filter policy can include the following attributes in a JSON + // block: + // + // * DestinationArn The ARN of the destination to deliver log events to. + // Supported destinations are: An Kinesis Data Streams data stream in the + // same account as the subscription policy, for same-account delivery. An + // Firehose data stream in the same account as the subscription policy, for + // same-account delivery. A Lambda function in the same account as the subscription + // policy, for same-account delivery. A logical destination in a different + // account created with PutDestination (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutDestination.html), + // for cross-account delivery. Kinesis Data Streams and Firehose are supported + // as logical destinations. + // + // * RoleArn The ARN of an IAM role that grants CloudWatch Logs permissions + // to deliver ingested log events to the destination stream. You don't need + // to provide the ARN when you are working with a logical destination for + // cross-account delivery. + // + // * FilterPattern A filter pattern for subscribing to a filtered stream + // of log events. + // + // * DistributionThe method used to distribute log data to the destination. + // By default, log data is grouped by log stream, but the grouping can be + // set to Random for a more even distribution. This property is only applicable + // when the destination is an Kinesis Data Streams data stream. + // + // PolicyDocument is a required field + PolicyDocument *string `locationName:"policyDocument" type:"string" required:"true"` + + // A name for the policy. This must be unique within the account. + // + // PolicyName is a required field + PolicyName *string `locationName:"policyName" type:"string" required:"true"` + + // The type of policy that you're creating or updating. + // + // PolicyType is a required field + PolicyType *string `locationName:"policyType" type:"string" required:"true" enum:"PolicyType"` + + // Currently the only valid value for this parameter is ALL, which specifies + // that the data protection policy applies to all log groups in the account. + // If you omit this parameter, the default of ALL is used. + Scope *string `locationName:"scope" type:"string" enum:"Scope"` + + // Use this parameter to apply the subscription filter policy to a subset of + // log groups in the account. Currently, the only supported filter is LogGroupName + // NOT IN []. The selectionCriteria string can be up to 25KB in length. The + // length is determined by using its UTF-8 bytes. + // + // Using the selectionCriteria parameter is useful to help prevent infinite + // loops. For more information, see Log recursion prevention (https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/Subscriptions-recursion-prevention.html). + // + // Specifing selectionCriteria is valid only when you specify SUBSCRIPTION_FILTER_POLICY + // for policyType. + SelectionCriteria *string `locationName:"selectionCriteria" type:"string"` } -// Message returns the exception's message. -func (s *InvalidSequenceTokenException) Message() string { - if s.Message_ != nil { - return *s.Message_ - } - return "" +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s PutAccountPolicyInput) String() string { + return awsutil.Prettify(s) } -// OrigErr always returns nil, satisfies awserr.Error interface. -func (s *InvalidSequenceTokenException) OrigErr() error { +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s PutAccountPolicyInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *PutAccountPolicyInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "PutAccountPolicyInput"} + if s.PolicyDocument == nil { + invalidParams.Add(request.NewErrParamRequired("PolicyDocument")) + } + if s.PolicyName == nil { + invalidParams.Add(request.NewErrParamRequired("PolicyName")) + } + if s.PolicyType == nil { + invalidParams.Add(request.NewErrParamRequired("PolicyType")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } return nil } -func (s *InvalidSequenceTokenException) Error() string { - return fmt.Sprintf("%s: %s\n%s", s.Code(), s.Message(), s.String()) +// SetPolicyDocument sets the PolicyDocument field's value. +func (s *PutAccountPolicyInput) SetPolicyDocument(v string) *PutAccountPolicyInput { + s.PolicyDocument = &v + return s +} + +// SetPolicyName sets the PolicyName field's value. +func (s *PutAccountPolicyInput) SetPolicyName(v string) *PutAccountPolicyInput { + s.PolicyName = &v + return s +} + +// SetPolicyType sets the PolicyType field's value. +func (s *PutAccountPolicyInput) SetPolicyType(v string) *PutAccountPolicyInput { + s.PolicyType = &v + return s } -// Status code returns the HTTP status code for the request's response error. -func (s *InvalidSequenceTokenException) StatusCode() int { - return s.RespMetadata.StatusCode +// SetScope sets the Scope field's value. +func (s *PutAccountPolicyInput) SetScope(v string) *PutAccountPolicyInput { + s.Scope = &v + return s } -// RequestID returns the service's response RequestID for request. -func (s *InvalidSequenceTokenException) RequestID() string { - return s.RespMetadata.RequestID +// SetSelectionCriteria sets the SelectionCriteria field's value. +func (s *PutAccountPolicyInput) SetSelectionCriteria(v string) *PutAccountPolicyInput { + s.SelectionCriteria = &v + return s } -// You have reached the maximum number of resources that can be created. -type LimitExceededException struct { - _ struct{} `type:"structure"` - RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` +type PutAccountPolicyOutput struct { + _ struct{} `type:"structure"` - Message_ *string `locationName:"message" type:"string"` + // The account policy that you created. + AccountPolicy *AccountPolicy `locationName:"accountPolicy" type:"structure"` } // String returns the string representation. @@ -9062,7 +16757,7 @@ type LimitExceededException struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s LimitExceededException) String() string { +func (s PutAccountPolicyOutput) String() string { return awsutil.Prettify(s) } @@ -9071,62 +16766,58 @@ func (s LimitExceededException) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s LimitExceededException) GoString() string { +func (s PutAccountPolicyOutput) GoString() string { return s.String() } -func newErrorLimitExceededException(v protocol.ResponseMetadata) error { - return &LimitExceededException{ - RespMetadata: v, - } -} - -// Code returns the exception type name. -func (s *LimitExceededException) Code() string { - return "LimitExceededException" -} - -// Message returns the exception's message. -func (s *LimitExceededException) Message() string { - if s.Message_ != nil { - return *s.Message_ - } - return "" -} - -// OrigErr always returns nil, satisfies awserr.Error interface. -func (s *LimitExceededException) OrigErr() error { - return nil -} - -func (s *LimitExceededException) Error() string { - return fmt.Sprintf("%s: %s", s.Code(), s.Message()) -} - -// Status code returns the HTTP status code for the request's response error. -func (s *LimitExceededException) StatusCode() int { - return s.RespMetadata.StatusCode -} - -// RequestID returns the service's response RequestID for request. -func (s *LimitExceededException) RequestID() string { - return s.RespMetadata.RequestID +// SetAccountPolicy sets the AccountPolicy field's value. +func (s *PutAccountPolicyOutput) SetAccountPolicy(v *AccountPolicy) *PutAccountPolicyOutput { + s.AccountPolicy = v + return s } -type ListTagsForResourceInput struct { +type PutDataProtectionPolicyInput struct { _ struct{} `type:"structure"` - // The ARN of the resource that you want to view tags for. + // Specify either the log group name or log group ARN. // - // The ARN format of a log group is arn:aws:logs:Region:account-id:log-group:log-group-name + // LogGroupIdentifier is a required field + LogGroupIdentifier *string `locationName:"logGroupIdentifier" min:"1" type:"string" required:"true"` + + // Specify the data protection policy, in JSON. // - // The ARN format of a destination is arn:aws:logs:Region:account-id:destination:destination-name + // This policy must include two JSON blocks: // - // For more information about ARN format, see CloudWatch Logs resources and - // operations (https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/iam-access-control-overview-cwl.html). + // * The first block must include both a DataIdentifer array and an Operation + // property with an Audit action. The DataIdentifer array lists the types + // of sensitive data that you want to mask. For more information about the + // available options, see Types of data that you can mask (https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/mask-sensitive-log-data-types.html). + // The Operation property with an Audit action is required to find the sensitive + // data terms. This Audit action must contain a FindingsDestination object. + // You can optionally use that FindingsDestination object to list one or + // more destinations to send audit findings to. If you specify destinations + // such as log groups, Firehose streams, and S3 buckets, they must already + // exist. // - // ResourceArn is a required field - ResourceArn *string `locationName:"resourceArn" min:"1" type:"string" required:"true"` + // * The second block must include both a DataIdentifer array and an Operation + // property with an Deidentify action. The DataIdentifer array must exactly + // match the DataIdentifer array in the first block of the policy. The Operation + // property with the Deidentify action is what actually masks the data, and + // it must contain the "MaskConfig": {} object. The "MaskConfig": {} object + // must be empty. + // + // For an example data protection policy, see the Examples section on this page. + // + // The contents of the two DataIdentifer arrays must match exactly. + // + // In addition to the two JSON blocks, the policyDocument can also include Name, + // Description, and Version fields. The Name is used as a dimension when CloudWatch + // Logs reports audit findings metrics to CloudWatch. + // + // The JSON specified in policyDocument can be up to 30,720 characters. + // + // PolicyDocument is a required field + PolicyDocument *string `locationName:"policyDocument" type:"string" required:"true"` } // String returns the string representation. @@ -9134,7 +16825,7 @@ type ListTagsForResourceInput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s ListTagsForResourceInput) String() string { +func (s PutDataProtectionPolicyInput) String() string { return awsutil.Prettify(s) } @@ -9143,18 +16834,21 @@ func (s ListTagsForResourceInput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s ListTagsForResourceInput) GoString() string { +func (s PutDataProtectionPolicyInput) GoString() string { return s.String() } // Validate inspects the fields of the type to determine if they are valid. -func (s *ListTagsForResourceInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "ListTagsForResourceInput"} - if s.ResourceArn == nil { - invalidParams.Add(request.NewErrParamRequired("ResourceArn")) +func (s *PutDataProtectionPolicyInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "PutDataProtectionPolicyInput"} + if s.LogGroupIdentifier == nil { + invalidParams.Add(request.NewErrParamRequired("LogGroupIdentifier")) } - if s.ResourceArn != nil && len(*s.ResourceArn) < 1 { - invalidParams.Add(request.NewErrParamMinLen("ResourceArn", 1)) + if s.LogGroupIdentifier != nil && len(*s.LogGroupIdentifier) < 1 { + invalidParams.Add(request.NewErrParamMinLen("LogGroupIdentifier", 1)) + } + if s.PolicyDocument == nil { + invalidParams.Add(request.NewErrParamRequired("PolicyDocument")) } if invalidParams.Len() > 0 { @@ -9163,17 +16857,29 @@ func (s *ListTagsForResourceInput) Validate() error { return nil } -// SetResourceArn sets the ResourceArn field's value. -func (s *ListTagsForResourceInput) SetResourceArn(v string) *ListTagsForResourceInput { - s.ResourceArn = &v +// SetLogGroupIdentifier sets the LogGroupIdentifier field's value. +func (s *PutDataProtectionPolicyInput) SetLogGroupIdentifier(v string) *PutDataProtectionPolicyInput { + s.LogGroupIdentifier = &v return s } -type ListTagsForResourceOutput struct { +// SetPolicyDocument sets the PolicyDocument field's value. +func (s *PutDataProtectionPolicyInput) SetPolicyDocument(v string) *PutDataProtectionPolicyInput { + s.PolicyDocument = &v + return s +} + +type PutDataProtectionPolicyOutput struct { _ struct{} `type:"structure"` - // The list of tags associated with the requested resource.> - Tags map[string]*string `locationName:"tags" min:"1" type:"map"` + // The date and time that this policy was most recently updated. + LastUpdatedTime *int64 `locationName:"lastUpdatedTime" type:"long"` + + // The log group name or ARN that you specified in your request. + LogGroupIdentifier *string `locationName:"logGroupIdentifier" min:"1" type:"string"` + + // The data protection policy used for this log group. + PolicyDocument *string `locationName:"policyDocument" type:"string"` } // String returns the string representation. @@ -9181,7 +16887,7 @@ type ListTagsForResourceOutput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s ListTagsForResourceOutput) String() string { +func (s PutDataProtectionPolicyOutput) String() string { return awsutil.Prettify(s) } @@ -9190,24 +16896,51 @@ func (s ListTagsForResourceOutput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s ListTagsForResourceOutput) GoString() string { +func (s PutDataProtectionPolicyOutput) GoString() string { return s.String() } -// SetTags sets the Tags field's value. -func (s *ListTagsForResourceOutput) SetTags(v map[string]*string) *ListTagsForResourceOutput { - s.Tags = v +// SetLastUpdatedTime sets the LastUpdatedTime field's value. +func (s *PutDataProtectionPolicyOutput) SetLastUpdatedTime(v int64) *PutDataProtectionPolicyOutput { + s.LastUpdatedTime = &v return s } -// Deprecated: Please use the generic tagging API model ListTagsForResourceRequest and ListTagsForResourceResponse -type ListTagsLogGroupInput struct { - _ struct{} `deprecated:"true" type:"structure"` +// SetLogGroupIdentifier sets the LogGroupIdentifier field's value. +func (s *PutDataProtectionPolicyOutput) SetLogGroupIdentifier(v string) *PutDataProtectionPolicyOutput { + s.LogGroupIdentifier = &v + return s +} - // The name of the log group. +// SetPolicyDocument sets the PolicyDocument field's value. +func (s *PutDataProtectionPolicyOutput) SetPolicyDocument(v string) *PutDataProtectionPolicyOutput { + s.PolicyDocument = &v + return s +} + +type PutDeliveryDestinationInput struct { + _ struct{} `type:"structure"` + + // A structure that contains the ARN of the Amazon Web Services resource that + // will receive the logs. // - // LogGroupName is a required field - LogGroupName *string `locationName:"logGroupName" min:"1" type:"string" required:"true"` + // DeliveryDestinationConfiguration is a required field + DeliveryDestinationConfiguration *DeliveryDestinationConfiguration `locationName:"deliveryDestinationConfiguration" type:"structure" required:"true"` + + // A name for this delivery destination. This name must be unique for all delivery + // destinations in your account. + // + // Name is a required field + Name *string `locationName:"name" min:"1" type:"string" required:"true"` + + // The format for the logs that this delivery destination will receive. + OutputFormat *string `locationName:"outputFormat" type:"string" enum:"OutputFormat"` + + // An optional list of key-value pairs to associate with the resource. + // + // For more information about tagging, see Tagging Amazon Web Services resources + // (https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) + Tags map[string]*string `locationName:"tags" min:"1" type:"map"` } // String returns the string representation. @@ -9215,7 +16948,7 @@ type ListTagsLogGroupInput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s ListTagsLogGroupInput) String() string { +func (s PutDeliveryDestinationInput) String() string { return awsutil.Prettify(s) } @@ -9224,18 +16957,29 @@ func (s ListTagsLogGroupInput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s ListTagsLogGroupInput) GoString() string { +func (s PutDeliveryDestinationInput) GoString() string { return s.String() } // Validate inspects the fields of the type to determine if they are valid. -func (s *ListTagsLogGroupInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "ListTagsLogGroupInput"} - if s.LogGroupName == nil { - invalidParams.Add(request.NewErrParamRequired("LogGroupName")) +func (s *PutDeliveryDestinationInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "PutDeliveryDestinationInput"} + if s.DeliveryDestinationConfiguration == nil { + invalidParams.Add(request.NewErrParamRequired("DeliveryDestinationConfiguration")) } - if s.LogGroupName != nil && len(*s.LogGroupName) < 1 { - invalidParams.Add(request.NewErrParamMinLen("LogGroupName", 1)) + if s.Name == nil { + invalidParams.Add(request.NewErrParamRequired("Name")) + } + if s.Name != nil && len(*s.Name) < 1 { + invalidParams.Add(request.NewErrParamMinLen("Name", 1)) + } + if s.Tags != nil && len(s.Tags) < 1 { + invalidParams.Add(request.NewErrParamMinLen("Tags", 1)) + } + if s.DeliveryDestinationConfiguration != nil { + if err := s.DeliveryDestinationConfiguration.Validate(); err != nil { + invalidParams.AddNested("DeliveryDestinationConfiguration", err.(request.ErrInvalidParams)) + } } if invalidParams.Len() > 0 { @@ -9244,79 +16988,36 @@ func (s *ListTagsLogGroupInput) Validate() error { return nil } -// SetLogGroupName sets the LogGroupName field's value. -func (s *ListTagsLogGroupInput) SetLogGroupName(v string) *ListTagsLogGroupInput { - s.LogGroupName = &v +// SetDeliveryDestinationConfiguration sets the DeliveryDestinationConfiguration field's value. +func (s *PutDeliveryDestinationInput) SetDeliveryDestinationConfiguration(v *DeliveryDestinationConfiguration) *PutDeliveryDestinationInput { + s.DeliveryDestinationConfiguration = v return s } -// Deprecated: Please use the generic tagging API model ListTagsForResourceRequest and ListTagsForResourceResponse -type ListTagsLogGroupOutput struct { - _ struct{} `deprecated:"true" type:"structure"` - - // The tags for the log group. - Tags map[string]*string `locationName:"tags" min:"1" type:"map"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s ListTagsLogGroupOutput) String() string { - return awsutil.Prettify(s) +// SetName sets the Name field's value. +func (s *PutDeliveryDestinationInput) SetName(v string) *PutDeliveryDestinationInput { + s.Name = &v + return s } -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s ListTagsLogGroupOutput) GoString() string { - return s.String() +// SetOutputFormat sets the OutputFormat field's value. +func (s *PutDeliveryDestinationInput) SetOutputFormat(v string) *PutDeliveryDestinationInput { + s.OutputFormat = &v + return s } // SetTags sets the Tags field's value. -func (s *ListTagsLogGroupOutput) SetTags(v map[string]*string) *ListTagsLogGroupOutput { +func (s *PutDeliveryDestinationInput) SetTags(v map[string]*string) *PutDeliveryDestinationInput { s.Tags = v return s } -// Represents a log group. -type LogGroup struct { - _ struct{} `type:"structure"` - - // The Amazon Resource Name (ARN) of the log group. - Arn *string `locationName:"arn" type:"string"` - - // The creation time of the log group, expressed as the number of milliseconds - // after Jan 1, 1970 00:00:00 UTC. - CreationTime *int64 `locationName:"creationTime" type:"long"` - - // Displays whether this log group has a protection policy, or whether it had - // one in the past. For more information, see PutDataProtectionPolicy (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutDataProtectionPolicy.html). - DataProtectionStatus *string `locationName:"dataProtectionStatus" type:"string" enum:"DataProtectionStatus"` - - // The Amazon Resource Name (ARN) of the KMS key to use when encrypting log - // data. - KmsKeyId *string `locationName:"kmsKeyId" type:"string"` - - // The name of the log group. - LogGroupName *string `locationName:"logGroupName" min:"1" type:"string"` - - // The number of metric filters. - MetricFilterCount *int64 `locationName:"metricFilterCount" type:"integer"` - - // The number of days to retain the log events in the specified log group. Possible - // values are: 1, 3, 5, 7, 14, 30, 60, 90, 120, 150, 180, 365, 400, 545, 731, - // 1827, 2192, 2557, 2922, 3288, and 3653. - // - // To set a log group so that its log events do not expire, use DeleteRetentionPolicy - // (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_DeleteRetentionPolicy.html). - RetentionInDays *int64 `locationName:"retentionInDays" type:"integer"` +type PutDeliveryDestinationOutput struct { + _ struct{} `type:"structure"` - // The number of bytes stored. - StoredBytes *int64 `locationName:"storedBytes" type:"long"` + // A structure containing information about the delivery destination that you + // just created or updated. + DeliveryDestination *DeliveryDestination `locationName:"deliveryDestination" type:"structure"` } // String returns the string representation. @@ -9324,7 +17025,7 @@ type LogGroup struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s LogGroup) String() string { +func (s PutDeliveryDestinationOutput) String() string { return awsutil.Prettify(s) } @@ -9333,68 +17034,87 @@ func (s LogGroup) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s LogGroup) GoString() string { +func (s PutDeliveryDestinationOutput) GoString() string { return s.String() } -// SetArn sets the Arn field's value. -func (s *LogGroup) SetArn(v string) *LogGroup { - s.Arn = &v +// SetDeliveryDestination sets the DeliveryDestination field's value. +func (s *PutDeliveryDestinationOutput) SetDeliveryDestination(v *DeliveryDestination) *PutDeliveryDestinationOutput { + s.DeliveryDestination = v return s } -// SetCreationTime sets the CreationTime field's value. -func (s *LogGroup) SetCreationTime(v int64) *LogGroup { - s.CreationTime = &v - return s -} +type PutDeliveryDestinationPolicyInput struct { + _ struct{} `type:"structure"` -// SetDataProtectionStatus sets the DataProtectionStatus field's value. -func (s *LogGroup) SetDataProtectionStatus(v string) *LogGroup { - s.DataProtectionStatus = &v - return s + // The name of the delivery destination to assign this policy to. + // + // DeliveryDestinationName is a required field + DeliveryDestinationName *string `locationName:"deliveryDestinationName" min:"1" type:"string" required:"true"` + + // The contents of the policy. + // + // DeliveryDestinationPolicy is a required field + DeliveryDestinationPolicy *string `locationName:"deliveryDestinationPolicy" min:"1" type:"string" required:"true"` } -// SetKmsKeyId sets the KmsKeyId field's value. -func (s *LogGroup) SetKmsKeyId(v string) *LogGroup { - s.KmsKeyId = &v - return s +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s PutDeliveryDestinationPolicyInput) String() string { + return awsutil.Prettify(s) } -// SetLogGroupName sets the LogGroupName field's value. -func (s *LogGroup) SetLogGroupName(v string) *LogGroup { - s.LogGroupName = &v - return s +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s PutDeliveryDestinationPolicyInput) GoString() string { + return s.String() } -// SetMetricFilterCount sets the MetricFilterCount field's value. -func (s *LogGroup) SetMetricFilterCount(v int64) *LogGroup { - s.MetricFilterCount = &v - return s +// Validate inspects the fields of the type to determine if they are valid. +func (s *PutDeliveryDestinationPolicyInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "PutDeliveryDestinationPolicyInput"} + if s.DeliveryDestinationName == nil { + invalidParams.Add(request.NewErrParamRequired("DeliveryDestinationName")) + } + if s.DeliveryDestinationName != nil && len(*s.DeliveryDestinationName) < 1 { + invalidParams.Add(request.NewErrParamMinLen("DeliveryDestinationName", 1)) + } + if s.DeliveryDestinationPolicy == nil { + invalidParams.Add(request.NewErrParamRequired("DeliveryDestinationPolicy")) + } + if s.DeliveryDestinationPolicy != nil && len(*s.DeliveryDestinationPolicy) < 1 { + invalidParams.Add(request.NewErrParamMinLen("DeliveryDestinationPolicy", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil } -// SetRetentionInDays sets the RetentionInDays field's value. -func (s *LogGroup) SetRetentionInDays(v int64) *LogGroup { - s.RetentionInDays = &v +// SetDeliveryDestinationName sets the DeliveryDestinationName field's value. +func (s *PutDeliveryDestinationPolicyInput) SetDeliveryDestinationName(v string) *PutDeliveryDestinationPolicyInput { + s.DeliveryDestinationName = &v return s } -// SetStoredBytes sets the StoredBytes field's value. -func (s *LogGroup) SetStoredBytes(v int64) *LogGroup { - s.StoredBytes = &v +// SetDeliveryDestinationPolicy sets the DeliveryDestinationPolicy field's value. +func (s *PutDeliveryDestinationPolicyInput) SetDeliveryDestinationPolicy(v string) *PutDeliveryDestinationPolicyInput { + s.DeliveryDestinationPolicy = &v return s } -// The fields contained in log events found by a GetLogGroupFields operation, -// along with the percentage of queried log events in which each field appears. -type LogGroupField struct { +type PutDeliveryDestinationPolicyOutput struct { _ struct{} `type:"structure"` - // The name of a log field. - Name *string `locationName:"name" type:"string"` - - // The percentage of log events queried that contained the field. - Percent *int64 `locationName:"percent" type:"integer"` + // The contents of the policy that you just created. + Policy *Policy `locationName:"policy" type:"structure"` } // String returns the string representation. @@ -9402,7 +17122,7 @@ type LogGroupField struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s LogGroupField) String() string { +func (s PutDeliveryDestinationPolicyOutput) String() string { return awsutil.Prettify(s) } @@ -9411,69 +17131,48 @@ func (s LogGroupField) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s LogGroupField) GoString() string { +func (s PutDeliveryDestinationPolicyOutput) GoString() string { return s.String() } -// SetName sets the Name field's value. -func (s *LogGroupField) SetName(v string) *LogGroupField { - s.Name = &v - return s -} - -// SetPercent sets the Percent field's value. -func (s *LogGroupField) SetPercent(v int64) *LogGroupField { - s.Percent = &v +// SetPolicy sets the Policy field's value. +func (s *PutDeliveryDestinationPolicyOutput) SetPolicy(v *Policy) *PutDeliveryDestinationPolicyOutput { + s.Policy = v return s } -// Represents a log stream, which is a sequence of log events from a single -// emitter of logs. -type LogStream struct { +type PutDeliverySourceInput struct { _ struct{} `type:"structure"` - // The Amazon Resource Name (ARN) of the log stream. - Arn *string `locationName:"arn" type:"string"` - - // The creation time of the stream, expressed as the number of milliseconds - // after Jan 1, 1970 00:00:00 UTC. - CreationTime *int64 `locationName:"creationTime" type:"long"` - - // The time of the first event, expressed as the number of milliseconds after - // Jan 1, 1970 00:00:00 UTC. - FirstEventTimestamp *int64 `locationName:"firstEventTimestamp" type:"long"` - - // The time of the most recent log event in the log stream in CloudWatch Logs. - // This number is expressed as the number of milliseconds after Jan 1, 1970 - // 00:00:00 UTC. The lastEventTime value updates on an eventual consistency - // basis. It typically updates in less than an hour from ingestion, but in rare - // situations might take longer. - LastEventTimestamp *int64 `locationName:"lastEventTimestamp" type:"long"` - - // The ingestion time, expressed as the number of milliseconds after Jan 1, - // 1970 00:00:00 UTC The lastIngestionTime value updates on an eventual consistency - // basis. It typically updates in less than an hour after ingestion, but in - // rare situations might take longer. - LastIngestionTime *int64 `locationName:"lastIngestionTime" type:"long"` - - // The name of the log stream. - LogStreamName *string `locationName:"logStreamName" min:"1" type:"string"` + // Defines the type of log that the source is sending. + // + // * For Amazon CodeWhisperer, the valid value is EVENT_LOGS. + // + // * For IAM Identity Centerr, the valid value is ERROR_LOGS. + // + // * For Amazon WorkMail, the valid values are ACCESS_CONTROL_LOGS, AUTHENTICATION_LOGS, + // WORKMAIL_AVAILABILITY_PROVIDER_LOGS, and WORKMAIL_MAILBOX_ACCESS_LOGS. + // + // LogType is a required field + LogType *string `locationName:"logType" min:"1" type:"string" required:"true"` - // The number of bytes stored. + // A name for this delivery source. This name must be unique for all delivery + // sources in your account. // - // Important: As of June 17, 2019, this parameter is no longer supported for - // log streams, and is always reported as zero. This change applies only to - // log streams. The storedBytes parameter for log groups is not affected. + // Name is a required field + Name *string `locationName:"name" min:"1" type:"string" required:"true"` + + // The ARN of the Amazon Web Services resource that is generating and sending + // logs. For example, arn:aws:workmail:us-east-1:123456789012:organization/m-1234EXAMPLEabcd1234abcd1234abcd1234 // - // Deprecated: Starting on June 17, 2019, this parameter will be deprecated for log streams, and will be reported as zero. This change applies only to log streams. The storedBytes parameter for log groups is not affected. - StoredBytes *int64 `locationName:"storedBytes" deprecated:"true" type:"long"` + // ResourceArn is a required field + ResourceArn *string `locationName:"resourceArn" type:"string" required:"true"` - // The sequence token. + // An optional list of key-value pairs to associate with the resource. // - // The sequence token is now ignored in PutLogEvents actions. PutLogEvents actions - // are always accepted regardless of receiving an invalid sequence token. You - // don't need to obtain uploadSequenceToken to use a PutLogEvents action. - UploadSequenceToken *string `locationName:"uploadSequenceToken" min:"1" type:"string"` + // For more information about tagging, see Tagging Amazon Web Services resources + // (https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) + Tags map[string]*string `locationName:"tags" min:"1" type:"map"` } // String returns the string representation. @@ -9481,7 +17180,7 @@ type LogStream struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s LogStream) String() string { +func (s PutDeliverySourceInput) String() string { return awsutil.Prettify(s) } @@ -9490,71 +17189,68 @@ func (s LogStream) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s LogStream) GoString() string { +func (s PutDeliverySourceInput) GoString() string { return s.String() } -// SetArn sets the Arn field's value. -func (s *LogStream) SetArn(v string) *LogStream { - s.Arn = &v - return s -} - -// SetCreationTime sets the CreationTime field's value. -func (s *LogStream) SetCreationTime(v int64) *LogStream { - s.CreationTime = &v - return s -} - -// SetFirstEventTimestamp sets the FirstEventTimestamp field's value. -func (s *LogStream) SetFirstEventTimestamp(v int64) *LogStream { - s.FirstEventTimestamp = &v - return s -} +// Validate inspects the fields of the type to determine if they are valid. +func (s *PutDeliverySourceInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "PutDeliverySourceInput"} + if s.LogType == nil { + invalidParams.Add(request.NewErrParamRequired("LogType")) + } + if s.LogType != nil && len(*s.LogType) < 1 { + invalidParams.Add(request.NewErrParamMinLen("LogType", 1)) + } + if s.Name == nil { + invalidParams.Add(request.NewErrParamRequired("Name")) + } + if s.Name != nil && len(*s.Name) < 1 { + invalidParams.Add(request.NewErrParamMinLen("Name", 1)) + } + if s.ResourceArn == nil { + invalidParams.Add(request.NewErrParamRequired("ResourceArn")) + } + if s.Tags != nil && len(s.Tags) < 1 { + invalidParams.Add(request.NewErrParamMinLen("Tags", 1)) + } -// SetLastEventTimestamp sets the LastEventTimestamp field's value. -func (s *LogStream) SetLastEventTimestamp(v int64) *LogStream { - s.LastEventTimestamp = &v - return s + if invalidParams.Len() > 0 { + return invalidParams + } + return nil } -// SetLastIngestionTime sets the LastIngestionTime field's value. -func (s *LogStream) SetLastIngestionTime(v int64) *LogStream { - s.LastIngestionTime = &v +// SetLogType sets the LogType field's value. +func (s *PutDeliverySourceInput) SetLogType(v string) *PutDeliverySourceInput { + s.LogType = &v return s } -// SetLogStreamName sets the LogStreamName field's value. -func (s *LogStream) SetLogStreamName(v string) *LogStream { - s.LogStreamName = &v +// SetName sets the Name field's value. +func (s *PutDeliverySourceInput) SetName(v string) *PutDeliverySourceInput { + s.Name = &v return s } -// SetStoredBytes sets the StoredBytes field's value. -func (s *LogStream) SetStoredBytes(v int64) *LogStream { - s.StoredBytes = &v +// SetResourceArn sets the ResourceArn field's value. +func (s *PutDeliverySourceInput) SetResourceArn(v string) *PutDeliverySourceInput { + s.ResourceArn = &v return s } -// SetUploadSequenceToken sets the UploadSequenceToken field's value. -func (s *LogStream) SetUploadSequenceToken(v string) *LogStream { - s.UploadSequenceToken = &v +// SetTags sets the Tags field's value. +func (s *PutDeliverySourceInput) SetTags(v map[string]*string) *PutDeliverySourceInput { + s.Tags = v return s } -// The query string is not valid. Details about this error are displayed in -// a QueryCompileError object. For more information, see QueryCompileError (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_QueryCompileError.html). -// -// For more information about valid query syntax, see CloudWatch Logs Insights -// Query Syntax (https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CWL_QuerySyntax.html). -type MalformedQueryException struct { - _ struct{} `type:"structure"` - RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` - - Message_ *string `locationName:"message" type:"string"` +type PutDeliverySourceOutput struct { + _ struct{} `type:"structure"` - // Reserved. - QueryCompileError *QueryCompileError `locationName:"queryCompileError" type:"structure"` + // A structure containing information about the delivery source that was just + // created or updated. + DeliverySource *DeliverySource `locationName:"deliverySource" type:"structure"` } // String returns the string representation. @@ -9562,7 +17258,7 @@ type MalformedQueryException struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s MalformedQueryException) String() string { +func (s PutDeliverySourceOutput) String() string { return awsutil.Prettify(s) } @@ -9571,72 +17267,40 @@ func (s MalformedQueryException) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s MalformedQueryException) GoString() string { +func (s PutDeliverySourceOutput) GoString() string { return s.String() } -func newErrorMalformedQueryException(v protocol.ResponseMetadata) error { - return &MalformedQueryException{ - RespMetadata: v, - } -} - -// Code returns the exception type name. -func (s *MalformedQueryException) Code() string { - return "MalformedQueryException" -} - -// Message returns the exception's message. -func (s *MalformedQueryException) Message() string { - if s.Message_ != nil { - return *s.Message_ - } - return "" -} - -// OrigErr always returns nil, satisfies awserr.Error interface. -func (s *MalformedQueryException) OrigErr() error { - return nil -} - -func (s *MalformedQueryException) Error() string { - return fmt.Sprintf("%s: %s\n%s", s.Code(), s.Message(), s.String()) -} - -// Status code returns the HTTP status code for the request's response error. -func (s *MalformedQueryException) StatusCode() int { - return s.RespMetadata.StatusCode -} - -// RequestID returns the service's response RequestID for request. -func (s *MalformedQueryException) RequestID() string { - return s.RespMetadata.RequestID +// SetDeliverySource sets the DeliverySource field's value. +func (s *PutDeliverySourceOutput) SetDeliverySource(v *DeliverySource) *PutDeliverySourceOutput { + s.DeliverySource = v + return s } -// Metric filters express how CloudWatch Logs would extract metric observations -// from ingested log events and transform them into metric data in a CloudWatch -// metric. -type MetricFilter struct { +type PutDestinationInput struct { _ struct{} `type:"structure"` - // The creation time of the metric filter, expressed as the number of milliseconds - // after Jan 1, 1970 00:00:00 UTC. - CreationTime *int64 `locationName:"creationTime" type:"long"` - - // The name of the metric filter. - FilterName *string `locationName:"filterName" min:"1" type:"string"` + // A name for the destination. + // + // DestinationName is a required field + DestinationName *string `locationName:"destinationName" min:"1" type:"string" required:"true"` - // A symbolic description of how CloudWatch Logs should interpret the data in - // each log event. For example, a log event can contain timestamps, IP addresses, - // strings, and so on. You use the filter pattern to specify what to look for - // in the log event message. - FilterPattern *string `locationName:"filterPattern" type:"string"` + // The ARN of an IAM role that grants CloudWatch Logs permissions to call the + // Amazon Kinesis PutRecord operation on the destination stream. + // + // RoleArn is a required field + RoleArn *string `locationName:"roleArn" min:"1" type:"string" required:"true"` - // The name of the log group. - LogGroupName *string `locationName:"logGroupName" min:"1" type:"string"` + // An optional list of key-value pairs to associate with the resource. + // + // For more information about tagging, see Tagging Amazon Web Services resources + // (https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) + Tags map[string]*string `locationName:"tags" min:"1" type:"map"` - // The metric transformations. - MetricTransformations []*MetricTransformation `locationName:"metricTransformations" min:"1" type:"list"` + // The ARN of an Amazon Kinesis stream to which to deliver matching log events. + // + // TargetArn is a required field + TargetArn *string `locationName:"targetArn" min:"1" type:"string" required:"true"` } // String returns the string representation. @@ -9644,7 +17308,7 @@ type MetricFilter struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s MetricFilter) String() string { +func (s PutDestinationInput) String() string { return awsutil.Prettify(s) } @@ -9653,52 +17317,70 @@ func (s MetricFilter) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s MetricFilter) GoString() string { +func (s PutDestinationInput) GoString() string { return s.String() } -// SetCreationTime sets the CreationTime field's value. -func (s *MetricFilter) SetCreationTime(v int64) *MetricFilter { - s.CreationTime = &v - return s +// Validate inspects the fields of the type to determine if they are valid. +func (s *PutDestinationInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "PutDestinationInput"} + if s.DestinationName == nil { + invalidParams.Add(request.NewErrParamRequired("DestinationName")) + } + if s.DestinationName != nil && len(*s.DestinationName) < 1 { + invalidParams.Add(request.NewErrParamMinLen("DestinationName", 1)) + } + if s.RoleArn == nil { + invalidParams.Add(request.NewErrParamRequired("RoleArn")) + } + if s.RoleArn != nil && len(*s.RoleArn) < 1 { + invalidParams.Add(request.NewErrParamMinLen("RoleArn", 1)) + } + if s.Tags != nil && len(s.Tags) < 1 { + invalidParams.Add(request.NewErrParamMinLen("Tags", 1)) + } + if s.TargetArn == nil { + invalidParams.Add(request.NewErrParamRequired("TargetArn")) + } + if s.TargetArn != nil && len(*s.TargetArn) < 1 { + invalidParams.Add(request.NewErrParamMinLen("TargetArn", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil } -// SetFilterName sets the FilterName field's value. -func (s *MetricFilter) SetFilterName(v string) *MetricFilter { - s.FilterName = &v +// SetDestinationName sets the DestinationName field's value. +func (s *PutDestinationInput) SetDestinationName(v string) *PutDestinationInput { + s.DestinationName = &v return s } -// SetFilterPattern sets the FilterPattern field's value. -func (s *MetricFilter) SetFilterPattern(v string) *MetricFilter { - s.FilterPattern = &v +// SetRoleArn sets the RoleArn field's value. +func (s *PutDestinationInput) SetRoleArn(v string) *PutDestinationInput { + s.RoleArn = &v return s } -// SetLogGroupName sets the LogGroupName field's value. -func (s *MetricFilter) SetLogGroupName(v string) *MetricFilter { - s.LogGroupName = &v +// SetTags sets the Tags field's value. +func (s *PutDestinationInput) SetTags(v map[string]*string) *PutDestinationInput { + s.Tags = v return s } -// SetMetricTransformations sets the MetricTransformations field's value. -func (s *MetricFilter) SetMetricTransformations(v []*MetricTransformation) *MetricFilter { - s.MetricTransformations = v +// SetTargetArn sets the TargetArn field's value. +func (s *PutDestinationInput) SetTargetArn(v string) *PutDestinationInput { + s.TargetArn = &v return s } -// Represents a matched event. -type MetricFilterMatchRecord struct { +type PutDestinationOutput struct { _ struct{} `type:"structure"` - // The raw event data. - EventMessage *string `locationName:"eventMessage" min:"1" type:"string"` - - // The event number. - EventNumber *int64 `locationName:"eventNumber" type:"long"` - - // The values extracted from the event data by the filter. - ExtractedValues map[string]*string `locationName:"extractedValues" type:"map"` + // The destination. + Destination *Destination `locationName:"destination" type:"structure"` } // String returns the string representation. @@ -9706,7 +17388,7 @@ type MetricFilterMatchRecord struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s MetricFilterMatchRecord) String() string { +func (s PutDestinationOutput) String() string { return awsutil.Prettify(s) } @@ -9715,74 +17397,41 @@ func (s MetricFilterMatchRecord) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s MetricFilterMatchRecord) GoString() string { +func (s PutDestinationOutput) GoString() string { return s.String() } -// SetEventMessage sets the EventMessage field's value. -func (s *MetricFilterMatchRecord) SetEventMessage(v string) *MetricFilterMatchRecord { - s.EventMessage = &v - return s -} - -// SetEventNumber sets the EventNumber field's value. -func (s *MetricFilterMatchRecord) SetEventNumber(v int64) *MetricFilterMatchRecord { - s.EventNumber = &v - return s -} - -// SetExtractedValues sets the ExtractedValues field's value. -func (s *MetricFilterMatchRecord) SetExtractedValues(v map[string]*string) *MetricFilterMatchRecord { - s.ExtractedValues = v +// SetDestination sets the Destination field's value. +func (s *PutDestinationOutput) SetDestination(v *Destination) *PutDestinationOutput { + s.Destination = v return s } -// Indicates how to transform ingested log events to metric data in a CloudWatch -// metric. -type MetricTransformation struct { +type PutDestinationPolicyInput struct { _ struct{} `type:"structure"` - // (Optional) The value to emit when a filter pattern does not match a log event. - // This value can be null. - DefaultValue *float64 `locationName:"defaultValue" type:"double"` - - // The fields to use as dimensions for the metric. One metric filter can include - // as many as three dimensions. - // - // Metrics extracted from log events are charged as custom metrics. To prevent - // unexpected high charges, do not specify high-cardinality fields such as IPAddress - // or requestID as dimensions. Each different value found for a dimension is - // treated as a separate metric and accrues charges as a separate custom metric. - // - // CloudWatch Logs disables a metric filter if it generates 1000 different name/value - // pairs for your specified dimensions within a certain amount of time. This - // helps to prevent accidental high charges. - // - // You can also set up a billing alarm to alert you if your charges are higher - // than expected. For more information, see Creating a Billing Alarm to Monitor - // Your Estimated Amazon Web Services Charges (https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/monitor_estimated_charges_with_cloudwatch.html). - Dimensions map[string]*string `locationName:"dimensions" type:"map"` - - // The name of the CloudWatch metric. + // An IAM policy document that authorizes cross-account users to deliver their + // log events to the associated destination. This can be up to 5120 bytes. // - // MetricName is a required field - MetricName *string `locationName:"metricName" type:"string" required:"true"` + // AccessPolicy is a required field + AccessPolicy *string `locationName:"accessPolicy" min:"1" type:"string" required:"true"` - // A custom namespace to contain your metric in CloudWatch. Use namespaces to - // group together metrics that are similar. For more information, see Namespaces - // (https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/cloudwatch_concepts.html#Namespace). + // A name for an existing destination. // - // MetricNamespace is a required field - MetricNamespace *string `locationName:"metricNamespace" type:"string" required:"true"` + // DestinationName is a required field + DestinationName *string `locationName:"destinationName" min:"1" type:"string" required:"true"` - // The value to publish to the CloudWatch metric when a filter pattern matches - // a log event. + // Specify true if you are updating an existing destination policy to grant + // permission to an organization ID instead of granting permission to individual + // Amazon Web Services accounts. Before you update a destination policy this + // way, you must first update the subscription filters in the accounts that + // send logs to this destination. If you do not, the subscription filters might + // stop working. By specifying true for forceUpdate, you are affirming that + // you have already updated the subscription filters. For more information, + // see Updating an existing cross-account subscription (https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/Cross-Account-Log_Subscription-Update.html) // - // MetricValue is a required field - MetricValue *string `locationName:"metricValue" type:"string" required:"true"` - - // The unit to assign to the metric. If you omit this, the unit is set as None. - Unit *string `locationName:"unit" type:"string" enum:"StandardUnit"` + // If you omit this parameter, the default of false is used. + ForceUpdate *bool `locationName:"forceUpdate" type:"boolean"` } // String returns the string representation. @@ -9790,7 +17439,7 @@ type MetricTransformation struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s MetricTransformation) String() string { +func (s PutDestinationPolicyInput) String() string { return awsutil.Prettify(s) } @@ -9799,21 +17448,24 @@ func (s MetricTransformation) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s MetricTransformation) GoString() string { +func (s PutDestinationPolicyInput) GoString() string { return s.String() } // Validate inspects the fields of the type to determine if they are valid. -func (s *MetricTransformation) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "MetricTransformation"} - if s.MetricName == nil { - invalidParams.Add(request.NewErrParamRequired("MetricName")) +func (s *PutDestinationPolicyInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "PutDestinationPolicyInput"} + if s.AccessPolicy == nil { + invalidParams.Add(request.NewErrParamRequired("AccessPolicy")) } - if s.MetricNamespace == nil { - invalidParams.Add(request.NewErrParamRequired("MetricNamespace")) + if s.AccessPolicy != nil && len(*s.AccessPolicy) < 1 { + invalidParams.Add(request.NewErrParamMinLen("AccessPolicy", 1)) } - if s.MetricValue == nil { - invalidParams.Add(request.NewErrParamRequired("MetricValue")) + if s.DestinationName == nil { + invalidParams.Add(request.NewErrParamRequired("DestinationName")) + } + if s.DestinationName != nil && len(*s.DestinationName) < 1 { + invalidParams.Add(request.NewErrParamMinLen("DestinationName", 1)) } if invalidParams.Len() > 0 { @@ -9822,48 +17474,71 @@ func (s *MetricTransformation) Validate() error { return nil } -// SetDefaultValue sets the DefaultValue field's value. -func (s *MetricTransformation) SetDefaultValue(v float64) *MetricTransformation { - s.DefaultValue = &v +// SetAccessPolicy sets the AccessPolicy field's value. +func (s *PutDestinationPolicyInput) SetAccessPolicy(v string) *PutDestinationPolicyInput { + s.AccessPolicy = &v return s } -// SetDimensions sets the Dimensions field's value. -func (s *MetricTransformation) SetDimensions(v map[string]*string) *MetricTransformation { - s.Dimensions = v +// SetDestinationName sets the DestinationName field's value. +func (s *PutDestinationPolicyInput) SetDestinationName(v string) *PutDestinationPolicyInput { + s.DestinationName = &v return s } -// SetMetricName sets the MetricName field's value. -func (s *MetricTransformation) SetMetricName(v string) *MetricTransformation { - s.MetricName = &v +// SetForceUpdate sets the ForceUpdate field's value. +func (s *PutDestinationPolicyInput) SetForceUpdate(v bool) *PutDestinationPolicyInput { + s.ForceUpdate = &v return s } -// SetMetricNamespace sets the MetricNamespace field's value. -func (s *MetricTransformation) SetMetricNamespace(v string) *MetricTransformation { - s.MetricNamespace = &v - return s +type PutDestinationPolicyOutput struct { + _ struct{} `type:"structure"` } -// SetMetricValue sets the MetricValue field's value. -func (s *MetricTransformation) SetMetricValue(v string) *MetricTransformation { - s.MetricValue = &v - return s +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s PutDestinationPolicyOutput) String() string { + return awsutil.Prettify(s) } -// SetUnit sets the Unit field's value. -func (s *MetricTransformation) SetUnit(v string) *MetricTransformation { - s.Unit = &v - return s +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s PutDestinationPolicyOutput) GoString() string { + return s.String() } -// Multiple concurrent requests to update the same resource were in conflict. -type OperationAbortedException struct { - _ struct{} `type:"structure"` - RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` +type PutLogEventsInput struct { + _ struct{} `type:"structure"` + + // The log events. + // + // LogEvents is a required field + LogEvents []*InputLogEvent `locationName:"logEvents" min:"1" type:"list" required:"true"` + + // The name of the log group. + // + // LogGroupName is a required field + LogGroupName *string `locationName:"logGroupName" min:"1" type:"string" required:"true"` - Message_ *string `locationName:"message" type:"string"` + // The name of the log stream. + // + // LogStreamName is a required field + LogStreamName *string `locationName:"logStreamName" min:"1" type:"string" required:"true"` + + // The sequence token obtained from the response of the previous PutLogEvents + // call. + // + // The sequenceToken parameter is now ignored in PutLogEvents actions. PutLogEvents + // actions are now accepted and never return InvalidSequenceTokenException or + // DataAlreadyAcceptedException even if the sequence token is not valid. + SequenceToken *string `locationName:"sequenceToken" min:"1" type:"string"` } // String returns the string representation. @@ -9871,7 +17546,7 @@ type OperationAbortedException struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s OperationAbortedException) String() string { +func (s PutLogEventsInput) String() string { return awsutil.Prettify(s) } @@ -9880,62 +17555,91 @@ func (s OperationAbortedException) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s OperationAbortedException) GoString() string { +func (s PutLogEventsInput) GoString() string { return s.String() } -func newErrorOperationAbortedException(v protocol.ResponseMetadata) error { - return &OperationAbortedException{ - RespMetadata: v, +// Validate inspects the fields of the type to determine if they are valid. +func (s *PutLogEventsInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "PutLogEventsInput"} + if s.LogEvents == nil { + invalidParams.Add(request.NewErrParamRequired("LogEvents")) + } + if s.LogEvents != nil && len(s.LogEvents) < 1 { + invalidParams.Add(request.NewErrParamMinLen("LogEvents", 1)) + } + if s.LogGroupName == nil { + invalidParams.Add(request.NewErrParamRequired("LogGroupName")) + } + if s.LogGroupName != nil && len(*s.LogGroupName) < 1 { + invalidParams.Add(request.NewErrParamMinLen("LogGroupName", 1)) + } + if s.LogStreamName == nil { + invalidParams.Add(request.NewErrParamRequired("LogStreamName")) + } + if s.LogStreamName != nil && len(*s.LogStreamName) < 1 { + invalidParams.Add(request.NewErrParamMinLen("LogStreamName", 1)) + } + if s.SequenceToken != nil && len(*s.SequenceToken) < 1 { + invalidParams.Add(request.NewErrParamMinLen("SequenceToken", 1)) + } + if s.LogEvents != nil { + for i, v := range s.LogEvents { + if v == nil { + continue + } + if err := v.Validate(); err != nil { + invalidParams.AddNested(fmt.Sprintf("%s[%v]", "LogEvents", i), err.(request.ErrInvalidParams)) + } + } } -} - -// Code returns the exception type name. -func (s *OperationAbortedException) Code() string { - return "OperationAbortedException" -} -// Message returns the exception's message. -func (s *OperationAbortedException) Message() string { - if s.Message_ != nil { - return *s.Message_ + if invalidParams.Len() > 0 { + return invalidParams } - return "" + return nil } -// OrigErr always returns nil, satisfies awserr.Error interface. -func (s *OperationAbortedException) OrigErr() error { - return nil +// SetLogEvents sets the LogEvents field's value. +func (s *PutLogEventsInput) SetLogEvents(v []*InputLogEvent) *PutLogEventsInput { + s.LogEvents = v + return s } -func (s *OperationAbortedException) Error() string { - return fmt.Sprintf("%s: %s", s.Code(), s.Message()) +// SetLogGroupName sets the LogGroupName field's value. +func (s *PutLogEventsInput) SetLogGroupName(v string) *PutLogEventsInput { + s.LogGroupName = &v + return s } -// Status code returns the HTTP status code for the request's response error. -func (s *OperationAbortedException) StatusCode() int { - return s.RespMetadata.StatusCode +// SetLogStreamName sets the LogStreamName field's value. +func (s *PutLogEventsInput) SetLogStreamName(v string) *PutLogEventsInput { + s.LogStreamName = &v + return s } -// RequestID returns the service's response RequestID for request. -func (s *OperationAbortedException) RequestID() string { - return s.RespMetadata.RequestID +// SetSequenceToken sets the SequenceToken field's value. +func (s *PutLogEventsInput) SetSequenceToken(v string) *PutLogEventsInput { + s.SequenceToken = &v + return s } -// Represents a log event. -type OutputLogEvent struct { +type PutLogEventsOutput struct { _ struct{} `type:"structure"` - // The time the event was ingested, expressed as the number of milliseconds - // after Jan 1, 1970 00:00:00 UTC. - IngestionTime *int64 `locationName:"ingestionTime" type:"long"` - - // The data contained in the log event. - Message *string `locationName:"message" min:"1" type:"string"` + // The next sequence token. + // + // This field has been deprecated. + // + // The sequence token is now ignored in PutLogEvents actions. PutLogEvents actions + // are always accepted even if the sequence token is not valid. You can use + // parallel PutLogEvents actions on the same log stream and you do not need + // to wait for the response of a previous PutLogEvents action to obtain the + // nextSequenceToken value. + NextSequenceToken *string `locationName:"nextSequenceToken" min:"1" type:"string"` - // The time the event occurred, expressed as the number of milliseconds after - // Jan 1, 1970 00:00:00 UTC. - Timestamp *int64 `locationName:"timestamp" type:"long"` + // The rejected events. + RejectedLogEventsInfo *RejectedLogEventsInfo `locationName:"rejectedLogEventsInfo" type:"structure"` } // String returns the string representation. @@ -9943,7 +17647,7 @@ type OutputLogEvent struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s OutputLogEvent) String() string { +func (s PutLogEventsOutput) String() string { return awsutil.Prettify(s) } @@ -9952,64 +17656,44 @@ func (s OutputLogEvent) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s OutputLogEvent) GoString() string { +func (s PutLogEventsOutput) GoString() string { return s.String() } -// SetIngestionTime sets the IngestionTime field's value. -func (s *OutputLogEvent) SetIngestionTime(v int64) *OutputLogEvent { - s.IngestionTime = &v - return s -} - -// SetMessage sets the Message field's value. -func (s *OutputLogEvent) SetMessage(v string) *OutputLogEvent { - s.Message = &v +// SetNextSequenceToken sets the NextSequenceToken field's value. +func (s *PutLogEventsOutput) SetNextSequenceToken(v string) *PutLogEventsOutput { + s.NextSequenceToken = &v return s } -// SetTimestamp sets the Timestamp field's value. -func (s *OutputLogEvent) SetTimestamp(v int64) *OutputLogEvent { - s.Timestamp = &v +// SetRejectedLogEventsInfo sets the RejectedLogEventsInfo field's value. +func (s *PutLogEventsOutput) SetRejectedLogEventsInfo(v *RejectedLogEventsInfo) *PutLogEventsOutput { + s.RejectedLogEventsInfo = v return s } -type PutDataProtectionPolicyInput struct { +type PutMetricFilterInput struct { _ struct{} `type:"structure"` - // Specify either the log group name or log group ARN. + // A name for the metric filter. // - // LogGroupIdentifier is a required field - LogGroupIdentifier *string `locationName:"logGroupIdentifier" min:"1" type:"string" required:"true"` + // FilterName is a required field + FilterName *string `locationName:"filterName" min:"1" type:"string" required:"true"` - // Specify the data protection policy, in JSON. - // - // This policy must include two JSON blocks: - // - // * The first block must include both a DataIdentifer array and an Operation - // property with an Audit action. The DataIdentifer array lists the types - // of sensitive data that you want to mask. For more information about the - // available options, see Types of data that you can mask (https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/mask-sensitive-log-data-types.html). - // The Operation property with an Audit action is required to find the sensitive - // data terms. This Audit action must contain a FindingsDestination object. - // You can optionally use that FindingsDestination object to list one or - // more destinations to send audit findings to. If you specify destinations - // such as log groups, Kinesis Data Firehose streams, and S3 buckets, they - // must already exist. - // - // * The second block must include both a DataIdentifer array and an Operation - // property with an Deidentify action. The DataIdentifer array must exactly - // match the DataIdentifer array in the first block of the policy. The Operation - // property with the Deidentify action is what actually masks the data, and - // it must contain the "MaskConfig": {} object. The "MaskConfig": {} object - // must be empty. + // A filter pattern for extracting metric data out of ingested log events. // - // For an example data protection policy, see the Examples section on this page. + // FilterPattern is a required field + FilterPattern *string `locationName:"filterPattern" type:"string" required:"true"` + + // The name of the log group. // - // The contents of two DataIdentifer arrays must match exactly. + // LogGroupName is a required field + LogGroupName *string `locationName:"logGroupName" min:"1" type:"string" required:"true"` + + // A collection of information that defines how metric data gets emitted. // - // PolicyDocument is a required field - PolicyDocument *string `locationName:"policyDocument" type:"string" required:"true"` + // MetricTransformations is a required field + MetricTransformations []*MetricTransformation `locationName:"metricTransformations" min:"1" type:"list" required:"true"` } // String returns the string representation. @@ -10017,7 +17701,7 @@ type PutDataProtectionPolicyInput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s PutDataProtectionPolicyInput) String() string { +func (s PutMetricFilterInput) String() string { return awsutil.Prettify(s) } @@ -10026,21 +17710,43 @@ func (s PutDataProtectionPolicyInput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s PutDataProtectionPolicyInput) GoString() string { +func (s PutMetricFilterInput) GoString() string { return s.String() } // Validate inspects the fields of the type to determine if they are valid. -func (s *PutDataProtectionPolicyInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "PutDataProtectionPolicyInput"} - if s.LogGroupIdentifier == nil { - invalidParams.Add(request.NewErrParamRequired("LogGroupIdentifier")) +func (s *PutMetricFilterInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "PutMetricFilterInput"} + if s.FilterName == nil { + invalidParams.Add(request.NewErrParamRequired("FilterName")) } - if s.LogGroupIdentifier != nil && len(*s.LogGroupIdentifier) < 1 { - invalidParams.Add(request.NewErrParamMinLen("LogGroupIdentifier", 1)) + if s.FilterName != nil && len(*s.FilterName) < 1 { + invalidParams.Add(request.NewErrParamMinLen("FilterName", 1)) } - if s.PolicyDocument == nil { - invalidParams.Add(request.NewErrParamRequired("PolicyDocument")) + if s.FilterPattern == nil { + invalidParams.Add(request.NewErrParamRequired("FilterPattern")) + } + if s.LogGroupName == nil { + invalidParams.Add(request.NewErrParamRequired("LogGroupName")) + } + if s.LogGroupName != nil && len(*s.LogGroupName) < 1 { + invalidParams.Add(request.NewErrParamMinLen("LogGroupName", 1)) + } + if s.MetricTransformations == nil { + invalidParams.Add(request.NewErrParamRequired("MetricTransformations")) + } + if s.MetricTransformations != nil && len(s.MetricTransformations) < 1 { + invalidParams.Add(request.NewErrParamMinLen("MetricTransformations", 1)) + } + if s.MetricTransformations != nil { + for i, v := range s.MetricTransformations { + if v == nil { + continue + } + if err := v.Validate(); err != nil { + invalidParams.AddNested(fmt.Sprintf("%s[%v]", "MetricTransformations", i), err.(request.ErrInvalidParams)) + } + } } if invalidParams.Len() > 0 { @@ -10049,29 +17755,32 @@ func (s *PutDataProtectionPolicyInput) Validate() error { return nil } -// SetLogGroupIdentifier sets the LogGroupIdentifier field's value. -func (s *PutDataProtectionPolicyInput) SetLogGroupIdentifier(v string) *PutDataProtectionPolicyInput { - s.LogGroupIdentifier = &v +// SetFilterName sets the FilterName field's value. +func (s *PutMetricFilterInput) SetFilterName(v string) *PutMetricFilterInput { + s.FilterName = &v return s } -// SetPolicyDocument sets the PolicyDocument field's value. -func (s *PutDataProtectionPolicyInput) SetPolicyDocument(v string) *PutDataProtectionPolicyInput { - s.PolicyDocument = &v +// SetFilterPattern sets the FilterPattern field's value. +func (s *PutMetricFilterInput) SetFilterPattern(v string) *PutMetricFilterInput { + s.FilterPattern = &v return s } -type PutDataProtectionPolicyOutput struct { - _ struct{} `type:"structure"` - - // The date and time that this policy was most recently updated. - LastUpdatedTime *int64 `locationName:"lastUpdatedTime" type:"long"` +// SetLogGroupName sets the LogGroupName field's value. +func (s *PutMetricFilterInput) SetLogGroupName(v string) *PutMetricFilterInput { + s.LogGroupName = &v + return s +} - // The log group name or ARN that you specified in your request. - LogGroupIdentifier *string `locationName:"logGroupIdentifier" min:"1" type:"string"` +// SetMetricTransformations sets the MetricTransformations field's value. +func (s *PutMetricFilterInput) SetMetricTransformations(v []*MetricTransformation) *PutMetricFilterInput { + s.MetricTransformations = v + return s +} - // The data protection policy used for this log group. - PolicyDocument *string `locationName:"policyDocument" type:"string"` +type PutMetricFilterOutput struct { + _ struct{} `type:"structure"` } // String returns the string representation. @@ -10079,7 +17788,7 @@ type PutDataProtectionPolicyOutput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s PutDataProtectionPolicyOutput) String() string { +func (s PutMetricFilterOutput) String() string { return awsutil.Prettify(s) } @@ -10088,52 +17797,46 @@ func (s PutDataProtectionPolicyOutput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s PutDataProtectionPolicyOutput) GoString() string { +func (s PutMetricFilterOutput) GoString() string { return s.String() } -// SetLastUpdatedTime sets the LastUpdatedTime field's value. -func (s *PutDataProtectionPolicyOutput) SetLastUpdatedTime(v int64) *PutDataProtectionPolicyOutput { - s.LastUpdatedTime = &v - return s -} - -// SetLogGroupIdentifier sets the LogGroupIdentifier field's value. -func (s *PutDataProtectionPolicyOutput) SetLogGroupIdentifier(v string) *PutDataProtectionPolicyOutput { - s.LogGroupIdentifier = &v - return s -} - -// SetPolicyDocument sets the PolicyDocument field's value. -func (s *PutDataProtectionPolicyOutput) SetPolicyDocument(v string) *PutDataProtectionPolicyOutput { - s.PolicyDocument = &v - return s -} - -type PutDestinationInput struct { +type PutQueryDefinitionInput struct { _ struct{} `type:"structure"` - // A name for the destination. + // Used as an idempotency token, to avoid returning an exception if the service + // receives the same request twice because of a network error. + ClientToken *string `locationName:"clientToken" min:"36" type:"string" idempotencyToken:"true"` + + // Use this parameter to include specific log groups as part of your query definition. // - // DestinationName is a required field - DestinationName *string `locationName:"destinationName" min:"1" type:"string" required:"true"` + // If you are updating a query definition and you omit this parameter, then + // the updated definition will contain no log groups. + LogGroupNames []*string `locationName:"logGroupNames" type:"list"` - // The ARN of an IAM role that grants CloudWatch Logs permissions to call the - // Amazon Kinesis PutRecord operation on the destination stream. + // A name for the query definition. If you are saving numerous query definitions, + // we recommend that you name them. This way, you can find the ones you want + // by using the first part of the name as a filter in the queryDefinitionNamePrefix + // parameter of DescribeQueryDefinitions (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_DescribeQueryDefinitions.html). // - // RoleArn is a required field - RoleArn *string `locationName:"roleArn" min:"1" type:"string" required:"true"` + // Name is a required field + Name *string `locationName:"name" min:"1" type:"string" required:"true"` - // An optional list of key-value pairs to associate with the resource. + // If you are updating a query definition, use this parameter to specify the + // ID of the query definition that you want to update. You can use DescribeQueryDefinitions + // (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_DescribeQueryDefinitions.html) + // to retrieve the IDs of your saved query definitions. // - // For more information about tagging, see Tagging Amazon Web Services resources - // (https://docs.aws.amazon.com/general/latest/gr/aws_tagging.html) - Tags map[string]*string `locationName:"tags" min:"1" type:"map"` + // If you are creating a query definition, do not specify this parameter. CloudWatch + // generates a unique ID for the new query definition and include it in the + // response to this operation. + QueryDefinitionId *string `locationName:"queryDefinitionId" type:"string"` - // The ARN of an Amazon Kinesis stream to which to deliver matching log events. + // The query string to use for this definition. For more information, see CloudWatch + // Logs Insights Query Syntax (https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CWL_QuerySyntax.html). // - // TargetArn is a required field - TargetArn *string `locationName:"targetArn" min:"1" type:"string" required:"true"` + // QueryString is a required field + QueryString *string `locationName:"queryString" min:"1" type:"string" required:"true"` } // String returns the string representation. @@ -10141,7 +17844,7 @@ type PutDestinationInput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s PutDestinationInput) String() string { +func (s PutQueryDefinitionInput) String() string { return awsutil.Prettify(s) } @@ -10150,33 +17853,27 @@ func (s PutDestinationInput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s PutDestinationInput) GoString() string { +func (s PutQueryDefinitionInput) GoString() string { return s.String() } // Validate inspects the fields of the type to determine if they are valid. -func (s *PutDestinationInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "PutDestinationInput"} - if s.DestinationName == nil { - invalidParams.Add(request.NewErrParamRequired("DestinationName")) - } - if s.DestinationName != nil && len(*s.DestinationName) < 1 { - invalidParams.Add(request.NewErrParamMinLen("DestinationName", 1)) - } - if s.RoleArn == nil { - invalidParams.Add(request.NewErrParamRequired("RoleArn")) +func (s *PutQueryDefinitionInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "PutQueryDefinitionInput"} + if s.ClientToken != nil && len(*s.ClientToken) < 36 { + invalidParams.Add(request.NewErrParamMinLen("ClientToken", 36)) } - if s.RoleArn != nil && len(*s.RoleArn) < 1 { - invalidParams.Add(request.NewErrParamMinLen("RoleArn", 1)) + if s.Name == nil { + invalidParams.Add(request.NewErrParamRequired("Name")) } - if s.Tags != nil && len(s.Tags) < 1 { - invalidParams.Add(request.NewErrParamMinLen("Tags", 1)) + if s.Name != nil && len(*s.Name) < 1 { + invalidParams.Add(request.NewErrParamMinLen("Name", 1)) } - if s.TargetArn == nil { - invalidParams.Add(request.NewErrParamRequired("TargetArn")) + if s.QueryString == nil { + invalidParams.Add(request.NewErrParamRequired("QueryString")) } - if s.TargetArn != nil && len(*s.TargetArn) < 1 { - invalidParams.Add(request.NewErrParamMinLen("TargetArn", 1)) + if s.QueryString != nil && len(*s.QueryString) < 1 { + invalidParams.Add(request.NewErrParamMinLen("QueryString", 1)) } if invalidParams.Len() > 0 { @@ -10185,35 +17882,41 @@ func (s *PutDestinationInput) Validate() error { return nil } -// SetDestinationName sets the DestinationName field's value. -func (s *PutDestinationInput) SetDestinationName(v string) *PutDestinationInput { - s.DestinationName = &v +// SetClientToken sets the ClientToken field's value. +func (s *PutQueryDefinitionInput) SetClientToken(v string) *PutQueryDefinitionInput { + s.ClientToken = &v return s } -// SetRoleArn sets the RoleArn field's value. -func (s *PutDestinationInput) SetRoleArn(v string) *PutDestinationInput { - s.RoleArn = &v +// SetLogGroupNames sets the LogGroupNames field's value. +func (s *PutQueryDefinitionInput) SetLogGroupNames(v []*string) *PutQueryDefinitionInput { + s.LogGroupNames = v return s } -// SetTags sets the Tags field's value. -func (s *PutDestinationInput) SetTags(v map[string]*string) *PutDestinationInput { - s.Tags = v +// SetName sets the Name field's value. +func (s *PutQueryDefinitionInput) SetName(v string) *PutQueryDefinitionInput { + s.Name = &v return s } -// SetTargetArn sets the TargetArn field's value. -func (s *PutDestinationInput) SetTargetArn(v string) *PutDestinationInput { - s.TargetArn = &v +// SetQueryDefinitionId sets the QueryDefinitionId field's value. +func (s *PutQueryDefinitionInput) SetQueryDefinitionId(v string) *PutQueryDefinitionInput { + s.QueryDefinitionId = &v return s } -type PutDestinationOutput struct { +// SetQueryString sets the QueryString field's value. +func (s *PutQueryDefinitionInput) SetQueryString(v string) *PutQueryDefinitionInput { + s.QueryString = &v + return s +} + +type PutQueryDefinitionOutput struct { _ struct{} `type:"structure"` - // The destination. - Destination *Destination `locationName:"destination" type:"structure"` + // The ID of the query definition. + QueryDefinitionId *string `locationName:"queryDefinitionId" type:"string"` } // String returns the string representation. @@ -10221,7 +17924,7 @@ type PutDestinationOutput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s PutDestinationOutput) String() string { +func (s PutQueryDefinitionOutput) String() string { return awsutil.Prettify(s) } @@ -10230,41 +17933,45 @@ func (s PutDestinationOutput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s PutDestinationOutput) GoString() string { +func (s PutQueryDefinitionOutput) GoString() string { return s.String() } -// SetDestination sets the Destination field's value. -func (s *PutDestinationOutput) SetDestination(v *Destination) *PutDestinationOutput { - s.Destination = v +// SetQueryDefinitionId sets the QueryDefinitionId field's value. +func (s *PutQueryDefinitionOutput) SetQueryDefinitionId(v string) *PutQueryDefinitionOutput { + s.QueryDefinitionId = &v return s } -type PutDestinationPolicyInput struct { +type PutResourcePolicyInput struct { _ struct{} `type:"structure"` - // An IAM policy document that authorizes cross-account users to deliver their - // log events to the associated destination. This can be up to 5120 bytes. + // Details of the new policy, including the identity of the principal that is + // enabled to put logs to this account. This is formatted as a JSON string. + // This parameter is required. // - // AccessPolicy is a required field - AccessPolicy *string `locationName:"accessPolicy" min:"1" type:"string" required:"true"` - - // A name for an existing destination. + // The following example creates a resource policy enabling the Route 53 service + // to put DNS query logs in to the specified log group. Replace "logArn" with + // the ARN of your CloudWatch Logs resource, such as a log group or log stream. // - // DestinationName is a required field - DestinationName *string `locationName:"destinationName" min:"1" type:"string" required:"true"` - - // Specify true if you are updating an existing destination policy to grant - // permission to an organization ID instead of granting permission to individual - // AWS accounts. Before you update a destination policy this way, you must first - // update the subscription filters in the accounts that send logs to this destination. - // If you do not, the subscription filters might stop working. By specifying - // true for forceUpdate, you are affirming that you have already updated the - // subscription filters. For more information, see Updating an existing cross-account - // subscription (https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/Cross-Account-Log_Subscription-Update.html) + // CloudWatch Logs also supports aws:SourceArn (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-sourcearn) + // and aws:SourceAccount (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-sourceaccount) + // condition context keys. // - // If you omit this parameter, the default of false is used. - ForceUpdate *bool `locationName:"forceUpdate" type:"boolean"` + // In the example resource policy, you would replace the value of SourceArn + // with the resource making the call from Route 53 to CloudWatch Logs. You would + // also replace the value of SourceAccount with the Amazon Web Services account + // ID making that call. + // + // { "Version": "2012-10-17", "Statement": [ { "Sid": "Route53LogsToCloudWatchLogs", + // "Effect": "Allow", "Principal": { "Service": [ "route53.amazonaws.com" ] + // }, "Action": "logs:PutLogEvents", "Resource": "logArn", "Condition": { "ArnLike": + // { "aws:SourceArn": "myRoute53ResourceArn" }, "StringEquals": { "aws:SourceAccount": + // "myAwsAccountId" } } } ] } + PolicyDocument *string `locationName:"policyDocument" min:"1" type:"string"` + + // Name of the new policy. This parameter is required. + PolicyName *string `locationName:"policyName" type:"string"` } // String returns the string representation. @@ -10272,7 +17979,7 @@ type PutDestinationPolicyInput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s PutDestinationPolicyInput) String() string { +func (s PutResourcePolicyInput) String() string { return awsutil.Prettify(s) } @@ -10281,24 +17988,15 @@ func (s PutDestinationPolicyInput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s PutDestinationPolicyInput) GoString() string { +func (s PutResourcePolicyInput) GoString() string { return s.String() } // Validate inspects the fields of the type to determine if they are valid. -func (s *PutDestinationPolicyInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "PutDestinationPolicyInput"} - if s.AccessPolicy == nil { - invalidParams.Add(request.NewErrParamRequired("AccessPolicy")) - } - if s.AccessPolicy != nil && len(*s.AccessPolicy) < 1 { - invalidParams.Add(request.NewErrParamMinLen("AccessPolicy", 1)) - } - if s.DestinationName == nil { - invalidParams.Add(request.NewErrParamRequired("DestinationName")) - } - if s.DestinationName != nil && len(*s.DestinationName) < 1 { - invalidParams.Add(request.NewErrParamMinLen("DestinationName", 1)) +func (s *PutResourcePolicyInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "PutResourcePolicyInput"} + if s.PolicyDocument != nil && len(*s.PolicyDocument) < 1 { + invalidParams.Add(request.NewErrParamMinLen("PolicyDocument", 1)) } if invalidParams.Len() > 0 { @@ -10307,26 +18005,23 @@ func (s *PutDestinationPolicyInput) Validate() error { return nil } -// SetAccessPolicy sets the AccessPolicy field's value. -func (s *PutDestinationPolicyInput) SetAccessPolicy(v string) *PutDestinationPolicyInput { - s.AccessPolicy = &v - return s -} - -// SetDestinationName sets the DestinationName field's value. -func (s *PutDestinationPolicyInput) SetDestinationName(v string) *PutDestinationPolicyInput { - s.DestinationName = &v +// SetPolicyDocument sets the PolicyDocument field's value. +func (s *PutResourcePolicyInput) SetPolicyDocument(v string) *PutResourcePolicyInput { + s.PolicyDocument = &v return s } -// SetForceUpdate sets the ForceUpdate field's value. -func (s *PutDestinationPolicyInput) SetForceUpdate(v bool) *PutDestinationPolicyInput { - s.ForceUpdate = &v +// SetPolicyName sets the PolicyName field's value. +func (s *PutResourcePolicyInput) SetPolicyName(v string) *PutResourcePolicyInput { + s.PolicyName = &v return s } -type PutDestinationPolicyOutput struct { +type PutResourcePolicyOutput struct { _ struct{} `type:"structure"` + + // The new policy. + ResourcePolicy *ResourcePolicy `locationName:"resourcePolicy" type:"structure"` } // String returns the string representation. @@ -10334,7 +18029,7 @@ type PutDestinationPolicyOutput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s PutDestinationPolicyOutput) String() string { +func (s PutResourcePolicyOutput) String() string { return awsutil.Prettify(s) } @@ -10343,35 +18038,33 @@ func (s PutDestinationPolicyOutput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s PutDestinationPolicyOutput) GoString() string { +func (s PutResourcePolicyOutput) GoString() string { return s.String() } -type PutLogEventsInput struct { - _ struct{} `type:"structure"` +// SetResourcePolicy sets the ResourcePolicy field's value. +func (s *PutResourcePolicyOutput) SetResourcePolicy(v *ResourcePolicy) *PutResourcePolicyOutput { + s.ResourcePolicy = v + return s +} - // The log events. - // - // LogEvents is a required field - LogEvents []*InputLogEvent `locationName:"logEvents" min:"1" type:"list" required:"true"` +type PutRetentionPolicyInput struct { + _ struct{} `type:"structure"` // The name of the log group. // // LogGroupName is a required field LogGroupName *string `locationName:"logGroupName" min:"1" type:"string" required:"true"` - // The name of the log stream. + // The number of days to retain the log events in the specified log group. Possible + // values are: 1, 3, 5, 7, 14, 30, 60, 90, 120, 150, 180, 365, 400, 545, 731, + // 1096, 1827, 2192, 2557, 2922, 3288, and 3653. // - // LogStreamName is a required field - LogStreamName *string `locationName:"logStreamName" min:"1" type:"string" required:"true"` - - // The sequence token obtained from the response of the previous PutLogEvents - // call. + // To set a log group so that its log events do not expire, use DeleteRetentionPolicy + // (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_DeleteRetentionPolicy.html). // - // The sequenceToken parameter is now ignored in PutLogEvents actions. PutLogEvents - // actions are now accepted and never return InvalidSequenceTokenException or - // DataAlreadyAcceptedException even if the sequence token is not valid. - SequenceToken *string `locationName:"sequenceToken" min:"1" type:"string"` + // RetentionInDays is a required field + RetentionInDays *int64 `locationName:"retentionInDays" type:"integer" required:"true"` } // String returns the string representation. @@ -10379,7 +18072,7 @@ type PutLogEventsInput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s PutLogEventsInput) String() string { +func (s PutRetentionPolicyInput) String() string { return awsutil.Prettify(s) } @@ -10388,43 +18081,21 @@ func (s PutLogEventsInput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s PutLogEventsInput) GoString() string { +func (s PutRetentionPolicyInput) GoString() string { return s.String() } // Validate inspects the fields of the type to determine if they are valid. -func (s *PutLogEventsInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "PutLogEventsInput"} - if s.LogEvents == nil { - invalidParams.Add(request.NewErrParamRequired("LogEvents")) - } - if s.LogEvents != nil && len(s.LogEvents) < 1 { - invalidParams.Add(request.NewErrParamMinLen("LogEvents", 1)) - } +func (s *PutRetentionPolicyInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "PutRetentionPolicyInput"} if s.LogGroupName == nil { invalidParams.Add(request.NewErrParamRequired("LogGroupName")) } if s.LogGroupName != nil && len(*s.LogGroupName) < 1 { invalidParams.Add(request.NewErrParamMinLen("LogGroupName", 1)) } - if s.LogStreamName == nil { - invalidParams.Add(request.NewErrParamRequired("LogStreamName")) - } - if s.LogStreamName != nil && len(*s.LogStreamName) < 1 { - invalidParams.Add(request.NewErrParamMinLen("LogStreamName", 1)) - } - if s.SequenceToken != nil && len(*s.SequenceToken) < 1 { - invalidParams.Add(request.NewErrParamMinLen("SequenceToken", 1)) - } - if s.LogEvents != nil { - for i, v := range s.LogEvents { - if v == nil { - continue - } - if err := v.Validate(); err != nil { - invalidParams.AddNested(fmt.Sprintf("%s[%v]", "LogEvents", i), err.(request.ErrInvalidParams)) - } - } + if s.RetentionInDays == nil { + invalidParams.Add(request.NewErrParamRequired("RetentionInDays")) } if invalidParams.Len() > 0 { @@ -10433,46 +18104,20 @@ func (s *PutLogEventsInput) Validate() error { return nil } -// SetLogEvents sets the LogEvents field's value. -func (s *PutLogEventsInput) SetLogEvents(v []*InputLogEvent) *PutLogEventsInput { - s.LogEvents = v - return s -} - // SetLogGroupName sets the LogGroupName field's value. -func (s *PutLogEventsInput) SetLogGroupName(v string) *PutLogEventsInput { +func (s *PutRetentionPolicyInput) SetLogGroupName(v string) *PutRetentionPolicyInput { s.LogGroupName = &v return s } -// SetLogStreamName sets the LogStreamName field's value. -func (s *PutLogEventsInput) SetLogStreamName(v string) *PutLogEventsInput { - s.LogStreamName = &v - return s -} - -// SetSequenceToken sets the SequenceToken field's value. -func (s *PutLogEventsInput) SetSequenceToken(v string) *PutLogEventsInput { - s.SequenceToken = &v +// SetRetentionInDays sets the RetentionInDays field's value. +func (s *PutRetentionPolicyInput) SetRetentionInDays(v int64) *PutRetentionPolicyInput { + s.RetentionInDays = &v return s } -type PutLogEventsOutput struct { +type PutRetentionPolicyOutput struct { _ struct{} `type:"structure"` - - // The next sequence token. - // - // This field has been deprecated. - // - // The sequence token is now ignored in PutLogEvents actions. PutLogEvents actions - // are always accepted even if the sequence token is not valid. You can use - // parallel PutLogEvents actions on the same log stream and you do not need - // to wait for the response of a previous PutLogEvents action to obtain the - // nextSequenceToken value. - NextSequenceToken *string `locationName:"nextSequenceToken" min:"1" type:"string"` - - // The rejected events. - RejectedLogEventsInfo *RejectedLogEventsInfo `locationName:"rejectedLogEventsInfo" type:"structure"` } // String returns the string representation. @@ -10480,7 +18125,7 @@ type PutLogEventsOutput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s PutLogEventsOutput) String() string { +func (s PutRetentionPolicyOutput) String() string { return awsutil.Prettify(s) } @@ -10489,31 +18134,49 @@ func (s PutLogEventsOutput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s PutLogEventsOutput) GoString() string { +func (s PutRetentionPolicyOutput) GoString() string { return s.String() } -// SetNextSequenceToken sets the NextSequenceToken field's value. -func (s *PutLogEventsOutput) SetNextSequenceToken(v string) *PutLogEventsOutput { - s.NextSequenceToken = &v - return s -} +type PutSubscriptionFilterInput struct { + _ struct{} `type:"structure"` -// SetRejectedLogEventsInfo sets the RejectedLogEventsInfo field's value. -func (s *PutLogEventsOutput) SetRejectedLogEventsInfo(v *RejectedLogEventsInfo) *PutLogEventsOutput { - s.RejectedLogEventsInfo = v - return s -} + // The ARN of the destination to deliver matching log events to. Currently, + // the supported destinations are: + // + // * An Amazon Kinesis stream belonging to the same account as the subscription + // filter, for same-account delivery. + // + // * A logical destination (specified using an ARN) belonging to a different + // account, for cross-account delivery. If you're setting up a cross-account + // subscription, the destination must have an IAM policy associated with + // it. The IAM policy must allow the sender to send logs to the destination. + // For more information, see PutDestinationPolicy (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutDestinationPolicy.html). + // + // * A Kinesis Data Firehose delivery stream belonging to the same account + // as the subscription filter, for same-account delivery. + // + // * A Lambda function belonging to the same account as the subscription + // filter, for same-account delivery. + // + // DestinationArn is a required field + DestinationArn *string `locationName:"destinationArn" min:"1" type:"string" required:"true"` -type PutMetricFilterInput struct { - _ struct{} `type:"structure"` + // The method used to distribute log data to the destination. By default, log + // data is grouped by log stream, but the grouping can be set to random for + // a more even distribution. This property is only applicable when the destination + // is an Amazon Kinesis data stream. + Distribution *string `locationName:"distribution" type:"string" enum:"Distribution"` - // A name for the metric filter. + // A name for the subscription filter. If you are updating an existing filter, + // you must specify the correct name in filterName. To find the name of the + // filter currently associated with a log group, use DescribeSubscriptionFilters + // (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_DescribeSubscriptionFilters.html). // // FilterName is a required field FilterName *string `locationName:"filterName" min:"1" type:"string" required:"true"` - // A filter pattern for extracting metric data out of ingested log events. + // A filter pattern for subscribing to a filtered stream of log events. // // FilterPattern is a required field FilterPattern *string `locationName:"filterPattern" type:"string" required:"true"` @@ -10523,10 +18186,11 @@ type PutMetricFilterInput struct { // LogGroupName is a required field LogGroupName *string `locationName:"logGroupName" min:"1" type:"string" required:"true"` - // A collection of information that defines how metric data gets emitted. - // - // MetricTransformations is a required field - MetricTransformations []*MetricTransformation `locationName:"metricTransformations" min:"1" type:"list" required:"true"` + // The ARN of an IAM role that grants CloudWatch Logs permissions to deliver + // ingested log events to the destination stream. You don't need to provide + // the ARN when you are working with a logical destination for cross-account + // delivery. + RoleArn *string `locationName:"roleArn" min:"1" type:"string"` } // String returns the string representation. @@ -10534,7 +18198,7 @@ type PutMetricFilterInput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s PutMetricFilterInput) String() string { +func (s PutSubscriptionFilterInput) String() string { return awsutil.Prettify(s) } @@ -10543,13 +18207,19 @@ func (s PutMetricFilterInput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s PutMetricFilterInput) GoString() string { +func (s PutSubscriptionFilterInput) GoString() string { return s.String() } // Validate inspects the fields of the type to determine if they are valid. -func (s *PutMetricFilterInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "PutMetricFilterInput"} +func (s *PutSubscriptionFilterInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "PutSubscriptionFilterInput"} + if s.DestinationArn == nil { + invalidParams.Add(request.NewErrParamRequired("DestinationArn")) + } + if s.DestinationArn != nil && len(*s.DestinationArn) < 1 { + invalidParams.Add(request.NewErrParamMinLen("DestinationArn", 1)) + } if s.FilterName == nil { invalidParams.Add(request.NewErrParamRequired("FilterName")) } @@ -10565,21 +18235,8 @@ func (s *PutMetricFilterInput) Validate() error { if s.LogGroupName != nil && len(*s.LogGroupName) < 1 { invalidParams.Add(request.NewErrParamMinLen("LogGroupName", 1)) } - if s.MetricTransformations == nil { - invalidParams.Add(request.NewErrParamRequired("MetricTransformations")) - } - if s.MetricTransformations != nil && len(s.MetricTransformations) < 1 { - invalidParams.Add(request.NewErrParamMinLen("MetricTransformations", 1)) - } - if s.MetricTransformations != nil { - for i, v := range s.MetricTransformations { - if v == nil { - continue - } - if err := v.Validate(); err != nil { - invalidParams.AddNested(fmt.Sprintf("%s[%v]", "MetricTransformations", i), err.(request.ErrInvalidParams)) - } - } + if s.RoleArn != nil && len(*s.RoleArn) < 1 { + invalidParams.Add(request.NewErrParamMinLen("RoleArn", 1)) } if invalidParams.Len() > 0 { @@ -10588,84 +18245,44 @@ func (s *PutMetricFilterInput) Validate() error { return nil } +// SetDestinationArn sets the DestinationArn field's value. +func (s *PutSubscriptionFilterInput) SetDestinationArn(v string) *PutSubscriptionFilterInput { + s.DestinationArn = &v + return s +} + +// SetDistribution sets the Distribution field's value. +func (s *PutSubscriptionFilterInput) SetDistribution(v string) *PutSubscriptionFilterInput { + s.Distribution = &v + return s +} + // SetFilterName sets the FilterName field's value. -func (s *PutMetricFilterInput) SetFilterName(v string) *PutMetricFilterInput { +func (s *PutSubscriptionFilterInput) SetFilterName(v string) *PutSubscriptionFilterInput { s.FilterName = &v return s } // SetFilterPattern sets the FilterPattern field's value. -func (s *PutMetricFilterInput) SetFilterPattern(v string) *PutMetricFilterInput { +func (s *PutSubscriptionFilterInput) SetFilterPattern(v string) *PutSubscriptionFilterInput { s.FilterPattern = &v return s } // SetLogGroupName sets the LogGroupName field's value. -func (s *PutMetricFilterInput) SetLogGroupName(v string) *PutMetricFilterInput { +func (s *PutSubscriptionFilterInput) SetLogGroupName(v string) *PutSubscriptionFilterInput { s.LogGroupName = &v return s } -// SetMetricTransformations sets the MetricTransformations field's value. -func (s *PutMetricFilterInput) SetMetricTransformations(v []*MetricTransformation) *PutMetricFilterInput { - s.MetricTransformations = v +// SetRoleArn sets the RoleArn field's value. +func (s *PutSubscriptionFilterInput) SetRoleArn(v string) *PutSubscriptionFilterInput { + s.RoleArn = &v return s } -type PutMetricFilterOutput struct { - _ struct{} `type:"structure"` -} - -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s PutMetricFilterOutput) String() string { - return awsutil.Prettify(s) -} - -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s PutMetricFilterOutput) GoString() string { - return s.String() -} - -type PutQueryDefinitionInput struct { +type PutSubscriptionFilterOutput struct { _ struct{} `type:"structure"` - - // Use this parameter to include specific log groups as part of your query definition. - // - // If you are updating a query definition and you omit this parameter, then - // the updated definition will contain no log groups. - LogGroupNames []*string `locationName:"logGroupNames" type:"list"` - - // A name for the query definition. If you are saving numerous query definitions, - // we recommend that you name them. This way, you can find the ones you want - // by using the first part of the name as a filter in the queryDefinitionNamePrefix - // parameter of DescribeQueryDefinitions (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_DescribeQueryDefinitions.html). - // - // Name is a required field - Name *string `locationName:"name" min:"1" type:"string" required:"true"` - - // If you are updating a query definition, use this parameter to specify the - // ID of the query definition that you want to update. You can use DescribeQueryDefinitions - // (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_DescribeQueryDefinitions.html) - // to retrieve the IDs of your saved query definitions. - // - // If you are creating a query definition, do not specify this parameter. CloudWatch - // generates a unique ID for the new query definition and include it in the - // response to this operation. - QueryDefinitionId *string `locationName:"queryDefinitionId" type:"string"` - - // The query string to use for this definition. For more information, see CloudWatch - // Logs Insights Query Syntax (https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CWL_QuerySyntax.html). - // - // QueryString is a required field - QueryString *string `locationName:"queryString" min:"1" type:"string" required:"true"` } // String returns the string representation. @@ -10673,7 +18290,7 @@ type PutQueryDefinitionInput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s PutQueryDefinitionInput) String() string { +func (s PutSubscriptionFilterOutput) String() string { return awsutil.Prettify(s) } @@ -10682,61 +18299,60 @@ func (s PutQueryDefinitionInput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s PutQueryDefinitionInput) GoString() string { +func (s PutSubscriptionFilterOutput) GoString() string { return s.String() } -// Validate inspects the fields of the type to determine if they are valid. -func (s *PutQueryDefinitionInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "PutQueryDefinitionInput"} - if s.Name == nil { - invalidParams.Add(request.NewErrParamRequired("Name")) - } - if s.Name != nil && len(*s.Name) < 1 { - invalidParams.Add(request.NewErrParamMinLen("Name", 1)) - } - if s.QueryString == nil { - invalidParams.Add(request.NewErrParamRequired("QueryString")) - } - if s.QueryString != nil && len(*s.QueryString) < 1 { - invalidParams.Add(request.NewErrParamMinLen("QueryString", 1)) - } +// Reserved. +type QueryCompileError struct { + _ struct{} `type:"structure"` - if invalidParams.Len() > 0 { - return invalidParams - } - return nil + // Reserved. + Location *QueryCompileErrorLocation `locationName:"location" type:"structure"` + + // Reserved. + Message *string `locationName:"message" type:"string"` } -// SetLogGroupNames sets the LogGroupNames field's value. -func (s *PutQueryDefinitionInput) SetLogGroupNames(v []*string) *PutQueryDefinitionInput { - s.LogGroupNames = v - return s +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s QueryCompileError) String() string { + return awsutil.Prettify(s) } -// SetName sets the Name field's value. -func (s *PutQueryDefinitionInput) SetName(v string) *PutQueryDefinitionInput { - s.Name = &v - return s +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s QueryCompileError) GoString() string { + return s.String() } -// SetQueryDefinitionId sets the QueryDefinitionId field's value. -func (s *PutQueryDefinitionInput) SetQueryDefinitionId(v string) *PutQueryDefinitionInput { - s.QueryDefinitionId = &v +// SetLocation sets the Location field's value. +func (s *QueryCompileError) SetLocation(v *QueryCompileErrorLocation) *QueryCompileError { + s.Location = v return s } -// SetQueryString sets the QueryString field's value. -func (s *PutQueryDefinitionInput) SetQueryString(v string) *PutQueryDefinitionInput { - s.QueryString = &v +// SetMessage sets the Message field's value. +func (s *QueryCompileError) SetMessage(v string) *QueryCompileError { + s.Message = &v return s } -type PutQueryDefinitionOutput struct { +// Reserved. +type QueryCompileErrorLocation struct { _ struct{} `type:"structure"` - // The ID of the query definition. - QueryDefinitionId *string `locationName:"queryDefinitionId" type:"string"` + // Reserved. + EndCharOffset *int64 `locationName:"endCharOffset" type:"integer"` + + // Reserved. + StartCharOffset *int64 `locationName:"startCharOffset" type:"integer"` } // String returns the string representation. @@ -10744,7 +18360,7 @@ type PutQueryDefinitionOutput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s PutQueryDefinitionOutput) String() string { +func (s QueryCompileErrorLocation) String() string { return awsutil.Prettify(s) } @@ -10753,45 +18369,43 @@ func (s PutQueryDefinitionOutput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s PutQueryDefinitionOutput) GoString() string { +func (s QueryCompileErrorLocation) GoString() string { return s.String() } -// SetQueryDefinitionId sets the QueryDefinitionId field's value. -func (s *PutQueryDefinitionOutput) SetQueryDefinitionId(v string) *PutQueryDefinitionOutput { - s.QueryDefinitionId = &v +// SetEndCharOffset sets the EndCharOffset field's value. +func (s *QueryCompileErrorLocation) SetEndCharOffset(v int64) *QueryCompileErrorLocation { + s.EndCharOffset = &v return s } -type PutResourcePolicyInput struct { +// SetStartCharOffset sets the StartCharOffset field's value. +func (s *QueryCompileErrorLocation) SetStartCharOffset(v int64) *QueryCompileErrorLocation { + s.StartCharOffset = &v + return s +} + +// This structure contains details about a saved CloudWatch Logs Insights query +// definition. +type QueryDefinition struct { _ struct{} `type:"structure"` - // Details of the new policy, including the identity of the principal that is - // enabled to put logs to this account. This is formatted as a JSON string. - // This parameter is required. - // - // The following example creates a resource policy enabling the Route 53 service - // to put DNS query logs in to the specified log group. Replace "logArn" with - // the ARN of your CloudWatch Logs resource, such as a log group or log stream. - // - // CloudWatch Logs also supports aws:SourceArn (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-sourcearn) - // and aws:SourceAccount (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-sourceaccount) - // condition context keys. - // - // In the example resource policy, you would replace the value of SourceArn - // with the resource making the call from Route 53 to CloudWatch Logs. You would - // also replace the value of SourceAccount with the Amazon Web Services account - // ID making that call. - // - // { "Version": "2012-10-17", "Statement": [ { "Sid": "Route53LogsToCloudWatchLogs", - // "Effect": "Allow", "Principal": { "Service": [ "route53.amazonaws.com" ] - // }, "Action": "logs:PutLogEvents", "Resource": "logArn", "Condition": { "ArnLike": - // { "aws:SourceArn": "myRoute53ResourceArn" }, "StringEquals": { "aws:SourceAccount": - // "myAwsAccountId" } } } ] } - PolicyDocument *string `locationName:"policyDocument" min:"1" type:"string"` + // The date that the query definition was most recently modified. + LastModified *int64 `locationName:"lastModified" type:"long"` - // Name of the new policy. This parameter is required. - PolicyName *string `locationName:"policyName" type:"string"` + // If this query definition contains a list of log groups that it is limited + // to, that list appears here. + LogGroupNames []*string `locationName:"logGroupNames" type:"list"` + + // The name of the query definition. + Name *string `locationName:"name" min:"1" type:"string"` + + // The unique ID of the query definition. + QueryDefinitionId *string `locationName:"queryDefinitionId" type:"string"` + + // The query string to use for this definition. For more information, see CloudWatch + // Logs Insights Query Syntax (https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CWL_QuerySyntax.html). + QueryString *string `locationName:"queryString" min:"1" type:"string"` } // String returns the string representation. @@ -10799,7 +18413,7 @@ type PutResourcePolicyInput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s PutResourcePolicyInput) String() string { +func (s QueryDefinition) String() string { return awsutil.Prettify(s) } @@ -10808,40 +18422,60 @@ func (s PutResourcePolicyInput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s PutResourcePolicyInput) GoString() string { +func (s QueryDefinition) GoString() string { return s.String() } -// Validate inspects the fields of the type to determine if they are valid. -func (s *PutResourcePolicyInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "PutResourcePolicyInput"} - if s.PolicyDocument != nil && len(*s.PolicyDocument) < 1 { - invalidParams.Add(request.NewErrParamMinLen("PolicyDocument", 1)) - } +// SetLastModified sets the LastModified field's value. +func (s *QueryDefinition) SetLastModified(v int64) *QueryDefinition { + s.LastModified = &v + return s +} - if invalidParams.Len() > 0 { - return invalidParams - } - return nil +// SetLogGroupNames sets the LogGroupNames field's value. +func (s *QueryDefinition) SetLogGroupNames(v []*string) *QueryDefinition { + s.LogGroupNames = v + return s } -// SetPolicyDocument sets the PolicyDocument field's value. -func (s *PutResourcePolicyInput) SetPolicyDocument(v string) *PutResourcePolicyInput { - s.PolicyDocument = &v +// SetName sets the Name field's value. +func (s *QueryDefinition) SetName(v string) *QueryDefinition { + s.Name = &v return s } -// SetPolicyName sets the PolicyName field's value. -func (s *PutResourcePolicyInput) SetPolicyName(v string) *PutResourcePolicyInput { - s.PolicyName = &v +// SetQueryDefinitionId sets the QueryDefinitionId field's value. +func (s *QueryDefinition) SetQueryDefinitionId(v string) *QueryDefinition { + s.QueryDefinitionId = &v return s } -type PutResourcePolicyOutput struct { +// SetQueryString sets the QueryString field's value. +func (s *QueryDefinition) SetQueryString(v string) *QueryDefinition { + s.QueryString = &v + return s +} + +// Information about one CloudWatch Logs Insights query that matches the request +// in a DescribeQueries operation. +type QueryInfo struct { _ struct{} `type:"structure"` - // The new policy. - ResourcePolicy *ResourcePolicy `locationName:"resourcePolicy" type:"structure"` + // The date and time that this query was created. + CreateTime *int64 `locationName:"createTime" type:"long"` + + // The name of the log group scanned by this query. + LogGroupName *string `locationName:"logGroupName" min:"1" type:"string"` + + // The unique ID number of this query. + QueryId *string `locationName:"queryId" type:"string"` + + // The query string used in this query. + QueryString *string `locationName:"queryString" type:"string"` + + // The status of this query. Possible values are Cancelled, Complete, Failed, + // Running, Scheduled, and Unknown. + Status *string `locationName:"status" type:"string" enum:"QueryStatus"` } // String returns the string representation. @@ -10849,7 +18483,7 @@ type PutResourcePolicyOutput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s PutResourcePolicyOutput) String() string { +func (s QueryInfo) String() string { return awsutil.Prettify(s) } @@ -10858,33 +18492,54 @@ func (s PutResourcePolicyOutput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s PutResourcePolicyOutput) GoString() string { +func (s QueryInfo) GoString() string { return s.String() } -// SetResourcePolicy sets the ResourcePolicy field's value. -func (s *PutResourcePolicyOutput) SetResourcePolicy(v *ResourcePolicy) *PutResourcePolicyOutput { - s.ResourcePolicy = v +// SetCreateTime sets the CreateTime field's value. +func (s *QueryInfo) SetCreateTime(v int64) *QueryInfo { + s.CreateTime = &v return s } -type PutRetentionPolicyInput struct { +// SetLogGroupName sets the LogGroupName field's value. +func (s *QueryInfo) SetLogGroupName(v string) *QueryInfo { + s.LogGroupName = &v + return s +} + +// SetQueryId sets the QueryId field's value. +func (s *QueryInfo) SetQueryId(v string) *QueryInfo { + s.QueryId = &v + return s +} + +// SetQueryString sets the QueryString field's value. +func (s *QueryInfo) SetQueryString(v string) *QueryInfo { + s.QueryString = &v + return s +} + +// SetStatus sets the Status field's value. +func (s *QueryInfo) SetStatus(v string) *QueryInfo { + s.Status = &v + return s +} + +// Contains the number of log events scanned by the query, the number of log +// events that matched the query criteria, and the total number of bytes in +// the log events that were scanned. +type QueryStatistics struct { _ struct{} `type:"structure"` - // The name of the log group. - // - // LogGroupName is a required field - LogGroupName *string `locationName:"logGroupName" min:"1" type:"string" required:"true"` + // The total number of bytes in the log events scanned during the query. + BytesScanned *float64 `locationName:"bytesScanned" type:"double"` - // The number of days to retain the log events in the specified log group. Possible - // values are: 1, 3, 5, 7, 14, 30, 60, 90, 120, 150, 180, 365, 400, 545, 731, - // 1827, 2192, 2557, 2922, 3288, and 3653. - // - // To set a log group so that its log events do not expire, use DeleteRetentionPolicy - // (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_DeleteRetentionPolicy.html). - // - // RetentionInDays is a required field - RetentionInDays *int64 `locationName:"retentionInDays" type:"integer" required:"true"` + // The number of log events that matched the query string. + RecordsMatched *float64 `locationName:"recordsMatched" type:"double"` + + // The total number of log events scanned during the query. + RecordsScanned *float64 `locationName:"recordsScanned" type:"double"` } // String returns the string representation. @@ -10892,52 +18547,49 @@ type PutRetentionPolicyInput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s PutRetentionPolicyInput) String() string { +func (s QueryStatistics) String() string { return awsutil.Prettify(s) } // GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s PutRetentionPolicyInput) GoString() string { - return s.String() -} - -// Validate inspects the fields of the type to determine if they are valid. -func (s *PutRetentionPolicyInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "PutRetentionPolicyInput"} - if s.LogGroupName == nil { - invalidParams.Add(request.NewErrParamRequired("LogGroupName")) - } - if s.LogGroupName != nil && len(*s.LogGroupName) < 1 { - invalidParams.Add(request.NewErrParamMinLen("LogGroupName", 1)) - } - if s.RetentionInDays == nil { - invalidParams.Add(request.NewErrParamRequired("RetentionInDays")) - } +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s QueryStatistics) GoString() string { + return s.String() +} - if invalidParams.Len() > 0 { - return invalidParams - } - return nil +// SetBytesScanned sets the BytesScanned field's value. +func (s *QueryStatistics) SetBytesScanned(v float64) *QueryStatistics { + s.BytesScanned = &v + return s } -// SetLogGroupName sets the LogGroupName field's value. -func (s *PutRetentionPolicyInput) SetLogGroupName(v string) *PutRetentionPolicyInput { - s.LogGroupName = &v +// SetRecordsMatched sets the RecordsMatched field's value. +func (s *QueryStatistics) SetRecordsMatched(v float64) *QueryStatistics { + s.RecordsMatched = &v return s } -// SetRetentionInDays sets the RetentionInDays field's value. -func (s *PutRetentionPolicyInput) SetRetentionInDays(v int64) *PutRetentionPolicyInput { - s.RetentionInDays = &v +// SetRecordsScanned sets the RecordsScanned field's value. +func (s *QueryStatistics) SetRecordsScanned(v float64) *QueryStatistics { + s.RecordsScanned = &v return s } -type PutRetentionPolicyOutput struct { +// Represents the rejected events. +type RejectedLogEventsInfo struct { _ struct{} `type:"structure"` + + // The expired log events. + ExpiredLogEventEndIndex *int64 `locationName:"expiredLogEventEndIndex" type:"integer"` + + // The index of the first log event that is too new. This field is inclusive. + TooNewLogEventStartIndex *int64 `locationName:"tooNewLogEventStartIndex" type:"integer"` + + // The index of the last log event that is too old. This field is exclusive. + TooOldLogEventEndIndex *int64 `locationName:"tooOldLogEventEndIndex" type:"integer"` } // String returns the string representation. @@ -10945,7 +18597,7 @@ type PutRetentionPolicyOutput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s PutRetentionPolicyOutput) String() string { +func (s RejectedLogEventsInfo) String() string { return awsutil.Prettify(s) } @@ -10954,63 +18606,34 @@ func (s PutRetentionPolicyOutput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s PutRetentionPolicyOutput) GoString() string { +func (s RejectedLogEventsInfo) GoString() string { return s.String() } -type PutSubscriptionFilterInput struct { - _ struct{} `type:"structure"` - - // The ARN of the destination to deliver matching log events to. Currently, - // the supported destinations are: - // - // * An Amazon Kinesis stream belonging to the same account as the subscription - // filter, for same-account delivery. - // - // * A logical destination (specified using an ARN) belonging to a different - // account, for cross-account delivery. If you're setting up a cross-account - // subscription, the destination must have an IAM policy associated with - // it. The IAM policy must allow the sender to send logs to the destination. - // For more information, see PutDestinationPolicy (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_PutDestinationPolicy.html). - // - // * A Kinesis Data Firehose delivery stream belonging to the same account - // as the subscription filter, for same-account delivery. - // - // * A Lambda function belonging to the same account as the subscription - // filter, for same-account delivery. - // - // DestinationArn is a required field - DestinationArn *string `locationName:"destinationArn" min:"1" type:"string" required:"true"` - - // The method used to distribute log data to the destination. By default, log - // data is grouped by log stream, but the grouping can be set to random for - // a more even distribution. This property is only applicable when the destination - // is an Amazon Kinesis data stream. - Distribution *string `locationName:"distribution" type:"string" enum:"Distribution"` +// SetExpiredLogEventEndIndex sets the ExpiredLogEventEndIndex field's value. +func (s *RejectedLogEventsInfo) SetExpiredLogEventEndIndex(v int64) *RejectedLogEventsInfo { + s.ExpiredLogEventEndIndex = &v + return s +} - // A name for the subscription filter. If you are updating an existing filter, - // you must specify the correct name in filterName. To find the name of the - // filter currently associated with a log group, use DescribeSubscriptionFilters - // (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_DescribeSubscriptionFilters.html). - // - // FilterName is a required field - FilterName *string `locationName:"filterName" min:"1" type:"string" required:"true"` +// SetTooNewLogEventStartIndex sets the TooNewLogEventStartIndex field's value. +func (s *RejectedLogEventsInfo) SetTooNewLogEventStartIndex(v int64) *RejectedLogEventsInfo { + s.TooNewLogEventStartIndex = &v + return s +} - // A filter pattern for subscribing to a filtered stream of log events. - // - // FilterPattern is a required field - FilterPattern *string `locationName:"filterPattern" type:"string" required:"true"` +// SetTooOldLogEventEndIndex sets the TooOldLogEventEndIndex field's value. +func (s *RejectedLogEventsInfo) SetTooOldLogEventEndIndex(v int64) *RejectedLogEventsInfo { + s.TooOldLogEventEndIndex = &v + return s +} - // The name of the log group. - // - // LogGroupName is a required field - LogGroupName *string `locationName:"logGroupName" min:"1" type:"string" required:"true"` +// The specified resource already exists. +type ResourceAlreadyExistsException struct { + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` - // The ARN of an IAM role that grants CloudWatch Logs permissions to deliver - // ingested log events to the destination stream. You don't need to provide - // the ARN when you are working with a logical destination for cross-account - // delivery. - RoleArn *string `locationName:"roleArn" min:"1" type:"string"` + Message_ *string `locationName:"message" type:"string"` } // String returns the string representation. @@ -11018,7 +18641,7 @@ type PutSubscriptionFilterInput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s PutSubscriptionFilterInput) String() string { +func (s ResourceAlreadyExistsException) String() string { return awsutil.Prettify(s) } @@ -11027,82 +18650,54 @@ func (s PutSubscriptionFilterInput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s PutSubscriptionFilterInput) GoString() string { +func (s ResourceAlreadyExistsException) GoString() string { return s.String() } -// Validate inspects the fields of the type to determine if they are valid. -func (s *PutSubscriptionFilterInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "PutSubscriptionFilterInput"} - if s.DestinationArn == nil { - invalidParams.Add(request.NewErrParamRequired("DestinationArn")) - } - if s.DestinationArn != nil && len(*s.DestinationArn) < 1 { - invalidParams.Add(request.NewErrParamMinLen("DestinationArn", 1)) - } - if s.FilterName == nil { - invalidParams.Add(request.NewErrParamRequired("FilterName")) - } - if s.FilterName != nil && len(*s.FilterName) < 1 { - invalidParams.Add(request.NewErrParamMinLen("FilterName", 1)) - } - if s.FilterPattern == nil { - invalidParams.Add(request.NewErrParamRequired("FilterPattern")) - } - if s.LogGroupName == nil { - invalidParams.Add(request.NewErrParamRequired("LogGroupName")) - } - if s.LogGroupName != nil && len(*s.LogGroupName) < 1 { - invalidParams.Add(request.NewErrParamMinLen("LogGroupName", 1)) - } - if s.RoleArn != nil && len(*s.RoleArn) < 1 { - invalidParams.Add(request.NewErrParamMinLen("RoleArn", 1)) - } - - if invalidParams.Len() > 0 { - return invalidParams +func newErrorResourceAlreadyExistsException(v protocol.ResponseMetadata) error { + return &ResourceAlreadyExistsException{ + RespMetadata: v, } - return nil } -// SetDestinationArn sets the DestinationArn field's value. -func (s *PutSubscriptionFilterInput) SetDestinationArn(v string) *PutSubscriptionFilterInput { - s.DestinationArn = &v - return s +// Code returns the exception type name. +func (s *ResourceAlreadyExistsException) Code() string { + return "ResourceAlreadyExistsException" } -// SetDistribution sets the Distribution field's value. -func (s *PutSubscriptionFilterInput) SetDistribution(v string) *PutSubscriptionFilterInput { - s.Distribution = &v - return s +// Message returns the exception's message. +func (s *ResourceAlreadyExistsException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" } -// SetFilterName sets the FilterName field's value. -func (s *PutSubscriptionFilterInput) SetFilterName(v string) *PutSubscriptionFilterInput { - s.FilterName = &v - return s +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s *ResourceAlreadyExistsException) OrigErr() error { + return nil } -// SetFilterPattern sets the FilterPattern field's value. -func (s *PutSubscriptionFilterInput) SetFilterPattern(v string) *PutSubscriptionFilterInput { - s.FilterPattern = &v - return s +func (s *ResourceAlreadyExistsException) Error() string { + return fmt.Sprintf("%s: %s", s.Code(), s.Message()) } -// SetLogGroupName sets the LogGroupName field's value. -func (s *PutSubscriptionFilterInput) SetLogGroupName(v string) *PutSubscriptionFilterInput { - s.LogGroupName = &v - return s +// Status code returns the HTTP status code for the request's response error. +func (s *ResourceAlreadyExistsException) StatusCode() int { + return s.RespMetadata.StatusCode } -// SetRoleArn sets the RoleArn field's value. -func (s *PutSubscriptionFilterInput) SetRoleArn(v string) *PutSubscriptionFilterInput { - s.RoleArn = &v - return s +// RequestID returns the service's response RequestID for request. +func (s *ResourceAlreadyExistsException) RequestID() string { + return s.RespMetadata.RequestID } -type PutSubscriptionFilterOutput struct { - _ struct{} `type:"structure"` +// The specified resource does not exist. +type ResourceNotFoundException struct { + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` + + Message_ *string `locationName:"message" type:"string"` } // String returns the string representation. @@ -11110,7 +18705,7 @@ type PutSubscriptionFilterOutput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s PutSubscriptionFilterOutput) String() string { +func (s ResourceNotFoundException) String() string { return awsutil.Prettify(s) } @@ -11119,19 +18714,62 @@ func (s PutSubscriptionFilterOutput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s PutSubscriptionFilterOutput) GoString() string { +func (s ResourceNotFoundException) GoString() string { return s.String() } -// Reserved. -type QueryCompileError struct { +func newErrorResourceNotFoundException(v protocol.ResponseMetadata) error { + return &ResourceNotFoundException{ + RespMetadata: v, + } +} + +// Code returns the exception type name. +func (s *ResourceNotFoundException) Code() string { + return "ResourceNotFoundException" +} + +// Message returns the exception's message. +func (s *ResourceNotFoundException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s *ResourceNotFoundException) OrigErr() error { + return nil +} + +func (s *ResourceNotFoundException) Error() string { + return fmt.Sprintf("%s: %s", s.Code(), s.Message()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s *ResourceNotFoundException) StatusCode() int { + return s.RespMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s *ResourceNotFoundException) RequestID() string { + return s.RespMetadata.RequestID +} + +// A policy enabling one or more entities to put logs to a log group in this +// account. +type ResourcePolicy struct { _ struct{} `type:"structure"` - // Reserved. - Location *QueryCompileErrorLocation `locationName:"location" type:"structure"` + // Timestamp showing when this policy was last updated, expressed as the number + // of milliseconds after Jan 1, 1970 00:00:00 UTC. + LastUpdatedTime *int64 `locationName:"lastUpdatedTime" type:"long"` - // Reserved. - Message *string `locationName:"message" type:"string"` + // The details of the policy. + PolicyDocument *string `locationName:"policyDocument" min:"1" type:"string"` + + // The name of the resource policy. + PolicyName *string `locationName:"policyName" type:"string"` } // String returns the string representation. @@ -11139,7 +18777,7 @@ type QueryCompileError struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s QueryCompileError) String() string { +func (s ResourcePolicy) String() string { return awsutil.Prettify(s) } @@ -11148,31 +18786,41 @@ func (s QueryCompileError) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s QueryCompileError) GoString() string { +func (s ResourcePolicy) GoString() string { return s.String() } -// SetLocation sets the Location field's value. -func (s *QueryCompileError) SetLocation(v *QueryCompileErrorLocation) *QueryCompileError { - s.Location = v +// SetLastUpdatedTime sets the LastUpdatedTime field's value. +func (s *ResourcePolicy) SetLastUpdatedTime(v int64) *ResourcePolicy { + s.LastUpdatedTime = &v return s } -// SetMessage sets the Message field's value. -func (s *QueryCompileError) SetMessage(v string) *QueryCompileError { - s.Message = &v +// SetPolicyDocument sets the PolicyDocument field's value. +func (s *ResourcePolicy) SetPolicyDocument(v string) *ResourcePolicy { + s.PolicyDocument = &v return s } -// Reserved. -type QueryCompileErrorLocation struct { +// SetPolicyName sets the PolicyName field's value. +func (s *ResourcePolicy) SetPolicyName(v string) *ResourcePolicy { + s.PolicyName = &v + return s +} + +// Contains one field from one log event returned by a CloudWatch Logs Insights +// query, along with the value of that field. +// +// For more information about the fields that are generated by CloudWatch logs, +// see Supported Logs and Discovered Fields (https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CWL_AnalyzeLogData-discoverable-fields.html). +type ResultField struct { _ struct{} `type:"structure"` - // Reserved. - EndCharOffset *int64 `locationName:"endCharOffset" type:"integer"` + // The log event field. + Field *string `locationName:"field" type:"string"` - // Reserved. - StartCharOffset *int64 `locationName:"startCharOffset" type:"integer"` + // The value of this field. + Value *string `locationName:"value" type:"string"` } // String returns the string representation. @@ -11180,7 +18828,7 @@ type QueryCompileErrorLocation struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s QueryCompileErrorLocation) String() string { +func (s ResultField) String() string { return awsutil.Prettify(s) } @@ -11189,43 +18837,31 @@ func (s QueryCompileErrorLocation) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s QueryCompileErrorLocation) GoString() string { +func (s ResultField) GoString() string { return s.String() } -// SetEndCharOffset sets the EndCharOffset field's value. -func (s *QueryCompileErrorLocation) SetEndCharOffset(v int64) *QueryCompileErrorLocation { - s.EndCharOffset = &v +// SetField sets the Field field's value. +func (s *ResultField) SetField(v string) *ResultField { + s.Field = &v return s } -// SetStartCharOffset sets the StartCharOffset field's value. -func (s *QueryCompileErrorLocation) SetStartCharOffset(v int64) *QueryCompileErrorLocation { - s.StartCharOffset = &v +// SetValue sets the Value field's value. +func (s *ResultField) SetValue(v string) *ResultField { + s.Value = &v return s } -// This structure contains details about a saved CloudWatch Logs Insights query -// definition. -type QueryDefinition struct { +// Represents the search status of a log stream. +type SearchedLogStream struct { _ struct{} `type:"structure"` - // The date that the query definition was most recently modified. - LastModified *int64 `locationName:"lastModified" type:"long"` - - // If this query definition contains a list of log groups that it is limited - // to, that list appears here. - LogGroupNames []*string `locationName:"logGroupNames" type:"list"` - - // The name of the query definition. - Name *string `locationName:"name" min:"1" type:"string"` - - // The unique ID of the query definition. - QueryDefinitionId *string `locationName:"queryDefinitionId" type:"string"` + // The name of the log stream. + LogStreamName *string `locationName:"logStreamName" min:"1" type:"string"` - // The query string to use for this definition. For more information, see CloudWatch - // Logs Insights Query Syntax (https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CWL_QuerySyntax.html). - QueryString *string `locationName:"queryString" min:"1" type:"string"` + // Indicates whether all the events in this log stream were searched. + SearchedCompletely *bool `locationName:"searchedCompletely" type:"boolean"` } // String returns the string representation. @@ -11233,7 +18869,7 @@ type QueryDefinition struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s QueryDefinition) String() string { +func (s SearchedLogStream) String() string { return awsutil.Prettify(s) } @@ -11242,60 +18878,28 @@ func (s QueryDefinition) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s QueryDefinition) GoString() string { +func (s SearchedLogStream) GoString() string { return s.String() } -// SetLastModified sets the LastModified field's value. -func (s *QueryDefinition) SetLastModified(v int64) *QueryDefinition { - s.LastModified = &v - return s -} - -// SetLogGroupNames sets the LogGroupNames field's value. -func (s *QueryDefinition) SetLogGroupNames(v []*string) *QueryDefinition { - s.LogGroupNames = v - return s -} - -// SetName sets the Name field's value. -func (s *QueryDefinition) SetName(v string) *QueryDefinition { - s.Name = &v - return s -} - -// SetQueryDefinitionId sets the QueryDefinitionId field's value. -func (s *QueryDefinition) SetQueryDefinitionId(v string) *QueryDefinition { - s.QueryDefinitionId = &v +// SetLogStreamName sets the LogStreamName field's value. +func (s *SearchedLogStream) SetLogStreamName(v string) *SearchedLogStream { + s.LogStreamName = &v return s } -// SetQueryString sets the QueryString field's value. -func (s *QueryDefinition) SetQueryString(v string) *QueryDefinition { - s.QueryString = &v +// SetSearchedCompletely sets the SearchedCompletely field's value. +func (s *SearchedLogStream) SetSearchedCompletely(v bool) *SearchedLogStream { + s.SearchedCompletely = &v return s } -// Information about one CloudWatch Logs Insights query that matches the request -// in a DescribeQueries operation. -type QueryInfo struct { - _ struct{} `type:"structure"` - - // The date and time that this query was created. - CreateTime *int64 `locationName:"createTime" type:"long"` - - // The name of the log group scanned by this query. - LogGroupName *string `locationName:"logGroupName" min:"1" type:"string"` - - // The unique ID number of this query. - QueryId *string `locationName:"queryId" type:"string"` - - // The query string used in this query. - QueryString *string `locationName:"queryString" type:"string"` +// This request exceeds a service quota. +type ServiceQuotaExceededException struct { + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` - // The status of this query. Possible values are Cancelled, Complete, Failed, - // Running, Scheduled, and Unknown. - Status *string `locationName:"status" type:"string" enum:"QueryStatus"` + Message_ *string `locationName:"message" type:"string"` } // String returns the string representation. @@ -11303,7 +18907,7 @@ type QueryInfo struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s QueryInfo) String() string { +func (s ServiceQuotaExceededException) String() string { return awsutil.Prettify(s) } @@ -11312,54 +18916,54 @@ func (s QueryInfo) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s QueryInfo) GoString() string { +func (s ServiceQuotaExceededException) GoString() string { return s.String() } -// SetCreateTime sets the CreateTime field's value. -func (s *QueryInfo) SetCreateTime(v int64) *QueryInfo { - s.CreateTime = &v - return s +func newErrorServiceQuotaExceededException(v protocol.ResponseMetadata) error { + return &ServiceQuotaExceededException{ + RespMetadata: v, + } } -// SetLogGroupName sets the LogGroupName field's value. -func (s *QueryInfo) SetLogGroupName(v string) *QueryInfo { - s.LogGroupName = &v - return s +// Code returns the exception type name. +func (s *ServiceQuotaExceededException) Code() string { + return "ServiceQuotaExceededException" } -// SetQueryId sets the QueryId field's value. -func (s *QueryInfo) SetQueryId(v string) *QueryInfo { - s.QueryId = &v - return s +// Message returns the exception's message. +func (s *ServiceQuotaExceededException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" } -// SetQueryString sets the QueryString field's value. -func (s *QueryInfo) SetQueryString(v string) *QueryInfo { - s.QueryString = &v - return s +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s *ServiceQuotaExceededException) OrigErr() error { + return nil } -// SetStatus sets the Status field's value. -func (s *QueryInfo) SetStatus(v string) *QueryInfo { - s.Status = &v - return s +func (s *ServiceQuotaExceededException) Error() string { + return fmt.Sprintf("%s: %s", s.Code(), s.Message()) } -// Contains the number of log events scanned by the query, the number of log -// events that matched the query criteria, and the total number of bytes in -// the log events that were scanned. -type QueryStatistics struct { - _ struct{} `type:"structure"` +// Status code returns the HTTP status code for the request's response error. +func (s *ServiceQuotaExceededException) StatusCode() int { + return s.RespMetadata.StatusCode +} - // The total number of bytes in the log events scanned during the query. - BytesScanned *float64 `locationName:"bytesScanned" type:"double"` +// RequestID returns the service's response RequestID for request. +func (s *ServiceQuotaExceededException) RequestID() string { + return s.RespMetadata.RequestID +} - // The number of log events that matched the query string. - RecordsMatched *float64 `locationName:"recordsMatched" type:"double"` +// The service cannot complete the request. +type ServiceUnavailableException struct { + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` - // The total number of log events scanned during the query. - RecordsScanned *float64 `locationName:"recordsScanned" type:"double"` + Message_ *string `locationName:"message" type:"string"` } // String returns the string representation. @@ -11367,7 +18971,7 @@ type QueryStatistics struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s QueryStatistics) String() string { +func (s ServiceUnavailableException) String() string { return awsutil.Prettify(s) } @@ -11376,80 +18980,50 @@ func (s QueryStatistics) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s QueryStatistics) GoString() string { +func (s ServiceUnavailableException) GoString() string { return s.String() } -// SetBytesScanned sets the BytesScanned field's value. -func (s *QueryStatistics) SetBytesScanned(v float64) *QueryStatistics { - s.BytesScanned = &v - return s -} - -// SetRecordsMatched sets the RecordsMatched field's value. -func (s *QueryStatistics) SetRecordsMatched(v float64) *QueryStatistics { - s.RecordsMatched = &v - return s -} - -// SetRecordsScanned sets the RecordsScanned field's value. -func (s *QueryStatistics) SetRecordsScanned(v float64) *QueryStatistics { - s.RecordsScanned = &v - return s +func newErrorServiceUnavailableException(v protocol.ResponseMetadata) error { + return &ServiceUnavailableException{ + RespMetadata: v, + } } -// Represents the rejected events. -type RejectedLogEventsInfo struct { - _ struct{} `type:"structure"` - - // The expired log events. - ExpiredLogEventEndIndex *int64 `locationName:"expiredLogEventEndIndex" type:"integer"` - - // The log events that are too new. - TooNewLogEventStartIndex *int64 `locationName:"tooNewLogEventStartIndex" type:"integer"` - - // The log events that are dated too far in the past. - TooOldLogEventEndIndex *int64 `locationName:"tooOldLogEventEndIndex" type:"integer"` +// Code returns the exception type name. +func (s *ServiceUnavailableException) Code() string { + return "ServiceUnavailableException" } -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s RejectedLogEventsInfo) String() string { - return awsutil.Prettify(s) +// Message returns the exception's message. +func (s *ServiceUnavailableException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" } -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s RejectedLogEventsInfo) GoString() string { - return s.String() +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s *ServiceUnavailableException) OrigErr() error { + return nil } -// SetExpiredLogEventEndIndex sets the ExpiredLogEventEndIndex field's value. -func (s *RejectedLogEventsInfo) SetExpiredLogEventEndIndex(v int64) *RejectedLogEventsInfo { - s.ExpiredLogEventEndIndex = &v - return s +func (s *ServiceUnavailableException) Error() string { + return fmt.Sprintf("%s: %s", s.Code(), s.Message()) } -// SetTooNewLogEventStartIndex sets the TooNewLogEventStartIndex field's value. -func (s *RejectedLogEventsInfo) SetTooNewLogEventStartIndex(v int64) *RejectedLogEventsInfo { - s.TooNewLogEventStartIndex = &v - return s +// Status code returns the HTTP status code for the request's response error. +func (s *ServiceUnavailableException) StatusCode() int { + return s.RespMetadata.StatusCode } -// SetTooOldLogEventEndIndex sets the TooOldLogEventEndIndex field's value. -func (s *RejectedLogEventsInfo) SetTooOldLogEventEndIndex(v int64) *RejectedLogEventsInfo { - s.TooOldLogEventEndIndex = &v - return s +// RequestID returns the service's response RequestID for request. +func (s *ServiceUnavailableException) RequestID() string { + return s.RespMetadata.RequestID } -// The specified resource already exists. -type ResourceAlreadyExistsException struct { +// his exception is returned if an unknown error occurs during a Live Tail session. +type SessionStreamingException struct { _ struct{} `type:"structure"` RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` @@ -11461,7 +19035,7 @@ type ResourceAlreadyExistsException struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s ResourceAlreadyExistsException) String() string { +func (s SessionStreamingException) String() string { return awsutil.Prettify(s) } @@ -11470,23 +19044,52 @@ func (s ResourceAlreadyExistsException) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s ResourceAlreadyExistsException) GoString() string { +func (s SessionStreamingException) GoString() string { return s.String() } -func newErrorResourceAlreadyExistsException(v protocol.ResponseMetadata) error { - return &ResourceAlreadyExistsException{ +// The SessionStreamingException is and event in the StartLiveTailResponseStream group of events. +func (s *SessionStreamingException) eventStartLiveTailResponseStream() {} + +// UnmarshalEvent unmarshals the EventStream Message into the SessionStreamingException value. +// This method is only used internally within the SDK's EventStream handling. +func (s *SessionStreamingException) UnmarshalEvent( + payloadUnmarshaler protocol.PayloadUnmarshaler, + msg eventstream.Message, +) error { + if err := payloadUnmarshaler.UnmarshalPayload( + bytes.NewReader(msg.Payload), s, + ); err != nil { + return err + } + return nil +} + +// MarshalEvent marshals the type into an stream event value. This method +// should only used internally within the SDK's EventStream handling. +func (s *SessionStreamingException) MarshalEvent(pm protocol.PayloadMarshaler) (msg eventstream.Message, err error) { + msg.Headers.Set(eventstreamapi.MessageTypeHeader, eventstream.StringValue(eventstreamapi.ExceptionMessageType)) + var buf bytes.Buffer + if err = pm.MarshalPayload(&buf, s); err != nil { + return eventstream.Message{}, err + } + msg.Payload = buf.Bytes() + return msg, err +} + +func newErrorSessionStreamingException(v protocol.ResponseMetadata) error { + return &SessionStreamingException{ RespMetadata: v, } } // Code returns the exception type name. -func (s *ResourceAlreadyExistsException) Code() string { - return "ResourceAlreadyExistsException" +func (s *SessionStreamingException) Code() string { + return "SessionStreamingException" } // Message returns the exception's message. -func (s *ResourceAlreadyExistsException) Message() string { +func (s *SessionStreamingException) Message() string { if s.Message_ != nil { return *s.Message_ } @@ -11494,26 +19097,27 @@ func (s *ResourceAlreadyExistsException) Message() string { } // OrigErr always returns nil, satisfies awserr.Error interface. -func (s *ResourceAlreadyExistsException) OrigErr() error { +func (s *SessionStreamingException) OrigErr() error { return nil } -func (s *ResourceAlreadyExistsException) Error() string { +func (s *SessionStreamingException) Error() string { return fmt.Sprintf("%s: %s", s.Code(), s.Message()) } // Status code returns the HTTP status code for the request's response error. -func (s *ResourceAlreadyExistsException) StatusCode() int { +func (s *SessionStreamingException) StatusCode() int { return s.RespMetadata.StatusCode } // RequestID returns the service's response RequestID for request. -func (s *ResourceAlreadyExistsException) RequestID() string { +func (s *SessionStreamingException) RequestID() string { return s.RespMetadata.RequestID } -// The specified resource does not exist. -type ResourceNotFoundException struct { +// This exception is returned in a Live Tail stream when the Live Tail session +// times out. Live Tail sessions time out after three hours. +type SessionTimeoutException struct { _ struct{} `type:"structure"` RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` @@ -11525,7 +19129,7 @@ type ResourceNotFoundException struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s ResourceNotFoundException) String() string { +func (s SessionTimeoutException) String() string { return awsutil.Prettify(s) } @@ -11534,23 +19138,52 @@ func (s ResourceNotFoundException) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s ResourceNotFoundException) GoString() string { +func (s SessionTimeoutException) GoString() string { return s.String() } -func newErrorResourceNotFoundException(v protocol.ResponseMetadata) error { - return &ResourceNotFoundException{ +// The SessionTimeoutException is and event in the StartLiveTailResponseStream group of events. +func (s *SessionTimeoutException) eventStartLiveTailResponseStream() {} + +// UnmarshalEvent unmarshals the EventStream Message into the SessionTimeoutException value. +// This method is only used internally within the SDK's EventStream handling. +func (s *SessionTimeoutException) UnmarshalEvent( + payloadUnmarshaler protocol.PayloadUnmarshaler, + msg eventstream.Message, +) error { + if err := payloadUnmarshaler.UnmarshalPayload( + bytes.NewReader(msg.Payload), s, + ); err != nil { + return err + } + return nil +} + +// MarshalEvent marshals the type into an stream event value. This method +// should only used internally within the SDK's EventStream handling. +func (s *SessionTimeoutException) MarshalEvent(pm protocol.PayloadMarshaler) (msg eventstream.Message, err error) { + msg.Headers.Set(eventstreamapi.MessageTypeHeader, eventstream.StringValue(eventstreamapi.ExceptionMessageType)) + var buf bytes.Buffer + if err = pm.MarshalPayload(&buf, s); err != nil { + return eventstream.Message{}, err + } + msg.Payload = buf.Bytes() + return msg, err +} + +func newErrorSessionTimeoutException(v protocol.ResponseMetadata) error { + return &SessionTimeoutException{ RespMetadata: v, } } // Code returns the exception type name. -func (s *ResourceNotFoundException) Code() string { - return "ResourceNotFoundException" +func (s *SessionTimeoutException) Code() string { + return "SessionTimeoutException" } // Message returns the exception's message. -func (s *ResourceNotFoundException) Message() string { +func (s *SessionTimeoutException) Message() string { if s.Message_ != nil { return *s.Message_ } @@ -11558,38 +19191,69 @@ func (s *ResourceNotFoundException) Message() string { } // OrigErr always returns nil, satisfies awserr.Error interface. -func (s *ResourceNotFoundException) OrigErr() error { +func (s *SessionTimeoutException) OrigErr() error { return nil } -func (s *ResourceNotFoundException) Error() string { +func (s *SessionTimeoutException) Error() string { return fmt.Sprintf("%s: %s", s.Code(), s.Message()) } // Status code returns the HTTP status code for the request's response error. -func (s *ResourceNotFoundException) StatusCode() int { +func (s *SessionTimeoutException) StatusCode() int { return s.RespMetadata.StatusCode } // RequestID returns the service's response RequestID for request. -func (s *ResourceNotFoundException) RequestID() string { +func (s *SessionTimeoutException) RequestID() string { return s.RespMetadata.RequestID } -// A policy enabling one or more entities to put logs to a log group in this -// account. -type ResourcePolicy struct { +type StartLiveTailInput struct { _ struct{} `type:"structure"` - // Timestamp showing when this policy was last updated, expressed as the number - // of milliseconds after Jan 1, 1970 00:00:00 UTC. - LastUpdatedTime *int64 `locationName:"lastUpdatedTime" type:"long"` + // An optional pattern to use to filter the results to include only log events + // that match the pattern. For example, a filter pattern of error 404 causes + // only log events that include both error and 404 to be included in the Live + // Tail stream. + // + // Regular expression filter patterns are supported. + // + // For more information about filter pattern syntax, see Filter and Pattern + // Syntax (https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/FilterAndPatternSyntax.html). + LogEventFilterPattern *string `locationName:"logEventFilterPattern" type:"string"` - // The details of the policy. - PolicyDocument *string `locationName:"policyDocument" min:"1" type:"string"` + // An array where each item in the array is a log group to include in the Live + // Tail session. + // + // Specify each log group by its ARN. + // + // If you specify an ARN, the ARN can't end with an asterisk (*). + // + // You can include up to 10 log groups. + // + // LogGroupIdentifiers is a required field + LogGroupIdentifiers []*string `locationName:"logGroupIdentifiers" min:"1" type:"list" required:"true"` - // The name of the resource policy. - PolicyName *string `locationName:"policyName" type:"string"` + // If you specify this parameter, then only log events in the log streams that + // have names that start with the prefixes that you specify here are included + // in the Live Tail session. + // + // If you specify this field, you can't also specify the logStreamNames field. + // + // You can specify this parameter only if you specify only one log group in + // logGroupIdentifiers. + LogStreamNamePrefixes []*string `locationName:"logStreamNamePrefixes" min:"1" type:"list"` + + // If you specify this parameter, then only log events in the log streams that + // you specify here are included in the Live Tail session. + // + // If you specify this field, you can't also specify the logStreamNamePrefixes + // field. + // + // You can specify this parameter only if you specify only one log group in + // logGroupIdentifiers. + LogStreamNames []*string `locationName:"logStreamNames" min:"1" type:"list"` } // String returns the string representation. @@ -11597,7 +19261,7 @@ type ResourcePolicy struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s ResourcePolicy) String() string { +func (s StartLiveTailInput) String() string { return awsutil.Prettify(s) } @@ -11606,41 +19270,60 @@ func (s ResourcePolicy) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s ResourcePolicy) GoString() string { +func (s StartLiveTailInput) GoString() string { return s.String() } -// SetLastUpdatedTime sets the LastUpdatedTime field's value. -func (s *ResourcePolicy) SetLastUpdatedTime(v int64) *ResourcePolicy { - s.LastUpdatedTime = &v +// Validate inspects the fields of the type to determine if they are valid. +func (s *StartLiveTailInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "StartLiveTailInput"} + if s.LogGroupIdentifiers == nil { + invalidParams.Add(request.NewErrParamRequired("LogGroupIdentifiers")) + } + if s.LogGroupIdentifiers != nil && len(s.LogGroupIdentifiers) < 1 { + invalidParams.Add(request.NewErrParamMinLen("LogGroupIdentifiers", 1)) + } + if s.LogStreamNamePrefixes != nil && len(s.LogStreamNamePrefixes) < 1 { + invalidParams.Add(request.NewErrParamMinLen("LogStreamNamePrefixes", 1)) + } + if s.LogStreamNames != nil && len(s.LogStreamNames) < 1 { + invalidParams.Add(request.NewErrParamMinLen("LogStreamNames", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetLogEventFilterPattern sets the LogEventFilterPattern field's value. +func (s *StartLiveTailInput) SetLogEventFilterPattern(v string) *StartLiveTailInput { + s.LogEventFilterPattern = &v return s } -// SetPolicyDocument sets the PolicyDocument field's value. -func (s *ResourcePolicy) SetPolicyDocument(v string) *ResourcePolicy { - s.PolicyDocument = &v +// SetLogGroupIdentifiers sets the LogGroupIdentifiers field's value. +func (s *StartLiveTailInput) SetLogGroupIdentifiers(v []*string) *StartLiveTailInput { + s.LogGroupIdentifiers = v return s } -// SetPolicyName sets the PolicyName field's value. -func (s *ResourcePolicy) SetPolicyName(v string) *ResourcePolicy { - s.PolicyName = &v +// SetLogStreamNamePrefixes sets the LogStreamNamePrefixes field's value. +func (s *StartLiveTailInput) SetLogStreamNamePrefixes(v []*string) *StartLiveTailInput { + s.LogStreamNamePrefixes = v return s } -// Contains one field from one log event returned by a CloudWatch Logs Insights -// query, along with the value of that field. -// -// For more information about the fields that are generated by CloudWatch logs, -// see Supported Logs and Discovered Fields (https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CWL_AnalyzeLogData-discoverable-fields.html). -type ResultField struct { - _ struct{} `type:"structure"` +// SetLogStreamNames sets the LogStreamNames field's value. +func (s *StartLiveTailInput) SetLogStreamNames(v []*string) *StartLiveTailInput { + s.LogStreamNames = v + return s +} - // The log event field. - Field *string `locationName:"field" type:"string"` +type StartLiveTailOutput struct { + _ struct{} `type:"structure"` - // The value of this field. - Value *string `locationName:"value" type:"string"` + eventStream *StartLiveTailEventStream } // String returns the string representation. @@ -11648,7 +19331,7 @@ type ResultField struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s ResultField) String() string { +func (s StartLiveTailOutput) String() string { return awsutil.Prettify(s) } @@ -11657,125 +19340,202 @@ func (s ResultField) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s ResultField) GoString() string { +func (s StartLiveTailOutput) GoString() string { return s.String() } -// SetField sets the Field field's value. -func (s *ResultField) SetField(v string) *ResultField { - s.Field = &v - return s -} - -// SetValue sets the Value field's value. -func (s *ResultField) SetValue(v string) *ResultField { - s.Value = &v - return s +// GetStream returns the type to interact with the event stream. +func (s *StartLiveTailOutput) GetStream() *StartLiveTailEventStream { + return s.eventStream } -// Represents the search status of a log stream. -type SearchedLogStream struct { - _ struct{} `type:"structure"` +// The StartLiveTailOutput is and event in the StartLiveTailResponseStream group of events. +func (s *StartLiveTailOutput) eventStartLiveTailResponseStream() {} - // The name of the log stream. - LogStreamName *string `locationName:"logStreamName" min:"1" type:"string"` +// UnmarshalEvent unmarshals the EventStream Message into the StartLiveTailOutput value. +// This method is only used internally within the SDK's EventStream handling. +func (s *StartLiveTailOutput) UnmarshalEvent( + payloadUnmarshaler protocol.PayloadUnmarshaler, + msg eventstream.Message, +) error { + if err := payloadUnmarshaler.UnmarshalPayload( + bytes.NewReader(msg.Payload), s, + ); err != nil { + return err + } + return nil +} - // Indicates whether all the events in this log stream were searched. - SearchedCompletely *bool `locationName:"searchedCompletely" type:"boolean"` +// MarshalEvent marshals the type into an stream event value. This method +// should only used internally within the SDK's EventStream handling. +func (s *StartLiveTailOutput) MarshalEvent(pm protocol.PayloadMarshaler) (msg eventstream.Message, err error) { + msg.Headers.Set(eventstreamapi.MessageTypeHeader, eventstream.StringValue(eventstreamapi.EventMessageType)) + var buf bytes.Buffer + if err = pm.MarshalPayload(&buf, s); err != nil { + return eventstream.Message{}, err + } + msg.Payload = buf.Bytes() + return msg, err } -// String returns the string representation. +// StartLiveTailResponseStreamEvent groups together all EventStream +// events writes for StartLiveTailResponseStream. // -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s SearchedLogStream) String() string { - return awsutil.Prettify(s) +// These events are: +// +// - LiveTailSessionStart +// - LiveTailSessionUpdate +type StartLiveTailResponseStreamEvent interface { + eventStartLiveTailResponseStream() + eventstreamapi.Marshaler + eventstreamapi.Unmarshaler } -// GoString returns the string representation. +// StartLiveTailResponseStreamReader provides the interface for reading to the stream. The +// default implementation for this interface will be StartLiveTailResponseStream. // -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s SearchedLogStream) GoString() string { - return s.String() +// The reader's Close method must allow multiple concurrent calls. +// +// These events are: +// +// - LiveTailSessionStart +// - LiveTailSessionUpdate +// - StartLiveTailResponseStreamUnknownEvent +type StartLiveTailResponseStreamReader interface { + // Returns a channel of events as they are read from the event stream. + Events() <-chan StartLiveTailResponseStreamEvent + + // Close will stop the reader reading events from the stream. + Close() error + + // Returns any error that has occurred while reading from the event stream. + Err() error } -// SetLogStreamName sets the LogStreamName field's value. -func (s *SearchedLogStream) SetLogStreamName(v string) *SearchedLogStream { - s.LogStreamName = &v - return s +type readStartLiveTailResponseStream struct { + eventReader *eventstreamapi.EventReader + stream chan StartLiveTailResponseStreamEvent + err *eventstreamapi.OnceError + + done chan struct{} + closeOnce sync.Once } -// SetSearchedCompletely sets the SearchedCompletely field's value. -func (s *SearchedLogStream) SetSearchedCompletely(v bool) *SearchedLogStream { - s.SearchedCompletely = &v - return s +func newReadStartLiveTailResponseStream(eventReader *eventstreamapi.EventReader) *readStartLiveTailResponseStream { + r := &readStartLiveTailResponseStream{ + eventReader: eventReader, + stream: make(chan StartLiveTailResponseStreamEvent), + done: make(chan struct{}), + err: eventstreamapi.NewOnceError(), + } + go r.readEventStream() + + return r } -// The service cannot complete the request. -type ServiceUnavailableException struct { - _ struct{} `type:"structure"` - RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` +// Close will close the underlying event stream reader. +func (r *readStartLiveTailResponseStream) Close() error { + r.closeOnce.Do(r.safeClose) + return r.Err() +} - Message_ *string `locationName:"message" type:"string"` +func (r *readStartLiveTailResponseStream) ErrorSet() <-chan struct{} { + return r.err.ErrorSet() } -// String returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s ServiceUnavailableException) String() string { - return awsutil.Prettify(s) +func (r *readStartLiveTailResponseStream) Closed() <-chan struct{} { + return r.done } -// GoString returns the string representation. -// -// API parameter values that are decorated as "sensitive" in the API will not -// be included in the string output. The member name will be present, but the -// value will be replaced with "sensitive". -func (s ServiceUnavailableException) GoString() string { - return s.String() +func (r *readStartLiveTailResponseStream) safeClose() { + close(r.done) } -func newErrorServiceUnavailableException(v protocol.ResponseMetadata) error { - return &ServiceUnavailableException{ - RespMetadata: v, - } +func (r *readStartLiveTailResponseStream) Err() error { + return r.err.Err() } -// Code returns the exception type name. -func (s *ServiceUnavailableException) Code() string { - return "ServiceUnavailableException" +func (r *readStartLiveTailResponseStream) Events() <-chan StartLiveTailResponseStreamEvent { + return r.stream } -// Message returns the exception's message. -func (s *ServiceUnavailableException) Message() string { - if s.Message_ != nil { - return *s.Message_ +func (r *readStartLiveTailResponseStream) readEventStream() { + defer r.Close() + defer close(r.stream) + + for { + event, err := r.eventReader.ReadEvent() + if err != nil { + if err == io.EOF { + return + } + select { + case <-r.done: + // If closed already ignore the error + return + default: + } + if _, ok := err.(*eventstreamapi.UnknownMessageTypeError); ok { + continue + } + r.err.SetError(err) + return + } + + select { + case r.stream <- event.(StartLiveTailResponseStreamEvent): + case <-r.done: + return + } } - return "" } -// OrigErr always returns nil, satisfies awserr.Error interface. -func (s *ServiceUnavailableException) OrigErr() error { - return nil +type unmarshalerForStartLiveTailResponseStreamEvent struct { + metadata protocol.ResponseMetadata } -func (s *ServiceUnavailableException) Error() string { - return fmt.Sprintf("%s: %s", s.Code(), s.Message()) +func (u unmarshalerForStartLiveTailResponseStreamEvent) UnmarshalerForEventName(eventType string) (eventstreamapi.Unmarshaler, error) { + switch eventType { + case "sessionStart": + return &LiveTailSessionStart{}, nil + case "sessionUpdate": + return &LiveTailSessionUpdate{}, nil + case "SessionStreamingException": + return newErrorSessionStreamingException(u.metadata).(eventstreamapi.Unmarshaler), nil + case "SessionTimeoutException": + return newErrorSessionTimeoutException(u.metadata).(eventstreamapi.Unmarshaler), nil + default: + return &StartLiveTailResponseStreamUnknownEvent{Type: eventType}, nil + } } -// Status code returns the HTTP status code for the request's response error. -func (s *ServiceUnavailableException) StatusCode() int { - return s.RespMetadata.StatusCode +// StartLiveTailResponseStreamUnknownEvent provides a failsafe event for the +// StartLiveTailResponseStream group of events when an unknown event is received. +type StartLiveTailResponseStreamUnknownEvent struct { + Type string + Message eventstream.Message } -// RequestID returns the service's response RequestID for request. -func (s *ServiceUnavailableException) RequestID() string { - return s.RespMetadata.RequestID +// The StartLiveTailResponseStreamUnknownEvent is and event in the StartLiveTailResponseStream +// group of events. +func (s *StartLiveTailResponseStreamUnknownEvent) eventStartLiveTailResponseStream() {} + +// MarshalEvent marshals the type into an stream event value. This method +// should only used internally within the SDK's EventStream handling. +func (e *StartLiveTailResponseStreamUnknownEvent) MarshalEvent(pm protocol.PayloadMarshaler) ( + msg eventstream.Message, err error, +) { + return e.Message.Clone(), nil +} + +// UnmarshalEvent unmarshals the EventStream Message into the StartLiveTailResponseStream value. +// This method is only used internally within the SDK's EventStream handling. +func (e *StartLiveTailResponseStreamUnknownEvent) UnmarshalEvent( + payloadUnmarshaler protocol.PayloadUnmarshaler, + msg eventstream.Message, +) error { + e.Message = msg.Clone() + return nil } type StartQueryInput struct { @@ -11803,19 +19563,19 @@ type StartQueryInput struct { // If you specify an ARN, the ARN can't end with an asterisk (*). // // A StartQuery operation must include exactly one of the following parameters: - // logGroupName, logGroupNames or logGroupIdentifiers. + // logGroupName, logGroupNames, or logGroupIdentifiers. LogGroupIdentifiers []*string `locationName:"logGroupIdentifiers" type:"list"` // The log group on which to perform the query. // // A StartQuery operation must include exactly one of the following parameters: - // logGroupName, logGroupNames or logGroupIdentifiers. + // logGroupName, logGroupNames, or logGroupIdentifiers. LogGroupName *string `locationName:"logGroupName" min:"1" type:"string"` // The list of log groups to be queried. You can include up to 50 log groups. // // A StartQuery operation must include exactly one of the following parameters: - // logGroupName, logGroupNames or logGroupIdentifiers. + // logGroupName, logGroupNames, or logGroupIdentifiers. LogGroupNames []*string `locationName:"logGroupNames" type:"list"` // The query string to use. For more information, see CloudWatch Logs Insights @@ -12097,21 +19857,64 @@ func (s *SubscriptionFilter) SetFilterName(v string) *SubscriptionFilter { return s } -// SetFilterPattern sets the FilterPattern field's value. -func (s *SubscriptionFilter) SetFilterPattern(v string) *SubscriptionFilter { - s.FilterPattern = &v - return s +// SetFilterPattern sets the FilterPattern field's value. +func (s *SubscriptionFilter) SetFilterPattern(v string) *SubscriptionFilter { + s.FilterPattern = &v + return s +} + +// SetLogGroupName sets the LogGroupName field's value. +func (s *SubscriptionFilter) SetLogGroupName(v string) *SubscriptionFilter { + s.LogGroupName = &v + return s +} + +// SetRoleArn sets the RoleArn field's value. +func (s *SubscriptionFilter) SetRoleArn(v string) *SubscriptionFilter { + s.RoleArn = &v + return s +} + +// If you are suppressing an anomaly temporariliy, this structure defines how +// long the suppression period is to be. +type SuppressionPeriod struct { + _ struct{} `type:"structure"` + + // Specifies whether the value of value is in seconds, minutes, or hours. + SuppressionUnit *string `locationName:"suppressionUnit" type:"string" enum:"SuppressionUnit"` + + // Specifies the number of seconds, minutes or hours to suppress this anomaly. + // There is no maximum. + Value *int64 `locationName:"value" type:"integer"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s SuppressionPeriod) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s SuppressionPeriod) GoString() string { + return s.String() } -// SetLogGroupName sets the LogGroupName field's value. -func (s *SubscriptionFilter) SetLogGroupName(v string) *SubscriptionFilter { - s.LogGroupName = &v +// SetSuppressionUnit sets the SuppressionUnit field's value. +func (s *SuppressionPeriod) SetSuppressionUnit(v string) *SuppressionPeriod { + s.SuppressionUnit = &v return s } -// SetRoleArn sets the RoleArn field's value. -func (s *SubscriptionFilter) SetRoleArn(v string) *SubscriptionFilter { - s.RoleArn = &v +// SetValue sets the Value field's value. +func (s *SuppressionPeriod) SetValue(v int64) *SuppressionPeriod { + s.Value = &v return s } @@ -12396,6 +20199,70 @@ func (s *TestMetricFilterOutput) SetMatches(v []*MetricFilterMatchRecord) *TestM return s } +// The request was throttled because of quota limits. +type ThrottlingException struct { + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` + + Message_ *string `locationName:"message" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ThrottlingException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ThrottlingException) GoString() string { + return s.String() +} + +func newErrorThrottlingException(v protocol.ResponseMetadata) error { + return &ThrottlingException{ + RespMetadata: v, + } +} + +// Code returns the exception type name. +func (s *ThrottlingException) Code() string { + return "ThrottlingException" +} + +// Message returns the exception's message. +func (s *ThrottlingException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s *ThrottlingException) OrigErr() error { + return nil +} + +func (s *ThrottlingException) Error() string { + return fmt.Sprintf("%s: %s", s.Code(), s.Message()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s *ThrottlingException) StatusCode() int { + return s.RespMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s *ThrottlingException) RequestID() string { + return s.RespMetadata.RequestID +} + // A resource can have no more than 50 tags. type TooManyTagsException struct { _ struct{} `type:"structure"` @@ -12528,19 +20395,213 @@ func (s *UnrecognizedClientException) RequestID() string { return s.RespMetadata.RequestID } -// Deprecated: Please use the generic tagging API model UntagResourceRequest -type UntagLogGroupInput struct { - _ struct{} `deprecated:"true" type:"structure"` +// Deprecated: Please use the generic tagging API model UntagResourceRequest +type UntagLogGroupInput struct { + _ struct{} `deprecated:"true" type:"structure"` + + // The name of the log group. + // + // LogGroupName is a required field + LogGroupName *string `locationName:"logGroupName" min:"1" type:"string" required:"true"` + + // The tag keys. The corresponding tags are removed from the log group. + // + // Tags is a required field + Tags []*string `locationName:"tags" min:"1" type:"list" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s UntagLogGroupInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s UntagLogGroupInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *UntagLogGroupInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "UntagLogGroupInput"} + if s.LogGroupName == nil { + invalidParams.Add(request.NewErrParamRequired("LogGroupName")) + } + if s.LogGroupName != nil && len(*s.LogGroupName) < 1 { + invalidParams.Add(request.NewErrParamMinLen("LogGroupName", 1)) + } + if s.Tags == nil { + invalidParams.Add(request.NewErrParamRequired("Tags")) + } + if s.Tags != nil && len(s.Tags) < 1 { + invalidParams.Add(request.NewErrParamMinLen("Tags", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetLogGroupName sets the LogGroupName field's value. +func (s *UntagLogGroupInput) SetLogGroupName(v string) *UntagLogGroupInput { + s.LogGroupName = &v + return s +} + +// SetTags sets the Tags field's value. +func (s *UntagLogGroupInput) SetTags(v []*string) *UntagLogGroupInput { + s.Tags = v + return s +} + +type UntagLogGroupOutput struct { + _ struct{} `type:"structure"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s UntagLogGroupOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s UntagLogGroupOutput) GoString() string { + return s.String() +} + +type UntagResourceInput struct { + _ struct{} `type:"structure"` + + // The ARN of the CloudWatch Logs resource that you're removing tags from. + // + // The ARN format of a log group is arn:aws:logs:Region:account-id:log-group:log-group-name + // + // The ARN format of a destination is arn:aws:logs:Region:account-id:destination:destination-name + // + // For more information about ARN format, see CloudWatch Logs resources and + // operations (https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/iam-access-control-overview-cwl.html). + // + // ResourceArn is a required field + ResourceArn *string `locationName:"resourceArn" min:"1" type:"string" required:"true"` + + // The list of tag keys to remove from the resource. + // + // TagKeys is a required field + TagKeys []*string `locationName:"tagKeys" type:"list" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s UntagResourceInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s UntagResourceInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *UntagResourceInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "UntagResourceInput"} + if s.ResourceArn == nil { + invalidParams.Add(request.NewErrParamRequired("ResourceArn")) + } + if s.ResourceArn != nil && len(*s.ResourceArn) < 1 { + invalidParams.Add(request.NewErrParamMinLen("ResourceArn", 1)) + } + if s.TagKeys == nil { + invalidParams.Add(request.NewErrParamRequired("TagKeys")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetResourceArn sets the ResourceArn field's value. +func (s *UntagResourceInput) SetResourceArn(v string) *UntagResourceInput { + s.ResourceArn = &v + return s +} + +// SetTagKeys sets the TagKeys field's value. +func (s *UntagResourceInput) SetTagKeys(v []*string) *UntagResourceInput { + s.TagKeys = v + return s +} + +type UntagResourceOutput struct { + _ struct{} `type:"structure"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s UntagResourceOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s UntagResourceOutput) GoString() string { + return s.String() +} + +type UpdateAnomalyInput struct { + _ struct{} `type:"structure"` - // The name of the log group. + // The ARN of the anomaly detector that this operation is to act on. // - // LogGroupName is a required field - LogGroupName *string `locationName:"logGroupName" min:"1" type:"string" required:"true"` + // AnomalyDetectorArn is a required field + AnomalyDetectorArn *string `locationName:"anomalyDetectorArn" min:"1" type:"string" required:"true"` - // The tag keys. The corresponding tags are removed from the log group. - // - // Tags is a required field - Tags []*string `locationName:"tags" min:"1" type:"list" required:"true"` + // If you are suppressing or unsuppressing an anomaly, specify its unique ID + // here. You can find anomaly IDs by using the ListAnomalies (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_ListAnomalies.html) + // operation. + AnomalyId *string `locationName:"anomalyId" min:"36" type:"string"` + + // If you are suppressing or unsuppressing an pattern, specify its unique ID + // here. You can find pattern IDs by using the ListAnomalies (https://docs.aws.amazon.com/AmazonCloudWatchLogs/latest/APIReference/API_ListAnomalies.html) + // operation. + PatternId *string `locationName:"patternId" min:"32" type:"string"` + + // If you are temporarily suppressing an anomaly or pattern, use this structure + // to specify how long the suppression is to last. + SuppressionPeriod *SuppressionPeriod `locationName:"suppressionPeriod" type:"structure"` + + // Use this to specify whether the suppression to be temporary or infinite. + // If you specify LIMITED, you must also specify a suppressionPeriod. If you + // specify INFINITE, any value for suppressionPeriod is ignored. + SuppressionType *string `locationName:"suppressionType" type:"string" enum:"SuppressionType"` } // String returns the string representation. @@ -12548,7 +20609,7 @@ type UntagLogGroupInput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s UntagLogGroupInput) String() string { +func (s UpdateAnomalyInput) String() string { return awsutil.Prettify(s) } @@ -12557,24 +20618,24 @@ func (s UntagLogGroupInput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s UntagLogGroupInput) GoString() string { +func (s UpdateAnomalyInput) GoString() string { return s.String() } // Validate inspects the fields of the type to determine if they are valid. -func (s *UntagLogGroupInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "UntagLogGroupInput"} - if s.LogGroupName == nil { - invalidParams.Add(request.NewErrParamRequired("LogGroupName")) +func (s *UpdateAnomalyInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "UpdateAnomalyInput"} + if s.AnomalyDetectorArn == nil { + invalidParams.Add(request.NewErrParamRequired("AnomalyDetectorArn")) } - if s.LogGroupName != nil && len(*s.LogGroupName) < 1 { - invalidParams.Add(request.NewErrParamMinLen("LogGroupName", 1)) + if s.AnomalyDetectorArn != nil && len(*s.AnomalyDetectorArn) < 1 { + invalidParams.Add(request.NewErrParamMinLen("AnomalyDetectorArn", 1)) } - if s.Tags == nil { - invalidParams.Add(request.NewErrParamRequired("Tags")) + if s.AnomalyId != nil && len(*s.AnomalyId) < 36 { + invalidParams.Add(request.NewErrParamMinLen("AnomalyId", 36)) } - if s.Tags != nil && len(s.Tags) < 1 { - invalidParams.Add(request.NewErrParamMinLen("Tags", 1)) + if s.PatternId != nil && len(*s.PatternId) < 32 { + invalidParams.Add(request.NewErrParamMinLen("PatternId", 32)) } if invalidParams.Len() > 0 { @@ -12583,19 +20644,37 @@ func (s *UntagLogGroupInput) Validate() error { return nil } -// SetLogGroupName sets the LogGroupName field's value. -func (s *UntagLogGroupInput) SetLogGroupName(v string) *UntagLogGroupInput { - s.LogGroupName = &v +// SetAnomalyDetectorArn sets the AnomalyDetectorArn field's value. +func (s *UpdateAnomalyInput) SetAnomalyDetectorArn(v string) *UpdateAnomalyInput { + s.AnomalyDetectorArn = &v return s } -// SetTags sets the Tags field's value. -func (s *UntagLogGroupInput) SetTags(v []*string) *UntagLogGroupInput { - s.Tags = v +// SetAnomalyId sets the AnomalyId field's value. +func (s *UpdateAnomalyInput) SetAnomalyId(v string) *UpdateAnomalyInput { + s.AnomalyId = &v return s } -type UntagLogGroupOutput struct { +// SetPatternId sets the PatternId field's value. +func (s *UpdateAnomalyInput) SetPatternId(v string) *UpdateAnomalyInput { + s.PatternId = &v + return s +} + +// SetSuppressionPeriod sets the SuppressionPeriod field's value. +func (s *UpdateAnomalyInput) SetSuppressionPeriod(v *SuppressionPeriod) *UpdateAnomalyInput { + s.SuppressionPeriod = v + return s +} + +// SetSuppressionType sets the SuppressionType field's value. +func (s *UpdateAnomalyInput) SetSuppressionType(v string) *UpdateAnomalyInput { + s.SuppressionType = &v + return s +} + +type UpdateAnomalyOutput struct { _ struct{} `type:"structure"` } @@ -12604,7 +20683,7 @@ type UntagLogGroupOutput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s UntagLogGroupOutput) String() string { +func (s UpdateAnomalyOutput) String() string { return awsutil.Prettify(s) } @@ -12613,29 +20692,41 @@ func (s UntagLogGroupOutput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s UntagLogGroupOutput) GoString() string { +func (s UpdateAnomalyOutput) GoString() string { return s.String() } -type UntagResourceInput struct { +type UpdateLogAnomalyDetectorInput struct { _ struct{} `type:"structure"` - // The ARN of the CloudWatch Logs resource that you're removing tags from. - // - // The ARN format of a log group is arn:aws:logs:Region:account-id:log-group:log-group-name + // The ARN of the anomaly detector that you want to update. // - // The ARN format of a destination is arn:aws:logs:Region:account-id:destination:destination-name - // - // For more information about ARN format, see CloudWatch Logs resources and - // operations (https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/iam-access-control-overview-cwl.html). - // - // ResourceArn is a required field - ResourceArn *string `locationName:"resourceArn" min:"1" type:"string" required:"true"` + // AnomalyDetectorArn is a required field + AnomalyDetectorArn *string `locationName:"anomalyDetectorArn" min:"1" type:"string" required:"true"` - // The list of tag keys to remove from the resource. + // The number of days to use as the life cycle of anomalies. After this time, + // anomalies are automatically baselined and the anomaly detector model will + // treat new occurrences of similar event as normal. Therefore, if you do not + // correct the cause of an anomaly during this time, it will be considered normal + // going forward and will not be detected. + AnomalyVisibilityTime *int64 `locationName:"anomalyVisibilityTime" min:"7" type:"long"` + + // Use this parameter to pause or restart the anomaly detector. // - // TagKeys is a required field - TagKeys []*string `locationName:"tagKeys" type:"list" required:"true"` + // Enabled is a required field + Enabled *bool `locationName:"enabled" type:"boolean" required:"true"` + + // Specifies how often the anomaly detector runs and look for anomalies. Set + // this value according to the frequency that the log group receives new logs. + // For example, if the log group receives new log events every 10 minutes, then + // setting evaluationFrequency to FIFTEEN_MIN might be appropriate. + EvaluationFrequency *string `locationName:"evaluationFrequency" type:"string" enum:"EvaluationFrequency"` + + // A symbolic description of how CloudWatch Logs should interpret the data in + // each log event. For example, a log event can contain timestamps, IP addresses, + // strings, and so on. You use the filter pattern to specify what to look for + // in the log event message. + FilterPattern *string `locationName:"filterPattern" type:"string"` } // String returns the string representation. @@ -12643,7 +20734,7 @@ type UntagResourceInput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s UntagResourceInput) String() string { +func (s UpdateLogAnomalyDetectorInput) String() string { return awsutil.Prettify(s) } @@ -12652,21 +20743,24 @@ func (s UntagResourceInput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s UntagResourceInput) GoString() string { +func (s UpdateLogAnomalyDetectorInput) GoString() string { return s.String() } // Validate inspects the fields of the type to determine if they are valid. -func (s *UntagResourceInput) Validate() error { - invalidParams := request.ErrInvalidParams{Context: "UntagResourceInput"} - if s.ResourceArn == nil { - invalidParams.Add(request.NewErrParamRequired("ResourceArn")) +func (s *UpdateLogAnomalyDetectorInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "UpdateLogAnomalyDetectorInput"} + if s.AnomalyDetectorArn == nil { + invalidParams.Add(request.NewErrParamRequired("AnomalyDetectorArn")) } - if s.ResourceArn != nil && len(*s.ResourceArn) < 1 { - invalidParams.Add(request.NewErrParamMinLen("ResourceArn", 1)) + if s.AnomalyDetectorArn != nil && len(*s.AnomalyDetectorArn) < 1 { + invalidParams.Add(request.NewErrParamMinLen("AnomalyDetectorArn", 1)) } - if s.TagKeys == nil { - invalidParams.Add(request.NewErrParamRequired("TagKeys")) + if s.AnomalyVisibilityTime != nil && *s.AnomalyVisibilityTime < 7 { + invalidParams.Add(request.NewErrParamMinValue("AnomalyVisibilityTime", 7)) + } + if s.Enabled == nil { + invalidParams.Add(request.NewErrParamRequired("Enabled")) } if invalidParams.Len() > 0 { @@ -12675,19 +20769,37 @@ func (s *UntagResourceInput) Validate() error { return nil } -// SetResourceArn sets the ResourceArn field's value. -func (s *UntagResourceInput) SetResourceArn(v string) *UntagResourceInput { - s.ResourceArn = &v +// SetAnomalyDetectorArn sets the AnomalyDetectorArn field's value. +func (s *UpdateLogAnomalyDetectorInput) SetAnomalyDetectorArn(v string) *UpdateLogAnomalyDetectorInput { + s.AnomalyDetectorArn = &v return s } -// SetTagKeys sets the TagKeys field's value. -func (s *UntagResourceInput) SetTagKeys(v []*string) *UntagResourceInput { - s.TagKeys = v +// SetAnomalyVisibilityTime sets the AnomalyVisibilityTime field's value. +func (s *UpdateLogAnomalyDetectorInput) SetAnomalyVisibilityTime(v int64) *UpdateLogAnomalyDetectorInput { + s.AnomalyVisibilityTime = &v return s } -type UntagResourceOutput struct { +// SetEnabled sets the Enabled field's value. +func (s *UpdateLogAnomalyDetectorInput) SetEnabled(v bool) *UpdateLogAnomalyDetectorInput { + s.Enabled = &v + return s +} + +// SetEvaluationFrequency sets the EvaluationFrequency field's value. +func (s *UpdateLogAnomalyDetectorInput) SetEvaluationFrequency(v string) *UpdateLogAnomalyDetectorInput { + s.EvaluationFrequency = &v + return s +} + +// SetFilterPattern sets the FilterPattern field's value. +func (s *UpdateLogAnomalyDetectorInput) SetFilterPattern(v string) *UpdateLogAnomalyDetectorInput { + s.FilterPattern = &v + return s +} + +type UpdateLogAnomalyDetectorOutput struct { _ struct{} `type:"structure"` } @@ -12696,7 +20808,7 @@ type UntagResourceOutput struct { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s UntagResourceOutput) String() string { +func (s UpdateLogAnomalyDetectorOutput) String() string { return awsutil.Prettify(s) } @@ -12705,10 +20817,106 @@ func (s UntagResourceOutput) String() string { // API parameter values that are decorated as "sensitive" in the API will not // be included in the string output. The member name will be present, but the // value will be replaced with "sensitive". -func (s UntagResourceOutput) GoString() string { +func (s UpdateLogAnomalyDetectorOutput) GoString() string { + return s.String() +} + +// One of the parameters for the request is not valid. +type ValidationException struct { + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` + + Message_ *string `locationName:"message" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ValidationException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ValidationException) GoString() string { return s.String() } +func newErrorValidationException(v protocol.ResponseMetadata) error { + return &ValidationException{ + RespMetadata: v, + } +} + +// Code returns the exception type name. +func (s *ValidationException) Code() string { + return "ValidationException" +} + +// Message returns the exception's message. +func (s *ValidationException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s *ValidationException) OrigErr() error { + return nil +} + +func (s *ValidationException) Error() string { + return fmt.Sprintf("%s: %s", s.Code(), s.Message()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s *ValidationException) StatusCode() int { + return s.RespMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s *ValidationException) RequestID() string { + return s.RespMetadata.RequestID +} + +const ( + // AnomalyDetectorStatusInitializing is a AnomalyDetectorStatus enum value + AnomalyDetectorStatusInitializing = "INITIALIZING" + + // AnomalyDetectorStatusTraining is a AnomalyDetectorStatus enum value + AnomalyDetectorStatusTraining = "TRAINING" + + // AnomalyDetectorStatusAnalyzing is a AnomalyDetectorStatus enum value + AnomalyDetectorStatusAnalyzing = "ANALYZING" + + // AnomalyDetectorStatusFailed is a AnomalyDetectorStatus enum value + AnomalyDetectorStatusFailed = "FAILED" + + // AnomalyDetectorStatusDeleted is a AnomalyDetectorStatus enum value + AnomalyDetectorStatusDeleted = "DELETED" + + // AnomalyDetectorStatusPaused is a AnomalyDetectorStatus enum value + AnomalyDetectorStatusPaused = "PAUSED" +) + +// AnomalyDetectorStatus_Values returns all elements of the AnomalyDetectorStatus enum +func AnomalyDetectorStatus_Values() []string { + return []string{ + AnomalyDetectorStatusInitializing, + AnomalyDetectorStatusTraining, + AnomalyDetectorStatusAnalyzing, + AnomalyDetectorStatusFailed, + AnomalyDetectorStatusDeleted, + AnomalyDetectorStatusPaused, + } +} + const ( // DataProtectionStatusActivated is a DataProtectionStatus enum value DataProtectionStatusActivated = "ACTIVATED" @@ -12733,6 +20941,26 @@ func DataProtectionStatus_Values() []string { } } +const ( + // DeliveryDestinationTypeS3 is a DeliveryDestinationType enum value + DeliveryDestinationTypeS3 = "S3" + + // DeliveryDestinationTypeCwl is a DeliveryDestinationType enum value + DeliveryDestinationTypeCwl = "CWL" + + // DeliveryDestinationTypeFh is a DeliveryDestinationType enum value + DeliveryDestinationTypeFh = "FH" +) + +// DeliveryDestinationType_Values returns all elements of the DeliveryDestinationType enum +func DeliveryDestinationType_Values() []string { + return []string{ + DeliveryDestinationTypeS3, + DeliveryDestinationTypeCwl, + DeliveryDestinationTypeFh, + } +} + // The method used to distribute log data to the destination, which can be either // random or grouped by log stream. const ( @@ -12751,6 +20979,38 @@ func Distribution_Values() []string { } } +const ( + // EvaluationFrequencyOneMin is a EvaluationFrequency enum value + EvaluationFrequencyOneMin = "ONE_MIN" + + // EvaluationFrequencyFiveMin is a EvaluationFrequency enum value + EvaluationFrequencyFiveMin = "FIVE_MIN" + + // EvaluationFrequencyTenMin is a EvaluationFrequency enum value + EvaluationFrequencyTenMin = "TEN_MIN" + + // EvaluationFrequencyFifteenMin is a EvaluationFrequency enum value + EvaluationFrequencyFifteenMin = "FIFTEEN_MIN" + + // EvaluationFrequencyThirtyMin is a EvaluationFrequency enum value + EvaluationFrequencyThirtyMin = "THIRTY_MIN" + + // EvaluationFrequencyOneHour is a EvaluationFrequency enum value + EvaluationFrequencyOneHour = "ONE_HOUR" +) + +// EvaluationFrequency_Values returns all elements of the EvaluationFrequency enum +func EvaluationFrequency_Values() []string { + return []string{ + EvaluationFrequencyOneMin, + EvaluationFrequencyFiveMin, + EvaluationFrequencyTenMin, + EvaluationFrequencyFifteenMin, + EvaluationFrequencyThirtyMin, + EvaluationFrequencyOneHour, + } +} + const ( // ExportTaskStatusCodeCancelled is a ExportTaskStatusCode enum value ExportTaskStatusCodeCancelled = "CANCELLED" @@ -12783,6 +21043,34 @@ func ExportTaskStatusCode_Values() []string { } } +const ( + // InheritedPropertyAccountDataProtection is a InheritedProperty enum value + InheritedPropertyAccountDataProtection = "ACCOUNT_DATA_PROTECTION" +) + +// InheritedProperty_Values returns all elements of the InheritedProperty enum +func InheritedProperty_Values() []string { + return []string{ + InheritedPropertyAccountDataProtection, + } +} + +const ( + // LogGroupClassStandard is a LogGroupClass enum value + LogGroupClassStandard = "STANDARD" + + // LogGroupClassInfrequentAccess is a LogGroupClass enum value + LogGroupClassInfrequentAccess = "INFREQUENT_ACCESS" +) + +// LogGroupClass_Values returns all elements of the LogGroupClass enum +func LogGroupClass_Values() []string { + return []string{ + LogGroupClassStandard, + LogGroupClassInfrequentAccess, + } +} + const ( // OrderByLogStreamName is a OrderBy enum value OrderByLogStreamName = "LogStreamName" @@ -12799,6 +21087,50 @@ func OrderBy_Values() []string { } } +const ( + // OutputFormatJson is a OutputFormat enum value + OutputFormatJson = "json" + + // OutputFormatPlain is a OutputFormat enum value + OutputFormatPlain = "plain" + + // OutputFormatW3c is a OutputFormat enum value + OutputFormatW3c = "w3c" + + // OutputFormatRaw is a OutputFormat enum value + OutputFormatRaw = "raw" + + // OutputFormatParquet is a OutputFormat enum value + OutputFormatParquet = "parquet" +) + +// OutputFormat_Values returns all elements of the OutputFormat enum +func OutputFormat_Values() []string { + return []string{ + OutputFormatJson, + OutputFormatPlain, + OutputFormatW3c, + OutputFormatRaw, + OutputFormatParquet, + } +} + +const ( + // PolicyTypeDataProtectionPolicy is a PolicyType enum value + PolicyTypeDataProtectionPolicy = "DATA_PROTECTION_POLICY" + + // PolicyTypeSubscriptionFilterPolicy is a PolicyType enum value + PolicyTypeSubscriptionFilterPolicy = "SUBSCRIPTION_FILTER_POLICY" +) + +// PolicyType_Values returns all elements of the PolicyType enum +func PolicyType_Values() []string { + return []string{ + PolicyTypeDataProtectionPolicy, + PolicyTypeSubscriptionFilterPolicy, + } +} + const ( // QueryStatusScheduled is a QueryStatus enum value QueryStatusScheduled = "Scheduled" @@ -12835,6 +21167,18 @@ func QueryStatus_Values() []string { } } +const ( + // ScopeAll is a Scope enum value + ScopeAll = "ALL" +) + +// Scope_Values returns all elements of the Scope enum +func Scope_Values() []string { + return []string{ + ScopeAll, + } +} + const ( // StandardUnitSeconds is a StandardUnit enum value StandardUnitSeconds = "Seconds" @@ -12950,3 +21294,75 @@ func StandardUnit_Values() []string { StandardUnitNone, } } + +const ( + // StateActive is a State enum value + StateActive = "Active" + + // StateSuppressed is a State enum value + StateSuppressed = "Suppressed" + + // StateBaseline is a State enum value + StateBaseline = "Baseline" +) + +// State_Values returns all elements of the State enum +func State_Values() []string { + return []string{ + StateActive, + StateSuppressed, + StateBaseline, + } +} + +const ( + // SuppressionStateSuppressed is a SuppressionState enum value + SuppressionStateSuppressed = "SUPPRESSED" + + // SuppressionStateUnsuppressed is a SuppressionState enum value + SuppressionStateUnsuppressed = "UNSUPPRESSED" +) + +// SuppressionState_Values returns all elements of the SuppressionState enum +func SuppressionState_Values() []string { + return []string{ + SuppressionStateSuppressed, + SuppressionStateUnsuppressed, + } +} + +const ( + // SuppressionTypeLimited is a SuppressionType enum value + SuppressionTypeLimited = "LIMITED" + + // SuppressionTypeInfinite is a SuppressionType enum value + SuppressionTypeInfinite = "INFINITE" +) + +// SuppressionType_Values returns all elements of the SuppressionType enum +func SuppressionType_Values() []string { + return []string{ + SuppressionTypeLimited, + SuppressionTypeInfinite, + } +} + +const ( + // SuppressionUnitSeconds is a SuppressionUnit enum value + SuppressionUnitSeconds = "SECONDS" + + // SuppressionUnitMinutes is a SuppressionUnit enum value + SuppressionUnitMinutes = "MINUTES" + + // SuppressionUnitHours is a SuppressionUnit enum value + SuppressionUnitHours = "HOURS" +) + +// SuppressionUnit_Values returns all elements of the SuppressionUnit enum +func SuppressionUnit_Values() []string { + return []string{ + SuppressionUnitSeconds, + SuppressionUnitMinutes, + SuppressionUnitHours, + } +} diff --git a/agent/vendor/github.com/aws/aws-sdk-go/service/cloudwatchlogs/errors.go b/agent/vendor/github.com/aws/aws-sdk-go/service/cloudwatchlogs/errors.go index 0f1f1c866e5..4c4ff1b5517 100644 --- a/agent/vendor/github.com/aws/aws-sdk-go/service/cloudwatchlogs/errors.go +++ b/agent/vendor/github.com/aws/aws-sdk-go/service/cloudwatchlogs/errors.go @@ -8,6 +8,18 @@ import ( const ( + // ErrCodeAccessDeniedException for service response error code + // "AccessDeniedException". + // + // You don't have sufficient permissions to perform this action. + ErrCodeAccessDeniedException = "AccessDeniedException" + + // ErrCodeConflictException for service response error code + // "ConflictException". + // + // This operation attempted to create a resource that already exists. + ErrCodeConflictException = "ConflictException" + // ErrCodeDataAlreadyAcceptedException for service response error code // "DataAlreadyAcceptedException". // @@ -73,12 +85,37 @@ const ( // The specified resource does not exist. ErrCodeResourceNotFoundException = "ResourceNotFoundException" + // ErrCodeServiceQuotaExceededException for service response error code + // "ServiceQuotaExceededException". + // + // This request exceeds a service quota. + ErrCodeServiceQuotaExceededException = "ServiceQuotaExceededException" + // ErrCodeServiceUnavailableException for service response error code // "ServiceUnavailableException". // // The service cannot complete the request. ErrCodeServiceUnavailableException = "ServiceUnavailableException" + // ErrCodeSessionStreamingException for service response error code + // "SessionStreamingException". + // + // his exception is returned if an unknown error occurs during a Live Tail session. + ErrCodeSessionStreamingException = "SessionStreamingException" + + // ErrCodeSessionTimeoutException for service response error code + // "SessionTimeoutException". + // + // This exception is returned in a Live Tail stream when the Live Tail session + // times out. Live Tail sessions time out after three hours. + ErrCodeSessionTimeoutException = "SessionTimeoutException" + + // ErrCodeThrottlingException for service response error code + // "ThrottlingException". + // + // The request was throttled because of quota limits. + ErrCodeThrottlingException = "ThrottlingException" + // ErrCodeTooManyTagsException for service response error code // "TooManyTagsException". // @@ -91,9 +128,17 @@ const ( // The most likely cause is an Amazon Web Services access key ID or secret key // that's not valid. ErrCodeUnrecognizedClientException = "UnrecognizedClientException" + + // ErrCodeValidationException for service response error code + // "ValidationException". + // + // One of the parameters for the request is not valid. + ErrCodeValidationException = "ValidationException" ) var exceptionFromCode = map[string]func(protocol.ResponseMetadata) error{ + "AccessDeniedException": newErrorAccessDeniedException, + "ConflictException": newErrorConflictException, "DataAlreadyAcceptedException": newErrorDataAlreadyAcceptedException, "InvalidOperationException": newErrorInvalidOperationException, "InvalidParameterException": newErrorInvalidParameterException, @@ -103,7 +148,12 @@ var exceptionFromCode = map[string]func(protocol.ResponseMetadata) error{ "OperationAbortedException": newErrorOperationAbortedException, "ResourceAlreadyExistsException": newErrorResourceAlreadyExistsException, "ResourceNotFoundException": newErrorResourceNotFoundException, + "ServiceQuotaExceededException": newErrorServiceQuotaExceededException, "ServiceUnavailableException": newErrorServiceUnavailableException, + "SessionStreamingException": newErrorSessionStreamingException, + "SessionTimeoutException": newErrorSessionTimeoutException, + "ThrottlingException": newErrorThrottlingException, "TooManyTagsException": newErrorTooManyTagsException, "UnrecognizedClientException": newErrorUnrecognizedClientException, + "ValidationException": newErrorValidationException, } diff --git a/agent/vendor/github.com/aws/aws-sdk-go/service/cloudwatchlogs/service.go b/agent/vendor/github.com/aws/aws-sdk-go/service/cloudwatchlogs/service.go index fe5dd28c263..d6d00aeb49c 100644 --- a/agent/vendor/github.com/aws/aws-sdk-go/service/cloudwatchlogs/service.go +++ b/agent/vendor/github.com/aws/aws-sdk-go/service/cloudwatchlogs/service.go @@ -87,6 +87,9 @@ func newClient(cfg aws.Config, handlers request.Handlers, partitionID, endpoint, protocol.NewUnmarshalErrorHandler(jsonrpc.NewUnmarshalTypedError(exceptionFromCode)).NamedHandler(), ) + svc.Handlers.BuildStream.PushBackNamed(jsonrpc.BuildHandler) + svc.Handlers.UnmarshalStream.PushBackNamed(jsonrpc.UnmarshalHandler) + // Run custom client initialization if present if initClient != nil { initClient(svc.Client) diff --git a/agent/vendor/github.com/aws/aws-sdk-go/service/ec2/api.go b/agent/vendor/github.com/aws/aws-sdk-go/service/ec2/api.go index ec806017bab..dd8b128ffbd 100644 --- a/agent/vendor/github.com/aws/aws-sdk-go/service/ec2/api.go +++ b/agent/vendor/github.com/aws/aws-sdk-go/service/ec2/api.go @@ -429,8 +429,7 @@ func (c *EC2) AcceptVpcEndpointConnectionsRequest(input *AcceptVpcEndpointConnec // AcceptVpcEndpointConnections API operation for Amazon Elastic Compute Cloud. // -// Accepts one or more interface VPC endpoint connection requests to your VPC -// endpoint service. +// Accepts connection requests to your VPC endpoint service. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -684,15 +683,10 @@ func (c *EC2) AllocateAddressRequest(input *AllocateAddressInput) (req *request. // see Bring Your Own IP Addresses (BYOIP) (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-byoip.html) // in the Amazon Elastic Compute Cloud User Guide. // -// [EC2-VPC] If you release an Elastic IP address, you might be able to recover -// it. You cannot recover an Elastic IP address that you released after it is -// allocated to another Amazon Web Services account. You cannot recover an Elastic -// IP address for EC2-Classic. To attempt to recover an Elastic IP address that -// you released, specify it in this operation. -// -// An Elastic IP address is for use either in the EC2-Classic platform or in -// a VPC. By default, you can allocate 5 Elastic IP addresses for EC2-Classic -// per Region and 5 Elastic IP addresses for EC2-VPC per Region. +// If you release an Elastic IP address, you might be able to recover it. You +// cannot recover an Elastic IP address that you released after it is allocated +// to another Amazon Web Services account. To attempt to recover an Elastic +// IP address that you released, specify it in this operation. // // For more information, see Elastic IP Addresses (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/elastic-ip-addresses-eip.html) // in the Amazon Elastic Compute Cloud User Guide. @@ -701,10 +695,6 @@ func (c *EC2) AllocateAddressRequest(input *AllocateAddressInput) (req *request. // telecommunication carrier, to a network interface which resides in a subnet // in a Wavelength Zone (for example an EC2 instance). // -// We are retiring EC2-Classic. We recommend that you migrate from EC2-Classic -// to a VPC. For more information, see Migrate from EC2-Classic to a VPC (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-migrate.html) -// in the Amazon Elastic Compute Cloud User Guide. -// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -851,11 +841,17 @@ func (c *EC2) AllocateIpamPoolCidrRequest(input *AllocateIpamPoolCidrInput) (req // AllocateIpamPoolCidr API operation for Amazon Elastic Compute Cloud. // -// Allocate a CIDR from an IPAM pool. In IPAM, an allocation is a CIDR assignment -// from an IPAM pool to another resource or IPAM pool. For more information, -// see Allocate CIDRs (https://docs.aws.amazon.com/vpc/latest/ipam/allocate-cidrs-ipam.html) +// Allocate a CIDR from an IPAM pool. The Region you use should be the IPAM +// pool locale. The locale is the Amazon Web Services Region where this IPAM +// pool is available for allocations. +// +// In IPAM, an allocation is a CIDR assignment from an IPAM pool to another +// IPAM pool or to a resource. For more information, see Allocate CIDRs (https://docs.aws.amazon.com/vpc/latest/ipam/allocate-cidrs-ipam.html) // in the Amazon VPC IPAM User Guide. // +// This action creates an allocation with strong consistency. The returned CIDR +// will not overlap with any other allocations from the same pool. +// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -1146,6 +1142,81 @@ func (c *EC2) AssignPrivateIpAddressesWithContext(ctx aws.Context, input *Assign return out, req.Send() } +const opAssignPrivateNatGatewayAddress = "AssignPrivateNatGatewayAddress" + +// AssignPrivateNatGatewayAddressRequest generates a "aws/request.Request" representing the +// client's request for the AssignPrivateNatGatewayAddress operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See AssignPrivateNatGatewayAddress for more information on using the AssignPrivateNatGatewayAddress +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the AssignPrivateNatGatewayAddressRequest method. +// req, resp := client.AssignPrivateNatGatewayAddressRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/AssignPrivateNatGatewayAddress +func (c *EC2) AssignPrivateNatGatewayAddressRequest(input *AssignPrivateNatGatewayAddressInput) (req *request.Request, output *AssignPrivateNatGatewayAddressOutput) { + op := &request.Operation{ + Name: opAssignPrivateNatGatewayAddress, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &AssignPrivateNatGatewayAddressInput{} + } + + output = &AssignPrivateNatGatewayAddressOutput{} + req = c.newRequest(op, input, output) + return +} + +// AssignPrivateNatGatewayAddress API operation for Amazon Elastic Compute Cloud. +// +// Assigns one or more private IPv4 addresses to a private NAT gateway. For +// more information, see Work with NAT gateways (https://docs.aws.amazon.com/vpc/latest/userguide/vpc-nat-gateway.html#nat-gateway-working-with) +// in the Amazon VPC User Guide. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation AssignPrivateNatGatewayAddress for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/AssignPrivateNatGatewayAddress +func (c *EC2) AssignPrivateNatGatewayAddress(input *AssignPrivateNatGatewayAddressInput) (*AssignPrivateNatGatewayAddressOutput, error) { + req, out := c.AssignPrivateNatGatewayAddressRequest(input) + return out, req.Send() +} + +// AssignPrivateNatGatewayAddressWithContext is the same as AssignPrivateNatGatewayAddress with the addition of +// the ability to pass a context and additional request options. +// +// See AssignPrivateNatGatewayAddress for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) AssignPrivateNatGatewayAddressWithContext(ctx aws.Context, input *AssignPrivateNatGatewayAddressInput, opts ...request.Option) (*AssignPrivateNatGatewayAddressOutput, error) { + req, out := c.AssignPrivateNatGatewayAddressRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opAssociateAddress = "AssociateAddress" // AssociateAddressRequest generates a "aws/request.Request" representing the @@ -1193,23 +1264,11 @@ func (c *EC2) AssociateAddressRequest(input *AssociateAddressInput) (req *reques // are in subnets in Wavelength Zones) with an instance or a network interface. // Before you can use an Elastic IP address, you must allocate it to your account. // -// An Elastic IP address is for use in either the EC2-Classic platform or in -// a VPC. For more information, see Elastic IP Addresses (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/elastic-ip-addresses-eip.html) -// in the Amazon Elastic Compute Cloud User Guide. -// -// [EC2-Classic, VPC in an EC2-VPC-only account] If the Elastic IP address is -// already associated with a different instance, it is disassociated from that -// instance and associated with the specified instance. If you associate an -// Elastic IP address with an instance that has an existing Elastic IP address, -// the existing address is disassociated from the instance, but remains allocated -// to your account. -// -// [VPC in an EC2-Classic account] If you don't specify a private IP address, -// the Elastic IP address is associated with the primary IP address. If the -// Elastic IP address is already associated with a different instance or a network -// interface, you get an error unless you allow reassociation. You cannot associate -// an Elastic IP address with an instance or network interface that has an existing -// Elastic IP address. +// If the Elastic IP address is already associated with a different instance, +// it is disassociated from that instance and associated with the specified +// instance. If you associate an Elastic IP address with an instance that has +// an existing Elastic IP address, the existing address is disassociated from +// the instance, but remains allocated to your account. // // [Subnets in Wavelength Zones] You can associate an IP address from the telecommunication // carrier to the instance or network interface. @@ -1222,10 +1281,6 @@ func (c *EC2) AssociateAddressRequest(input *AssociateAddressInput) (req *reques // the Elastic IP address is remapped to the same instance. For more information, // see the Elastic IP Addresses section of Amazon EC2 Pricing (http://aws.amazon.com/ec2/pricing/). // -// We are retiring EC2-Classic. We recommend that you migrate from EC2-Classic -// to a VPC. For more information, see Migrate from EC2-Classic to a VPC (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-migrate.html) -// in the Amazon Elastic Compute Cloud User Guide. -// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -1392,7 +1447,7 @@ func (c *EC2) AssociateDhcpOptionsRequest(input *AssociateDhcpOptionsInput) (req // on the instance. // // For more information, see DHCP options sets (https://docs.aws.amazon.com/vpc/latest/userguide/VPC_DHCP_Options.html) -// in the Amazon Virtual Private Cloud User Guide. +// in the Amazon VPC User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -1665,6 +1720,251 @@ func (c *EC2) AssociateInstanceEventWindowWithContext(ctx aws.Context, input *As return out, req.Send() } +const opAssociateIpamByoasn = "AssociateIpamByoasn" + +// AssociateIpamByoasnRequest generates a "aws/request.Request" representing the +// client's request for the AssociateIpamByoasn operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See AssociateIpamByoasn for more information on using the AssociateIpamByoasn +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the AssociateIpamByoasnRequest method. +// req, resp := client.AssociateIpamByoasnRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/AssociateIpamByoasn +func (c *EC2) AssociateIpamByoasnRequest(input *AssociateIpamByoasnInput) (req *request.Request, output *AssociateIpamByoasnOutput) { + op := &request.Operation{ + Name: opAssociateIpamByoasn, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &AssociateIpamByoasnInput{} + } + + output = &AssociateIpamByoasnOutput{} + req = c.newRequest(op, input, output) + return +} + +// AssociateIpamByoasn API operation for Amazon Elastic Compute Cloud. +// +// Associates your Autonomous System Number (ASN) with a BYOIP CIDR that you +// own in the same Amazon Web Services Region. For more information, see Tutorial: +// Bring your ASN to IPAM (https://docs.aws.amazon.com/vpc/latest/ipam/tutorials-byoasn.html) +// in the Amazon VPC IPAM guide. +// +// After the association succeeds, the ASN is eligible for advertisement. You +// can view the association with DescribeByoipCidrs (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeByoipCidrs.html). +// You can advertise the CIDR with AdvertiseByoipCidr (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_AdvertiseByoipCidr.html). +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation AssociateIpamByoasn for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/AssociateIpamByoasn +func (c *EC2) AssociateIpamByoasn(input *AssociateIpamByoasnInput) (*AssociateIpamByoasnOutput, error) { + req, out := c.AssociateIpamByoasnRequest(input) + return out, req.Send() +} + +// AssociateIpamByoasnWithContext is the same as AssociateIpamByoasn with the addition of +// the ability to pass a context and additional request options. +// +// See AssociateIpamByoasn for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) AssociateIpamByoasnWithContext(ctx aws.Context, input *AssociateIpamByoasnInput, opts ...request.Option) (*AssociateIpamByoasnOutput, error) { + req, out := c.AssociateIpamByoasnRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opAssociateIpamResourceDiscovery = "AssociateIpamResourceDiscovery" + +// AssociateIpamResourceDiscoveryRequest generates a "aws/request.Request" representing the +// client's request for the AssociateIpamResourceDiscovery operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See AssociateIpamResourceDiscovery for more information on using the AssociateIpamResourceDiscovery +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the AssociateIpamResourceDiscoveryRequest method. +// req, resp := client.AssociateIpamResourceDiscoveryRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/AssociateIpamResourceDiscovery +func (c *EC2) AssociateIpamResourceDiscoveryRequest(input *AssociateIpamResourceDiscoveryInput) (req *request.Request, output *AssociateIpamResourceDiscoveryOutput) { + op := &request.Operation{ + Name: opAssociateIpamResourceDiscovery, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &AssociateIpamResourceDiscoveryInput{} + } + + output = &AssociateIpamResourceDiscoveryOutput{} + req = c.newRequest(op, input, output) + return +} + +// AssociateIpamResourceDiscovery API operation for Amazon Elastic Compute Cloud. +// +// Associates an IPAM resource discovery with an Amazon VPC IPAM. A resource +// discovery is an IPAM component that enables IPAM to manage and monitor resources +// that belong to the owning account. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation AssociateIpamResourceDiscovery for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/AssociateIpamResourceDiscovery +func (c *EC2) AssociateIpamResourceDiscovery(input *AssociateIpamResourceDiscoveryInput) (*AssociateIpamResourceDiscoveryOutput, error) { + req, out := c.AssociateIpamResourceDiscoveryRequest(input) + return out, req.Send() +} + +// AssociateIpamResourceDiscoveryWithContext is the same as AssociateIpamResourceDiscovery with the addition of +// the ability to pass a context and additional request options. +// +// See AssociateIpamResourceDiscovery for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) AssociateIpamResourceDiscoveryWithContext(ctx aws.Context, input *AssociateIpamResourceDiscoveryInput, opts ...request.Option) (*AssociateIpamResourceDiscoveryOutput, error) { + req, out := c.AssociateIpamResourceDiscoveryRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opAssociateNatGatewayAddress = "AssociateNatGatewayAddress" + +// AssociateNatGatewayAddressRequest generates a "aws/request.Request" representing the +// client's request for the AssociateNatGatewayAddress operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See AssociateNatGatewayAddress for more information on using the AssociateNatGatewayAddress +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the AssociateNatGatewayAddressRequest method. +// req, resp := client.AssociateNatGatewayAddressRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/AssociateNatGatewayAddress +func (c *EC2) AssociateNatGatewayAddressRequest(input *AssociateNatGatewayAddressInput) (req *request.Request, output *AssociateNatGatewayAddressOutput) { + op := &request.Operation{ + Name: opAssociateNatGatewayAddress, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &AssociateNatGatewayAddressInput{} + } + + output = &AssociateNatGatewayAddressOutput{} + req = c.newRequest(op, input, output) + return +} + +// AssociateNatGatewayAddress API operation for Amazon Elastic Compute Cloud. +// +// Associates Elastic IP addresses (EIPs) and private IPv4 addresses with a +// public NAT gateway. For more information, see Work with NAT gateways (https://docs.aws.amazon.com/vpc/latest/userguide/vpc-nat-gateway.html#nat-gateway-working-with) +// in the Amazon VPC User Guide. +// +// By default, you can associate up to 2 Elastic IP addresses per public NAT +// gateway. You can increase the limit by requesting a quota adjustment. For +// more information, see Elastic IP address quotas (https://docs.aws.amazon.com/vpc/latest/userguide/amazon-vpc-limits.html#vpc-limits-eips) +// in the Amazon VPC User Guide. +// +// When you associate an EIP or secondary EIPs with a public NAT gateway, the +// network border group of the EIPs must match the network border group of the +// Availability Zone (AZ) that the public NAT gateway is in. If it's not the +// same, the EIP will fail to associate. You can see the network border group +// for the subnet's AZ by viewing the details of the subnet. Similarly, you +// can view the network border group of an EIP by viewing the details of the +// EIP address. For more information about network border groups and EIPs, see +// Allocate an Elastic IP address (https://docs.aws.amazon.com/vpc/latest/userguide/vpc-eips.html#allocate-eip) +// in the Amazon VPC User Guide. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation AssociateNatGatewayAddress for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/AssociateNatGatewayAddress +func (c *EC2) AssociateNatGatewayAddress(input *AssociateNatGatewayAddressInput) (*AssociateNatGatewayAddressOutput, error) { + req, out := c.AssociateNatGatewayAddressRequest(input) + return out, req.Send() +} + +// AssociateNatGatewayAddressWithContext is the same as AssociateNatGatewayAddress with the addition of +// the ability to pass a context and additional request options. +// +// See AssociateNatGatewayAddress for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) AssociateNatGatewayAddressWithContext(ctx aws.Context, input *AssociateNatGatewayAddressInput, opts ...request.Option) (*AssociateNatGatewayAddressOutput, error) { + req, out := c.AssociateNatGatewayAddressRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opAssociateRouteTable = "AssociateRouteTable" // AssociateRouteTableRequest generates a "aws/request.Request" representing the @@ -1716,7 +2016,7 @@ func (c *EC2) AssociateRouteTableRequest(input *AssociateRouteTableInput) (req * // with multiple subnets. // // For more information, see Route tables (https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Route_Tables.html) -// in the Amazon Virtual Private Cloud User Guide. +// in the Amazon VPC User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -1790,8 +2090,7 @@ func (c *EC2) AssociateSubnetCidrBlockRequest(input *AssociateSubnetCidrBlockInp // AssociateSubnetCidrBlock API operation for Amazon Elastic Compute Cloud. // // Associates a CIDR block with your subnet. You can only associate a single -// IPv6 CIDR block with your subnet. An IPv6 CIDR block must have a prefix length -// of /64. +// IPv6 CIDR block with your subnet. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -2090,9 +2389,6 @@ func (c *EC2) AssociateTrunkInterfaceRequest(input *AssociateTrunkInterfaceInput // AssociateTrunkInterface API operation for Amazon Elastic Compute Cloud. // -// This API action is currently in limited preview only. If you are interested -// in using this feature, contact your account manager. -// // Associates a branch network interface with a trunk network interface. // // Before you create the association, run the create-network-interface (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateNetworkInterface.html) @@ -2175,14 +2471,13 @@ func (c *EC2) AssociateVpcCidrBlockRequest(input *AssociateVpcCidrBlockInput) (r // CIDR block, an Amazon-provided IPv6 CIDR block, or an IPv6 CIDR block from // an IPv6 address pool that you provisioned through bring your own IP addresses // (BYOIP (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-byoip.html)). -// The IPv6 CIDR block size is fixed at /56. // // You must specify one of the following in the request: an IPv4 CIDR block, // an IPv6 pool, or an Amazon-provided IPv6 CIDR block. // // For more information about associating CIDR blocks with your VPC and applicable -// restrictions, see VPC and subnet sizing (https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Subnets.html#VPC_Sizing) -// in the Amazon Virtual Private Cloud User Guide. +// restrictions, see IP addressing for your VPCs and subnets (https://docs.aws.amazon.com/vpc/latest/userguide/vpc-ip-addressing.html) +// in the Amazon VPC User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -2255,12 +2550,10 @@ func (c *EC2) AttachClassicLinkVpcRequest(input *AttachClassicLinkVpcInput) (req // AttachClassicLinkVpc API operation for Amazon Elastic Compute Cloud. // -// We are retiring EC2-Classic. We recommend that you migrate from EC2-Classic -// to a VPC. For more information, see Migrate from EC2-Classic to a VPC (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-migrate.html) -// in the Amazon Elastic Compute Cloud User Guide. +// This action is deprecated. // // Links an EC2-Classic instance to a ClassicLink-enabled VPC through one or -// more of the VPC's security groups. You cannot link an EC2-Classic instance +// more of the VPC security groups. You cannot link an EC2-Classic instance // to more than one VPC at a time. You can only link an instance that's in the // running state. An instance is automatically unlinked from a VPC when it's // stopped - you can link it to the VPC again when you restart it. @@ -2345,9 +2638,9 @@ func (c *EC2) AttachInternetGatewayRequest(input *AttachInternetGatewayInput) (r // AttachInternetGateway API operation for Amazon Elastic Compute Cloud. // // Attaches an internet gateway or a virtual private gateway to a VPC, enabling -// connectivity between the internet and the VPC. For more information about -// your VPC and internet gateway, see the Amazon Virtual Private Cloud User -// Guide (https://docs.aws.amazon.com/vpc/latest/userguide/). +// connectivity between the internet and the VPC. For more information, see +// Internet gateways (https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Internet_Gateway.html) +// in the Amazon VPC User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -2493,9 +2786,8 @@ func (c *EC2) AttachVerifiedAccessTrustProviderRequest(input *AttachVerifiedAcce // AttachVerifiedAccessTrustProvider API operation for Amazon Elastic Compute Cloud. // -// A trust provider is a third-party entity that creates, maintains, and manages -// identity information for users and devices. One or more trust providers can -// be attached to an Amazon Web Services Verified Access instance. +// Attaches the specified Amazon Web Services Verified Access trust provider +// to the specified Amazon Web Services Verified Access instance. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -2572,11 +2864,11 @@ func (c *EC2) AttachVolumeRequest(input *AttachVolumeInput) (req *request.Reques // the instance with the specified device name. // // Encrypted EBS volumes must be attached to instances that support Amazon EBS -// encryption. For more information, see Amazon EBS encryption (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html) -// in the Amazon Elastic Compute Cloud User Guide. +// encryption. For more information, see Amazon EBS encryption (https://docs.aws.amazon.com/ebs/latest/userguide/ebs-encryption.html) +// in the Amazon EBS User Guide. // // After you attach an EBS volume, you must make it available. For more information, -// see Make an EBS volume available for use (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-using-volumes.html). +// see Make an EBS volume available for use (https://docs.aws.amazon.com/ebs/latest/userguide/ebs-using-volumes.html). // // If a volume has an Amazon Web Services Marketplace product code: // @@ -2591,8 +2883,8 @@ func (c *EC2) AttachVolumeRequest(input *AttachVolumeInput) (req *request.Reques // the product. For example, you can't detach a volume from a Windows instance // and attach it to a Linux instance. // -// For more information, see Attach an Amazon EBS volume to an instance (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-attaching-volume.html) -// in the Amazon Elastic Compute Cloud User Guide. +// For more information, see Attach an Amazon EBS volume to an instance (https://docs.aws.amazon.com/ebs/latest/userguide/ebs-attaching-volume.html) +// in the Amazon EBS User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -2818,24 +3110,28 @@ func (c *EC2) AuthorizeSecurityGroupEgressRequest(input *AuthorizeSecurityGroupE // AuthorizeSecurityGroupEgress API operation for Amazon Elastic Compute Cloud. // -// [VPC only] Adds the specified outbound (egress) rules to a security group -// for use with a VPC. +// Adds the specified outbound (egress) rules to a security group. // // An outbound rule permits instances to send traffic to the specified IPv4 -// or IPv6 CIDR address ranges, or to the instances that are associated with -// the specified source security groups. When specifying an outbound rule for -// your security group in a VPC, the IpPermissions must include a destination -// for the traffic. +// or IPv6 address ranges, the IP address ranges specified by a prefix list, +// or the instances that are associated with a source security group. For more +// information, see Security group rules (https://docs.aws.amazon.com/vpc/latest/userguide/security-group-rules.html). +// +// You must specify exactly one of the following destinations: an IPv4 or IPv6 +// address range, a prefix list, or a security group. You must specify a protocol +// for each rule (for example, TCP). If the protocol is TCP or UDP, you must +// also specify a port or port range. If the protocol is ICMP or ICMPv6, you +// must also specify the ICMP type and code. // -// You specify a protocol for each rule (for example, TCP). For the TCP and -// UDP protocols, you must also specify the destination port or port range. -// For the ICMP protocol, you must also specify the ICMP type and code. You -// can use -1 for the type or code to mean all types or all codes. +// Rule changes are propagated to instances associated with the security group +// as quickly as possible. However, a small delay might occur. // -// Rule changes are propagated to affected instances as quickly as possible. -// However, a small delay might occur. +// For examples of rules that you can add to security groups for specific access +// scenarios, see Security group rules for different use cases (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-rules-reference.html) +// in the Amazon EC2 User Guide. // -// For information about VPC security group quotas, see Amazon VPC quotas (https://docs.aws.amazon.com/vpc/latest/userguide/amazon-vpc-limits.html). +// For information about security group quotas, see Amazon VPC quotas (https://docs.aws.amazon.com/vpc/latest/userguide/amazon-vpc-limits.html) +// in the Amazon VPC User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -2911,25 +3207,25 @@ func (c *EC2) AuthorizeSecurityGroupIngressRequest(input *AuthorizeSecurityGroup // Adds the specified inbound (ingress) rules to a security group. // // An inbound rule permits instances to receive traffic from the specified IPv4 -// or IPv6 CIDR address range, or from the instances that are associated with -// the specified destination security groups. When specifying an inbound rule -// for your security group in a VPC, the IpPermissions must include a source -// for the traffic. +// or IPv6 address range, the IP address ranges that are specified by a prefix +// list, or the instances that are associated with a destination security group. +// For more information, see Security group rules (https://docs.aws.amazon.com/vpc/latest/userguide/security-group-rules.html). // -// You specify a protocol for each rule (for example, TCP). For TCP and UDP, -// you must also specify the destination port or port range. For ICMP/ICMPv6, -// you must also specify the ICMP/ICMPv6 type and code. You can use -1 to mean -// all types or all codes. +// You must specify exactly one of the following sources: an IPv4 or IPv6 address +// range, a prefix list, or a security group. You must specify a protocol for +// each rule (for example, TCP). If the protocol is TCP or UDP, you must also +// specify a port or port range. If the protocol is ICMP or ICMPv6, you must +// also specify the ICMP/ICMPv6 type and code. // -// Rule changes are propagated to instances within the security group as quickly -// as possible. However, a small delay might occur. +// Rule changes are propagated to instances associated with the security group +// as quickly as possible. However, a small delay might occur. // -// For more information about VPC security group quotas, see Amazon VPC quotas -// (https://docs.aws.amazon.com/vpc/latest/userguide/amazon-vpc-limits.html). +// For examples of rules that you can add to security groups for specific access +// scenarios, see Security group rules for different use cases (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-rules-reference.html) +// in the Amazon EC2 User Guide. // -// We are retiring EC2-Classic. We recommend that you migrate from EC2-Classic -// to a VPC. For more information, see Migrate from EC2-Classic to a VPC (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-migrate.html) -// in the Amazon Elastic Compute Cloud User Guide. +// For more information about security group quotas, see Amazon VPC quotas (https://docs.aws.amazon.com/vpc/latest/userguide/amazon-vpc-limits.html) +// in the Amazon VPC User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -3476,8 +3772,8 @@ func (c *EC2) CancelImageLaunchPermissionRequest(input *CancelImageLaunchPermiss // // Removes your Amazon Web Services account from the launch permissions for // the specified AMI. For more information, see Cancel having an AMI shared -// with your Amazon Web Services account (https://docs.aws.amazon.com/) in the -// Amazon EC2 User Guide. +// with your Amazon Web Services account (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/cancel-sharing-an-AMI.html) +// in the Amazon EC2 User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -3702,9 +3998,10 @@ func (c *EC2) CancelSpotFleetRequestsRequest(input *CancelSpotFleetRequestsInput // // Cancels the specified Spot Fleet requests. // -// After you cancel a Spot Fleet request, the Spot Fleet launches no new Spot -// Instances. You must specify whether the Spot Fleet should also terminate -// its Spot Instances. If you terminate the instances, the Spot Fleet request +// After you cancel a Spot Fleet request, the Spot Fleet launches no new instances. +// +// You must also specify whether a canceled Spot Fleet request should terminate +// its instances. If you choose to terminate the instances, the Spot Fleet request // enters the cancelled_terminating state. Otherwise, the Spot Fleet request // enters the cancelled_running state and the instances continue to run until // they are interrupted or you terminate them manually. @@ -4022,8 +4319,8 @@ func (c *EC2) CopyImageRequest(input *CopyImageInput) (req *request.Request, out // by default using the default encryption key for the Region, or a different // key that you specify in the request using KmsKeyId. Outposts do not support // unencrypted snapshots. For more information, Amazon EBS local snapshots on -// Outposts (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/snapshots-outposts.html#ami) -// in the Amazon EC2 User Guide. +// Outposts (https://docs.aws.amazon.com/ebs/latest/userguide/snapshots-outposts.html#ami) +// in the Amazon EBS User Guide. // // For more information about the prerequisites and limits when copying an AMI, // see Copy an AMI (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/CopyingAMIs.html) @@ -4118,14 +4415,14 @@ func (c *EC2) CopySnapshotRequest(input *CopySnapshotInput) (req *request.Reques // Snapshots copied to an Outpost are encrypted by default using the default // encryption key for the Region, or a different key that you specify in the // request using KmsKeyId. Outposts do not support unencrypted snapshots. For -// more information, Amazon EBS local snapshots on Outposts (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/snapshots-outposts.html#ami) -// in the Amazon Elastic Compute Cloud User Guide. +// more information, Amazon EBS local snapshots on Outposts (https://docs.aws.amazon.com/ebs/latest/userguide/snapshots-outposts.html#ami) +// in the Amazon EBS User Guide. // // Snapshots created by copying another snapshot have an arbitrary volume ID // that should not be used for any purpose. // -// For more information, see Copy an Amazon EBS snapshot (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-copy-snapshot.html) -// in the Amazon Elastic Compute Cloud User Guide. +// For more information, see Copy an Amazon EBS snapshot (https://docs.aws.amazon.com/ebs/latest/userguide/ebs-copy-snapshot.html) +// in the Amazon EBS User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -4832,9 +5129,9 @@ func (c *EC2) CreateDefaultSubnetRequest(input *CreateDefaultSubnetInput) (req * // // Creates a default subnet with a size /20 IPv4 CIDR block in the specified // Availability Zone in your default VPC. You can have only one default subnet -// per Availability Zone. For more information, see Creating a default subnet +// per Availability Zone. For more information, see Create a default subnet // (https://docs.aws.amazon.com/vpc/latest/userguide/default-vpc.html#create-default-subnet) -// in the Amazon Virtual Private Cloud User Guide. +// in the Amazon VPC User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -4909,22 +5206,13 @@ func (c *EC2) CreateDefaultVpcRequest(input *CreateDefaultVpcInput) (req *reques // // Creates a default VPC with a size /16 IPv4 CIDR block and a default subnet // in each Availability Zone. For more information about the components of a -// default VPC, see Default VPC and default subnets (https://docs.aws.amazon.com/vpc/latest/userguide/default-vpc.html) -// in the Amazon Virtual Private Cloud User Guide. You cannot specify the components -// of the default VPC yourself. +// default VPC, see Default VPCs (https://docs.aws.amazon.com/vpc/latest/userguide/default-vpc.html) +// in the Amazon VPC User Guide. You cannot specify the components of the default +// VPC yourself. // // If you deleted your previous default VPC, you can create a default VPC. You // cannot have more than one default VPC per Region. // -// If your account supports EC2-Classic, you cannot use this action to create -// a default VPC in a Region that supports EC2-Classic. If you want a default -// VPC in a Region that supports EC2-Classic, see "I really want a default VPC -// for my existing EC2 account. Is that possible?" in the Default VPCs FAQ (http://aws.amazon.com/vpc/faqs/#Default_VPCs). -// -// We are retiring EC2-Classic. We recommend that you migrate from EC2-Classic -// to a VPC. For more information, see Migrate from EC2-Classic to a VPC (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-migrate.html) -// in the Amazon Elastic Compute Cloud User Guide. -// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -4996,45 +5284,48 @@ func (c *EC2) CreateDhcpOptionsRequest(input *CreateDhcpOptionsInput) (req *requ // CreateDhcpOptions API operation for Amazon Elastic Compute Cloud. // -// Creates a set of DHCP options for your VPC. After creating the set, you must -// associate it with the VPC, causing all existing and new instances that you -// launch in the VPC to use this set of DHCP options. The following are the -// individual DHCP options you can specify. For more information about the options, -// see RFC 2132 (http://www.ietf.org/rfc/rfc2132.txt). +// Creates a custom set of DHCP options. After you create a DHCP option set, +// you associate it with a VPC. After you associate a DHCP option set with a +// VPC, all existing and newly launched instances in the VPC use this set of +// DHCP options. // -// - domain-name-servers - The IP addresses of up to four domain name servers, -// or AmazonProvidedDNS. The default DHCP option set specifies AmazonProvidedDNS. -// If specifying more than one domain name server, specify the IP addresses -// in a single parameter, separated by commas. To have your instance receive -// a custom DNS hostname as specified in domain-name, you must set domain-name-servers -// to a custom DNS server. +// The following are the individual DHCP options you can specify. For more information, +// see DHCP options sets (https://docs.aws.amazon.com/vpc/latest/userguide/VPC_DHCP_Options.html) +// in the Amazon VPC User Guide. // // - domain-name - If you're using AmazonProvidedDNS in us-east-1, specify -// ec2.internal. If you're using AmazonProvidedDNS in another Region, specify -// region.compute.internal (for example, ap-northeast-1.compute.internal). -// Otherwise, specify a domain name (for example, ExampleCompany.com). This -// value is used to complete unqualified DNS hostnames. Important: Some Linux -// operating systems accept multiple domain names separated by spaces. However, -// Windows and other Linux operating systems treat the value as a single -// domain, which results in unexpected behavior. If your DHCP options set -// is associated with a VPC that has instances with multiple operating systems, -// specify only one domain name. -// -// - ntp-servers - The IP addresses of up to four Network Time Protocol (NTP) -// servers. +// ec2.internal. If you're using AmazonProvidedDNS in any other Region, specify +// region.compute.internal. Otherwise, specify a custom domain name. This +// value is used to complete unqualified DNS hostnames. Some Linux operating +// systems accept multiple domain names separated by spaces. However, Windows +// and other Linux operating systems treat the value as a single domain, +// which results in unexpected behavior. If your DHCP option set is associated +// with a VPC that has instances running operating systems that treat the +// value as a single domain, specify only one domain name. +// +// - domain-name-servers - The IP addresses of up to four DNS servers, or +// AmazonProvidedDNS. To specify multiple domain name servers in a single +// parameter, separate the IP addresses using commas. To have your instances +// receive custom DNS hostnames as specified in domain-name, you must specify +// a custom DNS server. +// +// - ntp-servers - The IP addresses of up to eight Network Time Protocol +// (NTP) servers (four IPv4 addresses and four IPv6 addresses). // // - netbios-name-servers - The IP addresses of up to four NetBIOS name servers. // // - netbios-node-type - The NetBIOS node type (1, 2, 4, or 8). We recommend -// that you specify 2 (broadcast and multicast are not currently supported). -// For more information about these node types, see RFC 2132 (http://www.ietf.org/rfc/rfc2132.txt). -// -// Your VPC automatically starts out with a set of DHCP options that includes -// only a DNS server that we provide (AmazonProvidedDNS). If you create a set -// of options, and if your VPC has an internet gateway, make sure to set the -// domain-name-servers option either to AmazonProvidedDNS or to a domain name -// server of your choice. For more information, see DHCP options sets (https://docs.aws.amazon.com/vpc/latest/userguide/VPC_DHCP_Options.html) -// in the Amazon Virtual Private Cloud User Guide. +// that you specify 2. Broadcast and multicast are not supported. For more +// information about NetBIOS node types, see RFC 2132 (http://www.ietf.org/rfc/rfc2132.txt). +// +// - ipv6-preferred-lease-time - A value (in seconds, minutes, hours, or +// years) for how frequently a running instance with an IPv6 assigned to +// it goes through DHCPv6 lease renewal. Acceptable values are between 140 +// and 2147483647 seconds (approximately 68 years). If no value is entered, +// the default lease time is 140 seconds. If you use long-term addressing +// for EC2 instances, you can increase the lease time and avoid frequent +// lease renewal requests. Lease renewal typically occurs when half of the +// lease time has elapsed. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -5183,10 +5474,12 @@ func (c *EC2) CreateFleetRequest(input *CreateFleetInput) (req *request.Request, // CreateFleet API operation for Amazon Elastic Compute Cloud. // -// Launches an EC2 Fleet. +// Creates an EC2 Fleet that contains the configuration information for On-Demand +// Instances and Spot Instances. Instances are launched immediately if there +// is available capacity. // -// You can create a single EC2 Fleet that includes multiple launch specifications -// that vary by instance type, AMI, Availability Zone, or subnet. +// A single EC2 Fleet can include multiple launch specifications that vary by +// instance type, AMI, Availability Zone, or subnet. // // For more information, see EC2 Fleet (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-fleet.html) // in the Amazon EC2 User Guide. @@ -5434,16 +5727,6 @@ func (c *EC2) CreateImageRequest(input *CreateImageInput) (req *request.Request, // Creates an Amazon EBS-backed AMI from an Amazon EBS-backed instance that // is either running or stopped. // -// By default, when Amazon EC2 creates the new AMI, it reboots the instance -// so that it can take snapshots of the attached volumes while data is at rest, -// in order to ensure a consistent state. You can set the NoReboot parameter -// to true in the API request, or use the --no-reboot option in the CLI to prevent -// Amazon EC2 from shutting down and rebooting the instance. -// -// If you choose to bypass the shutdown and reboot process by setting the NoReboot -// parameter to true in the API request, or by using the --no-reboot option -// in the CLI, we can't guarantee the file system integrity of the created image. -// // If you customized your instance with instance store volumes or Amazon EBS // volumes in addition to the root device volume, the new AMI contains block // device mapping information for those volumes. When you launch an instance @@ -5481,6 +5764,85 @@ func (c *EC2) CreateImageWithContext(ctx aws.Context, input *CreateImageInput, o return out, req.Send() } +const opCreateInstanceConnectEndpoint = "CreateInstanceConnectEndpoint" + +// CreateInstanceConnectEndpointRequest generates a "aws/request.Request" representing the +// client's request for the CreateInstanceConnectEndpoint operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See CreateInstanceConnectEndpoint for more information on using the CreateInstanceConnectEndpoint +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the CreateInstanceConnectEndpointRequest method. +// req, resp := client.CreateInstanceConnectEndpointRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/CreateInstanceConnectEndpoint +func (c *EC2) CreateInstanceConnectEndpointRequest(input *CreateInstanceConnectEndpointInput) (req *request.Request, output *CreateInstanceConnectEndpointOutput) { + op := &request.Operation{ + Name: opCreateInstanceConnectEndpoint, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &CreateInstanceConnectEndpointInput{} + } + + output = &CreateInstanceConnectEndpointOutput{} + req = c.newRequest(op, input, output) + return +} + +// CreateInstanceConnectEndpoint API operation for Amazon Elastic Compute Cloud. +// +// Creates an EC2 Instance Connect Endpoint. +// +// An EC2 Instance Connect Endpoint allows you to connect to an instance, without +// requiring the instance to have a public IPv4 address. For more information, +// see Connect to your instances without requiring a public IPv4 address using +// EC2 Instance Connect Endpoint (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Connect-using-EC2-Instance-Connect-Endpoint.html) +// in the Amazon EC2 User Guide. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation CreateInstanceConnectEndpoint for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/CreateInstanceConnectEndpoint +func (c *EC2) CreateInstanceConnectEndpoint(input *CreateInstanceConnectEndpointInput) (*CreateInstanceConnectEndpointOutput, error) { + req, out := c.CreateInstanceConnectEndpointRequest(input) + return out, req.Send() +} + +// CreateInstanceConnectEndpointWithContext is the same as CreateInstanceConnectEndpoint with the addition of +// the ability to pass a context and additional request options. +// +// See CreateInstanceConnectEndpoint for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) CreateInstanceConnectEndpointWithContext(ctx aws.Context, input *CreateInstanceConnectEndpointInput, opts ...request.Option) (*CreateInstanceConnectEndpointOutput, error) { + req, out := c.CreateInstanceConnectEndpointRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opCreateInstanceEventWindow = "CreateInstanceEventWindow" // CreateInstanceEventWindowRequest generates a "aws/request.Request" representing the @@ -5622,10 +5984,11 @@ func (c *EC2) CreateInstanceExportTaskRequest(input *CreateInstanceExportTaskInp // // Exports a running or stopped instance to an Amazon S3 bucket. // -// For information about the supported operating systems, image formats, and -// known limitations for the types of instances you can export, see Exporting -// an instance as a VM Using VM Import/Export (https://docs.aws.amazon.com/vm-import/latest/userguide/vmexport.html) -// in the VM Import/Export User Guide. +// For information about the prerequisites for your Amazon S3 bucket, supported +// operating systems, image formats, and known limitations for the types of +// instances you can export, see Exporting an instance as a VM Using VM Import/Export +// (https://docs.aws.amazon.com/vm-import/latest/userguide/vmexport.html) in +// the VM Import/Export User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -5701,8 +6064,8 @@ func (c *EC2) CreateInternetGatewayRequest(input *CreateInternetGatewayInput) (r // Creates an internet gateway for use with a VPC. After creating the internet // gateway, you attach it to a VPC using AttachInternetGateway. // -// For more information about your VPC and internet gateway, see the Amazon -// Virtual Private Cloud User Guide (https://docs.aws.amazon.com/vpc/latest/userguide/). +// For more information, see Internet gateways (https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Internet_Gateway.html) +// in the Amazon VPC User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -5891,6 +6254,81 @@ func (c *EC2) CreateIpamPoolWithContext(ctx aws.Context, input *CreateIpamPoolIn return out, req.Send() } +const opCreateIpamResourceDiscovery = "CreateIpamResourceDiscovery" + +// CreateIpamResourceDiscoveryRequest generates a "aws/request.Request" representing the +// client's request for the CreateIpamResourceDiscovery operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See CreateIpamResourceDiscovery for more information on using the CreateIpamResourceDiscovery +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the CreateIpamResourceDiscoveryRequest method. +// req, resp := client.CreateIpamResourceDiscoveryRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/CreateIpamResourceDiscovery +func (c *EC2) CreateIpamResourceDiscoveryRequest(input *CreateIpamResourceDiscoveryInput) (req *request.Request, output *CreateIpamResourceDiscoveryOutput) { + op := &request.Operation{ + Name: opCreateIpamResourceDiscovery, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &CreateIpamResourceDiscoveryInput{} + } + + output = &CreateIpamResourceDiscoveryOutput{} + req = c.newRequest(op, input, output) + return +} + +// CreateIpamResourceDiscovery API operation for Amazon Elastic Compute Cloud. +// +// Creates an IPAM resource discovery. A resource discovery is an IPAM component +// that enables IPAM to manage and monitor resources that belong to the owning +// account. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation CreateIpamResourceDiscovery for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/CreateIpamResourceDiscovery +func (c *EC2) CreateIpamResourceDiscovery(input *CreateIpamResourceDiscoveryInput) (*CreateIpamResourceDiscoveryOutput, error) { + req, out := c.CreateIpamResourceDiscoveryRequest(input) + return out, req.Send() +} + +// CreateIpamResourceDiscoveryWithContext is the same as CreateIpamResourceDiscovery with the addition of +// the ability to pass a context and additional request options. +// +// See CreateIpamResourceDiscovery for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) CreateIpamResourceDiscoveryWithContext(ctx aws.Context, input *CreateIpamResourceDiscoveryInput, opts ...request.Option) (*CreateIpamResourceDiscoveryOutput, error) { + req, out := c.CreateIpamResourceDiscoveryRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opCreateIpamScope = "CreateIpamScope" // CreateIpamScopeRequest generates a "aws/request.Request" representing the @@ -6659,7 +7097,17 @@ func (c *EC2) CreateNatGatewayRequest(input *CreateNatGatewayInput) (req *reques // overlapping networks. // // For more information, see NAT gateways (https://docs.aws.amazon.com/vpc/latest/userguide/vpc-nat-gateway.html) -// in the Amazon Virtual Private Cloud User Guide. +// in the Amazon VPC User Guide. +// +// When you create a public NAT gateway and assign it an EIP or secondary EIPs, +// the network border group of the EIPs must match the network border group +// of the Availability Zone (AZ) that the public NAT gateway is in. If it's +// not the same, the NAT gateway will fail to launch. You can see the network +// border group for the subnet's AZ by viewing the details of the subnet. Similarly, +// you can view the network border group of an EIP by viewing the details of +// the EIP address. For more information about network border groups and EIPs, +// see Allocate an Elastic IP address (https://docs.aws.amazon.com/vpc/latest/userguide/vpc-eips.html#allocate-eip) +// in the Amazon VPC User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -6735,8 +7183,8 @@ func (c *EC2) CreateNetworkAclRequest(input *CreateNetworkAclInput) (req *reques // Creates a network ACL in a VPC. Network ACLs provide an optional layer of // security (in addition to security groups) for the instances in your VPC. // -// For more information, see Network ACLs (https://docs.aws.amazon.com/vpc/latest/userguide/VPC_ACLs.html) -// in the Amazon Virtual Private Cloud User Guide. +// For more information, see Network ACLs (https://docs.aws.amazon.com/vpc/latest/userguide/vpc-network-acls.html) +// in the Amazon VPC User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -6825,8 +7273,8 @@ func (c *EC2) CreateNetworkAclEntryRequest(input *CreateNetworkAclEntryInput) (r // After you add an entry, you can't modify it; you must either replace it, // or create an entry and delete the old one. // -// For more information about network ACLs, see Network ACLs (https://docs.aws.amazon.com/vpc/latest/userguide/VPC_ACLs.html) -// in the Amazon Virtual Private Cloud User Guide. +// For more information about network ACLs, see Network ACLs (https://docs.aws.amazon.com/vpc/latest/userguide/vpc-network-acls.html) +// in the Amazon VPC User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -6981,7 +7429,7 @@ func (c *EC2) CreateNetworkInsightsPathRequest(input *CreateNetworkInsightsPathI // // Reachability Analyzer enables you to analyze and debug network reachability // between two resources in your virtual private cloud (VPC). For more information, -// see What is Reachability Analyzer (https://docs.aws.amazon.com/vpc/latest/reachability/). +// see the Reachability Analyzer Guide (https://docs.aws.amazon.com/vpc/latest/reachability/). // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -7647,7 +8095,7 @@ func (c *EC2) CreateRouteRequest(input *CreateRouteInput) (req *request.Request, // more specific, so we use that route to determine where to target the traffic. // // For more information about route tables, see Route tables (https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Route_Tables.html) -// in the Amazon Virtual Private Cloud User Guide. +// in the Amazon VPC User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -7724,7 +8172,7 @@ func (c *EC2) CreateRouteTableRequest(input *CreateRouteTableInput) (req *reques // you can add routes and associate the table with a subnet. // // For more information, see Route tables (https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Route_Tables.html) -// in the Amazon Virtual Private Cloud User Guide. +// in the Amazon VPC User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -7807,16 +8255,13 @@ func (c *EC2) CreateSecurityGroupRequest(input *CreateSecurityGroupInput) (req * // in the Amazon Virtual Private Cloud User Guide. // // When you create a security group, you specify a friendly name of your choice. -// You can have a security group for use in EC2-Classic with the same name as -// a security group for use in a VPC. However, you can't have two security groups -// for use in EC2-Classic with the same name or two security groups for use -// in a VPC with the same name. +// You can't have two security groups for the same VPC with the same name. // -// You have a default security group for use in EC2-Classic and a default security -// group for use in your VPC. If you don't specify a security group when you -// launch an instance, the instance is launched into the appropriate default -// security group. A default security group includes a default rule that grants -// instances unrestricted network access to each other. +// You have a default security group for use in your VPC. If you don't specify +// a security group when you launch an instance, the instance is launched into +// the appropriate default security group. A default security group includes +// a default rule that grants instances unrestricted network access to each +// other. // // You can add or remove rules from your security groups using AuthorizeSecurityGroupIngress, // AuthorizeSecurityGroupEgress, RevokeSecurityGroupIngress, and RevokeSecurityGroupEgress. @@ -7824,10 +8269,6 @@ func (c *EC2) CreateSecurityGroupRequest(input *CreateSecurityGroupInput) (req * // For more information about VPC security group limits, see Amazon VPC Limits // (https://docs.aws.amazon.com/vpc/latest/userguide/amazon-vpc-limits.html). // -// We are retiring EC2-Classic. We recommend that you migrate from EC2-Classic -// to a VPC. For more information, see Migrate from EC2-Classic to a VPC (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-migrate.html) -// in the Amazon Elastic Compute Cloud User Guide. -// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -7923,8 +8364,8 @@ func (c *EC2) CreateSnapshotRequest(input *CreateSnapshotInput) (req *request.Re // snapshot. You may remount and use your volume while the snapshot status is // pending. // -// To create a snapshot for Amazon EBS volumes that serve as root devices, you -// should stop the instance before taking the snapshot. +// When you create a snapshot for an EBS volume that serves as a root device, +// we recommend that you stop the instance before taking the snapshot. // // Snapshots that are taken from encrypted volumes are automatically encrypted. // Volumes that are created from encrypted snapshots are also automatically @@ -7935,9 +8376,9 @@ func (c *EC2) CreateSnapshotRequest(input *CreateSnapshotInput) (req *request.Re // your Amazon EC2 resources (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html) // in the Amazon Elastic Compute Cloud User Guide. // -// For more information, see Amazon Elastic Block Store (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/AmazonEBS.html) -// and Amazon EBS encryption (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html) -// in the Amazon Elastic Compute Cloud User Guide. +// For more information, see Amazon Elastic Block Store (https://docs.aws.amazon.com/ebs/latest/userguide/what-is-ebs.html) +// and Amazon EBS encryption (https://docs.aws.amazon.com/ebs/latest/userguide/ebs-encryption.html) +// in the Amazon EBS User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -8251,18 +8692,22 @@ func (c *EC2) CreateSubnetRequest(input *CreateSubnetInput) (req *request.Reques // CreateSubnet API operation for Amazon Elastic Compute Cloud. // -// Creates a subnet in a specified VPC. +// Creates a subnet in the specified VPC. For an IPv4 only subnet, specify an +// IPv4 CIDR block. If the VPC has an IPv6 CIDR block, you can create an IPv6 +// only subnet or a dual stack subnet instead. For an IPv6 only subnet, specify +// an IPv6 CIDR block. For a dual stack subnet, specify both an IPv4 CIDR block +// and an IPv6 CIDR block. // -// You must specify an IPv4 CIDR block for the subnet. After you create a subnet, -// you can't change its CIDR block. The allowed block size is between a /16 -// netmask (65,536 IP addresses) and /28 netmask (16 IP addresses). The CIDR -// block must not overlap with the CIDR block of an existing subnet in the VPC. +// A subnet CIDR block must not overlap the CIDR block of an existing subnet +// in the VPC. After you create a subnet, you can't change its CIDR block. // -// If you've associated an IPv6 CIDR block with your VPC, you can create a subnet -// with an IPv6 CIDR block that uses a /64 prefix length. +// The allowed size for an IPv4 subnet is between a /28 netmask (16 IP addresses) +// and a /16 netmask (65,536 IP addresses). Amazon Web Services reserves both +// the first four and the last IPv4 address in each subnet's CIDR block. They're +// not available for your use. // -// Amazon Web Services reserves both the first four and the last IPv4 address -// in each subnet's CIDR block. They're not available for use. +// If you've associated an IPv6 CIDR block with your VPC, you can associate +// an IPv6 CIDR block with a subnet when you create it. // // If you add more than one subnet to a VPC, they're set up in a star topology // with a logical router in the middle. @@ -8271,8 +8716,8 @@ func (c *EC2) CreateSubnetRequest(input *CreateSubnetInput) (req *request.Reques // It's therefore possible to have a subnet with no running instances (they're // all stopped), but no remaining IP addresses available. // -// For more information about subnets, see Your VPC and subnets (https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Subnets.html) -// in the Amazon Virtual Private Cloud User Guide. +// For more information, see Subnets (https://docs.aws.amazon.com/vpc/latest/userguide/configure-subnets.html) +// in the Amazon VPC User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -8345,9 +8790,11 @@ func (c *EC2) CreateSubnetCidrReservationRequest(input *CreateSubnetCidrReservat // CreateSubnetCidrReservation API operation for Amazon Elastic Compute Cloud. // -// Creates a subnet CIDR reservation. For information about subnet CIDR reservations, -// see Subnet CIDR reservations (https://docs.aws.amazon.com/vpc/latest/userguide/subnet-cidr-reservation.html) -// in the Amazon Virtual Private Cloud User Guide. +// Creates a subnet CIDR reservation. For more information, see Subnet CIDR +// reservations (https://docs.aws.amazon.com/vpc/latest/userguide/subnet-cidr-reservation.html) +// in the Amazon Virtual Private Cloud User Guide and Assign prefixes to network +// interfaces (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-prefix-eni.html) +// in the Amazon Elastic Compute Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -9757,10 +10204,9 @@ func (c *EC2) CreateVerifiedAccessGroupRequest(input *CreateVerifiedAccessGroupI // // An Amazon Web Services Verified Access group is a collection of Amazon Web // Services Verified Access endpoints who's associated applications have similar -// security requirements. Each instance within an Amazon Web Services Verified -// Access group shares an Amazon Web Services Verified Access policy. For example, -// you can group all Amazon Web Services Verified Access instances associated -// with “sales” applications together and use one common Amazon Web Services +// security requirements. Each instance within a Verified Access group shares +// an Verified Access policy. For example, you can group all Verified Access +// instances associated with "sales" applications together and use one common // Verified Access policy. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -9911,9 +10357,8 @@ func (c *EC2) CreateVerifiedAccessTrustProviderRequest(input *CreateVerifiedAcce // // A trust provider is a third-party entity that creates, maintains, and manages // identity information for users and devices. When an application request is -// made, the identity information sent by the trust provider will be evaluated -// by Amazon Web Services Verified Access, before allowing or denying the application -// request. +// made, the identity information sent by the trust provider is evaluated by +// Verified Access before allowing or denying the application request. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -9996,15 +10441,15 @@ func (c *EC2) CreateVolumeRequest(input *CreateVolumeInput) (req *request.Reques // You can create encrypted volumes. Encrypted volumes must be attached to instances // that support Amazon EBS encryption. Volumes that are created from encrypted // snapshots are also automatically encrypted. For more information, see Amazon -// EBS encryption (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html) -// in the Amazon Elastic Compute Cloud User Guide. +// EBS encryption (https://docs.aws.amazon.com/ebs/latest/userguide/ebs-encryption.html) +// in the Amazon EBS User Guide. // // You can tag your volumes during creation. For more information, see Tag your // Amazon EC2 resources (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html) // in the Amazon Elastic Compute Cloud User Guide. // -// For more information, see Create an Amazon EBS volume (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-creating-volume.html) -// in the Amazon Elastic Compute Cloud User Guide. +// For more information, see Create an Amazon EBS volume (https://docs.aws.amazon.com/ebs/latest/userguide/ebs-creating-volume.html) +// in the Amazon EBS User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -10077,26 +10522,24 @@ func (c *EC2) CreateVpcRequest(input *CreateVpcInput) (req *request.Request, out // CreateVpc API operation for Amazon Elastic Compute Cloud. // -// Creates a VPC with the specified IPv4 CIDR block. The smallest VPC you can -// create uses a /28 netmask (16 IPv4 addresses), and the largest uses a /16 -// netmask (65,536 IPv4 addresses). For more information about how large to -// make your VPC, see Your VPC and subnets (https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Subnets.html) -// in the Amazon Virtual Private Cloud User Guide. +// Creates a VPC with the specified CIDR blocks. For more information, see IP +// addressing for your VPCs and subnets (https://docs.aws.amazon.com/vpc/latest/userguide/vpc-ip-addressing.html) +// in the Amazon VPC User Guide. // // You can optionally request an IPv6 CIDR block for the VPC. You can request -// an Amazon-provided IPv6 CIDR block from Amazon's pool of IPv6 addresses, -// or an IPv6 CIDR block from an IPv6 address pool that you provisioned through +// an Amazon-provided IPv6 CIDR block from Amazon's pool of IPv6 addresses or +// an IPv6 CIDR block from an IPv6 address pool that you provisioned through // bring your own IP addresses (BYOIP (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-byoip.html)). // -// By default, each instance you launch in the VPC has the default DHCP options, -// which include only a default DNS server that we provide (AmazonProvidedDNS). -// For more information, see DHCP options sets (https://docs.aws.amazon.com/vpc/latest/userguide/VPC_DHCP_Options.html) -// in the Amazon Virtual Private Cloud User Guide. +// By default, each instance that you launch in the VPC has the default DHCP +// options, which include only a default DNS server that we provide (AmazonProvidedDNS). +// For more information, see DHCP option sets (https://docs.aws.amazon.com/vpc/latest/userguide/VPC_DHCP_Options.html) +// in the Amazon VPC User Guide. // // You can specify the instance tenancy value for the VPC when you create it. // You can't change this value for the VPC after you create it. For more information, // see Dedicated Instances (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/dedicated-instance.html) -// in the Amazon Elastic Compute Cloud User Guide. +// in the Amazon EC2 User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -10169,11 +10612,11 @@ func (c *EC2) CreateVpcEndpointRequest(input *CreateVpcEndpointInput) (req *requ // CreateVpcEndpoint API operation for Amazon Elastic Compute Cloud. // -// Creates a VPC endpoint for a specified service. An endpoint enables you to -// create a private connection between your VPC and the service. The service -// may be provided by Amazon Web Services, an Amazon Web Services Marketplace +// Creates a VPC endpoint. A VPC endpoint provides a private connection between +// the specified VPC and the specified endpoint service. You can use an endpoint +// service provided by Amazon Web Services, an Amazon Web Services Marketplace // Partner, or another Amazon Web Services account. For more information, see -// the Amazon Web Services PrivateLink Guide (https://docs.aws.amazon.com/vpc/latest/privatelink/). +// the Amazon Web Services PrivateLink User Guide (https://docs.aws.amazon.com/vpc/latest/privatelink/). // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -10326,7 +10769,7 @@ func (c *EC2) CreateVpcEndpointServiceConfigurationRequest(input *CreateVpcEndpo // CreateVpcEndpointServiceConfiguration API operation for Amazon Elastic Compute Cloud. // // Creates a VPC endpoint service to which service consumers (Amazon Web Services -// accounts, IAM users, and IAM roles) can connect. +// accounts, users, and IAM roles) can connect. // // Before you create an endpoint service, you must create one of the following // for your service: @@ -11350,11 +11793,11 @@ func (c *EC2) DeleteFleetsRequest(input *DeleteFleetsInput) (req *request.Reques // DeleteFleets API operation for Amazon Elastic Compute Cloud. // -// Deletes the specified EC2 Fleet. +// Deletes the specified EC2 Fleets. // // After you delete an EC2 Fleet, it launches no new instances. // -// You must specify whether a deleted EC2 Fleet should also terminate its instances. +// You must also specify whether a deleted EC2 Fleet should terminate its instances. // If you choose to terminate the instances, the EC2 Fleet enters the deleted_terminating // state. Otherwise, the EC2 Fleet enters the deleted_running state, and the // instances continue to run until they are interrupted or you terminate them @@ -11550,6 +11993,79 @@ func (c *EC2) DeleteFpgaImageWithContext(ctx aws.Context, input *DeleteFpgaImage return out, req.Send() } +const opDeleteInstanceConnectEndpoint = "DeleteInstanceConnectEndpoint" + +// DeleteInstanceConnectEndpointRequest generates a "aws/request.Request" representing the +// client's request for the DeleteInstanceConnectEndpoint operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DeleteInstanceConnectEndpoint for more information on using the DeleteInstanceConnectEndpoint +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the DeleteInstanceConnectEndpointRequest method. +// req, resp := client.DeleteInstanceConnectEndpointRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DeleteInstanceConnectEndpoint +func (c *EC2) DeleteInstanceConnectEndpointRequest(input *DeleteInstanceConnectEndpointInput) (req *request.Request, output *DeleteInstanceConnectEndpointOutput) { + op := &request.Operation{ + Name: opDeleteInstanceConnectEndpoint, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &DeleteInstanceConnectEndpointInput{} + } + + output = &DeleteInstanceConnectEndpointOutput{} + req = c.newRequest(op, input, output) + return +} + +// DeleteInstanceConnectEndpoint API operation for Amazon Elastic Compute Cloud. +// +// Deletes the specified EC2 Instance Connect Endpoint. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation DeleteInstanceConnectEndpoint for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DeleteInstanceConnectEndpoint +func (c *EC2) DeleteInstanceConnectEndpoint(input *DeleteInstanceConnectEndpointInput) (*DeleteInstanceConnectEndpointOutput, error) { + req, out := c.DeleteInstanceConnectEndpointRequest(input) + return out, req.Send() +} + +// DeleteInstanceConnectEndpointWithContext is the same as DeleteInstanceConnectEndpoint with the addition of +// the ability to pass a context and additional request options. +// +// See DeleteInstanceConnectEndpoint for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DeleteInstanceConnectEndpointWithContext(ctx aws.Context, input *DeleteInstanceConnectEndpointInput, opts ...request.Option) (*DeleteInstanceConnectEndpointOutput, error) { + req, out := c.DeleteInstanceConnectEndpointRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opDeleteInstanceEventWindow = "DeleteInstanceEventWindow" // DeleteInstanceEventWindowRequest generates a "aws/request.Request" representing the @@ -11858,6 +12374,81 @@ func (c *EC2) DeleteIpamPoolWithContext(ctx aws.Context, input *DeleteIpamPoolIn return out, req.Send() } +const opDeleteIpamResourceDiscovery = "DeleteIpamResourceDiscovery" + +// DeleteIpamResourceDiscoveryRequest generates a "aws/request.Request" representing the +// client's request for the DeleteIpamResourceDiscovery operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DeleteIpamResourceDiscovery for more information on using the DeleteIpamResourceDiscovery +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the DeleteIpamResourceDiscoveryRequest method. +// req, resp := client.DeleteIpamResourceDiscoveryRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DeleteIpamResourceDiscovery +func (c *EC2) DeleteIpamResourceDiscoveryRequest(input *DeleteIpamResourceDiscoveryInput) (req *request.Request, output *DeleteIpamResourceDiscoveryOutput) { + op := &request.Operation{ + Name: opDeleteIpamResourceDiscovery, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &DeleteIpamResourceDiscoveryInput{} + } + + output = &DeleteIpamResourceDiscoveryOutput{} + req = c.newRequest(op, input, output) + return +} + +// DeleteIpamResourceDiscovery API operation for Amazon Elastic Compute Cloud. +// +// Deletes an IPAM resource discovery. A resource discovery is an IPAM component +// that enables IPAM to manage and monitor resources that belong to the owning +// account. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation DeleteIpamResourceDiscovery for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DeleteIpamResourceDiscovery +func (c *EC2) DeleteIpamResourceDiscovery(input *DeleteIpamResourceDiscoveryInput) (*DeleteIpamResourceDiscoveryOutput, error) { + req, out := c.DeleteIpamResourceDiscoveryRequest(input) + return out, req.Send() +} + +// DeleteIpamResourceDiscoveryWithContext is the same as DeleteIpamResourceDiscovery with the addition of +// the ability to pass a context and additional request options. +// +// See DeleteIpamResourceDiscovery for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DeleteIpamResourceDiscoveryWithContext(ctx aws.Context, input *DeleteIpamResourceDiscoveryInput, opts ...request.Option) (*DeleteIpamResourceDiscoveryOutput, error) { + req, out := c.DeleteIpamResourceDiscoveryRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opDeleteIpamScope = "DeleteIpamScope" // DeleteIpamScopeRequest generates a "aws/request.Request" representing the @@ -11972,7 +12563,6 @@ func (c *EC2) DeleteKeyPairRequest(input *DeleteKeyPairInput) (req *request.Requ output = &DeleteKeyPairOutput{} req = c.newRequest(op, input, output) - req.Handlers.Unmarshal.Swap(ec2query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) return } @@ -12125,10 +12715,19 @@ func (c *EC2) DeleteLaunchTemplateVersionsRequest(input *DeleteLaunchTemplateVer // DeleteLaunchTemplateVersions API operation for Amazon Elastic Compute Cloud. // -// Deletes one or more versions of a launch template. You cannot delete the -// default version of a launch template; you must first assign a different version -// as the default. If the default version is the only version for the launch -// template, you must delete the entire launch template using DeleteLaunchTemplate. +// Deletes one or more versions of a launch template. +// +// You can't delete the default version of a launch template; you must first +// assign a different version as the default. If the default version is the +// only version for the launch template, you must delete the entire launch template +// using DeleteLaunchTemplate. +// +// You can delete up to 200 launch template versions in a single request. To +// delete more than 200 versions in a single request, use DeleteLaunchTemplate, +// which deletes the launch template and all of its versions. +// +// For more information, see Delete a launch template version (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/manage-launch-template-versions.html#delete-launch-template-version) +// in the EC2 User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -13615,13 +14214,9 @@ func (c *EC2) DeleteSecurityGroupRequest(input *DeleteSecurityGroupInput) (req * // // Deletes a security group. // -// If you attempt to delete a security group that is associated with an instance, -// or is referenced by another security group, the operation fails with InvalidGroup.InUse -// in EC2-Classic or DependencyViolation in EC2-VPC. -// -// We are retiring EC2-Classic. We recommend that you migrate from EC2-Classic -// to a VPC. For more information, see Migrate from EC2-Classic to a VPC (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-migrate.html) -// in the Amazon Elastic Compute Cloud User Guide. +// If you attempt to delete a security group that is associated with an instance +// or network interface or is referenced by another security group, the operation +// fails with DependencyViolation. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -13708,8 +14303,8 @@ func (c *EC2) DeleteSnapshotRequest(input *DeleteSnapshotInput) (req *request.Re // a registered AMI. You must first de-register the AMI before you can delete // the snapshot. // -// For more information, see Delete an Amazon EBS snapshot (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-deleting-snapshot.html) -// in the Amazon Elastic Compute Cloud User Guide. +// For more information, see Delete an Amazon EBS snapshot (https://docs.aws.amazon.com/ebs/latest/userguide/ebs-deleting-snapshot.html) +// in the Amazon EBS User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -15485,8 +16080,8 @@ func (c *EC2) DeleteVolumeRequest(input *DeleteVolumeInput) (req *request.Reques // // The volume can remain in the deleting state for several minutes. // -// For more information, see Delete an Amazon EBS volume (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-deleting-volume.html) -// in the Amazon Elastic Compute Cloud User Guide. +// For more information, see Delete an Amazon EBS volume (https://docs.aws.amazon.com/ebs/latest/userguide/ebs-deleting-volume.html) +// in the Amazon EBS User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -15564,7 +16159,9 @@ func (c *EC2) DeleteVpcRequest(input *DeleteVpcInput) (req *request.Request, out // that are associated with the VPC before you can delete it. For example, you // must terminate all instances running in the VPC, delete all security groups // associated with the VPC (except the default one), delete all route tables -// associated with the VPC (except the default one), and so on. +// associated with the VPC (except the default one), and so on. When you delete +// the VPC, it deletes the VPC's default security group, network ACL, and route +// table. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -15637,7 +16234,7 @@ func (c *EC2) DeleteVpcEndpointConnectionNotificationsRequest(input *DeleteVpcEn // DeleteVpcEndpointConnectionNotifications API operation for Amazon Elastic Compute Cloud. // -// Deletes one or more VPC endpoint connection notifications. +// Deletes the specified VPC endpoint connection notifications. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -15710,10 +16307,10 @@ func (c *EC2) DeleteVpcEndpointServiceConfigurationsRequest(input *DeleteVpcEndp // DeleteVpcEndpointServiceConfigurations API operation for Amazon Elastic Compute Cloud. // -// Deletes one or more VPC endpoint service configurations in your account. -// Before you delete the endpoint service configuration, you must reject any -// Available or PendingAcceptance interface endpoint connections that are attached -// to the service. +// Deletes the specified VPC endpoint service configurations. Before you can +// delete an endpoint service configuration, you must reject any Available or +// PendingAcceptance interface endpoint connections that are attached to the +// service. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -15786,26 +16383,16 @@ func (c *EC2) DeleteVpcEndpointsRequest(input *DeleteVpcEndpointsInput) (req *re // DeleteVpcEndpoints API operation for Amazon Elastic Compute Cloud. // -// Deletes one or more specified VPC endpoints. You can delete any of the following -// types of VPC endpoints. -// -// - Gateway endpoint, -// -// - Gateway Load Balancer endpoint, -// -// - Interface endpoint +// Deletes the specified VPC endpoints. // -// The following rules apply when you delete a VPC endpoint: +// When you delete a gateway endpoint, we delete the endpoint routes in the +// route tables for the endpoint. // -// - When you delete a gateway endpoint, we delete the endpoint routes in -// the route tables that are associated with the endpoint. +// When you delete a Gateway Load Balancer endpoint, we delete its endpoint +// network interfaces. You can only delete Gateway Load Balancer endpoints when +// the routes that are associated with the endpoint are deleted. // -// - When you delete a Gateway Load Balancer endpoint, we delete the endpoint -// network interfaces. You can only delete Gateway Load Balancer endpoints -// when the routes that are associated with the endpoint are deleted. -// -// - When you delete an interface endpoint, we delete the endpoint network -// interfaces. +// When you delete an interface endpoint, we delete its endpoint network interfaces. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -15882,7 +16469,7 @@ func (c *EC2) DeleteVpcPeeringConnectionRequest(input *DeleteVpcPeeringConnectio // the owner of the accepter VPC can delete the VPC peering connection if it's // in the active state. The owner of the requester VPC can delete a VPC peering // connection in the pending-acceptance state. You cannot delete a VPC peering -// connection that's in the failed state. +// connection that's in the failed or rejected state. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -16232,6 +16819,84 @@ func (c *EC2) DeprovisionByoipCidrWithContext(ctx aws.Context, input *Deprovisio return out, req.Send() } +const opDeprovisionIpamByoasn = "DeprovisionIpamByoasn" + +// DeprovisionIpamByoasnRequest generates a "aws/request.Request" representing the +// client's request for the DeprovisionIpamByoasn operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DeprovisionIpamByoasn for more information on using the DeprovisionIpamByoasn +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the DeprovisionIpamByoasnRequest method. +// req, resp := client.DeprovisionIpamByoasnRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DeprovisionIpamByoasn +func (c *EC2) DeprovisionIpamByoasnRequest(input *DeprovisionIpamByoasnInput) (req *request.Request, output *DeprovisionIpamByoasnOutput) { + op := &request.Operation{ + Name: opDeprovisionIpamByoasn, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &DeprovisionIpamByoasnInput{} + } + + output = &DeprovisionIpamByoasnOutput{} + req = c.newRequest(op, input, output) + return +} + +// DeprovisionIpamByoasn API operation for Amazon Elastic Compute Cloud. +// +// Deprovisions your Autonomous System Number (ASN) from your Amazon Web Services +// account. This action can only be called after any BYOIP CIDR associations +// are removed from your Amazon Web Services account with DisassociateIpamByoasn +// (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DisassociateIpamByoasn.html). +// For more information, see Tutorial: Bring your ASN to IPAM (https://docs.aws.amazon.com/vpc/latest/ipam/tutorials-byoasn.html) +// in the Amazon VPC IPAM guide. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation DeprovisionIpamByoasn for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DeprovisionIpamByoasn +func (c *EC2) DeprovisionIpamByoasn(input *DeprovisionIpamByoasnInput) (*DeprovisionIpamByoasnOutput, error) { + req, out := c.DeprovisionIpamByoasnRequest(input) + return out, req.Send() +} + +// DeprovisionIpamByoasnWithContext is the same as DeprovisionIpamByoasn with the addition of +// the ability to pass a context and additional request options. +// +// See DeprovisionIpamByoasn for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DeprovisionIpamByoasnWithContext(ctx aws.Context, input *DeprovisionIpamByoasnInput, opts ...request.Option) (*DeprovisionIpamByoasnOutput, error) { + req, out := c.DeprovisionIpamByoasnRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opDeprovisionIpamPoolCidr = "DeprovisionIpamPoolCidr" // DeprovisionIpamPoolCidrRequest generates a "aws/request.Request" representing the @@ -16738,9 +17403,6 @@ func (c *EC2) DescribeAccountAttributesRequest(input *DescribeAccountAttributesI // Describes attributes of your Amazon Web Services account. The following are // the supported account attributes: // -// - supported-platforms: Indicates whether your account can launch instances -// into EC2-Classic and EC2-VPC, or only into EC2-VPC. -// // - default-vpc: The ID of the default VPC for your account, or none. // // - max-instances: This attribute is no longer supported. The returned value @@ -16748,19 +17410,20 @@ func (c *EC2) DescribeAccountAttributesRequest(input *DescribeAccountAttributesI // For more information, see On-Demand Instance Limits (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-on-demand-instances.html#ec2-on-demand-instances-limits) // in the Amazon Elastic Compute Cloud User Guide. // -// - vpc-max-security-groups-per-interface: The maximum number of security -// groups that you can assign to a network interface. -// // - max-elastic-ips: The maximum number of Elastic IP addresses that you -// can allocate for use with EC2-Classic. +// can allocate. +// +// - supported-platforms: This attribute is deprecated. // // - vpc-max-elastic-ips: The maximum number of Elastic IP addresses that -// you can allocate for use with EC2-VPC. +// you can allocate. // -// We are retiring EC2-Classic on August 15, 2022. We recommend that you migrate -// from EC2-Classic to a VPC. For more information, see Migrate from EC2-Classic -// to a VPC (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-migrate.html) -// in the Amazon EC2 User Guide. +// - vpc-max-security-groups-per-interface: The maximum number of security +// groups that you can assign to a network interface. +// +// The order of the elements in the response, including those within nested +// structures, might vary. Applications should not assume the elements appear +// in a particular order. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -16843,6 +17506,15 @@ func (c *EC2) DescribeAddressTransfersRequest(input *DescribeAddressTransfersInp // Elastic IP addresses (https://docs.aws.amazon.com/vpc/latest/userguide/vpc-eips.html#transfer-EIPs-intro) // in the Amazon Virtual Private Cloud User Guide. // +// When you transfer an Elastic IP address, there is a two-step handshake between +// the source and transfer Amazon Web Services accounts. When the source account +// starts the transfer, the transfer account has seven days to accept the Elastic +// IP address transfer. During those seven days, the source account can view +// the pending transfer by using this action. After seven days, the transfer +// expires and ownership of the Elastic IP address returns to the source account. +// Accepted transfers are visible to the source account for three days after +// the transfers have been accepted. +// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -16967,14 +17639,6 @@ func (c *EC2) DescribeAddressesRequest(input *DescribeAddressesInput) (req *requ // // Describes the specified Elastic IP addresses or all of your Elastic IP addresses. // -// An Elastic IP address is for use in either the EC2-Classic platform or in -// a VPC. For more information, see Elastic IP Addresses (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/elastic-ip-addresses-eip.html) -// in the Amazon Elastic Compute Cloud User Guide. -// -// We are retiring EC2-Classic. We recommend that you migrate from EC2-Classic -// to a VPC. For more information, see Migrate from EC2-Classic to a VPC (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-migrate.html) -// in the Amazon Elastic Compute Cloud User Guide. -// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -17272,6 +17936,10 @@ func (c *EC2) DescribeAvailabilityZonesRequest(input *DescribeAvailabilityZonesI // Zones, see Regions and zones (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-regions-availability-zones.html) // in the Amazon Elastic Compute Cloud User Guide. // +// The order of the elements in the response, including those within nested +// structures, might vary. Applications should not assume the elements appear +// in a particular order. +// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -17480,6 +18148,10 @@ func (c *EC2) DescribeBundleTasksRequest(input *DescribeBundleTasksInput) (req * // use RegisterImage with the Amazon S3 bucket name and image manifest name // you provided to the bundle task. // +// The order of the elements in the response, including those within nested +// structures, might vary. Applications should not assume the elements appear +// in a particular order. +// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -17641,6 +18313,138 @@ func (c *EC2) DescribeByoipCidrsPagesWithContext(ctx aws.Context, input *Describ return p.Err() } +const opDescribeCapacityBlockOfferings = "DescribeCapacityBlockOfferings" + +// DescribeCapacityBlockOfferingsRequest generates a "aws/request.Request" representing the +// client's request for the DescribeCapacityBlockOfferings operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DescribeCapacityBlockOfferings for more information on using the DescribeCapacityBlockOfferings +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the DescribeCapacityBlockOfferingsRequest method. +// req, resp := client.DescribeCapacityBlockOfferingsRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DescribeCapacityBlockOfferings +func (c *EC2) DescribeCapacityBlockOfferingsRequest(input *DescribeCapacityBlockOfferingsInput) (req *request.Request, output *DescribeCapacityBlockOfferingsOutput) { + op := &request.Operation{ + Name: opDescribeCapacityBlockOfferings, + HTTPMethod: "POST", + HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "MaxResults", + TruncationToken: "", + }, + } + + if input == nil { + input = &DescribeCapacityBlockOfferingsInput{} + } + + output = &DescribeCapacityBlockOfferingsOutput{} + req = c.newRequest(op, input, output) + return +} + +// DescribeCapacityBlockOfferings API operation for Amazon Elastic Compute Cloud. +// +// Describes Capacity Block offerings available for purchase in the Amazon Web +// Services Region that you're currently using. With Capacity Blocks, you purchase +// a specific instance type for a period of time. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation DescribeCapacityBlockOfferings for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DescribeCapacityBlockOfferings +func (c *EC2) DescribeCapacityBlockOfferings(input *DescribeCapacityBlockOfferingsInput) (*DescribeCapacityBlockOfferingsOutput, error) { + req, out := c.DescribeCapacityBlockOfferingsRequest(input) + return out, req.Send() +} + +// DescribeCapacityBlockOfferingsWithContext is the same as DescribeCapacityBlockOfferings with the addition of +// the ability to pass a context and additional request options. +// +// See DescribeCapacityBlockOfferings for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DescribeCapacityBlockOfferingsWithContext(ctx aws.Context, input *DescribeCapacityBlockOfferingsInput, opts ...request.Option) (*DescribeCapacityBlockOfferingsOutput, error) { + req, out := c.DescribeCapacityBlockOfferingsRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +// DescribeCapacityBlockOfferingsPages iterates over the pages of a DescribeCapacityBlockOfferings operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See DescribeCapacityBlockOfferings method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a DescribeCapacityBlockOfferings operation. +// pageNum := 0 +// err := client.DescribeCapacityBlockOfferingsPages(params, +// func(page *ec2.DescribeCapacityBlockOfferingsOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +func (c *EC2) DescribeCapacityBlockOfferingsPages(input *DescribeCapacityBlockOfferingsInput, fn func(*DescribeCapacityBlockOfferingsOutput, bool) bool) error { + return c.DescribeCapacityBlockOfferingsPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// DescribeCapacityBlockOfferingsPagesWithContext same as DescribeCapacityBlockOfferingsPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DescribeCapacityBlockOfferingsPagesWithContext(ctx aws.Context, input *DescribeCapacityBlockOfferingsInput, fn func(*DescribeCapacityBlockOfferingsOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *DescribeCapacityBlockOfferingsInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.DescribeCapacityBlockOfferingsRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*DescribeCapacityBlockOfferingsOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + const opDescribeCapacityReservationFleets = "DescribeCapacityReservationFleets" // DescribeCapacityReservationFleetsRequest generates a "aws/request.Request" representing the @@ -18082,15 +18886,13 @@ func (c *EC2) DescribeClassicLinkInstancesRequest(input *DescribeClassicLinkInst // DescribeClassicLinkInstances API operation for Amazon Elastic Compute Cloud. // +// This action is deprecated. +// // Describes one or more of your linked EC2-Classic instances. This request // only returns information about EC2-Classic instances linked to a VPC through // ClassicLink. You cannot use this request to return information about other // instances. // -// We are retiring EC2-Classic. We recommend that you migrate from EC2-Classic -// to a VPC. For more information, see Migrate from EC2-Classic to a VPC (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-migrate.html) -// in the Amazon Elastic Compute Cloud User Guide. -// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -19157,7 +19959,7 @@ func (c *EC2) DescribeDhcpOptionsRequest(input *DescribeDhcpOptionsInput) (req * // Describes one or more of your DHCP options sets. // // For more information, see DHCP options sets (https://docs.aws.amazon.com/vpc/latest/userguide/VPC_DHCP_Options.html) -// in the Amazon Virtual Private Cloud User Guide. +// in the Amazon VPC User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -19411,6 +20213,10 @@ func (c *EC2) DescribeElasticGpusRequest(input *DescribeElasticGpusInput) (req * // DescribeElasticGpus API operation for Amazon Elastic Compute Cloud. // +// Amazon Elastic Graphics reached end of life on January 8, 2024. For workloads +// that require graphics acceleration, we recommend that you use Amazon EC2 +// G4ad, G4dn, or G5 instances. +// // Describes the Elastic Graphics accelerator associated with your instances. // For more information about Elastic Graphics, see Amazon Elastic Graphics // (https://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/elastic-graphics.html). @@ -19696,7 +20502,7 @@ func (c *EC2) DescribeFastLaunchImagesRequest(input *DescribeFastLaunchImagesInp // DescribeFastLaunchImages API operation for Amazon Elastic Compute Cloud. // -// Describe details for Windows AMIs that are configured for faster launching. +// Describe details for Windows AMIs that are configured for Windows fast launch. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -20032,7 +20838,10 @@ func (c *EC2) DescribeFleetInstancesRequest(input *DescribeFleetInstancesInput) // // Describes the running instances for the specified EC2 Fleet. // -// For more information, see Monitor your EC2 Fleet (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/manage-ec2-fleet.html#monitor-ec2-fleet) +// Currently, DescribeFleetInstances does not support fleets of type instant. +// Instead, use DescribeFleets, specifying the instant fleet ID in the request. +// +// For more information, see Describe your EC2 Fleet (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/manage-ec2-fleet.html#monitor-ec2-fleet) // in the Amazon EC2 User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -20112,9 +20921,12 @@ func (c *EC2) DescribeFleetsRequest(input *DescribeFleetsInput) (req *request.Re // DescribeFleets API operation for Amazon Elastic Compute Cloud. // -// Describes the specified EC2 Fleets or all of your EC2 Fleets. +// Describes the specified EC2 Fleet or all of your EC2 Fleets. +// +// If a fleet is of type instant, you must specify the fleet ID in the request, +// otherwise the fleet does not appear in the response. // -// For more information, see Monitor your EC2 Fleet (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/manage-ec2-fleet.html#monitor-ec2-fleet) +// For more information, see Describe your EC2 Fleet (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/manage-ec2-fleet.html#monitor-ec2-fleet) // in the Amazon EC2 User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -21294,6 +22106,10 @@ func (c *EC2) DescribeImageAttributeRequest(input *DescribeImageAttributeInput) // Describes the specified attribute of the specified AMI. You can specify only // one attribute at a time. // +// The order of the elements in the response, including those within nested +// structures, might vary. Applications should not assume the elements appear +// in a particular order. +// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -21383,6 +22199,10 @@ func (c *EC2) DescribeImagesRequest(input *DescribeImagesInput) (req *request.Re // AMI are terminated, specifying the ID of the image will eventually return // an error indicating that the AMI ID cannot be found. // +// The order of the elements in the response, including those within nested +// structures, might vary. Applications should not assume the elements appear +// in a particular order. +// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -21800,6 +22620,137 @@ func (c *EC2) DescribeInstanceAttributeWithContext(ctx aws.Context, input *Descr return out, req.Send() } +const opDescribeInstanceConnectEndpoints = "DescribeInstanceConnectEndpoints" + +// DescribeInstanceConnectEndpointsRequest generates a "aws/request.Request" representing the +// client's request for the DescribeInstanceConnectEndpoints operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DescribeInstanceConnectEndpoints for more information on using the DescribeInstanceConnectEndpoints +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the DescribeInstanceConnectEndpointsRequest method. +// req, resp := client.DescribeInstanceConnectEndpointsRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DescribeInstanceConnectEndpoints +func (c *EC2) DescribeInstanceConnectEndpointsRequest(input *DescribeInstanceConnectEndpointsInput) (req *request.Request, output *DescribeInstanceConnectEndpointsOutput) { + op := &request.Operation{ + Name: opDescribeInstanceConnectEndpoints, + HTTPMethod: "POST", + HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "MaxResults", + TruncationToken: "", + }, + } + + if input == nil { + input = &DescribeInstanceConnectEndpointsInput{} + } + + output = &DescribeInstanceConnectEndpointsOutput{} + req = c.newRequest(op, input, output) + return +} + +// DescribeInstanceConnectEndpoints API operation for Amazon Elastic Compute Cloud. +// +// Describes the specified EC2 Instance Connect Endpoints or all EC2 Instance +// Connect Endpoints. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation DescribeInstanceConnectEndpoints for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DescribeInstanceConnectEndpoints +func (c *EC2) DescribeInstanceConnectEndpoints(input *DescribeInstanceConnectEndpointsInput) (*DescribeInstanceConnectEndpointsOutput, error) { + req, out := c.DescribeInstanceConnectEndpointsRequest(input) + return out, req.Send() +} + +// DescribeInstanceConnectEndpointsWithContext is the same as DescribeInstanceConnectEndpoints with the addition of +// the ability to pass a context and additional request options. +// +// See DescribeInstanceConnectEndpoints for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DescribeInstanceConnectEndpointsWithContext(ctx aws.Context, input *DescribeInstanceConnectEndpointsInput, opts ...request.Option) (*DescribeInstanceConnectEndpointsOutput, error) { + req, out := c.DescribeInstanceConnectEndpointsRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +// DescribeInstanceConnectEndpointsPages iterates over the pages of a DescribeInstanceConnectEndpoints operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See DescribeInstanceConnectEndpoints method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a DescribeInstanceConnectEndpoints operation. +// pageNum := 0 +// err := client.DescribeInstanceConnectEndpointsPages(params, +// func(page *ec2.DescribeInstanceConnectEndpointsOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +func (c *EC2) DescribeInstanceConnectEndpointsPages(input *DescribeInstanceConnectEndpointsInput, fn func(*DescribeInstanceConnectEndpointsOutput, bool) bool) error { + return c.DescribeInstanceConnectEndpointsPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// DescribeInstanceConnectEndpointsPagesWithContext same as DescribeInstanceConnectEndpointsPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DescribeInstanceConnectEndpointsPagesWithContext(ctx aws.Context, input *DescribeInstanceConnectEndpointsInput, fn func(*DescribeInstanceConnectEndpointsOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *DescribeInstanceConnectEndpointsInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.DescribeInstanceConnectEndpointsRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*DescribeInstanceConnectEndpointsOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + const opDescribeInstanceCreditSpecifications = "DescribeInstanceCreditSpecifications" // DescribeInstanceCreditSpecificationsRequest generates a "aws/request.Request" representing the @@ -22239,6 +23190,10 @@ func (c *EC2) DescribeInstanceStatusRequest(input *DescribeInstanceStatusInput) // (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-lifecycle.html) // in the Amazon EC2 User Guide. // +// The order of the elements in the response, including those within nested +// structures, might vary. Applications should not assume the elements appear +// in a particular order. +// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -22318,6 +23273,151 @@ func (c *EC2) DescribeInstanceStatusPagesWithContext(ctx aws.Context, input *Des return p.Err() } +const opDescribeInstanceTopology = "DescribeInstanceTopology" + +// DescribeInstanceTopologyRequest generates a "aws/request.Request" representing the +// client's request for the DescribeInstanceTopology operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DescribeInstanceTopology for more information on using the DescribeInstanceTopology +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the DescribeInstanceTopologyRequest method. +// req, resp := client.DescribeInstanceTopologyRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DescribeInstanceTopology +func (c *EC2) DescribeInstanceTopologyRequest(input *DescribeInstanceTopologyInput) (req *request.Request, output *DescribeInstanceTopologyOutput) { + op := &request.Operation{ + Name: opDescribeInstanceTopology, + HTTPMethod: "POST", + HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "MaxResults", + TruncationToken: "", + }, + } + + if input == nil { + input = &DescribeInstanceTopologyInput{} + } + + output = &DescribeInstanceTopologyOutput{} + req = c.newRequest(op, input, output) + return +} + +// DescribeInstanceTopology API operation for Amazon Elastic Compute Cloud. +// +// Describes a tree-based hierarchy that represents the physical host placement +// of your EC2 instances within an Availability Zone or Local Zone. You can +// use this information to determine the relative proximity of your EC2 instances +// within the Amazon Web Services network to support your tightly coupled workloads. +// +// Limitations +// +// - Supported zones Availability Zone Local Zone +// +// - Supported instance types hpc6a.48xlarge | hpc6id.32xlarge | hpc7a.12xlarge +// | hpc7a.24xlarge | hpc7a.48xlarge | hpc7a.96xlarge | hpc7g.4xlarge | hpc7g.8xlarge +// | hpc7g.16xlarge p3dn.24xlarge | p4d.24xlarge | p4de.24xlarge | p5.48xlarge +// trn1.2xlarge | trn1.32xlarge | trn1n.32xlarge +// +// For more information, see Amazon EC2 instance topology (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-topology.html) +// in the Amazon EC2 User Guide. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation DescribeInstanceTopology for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DescribeInstanceTopology +func (c *EC2) DescribeInstanceTopology(input *DescribeInstanceTopologyInput) (*DescribeInstanceTopologyOutput, error) { + req, out := c.DescribeInstanceTopologyRequest(input) + return out, req.Send() +} + +// DescribeInstanceTopologyWithContext is the same as DescribeInstanceTopology with the addition of +// the ability to pass a context and additional request options. +// +// See DescribeInstanceTopology for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DescribeInstanceTopologyWithContext(ctx aws.Context, input *DescribeInstanceTopologyInput, opts ...request.Option) (*DescribeInstanceTopologyOutput, error) { + req, out := c.DescribeInstanceTopologyRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +// DescribeInstanceTopologyPages iterates over the pages of a DescribeInstanceTopology operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See DescribeInstanceTopology method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a DescribeInstanceTopology operation. +// pageNum := 0 +// err := client.DescribeInstanceTopologyPages(params, +// func(page *ec2.DescribeInstanceTopologyOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +func (c *EC2) DescribeInstanceTopologyPages(input *DescribeInstanceTopologyInput, fn func(*DescribeInstanceTopologyOutput, bool) bool) error { + return c.DescribeInstanceTopologyPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// DescribeInstanceTopologyPagesWithContext same as DescribeInstanceTopologyPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DescribeInstanceTopologyPagesWithContext(ctx aws.Context, input *DescribeInstanceTopologyInput, fn func(*DescribeInstanceTopologyOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *DescribeInstanceTopologyInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.DescribeInstanceTopologyRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*DescribeInstanceTopologyOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + const opDescribeInstanceTypeOfferings = "DescribeInstanceTypeOfferings" // DescribeInstanceTypeOfferingsRequest generates a "aws/request.Request" representing the @@ -22651,6 +23751,10 @@ func (c *EC2) DescribeInstancesRequest(input *DescribeInstancesInput) (req *requ // If you describe instances and specify only instance IDs that are in an unaffected // zone, the call works normally. // +// The order of the elements in the response, including those within nested +// structures, might vary. Applications should not assume the elements appear +// in a particular order. +// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -22860,6 +23964,82 @@ func (c *EC2) DescribeInternetGatewaysPagesWithContext(ctx aws.Context, input *D return p.Err() } +const opDescribeIpamByoasn = "DescribeIpamByoasn" + +// DescribeIpamByoasnRequest generates a "aws/request.Request" representing the +// client's request for the DescribeIpamByoasn operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DescribeIpamByoasn for more information on using the DescribeIpamByoasn +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the DescribeIpamByoasnRequest method. +// req, resp := client.DescribeIpamByoasnRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DescribeIpamByoasn +func (c *EC2) DescribeIpamByoasnRequest(input *DescribeIpamByoasnInput) (req *request.Request, output *DescribeIpamByoasnOutput) { + op := &request.Operation{ + Name: opDescribeIpamByoasn, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &DescribeIpamByoasnInput{} + } + + output = &DescribeIpamByoasnOutput{} + req = c.newRequest(op, input, output) + return +} + +// DescribeIpamByoasn API operation for Amazon Elastic Compute Cloud. +// +// Describes your Autonomous System Numbers (ASNs), their provisioning statuses, +// and the BYOIP CIDRs with which they are associated. For more information, +// see Tutorial: Bring your ASN to IPAM (https://docs.aws.amazon.com/vpc/latest/ipam/tutorials-byoasn.html) +// in the Amazon VPC IPAM guide. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation DescribeIpamByoasn for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DescribeIpamByoasn +func (c *EC2) DescribeIpamByoasn(input *DescribeIpamByoasnInput) (*DescribeIpamByoasnOutput, error) { + req, out := c.DescribeIpamByoasnRequest(input) + return out, req.Send() +} + +// DescribeIpamByoasnWithContext is the same as DescribeIpamByoasn with the addition of +// the ability to pass a context and additional request options. +// +// See DescribeIpamByoasn for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DescribeIpamByoasnWithContext(ctx aws.Context, input *DescribeIpamByoasnInput, opts ...request.Option) (*DescribeIpamByoasnOutput, error) { + req, out := c.DescribeIpamByoasnRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opDescribeIpamPools = "DescribeIpamPools" // DescribeIpamPoolsRequest generates a "aws/request.Request" representing the @@ -22990,6 +24170,270 @@ func (c *EC2) DescribeIpamPoolsPagesWithContext(ctx aws.Context, input *Describe return p.Err() } +const opDescribeIpamResourceDiscoveries = "DescribeIpamResourceDiscoveries" + +// DescribeIpamResourceDiscoveriesRequest generates a "aws/request.Request" representing the +// client's request for the DescribeIpamResourceDiscoveries operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DescribeIpamResourceDiscoveries for more information on using the DescribeIpamResourceDiscoveries +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the DescribeIpamResourceDiscoveriesRequest method. +// req, resp := client.DescribeIpamResourceDiscoveriesRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DescribeIpamResourceDiscoveries +func (c *EC2) DescribeIpamResourceDiscoveriesRequest(input *DescribeIpamResourceDiscoveriesInput) (req *request.Request, output *DescribeIpamResourceDiscoveriesOutput) { + op := &request.Operation{ + Name: opDescribeIpamResourceDiscoveries, + HTTPMethod: "POST", + HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "MaxResults", + TruncationToken: "", + }, + } + + if input == nil { + input = &DescribeIpamResourceDiscoveriesInput{} + } + + output = &DescribeIpamResourceDiscoveriesOutput{} + req = c.newRequest(op, input, output) + return +} + +// DescribeIpamResourceDiscoveries API operation for Amazon Elastic Compute Cloud. +// +// Describes IPAM resource discoveries. A resource discovery is an IPAM component +// that enables IPAM to manage and monitor resources that belong to the owning +// account. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation DescribeIpamResourceDiscoveries for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DescribeIpamResourceDiscoveries +func (c *EC2) DescribeIpamResourceDiscoveries(input *DescribeIpamResourceDiscoveriesInput) (*DescribeIpamResourceDiscoveriesOutput, error) { + req, out := c.DescribeIpamResourceDiscoveriesRequest(input) + return out, req.Send() +} + +// DescribeIpamResourceDiscoveriesWithContext is the same as DescribeIpamResourceDiscoveries with the addition of +// the ability to pass a context and additional request options. +// +// See DescribeIpamResourceDiscoveries for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DescribeIpamResourceDiscoveriesWithContext(ctx aws.Context, input *DescribeIpamResourceDiscoveriesInput, opts ...request.Option) (*DescribeIpamResourceDiscoveriesOutput, error) { + req, out := c.DescribeIpamResourceDiscoveriesRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +// DescribeIpamResourceDiscoveriesPages iterates over the pages of a DescribeIpamResourceDiscoveries operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See DescribeIpamResourceDiscoveries method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a DescribeIpamResourceDiscoveries operation. +// pageNum := 0 +// err := client.DescribeIpamResourceDiscoveriesPages(params, +// func(page *ec2.DescribeIpamResourceDiscoveriesOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +func (c *EC2) DescribeIpamResourceDiscoveriesPages(input *DescribeIpamResourceDiscoveriesInput, fn func(*DescribeIpamResourceDiscoveriesOutput, bool) bool) error { + return c.DescribeIpamResourceDiscoveriesPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// DescribeIpamResourceDiscoveriesPagesWithContext same as DescribeIpamResourceDiscoveriesPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DescribeIpamResourceDiscoveriesPagesWithContext(ctx aws.Context, input *DescribeIpamResourceDiscoveriesInput, fn func(*DescribeIpamResourceDiscoveriesOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *DescribeIpamResourceDiscoveriesInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.DescribeIpamResourceDiscoveriesRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*DescribeIpamResourceDiscoveriesOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + +const opDescribeIpamResourceDiscoveryAssociations = "DescribeIpamResourceDiscoveryAssociations" + +// DescribeIpamResourceDiscoveryAssociationsRequest generates a "aws/request.Request" representing the +// client's request for the DescribeIpamResourceDiscoveryAssociations operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DescribeIpamResourceDiscoveryAssociations for more information on using the DescribeIpamResourceDiscoveryAssociations +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the DescribeIpamResourceDiscoveryAssociationsRequest method. +// req, resp := client.DescribeIpamResourceDiscoveryAssociationsRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DescribeIpamResourceDiscoveryAssociations +func (c *EC2) DescribeIpamResourceDiscoveryAssociationsRequest(input *DescribeIpamResourceDiscoveryAssociationsInput) (req *request.Request, output *DescribeIpamResourceDiscoveryAssociationsOutput) { + op := &request.Operation{ + Name: opDescribeIpamResourceDiscoveryAssociations, + HTTPMethod: "POST", + HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "MaxResults", + TruncationToken: "", + }, + } + + if input == nil { + input = &DescribeIpamResourceDiscoveryAssociationsInput{} + } + + output = &DescribeIpamResourceDiscoveryAssociationsOutput{} + req = c.newRequest(op, input, output) + return +} + +// DescribeIpamResourceDiscoveryAssociations API operation for Amazon Elastic Compute Cloud. +// +// Describes resource discovery association with an Amazon VPC IPAM. An associated +// resource discovery is a resource discovery that has been associated with +// an IPAM.. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation DescribeIpamResourceDiscoveryAssociations for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DescribeIpamResourceDiscoveryAssociations +func (c *EC2) DescribeIpamResourceDiscoveryAssociations(input *DescribeIpamResourceDiscoveryAssociationsInput) (*DescribeIpamResourceDiscoveryAssociationsOutput, error) { + req, out := c.DescribeIpamResourceDiscoveryAssociationsRequest(input) + return out, req.Send() +} + +// DescribeIpamResourceDiscoveryAssociationsWithContext is the same as DescribeIpamResourceDiscoveryAssociations with the addition of +// the ability to pass a context and additional request options. +// +// See DescribeIpamResourceDiscoveryAssociations for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DescribeIpamResourceDiscoveryAssociationsWithContext(ctx aws.Context, input *DescribeIpamResourceDiscoveryAssociationsInput, opts ...request.Option) (*DescribeIpamResourceDiscoveryAssociationsOutput, error) { + req, out := c.DescribeIpamResourceDiscoveryAssociationsRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +// DescribeIpamResourceDiscoveryAssociationsPages iterates over the pages of a DescribeIpamResourceDiscoveryAssociations operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See DescribeIpamResourceDiscoveryAssociations method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a DescribeIpamResourceDiscoveryAssociations operation. +// pageNum := 0 +// err := client.DescribeIpamResourceDiscoveryAssociationsPages(params, +// func(page *ec2.DescribeIpamResourceDiscoveryAssociationsOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +func (c *EC2) DescribeIpamResourceDiscoveryAssociationsPages(input *DescribeIpamResourceDiscoveryAssociationsInput, fn func(*DescribeIpamResourceDiscoveryAssociationsOutput, bool) bool) error { + return c.DescribeIpamResourceDiscoveryAssociationsPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// DescribeIpamResourceDiscoveryAssociationsPagesWithContext same as DescribeIpamResourceDiscoveryAssociationsPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DescribeIpamResourceDiscoveryAssociationsPagesWithContext(ctx aws.Context, input *DescribeIpamResourceDiscoveryAssociationsInput, fn func(*DescribeIpamResourceDiscoveryAssociationsOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *DescribeIpamResourceDiscoveryAssociationsInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.DescribeIpamResourceDiscoveryAssociationsRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*DescribeIpamResourceDiscoveryAssociationsOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + const opDescribeIpamScopes = "DescribeIpamScopes" // DescribeIpamScopesRequest generates a "aws/request.Request" representing the @@ -24506,6 +25950,210 @@ func (c *EC2) DescribeLocalGatewaysPagesWithContext(ctx aws.Context, input *Desc return p.Err() } +const opDescribeLockedSnapshots = "DescribeLockedSnapshots" + +// DescribeLockedSnapshotsRequest generates a "aws/request.Request" representing the +// client's request for the DescribeLockedSnapshots operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DescribeLockedSnapshots for more information on using the DescribeLockedSnapshots +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the DescribeLockedSnapshotsRequest method. +// req, resp := client.DescribeLockedSnapshotsRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DescribeLockedSnapshots +func (c *EC2) DescribeLockedSnapshotsRequest(input *DescribeLockedSnapshotsInput) (req *request.Request, output *DescribeLockedSnapshotsOutput) { + op := &request.Operation{ + Name: opDescribeLockedSnapshots, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &DescribeLockedSnapshotsInput{} + } + + output = &DescribeLockedSnapshotsOutput{} + req = c.newRequest(op, input, output) + return +} + +// DescribeLockedSnapshots API operation for Amazon Elastic Compute Cloud. +// +// Describes the lock status for a snapshot. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation DescribeLockedSnapshots for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DescribeLockedSnapshots +func (c *EC2) DescribeLockedSnapshots(input *DescribeLockedSnapshotsInput) (*DescribeLockedSnapshotsOutput, error) { + req, out := c.DescribeLockedSnapshotsRequest(input) + return out, req.Send() +} + +// DescribeLockedSnapshotsWithContext is the same as DescribeLockedSnapshots with the addition of +// the ability to pass a context and additional request options. +// +// See DescribeLockedSnapshots for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DescribeLockedSnapshotsWithContext(ctx aws.Context, input *DescribeLockedSnapshotsInput, opts ...request.Option) (*DescribeLockedSnapshotsOutput, error) { + req, out := c.DescribeLockedSnapshotsRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opDescribeMacHosts = "DescribeMacHosts" + +// DescribeMacHostsRequest generates a "aws/request.Request" representing the +// client's request for the DescribeMacHosts operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DescribeMacHosts for more information on using the DescribeMacHosts +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the DescribeMacHostsRequest method. +// req, resp := client.DescribeMacHostsRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DescribeMacHosts +func (c *EC2) DescribeMacHostsRequest(input *DescribeMacHostsInput) (req *request.Request, output *DescribeMacHostsOutput) { + op := &request.Operation{ + Name: opDescribeMacHosts, + HTTPMethod: "POST", + HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "MaxResults", + TruncationToken: "", + }, + } + + if input == nil { + input = &DescribeMacHostsInput{} + } + + output = &DescribeMacHostsOutput{} + req = c.newRequest(op, input, output) + return +} + +// DescribeMacHosts API operation for Amazon Elastic Compute Cloud. +// +// Describes the specified EC2 Mac Dedicated Host or all of your EC2 Mac Dedicated +// Hosts. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation DescribeMacHosts for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DescribeMacHosts +func (c *EC2) DescribeMacHosts(input *DescribeMacHostsInput) (*DescribeMacHostsOutput, error) { + req, out := c.DescribeMacHostsRequest(input) + return out, req.Send() +} + +// DescribeMacHostsWithContext is the same as DescribeMacHosts with the addition of +// the ability to pass a context and additional request options. +// +// See DescribeMacHosts for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DescribeMacHostsWithContext(ctx aws.Context, input *DescribeMacHostsInput, opts ...request.Option) (*DescribeMacHostsOutput, error) { + req, out := c.DescribeMacHostsRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +// DescribeMacHostsPages iterates over the pages of a DescribeMacHosts operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See DescribeMacHosts method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a DescribeMacHosts operation. +// pageNum := 0 +// err := client.DescribeMacHostsPages(params, +// func(page *ec2.DescribeMacHostsOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +func (c *EC2) DescribeMacHostsPages(input *DescribeMacHostsInput, fn func(*DescribeMacHostsOutput, bool) bool) error { + return c.DescribeMacHostsPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// DescribeMacHostsPagesWithContext same as DescribeMacHostsPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DescribeMacHostsPagesWithContext(ctx aws.Context, input *DescribeMacHostsInput, fn func(*DescribeMacHostsOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *DescribeMacHostsInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.DescribeMacHostsRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*DescribeMacHostsOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + const opDescribeManagedPrefixLists = "DescribeManagedPrefixLists" // DescribeManagedPrefixListsRequest generates a "aws/request.Request" representing the @@ -24688,9 +26336,11 @@ func (c *EC2) DescribeMovingAddressesRequest(input *DescribeMovingAddressesInput // DescribeMovingAddresses API operation for Amazon Elastic Compute Cloud. // -// Describes your Elastic IP addresses that are being moved to the EC2-VPC platform, -// or that are being restored to the EC2-Classic platform. This request does -// not return information about any other Elastic IP addresses in your account. +// This action is deprecated. +// +// Describes your Elastic IP addresses that are being moved from or being restored +// to the EC2-Classic platform. This request does not return information about +// any other Elastic IP addresses in your account. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -24952,8 +26602,8 @@ func (c *EC2) DescribeNetworkAclsRequest(input *DescribeNetworkAclsInput) (req * // // Describes one or more of your network ACLs. // -// For more information, see Network ACLs (https://docs.aws.amazon.com/vpc/latest/userguide/VPC_ACLs.html) -// in the Amazon Virtual Private Cloud User Guide. +// For more information, see Network ACLs (https://docs.aws.amazon.com/vpc/latest/userguide/vpc-network-acls.html) +// in the Amazon VPC User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -25809,6 +27459,10 @@ func (c *EC2) DescribeNetworkInterfacesRequest(input *DescribeNetworkInterfacesI // // Describes one or more of your network interfaces. // +// If you have a large number of network interfaces, the operation fails unless +// you use pagination or one of the following filters: group-id, mac-address, +// private-dns-name, private-ip-address, private-dns-name, subnet-id, or vpc-id. +// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -26423,6 +28077,10 @@ func (c *EC2) DescribeRegionsRequest(input *DescribeRegionsInput) (req *request. // Managing Amazon Web Services Regions (https://docs.aws.amazon.com/general/latest/gr/rande-manage.html) // in the Amazon Web Services General Reference. // +// The order of the elements in the response, including those within nested +// structures, might vary. Applications should not assume the elements appear +// in a particular order. +// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -26631,6 +28289,10 @@ func (c *EC2) DescribeReservedInstancesRequest(input *DescribeReservedInstancesI // For more information about Reserved Instances, see Reserved Instances (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/concepts-on-demand-reserved-instances.html) // in the Amazon EC2 User Guide. // +// The order of the elements in the response, including those within nested +// structures, might vary. Applications should not assume the elements appear +// in a particular order. +// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -26725,6 +28387,10 @@ func (c *EC2) DescribeReservedInstancesListingsRequest(input *DescribeReservedIn // For more information, see Reserved Instance Marketplace (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ri-market-general.html) // in the Amazon EC2 User Guide. // +// The order of the elements in the response, including those within nested +// structures, might vary. Applications should not assume the elements appear +// in a particular order. +// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -26810,6 +28476,10 @@ func (c *EC2) DescribeReservedInstancesModificationsRequest(input *DescribeReser // For more information, see Modifying Reserved Instances (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ri-modifying.html) // in the Amazon EC2 User Guide. // +// The order of the elements in the response, including those within nested +// structures, might vary. Applications should not assume the elements appear +// in a particular order. +// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -26951,6 +28621,10 @@ func (c *EC2) DescribeReservedInstancesOfferingsRequest(input *DescribeReservedI // For more information, see Reserved Instance Marketplace (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ri-market-general.html) // in the Amazon EC2 User Guide. // +// The order of the elements in the response, including those within nested +// structures, might vary. Applications should not assume the elements appear +// in a particular order. +// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -27087,7 +28761,7 @@ func (c *EC2) DescribeRouteTablesRequest(input *DescribeRouteTablesInput) (req * // implicit associations. // // For more information, see Route tables (https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Route_Tables.html) -// in the Amazon Virtual Private Cloud User Guide. +// in the Amazon VPC User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -27479,8 +29153,8 @@ func (c *EC2) DescribeSecurityGroupReferencesRequest(input *DescribeSecurityGrou // DescribeSecurityGroupReferences API operation for Amazon Elastic Compute Cloud. // -// [VPC only] Describes the VPCs on the other side of a VPC peering connection -// that are referencing the security groups you've specified in this request. +// Describes the VPCs on the other side of a VPC peering connection that are +// referencing the security groups you've specified in this request. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -27691,17 +29365,6 @@ func (c *EC2) DescribeSecurityGroupsRequest(input *DescribeSecurityGroupsInput) // // Describes the specified security groups or all of your security groups. // -// A security group is for use with instances either in the EC2-Classic platform -// or in a specific VPC. For more information, see Amazon EC2 security groups -// (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-network-security.html) -// in the Amazon Elastic Compute Cloud User Guide and Security groups for your -// VPC (https://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_SecurityGroups.html) -// in the Amazon Virtual Private Cloud User Guide. -// -// We are retiring EC2-Classic. We recommend that you migrate from EC2-Classic -// to a VPC. For more information, see Migrate from EC2-Classic to a VPC (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-migrate.html) -// in the Amazon Elastic Compute Cloud User Guide. -// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -27827,8 +29490,8 @@ func (c *EC2) DescribeSnapshotAttributeRequest(input *DescribeSnapshotAttributeI // Describes the specified attribute of the specified snapshot. You can specify // only one attribute at a time. // -// For more information about EBS snapshots, see Amazon EBS snapshots (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSSnapshots.html) -// in the Amazon Elastic Compute Cloud User Guide. +// For more information about EBS snapshots, see Amazon EBS snapshots (https://docs.aws.amazon.com/ebs/latest/userguide/ebs-snapshots.html) +// in the Amazon EBS User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -28078,16 +29741,13 @@ func (c *EC2) DescribeSnapshotsRequest(input *DescribeSnapshotsInput) (req *requ // own or have explicit permissions, or all for public snapshots. // // If you are describing a long list of snapshots, we recommend that you paginate -// the output to make the list more manageable. The MaxResults parameter sets -// the maximum number of results returned in a single page. If the list of results -// exceeds your MaxResults value, then that number of results is returned along -// with a NextToken value that can be passed to a subsequent DescribeSnapshots -// request to retrieve the remaining results. +// the output to make the list more manageable. For more information, see Pagination +// (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination). // // To get the state of fast snapshot restores for a snapshot, use DescribeFastSnapshotRestores. // -// For more information about EBS snapshots, see Amazon EBS snapshots (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSSnapshots.html) -// in the Amazon Elastic Compute Cloud User Guide. +// For more information about EBS snapshots, see Amazon EBS snapshots (https://docs.aws.amazon.com/ebs/latest/userguide/ebs-snapshots.html) +// in the Amazon EBS User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -28588,11 +30248,11 @@ func (c *EC2) DescribeSpotInstanceRequestsRequest(input *DescribeSpotInstanceReq // with a filter to look for instances where the instance lifecycle is spot. // // We recommend that you set MaxResults to a value between 5 and 1000 to limit -// the number of results returned. This paginates the output, which makes the -// list more manageable and returns the results faster. If the list of results -// exceeds your MaxResults value, then that number of results is returned along -// with a NextToken value that can be passed to a subsequent DescribeSpotInstanceRequests -// request to retrieve the remaining results. +// the number of items returned. This paginates the output, which makes the +// list more manageable and returns the items faster. If the list of items exceeds +// your MaxResults value, then that number of items is returned along with a +// NextToken value that can be passed to a subsequent DescribeSpotInstanceRequests +// request to retrieve the remaining items. // // Spot Instance requests are deleted four hours after they are canceled and // their instances are terminated. @@ -28862,10 +30522,10 @@ func (c *EC2) DescribeStaleSecurityGroupsRequest(input *DescribeStaleSecurityGro // DescribeStaleSecurityGroups API operation for Amazon Elastic Compute Cloud. // -// [VPC only] Describes the stale security group rules for security groups in -// a specified VPC. Rules are stale when they reference a deleted security group -// in the same VPC or in a peer VPC, or if they reference a security group in -// a peer VPC for which the VPC peering connection has been deleted. +// Describes the stale security group rules for security groups in a specified +// VPC. Rules are stale when they reference a deleted security group in the +// same VPC or peered VPC. Rules can also be stale if they reference a security +// group in a peer VPC for which the VPC peering connection has been deleted. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -29143,8 +30803,8 @@ func (c *EC2) DescribeSubnetsRequest(input *DescribeSubnetsInput) (req *request. // // Describes one or more of your subnets. // -// For more information, see Your VPC and subnets (https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Subnets.html) -// in the Amazon Virtual Private Cloud User Guide. +// For more information, see Subnets (https://docs.aws.amazon.com/vpc/latest/userguide/configure-subnets.html) +// in the Amazon VPC User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -29279,6 +30939,10 @@ func (c *EC2) DescribeTagsRequest(input *DescribeTagsInput) (req *request.Reques // For more information about tags, see Tag your Amazon EC2 resources (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html) // in the Amazon Elastic Compute Cloud User Guide. // +// The order of the elements in the response, including those within nested +// structures, might vary. Applications should not assume the elements appear +// in a particular order. +// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -31104,9 +32768,6 @@ func (c *EC2) DescribeTrunkInterfaceAssociationsRequest(input *DescribeTrunkInte // DescribeTrunkInterfaceAssociations API operation for Amazon Elastic Compute Cloud. // -// This API action is currently in limited preview only. If you are interested -// in using this feature, contact your account manager. -// // Describes one or more network interface trunk associations. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -31237,7 +32898,7 @@ func (c *EC2) DescribeVerifiedAccessEndpointsRequest(input *DescribeVerifiedAcce // DescribeVerifiedAccessEndpoints API operation for Amazon Elastic Compute Cloud. // -// Describe Amazon Web Services Verified Access endpoints. +// Describes the specified Amazon Web Services Verified Access endpoints. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -31367,7 +33028,7 @@ func (c *EC2) DescribeVerifiedAccessGroupsRequest(input *DescribeVerifiedAccessG // DescribeVerifiedAccessGroups API operation for Amazon Elastic Compute Cloud. // -// Describe details of existing Verified Access groups. +// Describes the specified Verified Access groups. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -31497,8 +33158,7 @@ func (c *EC2) DescribeVerifiedAccessInstanceLoggingConfigurationsRequest(input * // DescribeVerifiedAccessInstanceLoggingConfigurations API operation for Amazon Elastic Compute Cloud. // -// Describes the current logging configuration for the Amazon Web Services Verified -// Access instances. +// Describes the specified Amazon Web Services Verified Access instances. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -31628,7 +33288,7 @@ func (c *EC2) DescribeVerifiedAccessInstancesRequest(input *DescribeVerifiedAcce // DescribeVerifiedAccessInstances API operation for Amazon Elastic Compute Cloud. // -// Describe Verified Access instances. +// Describes the specified Amazon Web Services Verified Access instances. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -31758,7 +33418,7 @@ func (c *EC2) DescribeVerifiedAccessTrustProvidersRequest(input *DescribeVerifie // DescribeVerifiedAccessTrustProviders API operation for Amazon Elastic Compute Cloud. // -// Describe details of existing Verified Access trust providers. +// Describes the specified Amazon Web Services Verified Access trust providers. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -31885,8 +33545,8 @@ func (c *EC2) DescribeVolumeAttributeRequest(input *DescribeVolumeAttributeInput // Describes the specified attribute of the specified volume. You can specify // only one attribute at a time. // -// For more information about EBS volumes, see Amazon EBS volumes (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumes.html) -// in the Amazon Elastic Compute Cloud User Guide. +// For more information about EBS volumes, see Amazon EBS volumes (https://docs.aws.amazon.com/ebs/latest/userguide/ebs-volumes.html) +// in the Amazon EBS User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -31983,8 +33643,8 @@ func (c *EC2) DescribeVolumeStatusRequest(input *DescribeVolumeStatusInput) (req // If the status is insufficient-data, then the checks might still be taking // place on your volume at the time. We recommend that you retry the request. // For more information about volume status, see Monitor the status of your -// volumes (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/monitoring-volume-status.html) -// in the Amazon Elastic Compute Cloud User Guide. +// volumes (https://docs.aws.amazon.com/ebs/latest/userguide/monitoring-volume-status.html) +// in the Amazon EBS User Guide. // // Events: Reflect the cause of a volume status and might require you to take // action. For example, if your volume returns an impaired status, then the @@ -32002,6 +33662,10 @@ func (c *EC2) DescribeVolumeStatusRequest(input *DescribeVolumeStatusInput) (req // the volume state. Therefore, volume status does not indicate volumes in the // error state (for example, when a volume is incapable of accepting I/O.) // +// The order of the elements in the response, including those within nested +// structures, might vary. Applications should not assume the elements appear +// in a particular order. +// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -32133,14 +33797,15 @@ func (c *EC2) DescribeVolumesRequest(input *DescribeVolumesInput) (req *request. // Describes the specified EBS volumes or all of your EBS volumes. // // If you are describing a long list of volumes, we recommend that you paginate -// the output to make the list more manageable. The MaxResults parameter sets -// the maximum number of results returned in a single page. If the list of results -// exceeds your MaxResults value, then that number of results is returned along -// with a NextToken value that can be passed to a subsequent DescribeVolumes -// request to retrieve the remaining results. +// the output to make the list more manageable. For more information, see Pagination +// (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination). // -// For more information about EBS volumes, see Amazon EBS volumes (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumes.html) -// in the Amazon Elastic Compute Cloud User Guide. +// For more information about EBS volumes, see Amazon EBS volumes (https://docs.aws.amazon.com/ebs/latest/userguide/ebs-volumes.html) +// in the Amazon EBS User Guide. +// +// The order of the elements in the response, including those within nested +// structures, might vary. Applications should not assume the elements appear +// in a particular order. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -32280,8 +33945,8 @@ func (c *EC2) DescribeVolumesModificationsRequest(input *DescribeVolumesModifica // You can also use CloudWatch Events to check the status of a modification // to an EBS volume. For information about CloudWatch Events, see the Amazon // CloudWatch Events User Guide (https://docs.aws.amazon.com/AmazonCloudWatch/latest/events/). -// For more information, see Monitor the progress of volume modifications (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/monitoring-volume-modifications.html) -// in the Amazon Elastic Compute Cloud User Guide. +// For more information, see Monitor the progress of volume modifications (https://docs.aws.amazon.com/ebs/latest/userguide/monitoring-volume-modifications.html) +// in the Amazon EBS User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -32479,11 +34144,9 @@ func (c *EC2) DescribeVpcClassicLinkRequest(input *DescribeVpcClassicLinkInput) // DescribeVpcClassicLink API operation for Amazon Elastic Compute Cloud. // -// Describes the ClassicLink status of one or more VPCs. +// This action is deprecated. // -// We are retiring EC2-Classic. We recommend that you migrate from EC2-Classic -// to a VPC. For more information, see Migrate from EC2-Classic to a VPC (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-migrate.html) -// in the Amazon Elastic Compute Cloud User Guide. +// Describes the ClassicLink status of the specified VPCs. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -32562,17 +34225,13 @@ func (c *EC2) DescribeVpcClassicLinkDnsSupportRequest(input *DescribeVpcClassicL // DescribeVpcClassicLinkDnsSupport API operation for Amazon Elastic Compute Cloud. // -// We are retiring EC2-Classic. We recommend that you migrate from EC2-Classic -// to a VPC. For more information, see Migrate from EC2-Classic to a VPC (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-migrate.html) -// in the Amazon Elastic Compute Cloud User Guide. +// This action is deprecated. // // Describes the ClassicLink DNS support status of one or more VPCs. If enabled, // the DNS hostname of a linked EC2-Classic instance resolves to its private // IP address when addressed from an instance in the VPC to which it's linked. // Similarly, the DNS hostname of an instance in a VPC resolves to its private -// IP address when addressed from a linked EC2-Classic instance. For more information, -// see ClassicLink (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-classiclink.html) -// in the Amazon Elastic Compute Cloud User Guide. +// IP address when addressed from a linked EC2-Classic instance. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -33305,7 +34964,7 @@ func (c *EC2) DescribeVpcEndpointsRequest(input *DescribeVpcEndpointsInput) (req // DescribeVpcEndpoints API operation for Amazon Elastic Compute Cloud. // -// Describes one or more of your VPC endpoints. +// Describes your VPC endpoints. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -33841,9 +35500,7 @@ func (c *EC2) DetachClassicLinkVpcRequest(input *DetachClassicLinkVpcInput) (req // DetachClassicLinkVpc API operation for Amazon Elastic Compute Cloud. // -// We are retiring EC2-Classic. We recommend that you migrate from EC2-Classic -// to a VPC. For more information, see Migrate from EC2-Classic to a VPC (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-migrate.html) -// in the Amazon Elastic Compute Cloud User Guide. +// This action is deprecated. // // Unlinks (detaches) a linked EC2-Classic instance from a VPC. After the instance // has been unlinked, the VPC security groups are no longer associated with @@ -34070,7 +35727,8 @@ func (c *EC2) DetachVerifiedAccessTrustProviderRequest(input *DetachVerifiedAcce // DetachVerifiedAccessTrustProvider API operation for Amazon Elastic Compute Cloud. // -// Detach a trust provider from an Amazon Web Services Verified Access instance. +// Detaches the specified Amazon Web Services Verified Access trust provider +// from the specified Amazon Web Services Verified Access instance. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -34155,8 +35813,12 @@ func (c *EC2) DetachVolumeRequest(input *DetachVolumeInput) (req *request.Reques // When a volume with an Amazon Web Services Marketplace product code is detached // from an instance, the product code is no longer associated with the instance. // -// For more information, see Detach an Amazon EBS volume (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-detaching-volume.html) -// in the Amazon Elastic Compute Cloud User Guide. +// You can't detach or force detach volumes that are attached to Amazon ECS +// or Fargate tasks. Attempting to do this results in the UnsupportedOperationException +// exception with the Unable to detach volume attached to ECS tasks error message. +// +// For more information, see Detach an Amazon EBS volume (https://docs.aws.amazon.com/ebs/latest/userguide/ebs-detaching-volume.html) +// in the Amazon EBS User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -34466,8 +36128,8 @@ func (c *EC2) DisableEbsEncryptionByDefaultRequest(input *DisableEbsEncryptionBy // Disabling encryption by default does not change the encryption status of // your existing volumes. // -// For more information, see Amazon EBS encryption (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html) -// in the Amazon Elastic Compute Cloud User Guide. +// For more information, see Amazon EBS encryption (https://docs.aws.amazon.com/ebs/latest/userguide/ebs-encryption.html) +// in the Amazon EBS User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -34540,12 +36202,13 @@ func (c *EC2) DisableFastLaunchRequest(input *DisableFastLaunchInput) (req *requ // DisableFastLaunch API operation for Amazon Elastic Compute Cloud. // -// Discontinue faster launching for a Windows AMI, and clean up existing pre-provisioned -// snapshots. When you disable faster launching, the AMI uses the standard launch -// process for each instance. All pre-provisioned snapshots must be removed -// before you can enable faster launching again. +// Discontinue Windows fast launch for a Windows AMI, and clean up existing +// pre-provisioned snapshots. After you disable Windows fast launch, the AMI +// uses the standard launch process for each new instance. Amazon EC2 must remove +// all pre-provisioned snapshots before you can enable Windows fast launch again. // -// To change these settings, you must own the AMI. +// You can only change these settings for Windows AMIs that you own or that +// have been shared with you. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -34649,6 +36312,178 @@ func (c *EC2) DisableFastSnapshotRestoresWithContext(ctx aws.Context, input *Dis return out, req.Send() } +const opDisableImage = "DisableImage" + +// DisableImageRequest generates a "aws/request.Request" representing the +// client's request for the DisableImage operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DisableImage for more information on using the DisableImage +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the DisableImageRequest method. +// req, resp := client.DisableImageRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DisableImage +func (c *EC2) DisableImageRequest(input *DisableImageInput) (req *request.Request, output *DisableImageOutput) { + op := &request.Operation{ + Name: opDisableImage, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &DisableImageInput{} + } + + output = &DisableImageOutput{} + req = c.newRequest(op, input, output) + return +} + +// DisableImage API operation for Amazon Elastic Compute Cloud. +// +// Sets the AMI state to disabled and removes all launch permissions from the +// AMI. A disabled AMI can't be used for instance launches. +// +// A disabled AMI can't be shared. If an AMI was public or previously shared, +// it is made private. If an AMI was shared with an Amazon Web Services account, +// organization, or Organizational Unit, they lose access to the disabled AMI. +// +// A disabled AMI does not appear in DescribeImages (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeImages.html) +// API calls by default. +// +// Only the AMI owner can disable an AMI. +// +// You can re-enable a disabled AMI using EnableImage (http://amazonaws.com/AWSEC2/latest/APIReference/API_EnableImage.html). +// +// For more information, see Disable an AMI (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/disable-an-ami.html) +// in the Amazon EC2 User Guide. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation DisableImage for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DisableImage +func (c *EC2) DisableImage(input *DisableImageInput) (*DisableImageOutput, error) { + req, out := c.DisableImageRequest(input) + return out, req.Send() +} + +// DisableImageWithContext is the same as DisableImage with the addition of +// the ability to pass a context and additional request options. +// +// See DisableImage for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DisableImageWithContext(ctx aws.Context, input *DisableImageInput, opts ...request.Option) (*DisableImageOutput, error) { + req, out := c.DisableImageRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opDisableImageBlockPublicAccess = "DisableImageBlockPublicAccess" + +// DisableImageBlockPublicAccessRequest generates a "aws/request.Request" representing the +// client's request for the DisableImageBlockPublicAccess operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DisableImageBlockPublicAccess for more information on using the DisableImageBlockPublicAccess +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the DisableImageBlockPublicAccessRequest method. +// req, resp := client.DisableImageBlockPublicAccessRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DisableImageBlockPublicAccess +func (c *EC2) DisableImageBlockPublicAccessRequest(input *DisableImageBlockPublicAccessInput) (req *request.Request, output *DisableImageBlockPublicAccessOutput) { + op := &request.Operation{ + Name: opDisableImageBlockPublicAccess, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &DisableImageBlockPublicAccessInput{} + } + + output = &DisableImageBlockPublicAccessOutput{} + req = c.newRequest(op, input, output) + return +} + +// DisableImageBlockPublicAccess API operation for Amazon Elastic Compute Cloud. +// +// Disables block public access for AMIs at the account level in the specified +// Amazon Web Services Region. This removes the block public access restriction +// from your account. With the restriction removed, you can publicly share your +// AMIs in the specified Amazon Web Services Region. +// +// The API can take up to 10 minutes to configure this setting. During this +// time, if you run GetImageBlockPublicAccessState (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetImageBlockPublicAccessState.html), +// the response will be block-new-sharing. When the API has completed the configuration, +// the response will be unblocked. +// +// For more information, see Block public access to your AMIs (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/sharingamis-intro.html#block-public-access-to-amis) +// in the Amazon EC2 User Guide. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation DisableImageBlockPublicAccess for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DisableImageBlockPublicAccess +func (c *EC2) DisableImageBlockPublicAccess(input *DisableImageBlockPublicAccessInput) (*DisableImageBlockPublicAccessOutput, error) { + req, out := c.DisableImageBlockPublicAccessRequest(input) + return out, req.Send() +} + +// DisableImageBlockPublicAccessWithContext is the same as DisableImageBlockPublicAccess with the addition of +// the ability to pass a context and additional request options. +// +// See DisableImageBlockPublicAccess for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DisableImageBlockPublicAccessWithContext(ctx aws.Context, input *DisableImageBlockPublicAccessInput, opts ...request.Option) (*DisableImageBlockPublicAccessOutput, error) { + req, out := c.DisableImageBlockPublicAccessRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opDisableImageDeprecation = "DisableImageDeprecation" // DisableImageDeprecationRequest generates a "aws/request.Request" representing the @@ -34877,6 +36712,89 @@ func (c *EC2) DisableSerialConsoleAccessWithContext(ctx aws.Context, input *Disa return out, req.Send() } +const opDisableSnapshotBlockPublicAccess = "DisableSnapshotBlockPublicAccess" + +// DisableSnapshotBlockPublicAccessRequest generates a "aws/request.Request" representing the +// client's request for the DisableSnapshotBlockPublicAccess operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DisableSnapshotBlockPublicAccess for more information on using the DisableSnapshotBlockPublicAccess +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the DisableSnapshotBlockPublicAccessRequest method. +// req, resp := client.DisableSnapshotBlockPublicAccessRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DisableSnapshotBlockPublicAccess +func (c *EC2) DisableSnapshotBlockPublicAccessRequest(input *DisableSnapshotBlockPublicAccessInput) (req *request.Request, output *DisableSnapshotBlockPublicAccessOutput) { + op := &request.Operation{ + Name: opDisableSnapshotBlockPublicAccess, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &DisableSnapshotBlockPublicAccessInput{} + } + + output = &DisableSnapshotBlockPublicAccessOutput{} + req = c.newRequest(op, input, output) + return +} + +// DisableSnapshotBlockPublicAccess API operation for Amazon Elastic Compute Cloud. +// +// Disables the block public access for snapshots setting at the account level +// for the specified Amazon Web Services Region. After you disable block public +// access for snapshots in a Region, users can publicly share snapshots in that +// Region. +// +// If block public access is enabled in block-all-sharing mode, and you disable +// block public access, all snapshots that were previously publicly shared are +// no longer treated as private and they become publicly accessible again. +// +// For more information, see Block public access for snapshots (https://docs.aws.amazon.com/ebs/latest/userguide/block-public-access-snapshots.html) +// in the Amazon EBS User Guide . +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation DisableSnapshotBlockPublicAccess for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DisableSnapshotBlockPublicAccess +func (c *EC2) DisableSnapshotBlockPublicAccess(input *DisableSnapshotBlockPublicAccessInput) (*DisableSnapshotBlockPublicAccessOutput, error) { + req, out := c.DisableSnapshotBlockPublicAccessRequest(input) + return out, req.Send() +} + +// DisableSnapshotBlockPublicAccessWithContext is the same as DisableSnapshotBlockPublicAccess with the addition of +// the ability to pass a context and additional request options. +// +// See DisableSnapshotBlockPublicAccess for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DisableSnapshotBlockPublicAccessWithContext(ctx aws.Context, input *DisableSnapshotBlockPublicAccessInput, opts ...request.Option) (*DisableSnapshotBlockPublicAccessOutput, error) { + req, out := c.DisableSnapshotBlockPublicAccessRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opDisableTransitGatewayRouteTablePropagation = "DisableTransitGatewayRouteTablePropagation" // DisableTransitGatewayRouteTablePropagationRequest generates a "aws/request.Request" representing the @@ -35069,13 +36987,11 @@ func (c *EC2) DisableVpcClassicLinkRequest(input *DisableVpcClassicLinkInput) (r // DisableVpcClassicLink API operation for Amazon Elastic Compute Cloud. // +// This action is deprecated. +// // Disables ClassicLink for a VPC. You cannot disable ClassicLink for a VPC // that has EC2-Classic instances linked to it. // -// We are retiring EC2-Classic. We recommend that you migrate from EC2-Classic -// to a VPC. For more information, see Migrate from EC2-Classic to a VPC (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-migrate.html) -// in the Amazon Elastic Compute Cloud User Guide. -// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -35147,18 +37063,14 @@ func (c *EC2) DisableVpcClassicLinkDnsSupportRequest(input *DisableVpcClassicLin // DisableVpcClassicLinkDnsSupport API operation for Amazon Elastic Compute Cloud. // +// This action is deprecated. +// // Disables ClassicLink DNS support for a VPC. If disabled, DNS hostnames resolve // to public IP addresses when addressed between a linked EC2-Classic instance -// and instances in the VPC to which it's linked. For more information, see -// ClassicLink (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-classiclink.html) -// in the Amazon Elastic Compute Cloud User Guide. +// and instances in the VPC to which it's linked. // // You must specify a VPC ID in the request. // -// We are retiring EC2-Classic. We recommend that you migrate from EC2-Classic -// to a VPC. For more information, see Migrate from EC2-Classic to a VPC (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-migrate.html) -// in the Amazon Elastic Compute Cloud User Guide. -// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -35234,14 +37146,6 @@ func (c *EC2) DisassociateAddressRequest(input *DisassociateAddressInput) (req * // Disassociates an Elastic IP address from the instance or network interface // it's associated with. // -// An Elastic IP address is for use in either the EC2-Classic platform or in -// a VPC. For more information, see Elastic IP Addresses (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/elastic-ip-addresses-eip.html) -// in the Amazon Elastic Compute Cloud User Guide. -// -// We are retiring EC2-Classic. We recommend that you migrate from EC2-Classic -// to a VPC. For more information, see Migrate from EC2-Classic to a VPC (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-migrate.html) -// in the Amazon Elastic Compute Cloud User Guide. -// // This is an idempotent operation. If you perform the operation more than once, // Amazon EC2 doesn't return an error. // @@ -35585,6 +37489,244 @@ func (c *EC2) DisassociateInstanceEventWindowWithContext(ctx aws.Context, input return out, req.Send() } +const opDisassociateIpamByoasn = "DisassociateIpamByoasn" + +// DisassociateIpamByoasnRequest generates a "aws/request.Request" representing the +// client's request for the DisassociateIpamByoasn operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DisassociateIpamByoasn for more information on using the DisassociateIpamByoasn +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the DisassociateIpamByoasnRequest method. +// req, resp := client.DisassociateIpamByoasnRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DisassociateIpamByoasn +func (c *EC2) DisassociateIpamByoasnRequest(input *DisassociateIpamByoasnInput) (req *request.Request, output *DisassociateIpamByoasnOutput) { + op := &request.Operation{ + Name: opDisassociateIpamByoasn, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &DisassociateIpamByoasnInput{} + } + + output = &DisassociateIpamByoasnOutput{} + req = c.newRequest(op, input, output) + return +} + +// DisassociateIpamByoasn API operation for Amazon Elastic Compute Cloud. +// +// Remove the association between your Autonomous System Number (ASN) and your +// BYOIP CIDR. You may want to use this action to disassociate an ASN from a +// CIDR or if you want to swap ASNs. For more information, see Tutorial: Bring +// your ASN to IPAM (https://docs.aws.amazon.com/vpc/latest/ipam/tutorials-byoasn.html) +// in the Amazon VPC IPAM guide. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation DisassociateIpamByoasn for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DisassociateIpamByoasn +func (c *EC2) DisassociateIpamByoasn(input *DisassociateIpamByoasnInput) (*DisassociateIpamByoasnOutput, error) { + req, out := c.DisassociateIpamByoasnRequest(input) + return out, req.Send() +} + +// DisassociateIpamByoasnWithContext is the same as DisassociateIpamByoasn with the addition of +// the ability to pass a context and additional request options. +// +// See DisassociateIpamByoasn for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DisassociateIpamByoasnWithContext(ctx aws.Context, input *DisassociateIpamByoasnInput, opts ...request.Option) (*DisassociateIpamByoasnOutput, error) { + req, out := c.DisassociateIpamByoasnRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opDisassociateIpamResourceDiscovery = "DisassociateIpamResourceDiscovery" + +// DisassociateIpamResourceDiscoveryRequest generates a "aws/request.Request" representing the +// client's request for the DisassociateIpamResourceDiscovery operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DisassociateIpamResourceDiscovery for more information on using the DisassociateIpamResourceDiscovery +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the DisassociateIpamResourceDiscoveryRequest method. +// req, resp := client.DisassociateIpamResourceDiscoveryRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DisassociateIpamResourceDiscovery +func (c *EC2) DisassociateIpamResourceDiscoveryRequest(input *DisassociateIpamResourceDiscoveryInput) (req *request.Request, output *DisassociateIpamResourceDiscoveryOutput) { + op := &request.Operation{ + Name: opDisassociateIpamResourceDiscovery, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &DisassociateIpamResourceDiscoveryInput{} + } + + output = &DisassociateIpamResourceDiscoveryOutput{} + req = c.newRequest(op, input, output) + return +} + +// DisassociateIpamResourceDiscovery API operation for Amazon Elastic Compute Cloud. +// +// Disassociates a resource discovery from an Amazon VPC IPAM. A resource discovery +// is an IPAM component that enables IPAM to manage and monitor resources that +// belong to the owning account. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation DisassociateIpamResourceDiscovery for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DisassociateIpamResourceDiscovery +func (c *EC2) DisassociateIpamResourceDiscovery(input *DisassociateIpamResourceDiscoveryInput) (*DisassociateIpamResourceDiscoveryOutput, error) { + req, out := c.DisassociateIpamResourceDiscoveryRequest(input) + return out, req.Send() +} + +// DisassociateIpamResourceDiscoveryWithContext is the same as DisassociateIpamResourceDiscovery with the addition of +// the ability to pass a context and additional request options. +// +// See DisassociateIpamResourceDiscovery for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DisassociateIpamResourceDiscoveryWithContext(ctx aws.Context, input *DisassociateIpamResourceDiscoveryInput, opts ...request.Option) (*DisassociateIpamResourceDiscoveryOutput, error) { + req, out := c.DisassociateIpamResourceDiscoveryRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opDisassociateNatGatewayAddress = "DisassociateNatGatewayAddress" + +// DisassociateNatGatewayAddressRequest generates a "aws/request.Request" representing the +// client's request for the DisassociateNatGatewayAddress operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DisassociateNatGatewayAddress for more information on using the DisassociateNatGatewayAddress +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the DisassociateNatGatewayAddressRequest method. +// req, resp := client.DisassociateNatGatewayAddressRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DisassociateNatGatewayAddress +func (c *EC2) DisassociateNatGatewayAddressRequest(input *DisassociateNatGatewayAddressInput) (req *request.Request, output *DisassociateNatGatewayAddressOutput) { + op := &request.Operation{ + Name: opDisassociateNatGatewayAddress, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &DisassociateNatGatewayAddressInput{} + } + + output = &DisassociateNatGatewayAddressOutput{} + req = c.newRequest(op, input, output) + return +} + +// DisassociateNatGatewayAddress API operation for Amazon Elastic Compute Cloud. +// +// Disassociates secondary Elastic IP addresses (EIPs) from a public NAT gateway. +// You cannot disassociate your primary EIP. For more information, see Edit +// secondary IP address associations (https://docs.aws.amazon.com/vpc/latest/userguide/vpc-nat-gateway.html#nat-gateway-edit-secondary) +// in the Amazon VPC User Guide. +// +// While disassociating is in progress, you cannot associate/disassociate additional +// EIPs while the connections are being drained. You are, however, allowed to +// delete the NAT gateway. +// +// An EIP is released only at the end of MaxDrainDurationSeconds. It stays associated +// and supports the existing connections but does not support any new connections +// (new connections are distributed across the remaining associated EIPs). As +// the existing connections drain out, the EIPs (and the corresponding private +// IP addresses mapped to them) are released. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation DisassociateNatGatewayAddress for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DisassociateNatGatewayAddress +func (c *EC2) DisassociateNatGatewayAddress(input *DisassociateNatGatewayAddressInput) (*DisassociateNatGatewayAddressOutput, error) { + req, out := c.DisassociateNatGatewayAddressRequest(input) + return out, req.Send() +} + +// DisassociateNatGatewayAddressWithContext is the same as DisassociateNatGatewayAddress with the addition of +// the ability to pass a context and additional request options. +// +// See DisassociateNatGatewayAddress for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DisassociateNatGatewayAddressWithContext(ctx aws.Context, input *DisassociateNatGatewayAddressInput, opts ...request.Option) (*DisassociateNatGatewayAddressOutput, error) { + req, out := c.DisassociateNatGatewayAddressRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opDisassociateRouteTable = "DisassociateRouteTable" // DisassociateRouteTableRequest generates a "aws/request.Request" representing the @@ -35634,7 +37776,7 @@ func (c *EC2) DisassociateRouteTableRequest(input *DisassociateRouteTableInput) // After you perform this action, the subnet no longer uses the routes in the // route table. Instead, it uses the routes in the VPC's main route table. For // more information about route tables, see Route tables (https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Route_Tables.html) -// in the Amazon Virtual Private Cloud User Guide. +// in the Amazon VPC User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -36001,9 +38143,6 @@ func (c *EC2) DisassociateTrunkInterfaceRequest(input *DisassociateTrunkInterfac // DisassociateTrunkInterface API operation for Amazon Elastic Compute Cloud. // -// This API action is currently in limited preview only. If you are interested -// in using this feature, contact your account manager. -// // Removes an association between a branch network interface with a trunk network // interface. // @@ -36310,8 +38449,8 @@ func (c *EC2) EnableEbsEncryptionByDefaultRequest(input *EnableEbsEncryptionByDe // After you enable encryption by default, the EBS volumes that you create are // always encrypted, either using the default KMS key or the KMS key that you // specified when you created each volume. For more information, see Amazon -// EBS encryption (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html) -// in the Amazon Elastic Compute Cloud User Guide. +// EBS encryption (https://docs.aws.amazon.com/ebs/latest/userguide/ebs-encryption.html) +// in the Amazon EBS User Guide. // // You can specify the default KMS key for encryption by default using ModifyEbsDefaultKmsKeyId // or ResetEbsDefaultKmsKeyId. @@ -36321,7 +38460,7 @@ func (c *EC2) EnableEbsEncryptionByDefaultRequest(input *EnableEbsEncryptionByDe // // After you enable encryption by default, you can no longer launch instances // using instance types that do not support encryption. For more information, -// see Supported instance types (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html#EBSEncryption_supported_instances). +// see Supported instance types (https://docs.aws.amazon.com/ebs/latest/userguide/ebs-encryption-requirements.html#ebs-encryption_supported_instances). // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -36394,14 +38533,15 @@ func (c *EC2) EnableFastLaunchRequest(input *EnableFastLaunchInput) (req *reques // EnableFastLaunch API operation for Amazon Elastic Compute Cloud. // -// When you enable faster launching for a Windows AMI, images are pre-provisioned, +// When you enable Windows fast launch for a Windows AMI, images are pre-provisioned, // using snapshots to launch instances up to 65% faster. To create the optimized // Windows image, Amazon EC2 launches an instance and runs through Sysprep steps, // rebooting as required. Then it creates a set of reserved snapshots that are // used for subsequent launches. The reserved snapshots are automatically replenished // as they are used, depending on your settings for launch frequency. // -// To change these settings, you must own the AMI. +// You can only change these settings for Windows AMIs that you own or that +// have been shared with you. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -36481,8 +38621,8 @@ func (c *EC2) EnableFastSnapshotRestoresRequest(input *EnableFastSnapshotRestore // state. To get the current state of fast snapshot restores, use DescribeFastSnapshotRestores. // To disable fast snapshot restores, use DisableFastSnapshotRestores. // -// For more information, see Amazon EBS fast snapshot restore (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-fast-snapshot-restore.html) -// in the Amazon Elastic Compute Cloud User Guide. +// For more information, see Amazon EBS fast snapshot restore (https://docs.aws.amazon.com/ebs/latest/userguide/ebs-fast-snapshot-restore.html) +// in the Amazon EBS User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -36512,6 +38652,171 @@ func (c *EC2) EnableFastSnapshotRestoresWithContext(ctx aws.Context, input *Enab return out, req.Send() } +const opEnableImage = "EnableImage" + +// EnableImageRequest generates a "aws/request.Request" representing the +// client's request for the EnableImage operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See EnableImage for more information on using the EnableImage +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the EnableImageRequest method. +// req, resp := client.EnableImageRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/EnableImage +func (c *EC2) EnableImageRequest(input *EnableImageInput) (req *request.Request, output *EnableImageOutput) { + op := &request.Operation{ + Name: opEnableImage, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &EnableImageInput{} + } + + output = &EnableImageOutput{} + req = c.newRequest(op, input, output) + return +} + +// EnableImage API operation for Amazon Elastic Compute Cloud. +// +// Re-enables a disabled AMI. The re-enabled AMI is marked as available and +// can be used for instance launches, appears in describe operations, and can +// be shared. Amazon Web Services accounts, organizations, and Organizational +// Units that lost access to the AMI when it was disabled do not regain access +// automatically. Once the AMI is available, it can be shared with them again. +// +// Only the AMI owner can re-enable a disabled AMI. +// +// For more information, see Disable an AMI (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/disable-an-ami.html) +// in the Amazon EC2 User Guide. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation EnableImage for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/EnableImage +func (c *EC2) EnableImage(input *EnableImageInput) (*EnableImageOutput, error) { + req, out := c.EnableImageRequest(input) + return out, req.Send() +} + +// EnableImageWithContext is the same as EnableImage with the addition of +// the ability to pass a context and additional request options. +// +// See EnableImage for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) EnableImageWithContext(ctx aws.Context, input *EnableImageInput, opts ...request.Option) (*EnableImageOutput, error) { + req, out := c.EnableImageRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opEnableImageBlockPublicAccess = "EnableImageBlockPublicAccess" + +// EnableImageBlockPublicAccessRequest generates a "aws/request.Request" representing the +// client's request for the EnableImageBlockPublicAccess operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See EnableImageBlockPublicAccess for more information on using the EnableImageBlockPublicAccess +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the EnableImageBlockPublicAccessRequest method. +// req, resp := client.EnableImageBlockPublicAccessRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/EnableImageBlockPublicAccess +func (c *EC2) EnableImageBlockPublicAccessRequest(input *EnableImageBlockPublicAccessInput) (req *request.Request, output *EnableImageBlockPublicAccessOutput) { + op := &request.Operation{ + Name: opEnableImageBlockPublicAccess, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &EnableImageBlockPublicAccessInput{} + } + + output = &EnableImageBlockPublicAccessOutput{} + req = c.newRequest(op, input, output) + return +} + +// EnableImageBlockPublicAccess API operation for Amazon Elastic Compute Cloud. +// +// Enables block public access for AMIs at the account level in the specified +// Amazon Web Services Region. This prevents the public sharing of your AMIs. +// However, if you already have public AMIs, they will remain publicly available. +// +// The API can take up to 10 minutes to configure this setting. During this +// time, if you run GetImageBlockPublicAccessState (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetImageBlockPublicAccessState.html), +// the response will be unblocked. When the API has completed the configuration, +// the response will be block-new-sharing. +// +// For more information, see Block public access to your AMIs (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/sharingamis-intro.html#block-public-access-to-amis) +// in the Amazon EC2 User Guide. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation EnableImageBlockPublicAccess for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/EnableImageBlockPublicAccess +func (c *EC2) EnableImageBlockPublicAccess(input *EnableImageBlockPublicAccessInput) (*EnableImageBlockPublicAccessOutput, error) { + req, out := c.EnableImageBlockPublicAccessRequest(input) + return out, req.Send() +} + +// EnableImageBlockPublicAccessWithContext is the same as EnableImageBlockPublicAccess with the addition of +// the ability to pass a context and additional request options. +// +// See EnableImageBlockPublicAccess for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) EnableImageBlockPublicAccessWithContext(ctx aws.Context, input *EnableImageBlockPublicAccessInput, opts ...request.Option) (*EnableImageBlockPublicAccessOutput, error) { + req, out := c.EnableImageBlockPublicAccessRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opEnableImageDeprecation = "EnableImageDeprecation" // EnableImageDeprecationRequest generates a "aws/request.Request" representing the @@ -36819,6 +39124,92 @@ func (c *EC2) EnableSerialConsoleAccessWithContext(ctx aws.Context, input *Enabl return out, req.Send() } +const opEnableSnapshotBlockPublicAccess = "EnableSnapshotBlockPublicAccess" + +// EnableSnapshotBlockPublicAccessRequest generates a "aws/request.Request" representing the +// client's request for the EnableSnapshotBlockPublicAccess operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See EnableSnapshotBlockPublicAccess for more information on using the EnableSnapshotBlockPublicAccess +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the EnableSnapshotBlockPublicAccessRequest method. +// req, resp := client.EnableSnapshotBlockPublicAccessRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/EnableSnapshotBlockPublicAccess +func (c *EC2) EnableSnapshotBlockPublicAccessRequest(input *EnableSnapshotBlockPublicAccessInput) (req *request.Request, output *EnableSnapshotBlockPublicAccessOutput) { + op := &request.Operation{ + Name: opEnableSnapshotBlockPublicAccess, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &EnableSnapshotBlockPublicAccessInput{} + } + + output = &EnableSnapshotBlockPublicAccessOutput{} + req = c.newRequest(op, input, output) + return +} + +// EnableSnapshotBlockPublicAccess API operation for Amazon Elastic Compute Cloud. +// +// Enables or modifies the block public access for snapshots setting at the +// account level for the specified Amazon Web Services Region. After you enable +// block public access for snapshots in a Region, users can no longer request +// public sharing for snapshots in that Region. Snapshots that are already publicly +// shared are either treated as private or they remain publicly shared, depending +// on the State that you specify. +// +// If block public access is enabled in block-all-sharing mode, and you change +// the mode to block-new-sharing, all snapshots that were previously publicly +// shared are no longer treated as private and they become publicly accessible +// again. +// +// For more information, see Block public access for snapshots (https://docs.aws.amazon.com/ebs/latest/userguide/block-public-access-snapshots.html) +// in the Amazon EBS User Guide. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation EnableSnapshotBlockPublicAccess for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/EnableSnapshotBlockPublicAccess +func (c *EC2) EnableSnapshotBlockPublicAccess(input *EnableSnapshotBlockPublicAccessInput) (*EnableSnapshotBlockPublicAccessOutput, error) { + req, out := c.EnableSnapshotBlockPublicAccessRequest(input) + return out, req.Send() +} + +// EnableSnapshotBlockPublicAccessWithContext is the same as EnableSnapshotBlockPublicAccess with the addition of +// the ability to pass a context and additional request options. +// +// See EnableSnapshotBlockPublicAccess for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) EnableSnapshotBlockPublicAccessWithContext(ctx aws.Context, input *EnableSnapshotBlockPublicAccessInput, opts ...request.Option) (*EnableSnapshotBlockPublicAccessOutput, error) { + req, out := c.EnableSnapshotBlockPublicAccessRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opEnableTransitGatewayRouteTablePropagation = "EnableTransitGatewayRouteTablePropagation" // EnableTransitGatewayRouteTablePropagationRequest generates a "aws/request.Request" representing the @@ -37086,17 +39477,14 @@ func (c *EC2) EnableVpcClassicLinkRequest(input *EnableVpcClassicLinkInput) (req // EnableVpcClassicLink API operation for Amazon Elastic Compute Cloud. // -// We are retiring EC2-Classic. We recommend that you migrate from EC2-Classic -// to a VPC. For more information, see Migrate from EC2-Classic to a VPC (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-migrate.html) -// in the Amazon Elastic Compute Cloud User Guide. +// This action is deprecated. // // Enables a VPC for ClassicLink. You can then link EC2-Classic instances to // your ClassicLink-enabled VPC to allow communication over private IP addresses. // You cannot enable your VPC for ClassicLink if any of your VPC route tables // have existing routes for address ranges within the 10.0.0.0/8 IP address // range, excluding local routes for VPCs in the 10.0.0.0/16 and 10.1.0.0/16 -// IP address ranges. For more information, see ClassicLink (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-classiclink.html) -// in the Amazon Elastic Compute Cloud User Guide. +// IP address ranges. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -37169,17 +39557,13 @@ func (c *EC2) EnableVpcClassicLinkDnsSupportRequest(input *EnableVpcClassicLinkD // EnableVpcClassicLinkDnsSupport API operation for Amazon Elastic Compute Cloud. // -// We are retiring EC2-Classic. We recommend that you migrate from EC2-Classic -// to a VPC. For more information, see Migrate from EC2-Classic to a VPC (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-migrate.html) -// in the Amazon Elastic Compute Cloud User Guide. +// This action is deprecated. // // Enables a VPC to support DNS hostname resolution for ClassicLink. If enabled, // the DNS hostname of a linked EC2-Classic instance resolves to its private // IP address when addressed from an instance in the VPC to which it's linked. // Similarly, the DNS hostname of an instance in a VPC resolves to its private -// IP address when addressed from a linked EC2-Classic instance. For more information, -// see ClassicLink (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-classiclink.html) -// in the Amazon Elastic Compute Cloud User Guide. +// IP address when addressed from a linked EC2-Classic instance. // // You must specify a VPC ID in the request. // @@ -38291,8 +40675,8 @@ func (c *EC2) GetEbsDefaultKmsKeyIdRequest(input *GetEbsDefaultKmsKeyIdInput) (r // in this Region. You can change the default KMS key for encryption by default // using ModifyEbsDefaultKmsKeyId or ResetEbsDefaultKmsKeyId. // -// For more information, see Amazon EBS encryption (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html) -// in the Amazon Elastic Compute Cloud User Guide. +// For more information, see Amazon EBS encryption (https://docs.aws.amazon.com/ebs/latest/userguide/ebs-encryption.html) +// in the Amazon EBS User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -38368,8 +40752,8 @@ func (c *EC2) GetEbsEncryptionByDefaultRequest(input *GetEbsEncryptionByDefaultI // Describes whether EBS encryption by default is enabled for your account in // the current Region. // -// For more information, see Amazon EBS encryption (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html) -// in the Amazon Elastic Compute Cloud User Guide. +// For more information, see Amazon EBS encryption (https://docs.aws.amazon.com/ebs/latest/userguide/ebs-encryption.html) +// in the Amazon EBS User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -38457,6 +40841,9 @@ func (c *EC2) GetFlowLogsIntegrationTemplateRequest(input *GetFlowLogsIntegratio // - Create a set of named queries in Athena that you can use to get started // quickly // +// GetFlowLogsIntegrationTemplate does not support integration between Amazon +// Web Services Transit Gateway Flow Logs and Amazon Athena. +// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -38693,6 +41080,83 @@ func (c *EC2) GetHostReservationPurchasePreviewWithContext(ctx aws.Context, inpu return out, req.Send() } +const opGetImageBlockPublicAccessState = "GetImageBlockPublicAccessState" + +// GetImageBlockPublicAccessStateRequest generates a "aws/request.Request" representing the +// client's request for the GetImageBlockPublicAccessState operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See GetImageBlockPublicAccessState for more information on using the GetImageBlockPublicAccessState +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the GetImageBlockPublicAccessStateRequest method. +// req, resp := client.GetImageBlockPublicAccessStateRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/GetImageBlockPublicAccessState +func (c *EC2) GetImageBlockPublicAccessStateRequest(input *GetImageBlockPublicAccessStateInput) (req *request.Request, output *GetImageBlockPublicAccessStateOutput) { + op := &request.Operation{ + Name: opGetImageBlockPublicAccessState, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &GetImageBlockPublicAccessStateInput{} + } + + output = &GetImageBlockPublicAccessStateOutput{} + req = c.newRequest(op, input, output) + return +} + +// GetImageBlockPublicAccessState API operation for Amazon Elastic Compute Cloud. +// +// Gets the current state of block public access for AMIs at the account level +// in the specified Amazon Web Services Region. +// +// For more information, see Block public access to your AMIs (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/sharingamis-intro.html#block-public-access-to-amis) +// in the Amazon EC2 User Guide. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation GetImageBlockPublicAccessState for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/GetImageBlockPublicAccessState +func (c *EC2) GetImageBlockPublicAccessState(input *GetImageBlockPublicAccessStateInput) (*GetImageBlockPublicAccessStateOutput, error) { + req, out := c.GetImageBlockPublicAccessStateRequest(input) + return out, req.Send() +} + +// GetImageBlockPublicAccessStateWithContext is the same as GetImageBlockPublicAccessState with the addition of +// the ability to pass a context and additional request options. +// +// See GetImageBlockPublicAccessState for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) GetImageBlockPublicAccessStateWithContext(ctx aws.Context, input *GetImageBlockPublicAccessStateInput, opts ...request.Option) (*GetImageBlockPublicAccessStateOutput, error) { + req, out := c.GetImageBlockPublicAccessStateRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opGetInstanceTypesFromInstanceRequirements = "GetInstanceTypesFromInstanceRequirements" // GetInstanceTypesFromInstanceRequirementsRequest generates a "aws/request.Request" representing the @@ -39056,6 +41520,346 @@ func (c *EC2) GetIpamAddressHistoryPagesWithContext(ctx aws.Context, input *GetI return p.Err() } +const opGetIpamDiscoveredAccounts = "GetIpamDiscoveredAccounts" + +// GetIpamDiscoveredAccountsRequest generates a "aws/request.Request" representing the +// client's request for the GetIpamDiscoveredAccounts operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See GetIpamDiscoveredAccounts for more information on using the GetIpamDiscoveredAccounts +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the GetIpamDiscoveredAccountsRequest method. +// req, resp := client.GetIpamDiscoveredAccountsRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/GetIpamDiscoveredAccounts +func (c *EC2) GetIpamDiscoveredAccountsRequest(input *GetIpamDiscoveredAccountsInput) (req *request.Request, output *GetIpamDiscoveredAccountsOutput) { + op := &request.Operation{ + Name: opGetIpamDiscoveredAccounts, + HTTPMethod: "POST", + HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "MaxResults", + TruncationToken: "", + }, + } + + if input == nil { + input = &GetIpamDiscoveredAccountsInput{} + } + + output = &GetIpamDiscoveredAccountsOutput{} + req = c.newRequest(op, input, output) + return +} + +// GetIpamDiscoveredAccounts API operation for Amazon Elastic Compute Cloud. +// +// Gets IPAM discovered accounts. A discovered account is an Amazon Web Services +// account that is monitored under a resource discovery. If you have integrated +// IPAM with Amazon Web Services Organizations, all accounts in the organization +// are discovered accounts. Only the IPAM account can get all discovered accounts +// in the organization. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation GetIpamDiscoveredAccounts for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/GetIpamDiscoveredAccounts +func (c *EC2) GetIpamDiscoveredAccounts(input *GetIpamDiscoveredAccountsInput) (*GetIpamDiscoveredAccountsOutput, error) { + req, out := c.GetIpamDiscoveredAccountsRequest(input) + return out, req.Send() +} + +// GetIpamDiscoveredAccountsWithContext is the same as GetIpamDiscoveredAccounts with the addition of +// the ability to pass a context and additional request options. +// +// See GetIpamDiscoveredAccounts for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) GetIpamDiscoveredAccountsWithContext(ctx aws.Context, input *GetIpamDiscoveredAccountsInput, opts ...request.Option) (*GetIpamDiscoveredAccountsOutput, error) { + req, out := c.GetIpamDiscoveredAccountsRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +// GetIpamDiscoveredAccountsPages iterates over the pages of a GetIpamDiscoveredAccounts operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See GetIpamDiscoveredAccounts method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a GetIpamDiscoveredAccounts operation. +// pageNum := 0 +// err := client.GetIpamDiscoveredAccountsPages(params, +// func(page *ec2.GetIpamDiscoveredAccountsOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +func (c *EC2) GetIpamDiscoveredAccountsPages(input *GetIpamDiscoveredAccountsInput, fn func(*GetIpamDiscoveredAccountsOutput, bool) bool) error { + return c.GetIpamDiscoveredAccountsPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// GetIpamDiscoveredAccountsPagesWithContext same as GetIpamDiscoveredAccountsPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) GetIpamDiscoveredAccountsPagesWithContext(ctx aws.Context, input *GetIpamDiscoveredAccountsInput, fn func(*GetIpamDiscoveredAccountsOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *GetIpamDiscoveredAccountsInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.GetIpamDiscoveredAccountsRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*GetIpamDiscoveredAccountsOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + +const opGetIpamDiscoveredPublicAddresses = "GetIpamDiscoveredPublicAddresses" + +// GetIpamDiscoveredPublicAddressesRequest generates a "aws/request.Request" representing the +// client's request for the GetIpamDiscoveredPublicAddresses operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See GetIpamDiscoveredPublicAddresses for more information on using the GetIpamDiscoveredPublicAddresses +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the GetIpamDiscoveredPublicAddressesRequest method. +// req, resp := client.GetIpamDiscoveredPublicAddressesRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/GetIpamDiscoveredPublicAddresses +func (c *EC2) GetIpamDiscoveredPublicAddressesRequest(input *GetIpamDiscoveredPublicAddressesInput) (req *request.Request, output *GetIpamDiscoveredPublicAddressesOutput) { + op := &request.Operation{ + Name: opGetIpamDiscoveredPublicAddresses, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &GetIpamDiscoveredPublicAddressesInput{} + } + + output = &GetIpamDiscoveredPublicAddressesOutput{} + req = c.newRequest(op, input, output) + return +} + +// GetIpamDiscoveredPublicAddresses API operation for Amazon Elastic Compute Cloud. +// +// Gets the public IP addresses that have been discovered by IPAM. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation GetIpamDiscoveredPublicAddresses for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/GetIpamDiscoveredPublicAddresses +func (c *EC2) GetIpamDiscoveredPublicAddresses(input *GetIpamDiscoveredPublicAddressesInput) (*GetIpamDiscoveredPublicAddressesOutput, error) { + req, out := c.GetIpamDiscoveredPublicAddressesRequest(input) + return out, req.Send() +} + +// GetIpamDiscoveredPublicAddressesWithContext is the same as GetIpamDiscoveredPublicAddresses with the addition of +// the ability to pass a context and additional request options. +// +// See GetIpamDiscoveredPublicAddresses for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) GetIpamDiscoveredPublicAddressesWithContext(ctx aws.Context, input *GetIpamDiscoveredPublicAddressesInput, opts ...request.Option) (*GetIpamDiscoveredPublicAddressesOutput, error) { + req, out := c.GetIpamDiscoveredPublicAddressesRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opGetIpamDiscoveredResourceCidrs = "GetIpamDiscoveredResourceCidrs" + +// GetIpamDiscoveredResourceCidrsRequest generates a "aws/request.Request" representing the +// client's request for the GetIpamDiscoveredResourceCidrs operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See GetIpamDiscoveredResourceCidrs for more information on using the GetIpamDiscoveredResourceCidrs +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the GetIpamDiscoveredResourceCidrsRequest method. +// req, resp := client.GetIpamDiscoveredResourceCidrsRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/GetIpamDiscoveredResourceCidrs +func (c *EC2) GetIpamDiscoveredResourceCidrsRequest(input *GetIpamDiscoveredResourceCidrsInput) (req *request.Request, output *GetIpamDiscoveredResourceCidrsOutput) { + op := &request.Operation{ + Name: opGetIpamDiscoveredResourceCidrs, + HTTPMethod: "POST", + HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "MaxResults", + TruncationToken: "", + }, + } + + if input == nil { + input = &GetIpamDiscoveredResourceCidrsInput{} + } + + output = &GetIpamDiscoveredResourceCidrsOutput{} + req = c.newRequest(op, input, output) + return +} + +// GetIpamDiscoveredResourceCidrs API operation for Amazon Elastic Compute Cloud. +// +// Returns the resource CIDRs that are monitored as part of a resource discovery. +// A discovered resource is a resource CIDR monitored under a resource discovery. +// The following resources can be discovered: VPCs, Public IPv4 pools, VPC subnets, +// and Elastic IP addresses. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation GetIpamDiscoveredResourceCidrs for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/GetIpamDiscoveredResourceCidrs +func (c *EC2) GetIpamDiscoveredResourceCidrs(input *GetIpamDiscoveredResourceCidrsInput) (*GetIpamDiscoveredResourceCidrsOutput, error) { + req, out := c.GetIpamDiscoveredResourceCidrsRequest(input) + return out, req.Send() +} + +// GetIpamDiscoveredResourceCidrsWithContext is the same as GetIpamDiscoveredResourceCidrs with the addition of +// the ability to pass a context and additional request options. +// +// See GetIpamDiscoveredResourceCidrs for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) GetIpamDiscoveredResourceCidrsWithContext(ctx aws.Context, input *GetIpamDiscoveredResourceCidrsInput, opts ...request.Option) (*GetIpamDiscoveredResourceCidrsOutput, error) { + req, out := c.GetIpamDiscoveredResourceCidrsRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +// GetIpamDiscoveredResourceCidrsPages iterates over the pages of a GetIpamDiscoveredResourceCidrs operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See GetIpamDiscoveredResourceCidrs method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a GetIpamDiscoveredResourceCidrs operation. +// pageNum := 0 +// err := client.GetIpamDiscoveredResourceCidrsPages(params, +// func(page *ec2.GetIpamDiscoveredResourceCidrsOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +func (c *EC2) GetIpamDiscoveredResourceCidrsPages(input *GetIpamDiscoveredResourceCidrsInput, fn func(*GetIpamDiscoveredResourceCidrsOutput, bool) bool) error { + return c.GetIpamDiscoveredResourceCidrsPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// GetIpamDiscoveredResourceCidrsPagesWithContext same as GetIpamDiscoveredResourceCidrsPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) GetIpamDiscoveredResourceCidrsPagesWithContext(ctx aws.Context, input *GetIpamDiscoveredResourceCidrsInput, fn func(*GetIpamDiscoveredResourceCidrsOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *GetIpamDiscoveredResourceCidrsInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.GetIpamDiscoveredResourceCidrsRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*GetIpamDiscoveredResourceCidrsOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + const opGetIpamPoolAllocations = "GetIpamPoolAllocations" // GetIpamPoolAllocationsRequest generates a "aws/request.Request" representing the @@ -39105,7 +41909,14 @@ func (c *EC2) GetIpamPoolAllocationsRequest(input *GetIpamPoolAllocationsInput) // GetIpamPoolAllocations API operation for Amazon Elastic Compute Cloud. // -// Get a list of all the CIDR allocations in an IPAM pool. +// Get a list of all the CIDR allocations in an IPAM pool. The Region you use +// should be the IPAM pool locale. The locale is the Amazon Web Services Region +// where this IPAM pool is available for allocations. +// +// If you use this action after AllocateIpamPoolCidr (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_AllocateIpamPoolCidr.html) +// or ReleaseIpamPoolAllocation (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ReleaseIpamPoolAllocation.html), +// note that all EC2 API actions follow an eventual consistency (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/query-api-troubleshooting.html#eventual-consistency) +// model. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -39365,7 +42176,11 @@ func (c *EC2) GetIpamResourceCidrsRequest(input *GetIpamResourceCidrsInput) (req // GetIpamResourceCidrs API operation for Amazon Elastic Compute Cloud. // -// Get information about the resources in a scope. +// Returns resource CIDRs managed by IPAM in a given scope. If an IPAM is associated +// with more than one resource discovery, the resource CIDRs across all of the +// resource discoveries is returned. A resource discovery is an IPAM component +// that enables IPAM to manage and monitor resources that belong to the owning +// account. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -39495,8 +42310,8 @@ func (c *EC2) GetLaunchTemplateDataRequest(input *GetLaunchTemplateDataInput) (r // This action calls on other describe actions to get instance information. // Depending on your instance configuration, you may need to allow the following // actions in your IAM policy: DescribeSpotInstanceRequests, DescribeInstanceCreditSpecifications, -// DescribeVolumes, DescribeInstanceAttribute, and DescribeElasticGpus. Or, -// you can allow describe* depending on your instance requirements. +// DescribeVolumes, and DescribeInstanceAttribute. Or, you can allow describe* +// depending on your instance requirements. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -39817,6 +42632,12 @@ func (c *EC2) GetNetworkInsightsAccessScopeAnalysisFindingsRequest(input *GetNet Name: opGetNetworkInsightsAccessScopeAnalysisFindings, HTTPMethod: "POST", HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "MaxResults", + TruncationToken: "", + }, } if input == nil { @@ -39860,6 +42681,57 @@ func (c *EC2) GetNetworkInsightsAccessScopeAnalysisFindingsWithContext(ctx aws.C return out, req.Send() } +// GetNetworkInsightsAccessScopeAnalysisFindingsPages iterates over the pages of a GetNetworkInsightsAccessScopeAnalysisFindings operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See GetNetworkInsightsAccessScopeAnalysisFindings method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a GetNetworkInsightsAccessScopeAnalysisFindings operation. +// pageNum := 0 +// err := client.GetNetworkInsightsAccessScopeAnalysisFindingsPages(params, +// func(page *ec2.GetNetworkInsightsAccessScopeAnalysisFindingsOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +func (c *EC2) GetNetworkInsightsAccessScopeAnalysisFindingsPages(input *GetNetworkInsightsAccessScopeAnalysisFindingsInput, fn func(*GetNetworkInsightsAccessScopeAnalysisFindingsOutput, bool) bool) error { + return c.GetNetworkInsightsAccessScopeAnalysisFindingsPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// GetNetworkInsightsAccessScopeAnalysisFindingsPagesWithContext same as GetNetworkInsightsAccessScopeAnalysisFindingsPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) GetNetworkInsightsAccessScopeAnalysisFindingsPagesWithContext(ctx aws.Context, input *GetNetworkInsightsAccessScopeAnalysisFindingsInput, fn func(*GetNetworkInsightsAccessScopeAnalysisFindingsOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *GetNetworkInsightsAccessScopeAnalysisFindingsInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.GetNetworkInsightsAccessScopeAnalysisFindingsRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*GetNetworkInsightsAccessScopeAnalysisFindingsOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + const opGetNetworkInsightsAccessScopeContent = "GetNetworkInsightsAccessScopeContent" // GetNetworkInsightsAccessScopeContentRequest generates a "aws/request.Request" representing the @@ -40099,6 +42971,137 @@ func (c *EC2) GetReservedInstancesExchangeQuoteWithContext(ctx aws.Context, inpu return out, req.Send() } +const opGetSecurityGroupsForVpc = "GetSecurityGroupsForVpc" + +// GetSecurityGroupsForVpcRequest generates a "aws/request.Request" representing the +// client's request for the GetSecurityGroupsForVpc operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See GetSecurityGroupsForVpc for more information on using the GetSecurityGroupsForVpc +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the GetSecurityGroupsForVpcRequest method. +// req, resp := client.GetSecurityGroupsForVpcRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/GetSecurityGroupsForVpc +func (c *EC2) GetSecurityGroupsForVpcRequest(input *GetSecurityGroupsForVpcInput) (req *request.Request, output *GetSecurityGroupsForVpcOutput) { + op := &request.Operation{ + Name: opGetSecurityGroupsForVpc, + HTTPMethod: "POST", + HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "MaxResults", + TruncationToken: "", + }, + } + + if input == nil { + input = &GetSecurityGroupsForVpcInput{} + } + + output = &GetSecurityGroupsForVpcOutput{} + req = c.newRequest(op, input, output) + return +} + +// GetSecurityGroupsForVpc API operation for Amazon Elastic Compute Cloud. +// +// Gets security groups that can be associated by the Amazon Web Services account +// making the request with network interfaces in the specified VPC. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation GetSecurityGroupsForVpc for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/GetSecurityGroupsForVpc +func (c *EC2) GetSecurityGroupsForVpc(input *GetSecurityGroupsForVpcInput) (*GetSecurityGroupsForVpcOutput, error) { + req, out := c.GetSecurityGroupsForVpcRequest(input) + return out, req.Send() +} + +// GetSecurityGroupsForVpcWithContext is the same as GetSecurityGroupsForVpc with the addition of +// the ability to pass a context and additional request options. +// +// See GetSecurityGroupsForVpc for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) GetSecurityGroupsForVpcWithContext(ctx aws.Context, input *GetSecurityGroupsForVpcInput, opts ...request.Option) (*GetSecurityGroupsForVpcOutput, error) { + req, out := c.GetSecurityGroupsForVpcRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +// GetSecurityGroupsForVpcPages iterates over the pages of a GetSecurityGroupsForVpc operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See GetSecurityGroupsForVpc method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a GetSecurityGroupsForVpc operation. +// pageNum := 0 +// err := client.GetSecurityGroupsForVpcPages(params, +// func(page *ec2.GetSecurityGroupsForVpcOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +func (c *EC2) GetSecurityGroupsForVpcPages(input *GetSecurityGroupsForVpcInput, fn func(*GetSecurityGroupsForVpcOutput, bool) bool) error { + return c.GetSecurityGroupsForVpcPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// GetSecurityGroupsForVpcPagesWithContext same as GetSecurityGroupsForVpcPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) GetSecurityGroupsForVpcPagesWithContext(ctx aws.Context, input *GetSecurityGroupsForVpcInput, fn func(*GetSecurityGroupsForVpcOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *GetSecurityGroupsForVpcInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.GetSecurityGroupsForVpcRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*GetSecurityGroupsForVpcOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + const opGetSerialConsoleAccessStatus = "GetSerialConsoleAccessStatus" // GetSerialConsoleAccessStatusRequest generates a "aws/request.Request" representing the @@ -40176,6 +43179,83 @@ func (c *EC2) GetSerialConsoleAccessStatusWithContext(ctx aws.Context, input *Ge return out, req.Send() } +const opGetSnapshotBlockPublicAccessState = "GetSnapshotBlockPublicAccessState" + +// GetSnapshotBlockPublicAccessStateRequest generates a "aws/request.Request" representing the +// client's request for the GetSnapshotBlockPublicAccessState operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See GetSnapshotBlockPublicAccessState for more information on using the GetSnapshotBlockPublicAccessState +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the GetSnapshotBlockPublicAccessStateRequest method. +// req, resp := client.GetSnapshotBlockPublicAccessStateRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/GetSnapshotBlockPublicAccessState +func (c *EC2) GetSnapshotBlockPublicAccessStateRequest(input *GetSnapshotBlockPublicAccessStateInput) (req *request.Request, output *GetSnapshotBlockPublicAccessStateOutput) { + op := &request.Operation{ + Name: opGetSnapshotBlockPublicAccessState, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &GetSnapshotBlockPublicAccessStateInput{} + } + + output = &GetSnapshotBlockPublicAccessStateOutput{} + req = c.newRequest(op, input, output) + return +} + +// GetSnapshotBlockPublicAccessState API operation for Amazon Elastic Compute Cloud. +// +// Gets the current state of block public access for snapshots setting for the +// account and Region. +// +// For more information, see Block public access for snapshots (https://docs.aws.amazon.com/ebs/latest/userguide/block-public-access-snapshots.html) +// in the Amazon EBS User Guide. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation GetSnapshotBlockPublicAccessState for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/GetSnapshotBlockPublicAccessState +func (c *EC2) GetSnapshotBlockPublicAccessState(input *GetSnapshotBlockPublicAccessStateInput) (*GetSnapshotBlockPublicAccessStateOutput, error) { + req, out := c.GetSnapshotBlockPublicAccessStateRequest(input) + return out, req.Send() +} + +// GetSnapshotBlockPublicAccessStateWithContext is the same as GetSnapshotBlockPublicAccessState with the addition of +// the ability to pass a context and additional request options. +// +// See GetSnapshotBlockPublicAccessState for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) GetSnapshotBlockPublicAccessStateWithContext(ctx aws.Context, input *GetSnapshotBlockPublicAccessStateInput, opts ...request.Option) (*GetSnapshotBlockPublicAccessStateOutput, error) { + req, out := c.GetSnapshotBlockPublicAccessStateRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opGetSpotPlacementScores = "GetSpotPlacementScores" // GetSpotPlacementScoresRequest generates a "aws/request.Request" representing the @@ -41600,6 +44680,79 @@ func (c *EC2) GetVpnConnectionDeviceTypesPagesWithContext(ctx aws.Context, input return p.Err() } +const opGetVpnTunnelReplacementStatus = "GetVpnTunnelReplacementStatus" + +// GetVpnTunnelReplacementStatusRequest generates a "aws/request.Request" representing the +// client's request for the GetVpnTunnelReplacementStatus operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See GetVpnTunnelReplacementStatus for more information on using the GetVpnTunnelReplacementStatus +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the GetVpnTunnelReplacementStatusRequest method. +// req, resp := client.GetVpnTunnelReplacementStatusRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/GetVpnTunnelReplacementStatus +func (c *EC2) GetVpnTunnelReplacementStatusRequest(input *GetVpnTunnelReplacementStatusInput) (req *request.Request, output *GetVpnTunnelReplacementStatusOutput) { + op := &request.Operation{ + Name: opGetVpnTunnelReplacementStatus, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &GetVpnTunnelReplacementStatusInput{} + } + + output = &GetVpnTunnelReplacementStatusOutput{} + req = c.newRequest(op, input, output) + return +} + +// GetVpnTunnelReplacementStatus API operation for Amazon Elastic Compute Cloud. +// +// Get details of available tunnel endpoint maintenance. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation GetVpnTunnelReplacementStatus for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/GetVpnTunnelReplacementStatus +func (c *EC2) GetVpnTunnelReplacementStatus(input *GetVpnTunnelReplacementStatusInput) (*GetVpnTunnelReplacementStatusOutput, error) { + req, out := c.GetVpnTunnelReplacementStatusRequest(input) + return out, req.Send() +} + +// GetVpnTunnelReplacementStatusWithContext is the same as GetVpnTunnelReplacementStatus with the addition of +// the ability to pass a context and additional request options. +// +// See GetVpnTunnelReplacementStatus for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) GetVpnTunnelReplacementStatusWithContext(ctx aws.Context, input *GetVpnTunnelReplacementStatusInput, opts ...request.Option) (*GetVpnTunnelReplacementStatusOutput, error) { + req, out := c.GetVpnTunnelReplacementStatusRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opImportClientVpnClientCertificateRevocationList = "ImportClientVpnClientCertificateRevocationList" // ImportClientVpnClientCertificateRevocationListRequest generates a "aws/request.Request" representing the @@ -41720,6 +44873,11 @@ func (c *EC2) ImportImageRequest(input *ImportImageInput) (req *request.Request, // ImportImage API operation for Amazon Elastic Compute Cloud. // +// To import your virtual machines (VMs) with a console-based experience, you +// can use the Import virtual machine images to Amazon Web Services template +// in the Migration Hub Orchestrator console (https://console.aws.amazon.com/migrationhub/orchestrator). +// For more information, see the Migration Hub Orchestrator User Guide (https://docs.aws.amazon.com/migrationhub-orchestrator/latest/userguide/import-vm-images.html). +// // Import single or multi-volume disk images or EBS snapshots into an Amazon // Machine Image (AMI). // @@ -41803,16 +44961,21 @@ func (c *EC2) ImportInstanceRequest(input *ImportInstanceInput) (req *request.Re // ImportInstance API operation for Amazon Elastic Compute Cloud. // -// Creates an import instance task using metadata from the specified disk image. +// We recommend that you use the ImportImage (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ImportImage.html) +// API. For more information, see Importing a VM as an image using VM Import/Export +// (https://docs.aws.amazon.com/vm-import/latest/userguide/vmimport-image-import.html) +// in the VM Import/Export User Guide. // -// This API action supports only single-volume VMs. To import multi-volume VMs, -// use ImportImage instead. +// Creates an import instance task using metadata from the specified disk image. // // This API action is not supported by the Command Line Interface (CLI). For // information about using the Amazon EC2 CLI, which is deprecated, see Importing // a VM to Amazon EC2 (https://awsdocs.s3.amazonaws.com/EC2/ec2-clt.pdf#UsingVirtualMachinesinAmazonEC2) // in the Amazon EC2 CLI Reference PDF file. // +// This API action supports only single-volume VMs. To import multi-volume VMs, +// use ImportImage instead. +// // For information about the import manifest referenced by this API action, // see VM Import Manifest (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/manifest.html). // @@ -42349,6 +45512,96 @@ func (c *EC2) ListSnapshotsInRecycleBinPagesWithContext(ctx aws.Context, input * return p.Err() } +const opLockSnapshot = "LockSnapshot" + +// LockSnapshotRequest generates a "aws/request.Request" representing the +// client's request for the LockSnapshot operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See LockSnapshot for more information on using the LockSnapshot +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the LockSnapshotRequest method. +// req, resp := client.LockSnapshotRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/LockSnapshot +func (c *EC2) LockSnapshotRequest(input *LockSnapshotInput) (req *request.Request, output *LockSnapshotOutput) { + op := &request.Operation{ + Name: opLockSnapshot, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &LockSnapshotInput{} + } + + output = &LockSnapshotOutput{} + req = c.newRequest(op, input, output) + return +} + +// LockSnapshot API operation for Amazon Elastic Compute Cloud. +// +// Locks an Amazon EBS snapshot in either governance or compliance mode to protect +// it against accidental or malicious deletions for a specific duration. A locked +// snapshot can't be deleted. +// +// You can also use this action to modify the lock settings for a snapshot that +// is already locked. The allowed modifications depend on the lock mode and +// lock state: +// +// - If the snapshot is locked in governance mode, you can modify the lock +// mode and the lock duration or lock expiration date. +// +// - If the snapshot is locked in compliance mode and it is in the cooling-off +// period, you can modify the lock mode and the lock duration or lock expiration +// date. +// +// - If the snapshot is locked in compliance mode and the cooling-off period +// has lapsed, you can only increase the lock duration or extend the lock +// expiration date. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation LockSnapshot for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/LockSnapshot +func (c *EC2) LockSnapshot(input *LockSnapshotInput) (*LockSnapshotOutput, error) { + req, out := c.LockSnapshotRequest(input) + return out, req.Send() +} + +// LockSnapshotWithContext is the same as LockSnapshot with the addition of +// the ability to pass a context and additional request options. +// +// See LockSnapshot for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) LockSnapshotWithContext(ctx aws.Context, input *LockSnapshotInput, opts ...request.Option) (*LockSnapshotOutput, error) { + req, out := c.LockSnapshotRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opModifyAddressAttribute = "ModifyAddressAttribute" // ModifyAddressAttributeRequest generates a "aws/request.Request" representing the @@ -42875,8 +46128,8 @@ func (c *EC2) ModifyEbsDefaultKmsKeyIdRequest(input *ModifyEbsDefaultKmsKeyIdInp // If you delete or disable the customer managed KMS key that you specified // for use with encryption by default, your instances will fail to launch. // -// For more information, see Amazon EBS encryption (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html) -// in the Amazon Elastic Compute Cloud User Guide. +// For more information, see Amazon EBS encryption (https://docs.aws.amazon.com/ebs/latest/userguide/ebs-encryption.html) +// in the Amazon EBS User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -43402,8 +46655,10 @@ func (c *EC2) ModifyImageAttributeRequest(input *ModifyImageAttributeInput) (req // ModifyImageAttribute API operation for Amazon Elastic Compute Cloud. // // Modifies the specified attribute of the specified AMI. You can specify only -// one attribute at a time. You can use the Attribute parameter to specify the -// attribute or one of the following parameters: Description or LaunchPermission. +// one attribute at a time. +// +// To specify the attribute, you can use the Attribute parameter, or one of +// the following parameters: Description, ImdsSupport, or LaunchPermission. // // Images with an Amazon Web Services Marketplace product code cannot be made // public. @@ -43487,10 +46742,10 @@ func (c *EC2) ModifyInstanceAttributeRequest(input *ModifyInstanceAttributeInput // only one attribute at a time. // // Note: Using this action to change the security groups associated with an -// elastic network interface (ENI) attached to an instance in a VPC can result -// in an error if the instance has more than one ENI. To change the security -// groups associated with an ENI attached to an instance that has multiple ENIs, -// we recommend that you use the ModifyNetworkInterfaceAttribute action. +// elastic network interface (ENI) attached to an instance can result in an +// error if the instance has more than one ENI. To change the security groups +// associated with an ENI attached to an instance that has multiple ENIs, we +// recommend that you use the ModifyNetworkInterfaceAttribute action. // // To modify some attributes, the instance must be stopped. For more information, // see Modify a stopped instance (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_ChangingAttributesWhileInstanceStopped.html) @@ -44039,7 +47294,7 @@ func (c *EC2) ModifyInstancePlacementRequest(input *ModifyInstancePlacementInput // // - Modify the affinity between an instance and a Dedicated Host (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/dedicated-hosts-overview.html). // When affinity is set to host and the instance is not associated with a -// specific Dedicated Host, the next time the instance is launched, it is +// specific Dedicated Host, the next time the instance is started, it is // automatically associated with the host on which it lands. If the instance // is restarted or rebooted, this relationship persists. // @@ -44314,6 +47569,81 @@ func (c *EC2) ModifyIpamResourceCidrWithContext(ctx aws.Context, input *ModifyIp return out, req.Send() } +const opModifyIpamResourceDiscovery = "ModifyIpamResourceDiscovery" + +// ModifyIpamResourceDiscoveryRequest generates a "aws/request.Request" representing the +// client's request for the ModifyIpamResourceDiscovery operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See ModifyIpamResourceDiscovery for more information on using the ModifyIpamResourceDiscovery +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the ModifyIpamResourceDiscoveryRequest method. +// req, resp := client.ModifyIpamResourceDiscoveryRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ModifyIpamResourceDiscovery +func (c *EC2) ModifyIpamResourceDiscoveryRequest(input *ModifyIpamResourceDiscoveryInput) (req *request.Request, output *ModifyIpamResourceDiscoveryOutput) { + op := &request.Operation{ + Name: opModifyIpamResourceDiscovery, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &ModifyIpamResourceDiscoveryInput{} + } + + output = &ModifyIpamResourceDiscoveryOutput{} + req = c.newRequest(op, input, output) + return +} + +// ModifyIpamResourceDiscovery API operation for Amazon Elastic Compute Cloud. +// +// Modifies a resource discovery. A resource discovery is an IPAM component +// that enables IPAM to manage and monitor resources that belong to the owning +// account. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation ModifyIpamResourceDiscovery for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ModifyIpamResourceDiscovery +func (c *EC2) ModifyIpamResourceDiscovery(input *ModifyIpamResourceDiscoveryInput) (*ModifyIpamResourceDiscoveryOutput, error) { + req, out := c.ModifyIpamResourceDiscoveryRequest(input) + return out, req.Send() +} + +// ModifyIpamResourceDiscoveryWithContext is the same as ModifyIpamResourceDiscovery with the addition of +// the ability to pass a context and additional request options. +// +// See ModifyIpamResourceDiscovery for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) ModifyIpamResourceDiscoveryWithContext(ctx aws.Context, input *ModifyIpamResourceDiscoveryInput, opts ...request.Option) (*ModifyIpamResourceDiscoveryOutput, error) { + req, out := c.ModifyIpamResourceDiscoveryRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opModifyIpamScope = "ModifyIpamScope" // ModifyIpamScopeRequest generates a "aws/request.Request" representing the @@ -44814,10 +48144,6 @@ func (c *EC2) ModifyReservedInstancesRequest(input *ModifyReservedInstancesInput // For more information, see Modifying Reserved Instances (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ri-modifying.html) // in the Amazon EC2 User Guide. // -// We are retiring EC2-Classic. We recommend that you migrate from EC2-Classic -// to a VPC. For more information, see Migrate from EC2-Classic to a VPC (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-migrate.html) -// in the Amazon Elastic Compute Cloud User Guide. -// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -44975,8 +48301,8 @@ func (c *EC2) ModifySnapshotAttributeRequest(input *ModifySnapshotAttributeInput // cannot be shared with other accounts. // // For more information about modifying snapshot permissions, see Share a snapshot -// (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-modifying-snapshot-permissions.html) -// in the Amazon Elastic Compute Cloud User Guide. +// (https://docs.aws.amazon.com/ebs/latest/userguide/ebs-modifying-snapshot-permissions.html) +// in the Amazon EBS User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -45053,8 +48379,8 @@ func (c *EC2) ModifySnapshotTierRequest(input *ModifySnapshotTierInput) (req *re // to a full snapshot that includes all of the blocks of data that were written // to the volume at the time the snapshot was created, and moved from the standard // tier to the archive tier. For more information, see Archive Amazon EBS snapshots -// (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/snapshot-archive.html) -// in the Amazon Elastic Compute Cloud User Guide. +// (https://docs.aws.amazon.com/ebs/latest/userguide/snapshot-archive.html) +// in the Amazon EBS User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -45768,7 +49094,8 @@ func (c *EC2) ModifyVerifiedAccessEndpointRequest(input *ModifyVerifiedAccessEnd // ModifyVerifiedAccessEndpoint API operation for Amazon Elastic Compute Cloud. // -// Modifies the configuration of an Amazon Web Services Verified Access endpoint. +// Modifies the configuration of the specified Amazon Web Services Verified +// Access endpoint. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -45841,7 +49168,7 @@ func (c *EC2) ModifyVerifiedAccessEndpointPolicyRequest(input *ModifyVerifiedAcc // ModifyVerifiedAccessEndpointPolicy API operation for Amazon Elastic Compute Cloud. // -// Modifies the specified Verified Access endpoint policy. +// Modifies the specified Amazon Web Services Verified Access endpoint policy. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -45914,7 +49241,7 @@ func (c *EC2) ModifyVerifiedAccessGroupRequest(input *ModifyVerifiedAccessGroupI // ModifyVerifiedAccessGroup API operation for Amazon Elastic Compute Cloud. // -// Modifies the specified Verified Access group configuration. +// Modifies the specified Amazon Web Services Verified Access group configuration. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -45987,7 +49314,7 @@ func (c *EC2) ModifyVerifiedAccessGroupPolicyRequest(input *ModifyVerifiedAccess // ModifyVerifiedAccessGroupPolicy API operation for Amazon Elastic Compute Cloud. // -// Modifies the specified Verified Access group policy. +// Modifies the specified Amazon Web Services Verified Access group policy. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -46060,7 +49387,8 @@ func (c *EC2) ModifyVerifiedAccessInstanceRequest(input *ModifyVerifiedAccessIns // ModifyVerifiedAccessInstance API operation for Amazon Elastic Compute Cloud. // -// Modifies the configuration of the specified Verified Access instance. +// Modifies the configuration of the specified Amazon Web Services Verified +// Access instance. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -46285,21 +49613,19 @@ func (c *EC2) ModifyVolumeRequest(input *ModifyVolumeInput) (req *request.Reques // size, volume type, and IOPS capacity. If your EBS volume is attached to a // current-generation EC2 instance type, you might be able to apply these changes // without stopping the instance or detaching the volume from it. For more information -// about modifying EBS volumes, see Amazon EBS Elastic Volumes (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-modify-volume.html) -// (Linux instances) or Amazon EBS Elastic Volumes (https://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/ebs-modify-volume.html) -// (Windows instances). +// about modifying EBS volumes, see Amazon EBS Elastic Volumes (https://docs.aws.amazon.com/ebs/latest/userguide/ebs-modify-volume.html) +// in the Amazon EBS User Guide. // // When you complete a resize operation on your volume, you need to extend the // volume's file-system size to take advantage of the new storage capacity. -// For more information, see Extend a Linux file system (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-expand-volume.html#recognize-expanded-volume-linux) -// or Extend a Windows file system (https://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/ebs-expand-volume.html#recognize-expanded-volume-windows). +// For more information, see Extend the file system (https://docs.aws.amazon.com/ebs/latest/userguide/recognize-expanded-volume-linux.html). // // You can use CloudWatch Events to check the status of a modification to an // EBS volume. For information about CloudWatch Events, see the Amazon CloudWatch // Events User Guide (https://docs.aws.amazon.com/AmazonCloudWatch/latest/events/). // You can also track the status of a modification using DescribeVolumesModifications. // For information about tracking status changes using either method, see Monitor -// the progress of volume modifications (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/monitoring-volume-modifications.html). +// the progress of volume modifications (https://docs.aws.amazon.com/ebs/latest/userguide/monitoring-volume-modifications.html). // // With previous-generation instance types, resizing an EBS volume might require // detaching and reattaching the volume or stopping and restarting the instance. @@ -46840,8 +50166,8 @@ func (c *EC2) ModifyVpcEndpointServicePermissionsRequest(input *ModifyVpcEndpoin // ModifyVpcEndpointServicePermissions API operation for Amazon Elastic Compute Cloud. // // Modifies the permissions for your VPC endpoint service. You can add or remove -// permissions for service consumers (IAM users, IAM roles, and Amazon Web Services -// accounts) to connect to your endpoint service. +// permissions for service consumers (Amazon Web Services accounts, users, and +// IAM roles) to connect to your endpoint service. // // If you grant permissions to all principals, the service is public. Any users // who know the name of a public service can send a request to attach an endpoint. @@ -46919,34 +50245,20 @@ func (c *EC2) ModifyVpcPeeringConnectionOptionsRequest(input *ModifyVpcPeeringCo // ModifyVpcPeeringConnectionOptions API operation for Amazon Elastic Compute Cloud. // -// We are retiring EC2-Classic. We recommend that you migrate from EC2-Classic -// to a VPC. For more information, see Migrate from EC2-Classic to a VPC (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-migrate.html) -// in the Amazon Elastic Compute Cloud User Guide. -// // Modifies the VPC peering connection options on one side of a VPC peering -// connection. You can do the following: -// -// - Enable/disable communication over the peering connection between an -// EC2-Classic instance that's linked to your VPC (using ClassicLink) and -// instances in the peer VPC. -// -// - Enable/disable communication over the peering connection between instances -// in your VPC and an EC2-Classic instance that's linked to the peer VPC. -// -// - Enable/disable the ability to resolve public DNS hostnames to private -// IP addresses when queried from instances in the peer VPC. +// connection. // // If the peered VPCs are in the same Amazon Web Services account, you can enable // DNS resolution for queries from the local VPC. This ensures that queries // from the local VPC resolve to private IP addresses in the peer VPC. This -// option is not available if the peered VPCs are in different different Amazon -// Web Services accounts or different Regions. For peered VPCs in different -// Amazon Web Services accounts, each Amazon Web Services account owner must -// initiate a separate request to modify the peering connection options. For -// inter-region peering connections, you must use the Region for the requester -// VPC to modify the requester VPC peering options and the Region for the accepter -// VPC to modify the accepter VPC peering options. To verify which VPCs are -// the accepter and the requester for a VPC peering connection, use the DescribeVpcPeeringConnections +// option is not available if the peered VPCs are in different Amazon Web Services +// accounts or different Regions. For peered VPCs in different Amazon Web Services +// accounts, each Amazon Web Services account owner must initiate a separate +// request to modify the peering connection options. For inter-region peering +// connections, you must use the Region for the requester VPC to modify the +// requester VPC peering options and the Region for the accepter VPC to modify +// the accepter VPC peering options. To verify which VPCs are the accepter and +// the requester for a VPC peering connection, use the DescribeVpcPeeringConnections // command. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -47029,7 +50341,7 @@ func (c *EC2) ModifyVpcTenancyRequest(input *ModifyVpcTenancyInput) (req *reques // launch. The tenancy of any existing instances in the VPC is not affected. // // For more information, see Dedicated Instances (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/dedicated-instance.html) -// in the Amazon Elastic Compute Cloud User Guide. +// in the Amazon EC2 User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -47522,6 +50834,8 @@ func (c *EC2) MoveAddressToVpcRequest(input *MoveAddressToVpcInput) (req *reques // MoveAddressToVpc API operation for Amazon Elastic Compute Cloud. // +// This action is deprecated. +// // Moves an Elastic IP address from the EC2-Classic platform to the EC2-VPC // platform. The Elastic IP address must be allocated to your account for more // than 24 hours, and it must not be associated with an instance. After the @@ -47530,10 +50844,6 @@ func (c *EC2) MoveAddressToVpcRequest(input *MoveAddressToVpcInput) (req *reques // You cannot move an Elastic IP address that was originally allocated for use // in the EC2-VPC platform to the EC2-Classic platform. // -// We are retiring EC2-Classic. We recommend that you migrate from EC2-Classic -// to a VPC. For more information, see Migrate from EC2-Classic to a VPC (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-migrate.html) -// in the Amazon Elastic Compute Cloud User Guide. -// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -47605,13 +50915,12 @@ func (c *EC2) MoveByoipCidrToIpamRequest(input *MoveByoipCidrToIpamInput) (req * // MoveByoipCidrToIpam API operation for Amazon Elastic Compute Cloud. // -// Move an BYOIP IPv4 CIDR to IPAM from a public IPv4 pool. +// Move a BYOIPv4 CIDR to IPAM from a public IPv4 pool. // -// If you already have an IPv4 BYOIP CIDR with Amazon Web Services, you can -// move the CIDR to IPAM from a public IPv4 pool. You cannot move an IPv6 CIDR -// to IPAM. If you are bringing a new IP address to Amazon Web Services for -// the first time, complete the steps in Tutorial: BYOIP address CIDRs to IPAM -// (https://docs.aws.amazon.com/vpc/latest/ipam/tutorials-byoip-ipam.html). +// If you already have a BYOIPv4 CIDR with Amazon Web Services, you can move +// the CIDR to IPAM from a public IPv4 pool. You cannot move an IPv6 CIDR to +// IPAM. If you are bringing a new IP address to Amazon Web Services for the +// first time, complete the steps in Tutorial: BYOIP address CIDRs to IPAM (https://docs.aws.amazon.com/vpc/latest/ipam/tutorials-byoip-ipam.html). // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -47731,6 +51040,83 @@ func (c *EC2) ProvisionByoipCidrWithContext(ctx aws.Context, input *ProvisionByo return out, req.Send() } +const opProvisionIpamByoasn = "ProvisionIpamByoasn" + +// ProvisionIpamByoasnRequest generates a "aws/request.Request" representing the +// client's request for the ProvisionIpamByoasn operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See ProvisionIpamByoasn for more information on using the ProvisionIpamByoasn +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the ProvisionIpamByoasnRequest method. +// req, resp := client.ProvisionIpamByoasnRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ProvisionIpamByoasn +func (c *EC2) ProvisionIpamByoasnRequest(input *ProvisionIpamByoasnInput) (req *request.Request, output *ProvisionIpamByoasnOutput) { + op := &request.Operation{ + Name: opProvisionIpamByoasn, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &ProvisionIpamByoasnInput{} + } + + output = &ProvisionIpamByoasnOutput{} + req = c.newRequest(op, input, output) + return +} + +// ProvisionIpamByoasn API operation for Amazon Elastic Compute Cloud. +// +// Provisions your Autonomous System Number (ASN) for use in your Amazon Web +// Services account. This action requires authorization context for Amazon to +// bring the ASN to an Amazon Web Services account. For more information, see +// Tutorial: Bring your ASN to IPAM (https://docs.aws.amazon.com/vpc/latest/ipam/tutorials-byoasn.html) +// in the Amazon VPC IPAM guide. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation ProvisionIpamByoasn for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ProvisionIpamByoasn +func (c *EC2) ProvisionIpamByoasn(input *ProvisionIpamByoasnInput) (*ProvisionIpamByoasnOutput, error) { + req, out := c.ProvisionIpamByoasnRequest(input) + return out, req.Send() +} + +// ProvisionIpamByoasnWithContext is the same as ProvisionIpamByoasn with the addition of +// the ability to pass a context and additional request options. +// +// See ProvisionIpamByoasn for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) ProvisionIpamByoasnWithContext(ctx aws.Context, input *ProvisionIpamByoasnInput, opts ...request.Option) (*ProvisionIpamByoasnOutput, error) { + req, out := c.ProvisionIpamByoasnRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opProvisionIpamPoolCidr = "ProvisionIpamPoolCidr" // ProvisionIpamPoolCidrRequest generates a "aws/request.Request" representing the @@ -47885,6 +51271,81 @@ func (c *EC2) ProvisionPublicIpv4PoolCidrWithContext(ctx aws.Context, input *Pro return out, req.Send() } +const opPurchaseCapacityBlock = "PurchaseCapacityBlock" + +// PurchaseCapacityBlockRequest generates a "aws/request.Request" representing the +// client's request for the PurchaseCapacityBlock operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See PurchaseCapacityBlock for more information on using the PurchaseCapacityBlock +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the PurchaseCapacityBlockRequest method. +// req, resp := client.PurchaseCapacityBlockRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/PurchaseCapacityBlock +func (c *EC2) PurchaseCapacityBlockRequest(input *PurchaseCapacityBlockInput) (req *request.Request, output *PurchaseCapacityBlockOutput) { + op := &request.Operation{ + Name: opPurchaseCapacityBlock, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &PurchaseCapacityBlockInput{} + } + + output = &PurchaseCapacityBlockOutput{} + req = c.newRequest(op, input, output) + return +} + +// PurchaseCapacityBlock API operation for Amazon Elastic Compute Cloud. +// +// Purchase the Capacity Block for use with your account. With Capacity Blocks +// you ensure GPU capacity is available for machine learning (ML) workloads. +// You must specify the ID of the Capacity Block offering you are purchasing. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation PurchaseCapacityBlock for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/PurchaseCapacityBlock +func (c *EC2) PurchaseCapacityBlock(input *PurchaseCapacityBlockInput) (*PurchaseCapacityBlockOutput, error) { + req, out := c.PurchaseCapacityBlockRequest(input) + return out, req.Send() +} + +// PurchaseCapacityBlockWithContext is the same as PurchaseCapacityBlock with the addition of +// the ability to pass a context and additional request options. +// +// See PurchaseCapacityBlock for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) PurchaseCapacityBlockWithContext(ctx aws.Context, input *PurchaseCapacityBlockInput, opts ...request.Option) (*PurchaseCapacityBlockOutput, error) { + req, out := c.PurchaseCapacityBlockRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opPurchaseHostReservation = "PurchaseHostReservation" // PurchaseHostReservationRequest generates a "aws/request.Request" representing the @@ -48018,10 +51479,6 @@ func (c *EC2) PurchaseReservedInstancesOfferingRequest(input *PurchaseReservedIn // and Reserved Instance Marketplace (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ri-market-general.html) // in the Amazon EC2 User Guide. // -// We are retiring EC2-Classic. We recommend that you migrate from EC2-Classic -// to a VPC. For more information, see Migrate from EC2-Classic to a VPC (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-migrate.html) -// in the Amazon Elastic Compute Cloud User Guide. -// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -48261,9 +51718,9 @@ func (c *EC2) RegisterImageRequest(input *RegisterImageInput) (req *request.Requ // RegisterImage API operation for Amazon Elastic Compute Cloud. // -// Registers an AMI. When you're creating an AMI, this is the final step you -// must complete before you can launch an instance from the AMI. For more information -// about creating AMIs, see Create your own AMI (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/creating-an-ami.html) +// Registers an AMI. When you're creating an instance-store backed AMI, registering +// the AMI is the final step in the creation process. For more information about +// creating AMIs, see Create your own AMI (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/creating-an-ami.html) // in the Amazon Elastic Compute Cloud User Guide. // // For Amazon EBS-backed instances, CreateImage creates and registers the AMI @@ -48848,8 +52305,7 @@ func (c *EC2) RejectVpcEndpointConnectionsRequest(input *RejectVpcEndpointConnec // RejectVpcEndpointConnections API operation for Amazon Elastic Compute Cloud. // -// Rejects one or more VPC endpoint connection requests to your VPC endpoint -// service. +// Rejects VPC endpoint connection requests to your VPC endpoint service. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -49002,13 +52458,9 @@ func (c *EC2) ReleaseAddressRequest(input *ReleaseAddressInput) (req *request.Re // // Releases the specified Elastic IP address. // -// [EC2-Classic, default VPC] Releasing an Elastic IP address automatically -// disassociates it from any instance that it's associated with. To disassociate -// an Elastic IP address without releasing it, use DisassociateAddress. -// -// We are retiring EC2-Classic. We recommend that you migrate from EC2-Classic -// to a VPC. For more information, see Migrate from EC2-Classic to a VPC (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-migrate.html) -// in the Amazon Elastic Compute Cloud User Guide. +// [Default VPC] Releasing an Elastic IP address automatically disassociates +// it from any instance that it's associated with. To disassociate an Elastic +// IP address without releasing it, use DisassociateAddress. // // [Nondefault VPC] You must use DisassociateAddress to disassociate the Elastic // IP address before you can release it. Otherwise, Amazon EC2 returns an error @@ -49020,11 +52472,8 @@ func (c *EC2) ReleaseAddressRequest(input *ReleaseAddressInput) (req *request.Re // already released, you'll get an AuthFailure error if the address is already // allocated to another Amazon Web Services account. // -// [EC2-VPC] After you release an Elastic IP address for use in a VPC, you might -// be able to recover it. For more information, see AllocateAddress. -// -// For more information, see Elastic IP Addresses (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/elastic-ip-addresses-eip.html) -// in the Amazon Elastic Compute Cloud User Guide. +// After you release an Elastic IP address, you might be able to recover it. +// For more information, see AllocateAddress. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -49180,13 +52629,18 @@ func (c *EC2) ReleaseIpamPoolAllocationRequest(input *ReleaseIpamPoolAllocationI // ReleaseIpamPoolAllocation API operation for Amazon Elastic Compute Cloud. // -// Release an allocation within an IPAM pool. You can only use this action to -// release manual allocations. To remove an allocation for a resource without -// deleting the resource, set its monitored state to false using ModifyIpamResourceCidr +// Release an allocation within an IPAM pool. The Region you use should be the +// IPAM pool locale. The locale is the Amazon Web Services Region where this +// IPAM pool is available for allocations. You can only use this action to release +// manual allocations. To remove an allocation for a resource without deleting +// the resource, set its monitored state to false using ModifyIpamResourceCidr // (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyIpamResourceCidr.html). -// For more information, see Release an allocation (https://docs.aws.amazon.com/vpc/latest/ipam/release-pool-alloc-ipam.html) +// For more information, see Release an allocation (https://docs.aws.amazon.com/vpc/latest/ipam/release-alloc-ipam.html) // in the Amazon VPC IPAM User Guide. // +// All EC2 API actions follow an eventual consistency (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/query-api-troubleshooting.html#eventual-consistency) +// model. +// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -49338,8 +52792,8 @@ func (c *EC2) ReplaceNetworkAclAssociationRequest(input *ReplaceNetworkAclAssoci // // Changes which network ACL a subnet is associated with. By default when you // create a subnet, it's automatically associated with the default network ACL. -// For more information, see Network ACLs (https://docs.aws.amazon.com/vpc/latest/userguide/VPC_ACLs.html) -// in the Amazon Virtual Private Cloud User Guide. +// For more information, see Network ACLs (https://docs.aws.amazon.com/vpc/latest/userguide/vpc-network-acls.html) +// in the Amazon VPC User Guide. // // This is an idempotent operation. // @@ -49416,8 +52870,8 @@ func (c *EC2) ReplaceNetworkAclEntryRequest(input *ReplaceNetworkAclEntryInput) // ReplaceNetworkAclEntry API operation for Amazon Elastic Compute Cloud. // // Replaces an entry (rule) in a network ACL. For more information, see Network -// ACLs (https://docs.aws.amazon.com/vpc/latest/userguide/VPC_ACLs.html) in -// the Amazon Virtual Private Cloud User Guide. +// ACLs (https://docs.aws.amazon.com/vpc/latest/userguide/vpc-network-acls.html) +// in the Amazon VPC User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -49498,7 +52952,7 @@ func (c *EC2) ReplaceRouteRequest(input *ReplaceRouteInput) (req *request.Reques // reset the local route to its default target. // // For more information, see Route tables (https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Route_Tables.html) -// in the Amazon Virtual Private Cloud User Guide. +// in the Amazon VPC User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -49575,7 +53029,7 @@ func (c *EC2) ReplaceRouteTableAssociationRequest(input *ReplaceRouteTableAssoci // or virtual private gateway in a VPC. After the operation completes, the subnet // or gateway uses the routes in the new route table. For more information about // route tables, see Route tables (https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Route_Tables.html) -// in the Amazon Virtual Private Cloud User Guide. +// in the Amazon VPC User Guide. // // You can also use this operation to change which table is the main route table // in the VPC. Specify the main route table's association ID and the route table @@ -49682,6 +53136,79 @@ func (c *EC2) ReplaceTransitGatewayRouteWithContext(ctx aws.Context, input *Repl return out, req.Send() } +const opReplaceVpnTunnel = "ReplaceVpnTunnel" + +// ReplaceVpnTunnelRequest generates a "aws/request.Request" representing the +// client's request for the ReplaceVpnTunnel operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See ReplaceVpnTunnel for more information on using the ReplaceVpnTunnel +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the ReplaceVpnTunnelRequest method. +// req, resp := client.ReplaceVpnTunnelRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ReplaceVpnTunnel +func (c *EC2) ReplaceVpnTunnelRequest(input *ReplaceVpnTunnelInput) (req *request.Request, output *ReplaceVpnTunnelOutput) { + op := &request.Operation{ + Name: opReplaceVpnTunnel, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &ReplaceVpnTunnelInput{} + } + + output = &ReplaceVpnTunnelOutput{} + req = c.newRequest(op, input, output) + return +} + +// ReplaceVpnTunnel API operation for Amazon Elastic Compute Cloud. +// +// Trigger replacement of specified VPN tunnel. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation ReplaceVpnTunnel for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ReplaceVpnTunnel +func (c *EC2) ReplaceVpnTunnel(input *ReplaceVpnTunnelInput) (*ReplaceVpnTunnelOutput, error) { + req, out := c.ReplaceVpnTunnelRequest(input) + return out, req.Send() +} + +// ReplaceVpnTunnelWithContext is the same as ReplaceVpnTunnel with the addition of +// the ability to pass a context and additional request options. +// +// See ReplaceVpnTunnel for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) ReplaceVpnTunnelWithContext(ctx aws.Context, input *ReplaceVpnTunnelInput, opts ...request.Option) (*ReplaceVpnTunnelOutput, error) { + req, out := c.ReplaceVpnTunnelRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opReportInstanceStatus = "ReportInstanceStatus" // ReportInstanceStatusRequest generates a "aws/request.Request" representing the @@ -49917,10 +53444,6 @@ func (c *EC2) RequestSpotInstancesRequest(input *RequestSpotInstancesInput) (req // see Which is the best Spot request method to use? (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-best-practices.html#which-spot-request-method-to-use) // in the Amazon EC2 User Guide for Linux Instances. // -// We are retiring EC2-Classic. We recommend that you migrate from EC2-Classic -// to a VPC. For more information, see Migrate from EC2-Classic to a VPC (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-migrate.html) -// in the Amazon EC2 User Guide for Linux Instances. -// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -50072,8 +53595,8 @@ func (c *EC2) ResetEbsDefaultKmsKeyIdRequest(input *ResetEbsDefaultKmsKeyIdInput // After resetting the default KMS key to the Amazon Web Services managed KMS // key, you can continue to encrypt by a customer managed KMS key by specifying // it when you create the volume. For more information, see Amazon EBS encryption -// (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html) -// in the Amazon Elastic Compute Cloud User Guide. +// (https://docs.aws.amazon.com/ebs/latest/userguide/ebs-encryption.html) in +// the Amazon EBS User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -50455,8 +53978,8 @@ func (c *EC2) ResetSnapshotAttributeRequest(input *ResetSnapshotAttributeInput) // Resets permission settings for the specified snapshot. // // For more information about modifying snapshot permissions, see Share a snapshot -// (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-modifying-snapshot-permissions.html) -// in the Amazon Elastic Compute Cloud User Guide. +// (https://docs.aws.amazon.com/ebs/latest/userguide/ebs-modifying-snapshot-permissions.html) +// in the Amazon EBS User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -50529,15 +54052,13 @@ func (c *EC2) RestoreAddressToClassicRequest(input *RestoreAddressToClassicInput // RestoreAddressToClassic API operation for Amazon Elastic Compute Cloud. // +// This action is deprecated. +// // Restores an Elastic IP address that was previously moved to the EC2-VPC platform // back to the EC2-Classic platform. You cannot move an Elastic IP address that // was originally allocated for use in EC2-VPC. The Elastic IP address must // not be associated with an instance or network interface. // -// We are retiring EC2-Classic. We recommend that you migrate from EC2-Classic -// to a VPC. For more information, see Migrate from EC2-Classic to a VPC (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-migrate.html) -// in the Amazon Elastic Compute Cloud User Guide. -// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -50759,8 +54280,8 @@ func (c *EC2) RestoreSnapshotFromRecycleBinRequest(input *RestoreSnapshotFromRec // RestoreSnapshotFromRecycleBin API operation for Amazon Elastic Compute Cloud. // // Restores a snapshot from the Recycle Bin. For more information, see Restore -// snapshots from the Recycle Bin (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/recycle-bin-working-with-snaps.html#recycle-bin-restore-snaps) -// in the Amazon Elastic Compute Cloud User Guide. +// snapshots from the Recycle Bin (https://docs.aws.amazon.com/ebs/latest/userguide/recycle-bin-working-with-snaps.html#recycle-bin-restore-snaps) +// in the Amazon EBS User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -50837,10 +54358,10 @@ func (c *EC2) RestoreSnapshotTierRequest(input *RestoreSnapshotTierInput) (req * // or modifies the restore period or restore type for a snapshot that was previously // temporarily restored. // -// For more information see Restore an archived snapshot (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/working-with-snapshot-archiving.html#restore-archived-snapshot) +// For more information see Restore an archived snapshot (https://docs.aws.amazon.com/ebs/latest/userguide/working-with-snapshot-archiving.html#restore-archived-snapshot) // and modify the restore period or restore type for a temporarily restored -// snapshot (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/working-with-snapshot-archiving.html#modify-temp-restore-period) -// in the Amazon Elastic Compute Cloud User Guide. +// snapshot (https://docs.aws.amazon.com/ebs/latest/userguide/working-with-snapshot-archiving.html#modify-temp-restore-period) +// in the Amazon EBS User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -50986,9 +54507,8 @@ func (c *EC2) RevokeSecurityGroupEgressRequest(input *RevokeSecurityGroupEgressI // RevokeSecurityGroupEgress API operation for Amazon Elastic Compute Cloud. // -// [VPC only] Removes the specified outbound (egress) rules from a security -// group for EC2-VPC. This action does not apply to security groups for use -// in EC2-Classic. +// Removes the specified outbound (egress) rules from the specified security +// group. // // You can specify rules using either rule IDs or security group rule properties. // If you use rule properties, the values that you specify (for example, ports) @@ -50999,7 +54519,7 @@ func (c *EC2) RevokeSecurityGroupEgressRequest(input *RevokeSecurityGroupEgressI // ICMP type and code. If the security group rule has a description, you do // not need to specify the description to revoke the rule. // -// [Default VPC] If the values you specify do not match the existing rule's +// For a default VPC, if the values you specify do not match the existing rule's // values, no error is returned, and the output describes the security group // rules that were not revoked. // @@ -51091,9 +54611,13 @@ func (c *EC2) RevokeSecurityGroupIngressRequest(input *RevokeSecurityGroupIngres // type and code. If the security group rule has a description, you do not need // to specify the description to revoke the rule. // -// [EC2-Classic, default VPC] If the values you specify do not match the existing -// rule's values, no error is returned, and the output describes the security -// group rules that were not revoked. +// For a default VPC, if the values you specify do not match the existing rule's +// values, no error is returned, and the output describes the security group +// rules that were not revoked. +// +// For a non-default VPC, if the values you specify do not match the existing +// rule's values, an InvalidPermission.NotFound client error is returned, and +// no rules are revoked. // // Amazon Web Services recommends that you describe the security group to verify // that the rules were removed. @@ -51101,10 +54625,6 @@ func (c *EC2) RevokeSecurityGroupIngressRequest(input *RevokeSecurityGroupIngres // Rule changes are propagated to instances within the security group as quickly // as possible. However, a small delay might occur. // -// We are retiring EC2-Classic. We recommend that you migrate from EC2-Classic -// to a VPC. For more information, see Migrate from EC2-Classic to a VPC (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-migrate.html) -// in the Amazon Elastic Compute Cloud User Guide. -// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -51182,20 +54702,13 @@ func (c *EC2) RunInstancesRequest(input *RunInstancesInput) (req *request.Reques // You can specify a number of options, or leave the default options. The following // rules apply: // -// - [EC2-VPC] If you don't specify a subnet ID, we choose a default subnet -// from your default VPC for you. If you don't have a default VPC, you must -// specify a subnet ID in the request. -// -// - [EC2-Classic] If don't specify an Availability Zone, we choose one for -// you. -// -// - Some instance types must be launched into a VPC. If you do not have -// a default VPC, or if you do not specify a subnet ID, the request fails. -// For more information, see Instance types available only in a VPC (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-vpc.html#vpc-only-instance-types). +// - If you don't specify a subnet ID, we choose a default subnet from your +// default VPC for you. If you don't have a default VPC, you must specify +// a subnet ID in the request. // -// - [EC2-VPC] All instances have a network interface with a primary private -// IPv4 address. If you don't specify this address, we choose one from the -// IPv4 range of your subnet. +// - All instances have a network interface with a primary private IPv4 address. +// If you don't specify this address, we choose one from the IPv4 range of +// your subnet. // // - Not all instance types support IPv6 addresses. For more information, // see Instance types (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html). @@ -51229,10 +54742,6 @@ func (c *EC2) RunInstancesRequest(input *RunInstancesInput) (req *request.Reques // (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_InstanceStraightToTerminated.html), // and Troubleshooting connecting to your instance (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/TroubleshootingInstancesConnecting.html). // -// We are retiring EC2-Classic. We recommend that you migrate from EC2-Classic -// to a VPC. For more information, see Migrate from EC2-Classic to a VPC (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-migrate.html) -// in the Amazon EC2 User Guide. -// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -51829,7 +55338,7 @@ func (c *EC2) StartInstancesRequest(input *StartInstancesInput) (req *request.Re // Performing this operation on an instance that uses an instance store as its // root device returns an error. // -// If you attempt to start a T3 instance with host tenancy and the unlimted +// If you attempt to start a T3 instance with host tenancy and the unlimited // CPU credit option, the request fails. The unlimited CPU credit option is // not supported on Dedicated Hosts. Before you start the instance, either change // its CPU credit option to standard, or change its tenancy to default or dedicated. @@ -52140,8 +55649,8 @@ func (c *EC2) StopInstancesRequest(input *StopInstancesInput) (req *request.Requ // in the Amazon EC2 User Guide. // // You can use the Stop action to hibernate an instance if the instance is enabled -// for hibernation (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html#enabling-hibernation) -// and it meets the hibernation prerequisites (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html#hibernating-prerequisites). +// for hibernation (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/enabling-hibernation.html) +// and it meets the hibernation prerequisites (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/hibernating-prerequisites.html). // For more information, see Hibernate your instance (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html) // in the Amazon EC2 User Guide. // @@ -52558,6 +56067,167 @@ func (c *EC2) UnassignPrivateIpAddressesWithContext(ctx aws.Context, input *Unas return out, req.Send() } +const opUnassignPrivateNatGatewayAddress = "UnassignPrivateNatGatewayAddress" + +// UnassignPrivateNatGatewayAddressRequest generates a "aws/request.Request" representing the +// client's request for the UnassignPrivateNatGatewayAddress operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See UnassignPrivateNatGatewayAddress for more information on using the UnassignPrivateNatGatewayAddress +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the UnassignPrivateNatGatewayAddressRequest method. +// req, resp := client.UnassignPrivateNatGatewayAddressRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/UnassignPrivateNatGatewayAddress +func (c *EC2) UnassignPrivateNatGatewayAddressRequest(input *UnassignPrivateNatGatewayAddressInput) (req *request.Request, output *UnassignPrivateNatGatewayAddressOutput) { + op := &request.Operation{ + Name: opUnassignPrivateNatGatewayAddress, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &UnassignPrivateNatGatewayAddressInput{} + } + + output = &UnassignPrivateNatGatewayAddressOutput{} + req = c.newRequest(op, input, output) + return +} + +// UnassignPrivateNatGatewayAddress API operation for Amazon Elastic Compute Cloud. +// +// Unassigns secondary private IPv4 addresses from a private NAT gateway. You +// cannot unassign your primary private IP. For more information, see Edit secondary +// IP address associations (https://docs.aws.amazon.com/vpc/latest/userguide/vpc-nat-gateway.html#nat-gateway-edit-secondary) +// in the Amazon VPC User Guide. +// +// While unassigning is in progress, you cannot assign/unassign additional IP +// addresses while the connections are being drained. You are, however, allowed +// to delete the NAT gateway. +// +// A private IP address will only be released at the end of MaxDrainDurationSeconds. +// The private IP addresses stay associated and support the existing connections, +// but do not support any new connections (new connections are distributed across +// the remaining assigned private IP address). After the existing connections +// drain out, the private IP addresses are released. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation UnassignPrivateNatGatewayAddress for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/UnassignPrivateNatGatewayAddress +func (c *EC2) UnassignPrivateNatGatewayAddress(input *UnassignPrivateNatGatewayAddressInput) (*UnassignPrivateNatGatewayAddressOutput, error) { + req, out := c.UnassignPrivateNatGatewayAddressRequest(input) + return out, req.Send() +} + +// UnassignPrivateNatGatewayAddressWithContext is the same as UnassignPrivateNatGatewayAddress with the addition of +// the ability to pass a context and additional request options. +// +// See UnassignPrivateNatGatewayAddress for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) UnassignPrivateNatGatewayAddressWithContext(ctx aws.Context, input *UnassignPrivateNatGatewayAddressInput, opts ...request.Option) (*UnassignPrivateNatGatewayAddressOutput, error) { + req, out := c.UnassignPrivateNatGatewayAddressRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opUnlockSnapshot = "UnlockSnapshot" + +// UnlockSnapshotRequest generates a "aws/request.Request" representing the +// client's request for the UnlockSnapshot operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See UnlockSnapshot for more information on using the UnlockSnapshot +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the UnlockSnapshotRequest method. +// req, resp := client.UnlockSnapshotRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/UnlockSnapshot +func (c *EC2) UnlockSnapshotRequest(input *UnlockSnapshotInput) (req *request.Request, output *UnlockSnapshotOutput) { + op := &request.Operation{ + Name: opUnlockSnapshot, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &UnlockSnapshotInput{} + } + + output = &UnlockSnapshotOutput{} + req = c.newRequest(op, input, output) + return +} + +// UnlockSnapshot API operation for Amazon Elastic Compute Cloud. +// +// Unlocks a snapshot that is locked in governance mode or that is locked in +// compliance mode but still in the cooling-off period. You can't unlock a snapshot +// that is locked in compliance mode after the cooling-off period has expired. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation UnlockSnapshot for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/UnlockSnapshot +func (c *EC2) UnlockSnapshot(input *UnlockSnapshotInput) (*UnlockSnapshotOutput, error) { + req, out := c.UnlockSnapshotRequest(input) + return out, req.Send() +} + +// UnlockSnapshotWithContext is the same as UnlockSnapshot with the addition of +// the ability to pass a context and additional request options. +// +// See UnlockSnapshot for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) UnlockSnapshotWithContext(ctx aws.Context, input *UnlockSnapshotInput, opts ...request.Option) (*UnlockSnapshotOutput, error) { + req, out := c.UnlockSnapshotRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opUnmonitorInstances = "UnmonitorInstances" // UnmonitorInstancesRequest generates a "aws/request.Request" representing the @@ -52676,10 +56346,10 @@ func (c *EC2) UpdateSecurityGroupRuleDescriptionsEgressRequest(input *UpdateSecu // UpdateSecurityGroupRuleDescriptionsEgress API operation for Amazon Elastic Compute Cloud. // -// [VPC only] Updates the description of an egress (outbound) security group -// rule. You can replace an existing description, or add a description to a -// rule that did not have one previously. You can remove a description for a -// security group rule by omitting the description parameter in the request. +// Updates the description of an egress (outbound) security group rule. You +// can replace an existing description, or add a description to a rule that +// did not have one previously. You can remove a description for a security +// group rule by omitting the description parameter in the request. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -53537,7 +57207,7 @@ type AcceptVpcEndpointConnectionsInput struct { // ServiceId is a required field ServiceId *string `type:"string" required:"true"` - // The IDs of one or more interface VPC endpoints. + // The IDs of the interface VPC endpoints. // // VpcEndpointIds is a required field VpcEndpointIds []*string `locationName:"VpcEndpointId" locationNameList:"item" type:"list" required:"true"` @@ -53637,7 +57307,9 @@ type AcceptVpcPeeringConnectionInput struct { // The ID of the VPC peering connection. You must specify this parameter in // the request. - VpcPeeringConnectionId *string `locationName:"vpcPeeringConnectionId" type:"string"` + // + // VpcPeeringConnectionId is a required field + VpcPeeringConnectionId *string `locationName:"vpcPeeringConnectionId" type:"string" required:"true"` } // String returns the string representation. @@ -53658,6 +57330,19 @@ func (s AcceptVpcPeeringConnectionInput) GoString() string { return s.String() } +// Validate inspects the fields of the type to determine if they are valid. +func (s *AcceptVpcPeeringConnectionInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "AcceptVpcPeeringConnectionInput"} + if s.VpcPeeringConnectionId == nil { + invalidParams.Add(request.NewErrParamRequired("VpcPeeringConnectionId")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + // SetDryRun sets the DryRun field's value. func (s *AcceptVpcPeeringConnectionInput) SetDryRun(v bool) *AcceptVpcPeeringConnectionInput { s.DryRun = &v @@ -54149,15 +57834,34 @@ func (s *AddedPrincipal) SetServicePermissionId(v string) *AddedPrincipal { return s } -// Describes an additional detail for a path analysis. +// Describes an additional detail for a path analysis. For more information, +// see Reachability Analyzer additional detail codes (https://docs.aws.amazon.com/vpc/latest/reachability/additional-detail-codes.html). type AdditionalDetail struct { _ struct{} `type:"structure"` - // The information type. + // The additional detail code. AdditionalDetailType *string `locationName:"additionalDetailType" type:"string"` // The path component. Component *AnalysisComponent `locationName:"component" type:"structure"` + + // The load balancers. + LoadBalancers []*AnalysisComponent `locationName:"loadBalancerSet" locationNameList:"item" type:"list"` + + // The rule options. + RuleGroupRuleOptionsPairs []*RuleGroupRuleOptionsPair `locationName:"ruleGroupRuleOptionsPairSet" locationNameList:"item" type:"list"` + + // The rule group type. + RuleGroupTypePairs []*RuleGroupTypePair `locationName:"ruleGroupTypePairSet" locationNameList:"item" type:"list"` + + // The rule options. + RuleOptions []*RuleOption `locationName:"ruleOptionSet" locationNameList:"item" type:"list"` + + // The name of the VPC endpoint service. + ServiceName *string `locationName:"serviceName" type:"string"` + + // The VPC endpoint service. + VpcEndpointService *AnalysisComponent `locationName:"vpcEndpointService" type:"structure"` } // String returns the string representation. @@ -54190,15 +57894,50 @@ func (s *AdditionalDetail) SetComponent(v *AnalysisComponent) *AdditionalDetail return s } +// SetLoadBalancers sets the LoadBalancers field's value. +func (s *AdditionalDetail) SetLoadBalancers(v []*AnalysisComponent) *AdditionalDetail { + s.LoadBalancers = v + return s +} + +// SetRuleGroupRuleOptionsPairs sets the RuleGroupRuleOptionsPairs field's value. +func (s *AdditionalDetail) SetRuleGroupRuleOptionsPairs(v []*RuleGroupRuleOptionsPair) *AdditionalDetail { + s.RuleGroupRuleOptionsPairs = v + return s +} + +// SetRuleGroupTypePairs sets the RuleGroupTypePairs field's value. +func (s *AdditionalDetail) SetRuleGroupTypePairs(v []*RuleGroupTypePair) *AdditionalDetail { + s.RuleGroupTypePairs = v + return s +} + +// SetRuleOptions sets the RuleOptions field's value. +func (s *AdditionalDetail) SetRuleOptions(v []*RuleOption) *AdditionalDetail { + s.RuleOptions = v + return s +} + +// SetServiceName sets the ServiceName field's value. +func (s *AdditionalDetail) SetServiceName(v string) *AdditionalDetail { + s.ServiceName = &v + return s +} + +// SetVpcEndpointService sets the VpcEndpointService field's value. +func (s *AdditionalDetail) SetVpcEndpointService(v *AnalysisComponent) *AdditionalDetail { + s.VpcEndpointService = v + return s +} + // Describes an Elastic IP address, or a carrier IP address. type Address struct { _ struct{} `type:"structure"` - // The ID representing the allocation of the address for use with EC2-VPC. + // The ID representing the allocation of the address. AllocationId *string `locationName:"allocationId" type:"string"` - // The ID representing the association of the address with an instance in a - // VPC. + // The ID representing the association of the address with an instance. AssociationId *string `locationName:"associationId" type:"string"` // The carrier IP address associated. This option is only available for network @@ -54212,8 +57951,7 @@ type Address struct { // The ID of the customer-owned address pool. CustomerOwnedIpv4Pool *string `locationName:"customerOwnedIpv4Pool" type:"string"` - // Indicates whether this Elastic IP address is for use with instances in EC2-Classic - // (standard) or instances in a VPC (vpc). + // The network (vpc). Domain *string `locationName:"domain" type:"string" enum:"DomainType"` // The ID of the instance that the address is associated with (if any). @@ -54488,6 +58226,9 @@ func (s *AddressTransfer) SetTransferOfferExpirationTimestamp(v time.Time) *Addr type AdvertiseByoipCidrInput struct { _ struct{} `type:"structure"` + // The public 2-byte or 4-byte ASN that you want to advertise. + Asn *string `type:"string"` + // The address range, in CIDR notation. This must be the exact range that you // provisioned. You can't advertise only a portion of the provisioned range. // @@ -54499,6 +58240,25 @@ type AdvertiseByoipCidrInput struct { // the required permissions, the error response is DryRunOperation. Otherwise, // it is UnauthorizedOperation. DryRun *bool `type:"boolean"` + + // If you have Local Zones (https://docs.aws.amazon.com/local-zones/latest/ug/how-local-zones-work.html) + // enabled, you can choose a network border group for Local Zones when you provision + // and advertise a BYOIPv4 CIDR. Choose the network border group carefully as + // the EIP and the Amazon Web Services resource it is associated with must reside + // in the same network border group. + // + // You can provision BYOIP address ranges to and advertise them in the following + // Local Zone network border groups: + // + // * us-east-1-dfw-2 + // + // * us-west-2-lax-1 + // + // * us-west-2-phx-2 + // + // You cannot provision or advertise BYOIPv6 address ranges in Local Zones at + // this time. + NetworkBorderGroup *string `type:"string"` } // String returns the string representation. @@ -54532,6 +58292,12 @@ func (s *AdvertiseByoipCidrInput) Validate() error { return nil } +// SetAsn sets the Asn field's value. +func (s *AdvertiseByoipCidrInput) SetAsn(v string) *AdvertiseByoipCidrInput { + s.Asn = &v + return s +} + // SetCidr sets the Cidr field's value. func (s *AdvertiseByoipCidrInput) SetCidr(v string) *AdvertiseByoipCidrInput { s.Cidr = &v @@ -54544,6 +58310,12 @@ func (s *AdvertiseByoipCidrInput) SetDryRun(v bool) *AdvertiseByoipCidrInput { return s } +// SetNetworkBorderGroup sets the NetworkBorderGroup field's value. +func (s *AdvertiseByoipCidrInput) SetNetworkBorderGroup(v string) *AdvertiseByoipCidrInput { + s.NetworkBorderGroup = &v + return s +} + type AdvertiseByoipCidrOutput struct { _ struct{} `type:"structure"` @@ -54578,8 +58350,7 @@ func (s *AdvertiseByoipCidrOutput) SetByoipCidr(v *ByoipCidr) *AdvertiseByoipCid type AllocateAddressInput struct { _ struct{} `type:"structure"` - // [EC2-VPC] The Elastic IP address to recover or an IPv4 address from an address - // pool. + // The Elastic IP address to recover or an IPv4 address from an address pool. Address *string `type:"string"` // The ID of a customer-owned address pool. Use this parameter to let Amazon @@ -54587,11 +58358,7 @@ type AllocateAddressInput struct { // address from the address pool. CustomerOwnedIpv4Pool *string `type:"string"` - // Indicates whether the Elastic IP address is for use with instances in a VPC - // or instances in EC2-Classic. - // - // Default: If the Region supports EC2-Classic, the default is standard. Otherwise, - // the default is vpc. + // The network (vpc). Domain *string `type:"string" enum:"DomainType"` // Checks whether you have the required permissions for the action, without @@ -54607,9 +58374,6 @@ type AllocateAddressInput struct { // // Use DescribeAvailabilityZones (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeAvailabilityZones.html) // to view the network border groups. - // - // You cannot use a network border group with EC2 Classic. If you attempt this - // operation on EC2 Classic, you receive an InvalidParameterCombination error. NetworkBorderGroup *string `type:"string"` // The ID of an address pool that you own. Use this parameter to let Amazon @@ -54684,12 +58448,11 @@ func (s *AllocateAddressInput) SetTagSpecifications(v []*TagSpecification) *Allo type AllocateAddressOutput struct { _ struct{} `type:"structure"` - // [EC2-VPC] The ID that Amazon Web Services assigns to represent the allocation - // of the Elastic IP address for use with instances in a VPC. + // The ID that represents the allocation of the Elastic IP address. AllocationId *string `locationName:"allocationId" type:"string"` // The carrier IP address. This option is only available for network interfaces - // which reside in a subnet in a Wavelength Zone (for example an EC2 instance). + // that reside in a subnet in a Wavelength Zone. CarrierIp *string `locationName:"carrierIp" type:"string"` // The customer-owned IP address. @@ -54698,8 +58461,7 @@ type AllocateAddressOutput struct { // The ID of the customer-owned address pool. CustomerOwnedIpv4Pool *string `locationName:"customerOwnedIpv4Pool" type:"string"` - // Indicates whether the Elastic IP address is for use with instances in a VPC - // (vpc) or instances in EC2-Classic (standard). + // The network (vpc). Domain *string `locationName:"domain" type:"string" enum:"DomainType"` // The set of Availability Zones, Local Zones, or Wavelength Zones from which @@ -54782,6 +58544,19 @@ func (s *AllocateAddressOutput) SetPublicIpv4Pool(v string) *AllocateAddressOutp type AllocateHostsInput struct { _ struct{} `type:"structure"` + // The IDs of the Outpost hardware assets on which to allocate the Dedicated + // Hosts. Targeting specific hardware assets on an Outpost can help to minimize + // latency between your workloads. This parameter is supported only if you specify + // OutpostArn. If you are allocating the Dedicated Hosts in a Region, omit this + // parameter. + // + // * If you specify this parameter, you can omit Quantity. In this case, + // Amazon EC2 allocates a Dedicated Host on each specified hardware asset. + // + // * If you specify both AssetIds and Quantity, then the value for Quantity + // must be equal to the number of asset IDs specified. + AssetIds []*string `locationName:"AssetId" type:"list"` + // Indicates whether the host accepts any untargeted instance launches that // match its instance type configuration, or if it only accepts Host tenancy // instance launches that specify its unique host ID. For more information, @@ -54800,6 +58575,11 @@ type AllocateHostsInput struct { // of the request. For more information, see Ensuring Idempotency (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html). ClientToken *string `locationName:"clientToken" type:"string"` + // Indicates whether to enable or disable host maintenance for the Dedicated + // Host. For more information, see Host maintenance (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/dedicated-hosts-maintenance.html) + // in the Amazon EC2 User Guide. + HostMaintenance *string `type:"string" enum:"HostMaintenance"` + // Indicates whether to enable or disable host recovery for the Dedicated Host. // Host recovery is disabled by default. For more information, see Host recovery // (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/dedicated-hosts-recovery.html) @@ -54827,13 +58607,19 @@ type AllocateHostsInput struct { InstanceType *string `locationName:"instanceType" type:"string"` // The Amazon Resource Name (ARN) of the Amazon Web Services Outpost on which - // to allocate the Dedicated Host. + // to allocate the Dedicated Host. If you specify OutpostArn, you can optionally + // specify AssetIds. + // + // If you are allocating the Dedicated Host in a Region, omit this parameter. OutpostArn *string `type:"string"` // The number of Dedicated Hosts to allocate to your account with these parameters. - // - // Quantity is a required field - Quantity *int64 `locationName:"quantity" type:"integer" required:"true"` + // If you are allocating the Dedicated Hosts on an Outpost, and you specify + // AssetIds, you can omit this parameter. In this case, Amazon EC2 allocates + // a Dedicated Host on each specified hardware asset. If you specify both AssetIds + // and Quantity, then the value that you specify for Quantity must be equal + // to the number of asset IDs specified. + Quantity *int64 `locationName:"quantity" type:"integer"` // The tags to apply to the Dedicated Host during creation. TagSpecifications []*TagSpecification `locationName:"TagSpecification" locationNameList:"item" type:"list"` @@ -54863,9 +58649,6 @@ func (s *AllocateHostsInput) Validate() error { if s.AvailabilityZone == nil { invalidParams.Add(request.NewErrParamRequired("AvailabilityZone")) } - if s.Quantity == nil { - invalidParams.Add(request.NewErrParamRequired("Quantity")) - } if invalidParams.Len() > 0 { return invalidParams @@ -54873,6 +58656,12 @@ func (s *AllocateHostsInput) Validate() error { return nil } +// SetAssetIds sets the AssetIds field's value. +func (s *AllocateHostsInput) SetAssetIds(v []*string) *AllocateHostsInput { + s.AssetIds = v + return s +} + // SetAutoPlacement sets the AutoPlacement field's value. func (s *AllocateHostsInput) SetAutoPlacement(v string) *AllocateHostsInput { s.AutoPlacement = &v @@ -54891,6 +58680,12 @@ func (s *AllocateHostsInput) SetClientToken(v string) *AllocateHostsInput { return s } +// SetHostMaintenance sets the HostMaintenance field's value. +func (s *AllocateHostsInput) SetHostMaintenance(v string) *AllocateHostsInput { + s.HostMaintenance = &v + return s +} + // SetHostRecovery sets the HostRecovery field's value. func (s *AllocateHostsInput) SetHostRecovery(v string) *AllocateHostsInput { s.HostRecovery = &v @@ -54963,6 +58758,10 @@ func (s *AllocateHostsOutput) SetHostIds(v []*string) *AllocateHostsOutput { type AllocateIpamPoolCidrInput struct { _ struct{} `type:"structure"` + // Include a particular CIDR range that can be returned by the pool. Allowed + // CIDRs are only allowed if using netmask length for allocation. + AllowedCidrs []*string `locationName:"AllowedCidr" locationNameList:"item" type:"list"` + // The CIDR you would like to allocate from the IPAM pool. Note the following: // // * If there is no DefaultNetmaskLength allocation rule set on the pool, @@ -55046,6 +58845,12 @@ func (s *AllocateIpamPoolCidrInput) Validate() error { return nil } +// SetAllowedCidrs sets the AllowedCidrs field's value. +func (s *AllocateIpamPoolCidrInput) SetAllowedCidrs(v []*string) *AllocateIpamPoolCidrInput { + s.AllowedCidrs = v + return s +} + // SetCidr sets the Cidr field's value. func (s *AllocateIpamPoolCidrInput) SetCidr(v string) *AllocateIpamPoolCidrInput { s.Cidr = &v @@ -55535,6 +59340,12 @@ func (s *AnalysisPacketHeader) SetSourcePortRanges(v []*PortRange) *AnalysisPack type AnalysisRouteTableRoute struct { _ struct{} `type:"structure"` + // The ID of a carrier gateway. + CarrierGatewayId *string `locationName:"carrierGatewayId" type:"string"` + + // The Amazon Resource Name (ARN) of a core network. + CoreNetworkArn *string `locationName:"coreNetworkArn" min:"1" type:"string"` + // The destination IPv4 address, in CIDR notation. DestinationCidr *string `locationName:"destinationCidr" type:"string"` @@ -55550,6 +59361,9 @@ type AnalysisRouteTableRoute struct { // The ID of the instance, such as a NAT instance. InstanceId *string `locationName:"instanceId" type:"string"` + // The ID of a local gateway. + LocalGatewayId *string `locationName:"localGatewayId" type:"string"` + // The ID of a NAT gateway. NatGatewayId *string `locationName:"natGatewayId" type:"string"` @@ -55598,6 +59412,18 @@ func (s AnalysisRouteTableRoute) GoString() string { return s.String() } +// SetCarrierGatewayId sets the CarrierGatewayId field's value. +func (s *AnalysisRouteTableRoute) SetCarrierGatewayId(v string) *AnalysisRouteTableRoute { + s.CarrierGatewayId = &v + return s +} + +// SetCoreNetworkArn sets the CoreNetworkArn field's value. +func (s *AnalysisRouteTableRoute) SetCoreNetworkArn(v string) *AnalysisRouteTableRoute { + s.CoreNetworkArn = &v + return s +} + // SetDestinationCidr sets the DestinationCidr field's value. func (s *AnalysisRouteTableRoute) SetDestinationCidr(v string) *AnalysisRouteTableRoute { s.DestinationCidr = &v @@ -55628,6 +59454,12 @@ func (s *AnalysisRouteTableRoute) SetInstanceId(v string) *AnalysisRouteTableRou return s } +// SetLocalGatewayId sets the LocalGatewayId field's value. +func (s *AnalysisRouteTableRoute) SetLocalGatewayId(v string) *AnalysisRouteTableRoute { + s.LocalGatewayId = &v + return s +} + // SetNatGatewayId sets the NatGatewayId field's value. func (s *AnalysisRouteTableRoute) SetNatGatewayId(v string) *AnalysisRouteTableRoute { s.NatGatewayId = &v @@ -55863,6 +59695,130 @@ func (s *ApplySecurityGroupsToClientVpnTargetNetworkOutput) SetSecurityGroupIds( return s } +// An Autonomous System Number (ASN) and BYOIP CIDR association. +type AsnAssociation struct { + _ struct{} `type:"structure"` + + // The association's ASN. + Asn *string `locationName:"asn" type:"string"` + + // The association's CIDR. + Cidr *string `locationName:"cidr" type:"string"` + + // The association's state. + State *string `locationName:"state" type:"string" enum:"AsnAssociationState"` + + // The association's status message. + StatusMessage *string `locationName:"statusMessage" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s AsnAssociation) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s AsnAssociation) GoString() string { + return s.String() +} + +// SetAsn sets the Asn field's value. +func (s *AsnAssociation) SetAsn(v string) *AsnAssociation { + s.Asn = &v + return s +} + +// SetCidr sets the Cidr field's value. +func (s *AsnAssociation) SetCidr(v string) *AsnAssociation { + s.Cidr = &v + return s +} + +// SetState sets the State field's value. +func (s *AsnAssociation) SetState(v string) *AsnAssociation { + s.State = &v + return s +} + +// SetStatusMessage sets the StatusMessage field's value. +func (s *AsnAssociation) SetStatusMessage(v string) *AsnAssociation { + s.StatusMessage = &v + return s +} + +// Provides authorization for Amazon to bring an Autonomous System Number (ASN) +// to a specific Amazon Web Services account using bring your own ASN (BYOASN). +// For details on the format of the message and signature, see Tutorial: Bring +// your ASN to IPAM (https://docs.aws.amazon.com/vpc/latest/ipam/tutorials-byoasn.html) +// in the Amazon VPC IPAM guide. +type AsnAuthorizationContext struct { + _ struct{} `type:"structure"` + + // The authorization context's message. + // + // Message is a required field + Message *string `type:"string" required:"true"` + + // The authorization context's signature. + // + // Signature is a required field + Signature *string `type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s AsnAuthorizationContext) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s AsnAuthorizationContext) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *AsnAuthorizationContext) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "AsnAuthorizationContext"} + if s.Message == nil { + invalidParams.Add(request.NewErrParamRequired("Message")) + } + if s.Signature == nil { + invalidParams.Add(request.NewErrParamRequired("Signature")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetMessage sets the Message field's value. +func (s *AsnAuthorizationContext) SetMessage(v string) *AsnAuthorizationContext { + s.Message = &v + return s +} + +// SetSignature sets the Signature field's value. +func (s *AsnAuthorizationContext) SetSignature(v string) *AsnAuthorizationContext { + s.Signature = &v + return s +} + type AssignIpv6AddressesInput struct { _ struct{} `type:"structure"` @@ -56154,6 +60110,126 @@ func (s *AssignPrivateIpAddressesOutput) SetNetworkInterfaceId(v string) *Assign return s } +type AssignPrivateNatGatewayAddressInput struct { + _ struct{} `type:"structure"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The ID of the NAT gateway. + // + // NatGatewayId is a required field + NatGatewayId *string `type:"string" required:"true"` + + // The number of private IP addresses to assign to the NAT gateway. You can't + // specify this parameter when also specifying private IP addresses. + PrivateIpAddressCount *int64 `min:"1" type:"integer"` + + // The private IPv4 addresses you want to assign to the private NAT gateway. + PrivateIpAddresses []*string `locationName:"PrivateIpAddress" locationNameList:"item" type:"list"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s AssignPrivateNatGatewayAddressInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s AssignPrivateNatGatewayAddressInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *AssignPrivateNatGatewayAddressInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "AssignPrivateNatGatewayAddressInput"} + if s.NatGatewayId == nil { + invalidParams.Add(request.NewErrParamRequired("NatGatewayId")) + } + if s.PrivateIpAddressCount != nil && *s.PrivateIpAddressCount < 1 { + invalidParams.Add(request.NewErrParamMinValue("PrivateIpAddressCount", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDryRun sets the DryRun field's value. +func (s *AssignPrivateNatGatewayAddressInput) SetDryRun(v bool) *AssignPrivateNatGatewayAddressInput { + s.DryRun = &v + return s +} + +// SetNatGatewayId sets the NatGatewayId field's value. +func (s *AssignPrivateNatGatewayAddressInput) SetNatGatewayId(v string) *AssignPrivateNatGatewayAddressInput { + s.NatGatewayId = &v + return s +} + +// SetPrivateIpAddressCount sets the PrivateIpAddressCount field's value. +func (s *AssignPrivateNatGatewayAddressInput) SetPrivateIpAddressCount(v int64) *AssignPrivateNatGatewayAddressInput { + s.PrivateIpAddressCount = &v + return s +} + +// SetPrivateIpAddresses sets the PrivateIpAddresses field's value. +func (s *AssignPrivateNatGatewayAddressInput) SetPrivateIpAddresses(v []*string) *AssignPrivateNatGatewayAddressInput { + s.PrivateIpAddresses = v + return s +} + +type AssignPrivateNatGatewayAddressOutput struct { + _ struct{} `type:"structure"` + + // NAT gateway IP addresses. + NatGatewayAddresses []*NatGatewayAddress `locationName:"natGatewayAddressSet" locationNameList:"item" type:"list"` + + // The ID of the NAT gateway. + NatGatewayId *string `locationName:"natGatewayId" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s AssignPrivateNatGatewayAddressOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s AssignPrivateNatGatewayAddressOutput) GoString() string { + return s.String() +} + +// SetNatGatewayAddresses sets the NatGatewayAddresses field's value. +func (s *AssignPrivateNatGatewayAddressOutput) SetNatGatewayAddresses(v []*NatGatewayAddress) *AssignPrivateNatGatewayAddressOutput { + s.NatGatewayAddresses = v + return s +} + +// SetNatGatewayId sets the NatGatewayId field's value. +func (s *AssignPrivateNatGatewayAddressOutput) SetNatGatewayId(v string) *AssignPrivateNatGatewayAddressOutput { + s.NatGatewayId = &v + return s +} + // Describes the private IP addresses assigned to a network interface. type AssignedPrivateIpAddress struct { _ struct{} `type:"structure"` @@ -56189,15 +60265,11 @@ func (s *AssignedPrivateIpAddress) SetPrivateIpAddress(v string) *AssignedPrivat type AssociateAddressInput struct { _ struct{} `type:"structure"` - // [EC2-VPC] The allocation ID. This is required for EC2-VPC. + // The allocation ID. This is required. AllocationId *string `type:"string"` - // [EC2-VPC] For a VPC in an EC2-Classic account, specify true to allow an Elastic - // IP address that is already associated with an instance or network interface - // to be reassociated with the specified instance or network interface. Otherwise, - // the operation fails. In a VPC in an EC2-VPC-only account, reassociation is - // automatic, therefore you can specify false to ensure the operation fails - // if the Elastic IP address is already associated with another resource. + // Reassociation is automatic, but you can specify false to ensure the operation + // fails if the Elastic IP address is already associated with another resource. AllowReassociation *bool `locationName:"allowReassociation" type:"boolean"` // Checks whether you have the required permissions for the action, without @@ -56207,25 +60279,23 @@ type AssociateAddressInput struct { DryRun *bool `locationName:"dryRun" type:"boolean"` // The ID of the instance. The instance must have exactly one attached network - // interface. For EC2-VPC, you can specify either the instance ID or the network - // interface ID, but not both. For EC2-Classic, you must specify an instance - // ID and the instance must be in the running state. + // interface. You can specify either the instance ID or the network interface + // ID, but not both. InstanceId *string `type:"string"` - // [EC2-VPC] The ID of the network interface. If the instance has more than - // one network interface, you must specify a network interface ID. + // The ID of the network interface. If the instance has more than one network + // interface, you must specify a network interface ID. // - // For EC2-VPC, you can specify either the instance ID or the network interface - // ID, but not both. + // You can specify either the instance ID or the network interface ID, but not + // both. NetworkInterfaceId *string `locationName:"networkInterfaceId" type:"string"` - // [EC2-VPC] The primary or secondary private IP address to associate with the - // Elastic IP address. If no private IP address is specified, the Elastic IP - // address is associated with the primary private IP address. + // The primary or secondary private IP address to associate with the Elastic + // IP address. If no private IP address is specified, the Elastic IP address + // is associated with the primary private IP address. PrivateIpAddress *string `locationName:"privateIpAddress" type:"string"` - // [EC2-Classic] The Elastic IP address to associate with the instance. This - // is required for EC2-Classic. + // Deprecated. PublicIp *string `type:"string"` } @@ -56292,8 +60362,8 @@ func (s *AssociateAddressInput) SetPublicIp(v string) *AssociateAddressInput { type AssociateAddressOutput struct { _ struct{} `type:"structure"` - // [EC2-VPC] The ID that represents the association of the Elastic IP address - // with an instance. + // The ID that represents the association of the Elastic IP address with an + // instance. AssociationId *string `locationName:"associationId" type:"string"` } @@ -56542,7 +60612,9 @@ type AssociateEnclaveCertificateIamRoleInput struct { _ struct{} `type:"structure"` // The ARN of the ACM certificate with which to associate the IAM role. - CertificateArn *string `min:"1" type:"string"` + // + // CertificateArn is a required field + CertificateArn *string `type:"string" required:"true"` // Checks whether you have the required permissions for the action, without // actually making the request, and provides an error response. If you have @@ -56552,7 +60624,9 @@ type AssociateEnclaveCertificateIamRoleInput struct { // The ARN of the IAM role to associate with the ACM certificate. You can associate // up to 16 IAM roles with an ACM certificate. - RoleArn *string `min:"1" type:"string"` + // + // RoleArn is a required field + RoleArn *string `type:"string" required:"true"` } // String returns the string representation. @@ -56576,11 +60650,11 @@ func (s AssociateEnclaveCertificateIamRoleInput) GoString() string { // Validate inspects the fields of the type to determine if they are valid. func (s *AssociateEnclaveCertificateIamRoleInput) Validate() error { invalidParams := request.ErrInvalidParams{Context: "AssociateEnclaveCertificateIamRoleInput"} - if s.CertificateArn != nil && len(*s.CertificateArn) < 1 { - invalidParams.Add(request.NewErrParamMinLen("CertificateArn", 1)) + if s.CertificateArn == nil { + invalidParams.Add(request.NewErrParamRequired("CertificateArn")) } - if s.RoleArn != nil && len(*s.RoleArn) < 1 { - invalidParams.Add(request.NewErrParamMinLen("RoleArn", 1)) + if s.RoleArn == nil { + invalidParams.Add(request.NewErrParamRequired("RoleArn")) } if invalidParams.Len() > 0 { @@ -56851,6 +60925,352 @@ func (s *AssociateInstanceEventWindowOutput) SetInstanceEventWindow(v *InstanceE return s } +type AssociateIpamByoasnInput struct { + _ struct{} `type:"structure"` + + // A public 2-byte or 4-byte ASN. + // + // Asn is a required field + Asn *string `type:"string" required:"true"` + + // The BYOIP CIDR you want to associate with an ASN. + // + // Cidr is a required field + Cidr *string `type:"string" required:"true"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s AssociateIpamByoasnInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s AssociateIpamByoasnInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *AssociateIpamByoasnInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "AssociateIpamByoasnInput"} + if s.Asn == nil { + invalidParams.Add(request.NewErrParamRequired("Asn")) + } + if s.Cidr == nil { + invalidParams.Add(request.NewErrParamRequired("Cidr")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetAsn sets the Asn field's value. +func (s *AssociateIpamByoasnInput) SetAsn(v string) *AssociateIpamByoasnInput { + s.Asn = &v + return s +} + +// SetCidr sets the Cidr field's value. +func (s *AssociateIpamByoasnInput) SetCidr(v string) *AssociateIpamByoasnInput { + s.Cidr = &v + return s +} + +// SetDryRun sets the DryRun field's value. +func (s *AssociateIpamByoasnInput) SetDryRun(v bool) *AssociateIpamByoasnInput { + s.DryRun = &v + return s +} + +type AssociateIpamByoasnOutput struct { + _ struct{} `type:"structure"` + + // The ASN and BYOIP CIDR association. + AsnAssociation *AsnAssociation `locationName:"asnAssociation" type:"structure"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s AssociateIpamByoasnOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s AssociateIpamByoasnOutput) GoString() string { + return s.String() +} + +// SetAsnAssociation sets the AsnAssociation field's value. +func (s *AssociateIpamByoasnOutput) SetAsnAssociation(v *AsnAssociation) *AssociateIpamByoasnOutput { + s.AsnAssociation = v + return s +} + +type AssociateIpamResourceDiscoveryInput struct { + _ struct{} `type:"structure"` + + // A client token. + ClientToken *string `type:"string" idempotencyToken:"true"` + + // A check for whether you have the required permissions for the action without + // actually making the request and provides an error response. If you have the + // required permissions, the error response is DryRunOperation. Otherwise, it + // is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // An IPAM ID. + // + // IpamId is a required field + IpamId *string `type:"string" required:"true"` + + // A resource discovery ID. + // + // IpamResourceDiscoveryId is a required field + IpamResourceDiscoveryId *string `type:"string" required:"true"` + + // Tag specifications. + TagSpecifications []*TagSpecification `locationName:"TagSpecification" locationNameList:"item" type:"list"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s AssociateIpamResourceDiscoveryInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s AssociateIpamResourceDiscoveryInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *AssociateIpamResourceDiscoveryInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "AssociateIpamResourceDiscoveryInput"} + if s.IpamId == nil { + invalidParams.Add(request.NewErrParamRequired("IpamId")) + } + if s.IpamResourceDiscoveryId == nil { + invalidParams.Add(request.NewErrParamRequired("IpamResourceDiscoveryId")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetClientToken sets the ClientToken field's value. +func (s *AssociateIpamResourceDiscoveryInput) SetClientToken(v string) *AssociateIpamResourceDiscoveryInput { + s.ClientToken = &v + return s +} + +// SetDryRun sets the DryRun field's value. +func (s *AssociateIpamResourceDiscoveryInput) SetDryRun(v bool) *AssociateIpamResourceDiscoveryInput { + s.DryRun = &v + return s +} + +// SetIpamId sets the IpamId field's value. +func (s *AssociateIpamResourceDiscoveryInput) SetIpamId(v string) *AssociateIpamResourceDiscoveryInput { + s.IpamId = &v + return s +} + +// SetIpamResourceDiscoveryId sets the IpamResourceDiscoveryId field's value. +func (s *AssociateIpamResourceDiscoveryInput) SetIpamResourceDiscoveryId(v string) *AssociateIpamResourceDiscoveryInput { + s.IpamResourceDiscoveryId = &v + return s +} + +// SetTagSpecifications sets the TagSpecifications field's value. +func (s *AssociateIpamResourceDiscoveryInput) SetTagSpecifications(v []*TagSpecification) *AssociateIpamResourceDiscoveryInput { + s.TagSpecifications = v + return s +} + +type AssociateIpamResourceDiscoveryOutput struct { + _ struct{} `type:"structure"` + + // A resource discovery association. An associated resource discovery is a resource + // discovery that has been associated with an IPAM. + IpamResourceDiscoveryAssociation *IpamResourceDiscoveryAssociation `locationName:"ipamResourceDiscoveryAssociation" type:"structure"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s AssociateIpamResourceDiscoveryOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s AssociateIpamResourceDiscoveryOutput) GoString() string { + return s.String() +} + +// SetIpamResourceDiscoveryAssociation sets the IpamResourceDiscoveryAssociation field's value. +func (s *AssociateIpamResourceDiscoveryOutput) SetIpamResourceDiscoveryAssociation(v *IpamResourceDiscoveryAssociation) *AssociateIpamResourceDiscoveryOutput { + s.IpamResourceDiscoveryAssociation = v + return s +} + +type AssociateNatGatewayAddressInput struct { + _ struct{} `type:"structure"` + + // The allocation IDs of EIPs that you want to associate with your NAT gateway. + // + // AllocationIds is a required field + AllocationIds []*string `locationName:"AllocationId" locationNameList:"AllocationId" type:"list" required:"true"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The ID of the NAT gateway. + // + // NatGatewayId is a required field + NatGatewayId *string `type:"string" required:"true"` + + // The private IPv4 addresses that you want to assign to the NAT gateway. + PrivateIpAddresses []*string `locationName:"PrivateIpAddress" locationNameList:"item" type:"list"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s AssociateNatGatewayAddressInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s AssociateNatGatewayAddressInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *AssociateNatGatewayAddressInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "AssociateNatGatewayAddressInput"} + if s.AllocationIds == nil { + invalidParams.Add(request.NewErrParamRequired("AllocationIds")) + } + if s.NatGatewayId == nil { + invalidParams.Add(request.NewErrParamRequired("NatGatewayId")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetAllocationIds sets the AllocationIds field's value. +func (s *AssociateNatGatewayAddressInput) SetAllocationIds(v []*string) *AssociateNatGatewayAddressInput { + s.AllocationIds = v + return s +} + +// SetDryRun sets the DryRun field's value. +func (s *AssociateNatGatewayAddressInput) SetDryRun(v bool) *AssociateNatGatewayAddressInput { + s.DryRun = &v + return s +} + +// SetNatGatewayId sets the NatGatewayId field's value. +func (s *AssociateNatGatewayAddressInput) SetNatGatewayId(v string) *AssociateNatGatewayAddressInput { + s.NatGatewayId = &v + return s +} + +// SetPrivateIpAddresses sets the PrivateIpAddresses field's value. +func (s *AssociateNatGatewayAddressInput) SetPrivateIpAddresses(v []*string) *AssociateNatGatewayAddressInput { + s.PrivateIpAddresses = v + return s +} + +type AssociateNatGatewayAddressOutput struct { + _ struct{} `type:"structure"` + + // The IP addresses. + NatGatewayAddresses []*NatGatewayAddress `locationName:"natGatewayAddressSet" locationNameList:"item" type:"list"` + + // The ID of the NAT gateway. + NatGatewayId *string `locationName:"natGatewayId" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s AssociateNatGatewayAddressOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s AssociateNatGatewayAddressOutput) GoString() string { + return s.String() +} + +// SetNatGatewayAddresses sets the NatGatewayAddresses field's value. +func (s *AssociateNatGatewayAddressOutput) SetNatGatewayAddresses(v []*NatGatewayAddress) *AssociateNatGatewayAddressOutput { + s.NatGatewayAddresses = v + return s +} + +// SetNatGatewayId sets the NatGatewayId field's value. +func (s *AssociateNatGatewayAddressOutput) SetNatGatewayId(v string) *AssociateNatGatewayAddressOutput { + s.NatGatewayId = &v + return s +} + type AssociateRouteTableInput struct { _ struct{} `type:"structure"` @@ -56971,10 +61391,14 @@ func (s *AssociateRouteTableOutput) SetAssociationState(v *RouteTableAssociation type AssociateSubnetCidrBlockInput struct { _ struct{} `type:"structure"` - // The IPv6 CIDR block for your subnet. The subnet must have a /64 prefix length. - // - // Ipv6CidrBlock is a required field - Ipv6CidrBlock *string `locationName:"ipv6CidrBlock" type:"string" required:"true"` + // The IPv6 CIDR block for your subnet. + Ipv6CidrBlock *string `locationName:"ipv6CidrBlock" type:"string"` + + // An IPv6 IPAM pool ID. + Ipv6IpamPoolId *string `type:"string"` + + // An IPv6 netmask length. + Ipv6NetmaskLength *int64 `type:"integer"` // The ID of your subnet. // @@ -57003,9 +61427,6 @@ func (s AssociateSubnetCidrBlockInput) GoString() string { // Validate inspects the fields of the type to determine if they are valid. func (s *AssociateSubnetCidrBlockInput) Validate() error { invalidParams := request.ErrInvalidParams{Context: "AssociateSubnetCidrBlockInput"} - if s.Ipv6CidrBlock == nil { - invalidParams.Add(request.NewErrParamRequired("Ipv6CidrBlock")) - } if s.SubnetId == nil { invalidParams.Add(request.NewErrParamRequired("SubnetId")) } @@ -57022,6 +61443,18 @@ func (s *AssociateSubnetCidrBlockInput) SetIpv6CidrBlock(v string) *AssociateSub return s } +// SetIpv6IpamPoolId sets the Ipv6IpamPoolId field's value. +func (s *AssociateSubnetCidrBlockInput) SetIpv6IpamPoolId(v string) *AssociateSubnetCidrBlockInput { + s.Ipv6IpamPoolId = &v + return s +} + +// SetIpv6NetmaskLength sets the Ipv6NetmaskLength field's value. +func (s *AssociateSubnetCidrBlockInput) SetIpv6NetmaskLength(v int64) *AssociateSubnetCidrBlockInput { + s.Ipv6NetmaskLength = &v + return s +} + // SetSubnetId sets the SubnetId field's value. func (s *AssociateSubnetCidrBlockInput) SetSubnetId(v string) *AssociateSubnetCidrBlockInput { s.SubnetId = &v @@ -57078,14 +61511,20 @@ type AssociateTransitGatewayMulticastDomainInput struct { DryRun *bool `type:"boolean"` // The IDs of the subnets to associate with the transit gateway multicast domain. - SubnetIds []*string `locationNameList:"item" type:"list"` + // + // SubnetIds is a required field + SubnetIds []*string `locationNameList:"item" type:"list" required:"true"` // The ID of the transit gateway attachment to associate with the transit gateway // multicast domain. - TransitGatewayAttachmentId *string `type:"string"` + // + // TransitGatewayAttachmentId is a required field + TransitGatewayAttachmentId *string `type:"string" required:"true"` // The ID of the transit gateway multicast domain. - TransitGatewayMulticastDomainId *string `type:"string"` + // + // TransitGatewayMulticastDomainId is a required field + TransitGatewayMulticastDomainId *string `type:"string" required:"true"` } // String returns the string representation. @@ -57106,6 +61545,25 @@ func (s AssociateTransitGatewayMulticastDomainInput) GoString() string { return s.String() } +// Validate inspects the fields of the type to determine if they are valid. +func (s *AssociateTransitGatewayMulticastDomainInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "AssociateTransitGatewayMulticastDomainInput"} + if s.SubnetIds == nil { + invalidParams.Add(request.NewErrParamRequired("SubnetIds")) + } + if s.TransitGatewayAttachmentId == nil { + invalidParams.Add(request.NewErrParamRequired("TransitGatewayAttachmentId")) + } + if s.TransitGatewayMulticastDomainId == nil { + invalidParams.Add(request.NewErrParamRequired("TransitGatewayMulticastDomainId")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + // SetDryRun sets the DryRun field's value. func (s *AssociateTransitGatewayMulticastDomainInput) SetDryRun(v bool) *AssociateTransitGatewayMulticastDomainInput { s.DryRun = &v @@ -57515,7 +61973,7 @@ type AssociateVpcCidrBlockInput struct { _ struct{} `type:"structure"` // Requests an Amazon-provided IPv6 CIDR block with a /56 prefix length for - // the VPC. You cannot specify the range of IPv6 addresses, or the size of the + // the VPC. You cannot specify the range of IPv6 addresses or the size of the // CIDR block. AmazonProvidedIpv6CidrBlock *bool `locationName:"amazonProvidedIpv6CidrBlock" type:"boolean"` @@ -57939,18 +62397,18 @@ type AttachClassicLinkVpcInput struct { // it is UnauthorizedOperation. DryRun *bool `locationName:"dryRun" type:"boolean"` - // The ID of one or more of the VPC's security groups. You cannot specify security - // groups from a different VPC. + // The IDs of the security groups. You cannot specify security groups from a + // different VPC. // // Groups is a required field Groups []*string `locationName:"SecurityGroupId" locationNameList:"groupId" type:"list" required:"true"` - // The ID of an EC2-Classic instance to link to the ClassicLink-enabled VPC. + // The ID of the EC2-Classic instance. // // InstanceId is a required field InstanceId *string `locationName:"instanceId" type:"string" required:"true"` - // The ID of a ClassicLink-enabled VPC. + // The ID of the ClassicLink-enabled VPC. // // VpcId is a required field VpcId *string `locationName:"vpcId" type:"string" required:"true"` @@ -58305,12 +62763,12 @@ type AttachVerifiedAccessTrustProviderInput struct { // it is UnauthorizedOperation. DryRun *bool `type:"boolean"` - // The ID of the Amazon Web Services Verified Access instance. + // The ID of the Verified Access instance. // // VerifiedAccessInstanceId is a required field VerifiedAccessInstanceId *string `type:"string" required:"true"` - // The ID of the Amazon Web Services Verified Access trust provider. + // The ID of the Verified Access trust provider. // // VerifiedAccessTrustProviderId is a required field VerifiedAccessTrustProviderId *string `type:"string" required:"true"` @@ -58377,10 +62835,10 @@ func (s *AttachVerifiedAccessTrustProviderInput) SetVerifiedAccessTrustProviderI type AttachVerifiedAccessTrustProviderOutput struct { _ struct{} `type:"structure"` - // The ID of the Amazon Web Services Verified Access instance. + // Details about the Verified Access instance. VerifiedAccessInstance *VerifiedAccessInstance `locationName:"verifiedAccessInstance" type:"structure"` - // The ID of the Amazon Web Services Verified Access trust provider. + // Details about the Verified Access trust provider. VerifiedAccessTrustProvider *VerifiedAccessTrustProvider `locationName:"verifiedAccessTrustProvider" type:"structure"` } @@ -58606,16 +63064,25 @@ func (s *AttachVpnGatewayOutput) SetVpcAttachment(v *VpcAttachment) *AttachVpnGa return s } -// Describes the ENA Express configuration for the network interface that's -// attached to the instance. +// ENA Express uses Amazon Web Services Scalable Reliable Datagram (SRD) technology +// to increase the maximum bandwidth used per stream and minimize tail latency +// of network traffic between EC2 instances. With ENA Express, you can communicate +// between two EC2 instances in the same subnet within the same account, or +// in different accounts. Both sending and receiving instances must have ENA +// Express enabled. +// +// To improve the reliability of network packet delivery, ENA Express reorders +// network packets on the receiving end by default. However, some UDP-based +// applications are designed to handle network packets that are out of order +// to reduce the overhead for packet delivery at the network layer. When ENA +// Express is enabled, you can specify whether UDP network traffic uses it. type AttachmentEnaSrdSpecification struct { _ struct{} `type:"structure"` - // Indicates whether ENA Express is enabled for the network interface that's - // attached to the instance. + // Indicates whether ENA Express is enabled for the network interface. EnaSrdEnabled *bool `locationName:"enaSrdEnabled" type:"boolean"` - // ENA Express configuration for UDP network traffic. + // Configures ENA Express for UDP network traffic. EnaSrdUdpSpecification *AttachmentEnaSrdUdpSpecification `locationName:"enaSrdUdpSpecification" type:"structure"` } @@ -58649,8 +63116,12 @@ func (s *AttachmentEnaSrdSpecification) SetEnaSrdUdpSpecification(v *AttachmentE return s } -// Describes the ENA Express configuration for UDP traffic on the network interface -// that's attached to the instance. +// ENA Express is compatible with both TCP and UDP transport protocols. When +// it's enabled, TCP traffic automatically uses it. However, some UDP-based +// applications are designed to handle network packets that are out of order, +// without a need for retransmission, such as live video broadcasting or other +// near-real-time applications. For UDP traffic, you can specify whether to +// use ENA Express, based on your application environment needs. type AttachmentEnaSrdUdpSpecification struct { _ struct{} `type:"structure"` @@ -58974,7 +63445,7 @@ func (s *AuthorizeClientVpnIngressOutput) SetStatus(v *ClientVpnAuthorizationRul type AuthorizeSecurityGroupEgressInput struct { _ struct{} `type:"structure"` - // Not supported. Use a set of IP permissions to specify the CIDR. + // Not supported. Use IP permissions instead. CidrIp *string `locationName:"cidrIp" type:"string"` // Checks whether you have the required permissions for the action, without @@ -58983,7 +63454,7 @@ type AuthorizeSecurityGroupEgressInput struct { // it is UnauthorizedOperation. DryRun *bool `locationName:"dryRun" type:"boolean"` - // Not supported. Use a set of IP permissions to specify the port. + // Not supported. Use IP permissions instead. FromPort *int64 `locationName:"fromPort" type:"integer"` // The ID of the security group. @@ -58991,26 +63462,22 @@ type AuthorizeSecurityGroupEgressInput struct { // GroupId is a required field GroupId *string `locationName:"groupId" type:"string" required:"true"` - // The sets of IP permissions. You can't specify a destination security group - // and a CIDR IP address range in the same set of permissions. + // The permissions for the security group rules. IpPermissions []*IpPermission `locationName:"ipPermissions" locationNameList:"item" type:"list"` - // Not supported. Use a set of IP permissions to specify the protocol name or - // number. + // Not supported. Use IP permissions instead. IpProtocol *string `locationName:"ipProtocol" type:"string"` - // Not supported. Use a set of IP permissions to specify a destination security - // group. + // Not supported. Use IP permissions instead. SourceSecurityGroupName *string `locationName:"sourceSecurityGroupName" type:"string"` - // Not supported. Use a set of IP permissions to specify a destination security - // group. + // Not supported. Use IP permissions instead. SourceSecurityGroupOwnerId *string `locationName:"sourceSecurityGroupOwnerId" type:"string"` // The tags applied to the security group rule. TagSpecifications []*TagSpecification `locationName:"TagSpecification" locationNameList:"item" type:"list"` - // Not supported. Use a set of IP permissions to specify the port. + // Not supported. Use IP permissions instead. ToPort *int64 `locationName:"toPort" type:"integer"` } @@ -59148,12 +63615,12 @@ func (s *AuthorizeSecurityGroupEgressOutput) SetSecurityGroupRules(v []*Security type AuthorizeSecurityGroupIngressInput struct { _ struct{} `type:"structure"` - // The IPv4 address range, in CIDR format. You can't specify this parameter - // when specifying a source security group. To specify an IPv6 address range, - // use a set of IP permissions. + // The IPv4 address range, in CIDR format. + // + // To specify an IPv6 address range, use IP permissions instead. // - // Alternatively, use a set of IP permissions to specify multiple rules and - // a description for the rule. + // To specify multiple rules and descriptions for the rules, use IP permissions + // instead. CidrIp *string `type:"string"` // Checks whether you have the required permissions for the action, without @@ -59162,66 +63629,59 @@ type AuthorizeSecurityGroupIngressInput struct { // it is UnauthorizedOperation. DryRun *bool `locationName:"dryRun" type:"boolean"` - // The start of port range for the TCP and UDP protocols, or an ICMP type number. - // For the ICMP type number, use -1 to specify all types. If you specify all - // ICMP types, you must specify all codes. + // If the protocol is TCP or UDP, this is the start of the port range. If the + // protocol is ICMP, this is the ICMP type or -1 (all ICMP types). // - // Alternatively, use a set of IP permissions to specify multiple rules and - // a description for the rule. + // To specify multiple rules and descriptions for the rules, use IP permissions + // instead. FromPort *int64 `type:"integer"` - // The ID of the security group. You must specify either the security group - // ID or the security group name in the request. For security groups in a nondefault - // VPC, you must specify the security group ID. + // The ID of the security group. GroupId *string `type:"string"` - // [EC2-Classic, default VPC] The name of the security group. You must specify - // either the security group ID or the security group name in the request. For - // security groups in a nondefault VPC, you must specify the security group - // ID. + // [Default VPC] The name of the security group. For security groups for a default + // VPC you can specify either the ID or the name of the security group. For + // security groups for a nondefault VPC, you must specify the ID of the security + // group. GroupName *string `type:"string"` - // The sets of IP permissions. + // The permissions for the security group rules. IpPermissions []*IpPermission `locationNameList:"item" type:"list"` // The IP protocol name (tcp, udp, icmp) or number (see Protocol Numbers (http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml)). - // To specify icmpv6, use a set of IP permissions. + // To specify all protocols, use -1. // - // [VPC only] Use -1 to specify all protocols. If you specify -1 or a protocol - // other than tcp, udp, or icmp, traffic on all ports is allowed, regardless - // of any ports you specify. + // To specify icmpv6, use IP permissions instead. // - // Alternatively, use a set of IP permissions to specify multiple rules and - // a description for the rule. + // If you specify a protocol other than one of the supported values, traffic + // is allowed on all ports, regardless of any ports that you specify. + // + // To specify multiple rules and descriptions for the rules, use IP permissions + // instead. IpProtocol *string `type:"string"` - // [EC2-Classic, default VPC] The name of the source security group. You can't - // specify this parameter in combination with the following parameters: the - // CIDR IP address range, the start of the port range, the IP protocol, and - // the end of the port range. Creates rules that grant full ICMP, UDP, and TCP - // access. To create a rule with a specific IP protocol and port range, use - // a set of IP permissions instead. For EC2-VPC, the source security group must - // be in the same VPC. + // [Default VPC] The name of the source security group. + // + // The rule grants full ICMP, UDP, and TCP access. To create a rule with a specific + // protocol and port range, specify a set of IP permissions instead. SourceSecurityGroupName *string `type:"string"` - // [nondefault VPC] The Amazon Web Services account ID for the source security - // group, if the source security group is in a different account. You can't - // specify this parameter in combination with the following parameters: the - // CIDR IP address range, the IP protocol, the start of the port range, and - // the end of the port range. Creates rules that grant full ICMP, UDP, and TCP - // access. To create a rule with a specific IP protocol and port range, use - // a set of IP permissions instead. + // The Amazon Web Services account ID for the source security group, if the + // source security group is in a different account. + // + // The rule grants full ICMP, UDP, and TCP access. To create a rule with a specific + // protocol and port range, use IP permissions instead. SourceSecurityGroupOwnerId *string `type:"string"` - // [VPC Only] The tags applied to the security group rule. + // The tags applied to the security group rule. TagSpecifications []*TagSpecification `locationName:"TagSpecification" locationNameList:"item" type:"list"` - // The end of port range for the TCP and UDP protocols, or an ICMP code number. - // For the ICMP code number, use -1 to specify all codes. If you specify all - // ICMP types, you must specify all codes. + // If the protocol is TCP or UDP, this is the end of the port range. If the + // protocol is ICMP, this is the ICMP code or -1 (all ICMP codes). If the start + // port is -1 (all ICMP types), then the end port must be -1 (all ICMP codes). // - // Alternatively, use a set of IP permissions to specify multiple rules and - // a description for the rule. + // To specify multiple rules and descriptions for the rules, use IP permissions + // instead. ToPort *int64 `type:"integer"` } @@ -59769,12 +64229,8 @@ type BundleInstanceInput struct { // The ID of the instance to bundle. // - // Type: String - // // Default: None // - // Required: Yes - // // InstanceId is a required field InstanceId *string `type:"string" required:"true"` @@ -60006,17 +64462,98 @@ func (s *BundleTaskError) SetMessage(v string) *BundleTaskError { return s } +// The Autonomous System Number (ASN) and BYOIP CIDR association. +type Byoasn struct { + _ struct{} `type:"structure"` + + // A public 2-byte or 4-byte ASN. + Asn *string `locationName:"asn" type:"string"` + + // An IPAM ID. + IpamId *string `locationName:"ipamId" type:"string"` + + // The provisioning state of the BYOASN. + State *string `locationName:"state" type:"string" enum:"AsnState"` + + // The status message. + StatusMessage *string `locationName:"statusMessage" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s Byoasn) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s Byoasn) GoString() string { + return s.String() +} + +// SetAsn sets the Asn field's value. +func (s *Byoasn) SetAsn(v string) *Byoasn { + s.Asn = &v + return s +} + +// SetIpamId sets the IpamId field's value. +func (s *Byoasn) SetIpamId(v string) *Byoasn { + s.IpamId = &v + return s +} + +// SetState sets the State field's value. +func (s *Byoasn) SetState(v string) *Byoasn { + s.State = &v + return s +} + +// SetStatusMessage sets the StatusMessage field's value. +func (s *Byoasn) SetStatusMessage(v string) *Byoasn { + s.StatusMessage = &v + return s +} + // Information about an address range that is provisioned for use with your // Amazon Web Services resources through bring your own IP addresses (BYOIP). type ByoipCidr struct { _ struct{} `type:"structure"` + // The BYOIP CIDR associations with ASNs. + AsnAssociations []*AsnAssociation `locationName:"asnAssociationSet" locationNameList:"item" type:"list"` + // The address range, in CIDR notation. Cidr *string `locationName:"cidr" type:"string"` // The description of the address range. Description *string `locationName:"description" type:"string"` + // If you have Local Zones (https://docs.aws.amazon.com/local-zones/latest/ug/how-local-zones-work.html) + // enabled, you can choose a network border group for Local Zones when you provision + // and advertise a BYOIPv4 CIDR. Choose the network border group carefully as + // the EIP and the Amazon Web Services resource it is associated with must reside + // in the same network border group. + // + // You can provision BYOIP address ranges to and advertise them in the following + // Local Zone network border groups: + // + // * us-east-1-dfw-2 + // + // * us-west-2-lax-1 + // + // * us-west-2-phx-2 + // + // You cannot provision or advertise BYOIPv6 address ranges in Local Zones at + // this time. + NetworkBorderGroup *string `locationName:"networkBorderGroup" type:"string"` + // The state of the address pool. State *string `locationName:"state" type:"string" enum:"ByoipCidrState"` @@ -60043,6 +64580,12 @@ func (s ByoipCidr) GoString() string { return s.String() } +// SetAsnAssociations sets the AsnAssociations field's value. +func (s *ByoipCidr) SetAsnAssociations(v []*AsnAssociation) *ByoipCidr { + s.AsnAssociations = v + return s +} + // SetCidr sets the Cidr field's value. func (s *ByoipCidr) SetCidr(v string) *ByoipCidr { s.Cidr = &v @@ -60055,6 +64598,12 @@ func (s *ByoipCidr) SetDescription(v string) *ByoipCidr { return s } +// SetNetworkBorderGroup sets the NetworkBorderGroup field's value. +func (s *ByoipCidr) SetNetworkBorderGroup(v string) *ByoipCidr { + s.NetworkBorderGroup = &v + return s +} + // SetState sets the State field's value. func (s *ByoipCidr) SetState(v string) *ByoipCidr { s.State = &v @@ -60479,7 +65028,8 @@ func (s CancelConversionTaskOutput) GoString() string { type CancelExportTaskInput struct { _ struct{} `type:"structure"` - // The ID of the export task. This is the ID returned by CreateInstanceExportTask. + // The ID of the export task. This is the ID returned by the CreateInstanceExportTask + // and ExportImage operations. // // ExportTaskId is a required field ExportTaskId *string `locationName:"exportTaskId" type:"string" required:"true"` @@ -60910,8 +65460,11 @@ type CancelSpotFleetRequestsInput struct { // SpotFleetRequestIds is a required field SpotFleetRequestIds []*string `locationName:"spotFleetRequestId" locationNameList:"item" type:"list" required:"true"` - // Indicates whether to terminate instances for a Spot Fleet request if it is - // canceled successfully. + // Indicates whether to terminate the associated instances when the Spot Fleet + // request is canceled. The default is to terminate the instances. + // + // To let the instances continue to run after the Spot Fleet request is canceled, + // specify no-terminate-instances. // // TerminateInstances is a required field TerminateInstances *bool `locationName:"terminateInstances" type:"boolean" required:"true"` @@ -61070,7 +65623,7 @@ type CancelSpotInstanceRequestsInput struct { // it is UnauthorizedOperation. DryRun *bool `locationName:"dryRun" type:"boolean"` - // One or more Spot Instance request IDs. + // The IDs of the Spot Instance requests. // // SpotInstanceRequestIds is a required field SpotInstanceRequestIds []*string `locationName:"SpotInstanceRequestId" locationNameList:"SpotInstanceRequestId" type:"list" required:"true"` @@ -61123,7 +65676,7 @@ func (s *CancelSpotInstanceRequestsInput) SetSpotInstanceRequestIds(v []*string) type CancelSpotInstanceRequestsOutput struct { _ struct{} `type:"structure"` - // One or more Spot Instance requests. + // The Spot Instance requests. CancelledSpotInstanceRequests []*CancelledSpotInstanceRequest `locationName:"spotInstanceRequestSet" locationNameList:"item" type:"list"` } @@ -61236,6 +65789,119 @@ func (s *CapacityAllocation) SetCount(v int64) *CapacityAllocation { return s } +// The recommended Capacity Block that fits your search requirements. +type CapacityBlockOffering struct { + _ struct{} `type:"structure"` + + // The Availability Zone of the Capacity Block offering. + AvailabilityZone *string `locationName:"availabilityZone" type:"string"` + + // The amount of time of the Capacity Block reservation in hours. + CapacityBlockDurationHours *int64 `locationName:"capacityBlockDurationHours" type:"integer"` + + // The ID of the Capacity Block offering. + CapacityBlockOfferingId *string `locationName:"capacityBlockOfferingId" type:"string"` + + // The currency of the payment for the Capacity Block. + CurrencyCode *string `locationName:"currencyCode" type:"string"` + + // The end date of the Capacity Block offering. + EndDate *time.Time `locationName:"endDate" type:"timestamp"` + + // The number of instances in the Capacity Block offering. + InstanceCount *int64 `locationName:"instanceCount" type:"integer"` + + // The instance type of the Capacity Block offering. + InstanceType *string `locationName:"instanceType" type:"string"` + + // The start date of the Capacity Block offering. + StartDate *time.Time `locationName:"startDate" type:"timestamp"` + + // The tenancy of the Capacity Block. + Tenancy *string `locationName:"tenancy" type:"string" enum:"CapacityReservationTenancy"` + + // The total price to be paid up front. + UpfrontFee *string `locationName:"upfrontFee" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CapacityBlockOffering) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CapacityBlockOffering) GoString() string { + return s.String() +} + +// SetAvailabilityZone sets the AvailabilityZone field's value. +func (s *CapacityBlockOffering) SetAvailabilityZone(v string) *CapacityBlockOffering { + s.AvailabilityZone = &v + return s +} + +// SetCapacityBlockDurationHours sets the CapacityBlockDurationHours field's value. +func (s *CapacityBlockOffering) SetCapacityBlockDurationHours(v int64) *CapacityBlockOffering { + s.CapacityBlockDurationHours = &v + return s +} + +// SetCapacityBlockOfferingId sets the CapacityBlockOfferingId field's value. +func (s *CapacityBlockOffering) SetCapacityBlockOfferingId(v string) *CapacityBlockOffering { + s.CapacityBlockOfferingId = &v + return s +} + +// SetCurrencyCode sets the CurrencyCode field's value. +func (s *CapacityBlockOffering) SetCurrencyCode(v string) *CapacityBlockOffering { + s.CurrencyCode = &v + return s +} + +// SetEndDate sets the EndDate field's value. +func (s *CapacityBlockOffering) SetEndDate(v time.Time) *CapacityBlockOffering { + s.EndDate = &v + return s +} + +// SetInstanceCount sets the InstanceCount field's value. +func (s *CapacityBlockOffering) SetInstanceCount(v int64) *CapacityBlockOffering { + s.InstanceCount = &v + return s +} + +// SetInstanceType sets the InstanceType field's value. +func (s *CapacityBlockOffering) SetInstanceType(v string) *CapacityBlockOffering { + s.InstanceType = &v + return s +} + +// SetStartDate sets the StartDate field's value. +func (s *CapacityBlockOffering) SetStartDate(v time.Time) *CapacityBlockOffering { + s.StartDate = &v + return s +} + +// SetTenancy sets the Tenancy field's value. +func (s *CapacityBlockOffering) SetTenancy(v string) *CapacityBlockOffering { + s.Tenancy = &v + return s +} + +// SetUpfrontFee sets the UpfrontFee field's value. +func (s *CapacityBlockOffering) SetUpfrontFee(v string) *CapacityBlockOffering { + s.UpfrontFee = &v + return s +} + // Describes a Capacity Reservation. type CapacityReservation struct { _ struct{} `type:"structure"` @@ -61327,6 +65993,9 @@ type CapacityReservation struct { // in the Amazon EC2 User Guide. PlacementGroupArn *string `locationName:"placementGroupArn" type:"string"` + // The type of Capacity Reservation. + ReservationType *string `locationName:"reservationType" type:"string" enum:"CapacityReservationType"` + // The date and time at which the Capacity Reservation was started. StartDate *time.Time `locationName:"startDate" type:"timestamp"` @@ -61495,6 +66164,12 @@ func (s *CapacityReservation) SetPlacementGroupArn(v string) *CapacityReservatio return s } +// SetReservationType sets the ReservationType field's value. +func (s *CapacityReservation) SetReservationType(v string) *CapacityReservation { + s.ReservationType = &v + return s +} + // SetStartDate sets the StartDate field's value. func (s *CapacityReservation) SetStartDate(v time.Time) *CapacityReservation { s.StartDate = &v @@ -62328,6 +67003,8 @@ func (s *CidrBlock) SetCidrBlock(v string) *CidrBlock { return s } +// Deprecated. +// // Describes the ClassicLink DNS support status of a VPC. type ClassicLinkDnsSupport struct { _ struct{} `type:"structure"` @@ -62369,15 +67046,13 @@ func (s *ClassicLinkDnsSupport) SetVpcId(v string) *ClassicLinkDnsSupport { return s } -// We are retiring EC2-Classic. We recommend that you migrate from EC2-Classic -// to a VPC. For more information, see Migrate from EC2-Classic to a VPC (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-migrate.html) -// in the Amazon Elastic Compute Cloud User Guide. +// Deprecated. // // Describes a linked EC2-Classic instance. type ClassicLinkInstance struct { _ struct{} `type:"structure"` - // A list of security groups. + // The security groups. Groups []*GroupIdentifier `locationName:"groupSet" locationNameList:"item" type:"list"` // The ID of the instance. @@ -64220,6 +68895,242 @@ func (s *ConnectionNotification) SetVpcEndpointId(v string) *ConnectionNotificat return s } +// A security group connection tracking configuration that enables you to set +// the idle timeout for connection tracking on an Elastic network interface. +// For more information, see Connection tracking timeouts (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-connection-tracking.html#connection-tracking-timeouts) +// in the Amazon Elastic Compute Cloud User Guide. +type ConnectionTrackingConfiguration struct { + _ struct{} `type:"structure"` + + // Timeout (in seconds) for idle TCP connections in an established state. Min: + // 60 seconds. Max: 432000 seconds (5 days). Default: 432000 seconds. Recommended: + // Less than 432000 seconds. + TcpEstablishedTimeout *int64 `locationName:"tcpEstablishedTimeout" type:"integer"` + + // Timeout (in seconds) for idle UDP flows classified as streams which have + // seen more than one request-response transaction. Min: 60 seconds. Max: 180 + // seconds (3 minutes). Default: 180 seconds. + UdpStreamTimeout *int64 `locationName:"udpStreamTimeout" type:"integer"` + + // Timeout (in seconds) for idle UDP flows that have seen traffic only in a + // single direction or a single request-response transaction. Min: 30 seconds. + // Max: 60 seconds. Default: 30 seconds. + UdpTimeout *int64 `locationName:"udpTimeout" type:"integer"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ConnectionTrackingConfiguration) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ConnectionTrackingConfiguration) GoString() string { + return s.String() +} + +// SetTcpEstablishedTimeout sets the TcpEstablishedTimeout field's value. +func (s *ConnectionTrackingConfiguration) SetTcpEstablishedTimeout(v int64) *ConnectionTrackingConfiguration { + s.TcpEstablishedTimeout = &v + return s +} + +// SetUdpStreamTimeout sets the UdpStreamTimeout field's value. +func (s *ConnectionTrackingConfiguration) SetUdpStreamTimeout(v int64) *ConnectionTrackingConfiguration { + s.UdpStreamTimeout = &v + return s +} + +// SetUdpTimeout sets the UdpTimeout field's value. +func (s *ConnectionTrackingConfiguration) SetUdpTimeout(v int64) *ConnectionTrackingConfiguration { + s.UdpTimeout = &v + return s +} + +// A security group connection tracking specification that enables you to set +// the idle timeout for connection tracking on an Elastic network interface. +// For more information, see Connection tracking timeouts (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-connection-tracking.html#connection-tracking-timeouts) +// in the Amazon Elastic Compute Cloud User Guide. +type ConnectionTrackingSpecification struct { + _ struct{} `type:"structure"` + + // Timeout (in seconds) for idle TCP connections in an established state. Min: + // 60 seconds. Max: 432000 seconds (5 days). Default: 432000 seconds. Recommended: + // Less than 432000 seconds. + TcpEstablishedTimeout *int64 `locationName:"tcpEstablishedTimeout" type:"integer"` + + // Timeout (in seconds) for idle UDP flows classified as streams which have + // seen more than one request-response transaction. Min: 60 seconds. Max: 180 + // seconds (3 minutes). Default: 180 seconds. + UdpStreamTimeout *int64 `locationName:"udpStreamTimeout" type:"integer"` + + // Timeout (in seconds) for idle UDP flows that have seen traffic only in a + // single direction or a single request-response transaction. Min: 30 seconds. + // Max: 60 seconds. Default: 30 seconds. + UdpTimeout *int64 `locationName:"udpTimeout" type:"integer"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ConnectionTrackingSpecification) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ConnectionTrackingSpecification) GoString() string { + return s.String() +} + +// SetTcpEstablishedTimeout sets the TcpEstablishedTimeout field's value. +func (s *ConnectionTrackingSpecification) SetTcpEstablishedTimeout(v int64) *ConnectionTrackingSpecification { + s.TcpEstablishedTimeout = &v + return s +} + +// SetUdpStreamTimeout sets the UdpStreamTimeout field's value. +func (s *ConnectionTrackingSpecification) SetUdpStreamTimeout(v int64) *ConnectionTrackingSpecification { + s.UdpStreamTimeout = &v + return s +} + +// SetUdpTimeout sets the UdpTimeout field's value. +func (s *ConnectionTrackingSpecification) SetUdpTimeout(v int64) *ConnectionTrackingSpecification { + s.UdpTimeout = &v + return s +} + +// A security group connection tracking specification request that enables you +// to set the idle timeout for connection tracking on an Elastic network interface. +// For more information, see Connection tracking timeouts (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-connection-tracking.html#connection-tracking-timeouts) +// in the Amazon Elastic Compute Cloud User Guide. +type ConnectionTrackingSpecificationRequest struct { + _ struct{} `type:"structure"` + + // Timeout (in seconds) for idle TCP connections in an established state. Min: + // 60 seconds. Max: 432000 seconds (5 days). Default: 432000 seconds. Recommended: + // Less than 432000 seconds. + TcpEstablishedTimeout *int64 `type:"integer"` + + // Timeout (in seconds) for idle UDP flows classified as streams which have + // seen more than one request-response transaction. Min: 60 seconds. Max: 180 + // seconds (3 minutes). Default: 180 seconds. + UdpStreamTimeout *int64 `type:"integer"` + + // Timeout (in seconds) for idle UDP flows that have seen traffic only in a + // single direction or a single request-response transaction. Min: 30 seconds. + // Max: 60 seconds. Default: 30 seconds. + UdpTimeout *int64 `type:"integer"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ConnectionTrackingSpecificationRequest) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ConnectionTrackingSpecificationRequest) GoString() string { + return s.String() +} + +// SetTcpEstablishedTimeout sets the TcpEstablishedTimeout field's value. +func (s *ConnectionTrackingSpecificationRequest) SetTcpEstablishedTimeout(v int64) *ConnectionTrackingSpecificationRequest { + s.TcpEstablishedTimeout = &v + return s +} + +// SetUdpStreamTimeout sets the UdpStreamTimeout field's value. +func (s *ConnectionTrackingSpecificationRequest) SetUdpStreamTimeout(v int64) *ConnectionTrackingSpecificationRequest { + s.UdpStreamTimeout = &v + return s +} + +// SetUdpTimeout sets the UdpTimeout field's value. +func (s *ConnectionTrackingSpecificationRequest) SetUdpTimeout(v int64) *ConnectionTrackingSpecificationRequest { + s.UdpTimeout = &v + return s +} + +// A security group connection tracking specification response that enables +// you to set the idle timeout for connection tracking on an Elastic network +// interface. For more information, see Connection tracking timeouts (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-connection-tracking.html#connection-tracking-timeouts) +// in the Amazon Elastic Compute Cloud User Guide. +type ConnectionTrackingSpecificationResponse struct { + _ struct{} `type:"structure"` + + // Timeout (in seconds) for idle TCP connections in an established state. Min: + // 60 seconds. Max: 432000 seconds (5 days). Default: 432000 seconds. Recommended: + // Less than 432000 seconds. + TcpEstablishedTimeout *int64 `locationName:"tcpEstablishedTimeout" type:"integer"` + + // Timeout (in seconds) for idle UDP flows classified as streams which have + // seen more than one request-response transaction. Min: 60 seconds. Max: 180 + // seconds (3 minutes). Default: 180 seconds. + UdpStreamTimeout *int64 `locationName:"udpStreamTimeout" type:"integer"` + + // Timeout (in seconds) for idle UDP flows that have seen traffic only in a + // single direction or a single request-response transaction. Min: 30 seconds. + // Max: 60 seconds. Default: 30 seconds. + UdpTimeout *int64 `locationName:"udpTimeout" type:"integer"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ConnectionTrackingSpecificationResponse) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ConnectionTrackingSpecificationResponse) GoString() string { + return s.String() +} + +// SetTcpEstablishedTimeout sets the TcpEstablishedTimeout field's value. +func (s *ConnectionTrackingSpecificationResponse) SetTcpEstablishedTimeout(v int64) *ConnectionTrackingSpecificationResponse { + s.TcpEstablishedTimeout = &v + return s +} + +// SetUdpStreamTimeout sets the UdpStreamTimeout field's value. +func (s *ConnectionTrackingSpecificationResponse) SetUdpStreamTimeout(v int64) *ConnectionTrackingSpecificationResponse { + s.UdpStreamTimeout = &v + return s +} + +// SetUdpTimeout sets the UdpTimeout field's value. +func (s *ConnectionTrackingSpecificationResponse) SetUdpTimeout(v int64) *ConnectionTrackingSpecificationResponse { + s.UdpTimeout = &v + return s +} + // Describes a conversion task. type ConversionTask struct { _ struct{} `type:"structure"` @@ -64472,8 +69383,8 @@ type CopyImageInput struct { // or within the same Outpost. // // For more information, see Copy AMIs from an Amazon Web Services Region to - // an Outpost (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/snapshots-outposts.html#copy-amis) - // in the Amazon EC2 User Guide. + // an Outpost (https://docs.aws.amazon.com/ebs/latest/userguide/snapshots-outposts.html#copy-amis) + // in the Amazon EBS User Guide. DestinationOutpostArn *string `type:"string"` // Checks whether you have the required permissions for the action, without @@ -64487,8 +69398,8 @@ type CopyImageInput struct { // create an unencrypted copy of an encrypted snapshot. The default KMS key // for Amazon EBS is used unless you specify a non-default Key Management Service // (KMS) KMS key using KmsKeyId. For more information, see Amazon EBS encryption - // (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html) - // in the Amazon EC2 User Guide. + // (https://docs.aws.amazon.com/ebs/latest/userguide/ebs-encryption.html) in + // the Amazon EBS User Guide. Encrypted *bool `locationName:"encrypted" type:"boolean"` // The identifier of the symmetric Key Management Service (KMS) KMS key to use @@ -64529,6 +69440,19 @@ type CopyImageInput struct { // // SourceRegion is a required field SourceRegion *string `type:"string" required:"true"` + + // The tags to apply to the new AMI and new snapshots. You can tag the AMI, + // the snapshots, or both. + // + // * To tag the new AMI, the value for ResourceType must be image. + // + // * To tag the new snapshots, the value for ResourceType must be snapshot. + // The same tag is applied to all the new snapshots. + // + // If you specify other values for ResourceType, the request fails. + // + // To tag an AMI or snapshot after it has been created, see CreateTags (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateTags.html). + TagSpecifications []*TagSpecification `locationName:"TagSpecification" locationNameList:"item" type:"list"` } // String returns the string representation. @@ -64628,6 +69552,12 @@ func (s *CopyImageInput) SetSourceRegion(v string) *CopyImageInput { return s } +// SetTagSpecifications sets the TagSpecifications field's value. +func (s *CopyImageInput) SetTagSpecifications(v []*TagSpecification) *CopyImageInput { + s.TagSpecifications = v + return s +} + // Contains the output of CopyImage. type CopyImageOutput struct { _ struct{} `type:"structure"` @@ -64673,8 +69603,8 @@ type CopySnapshotInput struct { // Outpost to another, or within the same Outpost. // // For more information, see Copy snapshots from an Amazon Web Services Region - // to an Outpost (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/snapshots-outposts.html#copy-snapshots) - // in the Amazon Elastic Compute Cloud User Guide. + // to an Outpost (https://docs.aws.amazon.com/ebs/latest/userguide/snapshots-outposts.html#copy-snapshots) + // in the Amazon EBS User Guide. DestinationOutpostArn *string `type:"string"` // The destination Region to use in the PresignedUrl parameter of a snapshot @@ -64697,8 +69627,8 @@ type CopySnapshotInput struct { // not enabled, enable encryption using this parameter. Otherwise, omit this // parameter. Encrypted snapshots are encrypted, even if you omit this parameter // and encryption by default is not enabled. You cannot set this parameter to - // false. For more information, see Amazon EBS encryption (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html) - // in the Amazon Elastic Compute Cloud User Guide. + // false. For more information, see Amazon EBS encryption (https://docs.aws.amazon.com/ebs/latest/userguide/ebs-encryption.html) + // in the Amazon EBS User Guide. Encrypted *bool `locationName:"encrypted" type:"boolean"` // The identifier of the Key Management Service (KMS) KMS key to use for Amazon @@ -64734,7 +69664,11 @@ type CopySnapshotInput struct { // in the Amazon Simple Storage Service API Reference. An invalid or improperly // signed PresignedUrl will cause the copy operation to fail asynchronously, // and the snapshot will move to an error state. - PresignedUrl *string `locationName:"presignedUrl" type:"string"` + // + // PresignedUrl is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by CopySnapshotInput's + // String and GoString methods. + PresignedUrl *string `locationName:"presignedUrl" type:"string" sensitive:"true"` // The ID of the Region that contains the snapshot to be copied. // @@ -64888,6 +69822,10 @@ func (s *CopySnapshotOutput) SetTags(v []*Tag) *CopySnapshotOutput { type CpuOptions struct { _ struct{} `type:"structure"` + // Indicates whether the instance is enabled for AMD SEV-SNP. For more information, + // see AMD SEV-SNP (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/sev-snp.html). + AmdSevSnp *string `locationName:"amdSevSnp" type:"string" enum:"AmdSevSnpSpecification"` + // The number of CPU cores for the instance. CoreCount *int64 `locationName:"coreCount" type:"integer"` @@ -64913,6 +69851,12 @@ func (s CpuOptions) GoString() string { return s.String() } +// SetAmdSevSnp sets the AmdSevSnp field's value. +func (s *CpuOptions) SetAmdSevSnp(v string) *CpuOptions { + s.AmdSevSnp = &v + return s +} + // SetCoreCount sets the CoreCount field's value. func (s *CpuOptions) SetCoreCount(v int64) *CpuOptions { s.CoreCount = &v @@ -64930,6 +69874,11 @@ func (s *CpuOptions) SetThreadsPerCore(v int64) *CpuOptions { type CpuOptionsRequest struct { _ struct{} `type:"structure"` + // Indicates whether to enable the instance for AMD SEV-SNP. AMD SEV-SNP is + // supported with M6a, R6a, and C6a instance types only. For more information, + // see AMD SEV-SNP (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/sev-snp.html). + AmdSevSnp *string `type:"string" enum:"AmdSevSnpSpecification"` + // The number of CPU cores for the instance. CoreCount *int64 `type:"integer"` @@ -64956,6 +69905,12 @@ func (s CpuOptionsRequest) GoString() string { return s.String() } +// SetAmdSevSnp sets the AmdSevSnp field's value. +func (s *CpuOptionsRequest) SetAmdSevSnp(v string) *CpuOptionsRequest { + s.AmdSevSnp = &v + return s +} + // SetCoreCount sets the CoreCount field's value. func (s *CpuOptionsRequest) SetCoreCount(v int64) *CpuOptionsRequest { s.CoreCount = &v @@ -65659,7 +70614,8 @@ type CreateClientVpnEndpointInput struct { // addresses. The address range cannot overlap with the local CIDR of the VPC // in which the associated subnet is located, or the routes that you add manually. // The address range cannot be changed after the Client VPN endpoint has been - // created. The CIDR block should be /22 or greater. + // created. Client CIDR range must have a size of at least /22 and must not + // be greater than /12. // // ClientCidrBlock is a required field ClientCidrBlock *string `type:"string" required:"true"` @@ -66310,9 +71266,7 @@ type CreateCustomerGatewayInput struct { // For devices that support BGP, the customer gateway's BGP ASN. // // Default: 65000 - // - // BgpAsn is a required field - BgpAsn *int64 `type:"integer" required:"true"` + BgpAsn *int64 `type:"integer"` // The Amazon Resource Name (ARN) for the customer gateway certificate. CertificateArn *string `type:"string"` @@ -66366,9 +71320,6 @@ func (s CreateCustomerGatewayInput) GoString() string { // Validate inspects the fields of the type to determine if they are valid. func (s *CreateCustomerGatewayInput) Validate() error { invalidParams := request.ErrInvalidParams{Context: "CreateCustomerGatewayInput"} - if s.BgpAsn == nil { - invalidParams.Add(request.NewErrParamRequired("BgpAsn")) - } if s.Type == nil { invalidParams.Add(request.NewErrParamRequired("Type")) } @@ -66726,7 +71677,7 @@ type CreateEgressOnlyInternetGatewayInput struct { _ struct{} `type:"structure"` // Unique, case-sensitive identifier that you provide to ensure the idempotency - // of the request. For more information, see How to ensure idempotency (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Run_Instance_Idempotency.html). + // of the request. For more information, see Ensuring idempotency (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Run_Instance_Idempotency.html). ClientToken *string `type:"string"` // Checks whether you have the required permissions for the action, without @@ -66923,6 +71874,8 @@ type CreateFleetInput struct { // Indicates whether running instances should be terminated if the total target // capacity of the EC2 Fleet is decreased below the current size of the EC2 // Fleet. + // + // Supported only for fleets of type maintain. ExcessCapacityTerminationPolicy *string `type:"string" enum:"FleetExcessCapacityTerminationPolicy"` // The configuration for the EC2 Fleet. @@ -66943,7 +71896,7 @@ type CreateFleetInput struct { SpotOptions *SpotOptionsRequest `type:"structure"` // The key-value pair for tagging the EC2 Fleet request on creation. For more - // information, see Tagging your resources (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html#tag-resources). + // information, see Tag your resources (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html#tag-resources). // // If the fleet type is instant, specify a resource type of fleet to tag the // fleet or instance to tag the instances at launch. @@ -67257,11 +72210,12 @@ type CreateFlowLogsInput struct { // accounts. DeliverCrossAccountRole *string `type:"string"` - // The ARN of the IAM role that allows Amazon EC2 to publish flow logs to a - // CloudWatch Logs log group in your account. + // The ARN of the IAM role that allows Amazon EC2 to publish flow logs to the + // log destination. // - // This parameter is required if the destination type is cloud-watch-logs and - // unsupported otherwise. + // This parameter is required if the destination type is cloud-watch-logs, or + // if the destination type is kinesis-data-firehose and the delivery stream + // and the resources to monitor are in different accounts. DeliverLogsPermissionArn *string `type:"string"` // The destination options. @@ -67301,9 +72255,7 @@ type CreateFlowLogsInput struct { // in the Amazon VPC User Guide or Transit Gateway Flow Log records (https://docs.aws.amazon.com/vpc/latest/tgw/tgw-flow-logs.html#flow-log-records) // in the Amazon Web Services Transit Gateway Guide. // - // Specify the fields using the ${field-id} format, separated by spaces. For - // the CLI, surround this parameter value with single quotes on Linux or double - // quotes on Windows. + // Specify the fields using the ${field-id} format, separated by spaces. LogFormat *string `type:"string"` // The name of a new or existing CloudWatch Logs log group where Amazon EC2 @@ -67663,9 +72615,22 @@ func (s *CreateFpgaImageOutput) SetFpgaImageId(v string) *CreateFpgaImageOutput type CreateImageInput struct { _ struct{} `type:"structure"` - // The block device mappings. This parameter cannot be used to modify the encryption - // status of existing volumes or snapshots. To create an AMI with encrypted - // snapshots, use the CopyImage action. + // The block device mappings. + // + // When using the CreateImage action: + // + // * You can't change the volume size using the VolumeSize parameter. If + // you want a different volume size, you must first change the volume size + // of the source instance. + // + // * You can't modify the encryption status of existing volumes or snapshots. + // To create an AMI with volumes or snapshots that have a different encryption + // status (for example, where the source volume and snapshots are unencrypted, + // and you want to create an AMI with encrypted volumes or snapshots), use + // the CopyImage action. + // + // * The only option that can be changed for existing mappings or snapshots + // is DeleteOnTermination. BlockDeviceMappings []*BlockDeviceMapping `locationName:"blockDeviceMapping" locationNameList:"BlockDeviceMapping" type:"list"` // A description for the new image. @@ -67691,17 +72656,20 @@ type CreateImageInput struct { // Name is a required field Name *string `locationName:"name" type:"string" required:"true"` - // By default, when Amazon EC2 creates the new AMI, it reboots the instance - // so that it can take snapshots of the attached volumes while data is at rest, - // in order to ensure a consistent state. You can set the NoReboot parameter - // to true in the API request, or use the --no-reboot option in the CLI to prevent - // Amazon EC2 from shutting down and rebooting the instance. + // Indicates whether or not the instance should be automatically rebooted before + // creating the image. Specify one of the following values: + // + // * true - The instance is not rebooted before creating the image. This + // creates crash-consistent snapshots that include only the data that has + // been written to the volumes at the time the snapshots are created. Buffered + // data and data in memory that has not yet been written to the volumes is + // not included in the snapshots. // - // If you choose to bypass the shutdown and reboot process by setting the NoReboot - // parameter to true in the API request, or by using the --no-reboot option - // in the CLI, we can't guarantee the file system integrity of the created image. + // * false - The instance is rebooted before creating the image. This ensures + // that all buffered data and data in memory is written to the volumes before + // the snapshots are created. // - // Default: false (follow standard reboot process) + // Default: false NoReboot *bool `locationName:"noReboot" type:"boolean"` // The tags to apply to the AMI and snapshots on creation. You can tag the AMI, @@ -67827,6 +72795,152 @@ func (s *CreateImageOutput) SetImageId(v string) *CreateImageOutput { return s } +type CreateInstanceConnectEndpointInput struct { + _ struct{} `type:"structure"` + + // Unique, case-sensitive identifier that you provide to ensure the idempotency + // of the request. + ClientToken *string `type:"string" idempotencyToken:"true"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // Indicates whether your client's IP address is preserved as the source. The + // value is true or false. + // + // * If true, your client's IP address is used when you connect to a resource. + // + // * If false, the elastic network interface IP address is used when you + // connect to a resource. + // + // Default: true + PreserveClientIp *bool `type:"boolean"` + + // One or more security groups to associate with the endpoint. If you don't + // specify a security group, the default security group for your VPC will be + // associated with the endpoint. + SecurityGroupIds []*string `locationName:"SecurityGroupId" locationNameList:"SecurityGroupId" type:"list"` + + // The ID of the subnet in which to create the EC2 Instance Connect Endpoint. + // + // SubnetId is a required field + SubnetId *string `type:"string" required:"true"` + + // The tags to apply to the EC2 Instance Connect Endpoint during creation. + TagSpecifications []*TagSpecification `locationName:"TagSpecification" locationNameList:"item" type:"list"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CreateInstanceConnectEndpointInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CreateInstanceConnectEndpointInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *CreateInstanceConnectEndpointInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "CreateInstanceConnectEndpointInput"} + if s.SubnetId == nil { + invalidParams.Add(request.NewErrParamRequired("SubnetId")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetClientToken sets the ClientToken field's value. +func (s *CreateInstanceConnectEndpointInput) SetClientToken(v string) *CreateInstanceConnectEndpointInput { + s.ClientToken = &v + return s +} + +// SetDryRun sets the DryRun field's value. +func (s *CreateInstanceConnectEndpointInput) SetDryRun(v bool) *CreateInstanceConnectEndpointInput { + s.DryRun = &v + return s +} + +// SetPreserveClientIp sets the PreserveClientIp field's value. +func (s *CreateInstanceConnectEndpointInput) SetPreserveClientIp(v bool) *CreateInstanceConnectEndpointInput { + s.PreserveClientIp = &v + return s +} + +// SetSecurityGroupIds sets the SecurityGroupIds field's value. +func (s *CreateInstanceConnectEndpointInput) SetSecurityGroupIds(v []*string) *CreateInstanceConnectEndpointInput { + s.SecurityGroupIds = v + return s +} + +// SetSubnetId sets the SubnetId field's value. +func (s *CreateInstanceConnectEndpointInput) SetSubnetId(v string) *CreateInstanceConnectEndpointInput { + s.SubnetId = &v + return s +} + +// SetTagSpecifications sets the TagSpecifications field's value. +func (s *CreateInstanceConnectEndpointInput) SetTagSpecifications(v []*TagSpecification) *CreateInstanceConnectEndpointInput { + s.TagSpecifications = v + return s +} + +type CreateInstanceConnectEndpointOutput struct { + _ struct{} `type:"structure"` + + // Unique, case-sensitive idempotency token provided by the client in the the + // request. + ClientToken *string `locationName:"clientToken" type:"string"` + + // Information about the EC2 Instance Connect Endpoint. + InstanceConnectEndpoint *Ec2InstanceConnectEndpoint `locationName:"instanceConnectEndpoint" type:"structure"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CreateInstanceConnectEndpointOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CreateInstanceConnectEndpointOutput) GoString() string { + return s.String() +} + +// SetClientToken sets the ClientToken field's value. +func (s *CreateInstanceConnectEndpointOutput) SetClientToken(v string) *CreateInstanceConnectEndpointOutput { + s.ClientToken = &v + return s +} + +// SetInstanceConnectEndpoint sets the InstanceConnectEndpoint field's value. +func (s *CreateInstanceConnectEndpointOutput) SetInstanceConnectEndpoint(v *Ec2InstanceConnectEndpoint) *CreateInstanceConnectEndpointOutput { + s.InstanceConnectEndpoint = v + return s +} + type CreateInstanceEventWindowInput struct { _ struct{} `type:"structure"` @@ -68178,6 +73292,11 @@ type CreateIpamInput struct { // to find all resources that have a tag with the key Owner and the value TeamA, // specify tag:Owner for the filter name and TeamA for the filter value. TagSpecifications []*TagSpecification `locationName:"TagSpecification" locationNameList:"item" type:"list"` + + // IPAM is offered in a Free Tier and an Advanced Tier. For more information + // about the features available in each tier and the costs associated with the + // tiers, see Amazon VPC pricing > IPAM tab (http://aws.amazon.com/vpc/pricing/). + Tier *string `type:"string" enum:"IpamTier"` } // String returns the string representation. @@ -68228,6 +73347,12 @@ func (s *CreateIpamInput) SetTagSpecifications(v []*TagSpecification) *CreateIpa return s } +// SetTier sets the Tier field's value. +func (s *CreateIpamInput) SetTier(v string) *CreateIpamInput { + s.Tier = &v + return s +} + type CreateIpamOutput struct { _ struct{} `type:"structure"` @@ -68339,6 +73464,15 @@ type CreateIpamPoolInput struct { // Possible values: Any Amazon Web Services Region, such as us-east-1. Locale *string `type:"string"` + // The IP address source for pools in the public scope. Only used for provisioning + // IP address CIDRs to pools in the public scope. Default is byoip. For more + // information, see Create IPv6 pools (https://docs.aws.amazon.com/vpc/latest/ipam/intro-create-ipv6-pools.html) + // in the Amazon VPC IPAM User Guide. By default, you can add only one Amazon-provided + // IPv6 CIDR block to a top-level IPv6 pool if PublicIpSource is amazon. For + // information on increasing the default limit, see Quotas for your IPAM (https://docs.aws.amazon.com/vpc/latest/ipam/quotas-ipam.html) + // in the Amazon VPC IPAM User Guide. + PublicIpSource *string `type:"string" enum:"IpamPoolPublicIpSource"` + // Determines if the pool is publicly advertisable. This option is not available // for pools with AddressFamily set to ipv4. PubliclyAdvertisable *bool `type:"boolean"` @@ -68348,6 +73482,9 @@ type CreateIpamPoolInput struct { // pool must be available in the source pool's CIDR range. SourceIpamPoolId *string `type:"string"` + // The resource used to provision CIDRs to a resource planning pool. + SourceResource *IpamPoolSourceResourceRequest `type:"structure"` + // The key/value combination of a tag assigned to the resource. Use the tag // key in the filter name and the tag value as the filter value. For example, // to find all resources that have a tag with the key Owner and the value TeamA, @@ -68461,6 +73598,12 @@ func (s *CreateIpamPoolInput) SetLocale(v string) *CreateIpamPoolInput { return s } +// SetPublicIpSource sets the PublicIpSource field's value. +func (s *CreateIpamPoolInput) SetPublicIpSource(v string) *CreateIpamPoolInput { + s.PublicIpSource = &v + return s +} + // SetPubliclyAdvertisable sets the PubliclyAdvertisable field's value. func (s *CreateIpamPoolInput) SetPubliclyAdvertisable(v bool) *CreateIpamPoolInput { s.PubliclyAdvertisable = &v @@ -68473,6 +73616,12 @@ func (s *CreateIpamPoolInput) SetSourceIpamPoolId(v string) *CreateIpamPoolInput return s } +// SetSourceResource sets the SourceResource field's value. +func (s *CreateIpamPoolInput) SetSourceResource(v *IpamPoolSourceResourceRequest) *CreateIpamPoolInput { + s.SourceResource = v + return s +} + // SetTagSpecifications sets the TagSpecifications field's value. func (s *CreateIpamPoolInput) SetTagSpecifications(v []*TagSpecification) *CreateIpamPoolInput { s.TagSpecifications = v @@ -68510,6 +73659,110 @@ func (s *CreateIpamPoolOutput) SetIpamPool(v *IpamPool) *CreateIpamPoolOutput { return s } +type CreateIpamResourceDiscoveryInput struct { + _ struct{} `type:"structure"` + + // A client token for the IPAM resource discovery. + ClientToken *string `type:"string" idempotencyToken:"true"` + + // A description for the IPAM resource discovery. + Description *string `type:"string"` + + // A check for whether you have the required permissions for the action without + // actually making the request and provides an error response. If you have the + // required permissions, the error response is DryRunOperation. Otherwise, it + // is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // Operating Regions for the IPAM resource discovery. Operating Regions are + // Amazon Web Services Regions where the IPAM is allowed to manage IP address + // CIDRs. IPAM only discovers and monitors resources in the Amazon Web Services + // Regions you select as operating Regions. + OperatingRegions []*AddIpamOperatingRegion `locationName:"OperatingRegion" type:"list"` + + // Tag specifications for the IPAM resource discovery. + TagSpecifications []*TagSpecification `locationName:"TagSpecification" locationNameList:"item" type:"list"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CreateIpamResourceDiscoveryInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CreateIpamResourceDiscoveryInput) GoString() string { + return s.String() +} + +// SetClientToken sets the ClientToken field's value. +func (s *CreateIpamResourceDiscoveryInput) SetClientToken(v string) *CreateIpamResourceDiscoveryInput { + s.ClientToken = &v + return s +} + +// SetDescription sets the Description field's value. +func (s *CreateIpamResourceDiscoveryInput) SetDescription(v string) *CreateIpamResourceDiscoveryInput { + s.Description = &v + return s +} + +// SetDryRun sets the DryRun field's value. +func (s *CreateIpamResourceDiscoveryInput) SetDryRun(v bool) *CreateIpamResourceDiscoveryInput { + s.DryRun = &v + return s +} + +// SetOperatingRegions sets the OperatingRegions field's value. +func (s *CreateIpamResourceDiscoveryInput) SetOperatingRegions(v []*AddIpamOperatingRegion) *CreateIpamResourceDiscoveryInput { + s.OperatingRegions = v + return s +} + +// SetTagSpecifications sets the TagSpecifications field's value. +func (s *CreateIpamResourceDiscoveryInput) SetTagSpecifications(v []*TagSpecification) *CreateIpamResourceDiscoveryInput { + s.TagSpecifications = v + return s +} + +type CreateIpamResourceDiscoveryOutput struct { + _ struct{} `type:"structure"` + + // An IPAM resource discovery. + IpamResourceDiscovery *IpamResourceDiscovery `locationName:"ipamResourceDiscovery" type:"structure"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CreateIpamResourceDiscoveryOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CreateIpamResourceDiscoveryOutput) GoString() string { + return s.String() +} + +// SetIpamResourceDiscovery sets the IpamResourceDiscovery field's value. +func (s *CreateIpamResourceDiscoveryOutput) SetIpamResourceDiscovery(v *IpamResourceDiscovery) *CreateIpamResourceDiscoveryOutput { + s.IpamResourceDiscovery = v + return s +} + type CreateIpamScopeInput struct { _ struct{} `type:"structure"` @@ -68815,12 +74068,8 @@ type CreateLaunchTemplateInput struct { // The information for the launch template. // - // LaunchTemplateData is a sensitive parameter and its value will be - // replaced with "sensitive" in string returned by CreateLaunchTemplateInput's - // String and GoString methods. - // // LaunchTemplateData is a required field - LaunchTemplateData *RequestLaunchTemplateData `type:"structure" required:"true" sensitive:"true"` + LaunchTemplateData *RequestLaunchTemplateData `type:"structure" required:"true"` // A name for the launch template. // @@ -68977,12 +74226,8 @@ type CreateLaunchTemplateVersionInput struct { // The information for the launch template. // - // LaunchTemplateData is a sensitive parameter and its value will be - // replaced with "sensitive" in string returned by CreateLaunchTemplateVersionInput's - // String and GoString methods. - // // LaunchTemplateData is a required field - LaunchTemplateData *RequestLaunchTemplateData `type:"structure" required:"true" sensitive:"true"` + LaunchTemplateData *RequestLaunchTemplateData `type:"structure" required:"true"` // The ID of the launch template. // @@ -68996,6 +74241,14 @@ type CreateLaunchTemplateVersionInput struct { // both. LaunchTemplateName *string `min:"3" type:"string"` + // If true, and if a Systems Manager parameter is specified for ImageId, the + // AMI ID is displayed in the response for imageID. For more information, see + // Use a Systems Manager parameter instead of an AMI ID (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-launch-templates.html#use-an-ssm-parameter-instead-of-an-ami-id) + // in the Amazon Elastic Compute Cloud User Guide. + // + // Default: false + ResolveAlias *bool `type:"boolean"` + // The version number of the launch template version on which to base the new // version. The new version inherits the same launch parameters as the source // version, except for parameters that you specify in LaunchTemplateData. Snapshots @@ -69076,6 +74329,12 @@ func (s *CreateLaunchTemplateVersionInput) SetLaunchTemplateName(v string) *Crea return s } +// SetResolveAlias sets the ResolveAlias field's value. +func (s *CreateLaunchTemplateVersionInput) SetResolveAlias(v bool) *CreateLaunchTemplateVersionInput { + s.ResolveAlias = &v + return s +} + // SetSourceVersion sets the SourceVersion field's value. func (s *CreateLaunchTemplateVersionInput) SetSourceVersion(v string) *CreateLaunchTemplateVersionInput { s.SourceVersion = &v @@ -69135,9 +74394,12 @@ type CreateLocalGatewayRouteInput struct { // The CIDR range used for destination matches. Routing decisions are based // on the most specific match. - // - // DestinationCidrBlock is a required field - DestinationCidrBlock *string `type:"string" required:"true"` + DestinationCidrBlock *string `type:"string"` + + // The ID of the prefix list. Use a prefix list in place of DestinationCidrBlock. + // You cannot use DestinationPrefixListId and DestinationCidrBlock in the same + // request. + DestinationPrefixListId *string `type:"string"` // Checks whether you have the required permissions for the action, without // actually making the request, and provides an error response. If you have @@ -69178,9 +74440,6 @@ func (s CreateLocalGatewayRouteInput) GoString() string { // Validate inspects the fields of the type to determine if they are valid. func (s *CreateLocalGatewayRouteInput) Validate() error { invalidParams := request.ErrInvalidParams{Context: "CreateLocalGatewayRouteInput"} - if s.DestinationCidrBlock == nil { - invalidParams.Add(request.NewErrParamRequired("DestinationCidrBlock")) - } if s.LocalGatewayRouteTableId == nil { invalidParams.Add(request.NewErrParamRequired("LocalGatewayRouteTableId")) } @@ -69197,6 +74456,12 @@ func (s *CreateLocalGatewayRouteInput) SetDestinationCidrBlock(v string) *Create return s } +// SetDestinationPrefixListId sets the DestinationPrefixListId field's value. +func (s *CreateLocalGatewayRouteInput) SetDestinationPrefixListId(v string) *CreateLocalGatewayRouteInput { + s.DestinationPrefixListId = &v + return s +} + // SetDryRun sets the DryRun field's value. func (s *CreateLocalGatewayRouteInput) SetDryRun(v bool) *CreateLocalGatewayRouteInput { s.DryRun = &v @@ -69755,7 +75020,7 @@ type CreateNatGatewayInput struct { AllocationId *string `type:"string"` // Unique, case-sensitive identifier that you provide to ensure the idempotency - // of the request. For more information, see How to ensure idempotency (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html). + // of the request. For more information, see Ensuring idempotency (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html). // // Constraint: Maximum 64 ASCII characters. ClientToken *string `type:"string" idempotencyToken:"true"` @@ -69774,7 +75039,23 @@ type CreateNatGatewayInput struct { // an address, a private IPv4 address will be automatically assigned. PrivateIpAddress *string `type:"string"` - // The subnet in which to create the NAT gateway. + // Secondary EIP allocation IDs. For more information, see Create a NAT gateway + // (https://docs.aws.amazon.com/vpc/latest/userguide/vpc-nat-gateway.html#nat-gateway-creating) + // in the Amazon VPC User Guide. + SecondaryAllocationIds []*string `locationName:"SecondaryAllocationId" locationNameList:"AllocationId" type:"list"` + + // [Private NAT gateway only] The number of secondary private IPv4 addresses + // you want to assign to the NAT gateway. For more information about secondary + // addresses, see Create a NAT gateway (https://docs.aws.amazon.com/vpc/latest/userguide/vpc-nat-gateway.html#nat-gateway-creating) + // in the Amazon VPC User Guide. + SecondaryPrivateIpAddressCount *int64 `min:"1" type:"integer"` + + // Secondary private IPv4 addresses. For more information about secondary addresses, + // see Create a NAT gateway (https://docs.aws.amazon.com/vpc/latest/userguide/vpc-nat-gateway.html#nat-gateway-creating) + // in the Amazon VPC User Guide. + SecondaryPrivateIpAddresses []*string `locationName:"SecondaryPrivateIpAddress" locationNameList:"item" type:"list"` + + // The ID of the subnet in which to create the NAT gateway. // // SubnetId is a required field SubnetId *string `type:"string" required:"true"` @@ -69804,6 +75085,9 @@ func (s CreateNatGatewayInput) GoString() string { // Validate inspects the fields of the type to determine if they are valid. func (s *CreateNatGatewayInput) Validate() error { invalidParams := request.ErrInvalidParams{Context: "CreateNatGatewayInput"} + if s.SecondaryPrivateIpAddressCount != nil && *s.SecondaryPrivateIpAddressCount < 1 { + invalidParams.Add(request.NewErrParamMinValue("SecondaryPrivateIpAddressCount", 1)) + } if s.SubnetId == nil { invalidParams.Add(request.NewErrParamRequired("SubnetId")) } @@ -69844,6 +75128,24 @@ func (s *CreateNatGatewayInput) SetPrivateIpAddress(v string) *CreateNatGatewayI return s } +// SetSecondaryAllocationIds sets the SecondaryAllocationIds field's value. +func (s *CreateNatGatewayInput) SetSecondaryAllocationIds(v []*string) *CreateNatGatewayInput { + s.SecondaryAllocationIds = v + return s +} + +// SetSecondaryPrivateIpAddressCount sets the SecondaryPrivateIpAddressCount field's value. +func (s *CreateNatGatewayInput) SetSecondaryPrivateIpAddressCount(v int64) *CreateNatGatewayInput { + s.SecondaryPrivateIpAddressCount = &v + return s +} + +// SetSecondaryPrivateIpAddresses sets the SecondaryPrivateIpAddresses field's value. +func (s *CreateNatGatewayInput) SetSecondaryPrivateIpAddresses(v []*string) *CreateNatGatewayInput { + s.SecondaryPrivateIpAddresses = v + return s +} + // SetSubnetId sets the SubnetId field's value. func (s *CreateNatGatewayInput) SetSubnetId(v string) *CreateNatGatewayInput { s.SubnetId = &v @@ -70087,6 +75389,10 @@ func (s CreateNetworkAclEntryOutput) GoString() string { type CreateNetworkAclInput struct { _ struct{} `type:"structure"` + // Unique, case-sensitive identifier that you provide to ensure the idempotency + // of the request. For more information, see Ensuring idempotency (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Run_Instance_Idempotency.html). + ClientToken *string `type:"string" idempotencyToken:"true"` + // Checks whether you have the required permissions for the action, without // actually making the request, and provides an error response. If you have // the required permissions, the error response is DryRunOperation. Otherwise, @@ -70133,6 +75439,12 @@ func (s *CreateNetworkAclInput) Validate() error { return nil } +// SetClientToken sets the ClientToken field's value. +func (s *CreateNetworkAclInput) SetClientToken(v string) *CreateNetworkAclInput { + s.ClientToken = &v + return s +} + // SetDryRun sets the DryRun field's value. func (s *CreateNetworkAclInput) SetDryRun(v bool) *CreateNetworkAclInput { s.DryRun = &v @@ -70154,6 +75466,10 @@ func (s *CreateNetworkAclInput) SetVpcId(v string) *CreateNetworkAclInput { type CreateNetworkAclOutput struct { _ struct{} `type:"structure"` + // Unique, case-sensitive identifier to ensure the idempotency of the request. + // Only returned if a client token was provided in the request. + ClientToken *string `locationName:"clientToken" type:"string"` + // Information about the network ACL. NetworkAcl *NetworkAcl `locationName:"networkAcl" type:"structure"` } @@ -70176,6 +75492,12 @@ func (s CreateNetworkAclOutput) GoString() string { return s.String() } +// SetClientToken sets the ClientToken field's value. +func (s *CreateNetworkAclOutput) SetClientToken(v string) *CreateNetworkAclOutput { + s.ClientToken = &v + return s +} + // SetNetworkAcl sets the NetworkAcl field's value. func (s *CreateNetworkAclOutput) SetNetworkAcl(v *NetworkAcl) *CreateNetworkAclOutput { s.NetworkAcl = v @@ -70300,13 +75622,11 @@ type CreateNetworkInsightsPathInput struct { // of the request. For more information, see How to ensure idempotency (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html). ClientToken *string `type:"string" idempotencyToken:"true"` - // The Amazon Web Services resource that is the destination of the path. - // - // Destination is a required field - Destination *string `type:"string" required:"true"` + // The ID or ARN of the destination. If the resource is in another account, + // you must specify an ARN. + Destination *string `type:"string"` - // The IP address of the Amazon Web Services resource that is the destination - // of the path. + // The IP address of the destination. DestinationIp *string `type:"string"` // The destination port. @@ -70318,18 +75638,28 @@ type CreateNetworkInsightsPathInput struct { // it is UnauthorizedOperation. DryRun *bool `type:"boolean"` + // Scopes the analysis to network paths that match specific filters at the destination. + // If you specify this parameter, you can't specify the parameter for the destination + // IP address. + FilterAtDestination *PathRequestFilter `type:"structure"` + + // Scopes the analysis to network paths that match specific filters at the source. + // If you specify this parameter, you can't specify the parameters for the source + // IP address or the destination port. + FilterAtSource *PathRequestFilter `type:"structure"` + // The protocol. // // Protocol is a required field Protocol *string `type:"string" required:"true" enum:"Protocol"` - // The Amazon Web Services resource that is the source of the path. + // The ID or ARN of the source. If the resource is in another account, you must + // specify an ARN. // // Source is a required field Source *string `type:"string" required:"true"` - // The IP address of the Amazon Web Services resource that is the source of - // the path. + // The IP address of the source. SourceIp *string `type:"string"` // The tags to add to the path. @@ -70357,9 +75687,6 @@ func (s CreateNetworkInsightsPathInput) GoString() string { // Validate inspects the fields of the type to determine if they are valid. func (s *CreateNetworkInsightsPathInput) Validate() error { invalidParams := request.ErrInvalidParams{Context: "CreateNetworkInsightsPathInput"} - if s.Destination == nil { - invalidParams.Add(request.NewErrParamRequired("Destination")) - } if s.Protocol == nil { invalidParams.Add(request.NewErrParamRequired("Protocol")) } @@ -70403,6 +75730,18 @@ func (s *CreateNetworkInsightsPathInput) SetDryRun(v bool) *CreateNetworkInsight return s } +// SetFilterAtDestination sets the FilterAtDestination field's value. +func (s *CreateNetworkInsightsPathInput) SetFilterAtDestination(v *PathRequestFilter) *CreateNetworkInsightsPathInput { + s.FilterAtDestination = v + return s +} + +// SetFilterAtSource sets the FilterAtSource field's value. +func (s *CreateNetworkInsightsPathInput) SetFilterAtSource(v *PathRequestFilter) *CreateNetworkInsightsPathInput { + s.FilterAtSource = v + return s +} + // SetProtocol sets the Protocol field's value. func (s *CreateNetworkInsightsPathInput) SetProtocol(v string) *CreateNetworkInsightsPathInput { s.Protocol = &v @@ -70465,6 +75804,9 @@ type CreateNetworkInterfaceInput struct { // of the request. For more information, see Ensuring Idempotency (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html). ClientToken *string `type:"string" idempotencyToken:"true"` + // A connection tracking specification for the network interface. + ConnectionTrackingSpecification *ConnectionTrackingSpecificationRequest `type:"structure"` + // A description for the network interface. Description *string `locationName:"description" type:"string"` @@ -70474,12 +75816,27 @@ type CreateNetworkInterfaceInput struct { // it is UnauthorizedOperation. DryRun *bool `locationName:"dryRun" type:"boolean"` + // If you’re creating a network interface in a dual-stack or IPv6-only subnet, + // you have the option to assign a primary IPv6 IP address. A primary IPv6 address + // is an IPv6 GUA address associated with an ENI that you have enabled to use + // a primary IPv6 address. Use this option if the instance that this ENI will + // be attached to relies on its IPv6 address not changing. Amazon Web Services + // will automatically assign an IPv6 address associated with the ENI attached + // to your instance to be the primary IPv6 address. Once you enable an IPv6 + // GUA address to be a primary IPv6, you cannot disable it. When you enable + // an IPv6 GUA address to be a primary IPv6, the first IPv6 GUA will be made + // the primary IPv6 address until the instance is terminated or the network + // interface is detached. If you have multiple IPv6 addresses associated with + // an ENI attached to your instance and you enable a primary IPv6 address, the + // first IPv6 GUA address associated with the ENI becomes the primary IPv6 address. + EnablePrimaryIpv6 *bool `type:"boolean"` + // The IDs of one or more security groups. Groups []*string `locationName:"SecurityGroupId" locationNameList:"SecurityGroupId" type:"list"` // The type of network interface. The default is interface. // - // The only supported values are efa and trunk. + // The only supported values are interface, efa, and trunk. InterfaceType *string `type:"string" enum:"NetworkInterfaceCreationType"` // The number of IPv4 prefixes that Amazon Web Services automatically assigns @@ -70599,6 +75956,12 @@ func (s *CreateNetworkInterfaceInput) SetClientToken(v string) *CreateNetworkInt return s } +// SetConnectionTrackingSpecification sets the ConnectionTrackingSpecification field's value. +func (s *CreateNetworkInterfaceInput) SetConnectionTrackingSpecification(v *ConnectionTrackingSpecificationRequest) *CreateNetworkInterfaceInput { + s.ConnectionTrackingSpecification = v + return s +} + // SetDescription sets the Description field's value. func (s *CreateNetworkInterfaceInput) SetDescription(v string) *CreateNetworkInterfaceInput { s.Description = &v @@ -70611,6 +75974,12 @@ func (s *CreateNetworkInterfaceInput) SetDryRun(v bool) *CreateNetworkInterfaceI return s } +// SetEnablePrimaryIpv6 sets the EnablePrimaryIpv6 field's value. +func (s *CreateNetworkInterfaceInput) SetEnablePrimaryIpv6(v bool) *CreateNetworkInterfaceInput { + s.EnablePrimaryIpv6 = &v + return s +} + // SetGroups sets the Groups field's value. func (s *CreateNetworkInterfaceInput) SetGroups(v []*string) *CreateNetworkInterfaceInput { s.Groups = v @@ -71681,6 +77050,10 @@ func (s *CreateRouteOutput) SetReturn(v bool) *CreateRouteOutput { type CreateRouteTableInput struct { _ struct{} `type:"structure"` + // Unique, case-sensitive identifier that you provide to ensure the idempotency + // of the request. For more information, see Ensuring idempotency (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Run_Instance_Idempotency.html). + ClientToken *string `type:"string" idempotencyToken:"true"` + // Checks whether you have the required permissions for the action, without // actually making the request, and provides an error response. If you have // the required permissions, the error response is DryRunOperation. Otherwise, @@ -71727,6 +77100,12 @@ func (s *CreateRouteTableInput) Validate() error { return nil } +// SetClientToken sets the ClientToken field's value. +func (s *CreateRouteTableInput) SetClientToken(v string) *CreateRouteTableInput { + s.ClientToken = &v + return s +} + // SetDryRun sets the DryRun field's value. func (s *CreateRouteTableInput) SetDryRun(v bool) *CreateRouteTableInput { s.DryRun = &v @@ -71748,6 +77127,10 @@ func (s *CreateRouteTableInput) SetVpcId(v string) *CreateRouteTableInput { type CreateRouteTableOutput struct { _ struct{} `type:"structure"` + // Unique, case-sensitive identifier to ensure the idempotency of the request. + // Only returned if a client token was provided in the request. + ClientToken *string `locationName:"clientToken" type:"string"` + // Information about the route table. RouteTable *RouteTable `locationName:"routeTable" type:"structure"` } @@ -71770,6 +77153,12 @@ func (s CreateRouteTableOutput) GoString() string { return s.String() } +// SetClientToken sets the ClientToken field's value. +func (s *CreateRouteTableOutput) SetClientToken(v string) *CreateRouteTableOutput { + s.ClientToken = &v + return s +} + // SetRouteTable sets the RouteTable field's value. func (s *CreateRouteTableOutput) SetRouteTable(v *RouteTable) *CreateRouteTableOutput { s.RouteTable = v @@ -71779,13 +77168,11 @@ func (s *CreateRouteTableOutput) SetRouteTable(v *RouteTable) *CreateRouteTableO type CreateSecurityGroupInput struct { _ struct{} `type:"structure"` - // A description for the security group. This is informational only. + // A description for the security group. // // Constraints: Up to 255 characters in length // - // Constraints for EC2-Classic: ASCII characters - // - // Constraints for EC2-VPC: a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=&;{}!$* + // Valid characters: a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=&;{}!$* // // Description is a required field Description *string `locationName:"GroupDescription" type:"string" required:"true"` @@ -71800,9 +77187,7 @@ type CreateSecurityGroupInput struct { // // Constraints: Up to 255 characters in length. Cannot start with sg-. // - // Constraints for EC2-Classic: ASCII characters - // - // Constraints for EC2-VPC: a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=&;{}!$* + // Valid characters: a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=&;{}!$* // // GroupName is a required field GroupName *string `type:"string" required:"true"` @@ -71810,7 +77195,7 @@ type CreateSecurityGroupInput struct { // The tags to assign to the security group. TagSpecifications []*TagSpecification `locationName:"TagSpecification" locationNameList:"item" type:"list"` - // [EC2-VPC] The ID of the VPC. Required for EC2-VPC. + // The ID of the VPC. Required for a nondefault VPC. VpcId *string `type:"string"` } @@ -71945,8 +77330,8 @@ type CreateSnapshotInput struct { // must be created on the same Outpost as the volume. // // For more information, see Create local snapshots from volumes on an Outpost - // (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/snapshots-outposts.html#create-snapshot) - // in the Amazon Elastic Compute Cloud User Guide. + // (https://docs.aws.amazon.com/ebs/latest/userguide/snapshots-outposts.html#create-snapshot) + // in the Amazon EBS User Guide. OutpostArn *string `type:"string"` // The tags to apply to the snapshot during creation. @@ -72054,8 +77439,8 @@ type CreateSnapshotsInput struct { // must be created on the same Outpost as the instance. // // For more information, see Create multi-volume local snapshots from instances - // on an Outpost (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/snapshots-outposts.html#create-multivol-snapshot) - // in the Amazon Elastic Compute Cloud User Guide. + // on an Outpost (https://docs.aws.amazon.com/ebs/latest/userguide/snapshots-outposts.html#create-multivol-snapshot) + // in the Amazon EBS User Guide. OutpostArn *string `type:"string"` // Tags to apply to every snapshot specified by the instance. @@ -72086,6 +77471,11 @@ func (s *CreateSnapshotsInput) Validate() error { if s.InstanceSpecification == nil { invalidParams.Add(request.NewErrParamRequired("InstanceSpecification")) } + if s.InstanceSpecification != nil { + if err := s.InstanceSpecification.Validate(); err != nil { + invalidParams.AddNested("InstanceSpecification", err.(request.ErrInvalidParams)) + } + } if invalidParams.Len() > 0 { return invalidParams @@ -72395,18 +77785,13 @@ type CreateSubnetCidrReservationInput struct { // it is UnauthorizedOperation. DryRun *bool `type:"boolean"` - // The type of reservation. - // - // The following are valid values: + // The type of reservation. The reservation type determines how the reserved + // IP addresses are assigned to resources. // - // * prefix: The Amazon EC2 Prefix Delegation feature assigns the IP addresses - // to network interfaces that are associated with an instance. For information - // about Prefix Delegation, see Prefix Delegation for Amazon EC2 network - // interfaces (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-prefix-delegation.html) - // in the Amazon Elastic Compute Cloud User Guide. + // * prefix - Amazon Web Services assigns the reserved IP addresses to network + // interfaces. // - // * explicit: You manually assign the IP addresses to resources that reside - // in your subnet. + // * explicit - You assign the reserved IP addresses to network interfaces. // // ReservationType is a required field ReservationType *string `type:"string" required:"true" enum:"SubnetCidrReservationType"` @@ -72535,8 +77920,7 @@ type CreateSubnetInput struct { // // To create a subnet in a Local Zone, set this value to the Local Zone ID, // for example us-west-2-lax-1a. For information about the Regions that support - // Local Zones, see Available Regions (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-regions-availability-zones.html#concepts-available-regions) - // in the Amazon Elastic Compute Cloud User Guide. + // Local Zones, see Local Zones locations (http://aws.amazon.com/about-aws/global-infrastructure/localzones/locations/). // // To create a subnet in an Outpost, set this value to the Availability Zone // for the Outpost and specify the Outpost ARN. @@ -72558,15 +77942,25 @@ type CreateSubnetInput struct { // it is UnauthorizedOperation. DryRun *bool `locationName:"dryRun" type:"boolean"` - // The IPv6 network range for the subnet, in CIDR notation. The subnet size - // must use a /64 prefix length. - // - // This parameter is required for an IPv6 only subnet. + // An IPv4 IPAM pool ID for the subnet. + Ipv4IpamPoolId *string `type:"string"` + + // An IPv4 netmask length for the subnet. + Ipv4NetmaskLength *int64 `type:"integer"` + + // The IPv6 network range for the subnet, in CIDR notation. This parameter is + // required for an IPv6 only subnet. Ipv6CidrBlock *string `type:"string"` + // An IPv6 IPAM pool ID for the subnet. + Ipv6IpamPoolId *string `type:"string"` + // Indicates whether to create an IPv6 only subnet. Ipv6Native *bool `type:"boolean"` + // An IPv6 netmask length for the subnet. + Ipv6NetmaskLength *int64 `type:"integer"` + // The Amazon Resource Name (ARN) of the Outpost. If you specify an Outpost // ARN, you must also specify the Availability Zone of the Outpost subnet. OutpostArn *string `type:"string"` @@ -72635,18 +78029,42 @@ func (s *CreateSubnetInput) SetDryRun(v bool) *CreateSubnetInput { return s } +// SetIpv4IpamPoolId sets the Ipv4IpamPoolId field's value. +func (s *CreateSubnetInput) SetIpv4IpamPoolId(v string) *CreateSubnetInput { + s.Ipv4IpamPoolId = &v + return s +} + +// SetIpv4NetmaskLength sets the Ipv4NetmaskLength field's value. +func (s *CreateSubnetInput) SetIpv4NetmaskLength(v int64) *CreateSubnetInput { + s.Ipv4NetmaskLength = &v + return s +} + // SetIpv6CidrBlock sets the Ipv6CidrBlock field's value. func (s *CreateSubnetInput) SetIpv6CidrBlock(v string) *CreateSubnetInput { s.Ipv6CidrBlock = &v return s } +// SetIpv6IpamPoolId sets the Ipv6IpamPoolId field's value. +func (s *CreateSubnetInput) SetIpv6IpamPoolId(v string) *CreateSubnetInput { + s.Ipv6IpamPoolId = &v + return s +} + // SetIpv6Native sets the Ipv6Native field's value. func (s *CreateSubnetInput) SetIpv6Native(v bool) *CreateSubnetInput { s.Ipv6Native = &v return s } +// SetIpv6NetmaskLength sets the Ipv6NetmaskLength field's value. +func (s *CreateSubnetInput) SetIpv6NetmaskLength(v int64) *CreateSubnetInput { + s.Ipv6NetmaskLength = &v + return s +} + // SetOutpostArn sets the OutpostArn field's value. func (s *CreateSubnetInput) SetOutpostArn(v string) *CreateSubnetInput { s.OutpostArn = &v @@ -73147,6 +78565,10 @@ type CreateTrafficMirrorSessionInput struct { // // If you do not want to mirror the entire packet, use the PacketLength parameter // to specify the number of bytes in each packet to mirror. + // + // For sessions with Network Load Balancer (NLB) Traffic Mirror targets the + // default PacketLength will be set to 8500. Valid values are 1-8500. Setting + // a PacketLength greater than 8500 will result in an error response. PacketLength *int64 `type:"integer"` // The session number determines the order in which sessions are evaluated when @@ -74905,6 +80327,22 @@ type CreateTransitGatewayVpcAttachmentRequestOptions struct { // Enable or disable IPv6 support. The default is disable. Ipv6Support *string `type:"string" enum:"Ipv6SupportValue"` + + // + // This parameter is in preview and may not be available for your account. + // + // Enables you to reference a security group across VPCs attached to a transit + // gateway. Use this option to simplify security group management and control + // of instance-to-instance traffic across VPCs that are connected by transit + // gateway. You can also use this option to migrate from VPC peering (which + // was the only option that supported security group referencing) to transit + // gateways (which now also support security group referencing). This option + // is disabled by default and there are no additional costs to use this feature. + // + // If you don't enable or disable SecurityGroupReferencingSupport in the request, + // the attachment will inherit the security group referencing support setting + // on the transit gateway. + SecurityGroupReferencingSupport *string `type:"string" enum:"SecurityGroupReferencingSupportValue"` } // String returns the string representation. @@ -74943,7 +80381,14 @@ func (s *CreateTransitGatewayVpcAttachmentRequestOptions) SetIpv6Support(v strin return s } -// Options for a network interface-type endpoint. +// SetSecurityGroupReferencingSupport sets the SecurityGroupReferencingSupport field's value. +func (s *CreateTransitGatewayVpcAttachmentRequestOptions) SetSecurityGroupReferencingSupport(v string) *CreateTransitGatewayVpcAttachmentRequestOptions { + s.SecurityGroupReferencingSupport = &v + return s +} + +// Describes the network interface options when creating an Amazon Web Services +// Verified Access endpoint using the network-interface type. type CreateVerifiedAccessEndpointEniOptions struct { _ struct{} `type:"structure"` @@ -75014,7 +80459,7 @@ type CreateVerifiedAccessEndpointInput struct { // ApplicationDomain is a required field ApplicationDomain *string `type:"string" required:"true"` - // The Amazon Web Services network component Verified Access attaches to. + // The type of attachment. // // AttachmentType is a required field AttachmentType *string `type:"string" required:"true" enum:"VerifiedAccessEndpointAttachmentType"` @@ -75024,7 +80469,7 @@ type CreateVerifiedAccessEndpointInput struct { // (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html). ClientToken *string `type:"string" idempotencyToken:"true"` - // A description for the Amazon Web Services Verified Access endpoint. + // A description for the Verified Access endpoint. Description *string `type:"string"` // The ARN of the public TLS/SSL certificate in Amazon Web Services Certificate @@ -75040,33 +80485,36 @@ type CreateVerifiedAccessEndpointInput struct { // it is UnauthorizedOperation. DryRun *bool `type:"boolean"` - // A custom identifier that gets prepended to a DNS name that is generated for + // A custom identifier that is prepended to the DNS name that is generated for // the endpoint. // // EndpointDomainPrefix is a required field EndpointDomainPrefix *string `type:"string" required:"true"` - // The type of Amazon Web Services Verified Access endpoint to create. + // The type of Verified Access endpoint to create. // // EndpointType is a required field EndpointType *string `type:"string" required:"true" enum:"VerifiedAccessEndpointType"` - // The load balancer details if creating the Amazon Web Services Verified Access - // endpoint as load-balancertype. + // The load balancer details. This parameter is required if the endpoint type + // is load-balancer. LoadBalancerOptions *CreateVerifiedAccessEndpointLoadBalancerOptions `type:"structure"` - // The network interface details if creating the Amazon Web Services Verified - // Access endpoint as network-interfacetype. + // The network interface details. This parameter is required if the endpoint + // type is network-interface. NetworkInterfaceOptions *CreateVerifiedAccessEndpointEniOptions `type:"structure"` - // The Amazon Web Services Verified Access policy document. + // The Verified Access policy document. PolicyDocument *string `type:"string"` - // The Amazon EC2 security groups to associate with the Amazon Web Services - // Verified Access endpoint. + // The IDs of the security groups to associate with the Verified Access endpoint. + // Required if AttachmentType is set to vpc. SecurityGroupIds []*string `locationName:"SecurityGroupId" locationNameList:"item" type:"list"` - // The tags to assign to the Amazon Web Services Verified Access endpoint. + // The options for server side encryption. + SseSpecification *VerifiedAccessSseSpecificationRequest `type:"structure"` + + // The tags to assign to the Verified Access endpoint. TagSpecifications []*TagSpecification `locationName:"TagSpecification" locationNameList:"item" type:"list"` // The ID of the Verified Access group to associate the endpoint with. @@ -75203,6 +80651,12 @@ func (s *CreateVerifiedAccessEndpointInput) SetSecurityGroupIds(v []*string) *Cr return s } +// SetSseSpecification sets the SseSpecification field's value. +func (s *CreateVerifiedAccessEndpointInput) SetSseSpecification(v *VerifiedAccessSseSpecificationRequest) *CreateVerifiedAccessEndpointInput { + s.SseSpecification = v + return s +} + // SetTagSpecifications sets the TagSpecifications field's value. func (s *CreateVerifiedAccessEndpointInput) SetTagSpecifications(v []*TagSpecification) *CreateVerifiedAccessEndpointInput { s.TagSpecifications = v @@ -75215,8 +80669,8 @@ func (s *CreateVerifiedAccessEndpointInput) SetVerifiedAccessGroupId(v string) * return s } -// Describes a load balancer when creating an Amazon Web Services Verified Access -// endpoint using the load-balancer type. +// Describes the load balancer options when creating an Amazon Web Services +// Verified Access endpoint using the load-balancer type. type CreateVerifiedAccessEndpointLoadBalancerOptions struct { _ struct{} `type:"structure"` @@ -75291,7 +80745,7 @@ func (s *CreateVerifiedAccessEndpointLoadBalancerOptions) SetSubnetIds(v []*stri type CreateVerifiedAccessEndpointOutput struct { _ struct{} `type:"structure"` - // The ID of the Amazon Web Services Verified Access endpoint. + // Details about the Verified Access endpoint. VerifiedAccessEndpoint *VerifiedAccessEndpoint `locationName:"verifiedAccessEndpoint" type:"structure"` } @@ -75327,7 +80781,7 @@ type CreateVerifiedAccessGroupInput struct { // (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html). ClientToken *string `type:"string" idempotencyToken:"true"` - // A description for the Amazon Web Services Verified Access group. + // A description for the Verified Access group. Description *string `type:"string"` // Checks whether you have the required permissions for the action, without @@ -75336,13 +80790,16 @@ type CreateVerifiedAccessGroupInput struct { // it is UnauthorizedOperation. DryRun *bool `type:"boolean"` - // The Amazon Web Services Verified Access policy document. + // The Verified Access policy document. PolicyDocument *string `type:"string"` - // The tags to assign to the Amazon Web Services Verified Access group. + // The options for server side encryption. + SseSpecification *VerifiedAccessSseSpecificationRequest `type:"structure"` + + // The tags to assign to the Verified Access group. TagSpecifications []*TagSpecification `locationName:"TagSpecification" locationNameList:"item" type:"list"` - // The ID of the Amazon Web Services Verified Access instance. + // The ID of the Verified Access instance. // // VerifiedAccessInstanceId is a required field VerifiedAccessInstanceId *string `type:"string" required:"true"` @@ -75403,6 +80860,12 @@ func (s *CreateVerifiedAccessGroupInput) SetPolicyDocument(v string) *CreateVeri return s } +// SetSseSpecification sets the SseSpecification field's value. +func (s *CreateVerifiedAccessGroupInput) SetSseSpecification(v *VerifiedAccessSseSpecificationRequest) *CreateVerifiedAccessGroupInput { + s.SseSpecification = v + return s +} + // SetTagSpecifications sets the TagSpecifications field's value. func (s *CreateVerifiedAccessGroupInput) SetTagSpecifications(v []*TagSpecification) *CreateVerifiedAccessGroupInput { s.TagSpecifications = v @@ -75418,7 +80881,7 @@ func (s *CreateVerifiedAccessGroupInput) SetVerifiedAccessInstanceId(v string) * type CreateVerifiedAccessGroupOutput struct { _ struct{} `type:"structure"` - // The ID of the Verified Access group. + // Details about the Verified Access group. VerifiedAccessGroup *VerifiedAccessGroup `locationName:"verifiedAccessGroup" type:"structure"` } @@ -75454,7 +80917,7 @@ type CreateVerifiedAccessInstanceInput struct { // (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html). ClientToken *string `type:"string" idempotencyToken:"true"` - // A description for the Amazon Web Services Verified Access instance. + // A description for the Verified Access instance. Description *string `type:"string"` // Checks whether you have the required permissions for the action, without @@ -75463,7 +80926,11 @@ type CreateVerifiedAccessInstanceInput struct { // it is UnauthorizedOperation. DryRun *bool `type:"boolean"` - // The tags to assign to the Amazon Web Services Verified Access instance. + // Enable or disable support for Federal Information Processing Standards (FIPS) + // on the instance. + FIPSEnabled *bool `type:"boolean"` + + // The tags to assign to the Verified Access instance. TagSpecifications []*TagSpecification `locationName:"TagSpecification" locationNameList:"item" type:"list"` } @@ -75503,6 +80970,12 @@ func (s *CreateVerifiedAccessInstanceInput) SetDryRun(v bool) *CreateVerifiedAcc return s } +// SetFIPSEnabled sets the FIPSEnabled field's value. +func (s *CreateVerifiedAccessInstanceInput) SetFIPSEnabled(v bool) *CreateVerifiedAccessInstanceInput { + s.FIPSEnabled = &v + return s +} + // SetTagSpecifications sets the TagSpecifications field's value. func (s *CreateVerifiedAccessInstanceInput) SetTagSpecifications(v []*TagSpecification) *CreateVerifiedAccessInstanceInput { s.TagSpecifications = v @@ -75512,7 +80985,7 @@ func (s *CreateVerifiedAccessInstanceInput) SetTagSpecifications(v []*TagSpecifi type CreateVerifiedAccessInstanceOutput struct { _ struct{} `type:"structure"` - // The ID of the Amazon Web Services Verified Access instance. + // Details about the Verified Access instance. VerifiedAccessInstance *VerifiedAccessInstance `locationName:"verifiedAccessInstance" type:"structure"` } @@ -75540,10 +81013,15 @@ func (s *CreateVerifiedAccessInstanceOutput) SetVerifiedAccessInstance(v *Verifi return s } -// Options for a device-identity type trust provider. +// Describes the options when creating an Amazon Web Services Verified Access +// trust provider using the device type. type CreateVerifiedAccessTrustProviderDeviceOptions struct { _ struct{} `type:"structure"` + // The URL Amazon Web Services Verified Access will use to verify the authenticity + // of the device tokens. + PublicSigningKeyUrl *string `type:"string"` + // The ID of the tenant application with the device-identity provider. TenantId *string `type:"string"` } @@ -75566,6 +81044,12 @@ func (s CreateVerifiedAccessTrustProviderDeviceOptions) GoString() string { return s.String() } +// SetPublicSigningKeyUrl sets the PublicSigningKeyUrl field's value. +func (s *CreateVerifiedAccessTrustProviderDeviceOptions) SetPublicSigningKeyUrl(v string) *CreateVerifiedAccessTrustProviderDeviceOptions { + s.PublicSigningKeyUrl = &v + return s +} + // SetTenantId sets the TenantId field's value. func (s *CreateVerifiedAccessTrustProviderDeviceOptions) SetTenantId(v string) *CreateVerifiedAccessTrustProviderDeviceOptions { s.TenantId = &v @@ -75580,13 +81064,15 @@ type CreateVerifiedAccessTrustProviderInput struct { // (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html). ClientToken *string `type:"string" idempotencyToken:"true"` - // A description for the Amazon Web Services Verified Access trust provider. + // A description for the Verified Access trust provider. Description *string `type:"string"` - // The options for device identity based trust providers. + // The options for a device-based trust provider. This parameter is required + // when the provider type is device. DeviceOptions *CreateVerifiedAccessTrustProviderDeviceOptions `type:"structure"` - // The type of device-based trust provider. + // The type of device-based trust provider. This parameter is required when + // the provider type is device. DeviceTrustProviderType *string `type:"string" enum:"DeviceTrustProviderType"` // Checks whether you have the required permissions for the action, without @@ -75595,7 +81081,8 @@ type CreateVerifiedAccessTrustProviderInput struct { // it is UnauthorizedOperation. DryRun *bool `type:"boolean"` - // The OpenID Connect details for an oidc-type, user-identity based trust provider. + // The options for a OpenID Connect-compatible user-identity trust provider. + // This parameter is required when the provider type is user. OidcOptions *CreateVerifiedAccessTrustProviderOidcOptions `type:"structure"` // The identifier to be used when working with policy rules. @@ -75603,15 +81090,19 @@ type CreateVerifiedAccessTrustProviderInput struct { // PolicyReferenceName is a required field PolicyReferenceName *string `type:"string" required:"true"` - // The tags to assign to the Amazon Web Services Verified Access trust provider. + // The options for server side encryption. + SseSpecification *VerifiedAccessSseSpecificationRequest `type:"structure"` + + // The tags to assign to the Verified Access trust provider. TagSpecifications []*TagSpecification `locationName:"TagSpecification" locationNameList:"item" type:"list"` - // The type of trust provider can be either user or device-based. + // The type of trust provider. // // TrustProviderType is a required field TrustProviderType *string `type:"string" required:"true" enum:"TrustProviderType"` - // The type of user-based trust provider. + // The type of user-based trust provider. This parameter is required when the + // provider type is user. UserTrustProviderType *string `type:"string" enum:"UserTrustProviderType"` } @@ -75691,6 +81182,12 @@ func (s *CreateVerifiedAccessTrustProviderInput) SetPolicyReferenceName(v string return s } +// SetSseSpecification sets the SseSpecification field's value. +func (s *CreateVerifiedAccessTrustProviderInput) SetSseSpecification(v *VerifiedAccessSseSpecificationRequest) *CreateVerifiedAccessTrustProviderInput { + s.SseSpecification = v + return s +} + // SetTagSpecifications sets the TagSpecifications field's value. func (s *CreateVerifiedAccessTrustProviderInput) SetTagSpecifications(v []*TagSpecification) *CreateVerifiedAccessTrustProviderInput { s.TagSpecifications = v @@ -75709,7 +81206,8 @@ func (s *CreateVerifiedAccessTrustProviderInput) SetUserTrustProviderType(v stri return s } -// Options for an OIDC-based, user-identity type trust provider. +// Describes the options when creating an Amazon Web Services Verified Access +// trust provider using the user type. type CreateVerifiedAccessTrustProviderOidcOptions struct { _ struct{} `type:"structure"` @@ -75720,7 +81218,11 @@ type CreateVerifiedAccessTrustProviderOidcOptions struct { ClientId *string `type:"string"` // The client secret. - ClientSecret *string `type:"string"` + // + // ClientSecret is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by CreateVerifiedAccessTrustProviderOidcOptions's + // String and GoString methods. + ClientSecret *string `type:"string" sensitive:"true"` // The OIDC issuer. Issuer *string `type:"string"` @@ -75800,7 +81302,7 @@ func (s *CreateVerifiedAccessTrustProviderOidcOptions) SetUserInfoEndpoint(v str type CreateVerifiedAccessTrustProviderOutput struct { _ struct{} `type:"structure"` - // The ID of the Amazon Web Services Verified Access trust provider. + // Details about the Verified Access trust provider. VerifiedAccessTrustProvider *VerifiedAccessTrustProvider `locationName:"verifiedAccessTrustProvider" type:"structure"` } @@ -75831,7 +81333,8 @@ func (s *CreateVerifiedAccessTrustProviderOutput) SetVerifiedAccessTrustProvider type CreateVolumeInput struct { _ struct{} `type:"structure"` - // The Availability Zone in which to create the volume. + // The ID of the Availability Zone in which to create the volume. For example, + // us-east-1a. // // AvailabilityZone is a required field AvailabilityZone *string `type:"string" required:"true"` @@ -75849,11 +81352,11 @@ type CreateVolumeInput struct { // Indicates whether the volume should be encrypted. The effect of setting the // encryption state to true depends on the volume origin (new or from a snapshot), // starting encryption state, ownership, and whether encryption by default is - // enabled. For more information, see Encryption by default (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html#encryption-by-default) - // in the Amazon Elastic Compute Cloud User Guide. + // enabled. For more information, see Encryption by default (https://docs.aws.amazon.com/ebs/latest/userguide/work-with-ebs-encr.html#encryption-by-default) + // in the Amazon EBS User Guide. // // Encrypted Amazon EBS volumes must be attached to instances that support Amazon - // EBS encryption. For more information, see Supported instance types (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html#EBSEncryption_supported_instances). + // EBS encryption. For more information, see Supported instance types (https://docs.aws.amazon.com/ebs/latest/userguide/ebs-encryption-requirements.html#ebs-encryption_supported_instances). Encrypted *bool `locationName:"encrypted" type:"boolean"` // The number of I/O operations per second (IOPS). For gp3, io1, and io2 volumes, @@ -75863,15 +81366,15 @@ type CreateVolumeInput struct { // // The following are the supported values for each volume type: // - // * gp3: 3,000-16,000 IOPS + // * gp3: 3,000 - 16,000 IOPS // - // * io1: 100-64,000 IOPS + // * io1: 100 - 64,000 IOPS // - // * io2: 100-64,000 IOPS + // * io2: 100 - 256,000 IOPS // - // io1 and io2 volumes support up to 64,000 IOPS only on Instances built on + // For io2 volumes, you can achieve up to 256,000 IOPS on instances built on // the Nitro System (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html#ec2-nitro-instances). - // Other instance families support performance up to 32,000 IOPS. + // On other instances, you can achieve performance up to 32,000 IOPS. // // This parameter is required for io1 and io2 volumes. The default for gp3 volumes // is 3,000 IOPS. This parameter is not supported for gp2, st1, sc1, or standard @@ -75901,8 +81404,8 @@ type CreateVolumeInput struct { // you can attach the volume to up to 16 Instances built on the Nitro System // (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html#ec2-nitro-instances) // in the same Availability Zone. This parameter is supported with io1 and io2 - // volumes only. For more information, see Amazon EBS Multi-Attach (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-volumes-multi.html) - // in the Amazon Elastic Compute Cloud User Guide. + // volumes only. For more information, see Amazon EBS Multi-Attach (https://docs.aws.amazon.com/ebs/latest/userguide/ebs-volumes-multi.html) + // in the Amazon EBS User Guide. MultiAttachEnabled *bool `type:"boolean"` // The Amazon Resource Name (ARN) of the Outpost. @@ -75915,13 +81418,15 @@ type CreateVolumeInput struct { // // The following are the supported volumes sizes for each volume type: // - // * gp2 and gp3: 1-16,384 + // * gp2 and gp3: 1 - 16,384 GiB // - // * io1 and io2: 4-16,384 + // * io1: 4 - 16,384 GiB // - // * st1 and sc1: 125-16,384 + // * io2: 4 - 65,536 GiB // - // * standard: 1-1,024 + // * st1 and sc1: 125 - 16,384 GiB + // + // * standard: 1 - 1024 GiB Size *int64 `type:"integer"` // The snapshot from which to create the volume. You must specify either a snapshot @@ -75950,8 +81455,11 @@ type CreateVolumeInput struct { // // * Magnetic: standard // - // For more information, see Amazon EBS volume types (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html) - // in the Amazon Elastic Compute Cloud User Guide. + // Throughput Optimized HDD (st1) and Cold HDD (sc1) volumes can't be used as + // boot volumes. + // + // For more information, see Amazon EBS volume types (https://docs.aws.amazon.com/ebs/latest/userguide/ebs-volume-types.html) + // in the Amazon EBS User Guide. // // Default: gp2 VolumeType *string `type:"string" enum:"VolumeType"` @@ -76156,8 +81664,8 @@ type CreateVpcEndpointConnectionNotificationInput struct { // of the request. For more information, see How to ensure idempotency (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html). ClientToken *string `type:"string"` - // One or more endpoint events for which to receive notifications. Valid values - // are Accept, Connect, Delete, and Reject. + // The endpoint events for which to receive notifications. Valid values are + // Accept, Connect, Delete, and Reject. // // ConnectionEvents is a required field ConnectionEvents []*string `locationNameList:"item" type:"list" required:"true"` @@ -76291,7 +81799,6 @@ func (s *CreateVpcEndpointConnectionNotificationOutput) SetConnectionNotificatio return s } -// Contains the parameters for CreateVpcEndpoint. type CreateVpcEndpointInput struct { _ struct{} `type:"structure"` @@ -76332,22 +81839,25 @@ type CreateVpcEndpointInput struct { // Default: true PrivateDnsEnabled *bool `type:"boolean"` - // (Gateway endpoint) One or more route table IDs. + // (Gateway endpoint) The route table IDs. RouteTableIds []*string `locationName:"RouteTableId" locationNameList:"item" type:"list"` - // (Interface endpoint) The ID of one or more security groups to associate with - // the endpoint network interface. + // (Interface endpoint) The IDs of the security groups to associate with the + // endpoint network interfaces. If this parameter is not specified, we use the + // default security group for the VPC. SecurityGroupIds []*string `locationName:"SecurityGroupId" locationNameList:"item" type:"list"` - // The service name. To get a list of available services, use the DescribeVpcEndpointServices - // request, or get the name from the service provider. + // The name of the endpoint service. // // ServiceName is a required field ServiceName *string `type:"string" required:"true"` - // (Interface and Gateway Load Balancer endpoints) The ID of one or more subnets - // in which to create an endpoint network interface. For a Gateway Load Balancer - // endpoint, you can specify one subnet only. + // The subnet configurations for the endpoint. + SubnetConfigurations []*SubnetConfiguration `locationName:"SubnetConfiguration" locationNameList:"item" type:"list"` + + // (Interface and Gateway Load Balancer endpoints) The IDs of the subnets in + // which to create endpoint network interfaces. For a Gateway Load Balancer + // endpoint, you can specify only one subnet. SubnetIds []*string `locationName:"SubnetId" locationNameList:"item" type:"list"` // The tags to associate with the endpoint. @@ -76358,7 +81868,7 @@ type CreateVpcEndpointInput struct { // Default: Gateway VpcEndpointType *string `type:"string" enum:"VpcEndpointType"` - // The ID of the VPC in which the endpoint will be used. + // The ID of the VPC. // // VpcId is a required field VpcId *string `type:"string" required:"true"` @@ -76452,6 +81962,12 @@ func (s *CreateVpcEndpointInput) SetServiceName(v string) *CreateVpcEndpointInpu return s } +// SetSubnetConfigurations sets the SubnetConfigurations field's value. +func (s *CreateVpcEndpointInput) SetSubnetConfigurations(v []*SubnetConfiguration) *CreateVpcEndpointInput { + s.SubnetConfigurations = v + return s +} + // SetSubnetIds sets the SubnetIds field's value. func (s *CreateVpcEndpointInput) SetSubnetIds(v []*string) *CreateVpcEndpointInput { s.SubnetIds = v @@ -76476,7 +81992,6 @@ func (s *CreateVpcEndpointInput) SetVpcId(v string) *CreateVpcEndpointInput { return s } -// Contains the output of CreateVpcEndpoint. type CreateVpcEndpointOutput struct { _ struct{} `type:"structure"` @@ -76535,11 +82050,10 @@ type CreateVpcEndpointServiceConfigurationInput struct { // it is UnauthorizedOperation. DryRun *bool `type:"boolean"` - // The Amazon Resource Names (ARNs) of one or more Gateway Load Balancers. + // The Amazon Resource Names (ARNs) of the Gateway Load Balancers. GatewayLoadBalancerArns []*string `locationName:"GatewayLoadBalancerArn" locationNameList:"item" type:"list"` - // The Amazon Resource Names (ARNs) of one or more Network Load Balancers for - // your service. + // The Amazon Resource Names (ARNs) of the Network Load Balancers. NetworkLoadBalancerArns []*string `locationName:"NetworkLoadBalancerArn" locationNameList:"item" type:"list"` // (Interface endpoint configuration) The private DNS name to assign to the @@ -76885,7 +82399,9 @@ type CreateVpcPeeringConnectionInput struct { TagSpecifications []*TagSpecification `locationName:"TagSpecification" locationNameList:"item" type:"list"` // The ID of the requester VPC. You must specify this parameter in the request. - VpcId *string `locationName:"vpcId" type:"string"` + // + // VpcId is a required field + VpcId *string `locationName:"vpcId" type:"string" required:"true"` } // String returns the string representation. @@ -76906,6 +82422,19 @@ func (s CreateVpcPeeringConnectionInput) GoString() string { return s.String() } +// Validate inspects the fields of the type to determine if they are valid. +func (s *CreateVpcPeeringConnectionInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "CreateVpcPeeringConnectionInput"} + if s.VpcId == nil { + invalidParams.Add(request.NewErrParamRequired("VpcId")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + // SetDryRun sets the DryRun field's value. func (s *CreateVpcPeeringConnectionInput) SetDryRun(v bool) *CreateVpcPeeringConnectionInput { s.DryRun = &v @@ -77514,8 +83043,8 @@ type DataQuery struct { // query, the dataResponse identifies the query as MyQuery01. Id *string `type:"string"` - // The aggregation metric used for the data query. Currently only aggregation-latency - // is supported, indicating network latency. + // The metric, aggregation-latency, indicating that network latency is aggregated + // for the query. This is the only supported metric. Metric *string `type:"string" enum:"MetricType"` // The aggregation period used for the data query. @@ -77525,12 +83054,10 @@ type DataQuery struct { // example, us-east-1. Source *string `type:"string"` - // Metric data aggregations over specified periods of time. The following are - // the supported Infrastructure Performance statistics: - // - // * p50 - The median value of the metric aggregated over a specified start - // and end time. For example, a metric of five_minutes is the median of all - // the data points gathered within those five minutes. + // The metric data aggregation period, p50, between the specified startDate + // and endDate. For example, a metric of five_minutes is the median of all the + // data points gathered within those five minutes. p50 is the only supported + // metric. Statistic *string `type:"string" enum:"StatisticType"` } @@ -77599,8 +83126,8 @@ type DataResponse struct { // The ID passed in the DataQuery. Id *string `locationName:"id" type:"string"` - // The metric used for the network performance request. Currently only aggregate-latency - // is supported, showing network latency during a specified period. + // The metric used for the network performance request. Only aggregate-latency + // is supported, which shows network latency during a specified period. Metric *string `locationName:"metric" type:"string" enum:"MetricType"` // A list of MetricPoint objects. @@ -78555,11 +84082,11 @@ type DeleteFleetsInput struct { // FleetIds is a required field FleetIds []*string `locationName:"FleetId" type:"list" required:"true"` - // Indicates whether to terminate the instances when the EC2 Fleet is deleted. - // The default is to terminate the instances. + // Indicates whether to terminate the associated instances when the EC2 Fleet + // is deleted. The default is to terminate the instances. // // To let the instances continue to run after the EC2 Fleet is deleted, specify - // NoTerminateInstances. Supported only for fleets of type maintain and request. + // no-terminate-instances. Supported only for fleets of type maintain and request. // // For instant fleets, you cannot specify NoTerminateInstances. A deleted instant // fleet with running instances is not supported. @@ -78840,6 +84367,95 @@ func (s *DeleteFpgaImageOutput) SetReturn(v bool) *DeleteFpgaImageOutput { return s } +type DeleteInstanceConnectEndpointInput struct { + _ struct{} `type:"structure"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The ID of the EC2 Instance Connect Endpoint to delete. + // + // InstanceConnectEndpointId is a required field + InstanceConnectEndpointId *string `type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DeleteInstanceConnectEndpointInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DeleteInstanceConnectEndpointInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DeleteInstanceConnectEndpointInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DeleteInstanceConnectEndpointInput"} + if s.InstanceConnectEndpointId == nil { + invalidParams.Add(request.NewErrParamRequired("InstanceConnectEndpointId")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDryRun sets the DryRun field's value. +func (s *DeleteInstanceConnectEndpointInput) SetDryRun(v bool) *DeleteInstanceConnectEndpointInput { + s.DryRun = &v + return s +} + +// SetInstanceConnectEndpointId sets the InstanceConnectEndpointId field's value. +func (s *DeleteInstanceConnectEndpointInput) SetInstanceConnectEndpointId(v string) *DeleteInstanceConnectEndpointInput { + s.InstanceConnectEndpointId = &v + return s +} + +type DeleteInstanceConnectEndpointOutput struct { + _ struct{} `type:"structure"` + + // Information about the EC2 Instance Connect Endpoint. + InstanceConnectEndpoint *Ec2InstanceConnectEndpoint `locationName:"instanceConnectEndpoint" type:"structure"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DeleteInstanceConnectEndpointOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DeleteInstanceConnectEndpointOutput) GoString() string { + return s.String() +} + +// SetInstanceConnectEndpoint sets the InstanceConnectEndpoint field's value. +func (s *DeleteInstanceConnectEndpointOutput) SetInstanceConnectEndpoint(v *Ec2InstanceConnectEndpoint) *DeleteInstanceConnectEndpointOutput { + s.InstanceConnectEndpoint = v + return s +} + type DeleteInstanceEventWindowInput struct { _ struct{} `type:"structure"` @@ -79136,6 +84752,14 @@ func (s *DeleteIpamOutput) SetIpam(v *Ipam) *DeleteIpamOutput { type DeleteIpamPoolInput struct { _ struct{} `type:"structure"` + // Enables you to quickly delete an IPAM pool and all resources within that + // pool, including provisioned CIDRs, allocations, and other pools. + // + // You can only use this option to delete pools in the private scope or pools + // in the public scope with a source resource. A source resource is a resource + // used to provision CIDRs to a resource planning pool. + Cascade *bool `type:"boolean"` + // A check for whether you have the required permissions for the action without // actually making the request and provides an error response. If you have the // required permissions, the error response is DryRunOperation. Otherwise, it @@ -79179,6 +84803,12 @@ func (s *DeleteIpamPoolInput) Validate() error { return nil } +// SetCascade sets the Cascade field's value. +func (s *DeleteIpamPoolInput) SetCascade(v bool) *DeleteIpamPoolInput { + s.Cascade = &v + return s +} + // SetDryRun sets the DryRun field's value. func (s *DeleteIpamPoolInput) SetDryRun(v bool) *DeleteIpamPoolInput { s.DryRun = &v @@ -79222,6 +84852,95 @@ func (s *DeleteIpamPoolOutput) SetIpamPool(v *IpamPool) *DeleteIpamPoolOutput { return s } +type DeleteIpamResourceDiscoveryInput struct { + _ struct{} `type:"structure"` + + // A check for whether you have the required permissions for the action without + // actually making the request and provides an error response. If you have the + // required permissions, the error response is DryRunOperation. Otherwise, it + // is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The IPAM resource discovery ID. + // + // IpamResourceDiscoveryId is a required field + IpamResourceDiscoveryId *string `type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DeleteIpamResourceDiscoveryInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DeleteIpamResourceDiscoveryInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DeleteIpamResourceDiscoveryInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DeleteIpamResourceDiscoveryInput"} + if s.IpamResourceDiscoveryId == nil { + invalidParams.Add(request.NewErrParamRequired("IpamResourceDiscoveryId")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDryRun sets the DryRun field's value. +func (s *DeleteIpamResourceDiscoveryInput) SetDryRun(v bool) *DeleteIpamResourceDiscoveryInput { + s.DryRun = &v + return s +} + +// SetIpamResourceDiscoveryId sets the IpamResourceDiscoveryId field's value. +func (s *DeleteIpamResourceDiscoveryInput) SetIpamResourceDiscoveryId(v string) *DeleteIpamResourceDiscoveryInput { + s.IpamResourceDiscoveryId = &v + return s +} + +type DeleteIpamResourceDiscoveryOutput struct { + _ struct{} `type:"structure"` + + // The IPAM resource discovery. + IpamResourceDiscovery *IpamResourceDiscovery `locationName:"ipamResourceDiscovery" type:"structure"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DeleteIpamResourceDiscoveryOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DeleteIpamResourceDiscoveryOutput) GoString() string { + return s.String() +} + +// SetIpamResourceDiscovery sets the IpamResourceDiscovery field's value. +func (s *DeleteIpamResourceDiscoveryOutput) SetIpamResourceDiscovery(v *IpamResourceDiscovery) *DeleteIpamResourceDiscoveryOutput { + s.IpamResourceDiscovery = v + return s +} + type DeleteIpamScopeInput struct { _ struct{} `type:"structure"` @@ -79365,6 +85084,12 @@ func (s *DeleteKeyPairInput) SetKeyPairId(v string) *DeleteKeyPairInput { type DeleteKeyPairOutput struct { _ struct{} `type:"structure"` + + // The ID of the key pair. + KeyPairId *string `locationName:"keyPairId" type:"string"` + + // Is true if the request succeeds, and an error otherwise. + Return *bool `locationName:"return" type:"boolean"` } // String returns the string representation. @@ -79385,6 +85110,18 @@ func (s DeleteKeyPairOutput) GoString() string { return s.String() } +// SetKeyPairId sets the KeyPairId field's value. +func (s *DeleteKeyPairOutput) SetKeyPairId(v string) *DeleteKeyPairOutput { + s.KeyPairId = &v + return s +} + +// SetReturn sets the Return field's value. +func (s *DeleteKeyPairOutput) SetReturn(v bool) *DeleteKeyPairOutput { + s.Return = &v + return s +} + type DeleteLaunchTemplateInput struct { _ struct{} `type:"structure"` @@ -79508,7 +85245,8 @@ type DeleteLaunchTemplateVersionsInput struct { // not both. LaunchTemplateName *string `min:"3" type:"string"` - // The version numbers of one or more launch template versions to delete. + // The version numbers of one or more launch template versions to delete. You + // can specify up to 200 launch template version numbers. // // Versions is a required field Versions []*string `locationName:"LaunchTemplateVersion" locationNameList:"item" type:"list" required:"true"` @@ -79725,9 +85463,11 @@ type DeleteLocalGatewayRouteInput struct { _ struct{} `type:"structure"` // The CIDR range for the route. This must match the CIDR for the route exactly. - // - // DestinationCidrBlock is a required field - DestinationCidrBlock *string `type:"string" required:"true"` + DestinationCidrBlock *string `type:"string"` + + // Use a prefix list in place of DestinationCidrBlock. You cannot use DestinationPrefixListId + // and DestinationCidrBlock in the same request. + DestinationPrefixListId *string `type:"string"` // Checks whether you have the required permissions for the action, without // actually making the request, and provides an error response. If you have @@ -79762,9 +85502,6 @@ func (s DeleteLocalGatewayRouteInput) GoString() string { // Validate inspects the fields of the type to determine if they are valid. func (s *DeleteLocalGatewayRouteInput) Validate() error { invalidParams := request.ErrInvalidParams{Context: "DeleteLocalGatewayRouteInput"} - if s.DestinationCidrBlock == nil { - invalidParams.Add(request.NewErrParamRequired("DestinationCidrBlock")) - } if s.LocalGatewayRouteTableId == nil { invalidParams.Add(request.NewErrParamRequired("LocalGatewayRouteTableId")) } @@ -79781,6 +85518,12 @@ func (s *DeleteLocalGatewayRouteInput) SetDestinationCidrBlock(v string) *Delete return s } +// SetDestinationPrefixListId sets the DestinationPrefixListId field's value. +func (s *DeleteLocalGatewayRouteInput) SetDestinationPrefixListId(v string) *DeleteLocalGatewayRouteInput { + s.DestinationPrefixListId = &v + return s +} + // SetDryRun sets the DryRun field's value. func (s *DeleteLocalGatewayRouteInput) SetDryRun(v bool) *DeleteLocalGatewayRouteInput { s.DryRun = &v @@ -81505,12 +87248,12 @@ type DeleteSecurityGroupInput struct { // it is UnauthorizedOperation. DryRun *bool `locationName:"dryRun" type:"boolean"` - // The ID of the security group. Required for a nondefault VPC. + // The ID of the security group. GroupId *string `type:"string"` - // [EC2-Classic, default VPC] The name of the security group. You can specify - // either the security group name or the security group ID. For security groups - // in a nondefault VPC, you must specify the security group ID. + // [Default VPC] The name of the security group. You can specify either the + // security group name or the security group ID. For security groups in a nondefault + // VPC, you must specify the security group ID. GroupName *string `type:"string"` } @@ -83357,7 +89100,7 @@ type DeleteVerifiedAccessEndpointInput struct { // it is UnauthorizedOperation. DryRun *bool `type:"boolean"` - // The ID of the Amazon Web Services Verified Access endpoint. + // The ID of the Verified Access endpoint. // // VerifiedAccessEndpointId is a required field VerifiedAccessEndpointId *string `type:"string" required:"true"` @@ -83415,7 +89158,7 @@ func (s *DeleteVerifiedAccessEndpointInput) SetVerifiedAccessEndpointId(v string type DeleteVerifiedAccessEndpointOutput struct { _ struct{} `type:"structure"` - // The ID of the Amazon Web Services Verified Access endpoint. + // Details about the Verified Access endpoint. VerifiedAccessEndpoint *VerifiedAccessEndpoint `locationName:"verifiedAccessEndpoint" type:"structure"` } @@ -83457,7 +89200,7 @@ type DeleteVerifiedAccessGroupInput struct { // it is UnauthorizedOperation. DryRun *bool `type:"boolean"` - // The ID of the Amazon Web Services Verified Access group. + // The ID of the Verified Access group. // // VerifiedAccessGroupId is a required field VerifiedAccessGroupId *string `type:"string" required:"true"` @@ -83515,7 +89258,7 @@ func (s *DeleteVerifiedAccessGroupInput) SetVerifiedAccessGroupId(v string) *Del type DeleteVerifiedAccessGroupOutput struct { _ struct{} `type:"structure"` - // The ID of the Amazon Web Services Verified Access group. + // Details about the Verified Access group. VerifiedAccessGroup *VerifiedAccessGroup `locationName:"verifiedAccessGroup" type:"structure"` } @@ -83557,7 +89300,7 @@ type DeleteVerifiedAccessInstanceInput struct { // it is UnauthorizedOperation. DryRun *bool `type:"boolean"` - // The ID of the Amazon Web Services Verified Access instance. + // The ID of the Verified Access instance. // // VerifiedAccessInstanceId is a required field VerifiedAccessInstanceId *string `type:"string" required:"true"` @@ -83615,7 +89358,7 @@ func (s *DeleteVerifiedAccessInstanceInput) SetVerifiedAccessInstanceId(v string type DeleteVerifiedAccessInstanceOutput struct { _ struct{} `type:"structure"` - // The ID of the Amazon Web Services Verified Access instance. + // Details about the Verified Access instance. VerifiedAccessInstance *VerifiedAccessInstance `locationName:"verifiedAccessInstance" type:"structure"` } @@ -83657,7 +89400,7 @@ type DeleteVerifiedAccessTrustProviderInput struct { // it is UnauthorizedOperation. DryRun *bool `type:"boolean"` - // The ID of the Amazon Web Services Verified Access trust provider. + // The ID of the Verified Access trust provider. // // VerifiedAccessTrustProviderId is a required field VerifiedAccessTrustProviderId *string `type:"string" required:"true"` @@ -83715,7 +89458,7 @@ func (s *DeleteVerifiedAccessTrustProviderInput) SetVerifiedAccessTrustProviderI type DeleteVerifiedAccessTrustProviderOutput struct { _ struct{} `type:"structure"` - // The ID of the Amazon Web Services Verified Access trust provider. + // Details about the Verified Access trust provider. VerifiedAccessTrustProvider *VerifiedAccessTrustProvider `locationName:"verifiedAccessTrustProvider" type:"structure"` } @@ -83826,7 +89569,7 @@ func (s DeleteVolumeOutput) GoString() string { type DeleteVpcEndpointConnectionNotificationsInput struct { _ struct{} `type:"structure"` - // One or more notification IDs. + // The IDs of the notifications. // // ConnectionNotificationIds is a required field ConnectionNotificationIds []*string `locationName:"ConnectionNotificationId" locationNameList:"item" type:"list" required:"true"` @@ -83921,7 +89664,7 @@ type DeleteVpcEndpointServiceConfigurationsInput struct { // it is UnauthorizedOperation. DryRun *bool `type:"boolean"` - // The IDs of one or more services. + // The IDs of the services. // // ServiceIds is a required field ServiceIds []*string `locationName:"ServiceId" locationNameList:"item" type:"list" required:"true"` @@ -84001,7 +89744,6 @@ func (s *DeleteVpcEndpointServiceConfigurationsOutput) SetUnsuccessful(v []*Unsu return s } -// Contains the parameters for DeleteVpcEndpoints. type DeleteVpcEndpointsInput struct { _ struct{} `type:"structure"` @@ -84011,7 +89753,7 @@ type DeleteVpcEndpointsInput struct { // it is UnauthorizedOperation. DryRun *bool `type:"boolean"` - // One or more VPC endpoint IDs. + // The IDs of the VPC endpoints. // // VpcEndpointIds is a required field VpcEndpointIds []*string `locationName:"VpcEndpointId" locationNameList:"item" type:"list" required:"true"` @@ -84060,7 +89802,6 @@ func (s *DeleteVpcEndpointsInput) SetVpcEndpointIds(v []*string) *DeleteVpcEndpo return s } -// Contains the output of DeleteVpcEndpoints. type DeleteVpcEndpointsOutput struct { _ struct{} `type:"structure"` @@ -84596,6 +90337,109 @@ func (s *DeprovisionByoipCidrOutput) SetByoipCidr(v *ByoipCidr) *DeprovisionByoi return s } +type DeprovisionIpamByoasnInput struct { + _ struct{} `type:"structure"` + + // An ASN. + // + // Asn is a required field + Asn *string `type:"string" required:"true"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The IPAM ID. + // + // IpamId is a required field + IpamId *string `type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DeprovisionIpamByoasnInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DeprovisionIpamByoasnInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DeprovisionIpamByoasnInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DeprovisionIpamByoasnInput"} + if s.Asn == nil { + invalidParams.Add(request.NewErrParamRequired("Asn")) + } + if s.IpamId == nil { + invalidParams.Add(request.NewErrParamRequired("IpamId")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetAsn sets the Asn field's value. +func (s *DeprovisionIpamByoasnInput) SetAsn(v string) *DeprovisionIpamByoasnInput { + s.Asn = &v + return s +} + +// SetDryRun sets the DryRun field's value. +func (s *DeprovisionIpamByoasnInput) SetDryRun(v bool) *DeprovisionIpamByoasnInput { + s.DryRun = &v + return s +} + +// SetIpamId sets the IpamId field's value. +func (s *DeprovisionIpamByoasnInput) SetIpamId(v string) *DeprovisionIpamByoasnInput { + s.IpamId = &v + return s +} + +type DeprovisionIpamByoasnOutput struct { + _ struct{} `type:"structure"` + + // An ASN and BYOIP CIDR association. + Byoasn *Byoasn `locationName:"byoasn" type:"structure"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DeprovisionIpamByoasnOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DeprovisionIpamByoasnOutput) GoString() string { + return s.String() +} + +// SetByoasn sets the Byoasn field's value. +func (s *DeprovisionIpamByoasnOutput) SetByoasn(v *Byoasn) *DeprovisionIpamByoasnOutput { + s.Byoasn = v + return s +} + type DeprovisionIpamPoolCidrInput struct { _ struct{} `type:"structure"` @@ -84697,7 +90541,10 @@ func (s *DeprovisionIpamPoolCidrOutput) SetIpamPoolCidr(v *IpamPoolCidr) *Deprov type DeprovisionPublicIpv4PoolCidrInput struct { _ struct{} `type:"structure"` - // The CIDR you want to deprovision from the pool. + // The CIDR you want to deprovision from the pool. Enter the CIDR you want to + // deprovision with a netmask of /32. You must rerun this command for each IP + // address in the CIDR range. If your CIDR is a /24, you will have to run this + // command to deprovision each of the 256 IP addresses in the /24 CIDR. // // Cidr is a required field Cidr *string `type:"string" required:"true"` @@ -84897,7 +90744,9 @@ type DeregisterInstanceEventNotificationAttributesInput struct { DryRun *bool `type:"boolean"` // Information about the tag keys to deregister. - InstanceTagAttribute *DeregisterInstanceTagAttributeRequest `type:"structure"` + // + // InstanceTagAttribute is a required field + InstanceTagAttribute *DeregisterInstanceTagAttributeRequest `type:"structure" required:"true"` } // String returns the string representation. @@ -84918,6 +90767,19 @@ func (s DeregisterInstanceEventNotificationAttributesInput) GoString() string { return s.String() } +// Validate inspects the fields of the type to determine if they are valid. +func (s *DeregisterInstanceEventNotificationAttributesInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DeregisterInstanceEventNotificationAttributesInput"} + if s.InstanceTagAttribute == nil { + invalidParams.Add(request.NewErrParamRequired("InstanceTagAttribute")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + // SetDryRun sets the DryRun field's value. func (s *DeregisterInstanceEventNotificationAttributesInput) SetDryRun(v bool) *DeregisterInstanceEventNotificationAttributesInput { s.DryRun = &v @@ -85508,7 +91370,7 @@ func (s *DescribeAddressesAttributeOutput) SetNextToken(v string) *DescribeAddre type DescribeAddressesInput struct { _ struct{} `type:"structure"` - // [EC2-VPC] Information about the allocation IDs. + // Information about the allocation IDs. AllocationIds []*string `locationName:"AllocationId" locationNameList:"AllocationId" type:"list"` // Checks whether you have the required permissions for the action, without @@ -85519,12 +91381,9 @@ type DescribeAddressesInput struct { // One or more filters. Filter names and values are case-sensitive. // - // * allocation-id - [EC2-VPC] The allocation ID for the address. - // - // * association-id - [EC2-VPC] The association ID for the address. + // * allocation-id - The allocation ID for the address. // - // * domain - Indicates whether the address is for use in EC2-Classic (standard) - // or in a VPC (vpc). + // * association-id - The association ID for the address. // // * instance-id - The ID of the instance the address is associated with, // if any. @@ -85532,14 +91391,14 @@ type DescribeAddressesInput struct { // * network-border-group - A unique set of Availability Zones, Local Zones, // or Wavelength Zones from where Amazon Web Services advertises IP addresses. // - // * network-interface-id - [EC2-VPC] The ID of the network interface that - // the address is associated with, if any. + // * network-interface-id - The ID of the network interface that the address + // is associated with, if any. // // * network-interface-owner-id - The Amazon Web Services account ID of the // owner. // - // * private-ip-address - [EC2-VPC] The private IP address associated with - // the Elastic IP address. + // * private-ip-address - The private IP address associated with the Elastic + // IP address. // // * public-ip - The Elastic IP address, or the carrier IP address. // @@ -85730,16 +91589,16 @@ type DescribeAvailabilityZonesInput struct { // * group-name - For Availability Zones, use the Region name. For Local // Zones, use the name of the group associated with the Local Zone (for example, // us-west-2-lax-1) For Wavelength Zones, use the name of the group associated - // with the Wavelength Zone (for example, us-east-1-wl1-bos-wlz-1). + // with the Wavelength Zone (for example, us-east-1-wl1). // // * message - The Zone message. // - // * opt-in-status - The opt-in status (opted-in, and not-opted-in | opt-in-not-required). + // * opt-in-status - The opt-in status (opted-in | not-opted-in | opt-in-not-required). // - // * parent-zoneID - The ID of the zone that handles some of the Local Zone + // * parent-zone-id - The ID of the zone that handles some of the Local Zone // and Wavelength Zone control plane operations, such as API calls. // - // * parent-zoneName - The ID of the zone that handles some of the Local + // * parent-zone-name - The ID of the zone that handles some of the Local // Zone and Wavelength Zone control plane operations, such as API calls. // // * region-name - The name of the Region for the Zone (for example, us-east-1). @@ -85751,13 +91610,11 @@ type DescribeAvailabilityZonesInput struct { // Local Zone (for example, usw2-lax1-az1), or the Wavelength Zone (for example, // us-east-1-wl1-bos-wlz-1). // - // * zone-type - The type of zone, for example, local-zone. - // // * zone-name - The name of the Availability Zone (for example, us-east-1a), // the Local Zone (for example, us-west-2-lax-1a), or the Wavelength Zone // (for example, us-east-1-wl1-bos-wlz-1). // - // * zone-type - The type of zone, for example, local-zone. + // * zone-type - The type of zone (availability-zone | local-zone | wavelength-zone). Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` // The IDs of the Availability Zones, Local Zones, and Wavelength Zones. @@ -86168,6 +92025,174 @@ func (s *DescribeByoipCidrsOutput) SetNextToken(v string) *DescribeByoipCidrsOut return s } +type DescribeCapacityBlockOfferingsInput struct { + _ struct{} `type:"structure"` + + // The number of hours for which to reserve Capacity Block. + // + // CapacityDurationHours is a required field + CapacityDurationHours *int64 `type:"integer" required:"true"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The latest end date for the Capacity Block offering. + EndDateRange *time.Time `type:"timestamp"` + + // The number of instances for which to reserve capacity. + // + // InstanceCount is a required field + InstanceCount *int64 `type:"integer" required:"true"` + + // The type of instance for which the Capacity Block offering reserves capacity. + // + // InstanceType is a required field + InstanceType *string `type:"string" required:"true"` + + // The maximum number of items to return for this request. To get the next page + // of items, make another request with the token returned in the output. For + // more information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination). + MaxResults *int64 `min:"1" type:"integer"` + + // The token to use to retrieve the next page of results. + NextToken *string `type:"string"` + + // The earliest start date for the Capacity Block offering. + StartDateRange *time.Time `type:"timestamp"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DescribeCapacityBlockOfferingsInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DescribeCapacityBlockOfferingsInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DescribeCapacityBlockOfferingsInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DescribeCapacityBlockOfferingsInput"} + if s.CapacityDurationHours == nil { + invalidParams.Add(request.NewErrParamRequired("CapacityDurationHours")) + } + if s.InstanceCount == nil { + invalidParams.Add(request.NewErrParamRequired("InstanceCount")) + } + if s.InstanceType == nil { + invalidParams.Add(request.NewErrParamRequired("InstanceType")) + } + if s.MaxResults != nil && *s.MaxResults < 1 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetCapacityDurationHours sets the CapacityDurationHours field's value. +func (s *DescribeCapacityBlockOfferingsInput) SetCapacityDurationHours(v int64) *DescribeCapacityBlockOfferingsInput { + s.CapacityDurationHours = &v + return s +} + +// SetDryRun sets the DryRun field's value. +func (s *DescribeCapacityBlockOfferingsInput) SetDryRun(v bool) *DescribeCapacityBlockOfferingsInput { + s.DryRun = &v + return s +} + +// SetEndDateRange sets the EndDateRange field's value. +func (s *DescribeCapacityBlockOfferingsInput) SetEndDateRange(v time.Time) *DescribeCapacityBlockOfferingsInput { + s.EndDateRange = &v + return s +} + +// SetInstanceCount sets the InstanceCount field's value. +func (s *DescribeCapacityBlockOfferingsInput) SetInstanceCount(v int64) *DescribeCapacityBlockOfferingsInput { + s.InstanceCount = &v + return s +} + +// SetInstanceType sets the InstanceType field's value. +func (s *DescribeCapacityBlockOfferingsInput) SetInstanceType(v string) *DescribeCapacityBlockOfferingsInput { + s.InstanceType = &v + return s +} + +// SetMaxResults sets the MaxResults field's value. +func (s *DescribeCapacityBlockOfferingsInput) SetMaxResults(v int64) *DescribeCapacityBlockOfferingsInput { + s.MaxResults = &v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeCapacityBlockOfferingsInput) SetNextToken(v string) *DescribeCapacityBlockOfferingsInput { + s.NextToken = &v + return s +} + +// SetStartDateRange sets the StartDateRange field's value. +func (s *DescribeCapacityBlockOfferingsInput) SetStartDateRange(v time.Time) *DescribeCapacityBlockOfferingsInput { + s.StartDateRange = &v + return s +} + +type DescribeCapacityBlockOfferingsOutput struct { + _ struct{} `type:"structure"` + + // The recommended Capacity Block offering for the dates specified. + CapacityBlockOfferings []*CapacityBlockOffering `locationName:"capacityBlockOfferingSet" locationNameList:"item" type:"list"` + + // The token to use to retrieve the next page of results. This value is null + // when there are no more results to return. + NextToken *string `locationName:"nextToken" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DescribeCapacityBlockOfferingsOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DescribeCapacityBlockOfferingsOutput) GoString() string { + return s.String() +} + +// SetCapacityBlockOfferings sets the CapacityBlockOfferings field's value. +func (s *DescribeCapacityBlockOfferingsOutput) SetCapacityBlockOfferings(v []*CapacityBlockOffering) *DescribeCapacityBlockOfferingsOutput { + s.CapacityBlockOfferings = v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeCapacityBlockOfferingsOutput) SetNextToken(v string) *DescribeCapacityBlockOfferingsOutput { + s.NextToken = &v + return s +} + type DescribeCapacityReservationFleetsInput struct { _ struct{} `type:"structure"` @@ -86194,10 +92219,9 @@ type DescribeCapacityReservationFleetsInput struct { // prioritized is supported. Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` - // The maximum number of results to return for the request in a single page. - // The remaining results can be seen by sending another request with the returned - // nextToken value. This value can be between 5 and 500. If maxResults is given - // a larger value than 500, you receive an error. + // The maximum number of items to return for this request. To get the next page + // of items, make another request with the token returned in the output. For + // more information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination). MaxResults *int64 `min:"1" type:"integer"` // The token to use to retrieve the next page of results. @@ -86381,10 +92405,9 @@ type DescribeCapacityReservationsInput struct { // the Capacity Reservation was created. Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` - // The maximum number of results to return for the request in a single page. - // The remaining results can be seen by sending another request with the returned - // nextToken value. This value can be between 5 and 500. If maxResults is given - // a larger value than 500, you receive an error. + // The maximum number of items to return for this request. To get the next page + // of items, make another request with the token returned in the output. For + // more information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination). MaxResults *int64 `min:"1" type:"integer"` // The token to use to retrieve the next page of results. @@ -86647,7 +92670,7 @@ type DescribeClassicLinkInstancesInput struct { // it is UnauthorizedOperation. DryRun *bool `locationName:"dryRun" type:"boolean"` - // One or more filters. + // The filters. // // * group-id - The ID of a VPC security group that's associated with the // instance. @@ -86664,20 +92687,21 @@ type DescribeClassicLinkInstancesInput struct { // to find all resources assigned a tag with a specific key, regardless of // the tag value. // - // * vpc-id - The ID of the VPC to which the instance is linked. vpc-id - - // The ID of the VPC that the instance is linked to. + // * vpc-id - The ID of the VPC to which the instance is linked. Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` - // One or more instance IDs. Must be instances linked to a VPC through ClassicLink. + // The instance IDs. Must be instances linked to a VPC through ClassicLink. InstanceIds []*string `locationName:"InstanceId" locationNameList:"InstanceId" type:"list"` - // The maximum number of results to return with a single call. To retrieve the - // remaining results, make another call with the returned nextToken value. + // The maximum number of items to return for this request. To get the next page + // of items, make another request with the token returned in the output. For + // more information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination). // // Constraint: If the value is greater than 1000, we return only 1000 items. MaxResults *int64 `locationName:"maxResults" min:"5" type:"integer"` - // The token for the next page of results. + // The token returned from a previous paginated request. Pagination continues + // from the end of the items returned by the previous request. NextToken *string `locationName:"nextToken" type:"string"` } @@ -86748,8 +92772,8 @@ type DescribeClassicLinkInstancesOutput struct { // Information about one or more linked EC2-Classic instances. Instances []*ClassicLinkInstance `locationName:"instancesSet" locationNameList:"item" type:"list"` - // The token to use to retrieve the next page of results. This value is null - // when there are no more results to return. + // The token to include in another request to get the next page of items. This + // value is null when there are no more items to return. NextToken *string `locationName:"nextToken" type:"string"` } @@ -87801,7 +93825,7 @@ type DescribeDhcpOptionsInput struct { // it is UnauthorizedOperation. DryRun *bool `locationName:"dryRun" type:"boolean"` - // One or more filters. + // The filters. // // * dhcp-options-id - The ID of a DHCP options set. // @@ -87823,11 +93847,13 @@ type DescribeDhcpOptionsInput struct { // the tag value. Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` - // The maximum number of results to return with a single call. To retrieve the - // remaining results, make another call with the returned nextToken value. + // The maximum number of items to return for this request. To get the next page + // of items, make another request with the token returned in the output. For + // more information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination). MaxResults *int64 `min:"5" type:"integer"` - // The token for the next page of results. + // The token returned from a previous paginated request. Pagination continues + // from the end of the items returned by the previous request. NextToken *string `type:"string"` } @@ -87898,8 +93924,8 @@ type DescribeDhcpOptionsOutput struct { // Information about one or more DHCP options sets. DhcpOptions []*DhcpOptions `locationName:"dhcpOptionsSet" locationNameList:"item" type:"list"` - // The token to use to retrieve the next page of results. This value is null - // when there are no more results to return. + // The token to include in another request to get the next page of items. This + // value is null when there are no more items to return. NextToken *string `locationName:"nextToken" type:"string"` } @@ -87942,10 +93968,10 @@ type DescribeEgressOnlyInternetGatewaysInput struct { // it is UnauthorizedOperation. DryRun *bool `type:"boolean"` - // One or more egress-only internet gateway IDs. + // The IDs of the egress-only internet gateways. EgressOnlyInternetGatewayIds []*string `locationName:"EgressOnlyInternetGatewayId" locationNameList:"item" type:"list"` - // One or more filters. + // The filters. // // * tag: - The key/value combination of a tag assigned to the resource. // Use the tag key in the filter name and the tag value as the filter value. @@ -87958,11 +93984,13 @@ type DescribeEgressOnlyInternetGatewaysInput struct { // the tag value. Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` - // The maximum number of results to return with a single call. To retrieve the - // remaining results, make another call with the returned nextToken value. + // The maximum number of items to return for this request. To get the next page + // of items, make another request with the token returned in the output. For + // more information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination). MaxResults *int64 `min:"5" type:"integer"` - // The token for the next page of results. + // The token returned from a previous paginated request. Pagination continues + // from the end of the items returned by the previous request. NextToken *string `type:"string"` } @@ -88033,8 +94061,8 @@ type DescribeEgressOnlyInternetGatewaysOutput struct { // Information about the egress-only internet gateways. EgressOnlyInternetGateways []*EgressOnlyInternetGateway `locationName:"egressOnlyInternetGatewaySet" locationNameList:"item" type:"list"` - // The token to use to retrieve the next page of results. This value is null - // when there are no more results to return. + // The token to include in another request to get the next page of items. This + // value is null when there are no more items to return. NextToken *string `locationName:"nextToken" type:"string"` } @@ -88428,23 +94456,21 @@ type DescribeFastLaunchImagesInput struct { // // * resource-type - The resource type for pre-provisioning. // - // * launch-template - The launch template that is associated with the pre-provisioned - // Windows AMI. - // // * owner-id - The owner ID for the pre-provisioning resource. // // * state - The current state of fast launching for the Windows AMI. Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` - // Details for one or more Windows AMI image IDs. + // Specify one or more Windows AMI image IDs for the request. ImageIds []*string `locationName:"ImageId" locationNameList:"ImageId" type:"list"` - // The maximum number of results to return in a single call. To retrieve the - // remaining results, make another request with the returned NextToken value. - // If this parameter is not specified, then all results are returned. + // The maximum number of items to return for this request. To get the next page + // of items, make another request with the token returned in the output. For + // more information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination). MaxResults *int64 `type:"integer"` - // The token for the next set of results. + // The token returned from a previous paginated request. Pagination continues + // from the end of the items returned by the previous request. NextToken *string `type:"string"` } @@ -88503,8 +94529,8 @@ type DescribeFastLaunchImagesOutput struct { // meet the requested criteria. FastLaunchImages []*DescribeFastLaunchImagesSuccessItem `locationName:"fastLaunchImageSet" locationNameList:"item" type:"list"` - // The token to use for the next set of results. This value is null when there - // are no more results to return. + // The token to include in another request to get the next page of items. This + // value is null when there are no more items to return. NextToken *string `locationName:"nextToken" type:"string"` } @@ -88538,42 +94564,41 @@ func (s *DescribeFastLaunchImagesOutput) SetNextToken(v string) *DescribeFastLau return s } -// Describe details about a fast-launch enabled Windows image that meets the -// requested criteria. Criteria are defined by the DescribeFastLaunchImages +// Describe details about a Windows image with Windows fast launch enabled that +// meets the requested criteria. Criteria are defined by the DescribeFastLaunchImages // action filters. type DescribeFastLaunchImagesSuccessItem struct { _ struct{} `type:"structure"` - // The image ID that identifies the fast-launch enabled Windows image. + // The image ID that identifies the Windows fast launch enabled image. ImageId *string `locationName:"imageId" type:"string"` - // The launch template that the fast-launch enabled Windows AMI uses when it + // The launch template that the Windows fast launch enabled AMI uses when it // launches Windows instances from pre-provisioned snapshots. LaunchTemplate *FastLaunchLaunchTemplateSpecificationResponse `locationName:"launchTemplate" type:"structure"` - // The maximum number of parallel instances that are launched for creating resources. + // The maximum number of instances that Amazon EC2 can launch at the same time + // to create pre-provisioned snapshots for Windows fast launch. MaxParallelLaunches *int64 `locationName:"maxParallelLaunches" type:"integer"` - // The owner ID for the fast-launch enabled Windows AMI. + // The owner ID for the Windows fast launch enabled AMI. OwnerId *string `locationName:"ownerId" type:"string"` - // The resource type that is used for pre-provisioning the Windows AMI. Supported - // values include: snapshot. + // The resource type that Amazon EC2 uses for pre-provisioning the Windows AMI. + // Supported values include: snapshot. ResourceType *string `locationName:"resourceType" type:"string" enum:"FastLaunchResourceType"` // A group of parameters that are used for pre-provisioning the associated Windows // AMI using snapshots. SnapshotConfiguration *FastLaunchSnapshotConfigurationResponse `locationName:"snapshotConfiguration" type:"structure"` - // The current state of faster launching for the specified Windows AMI. + // The current state of Windows fast launch for the specified Windows AMI. State *string `locationName:"state" type:"string" enum:"FastLaunchStateCode"` - // The reason that faster launching for the Windows AMI changed to the current - // state. + // The reason that Windows fast launch for the AMI changed to the current state. StateTransitionReason *string `locationName:"stateTransitionReason" type:"string"` - // The time that faster launching for the Windows AMI changed to the current - // state. + // The time that Windows fast launch for the AMI changed to the current state. StateTransitionTime *time.Time `locationName:"stateTransitionTime" type:"timestamp"` } @@ -88801,11 +94826,13 @@ type DescribeFastSnapshotRestoresInput struct { // | optimizing | enabled | disabling | disabled). Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` - // The maximum number of results to return with a single call. To retrieve the - // remaining results, make another call with the returned nextToken value. + // The maximum number of items to return for this request. To get the next page + // of items, make another request with the token returned in the output. For + // more information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination). MaxResults *int64 `type:"integer"` - // The token for the next page of results. + // The token returned from a previous paginated request. Pagination continues + // from the end of the items returned by the previous request. NextToken *string `type:"string"` } @@ -88857,8 +94884,8 @@ type DescribeFastSnapshotRestoresOutput struct { // Information about the state of fast snapshot restores. FastSnapshotRestores []*DescribeFastSnapshotRestoreSuccessItem `locationName:"fastSnapshotRestoreSet" locationNameList:"item" type:"list"` - // The token to use to retrieve the next page of results. This value is null - // when there are no more results to return. + // The token to include in another request to get the next page of items. This + // value is null when there are no more items to return. NextToken *string `locationName:"nextToken" type:"string"` } @@ -88973,12 +95000,13 @@ type DescribeFleetHistoryInput struct { // FleetId is a required field FleetId *string `type:"string" required:"true"` - // The maximum number of results to return in a single call. Specify a value - // between 1 and 1000. The default value is 1000. To retrieve the remaining - // results, make another call with the returned NextToken value. + // The maximum number of items to return for this request. To get the next page + // of items, make another request with the token returned in the output. For + // more information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination). MaxResults *int64 `type:"integer"` - // The token for the next set of results. + // The token returned from a previous paginated request. Pagination continues + // from the end of the items returned by the previous request. NextToken *string `type:"string"` // The start date and time for the events, in UTC format (for example, YYYY-MM-DDTHH:MM:SSZ). @@ -89069,10 +95097,11 @@ type DescribeFleetHistoryOutput struct { // The last date and time for the events, in UTC format (for example, YYYY-MM-DDTHH:MM:SSZ). // All records up to this time were retrieved. // - // If nextToken indicates that there are more results, this value is not present. + // If nextToken indicates that there are more items, this value is not present. LastEvaluatedTime *time.Time `locationName:"lastEvaluatedTime" type:"timestamp"` - // The token for the next set of results. + // The token to include in another request to get the next page of items. This + // value is null when there are no more items to return. NextToken *string `locationName:"nextToken" type:"string"` // The start date and time for the events, in UTC format (for example, YYYY-MM-DDTHH:MM:SSZ). @@ -89146,12 +95175,13 @@ type DescribeFleetInstancesInput struct { // FleetId is a required field FleetId *string `type:"string" required:"true"` - // The maximum number of results to return in a single call. Specify a value - // between 1 and 1000. The default value is 1000. To retrieve the remaining - // results, make another call with the returned NextToken value. + // The maximum number of items to return for this request. To get the next page + // of items, make another request with the token returned in the output. For + // more information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination). MaxResults *int64 `type:"integer"` - // The token for the next set of results. + // The token returned from a previous paginated request. Pagination continues + // from the end of the items returned by the previous request. NextToken *string `type:"string"` } @@ -89226,7 +95256,8 @@ type DescribeFleetInstancesOutput struct { // The ID of the EC2 Fleet. FleetId *string `locationName:"fleetId" type:"string"` - // The token for the next set of results. + // The token to include in another request to get the next page of items. This + // value is null when there are no more items to return. NextToken *string `locationName:"nextToken" type:"string"` } @@ -89299,12 +95330,13 @@ type DescribeFleetsInput struct { // does not appear in the response. FleetIds []*string `locationName:"FleetId" type:"list"` - // The maximum number of results to return in a single call. Specify a value - // between 1 and 1000. The default value is 1000. To retrieve the remaining - // results, make another call with the returned NextToken value. + // The maximum number of items to return for this request. To get the next page + // of items, make another request with the token returned in the output. For + // more information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination). MaxResults *int64 `type:"integer"` - // The token for the next set of results. + // The token returned from a previous paginated request. Pagination continues + // from the end of the items returned by the previous request. NextToken *string `type:"string"` } @@ -89433,7 +95465,8 @@ type DescribeFleetsOutput struct { // Information about the EC2 Fleets. Fleets []*FleetData `locationName:"fleetSet" locationNameList:"item" type:"list"` - // The token for the next set of results. + // The token to include in another request to get the next page of items. This + // value is null when there are no more items to return. NextToken *string `locationName:"nextToken" type:"string"` } @@ -89507,11 +95540,13 @@ type DescribeFlowLogsInput struct { // Constraint: Maximum of 1000 flow log IDs. FlowLogIds []*string `locationName:"FlowLogId" locationNameList:"item" type:"list"` - // The maximum number of results to return with a single call. To retrieve the - // remaining results, make another call with the returned nextToken value. + // The maximum number of items to return for this request. To get the next page + // of items, make another request with the token returned in the output. For + // more information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination). MaxResults *int64 `type:"integer"` - // The token for the next page of results. + // The token to request the next page of items. Pagination continues from the + // end of the items returned by the previous request. NextToken *string `type:"string"` } @@ -89569,8 +95604,8 @@ type DescribeFlowLogsOutput struct { // Information about the flow logs. FlowLogs []*FlowLog `locationName:"flowLogSet" locationNameList:"item" type:"list"` - // The token to use to retrieve the next page of results. This value is null - // when there are no more results to return. + // The token to request the next page of items. This value is null when there + // are no more items to return. NextToken *string `locationName:"nextToken" type:"string"` } @@ -90274,11 +96309,13 @@ type DescribeIamInstanceProfileAssociationsInput struct { // * state - The state of the association (associating | associated | disassociating). Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` - // The maximum number of results to return in a single call. To retrieve the - // remaining results, make another call with the returned NextToken value. + // The maximum number of items to return for this request. To get the next page + // of items, make another request with the token returned in the output. For + // more information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination). MaxResults *int64 `min:"5" type:"integer"` - // The token to request the next page of results. + // The token returned from a previous paginated request. Pagination continues + // from the end of the items returned by the previous request. NextToken *string `type:"string"` } @@ -90343,8 +96380,8 @@ type DescribeIamInstanceProfileAssociationsOutput struct { // Information about the IAM instance profile associations. IamInstanceProfileAssociations []*IamInstanceProfileAssociation `locationName:"iamInstanceProfileAssociationSet" locationNameList:"item" type:"list"` - // The token to use to retrieve the next page of results. This value is null - // when there are no more results to return. + // The token to include in another request to get the next page of items. This + // value is null when there are no more items to return. NextToken *string `locationName:"nextToken" type:"string"` } @@ -90798,7 +96835,8 @@ type DescribeImagesInput struct { // The filters. // - // * architecture - The image architecture (i386 | x86_64 | arm64). + // * architecture - The image architecture (i386 | x86_64 | arm64 | x86_64_mac + // | arm64_mac). // // * block-device-mapping.delete-on-termination - A Boolean value that indicates // whether the Amazon EBS volume is deleted on instance termination. @@ -90863,6 +96901,10 @@ type DescribeImagesInput struct { // // * root-device-type - The type of the root device volume (ebs | instance-store). // + // * source-instance-id - The ID of the instance that the AMI was created + // from if the AMI was created using CreateImage. This filter is applicable + // only if the AMI was created using CreateImage (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateImage.html). + // // * state - The state of the image (available | pending | failed). // // * state-reason-code - The reason code for the state change. @@ -90898,11 +96940,18 @@ type DescribeImagesInput struct { // of what you specify for this parameter. IncludeDeprecated *bool `type:"boolean"` - // The maximum number of results to return with a single call. To retrieve the - // remaining results, make another call with the returned nextToken value. + // Specifies whether to include disabled AMIs. + // + // Default: No disabled AMIs are included in the response. + IncludeDisabled *bool `type:"boolean"` + + // The maximum number of items to return for this request. To get the next page + // of items, make another request with the token returned in the output. For + // more information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination). MaxResults *int64 `type:"integer"` - // The token for the next page of results. + // The token returned from a previous paginated request. Pagination continues + // from the end of the items returned by the previous request. NextToken *string `type:"string"` // Scopes the results to images with the specified owners. You can specify a @@ -90960,6 +97009,12 @@ func (s *DescribeImagesInput) SetIncludeDeprecated(v bool) *DescribeImagesInput return s } +// SetIncludeDisabled sets the IncludeDisabled field's value. +func (s *DescribeImagesInput) SetIncludeDisabled(v bool) *DescribeImagesInput { + s.IncludeDisabled = &v + return s +} + // SetMaxResults sets the MaxResults field's value. func (s *DescribeImagesInput) SetMaxResults(v int64) *DescribeImagesInput { s.MaxResults = &v @@ -90984,8 +97039,8 @@ type DescribeImagesOutput struct { // Information about the images. Images []*Image `locationName:"imagesSet" locationNameList:"item" type:"list"` - // The token to use to retrieve the next page of results. This value is null - // when there are no more results to return. + // The token to include in another request to get the next page of items. This + // value is null when there are no more items to return. NextToken *string `locationName:"nextToken" type:"string"` } @@ -91505,6 +97560,159 @@ func (s *DescribeInstanceAttributeOutput) SetUserData(v *AttributeValue) *Descri return s } +type DescribeInstanceConnectEndpointsInput struct { + _ struct{} `type:"structure"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // One or more filters. + // + // * instance-connect-endpoint-id - The ID of the EC2 Instance Connect Endpoint. + // + // * state - The state of the EC2 Instance Connect Endpoint (create-in-progress + // | create-complete | create-failed | delete-in-progress | delete-complete + // | delete-failed). + // + // * subnet-id - The ID of the subnet in which the EC2 Instance Connect Endpoint + // was created. + // + // * tag: - The key/value combination of a tag assigned to the resource. + // Use the tag key in the filter name and the tag value as the filter value. + // For example, to find all resources that have a tag with the key Owner + // and the value TeamA, specify tag:Owner for the filter name and TeamA for + // the filter value. + // + // * tag-key - The key of a tag assigned to the resource. Use this filter + // to find all resources assigned a tag with a specific key, regardless of + // the tag value. + // + // * tag-value - The value of a tag assigned to the resource. Use this filter + // to find all resources that have a tag with a specific value, regardless + // of tag key. + // + // * vpc-id - The ID of the VPC in which the EC2 Instance Connect Endpoint + // was created. + Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` + + // One or more EC2 Instance Connect Endpoint IDs. + InstanceConnectEndpointIds []*string `locationName:"InstanceConnectEndpointId" locationNameList:"item" type:"list"` + + // The maximum number of items to return for this request. To get the next page + // of items, make another request with the token returned in the output. For + // more information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination). + MaxResults *int64 `min:"1" type:"integer"` + + // The token returned from a previous paginated request. Pagination continues + // from the end of the items returned by the previous request. + NextToken *string `type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DescribeInstanceConnectEndpointsInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DescribeInstanceConnectEndpointsInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DescribeInstanceConnectEndpointsInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DescribeInstanceConnectEndpointsInput"} + if s.MaxResults != nil && *s.MaxResults < 1 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDryRun sets the DryRun field's value. +func (s *DescribeInstanceConnectEndpointsInput) SetDryRun(v bool) *DescribeInstanceConnectEndpointsInput { + s.DryRun = &v + return s +} + +// SetFilters sets the Filters field's value. +func (s *DescribeInstanceConnectEndpointsInput) SetFilters(v []*Filter) *DescribeInstanceConnectEndpointsInput { + s.Filters = v + return s +} + +// SetInstanceConnectEndpointIds sets the InstanceConnectEndpointIds field's value. +func (s *DescribeInstanceConnectEndpointsInput) SetInstanceConnectEndpointIds(v []*string) *DescribeInstanceConnectEndpointsInput { + s.InstanceConnectEndpointIds = v + return s +} + +// SetMaxResults sets the MaxResults field's value. +func (s *DescribeInstanceConnectEndpointsInput) SetMaxResults(v int64) *DescribeInstanceConnectEndpointsInput { + s.MaxResults = &v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeInstanceConnectEndpointsInput) SetNextToken(v string) *DescribeInstanceConnectEndpointsInput { + s.NextToken = &v + return s +} + +type DescribeInstanceConnectEndpointsOutput struct { + _ struct{} `type:"structure"` + + // Information about the EC2 Instance Connect Endpoints. + InstanceConnectEndpoints []*Ec2InstanceConnectEndpoint `locationName:"instanceConnectEndpointSet" locationNameList:"item" type:"list"` + + // The token to include in another request to get the next page of items. This + // value is null when there are no more items to return. + NextToken *string `locationName:"nextToken" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DescribeInstanceConnectEndpointsOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DescribeInstanceConnectEndpointsOutput) GoString() string { + return s.String() +} + +// SetInstanceConnectEndpoints sets the InstanceConnectEndpoints field's value. +func (s *DescribeInstanceConnectEndpointsOutput) SetInstanceConnectEndpoints(v []*Ec2InstanceConnectEndpoint) *DescribeInstanceConnectEndpointsOutput { + s.InstanceConnectEndpoints = v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeInstanceConnectEndpointsOutput) SetNextToken(v string) *DescribeInstanceConnectEndpointsOutput { + s.NextToken = &v + return s +} + type DescribeInstanceCreditSpecificationsInput struct { _ struct{} `type:"structure"` @@ -91526,13 +97734,16 @@ type DescribeInstanceCreditSpecificationsInput struct { // Constraints: Maximum 1000 explicitly specified instance IDs. InstanceIds []*string `locationName:"InstanceId" locationNameList:"InstanceId" type:"list"` - // The maximum number of results to return in a single call. To retrieve the - // remaining results, make another call with the returned NextToken value. This - // value can be between 5 and 1000. You cannot specify this parameter and the - // instance IDs parameter in the same call. + // The maximum number of items to return for this request. To get the next page + // of items, make another request with the token returned in the output. For + // more information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination). + // + // You cannot specify this parameter and the instance IDs parameter in the same + // call. MaxResults *int64 `min:"5" type:"integer"` - // The token to retrieve the next page of results. + // The token returned from a previous paginated request. Pagination continues + // from the end of the items returned by the previous request. NextToken *string `type:"string"` } @@ -91603,8 +97814,8 @@ type DescribeInstanceCreditSpecificationsOutput struct { // Information about the credit option for CPU usage of an instance. InstanceCreditSpecifications []*InstanceCreditSpecification `locationName:"instanceCreditSpecificationSet" locationNameList:"item" type:"list"` - // The token to use to retrieve the next page of results. This value is null - // when there are no more results to return. + // The token to include in another request to get the next page of items. This + // value is null when there are no more items to return. NextToken *string `locationName:"nextToken" type:"string"` } @@ -91928,13 +98139,16 @@ type DescribeInstanceStatusInput struct { // Constraints: Maximum 100 explicitly specified instance IDs. InstanceIds []*string `locationName:"InstanceId" locationNameList:"InstanceId" type:"list"` - // The maximum number of results to return in a single call. To retrieve the - // remaining results, make another call with the returned NextToken value. This - // value can be between 5 and 1000. You cannot specify this parameter and the - // instance IDs parameter in the same call. + // The maximum number of items to return for this request. To get the next page + // of items, make another request with the token returned in the output. For + // more information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination). + // + // You cannot specify this parameter and the instance IDs parameter in the same + // request. MaxResults *int64 `type:"integer"` - // The token to retrieve the next page of results. + // The token returned from a previous paginated request. Pagination continues + // from the end of the items returned by the previous request. NextToken *string `type:"string"` } @@ -91998,8 +98212,8 @@ type DescribeInstanceStatusOutput struct { // Information about the status of the instances. InstanceStatuses []*InstanceStatus `locationName:"instanceStatusSet" locationNameList:"item" type:"list"` - // The token to use to retrieve the next page of results. This value is null - // when there are no more results to return. + // The token to include in another request to get the next page of items. This + // value is null when there are no more items to return. NextToken *string `locationName:"nextToken" type:"string"` } @@ -92033,6 +98247,164 @@ func (s *DescribeInstanceStatusOutput) SetNextToken(v string) *DescribeInstanceS return s } +type DescribeInstanceTopologyInput struct { + _ struct{} `type:"structure"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The filters. + // + // * availability-zone - The name of the Availability Zone (for example, + // us-west-2a) or Local Zone (for example, us-west-2-lax-1b) that the instance + // is in. + // + // * instance-type - The instance type (for example, p4d.24xlarge) or instance + // family (for example, p4d*). You can use the * wildcard to match zero or + // more characters, or the ? wildcard to match zero or one character. + // + // * zone-id - The ID of the Availability Zone (for example, usw2-az2) or + // Local Zone (for example, usw2-lax1-az1) that the instance is in. + Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` + + // The name of the placement group that each instance is in. + // + // Constraints: Maximum 100 explicitly specified placement group names. + GroupNames []*string `locationName:"GroupName" type:"list"` + + // The instance IDs. + // + // Default: Describes all your instances. + // + // Constraints: Maximum 100 explicitly specified instance IDs. + InstanceIds []*string `locationName:"InstanceId" type:"list"` + + // The maximum number of items to return for this request. To get the next page + // of items, make another request with the token returned in the output. For + // more information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination). + // + // You can't specify this parameter and the instance IDs parameter in the same + // request. + // + // Default: 20 + MaxResults *int64 `min:"1" type:"integer"` + + // The token returned from a previous paginated request. Pagination continues + // from the end of the items returned by the previous request. + NextToken *string `type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DescribeInstanceTopologyInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DescribeInstanceTopologyInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DescribeInstanceTopologyInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DescribeInstanceTopologyInput"} + if s.MaxResults != nil && *s.MaxResults < 1 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDryRun sets the DryRun field's value. +func (s *DescribeInstanceTopologyInput) SetDryRun(v bool) *DescribeInstanceTopologyInput { + s.DryRun = &v + return s +} + +// SetFilters sets the Filters field's value. +func (s *DescribeInstanceTopologyInput) SetFilters(v []*Filter) *DescribeInstanceTopologyInput { + s.Filters = v + return s +} + +// SetGroupNames sets the GroupNames field's value. +func (s *DescribeInstanceTopologyInput) SetGroupNames(v []*string) *DescribeInstanceTopologyInput { + s.GroupNames = v + return s +} + +// SetInstanceIds sets the InstanceIds field's value. +func (s *DescribeInstanceTopologyInput) SetInstanceIds(v []*string) *DescribeInstanceTopologyInput { + s.InstanceIds = v + return s +} + +// SetMaxResults sets the MaxResults field's value. +func (s *DescribeInstanceTopologyInput) SetMaxResults(v int64) *DescribeInstanceTopologyInput { + s.MaxResults = &v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeInstanceTopologyInput) SetNextToken(v string) *DescribeInstanceTopologyInput { + s.NextToken = &v + return s +} + +type DescribeInstanceTopologyOutput struct { + _ struct{} `type:"structure"` + + // Information about the topology of each instance. + Instances []*InstanceTopology `locationName:"instanceSet" locationNameList:"item" type:"list"` + + // The token to include in another request to get the next page of items. This + // value is null when there are no more items to return. + NextToken *string `locationName:"nextToken" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DescribeInstanceTopologyOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DescribeInstanceTopologyOutput) GoString() string { + return s.String() +} + +// SetInstances sets the Instances field's value. +func (s *DescribeInstanceTopologyOutput) SetInstances(v []*InstanceTopology) *DescribeInstanceTopologyOutput { + s.Instances = v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeInstanceTopologyOutput) SetNextToken(v string) *DescribeInstanceTopologyOutput { + s.NextToken = &v + return s +} + type DescribeInstanceTypeOfferingsInput struct { _ struct{} `type:"structure"` @@ -92054,12 +98426,13 @@ type DescribeInstanceTypeOfferingsInput struct { // The location type. LocationType *string `type:"string" enum:"LocationType"` - // The maximum number of results to return for the request in a single page. - // The remaining results can be seen by sending another request with the next - // token value. + // The maximum number of items to return for this request. To get the next page + // of items, make another request with the token returned in the output. For + // more information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination). MaxResults *int64 `min:"5" type:"integer"` - // The token to retrieve the next page of results. + // The token returned from a previous paginated request. Pagination continues + // from the end of the items returned by the previous request. NextToken *string `type:"string"` } @@ -92130,8 +98503,8 @@ type DescribeInstanceTypeOfferingsOutput struct { // The instance types offered. InstanceTypeOfferings []*InstanceTypeOffering `locationName:"instanceTypeOfferingSet" locationNameList:"item" type:"list"` - // The token to use to retrieve the next page of results. This value is null - // when there are no more results to return. + // The token to include in another request to get the next page of items. This + // value is null when there are no more items to return. NextToken *string `locationName:"nextToken" type:"string"` } @@ -92176,14 +98549,14 @@ type DescribeInstanceTypesInput struct { // One or more filters. Filter names and values are case-sensitive. // - // * auto-recovery-supported - Indicates whether auto recovery is supported - // (true | false). + // * auto-recovery-supported - Indicates whether Amazon CloudWatch action + // based recovery is supported (true | false). // // * bare-metal - Indicates whether it is a bare metal instance type (true // | false). // - // * burstable-performance-supported - Indicates whether it is a burstable - // performance instance type (true | false). + // * burstable-performance-supported - Indicates whether the instance type + // is a burstable performance T instance type (true | false). // // * current-generation - Indicates whether this instance type is the latest // generation instance type of an instance family (true | false). @@ -92279,12 +98652,22 @@ type DescribeInstanceTypesInput struct { // * network-info.network-performance - The network performance (for example, // "25 Gigabit"). // + // * nitro-enclaves-support - Indicates whether Nitro Enclaves is supported + // (supported | unsupported). + // + // * nitro-tpm-support - Indicates whether NitroTPM is supported (supported + // | unsupported). + // + // * nitro-tpm-info.supported-versions - The supported NitroTPM version (2.0). + // // * processor-info.supported-architecture - The CPU architecture (arm64 // | i386 | x86_64). // // * processor-info.sustained-clock-speed-in-ghz - The CPU clock speed, in // GHz. // + // * processor-info.supported-features - The supported CPU features (amd-sev-snp). + // // * supported-boot-mode - The boot mode (legacy-bios | uefi). // // * supported-root-device-type - The root device type (ebs | instance-store). @@ -92313,12 +98696,13 @@ type DescribeInstanceTypesInput struct { // in the Amazon EC2 User Guide. InstanceTypes []*string `locationName:"InstanceType" type:"list" enum:"InstanceType"` - // The maximum number of results to return for the request in a single page. - // The remaining results can be seen by sending another request with the next - // token value. + // The maximum number of items to return for this request. To get the next page + // of items, make another request with the token returned in the output. For + // more information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination). MaxResults *int64 `min:"5" type:"integer"` - // The token to retrieve the next page of results. + // The token returned from a previous paginated request. Pagination continues + // from the end of the items returned by the previous request. NextToken *string `type:"string"` } @@ -92390,8 +98774,8 @@ type DescribeInstanceTypesOutput struct { // in the Amazon EC2 User Guide. InstanceTypes []*InstanceTypeInfo `locationName:"instanceTypeSet" locationNameList:"item" type:"list"` - // The token to use to retrieve the next page of results. This value is null - // when there are no more results to return. + // The token to include in another request to get the next page of items. This + // value is null when there are no more items to return. NextToken *string `locationName:"nextToken" type:"string"` } @@ -92444,7 +98828,7 @@ type DescribeInstancesInput struct { // * availability-zone - The Availability Zone of the instance. // // * block-device-mapping.attach-time - The attach time for an EBS volume - // mapped to the instance, for example, 2010-09-15T17:15:20.000Z. + // mapped to the instance, for example, 2022-09-15T17:15:20.000Z. // // * block-device-mapping.delete-on-termination - A Boolean that indicates // whether the EBS volume is deleted on instance termination. @@ -92457,19 +98841,37 @@ type DescribeInstancesInput struct { // // * block-device-mapping.volume-id - The volume ID of the EBS volume. // + // * boot-mode - The boot mode that was specified by the AMI (legacy-bios + // | uefi | uefi-preferred). + // // * capacity-reservation-id - The ID of the Capacity Reservation into which // the instance was launched. // + // * capacity-reservation-specification.capacity-reservation-preference - + // The instance's Capacity Reservation preference (open | none). + // + // * capacity-reservation-specification.capacity-reservation-target.capacity-reservation-id + // - The ID of the targeted Capacity Reservation. + // + // * capacity-reservation-specification.capacity-reservation-target.capacity-reservation-resource-group-arn + // - The ARN of the targeted Capacity Reservation group. + // // * client-token - The idempotency token you provided when you launched // the instance. // + // * current-instance-boot-mode - The boot mode that is used to launch the + // instance at launch or start (legacy-bios | uefi). + // // * dns-name - The public DNS name of the instance. // - // * group-id - The ID of the security group for the instance. EC2-Classic - // only. + // * ebs-optimized - A Boolean that indicates whether the instance is optimized + // for Amazon EBS I/O. + // + // * ena-support - A Boolean that indicates whether the instance is enabled + // for enhanced networking with ENA. // - // * group-name - The name of the security group for the instance. EC2-Classic - // only. + // * enclave-options.enabled - A Boolean that indicates whether the instance + // is enabled for Amazon Web Services Nitro Enclaves. // // * hibernation-options.configured - A Boolean that indicates whether the // instance is enabled for hibernation. A value of true means that the instance @@ -92484,12 +98886,18 @@ type DescribeInstancesInput struct { // * iam-instance-profile.arn - The instance profile associated with the // instance. Specified as an ARN. // + // * iam-instance-profile.id - The instance profile associated with the instance. + // Specified as an ID. + // + // * iam-instance-profile.name - The instance profile associated with the + // instance. Specified as an name. + // // * image-id - The ID of the image used to launch the instance. // // * instance-id - The ID of the instance. // - // * instance-lifecycle - Indicates whether this is a Spot Instance or a - // Scheduled Instance (spot | scheduled). + // * instance-lifecycle - Indicates whether this is a Spot Instance, a Scheduled + // Instance, or a Capacity Block (spot | scheduled | capacity-block). // // * instance-state-code - The state of the instance, as a 16-bit unsigned // integer. The high byte is used for internal purposes and should be ignored. @@ -92508,6 +98916,8 @@ type DescribeInstancesInput struct { // // * ip-address - The public IPv4 address of the instance. // + // * ipv6-address - The IPv6 address of the instance. + // // * kernel-id - The kernel ID. // // * key-name - The name of the key pair used when the instance was launched. @@ -92520,35 +98930,61 @@ type DescribeInstancesInput struct { // You can use a wildcard (*), for example, 2021-09-29T*, which matches an // entire day. // + // * maintenance-options.auto-recovery - The current automatic recovery behavior + // of the instance (disabled | default). + // + // * metadata-options.http-endpoint - The status of access to the HTTP metadata + // endpoint on your instance (enabled | disabled) + // + // * metadata-options.http-protocol-ipv4 - Indicates whether the IPv4 endpoint + // is enabled (disabled | enabled). + // + // * metadata-options.http-protocol-ipv6 - Indicates whether the IPv6 endpoint + // is enabled (disabled | enabled). + // + // * metadata-options.http-put-response-hop-limit - The HTTP metadata request + // put response hop limit (integer, possible values 1 to 64) + // // * metadata-options.http-tokens - The metadata request authorization state // (optional | required) // - // * metadata-options.http-put-response-hop-limit - The http metadata request - // put response hop limit (integer, possible values 1 to 64) + // * metadata-options.instance-metadata-tags - The status of access to instance + // tags from the instance metadata (enabled | disabled) // - // * metadata-options.http-endpoint - Enable or disable metadata access on - // http endpoint (enabled | disabled) + // * metadata-options.state - The state of the metadata option changes (pending + // | applied). // // * monitoring-state - Indicates whether detailed monitoring is enabled // (disabled | enabled). // - // * network-interface.addresses.private-ip-address - The private IPv4 address - // associated with the network interface. + // * network-interface.addresses.association.allocation-id - The allocation + // ID. // - // * network-interface.addresses.primary - Specifies whether the IPv4 address - // of the network interface is the primary private IPv4 address. + // * network-interface.addresses.association.association-id - The association + // ID. // - // * network-interface.addresses.association.public-ip - The ID of the association - // of an Elastic IP address (IPv4) with a network interface. + // * network-interface.addresses.association.carrier-ip - The carrier IP + // address. + // + // * network-interface.addresses.association.customer-owned-ip - The customer-owned + // IP address. // // * network-interface.addresses.association.ip-owner-id - The owner ID of // the private IPv4 address associated with the network interface. // - // * network-interface.association.public-ip - The address of the Elastic - // IP address (IPv4) bound to the network interface. + // * network-interface.addresses.association.public-dns-name - The public + // DNS name. // - // * network-interface.association.ip-owner-id - The owner of the Elastic - // IP address (IPv4) associated with the network interface. + // * network-interface.addresses.association.public-ip - The ID of the association + // of an Elastic IP address (IPv4) with a network interface. + // + // * network-interface.addresses.primary - Specifies whether the IPv4 address + // of the network interface is the primary private IPv4 address. + // + // * network-interface.addresses.private-dns-name - The private DNS name. + // + // * network-interface.addresses.private-ip-address - The private IPv4 address + // associated with the network interface. // // * network-interface.association.allocation-id - The allocation ID returned // when you allocated the Elastic IP address (IPv4) for your network interface. @@ -92556,30 +98992,50 @@ type DescribeInstancesInput struct { // * network-interface.association.association-id - The association ID returned // when the network interface was associated with an IPv4 address. // + // * network-interface.association.carrier-ip - The customer-owned IP address. + // + // * network-interface.association.customer-owned-ip - The customer-owned + // IP address. + // + // * network-interface.association.ip-owner-id - The owner of the Elastic + // IP address (IPv4) associated with the network interface. + // + // * network-interface.association.public-dns-name - The public DNS name. + // + // * network-interface.association.public-ip - The address of the Elastic + // IP address (IPv4) bound to the network interface. + // + // * network-interface.attachment.attach-time - The time that the network + // interface was attached to an instance. + // // * network-interface.attachment.attachment-id - The ID of the interface // attachment. // + // * network-interface.attachment.delete-on-termination - Specifies whether + // the attachment is deleted when an instance is terminated. + // + // * network-interface.attachment.device-index - The device index to which + // the network interface is attached. + // // * network-interface.attachment.instance-id - The ID of the instance to // which the network interface is attached. // // * network-interface.attachment.instance-owner-id - The owner ID of the // instance to which the network interface is attached. // - // * network-interface.attachment.device-index - The device index to which - // the network interface is attached. + // * network-interface.attachment.network-card-index - The index of the network + // card. // // * network-interface.attachment.status - The status of the attachment (attaching // | attached | detaching | detached). // - // * network-interface.attachment.attach-time - The time that the network - // interface was attached to an instance. - // - // * network-interface.attachment.delete-on-termination - Specifies whether - // the attachment is deleted when an instance is terminated. - // // * network-interface.availability-zone - The Availability Zone for the // network interface. // + // * network-interface.deny-all-igw-traffic - A Boolean that indicates whether + // a network interface with an IPv6 address is unreachable from the public + // internet. + // // * network-interface.description - The description of the network interface. // // * network-interface.group-id - The ID of a security group associated with @@ -92588,18 +99044,39 @@ type DescribeInstancesInput struct { // * network-interface.group-name - The name of a security group associated // with the network interface. // + // * network-interface.ipv4-prefixes.ipv4-prefix - The IPv4 prefixes that + // are assigned to the network interface. + // + // * network-interface.ipv6-address - The IPv6 address associated with the + // network interface. + // // * network-interface.ipv6-addresses.ipv6-address - The IPv6 address associated // with the network interface. // + // * network-interface.ipv6-addresses.is-primary-ipv6 - A Boolean that indicates + // whether this is the primary IPv6 address. + // + // * network-interface.ipv6-native - A Boolean that indicates whether this + // is an IPv6 only network interface. + // + // * network-interface.ipv6-prefixes.ipv6-prefix - The IPv6 prefix assigned + // to the network interface. + // // * network-interface.mac-address - The MAC address of the network interface. // // * network-interface.network-interface-id - The ID of the network interface. // + // * network-interface.outpost-arn - The ARN of the Outpost. + // // * network-interface.owner-id - The ID of the owner of the network interface. // // * network-interface.private-dns-name - The private DNS name of the network // interface. // + // * network-interface.private-ip-address - The private IPv4 address. + // + // * network-interface.public-dns-name - The public DNS name. + // // * network-interface.requester-id - The requester ID for the network interface. // // * network-interface.requester-managed - Indicates whether the network @@ -92616,6 +99093,12 @@ type DescribeInstancesInput struct { // // * network-interface.subnet-id - The ID of the subnet for the network interface. // + // * network-interface.tag-key - The key of a tag assigned to the network + // interface. + // + // * network-interface.tag-value - The value of a tag assigned to the network + // interface. + // // * network-interface.vpc-id - The ID of the VPC for the network interface. // // * outpost-arn - The Amazon Resource Name (ARN) of the Outpost. @@ -92629,8 +99112,29 @@ type DescribeInstancesInput struct { // // * platform - The platform. To list only Windows instances, use windows. // + // * platform-details - The platform (Linux/UNIX | Red Hat BYOL Linux | Red + // Hat Enterprise Linux | Red Hat Enterprise Linux with HA | Red Hat Enterprise + // Linux with SQL Server Standard and HA | Red Hat Enterprise Linux with + // SQL Server Enterprise and HA | Red Hat Enterprise Linux with SQL Server + // Standard | Red Hat Enterprise Linux with SQL Server Web | Red Hat Enterprise + // Linux with SQL Server Enterprise | SQL Server Enterprise | SQL Server + // Standard | SQL Server Web | SUSE Linux | Ubuntu Pro | Windows | Windows + // BYOL | Windows with SQL Server Enterprise | Windows with SQL Server Standard + // | Windows with SQL Server Web). + // // * private-dns-name - The private IPv4 DNS name of the instance. // + // * private-dns-name-options.enable-resource-name-dns-a-record - A Boolean + // that indicates whether to respond to DNS queries for instance hostnames + // with DNS A records. + // + // * private-dns-name-options.enable-resource-name-dns-aaaa-record - A Boolean + // that indicates whether to respond to DNS queries for instance hostnames + // with DNS AAAA records. + // + // * private-dns-name-options.hostname-type - The type of hostname (ip-name + // | resource-name). + // // * private-ip-address - The private IPv4 address of the instance. // // * product-code - The product code associated with the AMI used to launch @@ -92686,6 +99190,19 @@ type DescribeInstancesInput struct { // // * tenancy - The tenancy of an instance (dedicated | default | host). // + // * tpm-support - Indicates if the instance is configured for NitroTPM support + // (v2.0). + // + // * usage-operation - The usage operation value for the instance (RunInstances + // | RunInstances:00g0 | RunInstances:0010 | RunInstances:1010 | RunInstances:1014 + // | RunInstances:1110 | RunInstances:0014 | RunInstances:0210 | RunInstances:0110 + // | RunInstances:0100 | RunInstances:0004 | RunInstances:0200 | RunInstances:000g + // | RunInstances:0g00 | RunInstances:0002 | RunInstances:0800 | RunInstances:0102 + // | RunInstances:0006 | RunInstances:0202). + // + // * usage-operation-update-time - The time that the usage operation was + // last updated, for example, 2022-09-15T17:15:20.000Z. + // // * virtualization-type - The virtualization type of the instance (paravirtual // | hvm). // @@ -92697,13 +99214,16 @@ type DescribeInstancesInput struct { // Default: Describes all your instances. InstanceIds []*string `locationName:"InstanceId" locationNameList:"InstanceId" type:"list"` - // The maximum number of results to return in a single call. To retrieve the - // remaining results, make another call with the returned NextToken value. This - // value can be between 5 and 1000. You cannot specify this parameter and the - // instance IDs parameter in the same call. + // The maximum number of items to return for this request. To get the next page + // of items, make another request with the token returned in the output. For + // more information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination). + // + // You cannot specify this parameter and the instance IDs parameter in the same + // request. MaxResults *int64 `locationName:"maxResults" type:"integer"` - // The token to request the next page of results. + // The token returned from a previous paginated request. Pagination continues + // from the end of the items returned by the previous request. NextToken *string `locationName:"nextToken" type:"string"` } @@ -92758,8 +99278,8 @@ func (s *DescribeInstancesInput) SetNextToken(v string) *DescribeInstancesInput type DescribeInstancesOutput struct { _ struct{} `type:"structure"` - // The token to use to retrieve the next page of results. This value is null - // when there are no more results to return. + // The token to include in another request to get the next page of items. This + // value is null when there are no more items to return. NextToken *string `locationName:"nextToken" type:"string"` // Information about the reservations. @@ -92805,7 +99325,7 @@ type DescribeInternetGatewaysInput struct { // it is UnauthorizedOperation. DryRun *bool `locationName:"dryRun" type:"boolean"` - // One or more filters. + // The filters. // // * attachment.state - The current state of the attachment between the gateway // and the VPC (available). Present only if a VPC is attached. @@ -92828,16 +99348,18 @@ type DescribeInternetGatewaysInput struct { // the tag value. Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` - // One or more internet gateway IDs. + // The IDs of the internet gateways. // // Default: Describes all your internet gateways. InternetGatewayIds []*string `locationName:"internetGatewayId" locationNameList:"item" type:"list"` - // The maximum number of results to return with a single call. To retrieve the - // remaining results, make another call with the returned nextToken value. + // The maximum number of items to return for this request. To get the next page + // of items, make another request with the token returned in the output. For + // more information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination). MaxResults *int64 `min:"5" type:"integer"` - // The token for the next page of results. + // The token returned from a previous paginated request. Pagination continues + // from the end of the items returned by the previous request. NextToken *string `type:"string"` } @@ -92908,8 +99430,8 @@ type DescribeInternetGatewaysOutput struct { // Information about one or more internet gateways. InternetGateways []*InternetGateway `locationName:"internetGatewaySet" locationNameList:"item" type:"list"` - // The token to use to retrieve the next page of results. This value is null - // when there are no more results to return. + // The token to include in another request to get the next page of items. This + // value is null when there are no more items to return. NextToken *string `locationName:"nextToken" type:"string"` } @@ -92943,6 +99465,113 @@ func (s *DescribeInternetGatewaysOutput) SetNextToken(v string) *DescribeInterne return s } +type DescribeIpamByoasnInput struct { + _ struct{} `type:"structure"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The maximum number of results to return with a single call. To retrieve the + // remaining results, make another call with the returned nextToken value. + MaxResults *int64 `min:"1" type:"integer"` + + // The token for the next page of results. + NextToken *string `type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DescribeIpamByoasnInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DescribeIpamByoasnInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DescribeIpamByoasnInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DescribeIpamByoasnInput"} + if s.MaxResults != nil && *s.MaxResults < 1 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDryRun sets the DryRun field's value. +func (s *DescribeIpamByoasnInput) SetDryRun(v bool) *DescribeIpamByoasnInput { + s.DryRun = &v + return s +} + +// SetMaxResults sets the MaxResults field's value. +func (s *DescribeIpamByoasnInput) SetMaxResults(v int64) *DescribeIpamByoasnInput { + s.MaxResults = &v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeIpamByoasnInput) SetNextToken(v string) *DescribeIpamByoasnInput { + s.NextToken = &v + return s +} + +type DescribeIpamByoasnOutput struct { + _ struct{} `type:"structure"` + + // ASN and BYOIP CIDR associations. + Byoasns []*Byoasn `locationName:"byoasnSet" locationNameList:"item" type:"list"` + + // The token to use to retrieve the next page of results. This value is null + // when there are no more results to return. + NextToken *string `locationName:"nextToken" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DescribeIpamByoasnOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DescribeIpamByoasnOutput) GoString() string { + return s.String() +} + +// SetByoasns sets the Byoasns field's value. +func (s *DescribeIpamByoasnOutput) SetByoasns(v []*Byoasn) *DescribeIpamByoasnOutput { + s.Byoasns = v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeIpamByoasnOutput) SetNextToken(v string) *DescribeIpamByoasnOutput { + s.NextToken = &v + return s +} + type DescribeIpamPoolsInput struct { _ struct{} `type:"structure"` @@ -93068,6 +99697,257 @@ func (s *DescribeIpamPoolsOutput) SetNextToken(v string) *DescribeIpamPoolsOutpu return s } +type DescribeIpamResourceDiscoveriesInput struct { + _ struct{} `type:"structure"` + + // A check for whether you have the required permissions for the action without + // actually making the request and provides an error response. If you have the + // required permissions, the error response is DryRunOperation. Otherwise, it + // is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The resource discovery filters. + Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` + + // The IPAM resource discovery IDs. + IpamResourceDiscoveryIds []*string `locationName:"IpamResourceDiscoveryId" locationNameList:"item" type:"list"` + + // The maximum number of resource discoveries to return in one page of results. + MaxResults *int64 `min:"5" type:"integer"` + + // Specify the pagination token from a previous request to retrieve the next + // page of results. + NextToken *string `type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DescribeIpamResourceDiscoveriesInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DescribeIpamResourceDiscoveriesInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DescribeIpamResourceDiscoveriesInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DescribeIpamResourceDiscoveriesInput"} + if s.MaxResults != nil && *s.MaxResults < 5 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 5)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDryRun sets the DryRun field's value. +func (s *DescribeIpamResourceDiscoveriesInput) SetDryRun(v bool) *DescribeIpamResourceDiscoveriesInput { + s.DryRun = &v + return s +} + +// SetFilters sets the Filters field's value. +func (s *DescribeIpamResourceDiscoveriesInput) SetFilters(v []*Filter) *DescribeIpamResourceDiscoveriesInput { + s.Filters = v + return s +} + +// SetIpamResourceDiscoveryIds sets the IpamResourceDiscoveryIds field's value. +func (s *DescribeIpamResourceDiscoveriesInput) SetIpamResourceDiscoveryIds(v []*string) *DescribeIpamResourceDiscoveriesInput { + s.IpamResourceDiscoveryIds = v + return s +} + +// SetMaxResults sets the MaxResults field's value. +func (s *DescribeIpamResourceDiscoveriesInput) SetMaxResults(v int64) *DescribeIpamResourceDiscoveriesInput { + s.MaxResults = &v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeIpamResourceDiscoveriesInput) SetNextToken(v string) *DescribeIpamResourceDiscoveriesInput { + s.NextToken = &v + return s +} + +type DescribeIpamResourceDiscoveriesOutput struct { + _ struct{} `type:"structure"` + + // The resource discoveries. + IpamResourceDiscoveries []*IpamResourceDiscovery `locationName:"ipamResourceDiscoverySet" locationNameList:"item" type:"list"` + + // Specify the pagination token from a previous request to retrieve the next + // page of results. + NextToken *string `locationName:"nextToken" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DescribeIpamResourceDiscoveriesOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DescribeIpamResourceDiscoveriesOutput) GoString() string { + return s.String() +} + +// SetIpamResourceDiscoveries sets the IpamResourceDiscoveries field's value. +func (s *DescribeIpamResourceDiscoveriesOutput) SetIpamResourceDiscoveries(v []*IpamResourceDiscovery) *DescribeIpamResourceDiscoveriesOutput { + s.IpamResourceDiscoveries = v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeIpamResourceDiscoveriesOutput) SetNextToken(v string) *DescribeIpamResourceDiscoveriesOutput { + s.NextToken = &v + return s +} + +type DescribeIpamResourceDiscoveryAssociationsInput struct { + _ struct{} `type:"structure"` + + // A check for whether you have the required permissions for the action without + // actually making the request and provides an error response. If you have the + // required permissions, the error response is DryRunOperation. Otherwise, it + // is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The resource discovery association filters. + Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` + + // The resource discovery association IDs. + IpamResourceDiscoveryAssociationIds []*string `locationName:"IpamResourceDiscoveryAssociationId" locationNameList:"item" type:"list"` + + // The maximum number of resource discovery associations to return in one page + // of results. + MaxResults *int64 `min:"5" type:"integer"` + + // Specify the pagination token from a previous request to retrieve the next + // page of results. + NextToken *string `type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DescribeIpamResourceDiscoveryAssociationsInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DescribeIpamResourceDiscoveryAssociationsInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DescribeIpamResourceDiscoveryAssociationsInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DescribeIpamResourceDiscoveryAssociationsInput"} + if s.MaxResults != nil && *s.MaxResults < 5 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 5)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDryRun sets the DryRun field's value. +func (s *DescribeIpamResourceDiscoveryAssociationsInput) SetDryRun(v bool) *DescribeIpamResourceDiscoveryAssociationsInput { + s.DryRun = &v + return s +} + +// SetFilters sets the Filters field's value. +func (s *DescribeIpamResourceDiscoveryAssociationsInput) SetFilters(v []*Filter) *DescribeIpamResourceDiscoveryAssociationsInput { + s.Filters = v + return s +} + +// SetIpamResourceDiscoveryAssociationIds sets the IpamResourceDiscoveryAssociationIds field's value. +func (s *DescribeIpamResourceDiscoveryAssociationsInput) SetIpamResourceDiscoveryAssociationIds(v []*string) *DescribeIpamResourceDiscoveryAssociationsInput { + s.IpamResourceDiscoveryAssociationIds = v + return s +} + +// SetMaxResults sets the MaxResults field's value. +func (s *DescribeIpamResourceDiscoveryAssociationsInput) SetMaxResults(v int64) *DescribeIpamResourceDiscoveryAssociationsInput { + s.MaxResults = &v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeIpamResourceDiscoveryAssociationsInput) SetNextToken(v string) *DescribeIpamResourceDiscoveryAssociationsInput { + s.NextToken = &v + return s +} + +type DescribeIpamResourceDiscoveryAssociationsOutput struct { + _ struct{} `type:"structure"` + + // The resource discovery associations. + IpamResourceDiscoveryAssociations []*IpamResourceDiscoveryAssociation `locationName:"ipamResourceDiscoveryAssociationSet" locationNameList:"item" type:"list"` + + // Specify the pagination token from a previous request to retrieve the next + // page of results. + NextToken *string `locationName:"nextToken" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DescribeIpamResourceDiscoveryAssociationsOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DescribeIpamResourceDiscoveryAssociationsOutput) GoString() string { + return s.String() +} + +// SetIpamResourceDiscoveryAssociations sets the IpamResourceDiscoveryAssociations field's value. +func (s *DescribeIpamResourceDiscoveryAssociationsOutput) SetIpamResourceDiscoveryAssociations(v []*IpamResourceDiscoveryAssociation) *DescribeIpamResourceDiscoveryAssociationsOutput { + s.IpamResourceDiscoveryAssociations = v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeIpamResourceDiscoveryAssociationsOutput) SetNextToken(v string) *DescribeIpamResourceDiscoveryAssociationsOutput { + s.NextToken = &v + return s +} + type DescribeIpamScopesInput struct { _ struct{} `type:"structure"` @@ -93652,6 +100532,19 @@ type DescribeLaunchTemplateVersionsInput struct { // The token to request the next page of results. NextToken *string `type:"string"` + // If true, and if a Systems Manager parameter is specified for ImageId, the + // AMI ID is displayed in the response for imageId. + // + // If false, and if a Systems Manager parameter is specified for ImageId, the + // parameter is displayed in the response for imageId. + // + // For more information, see Use a Systems Manager parameter instead of an AMI + // ID (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-launch-templates.html#use-an-ssm-parameter-instead-of-an-ami-id) + // in the Amazon Elastic Compute Cloud User Guide. + // + // Default: false + ResolveAlias *bool `type:"boolean"` + // One or more versions of the launch template. Valid values depend on whether // you are describing a specified launch template (by ID or name) or all launch // templates in your account. @@ -93746,6 +100639,12 @@ func (s *DescribeLaunchTemplateVersionsInput) SetNextToken(v string) *DescribeLa return s } +// SetResolveAlias sets the ResolveAlias field's value. +func (s *DescribeLaunchTemplateVersionsInput) SetResolveAlias(v bool) *DescribeLaunchTemplateVersionsInput { + s.ResolveAlias = &v + return s +} + // SetVersions sets the Versions field's value. func (s *DescribeLaunchTemplateVersionsInput) SetVersions(v []*string) *DescribeLaunchTemplateVersionsInput { s.Versions = v @@ -94777,6 +101676,255 @@ func (s *DescribeLocalGatewaysOutput) SetNextToken(v string) *DescribeLocalGatew return s } +type DescribeLockedSnapshotsInput struct { + _ struct{} `type:"structure"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The filters. + // + // * lock-state - The state of the snapshot lock (compliance-cooloff | governance + // | compliance | expired). + Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` + + // The maximum number of items to return for this request. To get the next page + // of items, make another request with the token returned in the output. For + // more information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination). + MaxResults *int64 `min:"5" type:"integer"` + + // The token returned from a previous paginated request. Pagination continues + // from the end of the items returned by the previous request. + NextToken *string `type:"string"` + + // The IDs of the snapshots for which to view the lock status. + SnapshotIds []*string `locationName:"SnapshotId" locationNameList:"SnapshotId" type:"list"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DescribeLockedSnapshotsInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DescribeLockedSnapshotsInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DescribeLockedSnapshotsInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DescribeLockedSnapshotsInput"} + if s.MaxResults != nil && *s.MaxResults < 5 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 5)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDryRun sets the DryRun field's value. +func (s *DescribeLockedSnapshotsInput) SetDryRun(v bool) *DescribeLockedSnapshotsInput { + s.DryRun = &v + return s +} + +// SetFilters sets the Filters field's value. +func (s *DescribeLockedSnapshotsInput) SetFilters(v []*Filter) *DescribeLockedSnapshotsInput { + s.Filters = v + return s +} + +// SetMaxResults sets the MaxResults field's value. +func (s *DescribeLockedSnapshotsInput) SetMaxResults(v int64) *DescribeLockedSnapshotsInput { + s.MaxResults = &v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeLockedSnapshotsInput) SetNextToken(v string) *DescribeLockedSnapshotsInput { + s.NextToken = &v + return s +} + +// SetSnapshotIds sets the SnapshotIds field's value. +func (s *DescribeLockedSnapshotsInput) SetSnapshotIds(v []*string) *DescribeLockedSnapshotsInput { + s.SnapshotIds = v + return s +} + +type DescribeLockedSnapshotsOutput struct { + _ struct{} `type:"structure"` + + // The token to include in another request to get the next page of items. This + // value is null when there are no more items to return. + NextToken *string `locationName:"nextToken" type:"string"` + + // Information about the snapshots. + Snapshots []*LockedSnapshotsInfo `locationName:"snapshotSet" locationNameList:"item" type:"list"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DescribeLockedSnapshotsOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DescribeLockedSnapshotsOutput) GoString() string { + return s.String() +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeLockedSnapshotsOutput) SetNextToken(v string) *DescribeLockedSnapshotsOutput { + s.NextToken = &v + return s +} + +// SetSnapshots sets the Snapshots field's value. +func (s *DescribeLockedSnapshotsOutput) SetSnapshots(v []*LockedSnapshotsInfo) *DescribeLockedSnapshotsOutput { + s.Snapshots = v + return s +} + +type DescribeMacHostsInput struct { + _ struct{} `type:"structure"` + + // The filters. + // + // * availability-zone - The Availability Zone of the EC2 Mac Dedicated Host. + // + // * instance-type - The instance type size that the EC2 Mac Dedicated Host + // is configured to support. + Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` + + // The IDs of the EC2 Mac Dedicated Hosts. + HostIds []*string `locationName:"HostId" locationNameList:"item" type:"list"` + + // The maximum number of results to return for the request in a single page. + // The remaining results can be seen by sending another request with the returned + // nextToken value. This value can be between 5 and 500. If maxResults is given + // a larger value than 500, you receive an error. + MaxResults *int64 `min:"5" type:"integer"` + + // The token to use to retrieve the next page of results. + NextToken *string `type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DescribeMacHostsInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DescribeMacHostsInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DescribeMacHostsInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DescribeMacHostsInput"} + if s.MaxResults != nil && *s.MaxResults < 5 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 5)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetFilters sets the Filters field's value. +func (s *DescribeMacHostsInput) SetFilters(v []*Filter) *DescribeMacHostsInput { + s.Filters = v + return s +} + +// SetHostIds sets the HostIds field's value. +func (s *DescribeMacHostsInput) SetHostIds(v []*string) *DescribeMacHostsInput { + s.HostIds = v + return s +} + +// SetMaxResults sets the MaxResults field's value. +func (s *DescribeMacHostsInput) SetMaxResults(v int64) *DescribeMacHostsInput { + s.MaxResults = &v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeMacHostsInput) SetNextToken(v string) *DescribeMacHostsInput { + s.NextToken = &v + return s +} + +type DescribeMacHostsOutput struct { + _ struct{} `type:"structure"` + + // Information about the EC2 Mac Dedicated Hosts. + MacHosts []*MacHost `locationName:"macHostSet" locationNameList:"item" type:"list"` + + // The token to use to retrieve the next page of results. + NextToken *string `locationName:"nextToken" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DescribeMacHostsOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DescribeMacHostsOutput) GoString() string { + return s.String() +} + +// SetMacHosts sets the MacHosts field's value. +func (s *DescribeMacHostsOutput) SetMacHosts(v []*MacHost) *DescribeMacHostsOutput { + s.MacHosts = v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeMacHostsOutput) SetNextToken(v string) *DescribeMacHostsOutput { + s.NextToken = &v + return s +} + type DescribeManagedPrefixListsInput struct { _ struct{} `type:"structure"` @@ -95049,7 +102197,7 @@ type DescribeNatGatewaysInput struct { // it is UnauthorizedOperation. DryRun *bool `type:"boolean"` - // One or more filters. + // The filters. // // * nat-gateway-id - The ID of the NAT gateway. // @@ -95071,14 +102219,16 @@ type DescribeNatGatewaysInput struct { // * vpc-id - The ID of the VPC in which the NAT gateway resides. Filter []*Filter `locationNameList:"Filter" type:"list"` - // The maximum number of results to return with a single call. To retrieve the - // remaining results, make another call with the returned nextToken value. + // The maximum number of items to return for this request. To get the next page + // of items, make another request with the token returned in the output. For + // more information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination). MaxResults *int64 `min:"5" type:"integer"` - // One or more NAT gateway IDs. + // The IDs of the NAT gateways. NatGatewayIds []*string `locationName:"NatGatewayId" locationNameList:"item" type:"list"` - // The token for the next page of results. + // The token returned from a previous paginated request. Pagination continues + // from the end of the items returned by the previous request. NextToken *string `type:"string"` } @@ -95149,8 +102299,8 @@ type DescribeNatGatewaysOutput struct { // Information about the NAT gateways. NatGateways []*NatGateway `locationName:"natGatewaySet" locationNameList:"item" type:"list"` - // The token to use to retrieve the next page of results. This value is null - // when there are no more results to return. + // The token to include in another request to get the next page of items. This + // value is null when there are no more items to return. NextToken *string `locationName:"nextToken" type:"string"` } @@ -95193,7 +102343,7 @@ type DescribeNetworkAclsInput struct { // it is UnauthorizedOperation. DryRun *bool `locationName:"dryRun" type:"boolean"` - // One or more filters. + // The filters. // // * association.association-id - The ID of an association ID for the ACL. // @@ -95247,16 +102397,18 @@ type DescribeNetworkAclsInput struct { // * vpc-id - The ID of the VPC for the network ACL. Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` - // The maximum number of results to return with a single call. To retrieve the - // remaining results, make another call with the returned nextToken value. + // The maximum number of items to return for this request. To get the next page + // of items, make another request with the token returned in the output. For + // more information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination). MaxResults *int64 `min:"5" type:"integer"` - // One or more network ACL IDs. + // The IDs of the network ACLs. // // Default: Describes all your network ACLs. NetworkAclIds []*string `locationName:"NetworkAclId" locationNameList:"item" type:"list"` - // The token for the next page of results. + // The token returned from a previous paginated request. Pagination continues + // from the end of the items returned by the previous request. NextToken *string `type:"string"` } @@ -95327,8 +102479,8 @@ type DescribeNetworkAclsOutput struct { // Information about one or more network ACLs. NetworkAcls []*NetworkAcl `locationName:"networkAclSet" locationNameList:"item" type:"list"` - // The token to use to retrieve the next page of results. This value is null - // when there are no more results to return. + // The token to include in another request to get the next page of items. This + // value is null when there are no more items to return. NextToken *string `locationName:"nextToken" type:"string"` } @@ -95812,7 +102964,27 @@ type DescribeNetworkInsightsPathsInput struct { // // * destination - The ID of the resource. // - // * destination-port - The destination port. + // * filter-at-source.source-address - The source IPv4 address at the source. + // + // * filter-at-source.source-port-range - The source port range at the source. + // + // * filter-at-source.destination-address - The destination IPv4 address + // at the source. + // + // * filter-at-source.destination-port-range - The destination port range + // at the source. + // + // * filter-at-destination.source-address - The source IPv4 address at the + // destination. + // + // * filter-at-destination.source-port-range - The source port range at the + // destination. + // + // * filter-at-destination.destination-address - The destination IPv4 address + // at the destination. + // + // * filter-at-destination.destination-port-range - The destination port + // range at the destination. // // * protocol - The protocol. // @@ -96089,15 +103261,17 @@ type DescribeNetworkInterfacePermissionsInput struct { // | EIP-ASSOCIATE). Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` - // The maximum number of results to return in a single call. To retrieve the - // remaining results, make another call with the returned NextToken value. If + // The maximum number of items to return for this request. To get the next page + // of items, make another request with the token returned in the output. If // this parameter is not specified, up to 50 results are returned by default. + // For more information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination). MaxResults *int64 `min:"5" type:"integer"` // The network interface permission IDs. NetworkInterfacePermissionIds []*string `locationName:"NetworkInterfacePermissionId" type:"list"` - // The token to request the next page of results. + // The token returned from a previous paginated request. Pagination continues + // from the end of the items returned by the previous request. NextToken *string `type:"string"` } @@ -96163,7 +103337,8 @@ type DescribeNetworkInterfacePermissionsOutput struct { // The network interface permissions. NetworkInterfacePermissions []*NetworkInterfacePermission `locationName:"networkInterfacePermissions" locationNameList:"item" type:"list"` - // The token to use to retrieve the next page of results. + // The token to include in another request to get the next page of items. This + // value is null when there are no more items to return. NextToken *string `locationName:"nextToken" type:"string"` } @@ -96209,23 +103384,23 @@ type DescribeNetworkInterfacesInput struct { // One or more filters. // - // * addresses.private-ip-address - The private IPv4 addresses associated - // with the network interface. - // - // * addresses.primary - Whether the private IPv4 address is the primary - // IP address associated with the network interface. + // * association.allocation-id - The allocation ID returned when you allocated + // the Elastic IP address (IPv4) for your network interface. // - // * addresses.association.public-ip - The association ID returned when the - // network interface was associated with the Elastic IP address (IPv4). + // * association.association-id - The association ID returned when the network + // interface was associated with an IPv4 address. // // * addresses.association.owner-id - The owner ID of the addresses associated // with the network interface. // - // * association.association-id - The association ID returned when the network - // interface was associated with an IPv4 address. + // * addresses.association.public-ip - The association ID returned when the + // network interface was associated with the Elastic IP address (IPv4). // - // * association.allocation-id - The allocation ID returned when you allocated - // the Elastic IP address (IPv4) for your network interface. + // * addresses.primary - Whether the private IPv4 address is the primary + // IP address associated with the network interface. + // + // * addresses.private-ip-address - The private IPv4 addresses associated + // with the network interface. // // * association.ip-owner-id - The owner of the Elastic IP address (IPv4) // associated with the network interface. @@ -96236,11 +103411,11 @@ type DescribeNetworkInterfacesInput struct { // * association.public-dns-name - The public DNS name for the network interface // (IPv4). // - // * attachment.attachment-id - The ID of the interface attachment. - // // * attachment.attach-time - The time that the network interface was attached // to an instance. // + // * attachment.attachment-id - The ID of the interface attachment. + // // * attachment.delete-on-termination - Indicates whether the attachment // is deleted when an instance is terminated. // @@ -96262,17 +103437,15 @@ type DescribeNetworkInterfacesInput struct { // // * group-id - The ID of a security group associated with the network interface. // - // * group-name - The name of a security group associated with the network - // interface. - // // * ipv6-addresses.ipv6-address - An IPv6 address associated with the network // interface. // // * interface-type - The type of network interface (api_gateway_managed - // | aws_codestar_connections_managed | branch | efa | gateway_load_balancer - // | gateway_load_balancer_endpoint | global_accelerator_managed | interface - // | iot_rules_managed | lambda | load_balancer | nat_gateway | network_load_balancer - // | quicksight | transit_gateway | trunk | vpc_endpoint). + // | aws_codestar_connections_managed | branch | ec2_instance_connect_endpoint + // | efa | efs | gateway_load_balancer | gateway_load_balancer_endpoint | + // global_accelerator_managed | interface | iot_rules_managed | lambda | + // load_balancer | nat_gateway | network_load_balancer | quicksight | transit_gateway + // | trunk | vpc_endpoint). // // * mac-address - The MAC address of the network interface. // @@ -96281,11 +103454,11 @@ type DescribeNetworkInterfacesInput struct { // * owner-id - The Amazon Web Services account ID of the network interface // owner. // + // * private-dns-name - The private DNS name of the network interface (IPv4). + // // * private-ip-address - The private IPv4 address or addresses of the network // interface. // - // * private-dns-name - The private DNS name of the network interface (IPv4). - // // * requester-id - The alias or Amazon Web Services account ID of the principal // or service that created the network interface. // @@ -96318,10 +103491,10 @@ type DescribeNetworkInterfacesInput struct { // * vpc-id - The ID of the VPC for the network interface. Filters []*Filter `locationName:"filter" locationNameList:"Filter" type:"list"` - // The maximum number of items to return for this request. The request returns - // a token that you can specify in a subsequent call to get the next set of - // results. You cannot specify this parameter and the network interface IDs - // parameter in the same request. + // The maximum number of items to return for this request. To get the next page + // of items, make another request with the token returned in the output. You + // cannot specify this parameter and the network interface IDs parameter in + // the same request. For more information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination). MaxResults *int64 `min:"5" type:"integer"` // The network interface IDs. @@ -96329,7 +103502,8 @@ type DescribeNetworkInterfacesInput struct { // Default: Describes all your network interfaces. NetworkInterfaceIds []*string `locationName:"NetworkInterfaceId" locationNameList:"item" type:"list"` - // The token to retrieve the next page of results. + // The token returned from a previous paginated request. Pagination continues + // from the end of the items returned by the previous request. NextToken *string `type:"string"` } @@ -96394,15 +103568,14 @@ func (s *DescribeNetworkInterfacesInput) SetNextToken(v string) *DescribeNetwork return s } -// Contains the output of DescribeNetworkInterfaces. type DescribeNetworkInterfacesOutput struct { _ struct{} `type:"structure"` // Information about one or more network interfaces. NetworkInterfaces []*NetworkInterface `locationName:"networkInterfaceSet" locationNameList:"item" type:"list"` - // The token to use to retrieve the next page of results. This value is null - // when there are no more results to return. + // The token to include in another request to get the next page of items. This + // value is null when there are no more items to return. NextToken *string `locationName:"nextToken" type:"string"` } @@ -97028,11 +104201,13 @@ type DescribeReplaceRootVolumeTasksInput struct { // task was created. Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` - // The maximum number of results to return with a single call. To retrieve the - // remaining results, make another call with the returned nextToken value. + // The maximum number of items to return for this request. To get the next page + // of items, make another request with the token returned in the output. For + // more information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination). MaxResults *int64 `min:"1" type:"integer"` - // The token for the next page of results. + // The token returned from a previous paginated request. Pagination continues + // from the end of the items returned by the previous request. NextToken *string `type:"string"` // The ID of the root volume replacement task to view. @@ -97103,8 +104278,8 @@ func (s *DescribeReplaceRootVolumeTasksInput) SetReplaceRootVolumeTaskIds(v []*s type DescribeReplaceRootVolumeTasksOutput struct { _ struct{} `type:"structure"` - // The token to use to retrieve the next page of results. This value is null - // when there are no more results to return. + // The token to include in another request to get the next page of items. This + // value is null when there are no more items to return. NextToken *string `locationName:"nextToken" type:"string"` // Information about the root volume replacement task. @@ -97168,16 +104343,11 @@ type DescribeReservedInstancesInput struct { // // * scope - The scope of the Reserved Instance (Region or Availability Zone). // - // * product-description - The Reserved Instance product platform description. - // Instances that include (Amazon VPC) in the product platform description - // will only be displayed to EC2-Classic account holders and are for use - // with Amazon VPC (Linux/UNIX | Linux/UNIX (Amazon VPC) | SUSE Linux | SUSE - // Linux (Amazon VPC) | Red Hat Enterprise Linux | Red Hat Enterprise Linux - // (Amazon VPC) | Red Hat Enterprise Linux with HA (Amazon VPC) | Windows - // | Windows (Amazon VPC) | Windows with SQL Server Standard | Windows with - // SQL Server Standard (Amazon VPC) | Windows with SQL Server Web | Windows - // with SQL Server Web (Amazon VPC) | Windows with SQL Server Enterprise - // | Windows with SQL Server Enterprise (Amazon VPC)). + // * product-description - The Reserved Instance product platform description + // (Linux/UNIX | Linux with SQL Server Standard | Linux with SQL Server Web + // | Linux with SQL Server Enterprise | SUSE Linux | Red Hat Enterprise Linux + // | Red Hat Enterprise Linux with HA | Windows | Windows with SQL Server + // Standard | Windows with SQL Server Web | Windows with SQL Server Enterprise). // // * reserved-instances-id - The ID of the Reserved Instance. // @@ -97379,9 +104549,6 @@ type DescribeReservedInstancesModificationsInput struct { // * modification-result.target-configuration.instance-type - The instance // type of the new Reserved Instances. // - // * modification-result.target-configuration.platform - The network platform - // of the new Reserved Instances (EC2-Classic | EC2-VPC). - // // * reserved-instances-id - The ID of the Reserved Instances modified. // // * reserved-instances-modification-id - The ID of the modification request. @@ -97510,16 +104677,11 @@ type DescribeReservedInstancesOfferingsInput struct { // all offerings from both Amazon Web Services and the Reserved Instance // Marketplace are listed. // - // * product-description - The Reserved Instance product platform description. - // Instances that include (Amazon VPC) in the product platform description - // will only be displayed to EC2-Classic account holders and are for use - // with Amazon VPC. (Linux/UNIX | Linux/UNIX (Amazon VPC) | SUSE Linux | - // SUSE Linux (Amazon VPC) | Red Hat Enterprise Linux | Red Hat Enterprise - // Linux (Amazon VPC) | Red Hat Enterprise Linux with HA (Amazon VPC) | Windows - // | Windows (Amazon VPC) | Windows with SQL Server Standard | Windows with - // SQL Server Standard (Amazon VPC) | Windows with SQL Server Web | Windows - // with SQL Server Web (Amazon VPC) | Windows with SQL Server Enterprise - // | Windows with SQL Server Enterprise (Amazon VPC)) + // * product-description - The Reserved Instance product platform description + // (Linux/UNIX | Linux with SQL Server Standard | Linux with SQL Server Web + // | Linux with SQL Server Enterprise | SUSE Linux | Red Hat Enterprise Linux + // | Red Hat Enterprise Linux with HA | Windows | Windows with SQL Server + // Standard | Windows with SQL Server Web | Windows with SQL Server Enterprise). // // * reserved-instances-offering-id - The Reserved Instances offering ID. // @@ -97779,7 +104941,9 @@ type DescribeRouteTablesInput struct { // it is UnauthorizedOperation. DryRun *bool `locationName:"dryRun" type:"boolean"` - // One or more filters. + // The filters. + // + // * association.gateway-id - The ID of the gateway involved in the association. // // * association.route-table-association-id - The ID of an association ID // for the route table. @@ -97846,14 +105010,16 @@ type DescribeRouteTablesInput struct { // * vpc-id - The ID of the VPC for the route table. Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` - // The maximum number of results to return with a single call. To retrieve the - // remaining results, make another call with the returned nextToken value. + // The maximum number of items to return for this request. To get the next page + // of items, make another request with the token returned in the output. For + // more information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination). MaxResults *int64 `min:"5" type:"integer"` - // The token for the next page of results. + // The token returned from a previous paginated request. Pagination continues + // from the end of the items returned by the previous request. NextToken *string `type:"string"` - // One or more route table IDs. + // The IDs of the route tables. // // Default: Describes all your route tables. RouteTableIds []*string `locationName:"RouteTableId" locationNameList:"item" type:"list"` @@ -97924,8 +105090,8 @@ func (s *DescribeRouteTablesInput) SetRouteTableIds(v []*string) *DescribeRouteT type DescribeRouteTablesOutput struct { _ struct{} `type:"structure"` - // The token to use to retrieve the next page of results. This value is null - // when there are no more results to return. + // The token to include in another request to get the next page of items. This + // value is null when there are no more items to return. NextToken *string `locationName:"nextToken" type:"string"` // Information about one or more route tables. @@ -97978,8 +105144,6 @@ type DescribeScheduledInstanceAvailabilityInput struct { // // * instance-type - The instance type (for example, c4.large). // - // * network-platform - The network platform (EC2-Classic or EC2-VPC). - // // * platform - The platform (Linux/UNIX or Windows). Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` @@ -98160,8 +105324,6 @@ type DescribeScheduledInstancesInput struct { // // * instance-type - The instance type (for example, c4.large). // - // * network-platform - The network platform (EC2-Classic or EC2-VPC). - // // * platform - The platform (Linux/UNIX or Windows). Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` @@ -98387,13 +105549,14 @@ type DescribeSecurityGroupRulesInput struct { // the filter value. Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` - // The maximum number of results to return in a single call. To retrieve the - // remaining results, make another request with the returned NextToken value. - // This value can be between 5 and 1000. If this parameter is not specified, - // then all results are returned. + // The maximum number of items to return for this request. To get the next page + // of items, make another request with the token returned in the output. This + // value can be between 5 and 1000. If this parameter is not specified, then + // all items are returned. For more information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination). MaxResults *int64 `min:"5" type:"integer"` - // The token for the next page of results. + // The token returned from a previous paginated request. Pagination continues + // from the end of the items returned by the previous request. NextToken *string `type:"string"` // The IDs of the security group rules. @@ -98464,8 +105627,8 @@ func (s *DescribeSecurityGroupRulesInput) SetSecurityGroupRuleIds(v []*string) * type DescribeSecurityGroupRulesOutput struct { _ struct{} `type:"structure"` - // The token to use to retrieve the next page of results. This value is null - // when there are no more results to return. + // The token to include in another request to get the next page of items. This + // value is null when there are no more items to return. NextToken *string `locationName:"nextToken" type:"string"` // Information about security group rules. @@ -98597,21 +105760,20 @@ type DescribeSecurityGroupsInput struct { // Default: Describes all of your security groups. GroupIds []*string `locationName:"GroupId" locationNameList:"groupId" type:"list"` - // [EC2-Classic and default VPC only] The names of the security groups. You - // can specify either the security group name or the security group ID. For - // security groups in a nondefault VPC, use the group-name filter to describe - // security groups by name. + // [Default VPC] The names of the security groups. You can specify either the + // security group name or the security group ID. // // Default: Describes all of your security groups. GroupNames []*string `locationName:"GroupName" locationNameList:"GroupName" type:"list"` - // The maximum number of results to return in a single call. To retrieve the - // remaining results, make another request with the returned NextToken value. - // This value can be between 5 and 1000. If this parameter is not specified, - // then all results are returned. + // The maximum number of items to return for this request. To get the next page + // of items, make another request with the token returned in the output. This + // value can be between 5 and 1000. If this parameter is not specified, then + // all items are returned. For more information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination). MaxResults *int64 `min:"5" type:"integer"` - // The token to request the next page of results. + // The token returned from a previous paginated request. Pagination continues + // from the end of the items returned by the previous request. NextToken *string `type:"string"` } @@ -98685,8 +105847,8 @@ func (s *DescribeSecurityGroupsInput) SetNextToken(v string) *DescribeSecurityGr type DescribeSecurityGroupsOutput struct { _ struct{} `type:"structure"` - // The token to use to retrieve the next page of results. This value is null - // when there are no more results to return. + // The token to include in another request to get the next page of items. This + // value is null when there are no more items to return. NextToken *string `locationName:"nextToken" type:"string"` // Information about the security groups. @@ -98866,11 +106028,13 @@ type DescribeSnapshotTierStatusInput struct { // | temporary-restore-completed | temporary-restore-failed) Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` - // The maximum number of results to return with a single call. To retrieve the - // remaining results, make another call with the returned nextToken value. + // The maximum number of items to return for this request. To get the next page + // of items, make another request with the token returned in the output. For + // more information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination). MaxResults *int64 `type:"integer"` - // The token for the next page of results. + // The token returned from a previous paginated request. Pagination continues + // from the end of the items returned by the previous request. NextToken *string `type:"string"` } @@ -98919,8 +106083,8 @@ func (s *DescribeSnapshotTierStatusInput) SetNextToken(v string) *DescribeSnapsh type DescribeSnapshotTierStatusOutput struct { _ struct{} `type:"structure"` - // The token to use to retrieve the next page of results. This value is null - // when there are no more results to return. + // The token to include in another request to get the next page of items. This + // value is null when there are no more items to return. NextToken *string `locationName:"nextToken" type:"string"` // Information about the snapshot's storage tier. @@ -99006,22 +106170,15 @@ type DescribeSnapshotsInput struct { // * volume-size - The size of the volume, in GiB. Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` - // The maximum number of snapshot results returned by DescribeSnapshots in paginated - // output. When this parameter is used, DescribeSnapshots only returns MaxResults - // results in a single page along with a NextToken response element. The remaining - // results of the initial request can be seen by sending another DescribeSnapshots - // request with the returned NextToken value. This value can be between 5 and - // 1,000; if MaxResults is given a value larger than 1,000, only 1,000 results - // are returned. If this parameter is not used, then DescribeSnapshots returns - // all results. You cannot specify this parameter and the snapshot IDs parameter - // in the same request. + // The maximum number of snapshots to return for this request. This value can + // be between 5 and 1,000; if this value is larger than 1,000, only 1,000 results + // are returned. If this parameter is not used, then the request returns all + // snapshots. You cannot specify this parameter and the snapshot IDs parameter + // in the same request. For more information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination). MaxResults *int64 `type:"integer"` - // The NextToken value returned from a previous paginated DescribeSnapshots - // request where MaxResults was used and the results exceeded the value of that - // parameter. Pagination continues from the end of the previous results that - // returned the NextToken value. This value is null when there are no more results - // to return. + // The token returned from a previous paginated request. Pagination continues + // from the end of the items returned by the previous request. NextToken *string `type:"string"` // Scopes the results to snapshots with the specified owners. You can specify @@ -99101,10 +106258,8 @@ func (s *DescribeSnapshotsInput) SetSnapshotIds(v []*string) *DescribeSnapshotsI type DescribeSnapshotsOutput struct { _ struct{} `type:"structure"` - // The NextToken value to include in a future DescribeSnapshots request. When - // the results of a DescribeSnapshots request exceed MaxResults, this value - // can be used to retrieve the next page of results. This value is null when - // there are no more results to return. + // The token to include in another request to return the next page of snapshots. + // This value is null when there are no more snapshots to return. NextToken *string `locationName:"nextToken" type:"string"` // Information about the snapshots. @@ -99218,12 +106373,13 @@ type DescribeSpotFleetInstancesInput struct { // it is UnauthorizedOperation. DryRun *bool `locationName:"dryRun" type:"boolean"` - // The maximum number of results to return in a single call. Specify a value - // between 1 and 1000. The default value is 1000. To retrieve the remaining - // results, make another call with the returned NextToken value. + // The maximum number of items to return for this request. To get the next page + // of items, make another request with the token returned in the output. For + // more information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination). MaxResults *int64 `locationName:"maxResults" min:"1" type:"integer"` - // The token for the next set of results. + // The token to include in another request to get the next page of items. This + // value is null when there are no more items to return. NextToken *string `locationName:"nextToken" type:"string"` // The ID of the Spot Fleet request. @@ -99298,8 +106454,8 @@ type DescribeSpotFleetInstancesOutput struct { // of date. ActiveInstances []*ActiveInstance `locationName:"activeInstanceSet" locationNameList:"item" type:"list"` - // The token required to retrieve the next set of results. This value is null - // when there are no more results to return. + // The token to include in another request to get the next page of items. This + // value is null when there are no more items to return. NextToken *string `locationName:"nextToken" type:"string"` // The ID of the Spot Fleet request. @@ -99355,12 +106511,13 @@ type DescribeSpotFleetRequestHistoryInput struct { // The type of events to describe. By default, all events are described. EventType *string `locationName:"eventType" type:"string" enum:"EventType"` - // The maximum number of results to return in a single call. Specify a value - // between 1 and 1000. The default value is 1000. To retrieve the remaining - // results, make another call with the returned NextToken value. + // The maximum number of items to return for this request. To get the next page + // of items, make another request with the token returned in the output. For + // more information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination). MaxResults *int64 `locationName:"maxResults" min:"1" type:"integer"` - // The token for the next set of results. + // The token to include in another request to get the next page of items. This + // value is null when there are no more items to return. NextToken *string `locationName:"nextToken" type:"string"` // The ID of the Spot Fleet request. @@ -99457,11 +106614,11 @@ type DescribeSpotFleetRequestHistoryOutput struct { // The last date and time for the events, in UTC format (for example, YYYY-MM-DDTHH:MM:SSZ). // All records up to this time were retrieved. // - // If nextToken indicates that there are more results, this value is not present. + // If nextToken indicates that there are more items, this value is not present. LastEvaluatedTime *time.Time `locationName:"lastEvaluatedTime" type:"timestamp"` - // The token required to retrieve the next set of results. This value is null - // when there are no more results to return. + // The token to include in another request to get the next page of items. This + // value is null when there are no more items to return. NextToken *string `locationName:"nextToken" type:"string"` // The ID of the Spot Fleet request. @@ -99529,12 +106686,13 @@ type DescribeSpotFleetRequestsInput struct { // it is UnauthorizedOperation. DryRun *bool `locationName:"dryRun" type:"boolean"` - // The maximum number of results to return in a single call. Specify a value - // between 1 and 1000. The default value is 1000. To retrieve the remaining - // results, make another call with the returned NextToken value. + // The maximum number of items to return for this request. To get the next page + // of items, make another request with the token returned in the output. For + // more information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination). MaxResults *int64 `locationName:"maxResults" type:"integer"` - // The token for the next set of results. + // The token to include in another request to get the next page of items. This + // value is null when there are no more items to return. NextToken *string `locationName:"nextToken" type:"string"` // The IDs of the Spot Fleet requests. @@ -99587,8 +106745,8 @@ func (s *DescribeSpotFleetRequestsInput) SetSpotFleetRequestIds(v []*string) *De type DescribeSpotFleetRequestsOutput struct { _ struct{} `type:"structure"` - // The token required to retrieve the next set of results. This value is null - // when there are no more results to return. + // The token to include in another request to get the next page of items. This + // value is null when there are no more items to return. NextToken *string `locationName:"nextToken" type:"string"` // Information about the configuration of your Spot Fleet. @@ -99635,7 +106793,7 @@ type DescribeSpotInstanceRequestsInput struct { // it is UnauthorizedOperation. DryRun *bool `locationName:"dryRun" type:"boolean"` - // One or more filters. + // The filters. // // * availability-zone-group - The Availability Zone group. // @@ -99662,8 +106820,8 @@ type DescribeSpotInstanceRequestsInput struct { // in GiB. // // * launch.block-device-mapping.volume-type - The type of EBS volume: gp2 - // for General Purpose SSD, io1 or io2 for Provisioned IOPS SSD, st1 for - // Throughput Optimized HDD, sc1for Cold HDD, or standard for Magnetic. + // or gp3 for General Purpose SSD, io1 or io2 for Provisioned IOPS SSD, st1 + // for Throughput Optimized HDD, sc1 for Cold HDD, or standard for Magnetic. // // * launch.group-id - The ID of the security group for the instance. // @@ -99743,16 +106901,16 @@ type DescribeSpotInstanceRequestsInput struct { // * valid-until - The end date of the request. Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` - // The maximum number of results to return in a single call. Specify a value - // between 5 and 1000. To retrieve the remaining results, make another call - // with the returned NextToken value. + // The maximum number of items to return for this request. To get the next page + // of items, make another request with the token returned in the output. For + // more information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination). MaxResults *int64 `type:"integer"` - // The token to request the next set of results. This value is null when there - // are no more results to return. + // The token returned from a previous paginated request. Pagination continues + // from the end of the items returned by the previous request. NextToken *string `type:"string"` - // One or more Spot Instance request IDs. + // The IDs of the Spot Instance requests. SpotInstanceRequestIds []*string `locationName:"SpotInstanceRequestId" locationNameList:"SpotInstanceRequestId" type:"list"` } @@ -99808,11 +106966,11 @@ func (s *DescribeSpotInstanceRequestsInput) SetSpotInstanceRequestIds(v []*strin type DescribeSpotInstanceRequestsOutput struct { _ struct{} `type:"structure"` - // The token to use to retrieve the next set of results. This value is null - // when there are no more results to return. + // The token to include in another request to get the next page of items. This + // value is null when there are no more items to return. NextToken *string `locationName:"nextToken" type:"string"` - // One or more Spot Instance requests. + // The Spot Instance requests. SpotInstanceRequests []*SpotInstanceRequest `locationName:"spotInstanceRequestSet" locationNameList:"item" type:"list"` } @@ -99863,7 +107021,7 @@ type DescribeSpotPriceHistoryInput struct { // the price history data, in UTC format (for example, YYYY-MM-DDTHH:MM:SSZ). EndTime *time.Time `locationName:"endTime" type:"timestamp"` - // One or more filters. + // The filters. // // * availability-zone - The Availability Zone for which prices should be // returned. @@ -99879,19 +107037,20 @@ type DescribeSpotPriceHistoryInput struct { // greater than or less than comparison is not supported). // // * timestamp - The time stamp of the Spot price history, in UTC format - // (for example, YYYY-MM-DDTHH:MM:SSZ). You can use wildcards (* and ?). - // Greater than or less than comparison is not supported. + // (for example, ddd MMM dd HH:mm:ss UTC YYYY). You can use wildcards (* + // and ?). Greater than or less than comparison is not supported. Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` // Filters the results by the specified instance types. InstanceTypes []*string `locationName:"InstanceType" type:"list" enum:"InstanceType"` - // The maximum number of results to return in a single call. Specify a value - // between 1 and 1000. The default value is 1000. To retrieve the remaining - // results, make another call with the returned NextToken value. + // The maximum number of items to return for this request. To get the next page + // of items, make another request with the token returned in the output. For + // more information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination). MaxResults *int64 `locationName:"maxResults" type:"integer"` - // The token for the next set of results. + // The token returned from a previous paginated request. Pagination continues + // from the end of the items returned by the previous request. NextToken *string `locationName:"nextToken" type:"string"` // Filters the results by the specified basic product descriptions. @@ -99978,8 +107137,8 @@ func (s *DescribeSpotPriceHistoryInput) SetStartTime(v time.Time) *DescribeSpotP type DescribeSpotPriceHistoryOutput struct { _ struct{} `type:"structure"` - // The token required to retrieve the next set of results. This value is null - // or an empty string when there are no more results to return. + // The token to include in another request to get the next page of items. This + // value is an empty string ("") or null when there are no more items to return. NextToken *string `locationName:"nextToken" type:"string"` // The historical Spot prices. @@ -100025,13 +107184,13 @@ type DescribeStaleSecurityGroupsInput struct { // it is UnauthorizedOperation. DryRun *bool `type:"boolean"` - // The maximum number of items to return for this request. The request returns - // a token that you can specify in a subsequent call to get the next set of - // results. + // The maximum number of items to return for this request. To get the next page + // of items, make another request with the token returned in the output. For + // more information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination). MaxResults *int64 `min:"5" type:"integer"` - // The token for the next set of items to return. (You received this token from - // a prior call.) + // The token returned from a previous paginated request. Pagination continues + // from the end of the items returned by the previous request. NextToken *string `min:"1" type:"string"` // The ID of the VPC. @@ -100104,8 +107263,8 @@ func (s *DescribeStaleSecurityGroupsInput) SetVpcId(v string) *DescribeStaleSecu type DescribeStaleSecurityGroupsOutput struct { _ struct{} `type:"structure"` - // The token to use when requesting the next set of items. If there are no additional - // items to return, the string is empty. + // The token to include in another request to get the next page of items. If + // there are no additional items to return, the string is empty. NextToken *string `locationName:"nextToken" type:"string"` // Information about the stale security groups. @@ -100158,19 +107317,25 @@ type DescribeStoreImageTasksInput struct { // // * bucket - Returns task information for tasks that targeted a specific // bucket. For the filter value, specify the bucket name. + // + // When you specify the ImageIds parameter, any filters that you specify are + // ignored. To use the filters, you must remove the ImageIds parameter. Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` // The AMI IDs for which to show progress. Up to 20 AMI IDs can be included // in a request. ImageIds []*string `locationName:"ImageId" locationNameList:"item" type:"list"` - // The maximum number of results to return in a single call. To retrieve the - // remaining results, make another call with the returned NextToken value. This - // value can be between 1 and 200. You cannot specify this parameter and the - // ImageIDs parameter in the same call. + // The maximum number of items to return for this request. To get the next page + // of items, make another request with the token returned in the output. For + // more information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination). + // + // You cannot specify this parameter and the ImageIds parameter in the same + // call. MaxResults *int64 `min:"1" type:"integer"` - // The token for the next page of results. + // The token returned from a previous paginated request. Pagination continues + // from the end of the items returned by the previous request. NextToken *string `type:"string"` } @@ -100238,8 +107403,8 @@ func (s *DescribeStoreImageTasksInput) SetNextToken(v string) *DescribeStoreImag type DescribeStoreImageTasksOutput struct { _ struct{} `type:"structure"` - // The token to use to retrieve the next page of results. This value is null - // when there are no more results to return. + // The token to include in another request to get the next page of items. This + // value is null when there are no more items to return. NextToken *string `locationName:"nextToken" type:"string"` // The information about the AMI store tasks. @@ -100285,7 +107450,7 @@ type DescribeSubnetsInput struct { // it is UnauthorizedOperation. DryRun *bool `locationName:"dryRun" type:"boolean"` - // One or more filters. + // The filters. // // * availability-zone - The Availability Zone for the subnet. You can also // use availabilityZone as the filter name. @@ -100371,14 +107536,16 @@ type DescribeSubnetsInput struct { // * vpc-id - The ID of the VPC for the subnet. Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` - // The maximum number of results to return with a single call. To retrieve the - // remaining results, make another call with the returned nextToken value. + // The maximum number of items to return for this request. To get the next page + // of items, make another request with the token returned in the output. For + // more information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination). MaxResults *int64 `min:"5" type:"integer"` - // The token for the next page of results. + // The token returned from a previous paginated request. Pagination continues + // from the end of the items returned by the previous request. NextToken *string `type:"string"` - // One or more subnet IDs. + // The IDs of the subnets. // // Default: Describes all your subnets. SubnetIds []*string `locationName:"SubnetId" locationNameList:"SubnetId" type:"list"` @@ -100448,8 +107615,8 @@ func (s *DescribeSubnetsInput) SetSubnetIds(v []*string) *DescribeSubnetsInput { type DescribeSubnetsOutput struct { _ struct{} `type:"structure"` - // The token to use to retrieve the next page of results. This value is null - // when there are no more results to return. + // The token to include in another request to get the next page of items. This + // value is null when there are no more items to return. NextToken *string `locationName:"nextToken" type:"string"` // Information about one or more subnets. @@ -100516,12 +107683,13 @@ type DescribeTagsInput struct { // * value - The tag value. Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` - // The maximum number of results to return in a single call. This value can - // be between 5 and 1000. To retrieve the remaining results, make another call - // with the returned NextToken value. + // The maximum number of items to return for this request. This value can be + // between 5 and 1000. To get the next page of items, make another request with + // the token returned in the output. For more information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination). MaxResults *int64 `locationName:"maxResults" type:"integer"` - // The token to retrieve the next page of results. + // The token returned from a previous paginated request. Pagination continues + // from the end of the items returned by the previous request. NextToken *string `locationName:"nextToken" type:"string"` } @@ -100570,8 +107738,8 @@ func (s *DescribeTagsInput) SetNextToken(v string) *DescribeTagsInput { type DescribeTagsOutput struct { _ struct{} `type:"structure"` - // The token to use to retrieve the next page of results. This value is null - // when there are no more results to return. + // The token to include in another request to get the next page of items. This + // value is null when there are no more items to return. NextToken *string `locationName:"nextToken" type:"string"` // The tags. @@ -102548,13 +109716,13 @@ type DescribeVerifiedAccessEndpointsInput struct { // The token for the next page of results. NextToken *string `type:"string"` - // The ID of the Amazon Web Services Verified Access endpoint. + // The ID of the Verified Access endpoint. VerifiedAccessEndpointIds []*string `locationName:"VerifiedAccessEndpointId" locationNameList:"item" type:"list"` - // The ID of the Amazon Web Services Verified Access group. + // The ID of the Verified Access group. VerifiedAccessGroupId *string `type:"string"` - // The ID of the Amazon Web Services Verified Access instance. + // The ID of the Verified Access instance. VerifiedAccessInstanceId *string `type:"string"` } @@ -102638,7 +109806,7 @@ type DescribeVerifiedAccessEndpointsOutput struct { // when there are no more results to return. NextToken *string `locationName:"nextToken" type:"string"` - // The ID of the Amazon Web Services Verified Access endpoint. + // Details about the Verified Access endpoints. VerifiedAccessEndpoints []*VerifiedAccessEndpoint `locationName:"verifiedAccessEndpointSet" locationNameList:"item" type:"list"` } @@ -102691,10 +109859,10 @@ type DescribeVerifiedAccessGroupsInput struct { // The token for the next page of results. NextToken *string `type:"string"` - // The ID of the Amazon Web Services Verified Access groups. + // The ID of the Verified Access groups. VerifiedAccessGroupIds []*string `locationName:"VerifiedAccessGroupId" locationNameList:"item" type:"list"` - // The ID of the Amazon Web Services Verified Access instance. + // The ID of the Verified Access instance. VerifiedAccessInstanceId *string `type:"string"` } @@ -102772,7 +109940,7 @@ type DescribeVerifiedAccessGroupsOutput struct { // when there are no more results to return. NextToken *string `locationName:"nextToken" type:"string"` - // The ID of the Verified Access group. + // Details about the Verified Access groups. VerifiedAccessGroups []*VerifiedAccessGroup `locationName:"verifiedAccessGroupSet" locationNameList:"item" type:"list"` } @@ -102825,7 +109993,7 @@ type DescribeVerifiedAccessInstanceLoggingConfigurationsInput struct { // The token for the next page of results. NextToken *string `type:"string"` - // The IDs of the Amazon Web Services Verified Access instances. + // The IDs of the Verified Access instances. VerifiedAccessInstanceIds []*string `locationName:"VerifiedAccessInstanceId" locationNameList:"item" type:"list"` } @@ -102893,8 +110061,7 @@ func (s *DescribeVerifiedAccessInstanceLoggingConfigurationsInput) SetVerifiedAc type DescribeVerifiedAccessInstanceLoggingConfigurationsOutput struct { _ struct{} `type:"structure"` - // The current logging configuration for the Amazon Web Services Verified Access - // instances. + // The logging configuration for the Verified Access instances. LoggingConfigurations []*VerifiedAccessInstanceLoggingConfiguration `locationName:"loggingConfigurationSet" locationNameList:"item" type:"list"` // The token to use to retrieve the next page of results. This value is null @@ -102951,7 +110118,7 @@ type DescribeVerifiedAccessInstancesInput struct { // The token for the next page of results. NextToken *string `type:"string"` - // The IDs of the Amazon Web Services Verified Access instances. + // The IDs of the Verified Access instances. VerifiedAccessInstanceIds []*string `locationName:"VerifiedAccessInstanceId" locationNameList:"item" type:"list"` } @@ -103023,7 +110190,7 @@ type DescribeVerifiedAccessInstancesOutput struct { // when there are no more results to return. NextToken *string `locationName:"nextToken" type:"string"` - // The IDs of the Amazon Web Services Verified Access instances. + // Details about the Verified Access instances. VerifiedAccessInstances []*VerifiedAccessInstance `locationName:"verifiedAccessInstanceSet" locationNameList:"item" type:"list"` } @@ -103076,7 +110243,7 @@ type DescribeVerifiedAccessTrustProvidersInput struct { // The token for the next page of results. NextToken *string `type:"string"` - // The IDs of the Amazon Web Services Verified Access trust providers. + // The IDs of the Verified Access trust providers. VerifiedAccessTrustProviderIds []*string `locationName:"VerifiedAccessTrustProviderId" locationNameList:"item" type:"list"` } @@ -103148,7 +110315,7 @@ type DescribeVerifiedAccessTrustProvidersOutput struct { // when there are no more results to return. NextToken *string `locationName:"nextToken" type:"string"` - // The IDs of the Amazon Web Services Verified Access trust providers. + // Details about the Verified Access trust providers. VerifiedAccessTrustProviders []*VerifiedAccessTrustProvider `locationName:"verifiedAccessTrustProviderSet" locationNameList:"item" type:"list"` } @@ -103345,20 +110512,16 @@ type DescribeVolumeStatusInput struct { // | insufficient-data). Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` - // The maximum number of volume results returned by DescribeVolumeStatus in - // paginated output. When this parameter is used, the request only returns MaxResults - // results in a single page along with a NextToken response element. The remaining - // results of the initial request can be seen by sending another request with - // the returned NextToken value. This value can be between 5 and 1,000; if MaxResults - // is given a value larger than 1,000, only 1,000 results are returned. If this - // parameter is not used, then DescribeVolumeStatus returns all results. You - // cannot specify this parameter and the volume IDs parameter in the same request. + // The maximum number of items to return for this request. To get the next page + // of items, make another request with the token returned in the output. This + // value can be between 5 and 1,000; if the value is larger than 1,000, only + // 1,000 results are returned. If this parameter is not used, then all items + // are returned. You cannot specify this parameter and the volume IDs parameter + // in the same request. For more information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination). MaxResults *int64 `type:"integer"` - // The NextToken value to include in a future DescribeVolumeStatus request. - // When the results of the request exceed MaxResults, this value can be used - // to retrieve the next page of results. This value is null when there are no - // more results to return. + // The token returned from a previous paginated request. Pagination continues + // from the end of the items returned by the previous request. NextToken *string `type:"string"` // The IDs of the volumes. @@ -103418,8 +110581,8 @@ func (s *DescribeVolumeStatusInput) SetVolumeIds(v []*string) *DescribeVolumeSta type DescribeVolumeStatusOutput struct { _ struct{} `type:"structure"` - // The token to use to retrieve the next page of results. This value is null - // when there are no more results to return. + // The token to include in another request to get the next page of items. This + // value is null when there are no more items to return. NextToken *string `locationName:"nextToken" type:"string"` // Information about the status of the volumes. @@ -103515,21 +110678,15 @@ type DescribeVolumesInput struct { // | sc1| standard) Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` - // The maximum number of volume results returned by DescribeVolumes in paginated - // output. When this parameter is used, DescribeVolumes only returns MaxResults - // results in a single page along with a NextToken response element. The remaining - // results of the initial request can be seen by sending another DescribeVolumes - // request with the returned NextToken value. This value can be between 5 and - // 500; if MaxResults is given a value larger than 500, only 500 results are - // returned. If this parameter is not used, then DescribeVolumes returns all - // results. You cannot specify this parameter and the volume IDs parameter in - // the same request. + // The maximum number of volumes to return for this request. This value can + // be between 5 and 500; if you specify a value larger than 500, only 500 items + // are returned. If this parameter is not used, then all items are returned. + // You cannot specify this parameter and the volume IDs parameter in the same + // request. For more information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination). MaxResults *int64 `locationName:"maxResults" type:"integer"` - // The NextToken value returned from a previous paginated DescribeVolumes request - // where MaxResults was used and the results exceeded the value of that parameter. - // Pagination continues from the end of the previous results that returned the - // NextToken value. This value is null when there are no more results to return. + // The token returned from a previous paginated request. Pagination continues + // from the end of the items returned from the previous request. NextToken *string `locationName:"nextToken" type:"string"` // The volume IDs. @@ -103624,10 +110781,11 @@ type DescribeVolumesModificationsInput struct { Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` // The maximum number of results (up to a limit of 500) to be returned in a - // paginated request. + // paginated request. For more information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination). MaxResults *int64 `type:"integer"` - // The nextToken value returned by a previous paginated request. + // The token returned by a previous paginated request. Pagination continues + // from the end of the items returned by the previous request. NextToken *string `type:"string"` // The IDs of the volumes. @@ -103685,7 +110843,8 @@ func (s *DescribeVolumesModificationsInput) SetVolumeIds(v []*string) *DescribeV type DescribeVolumesModificationsOutput struct { _ struct{} `type:"structure"` - // Token for pagination, null if there are no more results + // The token to include in another request to get the next page of items. This + // value is null if there are no more items to return. NextToken *string `locationName:"nextToken" type:"string"` // Information about the volume modifications. @@ -103725,10 +110884,8 @@ func (s *DescribeVolumesModificationsOutput) SetVolumesModifications(v []*Volume type DescribeVolumesOutput struct { _ struct{} `type:"structure"` - // The NextToken value to include in a future DescribeVolumes request. When - // the results of a DescribeVolumes request exceed MaxResults, this value can - // be used to retrieve the next page of results. This value is null when there - // are no more results to return. + // The token to include in another request to get the next page of items. This + // value is null when there are no more items to return. NextToken *string `locationName:"nextToken" type:"string"` // Information about the volumes. @@ -103902,14 +111059,16 @@ func (s *DescribeVpcAttributeOutput) SetVpcId(v string) *DescribeVpcAttributeOut type DescribeVpcClassicLinkDnsSupportInput struct { _ struct{} `type:"structure"` - // The maximum number of results to return with a single call. To retrieve the - // remaining results, make another call with the returned nextToken value. + // The maximum number of items to return for this request. To get the next page + // of items, make another request with the token returned in the output. For + // more information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination). MaxResults *int64 `locationName:"maxResults" min:"5" type:"integer"` - // The token for the next page of results. + // The token returned from a previous paginated request. Pagination continues + // from the end of the items returned by the previous request. NextToken *string `locationName:"nextToken" min:"1" type:"string"` - // One or more VPC IDs. + // The IDs of the VPCs. VpcIds []*string `locationNameList:"VpcId" type:"list"` } @@ -103968,8 +111127,8 @@ func (s *DescribeVpcClassicLinkDnsSupportInput) SetVpcIds(v []*string) *Describe type DescribeVpcClassicLinkDnsSupportOutput struct { _ struct{} `type:"structure"` - // The token to use to retrieve the next page of results. This value is null - // when there are no more results to return. + // The token to include in another request to get the next page of items. This + // value is null when there are no more items to return. NextToken *string `locationName:"nextToken" min:"1" type:"string"` // Information about the ClassicLink DNS support status of the VPCs. @@ -104015,7 +111174,7 @@ type DescribeVpcClassicLinkInput struct { // it is UnauthorizedOperation. DryRun *bool `locationName:"dryRun" type:"boolean"` - // One or more filters. + // The filters. // // * is-classic-link-enabled - Whether the VPC is enabled for ClassicLink // (true | false). @@ -104031,7 +111190,7 @@ type DescribeVpcClassicLinkInput struct { // the tag value. Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` - // One or more VPCs for which you want to describe the ClassicLink status. + // The VPCs for which you want to describe the ClassicLink status. VpcIds []*string `locationName:"VpcId" locationNameList:"VpcId" type:"list"` } @@ -104074,7 +111233,7 @@ func (s *DescribeVpcClassicLinkInput) SetVpcIds(v []*string) *DescribeVpcClassic type DescribeVpcClassicLinkOutput struct { _ struct{} `type:"structure"` - // The ClassicLink status of one or more VPCs. + // The ClassicLink status of the VPCs. Vpcs []*VpcClassicLink `locationName:"vpcSet" locationNameList:"item" type:"list"` } @@ -104114,7 +111273,7 @@ type DescribeVpcEndpointConnectionNotificationsInput struct { // it is UnauthorizedOperation. DryRun *bool `type:"boolean"` - // One or more filters. + // The filters. // // * connection-notification-arn - The ARN of the SNS topic for the notification. // @@ -104189,7 +111348,7 @@ func (s *DescribeVpcEndpointConnectionNotificationsInput) SetNextToken(v string) type DescribeVpcEndpointConnectionNotificationsOutput struct { _ struct{} `type:"structure"` - // One or more notifications. + // The notifications. ConnectionNotificationSet []*ConnectionNotification `locationName:"connectionNotificationSet" locationNameList:"item" type:"list"` // The token to use to retrieve the next page of results. This value is null @@ -104236,7 +111395,7 @@ type DescribeVpcEndpointConnectionsInput struct { // it is UnauthorizedOperation. DryRun *bool `type:"boolean"` - // One or more filters. + // The filters. // // * ip-address-type - The IP address type (ipv4 | ipv6). // @@ -104311,7 +111470,7 @@ type DescribeVpcEndpointConnectionsOutput struct { // when there are no more results to return. NextToken *string `locationName:"nextToken" type:"string"` - // Information about one or more VPC endpoint connections. + // Information about the VPC endpoint connections. VpcEndpointConnections []*VpcEndpointConnection `locationName:"vpcEndpointConnectionSet" locationNameList:"item" type:"list"` } @@ -104354,7 +111513,7 @@ type DescribeVpcEndpointServiceConfigurationsInput struct { // it is UnauthorizedOperation. DryRun *bool `type:"boolean"` - // One or more filters. + // The filters. // // * service-name - The name of the service. // @@ -104386,7 +111545,7 @@ type DescribeVpcEndpointServiceConfigurationsInput struct { // The token to retrieve the next page of results. NextToken *string `type:"string"` - // The IDs of one or more services. + // The IDs of the endpoint services. ServiceIds []*string `locationName:"ServiceId" locationNameList:"item" type:"list"` } @@ -104445,7 +111604,7 @@ type DescribeVpcEndpointServiceConfigurationsOutput struct { // when there are no more results to return. NextToken *string `locationName:"nextToken" type:"string"` - // Information about one or more services. + // Information about the services. ServiceConfigurations []*ServiceConfiguration `locationName:"serviceConfigurationSet" locationNameList:"item" type:"list"` } @@ -104488,7 +111647,7 @@ type DescribeVpcEndpointServicePermissionsInput struct { // it is UnauthorizedOperation. DryRun *bool `type:"boolean"` - // One or more filters. + // The filters. // // * principal - The ARN of the principal. // @@ -104576,7 +111735,7 @@ func (s *DescribeVpcEndpointServicePermissionsInput) SetServiceId(v string) *Des type DescribeVpcEndpointServicePermissionsOutput struct { _ struct{} `type:"structure"` - // Information about one or more allowed principals. + // Information about the allowed principals. AllowedPrincipals []*AllowedPrincipal `locationName:"allowedPrincipals" locationNameList:"item" type:"list"` // The token to use to retrieve the next page of results. This value is null @@ -104614,7 +111773,6 @@ func (s *DescribeVpcEndpointServicePermissionsOutput) SetNextToken(v string) *De return s } -// Contains the parameters for DescribeVpcEndpointServices. type DescribeVpcEndpointServicesInput struct { _ struct{} `type:"structure"` @@ -104624,7 +111782,7 @@ type DescribeVpcEndpointServicesInput struct { // it is UnauthorizedOperation. DryRun *bool `type:"boolean"` - // One or more filters. + // The filters. // // * owner - The ID or alias of the Amazon Web Services account that owns // the service. @@ -104657,7 +111815,7 @@ type DescribeVpcEndpointServicesInput struct { // a prior call.) NextToken *string `type:"string"` - // One or more service names. + // The service names. ServiceNames []*string `locationName:"ServiceName" locationNameList:"item" type:"list"` } @@ -104709,7 +111867,6 @@ func (s *DescribeVpcEndpointServicesInput) SetServiceNames(v []*string) *Describ return s } -// Contains the output of DescribeVpcEndpointServices. type DescribeVpcEndpointServicesOutput struct { _ struct{} `type:"structure"` @@ -104720,7 +111877,7 @@ type DescribeVpcEndpointServicesOutput struct { // Information about the service. ServiceDetails []*ServiceDetail `locationName:"serviceDetailSet" locationNameList:"item" type:"list"` - // A list of supported services. + // The supported services. ServiceNames []*string `locationName:"serviceNameSet" locationNameList:"item" type:"list"` } @@ -104760,7 +111917,6 @@ func (s *DescribeVpcEndpointServicesOutput) SetServiceNames(v []*string) *Descri return s } -// Contains the parameters for DescribeVpcEndpoints. type DescribeVpcEndpointsInput struct { _ struct{} `type:"structure"` @@ -104770,7 +111926,7 @@ type DescribeVpcEndpointsInput struct { // it is UnauthorizedOperation. DryRun *bool `type:"boolean"` - // One or more filters. + // The filters. // // * ip-address-type - The IP address type (ipv4 | ipv6). // @@ -104808,7 +111964,7 @@ type DescribeVpcEndpointsInput struct { // a prior call.) NextToken *string `type:"string"` - // One or more endpoint IDs. + // The IDs of the VPC endpoints. VpcEndpointIds []*string `locationName:"VpcEndpointId" locationNameList:"item" type:"list"` } @@ -104860,7 +112016,6 @@ func (s *DescribeVpcEndpointsInput) SetVpcEndpointIds(v []*string) *DescribeVpcE return s } -// Contains the output of DescribeVpcEndpoints. type DescribeVpcEndpointsOutput struct { _ struct{} `type:"structure"` @@ -104911,7 +112066,7 @@ type DescribeVpcPeeringConnectionsInput struct { // it is UnauthorizedOperation. DryRun *bool `locationName:"dryRun" type:"boolean"` - // One or more filters. + // The filters. // // * accepter-vpc-info.cidr-block - The IPv4 CIDR block of the accepter VPC. // @@ -104949,14 +112104,16 @@ type DescribeVpcPeeringConnectionsInput struct { // * vpc-peering-connection-id - The ID of the VPC peering connection. Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` - // The maximum number of results to return with a single call. To retrieve the - // remaining results, make another call with the returned nextToken value. + // The maximum number of items to return for this request. To get the next page + // of items, make another request with the token returned in the output. For + // more information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination). MaxResults *int64 `min:"5" type:"integer"` - // The token for the next page of results. + // The token returned from a previous paginated request. Pagination continues + // from the end of the items returned by the previous request. NextToken *string `type:"string"` - // One or more VPC peering connection IDs. + // The IDs of the VPC peering connections. // // Default: Describes all your VPC peering connections. VpcPeeringConnectionIds []*string `locationName:"VpcPeeringConnectionId" locationNameList:"item" type:"list"` @@ -105026,8 +112183,8 @@ func (s *DescribeVpcPeeringConnectionsInput) SetVpcPeeringConnectionIds(v []*str type DescribeVpcPeeringConnectionsOutput struct { _ struct{} `type:"structure"` - // The token to use to retrieve the next page of results. This value is null - // when there are no more results to return. + // The token to include in another request to get the next page of items. This + // value is null when there are no more items to return. NextToken *string `locationName:"nextToken" type:"string"` // Information about the VPC peering connections. @@ -105073,7 +112230,7 @@ type DescribeVpcsInput struct { // it is UnauthorizedOperation. DryRun *bool `locationName:"dryRun" type:"boolean"` - // One or more filters. + // The filters. // // * cidr - The primary IPv4 CIDR block of the VPC. The CIDR block you specify // must exactly match the VPC's CIDR block for information to be returned @@ -105122,14 +112279,16 @@ type DescribeVpcsInput struct { // * vpc-id - The ID of the VPC. Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` - // The maximum number of results to return with a single call. To retrieve the - // remaining results, make another call with the returned nextToken value. + // The maximum number of items to return for this request. To get the next page + // of items, make another request with the token returned in the output. For + // more information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination). MaxResults *int64 `min:"5" type:"integer"` - // The token for the next page of results. + // The token returned from a previous paginated request. Pagination continues + // from the end of the items returned by the previous request. NextToken *string `type:"string"` - // One or more VPC IDs. + // The IDs of the VPCs. // // Default: Describes all your VPCs. VpcIds []*string `locationName:"VpcId" locationNameList:"VpcId" type:"list"` @@ -105199,8 +112358,8 @@ func (s *DescribeVpcsInput) SetVpcIds(v []*string) *DescribeVpcsInput { type DescribeVpcsOutput struct { _ struct{} `type:"structure"` - // The token to use to retrieve the next page of results. This value is null - // when there are no more results to return. + // The token to include in another request to get the next page of items. This + // value is null when there are no more items to return. NextToken *string `locationName:"nextToken" type:"string"` // Information about one or more VPCs. @@ -105897,12 +113056,12 @@ type DetachVerifiedAccessTrustProviderInput struct { // it is UnauthorizedOperation. DryRun *bool `type:"boolean"` - // The ID of the Amazon Web Services Verified Access instance. + // The ID of the Verified Access instance. // // VerifiedAccessInstanceId is a required field VerifiedAccessInstanceId *string `type:"string" required:"true"` - // The ID of the Amazon Web Services Verified Access trust provider. + // The ID of the Verified Access trust provider. // // VerifiedAccessTrustProviderId is a required field VerifiedAccessTrustProviderId *string `type:"string" required:"true"` @@ -105969,10 +113128,10 @@ func (s *DetachVerifiedAccessTrustProviderInput) SetVerifiedAccessTrustProviderI type DetachVerifiedAccessTrustProviderOutput struct { _ struct{} `type:"structure"` - // The ID of the Amazon Web Services Verified Access instance. + // Details about the Verified Access instance. VerifiedAccessInstance *VerifiedAccessInstance `locationName:"verifiedAccessInstance" type:"structure"` - // The ID of the Amazon Web Services Verified Access trust provider. + // Details about the Verified Access trust provider. VerifiedAccessTrustProvider *VerifiedAccessTrustProvider `locationName:"verifiedAccessTrustProvider" type:"structure"` } @@ -106193,11 +113352,15 @@ func (s DetachVpnGatewayOutput) GoString() string { return s.String() } -// Options for an Amazon Web Services Verified Access device-identity based -// trust provider. +// Describes the options for an Amazon Web Services Verified Access device-identity +// based trust provider. type DeviceOptions struct { _ struct{} `type:"structure"` + // The URL Amazon Web Services Verified Access will use to verify the authenticity + // of the device tokens. + PublicSigningKeyUrl *string `locationName:"publicSigningKeyUrl" type:"string"` + // The ID of the tenant application with the device-identity provider. TenantId *string `locationName:"tenantId" type:"string"` } @@ -106220,6 +113383,12 @@ func (s DeviceOptions) GoString() string { return s.String() } +// SetPublicSigningKeyUrl sets the PublicSigningKeyUrl field's value. +func (s *DeviceOptions) SetPublicSigningKeyUrl(v string) *DeviceOptions { + s.PublicSigningKeyUrl = &v + return s +} + // SetTenantId sets the TenantId field's value. func (s *DeviceOptions) SetTenantId(v string) *DeviceOptions { s.TenantId = &v @@ -106233,7 +113402,7 @@ type DhcpConfiguration struct { // The name of a DHCP option. Key *string `locationName:"key" type:"string"` - // One or more values for the DHCP option. + // The values for the DHCP option. Values []*AttributeValue `locationName:"valueSet" locationNameList:"item" type:"list"` } @@ -106267,11 +113436,11 @@ func (s *DhcpConfiguration) SetValues(v []*AttributeValue) *DhcpConfiguration { return s } -// Describes a set of DHCP options. +// The set of DHCP options. type DhcpOptions struct { _ struct{} `type:"structure"` - // One or more DHCP options in the set. + // The DHCP options in the set. DhcpConfigurations []*DhcpConfiguration `locationName:"dhcpConfigurationSet" locationNameList:"item" type:"list"` // The ID of the set of DHCP options. @@ -106656,13 +113825,12 @@ type DisableFastLaunchInput struct { // it is UnauthorizedOperation. DryRun *bool `type:"boolean"` - // Forces the image settings to turn off faster launching for your Windows AMI. - // This parameter overrides any errors that are encountered while cleaning up - // resources in your account. + // Forces the image settings to turn off Windows fast launch for your Windows + // AMI. This parameter overrides any errors that are encountered while cleaning + // up resources in your account. Force *bool `type:"boolean"` - // The ID of the image for which you’re turning off faster launching, and - // removing pre-provisioned snapshots. + // Specify the ID of the image for which to disable Windows fast launch. // // ImageId is a required field ImageId *string `type:"string" required:"true"` @@ -106720,34 +113888,36 @@ func (s *DisableFastLaunchInput) SetImageId(v string) *DisableFastLaunchInput { type DisableFastLaunchOutput struct { _ struct{} `type:"structure"` - // The ID of the image for which faster-launching has been turned off. + // The ID of the image for which Windows fast launch was disabled. ImageId *string `locationName:"imageId" type:"string"` // The launch template that was used to launch Windows instances from pre-provisioned // snapshots. LaunchTemplate *FastLaunchLaunchTemplateSpecificationResponse `locationName:"launchTemplate" type:"structure"` - // The maximum number of parallel instances to launch for creating resources. + // The maximum number of instances that Amazon EC2 can launch at the same time + // to create pre-provisioned snapshots for Windows fast launch. MaxParallelLaunches *int64 `locationName:"maxParallelLaunches" type:"integer"` - // The owner of the Windows AMI for which faster launching was turned off. + // The owner of the Windows AMI for which Windows fast launch was disabled. OwnerId *string `locationName:"ownerId" type:"string"` // The pre-provisioning resource type that must be cleaned after turning off - // faster launching for the Windows AMI. Supported values include: snapshot. + // Windows fast launch for the Windows AMI. Supported values include: snapshot. ResourceType *string `locationName:"resourceType" type:"string" enum:"FastLaunchResourceType"` - // Parameters that were used for faster launching for the Windows AMI before - // faster launching was turned off. This informs the clean-up process. + // Parameters that were used for Windows fast launch for the Windows AMI before + // Windows fast launch was disabled. This informs the clean-up process. SnapshotConfiguration *FastLaunchSnapshotConfigurationResponse `locationName:"snapshotConfiguration" type:"structure"` - // The current state of faster launching for the specified Windows AMI. + // The current state of Windows fast launch for the specified Windows AMI. State *string `locationName:"state" type:"string" enum:"FastLaunchStateCode"` - // The reason that the state changed for faster launching for the Windows AMI. + // The reason that the state changed for Windows fast launch for the Windows + // AMI. StateTransitionReason *string `locationName:"stateTransitionReason" type:"string"` - // The time that the state changed for faster launching for the Windows AMI. + // The time that the state changed for Windows fast launch for the Windows AMI. StateTransitionTime *time.Time `locationName:"stateTransitionTime" type:"timestamp"` } @@ -107192,6 +114362,71 @@ func (s *DisableFastSnapshotRestoresOutput) SetUnsuccessful(v []*DisableFastSnap return s } +type DisableImageBlockPublicAccessInput struct { + _ struct{} `type:"structure"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DisableImageBlockPublicAccessInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DisableImageBlockPublicAccessInput) GoString() string { + return s.String() +} + +// SetDryRun sets the DryRun field's value. +func (s *DisableImageBlockPublicAccessInput) SetDryRun(v bool) *DisableImageBlockPublicAccessInput { + s.DryRun = &v + return s +} + +type DisableImageBlockPublicAccessOutput struct { + _ struct{} `type:"structure"` + + // Returns unblocked if the request succeeds; otherwise, it returns an error. + ImageBlockPublicAccessState *string `locationName:"imageBlockPublicAccessState" type:"string" enum:"ImageBlockPublicAccessDisabledState"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DisableImageBlockPublicAccessOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DisableImageBlockPublicAccessOutput) GoString() string { + return s.String() +} + +// SetImageBlockPublicAccessState sets the ImageBlockPublicAccessState field's value. +func (s *DisableImageBlockPublicAccessOutput) SetImageBlockPublicAccessState(v string) *DisableImageBlockPublicAccessOutput { + s.ImageBlockPublicAccessState = &v + return s +} + type DisableImageDeprecationInput struct { _ struct{} `type:"structure"` @@ -107281,6 +114516,95 @@ func (s *DisableImageDeprecationOutput) SetReturn(v bool) *DisableImageDeprecati return s } +type DisableImageInput struct { + _ struct{} `type:"structure"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The ID of the AMI. + // + // ImageId is a required field + ImageId *string `type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DisableImageInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DisableImageInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DisableImageInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DisableImageInput"} + if s.ImageId == nil { + invalidParams.Add(request.NewErrParamRequired("ImageId")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDryRun sets the DryRun field's value. +func (s *DisableImageInput) SetDryRun(v bool) *DisableImageInput { + s.DryRun = &v + return s +} + +// SetImageId sets the ImageId field's value. +func (s *DisableImageInput) SetImageId(v string) *DisableImageInput { + s.ImageId = &v + return s +} + +type DisableImageOutput struct { + _ struct{} `type:"structure"` + + // Returns true if the request succeeds; otherwise, it returns an error. + Return *bool `locationName:"return" type:"boolean"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DisableImageOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DisableImageOutput) GoString() string { + return s.String() +} + +// SetReturn sets the Return field's value. +func (s *DisableImageOutput) SetReturn(v bool) *DisableImageOutput { + s.Return = &v + return s +} + type DisableIpamOrganizationAdminAccountInput struct { _ struct{} `type:"structure"` @@ -107437,6 +114761,71 @@ func (s *DisableSerialConsoleAccessOutput) SetSerialConsoleAccessEnabled(v bool) return s } +type DisableSnapshotBlockPublicAccessInput struct { + _ struct{} `type:"structure"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DisableSnapshotBlockPublicAccessInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DisableSnapshotBlockPublicAccessInput) GoString() string { + return s.String() +} + +// SetDryRun sets the DryRun field's value. +func (s *DisableSnapshotBlockPublicAccessInput) SetDryRun(v bool) *DisableSnapshotBlockPublicAccessInput { + s.DryRun = &v + return s +} + +type DisableSnapshotBlockPublicAccessOutput struct { + _ struct{} `type:"structure"` + + // Returns unblocked if the request succeeds. + State *string `locationName:"state" type:"string" enum:"SnapshotBlockPublicAccessState"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DisableSnapshotBlockPublicAccessOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DisableSnapshotBlockPublicAccessOutput) GoString() string { + return s.String() +} + +// SetState sets the State field's value. +func (s *DisableSnapshotBlockPublicAccessOutput) SetState(v string) *DisableSnapshotBlockPublicAccessOutput { + s.State = &v + return s +} + type DisableTransitGatewayRouteTablePropagationInput struct { _ struct{} `type:"structure"` @@ -107793,7 +115182,7 @@ func (s *DisableVpcClassicLinkOutput) SetReturn(v bool) *DisableVpcClassicLinkOu type DisassociateAddressInput struct { _ struct{} `type:"structure"` - // [EC2-VPC] The association ID. Required for EC2-VPC. + // The association ID. This parameter is required. AssociationId *string `type:"string"` // Checks whether you have the required permissions for the action, without @@ -107802,7 +115191,7 @@ type DisassociateAddressInput struct { // it is UnauthorizedOperation. DryRun *bool `locationName:"dryRun" type:"boolean"` - // [EC2-Classic] The Elastic IP address. Required for EC2-Classic. + // Deprecated. PublicIp *string `type:"string"` } @@ -107980,7 +115369,9 @@ type DisassociateEnclaveCertificateIamRoleInput struct { _ struct{} `type:"structure"` // The ARN of the ACM certificate from which to disassociate the IAM role. - CertificateArn *string `min:"1" type:"string"` + // + // CertificateArn is a required field + CertificateArn *string `type:"string" required:"true"` // Checks whether you have the required permissions for the action, without // actually making the request, and provides an error response. If you have @@ -107989,7 +115380,9 @@ type DisassociateEnclaveCertificateIamRoleInput struct { DryRun *bool `type:"boolean"` // The ARN of the IAM role to disassociate. - RoleArn *string `min:"1" type:"string"` + // + // RoleArn is a required field + RoleArn *string `type:"string" required:"true"` } // String returns the string representation. @@ -108013,11 +115406,11 @@ func (s DisassociateEnclaveCertificateIamRoleInput) GoString() string { // Validate inspects the fields of the type to determine if they are valid. func (s *DisassociateEnclaveCertificateIamRoleInput) Validate() error { invalidParams := request.ErrInvalidParams{Context: "DisassociateEnclaveCertificateIamRoleInput"} - if s.CertificateArn != nil && len(*s.CertificateArn) < 1 { - invalidParams.Add(request.NewErrParamMinLen("CertificateArn", 1)) + if s.CertificateArn == nil { + invalidParams.Add(request.NewErrParamRequired("CertificateArn")) } - if s.RoleArn != nil && len(*s.RoleArn) < 1 { - invalidParams.Add(request.NewErrParamMinLen("RoleArn", 1)) + if s.RoleArn == nil { + invalidParams.Add(request.NewErrParamRequired("RoleArn")) } if invalidParams.Len() > 0 { @@ -108255,6 +115648,324 @@ func (s *DisassociateInstanceEventWindowOutput) SetInstanceEventWindow(v *Instan return s } +type DisassociateIpamByoasnInput struct { + _ struct{} `type:"structure"` + + // A public 2-byte or 4-byte ASN. + // + // Asn is a required field + Asn *string `type:"string" required:"true"` + + // A BYOIP CIDR. + // + // Cidr is a required field + Cidr *string `type:"string" required:"true"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DisassociateIpamByoasnInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DisassociateIpamByoasnInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DisassociateIpamByoasnInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DisassociateIpamByoasnInput"} + if s.Asn == nil { + invalidParams.Add(request.NewErrParamRequired("Asn")) + } + if s.Cidr == nil { + invalidParams.Add(request.NewErrParamRequired("Cidr")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetAsn sets the Asn field's value. +func (s *DisassociateIpamByoasnInput) SetAsn(v string) *DisassociateIpamByoasnInput { + s.Asn = &v + return s +} + +// SetCidr sets the Cidr field's value. +func (s *DisassociateIpamByoasnInput) SetCidr(v string) *DisassociateIpamByoasnInput { + s.Cidr = &v + return s +} + +// SetDryRun sets the DryRun field's value. +func (s *DisassociateIpamByoasnInput) SetDryRun(v bool) *DisassociateIpamByoasnInput { + s.DryRun = &v + return s +} + +type DisassociateIpamByoasnOutput struct { + _ struct{} `type:"structure"` + + // An ASN and BYOIP CIDR association. + AsnAssociation *AsnAssociation `locationName:"asnAssociation" type:"structure"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DisassociateIpamByoasnOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DisassociateIpamByoasnOutput) GoString() string { + return s.String() +} + +// SetAsnAssociation sets the AsnAssociation field's value. +func (s *DisassociateIpamByoasnOutput) SetAsnAssociation(v *AsnAssociation) *DisassociateIpamByoasnOutput { + s.AsnAssociation = v + return s +} + +type DisassociateIpamResourceDiscoveryInput struct { + _ struct{} `type:"structure"` + + // A check for whether you have the required permissions for the action without + // actually making the request and provides an error response. If you have the + // required permissions, the error response is DryRunOperation. Otherwise, it + // is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // A resource discovery association ID. + // + // IpamResourceDiscoveryAssociationId is a required field + IpamResourceDiscoveryAssociationId *string `type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DisassociateIpamResourceDiscoveryInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DisassociateIpamResourceDiscoveryInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DisassociateIpamResourceDiscoveryInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DisassociateIpamResourceDiscoveryInput"} + if s.IpamResourceDiscoveryAssociationId == nil { + invalidParams.Add(request.NewErrParamRequired("IpamResourceDiscoveryAssociationId")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDryRun sets the DryRun field's value. +func (s *DisassociateIpamResourceDiscoveryInput) SetDryRun(v bool) *DisassociateIpamResourceDiscoveryInput { + s.DryRun = &v + return s +} + +// SetIpamResourceDiscoveryAssociationId sets the IpamResourceDiscoveryAssociationId field's value. +func (s *DisassociateIpamResourceDiscoveryInput) SetIpamResourceDiscoveryAssociationId(v string) *DisassociateIpamResourceDiscoveryInput { + s.IpamResourceDiscoveryAssociationId = &v + return s +} + +type DisassociateIpamResourceDiscoveryOutput struct { + _ struct{} `type:"structure"` + + // A resource discovery association. + IpamResourceDiscoveryAssociation *IpamResourceDiscoveryAssociation `locationName:"ipamResourceDiscoveryAssociation" type:"structure"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DisassociateIpamResourceDiscoveryOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DisassociateIpamResourceDiscoveryOutput) GoString() string { + return s.String() +} + +// SetIpamResourceDiscoveryAssociation sets the IpamResourceDiscoveryAssociation field's value. +func (s *DisassociateIpamResourceDiscoveryOutput) SetIpamResourceDiscoveryAssociation(v *IpamResourceDiscoveryAssociation) *DisassociateIpamResourceDiscoveryOutput { + s.IpamResourceDiscoveryAssociation = v + return s +} + +type DisassociateNatGatewayAddressInput struct { + _ struct{} `type:"structure"` + + // The association IDs of EIPs that have been associated with the NAT gateway. + // + // AssociationIds is a required field + AssociationIds []*string `locationName:"AssociationId" locationNameList:"item" type:"list" required:"true"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The maximum amount of time to wait (in seconds) before forcibly releasing + // the IP addresses if connections are still in progress. Default value is 350 + // seconds. + MaxDrainDurationSeconds *int64 `min:"1" type:"integer"` + + // The ID of the NAT gateway. + // + // NatGatewayId is a required field + NatGatewayId *string `type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DisassociateNatGatewayAddressInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DisassociateNatGatewayAddressInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DisassociateNatGatewayAddressInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DisassociateNatGatewayAddressInput"} + if s.AssociationIds == nil { + invalidParams.Add(request.NewErrParamRequired("AssociationIds")) + } + if s.MaxDrainDurationSeconds != nil && *s.MaxDrainDurationSeconds < 1 { + invalidParams.Add(request.NewErrParamMinValue("MaxDrainDurationSeconds", 1)) + } + if s.NatGatewayId == nil { + invalidParams.Add(request.NewErrParamRequired("NatGatewayId")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetAssociationIds sets the AssociationIds field's value. +func (s *DisassociateNatGatewayAddressInput) SetAssociationIds(v []*string) *DisassociateNatGatewayAddressInput { + s.AssociationIds = v + return s +} + +// SetDryRun sets the DryRun field's value. +func (s *DisassociateNatGatewayAddressInput) SetDryRun(v bool) *DisassociateNatGatewayAddressInput { + s.DryRun = &v + return s +} + +// SetMaxDrainDurationSeconds sets the MaxDrainDurationSeconds field's value. +func (s *DisassociateNatGatewayAddressInput) SetMaxDrainDurationSeconds(v int64) *DisassociateNatGatewayAddressInput { + s.MaxDrainDurationSeconds = &v + return s +} + +// SetNatGatewayId sets the NatGatewayId field's value. +func (s *DisassociateNatGatewayAddressInput) SetNatGatewayId(v string) *DisassociateNatGatewayAddressInput { + s.NatGatewayId = &v + return s +} + +type DisassociateNatGatewayAddressOutput struct { + _ struct{} `type:"structure"` + + // Information about the NAT gateway IP addresses. + NatGatewayAddresses []*NatGatewayAddress `locationName:"natGatewayAddressSet" locationNameList:"item" type:"list"` + + // The ID of the NAT gateway. + NatGatewayId *string `locationName:"natGatewayId" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DisassociateNatGatewayAddressOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DisassociateNatGatewayAddressOutput) GoString() string { + return s.String() +} + +// SetNatGatewayAddresses sets the NatGatewayAddresses field's value. +func (s *DisassociateNatGatewayAddressOutput) SetNatGatewayAddresses(v []*NatGatewayAddress) *DisassociateNatGatewayAddressOutput { + s.NatGatewayAddresses = v + return s +} + +// SetNatGatewayId sets the NatGatewayId field's value. +func (s *DisassociateNatGatewayAddressOutput) SetNatGatewayId(v string) *DisassociateNatGatewayAddressOutput { + s.NatGatewayId = &v + return s +} + type DisassociateRouteTableInput struct { _ struct{} `type:"structure"` @@ -108432,13 +116143,19 @@ type DisassociateTransitGatewayMulticastDomainInput struct { DryRun *bool `type:"boolean"` // The IDs of the subnets; - SubnetIds []*string `locationNameList:"item" type:"list"` + // + // SubnetIds is a required field + SubnetIds []*string `locationNameList:"item" type:"list" required:"true"` // The ID of the attachment. - TransitGatewayAttachmentId *string `type:"string"` + // + // TransitGatewayAttachmentId is a required field + TransitGatewayAttachmentId *string `type:"string" required:"true"` // The ID of the transit gateway multicast domain. - TransitGatewayMulticastDomainId *string `type:"string"` + // + // TransitGatewayMulticastDomainId is a required field + TransitGatewayMulticastDomainId *string `type:"string" required:"true"` } // String returns the string representation. @@ -108459,6 +116176,25 @@ func (s DisassociateTransitGatewayMulticastDomainInput) GoString() string { return s.String() } +// Validate inspects the fields of the type to determine if they are valid. +func (s *DisassociateTransitGatewayMulticastDomainInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DisassociateTransitGatewayMulticastDomainInput"} + if s.SubnetIds == nil { + invalidParams.Add(request.NewErrParamRequired("SubnetIds")) + } + if s.TransitGatewayAttachmentId == nil { + invalidParams.Add(request.NewErrParamRequired("TransitGatewayAttachmentId")) + } + if s.TransitGatewayMulticastDomainId == nil { + invalidParams.Add(request.NewErrParamRequired("TransitGatewayMulticastDomainId")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + // SetDryRun sets the DryRun field's value. func (s *DisassociateTransitGatewayMulticastDomainInput) SetDryRun(v bool) *DisassociateTransitGatewayMulticastDomainInput { s.DryRun = &v @@ -109013,7 +116749,11 @@ type DiskImageDescription struct { // // For information about the import manifest referenced by this API action, // see VM Import Manifest (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/manifest.html). - ImportManifestUrl *string `locationName:"importManifestUrl" type:"string"` + // + // ImportManifestUrl is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by DiskImageDescription's + // String and GoString methods. + ImportManifestUrl *string `locationName:"importManifestUrl" type:"string" sensitive:"true"` // The size of the disk image, in GiB. Size *int64 `locationName:"size" type:"long"` @@ -109084,8 +116824,12 @@ type DiskImageDetail struct { // For information about the import manifest referenced by this API action, // see VM Import Manifest (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/manifest.html). // + // ImportManifestUrl is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by DiskImageDetail's + // String and GoString methods. + // // ImportManifestUrl is a required field - ImportManifestUrl *string `locationName:"importManifestUrl" type:"string" required:"true"` + ImportManifestUrl *string `locationName:"importManifestUrl" type:"string" required:"true" sensitive:"true"` } // String returns the string representation. @@ -109281,6 +117025,9 @@ type DnsOptions struct { // The DNS records created for the endpoint. DnsRecordIpType *string `locationName:"dnsRecordIpType" type:"string" enum:"DnsRecordIpType"` + + // Indicates whether to enable private DNS only for inbound endpoints. + PrivateDnsOnlyForInboundResolverEndpoint *bool `locationName:"privateDnsOnlyForInboundResolverEndpoint" type:"boolean"` } // String returns the string representation. @@ -109307,12 +117054,24 @@ func (s *DnsOptions) SetDnsRecordIpType(v string) *DnsOptions { return s } +// SetPrivateDnsOnlyForInboundResolverEndpoint sets the PrivateDnsOnlyForInboundResolverEndpoint field's value. +func (s *DnsOptions) SetPrivateDnsOnlyForInboundResolverEndpoint(v bool) *DnsOptions { + s.PrivateDnsOnlyForInboundResolverEndpoint = &v + return s +} + // Describes the DNS options for an endpoint. type DnsOptionsSpecification struct { _ struct{} `type:"structure"` // The DNS records created for the endpoint. DnsRecordIpType *string `type:"string" enum:"DnsRecordIpType"` + + // Indicates whether to enable private DNS only for inbound endpoints. This + // option is available only for services that support both gateway and interface + // endpoints. It routes traffic that originates from the VPC to the gateway + // endpoint and traffic that originates from on-premises to the interface endpoint. + PrivateDnsOnlyForInboundResolverEndpoint *bool `type:"boolean"` } // String returns the string representation. @@ -109339,6 +117098,12 @@ func (s *DnsOptionsSpecification) SetDnsRecordIpType(v string) *DnsOptionsSpecif return s } +// SetPrivateDnsOnlyForInboundResolverEndpoint sets the PrivateDnsOnlyForInboundResolverEndpoint field's value. +func (s *DnsOptionsSpecification) SetPrivateDnsOnlyForInboundResolverEndpoint(v bool) *DnsOptionsSpecification { + s.PrivateDnsOnlyForInboundResolverEndpoint = &v + return s +} + // Information about the DNS server to be used. type DnsServersOptionsModifyStructure struct { _ struct{} `type:"structure"` @@ -109397,15 +117162,40 @@ type EbsBlockDevice struct { // being restored from a backing snapshot. The effect of setting the encryption // state to true depends on the volume origin (new or from a snapshot), starting // encryption state, ownership, and whether encryption by default is enabled. - // For more information, see Amazon EBS encryption (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html#encryption-parameters) - // in the Amazon EC2 User Guide. + // For more information, see Amazon EBS encryption (https://docs.aws.amazon.com/ebs/latest/userguide/ebs-encryption.html#encryption-parameters) + // in the Amazon EBS User Guide. // // In no case can you remove encryption from an encrypted volume. // // Encrypted volumes can only be attached to instances that support Amazon EBS - // encryption. For more information, see Supported instance types (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html#EBSEncryption_supported_instances). - // - // This parameter is not returned by DescribeImageAttribute (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeImageAttribute.html). + // encryption. For more information, see Supported instance types (https://docs.aws.amazon.com/ebs/latest/userguide/ebs-encryption-requirements.html#ebs-encryption_supported_instances). + // + // This parameter is not returned by DescribeImageAttribute. + // + // For CreateImage and RegisterImage, whether you can include this parameter, + // and the allowed values differ depending on the type of block device mapping + // you are creating. + // + // * If you are creating a block device mapping for a new (empty) volume, + // you can include this parameter, and specify either true for an encrypted + // volume, or false for an unencrypted volume. If you omit this parameter, + // it defaults to false (unencrypted). + // + // * If you are creating a block device mapping from an existing encrypted + // or unencrypted snapshot, you must omit this parameter. If you include + // this parameter, the request will fail, regardless of the value that you + // specify. + // + // * If you are creating a block device mapping from an existing unencrypted + // volume, you can include this parameter, but you must specify false. If + // you specify true, the request will fail. In this case, we recommend that + // you omit the parameter. + // + // * If you are creating a block device mapping from an existing encrypted + // volume, you can include this parameter, and specify either true or false. + // However, if you specify false, the parameter is ignored and the block + // device mapping is always encrypted. In this case, we recommend that you + // omit the parameter. Encrypted *bool `locationName:"encrypted" type:"boolean"` // The number of I/O operations per second (IOPS). For gp3, io1, and io2 volumes, @@ -109415,19 +117205,18 @@ type EbsBlockDevice struct { // // The following are the supported values for each volume type: // - // * gp3: 3,000-16,000 IOPS + // * gp3: 3,000 - 16,000 IOPS // - // * io1: 100-64,000 IOPS + // * io1: 100 - 64,000 IOPS // - // * io2: 100-64,000 IOPS + // * io2: 100 - 256,000 IOPS // - // For io1 and io2 volumes, we guarantee 64,000 IOPS only for Instances built - // on the Nitro System (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html#ec2-nitro-instances). - // Other instance families guarantee performance up to 32,000 IOPS. + // For io2 volumes, you can achieve up to 256,000 IOPS on instances built on + // the Nitro System (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html#ec2-nitro-instances). + // On other instances, you can achieve performance up to 32,000 IOPS. // // This parameter is required for io1 and io2 volumes. The default for gp3 volumes - // is 3,000 IOPS. This parameter is not supported for gp2, st1, sc1, or standard - // volumes. + // is 3,000 IOPS. Iops *int64 `locationName:"iops" type:"integer"` // Identifier (key ID, key alias, ID ARN, or alias ARN) for a customer managed @@ -109441,8 +117230,7 @@ type EbsBlockDevice struct { // The ARN of the Outpost on which the snapshot is stored. // - // This parameter is only supported on BlockDeviceMapping objects called by - // CreateImage (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateImage.html). + // This parameter is not supported when using CreateImage (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateImage.html). OutpostArn *string `locationName:"outpostArn" type:"string"` // The ID of the snapshot. @@ -109460,20 +117248,21 @@ type EbsBlockDevice struct { // You can specify a volume size that is equal to or larger than the snapshot // size. // - // The following are the supported volumes sizes for each volume type: + // The following are the supported sizes for each volume type: + // + // * gp2 and gp3: 1 - 16,384 GiB // - // * gp2 and gp3:1-16,384 + // * io1: 4 - 16,384 GiB // - // * io1 and io2: 4-16,384 + // * io2: 4 - 65,536 GiB // - // * st1 and sc1: 125-16,384 + // * st1 and sc1: 125 - 16,384 GiB // - // * standard: 1-1,024 + // * standard: 1 - 1024 GiB VolumeSize *int64 `locationName:"volumeSize" type:"integer"` - // The volume type. For more information, see Amazon EBS volume types (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html) - // in the Amazon EC2 User Guide. If the volume type is io1 or io2, you must - // specify the IOPS that the volume supports. + // The volume type. For more information, see Amazon EBS volume types (https://docs.aws.amazon.com/ebs/latest/userguide/ebs-volume-types.html) + // in the Amazon EBS User Guide. VolumeType *string `locationName:"volumeType" type:"string" enum:"VolumeType"` } @@ -109614,6 +117403,9 @@ func (s *EbsInfo) SetNvmeSupport(v string) *EbsInfo { type EbsInstanceBlockDevice struct { _ struct{} `type:"structure"` + // The ARN of the Amazon ECS or Fargate task to which the volume is attached. + AssociatedResource *string `locationName:"associatedResource" type:"string"` + // The time stamp when the attachment initiated. AttachTime *time.Time `locationName:"attachTime" type:"timestamp"` @@ -109625,6 +117417,12 @@ type EbsInstanceBlockDevice struct { // The ID of the EBS volume. VolumeId *string `locationName:"volumeId" type:"string"` + + // The ID of the Amazon Web Services account that owns the volume. + // + // This parameter is returned only for volumes that are attached to Fargate + // tasks. + VolumeOwnerId *string `locationName:"volumeOwnerId" type:"string"` } // String returns the string representation. @@ -109645,6 +117443,12 @@ func (s EbsInstanceBlockDevice) GoString() string { return s.String() } +// SetAssociatedResource sets the AssociatedResource field's value. +func (s *EbsInstanceBlockDevice) SetAssociatedResource(v string) *EbsInstanceBlockDevice { + s.AssociatedResource = &v + return s +} + // SetAttachTime sets the AttachTime field's value. func (s *EbsInstanceBlockDevice) SetAttachTime(v time.Time) *EbsInstanceBlockDevice { s.AttachTime = &v @@ -109669,6 +117473,12 @@ func (s *EbsInstanceBlockDevice) SetVolumeId(v string) *EbsInstanceBlockDevice { return s } +// SetVolumeOwnerId sets the VolumeOwnerId field's value. +func (s *EbsInstanceBlockDevice) SetVolumeOwnerId(v string) *EbsInstanceBlockDevice { + s.VolumeOwnerId = &v + return s +} + // Describes information used to set up an EBS volume specified in a block device // mapping. type EbsInstanceBlockDeviceSpecification struct { @@ -109794,6 +117604,176 @@ func (s *EbsOptimizedInfo) SetMaximumThroughputInMBps(v float64) *EbsOptimizedIn return s } +// The EC2 Instance Connect Endpoint. +type Ec2InstanceConnectEndpoint struct { + _ struct{} `type:"structure"` + + // The Availability Zone of the EC2 Instance Connect Endpoint. + AvailabilityZone *string `locationName:"availabilityZone" type:"string"` + + // The date and time that the EC2 Instance Connect Endpoint was created. + CreatedAt *time.Time `locationName:"createdAt" type:"timestamp"` + + // The DNS name of the EC2 Instance Connect Endpoint. + DnsName *string `locationName:"dnsName" type:"string"` + + FipsDnsName *string `locationName:"fipsDnsName" type:"string"` + + // The Amazon Resource Name (ARN) of the EC2 Instance Connect Endpoint. + InstanceConnectEndpointArn *string `locationName:"instanceConnectEndpointArn" min:"1" type:"string"` + + // The ID of the EC2 Instance Connect Endpoint. + InstanceConnectEndpointId *string `locationName:"instanceConnectEndpointId" type:"string"` + + // The ID of the elastic network interface that Amazon EC2 automatically created + // when creating the EC2 Instance Connect Endpoint. + NetworkInterfaceIds []*string `locationName:"networkInterfaceIdSet" locationNameList:"item" type:"list"` + + // The ID of the Amazon Web Services account that created the EC2 Instance Connect + // Endpoint. + OwnerId *string `locationName:"ownerId" type:"string"` + + // Indicates whether your client's IP address is preserved as the source. The + // value is true or false. + // + // * If true, your client's IP address is used when you connect to a resource. + // + // * If false, the elastic network interface IP address is used when you + // connect to a resource. + // + // Default: true + PreserveClientIp *bool `locationName:"preserveClientIp" type:"boolean"` + + // The security groups associated with the endpoint. If you didn't specify a + // security group, the default security group for your VPC is associated with + // the endpoint. + SecurityGroupIds []*string `locationName:"securityGroupIdSet" locationNameList:"item" type:"list"` + + // The current state of the EC2 Instance Connect Endpoint. + State *string `locationName:"state" type:"string" enum:"Ec2InstanceConnectEndpointState"` + + // The message for the current state of the EC2 Instance Connect Endpoint. Can + // include a failure message. + StateMessage *string `locationName:"stateMessage" type:"string"` + + // The ID of the subnet in which the EC2 Instance Connect Endpoint was created. + SubnetId *string `locationName:"subnetId" type:"string"` + + // The tags assigned to the EC2 Instance Connect Endpoint. + Tags []*Tag `locationName:"tagSet" locationNameList:"item" type:"list"` + + // The ID of the VPC in which the EC2 Instance Connect Endpoint was created. + VpcId *string `locationName:"vpcId" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s Ec2InstanceConnectEndpoint) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s Ec2InstanceConnectEndpoint) GoString() string { + return s.String() +} + +// SetAvailabilityZone sets the AvailabilityZone field's value. +func (s *Ec2InstanceConnectEndpoint) SetAvailabilityZone(v string) *Ec2InstanceConnectEndpoint { + s.AvailabilityZone = &v + return s +} + +// SetCreatedAt sets the CreatedAt field's value. +func (s *Ec2InstanceConnectEndpoint) SetCreatedAt(v time.Time) *Ec2InstanceConnectEndpoint { + s.CreatedAt = &v + return s +} + +// SetDnsName sets the DnsName field's value. +func (s *Ec2InstanceConnectEndpoint) SetDnsName(v string) *Ec2InstanceConnectEndpoint { + s.DnsName = &v + return s +} + +// SetFipsDnsName sets the FipsDnsName field's value. +func (s *Ec2InstanceConnectEndpoint) SetFipsDnsName(v string) *Ec2InstanceConnectEndpoint { + s.FipsDnsName = &v + return s +} + +// SetInstanceConnectEndpointArn sets the InstanceConnectEndpointArn field's value. +func (s *Ec2InstanceConnectEndpoint) SetInstanceConnectEndpointArn(v string) *Ec2InstanceConnectEndpoint { + s.InstanceConnectEndpointArn = &v + return s +} + +// SetInstanceConnectEndpointId sets the InstanceConnectEndpointId field's value. +func (s *Ec2InstanceConnectEndpoint) SetInstanceConnectEndpointId(v string) *Ec2InstanceConnectEndpoint { + s.InstanceConnectEndpointId = &v + return s +} + +// SetNetworkInterfaceIds sets the NetworkInterfaceIds field's value. +func (s *Ec2InstanceConnectEndpoint) SetNetworkInterfaceIds(v []*string) *Ec2InstanceConnectEndpoint { + s.NetworkInterfaceIds = v + return s +} + +// SetOwnerId sets the OwnerId field's value. +func (s *Ec2InstanceConnectEndpoint) SetOwnerId(v string) *Ec2InstanceConnectEndpoint { + s.OwnerId = &v + return s +} + +// SetPreserveClientIp sets the PreserveClientIp field's value. +func (s *Ec2InstanceConnectEndpoint) SetPreserveClientIp(v bool) *Ec2InstanceConnectEndpoint { + s.PreserveClientIp = &v + return s +} + +// SetSecurityGroupIds sets the SecurityGroupIds field's value. +func (s *Ec2InstanceConnectEndpoint) SetSecurityGroupIds(v []*string) *Ec2InstanceConnectEndpoint { + s.SecurityGroupIds = v + return s +} + +// SetState sets the State field's value. +func (s *Ec2InstanceConnectEndpoint) SetState(v string) *Ec2InstanceConnectEndpoint { + s.State = &v + return s +} + +// SetStateMessage sets the StateMessage field's value. +func (s *Ec2InstanceConnectEndpoint) SetStateMessage(v string) *Ec2InstanceConnectEndpoint { + s.StateMessage = &v + return s +} + +// SetSubnetId sets the SubnetId field's value. +func (s *Ec2InstanceConnectEndpoint) SetSubnetId(v string) *Ec2InstanceConnectEndpoint { + s.SubnetId = &v + return s +} + +// SetTags sets the Tags field's value. +func (s *Ec2InstanceConnectEndpoint) SetTags(v []*Tag) *Ec2InstanceConnectEndpoint { + s.Tags = v + return s +} + +// SetVpcId sets the VpcId field's value. +func (s *Ec2InstanceConnectEndpoint) SetVpcId(v string) *Ec2InstanceConnectEndpoint { + s.VpcId = &v + return s +} + // Describes the Elastic Fabric Adapters for the instance type. type EfaInfo struct { _ struct{} `type:"structure"` @@ -109876,6 +117856,10 @@ func (s *EgressOnlyInternetGateway) SetTags(v []*Tag) *EgressOnlyInternetGateway return s } +// Amazon Elastic Graphics reached end of life on January 8, 2024. For workloads +// that require graphics acceleration, we recommend that you use Amazon EC2 +// G4ad, G4dn, or G5 instances. +// // Describes the association between an instance and an Elastic Graphics accelerator. type ElasticGpuAssociation struct { _ struct{} `type:"structure"` @@ -109936,6 +117920,10 @@ func (s *ElasticGpuAssociation) SetElasticGpuId(v string) *ElasticGpuAssociation return s } +// Amazon Elastic Graphics reached end of life on January 8, 2024. For workloads +// that require graphics acceleration, we recommend that you use Amazon EC2 +// G4ad, G4dn, or G5 instances. +// // Describes the status of an Elastic Graphics accelerator. type ElasticGpuHealth struct { _ struct{} `type:"structure"` @@ -109968,6 +117956,10 @@ func (s *ElasticGpuHealth) SetStatus(v string) *ElasticGpuHealth { return s } +// Amazon Elastic Graphics reached end of life on January 8, 2024. For workloads +// that require graphics acceleration, we recommend that you use Amazon EC2 +// G4ad, G4dn, or G5 instances. +// // A specification for an Elastic Graphics accelerator. type ElasticGpuSpecification struct { _ struct{} `type:"structure"` @@ -110018,11 +118010,19 @@ func (s *ElasticGpuSpecification) SetType(v string) *ElasticGpuSpecification { return s } -// Describes an elastic GPU. +// Deprecated. +// +// Amazon Elastic Graphics reached end of life on January 8, 2024. For workloads +// that require graphics acceleration, we recommend that you use Amazon EC2 +// G4ad, G4dn, or G5 instances. type ElasticGpuSpecificationResponse struct { _ struct{} `type:"structure"` - // The elastic GPU type. + // Deprecated. + // + // Amazon Elastic Graphics reached end of life on January 8, 2024. For workloads + // that require graphics acceleration, we recommend that you use Amazon EC2 + // G4ad, G4dn, or G5 instances. Type *string `locationName:"type" type:"string"` } @@ -110050,6 +118050,10 @@ func (s *ElasticGpuSpecificationResponse) SetType(v string) *ElasticGpuSpecifica return s } +// Amazon Elastic Graphics reached end of life on January 8, 2024. For workloads +// that require graphics acceleration, we recommend that you use Amazon EC2 +// G4ad, G4dn, or G5 instances. +// // Describes an Elastic Graphics accelerator. type ElasticGpus struct { _ struct{} `type:"structure"` @@ -110310,8 +118314,50 @@ func (s *EnaSrdSpecification) SetEnaSrdUdpSpecification(v *EnaSrdUdpSpecificatio return s } +// Launch instances with ENA Express settings configured from your launch template. +type EnaSrdSpecificationRequest struct { + _ struct{} `type:"structure"` + + // Specifies whether ENA Express is enabled for the network interface when you + // launch an instance from your launch template. + EnaSrdEnabled *bool `type:"boolean"` + + // Contains ENA Express settings for UDP network traffic in your launch template. + EnaSrdUdpSpecification *EnaSrdUdpSpecificationRequest `type:"structure"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s EnaSrdSpecificationRequest) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s EnaSrdSpecificationRequest) GoString() string { + return s.String() +} + +// SetEnaSrdEnabled sets the EnaSrdEnabled field's value. +func (s *EnaSrdSpecificationRequest) SetEnaSrdEnabled(v bool) *EnaSrdSpecificationRequest { + s.EnaSrdEnabled = &v + return s +} + +// SetEnaSrdUdpSpecification sets the EnaSrdUdpSpecification field's value. +func (s *EnaSrdSpecificationRequest) SetEnaSrdUdpSpecification(v *EnaSrdUdpSpecificationRequest) *EnaSrdSpecificationRequest { + s.EnaSrdUdpSpecification = v + return s +} + // ENA Express is compatible with both TCP and UDP transport protocols. When -// it’s enabled, TCP traffic automatically uses it. However, some UDP-based +// it's enabled, TCP traffic automatically uses it. However, some UDP-based // applications are designed to handle network packets that are out of order, // without a need for retransmission, such as live video broadcasting or other // near-real-time applications. For UDP traffic, you can specify whether to @@ -110319,8 +118365,8 @@ func (s *EnaSrdSpecification) SetEnaSrdUdpSpecification(v *EnaSrdUdpSpecificatio type EnaSrdUdpSpecification struct { _ struct{} `type:"structure"` - // Indicates whether UDP traffic uses ENA Express. To specify this setting, - // you must first enable ENA Express. + // Indicates whether UDP traffic to and from the instance uses ENA Express. + // To specify this setting, you must first enable ENA Express. EnaSrdUdpEnabled *bool `type:"boolean"` } @@ -110348,6 +118394,41 @@ func (s *EnaSrdUdpSpecification) SetEnaSrdUdpEnabled(v bool) *EnaSrdUdpSpecifica return s } +// Configures ENA Express for UDP network traffic from your launch template. +type EnaSrdUdpSpecificationRequest struct { + _ struct{} `type:"structure"` + + // Indicates whether UDP traffic uses ENA Express for your instance. To ensure + // that UDP traffic can use ENA Express when you launch an instance, you must + // also set EnaSrdEnabled in the EnaSrdSpecificationRequest to true in your + // launch template. + EnaSrdUdpEnabled *bool `type:"boolean"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s EnaSrdUdpSpecificationRequest) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s EnaSrdUdpSpecificationRequest) GoString() string { + return s.String() +} + +// SetEnaSrdUdpEnabled sets the EnaSrdUdpEnabled field's value. +func (s *EnaSrdUdpSpecificationRequest) SetEnaSrdUdpEnabled(v bool) *EnaSrdUdpSpecificationRequest { + s.EnaSrdUdpEnabled = &v + return s +} + type EnableAddressTransferInput struct { _ struct{} `type:"structure"` @@ -110454,8 +118535,9 @@ func (s *EnableAddressTransferOutput) SetAddressTransfer(v *AddressTransfer) *En type EnableAwsNetworkPerformanceMetricSubscriptionInput struct { _ struct{} `type:"structure"` - // The target Region or Availability Zone that the metric subscription is enabled - // for. For example, eu-west-1. + // The target Region (like us-east-2) or Availability Zone ID (like use2-az2) + // that the metric subscription is enabled for. If you use Availability Zone + // IDs, the Source and Destination Availability Zones must be in the same Region. Destination *string `type:"string"` // Checks whether you have the required permissions for the action, without @@ -110467,8 +118549,9 @@ type EnableAwsNetworkPerformanceMetricSubscriptionInput struct { // The metric used for the enabled subscription. Metric *string `type:"string" enum:"MetricType"` - // The source Region or Availability Zone that the metric subscription is enabled - // for. For example, us-east-1. + // The source Region (like us-east-1) or Availability Zone ID (like use1-az1) + // that the metric subscription is enabled for. If you use Availability Zone + // IDs, the Source and Destination Availability Zones must be in the same Region. Source *string `type:"string"` // The statistic used for the enabled subscription. @@ -110628,7 +118711,7 @@ type EnableFastLaunchInput struct { // it is UnauthorizedOperation. DryRun *bool `type:"boolean"` - // The ID of the image for which you’re enabling faster launching. + // Specify the ID of the image for which to enable Windows fast launch. // // ImageId is a required field ImageId *string `type:"string" required:"true"` @@ -110638,17 +118721,18 @@ type EnableFastLaunchInput struct { // the launch template, but not both. LaunchTemplate *FastLaunchLaunchTemplateSpecificationRequest `type:"structure"` - // The maximum number of parallel instances to launch for creating resources. - // Value must be 6 or greater. + // The maximum number of instances that Amazon EC2 can launch at the same time + // to create pre-provisioned snapshots for Windows fast launch. Value must be + // 6 or greater. MaxParallelLaunches *int64 `type:"integer"` - // The type of resource to use for pre-provisioning the Windows AMI for faster - // launching. Supported values include: snapshot, which is the default value. + // The type of resource to use for pre-provisioning the AMI for Windows fast + // launch. Supported values include: snapshot, which is the default value. ResourceType *string `type:"string"` // Configuration settings for creating and managing the snapshots that are used - // for pre-provisioning the Windows AMI for faster launching. The associated - // ResourceType must be snapshot. + // for pre-provisioning the AMI for Windows fast launch. The associated ResourceType + // must be snapshot. SnapshotConfiguration *FastLaunchSnapshotConfigurationRequest `type:"structure"` } @@ -110727,36 +118811,36 @@ func (s *EnableFastLaunchInput) SetSnapshotConfiguration(v *FastLaunchSnapshotCo type EnableFastLaunchOutput struct { _ struct{} `type:"structure"` - // The image ID that identifies the Windows AMI for which faster launching was - // enabled. + // The image ID that identifies the AMI for which Windows fast launch was enabled. ImageId *string `locationName:"imageId" type:"string"` // The launch template that is used when launching Windows instances from pre-provisioned // snapshots. LaunchTemplate *FastLaunchLaunchTemplateSpecificationResponse `locationName:"launchTemplate" type:"structure"` - // The maximum number of parallel instances to launch for creating resources. + // The maximum number of instances that Amazon EC2 can launch at the same time + // to create pre-provisioned snapshots for Windows fast launch. MaxParallelLaunches *int64 `locationName:"maxParallelLaunches" type:"integer"` - // The owner ID for the Windows AMI for which faster launching was enabled. + // The owner ID for the AMI for which Windows fast launch was enabled. OwnerId *string `locationName:"ownerId" type:"string"` - // The type of resource that was defined for pre-provisioning the Windows AMI - // for faster launching. + // The type of resource that was defined for pre-provisioning the AMI for Windows + // fast launch. ResourceType *string `locationName:"resourceType" type:"string" enum:"FastLaunchResourceType"` - // The configuration settings that were defined for creating and managing the - // pre-provisioned snapshots for faster launching of the Windows AMI. This property - // is returned when the associated resourceType is snapshot. + // Settings to create and manage the pre-provisioned snapshots that Amazon EC2 + // uses for faster launches from the Windows AMI. This property is returned + // when the associated resourceType is snapshot. SnapshotConfiguration *FastLaunchSnapshotConfigurationResponse `locationName:"snapshotConfiguration" type:"structure"` - // The current state of faster launching for the specified Windows AMI. + // The current state of Windows fast launch for the specified AMI. State *string `locationName:"state" type:"string" enum:"FastLaunchStateCode"` - // The reason that the state changed for faster launching for the Windows AMI. + // The reason that the state changed for Windows fast launch for the AMI. StateTransitionReason *string `locationName:"stateTransitionReason" type:"string"` - // The time that the state changed for faster launching for the Windows AMI. + // The time that the state changed for Windows fast launch for the AMI. StateTransitionTime *time.Time `locationName:"stateTransitionTime" type:"timestamp"` } @@ -111203,6 +119287,98 @@ func (s *EnableFastSnapshotRestoresOutput) SetUnsuccessful(v []*EnableFastSnapsh return s } +type EnableImageBlockPublicAccessInput struct { + _ struct{} `type:"structure"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // Specify block-new-sharing to enable block public access for AMIs at the account + // level in the specified Region. This will block any attempt to publicly share + // your AMIs in the specified Region. + // + // ImageBlockPublicAccessState is a required field + ImageBlockPublicAccessState *string `type:"string" required:"true" enum:"ImageBlockPublicAccessEnabledState"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s EnableImageBlockPublicAccessInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s EnableImageBlockPublicAccessInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *EnableImageBlockPublicAccessInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "EnableImageBlockPublicAccessInput"} + if s.ImageBlockPublicAccessState == nil { + invalidParams.Add(request.NewErrParamRequired("ImageBlockPublicAccessState")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDryRun sets the DryRun field's value. +func (s *EnableImageBlockPublicAccessInput) SetDryRun(v bool) *EnableImageBlockPublicAccessInput { + s.DryRun = &v + return s +} + +// SetImageBlockPublicAccessState sets the ImageBlockPublicAccessState field's value. +func (s *EnableImageBlockPublicAccessInput) SetImageBlockPublicAccessState(v string) *EnableImageBlockPublicAccessInput { + s.ImageBlockPublicAccessState = &v + return s +} + +type EnableImageBlockPublicAccessOutput struct { + _ struct{} `type:"structure"` + + // Returns block-new-sharing if the request succeeds; otherwise, it returns + // an error. + ImageBlockPublicAccessState *string `locationName:"imageBlockPublicAccessState" type:"string" enum:"ImageBlockPublicAccessEnabledState"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s EnableImageBlockPublicAccessOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s EnableImageBlockPublicAccessOutput) GoString() string { + return s.String() +} + +// SetImageBlockPublicAccessState sets the ImageBlockPublicAccessState field's value. +func (s *EnableImageBlockPublicAccessOutput) SetImageBlockPublicAccessState(v string) *EnableImageBlockPublicAccessOutput { + s.ImageBlockPublicAccessState = &v + return s +} + type EnableImageDeprecationInput struct { _ struct{} `type:"structure"` @@ -111312,6 +119488,95 @@ func (s *EnableImageDeprecationOutput) SetReturn(v bool) *EnableImageDeprecation return s } +type EnableImageInput struct { + _ struct{} `type:"structure"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The ID of the AMI. + // + // ImageId is a required field + ImageId *string `type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s EnableImageInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s EnableImageInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *EnableImageInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "EnableImageInput"} + if s.ImageId == nil { + invalidParams.Add(request.NewErrParamRequired("ImageId")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDryRun sets the DryRun field's value. +func (s *EnableImageInput) SetDryRun(v bool) *EnableImageInput { + s.DryRun = &v + return s +} + +// SetImageId sets the ImageId field's value. +func (s *EnableImageInput) SetImageId(v string) *EnableImageInput { + s.ImageId = &v + return s +} + +type EnableImageOutput struct { + _ struct{} `type:"structure"` + + // Returns true if the request succeeds; otherwise, it returns an error. + Return *bool `locationName:"return" type:"boolean"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s EnableImageOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s EnableImageOutput) GoString() string { + return s.String() +} + +// SetReturn sets the Return field's value. +func (s *EnableImageOutput) SetReturn(v bool) *EnableImageOutput { + s.Return = &v + return s +} + type EnableIpamOrganizationAdminAccountInput struct { _ struct{} `type:"structure"` @@ -111533,6 +119798,114 @@ func (s *EnableSerialConsoleAccessOutput) SetSerialConsoleAccessEnabled(v bool) return s } +type EnableSnapshotBlockPublicAccessInput struct { + _ struct{} `type:"structure"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The mode in which to enable block public access for snapshots for the Region. + // Specify one of the following values: + // + // * block-all-sharing - Prevents all public sharing of snapshots in the + // Region. Users in the account will no longer be able to request new public + // sharing. Additionally, snapshots that are already publicly shared are + // treated as private and they are no longer publicly available. If you enable + // block public access for snapshots in block-all-sharing mode, it does not + // change the permissions for snapshots that are already publicly shared. + // Instead, it prevents these snapshots from be publicly visible and publicly + // accessible. Therefore, the attributes for these snapshots still indicate + // that they are publicly shared, even though they are not publicly available. + // + // * block-new-sharing - Prevents only new public sharing of snapshots in + // the Region. Users in the account will no longer be able to request new + // public sharing. However, snapshots that are already publicly shared, remain + // publicly available. + // + // unblocked is not a valid value for EnableSnapshotBlockPublicAccess. + // + // State is a required field + State *string `type:"string" required:"true" enum:"SnapshotBlockPublicAccessState"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s EnableSnapshotBlockPublicAccessInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s EnableSnapshotBlockPublicAccessInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *EnableSnapshotBlockPublicAccessInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "EnableSnapshotBlockPublicAccessInput"} + if s.State == nil { + invalidParams.Add(request.NewErrParamRequired("State")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDryRun sets the DryRun field's value. +func (s *EnableSnapshotBlockPublicAccessInput) SetDryRun(v bool) *EnableSnapshotBlockPublicAccessInput { + s.DryRun = &v + return s +} + +// SetState sets the State field's value. +func (s *EnableSnapshotBlockPublicAccessInput) SetState(v string) *EnableSnapshotBlockPublicAccessInput { + s.State = &v + return s +} + +type EnableSnapshotBlockPublicAccessOutput struct { + _ struct{} `type:"structure"` + + // The state of block public access for snapshots for the account and Region. + // Returns either block-all-sharing or block-new-sharing if the request succeeds. + State *string `locationName:"state" type:"string" enum:"SnapshotBlockPublicAccessState"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s EnableSnapshotBlockPublicAccessOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s EnableSnapshotBlockPublicAccessOutput) GoString() string { + return s.String() +} + +// SetState sets the State field's value. +func (s *EnableSnapshotBlockPublicAccessOutput) SetState(v string) *EnableSnapshotBlockPublicAccessOutput { + s.State = &v + return s +} + type EnableTransitGatewayRouteTablePropagationInput struct { _ struct{} `type:"structure"` @@ -112229,6 +120602,12 @@ type Explanation struct { // The explanation code. ExplanationCode *string `locationName:"explanationCode" type:"string"` + // The Network Firewall stateful rule. + FirewallStatefulRule *FirewallStatefulRule `locationName:"firewallStatefulRule" type:"structure"` + + // The Network Firewall stateless rule. + FirewallStatelessRule *FirewallStatelessRule `locationName:"firewallStatelessRule" type:"structure"` + // The route table. IngressRouteTable *AnalysisComponent `locationName:"ingressRouteTable" type:"structure"` @@ -112452,6 +120831,18 @@ func (s *Explanation) SetExplanationCode(v string) *Explanation { return s } +// SetFirewallStatefulRule sets the FirewallStatefulRule field's value. +func (s *Explanation) SetFirewallStatefulRule(v *FirewallStatefulRule) *Explanation { + s.FirewallStatefulRule = v + return s +} + +// SetFirewallStatelessRule sets the FirewallStatelessRule field's value. +func (s *Explanation) SetFirewallStatelessRule(v *FirewallStatelessRule) *Explanation { + s.FirewallStatelessRule = v + return s +} + // SetIngressRouteTable sets the IngressRouteTable field's value. func (s *Explanation) SetIngressRouteTable(v *AnalysisComponent) *Explanation { s.IngressRouteTable = v @@ -113713,22 +122104,23 @@ func (s *FailedQueuedPurchaseDeletion) SetReservedInstancesId(v string) *FailedQ return s } -// Request to create a launch template for a fast-launch enabled Windows AMI. +// Request to create a launch template for a Windows fast launch enabled AMI. // // Note - You can specify either the LaunchTemplateName or the LaunchTemplateId, // but not both. type FastLaunchLaunchTemplateSpecificationRequest struct { _ struct{} `type:"structure"` - // The ID of the launch template to use for faster launching for a Windows AMI. + // Specify the ID of the launch template that the AMI should use for Windows + // fast launch. LaunchTemplateId *string `type:"string"` - // The name of the launch template to use for faster launching for a Windows - // AMI. + // Specify the name of the launch template that the AMI should use for Windows + // fast launch. LaunchTemplateName *string `type:"string"` - // The version of the launch template to use for faster launching for a Windows - // AMI. + // Specify the version of the launch template that the AMI should use for Windows + // fast launch. // // Version is a required field Version *string `type:"string" required:"true"` @@ -113783,21 +122175,17 @@ func (s *FastLaunchLaunchTemplateSpecificationRequest) SetVersion(v string) *Fas return s } -// Identifies the launch template to use for faster launching of the Windows -// AMI. +// Identifies the launch template that the AMI uses for Windows fast launch. type FastLaunchLaunchTemplateSpecificationResponse struct { _ struct{} `type:"structure"` - // The ID of the launch template for faster launching of the associated Windows - // AMI. + // The ID of the launch template that the AMI uses for Windows fast launch. LaunchTemplateId *string `locationName:"launchTemplateId" type:"string"` - // The name of the launch template for faster launching of the associated Windows - // AMI. + // The name of the launch template that the AMI uses for Windows fast launch. LaunchTemplateName *string `locationName:"launchTemplateName" type:"string"` - // The version of the launch template for faster launching of the associated - // Windows AMI. + // The version of the launch template that the AMI uses for Windows fast launch. Version *string `locationName:"version" type:"string"` } @@ -113838,12 +122226,12 @@ func (s *FastLaunchLaunchTemplateSpecificationResponse) SetVersion(v string) *Fa } // Configuration settings for creating and managing pre-provisioned snapshots -// for a fast-launch enabled Windows AMI. +// for a Windows fast launch enabled AMI. type FastLaunchSnapshotConfigurationRequest struct { _ struct{} `type:"structure"` - // The number of pre-provisioned snapshots to keep on hand for a fast-launch - // enabled Windows AMI. + // The number of pre-provisioned snapshots to keep on hand for a Windows fast + // launch enabled AMI. TargetResourceCount *int64 `type:"integer"` } @@ -113872,12 +122260,12 @@ func (s *FastLaunchSnapshotConfigurationRequest) SetTargetResourceCount(v int64) } // Configuration settings for creating and managing pre-provisioned snapshots -// for a fast-launch enabled Windows AMI. +// for a Windows fast launch enabled Windows AMI. type FastLaunchSnapshotConfigurationResponse struct { _ struct{} `type:"structure"` - // The number of pre-provisioned snapshots requested to keep on hand for a fast-launch - // enabled Windows AMI. + // The number of pre-provisioned snapshots requested to keep on hand for a Windows + // fast launch enabled AMI. TargetResourceCount *int64 `locationName:"targetResourceCount" type:"integer"` } @@ -114037,6 +122425,237 @@ func (s *Filter) SetValues(v []*string) *Filter { return s } +// Describes a port range. +type FilterPortRange struct { + _ struct{} `type:"structure"` + + // The first port in the range. + FromPort *int64 `locationName:"fromPort" type:"integer"` + + // The last port in the range. + ToPort *int64 `locationName:"toPort" type:"integer"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s FilterPortRange) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s FilterPortRange) GoString() string { + return s.String() +} + +// SetFromPort sets the FromPort field's value. +func (s *FilterPortRange) SetFromPort(v int64) *FilterPortRange { + s.FromPort = &v + return s +} + +// SetToPort sets the ToPort field's value. +func (s *FilterPortRange) SetToPort(v int64) *FilterPortRange { + s.ToPort = &v + return s +} + +// Describes a stateful rule. +type FirewallStatefulRule struct { + _ struct{} `type:"structure"` + + // The destination ports. + DestinationPorts []*PortRange `locationName:"destinationPortSet" locationNameList:"item" type:"list"` + + // The destination IP addresses, in CIDR notation. + Destinations []*string `locationName:"destinationSet" locationNameList:"item" type:"list"` + + // The direction. The possible values are FORWARD and ANY. + Direction *string `locationName:"direction" type:"string"` + + // The protocol. + Protocol *string `locationName:"protocol" type:"string"` + + // The rule action. The possible values are pass, drop, and alert. + RuleAction *string `locationName:"ruleAction" type:"string"` + + // The ARN of the stateful rule group. + RuleGroupArn *string `locationName:"ruleGroupArn" min:"1" type:"string"` + + // The source ports. + SourcePorts []*PortRange `locationName:"sourcePortSet" locationNameList:"item" type:"list"` + + // The source IP addresses, in CIDR notation. + Sources []*string `locationName:"sourceSet" locationNameList:"item" type:"list"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s FirewallStatefulRule) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s FirewallStatefulRule) GoString() string { + return s.String() +} + +// SetDestinationPorts sets the DestinationPorts field's value. +func (s *FirewallStatefulRule) SetDestinationPorts(v []*PortRange) *FirewallStatefulRule { + s.DestinationPorts = v + return s +} + +// SetDestinations sets the Destinations field's value. +func (s *FirewallStatefulRule) SetDestinations(v []*string) *FirewallStatefulRule { + s.Destinations = v + return s +} + +// SetDirection sets the Direction field's value. +func (s *FirewallStatefulRule) SetDirection(v string) *FirewallStatefulRule { + s.Direction = &v + return s +} + +// SetProtocol sets the Protocol field's value. +func (s *FirewallStatefulRule) SetProtocol(v string) *FirewallStatefulRule { + s.Protocol = &v + return s +} + +// SetRuleAction sets the RuleAction field's value. +func (s *FirewallStatefulRule) SetRuleAction(v string) *FirewallStatefulRule { + s.RuleAction = &v + return s +} + +// SetRuleGroupArn sets the RuleGroupArn field's value. +func (s *FirewallStatefulRule) SetRuleGroupArn(v string) *FirewallStatefulRule { + s.RuleGroupArn = &v + return s +} + +// SetSourcePorts sets the SourcePorts field's value. +func (s *FirewallStatefulRule) SetSourcePorts(v []*PortRange) *FirewallStatefulRule { + s.SourcePorts = v + return s +} + +// SetSources sets the Sources field's value. +func (s *FirewallStatefulRule) SetSources(v []*string) *FirewallStatefulRule { + s.Sources = v + return s +} + +// Describes a stateless rule. +type FirewallStatelessRule struct { + _ struct{} `type:"structure"` + + // The destination ports. + DestinationPorts []*PortRange `locationName:"destinationPortSet" locationNameList:"item" type:"list"` + + // The destination IP addresses, in CIDR notation. + Destinations []*string `locationName:"destinationSet" locationNameList:"item" type:"list"` + + // The rule priority. + Priority *int64 `locationName:"priority" type:"integer"` + + // The protocols. + Protocols []*int64 `locationName:"protocolSet" locationNameList:"item" type:"list"` + + // The rule action. The possible values are pass, drop, and forward_to_site. + RuleAction *string `locationName:"ruleAction" type:"string"` + + // The ARN of the stateless rule group. + RuleGroupArn *string `locationName:"ruleGroupArn" min:"1" type:"string"` + + // The source ports. + SourcePorts []*PortRange `locationName:"sourcePortSet" locationNameList:"item" type:"list"` + + // The source IP addresses, in CIDR notation. + Sources []*string `locationName:"sourceSet" locationNameList:"item" type:"list"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s FirewallStatelessRule) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s FirewallStatelessRule) GoString() string { + return s.String() +} + +// SetDestinationPorts sets the DestinationPorts field's value. +func (s *FirewallStatelessRule) SetDestinationPorts(v []*PortRange) *FirewallStatelessRule { + s.DestinationPorts = v + return s +} + +// SetDestinations sets the Destinations field's value. +func (s *FirewallStatelessRule) SetDestinations(v []*string) *FirewallStatelessRule { + s.Destinations = v + return s +} + +// SetPriority sets the Priority field's value. +func (s *FirewallStatelessRule) SetPriority(v int64) *FirewallStatelessRule { + s.Priority = &v + return s +} + +// SetProtocols sets the Protocols field's value. +func (s *FirewallStatelessRule) SetProtocols(v []*int64) *FirewallStatelessRule { + s.Protocols = v + return s +} + +// SetRuleAction sets the RuleAction field's value. +func (s *FirewallStatelessRule) SetRuleAction(v string) *FirewallStatelessRule { + s.RuleAction = &v + return s +} + +// SetRuleGroupArn sets the RuleGroupArn field's value. +func (s *FirewallStatelessRule) SetRuleGroupArn(v string) *FirewallStatelessRule { + s.RuleGroupArn = &v + return s +} + +// SetSourcePorts sets the SourcePorts field's value. +func (s *FirewallStatelessRule) SetSourcePorts(v []*PortRange) *FirewallStatelessRule { + s.SourcePorts = v + return s +} + +// SetSources sets the Sources field's value. +func (s *FirewallStatelessRule) SetSources(v []*string) *FirewallStatelessRule { + s.Sources = v + return s +} + // Information about a Capacity Reservation in a Capacity Reservation Fleet. type FleetCapacityReservation struct { _ struct{} `type:"structure"` @@ -114198,6 +122817,8 @@ type FleetData struct { // Indicates whether running instances should be terminated if the target capacity // of the EC2 Fleet is decreased below the current size of the EC2 Fleet. + // + // Supported only for fleets of type maintain. ExcessCapacityTerminationPolicy *string `locationName:"excessCapacityTerminationPolicy" type:"string" enum:"FleetExcessCapacityTerminationPolicy"` // The ID of the EC2 Fleet. @@ -114531,8 +123152,9 @@ type FleetLaunchTemplateOverrides struct { // The Availability Zone in which to launch the instances. AvailabilityZone *string `locationName:"availabilityZone" type:"string"` - // The ID of the AMI. An AMI is required to launch an instance. The AMI ID must - // be specified here or in the launch template. + // The ID of the AMI. An AMI is required to launch an instance. This parameter + // is only available for fleets of type instant. For fleets of type maintain + // and request, you must specify the AMI ID in the launch template. ImageId *string `locationName:"imageId" type:"string"` // The attributes for the instance types. When you specify instance attributes, @@ -114543,6 +123165,8 @@ type FleetLaunchTemplateOverrides struct { // The instance type. // + // mac1.metal is not supported as a launch template override. + // // If you specify InstanceType, you can't specify InstanceRequirements. InstanceType *string `locationName:"instanceType" type:"string" enum:"InstanceType"` @@ -114579,6 +123203,12 @@ type FleetLaunchTemplateOverrides struct { SubnetId *string `locationName:"subnetId" type:"string"` // The number of units provided by the specified instance type. + // + // When specifying weights, the price used in the lowest-price and price-capacity-optimized + // allocation strategies is per unit hour (where the instance price is divided + // by the specified weight). However, if all the specified weights are above + // the requested TargetCapacity, resulting in only 1 instance being launched, + // the price used is per instance hour. WeightedCapacity *float64 `locationName:"weightedCapacity" type:"double"` } @@ -114661,8 +123291,9 @@ type FleetLaunchTemplateOverridesRequest struct { // The Availability Zone in which to launch the instances. AvailabilityZone *string `type:"string"` - // The ID of the AMI. An AMI is required to launch an instance. The AMI ID must - // be specified here or in the launch template. + // The ID of the AMI. An AMI is required to launch an instance. This parameter + // is only available for fleets of type instant. For fleets of type maintain + // and request, you must specify the AMI ID in the launch template. ImageId *string `type:"string"` // The attributes for the instance types. When you specify instance attributes, @@ -114673,6 +123304,8 @@ type FleetLaunchTemplateOverridesRequest struct { // The instance type. // + // mac1.metal is not supported as a launch template override. + // // If you specify InstanceType, you can't specify InstanceRequirements. InstanceType *string `type:"string" enum:"InstanceType"` @@ -114711,6 +123344,12 @@ type FleetLaunchTemplateOverridesRequest struct { SubnetId *string `type:"string"` // The number of units provided by the specified instance type. + // + // When specifying weights, the price used in the lowest-price and price-capacity-optimized + // allocation strategies is per unit hour (where the instance price is divided + // by the specified weight). However, if all the specified weights are above + // the requested TargetCapacity, resulting in only 1 instance being launched, + // the price used is per instance hour. WeightedCapacity *float64 `type:"double"` } @@ -115446,6 +124085,7 @@ type FpgaImage struct { // The FPGA image identifier (AFI ID). FpgaImageId *string `locationName:"fpgaImageId" type:"string"` + // The instance types supported by the AFI. InstanceTypes []*string `locationName:"instanceTypes" locationNameList:"item" type:"list"` // The name of the AFI. @@ -115758,7 +124398,9 @@ type GetAssociatedEnclaveCertificateIamRolesInput struct { // The ARN of the ACM certificate for which to view the associated IAM roles, // encryption keys, and Amazon S3 object information. - CertificateArn *string `min:"1" type:"string"` + // + // CertificateArn is a required field + CertificateArn *string `type:"string" required:"true"` // Checks whether you have the required permissions for the action, without // actually making the request, and provides an error response. If you have @@ -115788,8 +124430,8 @@ func (s GetAssociatedEnclaveCertificateIamRolesInput) GoString() string { // Validate inspects the fields of the type to determine if they are valid. func (s *GetAssociatedEnclaveCertificateIamRolesInput) Validate() error { invalidParams := request.ErrInvalidParams{Context: "GetAssociatedEnclaveCertificateIamRolesInput"} - if s.CertificateArn != nil && len(*s.CertificateArn) < 1 { - invalidParams.Add(request.NewErrParamMinLen("CertificateArn", 1)) + if s.CertificateArn == nil { + invalidParams.Add(request.NewErrParamRequired("CertificateArn")) } if invalidParams.Len() > 0 { @@ -116099,12 +124741,9 @@ type GetCapacityReservationUsageInput struct { // it is UnauthorizedOperation. DryRun *bool `type:"boolean"` - // The maximum number of results to return for the request in a single page. - // The remaining results can be seen by sending another request with the returned - // nextToken value. This value can be between 5 and 500. If maxResults is given - // a larger value than 500, you receive an error. - // - // Valid range: Minimum value of 1. Maximum value of 1000. + // The maximum number of items to return for this request. To get the next page + // of items, make another request with the token returned in the output. For + // more information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination). MaxResults *int64 `min:"1" type:"integer"` // The token to use to retrieve the next page of results. @@ -116384,6 +125023,10 @@ type GetCoipPoolUsageOutput struct { // The ID of the local gateway route table. LocalGatewayRouteTableId *string `locationName:"localGatewayRouteTableId" type:"string"` + + // The token to use to retrieve the next page of results. This value is null + // when there are no more results to return. + NextToken *string `locationName:"nextToken" type:"string"` } // String returns the string representation. @@ -116422,6 +125065,12 @@ func (s *GetCoipPoolUsageOutput) SetLocalGatewayRouteTableId(v string) *GetCoipP return s } +// SetNextToken sets the NextToken field's value. +func (s *GetCoipPoolUsageOutput) SetNextToken(v string) *GetCoipPoolUsageOutput { + s.NextToken = &v + return s +} + type GetConsoleOutputInput struct { _ struct{} `type:"structure"` @@ -116842,6 +125491,9 @@ type GetEbsEncryptionByDefaultOutput struct { // Indicates whether encryption by default is enabled. EbsEncryptionByDefault *bool `locationName:"ebsEncryptionByDefault" type:"boolean"` + + // Reserved for future use. + SseType *string `locationName:"sseType" type:"string" enum:"SSEType"` } // String returns the string representation. @@ -116868,6 +125520,12 @@ func (s *GetEbsEncryptionByDefaultOutput) SetEbsEncryptionByDefault(v bool) *Get return s } +// SetSseType sets the SseType field's value. +func (s *GetEbsEncryptionByDefaultOutput) SetSseType(v string) *GetEbsEncryptionByDefaultOutput { + s.SseType = &v + return s +} + type GetFlowLogsIntegrationTemplateInput struct { _ struct{} `type:"structure"` @@ -116994,7 +125652,9 @@ func (s *GetFlowLogsIntegrationTemplateOutput) SetResult(v string) *GetFlowLogsI type GetGroupsForCapacityReservationInput struct { _ struct{} `type:"structure"` - // The ID of the Capacity Reservation. + // The ID of the Capacity Reservation. If you specify a Capacity Reservation + // that is shared with you, the operation returns only Capacity Reservation + // groups that you own. // // CapacityReservationId is a required field CapacityReservationId *string `type:"string" required:"true"` @@ -117005,10 +125665,9 @@ type GetGroupsForCapacityReservationInput struct { // it is UnauthorizedOperation. DryRun *bool `type:"boolean"` - // The maximum number of results to return for the request in a single page. - // The remaining results can be seen by sending another request with the returned - // nextToken value. This value can be between 5 and 500. If maxResults is given - // a larger value than 500, you receive an error. + // The maximum number of items to return for this request. To get the next page + // of items, make another request with the token returned in the output. For + // more information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination). MaxResults *int64 `min:"1" type:"integer"` // The token to use to retrieve the next page of results. @@ -117235,6 +125894,79 @@ func (s *GetHostReservationPurchasePreviewOutput) SetTotalUpfrontPrice(v string) return s } +type GetImageBlockPublicAccessStateInput struct { + _ struct{} `type:"structure"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GetImageBlockPublicAccessStateInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GetImageBlockPublicAccessStateInput) GoString() string { + return s.String() +} + +// SetDryRun sets the DryRun field's value. +func (s *GetImageBlockPublicAccessStateInput) SetDryRun(v bool) *GetImageBlockPublicAccessStateInput { + s.DryRun = &v + return s +} + +type GetImageBlockPublicAccessStateOutput struct { + _ struct{} `type:"structure"` + + // The current state of block public access for AMIs at the account level in + // the specified Amazon Web Services Region. + // + // Possible values: + // + // * block-new-sharing - Any attempt to publicly share your AMIs in the specified + // Region is blocked. + // + // * unblocked - Your AMIs in the specified Region can be publicly shared. + ImageBlockPublicAccessState *string `locationName:"imageBlockPublicAccessState" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GetImageBlockPublicAccessStateOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GetImageBlockPublicAccessStateOutput) GoString() string { + return s.String() +} + +// SetImageBlockPublicAccessState sets the ImageBlockPublicAccessState field's value. +func (s *GetImageBlockPublicAccessStateOutput) SetImageBlockPublicAccessState(v string) *GetImageBlockPublicAccessStateOutput { + s.ImageBlockPublicAccessState = &v + return s +} + type GetInstanceTypesFromInstanceRequirementsInput struct { _ struct{} `type:"structure"` @@ -117254,12 +125986,13 @@ type GetInstanceTypesFromInstanceRequirementsInput struct { // InstanceRequirements is a required field InstanceRequirements *InstanceRequirementsRequest `type:"structure" required:"true"` - // The maximum number of results to return in a single call. Specify a value - // between 1 and 1000. The default value is 1000. To retrieve the remaining - // results, make another call with the returned NextToken value. + // The maximum number of items to return for this request. To get the next page + // of items, make another request with the token returned in the output. For + // more information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination). MaxResults *int64 `type:"integer"` - // The token for the next set of results. + // The token returned from a previous paginated request. Pagination continues + // from the end of the items returned by the previous request. NextToken *string `type:"string"` // The virtualization type. @@ -117352,7 +126085,8 @@ type GetInstanceTypesFromInstanceRequirementsOutput struct { // The instance types with the specified instance attributes. InstanceTypes []*InstanceTypeInfoFromInstanceRequirements `locationName:"instanceTypeSet" locationNameList:"item" type:"list"` - // The token for the next set of results. + // The token to include in another request to get the next page of items. This + // value is null when there are no more items to return. NextToken *string `locationName:"nextToken" type:"string"` } @@ -117652,6 +126386,448 @@ func (s *GetIpamAddressHistoryOutput) SetNextToken(v string) *GetIpamAddressHist return s } +type GetIpamDiscoveredAccountsInput struct { + _ struct{} `type:"structure"` + + // The Amazon Web Services Region that the account information is returned from. + // + // DiscoveryRegion is a required field + DiscoveryRegion *string `type:"string" required:"true"` + + // A check for whether you have the required permissions for the action without + // actually making the request and provides an error response. If you have the + // required permissions, the error response is DryRunOperation. Otherwise, it + // is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // Discovered account filters. + Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` + + // A resource discovery ID. + // + // IpamResourceDiscoveryId is a required field + IpamResourceDiscoveryId *string `type:"string" required:"true"` + + // The maximum number of discovered accounts to return in one page of results. + MaxResults *int64 `min:"5" type:"integer"` + + // Specify the pagination token from a previous request to retrieve the next + // page of results. + NextToken *string `type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GetIpamDiscoveredAccountsInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GetIpamDiscoveredAccountsInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *GetIpamDiscoveredAccountsInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "GetIpamDiscoveredAccountsInput"} + if s.DiscoveryRegion == nil { + invalidParams.Add(request.NewErrParamRequired("DiscoveryRegion")) + } + if s.IpamResourceDiscoveryId == nil { + invalidParams.Add(request.NewErrParamRequired("IpamResourceDiscoveryId")) + } + if s.MaxResults != nil && *s.MaxResults < 5 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 5)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDiscoveryRegion sets the DiscoveryRegion field's value. +func (s *GetIpamDiscoveredAccountsInput) SetDiscoveryRegion(v string) *GetIpamDiscoveredAccountsInput { + s.DiscoveryRegion = &v + return s +} + +// SetDryRun sets the DryRun field's value. +func (s *GetIpamDiscoveredAccountsInput) SetDryRun(v bool) *GetIpamDiscoveredAccountsInput { + s.DryRun = &v + return s +} + +// SetFilters sets the Filters field's value. +func (s *GetIpamDiscoveredAccountsInput) SetFilters(v []*Filter) *GetIpamDiscoveredAccountsInput { + s.Filters = v + return s +} + +// SetIpamResourceDiscoveryId sets the IpamResourceDiscoveryId field's value. +func (s *GetIpamDiscoveredAccountsInput) SetIpamResourceDiscoveryId(v string) *GetIpamDiscoveredAccountsInput { + s.IpamResourceDiscoveryId = &v + return s +} + +// SetMaxResults sets the MaxResults field's value. +func (s *GetIpamDiscoveredAccountsInput) SetMaxResults(v int64) *GetIpamDiscoveredAccountsInput { + s.MaxResults = &v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *GetIpamDiscoveredAccountsInput) SetNextToken(v string) *GetIpamDiscoveredAccountsInput { + s.NextToken = &v + return s +} + +type GetIpamDiscoveredAccountsOutput struct { + _ struct{} `type:"structure"` + + // Discovered accounts. + IpamDiscoveredAccounts []*IpamDiscoveredAccount `locationName:"ipamDiscoveredAccountSet" locationNameList:"item" type:"list"` + + // Specify the pagination token from a previous request to retrieve the next + // page of results. + NextToken *string `locationName:"nextToken" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GetIpamDiscoveredAccountsOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GetIpamDiscoveredAccountsOutput) GoString() string { + return s.String() +} + +// SetIpamDiscoveredAccounts sets the IpamDiscoveredAccounts field's value. +func (s *GetIpamDiscoveredAccountsOutput) SetIpamDiscoveredAccounts(v []*IpamDiscoveredAccount) *GetIpamDiscoveredAccountsOutput { + s.IpamDiscoveredAccounts = v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *GetIpamDiscoveredAccountsOutput) SetNextToken(v string) *GetIpamDiscoveredAccountsOutput { + s.NextToken = &v + return s +} + +type GetIpamDiscoveredPublicAddressesInput struct { + _ struct{} `type:"structure"` + + // The Amazon Web Services Region for the IP address. + // + // AddressRegion is a required field + AddressRegion *string `type:"string" required:"true"` + + // A check for whether you have the required permissions for the action without + // actually making the request and provides an error response. If you have the + // required permissions, the error response is DryRunOperation. Otherwise, it + // is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // Filters. + Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` + + // An IPAM resource discovery ID. + // + // IpamResourceDiscoveryId is a required field + IpamResourceDiscoveryId *string `type:"string" required:"true"` + + // The maximum number of IPAM discovered public addresses to return in one page + // of results. + MaxResults *int64 `min:"5" type:"integer"` + + // The token for the next page of results. + NextToken *string `type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GetIpamDiscoveredPublicAddressesInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GetIpamDiscoveredPublicAddressesInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *GetIpamDiscoveredPublicAddressesInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "GetIpamDiscoveredPublicAddressesInput"} + if s.AddressRegion == nil { + invalidParams.Add(request.NewErrParamRequired("AddressRegion")) + } + if s.IpamResourceDiscoveryId == nil { + invalidParams.Add(request.NewErrParamRequired("IpamResourceDiscoveryId")) + } + if s.MaxResults != nil && *s.MaxResults < 5 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 5)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetAddressRegion sets the AddressRegion field's value. +func (s *GetIpamDiscoveredPublicAddressesInput) SetAddressRegion(v string) *GetIpamDiscoveredPublicAddressesInput { + s.AddressRegion = &v + return s +} + +// SetDryRun sets the DryRun field's value. +func (s *GetIpamDiscoveredPublicAddressesInput) SetDryRun(v bool) *GetIpamDiscoveredPublicAddressesInput { + s.DryRun = &v + return s +} + +// SetFilters sets the Filters field's value. +func (s *GetIpamDiscoveredPublicAddressesInput) SetFilters(v []*Filter) *GetIpamDiscoveredPublicAddressesInput { + s.Filters = v + return s +} + +// SetIpamResourceDiscoveryId sets the IpamResourceDiscoveryId field's value. +func (s *GetIpamDiscoveredPublicAddressesInput) SetIpamResourceDiscoveryId(v string) *GetIpamDiscoveredPublicAddressesInput { + s.IpamResourceDiscoveryId = &v + return s +} + +// SetMaxResults sets the MaxResults field's value. +func (s *GetIpamDiscoveredPublicAddressesInput) SetMaxResults(v int64) *GetIpamDiscoveredPublicAddressesInput { + s.MaxResults = &v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *GetIpamDiscoveredPublicAddressesInput) SetNextToken(v string) *GetIpamDiscoveredPublicAddressesInput { + s.NextToken = &v + return s +} + +type GetIpamDiscoveredPublicAddressesOutput struct { + _ struct{} `type:"structure"` + + // IPAM discovered public addresses. + IpamDiscoveredPublicAddresses []*IpamDiscoveredPublicAddress `locationName:"ipamDiscoveredPublicAddressSet" locationNameList:"item" type:"list"` + + // The token to use to retrieve the next page of results. This value is null + // when there are no more results to return. + NextToken *string `locationName:"nextToken" type:"string"` + + // The oldest successful resource discovery time. + OldestSampleTime *time.Time `locationName:"oldestSampleTime" type:"timestamp"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GetIpamDiscoveredPublicAddressesOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GetIpamDiscoveredPublicAddressesOutput) GoString() string { + return s.String() +} + +// SetIpamDiscoveredPublicAddresses sets the IpamDiscoveredPublicAddresses field's value. +func (s *GetIpamDiscoveredPublicAddressesOutput) SetIpamDiscoveredPublicAddresses(v []*IpamDiscoveredPublicAddress) *GetIpamDiscoveredPublicAddressesOutput { + s.IpamDiscoveredPublicAddresses = v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *GetIpamDiscoveredPublicAddressesOutput) SetNextToken(v string) *GetIpamDiscoveredPublicAddressesOutput { + s.NextToken = &v + return s +} + +// SetOldestSampleTime sets the OldestSampleTime field's value. +func (s *GetIpamDiscoveredPublicAddressesOutput) SetOldestSampleTime(v time.Time) *GetIpamDiscoveredPublicAddressesOutput { + s.OldestSampleTime = &v + return s +} + +type GetIpamDiscoveredResourceCidrsInput struct { + _ struct{} `type:"structure"` + + // A check for whether you have the required permissions for the action without + // actually making the request and provides an error response. If you have the + // required permissions, the error response is DryRunOperation. Otherwise, it + // is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // Filters. + Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` + + // A resource discovery ID. + // + // IpamResourceDiscoveryId is a required field + IpamResourceDiscoveryId *string `type:"string" required:"true"` + + // The maximum number of discovered resource CIDRs to return in one page of + // results. + MaxResults *int64 `min:"5" type:"integer"` + + // Specify the pagination token from a previous request to retrieve the next + // page of results. + NextToken *string `type:"string"` + + // A resource Region. + // + // ResourceRegion is a required field + ResourceRegion *string `type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GetIpamDiscoveredResourceCidrsInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GetIpamDiscoveredResourceCidrsInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *GetIpamDiscoveredResourceCidrsInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "GetIpamDiscoveredResourceCidrsInput"} + if s.IpamResourceDiscoveryId == nil { + invalidParams.Add(request.NewErrParamRequired("IpamResourceDiscoveryId")) + } + if s.MaxResults != nil && *s.MaxResults < 5 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 5)) + } + if s.ResourceRegion == nil { + invalidParams.Add(request.NewErrParamRequired("ResourceRegion")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDryRun sets the DryRun field's value. +func (s *GetIpamDiscoveredResourceCidrsInput) SetDryRun(v bool) *GetIpamDiscoveredResourceCidrsInput { + s.DryRun = &v + return s +} + +// SetFilters sets the Filters field's value. +func (s *GetIpamDiscoveredResourceCidrsInput) SetFilters(v []*Filter) *GetIpamDiscoveredResourceCidrsInput { + s.Filters = v + return s +} + +// SetIpamResourceDiscoveryId sets the IpamResourceDiscoveryId field's value. +func (s *GetIpamDiscoveredResourceCidrsInput) SetIpamResourceDiscoveryId(v string) *GetIpamDiscoveredResourceCidrsInput { + s.IpamResourceDiscoveryId = &v + return s +} + +// SetMaxResults sets the MaxResults field's value. +func (s *GetIpamDiscoveredResourceCidrsInput) SetMaxResults(v int64) *GetIpamDiscoveredResourceCidrsInput { + s.MaxResults = &v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *GetIpamDiscoveredResourceCidrsInput) SetNextToken(v string) *GetIpamDiscoveredResourceCidrsInput { + s.NextToken = &v + return s +} + +// SetResourceRegion sets the ResourceRegion field's value. +func (s *GetIpamDiscoveredResourceCidrsInput) SetResourceRegion(v string) *GetIpamDiscoveredResourceCidrsInput { + s.ResourceRegion = &v + return s +} + +type GetIpamDiscoveredResourceCidrsOutput struct { + _ struct{} `type:"structure"` + + // Discovered resource CIDRs. + IpamDiscoveredResourceCidrs []*IpamDiscoveredResourceCidr `locationName:"ipamDiscoveredResourceCidrSet" locationNameList:"item" type:"list"` + + // Specify the pagination token from a previous request to retrieve the next + // page of results. + NextToken *string `locationName:"nextToken" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GetIpamDiscoveredResourceCidrsOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GetIpamDiscoveredResourceCidrsOutput) GoString() string { + return s.String() +} + +// SetIpamDiscoveredResourceCidrs sets the IpamDiscoveredResourceCidrs field's value. +func (s *GetIpamDiscoveredResourceCidrsOutput) SetIpamDiscoveredResourceCidrs(v []*IpamDiscoveredResourceCidr) *GetIpamDiscoveredResourceCidrsOutput { + s.IpamDiscoveredResourceCidrs = v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *GetIpamDiscoveredResourceCidrsOutput) SetNextToken(v string) *GetIpamDiscoveredResourceCidrsOutput { + s.NextToken = &v + return s +} + type GetIpamPoolAllocationsInput struct { _ struct{} `type:"structure"` @@ -118731,7 +127907,11 @@ type GetPasswordDataOutput struct { // The password of the instance. Returns an empty string if the password is // not available. - PasswordData *string `locationName:"passwordData" type:"string"` + // + // PasswordData is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by GetPasswordDataOutput's + // String and GoString methods. + PasswordData *string `locationName:"passwordData" type:"string" sensitive:"true"` // The time the data was last updated. Timestamp *time.Time `locationName:"timestamp" type:"timestamp"` @@ -118956,6 +128136,149 @@ func (s *GetReservedInstancesExchangeQuoteOutput) SetValidationFailureReason(v s return s } +type GetSecurityGroupsForVpcInput struct { + _ struct{} `type:"structure"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The filters. If using multiple filters, the results include security groups + // which match all filters. + // + // * group-id: The security group ID. + // + // * description: The security group's description. + // + // * group-name: The security group name. + // + // * owner-id: The security group owner ID. + // + // * primary-vpc-id: The VPC ID in which the security group was created. + Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` + + // The maximum number of items to return for this request. To get the next page + // of items, make another request with the token returned in the output. For + // more information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination). + MaxResults *int64 `min:"5" type:"integer"` + + // The token returned from a previous paginated request. Pagination continues + // from the end of the items returned by the previous request. + NextToken *string `type:"string"` + + // The VPC ID where the security group can be used. + // + // VpcId is a required field + VpcId *string `type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GetSecurityGroupsForVpcInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GetSecurityGroupsForVpcInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *GetSecurityGroupsForVpcInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "GetSecurityGroupsForVpcInput"} + if s.MaxResults != nil && *s.MaxResults < 5 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 5)) + } + if s.VpcId == nil { + invalidParams.Add(request.NewErrParamRequired("VpcId")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDryRun sets the DryRun field's value. +func (s *GetSecurityGroupsForVpcInput) SetDryRun(v bool) *GetSecurityGroupsForVpcInput { + s.DryRun = &v + return s +} + +// SetFilters sets the Filters field's value. +func (s *GetSecurityGroupsForVpcInput) SetFilters(v []*Filter) *GetSecurityGroupsForVpcInput { + s.Filters = v + return s +} + +// SetMaxResults sets the MaxResults field's value. +func (s *GetSecurityGroupsForVpcInput) SetMaxResults(v int64) *GetSecurityGroupsForVpcInput { + s.MaxResults = &v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *GetSecurityGroupsForVpcInput) SetNextToken(v string) *GetSecurityGroupsForVpcInput { + s.NextToken = &v + return s +} + +// SetVpcId sets the VpcId field's value. +func (s *GetSecurityGroupsForVpcInput) SetVpcId(v string) *GetSecurityGroupsForVpcInput { + s.VpcId = &v + return s +} + +type GetSecurityGroupsForVpcOutput struct { + _ struct{} `type:"structure"` + + // The token to include in another request to get the next page of items. This + // value is null when there are no more items to return. + NextToken *string `locationName:"nextToken" type:"string"` + + // The security group that can be used by interfaces in the VPC. + SecurityGroupForVpcs []*SecurityGroupForVpc `locationName:"securityGroupForVpcSet" locationNameList:"item" type:"list"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GetSecurityGroupsForVpcOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GetSecurityGroupsForVpcOutput) GoString() string { + return s.String() +} + +// SetNextToken sets the NextToken field's value. +func (s *GetSecurityGroupsForVpcOutput) SetNextToken(v string) *GetSecurityGroupsForVpcOutput { + s.NextToken = &v + return s +} + +// SetSecurityGroupForVpcs sets the SecurityGroupForVpcs field's value. +func (s *GetSecurityGroupsForVpcOutput) SetSecurityGroupForVpcs(v []*SecurityGroupForVpc) *GetSecurityGroupsForVpcOutput { + s.SecurityGroupForVpcs = v + return s +} + type GetSerialConsoleAccessStatusInput struct { _ struct{} `type:"structure"` @@ -119023,6 +128346,83 @@ func (s *GetSerialConsoleAccessStatusOutput) SetSerialConsoleAccessEnabled(v boo return s } +type GetSnapshotBlockPublicAccessStateInput struct { + _ struct{} `type:"structure"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GetSnapshotBlockPublicAccessStateInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GetSnapshotBlockPublicAccessStateInput) GoString() string { + return s.String() +} + +// SetDryRun sets the DryRun field's value. +func (s *GetSnapshotBlockPublicAccessStateInput) SetDryRun(v bool) *GetSnapshotBlockPublicAccessStateInput { + s.DryRun = &v + return s +} + +type GetSnapshotBlockPublicAccessStateOutput struct { + _ struct{} `type:"structure"` + + // The current state of block public access for snapshots. Possible values include: + // + // * block-all-sharing - All public sharing of snapshots is blocked. Users + // in the account can't request new public sharing. Additionally, snapshots + // that were already publicly shared are treated as private and are not publicly + // available. + // + // * block-new-sharing - Only new public sharing of snapshots is blocked. + // Users in the account can't request new public sharing. However, snapshots + // that were already publicly shared, remain publicly available. + // + // * unblocked - Public sharing is not blocked. Users can publicly share + // snapshots. + State *string `locationName:"state" type:"string" enum:"SnapshotBlockPublicAccessState"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GetSnapshotBlockPublicAccessStateOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GetSnapshotBlockPublicAccessStateOutput) GoString() string { + return s.String() +} + +// SetState sets the State field's value. +func (s *GetSnapshotBlockPublicAccessStateOutput) SetState(v string) *GetSnapshotBlockPublicAccessStateOutput { + s.State = &v + return s +} + type GetSpotPlacementScoresInput struct { _ struct{} `type:"structure"` @@ -119046,12 +128446,13 @@ type GetSpotPlacementScoresInput struct { // If you specify InstanceTypes, you can't specify InstanceRequirementsWithMetadata. InstanceTypes []*string `locationName:"InstanceType" type:"list"` - // The maximum number of results to return in a single call. Specify a value - // between 1 and 1000. The default value is 1000. To retrieve the remaining - // results, make another call with the returned NextToken value. + // The maximum number of items to return for this request. To get the next page + // of items, make another request with the token returned in the output. For + // more information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination). MaxResults *int64 `min:"10" type:"integer"` - // The token for the next set of results. + // The token returned from a previous paginated request. Pagination continues + // from the end of the items returned by the previous request. NextToken *string `type:"string"` // The Regions used to narrow down the list of Regions to be scored. Enter the @@ -119071,8 +128472,6 @@ type GetSpotPlacementScoresInput struct { TargetCapacity *int64 `min:"1" type:"integer" required:"true"` // The unit for the target capacity. - // - // Default: units (translates to number of instances) TargetCapacityUnitType *string `type:"string" enum:"TargetCapacityUnitType"` } @@ -119175,7 +128574,8 @@ func (s *GetSpotPlacementScoresInput) SetTargetCapacityUnitType(v string) *GetSp type GetSpotPlacementScoresOutput struct { _ struct{} `type:"structure"` - // The token for the next set of results. + // The token to include in another request to get the next page of items. This + // value is null when there are no more items to return. NextToken *string `locationName:"nextToken" type:"string"` // The Spot placement score for the top 10 Regions or Availability Zones, scored @@ -119546,7 +128946,9 @@ type GetTransitGatewayMulticastDomainAssociationsInput struct { NextToken *string `type:"string"` // The ID of the transit gateway multicast domain. - TransitGatewayMulticastDomainId *string `type:"string"` + // + // TransitGatewayMulticastDomainId is a required field + TransitGatewayMulticastDomainId *string `type:"string" required:"true"` } // String returns the string representation. @@ -119573,6 +128975,9 @@ func (s *GetTransitGatewayMulticastDomainAssociationsInput) Validate() error { if s.MaxResults != nil && *s.MaxResults < 5 { invalidParams.Add(request.NewErrParamMinValue("MaxResults", 5)) } + if s.TransitGatewayMulticastDomainId == nil { + invalidParams.Add(request.NewErrParamRequired("TransitGatewayMulticastDomainId")) + } if invalidParams.Len() > 0 { return invalidParams @@ -120330,7 +129735,7 @@ type GetVerifiedAccessEndpointPolicyInput struct { // it is UnauthorizedOperation. DryRun *bool `type:"boolean"` - // The ID of the Amazon Web Services Verified Access endpoint. + // The ID of the Verified Access endpoint. // // VerifiedAccessEndpointId is a required field VerifiedAccessEndpointId *string `type:"string" required:"true"` @@ -120382,7 +129787,7 @@ func (s *GetVerifiedAccessEndpointPolicyInput) SetVerifiedAccessEndpointId(v str type GetVerifiedAccessEndpointPolicyOutput struct { _ struct{} `type:"structure"` - // The Amazon Web Services Verified Access policy document. + // The Verified Access policy document. PolicyDocument *string `locationName:"policyDocument" type:"string"` // The status of the Verified Access policy. @@ -120428,7 +129833,7 @@ type GetVerifiedAccessGroupPolicyInput struct { // it is UnauthorizedOperation. DryRun *bool `type:"boolean"` - // The ID of the Amazon Web Services Verified Access group. + // The ID of the Verified Access group. // // VerifiedAccessGroupId is a required field VerifiedAccessGroupId *string `type:"string" required:"true"` @@ -120480,7 +129885,7 @@ func (s *GetVerifiedAccessGroupPolicyInput) SetVerifiedAccessGroupId(v string) * type GetVerifiedAccessGroupPolicyOutput struct { _ struct{} `type:"structure"` - // The Amazon Web Services Verified Access policy document. + // The Verified Access policy document. PolicyDocument *string `locationName:"policyDocument" type:"string"` // The status of the Verified Access policy. @@ -120754,6 +130159,154 @@ func (s *GetVpnConnectionDeviceTypesOutput) SetVpnConnectionDeviceTypes(v []*Vpn return s } +type GetVpnTunnelReplacementStatusInput struct { + _ struct{} `type:"structure"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The ID of the Site-to-Site VPN connection. + // + // VpnConnectionId is a required field + VpnConnectionId *string `type:"string" required:"true"` + + // The external IP address of the VPN tunnel. + // + // VpnTunnelOutsideIpAddress is a required field + VpnTunnelOutsideIpAddress *string `type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GetVpnTunnelReplacementStatusInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GetVpnTunnelReplacementStatusInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *GetVpnTunnelReplacementStatusInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "GetVpnTunnelReplacementStatusInput"} + if s.VpnConnectionId == nil { + invalidParams.Add(request.NewErrParamRequired("VpnConnectionId")) + } + if s.VpnTunnelOutsideIpAddress == nil { + invalidParams.Add(request.NewErrParamRequired("VpnTunnelOutsideIpAddress")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDryRun sets the DryRun field's value. +func (s *GetVpnTunnelReplacementStatusInput) SetDryRun(v bool) *GetVpnTunnelReplacementStatusInput { + s.DryRun = &v + return s +} + +// SetVpnConnectionId sets the VpnConnectionId field's value. +func (s *GetVpnTunnelReplacementStatusInput) SetVpnConnectionId(v string) *GetVpnTunnelReplacementStatusInput { + s.VpnConnectionId = &v + return s +} + +// SetVpnTunnelOutsideIpAddress sets the VpnTunnelOutsideIpAddress field's value. +func (s *GetVpnTunnelReplacementStatusInput) SetVpnTunnelOutsideIpAddress(v string) *GetVpnTunnelReplacementStatusInput { + s.VpnTunnelOutsideIpAddress = &v + return s +} + +type GetVpnTunnelReplacementStatusOutput struct { + _ struct{} `type:"structure"` + + // The ID of the customer gateway. + CustomerGatewayId *string `locationName:"customerGatewayId" type:"string"` + + // Get details of pending tunnel endpoint maintenance. + MaintenanceDetails *MaintenanceDetails `locationName:"maintenanceDetails" type:"structure"` + + // The ID of the transit gateway associated with the VPN connection. + TransitGatewayId *string `locationName:"transitGatewayId" type:"string"` + + // The ID of the Site-to-Site VPN connection. + VpnConnectionId *string `locationName:"vpnConnectionId" type:"string"` + + // The ID of the virtual private gateway. + VpnGatewayId *string `locationName:"vpnGatewayId" type:"string"` + + // The external IP address of the VPN tunnel. + VpnTunnelOutsideIpAddress *string `locationName:"vpnTunnelOutsideIpAddress" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GetVpnTunnelReplacementStatusOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GetVpnTunnelReplacementStatusOutput) GoString() string { + return s.String() +} + +// SetCustomerGatewayId sets the CustomerGatewayId field's value. +func (s *GetVpnTunnelReplacementStatusOutput) SetCustomerGatewayId(v string) *GetVpnTunnelReplacementStatusOutput { + s.CustomerGatewayId = &v + return s +} + +// SetMaintenanceDetails sets the MaintenanceDetails field's value. +func (s *GetVpnTunnelReplacementStatusOutput) SetMaintenanceDetails(v *MaintenanceDetails) *GetVpnTunnelReplacementStatusOutput { + s.MaintenanceDetails = v + return s +} + +// SetTransitGatewayId sets the TransitGatewayId field's value. +func (s *GetVpnTunnelReplacementStatusOutput) SetTransitGatewayId(v string) *GetVpnTunnelReplacementStatusOutput { + s.TransitGatewayId = &v + return s +} + +// SetVpnConnectionId sets the VpnConnectionId field's value. +func (s *GetVpnTunnelReplacementStatusOutput) SetVpnConnectionId(v string) *GetVpnTunnelReplacementStatusOutput { + s.VpnConnectionId = &v + return s +} + +// SetVpnGatewayId sets the VpnGatewayId field's value. +func (s *GetVpnTunnelReplacementStatusOutput) SetVpnGatewayId(v string) *GetVpnTunnelReplacementStatusOutput { + s.VpnGatewayId = &v + return s +} + +// SetVpnTunnelOutsideIpAddress sets the VpnTunnelOutsideIpAddress field's value. +func (s *GetVpnTunnelReplacementStatusOutput) SetVpnTunnelOutsideIpAddress(v string) *GetVpnTunnelReplacementStatusOutput { + s.VpnTunnelOutsideIpAddress = &v + return s +} + // Describes the GPU accelerators for the instance type. type GpuDeviceInfo struct { _ struct{} `type:"structure"` @@ -120929,14 +130482,14 @@ func (s *GroupIdentifier) SetGroupName(v string) *GroupIdentifier { } // Indicates whether your instance is configured for hibernation. This parameter -// is valid only if the instance meets the hibernation prerequisites (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html#hibernating-prerequisites). +// is valid only if the instance meets the hibernation prerequisites (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/hibernating-prerequisites.html). // For more information, see Hibernate your instance (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html) // in the Amazon EC2 User Guide. type HibernationOptions struct { _ struct{} `type:"structure"` - // If this parameter is set to true, your instance is enabled for hibernation; - // otherwise, it is not enabled for hibernation. + // If true, your instance is enabled for hibernation; otherwise, it is not enabled + // for hibernation. Configured *bool `locationName:"configured" type:"boolean"` } @@ -120965,13 +130518,22 @@ func (s *HibernationOptions) SetConfigured(v bool) *HibernationOptions { } // Indicates whether your instance is configured for hibernation. This parameter -// is valid only if the instance meets the hibernation prerequisites (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html#hibernating-prerequisites). +// is valid only if the instance meets the hibernation prerequisites (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/hibernating-prerequisites.html). // For more information, see Hibernate your instance (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html) // in the Amazon EC2 User Guide. type HibernationOptionsRequest struct { _ struct{} `type:"structure"` - // If you set this parameter to true, your instance is enabled for hibernation. + // Set to true to enable your instance for hibernation. + // + // For Spot Instances, if you set Configured to true, either omit the InstanceInterruptionBehavior + // parameter (for SpotMarketOptions (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_SpotMarketOptions.html)), + // or set it to hibernate. When Configured is true: + // + // * If you omit InstanceInterruptionBehavior, it defaults to hibernate. + // + // * If you set InstanceInterruptionBehavior to a value other than hibernate, + // you'll get an error. // // Default: false Configured *bool `type:"boolean"` @@ -121123,6 +130685,9 @@ type Host struct { // Dedicated Host supports a single instance type only. AllowsMultipleInstanceTypes *string `locationName:"allowsMultipleInstanceTypes" type:"string" enum:"AllowsMultipleInstanceTypes"` + // The ID of the Outpost hardware asset on which the Dedicated Host is allocated. + AssetId *string `locationName:"assetId" type:"string"` + // Whether auto-placement is on or off. AutoPlacement *string `locationName:"autoPlacement" type:"string" enum:"AutoPlacement"` @@ -121142,6 +130707,10 @@ type Host struct { // The ID of the Dedicated Host. HostId *string `locationName:"hostId" type:"string"` + // Indicates whether host maintenance is enabled or disabled for the Dedicated + // Host. + HostMaintenance *string `locationName:"hostMaintenance" type:"string" enum:"HostMaintenance"` + // The hardware specifications of the Dedicated Host. HostProperties *HostProperties `locationName:"hostProperties" type:"structure"` @@ -121207,6 +130776,12 @@ func (s *Host) SetAllowsMultipleInstanceTypes(v string) *Host { return s } +// SetAssetId sets the AssetId field's value. +func (s *Host) SetAssetId(v string) *Host { + s.AssetId = &v + return s +} + // SetAutoPlacement sets the AutoPlacement field's value. func (s *Host) SetAutoPlacement(v string) *Host { s.AutoPlacement = &v @@ -121243,6 +130818,12 @@ func (s *Host) SetHostId(v string) *Host { return s } +// SetHostMaintenance sets the HostMaintenance field's value. +func (s *Host) SetHostMaintenance(v string) *Host { + s.HostMaintenance = &v + return s +} + // SetHostProperties sets the HostProperties field's value. func (s *Host) SetHostProperties(v *HostProperties) *Host { s.HostProperties = v @@ -121997,7 +131578,7 @@ type Image struct { // Specifies whether enhanced networking with ENA is enabled. EnaSupport *bool `locationName:"enaSupport" type:"boolean"` - // The hypervisor type of the image. + // The hypervisor type of the image. Only xen is supported. ovm is not supported. Hypervisor *string `locationName:"hypervisor" type:"string" enum:"HypervisorType"` // The ID of the AMI. @@ -122058,6 +131639,11 @@ type Image struct { // or an instance store volume. RootDeviceType *string `locationName:"rootDeviceType" type:"string" enum:"DeviceType"` + // The ID of the instance that the AMI was created from if the AMI was created + // using CreateImage (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateImage.html). + // This field only appears if the AMI was created using CreateImage. + SourceInstanceId *string `locationName:"sourceInstanceId" type:"string"` + // Specifies whether enhanced networking with the Intel 82599 Virtual Function // interface is enabled. SriovNetSupport *string `locationName:"sriovNetSupport" type:"string"` @@ -122247,6 +131833,12 @@ func (s *Image) SetRootDeviceType(v string) *Image { return s } +// SetSourceInstanceId sets the SourceInstanceId field's value. +func (s *Image) SetSourceInstanceId(v string) *Image { + s.SourceInstanceId = &v + return s +} + // SetSriovNetSupport sets the SriovNetSupport field's value. func (s *Image) SetSriovNetSupport(v string) *Image { s.SriovNetSupport = &v @@ -122309,7 +131901,11 @@ type ImageDiskContainer struct { // The URL to the Amazon S3-based disk image being imported. The URL can either // be a https URL (https://..) or an Amazon S3 URL (s3://..) - Url *string `type:"string"` + // + // Url is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by ImageDiskContainer's + // String and GoString methods. + Url *string `type:"string" sensitive:"true"` // The S3 bucket for the disk image. UserBucket *UserBucket `type:"structure"` @@ -122553,6 +132149,10 @@ type ImportImageInput struct { Architecture *string `type:"string"` // The boot mode of the virtual machine. + // + // The uefi-preferred boot mode isn't supported for importing images. For more + // information, see Boot modes (https://docs.aws.amazon.com/vm-import/latest/userguide/prerequisites.html#vmimport-boot-modes) + // in the VM Import/Export User Guide. BootMode *string `type:"string" enum:"BootModeValues"` // The client-specific data. @@ -122593,9 +132193,7 @@ type ImportImageInput struct { // // * Key ID // - // * Key alias. The alias ARN contains the arn:aws:kms namespace, followed - // by the Region of the key, the Amazon Web Services account ID of the key - // owner, the alias namespace, and then the key alias. For example, arn:aws:kms:us-east-1:012345678910:alias/ExampleAlias. + // * Key alias // // * ARN using key ID. The ID ARN contains the arn:aws:kms namespace, followed // by the Region of the key, the Amazon Web Services account ID of the key @@ -122633,7 +132231,9 @@ type ImportImageInput struct { // in the VM Import/Export User Guide. LicenseType *string `type:"string"` - // The operating system of the virtual machine. + // The operating system of the virtual machine. If you import a VM that is compatible + // with Unified Extensible Firmware Interface (UEFI) using an EBS snapshot, + // you must specify a value for the platform. // // Valid values: Windows | Linux Platform *string `type:"string"` @@ -123756,9 +133356,7 @@ type ImportSnapshotInput struct { // // * Key ID // - // * Key alias. The alias ARN contains the arn:aws:kms namespace, followed - // by the Region of the key, the Amazon Web Services account ID of the key - // owner, the alias namespace, and then the key alias. For example, arn:aws:kms:us-east-1:012345678910:alias/ExampleAlias. + // * Key alias // // * ARN using key ID. The ID ARN contains the arn:aws:kms namespace, followed // by the Region of the key, the Amazon Web Services account ID of the key @@ -124185,6 +133783,10 @@ type InferenceAcceleratorInfo struct { // Describes the Inference accelerators for the instance type. Accelerators []*InferenceDeviceInfo `locationName:"accelerators" type:"list"` + + // The total size of the memory for the inference accelerators for the instance + // type, in MiB. + TotalInferenceMemoryInMiB *int64 `locationName:"totalInferenceMemoryInMiB" type:"integer"` } // String returns the string representation. @@ -124211,6 +133813,12 @@ func (s *InferenceAcceleratorInfo) SetAccelerators(v []*InferenceDeviceInfo) *In return s } +// SetTotalInferenceMemoryInMiB sets the TotalInferenceMemoryInMiB field's value. +func (s *InferenceAcceleratorInfo) SetTotalInferenceMemoryInMiB(v int64) *InferenceAcceleratorInfo { + s.TotalInferenceMemoryInMiB = &v + return s +} + // Describes the Inference accelerators for the instance type. type InferenceDeviceInfo struct { _ struct{} `type:"structure"` @@ -124221,6 +133829,9 @@ type InferenceDeviceInfo struct { // The manufacturer of the Inference accelerator. Manufacturer *string `locationName:"manufacturer" type:"string"` + // Describes the memory available to the inference accelerator. + MemoryInfo *InferenceDeviceMemoryInfo `locationName:"memoryInfo" type:"structure"` + // The name of the Inference accelerator. Name *string `locationName:"name" type:"string"` } @@ -124255,12 +133866,50 @@ func (s *InferenceDeviceInfo) SetManufacturer(v string) *InferenceDeviceInfo { return s } +// SetMemoryInfo sets the MemoryInfo field's value. +func (s *InferenceDeviceInfo) SetMemoryInfo(v *InferenceDeviceMemoryInfo) *InferenceDeviceInfo { + s.MemoryInfo = v + return s +} + // SetName sets the Name field's value. func (s *InferenceDeviceInfo) SetName(v string) *InferenceDeviceInfo { s.Name = &v return s } +// Describes the memory available to the inference accelerator. +type InferenceDeviceMemoryInfo struct { + _ struct{} `type:"structure"` + + // The size of the memory available to the inference accelerator, in MiB. + SizeInMiB *int64 `locationName:"sizeInMiB" type:"integer"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s InferenceDeviceMemoryInfo) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s InferenceDeviceMemoryInfo) GoString() string { + return s.String() +} + +// SetSizeInMiB sets the SizeInMiB field's value. +func (s *InferenceDeviceMemoryInfo) SetSizeInMiB(v int64) *InferenceDeviceMemoryInfo { + s.SizeInMiB = &v + return s +} + // Describes an instance. type Instance struct { _ struct{} `type:"structure"` @@ -124275,7 +133924,14 @@ type Instance struct { // Any block device mapping entries for the instance. BlockDeviceMappings []*InstanceBlockDeviceMapping `locationName:"blockDeviceMapping" locationNameList:"item" type:"list"` - // The boot mode of the instance. For more information, see Boot modes (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ami-boot.html) + // The boot mode that was specified by the AMI. If the value is uefi-preferred, + // the AMI supports both UEFI and Legacy BIOS. The currentInstanceBootMode parameter + // is the boot mode that is used to boot the instance at launch or start. + // + // The operating system contained in the AMI must be configured to support the + // specified boot mode. + // + // For more information, see Boot modes (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ami-boot.html) // in the Amazon EC2 User Guide. BootMode *string `locationName:"bootMode" type:"string" enum:"BootModeValues"` @@ -124291,6 +133947,11 @@ type Instance struct { // The CPU options for the instance. CpuOptions *CpuOptions `locationName:"cpuOptions" type:"structure"` + // The boot mode that is used to boot the instance at launch or start. For more + // information, see Boot modes (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ami-boot.html) + // in the Amazon EC2 User Guide. + CurrentInstanceBootMode *string `locationName:"currentInstanceBootMode" type:"string" enum:"InstanceBootModeValues"` + // Indicates whether the instance is optimized for Amazon EBS I/O. This optimization // provides dedicated throughput to Amazon EBS and an optimized configuration // stack to provide optimal I/O performance. This optimization isn't available @@ -124298,7 +133959,11 @@ type Instance struct { // Optimized instance. EbsOptimized *bool `locationName:"ebsOptimized" type:"boolean"` - // The Elastic GPU associated with the instance. + // Deprecated. + // + // Amazon Elastic Graphics reached end of life on January 8, 2024. For workloads + // that require graphics acceleration, we recommend that you use Amazon EC2 + // G4ad, G4dn, or G5 instances. ElasticGpuAssociations []*ElasticGpuAssociation `locationName:"elasticGpuAssociationSet" locationNameList:"item" type:"list"` // The elastic inference accelerator associated with the instance. @@ -124357,7 +134022,7 @@ type Instance struct { // The monitoring for the instance. Monitoring *Monitoring `locationName:"monitoring" type:"structure"` - // [EC2-VPC] The network interfaces for the instance. + // The network interfaces for the instance. NetworkInterfaces []*InstanceNetworkInterface `locationName:"networkInterfaceSet" locationNameList:"item" type:"list"` // The Amazon Resource Name (ARN) of the Outpost. @@ -124366,7 +134031,8 @@ type Instance struct { // The location where the instance launched, if applicable. Placement *Placement `locationName:"placement" type:"structure"` - // The value is Windows for Windows instances; otherwise blank. + // The platform. This value is windows for Windows instances; otherwise, it + // is empty. Platform *string `locationName:"platform" type:"string" enum:"PlatformValues"` // The platform details value for the instance. For more information, see AMI @@ -124374,14 +134040,14 @@ type Instance struct { // in the Amazon EC2 User Guide. PlatformDetails *string `locationName:"platformDetails" type:"string"` - // (IPv4 only) The private DNS hostname name assigned to the instance. This + // [IPv4 only] The private DNS hostname name assigned to the instance. This // DNS hostname can only be used inside the Amazon EC2 network. This name is // not available until the instance enters the running state. // - // [EC2-VPC] The Amazon-provided DNS server resolves Amazon-provided private - // DNS hostnames if you've enabled DNS resolution and DNS hostnames in your - // VPC. If you are not using the Amazon-provided DNS server in your VPC, your - // custom domain name servers must resolve the hostname as appropriate. + // The Amazon-provided DNS server resolves Amazon-provided private DNS hostnames + // if you've enabled DNS resolution and DNS hostnames in your VPC. If you are + // not using the Amazon-provided DNS server in your VPC, your custom domain + // name servers must resolve the hostname as appropriate. PrivateDnsName *string `locationName:"privateDnsName" type:"string"` // The options for the instance hostname. @@ -124393,9 +134059,9 @@ type Instance struct { // The product codes attached to this instance, if applicable. ProductCodes []*ProductCode `locationName:"productCodes" locationNameList:"item" type:"list"` - // (IPv4 only) The public DNS name assigned to the instance. This name is not - // available until the instance enters the running state. For EC2-VPC, this - // name is only available if you've enabled DNS hostnames for your VPC. + // [IPv4 only] The public DNS name assigned to the instance. This name is not + // available until the instance enters the running state. This name is only + // available if you've enabled DNS hostnames for your VPC. PublicDnsName *string `locationName:"dnsName" type:"string"` // The public IPv4 address, or the Carrier IP address assigned to the instance, @@ -124437,7 +134103,7 @@ type Instance struct { // The reason for the most recent state transition. This might be an empty string. StateTransitionReason *string `locationName:"reason" type:"string"` - // [EC2-VPC] The ID of the subnet in which the instance is running. + // The ID of the subnet in which the instance is running. SubnetId *string `locationName:"subnetId" type:"string"` // Any tags assigned to the instance. @@ -124459,7 +134125,7 @@ type Instance struct { // The virtualization type of the instance. VirtualizationType *string `locationName:"virtualizationType" type:"string" enum:"VirtualizationType"` - // [EC2-VPC] The ID of the VPC in which the instance is running. + // The ID of the VPC in which the instance is running. VpcId *string `locationName:"vpcId" type:"string"` } @@ -124529,6 +134195,12 @@ func (s *Instance) SetCpuOptions(v *CpuOptions) *Instance { return s } +// SetCurrentInstanceBootMode sets the CurrentInstanceBootMode field's value. +func (s *Instance) SetCurrentInstanceBootMode(v string) *Instance { + s.CurrentInstanceBootMode = &v + return s +} + // SetEbsOptimized sets the EbsOptimized field's value. func (s *Instance) SetEbsOptimized(v bool) *Instance { s.EbsOptimized = &v @@ -124817,6 +134489,96 @@ func (s *Instance) SetVpcId(v string) *Instance { return s } +// ENA Express uses Amazon Web Services Scalable Reliable Datagram (SRD) technology +// to increase the maximum bandwidth used per stream and minimize tail latency +// of network traffic between EC2 instances. With ENA Express, you can communicate +// between two EC2 instances in the same subnet within the same account, or +// in different accounts. Both sending and receiving instances must have ENA +// Express enabled. +// +// To improve the reliability of network packet delivery, ENA Express reorders +// network packets on the receiving end by default. However, some UDP-based +// applications are designed to handle network packets that are out of order +// to reduce the overhead for packet delivery at the network layer. When ENA +// Express is enabled, you can specify whether UDP network traffic uses it. +type InstanceAttachmentEnaSrdSpecification struct { + _ struct{} `type:"structure"` + + // Indicates whether ENA Express is enabled for the network interface. + EnaSrdEnabled *bool `locationName:"enaSrdEnabled" type:"boolean"` + + // Configures ENA Express for UDP network traffic. + EnaSrdUdpSpecification *InstanceAttachmentEnaSrdUdpSpecification `locationName:"enaSrdUdpSpecification" type:"structure"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s InstanceAttachmentEnaSrdSpecification) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s InstanceAttachmentEnaSrdSpecification) GoString() string { + return s.String() +} + +// SetEnaSrdEnabled sets the EnaSrdEnabled field's value. +func (s *InstanceAttachmentEnaSrdSpecification) SetEnaSrdEnabled(v bool) *InstanceAttachmentEnaSrdSpecification { + s.EnaSrdEnabled = &v + return s +} + +// SetEnaSrdUdpSpecification sets the EnaSrdUdpSpecification field's value. +func (s *InstanceAttachmentEnaSrdSpecification) SetEnaSrdUdpSpecification(v *InstanceAttachmentEnaSrdUdpSpecification) *InstanceAttachmentEnaSrdSpecification { + s.EnaSrdUdpSpecification = v + return s +} + +// ENA Express is compatible with both TCP and UDP transport protocols. When +// it's enabled, TCP traffic automatically uses it. However, some UDP-based +// applications are designed to handle network packets that are out of order, +// without a need for retransmission, such as live video broadcasting or other +// near-real-time applications. For UDP traffic, you can specify whether to +// use ENA Express, based on your application environment needs. +type InstanceAttachmentEnaSrdUdpSpecification struct { + _ struct{} `type:"structure"` + + // Indicates whether UDP traffic to and from the instance uses ENA Express. + // To specify this setting, you must first enable ENA Express. + EnaSrdUdpEnabled *bool `locationName:"enaSrdUdpEnabled" type:"boolean"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s InstanceAttachmentEnaSrdUdpSpecification) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s InstanceAttachmentEnaSrdUdpSpecification) GoString() string { + return s.String() +} + +// SetEnaSrdUdpEnabled sets the EnaSrdUdpEnabled field's value. +func (s *InstanceAttachmentEnaSrdUdpSpecification) SetEnaSrdUdpEnabled(v bool) *InstanceAttachmentEnaSrdUdpSpecification { + s.EnaSrdUdpEnabled = &v + return s +} + // Describes a block device mapping. type InstanceBlockDeviceMapping struct { _ struct{} `type:"structure"` @@ -125068,7 +134830,9 @@ type InstanceCreditSpecificationRequest struct { CpuCredits *string `type:"string"` // The ID of the instance. - InstanceId *string `type:"string"` + // + // InstanceId is a required field + InstanceId *string `type:"string" required:"true"` } // String returns the string representation. @@ -125089,6 +134853,19 @@ func (s InstanceCreditSpecificationRequest) GoString() string { return s.String() } +// Validate inspects the fields of the type to determine if they are valid. +func (s *InstanceCreditSpecificationRequest) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "InstanceCreditSpecificationRequest"} + if s.InstanceId == nil { + invalidParams.Add(request.NewErrParamRequired("InstanceId")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + // SetCpuCredits sets the CpuCredits field's value. func (s *InstanceCreditSpecificationRequest) SetCpuCredits(v string) *InstanceCreditSpecificationRequest { s.CpuCredits = &v @@ -125625,6 +135402,13 @@ type InstanceIpv6Address struct { // The IPv6 address. Ipv6Address *string `locationName:"ipv6Address" type:"string"` + + // Determines if an IPv6 address associated with a network interface is the + // primary IPv6 address. When you enable an IPv6 GUA address to be a primary + // IPv6, the first IPv6 GUA will be made the primary IPv6 address until the + // instance is terminated or the network interface is detached. For more information, + // see RunInstances (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RunInstances.html). + IsPrimaryIpv6 *bool `locationName:"isPrimaryIpv6" type:"boolean"` } // String returns the string representation. @@ -125651,6 +135435,12 @@ func (s *InstanceIpv6Address) SetIpv6Address(v string) *InstanceIpv6Address { return s } +// SetIsPrimaryIpv6 sets the IsPrimaryIpv6 field's value. +func (s *InstanceIpv6Address) SetIsPrimaryIpv6(v bool) *InstanceIpv6Address { + s.IsPrimaryIpv6 = &v + return s +} + // Describes an IPv6 address. type InstanceIpv6AddressRequest struct { _ struct{} `type:"structure"` @@ -125833,6 +135623,8 @@ type InstanceMetadataOptionsRequest struct { HttpEndpoint *string `type:"string" enum:"InstanceMetadataEndpointState"` // Enables or disables the IPv6 endpoint for the instance metadata service. + // + // Default: disabled HttpProtocolIpv6 *string `type:"string" enum:"InstanceMetadataProtocolState"` // The desired HTTP PUT response hop limit for instance metadata requests. The @@ -125843,20 +135635,21 @@ type InstanceMetadataOptionsRequest struct { // Possible values: Integers from 1 to 64 HttpPutResponseHopLimit *int64 `type:"integer"` - // The state of token usage for your instance metadata requests. + // Indicates whether IMDSv2 is required. // - // If the state is optional, you can choose to retrieve instance metadata with - // or without a session token on your request. If you retrieve the IAM role - // credentials without a token, the version 1.0 role credentials are returned. - // If you retrieve the IAM role credentials using a valid session token, the - // version 2.0 role credentials are returned. + // * optional - IMDSv2 is optional. You can choose whether to send a session + // token in your instance metadata retrieval requests. If you retrieve IAM + // role credentials without a session token, you receive the IMDSv1 role + // credentials. If you retrieve IAM role credentials using a valid session + // token, you receive the IMDSv2 role credentials. // - // If the state is required, you must send a session token with any instance - // metadata retrieval requests. In this state, retrieving the IAM role credentials - // always returns the version 2.0 credentials; the version 1.0 credentials are - // not available. + // * required - IMDSv2 is required. You must send a session token in your + // instance metadata retrieval requests. With this option, retrieving the + // IAM role credentials always returns IMDSv2 credentials; IMDSv1 credentials + // are not available. // - // Default: optional + // Default: If the value of ImdsSupport for the Amazon Machine Image (AMI) for + // your instance is v2.0, the default is required. HttpTokens *string `type:"string" enum:"HttpTokensState"` // Set to enabled to allow access to instance tags from the instance metadata. @@ -125928,6 +135721,8 @@ type InstanceMetadataOptionsResponse struct { // Indicates whether the IPv6 endpoint for the instance metadata service is // enabled or disabled. + // + // Default: disabled HttpProtocolIpv6 *string `locationName:"httpProtocolIpv6" type:"string" enum:"InstanceMetadataProtocolState"` // The desired HTTP PUT response hop limit for instance metadata requests. The @@ -125938,20 +135733,18 @@ type InstanceMetadataOptionsResponse struct { // Possible values: Integers from 1 to 64 HttpPutResponseHopLimit *int64 `locationName:"httpPutResponseHopLimit" type:"integer"` - // The state of token usage for your instance metadata requests. - // - // If the state is optional, you can choose to retrieve instance metadata with - // or without a session token on your request. If you retrieve the IAM role - // credentials without a token, the version 1.0 role credentials are returned. - // If you retrieve the IAM role credentials using a valid session token, the - // version 2.0 role credentials are returned. + // Indicates whether IMDSv2 is required. // - // If the state is required, you must send a session token with any instance - // metadata retrieval requests. In this state, retrieving the IAM role credentials - // always returns the version 2.0 credentials; the version 1.0 credentials are - // not available. + // * optional - IMDSv2 is optional. You can choose whether to send a session + // token in your instance metadata retrieval requests. If you retrieve IAM + // role credentials without a session token, you receive the IMDSv1 role + // credentials. If you retrieve IAM role credentials using a valid session + // token, you receive the IMDSv2 role credentials. // - // Default: optional + // * required - IMDSv2 is required. You must send a session token in your + // instance metadata retrieval requests. With this option, retrieving the + // IAM role credentials always returns IMDSv2 credentials; IMDSv1 credentials + // are not available. HttpTokens *string `locationName:"httpTokens" type:"string" enum:"HttpTokensState"` // Indicates whether access to instance tags from the instance metadata is enabled @@ -126074,6 +135867,12 @@ type InstanceNetworkInterface struct { // The network interface attachment. Attachment *InstanceNetworkInterfaceAttachment `locationName:"attachment" type:"structure"` + // A security group connection tracking configuration that enables you to set + // the timeout for connection tracking on an Elastic network interface. For + // more information, see Connection tracking timeouts (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-connection-tracking.html#connection-tracking-timeouts) + // in the Amazon Elastic Compute Cloud User Guide. + ConnectionTrackingConfiguration *ConnectionTrackingSpecificationResponse `locationName:"connectionTrackingConfiguration" type:"structure"` + // The description. Description *string `locationName:"description" type:"string"` @@ -126155,6 +135954,12 @@ func (s *InstanceNetworkInterface) SetAttachment(v *InstanceNetworkInterfaceAtta return s } +// SetConnectionTrackingConfiguration sets the ConnectionTrackingConfiguration field's value. +func (s *InstanceNetworkInterface) SetConnectionTrackingConfiguration(v *ConnectionTrackingSpecificationResponse) *InstanceNetworkInterface { + s.ConnectionTrackingConfiguration = v + return s +} + // SetDescription sets the Description field's value. func (s *InstanceNetworkInterface) SetDescription(v string) *InstanceNetworkInterface { s.Description = &v @@ -126335,6 +136140,10 @@ type InstanceNetworkInterfaceAttachment struct { // The index of the device on the instance for the network interface attachment. DeviceIndex *int64 `locationName:"deviceIndex" type:"integer"` + // Contains the ENA Express settings for the network interface that's attached + // to the instance. + EnaSrdSpecification *InstanceAttachmentEnaSrdSpecification `locationName:"enaSrdSpecification" type:"structure"` + // The index of the network card. NetworkCardIndex *int64 `locationName:"networkCardIndex" type:"integer"` @@ -126384,6 +136193,12 @@ func (s *InstanceNetworkInterfaceAttachment) SetDeviceIndex(v int64) *InstanceNe return s } +// SetEnaSrdSpecification sets the EnaSrdSpecification field's value. +func (s *InstanceNetworkInterfaceAttachment) SetEnaSrdSpecification(v *InstanceAttachmentEnaSrdSpecification) *InstanceNetworkInterfaceAttachment { + s.EnaSrdSpecification = v + return s +} + // SetNetworkCardIndex sets the NetworkCardIndex field's value. func (s *InstanceNetworkInterfaceAttachment) SetNetworkCardIndex(v int64) *InstanceNetworkInterfaceAttachment { s.NetworkCardIndex = &v @@ -126413,8 +136228,19 @@ type InstanceNetworkInterfaceSpecification struct { // for eth0, and can only be assigned to a new network interface, not an existing // one. You cannot specify more than one network interface in the request. If // launching into a default subnet, the default value is true. + // + // Amazon Web Services charges for all public IPv4 addresses, including public + // IPv4 addresses associated with running instances and Elastic IP addresses. + // For more information, see the Public IPv4 Address tab on the Amazon VPC pricing + // page (http://aws.amazon.com/vpc/pricing/). AssociatePublicIpAddress *bool `locationName:"associatePublicIpAddress" type:"boolean"` + // A security group connection tracking specification that enables you to set + // the timeout for connection tracking on an Elastic network interface. For + // more information, see Connection tracking timeouts (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-connection-tracking.html#connection-tracking-timeouts) + // in the Amazon Elastic Compute Cloud User Guide. + ConnectionTrackingSpecification *ConnectionTrackingSpecificationRequest `type:"structure"` + // If set to true, the interface is deleted when the instance is terminated. // You can specify true only if creating a new network interface when launching // an instance. @@ -126431,6 +136257,10 @@ type InstanceNetworkInterfaceSpecification struct { // the device index. DeviceIndex *int64 `locationName:"deviceIndex" type:"integer"` + // Specifies the ENA Express settings for the network interface that's attached + // to the instance. + EnaSrdSpecification *EnaSrdSpecificationRequest `type:"structure"` + // The IDs of the security groups for the network interface. Applies only if // creating a network interface when launching an instance. Groups []*string `locationName:"SecurityGroupId" locationNameList:"SecurityGroupId" type:"list"` @@ -126485,6 +136315,13 @@ type InstanceNetworkInterfaceSpecification struct { // specify a network interface ID in a launch specification. NetworkInterfaceId *string `locationName:"networkInterfaceId" type:"string"` + // The primary IPv6 address of the network interface. When you enable an IPv6 + // GUA address to be a primary IPv6, the first IPv6 GUA will be made the primary + // IPv6 address until the instance is terminated or the network interface is + // detached. For more information about primary IPv6 addresses, see RunInstances + // (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RunInstances.html). + PrimaryIpv6 *bool `type:"boolean"` + // The private IPv4 address of the network interface. Applies only if creating // a network interface when launching an instance. You cannot specify this option // if you're launching more than one instance in a RunInstances (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RunInstances.html) @@ -126539,6 +136376,12 @@ func (s *InstanceNetworkInterfaceSpecification) SetAssociatePublicIpAddress(v bo return s } +// SetConnectionTrackingSpecification sets the ConnectionTrackingSpecification field's value. +func (s *InstanceNetworkInterfaceSpecification) SetConnectionTrackingSpecification(v *ConnectionTrackingSpecificationRequest) *InstanceNetworkInterfaceSpecification { + s.ConnectionTrackingSpecification = v + return s +} + // SetDeleteOnTermination sets the DeleteOnTermination field's value. func (s *InstanceNetworkInterfaceSpecification) SetDeleteOnTermination(v bool) *InstanceNetworkInterfaceSpecification { s.DeleteOnTermination = &v @@ -126557,6 +136400,12 @@ func (s *InstanceNetworkInterfaceSpecification) SetDeviceIndex(v int64) *Instanc return s } +// SetEnaSrdSpecification sets the EnaSrdSpecification field's value. +func (s *InstanceNetworkInterfaceSpecification) SetEnaSrdSpecification(v *EnaSrdSpecificationRequest) *InstanceNetworkInterfaceSpecification { + s.EnaSrdSpecification = v + return s +} + // SetGroups sets the Groups field's value. func (s *InstanceNetworkInterfaceSpecification) SetGroups(v []*string) *InstanceNetworkInterfaceSpecification { s.Groups = v @@ -126617,6 +136466,12 @@ func (s *InstanceNetworkInterfaceSpecification) SetNetworkInterfaceId(v string) return s } +// SetPrimaryIpv6 sets the PrimaryIpv6 field's value. +func (s *InstanceNetworkInterfaceSpecification) SetPrimaryIpv6(v bool) *InstanceNetworkInterfaceSpecification { + s.PrimaryIpv6 = &v + return s +} + // SetPrivateIpAddress sets the PrivateIpAddress field's value. func (s *InstanceNetworkInterfaceSpecification) SetPrivateIpAddress(v string) *InstanceNetworkInterfaceSpecification { s.PrivateIpAddress = &v @@ -126704,6 +136559,9 @@ func (s *InstancePrivateIpAddress) SetPrivateIpAddress(v string) *InstancePrivat // The attributes for the instance types. When you specify instance attributes, // Amazon EC2 will identify instance types with these attributes. // +// You must specify VCpuCount and MemoryMiB. All other attributes are optional. +// Any unspecified optional attribute is set to its default. +// // When you specify multiple attributes, you get instance types that satisfy // all of the specified attributes. If you specify multiple values for an attribute, // you get instance types that satisfy any of the specified values. @@ -126718,11 +136576,18 @@ func (s *InstancePrivateIpAddress) SetPrivateIpAddress(v string) *InstancePrivat // - ExcludedInstanceTypes - The instance types to exclude from the list, // even if they match your specified attributes. // -// You must specify VCpuCount and MemoryMiB. All other attributes are optional. -// Any unspecified optional attribute is set to its default. +// If you specify InstanceRequirements, you can't specify InstanceType. // -// For more information, see Attribute-based instance type selection for EC2 -// Fleet (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-fleet-attribute-based-instance-type-selection.html), +// Attribute-based instance type selection is only supported when using Auto +// Scaling groups, EC2 Fleet, and Spot Fleet to launch instances. If you plan +// to use the launch template in the launch instance wizard (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-launch-instance-wizard.html) +// or with the RunInstances API (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RunInstances.html), +// you can't specify InstanceRequirements. +// +// For more information, see Create a mixed instances group using attribute-based +// instance type selection (https://docs.aws.amazon.com/autoscaling/ec2/userguide/create-mixed-instances-group-attribute-based-instance-type-selection.html) +// in the Amazon EC2 Auto Scaling User Guide, and also Attribute-based instance +// type selection for EC2 Fleet (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-fleet-attribute-based-instance-type-selection.html), // Attribute-based instance type selection for Spot Fleet (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-fleet-attribute-based-instance-type-selection.html), // and Spot placement score (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-placement-score.html) // in the Amazon EC2 User Guide. @@ -126739,11 +136604,13 @@ type InstanceRequirements struct { // Indicates whether instance types must have accelerators by specific manufacturers. // - // * For instance types with NVIDIA devices, specify nvidia. + // * For instance types with Amazon Web Services devices, specify amazon-web-services. // // * For instance types with AMD devices, specify amd. // - // * For instance types with Amazon Web Services devices, specify amazon-web-services. + // * For instance types with Habana devices, specify habana. + // + // * For instance types with NVIDIA devices, specify nvidia. // // * For instance types with Xilinx devices, specify xilinx. // @@ -126752,24 +136619,30 @@ type InstanceRequirements struct { // The accelerators that must be on the instance type. // + // * For instance types with NVIDIA A10G GPUs, specify a10g. + // // * For instance types with NVIDIA A100 GPUs, specify a100. // - // * For instance types with NVIDIA V100 GPUs, specify v100. + // * For instance types with NVIDIA H100 GPUs, specify h100. // - // * For instance types with NVIDIA K80 GPUs, specify k80. + // * For instance types with Amazon Web Services Inferentia chips, specify + // inferentia. // - // * For instance types with NVIDIA T4 GPUs, specify t4. + // * For instance types with NVIDIA GRID K520 GPUs, specify k520. + // + // * For instance types with NVIDIA K80 GPUs, specify k80. // // * For instance types with NVIDIA M60 GPUs, specify m60. // // * For instance types with AMD Radeon Pro V520 GPUs, specify radeon-pro-v520. // - // * For instance types with Xilinx VU9P FPGAs, specify vu9p. + // * For instance types with NVIDIA T4 GPUs, specify t4. // - // * For instance types with Amazon Web Services Inferentia chips, specify - // inferentia. + // * For instance types with NVIDIA T4G GPUs, specify t4g. // - // * For instance types with NVIDIA GRID K520 GPUs, specify k520. + // * For instance types with Xilinx VU9P FPGAs, specify vu9p. + // + // * For instance types with NVIDIA V100 GPUs, specify v100. // // Default: Any accelerator AcceleratorNames []*string `locationName:"acceleratorNameSet" locationNameList:"item" type:"list" enum:"AcceleratorName"` @@ -126905,6 +136778,30 @@ type InstanceRequirements struct { // Default: hdd and ssd LocalStorageTypes []*string `locationName:"localStorageTypeSet" locationNameList:"item" type:"list" enum:"LocalStorageType"` + // [Price protection] The price protection threshold for Spot Instances, as + // a percentage of an identified On-Demand price. The identified On-Demand price + // is the price of the lowest priced current generation C, M, or R instance + // type with your specified attributes. If no current generation C, M, or R + // instance type matches your attributes, then the identified price is from + // the lowest priced current generation instance types, and failing that, from + // the lowest priced previous generation instance types that match your attributes. + // When Amazon EC2 selects instance types with your attributes, it will exclude + // instance types whose price exceeds your specified threshold. + // + // The parameter accepts an integer, which Amazon EC2 interprets as a percentage. + // + // If you set DesiredCapacityType to vcpu or memory-mib, the price protection + // threshold is based on the per vCPU or per memory price instead of the per + // instance price. + // + // Only one of SpotMaxPricePercentageOverLowestPrice or MaxSpotPriceAsPercentageOfOptimalOnDemandPrice + // can be specified. If you don't specify either, Amazon EC2 will automatically + // apply optimal price protection to consistently select from a wide range of + // instance types. To indicate no price protection threshold for Spot Instances, + // meaning you want to consider all instance types that match your attributes, + // include one of these parameters and specify a high value, such as 999999. + MaxSpotPriceAsPercentageOfOptimalOnDemandPrice *int64 `locationName:"maxSpotPriceAsPercentageOfOptimalOnDemandPrice" type:"integer"` + // The minimum and maximum amount of memory per vCPU, in GiB. // // Default: No minimum or maximum limits @@ -126924,11 +136821,12 @@ type InstanceRequirements struct { // Default: No minimum or maximum limits NetworkInterfaceCount *NetworkInterfaceCount `locationName:"networkInterfaceCount" type:"structure"` - // The price protection threshold for On-Demand Instances. This is the maximum - // you’ll pay for an On-Demand Instance, expressed as a percentage above the - // least expensive current generation M, C, or R instance type with your specified - // attributes. When Amazon EC2 selects instance types with your attributes, - // it excludes instance types priced above your threshold. + // [Price protection] The price protection threshold for On-Demand Instances, + // as a percentage higher than an identified On-Demand price. The identified + // On-Demand price is the price of the lowest priced current generation C, M, + // or R instance type with your specified attributes. When Amazon EC2 selects + // instance types with your attributes, it will exclude instance types whose + // price exceeds your specified threshold. // // The parameter accepts an integer, which Amazon EC2 interprets as a percentage. // @@ -126951,22 +136849,31 @@ type InstanceRequirements struct { // Default: false RequireHibernateSupport *bool `locationName:"requireHibernateSupport" type:"boolean"` - // The price protection threshold for Spot Instances. This is the maximum you’ll - // pay for a Spot Instance, expressed as a percentage above the least expensive - // current generation M, C, or R instance type with your specified attributes. - // When Amazon EC2 selects instance types with your attributes, it excludes - // instance types priced above your threshold. + // [Price protection] The price protection threshold for Spot Instances, as + // a percentage higher than an identified Spot price. The identified Spot price + // is the Spot price of the lowest priced current generation C, M, or R instance + // type with your specified attributes. If no current generation C, M, or R + // instance type matches your attributes, then the identified Spot price is + // from the lowest priced current generation instance types, and failing that, + // from the lowest priced previous generation instance types that match your + // attributes. When Amazon EC2 selects instance types with your attributes, + // it will exclude instance types whose Spot price exceeds your specified threshold. // // The parameter accepts an integer, which Amazon EC2 interprets as a percentage. // - // To turn off price protection, specify a high value, such as 999999. + // If you set TargetCapacityUnitType to vcpu or memory-mib, the price protection + // threshold is applied based on the per-vCPU or per-memory price instead of + // the per-instance price. // // This parameter is not supported for GetSpotPlacementScores (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetSpotPlacementScores.html) // and GetInstanceTypesFromInstanceRequirements (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetInstanceTypesFromInstanceRequirements.html). // - // If you set TargetCapacityUnitType to vcpu or memory-mib, the price protection - // threshold is applied based on the per-vCPU or per-memory price instead of - // the per-instance price. + // Only one of SpotMaxPricePercentageOverLowestPrice or MaxSpotPriceAsPercentageOfOptimalOnDemandPrice + // can be specified. If you don't specify either, Amazon EC2 will automatically + // apply optimal price protection to consistently select from a wide range of + // instance types. To indicate no price protection threshold for Spot Instances, + // meaning you want to consider all instance types that match your attributes, + // include one of these parameters and specify a high value, such as 999999. // // Default: 100 SpotMaxPricePercentageOverLowestPrice *int64 `locationName:"spotMaxPricePercentageOverLowestPrice" type:"integer"` @@ -127082,6 +136989,12 @@ func (s *InstanceRequirements) SetLocalStorageTypes(v []*string) *InstanceRequir return s } +// SetMaxSpotPriceAsPercentageOfOptimalOnDemandPrice sets the MaxSpotPriceAsPercentageOfOptimalOnDemandPrice field's value. +func (s *InstanceRequirements) SetMaxSpotPriceAsPercentageOfOptimalOnDemandPrice(v int64) *InstanceRequirements { + s.MaxSpotPriceAsPercentageOfOptimalOnDemandPrice = &v + return s +} + // SetMemoryGiBPerVCpu sets the MemoryGiBPerVCpu field's value. func (s *InstanceRequirements) SetMemoryGiBPerVCpu(v *MemoryGiBPerVCpu) *InstanceRequirements { s.MemoryGiBPerVCpu = v @@ -127139,6 +137052,9 @@ func (s *InstanceRequirements) SetVCpuCount(v *VCpuCountRange) *InstanceRequirem // The attributes for the instance types. When you specify instance attributes, // Amazon EC2 will identify instance types with these attributes. // +// You must specify VCpuCount and MemoryMiB. All other attributes are optional. +// Any unspecified optional attribute is set to its default. +// // When you specify multiple attributes, you get instance types that satisfy // all of the specified attributes. If you specify multiple values for an attribute, // you get instance types that satisfy any of the specified values. @@ -127153,8 +137069,14 @@ func (s *InstanceRequirements) SetVCpuCount(v *VCpuCountRange) *InstanceRequirem // - ExcludedInstanceTypes - The instance types to exclude from the list, // even if they match your specified attributes. // -// You must specify VCpuCount and MemoryMiB. All other attributes are optional. -// Any unspecified optional attribute is set to its default. +// If you specify InstanceRequirements, you can't specify InstanceType. +// +// Attribute-based instance type selection is only supported when using Auto +// Scaling groups, EC2 Fleet, and Spot Fleet to launch instances. If you plan +// to use the launch template in the launch instance wizard (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-launch-instance-wizard.html), +// or with the RunInstances (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RunInstances.html) +// API or AWS::EC2::Instance (https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-instance.html) +// Amazon Web Services CloudFormation resource, you can't specify InstanceRequirements. // // For more information, see Attribute-based instance type selection for EC2 // Fleet (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-fleet-attribute-based-instance-type-selection.html), @@ -127174,11 +137096,13 @@ type InstanceRequirementsRequest struct { // Indicates whether instance types must have accelerators by specific manufacturers. // - // * For instance types with NVIDIA devices, specify nvidia. + // * For instance types with Amazon Web Services devices, specify amazon-web-services. // // * For instance types with AMD devices, specify amd. // - // * For instance types with Amazon Web Services devices, specify amazon-web-services. + // * For instance types with Habana devices, specify habana. + // + // * For instance types with NVIDIA devices, specify nvidia. // // * For instance types with Xilinx devices, specify xilinx. // @@ -127187,24 +137111,30 @@ type InstanceRequirementsRequest struct { // The accelerators that must be on the instance type. // + // * For instance types with NVIDIA A10G GPUs, specify a10g. + // // * For instance types with NVIDIA A100 GPUs, specify a100. // - // * For instance types with NVIDIA V100 GPUs, specify v100. + // * For instance types with NVIDIA H100 GPUs, specify h100. // - // * For instance types with NVIDIA K80 GPUs, specify k80. + // * For instance types with Amazon Web Services Inferentia chips, specify + // inferentia. // - // * For instance types with NVIDIA T4 GPUs, specify t4. + // * For instance types with NVIDIA GRID K520 GPUs, specify k520. + // + // * For instance types with NVIDIA K80 GPUs, specify k80. // // * For instance types with NVIDIA M60 GPUs, specify m60. // // * For instance types with AMD Radeon Pro V520 GPUs, specify radeon-pro-v520. // - // * For instance types with Xilinx VU9P FPGAs, specify vu9p. + // * For instance types with NVIDIA T4 GPUs, specify t4. // - // * For instance types with Amazon Web Services Inferentia chips, specify - // inferentia. + // * For instance types with NVIDIA T4G GPUs, specify t4g. // - // * For instance types with NVIDIA GRID K520 GPUs, specify k520. + // * For instance types with Xilinx VU9P FPGAs, specify vu9p. + // + // * For instance types with NVIDIA V100 GPUs, specify v100. // // Default: Any accelerator AcceleratorNames []*string `locationName:"AcceleratorName" locationNameList:"item" type:"list" enum:"AcceleratorName"` @@ -127340,6 +137270,30 @@ type InstanceRequirementsRequest struct { // Default: hdd and ssd LocalStorageTypes []*string `locationName:"LocalStorageType" locationNameList:"item" type:"list" enum:"LocalStorageType"` + // [Price protection] The price protection threshold for Spot Instances, as + // a percentage of an identified On-Demand price. The identified On-Demand price + // is the price of the lowest priced current generation C, M, or R instance + // type with your specified attributes. If no current generation C, M, or R + // instance type matches your attributes, then the identified price is from + // the lowest priced current generation instance types, and failing that, from + // the lowest priced previous generation instance types that match your attributes. + // When Amazon EC2 selects instance types with your attributes, it will exclude + // instance types whose price exceeds your specified threshold. + // + // The parameter accepts an integer, which Amazon EC2 interprets as a percentage. + // + // If you set DesiredCapacityType to vcpu or memory-mib, the price protection + // threshold is based on the per vCPU or per memory price instead of the per + // instance price. + // + // Only one of SpotMaxPricePercentageOverLowestPrice or MaxSpotPriceAsPercentageOfOptimalOnDemandPrice + // can be specified. If you don't specify either, Amazon EC2 will automatically + // apply optimal price protection to consistently select from a wide range of + // instance types. To indicate no price protection threshold for Spot Instances, + // meaning you want to consider all instance types that match your attributes, + // include one of these parameters and specify a high value, such as 999999. + MaxSpotPriceAsPercentageOfOptimalOnDemandPrice *int64 `type:"integer"` + // The minimum and maximum amount of memory per vCPU, in GiB. // // Default: No minimum or maximum limits @@ -127350,8 +137304,10 @@ type InstanceRequirementsRequest struct { // MemoryMiB is a required field MemoryMiB *MemoryMiBRequest `type:"structure" required:"true"` - // The minimum and maximum amount of network bandwidth, in gigabits per second - // (Gbps). + // The minimum and maximum amount of baseline network bandwidth, in gigabits + // per second (Gbps). For more information, see Amazon EC2 instance network + // bandwidth (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-network-bandwidth.html) + // in the Amazon EC2 User Guide. // // Default: No minimum or maximum limits NetworkBandwidthGbps *NetworkBandwidthGbpsRequest `type:"structure"` @@ -127361,15 +137317,17 @@ type InstanceRequirementsRequest struct { // Default: No minimum or maximum limits NetworkInterfaceCount *NetworkInterfaceCountRequest `type:"structure"` - // The price protection threshold for On-Demand Instances. This is the maximum - // you’ll pay for an On-Demand Instance, expressed as a percentage above the - // least expensive current generation M, C, or R instance type with your specified - // attributes. When Amazon EC2 selects instance types with your attributes, - // it excludes instance types priced above your threshold. + // [Price protection] The price protection threshold for On-Demand Instances, + // as a percentage higher than an identified On-Demand price. The identified + // On-Demand price is the price of the lowest priced current generation C, M, + // or R instance type with your specified attributes. When Amazon EC2 selects + // instance types with your attributes, it will exclude instance types whose + // price exceeds your specified threshold. // // The parameter accepts an integer, which Amazon EC2 interprets as a percentage. // - // To turn off price protection, specify a high value, such as 999999. + // To indicate no price protection threshold, specify a high value, such as + // 999999. // // This parameter is not supported for GetSpotPlacementScores (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetSpotPlacementScores.html) // and GetInstanceTypesFromInstanceRequirements (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetInstanceTypesFromInstanceRequirements.html). @@ -127388,22 +137346,31 @@ type InstanceRequirementsRequest struct { // Default: false RequireHibernateSupport *bool `type:"boolean"` - // The price protection threshold for Spot Instance. This is the maximum you’ll - // pay for an Spot Instance, expressed as a percentage above the least expensive - // current generation M, C, or R instance type with your specified attributes. - // When Amazon EC2 selects instance types with your attributes, it excludes - // instance types priced above your threshold. + // [Price protection] The price protection threshold for Spot Instances, as + // a percentage higher than an identified Spot price. The identified Spot price + // is the Spot price of the lowest priced current generation C, M, or R instance + // type with your specified attributes. If no current generation C, M, or R + // instance type matches your attributes, then the identified Spot price is + // from the lowest priced current generation instance types, and failing that, + // from the lowest priced previous generation instance types that match your + // attributes. When Amazon EC2 selects instance types with your attributes, + // it will exclude instance types whose Spot price exceeds your specified threshold. // // The parameter accepts an integer, which Amazon EC2 interprets as a percentage. // - // To turn off price protection, specify a high value, such as 999999. + // If you set TargetCapacityUnitType to vcpu or memory-mib, the price protection + // threshold is applied based on the per-vCPU or per-memory price instead of + // the per-instance price. // // This parameter is not supported for GetSpotPlacementScores (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetSpotPlacementScores.html) // and GetInstanceTypesFromInstanceRequirements (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetInstanceTypesFromInstanceRequirements.html). // - // If you set TargetCapacityUnitType to vcpu or memory-mib, the price protection - // threshold is applied based on the per-vCPU or per-memory price instead of - // the per-instance price. + // Only one of SpotMaxPricePercentageOverLowestPrice or MaxSpotPriceAsPercentageOfOptimalOnDemandPrice + // can be specified. If you don't specify either, Amazon EC2 will automatically + // apply optimal price protection to consistently select from a wide range of + // instance types. To indicate no price protection threshold for Spot Instances, + // meaning you want to consider all instance types that match your attributes, + // include one of these parameters and specify a high value, such as 999999. // // Default: 100 SpotMaxPricePercentageOverLowestPrice *int64 `type:"integer"` @@ -127547,6 +137514,12 @@ func (s *InstanceRequirementsRequest) SetLocalStorageTypes(v []*string) *Instanc return s } +// SetMaxSpotPriceAsPercentageOfOptimalOnDemandPrice sets the MaxSpotPriceAsPercentageOfOptimalOnDemandPrice field's value. +func (s *InstanceRequirementsRequest) SetMaxSpotPriceAsPercentageOfOptimalOnDemandPrice(v int64) *InstanceRequirementsRequest { + s.MaxSpotPriceAsPercentageOfOptimalOnDemandPrice = &v + return s +} + // SetMemoryGiBPerVCpu sets the MemoryGiBPerVCpu field's value. func (s *InstanceRequirementsRequest) SetMemoryGiBPerVCpu(v *MemoryGiBPerVCpuRequest) *InstanceRequirementsRequest { s.MemoryGiBPerVCpu = v @@ -127687,7 +137660,9 @@ type InstanceSpecification struct { ExcludeDataVolumeIds []*string `locationName:"ExcludeDataVolumeId" locationNameList:"VolumeId" type:"list"` // The instance to specify which volumes should be snapshotted. - InstanceId *string `type:"string"` + // + // InstanceId is a required field + InstanceId *string `type:"string" required:"true"` } // String returns the string representation. @@ -127708,6 +137683,19 @@ func (s InstanceSpecification) GoString() string { return s.String() } +// Validate inspects the fields of the type to determine if they are valid. +func (s *InstanceSpecification) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "InstanceSpecification"} + if s.InstanceId == nil { + invalidParams.Add(request.NewErrParamRequired("InstanceId")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + // SetExcludeBootVolume sets the ExcludeBootVolume field's value. func (s *InstanceSpecification) SetExcludeBootVolume(v bool) *InstanceSpecification { s.ExcludeBootVolume = &v @@ -128208,17 +138196,97 @@ func (s *InstanceTagNotificationAttribute) SetInstanceTagKeys(v []*string) *Inst return s } +// Information about the instance topology. +type InstanceTopology struct { + _ struct{} `type:"structure"` + + // The name of the Availability Zone or Local Zone that the instance is in. + AvailabilityZone *string `locationName:"availabilityZone" type:"string"` + + // The name of the placement group that the instance is in. + GroupName *string `locationName:"groupName" type:"string"` + + // The instance ID. + InstanceId *string `locationName:"instanceId" type:"string"` + + // The instance type. + InstanceType *string `locationName:"instanceType" type:"string"` + + // The network nodes. The nodes are hashed based on your account. Instances + // from different accounts running under the same server will return a different + // hashed list of strings. + NetworkNodes []*string `locationName:"networkNodeSet" locationNameList:"item" type:"list"` + + // The ID of the Availability Zone or Local Zone that the instance is in. + ZoneId *string `locationName:"zoneId" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s InstanceTopology) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s InstanceTopology) GoString() string { + return s.String() +} + +// SetAvailabilityZone sets the AvailabilityZone field's value. +func (s *InstanceTopology) SetAvailabilityZone(v string) *InstanceTopology { + s.AvailabilityZone = &v + return s +} + +// SetGroupName sets the GroupName field's value. +func (s *InstanceTopology) SetGroupName(v string) *InstanceTopology { + s.GroupName = &v + return s +} + +// SetInstanceId sets the InstanceId field's value. +func (s *InstanceTopology) SetInstanceId(v string) *InstanceTopology { + s.InstanceId = &v + return s +} + +// SetInstanceType sets the InstanceType field's value. +func (s *InstanceTopology) SetInstanceType(v string) *InstanceTopology { + s.InstanceType = &v + return s +} + +// SetNetworkNodes sets the NetworkNodes field's value. +func (s *InstanceTopology) SetNetworkNodes(v []*string) *InstanceTopology { + s.NetworkNodes = v + return s +} + +// SetZoneId sets the ZoneId field's value. +func (s *InstanceTopology) SetZoneId(v string) *InstanceTopology { + s.ZoneId = &v + return s +} + // Describes the instance type. type InstanceTypeInfo struct { _ struct{} `type:"structure"` - // Indicates whether auto recovery is supported. + // Indicates whether Amazon CloudWatch action based recovery is supported. AutoRecoverySupported *bool `locationName:"autoRecoverySupported" type:"boolean"` // Indicates whether the instance is a bare metal instance type. BareMetal *bool `locationName:"bareMetal" type:"boolean"` - // Indicates whether the instance type is a burstable performance instance type. + // Indicates whether the instance type is a burstable performance T instance + // type. For more information, see Burstable performance instances (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances.html). BurstablePerformanceSupported *bool `locationName:"burstablePerformanceSupported" type:"boolean"` // Indicates whether the instance type is current generation. @@ -128258,12 +138326,27 @@ type InstanceTypeInfo struct { // in the Amazon EC2 User Guide. InstanceType *string `locationName:"instanceType" type:"string" enum:"InstanceType"` + // Describes the media accelerator settings for the instance type. + MediaAcceleratorInfo *MediaAcceleratorInfo `locationName:"mediaAcceleratorInfo" type:"structure"` + // Describes the memory for the instance type. MemoryInfo *MemoryInfo `locationName:"memoryInfo" type:"structure"` // Describes the network settings for the instance type. NetworkInfo *NetworkInfo `locationName:"networkInfo" type:"structure"` + // Describes the Neuron accelerator settings for the instance type. + NeuronInfo *NeuronInfo `locationName:"neuronInfo" type:"structure"` + + // Indicates whether Nitro Enclaves is supported. + NitroEnclavesSupport *string `locationName:"nitroEnclavesSupport" type:"string" enum:"NitroEnclavesSupport"` + + // Describes the supported NitroTPM versions for the instance type. + NitroTpmInfo *NitroTpmInfo `locationName:"nitroTpmInfo" type:"structure"` + + // Indicates whether NitroTPM is supported. + NitroTpmSupport *string `locationName:"nitroTpmSupport" type:"string" enum:"NitroTpmSupport"` + // Describes the placement group settings for the instance type. PlacementGroupInfo *PlacementGroupInfo `locationName:"placementGroupInfo" type:"structure"` @@ -128395,6 +138478,12 @@ func (s *InstanceTypeInfo) SetInstanceType(v string) *InstanceTypeInfo { return s } +// SetMediaAcceleratorInfo sets the MediaAcceleratorInfo field's value. +func (s *InstanceTypeInfo) SetMediaAcceleratorInfo(v *MediaAcceleratorInfo) *InstanceTypeInfo { + s.MediaAcceleratorInfo = v + return s +} + // SetMemoryInfo sets the MemoryInfo field's value. func (s *InstanceTypeInfo) SetMemoryInfo(v *MemoryInfo) *InstanceTypeInfo { s.MemoryInfo = v @@ -128407,6 +138496,30 @@ func (s *InstanceTypeInfo) SetNetworkInfo(v *NetworkInfo) *InstanceTypeInfo { return s } +// SetNeuronInfo sets the NeuronInfo field's value. +func (s *InstanceTypeInfo) SetNeuronInfo(v *NeuronInfo) *InstanceTypeInfo { + s.NeuronInfo = v + return s +} + +// SetNitroEnclavesSupport sets the NitroEnclavesSupport field's value. +func (s *InstanceTypeInfo) SetNitroEnclavesSupport(v string) *InstanceTypeInfo { + s.NitroEnclavesSupport = &v + return s +} + +// SetNitroTpmInfo sets the NitroTpmInfo field's value. +func (s *InstanceTypeInfo) SetNitroTpmInfo(v *NitroTpmInfo) *InstanceTypeInfo { + s.NitroTpmInfo = v + return s +} + +// SetNitroTpmSupport sets the NitroTpmSupport field's value. +func (s *InstanceTypeInfo) SetNitroTpmSupport(v string) *InstanceTypeInfo { + s.NitroTpmSupport = &v + return s +} + // SetPlacementGroupInfo sets the PlacementGroupInfo field's value. func (s *InstanceTypeInfo) SetPlacementGroupInfo(v *PlacementGroupInfo) *InstanceTypeInfo { s.PlacementGroupInfo = v @@ -128734,38 +138847,37 @@ func (s *InternetGatewayAttachment) SetVpcId(v string) *InternetGatewayAttachmen return s } -// Describes a set of permissions for a security group rule. +// Describes the permissions for a security group rule. type IpPermission struct { _ struct{} `type:"structure"` - // The start of port range for the TCP and UDP protocols, or an ICMP/ICMPv6 - // type number. A value of -1 indicates all ICMP/ICMPv6 types. If you specify - // all ICMP/ICMPv6 types, you must specify all codes. + // If the protocol is TCP or UDP, this is the start of the port range. If the + // protocol is ICMP or ICMPv6, this is the ICMP type or -1 (all ICMP types). FromPort *int64 `locationName:"fromPort" type:"integer"` // The IP protocol name (tcp, udp, icmp, icmpv6) or number (see Protocol Numbers // (http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml)). // - // [VPC only] Use -1 to specify all protocols. When authorizing security group - // rules, specifying -1 or a protocol number other than tcp, udp, icmp, or icmpv6 - // allows traffic on all ports, regardless of any port range you specify. For - // tcp, udp, and icmp, you must specify a port range. For icmpv6, the port range - // is optional; if you omit the port range, traffic for all types and codes - // is allowed. + // Use -1 to specify all protocols. When authorizing security group rules, specifying + // -1 or a protocol number other than tcp, udp, icmp, or icmpv6 allows traffic + // on all ports, regardless of any port range you specify. For tcp, udp, and + // icmp, you must specify a port range. For icmpv6, the port range is optional; + // if you omit the port range, traffic for all types and codes is allowed. IpProtocol *string `locationName:"ipProtocol" type:"string"` - // The IPv4 ranges. + // The IPv4 address ranges. IpRanges []*IpRange `locationName:"ipRanges" locationNameList:"item" type:"list"` - // [VPC only] The IPv6 ranges. + // The IPv6 address ranges. Ipv6Ranges []*Ipv6Range `locationName:"ipv6Ranges" locationNameList:"item" type:"list"` - // [VPC only] The prefix list IDs. + // The prefix list IDs. PrefixListIds []*PrefixListId `locationName:"prefixListIds" locationNameList:"item" type:"list"` - // The end of port range for the TCP and UDP protocols, or an ICMP/ICMPv6 code. - // A value of -1 indicates all ICMP/ICMPv6 codes. If you specify all ICMP/ICMPv6 - // types, you must specify all codes. + // If the protocol is TCP or UDP, this is the end of the port range. If the + // protocol is ICMP or ICMPv6, this is the ICMP code or -1 (all ICMP codes). + // If the start port is -1 (all ICMP types), then the end port must be -1 (all + // ICMP codes). ToPort *int64 `locationName:"toPort" type:"integer"` // The security group and Amazon Web Services account ID pairs. @@ -128832,11 +138944,11 @@ func (s *IpPermission) SetUserIdGroupPairs(v []*UserIdGroupPair) *IpPermission { return s } -// Describes an IPv4 range. +// Describes an IPv4 address range. type IpRange struct { _ struct{} `type:"structure"` - // The IPv4 CIDR range. You can either specify a CIDR range or a source security + // The IPv4 address range. You can either specify a CIDR block or a source security // group, not both. To specify a single IPv4 address, use the /32 prefix length. CidrIp *string `locationName:"cidrIp" type:"string"` @@ -128887,10 +138999,16 @@ func (s *IpRange) SetDescription(v string) *IpRange { type Ipam struct { _ struct{} `type:"structure"` + // The IPAM's default resource discovery association ID. + DefaultResourceDiscoveryAssociationId *string `locationName:"defaultResourceDiscoveryAssociationId" type:"string"` + + // The IPAM's default resource discovery ID. + DefaultResourceDiscoveryId *string `locationName:"defaultResourceDiscoveryId" type:"string"` + // The description for the IPAM. Description *string `locationName:"description" type:"string"` - // The ARN of the IPAM. + // The Amazon Resource Name (ARN) of the IPAM. IpamArn *string `locationName:"ipamArn" min:"1" type:"string"` // The ID of the IPAM. @@ -128917,6 +139035,9 @@ type Ipam struct { // The ID of the IPAM's default public scope. PublicDefaultScopeId *string `locationName:"publicDefaultScopeId" type:"string"` + // The IPAM's resource discovery association count. + ResourceDiscoveryAssociationCount *int64 `locationName:"resourceDiscoveryAssociationCount" type:"integer"` + // The number of scopes in the IPAM. The scope quota is 5. For more information // on quotas, see Quotas in IPAM (https://docs.aws.amazon.com/vpc/latest/ipam/quotas-ipam.html) // in the Amazon VPC IPAM User Guide. @@ -128925,11 +139046,19 @@ type Ipam struct { // The state of the IPAM. State *string `locationName:"state" type:"string" enum:"IpamState"` + // The state message. + StateMessage *string `locationName:"stateMessage" type:"string"` + // The key/value combination of a tag assigned to the resource. Use the tag // key in the filter name and the tag value as the filter value. For example, // to find all resources that have a tag with the key Owner and the value TeamA, // specify tag:Owner for the filter name and TeamA for the filter value. Tags []*Tag `locationName:"tagSet" locationNameList:"item" type:"list"` + + // IPAM is offered in a Free Tier and an Advanced Tier. For more information + // about the features available in each tier and the costs associated with the + // tiers, see Amazon VPC pricing > IPAM tab (http://aws.amazon.com/vpc/pricing/). + Tier *string `locationName:"tier" type:"string" enum:"IpamTier"` } // String returns the string representation. @@ -128950,6 +139079,18 @@ func (s Ipam) GoString() string { return s.String() } +// SetDefaultResourceDiscoveryAssociationId sets the DefaultResourceDiscoveryAssociationId field's value. +func (s *Ipam) SetDefaultResourceDiscoveryAssociationId(v string) *Ipam { + s.DefaultResourceDiscoveryAssociationId = &v + return s +} + +// SetDefaultResourceDiscoveryId sets the DefaultResourceDiscoveryId field's value. +func (s *Ipam) SetDefaultResourceDiscoveryId(v string) *Ipam { + s.DefaultResourceDiscoveryId = &v + return s +} + // SetDescription sets the Description field's value. func (s *Ipam) SetDescription(v string) *Ipam { s.Description = &v @@ -128998,6 +139139,12 @@ func (s *Ipam) SetPublicDefaultScopeId(v string) *Ipam { return s } +// SetResourceDiscoveryAssociationCount sets the ResourceDiscoveryAssociationCount field's value. +func (s *Ipam) SetResourceDiscoveryAssociationCount(v int64) *Ipam { + s.ResourceDiscoveryAssociationCount = &v + return s +} + // SetScopeCount sets the ScopeCount field's value. func (s *Ipam) SetScopeCount(v int64) *Ipam { s.ScopeCount = &v @@ -129010,12 +139157,24 @@ func (s *Ipam) SetState(v string) *Ipam { return s } +// SetStateMessage sets the StateMessage field's value. +func (s *Ipam) SetStateMessage(v string) *Ipam { + s.StateMessage = &v + return s +} + // SetTags sets the Tags field's value. func (s *Ipam) SetTags(v []*Tag) *Ipam { s.Tags = v return s } +// SetTier sets the Tier field's value. +func (s *Ipam) SetTier(v string) *Ipam { + s.Tier = &v + return s +} + // The historical record of a CIDR within an IPAM scope. For more information, // see View the history of IP addresses (https://docs.aws.amazon.com/vpc/latest/ipam/view-history-cidr-ipam.html) // in the Amazon VPC IPAM User Guide. @@ -129191,6 +139350,462 @@ func (s *IpamCidrAuthorizationContext) SetSignature(v string) *IpamCidrAuthoriza return s } +// An IPAM discovered account. A discovered account is an Amazon Web Services +// account that is monitored under a resource discovery. If you have integrated +// IPAM with Amazon Web Services Organizations, all accounts in the organization +// are discovered accounts. +type IpamDiscoveredAccount struct { + _ struct{} `type:"structure"` + + // The account ID. + AccountId *string `locationName:"accountId" type:"string"` + + // The Amazon Web Services Region that the account information is returned from. + // An account can be discovered in multiple regions and will have a separate + // discovered account for each Region. + DiscoveryRegion *string `locationName:"discoveryRegion" type:"string"` + + // The resource discovery failure reason. + FailureReason *IpamDiscoveryFailureReason `locationName:"failureReason" type:"structure"` + + // The last attempted resource discovery time. + LastAttemptedDiscoveryTime *time.Time `locationName:"lastAttemptedDiscoveryTime" type:"timestamp"` + + // The last successful resource discovery time. + LastSuccessfulDiscoveryTime *time.Time `locationName:"lastSuccessfulDiscoveryTime" type:"timestamp"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s IpamDiscoveredAccount) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s IpamDiscoveredAccount) GoString() string { + return s.String() +} + +// SetAccountId sets the AccountId field's value. +func (s *IpamDiscoveredAccount) SetAccountId(v string) *IpamDiscoveredAccount { + s.AccountId = &v + return s +} + +// SetDiscoveryRegion sets the DiscoveryRegion field's value. +func (s *IpamDiscoveredAccount) SetDiscoveryRegion(v string) *IpamDiscoveredAccount { + s.DiscoveryRegion = &v + return s +} + +// SetFailureReason sets the FailureReason field's value. +func (s *IpamDiscoveredAccount) SetFailureReason(v *IpamDiscoveryFailureReason) *IpamDiscoveredAccount { + s.FailureReason = v + return s +} + +// SetLastAttemptedDiscoveryTime sets the LastAttemptedDiscoveryTime field's value. +func (s *IpamDiscoveredAccount) SetLastAttemptedDiscoveryTime(v time.Time) *IpamDiscoveredAccount { + s.LastAttemptedDiscoveryTime = &v + return s +} + +// SetLastSuccessfulDiscoveryTime sets the LastSuccessfulDiscoveryTime field's value. +func (s *IpamDiscoveredAccount) SetLastSuccessfulDiscoveryTime(v time.Time) *IpamDiscoveredAccount { + s.LastSuccessfulDiscoveryTime = &v + return s +} + +// A public IP Address discovered by IPAM. +type IpamDiscoveredPublicAddress struct { + _ struct{} `type:"structure"` + + // The IP address. + Address *string `locationName:"address" type:"string"` + + // The allocation ID of the resource the IP address is assigned to. + AddressAllocationId *string `locationName:"addressAllocationId" type:"string"` + + // The ID of the owner of the resource the IP address is assigned to. + AddressOwnerId *string `locationName:"addressOwnerId" type:"string"` + + // The Region of the resource the IP address is assigned to. + AddressRegion *string `locationName:"addressRegion" type:"string"` + + // The IP address type. + AddressType *string `locationName:"addressType" type:"string" enum:"IpamPublicAddressType"` + + // The association status. + AssociationStatus *string `locationName:"associationStatus" type:"string" enum:"IpamPublicAddressAssociationStatus"` + + // The instance ID of the instance the assigned IP address is assigned to. + InstanceId *string `locationName:"instanceId" type:"string"` + + // The resource discovery ID. + IpamResourceDiscoveryId *string `locationName:"ipamResourceDiscoveryId" type:"string"` + + // The network border group that the resource that the IP address is assigned + // to is in. + NetworkBorderGroup *string `locationName:"networkBorderGroup" type:"string"` + + // The description of the network interface that IP address is assigned to. + NetworkInterfaceDescription *string `locationName:"networkInterfaceDescription" type:"string"` + + // The network interface ID of the resource with the assigned IP address. + NetworkInterfaceId *string `locationName:"networkInterfaceId" type:"string"` + + // The ID of the public IPv4 pool that the resource with the assigned IP address + // is from. + PublicIpv4PoolId *string `locationName:"publicIpv4PoolId" type:"string"` + + // The last successful resource discovery time. + SampleTime *time.Time `locationName:"sampleTime" type:"timestamp"` + + // Security groups associated with the resource that the IP address is assigned + // to. + SecurityGroups []*IpamPublicAddressSecurityGroup `locationName:"securityGroupSet" locationNameList:"item" type:"list"` + + // The Amazon Web Services service associated with the IP address. + Service *string `locationName:"service" type:"string" enum:"IpamPublicAddressAwsService"` + + // The resource ARN or ID. + ServiceResource *string `locationName:"serviceResource" type:"string"` + + // The ID of the subnet that the resource with the assigned IP address is in. + SubnetId *string `locationName:"subnetId" type:"string"` + + // Tags associated with the IP address. + Tags *IpamPublicAddressTags `locationName:"tags" type:"structure"` + + // The ID of the VPC that the resource with the assigned IP address is in. + VpcId *string `locationName:"vpcId" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s IpamDiscoveredPublicAddress) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s IpamDiscoveredPublicAddress) GoString() string { + return s.String() +} + +// SetAddress sets the Address field's value. +func (s *IpamDiscoveredPublicAddress) SetAddress(v string) *IpamDiscoveredPublicAddress { + s.Address = &v + return s +} + +// SetAddressAllocationId sets the AddressAllocationId field's value. +func (s *IpamDiscoveredPublicAddress) SetAddressAllocationId(v string) *IpamDiscoveredPublicAddress { + s.AddressAllocationId = &v + return s +} + +// SetAddressOwnerId sets the AddressOwnerId field's value. +func (s *IpamDiscoveredPublicAddress) SetAddressOwnerId(v string) *IpamDiscoveredPublicAddress { + s.AddressOwnerId = &v + return s +} + +// SetAddressRegion sets the AddressRegion field's value. +func (s *IpamDiscoveredPublicAddress) SetAddressRegion(v string) *IpamDiscoveredPublicAddress { + s.AddressRegion = &v + return s +} + +// SetAddressType sets the AddressType field's value. +func (s *IpamDiscoveredPublicAddress) SetAddressType(v string) *IpamDiscoveredPublicAddress { + s.AddressType = &v + return s +} + +// SetAssociationStatus sets the AssociationStatus field's value. +func (s *IpamDiscoveredPublicAddress) SetAssociationStatus(v string) *IpamDiscoveredPublicAddress { + s.AssociationStatus = &v + return s +} + +// SetInstanceId sets the InstanceId field's value. +func (s *IpamDiscoveredPublicAddress) SetInstanceId(v string) *IpamDiscoveredPublicAddress { + s.InstanceId = &v + return s +} + +// SetIpamResourceDiscoveryId sets the IpamResourceDiscoveryId field's value. +func (s *IpamDiscoveredPublicAddress) SetIpamResourceDiscoveryId(v string) *IpamDiscoveredPublicAddress { + s.IpamResourceDiscoveryId = &v + return s +} + +// SetNetworkBorderGroup sets the NetworkBorderGroup field's value. +func (s *IpamDiscoveredPublicAddress) SetNetworkBorderGroup(v string) *IpamDiscoveredPublicAddress { + s.NetworkBorderGroup = &v + return s +} + +// SetNetworkInterfaceDescription sets the NetworkInterfaceDescription field's value. +func (s *IpamDiscoveredPublicAddress) SetNetworkInterfaceDescription(v string) *IpamDiscoveredPublicAddress { + s.NetworkInterfaceDescription = &v + return s +} + +// SetNetworkInterfaceId sets the NetworkInterfaceId field's value. +func (s *IpamDiscoveredPublicAddress) SetNetworkInterfaceId(v string) *IpamDiscoveredPublicAddress { + s.NetworkInterfaceId = &v + return s +} + +// SetPublicIpv4PoolId sets the PublicIpv4PoolId field's value. +func (s *IpamDiscoveredPublicAddress) SetPublicIpv4PoolId(v string) *IpamDiscoveredPublicAddress { + s.PublicIpv4PoolId = &v + return s +} + +// SetSampleTime sets the SampleTime field's value. +func (s *IpamDiscoveredPublicAddress) SetSampleTime(v time.Time) *IpamDiscoveredPublicAddress { + s.SampleTime = &v + return s +} + +// SetSecurityGroups sets the SecurityGroups field's value. +func (s *IpamDiscoveredPublicAddress) SetSecurityGroups(v []*IpamPublicAddressSecurityGroup) *IpamDiscoveredPublicAddress { + s.SecurityGroups = v + return s +} + +// SetService sets the Service field's value. +func (s *IpamDiscoveredPublicAddress) SetService(v string) *IpamDiscoveredPublicAddress { + s.Service = &v + return s +} + +// SetServiceResource sets the ServiceResource field's value. +func (s *IpamDiscoveredPublicAddress) SetServiceResource(v string) *IpamDiscoveredPublicAddress { + s.ServiceResource = &v + return s +} + +// SetSubnetId sets the SubnetId field's value. +func (s *IpamDiscoveredPublicAddress) SetSubnetId(v string) *IpamDiscoveredPublicAddress { + s.SubnetId = &v + return s +} + +// SetTags sets the Tags field's value. +func (s *IpamDiscoveredPublicAddress) SetTags(v *IpamPublicAddressTags) *IpamDiscoveredPublicAddress { + s.Tags = v + return s +} + +// SetVpcId sets the VpcId field's value. +func (s *IpamDiscoveredPublicAddress) SetVpcId(v string) *IpamDiscoveredPublicAddress { + s.VpcId = &v + return s +} + +// An IPAM discovered resource CIDR. A discovered resource is a resource CIDR +// monitored under a resource discovery. The following resources can be discovered: +// VPCs, Public IPv4 pools, VPC subnets, and Elastic IP addresses. The discovered +// resource CIDR is the IP address range in CIDR notation that is associated +// with the resource. +type IpamDiscoveredResourceCidr struct { + _ struct{} `type:"structure"` + + // The percentage of IP address space in use. To convert the decimal to a percentage, + // multiply the decimal by 100. Note the following: + // + // * For resources that are VPCs, this is the percentage of IP address space + // in the VPC that's taken up by subnet CIDRs. + // + // * For resources that are subnets, if the subnet has an IPv4 CIDR provisioned + // to it, this is the percentage of IPv4 address space in the subnet that's + // in use. If the subnet has an IPv6 CIDR provisioned to it, the percentage + // of IPv6 address space in use is not represented. The percentage of IPv6 + // address space in use cannot currently be calculated. + // + // * For resources that are public IPv4 pools, this is the percentage of + // IP address space in the pool that's been allocated to Elastic IP addresses + // (EIPs). + IpUsage *float64 `locationName:"ipUsage" type:"double"` + + // The resource discovery ID. + IpamResourceDiscoveryId *string `locationName:"ipamResourceDiscoveryId" type:"string"` + + // The resource CIDR. + ResourceCidr *string `locationName:"resourceCidr" type:"string"` + + // The resource ID. + ResourceId *string `locationName:"resourceId" type:"string"` + + // The resource owner ID. + ResourceOwnerId *string `locationName:"resourceOwnerId" type:"string"` + + // The resource Region. + ResourceRegion *string `locationName:"resourceRegion" type:"string"` + + // The resource tags. + ResourceTags []*IpamResourceTag `locationName:"resourceTagSet" locationNameList:"item" type:"list"` + + // The resource type. + ResourceType *string `locationName:"resourceType" type:"string" enum:"IpamResourceType"` + + // The last successful resource discovery time. + SampleTime *time.Time `locationName:"sampleTime" type:"timestamp"` + + // The VPC ID. + VpcId *string `locationName:"vpcId" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s IpamDiscoveredResourceCidr) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s IpamDiscoveredResourceCidr) GoString() string { + return s.String() +} + +// SetIpUsage sets the IpUsage field's value. +func (s *IpamDiscoveredResourceCidr) SetIpUsage(v float64) *IpamDiscoveredResourceCidr { + s.IpUsage = &v + return s +} + +// SetIpamResourceDiscoveryId sets the IpamResourceDiscoveryId field's value. +func (s *IpamDiscoveredResourceCidr) SetIpamResourceDiscoveryId(v string) *IpamDiscoveredResourceCidr { + s.IpamResourceDiscoveryId = &v + return s +} + +// SetResourceCidr sets the ResourceCidr field's value. +func (s *IpamDiscoveredResourceCidr) SetResourceCidr(v string) *IpamDiscoveredResourceCidr { + s.ResourceCidr = &v + return s +} + +// SetResourceId sets the ResourceId field's value. +func (s *IpamDiscoveredResourceCidr) SetResourceId(v string) *IpamDiscoveredResourceCidr { + s.ResourceId = &v + return s +} + +// SetResourceOwnerId sets the ResourceOwnerId field's value. +func (s *IpamDiscoveredResourceCidr) SetResourceOwnerId(v string) *IpamDiscoveredResourceCidr { + s.ResourceOwnerId = &v + return s +} + +// SetResourceRegion sets the ResourceRegion field's value. +func (s *IpamDiscoveredResourceCidr) SetResourceRegion(v string) *IpamDiscoveredResourceCidr { + s.ResourceRegion = &v + return s +} + +// SetResourceTags sets the ResourceTags field's value. +func (s *IpamDiscoveredResourceCidr) SetResourceTags(v []*IpamResourceTag) *IpamDiscoveredResourceCidr { + s.ResourceTags = v + return s +} + +// SetResourceType sets the ResourceType field's value. +func (s *IpamDiscoveredResourceCidr) SetResourceType(v string) *IpamDiscoveredResourceCidr { + s.ResourceType = &v + return s +} + +// SetSampleTime sets the SampleTime field's value. +func (s *IpamDiscoveredResourceCidr) SetSampleTime(v time.Time) *IpamDiscoveredResourceCidr { + s.SampleTime = &v + return s +} + +// SetVpcId sets the VpcId field's value. +func (s *IpamDiscoveredResourceCidr) SetVpcId(v string) *IpamDiscoveredResourceCidr { + s.VpcId = &v + return s +} + +// The discovery failure reason. +type IpamDiscoveryFailureReason struct { + _ struct{} `type:"structure"` + + // The discovery failure code. + // + // * assume-role-failure - IPAM could not assume the Amazon Web Services + // IAM service-linked role. This could be because of any of the following: + // SLR has not been created yet and IPAM is still creating it. You have opted-out + // of the IPAM home Region. Account you are using as your IPAM account has + // been suspended. + // + // * throttling-failure - IPAM account is already using the allotted transactions + // per second and IPAM is receiving a throttling error when assuming the + // Amazon Web Services IAM SLR. + // + // * unauthorized-failure - Amazon Web Services account making the request + // is not authorized. For more information, see AuthFailure (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/errors-overview.html) + // in the Amazon Elastic Compute Cloud API Reference. + Code *string `locationName:"code" type:"string" enum:"IpamDiscoveryFailureCode"` + + // The discovery failure message. + Message *string `locationName:"message" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s IpamDiscoveryFailureReason) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s IpamDiscoveryFailureReason) GoString() string { + return s.String() +} + +// SetCode sets the Code field's value. +func (s *IpamDiscoveryFailureReason) SetCode(v string) *IpamDiscoveryFailureReason { + s.Code = &v + return s +} + +// SetMessage sets the Message field's value. +func (s *IpamDiscoveryFailureReason) SetMessage(v string) *IpamDiscoveryFailureReason { + s.Message = &v + return s +} + // The operating Regions for an IPAM. Operating Regions are Amazon Web Services // Regions where the IPAM is allowed to manage IP address CIDRs. IPAM only discovers // and monitors resources in the Amazon Web Services Regions you select as operating @@ -129287,7 +139902,7 @@ type IpamPool struct { // The ARN of the IPAM. IpamArn *string `locationName:"ipamArn" min:"1" type:"string"` - // The ARN of the IPAM pool. + // The Amazon Resource Name (ARN) of the IPAM pool. IpamPoolArn *string `locationName:"ipamPoolArn" min:"1" type:"string"` // The ID of the IPAM pool. @@ -129325,6 +139940,15 @@ type IpamPool struct { // in the Amazon VPC IPAM User Guide. PoolDepth *int64 `locationName:"poolDepth" type:"integer"` + // The IP address source for pools in the public scope. Only used for provisioning + // IP address CIDRs to pools in the public scope. Default is BYOIP. For more + // information, see Create IPv6 pools (https://docs.aws.amazon.com/vpc/latest/ipam/intro-create-ipv6-pools.html) + // in the Amazon VPC IPAM User Guide. By default, you can add only one Amazon-provided + // IPv6 CIDR block to a top-level IPv6 pool. For information on increasing the + // default limit, see Quotas for your IPAM (https://docs.aws.amazon.com/vpc/latest/ipam/quotas-ipam.html) + // in the Amazon VPC IPAM User Guide. + PublicIpSource *string `locationName:"publicIpSource" type:"string" enum:"IpamPoolPublicIpSource"` + // Determines if a pool is publicly advertisable. This option is not available // for pools with AddressFamily set to ipv4. PubliclyAdvertisable *bool `locationName:"publiclyAdvertisable" type:"boolean"` @@ -129333,10 +139957,13 @@ type IpamPool struct { // pool within an existing source pool. SourceIpamPoolId *string `locationName:"sourceIpamPoolId" type:"string"` + // The resource used to provision CIDRs to a resource planning pool. + SourceResource *IpamPoolSourceResource `locationName:"sourceResource" type:"structure"` + // The state of the IPAM pool. State *string `locationName:"state" type:"string" enum:"IpamPoolState"` - // A message related to the failed creation of an IPAM pool. + // The state message. StateMessage *string `locationName:"stateMessage" type:"string"` // The key/value combination of a tag assigned to the resource. Use the tag @@ -129466,6 +140093,12 @@ func (s *IpamPool) SetPoolDepth(v int64) *IpamPool { return s } +// SetPublicIpSource sets the PublicIpSource field's value. +func (s *IpamPool) SetPublicIpSource(v string) *IpamPool { + s.PublicIpSource = &v + return s +} + // SetPubliclyAdvertisable sets the PubliclyAdvertisable field's value. func (s *IpamPool) SetPubliclyAdvertisable(v bool) *IpamPool { s.PubliclyAdvertisable = &v @@ -129478,6 +140111,12 @@ func (s *IpamPool) SetSourceIpamPoolId(v string) *IpamPool { return s } +// SetSourceResource sets the SourceResource field's value. +func (s *IpamPool) SetSourceResource(v *IpamPoolSourceResource) *IpamPool { + s.SourceResource = v + return s +} + // SetState sets the State field's value. func (s *IpamPool) SetState(v string) *IpamPool { s.State = &v @@ -129497,7 +140136,7 @@ func (s *IpamPool) SetTags(v []*Tag) *IpamPool { } // In IPAM, an allocation is a CIDR assignment from an IPAM pool to another -// resource or IPAM pool. +// IPAM pool or to a resource. type IpamPoolAllocation struct { _ struct{} `type:"structure"` @@ -129599,6 +140238,15 @@ type IpamPoolCidr struct { // Details related to why an IPAM pool CIDR failed to be provisioned. FailureReason *IpamPoolCidrFailureReason `locationName:"failureReason" type:"structure"` + // The IPAM pool CIDR ID. + IpamPoolCidrId *string `locationName:"ipamPoolCidrId" type:"string"` + + // The netmask length of the CIDR you'd like to provision to a pool. Can be + // used for provisioning Amazon-provided IPv6 CIDRs to top-level pools and for + // provisioning CIDRs to pools with source pools. Cannot be used to provision + // BYOIP CIDRs to top-level pools. "NetmaskLength" or "Cidr" is required. + NetmaskLength *int64 `locationName:"netmaskLength" type:"integer"` + // The state of the CIDR. State *string `locationName:"state" type:"string" enum:"IpamPoolCidrState"` } @@ -129633,6 +140281,18 @@ func (s *IpamPoolCidr) SetFailureReason(v *IpamPoolCidrFailureReason) *IpamPoolC return s } +// SetIpamPoolCidrId sets the IpamPoolCidrId field's value. +func (s *IpamPoolCidr) SetIpamPoolCidrId(v string) *IpamPoolCidr { + s.IpamPoolCidrId = &v + return s +} + +// SetNetmaskLength sets the NetmaskLength field's value. +func (s *IpamPoolCidr) SetNetmaskLength(v int64) *IpamPoolCidr { + s.NetmaskLength = &v + return s +} + // SetState sets the State field's value. func (s *IpamPoolCidr) SetState(v string) *IpamPoolCidr { s.State = &v @@ -129680,6 +140340,238 @@ func (s *IpamPoolCidrFailureReason) SetMessage(v string) *IpamPoolCidrFailureRea return s } +// The resource used to provision CIDRs to a resource planning pool. +type IpamPoolSourceResource struct { + _ struct{} `type:"structure"` + + // The source resource ID. + ResourceId *string `locationName:"resourceId" type:"string"` + + // The source resource owner. + ResourceOwner *string `locationName:"resourceOwner" type:"string"` + + // The source resource Region. + ResourceRegion *string `locationName:"resourceRegion" type:"string"` + + // The source resource type. + ResourceType *string `locationName:"resourceType" type:"string" enum:"IpamPoolSourceResourceType"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s IpamPoolSourceResource) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s IpamPoolSourceResource) GoString() string { + return s.String() +} + +// SetResourceId sets the ResourceId field's value. +func (s *IpamPoolSourceResource) SetResourceId(v string) *IpamPoolSourceResource { + s.ResourceId = &v + return s +} + +// SetResourceOwner sets the ResourceOwner field's value. +func (s *IpamPoolSourceResource) SetResourceOwner(v string) *IpamPoolSourceResource { + s.ResourceOwner = &v + return s +} + +// SetResourceRegion sets the ResourceRegion field's value. +func (s *IpamPoolSourceResource) SetResourceRegion(v string) *IpamPoolSourceResource { + s.ResourceRegion = &v + return s +} + +// SetResourceType sets the ResourceType field's value. +func (s *IpamPoolSourceResource) SetResourceType(v string) *IpamPoolSourceResource { + s.ResourceType = &v + return s +} + +// The resource used to provision CIDRs to a resource planning pool. +type IpamPoolSourceResourceRequest struct { + _ struct{} `type:"structure"` + + // The source resource ID. + ResourceId *string `type:"string"` + + // The source resource owner. + ResourceOwner *string `type:"string"` + + // The source resource Region. + ResourceRegion *string `type:"string"` + + // The source resource type. + ResourceType *string `type:"string" enum:"IpamPoolSourceResourceType"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s IpamPoolSourceResourceRequest) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s IpamPoolSourceResourceRequest) GoString() string { + return s.String() +} + +// SetResourceId sets the ResourceId field's value. +func (s *IpamPoolSourceResourceRequest) SetResourceId(v string) *IpamPoolSourceResourceRequest { + s.ResourceId = &v + return s +} + +// SetResourceOwner sets the ResourceOwner field's value. +func (s *IpamPoolSourceResourceRequest) SetResourceOwner(v string) *IpamPoolSourceResourceRequest { + s.ResourceOwner = &v + return s +} + +// SetResourceRegion sets the ResourceRegion field's value. +func (s *IpamPoolSourceResourceRequest) SetResourceRegion(v string) *IpamPoolSourceResourceRequest { + s.ResourceRegion = &v + return s +} + +// SetResourceType sets the ResourceType field's value. +func (s *IpamPoolSourceResourceRequest) SetResourceType(v string) *IpamPoolSourceResourceRequest { + s.ResourceType = &v + return s +} + +// The security group that the resource with the public IP address is in. +type IpamPublicAddressSecurityGroup struct { + _ struct{} `type:"structure"` + + // The security group's ID. + GroupId *string `locationName:"groupId" type:"string"` + + // The security group's name. + GroupName *string `locationName:"groupName" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s IpamPublicAddressSecurityGroup) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s IpamPublicAddressSecurityGroup) GoString() string { + return s.String() +} + +// SetGroupId sets the GroupId field's value. +func (s *IpamPublicAddressSecurityGroup) SetGroupId(v string) *IpamPublicAddressSecurityGroup { + s.GroupId = &v + return s +} + +// SetGroupName sets the GroupName field's value. +func (s *IpamPublicAddressSecurityGroup) SetGroupName(v string) *IpamPublicAddressSecurityGroup { + s.GroupName = &v + return s +} + +// A tag for a public IP address discovered by IPAM. +type IpamPublicAddressTag struct { + _ struct{} `type:"structure"` + + // The tag's key. + Key *string `locationName:"key" type:"string"` + + // The tag's value. + Value *string `locationName:"value" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s IpamPublicAddressTag) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s IpamPublicAddressTag) GoString() string { + return s.String() +} + +// SetKey sets the Key field's value. +func (s *IpamPublicAddressTag) SetKey(v string) *IpamPublicAddressTag { + s.Key = &v + return s +} + +// SetValue sets the Value field's value. +func (s *IpamPublicAddressTag) SetValue(v string) *IpamPublicAddressTag { + s.Value = &v + return s +} + +// Tags for a public IP address discovered by IPAM. +type IpamPublicAddressTags struct { + _ struct{} `type:"structure"` + + // Tags for an Elastic IP address. + EipTags []*IpamPublicAddressTag `locationName:"eipTagSet" locationNameList:"item" type:"list"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s IpamPublicAddressTags) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s IpamPublicAddressTags) GoString() string { + return s.String() +} + +// SetEipTags sets the EipTags field's value. +func (s *IpamPublicAddressTags) SetEipTags(v []*IpamPublicAddressTag) *IpamPublicAddressTags { + s.EipTags = v + return s +} + // The CIDR for an IPAM resource. type IpamResourceCidr struct { _ struct{} `type:"structure"` @@ -129692,8 +140584,8 @@ type IpamResourceCidr struct { // The percentage of IP address space in use. To convert the decimal to a percentage, // multiply the decimal by 100. Note the following: // - // * For a resources that are VPCs, this is the percentage of IP address - // space in the VPC that's taken up by subnet CIDRs. + // * For resources that are VPCs, this is the percentage of IP address space + // in the VPC that's taken up by subnet CIDRs. // // * For resources that are subnets, if the subnet has an IPv4 CIDR provisioned // to it, this is the percentage of IPv4 address space in the subnet that's @@ -129859,6 +140751,301 @@ func (s *IpamResourceCidr) SetVpcId(v string) *IpamResourceCidr { return s } +// A resource discovery is an IPAM component that enables IPAM to manage and +// monitor resources that belong to the owning account. +type IpamResourceDiscovery struct { + _ struct{} `type:"structure"` + + // The resource discovery description. + Description *string `locationName:"description" type:"string"` + + // The resource discovery Amazon Resource Name (ARN). + IpamResourceDiscoveryArn *string `locationName:"ipamResourceDiscoveryArn" type:"string"` + + // The resource discovery ID. + IpamResourceDiscoveryId *string `locationName:"ipamResourceDiscoveryId" type:"string"` + + // The resource discovery Region. + IpamResourceDiscoveryRegion *string `locationName:"ipamResourceDiscoveryRegion" type:"string"` + + // Defines if the resource discovery is the default. The default resource discovery + // is the resource discovery automatically created when you create an IPAM. + IsDefault *bool `locationName:"isDefault" type:"boolean"` + + // The operating Regions for the resource discovery. Operating Regions are Amazon + // Web Services Regions where the IPAM is allowed to manage IP address CIDRs. + // IPAM only discovers and monitors resources in the Amazon Web Services Regions + // you select as operating Regions. + OperatingRegions []*IpamOperatingRegion `locationName:"operatingRegionSet" locationNameList:"item" type:"list"` + + // The ID of the owner. + OwnerId *string `locationName:"ownerId" type:"string"` + + // The lifecycle state of the resource discovery. + // + // * create-in-progress - Resource discovery is being created. + // + // * create-complete - Resource discovery creation is complete. + // + // * create-failed - Resource discovery creation has failed. + // + // * modify-in-progress - Resource discovery is being modified. + // + // * modify-complete - Resource discovery modification is complete. + // + // * modify-failed - Resource discovery modification has failed. + // + // * delete-in-progress - Resource discovery is being deleted. + // + // * delete-complete - Resource discovery deletion is complete. + // + // * delete-failed - Resource discovery deletion has failed. + // + // * isolate-in-progress - Amazon Web Services account that created the resource + // discovery has been removed and the resource discovery is being isolated. + // + // * isolate-complete - Resource discovery isolation is complete. + // + // * restore-in-progress - Amazon Web Services account that created the resource + // discovery and was isolated has been restored. + State *string `locationName:"state" type:"string" enum:"IpamResourceDiscoveryState"` + + // A tag is a label that you assign to an Amazon Web Services resource. Each + // tag consists of a key and an optional value. You can use tags to search and + // filter your resources or track your Amazon Web Services costs. + Tags []*Tag `locationName:"tagSet" locationNameList:"item" type:"list"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s IpamResourceDiscovery) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s IpamResourceDiscovery) GoString() string { + return s.String() +} + +// SetDescription sets the Description field's value. +func (s *IpamResourceDiscovery) SetDescription(v string) *IpamResourceDiscovery { + s.Description = &v + return s +} + +// SetIpamResourceDiscoveryArn sets the IpamResourceDiscoveryArn field's value. +func (s *IpamResourceDiscovery) SetIpamResourceDiscoveryArn(v string) *IpamResourceDiscovery { + s.IpamResourceDiscoveryArn = &v + return s +} + +// SetIpamResourceDiscoveryId sets the IpamResourceDiscoveryId field's value. +func (s *IpamResourceDiscovery) SetIpamResourceDiscoveryId(v string) *IpamResourceDiscovery { + s.IpamResourceDiscoveryId = &v + return s +} + +// SetIpamResourceDiscoveryRegion sets the IpamResourceDiscoveryRegion field's value. +func (s *IpamResourceDiscovery) SetIpamResourceDiscoveryRegion(v string) *IpamResourceDiscovery { + s.IpamResourceDiscoveryRegion = &v + return s +} + +// SetIsDefault sets the IsDefault field's value. +func (s *IpamResourceDiscovery) SetIsDefault(v bool) *IpamResourceDiscovery { + s.IsDefault = &v + return s +} + +// SetOperatingRegions sets the OperatingRegions field's value. +func (s *IpamResourceDiscovery) SetOperatingRegions(v []*IpamOperatingRegion) *IpamResourceDiscovery { + s.OperatingRegions = v + return s +} + +// SetOwnerId sets the OwnerId field's value. +func (s *IpamResourceDiscovery) SetOwnerId(v string) *IpamResourceDiscovery { + s.OwnerId = &v + return s +} + +// SetState sets the State field's value. +func (s *IpamResourceDiscovery) SetState(v string) *IpamResourceDiscovery { + s.State = &v + return s +} + +// SetTags sets the Tags field's value. +func (s *IpamResourceDiscovery) SetTags(v []*Tag) *IpamResourceDiscovery { + s.Tags = v + return s +} + +// An IPAM resource discovery association. An associated resource discovery +// is a resource discovery that has been associated with an IPAM. IPAM aggregates +// the resource CIDRs discovered by the associated resource discovery. +type IpamResourceDiscoveryAssociation struct { + _ struct{} `type:"structure"` + + // The IPAM ARN. + IpamArn *string `locationName:"ipamArn" min:"1" type:"string"` + + // The IPAM ID. + IpamId *string `locationName:"ipamId" type:"string"` + + // The IPAM home Region. + IpamRegion *string `locationName:"ipamRegion" type:"string"` + + // The resource discovery association Amazon Resource Name (ARN). + IpamResourceDiscoveryAssociationArn *string `locationName:"ipamResourceDiscoveryAssociationArn" type:"string"` + + // The resource discovery association ID. + IpamResourceDiscoveryAssociationId *string `locationName:"ipamResourceDiscoveryAssociationId" type:"string"` + + // The resource discovery ID. + IpamResourceDiscoveryId *string `locationName:"ipamResourceDiscoveryId" type:"string"` + + // Defines if the resource discovery is the default. When you create an IPAM, + // a default resource discovery is created for your IPAM and it's associated + // with your IPAM. + IsDefault *bool `locationName:"isDefault" type:"boolean"` + + // The Amazon Web Services account ID of the resource discovery owner. + OwnerId *string `locationName:"ownerId" type:"string"` + + // The resource discovery status. + // + // * active - Connection or permissions required to read the results of the + // resource discovery are intact. + // + // * not-found - Connection or permissions required to read the results of + // the resource discovery are broken. This may happen if the owner of the + // resource discovery stopped sharing it or deleted the resource discovery. + // Verify the resource discovery still exists and the Amazon Web Services + // RAM resource share is still intact. + ResourceDiscoveryStatus *string `locationName:"resourceDiscoveryStatus" type:"string" enum:"IpamAssociatedResourceDiscoveryStatus"` + + // The lifecycle state of the association when you associate or disassociate + // a resource discovery. + // + // * associate-in-progress - Resource discovery is being associated. + // + // * associate-complete - Resource discovery association is complete. + // + // * associate-failed - Resource discovery association has failed. + // + // * disassociate-in-progress - Resource discovery is being disassociated. + // + // * disassociate-complete - Resource discovery disassociation is complete. + // + // * disassociate-failed - Resource discovery disassociation has failed. + // + // * isolate-in-progress - Amazon Web Services account that created the resource + // discovery association has been removed and the resource discovery associatation + // is being isolated. + // + // * isolate-complete - Resource discovery isolation is complete.. + // + // * restore-in-progress - Resource discovery is being restored. + State *string `locationName:"state" type:"string" enum:"IpamResourceDiscoveryAssociationState"` + + // A tag is a label that you assign to an Amazon Web Services resource. Each + // tag consists of a key and an optional value. You can use tags to search and + // filter your resources or track your Amazon Web Services costs. + Tags []*Tag `locationName:"tagSet" locationNameList:"item" type:"list"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s IpamResourceDiscoveryAssociation) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s IpamResourceDiscoveryAssociation) GoString() string { + return s.String() +} + +// SetIpamArn sets the IpamArn field's value. +func (s *IpamResourceDiscoveryAssociation) SetIpamArn(v string) *IpamResourceDiscoveryAssociation { + s.IpamArn = &v + return s +} + +// SetIpamId sets the IpamId field's value. +func (s *IpamResourceDiscoveryAssociation) SetIpamId(v string) *IpamResourceDiscoveryAssociation { + s.IpamId = &v + return s +} + +// SetIpamRegion sets the IpamRegion field's value. +func (s *IpamResourceDiscoveryAssociation) SetIpamRegion(v string) *IpamResourceDiscoveryAssociation { + s.IpamRegion = &v + return s +} + +// SetIpamResourceDiscoveryAssociationArn sets the IpamResourceDiscoveryAssociationArn field's value. +func (s *IpamResourceDiscoveryAssociation) SetIpamResourceDiscoveryAssociationArn(v string) *IpamResourceDiscoveryAssociation { + s.IpamResourceDiscoveryAssociationArn = &v + return s +} + +// SetIpamResourceDiscoveryAssociationId sets the IpamResourceDiscoveryAssociationId field's value. +func (s *IpamResourceDiscoveryAssociation) SetIpamResourceDiscoveryAssociationId(v string) *IpamResourceDiscoveryAssociation { + s.IpamResourceDiscoveryAssociationId = &v + return s +} + +// SetIpamResourceDiscoveryId sets the IpamResourceDiscoveryId field's value. +func (s *IpamResourceDiscoveryAssociation) SetIpamResourceDiscoveryId(v string) *IpamResourceDiscoveryAssociation { + s.IpamResourceDiscoveryId = &v + return s +} + +// SetIsDefault sets the IsDefault field's value. +func (s *IpamResourceDiscoveryAssociation) SetIsDefault(v bool) *IpamResourceDiscoveryAssociation { + s.IsDefault = &v + return s +} + +// SetOwnerId sets the OwnerId field's value. +func (s *IpamResourceDiscoveryAssociation) SetOwnerId(v string) *IpamResourceDiscoveryAssociation { + s.OwnerId = &v + return s +} + +// SetResourceDiscoveryStatus sets the ResourceDiscoveryStatus field's value. +func (s *IpamResourceDiscoveryAssociation) SetResourceDiscoveryStatus(v string) *IpamResourceDiscoveryAssociation { + s.ResourceDiscoveryStatus = &v + return s +} + +// SetState sets the State field's value. +func (s *IpamResourceDiscoveryAssociation) SetState(v string) *IpamResourceDiscoveryAssociation { + s.State = &v + return s +} + +// SetTags sets the Tags field's value. +func (s *IpamResourceDiscoveryAssociation) SetTags(v []*Tag) *IpamResourceDiscoveryAssociation { + s.Tags = v + return s +} + // The key/value combination of a tag assigned to the resource. Use the tag // key in the filter name and the tag value as the filter value. For example, // to find all resources that have a tag with the key Owner and the value TeamA, @@ -129925,7 +141112,7 @@ type IpamScope struct { // The Amazon Web Services Region of the IPAM scope. IpamRegion *string `locationName:"ipamRegion" type:"string"` - // The ARN of the scope. + // The Amazon Resource Name (ARN) of the scope. IpamScopeArn *string `locationName:"ipamScopeArn" min:"1" type:"string"` // The ID of the scope. @@ -130365,11 +141552,11 @@ func (s *Ipv6PrefixSpecificationResponse) SetIpv6Prefix(v string) *Ipv6PrefixSpe return s } -// [EC2-VPC only] Describes an IPv6 range. +// Describes an IPv6 address range. type Ipv6Range struct { _ struct{} `type:"structure"` - // The IPv6 CIDR range. You can either specify a CIDR range or a source security + // The IPv6 address range. You can either specify a CIDR block or a source security // group, not both. To specify a single IPv6 address, use the /128 prefix length. CidrIpv6 *string `locationName:"cidrIpv6" type:"string"` @@ -130669,7 +141856,7 @@ type LaunchSpecification struct { // Deprecated. AddressingType *string `locationName:"addressingType" type:"string"` - // One or more block device mapping entries. + // The block device mapping entries. BlockDeviceMappings []*BlockDeviceMapping `locationName:"blockDeviceMapping" locationNameList:"item" type:"list"` // Indicates whether the instance is optimized for EBS I/O. This optimization @@ -130699,8 +141886,8 @@ type LaunchSpecification struct { // Describes the monitoring of an instance. Monitoring *RunInstancesMonitoringEnabled `locationName:"monitoring" type:"structure"` - // One or more network interfaces. If you specify a network interface, you must - // specify subnet IDs and security group IDs using the network interface. + // The network interfaces. If you specify a network interface, you must specify + // subnet IDs and security group IDs using the network interface. NetworkInterfaces []*InstanceNetworkInterfaceSpecification `locationName:"networkInterfaceSet" locationNameList:"item" type:"list"` // The placement information for the instance. @@ -130709,16 +141896,19 @@ type LaunchSpecification struct { // The ID of the RAM disk. RamdiskId *string `locationName:"ramdiskId" type:"string"` - // One or more security groups. When requesting instances in a VPC, you must - // specify the IDs of the security groups. When requesting instances in EC2-Classic, - // you can specify the names or the IDs of the security groups. + // The IDs of the security groups. SecurityGroups []*GroupIdentifier `locationName:"groupSet" locationNameList:"item" type:"list"` // The ID of the subnet in which to launch the instance. SubnetId *string `locationName:"subnetId" type:"string"` - // The Base64-encoded user data for the instance. - UserData *string `locationName:"userData" type:"string"` + // The base64-encoded user data that instances use when starting up. User data + // is limited to 16 KB. + // + // UserData is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by LaunchSpecification's + // String and GoString methods. + UserData *string `locationName:"userData" type:"string" sensitive:"true"` } // String returns the string representation. @@ -131187,7 +142377,9 @@ func (s *LaunchTemplateCapacityReservationSpecificationResponse) SetCapacityRese type LaunchTemplateConfig struct { _ struct{} `type:"structure"` - // The launch template. + // The launch template to use. Make sure that the launch template does not contain + // the NetworkInterfaceId parameter because you can't specify a network interface + // ID in a Spot Fleet. LaunchTemplateSpecification *FleetLaunchTemplateSpecification `locationName:"launchTemplateSpecification" type:"structure"` // Any parameters that you specify override the same parameters in the launch @@ -131244,6 +142436,10 @@ func (s *LaunchTemplateConfig) SetOverrides(v []*LaunchTemplateOverrides) *Launc type LaunchTemplateCpuOptions struct { _ struct{} `type:"structure"` + // Indicates whether the instance is enabled for AMD SEV-SNP. For more information, + // see AMD SEV-SNP (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/sev-snp.html). + AmdSevSnp *string `locationName:"amdSevSnp" type:"string" enum:"AmdSevSnpSpecification"` + // The number of CPU cores for the instance. CoreCount *int64 `locationName:"coreCount" type:"integer"` @@ -131269,6 +142465,12 @@ func (s LaunchTemplateCpuOptions) GoString() string { return s.String() } +// SetAmdSevSnp sets the AmdSevSnp field's value. +func (s *LaunchTemplateCpuOptions) SetAmdSevSnp(v string) *LaunchTemplateCpuOptions { + s.AmdSevSnp = &v + return s +} + // SetCoreCount sets the CoreCount field's value. func (s *LaunchTemplateCpuOptions) SetCoreCount(v int64) *LaunchTemplateCpuOptions { s.CoreCount = &v @@ -131286,6 +142488,11 @@ func (s *LaunchTemplateCpuOptions) SetThreadsPerCore(v int64) *LaunchTemplateCpu type LaunchTemplateCpuOptionsRequest struct { _ struct{} `type:"structure"` + // Indicates whether to enable the instance for AMD SEV-SNP. AMD SEV-SNP is + // supported with M6a, R6a, and C6a instance types only. For more information, + // see AMD SEV-SNP (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/sev-snp.html). + AmdSevSnp *string `type:"string" enum:"AmdSevSnpSpecification"` + // The number of CPU cores for the instance. CoreCount *int64 `type:"integer"` @@ -131312,6 +142519,12 @@ func (s LaunchTemplateCpuOptionsRequest) GoString() string { return s.String() } +// SetAmdSevSnp sets the AmdSevSnp field's value. +func (s *LaunchTemplateCpuOptionsRequest) SetAmdSevSnp(v string) *LaunchTemplateCpuOptionsRequest { + s.AmdSevSnp = &v + return s +} + // SetCoreCount sets the CoreCount field's value. func (s *LaunchTemplateCpuOptionsRequest) SetCoreCount(v int64) *LaunchTemplateCpuOptionsRequest { s.CoreCount = &v @@ -131438,18 +142651,17 @@ type LaunchTemplateEbsBlockDeviceRequest struct { // // The following are the supported values for each volume type: // - // * gp3: 3,000-16,000 IOPS + // * gp3: 3,000 - 16,000 IOPS // - // * io1: 100-64,000 IOPS + // * io1: 100 - 64,000 IOPS // - // * io2: 100-64,000 IOPS + // * io2: 100 - 256,000 IOPS // - // For io1 and io2 volumes, we guarantee 64,000 IOPS only for Instances built - // on the Nitro System (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html#ec2-nitro-instances). - // Other instance families guarantee performance up to 32,000 IOPS. + // For io2 volumes, you can achieve up to 256,000 IOPS on instances built on + // the Nitro System (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html#ec2-nitro-instances). + // On other instances, you can achieve performance up to 32,000 IOPS. // - // This parameter is supported for io1, io2, and gp3 volumes only. This parameter - // is not supported for gp2, st1, sc1, or standard volumes. + // This parameter is supported for io1, io2, and gp3 volumes only. Iops *int64 `type:"integer"` // The ARN of the symmetric Key Management Service (KMS) CMK used for encryption. @@ -131467,17 +142679,19 @@ type LaunchTemplateEbsBlockDeviceRequest struct { // a volume size. The following are the supported volumes sizes for each volume // type: // - // * gp2 and gp3: 1-16,384 + // * gp2 and gp3: 1 - 16,384 GiB + // + // * io1: 4 - 16,384 GiB // - // * io1 and io2: 4-16,384 + // * io2: 4 - 65,536 GiB // - // * st1 and sc1: 125-16,384 + // * st1 and sc1: 125 - 16,384 GiB // - // * standard: 1-1,024 + // * standard: 1 - 1024 GiB VolumeSize *int64 `type:"integer"` - // The volume type. For more information, see Amazon EBS volume types (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html) - // in the Amazon Elastic Compute Cloud User Guide. + // The volume type. For more information, see Amazon EBS volume types (https://docs.aws.amazon.com/ebs/latest/userguide/ebs-volume-types.html) + // in the Amazon EBS User Guide. VolumeType *string `type:"string" enum:"VolumeType"` } @@ -131653,6 +142867,96 @@ func (s *LaunchTemplateElasticInferenceAcceleratorResponse) SetType(v string) *L return s } +// ENA Express uses Amazon Web Services Scalable Reliable Datagram (SRD) technology +// to increase the maximum bandwidth used per stream and minimize tail latency +// of network traffic between EC2 instances. With ENA Express, you can communicate +// between two EC2 instances in the same subnet within the same account, or +// in different accounts. Both sending and receiving instances must have ENA +// Express enabled. +// +// To improve the reliability of network packet delivery, ENA Express reorders +// network packets on the receiving end by default. However, some UDP-based +// applications are designed to handle network packets that are out of order +// to reduce the overhead for packet delivery at the network layer. When ENA +// Express is enabled, you can specify whether UDP network traffic uses it. +type LaunchTemplateEnaSrdSpecification struct { + _ struct{} `type:"structure"` + + // Indicates whether ENA Express is enabled for the network interface. + EnaSrdEnabled *bool `locationName:"enaSrdEnabled" type:"boolean"` + + // Configures ENA Express for UDP network traffic. + EnaSrdUdpSpecification *LaunchTemplateEnaSrdUdpSpecification `locationName:"enaSrdUdpSpecification" type:"structure"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s LaunchTemplateEnaSrdSpecification) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s LaunchTemplateEnaSrdSpecification) GoString() string { + return s.String() +} + +// SetEnaSrdEnabled sets the EnaSrdEnabled field's value. +func (s *LaunchTemplateEnaSrdSpecification) SetEnaSrdEnabled(v bool) *LaunchTemplateEnaSrdSpecification { + s.EnaSrdEnabled = &v + return s +} + +// SetEnaSrdUdpSpecification sets the EnaSrdUdpSpecification field's value. +func (s *LaunchTemplateEnaSrdSpecification) SetEnaSrdUdpSpecification(v *LaunchTemplateEnaSrdUdpSpecification) *LaunchTemplateEnaSrdSpecification { + s.EnaSrdUdpSpecification = v + return s +} + +// ENA Express is compatible with both TCP and UDP transport protocols. When +// it's enabled, TCP traffic automatically uses it. However, some UDP-based +// applications are designed to handle network packets that are out of order, +// without a need for retransmission, such as live video broadcasting or other +// near-real-time applications. For UDP traffic, you can specify whether to +// use ENA Express, based on your application environment needs. +type LaunchTemplateEnaSrdUdpSpecification struct { + _ struct{} `type:"structure"` + + // Indicates whether UDP traffic to and from the instance uses ENA Express. + // To specify this setting, you must first enable ENA Express. + EnaSrdUdpEnabled *bool `locationName:"enaSrdUdpEnabled" type:"boolean"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s LaunchTemplateEnaSrdUdpSpecification) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s LaunchTemplateEnaSrdUdpSpecification) GoString() string { + return s.String() +} + +// SetEnaSrdUdpEnabled sets the EnaSrdUdpEnabled field's value. +func (s *LaunchTemplateEnaSrdUdpSpecification) SetEnaSrdUdpEnabled(v bool) *LaunchTemplateEnaSrdUdpSpecification { + s.EnaSrdUdpEnabled = &v + return s +} + // Indicates whether the instance is enabled for Amazon Web Services Nitro Enclaves. type LaunchTemplateEnclaveOptions struct { _ struct{} `type:"structure"` @@ -132045,19 +143349,18 @@ type LaunchTemplateInstanceMetadataOptions struct { // Possible values: Integers from 1 to 64 HttpPutResponseHopLimit *int64 `locationName:"httpPutResponseHopLimit" type:"integer"` - // The state of token usage for your instance metadata requests. If the parameter - // is not specified in the request, the default state is optional. + // Indicates whether IMDSv2 is required. // - // If the state is optional, you can choose to retrieve instance metadata with - // or without a signed token header on your request. If you retrieve the IAM - // role credentials without a token, the version 1.0 role credentials are returned. - // If you retrieve the IAM role credentials using a valid signed token, the - // version 2.0 role credentials are returned. + // * optional - IMDSv2 is optional. You can choose whether to send a session + // token in your instance metadata retrieval requests. If you retrieve IAM + // role credentials without a session token, you receive the IMDSv1 role + // credentials. If you retrieve IAM role credentials using a valid session + // token, you receive the IMDSv2 role credentials. // - // If the state is required, you must send a signed token header with any instance - // metadata retrieval requests. In this state, retrieving the IAM role credentials - // always returns the version 2.0 credentials; the version 1.0 credentials are - // not available. + // * required - IMDSv2 is required. You must send a session token in your + // instance metadata retrieval requests. With this option, retrieving the + // IAM role credentials always returns IMDSv2 credentials; IMDSv1 credentials + // are not available. HttpTokens *string `locationName:"httpTokens" type:"string" enum:"LaunchTemplateHttpTokensState"` // Set to enabled to allow access to instance tags from the instance metadata. @@ -132157,19 +143460,21 @@ type LaunchTemplateInstanceMetadataOptionsRequest struct { // Possible values: Integers from 1 to 64 HttpPutResponseHopLimit *int64 `type:"integer"` - // The state of token usage for your instance metadata requests. If the parameter - // is not specified in the request, the default state is optional. + // Indicates whether IMDSv2 is required. // - // If the state is optional, you can choose to retrieve instance metadata with - // or without a signed token header on your request. If you retrieve the IAM - // role credentials without a token, the version 1.0 role credentials are returned. - // If you retrieve the IAM role credentials using a valid signed token, the - // version 2.0 role credentials are returned. + // * optional - IMDSv2 is optional. You can choose whether to send a session + // token in your instance metadata retrieval requests. If you retrieve IAM + // role credentials without a session token, you receive the IMDSv1 role + // credentials. If you retrieve IAM role credentials using a valid session + // token, you receive the IMDSv2 role credentials. // - // If the state is required, you must send a signed token header with any instance - // metadata retrieval requests. In this state, retrieving the IAM role credentials - // always returns the version 2.0 credentials; the version 1.0 credentials are - // not available. + // * required - IMDSv2 is required. You must send a session token in your + // instance metadata retrieval requests. With this option, retrieving the + // IAM role credentials always returns IMDSv2 credentials; IMDSv1 credentials + // are not available. + // + // Default: If the value of ImdsSupport for the Amazon Machine Image (AMI) for + // your instance is v2.0, the default is required. HttpTokens *string `type:"string" enum:"LaunchTemplateHttpTokensState"` // Set to enabled to allow access to instance tags from the instance metadata. @@ -132244,8 +143549,19 @@ type LaunchTemplateInstanceNetworkInterfaceSpecification struct { // Indicates whether to associate a public IPv4 address with eth0 for a new // network interface. + // + // Amazon Web Services charges for all public IPv4 addresses, including public + // IPv4 addresses associated with running instances and Elastic IP addresses. + // For more information, see the Public IPv4 Address tab on the Amazon VPC pricing + // page (http://aws.amazon.com/vpc/pricing/). AssociatePublicIpAddress *bool `locationName:"associatePublicIpAddress" type:"boolean"` + // A security group connection tracking specification that enables you to set + // the timeout for connection tracking on an Elastic network interface. For + // more information, see Connection tracking timeouts (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-connection-tracking.html#connection-tracking-timeouts) + // in the Amazon Elastic Compute Cloud User Guide. + ConnectionTrackingSpecification *ConnectionTrackingSpecification `locationName:"connectionTrackingSpecification" type:"structure"` + // Indicates whether the network interface is deleted when the instance is terminated. DeleteOnTermination *bool `locationName:"deleteOnTermination" type:"boolean"` @@ -132255,6 +143571,10 @@ type LaunchTemplateInstanceNetworkInterfaceSpecification struct { // The device index for the network interface attachment. DeviceIndex *int64 `locationName:"deviceIndex" type:"integer"` + // Contains the ENA Express settings for instances launched from your launch + // template. + EnaSrdSpecification *LaunchTemplateEnaSrdSpecification `locationName:"enaSrdSpecification" type:"structure"` + // The IDs of one or more security groups. Groups []*string `locationName:"groupSet" locationNameList:"groupId" type:"list"` @@ -132287,6 +143607,13 @@ type LaunchTemplateInstanceNetworkInterfaceSpecification struct { // The ID of the network interface. NetworkInterfaceId *string `locationName:"networkInterfaceId" type:"string"` + // The primary IPv6 address of the network interface. When you enable an IPv6 + // GUA address to be a primary IPv6, the first IPv6 GUA will be made the primary + // IPv6 address until the instance is terminated or the network interface is + // detached. For more information about primary IPv6 addresses, see RunInstances + // (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RunInstances.html). + PrimaryIpv6 *bool `locationName:"primaryIpv6" type:"boolean"` + // The primary private IPv4 address of the network interface. PrivateIpAddress *string `locationName:"privateIpAddress" type:"string"` @@ -132330,6 +143657,12 @@ func (s *LaunchTemplateInstanceNetworkInterfaceSpecification) SetAssociatePublic return s } +// SetConnectionTrackingSpecification sets the ConnectionTrackingSpecification field's value. +func (s *LaunchTemplateInstanceNetworkInterfaceSpecification) SetConnectionTrackingSpecification(v *ConnectionTrackingSpecification) *LaunchTemplateInstanceNetworkInterfaceSpecification { + s.ConnectionTrackingSpecification = v + return s +} + // SetDeleteOnTermination sets the DeleteOnTermination field's value. func (s *LaunchTemplateInstanceNetworkInterfaceSpecification) SetDeleteOnTermination(v bool) *LaunchTemplateInstanceNetworkInterfaceSpecification { s.DeleteOnTermination = &v @@ -132348,6 +143681,12 @@ func (s *LaunchTemplateInstanceNetworkInterfaceSpecification) SetDeviceIndex(v i return s } +// SetEnaSrdSpecification sets the EnaSrdSpecification field's value. +func (s *LaunchTemplateInstanceNetworkInterfaceSpecification) SetEnaSrdSpecification(v *LaunchTemplateEnaSrdSpecification) *LaunchTemplateInstanceNetworkInterfaceSpecification { + s.EnaSrdSpecification = v + return s +} + // SetGroups sets the Groups field's value. func (s *LaunchTemplateInstanceNetworkInterfaceSpecification) SetGroups(v []*string) *LaunchTemplateInstanceNetworkInterfaceSpecification { s.Groups = v @@ -132408,6 +143747,12 @@ func (s *LaunchTemplateInstanceNetworkInterfaceSpecification) SetNetworkInterfac return s } +// SetPrimaryIpv6 sets the PrimaryIpv6 field's value. +func (s *LaunchTemplateInstanceNetworkInterfaceSpecification) SetPrimaryIpv6(v bool) *LaunchTemplateInstanceNetworkInterfaceSpecification { + s.PrimaryIpv6 = &v + return s +} + // SetPrivateIpAddress sets the PrivateIpAddress field's value. func (s *LaunchTemplateInstanceNetworkInterfaceSpecification) SetPrivateIpAddress(v string) *LaunchTemplateInstanceNetworkInterfaceSpecification { s.PrivateIpAddress = &v @@ -132445,8 +143790,19 @@ type LaunchTemplateInstanceNetworkInterfaceSpecificationRequest struct { AssociateCarrierIpAddress *bool `type:"boolean"` // Associates a public IPv4 address with eth0 for a new network interface. + // + // Amazon Web Services charges for all public IPv4 addresses, including public + // IPv4 addresses associated with running instances and Elastic IP addresses. + // For more information, see the Public IPv4 Address tab on the Amazon VPC pricing + // page (http://aws.amazon.com/vpc/pricing/). AssociatePublicIpAddress *bool `type:"boolean"` + // A security group connection tracking specification that enables you to set + // the timeout for connection tracking on an Elastic network interface. For + // more information, see Connection tracking timeouts (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-connection-tracking.html#connection-tracking-timeouts) + // in the Amazon Elastic Compute Cloud User Guide. + ConnectionTrackingSpecification *ConnectionTrackingSpecificationRequest `type:"structure"` + // Indicates whether the network interface is deleted when the instance is terminated. DeleteOnTermination *bool `type:"boolean"` @@ -132456,6 +143812,9 @@ type LaunchTemplateInstanceNetworkInterfaceSpecificationRequest struct { // The device index for the network interface attachment. DeviceIndex *int64 `type:"integer"` + // Configure ENA Express settings for your launch template. + EnaSrdSpecification *EnaSrdSpecificationRequest `type:"structure"` + // The IDs of one or more security groups. Groups []*string `locationName:"SecurityGroupId" locationNameList:"SecurityGroupId" type:"list"` @@ -132501,6 +143860,13 @@ type LaunchTemplateInstanceNetworkInterfaceSpecificationRequest struct { // The ID of the network interface. NetworkInterfaceId *string `type:"string"` + // The primary IPv6 address of the network interface. When you enable an IPv6 + // GUA address to be a primary IPv6, the first IPv6 GUA will be made the primary + // IPv6 address until the instance is terminated or the network interface is + // detached. For more information about primary IPv6 addresses, see RunInstances + // (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RunInstances.html). + PrimaryIpv6 *bool `type:"boolean"` + // The primary private IPv4 address of the network interface. PrivateIpAddress *string `type:"string"` @@ -132544,6 +143910,12 @@ func (s *LaunchTemplateInstanceNetworkInterfaceSpecificationRequest) SetAssociat return s } +// SetConnectionTrackingSpecification sets the ConnectionTrackingSpecification field's value. +func (s *LaunchTemplateInstanceNetworkInterfaceSpecificationRequest) SetConnectionTrackingSpecification(v *ConnectionTrackingSpecificationRequest) *LaunchTemplateInstanceNetworkInterfaceSpecificationRequest { + s.ConnectionTrackingSpecification = v + return s +} + // SetDeleteOnTermination sets the DeleteOnTermination field's value. func (s *LaunchTemplateInstanceNetworkInterfaceSpecificationRequest) SetDeleteOnTermination(v bool) *LaunchTemplateInstanceNetworkInterfaceSpecificationRequest { s.DeleteOnTermination = &v @@ -132562,6 +143934,12 @@ func (s *LaunchTemplateInstanceNetworkInterfaceSpecificationRequest) SetDeviceIn return s } +// SetEnaSrdSpecification sets the EnaSrdSpecification field's value. +func (s *LaunchTemplateInstanceNetworkInterfaceSpecificationRequest) SetEnaSrdSpecification(v *EnaSrdSpecificationRequest) *LaunchTemplateInstanceNetworkInterfaceSpecificationRequest { + s.EnaSrdSpecification = v + return s +} + // SetGroups sets the Groups field's value. func (s *LaunchTemplateInstanceNetworkInterfaceSpecificationRequest) SetGroups(v []*string) *LaunchTemplateInstanceNetworkInterfaceSpecificationRequest { s.Groups = v @@ -132622,6 +144000,12 @@ func (s *LaunchTemplateInstanceNetworkInterfaceSpecificationRequest) SetNetworkI return s } +// SetPrimaryIpv6 sets the PrimaryIpv6 field's value. +func (s *LaunchTemplateInstanceNetworkInterfaceSpecificationRequest) SetPrimaryIpv6(v bool) *LaunchTemplateInstanceNetworkInterfaceSpecificationRequest { + s.PrimaryIpv6 = &v + return s +} + // SetPrivateIpAddress sets the PrivateIpAddress field's value. func (s *LaunchTemplateInstanceNetworkInterfaceSpecificationRequest) SetPrivateIpAddress(v string) *LaunchTemplateInstanceNetworkInterfaceSpecificationRequest { s.PrivateIpAddress = &v @@ -132758,6 +144142,12 @@ type LaunchTemplateOverrides struct { SubnetId *string `locationName:"subnetId" type:"string"` // The number of units provided by the specified instance type. + // + // When specifying weights, the price used in the lowest-price and price-capacity-optimized + // allocation strategies is per unit hour (where the instance price is divided + // by the specified weight). However, if all the specified weights are above + // the requested TargetCapacity, resulting in only 1 instance being launched, + // the price used is per instance hour. WeightedCapacity *float64 `locationName:"weightedCapacity" type:"double"` } @@ -132851,8 +144241,8 @@ type LaunchTemplatePlacement struct { // Reserved for future use. SpreadDomain *string `locationName:"spreadDomain" type:"string"` - // The tenancy of the instance (if the instance is running in a VPC). An instance - // with a tenancy of dedicated runs on single-tenant hardware. + // The tenancy of the instance. An instance with a tenancy of dedicated runs + // on single-tenant hardware. Tenancy *string `locationName:"tenancy" type:"string" enum:"Tenancy"` } @@ -132960,8 +144350,8 @@ type LaunchTemplatePlacementRequest struct { // Reserved for future use. SpreadDomain *string `type:"string"` - // The tenancy of the instance (if the instance is running in a VPC). An instance - // with a tenancy of dedicated runs on single-tenant hardware. + // The tenancy of the instance. An instance with a tenancy of dedicated runs + // on single-tenant hardware. Tenancy *string `type:"string" enum:"Tenancy"` } @@ -133419,9 +144809,11 @@ type LaunchTemplateTagSpecificationRequest struct { // The type of resource to tag. // - // The Valid Values are all the resource types that can be tagged. However, - // when creating a launch template, you can specify tags for the following resource - // types only: instance | volume | elastic-gpu | network-interface | spot-instances-request + // Valid Values lists all resource types for Amazon EC2 that can be tagged. + // When you create a launch template, you can specify tags for the following + // resource types only: instance | volume | network-interface | spot-instances-request. + // If the instance does not include the resource type that you specify, the + // instance launch fails. For example, not all instance types include a volume. // // To tag a resource after it has been created, see CreateTags (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateTags.html). ResourceType *string `type:"string" enum:"ResourceType"` @@ -133698,14 +145090,13 @@ type ListImagesInRecycleBinInput struct { // that are in the Recycle Bin. You can specify up to 20 IDs in a single request. ImageIds []*string `locationName:"ImageId" locationNameList:"ImageId" type:"list"` - // The maximum number of results to return with a single call. To retrieve the - // remaining results, make another call with the returned nextToken value. - // - // If you do not specify a value for MaxResults, the request returns 1,000 items - // per page by default. For more information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination). + // The maximum number of items to return for this request. To get the next page + // of items, make another request with the token returned in the output. For + // more information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination). MaxResults *int64 `min:"1" type:"integer"` - // The token for the next page of results. + // The token returned from a previous paginated request. Pagination continues + // from the end of the items returned by the previous request. NextToken *string `type:"string"` } @@ -133770,8 +145161,8 @@ type ListImagesInRecycleBinOutput struct { // Information about the AMIs. Images []*ImageRecycleBinInfo `locationName:"imageSet" locationNameList:"item" type:"list"` - // The token to use to retrieve the next page of results. This value is null - // when there are no more results to return. + // The token to include in another request to get the next page of items. This + // value is null when there are no more items to return. NextToken *string `locationName:"nextToken" type:"string"` } @@ -133814,11 +145205,13 @@ type ListSnapshotsInRecycleBinInput struct { // it is UnauthorizedOperation. DryRun *bool `type:"boolean"` - // The maximum number of results to return with a single call. To retrieve the - // remaining results, make another call with the returned nextToken value. + // The maximum number of items to return for this request. To get the next page + // of items, make another request with the token returned in the output. For + // more information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination). MaxResults *int64 `min:"5" type:"integer"` - // The token for the next page of results. + // The token returned from a previous paginated request. Pagination continues + // from the end of the items returned by the previous request. NextToken *string `type:"string"` // The IDs of the snapshots to list. Omit this parameter to list all of the @@ -133884,8 +145277,8 @@ func (s *ListSnapshotsInRecycleBinInput) SetSnapshotIds(v []*string) *ListSnapsh type ListSnapshotsInRecycleBinOutput struct { _ struct{} `type:"structure"` - // The token to use to retrieve the next page of results. This value is null - // when there are no more results to return. + // The token to include in another request to get the next page of items. This + // value is null when there are no more items to return. NextToken *string `locationName:"nextToken" type:"string"` // Information about the snapshots. @@ -134185,6 +145578,9 @@ type LocalGatewayRoute struct { // The CIDR block used for destination matches. DestinationCidrBlock *string `locationName:"destinationCidrBlock" type:"string"` + // The ID of the prefix list. + DestinationPrefixListId *string `locationName:"destinationPrefixListId" type:"string"` + // The Amazon Resource Name (ARN) of the local gateway route table. LocalGatewayRouteTableArn *string `locationName:"localGatewayRouteTableArn" min:"1" type:"string"` @@ -134240,6 +145636,12 @@ func (s *LocalGatewayRoute) SetDestinationCidrBlock(v string) *LocalGatewayRoute return s } +// SetDestinationPrefixListId sets the DestinationPrefixListId field's value. +func (s *LocalGatewayRoute) SetDestinationPrefixListId(v string) *LocalGatewayRoute { + s.DestinationPrefixListId = &v + return s +} + // SetLocalGatewayRouteTableArn sets the LocalGatewayRouteTableArn field's value. func (s *LocalGatewayRoute) SetLocalGatewayRouteTableArn(v string) *LocalGatewayRoute { s.LocalGatewayRouteTableArn = &v @@ -134762,6 +146164,481 @@ func (s *LocalGatewayVirtualInterfaceGroup) SetTags(v []*Tag) *LocalGatewayVirtu return s } +type LockSnapshotInput struct { + _ struct{} `type:"structure"` + + // The cooling-off period during which you can unlock the snapshot or modify + // the lock settings after locking the snapshot in compliance mode, in hours. + // After the cooling-off period expires, you can't unlock or delete the snapshot, + // decrease the lock duration, or change the lock mode. You can increase the + // lock duration after the cooling-off period expires. + // + // The cooling-off period is optional when locking a snapshot in compliance + // mode. If you are locking the snapshot in governance mode, omit this parameter. + // + // To lock the snapshot in compliance mode immediately without a cooling-off + // period, omit this parameter. + // + // If you are extending the lock duration for a snapshot that is locked in compliance + // mode after the cooling-off period has expired, omit this parameter. If you + // specify a cooling-period in a such a request, the request fails. + // + // Allowed values: Min 1, max 72. + CoolOffPeriod *int64 `min:"1" type:"integer"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The date and time at which the snapshot lock is to automatically expire, + // in the UTC time zone (YYYY-MM-DDThh:mm:ss.sssZ). + // + // You must specify either this parameter or LockDuration, but not both. + ExpirationDate *time.Time `type:"timestamp"` + + // The period of time for which to lock the snapshot, in days. The snapshot + // lock will automatically expire after this period lapses. + // + // You must specify either this parameter or ExpirationDate, but not both. + // + // Allowed values: Min: 1, max 36500 + LockDuration *int64 `min:"1" type:"integer"` + + // The mode in which to lock the snapshot. Specify one of the following: + // + // * governance - Locks the snapshot in governance mode. Snapshots locked + // in governance mode can't be deleted until one of the following conditions + // are met: The lock duration expires. The snapshot is unlocked by a user + // with the appropriate permissions. Users with the appropriate IAM permissions + // can unlock the snapshot, increase or decrease the lock duration, and change + // the lock mode to compliance at any time. If you lock a snapshot in governance + // mode, omit CoolOffPeriod. + // + // * compliance - Locks the snapshot in compliance mode. Snapshots locked + // in compliance mode can't be unlocked by any user. They can be deleted + // only after the lock duration expires. Users can't decrease the lock duration + // or change the lock mode to governance. However, users with appropriate + // IAM permissions can increase the lock duration at any time. If you lock + // a snapshot in compliance mode, you can optionally specify CoolOffPeriod. + // + // LockMode is a required field + LockMode *string `type:"string" required:"true" enum:"LockMode"` + + // The ID of the snapshot to lock. + // + // SnapshotId is a required field + SnapshotId *string `type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s LockSnapshotInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s LockSnapshotInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *LockSnapshotInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "LockSnapshotInput"} + if s.CoolOffPeriod != nil && *s.CoolOffPeriod < 1 { + invalidParams.Add(request.NewErrParamMinValue("CoolOffPeriod", 1)) + } + if s.LockDuration != nil && *s.LockDuration < 1 { + invalidParams.Add(request.NewErrParamMinValue("LockDuration", 1)) + } + if s.LockMode == nil { + invalidParams.Add(request.NewErrParamRequired("LockMode")) + } + if s.SnapshotId == nil { + invalidParams.Add(request.NewErrParamRequired("SnapshotId")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetCoolOffPeriod sets the CoolOffPeriod field's value. +func (s *LockSnapshotInput) SetCoolOffPeriod(v int64) *LockSnapshotInput { + s.CoolOffPeriod = &v + return s +} + +// SetDryRun sets the DryRun field's value. +func (s *LockSnapshotInput) SetDryRun(v bool) *LockSnapshotInput { + s.DryRun = &v + return s +} + +// SetExpirationDate sets the ExpirationDate field's value. +func (s *LockSnapshotInput) SetExpirationDate(v time.Time) *LockSnapshotInput { + s.ExpirationDate = &v + return s +} + +// SetLockDuration sets the LockDuration field's value. +func (s *LockSnapshotInput) SetLockDuration(v int64) *LockSnapshotInput { + s.LockDuration = &v + return s +} + +// SetLockMode sets the LockMode field's value. +func (s *LockSnapshotInput) SetLockMode(v string) *LockSnapshotInput { + s.LockMode = &v + return s +} + +// SetSnapshotId sets the SnapshotId field's value. +func (s *LockSnapshotInput) SetSnapshotId(v string) *LockSnapshotInput { + s.SnapshotId = &v + return s +} + +type LockSnapshotOutput struct { + _ struct{} `type:"structure"` + + // The compliance mode cooling-off period, in hours. + CoolOffPeriod *int64 `locationName:"coolOffPeriod" type:"integer"` + + // The date and time at which the compliance mode cooling-off period expires, + // in the UTC time zone (YYYY-MM-DDThh:mm:ss.sssZ). + CoolOffPeriodExpiresOn *time.Time `locationName:"coolOffPeriodExpiresOn" type:"timestamp"` + + // The date and time at which the snapshot was locked, in the UTC time zone + // (YYYY-MM-DDThh:mm:ss.sssZ). + LockCreatedOn *time.Time `locationName:"lockCreatedOn" type:"timestamp"` + + // The period of time for which the snapshot is locked, in days. + LockDuration *int64 `locationName:"lockDuration" type:"integer"` + + // The date and time at which the lock duration started, in the UTC time zone + // (YYYY-MM-DDThh:mm:ss.sssZ). + LockDurationStartTime *time.Time `locationName:"lockDurationStartTime" type:"timestamp"` + + // The date and time at which the lock will expire, in the UTC time zone (YYYY-MM-DDThh:mm:ss.sssZ). + LockExpiresOn *time.Time `locationName:"lockExpiresOn" type:"timestamp"` + + // The state of the snapshot lock. Valid states include: + // + // * compliance-cooloff - The snapshot has been locked in compliance mode + // but it is still within the cooling-off period. The snapshot can't be deleted, + // but it can be unlocked and the lock settings can be modified by users + // with appropriate permissions. + // + // * governance - The snapshot is locked in governance mode. The snapshot + // can't be deleted, but it can be unlocked and the lock settings can be + // modified by users with appropriate permissions. + // + // * compliance - The snapshot is locked in compliance mode and the cooling-off + // period has expired. The snapshot can't be unlocked or deleted. The lock + // duration can only be increased by users with appropriate permissions. + // + // * expired - The snapshot was locked in compliance or governance mode but + // the lock duration has expired. The snapshot is not locked and can be deleted. + LockState *string `locationName:"lockState" type:"string" enum:"LockState"` + + // The ID of the snapshot + SnapshotId *string `locationName:"snapshotId" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s LockSnapshotOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s LockSnapshotOutput) GoString() string { + return s.String() +} + +// SetCoolOffPeriod sets the CoolOffPeriod field's value. +func (s *LockSnapshotOutput) SetCoolOffPeriod(v int64) *LockSnapshotOutput { + s.CoolOffPeriod = &v + return s +} + +// SetCoolOffPeriodExpiresOn sets the CoolOffPeriodExpiresOn field's value. +func (s *LockSnapshotOutput) SetCoolOffPeriodExpiresOn(v time.Time) *LockSnapshotOutput { + s.CoolOffPeriodExpiresOn = &v + return s +} + +// SetLockCreatedOn sets the LockCreatedOn field's value. +func (s *LockSnapshotOutput) SetLockCreatedOn(v time.Time) *LockSnapshotOutput { + s.LockCreatedOn = &v + return s +} + +// SetLockDuration sets the LockDuration field's value. +func (s *LockSnapshotOutput) SetLockDuration(v int64) *LockSnapshotOutput { + s.LockDuration = &v + return s +} + +// SetLockDurationStartTime sets the LockDurationStartTime field's value. +func (s *LockSnapshotOutput) SetLockDurationStartTime(v time.Time) *LockSnapshotOutput { + s.LockDurationStartTime = &v + return s +} + +// SetLockExpiresOn sets the LockExpiresOn field's value. +func (s *LockSnapshotOutput) SetLockExpiresOn(v time.Time) *LockSnapshotOutput { + s.LockExpiresOn = &v + return s +} + +// SetLockState sets the LockState field's value. +func (s *LockSnapshotOutput) SetLockState(v string) *LockSnapshotOutput { + s.LockState = &v + return s +} + +// SetSnapshotId sets the SnapshotId field's value. +func (s *LockSnapshotOutput) SetSnapshotId(v string) *LockSnapshotOutput { + s.SnapshotId = &v + return s +} + +// Information about a locked snapshot. +type LockedSnapshotsInfo struct { + _ struct{} `type:"structure"` + + // The compliance mode cooling-off period, in hours. + CoolOffPeriod *int64 `locationName:"coolOffPeriod" type:"integer"` + + // The date and time at which the compliance mode cooling-off period expires, + // in the UTC time zone (YYYY-MM-DDThh:mm:ss.sssZ). + CoolOffPeriodExpiresOn *time.Time `locationName:"coolOffPeriodExpiresOn" type:"timestamp"` + + // The date and time at which the snapshot was locked, in the UTC time zone + // (YYYY-MM-DDThh:mm:ss.sssZ). + LockCreatedOn *time.Time `locationName:"lockCreatedOn" type:"timestamp"` + + // The period of time for which the snapshot is locked, in days. + LockDuration *int64 `locationName:"lockDuration" type:"integer"` + + // The date and time at which the lock duration started, in the UTC time zone + // (YYYY-MM-DDThh:mm:ss.sssZ). + // + // If you lock a snapshot that is in the pending state, the lock duration starts + // only once the snapshot enters the completed state. + LockDurationStartTime *time.Time `locationName:"lockDurationStartTime" type:"timestamp"` + + // The date and time at which the lock will expire, in the UTC time zone (YYYY-MM-DDThh:mm:ss.sssZ). + LockExpiresOn *time.Time `locationName:"lockExpiresOn" type:"timestamp"` + + // The state of the snapshot lock. Valid states include: + // + // * compliance-cooloff - The snapshot has been locked in compliance mode + // but it is still within the cooling-off period. The snapshot can't be deleted, + // but it can be unlocked and the lock settings can be modified by users + // with appropriate permissions. + // + // * governance - The snapshot is locked in governance mode. The snapshot + // can't be deleted, but it can be unlocked and the lock settings can be + // modified by users with appropriate permissions. + // + // * compliance - The snapshot is locked in compliance mode and the cooling-off + // period has expired. The snapshot can't be unlocked or deleted. The lock + // duration can only be increased by users with appropriate permissions. + // + // * expired - The snapshot was locked in compliance or governance mode but + // the lock duration has expired. The snapshot is not locked and can be deleted. + LockState *string `locationName:"lockState" type:"string" enum:"LockState"` + + // The account ID of the Amazon Web Services account that owns the snapshot. + OwnerId *string `locationName:"ownerId" type:"string"` + + // The ID of the snapshot. + SnapshotId *string `locationName:"snapshotId" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s LockedSnapshotsInfo) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s LockedSnapshotsInfo) GoString() string { + return s.String() +} + +// SetCoolOffPeriod sets the CoolOffPeriod field's value. +func (s *LockedSnapshotsInfo) SetCoolOffPeriod(v int64) *LockedSnapshotsInfo { + s.CoolOffPeriod = &v + return s +} + +// SetCoolOffPeriodExpiresOn sets the CoolOffPeriodExpiresOn field's value. +func (s *LockedSnapshotsInfo) SetCoolOffPeriodExpiresOn(v time.Time) *LockedSnapshotsInfo { + s.CoolOffPeriodExpiresOn = &v + return s +} + +// SetLockCreatedOn sets the LockCreatedOn field's value. +func (s *LockedSnapshotsInfo) SetLockCreatedOn(v time.Time) *LockedSnapshotsInfo { + s.LockCreatedOn = &v + return s +} + +// SetLockDuration sets the LockDuration field's value. +func (s *LockedSnapshotsInfo) SetLockDuration(v int64) *LockedSnapshotsInfo { + s.LockDuration = &v + return s +} + +// SetLockDurationStartTime sets the LockDurationStartTime field's value. +func (s *LockedSnapshotsInfo) SetLockDurationStartTime(v time.Time) *LockedSnapshotsInfo { + s.LockDurationStartTime = &v + return s +} + +// SetLockExpiresOn sets the LockExpiresOn field's value. +func (s *LockedSnapshotsInfo) SetLockExpiresOn(v time.Time) *LockedSnapshotsInfo { + s.LockExpiresOn = &v + return s +} + +// SetLockState sets the LockState field's value. +func (s *LockedSnapshotsInfo) SetLockState(v string) *LockedSnapshotsInfo { + s.LockState = &v + return s +} + +// SetOwnerId sets the OwnerId field's value. +func (s *LockedSnapshotsInfo) SetOwnerId(v string) *LockedSnapshotsInfo { + s.OwnerId = &v + return s +} + +// SetSnapshotId sets the SnapshotId field's value. +func (s *LockedSnapshotsInfo) SetSnapshotId(v string) *LockedSnapshotsInfo { + s.SnapshotId = &v + return s +} + +// Information about the EC2 Mac Dedicated Host. +type MacHost struct { + _ struct{} `type:"structure"` + + // The EC2 Mac Dedicated Host ID. + HostId *string `locationName:"hostId" type:"string"` + + // The latest macOS versions that the EC2 Mac Dedicated Host can launch without + // being upgraded. + MacOSLatestSupportedVersions []*string `locationName:"macOSLatestSupportedVersionSet" locationNameList:"item" type:"list"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s MacHost) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s MacHost) GoString() string { + return s.String() +} + +// SetHostId sets the HostId field's value. +func (s *MacHost) SetHostId(v string) *MacHost { + s.HostId = &v + return s +} + +// SetMacOSLatestSupportedVersions sets the MacOSLatestSupportedVersions field's value. +func (s *MacHost) SetMacOSLatestSupportedVersions(v []*string) *MacHost { + s.MacOSLatestSupportedVersions = v + return s +} + +// Details for Site-to-Site VPN tunnel endpoint maintenance events. +type MaintenanceDetails struct { + _ struct{} `type:"structure"` + + // Timestamp of last applied maintenance. + LastMaintenanceApplied *time.Time `locationName:"lastMaintenanceApplied" type:"timestamp"` + + // The timestamp after which Amazon Web Services will automatically apply maintenance. + MaintenanceAutoAppliedAfter *time.Time `locationName:"maintenanceAutoAppliedAfter" type:"timestamp"` + + // Verify existence of a pending maintenance. + PendingMaintenance *string `locationName:"pendingMaintenance" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s MaintenanceDetails) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s MaintenanceDetails) GoString() string { + return s.String() +} + +// SetLastMaintenanceApplied sets the LastMaintenanceApplied field's value. +func (s *MaintenanceDetails) SetLastMaintenanceApplied(v time.Time) *MaintenanceDetails { + s.LastMaintenanceApplied = &v + return s +} + +// SetMaintenanceAutoAppliedAfter sets the MaintenanceAutoAppliedAfter field's value. +func (s *MaintenanceDetails) SetMaintenanceAutoAppliedAfter(v time.Time) *MaintenanceDetails { + s.MaintenanceAutoAppliedAfter = &v + return s +} + +// SetPendingMaintenance sets the PendingMaintenance field's value. +func (s *MaintenanceDetails) SetPendingMaintenance(v string) *MaintenanceDetails { + s.PendingMaintenance = &v + return s +} + // Describes a managed prefix list. type ManagedPrefixList struct { _ struct{} `type:"structure"` @@ -134875,6 +146752,139 @@ func (s *ManagedPrefixList) SetVersion(v int64) *ManagedPrefixList { return s } +// Describes the media accelerators for the instance type. +type MediaAcceleratorInfo struct { + _ struct{} `type:"structure"` + + // Describes the media accelerators for the instance type. + Accelerators []*MediaDeviceInfo `locationName:"accelerators" locationNameList:"item" type:"list"` + + // The total size of the memory for the media accelerators for the instance + // type, in MiB. + TotalMediaMemoryInMiB *int64 `locationName:"totalMediaMemoryInMiB" type:"integer"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s MediaAcceleratorInfo) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s MediaAcceleratorInfo) GoString() string { + return s.String() +} + +// SetAccelerators sets the Accelerators field's value. +func (s *MediaAcceleratorInfo) SetAccelerators(v []*MediaDeviceInfo) *MediaAcceleratorInfo { + s.Accelerators = v + return s +} + +// SetTotalMediaMemoryInMiB sets the TotalMediaMemoryInMiB field's value. +func (s *MediaAcceleratorInfo) SetTotalMediaMemoryInMiB(v int64) *MediaAcceleratorInfo { + s.TotalMediaMemoryInMiB = &v + return s +} + +// Describes the media accelerators for the instance type. +type MediaDeviceInfo struct { + _ struct{} `type:"structure"` + + // The number of media accelerators for the instance type. + Count *int64 `locationName:"count" type:"integer"` + + // The manufacturer of the media accelerator. + Manufacturer *string `locationName:"manufacturer" type:"string"` + + // Describes the memory available to the media accelerator. + MemoryInfo *MediaDeviceMemoryInfo `locationName:"memoryInfo" type:"structure"` + + // The name of the media accelerator. + Name *string `locationName:"name" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s MediaDeviceInfo) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s MediaDeviceInfo) GoString() string { + return s.String() +} + +// SetCount sets the Count field's value. +func (s *MediaDeviceInfo) SetCount(v int64) *MediaDeviceInfo { + s.Count = &v + return s +} + +// SetManufacturer sets the Manufacturer field's value. +func (s *MediaDeviceInfo) SetManufacturer(v string) *MediaDeviceInfo { + s.Manufacturer = &v + return s +} + +// SetMemoryInfo sets the MemoryInfo field's value. +func (s *MediaDeviceInfo) SetMemoryInfo(v *MediaDeviceMemoryInfo) *MediaDeviceInfo { + s.MemoryInfo = v + return s +} + +// SetName sets the Name field's value. +func (s *MediaDeviceInfo) SetName(v string) *MediaDeviceInfo { + s.Name = &v + return s +} + +// Describes the memory available to the media accelerator. +type MediaDeviceMemoryInfo struct { + _ struct{} `type:"structure"` + + // The size of the memory available to each media accelerator, in MiB. + SizeInMiB *int64 `locationName:"sizeInMiB" type:"integer"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s MediaDeviceMemoryInfo) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s MediaDeviceMemoryInfo) GoString() string { + return s.String() +} + +// SetSizeInMiB sets the SizeInMiB field's value. +func (s *MediaDeviceMemoryInfo) SetSizeInMiB(v int64) *MediaDeviceMemoryInfo { + s.SizeInMiB = &v + return s +} + // The minimum and maximum amount of memory per vCPU, in GiB. type MemoryGiBPerVCpu struct { _ struct{} `type:"structure"` @@ -135094,7 +147104,7 @@ func (s *MemoryMiBRequest) SetMin(v int64) *MemoryMiBRequest { return s } -// Indicates whether the network was healthy or unhealthy at a particular point. +// Indicates whether the network was healthy or degraded at a particular point. // The value is aggregated from the startDate to the endDate. Currently only // five_minutes is supported. type MetricPoint struct { @@ -136099,6 +148109,8 @@ type ModifyFleetInput struct { // Indicates whether running instances should be terminated if the total target // capacity of the EC2 Fleet is decreased below the current size of the EC2 // Fleet. + // + // Supported only for fleets of type maintain. ExcessCapacityTerminationPolicy *string `type:"string" enum:"FleetExcessCapacityTerminationPolicy"` // The ID of the EC2 Fleet. @@ -136402,6 +148414,11 @@ type ModifyHostsInput struct { // HostIds is a required field HostIds []*string `locationName:"hostId" locationNameList:"item" type:"list" required:"true"` + // Indicates whether to enable or disable host maintenance for the Dedicated + // Host. For more information, see Host maintenance (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/dedicated-hosts-maintenance.html) + // in the Amazon EC2 User Guide. + HostMaintenance *string `type:"string" enum:"HostMaintenance"` + // Indicates whether to enable or disable host recovery for the Dedicated Host. // For more information, see Host recovery (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/dedicated-hosts-recovery.html) // in the Amazon EC2 User Guide. @@ -136469,6 +148486,12 @@ func (s *ModifyHostsInput) SetHostIds(v []*string) *ModifyHostsInput { return s } +// SetHostMaintenance sets the HostMaintenance field's value. +func (s *ModifyHostsInput) SetHostMaintenance(v string) *ModifyHostsInput { + s.HostMaintenance = &v + return s +} + // SetHostRecovery sets the HostRecovery field's value. func (s *ModifyHostsInput) SetHostRecovery(v string) *ModifyHostsInput { s.HostRecovery = &v @@ -136732,7 +148755,7 @@ type ModifyImageAttributeInput struct { // The name of the attribute to modify. // - // Valid values: description | launchPermission + // Valid values: description | imdsSupport | launchPermission Attribute *string `type:"string"` // A new description for the AMI. @@ -136749,6 +148772,18 @@ type ModifyImageAttributeInput struct { // ImageId is a required field ImageId *string `type:"string" required:"true"` + // Set to v2.0 to indicate that IMDSv2 is specified in the AMI. Instances launched + // from this AMI will have HttpTokens automatically set to required so that, + // by default, the instance requires that IMDSv2 is used when requesting instance + // metadata. In addition, HttpPutResponseHopLimit is set to 2. For more information, + // see Configure the AMI (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/configuring-IMDS-new-instances.html#configure-IMDS-new-instances-ami-configuration) + // in the Amazon EC2 User Guide. + // + // Do not use this parameter unless your AMI software supports IMDSv2. After + // you set the value to v2.0, you can't undo it. The only way to “reset” + // your AMI is to create a new AMI from the underlying snapshot. + ImdsSupport *AttributeValue `type:"structure"` + // A new launch permission for the AMI. LaunchPermission *LaunchPermissionModifications `type:"structure"` @@ -136776,7 +148811,7 @@ type ModifyImageAttributeInput struct { UserIds []*string `locationName:"UserId" locationNameList:"UserId" type:"list"` // The value of the attribute being modified. This parameter can be used only - // when the Attribute parameter is description. + // when the Attribute parameter is description or imdsSupport. Value *string `type:"string"` } @@ -136835,6 +148870,12 @@ func (s *ModifyImageAttributeInput) SetImageId(v string) *ModifyImageAttributeIn return s } +// SetImdsSupport sets the ImdsSupport field's value. +func (s *ModifyImageAttributeInput) SetImdsSupport(v *AttributeValue) *ModifyImageAttributeInput { + s.ImdsSupport = v + return s +} + // SetLaunchPermission sets the LaunchPermission field's value. func (s *ModifyImageAttributeInput) SetLaunchPermission(v *LaunchPermissionModifications) *ModifyImageAttributeInput { s.LaunchPermission = v @@ -136919,7 +148960,8 @@ type ModifyInstanceAttributeInput struct { // Modifies the DeleteOnTermination attribute for volumes that are currently // attached. The volume must be owned by the caller. If no value is specified // for DeleteOnTermination, the default is true and the volume is deleted when - // the instance is terminated. + // the instance is terminated. You can't modify the DeleteOnTermination attribute + // for volumes that are attached to Fargate tasks. // // To add instance store volumes to an Amazon EBS-backed instance, you must // add them when you launch the instance. For more information, see Update the @@ -136955,10 +148997,9 @@ type ModifyInstanceAttributeInput struct { // a PV instance can make it unreachable. EnaSupport *AttributeBooleanValue `locationName:"enaSupport" type:"structure"` - // [EC2-VPC] Replaces the security groups of the instance with the specified - // security groups. You must specify at least one security group, even if it's - // just the default security group for the VPC. You must specify the security - // group ID, not the security group name. + // Replaces the security groups of the instance with the specified security + // groups. You must specify the ID of at least one security group, even if it's + // just the default security group for the VPC. Groups []*string `locationName:"GroupId" locationNameList:"groupId" type:"list"` // The ID of the instance. @@ -137317,6 +149358,16 @@ func (s *ModifyInstanceCreditSpecificationInput) Validate() error { if s.InstanceCreditSpecifications == nil { invalidParams.Add(request.NewErrParamRequired("InstanceCreditSpecifications")) } + if s.InstanceCreditSpecifications != nil { + for i, v := range s.InstanceCreditSpecifications { + if v == nil { + continue + } + if err := v.Validate(); err != nil { + invalidParams.AddNested(fmt.Sprintf("%s[%v]", "InstanceCreditSpecifications", i), err.(request.ErrInvalidParams)) + } + } + } if invalidParams.Len() > 0 { return invalidParams @@ -137760,7 +149811,7 @@ type ModifyInstanceMetadataOptionsInput struct { HttpEndpoint *string `type:"string" enum:"InstanceMetadataEndpointState"` // Enables or disables the IPv6 endpoint for the instance metadata service. - // This setting applies only if you have enabled the HTTP metadata endpoint. + // Applies only if you enabled the HTTP metadata endpoint. HttpProtocolIpv6 *string `type:"string" enum:"InstanceMetadataProtocolState"` // The desired HTTP PUT response hop limit for instance metadata requests. The @@ -137770,19 +149821,21 @@ type ModifyInstanceMetadataOptionsInput struct { // Possible values: Integers from 1 to 64 HttpPutResponseHopLimit *int64 `type:"integer"` - // The state of token usage for your instance metadata requests. If the parameter - // is not specified in the request, the default state is optional. + // Indicates whether IMDSv2 is required. // - // If the state is optional, you can choose to retrieve instance metadata with - // or without a session token on your request. If you retrieve the IAM role - // credentials without a token, the version 1.0 role credentials are returned. - // If you retrieve the IAM role credentials using a valid session token, the - // version 2.0 role credentials are returned. + // * optional - IMDSv2 is optional. You can choose whether to send a session + // token in your instance metadata retrieval requests. If you retrieve IAM + // role credentials without a session token, you receive the IMDSv1 role + // credentials. If you retrieve IAM role credentials using a valid session + // token, you receive the IMDSv2 role credentials. // - // If the state is required, you must send a session token with any instance - // metadata retrieval requests. In this state, retrieving the IAM role credentials - // always returns the version 2.0 credentials; the version 1.0 credentials are - // not available. + // * required - IMDSv2 is required. You must send a session token in your + // instance metadata retrieval requests. With this option, retrieving the + // IAM role credentials always returns IMDSv2 credentials; IMDSv1 credentials + // are not available. + // + // Default: If the value of ImdsSupport for the Amazon Machine Image (AMI) for + // your instance is v2.0, the default is required. HttpTokens *string `type:"string" enum:"HttpTokensState"` // The ID of the instance. @@ -137794,8 +149847,6 @@ type ModifyInstanceMetadataOptionsInput struct { // Set to disabled to turn off access to instance tags from the instance metadata. // For more information, see Work with instance tags using the instance metadata // (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html#work-with-tags-in-IMDS). - // - // Default: disabled InstanceMetadataTags *string `type:"string" enum:"InstanceMetadataTagsState"` } @@ -137915,7 +149966,9 @@ func (s *ModifyInstanceMetadataOptionsOutput) SetInstanceMetadataOptions(v *Inst type ModifyInstancePlacementInput struct { _ struct{} `type:"structure"` - // The affinity setting for the instance. + // The affinity setting for the instance. For more information, see Host affinity + // (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/how-dedicated-hosts-work.html#dedicated-hosts-affinity) + // in the Amazon EC2 User Guide. Affinity *string `locationName:"affinity" type:"string" enum:"Affinity"` // The Group Id of a placement group. You must specify the Placement Group Group @@ -137933,7 +149986,8 @@ type ModifyInstancePlacementInput struct { // The ID of the Dedicated Host with which to associate the instance. HostId *string `locationName:"hostId" type:"string"` - // The ARN of the host resource group in which to place the instance. + // The ARN of the host resource group in which to place the instance. The instance + // must have a tenancy of host to specify this parameter. HostResourceGroupArn *string `type:"string"` // The ID of the instance that you are modifying. @@ -137947,9 +150001,10 @@ type ModifyInstancePlacementInput struct { // The tenancy for the instance. // - // For T3 instances, you can't change the tenancy from dedicated to host, or - // from host to dedicated. Attempting to make one of these unsupported tenancy - // changes results in the InvalidTenancy error code. + // For T3 instances, you must launch the instance on a Dedicated Host to use + // a tenancy of host. You can't change the tenancy from host to dedicated or + // default. Attempting to make one of these unsupported tenancy changes results + // in an InvalidRequest error code. Tenancy *string `locationName:"tenancy" type:"string" enum:"HostTenancy"` } @@ -138091,6 +150146,11 @@ type ModifyIpamInput struct { // The operating Regions to remove. RemoveOperatingRegions []*RemoveIpamOperatingRegion `locationName:"RemoveOperatingRegion" type:"list"` + + // IPAM is offered in a Free Tier and an Advanced Tier. For more information + // about the features available in each tier and the costs associated with the + // tiers, see Amazon VPC pricing > IPAM tab (http://aws.amazon.com/vpc/pricing/). + Tier *string `type:"string" enum:"IpamTier"` } // String returns the string representation. @@ -138154,6 +150214,12 @@ func (s *ModifyIpamInput) SetRemoveOperatingRegions(v []*RemoveIpamOperatingRegi return s } +// SetTier sets the Tier field's value. +func (s *ModifyIpamInput) SetTier(v string) *ModifyIpamInput { + s.Tier = &v + return s +} + type ModifyIpamOutput struct { _ struct{} `type:"structure"` @@ -138522,6 +150588,125 @@ func (s *ModifyIpamResourceCidrOutput) SetIpamResourceCidr(v *IpamResourceCidr) return s } +type ModifyIpamResourceDiscoveryInput struct { + _ struct{} `type:"structure"` + + // Add operating Regions to the resource discovery. Operating Regions are Amazon + // Web Services Regions where the IPAM is allowed to manage IP address CIDRs. + // IPAM only discovers and monitors resources in the Amazon Web Services Regions + // you select as operating Regions. + AddOperatingRegions []*AddIpamOperatingRegion `locationName:"AddOperatingRegion" type:"list"` + + // A resource discovery description. + Description *string `type:"string"` + + // A check for whether you have the required permissions for the action without + // actually making the request and provides an error response. If you have the + // required permissions, the error response is DryRunOperation. Otherwise, it + // is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // A resource discovery ID. + // + // IpamResourceDiscoveryId is a required field + IpamResourceDiscoveryId *string `type:"string" required:"true"` + + // Remove operating Regions. + RemoveOperatingRegions []*RemoveIpamOperatingRegion `locationName:"RemoveOperatingRegion" type:"list"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ModifyIpamResourceDiscoveryInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ModifyIpamResourceDiscoveryInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *ModifyIpamResourceDiscoveryInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "ModifyIpamResourceDiscoveryInput"} + if s.IpamResourceDiscoveryId == nil { + invalidParams.Add(request.NewErrParamRequired("IpamResourceDiscoveryId")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetAddOperatingRegions sets the AddOperatingRegions field's value. +func (s *ModifyIpamResourceDiscoveryInput) SetAddOperatingRegions(v []*AddIpamOperatingRegion) *ModifyIpamResourceDiscoveryInput { + s.AddOperatingRegions = v + return s +} + +// SetDescription sets the Description field's value. +func (s *ModifyIpamResourceDiscoveryInput) SetDescription(v string) *ModifyIpamResourceDiscoveryInput { + s.Description = &v + return s +} + +// SetDryRun sets the DryRun field's value. +func (s *ModifyIpamResourceDiscoveryInput) SetDryRun(v bool) *ModifyIpamResourceDiscoveryInput { + s.DryRun = &v + return s +} + +// SetIpamResourceDiscoveryId sets the IpamResourceDiscoveryId field's value. +func (s *ModifyIpamResourceDiscoveryInput) SetIpamResourceDiscoveryId(v string) *ModifyIpamResourceDiscoveryInput { + s.IpamResourceDiscoveryId = &v + return s +} + +// SetRemoveOperatingRegions sets the RemoveOperatingRegions field's value. +func (s *ModifyIpamResourceDiscoveryInput) SetRemoveOperatingRegions(v []*RemoveIpamOperatingRegion) *ModifyIpamResourceDiscoveryInput { + s.RemoveOperatingRegions = v + return s +} + +type ModifyIpamResourceDiscoveryOutput struct { + _ struct{} `type:"structure"` + + // A resource discovery. + IpamResourceDiscovery *IpamResourceDiscovery `locationName:"ipamResourceDiscovery" type:"structure"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ModifyIpamResourceDiscoveryOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ModifyIpamResourceDiscoveryOutput) GoString() string { + return s.String() +} + +// SetIpamResourceDiscovery sets the IpamResourceDiscovery field's value. +func (s *ModifyIpamResourceDiscoveryOutput) SetIpamResourceDiscovery(v *IpamResourceDiscovery) *ModifyIpamResourceDiscoveryOutput { + s.IpamResourceDiscovery = v + return s +} + type ModifyIpamScopeInput struct { _ struct{} `type:"structure"` @@ -138748,9 +150933,12 @@ type ModifyLocalGatewayRouteInput struct { // The CIDR block used for destination matches. The value that you provide must // match the CIDR of an existing route in the table. - // - // DestinationCidrBlock is a required field - DestinationCidrBlock *string `type:"string" required:"true"` + DestinationCidrBlock *string `type:"string"` + + // The ID of the prefix list. Use a prefix list in place of DestinationCidrBlock. + // You cannot use DestinationPrefixListId and DestinationCidrBlock in the same + // request. + DestinationPrefixListId *string `type:"string"` // Checks whether you have the required permissions for the action, without // actually making the request, and provides an error response. If you have @@ -138791,9 +150979,6 @@ func (s ModifyLocalGatewayRouteInput) GoString() string { // Validate inspects the fields of the type to determine if they are valid. func (s *ModifyLocalGatewayRouteInput) Validate() error { invalidParams := request.ErrInvalidParams{Context: "ModifyLocalGatewayRouteInput"} - if s.DestinationCidrBlock == nil { - invalidParams.Add(request.NewErrParamRequired("DestinationCidrBlock")) - } if s.LocalGatewayRouteTableId == nil { invalidParams.Add(request.NewErrParamRequired("LocalGatewayRouteTableId")) } @@ -138810,6 +150995,12 @@ func (s *ModifyLocalGatewayRouteInput) SetDestinationCidrBlock(v string) *Modify return s } +// SetDestinationPrefixListId sets the DestinationPrefixListId field's value. +func (s *ModifyLocalGatewayRouteInput) SetDestinationPrefixListId(v string) *ModifyLocalGatewayRouteInput { + s.DestinationPrefixListId = &v + return s +} + // SetDryRun sets the DryRun field's value. func (s *ModifyLocalGatewayRouteInput) SetDryRun(v bool) *ModifyLocalGatewayRouteInput { s.DryRun = &v @@ -139033,6 +151224,9 @@ type ModifyNetworkInterfaceAttributeInput struct { // attribute, you must specify the ID of the interface attachment. Attachment *NetworkInterfaceAttachmentChanges `locationName:"attachment" type:"structure"` + // A connection tracking specification. + ConnectionTrackingSpecification *ConnectionTrackingSpecificationRequest `type:"structure"` + // A description for the network interface. Description *AttributeValue `locationName:"description" type:"structure"` @@ -139046,6 +151240,21 @@ type ModifyNetworkInterfaceAttributeInput struct { // attached to the instance. EnaSrdSpecification *EnaSrdSpecification `type:"structure"` + // If you’re modifying a network interface in a dual-stack or IPv6-only subnet, + // you have the option to assign a primary IPv6 IP address. A primary IPv6 address + // is an IPv6 GUA address associated with an ENI that you have enabled to use + // a primary IPv6 address. Use this option if the instance that this ENI will + // be attached to relies on its IPv6 address not changing. Amazon Web Services + // will automatically assign an IPv6 address associated with the ENI attached + // to your instance to be the primary IPv6 address. Once you enable an IPv6 + // GUA address to be a primary IPv6, you cannot disable it. When you enable + // an IPv6 GUA address to be a primary IPv6, the first IPv6 GUA will be made + // the primary IPv6 address until the instance is terminated or the network + // interface is detached. If you have multiple IPv6 addresses associated with + // an ENI attached to your instance and you enable a primary IPv6 address, the + // first IPv6 GUA address associated with the ENI becomes the primary IPv6 address. + EnablePrimaryIpv6 *bool `type:"boolean"` + // Changes the security groups for the network interface. The new set of groups // you specify replaces the current set. You must specify at least one group, // even if it's just the default security group in the VPC. You must specify @@ -139103,6 +151312,12 @@ func (s *ModifyNetworkInterfaceAttributeInput) SetAttachment(v *NetworkInterface return s } +// SetConnectionTrackingSpecification sets the ConnectionTrackingSpecification field's value. +func (s *ModifyNetworkInterfaceAttributeInput) SetConnectionTrackingSpecification(v *ConnectionTrackingSpecificationRequest) *ModifyNetworkInterfaceAttributeInput { + s.ConnectionTrackingSpecification = v + return s +} + // SetDescription sets the Description field's value. func (s *ModifyNetworkInterfaceAttributeInput) SetDescription(v *AttributeValue) *ModifyNetworkInterfaceAttributeInput { s.Description = v @@ -139121,6 +151336,12 @@ func (s *ModifyNetworkInterfaceAttributeInput) SetEnaSrdSpecification(v *EnaSrdS return s } +// SetEnablePrimaryIpv6 sets the EnablePrimaryIpv6 field's value. +func (s *ModifyNetworkInterfaceAttributeInput) SetEnablePrimaryIpv6(v bool) *ModifyNetworkInterfaceAttributeInput { + s.EnablePrimaryIpv6 = &v + return s +} + // SetGroups sets the Groups field's value. func (s *ModifyNetworkInterfaceAttributeInput) SetGroups(v []*string) *ModifyNetworkInterfaceAttributeInput { s.Groups = v @@ -139179,7 +151400,9 @@ type ModifyPrivateDnsNameOptionsInput struct { EnableResourceNameDnsARecord *bool `type:"boolean"` // The ID of the instance. - InstanceId *string `type:"string"` + // + // InstanceId is a required field + InstanceId *string `type:"string" required:"true"` // The type of hostname for EC2 instances. For IPv4 only subnets, an instance // DNS name must be based on the instance IPv4 address. For IPv6 only subnets, @@ -139207,6 +151430,19 @@ func (s ModifyPrivateDnsNameOptionsInput) GoString() string { return s.String() } +// Validate inspects the fields of the type to determine if they are valid. +func (s *ModifyPrivateDnsNameOptionsInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "ModifyPrivateDnsNameOptionsInput"} + if s.InstanceId == nil { + invalidParams.Add(request.NewErrParamRequired("InstanceId")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + // SetDryRun sets the DryRun field's value. func (s *ModifyPrivateDnsNameOptionsInput) SetDryRun(v bool) *ModifyPrivateDnsNameOptionsInput { s.DryRun = &v @@ -139418,6 +151654,16 @@ func (s *ModifySecurityGroupRulesInput) Validate() error { if s.SecurityGroupRules == nil { invalidParams.Add(request.NewErrParamRequired("SecurityGroupRules")) } + if s.SecurityGroupRules != nil { + for i, v := range s.SecurityGroupRules { + if v == nil { + continue + } + if err := v.Validate(); err != nil { + invalidParams.AddNested(fmt.Sprintf("%s[%v]", "SecurityGroupRules", i), err.(request.ErrInvalidParams)) + } + } + } if invalidParams.Len() > 0 { return invalidParams @@ -139714,9 +151960,11 @@ type ModifySpotFleetRequestInput struct { // Reserved. Context *string `type:"string"` - // Indicates whether running Spot Instances should be terminated if the target - // capacity of the Spot Fleet request is decreased below the current size of - // the Spot Fleet. + // Indicates whether running instances should be terminated if the target capacity + // of the Spot Fleet request is decreased below the current size of the Spot + // Fleet. + // + // Supported only for fleets of type maintain. ExcessCapacityTerminationPolicy *string `locationName:"excessCapacityTerminationPolicy" type:"string" enum:"ExcessCapacityTerminationPolicy"` // The launch template and overrides. You can only use this parameter if you @@ -139896,6 +152144,11 @@ type ModifySubnetAttributeInput struct { // Specify true to indicate that network interfaces attached to instances created // in the specified subnet should be assigned a public IPv4 address. + // + // Amazon Web Services charges for all public IPv4 addresses, including public + // IPv4 addresses associated with running instances and Elastic IP addresses. + // For more information, see the Public IPv4 Address tab on the Amazon VPC pricing + // page (http://aws.amazon.com/vpc/pricing/). MapPublicIpOnLaunch *AttributeBooleanValue `type:"structure"` // The type of hostname to assign to instances in the subnet at launch. For @@ -140338,6 +152591,10 @@ type ModifyTrafficMirrorSessionInput struct { // For example, if you set this value to 100, then the first 100 bytes that // meet the filter criteria are copied to the target. Do not specify this parameter // when you want to mirror the entire packet. + // + // For sessions with Network Load Balancer (NLB) traffic mirror targets, the + // default PacketLength will be set to 8500. Valid values are 1-8500. Setting + // a PacketLength greater than 8500 will result in an error response. PacketLength *int64 `type:"integer"` // The properties that you want to remove from the Traffic Mirror session. @@ -140601,6 +152858,18 @@ type ModifyTransitGatewayOptions struct { // Removes CIDR blocks for the transit gateway. RemoveTransitGatewayCidrBlocks []*string `locationNameList:"item" type:"list"` + // + // This parameter is in preview and may not be available for your account. + // + // Enables you to reference a security group across VPCs attached to a transit + // gateway. Use this option to simplify security group management and control + // of instance-to-instance traffic across VPCs that are connected by transit + // gateway. You can also use this option to migrate from VPC peering (which + // was the only option that supported security group referencing) to transit + // gateways (which now also support security group referencing). This option + // is disabled by default and there are no additional costs to use this feature. + SecurityGroupReferencingSupport *string `type:"string" enum:"SecurityGroupReferencingSupportValue"` + // Enable or disable Equal Cost Multipath Protocol support. VpnEcmpSupport *string `type:"string" enum:"VpnEcmpSupportValue"` } @@ -140677,6 +152946,12 @@ func (s *ModifyTransitGatewayOptions) SetRemoveTransitGatewayCidrBlocks(v []*str return s } +// SetSecurityGroupReferencingSupport sets the SecurityGroupReferencingSupport field's value. +func (s *ModifyTransitGatewayOptions) SetSecurityGroupReferencingSupport(v string) *ModifyTransitGatewayOptions { + s.SecurityGroupReferencingSupport = &v + return s +} + // SetVpnEcmpSupport sets the VpnEcmpSupport field's value. func (s *ModifyTransitGatewayOptions) SetVpnEcmpSupport(v string) *ModifyTransitGatewayOptions { s.VpnEcmpSupport = &v @@ -140966,6 +153241,18 @@ type ModifyTransitGatewayVpcAttachmentRequestOptions struct { // Enable or disable IPv6 support. The default is enable. Ipv6Support *string `type:"string" enum:"Ipv6SupportValue"` + + // + // This parameter is in preview and may not be available for your account. + // + // Enables you to reference a security group across VPCs attached to a transit + // gateway. Use this option to simplify security group management and control + // of instance-to-instance traffic across VPCs that are connected by transit + // gateway. You can also use this option to migrate from VPC peering (which + // was the only option that supported security group referencing) to transit + // gateways (which now also support security group referencing). This option + // is disabled by default and there are no additional costs to use this feature. + SecurityGroupReferencingSupport *string `type:"string" enum:"SecurityGroupReferencingSupportValue"` } // String returns the string representation. @@ -141004,7 +153291,14 @@ func (s *ModifyTransitGatewayVpcAttachmentRequestOptions) SetIpv6Support(v strin return s } -// Options for a network-interface type Verified Access endpoint. +// SetSecurityGroupReferencingSupport sets the SecurityGroupReferencingSupport field's value. +func (s *ModifyTransitGatewayVpcAttachmentRequestOptions) SetSecurityGroupReferencingSupport(v string) *ModifyTransitGatewayVpcAttachmentRequestOptions { + s.SecurityGroupReferencingSupport = &v + return s +} + +// Describes the options when modifying a Verified Access endpoint with the +// network-interface type. type ModifyVerifiedAccessEndpointEniOptions struct { _ struct{} `type:"structure"` @@ -141066,7 +153360,7 @@ type ModifyVerifiedAccessEndpointInput struct { // (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html). ClientToken *string `type:"string" idempotencyToken:"true"` - // A description for the Amazon Web Services Verified Access endpoint. + // A description for the Verified Access endpoint. Description *string `type:"string"` // Checks whether you have the required permissions for the action, without @@ -141075,19 +153369,18 @@ type ModifyVerifiedAccessEndpointInput struct { // it is UnauthorizedOperation. DryRun *bool `type:"boolean"` - // The load balancer details if creating the Amazon Web Services Verified Access - // endpoint as load-balancertype. + // The load balancer details if creating the Verified Access endpoint as load-balancertype. LoadBalancerOptions *ModifyVerifiedAccessEndpointLoadBalancerOptions `type:"structure"` // The network interface options. NetworkInterfaceOptions *ModifyVerifiedAccessEndpointEniOptions `type:"structure"` - // The ID of the Amazon Web Services Verified Access endpoint. + // The ID of the Verified Access endpoint. // // VerifiedAccessEndpointId is a required field VerifiedAccessEndpointId *string `type:"string" required:"true"` - // The ID of the Amazon Web Services Verified Access group. + // The ID of the Verified Access group. VerifiedAccessGroupId *string `type:"string"` } @@ -141241,7 +153534,7 @@ func (s *ModifyVerifiedAccessEndpointLoadBalancerOptions) SetSubnetIds(v []*stri type ModifyVerifiedAccessEndpointOutput struct { _ struct{} `type:"structure"` - // The Amazon Web Services Verified Access endpoint details. + // Details about the Verified Access endpoint. VerifiedAccessEndpoint *VerifiedAccessEndpoint `locationName:"verifiedAccessEndpoint" type:"structure"` } @@ -141283,15 +153576,16 @@ type ModifyVerifiedAccessEndpointPolicyInput struct { // it is UnauthorizedOperation. DryRun *bool `type:"boolean"` - // The Amazon Web Services Verified Access policy document. + // The Verified Access policy document. PolicyDocument *string `type:"string"` // The status of the Verified Access policy. - // - // PolicyEnabled is a required field - PolicyEnabled *bool `type:"boolean" required:"true"` + PolicyEnabled *bool `type:"boolean"` - // The ID of the Amazon Web Services Verified Access endpoint. + // The options for server side encryption. + SseSpecification *VerifiedAccessSseSpecificationRequest `type:"structure"` + + // The ID of the Verified Access endpoint. // // VerifiedAccessEndpointId is a required field VerifiedAccessEndpointId *string `type:"string" required:"true"` @@ -141318,9 +153612,6 @@ func (s ModifyVerifiedAccessEndpointPolicyInput) GoString() string { // Validate inspects the fields of the type to determine if they are valid. func (s *ModifyVerifiedAccessEndpointPolicyInput) Validate() error { invalidParams := request.ErrInvalidParams{Context: "ModifyVerifiedAccessEndpointPolicyInput"} - if s.PolicyEnabled == nil { - invalidParams.Add(request.NewErrParamRequired("PolicyEnabled")) - } if s.VerifiedAccessEndpointId == nil { invalidParams.Add(request.NewErrParamRequired("VerifiedAccessEndpointId")) } @@ -141355,6 +153646,12 @@ func (s *ModifyVerifiedAccessEndpointPolicyInput) SetPolicyEnabled(v bool) *Modi return s } +// SetSseSpecification sets the SseSpecification field's value. +func (s *ModifyVerifiedAccessEndpointPolicyInput) SetSseSpecification(v *VerifiedAccessSseSpecificationRequest) *ModifyVerifiedAccessEndpointPolicyInput { + s.SseSpecification = v + return s +} + // SetVerifiedAccessEndpointId sets the VerifiedAccessEndpointId field's value. func (s *ModifyVerifiedAccessEndpointPolicyInput) SetVerifiedAccessEndpointId(v string) *ModifyVerifiedAccessEndpointPolicyInput { s.VerifiedAccessEndpointId = &v @@ -141364,11 +153661,14 @@ func (s *ModifyVerifiedAccessEndpointPolicyInput) SetVerifiedAccessEndpointId(v type ModifyVerifiedAccessEndpointPolicyOutput struct { _ struct{} `type:"structure"` - // The Amazon Web Services Verified Access policy document. + // The Verified Access policy document. PolicyDocument *string `locationName:"policyDocument" type:"string"` // The status of the Verified Access policy. PolicyEnabled *bool `locationName:"policyEnabled" type:"boolean"` + + // The options in use for server side encryption. + SseSpecification *VerifiedAccessSseSpecificationResponse `locationName:"sseSpecification" type:"structure"` } // String returns the string representation. @@ -141401,6 +153701,12 @@ func (s *ModifyVerifiedAccessEndpointPolicyOutput) SetPolicyEnabled(v bool) *Mod return s } +// SetSseSpecification sets the SseSpecification field's value. +func (s *ModifyVerifiedAccessEndpointPolicyOutput) SetSseSpecification(v *VerifiedAccessSseSpecificationResponse) *ModifyVerifiedAccessEndpointPolicyOutput { + s.SseSpecification = v + return s +} + type ModifyVerifiedAccessGroupInput struct { _ struct{} `type:"structure"` @@ -141409,7 +153715,7 @@ type ModifyVerifiedAccessGroupInput struct { // (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html). ClientToken *string `type:"string" idempotencyToken:"true"` - // A description for the Amazon Web Services Verified Access group. + // A description for the Verified Access group. Description *string `type:"string"` // Checks whether you have the required permissions for the action, without @@ -141418,12 +153724,12 @@ type ModifyVerifiedAccessGroupInput struct { // it is UnauthorizedOperation. DryRun *bool `type:"boolean"` - // The ID of the Amazon Web Services Verified Access group. + // The ID of the Verified Access group. // // VerifiedAccessGroupId is a required field VerifiedAccessGroupId *string `type:"string" required:"true"` - // The ID of the Amazon Web Services Verified Access instance. + // The ID of the Verified Access instance. VerifiedAccessInstanceId *string `type:"string"` } @@ -141491,7 +153797,7 @@ func (s *ModifyVerifiedAccessGroupInput) SetVerifiedAccessInstanceId(v string) * type ModifyVerifiedAccessGroupOutput struct { _ struct{} `type:"structure"` - // Details of Amazon Web Services Verified Access group. + // Details about the Verified Access group. VerifiedAccessGroup *VerifiedAccessGroup `locationName:"verifiedAccessGroup" type:"structure"` } @@ -141533,15 +153839,16 @@ type ModifyVerifiedAccessGroupPolicyInput struct { // it is UnauthorizedOperation. DryRun *bool `type:"boolean"` - // The Amazon Web Services Verified Access policy document. + // The Verified Access policy document. PolicyDocument *string `type:"string"` // The status of the Verified Access policy. - // - // PolicyEnabled is a required field - PolicyEnabled *bool `type:"boolean" required:"true"` + PolicyEnabled *bool `type:"boolean"` - // The ID of the Amazon Web Services Verified Access group. + // The options for server side encryption. + SseSpecification *VerifiedAccessSseSpecificationRequest `type:"structure"` + + // The ID of the Verified Access group. // // VerifiedAccessGroupId is a required field VerifiedAccessGroupId *string `type:"string" required:"true"` @@ -141568,9 +153875,6 @@ func (s ModifyVerifiedAccessGroupPolicyInput) GoString() string { // Validate inspects the fields of the type to determine if they are valid. func (s *ModifyVerifiedAccessGroupPolicyInput) Validate() error { invalidParams := request.ErrInvalidParams{Context: "ModifyVerifiedAccessGroupPolicyInput"} - if s.PolicyEnabled == nil { - invalidParams.Add(request.NewErrParamRequired("PolicyEnabled")) - } if s.VerifiedAccessGroupId == nil { invalidParams.Add(request.NewErrParamRequired("VerifiedAccessGroupId")) } @@ -141605,6 +153909,12 @@ func (s *ModifyVerifiedAccessGroupPolicyInput) SetPolicyEnabled(v bool) *ModifyV return s } +// SetSseSpecification sets the SseSpecification field's value. +func (s *ModifyVerifiedAccessGroupPolicyInput) SetSseSpecification(v *VerifiedAccessSseSpecificationRequest) *ModifyVerifiedAccessGroupPolicyInput { + s.SseSpecification = v + return s +} + // SetVerifiedAccessGroupId sets the VerifiedAccessGroupId field's value. func (s *ModifyVerifiedAccessGroupPolicyInput) SetVerifiedAccessGroupId(v string) *ModifyVerifiedAccessGroupPolicyInput { s.VerifiedAccessGroupId = &v @@ -141614,11 +153924,14 @@ func (s *ModifyVerifiedAccessGroupPolicyInput) SetVerifiedAccessGroupId(v string type ModifyVerifiedAccessGroupPolicyOutput struct { _ struct{} `type:"structure"` - // The Amazon Web Services Verified Access policy document. + // The Verified Access policy document. PolicyDocument *string `locationName:"policyDocument" type:"string"` // The status of the Verified Access policy. PolicyEnabled *bool `locationName:"policyEnabled" type:"boolean"` + + // The options in use for server side encryption. + SseSpecification *VerifiedAccessSseSpecificationResponse `locationName:"sseSpecification" type:"structure"` } // String returns the string representation. @@ -141651,6 +153964,12 @@ func (s *ModifyVerifiedAccessGroupPolicyOutput) SetPolicyEnabled(v bool) *Modify return s } +// SetSseSpecification sets the SseSpecification field's value. +func (s *ModifyVerifiedAccessGroupPolicyOutput) SetSseSpecification(v *VerifiedAccessSseSpecificationResponse) *ModifyVerifiedAccessGroupPolicyOutput { + s.SseSpecification = v + return s +} + type ModifyVerifiedAccessInstanceInput struct { _ struct{} `type:"structure"` @@ -141659,7 +153978,7 @@ type ModifyVerifiedAccessInstanceInput struct { // (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html). ClientToken *string `type:"string" idempotencyToken:"true"` - // A description for the Amazon Web Services Verified Access instance. + // A description for the Verified Access instance. Description *string `type:"string"` // Checks whether you have the required permissions for the action, without @@ -141668,7 +153987,7 @@ type ModifyVerifiedAccessInstanceInput struct { // it is UnauthorizedOperation. DryRun *bool `type:"boolean"` - // The ID of the Amazon Web Services Verified Access instance. + // The ID of the Verified Access instance. // // VerifiedAccessInstanceId is a required field VerifiedAccessInstanceId *string `type:"string" required:"true"` @@ -141732,7 +154051,7 @@ func (s *ModifyVerifiedAccessInstanceInput) SetVerifiedAccessInstanceId(v string type ModifyVerifiedAccessInstanceLoggingConfigurationInput struct { _ struct{} `type:"structure"` - // The configuration options for Amazon Web Services Verified Access instances. + // The configuration options for Verified Access instances. // // AccessLogs is a required field AccessLogs *VerifiedAccessLogOptions `type:"structure" required:"true"` @@ -141748,7 +154067,7 @@ type ModifyVerifiedAccessInstanceLoggingConfigurationInput struct { // it is UnauthorizedOperation. DryRun *bool `type:"boolean"` - // The ID of the Amazon Web Services Verified Access instance. + // The ID of the Verified Access instance. // // VerifiedAccessInstanceId is a required field VerifiedAccessInstanceId *string `type:"string" required:"true"` @@ -141820,7 +154139,7 @@ func (s *ModifyVerifiedAccessInstanceLoggingConfigurationInput) SetVerifiedAcces type ModifyVerifiedAccessInstanceLoggingConfigurationOutput struct { _ struct{} `type:"structure"` - // The logging configuration for Amazon Web Services Verified Access instance. + // The logging configuration for the Verified Access instance. LoggingConfiguration *VerifiedAccessInstanceLoggingConfiguration `locationName:"loggingConfiguration" type:"structure"` } @@ -141851,7 +154170,7 @@ func (s *ModifyVerifiedAccessInstanceLoggingConfigurationOutput) SetLoggingConfi type ModifyVerifiedAccessInstanceOutput struct { _ struct{} `type:"structure"` - // The ID of the Amazon Web Services Verified Access instance. + // Details about the Verified Access instance. VerifiedAccessInstance *VerifiedAccessInstance `locationName:"verifiedAccessInstance" type:"structure"` } @@ -141879,6 +154198,40 @@ func (s *ModifyVerifiedAccessInstanceOutput) SetVerifiedAccessInstance(v *Verifi return s } +// Modifies the configuration of the specified device-based Amazon Web Services +// Verified Access trust provider. +type ModifyVerifiedAccessTrustProviderDeviceOptions struct { + _ struct{} `type:"structure"` + + // The URL Amazon Web Services Verified Access will use to verify the authenticity + // of the device tokens. + PublicSigningKeyUrl *string `type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ModifyVerifiedAccessTrustProviderDeviceOptions) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ModifyVerifiedAccessTrustProviderDeviceOptions) GoString() string { + return s.String() +} + +// SetPublicSigningKeyUrl sets the PublicSigningKeyUrl field's value. +func (s *ModifyVerifiedAccessTrustProviderDeviceOptions) SetPublicSigningKeyUrl(v string) *ModifyVerifiedAccessTrustProviderDeviceOptions { + s.PublicSigningKeyUrl = &v + return s +} + type ModifyVerifiedAccessTrustProviderInput struct { _ struct{} `type:"structure"` @@ -141887,19 +154240,26 @@ type ModifyVerifiedAccessTrustProviderInput struct { // (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html). ClientToken *string `type:"string" idempotencyToken:"true"` - // A description for the Amazon Web Services Verified Access trust provider. + // A description for the Verified Access trust provider. Description *string `type:"string"` + // The options for a device-based trust provider. This parameter is required + // when the provider type is device. + DeviceOptions *ModifyVerifiedAccessTrustProviderDeviceOptions `type:"structure"` + // Checks whether you have the required permissions for the action, without // actually making the request, and provides an error response. If you have // the required permissions, the error response is DryRunOperation. Otherwise, // it is UnauthorizedOperation. DryRun *bool `type:"boolean"` - // The OpenID Connect details for an oidc-type, user-identity based trust provider. + // The options for an OpenID Connect-compatible user-identity trust provider. OidcOptions *ModifyVerifiedAccessTrustProviderOidcOptions `type:"structure"` - // The ID of the Amazon Web Services Verified Access trust provider. + // The options for server side encryption. + SseSpecification *VerifiedAccessSseSpecificationRequest `type:"structure"` + + // The ID of the Verified Access trust provider. // // VerifiedAccessTrustProviderId is a required field VerifiedAccessTrustProviderId *string `type:"string" required:"true"` @@ -141948,6 +154308,12 @@ func (s *ModifyVerifiedAccessTrustProviderInput) SetDescription(v string) *Modif return s } +// SetDeviceOptions sets the DeviceOptions field's value. +func (s *ModifyVerifiedAccessTrustProviderInput) SetDeviceOptions(v *ModifyVerifiedAccessTrustProviderDeviceOptions) *ModifyVerifiedAccessTrustProviderInput { + s.DeviceOptions = v + return s +} + // SetDryRun sets the DryRun field's value. func (s *ModifyVerifiedAccessTrustProviderInput) SetDryRun(v bool) *ModifyVerifiedAccessTrustProviderInput { s.DryRun = &v @@ -141960,20 +154326,48 @@ func (s *ModifyVerifiedAccessTrustProviderInput) SetOidcOptions(v *ModifyVerifie return s } +// SetSseSpecification sets the SseSpecification field's value. +func (s *ModifyVerifiedAccessTrustProviderInput) SetSseSpecification(v *VerifiedAccessSseSpecificationRequest) *ModifyVerifiedAccessTrustProviderInput { + s.SseSpecification = v + return s +} + // SetVerifiedAccessTrustProviderId sets the VerifiedAccessTrustProviderId field's value. func (s *ModifyVerifiedAccessTrustProviderInput) SetVerifiedAccessTrustProviderId(v string) *ModifyVerifiedAccessTrustProviderInput { s.VerifiedAccessTrustProviderId = &v return s } -// OpenID Connect options for an oidc-type, user-identity based trust provider. +// Options for an OpenID Connect-compatible user-identity trust provider. type ModifyVerifiedAccessTrustProviderOidcOptions struct { _ struct{} `type:"structure"` + // The OIDC authorization endpoint. + AuthorizationEndpoint *string `type:"string"` + + // The client identifier. + ClientId *string `type:"string"` + + // The client secret. + // + // ClientSecret is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by ModifyVerifiedAccessTrustProviderOidcOptions's + // String and GoString methods. + ClientSecret *string `type:"string" sensitive:"true"` + + // The OIDC issuer. + Issuer *string `type:"string"` + // OpenID Connect (OIDC) scopes are used by an application during authentication // to authorize access to a user's details. Each scope returns a specific set // of user attributes. Scope *string `type:"string"` + + // The OIDC token endpoint. + TokenEndpoint *string `type:"string"` + + // The OIDC user info endpoint. + UserInfoEndpoint *string `type:"string"` } // String returns the string representation. @@ -141994,16 +154388,52 @@ func (s ModifyVerifiedAccessTrustProviderOidcOptions) GoString() string { return s.String() } +// SetAuthorizationEndpoint sets the AuthorizationEndpoint field's value. +func (s *ModifyVerifiedAccessTrustProviderOidcOptions) SetAuthorizationEndpoint(v string) *ModifyVerifiedAccessTrustProviderOidcOptions { + s.AuthorizationEndpoint = &v + return s +} + +// SetClientId sets the ClientId field's value. +func (s *ModifyVerifiedAccessTrustProviderOidcOptions) SetClientId(v string) *ModifyVerifiedAccessTrustProviderOidcOptions { + s.ClientId = &v + return s +} + +// SetClientSecret sets the ClientSecret field's value. +func (s *ModifyVerifiedAccessTrustProviderOidcOptions) SetClientSecret(v string) *ModifyVerifiedAccessTrustProviderOidcOptions { + s.ClientSecret = &v + return s +} + +// SetIssuer sets the Issuer field's value. +func (s *ModifyVerifiedAccessTrustProviderOidcOptions) SetIssuer(v string) *ModifyVerifiedAccessTrustProviderOidcOptions { + s.Issuer = &v + return s +} + // SetScope sets the Scope field's value. func (s *ModifyVerifiedAccessTrustProviderOidcOptions) SetScope(v string) *ModifyVerifiedAccessTrustProviderOidcOptions { s.Scope = &v return s } +// SetTokenEndpoint sets the TokenEndpoint field's value. +func (s *ModifyVerifiedAccessTrustProviderOidcOptions) SetTokenEndpoint(v string) *ModifyVerifiedAccessTrustProviderOidcOptions { + s.TokenEndpoint = &v + return s +} + +// SetUserInfoEndpoint sets the UserInfoEndpoint field's value. +func (s *ModifyVerifiedAccessTrustProviderOidcOptions) SetUserInfoEndpoint(v string) *ModifyVerifiedAccessTrustProviderOidcOptions { + s.UserInfoEndpoint = &v + return s +} + type ModifyVerifiedAccessTrustProviderOutput struct { _ struct{} `type:"structure"` - // The ID of the Amazon Web Services Verified Access trust provider. + // Details about the Verified Access trust provider. VerifiedAccessTrustProvider *VerifiedAccessTrustProvider `locationName:"verifiedAccessTrustProvider" type:"structure"` } @@ -142134,11 +154564,15 @@ type ModifyVolumeInput struct { // // The following are the supported values for each volume type: // - // * gp3: 3,000-16,000 IOPS + // * gp3: 3,000 - 16,000 IOPS // - // * io1: 100-64,000 IOPS + // * io1: 100 - 64,000 IOPS // - // * io2: 100-64,000 IOPS + // * io2: 100 - 256,000 IOPS + // + // For io2 volumes, you can achieve up to 256,000 IOPS on instances built on + // the Nitro System (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html#ec2-nitro-instances). + // On other instances, you can achieve performance up to 32,000 IOPS. // // Default: The existing value is retained if you keep the same volume type. // If you change the volume type to io1, io2, or gp3, the default is 3,000. @@ -142147,8 +154581,8 @@ type ModifyVolumeInput struct { // Specifies whether to enable Amazon EBS Multi-Attach. If you enable Multi-Attach, // you can attach the volume to up to 16 Nitro-based instances (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html#ec2-nitro-instances) // in the same Availability Zone. This parameter is supported with io1 and io2 - // volumes only. For more information, see Amazon EBS Multi-Attach (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-volumes-multi.html) - // in the Amazon Elastic Compute Cloud User Guide. + // volumes only. For more information, see Amazon EBS Multi-Attach (https://docs.aws.amazon.com/ebs/latest/userguide/ebs-volumes-multi.html) + // in the Amazon EBS User Guide. MultiAttachEnabled *bool `type:"boolean"` // The target size of the volume, in GiB. The target volume size must be greater @@ -142156,13 +154590,15 @@ type ModifyVolumeInput struct { // // The following are the supported volumes sizes for each volume type: // - // * gp2 and gp3: 1-16,384 + // * gp2 and gp3: 1 - 16,384 GiB + // + // * io1: 4 - 16,384 GiB // - // * io1 and io2: 4-16,384 + // * io2: 4 - 65,536 GiB // - // * st1 and sc1: 125-16,384 + // * st1 and sc1: 125 - 16,384 GiB // - // * standard: 1-1,024 + // * standard: 1 - 1024 GiB // // Default: The existing size is retained. Size *int64 `type:"integer"` @@ -142182,8 +154618,8 @@ type ModifyVolumeInput struct { VolumeId *string `type:"string" required:"true"` // The target EBS volume type of the volume. For more information, see Amazon - // EBS volume types (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html) - // in the Amazon Elastic Compute Cloud User Guide. + // EBS volume types (https://docs.aws.amazon.com/ebs/latest/userguide/ebs-volume-types.html) + // in the Amazon EBS User Guide. // // Default: The existing type is retained. VolumeType *string `type:"string" enum:"VolumeType"` @@ -142403,8 +154839,8 @@ func (s ModifyVpcAttributeOutput) GoString() string { type ModifyVpcEndpointConnectionNotificationInput struct { _ struct{} `type:"structure"` - // One or more events for the endpoint. Valid values are Accept, Connect, Delete, - // and Reject. + // The events for the endpoint. Valid values are Accept, Connect, Delete, and + // Reject. ConnectionEvents []*string `locationNameList:"item" type:"list"` // The ARN for the SNS topic for the notification. @@ -142508,18 +154944,17 @@ func (s *ModifyVpcEndpointConnectionNotificationOutput) SetReturnValue(v bool) * return s } -// Contains the parameters for ModifyVpcEndpoint. type ModifyVpcEndpointInput struct { _ struct{} `type:"structure"` - // (Gateway endpoint) One or more route tables IDs to associate with the endpoint. + // (Gateway endpoint) The IDs of the route tables to associate with the endpoint. AddRouteTableIds []*string `locationName:"AddRouteTableId" locationNameList:"item" type:"list"` - // (Interface endpoint) One or more security group IDs to associate with the - // network interface. + // (Interface endpoint) The IDs of the security groups to associate with the + // endpoint network interfaces. AddSecurityGroupIds []*string `locationName:"AddSecurityGroupId" locationNameList:"item" type:"list"` - // (Interface and Gateway Load Balancer endpoints) One or more subnet IDs in + // (Interface and Gateway Load Balancer endpoints) The IDs of the subnets in // which to serve the endpoint. For a Gateway Load Balancer endpoint, you can // specify only one subnet. AddSubnetIds []*string `locationName:"AddSubnetId" locationNameList:"item" type:"list"` @@ -142544,20 +154979,23 @@ type ModifyVpcEndpointInput struct { // with the VPC. PrivateDnsEnabled *bool `type:"boolean"` - // (Gateway endpoint) One or more route table IDs to disassociate from the endpoint. + // (Gateway endpoint) The IDs of the route tables to disassociate from the endpoint. RemoveRouteTableIds []*string `locationName:"RemoveRouteTableId" locationNameList:"item" type:"list"` - // (Interface endpoint) One or more security group IDs to disassociate from - // the network interface. + // (Interface endpoint) The IDs of the security groups to disassociate from + // the endpoint network interfaces. RemoveSecurityGroupIds []*string `locationName:"RemoveSecurityGroupId" locationNameList:"item" type:"list"` - // (Interface endpoint) One or more subnets IDs in which to remove the endpoint. + // (Interface endpoint) The IDs of the subnets from which to remove the endpoint. RemoveSubnetIds []*string `locationName:"RemoveSubnetId" locationNameList:"item" type:"list"` // (Gateway endpoint) Specify true to reset the policy document to the default // policy. The default policy allows full access to the service. ResetPolicy *bool `type:"boolean"` + // The subnet configurations for the endpoint. + SubnetConfigurations []*SubnetConfiguration `locationName:"SubnetConfiguration" locationNameList:"item" type:"list"` + // The ID of the endpoint. // // VpcEndpointId is a required field @@ -142667,6 +155105,12 @@ func (s *ModifyVpcEndpointInput) SetResetPolicy(v bool) *ModifyVpcEndpointInput return s } +// SetSubnetConfigurations sets the SubnetConfigurations field's value. +func (s *ModifyVpcEndpointInput) SetSubnetConfigurations(v []*SubnetConfiguration) *ModifyVpcEndpointInput { + s.SubnetConfigurations = v + return s +} + // SetVpcEndpointId sets the VpcEndpointId field's value. func (s *ModifyVpcEndpointInput) SetVpcEndpointId(v string) *ModifyVpcEndpointInput { s.VpcEndpointId = &v @@ -142989,9 +155433,9 @@ func (s *ModifyVpcEndpointServicePayerResponsibilityOutput) SetReturnValue(v boo type ModifyVpcEndpointServicePermissionsInput struct { _ struct{} `type:"structure"` - // The Amazon Resource Names (ARN) of one or more principals. Permissions are - // granted to the principals in this list. To grant permissions to all principals, - // specify an asterisk (*). + // The Amazon Resource Names (ARN) of the principals. Permissions are granted + // to the principals in this list. To grant permissions to all principals, specify + // an asterisk (*). AddAllowedPrincipals []*string `locationNameList:"item" type:"list"` // Checks whether you have the required permissions for the action, without @@ -143000,8 +155444,8 @@ type ModifyVpcEndpointServicePermissionsInput struct { // it is UnauthorizedOperation. DryRun *bool `type:"boolean"` - // The Amazon Resource Names (ARN) of one or more principals. Permissions are - // revoked for principals in this list. + // The Amazon Resource Names (ARN) of the principals. Permissions are revoked + // for principals in this list. RemoveAllowedPrincipals []*string `locationNameList:"item" type:"list"` // The ID of the service. @@ -143686,10 +156130,20 @@ type ModifyVpnTunnelOptionsInput struct { // it is UnauthorizedOperation. DryRun *bool `type:"boolean"` + // Choose whether or not to trigger immediate tunnel replacement. This is only + // applicable when turning on or off EnableTunnelLifecycleControl. + // + // Valid values: True | False + SkipTunnelReplacement *bool `type:"boolean"` + // The tunnel options to modify. // + // TunnelOptions is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by ModifyVpnTunnelOptionsInput's + // String and GoString methods. + // // TunnelOptions is a required field - TunnelOptions *ModifyVpnTunnelOptionsSpecification `type:"structure" required:"true"` + TunnelOptions *ModifyVpnTunnelOptionsSpecification `type:"structure" required:"true" sensitive:"true"` // The ID of the Amazon Web Services Site-to-Site VPN connection. // @@ -143745,6 +156199,12 @@ func (s *ModifyVpnTunnelOptionsInput) SetDryRun(v bool) *ModifyVpnTunnelOptionsI return s } +// SetSkipTunnelReplacement sets the SkipTunnelReplacement field's value. +func (s *ModifyVpnTunnelOptionsInput) SetSkipTunnelReplacement(v bool) *ModifyVpnTunnelOptionsInput { + s.SkipTunnelReplacement = &v + return s +} + // SetTunnelOptions sets the TunnelOptions field's value. func (s *ModifyVpnTunnelOptionsInput) SetTunnelOptions(v *ModifyVpnTunnelOptionsSpecification) *ModifyVpnTunnelOptionsInput { s.TunnelOptions = v @@ -143796,7 +156256,7 @@ func (s *ModifyVpnTunnelOptionsOutput) SetVpnConnection(v *VpnConnection) *Modif // The Amazon Web Services Site-to-Site VPN tunnel options to modify. type ModifyVpnTunnelOptionsSpecification struct { - _ struct{} `type:"structure"` + _ struct{} `type:"structure" sensitive:"true"` // The action to take after DPD timeout occurs. Specify restart to restart the // IKE initiation. Specify clear to end the IKE session. @@ -143806,13 +156266,18 @@ type ModifyVpnTunnelOptionsSpecification struct { // Default: clear DPDTimeoutAction *string `type:"string"` - // The number of seconds after which a DPD timeout occurs. + // The number of seconds after which a DPD timeout occurs. A DPD timeout of + // 40 seconds means that the VPN endpoint will consider the peer dead 30 seconds + // after the first failed keep-alive. // // Constraints: A value greater than or equal to 30. // - // Default: 30 + // Default: 40 DPDTimeoutSeconds *int64 `type:"integer"` + // Turn on or off tunnel endpoint lifecycle control feature. + EnableTunnelLifecycleControl *bool `type:"boolean"` + // The IKE versions that are permitted for the VPN tunnel. // // Valid values: ikev1 | ikev2 @@ -143878,7 +156343,11 @@ type ModifyVpnTunnelOptionsSpecification struct { // Constraints: Allowed characters are alphanumeric characters, periods (.), // and underscores (_). Must be between 8 and 64 characters in length and cannot // start with zero (0). - PreSharedKey *string `type:"string"` + // + // PreSharedKey is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by ModifyVpnTunnelOptionsSpecification's + // String and GoString methods. + PreSharedKey *string `type:"string" sensitive:"true"` // The percentage of the rekey window (determined by RekeyMarginTimeSeconds) // during which the rekey time is randomly selected. @@ -143895,7 +156364,7 @@ type ModifyVpnTunnelOptionsSpecification struct { // // Constraints: A value between 60 and half of Phase2LifetimeSeconds. // - // Default: 540 + // Default: 270 RekeyMarginTimeSeconds *int64 `type:"integer"` // The number of packets in an IKE replay window. @@ -143974,6 +156443,12 @@ func (s *ModifyVpnTunnelOptionsSpecification) SetDPDTimeoutSeconds(v int64) *Mod return s } +// SetEnableTunnelLifecycleControl sets the EnableTunnelLifecycleControl field's value. +func (s *ModifyVpnTunnelOptionsSpecification) SetEnableTunnelLifecycleControl(v bool) *ModifyVpnTunnelOptionsSpecification { + s.EnableTunnelLifecycleControl = &v + return s +} + // SetIKEVersions sets the IKEVersions field's value. func (s *ModifyVpnTunnelOptionsSpecification) SetIKEVersions(v []*IKEVersionsRequestListValue) *ModifyVpnTunnelOptionsSpecification { s.IKEVersions = v @@ -144413,16 +156888,13 @@ func (s *MoveByoipCidrToIpamOutput) SetByoipCidr(v *ByoipCidr) *MoveByoipCidrToI return s } -// Describes the status of a moving Elastic IP address. +// This action is deprecated. // -// We are retiring EC2-Classic. We recommend that you migrate from EC2-Classic -// to a VPC. For more information, see Migrate from EC2-Classic to a VPC (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-migrate.html) -// in the Amazon Elastic Compute Cloud User Guide. +// Describes the status of a moving Elastic IP address. type MovingAddressStatus struct { _ struct{} `type:"structure"` - // The status of the Elastic IP address that's being moved to the EC2-VPC platform, - // or restored to the EC2-Classic platform. + // The status of the Elastic IP address that's being moved or restored. MoveStatus *string `locationName:"moveStatus" type:"string" enum:"MoveStatus"` // The Elastic IP address. @@ -144638,6 +157110,16 @@ type NatGatewayAddress struct { // associated with the NAT gateway. AllocationId *string `locationName:"allocationId" type:"string"` + // [Public NAT gateway only] The association ID of the Elastic IP address that's + // associated with the NAT gateway. + AssociationId *string `locationName:"associationId" type:"string"` + + // The address failure message. + FailureMessage *string `locationName:"failureMessage" type:"string"` + + // Defines if the IP address is the primary address. + IsPrimary *bool `locationName:"isPrimary" type:"boolean"` + // The ID of the network interface associated with the NAT gateway. NetworkInterfaceId *string `locationName:"networkInterfaceId" type:"string"` @@ -144647,6 +157129,9 @@ type NatGatewayAddress struct { // [Public NAT gateway only] The Elastic IP address associated with the NAT // gateway. PublicIp *string `locationName:"publicIp" type:"string"` + + // The address status. + Status *string `locationName:"status" type:"string" enum:"NatGatewayAddressStatus"` } // String returns the string representation. @@ -144673,6 +157158,24 @@ func (s *NatGatewayAddress) SetAllocationId(v string) *NatGatewayAddress { return s } +// SetAssociationId sets the AssociationId field's value. +func (s *NatGatewayAddress) SetAssociationId(v string) *NatGatewayAddress { + s.AssociationId = &v + return s +} + +// SetFailureMessage sets the FailureMessage field's value. +func (s *NatGatewayAddress) SetFailureMessage(v string) *NatGatewayAddress { + s.FailureMessage = &v + return s +} + +// SetIsPrimary sets the IsPrimary field's value. +func (s *NatGatewayAddress) SetIsPrimary(v bool) *NatGatewayAddress { + s.IsPrimary = &v + return s +} + // SetNetworkInterfaceId sets the NetworkInterfaceId field's value. func (s *NatGatewayAddress) SetNetworkInterfaceId(v string) *NatGatewayAddress { s.NetworkInterfaceId = &v @@ -144691,6 +157194,12 @@ func (s *NatGatewayAddress) SetPublicIp(v string) *NatGatewayAddress { return s } +// SetStatus sets the Status field's value. +func (s *NatGatewayAddress) SetStatus(v string) *NatGatewayAddress { + s.Status = &v + return s +} + // Describes a network ACL. type NetworkAcl struct { _ struct{} `type:"structure"` @@ -144698,7 +157207,7 @@ type NetworkAcl struct { // Any associations between the network ACL and one or more subnets Associations []*NetworkAclAssociation `locationName:"associationSet" locationNameList:"item" type:"list"` - // One or more entries (rules) in the network ACL. + // The entries (rules) in the network ACL. Entries []*NetworkAclEntry `locationName:"entrySet" locationNameList:"item" type:"list"` // Indicates whether this is the default network ACL for the VPC. @@ -145030,6 +157539,9 @@ func (s *NetworkBandwidthGbpsRequest) SetMin(v float64) *NetworkBandwidthGbpsReq type NetworkCardInfo struct { _ struct{} `type:"structure"` + // The baseline network performance of the network card, in Gbps. + BaselineBandwidthInGbps *float64 `locationName:"baselineBandwidthInGbps" type:"double"` + // The maximum number of network interfaces for the network card. MaximumNetworkInterfaces *int64 `locationName:"maximumNetworkInterfaces" type:"integer"` @@ -145038,6 +157550,9 @@ type NetworkCardInfo struct { // The network performance of the network card. NetworkPerformance *string `locationName:"networkPerformance" type:"string"` + + // The peak (burst) network performance of the network card, in Gbps. + PeakBandwidthInGbps *float64 `locationName:"peakBandwidthInGbps" type:"double"` } // String returns the string representation. @@ -145058,6 +157573,12 @@ func (s NetworkCardInfo) GoString() string { return s.String() } +// SetBaselineBandwidthInGbps sets the BaselineBandwidthInGbps field's value. +func (s *NetworkCardInfo) SetBaselineBandwidthInGbps(v float64) *NetworkCardInfo { + s.BaselineBandwidthInGbps = &v + return s +} + // SetMaximumNetworkInterfaces sets the MaximumNetworkInterfaces field's value. func (s *NetworkCardInfo) SetMaximumNetworkInterfaces(v int64) *NetworkCardInfo { s.MaximumNetworkInterfaces = &v @@ -145076,6 +157597,12 @@ func (s *NetworkCardInfo) SetNetworkPerformance(v string) *NetworkCardInfo { return s } +// SetPeakBandwidthInGbps sets the PeakBandwidthInGbps field's value. +func (s *NetworkCardInfo) SetPeakBandwidthInGbps(v float64) *NetworkCardInfo { + s.PeakBandwidthInGbps = &v + return s +} + // Describes the networking features of the instance type. type NetworkInfo struct { _ struct{} `type:"structure"` @@ -145475,8 +158002,7 @@ type NetworkInsightsAnalysis struct { // codes (https://docs.aws.amazon.com/vpc/latest/reachability/explanation-codes.html). Explanations []*Explanation `locationName:"explanationSet" locationNameList:"item" type:"list"` - // The Amazon Resource Names (ARN) of the Amazon Web Services resources that - // the path must traverse. + // The Amazon Resource Names (ARN) of the resources that the path must traverse. FilterInArns []*string `locationName:"filterInArnSet" locationNameList:"item" type:"list"` // The components in the path from source to destination. @@ -145637,19 +158163,24 @@ type NetworkInsightsPath struct { // The time stamp when the path was created. CreatedDate *time.Time `locationName:"createdDate" type:"timestamp"` - // The Amazon Web Services resource that is the destination of the path. + // The ID of the destination. Destination *string `locationName:"destination" type:"string"` // The Amazon Resource Name (ARN) of the destination. DestinationArn *string `locationName:"destinationArn" min:"1" type:"string"` - // The IP address of the Amazon Web Services resource that is the destination - // of the path. + // The IP address of the destination. DestinationIp *string `locationName:"destinationIp" type:"string"` // The destination port. DestinationPort *int64 `locationName:"destinationPort" type:"integer"` + // Scopes the analysis to network paths that match specific filters at the destination. + FilterAtDestination *PathFilter `locationName:"filterAtDestination" type:"structure"` + + // Scopes the analysis to network paths that match specific filters at the source. + FilterAtSource *PathFilter `locationName:"filterAtSource" type:"structure"` + // The Amazon Resource Name (ARN) of the path. NetworkInsightsPathArn *string `locationName:"networkInsightsPathArn" min:"1" type:"string"` @@ -145659,14 +158190,13 @@ type NetworkInsightsPath struct { // The protocol. Protocol *string `locationName:"protocol" type:"string" enum:"Protocol"` - // The Amazon Web Services resource that is the source of the path. + // The ID of the source. Source *string `locationName:"source" type:"string"` // The Amazon Resource Name (ARN) of the source. SourceArn *string `locationName:"sourceArn" min:"1" type:"string"` - // The IP address of the Amazon Web Services resource that is the source of - // the path. + // The IP address of the source. SourceIp *string `locationName:"sourceIp" type:"string"` // The tags associated with the path. @@ -145721,6 +158251,18 @@ func (s *NetworkInsightsPath) SetDestinationPort(v int64) *NetworkInsightsPath { return s } +// SetFilterAtDestination sets the FilterAtDestination field's value. +func (s *NetworkInsightsPath) SetFilterAtDestination(v *PathFilter) *NetworkInsightsPath { + s.FilterAtDestination = v + return s +} + +// SetFilterAtSource sets the FilterAtSource field's value. +func (s *NetworkInsightsPath) SetFilterAtSource(v *PathFilter) *NetworkInsightsPath { + s.FilterAtSource = v + return s +} + // SetNetworkInsightsPathArn sets the NetworkInsightsPathArn field's value. func (s *NetworkInsightsPath) SetNetworkInsightsPathArn(v string) *NetworkInsightsPath { s.NetworkInsightsPathArn = &v @@ -145777,6 +158319,12 @@ type NetworkInterface struct { // The Availability Zone. AvailabilityZone *string `locationName:"availabilityZone" type:"string"` + // A security group connection tracking configuration that enables you to set + // the timeout for connection tracking on an Elastic network interface. For + // more information, see Connection tracking timeouts (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-connection-tracking.html#connection-tracking-timeouts) + // in the Amazon Elastic Compute Cloud User Guide. + ConnectionTrackingConfiguration *ConnectionTrackingConfiguration `locationName:"connectionTrackingConfiguration" type:"structure"` + // Indicates whether a network interface with an IPv6 address is unreachable // from the public internet. If the value is true, inbound traffic from the // internet is dropped and you cannot assign an elastic IP address to the network @@ -145888,6 +158436,12 @@ func (s *NetworkInterface) SetAvailabilityZone(v string) *NetworkInterface { return s } +// SetConnectionTrackingConfiguration sets the ConnectionTrackingConfiguration field's value. +func (s *NetworkInterface) SetConnectionTrackingConfiguration(v *ConnectionTrackingConfiguration) *NetworkInterface { + s.ConnectionTrackingConfiguration = v + return s +} + // SetDenyAllIgwTraffic sets the DenyAllIgwTraffic field's value. func (s *NetworkInterface) SetDenyAllIgwTraffic(v bool) *NetworkInterface { s.DenyAllIgwTraffic = &v @@ -146355,6 +158909,13 @@ type NetworkInterfaceIpv6Address struct { // The IPv6 address. Ipv6Address *string `locationName:"ipv6Address" type:"string"` + + // Determines if an IPv6 address associated with a network interface is the + // primary IPv6 address. When you enable an IPv6 GUA address to be a primary + // IPv6, the first IPv6 GUA will be made the primary IPv6 address until the + // instance is terminated or the network interface is detached. For more information, + // see ModifyNetworkInterfaceAttribute (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyNetworkInterfaceAttribute.html). + IsPrimaryIpv6 *bool `locationName:"isPrimaryIpv6" type:"boolean"` } // String returns the string representation. @@ -146381,6 +158942,12 @@ func (s *NetworkInterfaceIpv6Address) SetIpv6Address(v string) *NetworkInterface return s } +// SetIsPrimaryIpv6 sets the IsPrimaryIpv6 field's value. +func (s *NetworkInterfaceIpv6Address) SetIsPrimaryIpv6(v bool) *NetworkInterfaceIpv6Address { + s.IsPrimaryIpv6 = &v + return s +} + // Describes a permission for a network interface. type NetworkInterfacePermission struct { _ struct{} `type:"structure"` @@ -146560,6 +159127,180 @@ func (s *NetworkInterfacePrivateIpAddress) SetPrivateIpAddress(v string) *Networ return s } +// Describes the cores available to the neuron accelerator. +type NeuronDeviceCoreInfo struct { + _ struct{} `type:"structure"` + + // The number of cores available to the neuron accelerator. + Count *int64 `locationName:"count" type:"integer"` + + // The version of the neuron accelerator. + Version *int64 `locationName:"version" type:"integer"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s NeuronDeviceCoreInfo) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s NeuronDeviceCoreInfo) GoString() string { + return s.String() +} + +// SetCount sets the Count field's value. +func (s *NeuronDeviceCoreInfo) SetCount(v int64) *NeuronDeviceCoreInfo { + s.Count = &v + return s +} + +// SetVersion sets the Version field's value. +func (s *NeuronDeviceCoreInfo) SetVersion(v int64) *NeuronDeviceCoreInfo { + s.Version = &v + return s +} + +// Describes the neuron accelerators for the instance type. +type NeuronDeviceInfo struct { + _ struct{} `type:"structure"` + + // Describes the cores available to each neuron accelerator. + CoreInfo *NeuronDeviceCoreInfo `locationName:"coreInfo" type:"structure"` + + // The number of neuron accelerators for the instance type. + Count *int64 `locationName:"count" type:"integer"` + + // Describes the memory available to each neuron accelerator. + MemoryInfo *NeuronDeviceMemoryInfo `locationName:"memoryInfo" type:"structure"` + + // The name of the neuron accelerator. + Name *string `locationName:"name" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s NeuronDeviceInfo) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s NeuronDeviceInfo) GoString() string { + return s.String() +} + +// SetCoreInfo sets the CoreInfo field's value. +func (s *NeuronDeviceInfo) SetCoreInfo(v *NeuronDeviceCoreInfo) *NeuronDeviceInfo { + s.CoreInfo = v + return s +} + +// SetCount sets the Count field's value. +func (s *NeuronDeviceInfo) SetCount(v int64) *NeuronDeviceInfo { + s.Count = &v + return s +} + +// SetMemoryInfo sets the MemoryInfo field's value. +func (s *NeuronDeviceInfo) SetMemoryInfo(v *NeuronDeviceMemoryInfo) *NeuronDeviceInfo { + s.MemoryInfo = v + return s +} + +// SetName sets the Name field's value. +func (s *NeuronDeviceInfo) SetName(v string) *NeuronDeviceInfo { + s.Name = &v + return s +} + +// Describes the memory available to the neuron accelerator. +type NeuronDeviceMemoryInfo struct { + _ struct{} `type:"structure"` + + // The size of the memory available to the neuron accelerator, in MiB. + SizeInMiB *int64 `locationName:"sizeInMiB" type:"integer"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s NeuronDeviceMemoryInfo) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s NeuronDeviceMemoryInfo) GoString() string { + return s.String() +} + +// SetSizeInMiB sets the SizeInMiB field's value. +func (s *NeuronDeviceMemoryInfo) SetSizeInMiB(v int64) *NeuronDeviceMemoryInfo { + s.SizeInMiB = &v + return s +} + +// Describes the neuron accelerators for the instance type. +type NeuronInfo struct { + _ struct{} `type:"structure"` + + // Describes the neuron accelerators for the instance type. + NeuronDevices []*NeuronDeviceInfo `locationName:"neuronDevices" locationNameList:"item" type:"list"` + + // The total size of the memory for the neuron accelerators for the instance + // type, in MiB. + TotalNeuronDeviceMemoryInMiB *int64 `locationName:"totalNeuronDeviceMemoryInMiB" type:"integer"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s NeuronInfo) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s NeuronInfo) GoString() string { + return s.String() +} + +// SetNeuronDevices sets the NeuronDevices field's value. +func (s *NeuronInfo) SetNeuronDevices(v []*NeuronDeviceInfo) *NeuronInfo { + s.NeuronDevices = v + return s +} + +// SetTotalNeuronDeviceMemoryInMiB sets the TotalNeuronDeviceMemoryInMiB field's value. +func (s *NeuronInfo) SetTotalNeuronDeviceMemoryInMiB(v int64) *NeuronInfo { + s.TotalNeuronDeviceMemoryInMiB = &v + return s +} + type NewDhcpConfiguration struct { _ struct{} `type:"structure"` @@ -146598,7 +159339,40 @@ func (s *NewDhcpConfiguration) SetValues(v []*string) *NewDhcpConfiguration { return s } -// Options for OIDC-based, user-identity type trust provider. +// Describes the supported NitroTPM versions for the instance type. +type NitroTpmInfo struct { + _ struct{} `type:"structure"` + + // Indicates the supported NitroTPM versions. + SupportedVersions []*string `locationName:"supportedVersions" locationNameList:"item" type:"list"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s NitroTpmInfo) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s NitroTpmInfo) GoString() string { + return s.String() +} + +// SetSupportedVersions sets the SupportedVersions field's value. +func (s *NitroTpmInfo) SetSupportedVersions(v []*string) *NitroTpmInfo { + s.SupportedVersions = v + return s +} + +// Describes the options for an OpenID Connect-compatible user-identity trust +// provider. type OidcOptions struct { _ struct{} `type:"structure"` @@ -146609,7 +159383,11 @@ type OidcOptions struct { ClientId *string `locationName:"clientId" type:"string"` // The client secret. - ClientSecret *string `locationName:"clientSecret" type:"string"` + // + // ClientSecret is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by OidcOptions's + // String and GoString methods. + ClientSecret *string `locationName:"clientSecret" type:"string" sensitive:"true"` // The OIDC issuer. Issuer *string `locationName:"issuer" type:"string"` @@ -146708,6 +159486,14 @@ type OnDemandOptions struct { // The maximum amount per hour for On-Demand Instances that you're willing to // pay. + // + // If your fleet includes T instances that are configured as unlimited, and + // if their average CPU usage exceeds the baseline utilization, you will incur + // a charge for surplus credits. The maxTotalPrice does not account for surplus + // credits, and, if you use surplus credits, your final cost might be higher + // than what you specified for maxTotalPrice. For more information, see Surplus + // credits can incur charges (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances-unlimited-mode-concepts.html#unlimited-mode-surplus-credits) + // in the EC2 User Guide. MaxTotalPrice *string `locationName:"maxTotalPrice" type:"string"` // The minimum target capacity for On-Demand Instances in the fleet. If the @@ -146810,6 +159596,14 @@ type OnDemandOptionsRequest struct { // The maximum amount per hour for On-Demand Instances that you're willing to // pay. + // + // If your fleet includes T instances that are configured as unlimited, and + // if their average CPU usage exceeds the baseline utilization, you will incur + // a charge for surplus credits. The MaxTotalPrice does not account for surplus + // credits, and, if you use surplus credits, your final cost might be higher + // than what you specified for MaxTotalPrice. For more information, see Surplus + // credits can incur charges (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances-unlimited-mode-concepts.html#unlimited-mode-surplus-credits) + // in the EC2 User Guide. MaxTotalPrice *string `type:"string"` // The minimum target capacity for On-Demand Instances in the fleet. If the @@ -147085,6 +159879,12 @@ type PathComponent struct { // The explanation codes. Explanations []*Explanation `locationName:"explanationSet" locationNameList:"item" type:"list"` + // The Network Firewall stateful rule. + FirewallStatefulRule *FirewallStatefulRule `locationName:"firewallStatefulRule" type:"structure"` + + // The Network Firewall stateless rule. + FirewallStatelessRule *FirewallStatelessRule `locationName:"firewallStatelessRule" type:"structure"` + // The inbound header. InboundHeader *AnalysisPacketHeader `locationName:"inboundHeader" type:"structure"` @@ -147100,6 +159900,9 @@ type PathComponent struct { // The sequence number. SequenceNumber *int64 `locationName:"sequenceNumber" type:"integer"` + // The name of the VPC endpoint service. + ServiceName *string `locationName:"serviceName" type:"string"` + // The source VPC. SourceVpc *AnalysisComponent `locationName:"sourceVpc" type:"structure"` @@ -147176,6 +159979,18 @@ func (s *PathComponent) SetExplanations(v []*Explanation) *PathComponent { return s } +// SetFirewallStatefulRule sets the FirewallStatefulRule field's value. +func (s *PathComponent) SetFirewallStatefulRule(v *FirewallStatefulRule) *PathComponent { + s.FirewallStatefulRule = v + return s +} + +// SetFirewallStatelessRule sets the FirewallStatelessRule field's value. +func (s *PathComponent) SetFirewallStatelessRule(v *FirewallStatelessRule) *PathComponent { + s.FirewallStatelessRule = v + return s +} + // SetInboundHeader sets the InboundHeader field's value. func (s *PathComponent) SetInboundHeader(v *AnalysisPacketHeader) *PathComponent { s.InboundHeader = v @@ -147206,6 +160021,12 @@ func (s *PathComponent) SetSequenceNumber(v int64) *PathComponent { return s } +// SetServiceName sets the ServiceName field's value. +func (s *PathComponent) SetServiceName(v string) *PathComponent { + s.ServiceName = &v + return s +} + // SetSourceVpc sets the SourceVpc field's value. func (s *PathComponent) SetSourceVpc(v *AnalysisComponent) *PathComponent { s.SourceVpc = v @@ -147236,6 +160057,126 @@ func (s *PathComponent) SetVpc(v *AnalysisComponent) *PathComponent { return s } +// Describes a set of filters for a path analysis. Use path filters to scope +// the analysis when there can be multiple resulting paths. +type PathFilter struct { + _ struct{} `type:"structure"` + + // The destination IPv4 address. + DestinationAddress *string `locationName:"destinationAddress" type:"string"` + + // The destination port range. + DestinationPortRange *FilterPortRange `locationName:"destinationPortRange" type:"structure"` + + // The source IPv4 address. + SourceAddress *string `locationName:"sourceAddress" type:"string"` + + // The source port range. + SourcePortRange *FilterPortRange `locationName:"sourcePortRange" type:"structure"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s PathFilter) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s PathFilter) GoString() string { + return s.String() +} + +// SetDestinationAddress sets the DestinationAddress field's value. +func (s *PathFilter) SetDestinationAddress(v string) *PathFilter { + s.DestinationAddress = &v + return s +} + +// SetDestinationPortRange sets the DestinationPortRange field's value. +func (s *PathFilter) SetDestinationPortRange(v *FilterPortRange) *PathFilter { + s.DestinationPortRange = v + return s +} + +// SetSourceAddress sets the SourceAddress field's value. +func (s *PathFilter) SetSourceAddress(v string) *PathFilter { + s.SourceAddress = &v + return s +} + +// SetSourcePortRange sets the SourcePortRange field's value. +func (s *PathFilter) SetSourcePortRange(v *FilterPortRange) *PathFilter { + s.SourcePortRange = v + return s +} + +// Describes a set of filters for a path analysis. Use path filters to scope +// the analysis when there can be multiple resulting paths. +type PathRequestFilter struct { + _ struct{} `type:"structure"` + + // The destination IPv4 address. + DestinationAddress *string `type:"string"` + + // The destination port range. + DestinationPortRange *RequestFilterPortRange `type:"structure"` + + // The source IPv4 address. + SourceAddress *string `type:"string"` + + // The source port range. + SourcePortRange *RequestFilterPortRange `type:"structure"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s PathRequestFilter) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s PathRequestFilter) GoString() string { + return s.String() +} + +// SetDestinationAddress sets the DestinationAddress field's value. +func (s *PathRequestFilter) SetDestinationAddress(v string) *PathRequestFilter { + s.DestinationAddress = &v + return s +} + +// SetDestinationPortRange sets the DestinationPortRange field's value. +func (s *PathRequestFilter) SetDestinationPortRange(v *RequestFilterPortRange) *PathRequestFilter { + s.DestinationPortRange = v + return s +} + +// SetSourceAddress sets the SourceAddress field's value. +func (s *PathRequestFilter) SetSourceAddress(v string) *PathRequestFilter { + s.SourceAddress = &v + return s +} + +// SetSourcePortRange sets the SourcePortRange field's value. +func (s *PathRequestFilter) SetSourcePortRange(v *RequestFilterPortRange) *PathRequestFilter { + s.SourcePortRange = v + return s +} + // Describes a path statement. type PathStatement struct { _ struct{} `type:"structure"` @@ -147419,10 +160360,6 @@ func (s *PeeringAttachmentStatus) SetMessage(v string) *PeeringAttachmentStatus return s } -// We are retiring EC2-Classic. We recommend that you migrate from EC2-Classic -// to a VPC. For more information, see Migrate from EC2-Classic to a VPC (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-migrate.html) -// in the Amazon Elastic Compute Cloud User Guide. -// // Describes the VPC peering connection options. type PeeringConnectionOptions struct { _ struct{} `type:"structure"` @@ -147431,12 +160368,10 @@ type PeeringConnectionOptions struct { // to private IP addresses when queried from instances in the peer VPC. AllowDnsResolutionFromRemoteVpc *bool `locationName:"allowDnsResolutionFromRemoteVpc" type:"boolean"` - // If true, enables outbound communication from an EC2-Classic instance that's - // linked to a local VPC using ClassicLink to instances in a peer VPC. + // Deprecated. AllowEgressFromLocalClassicLinkToRemoteVpc *bool `locationName:"allowEgressFromLocalClassicLinkToRemoteVpc" type:"boolean"` - // If true, enables outbound communication from instances in a local VPC to - // an EC2-Classic instance that's linked to a peer VPC using ClassicLink. + // Deprecated. AllowEgressFromLocalVpcToRemoteClassicLink *bool `locationName:"allowEgressFromLocalVpcToRemoteClassicLink" type:"boolean"` } @@ -147476,10 +160411,6 @@ func (s *PeeringConnectionOptions) SetAllowEgressFromLocalVpcToRemoteClassicLink return s } -// We are retiring EC2-Classic. We recommend that you migrate from EC2-Classic -// to a VPC. For more information, see Migrate from EC2-Classic to a VPC (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-migrate.html) -// in the Amazon Elastic Compute Cloud User Guide. -// // The VPC peering connection options. type PeeringConnectionOptionsRequest struct { _ struct{} `type:"structure"` @@ -147488,12 +160419,10 @@ type PeeringConnectionOptionsRequest struct { // addresses when queried from instances in the peer VPC. AllowDnsResolutionFromRemoteVpc *bool `type:"boolean"` - // If true, enables outbound communication from an EC2-Classic instance that's - // linked to a local VPC using ClassicLink to instances in a peer VPC. + // Deprecated. AllowEgressFromLocalClassicLinkToRemoteVpc *bool `type:"boolean"` - // If true, enables outbound communication from instances in a local VPC to - // an EC2-Classic instance that's linked to a peer VPC using ClassicLink. + // Deprecated. AllowEgressFromLocalVpcToRemoteClassicLink *bool `type:"boolean"` } @@ -148027,8 +160956,8 @@ type Placement struct { // Reserved for future use. SpreadDomain *string `locationName:"spreadDomain" type:"string"` - // The tenancy of the instance (if the instance is running in a VPC). An instance - // with a tenancy of dedicated runs on single-tenant hardware. + // The tenancy of the instance. An instance with a tenancy of dedicated runs + // on single-tenant hardware. // // This parameter is not supported for CreateFleet (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateFleet). // The host tenancy is not supported for ImportInstance (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ImportInstance.html) @@ -149028,9 +161957,17 @@ func (s *PrivateIpAddressSpecification) SetPrivateIpAddress(v string) *PrivateIp type ProcessorInfo struct { _ struct{} `type:"structure"` + // The manufacturer of the processor. + Manufacturer *string `locationName:"manufacturer" type:"string"` + // The architectures supported by the instance type. SupportedArchitectures []*string `locationName:"supportedArchitectures" locationNameList:"item" type:"list" enum:"ArchitectureType"` + // Indicates whether the instance type supports AMD SEV-SNP. If the request + // returns amd-sev-snp, AMD SEV-SNP is supported. Otherwise, it is not supported. + // For more information, see AMD SEV-SNP (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/sev-snp.html). + SupportedFeatures []*string `locationName:"supportedFeatures" locationNameList:"item" type:"list" enum:"SupportedAdditionalProcessorFeature"` + // The speed of the processor, in GHz. SustainedClockSpeedInGhz *float64 `locationName:"sustainedClockSpeedInGhz" type:"double"` } @@ -149053,12 +161990,24 @@ func (s ProcessorInfo) GoString() string { return s.String() } +// SetManufacturer sets the Manufacturer field's value. +func (s *ProcessorInfo) SetManufacturer(v string) *ProcessorInfo { + s.Manufacturer = &v + return s +} + // SetSupportedArchitectures sets the SupportedArchitectures field's value. func (s *ProcessorInfo) SetSupportedArchitectures(v []*string) *ProcessorInfo { s.SupportedArchitectures = v return s } +// SetSupportedFeatures sets the SupportedFeatures field's value. +func (s *ProcessorInfo) SetSupportedFeatures(v []*string) *ProcessorInfo { + s.SupportedFeatures = v + return s +} + // SetSustainedClockSpeedInGhz sets the SustainedClockSpeedInGhz field's value. func (s *ProcessorInfo) SetSustainedClockSpeedInGhz(v float64) *ProcessorInfo { s.SustainedClockSpeedInGhz = &v @@ -149142,9 +162091,10 @@ type ProvisionByoipCidrInput struct { _ struct{} `type:"structure"` // The public IPv4 or IPv6 address range, in CIDR notation. The most specific - // IPv4 prefix that you can specify is /24. The most specific IPv6 prefix you - // can specify is /56. The address range cannot overlap with another address - // range that you've brought to this or another Region. + // IPv4 prefix that you can specify is /24. The most specific IPv6 address range + // that you can bring is /48 for CIDRs that are publicly advertisable and /56 + // for CIDRs that are not publicly advertisable. The address range cannot overlap + // with another address range that you've brought to this or another Region. // // Cidr is a required field Cidr *string `type:"string" required:"true"` @@ -149165,6 +162115,25 @@ type ProvisionByoipCidrInput struct { // Reserved. MultiRegion *bool `type:"boolean"` + // If you have Local Zones (https://docs.aws.amazon.com/local-zones/latest/ug/how-local-zones-work.html) + // enabled, you can choose a network border group for Local Zones when you provision + // and advertise a BYOIPv4 CIDR. Choose the network border group carefully as + // the EIP and the Amazon Web Services resource it is associated with must reside + // in the same network border group. + // + // You can provision BYOIP address ranges to and advertise them in the following + // Local Zone network border groups: + // + // * us-east-1-dfw-2 + // + // * us-west-2-lax-1 + // + // * us-west-2-phx-2 + // + // You cannot provision or advertise BYOIPv6 address ranges in Local Zones at + // this time. + NetworkBorderGroup *string `type:"string"` + // The tags to apply to the address pool. PoolTagSpecifications []*TagSpecification `locationName:"PoolTagSpecification" locationNameList:"item" type:"list"` @@ -149241,6 +162210,12 @@ func (s *ProvisionByoipCidrInput) SetMultiRegion(v bool) *ProvisionByoipCidrInpu return s } +// SetNetworkBorderGroup sets the NetworkBorderGroup field's value. +func (s *ProvisionByoipCidrInput) SetNetworkBorderGroup(v string) *ProvisionByoipCidrInput { + s.NetworkBorderGroup = &v + return s +} + // SetPoolTagSpecifications sets the PoolTagSpecifications field's value. func (s *ProvisionByoipCidrInput) SetPoolTagSpecifications(v []*TagSpecification) *ProvisionByoipCidrInput { s.PoolTagSpecifications = v @@ -149284,10 +162259,134 @@ func (s *ProvisionByoipCidrOutput) SetByoipCidr(v *ByoipCidr) *ProvisionByoipCid return s } +type ProvisionIpamByoasnInput struct { + _ struct{} `type:"structure"` + + // A public 2-byte or 4-byte ASN. + // + // Asn is a required field + Asn *string `type:"string" required:"true"` + + // An ASN authorization context. + // + // AsnAuthorizationContext is a required field + AsnAuthorizationContext *AsnAuthorizationContext `type:"structure" required:"true"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // An IPAM ID. + // + // IpamId is a required field + IpamId *string `type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ProvisionIpamByoasnInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ProvisionIpamByoasnInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *ProvisionIpamByoasnInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "ProvisionIpamByoasnInput"} + if s.Asn == nil { + invalidParams.Add(request.NewErrParamRequired("Asn")) + } + if s.AsnAuthorizationContext == nil { + invalidParams.Add(request.NewErrParamRequired("AsnAuthorizationContext")) + } + if s.IpamId == nil { + invalidParams.Add(request.NewErrParamRequired("IpamId")) + } + if s.AsnAuthorizationContext != nil { + if err := s.AsnAuthorizationContext.Validate(); err != nil { + invalidParams.AddNested("AsnAuthorizationContext", err.(request.ErrInvalidParams)) + } + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetAsn sets the Asn field's value. +func (s *ProvisionIpamByoasnInput) SetAsn(v string) *ProvisionIpamByoasnInput { + s.Asn = &v + return s +} + +// SetAsnAuthorizationContext sets the AsnAuthorizationContext field's value. +func (s *ProvisionIpamByoasnInput) SetAsnAuthorizationContext(v *AsnAuthorizationContext) *ProvisionIpamByoasnInput { + s.AsnAuthorizationContext = v + return s +} + +// SetDryRun sets the DryRun field's value. +func (s *ProvisionIpamByoasnInput) SetDryRun(v bool) *ProvisionIpamByoasnInput { + s.DryRun = &v + return s +} + +// SetIpamId sets the IpamId field's value. +func (s *ProvisionIpamByoasnInput) SetIpamId(v string) *ProvisionIpamByoasnInput { + s.IpamId = &v + return s +} + +type ProvisionIpamByoasnOutput struct { + _ struct{} `type:"structure"` + + // An ASN and BYOIP CIDR association. + Byoasn *Byoasn `locationName:"byoasn" type:"structure"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ProvisionIpamByoasnOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ProvisionIpamByoasnOutput) GoString() string { + return s.String() +} + +// SetByoasn sets the Byoasn field's value. +func (s *ProvisionIpamByoasnOutput) SetByoasn(v *Byoasn) *ProvisionIpamByoasnOutput { + s.Byoasn = v + return s +} + type ProvisionIpamPoolCidrInput struct { _ struct{} `type:"structure"` - // The CIDR you want to assign to the IPAM pool. + // The CIDR you want to assign to the IPAM pool. Either "NetmaskLength" or "Cidr" + // is required. This value will be null if you specify "NetmaskLength" and will + // be filled in during the provisioning process. Cidr *string `type:"string"` // A signed document that proves that you are authorized to bring a specified @@ -149295,6 +162394,10 @@ type ProvisionIpamPoolCidrInput struct { // only. CidrAuthorizationContext *IpamCidrAuthorizationContext `type:"structure"` + // A unique, case-sensitive identifier that you provide to ensure the idempotency + // of the request. For more information, see Ensuring Idempotency (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html). + ClientToken *string `type:"string" idempotencyToken:"true"` + // A check for whether you have the required permissions for the action without // actually making the request and provides an error response. If you have the // required permissions, the error response is DryRunOperation. Otherwise, it @@ -149305,6 +162408,12 @@ type ProvisionIpamPoolCidrInput struct { // // IpamPoolId is a required field IpamPoolId *string `type:"string" required:"true"` + + // The netmask length of the CIDR you'd like to provision to a pool. Can be + // used for provisioning Amazon-provided IPv6 CIDRs to top-level pools and for + // provisioning CIDRs to pools with source pools. Cannot be used to provision + // BYOIP CIDRs to top-level pools. Either "NetmaskLength" or "Cidr" is required. + NetmaskLength *int64 `type:"integer"` } // String returns the string representation. @@ -149350,6 +162459,12 @@ func (s *ProvisionIpamPoolCidrInput) SetCidrAuthorizationContext(v *IpamCidrAuth return s } +// SetClientToken sets the ClientToken field's value. +func (s *ProvisionIpamPoolCidrInput) SetClientToken(v string) *ProvisionIpamPoolCidrInput { + s.ClientToken = &v + return s +} + // SetDryRun sets the DryRun field's value. func (s *ProvisionIpamPoolCidrInput) SetDryRun(v bool) *ProvisionIpamPoolCidrInput { s.DryRun = &v @@ -149362,6 +162477,12 @@ func (s *ProvisionIpamPoolCidrInput) SetIpamPoolId(v string) *ProvisionIpamPoolC return s } +// SetNetmaskLength sets the NetmaskLength field's value. +func (s *ProvisionIpamPoolCidrInput) SetNetmaskLength(v int64) *ProvisionIpamPoolCidrInput { + s.NetmaskLength = &v + return s +} + type ProvisionIpamPoolCidrOutput struct { _ struct{} `type:"structure"` @@ -149894,6 +163015,118 @@ func (s *Purchase) SetUpfrontPrice(v string) *Purchase { return s } +type PurchaseCapacityBlockInput struct { + _ struct{} `type:"structure"` + + // The ID of the Capacity Block offering. + // + // CapacityBlockOfferingId is a required field + CapacityBlockOfferingId *string `type:"string" required:"true"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The type of operating system for which to reserve capacity. + // + // InstancePlatform is a required field + InstancePlatform *string `type:"string" required:"true" enum:"CapacityReservationInstancePlatform"` + + // The tags to apply to the Capacity Block during launch. + TagSpecifications []*TagSpecification `locationName:"TagSpecification" locationNameList:"item" type:"list"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s PurchaseCapacityBlockInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s PurchaseCapacityBlockInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *PurchaseCapacityBlockInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "PurchaseCapacityBlockInput"} + if s.CapacityBlockOfferingId == nil { + invalidParams.Add(request.NewErrParamRequired("CapacityBlockOfferingId")) + } + if s.InstancePlatform == nil { + invalidParams.Add(request.NewErrParamRequired("InstancePlatform")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetCapacityBlockOfferingId sets the CapacityBlockOfferingId field's value. +func (s *PurchaseCapacityBlockInput) SetCapacityBlockOfferingId(v string) *PurchaseCapacityBlockInput { + s.CapacityBlockOfferingId = &v + return s +} + +// SetDryRun sets the DryRun field's value. +func (s *PurchaseCapacityBlockInput) SetDryRun(v bool) *PurchaseCapacityBlockInput { + s.DryRun = &v + return s +} + +// SetInstancePlatform sets the InstancePlatform field's value. +func (s *PurchaseCapacityBlockInput) SetInstancePlatform(v string) *PurchaseCapacityBlockInput { + s.InstancePlatform = &v + return s +} + +// SetTagSpecifications sets the TagSpecifications field's value. +func (s *PurchaseCapacityBlockInput) SetTagSpecifications(v []*TagSpecification) *PurchaseCapacityBlockInput { + s.TagSpecifications = v + return s +} + +type PurchaseCapacityBlockOutput struct { + _ struct{} `type:"structure"` + + // The Capacity Reservation. + CapacityReservation *CapacityReservation `locationName:"capacityReservation" type:"structure"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s PurchaseCapacityBlockOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s PurchaseCapacityBlockOutput) GoString() string { + return s.String() +} + +// SetCapacityReservation sets the CapacityReservation field's value. +func (s *PurchaseCapacityBlockOutput) SetCapacityReservation(v *CapacityReservation) *PurchaseCapacityBlockOutput { + s.CapacityReservation = v + return s +} + type PurchaseHostReservationInput struct { _ struct{} `type:"structure"` @@ -150507,7 +163740,7 @@ type ReferencedSecurityGroup struct { // The ID of the VPC. VpcId *string `locationName:"vpcId" type:"string"` - // The ID of the VPC peering connection. + // The ID of the VPC peering connection (if applicable). VpcPeeringConnectionId *string `locationName:"vpcPeeringConnectionId" type:"string"` } @@ -150640,11 +163873,17 @@ type RegisterImageInput struct { // If you create an AMI on an Outpost, then all backing snapshots must be on // the same Outpost or in the Region of that Outpost. AMIs on an Outpost that // include local snapshots can be used to launch instances on the same Outpost - // only. For more information, Amazon EBS local snapshots on Outposts (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/snapshots-outposts.html#ami) - // in the Amazon EC2 User Guide. + // only. For more information, Amazon EBS local snapshots on Outposts (https://docs.aws.amazon.com/ebs/latest/userguide/snapshots-outposts.html#ami) + // in the Amazon EBS User Guide. BlockDeviceMappings []*BlockDeviceMapping `locationName:"BlockDeviceMapping" locationNameList:"BlockDeviceMapping" type:"list"` - // The boot mode of the AMI. For more information, see Boot modes (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ami-boot.html) + // The boot mode of the AMI. A value of uefi-preferred indicates that the AMI + // supports both UEFI and Legacy BIOS. + // + // The operating system contained in the AMI must be configured to support the + // specified boot mode. + // + // For more information, see Boot modes (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ami-boot.html) // in the Amazon EC2 User Guide. BootMode *string `type:"string" enum:"BootModeValues"` @@ -150709,6 +163948,14 @@ type RegisterImageInput struct { // PV AMI can make instances launched from the AMI unreachable. SriovNetSupport *string `locationName:"sriovNetSupport" type:"string"` + // The tags to apply to the AMI. + // + // To tag the AMI, the value for ResourceType must be image. If you specify + // another value for ResourceType, the request fails. + // + // To tag an AMI after it has been registered, see CreateTags (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateTags.html). + TagSpecifications []*TagSpecification `locationName:"TagSpecification" locationNameList:"item" type:"list"` + // Set to v2.0 to enable Trusted Platform Module (TPM) support. For more information, // see NitroTPM (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/nitrotpm.html) // in the Amazon EC2 User Guide. @@ -150843,6 +164090,12 @@ func (s *RegisterImageInput) SetSriovNetSupport(v string) *RegisterImageInput { return s } +// SetTagSpecifications sets the TagSpecifications field's value. +func (s *RegisterImageInput) SetTagSpecifications(v []*TagSpecification) *RegisterImageInput { + s.TagSpecifications = v + return s +} + // SetTpmSupport sets the TpmSupport field's value. func (s *RegisterImageInput) SetTpmSupport(v string) *RegisterImageInput { s.TpmSupport = &v @@ -150903,7 +164156,9 @@ type RegisterInstanceEventNotificationAttributesInput struct { DryRun *bool `type:"boolean"` // Information about the tag keys to register. - InstanceTagAttribute *RegisterInstanceTagAttributeRequest `type:"structure"` + // + // InstanceTagAttribute is a required field + InstanceTagAttribute *RegisterInstanceTagAttributeRequest `type:"structure" required:"true"` } // String returns the string representation. @@ -150924,6 +164179,19 @@ func (s RegisterInstanceEventNotificationAttributesInput) GoString() string { return s.String() } +// Validate inspects the fields of the type to determine if they are valid. +func (s *RegisterInstanceEventNotificationAttributesInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "RegisterInstanceEventNotificationAttributesInput"} + if s.InstanceTagAttribute == nil { + invalidParams.Add(request.NewErrParamRequired("InstanceTagAttribute")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + // SetDryRun sets the DryRun field's value. func (s *RegisterInstanceEventNotificationAttributesInput) SetDryRun(v bool) *RegisterInstanceEventNotificationAttributesInput { s.DryRun = &v @@ -151026,10 +164294,14 @@ type RegisterTransitGatewayMulticastGroupMembersInput struct { // The group members' network interface IDs to register with the transit gateway // multicast group. - NetworkInterfaceIds []*string `locationNameList:"item" type:"list"` + // + // NetworkInterfaceIds is a required field + NetworkInterfaceIds []*string `locationNameList:"item" type:"list" required:"true"` // The ID of the transit gateway multicast domain. - TransitGatewayMulticastDomainId *string `type:"string"` + // + // TransitGatewayMulticastDomainId is a required field + TransitGatewayMulticastDomainId *string `type:"string" required:"true"` } // String returns the string representation. @@ -151050,6 +164322,22 @@ func (s RegisterTransitGatewayMulticastGroupMembersInput) GoString() string { return s.String() } +// Validate inspects the fields of the type to determine if they are valid. +func (s *RegisterTransitGatewayMulticastGroupMembersInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "RegisterTransitGatewayMulticastGroupMembersInput"} + if s.NetworkInterfaceIds == nil { + invalidParams.Add(request.NewErrParamRequired("NetworkInterfaceIds")) + } + if s.TransitGatewayMulticastDomainId == nil { + invalidParams.Add(request.NewErrParamRequired("TransitGatewayMulticastDomainId")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + // SetDryRun sets the DryRun field's value. func (s *RegisterTransitGatewayMulticastGroupMembersInput) SetDryRun(v bool) *RegisterTransitGatewayMulticastGroupMembersInput { s.DryRun = &v @@ -151119,10 +164407,14 @@ type RegisterTransitGatewayMulticastGroupSourcesInput struct { // The group sources' network interface IDs to register with the transit gateway // multicast group. - NetworkInterfaceIds []*string `locationNameList:"item" type:"list"` + // + // NetworkInterfaceIds is a required field + NetworkInterfaceIds []*string `locationNameList:"item" type:"list" required:"true"` // The ID of the transit gateway multicast domain. - TransitGatewayMulticastDomainId *string `type:"string"` + // + // TransitGatewayMulticastDomainId is a required field + TransitGatewayMulticastDomainId *string `type:"string" required:"true"` } // String returns the string representation. @@ -151143,6 +164435,22 @@ func (s RegisterTransitGatewayMulticastGroupSourcesInput) GoString() string { return s.String() } +// Validate inspects the fields of the type to determine if they are valid. +func (s *RegisterTransitGatewayMulticastGroupSourcesInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "RegisterTransitGatewayMulticastGroupSourcesInput"} + if s.NetworkInterfaceIds == nil { + invalidParams.Add(request.NewErrParamRequired("NetworkInterfaceIds")) + } + if s.TransitGatewayMulticastDomainId == nil { + invalidParams.Add(request.NewErrParamRequired("TransitGatewayMulticastDomainId")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + // SetDryRun sets the DryRun field's value. func (s *RegisterTransitGatewayMulticastGroupSourcesInput) SetDryRun(v bool) *RegisterTransitGatewayMulticastGroupSourcesInput { s.DryRun = &v @@ -151482,7 +164790,7 @@ type RejectVpcEndpointConnectionsInput struct { // ServiceId is a required field ServiceId *string `type:"string" required:"true"` - // The IDs of one or more VPC endpoints. + // The IDs of the VPC endpoints. // // VpcEndpointIds is a required field VpcEndpointIds []*string `locationName:"VpcEndpointId" locationNameList:"item" type:"list" required:"true"` @@ -151663,7 +164971,7 @@ func (s *RejectVpcPeeringConnectionOutput) SetReturn(v bool) *RejectVpcPeeringCo type ReleaseAddressInput struct { _ struct{} `type:"structure"` - // [EC2-VPC] The allocation ID. Required for EC2-VPC. + // The allocation ID. This parameter is required. AllocationId *string `type:"string"` // Checks whether you have the required permissions for the action, without @@ -151677,12 +164985,9 @@ type ReleaseAddressInput struct { // // If you provide an incorrect network border group, you receive an InvalidAddress.NotFound // error. - // - // You cannot use a network border group with EC2 Classic. If you attempt this - // operation on EC2 classic, you receive an InvalidParameterCombination error. NetworkBorderGroup *string `type:"string"` - // [EC2-Classic] The Elastic IP address. Required for EC2-Classic. + // Deprecated. PublicIp *string `type:"string"` } @@ -152991,6 +166296,118 @@ func (s *ReplaceTransitGatewayRouteOutput) SetRoute(v *TransitGatewayRoute) *Rep return s } +type ReplaceVpnTunnelInput struct { + _ struct{} `type:"structure"` + + // Trigger pending tunnel endpoint maintenance. + ApplyPendingMaintenance *bool `type:"boolean"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The ID of the Site-to-Site VPN connection. + // + // VpnConnectionId is a required field + VpnConnectionId *string `type:"string" required:"true"` + + // The external IP address of the VPN tunnel. + // + // VpnTunnelOutsideIpAddress is a required field + VpnTunnelOutsideIpAddress *string `type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ReplaceVpnTunnelInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ReplaceVpnTunnelInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *ReplaceVpnTunnelInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "ReplaceVpnTunnelInput"} + if s.VpnConnectionId == nil { + invalidParams.Add(request.NewErrParamRequired("VpnConnectionId")) + } + if s.VpnTunnelOutsideIpAddress == nil { + invalidParams.Add(request.NewErrParamRequired("VpnTunnelOutsideIpAddress")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetApplyPendingMaintenance sets the ApplyPendingMaintenance field's value. +func (s *ReplaceVpnTunnelInput) SetApplyPendingMaintenance(v bool) *ReplaceVpnTunnelInput { + s.ApplyPendingMaintenance = &v + return s +} + +// SetDryRun sets the DryRun field's value. +func (s *ReplaceVpnTunnelInput) SetDryRun(v bool) *ReplaceVpnTunnelInput { + s.DryRun = &v + return s +} + +// SetVpnConnectionId sets the VpnConnectionId field's value. +func (s *ReplaceVpnTunnelInput) SetVpnConnectionId(v string) *ReplaceVpnTunnelInput { + s.VpnConnectionId = &v + return s +} + +// SetVpnTunnelOutsideIpAddress sets the VpnTunnelOutsideIpAddress field's value. +func (s *ReplaceVpnTunnelInput) SetVpnTunnelOutsideIpAddress(v string) *ReplaceVpnTunnelInput { + s.VpnTunnelOutsideIpAddress = &v + return s +} + +type ReplaceVpnTunnelOutput struct { + _ struct{} `type:"structure"` + + // Confirmation of replace tunnel operation. + Return *bool `locationName:"return" type:"boolean"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ReplaceVpnTunnelOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ReplaceVpnTunnelOutput) GoString() string { + return s.String() +} + +// SetReturn sets the Return field's value. +func (s *ReplaceVpnTunnelOutput) SetReturn(v bool) *ReplaceVpnTunnelOutput { + s.Return = &v + return s +} + type ReportInstanceStatusInput struct { _ struct{} `type:"structure"` @@ -153147,6 +166564,47 @@ func (s ReportInstanceStatusOutput) GoString() string { return s.String() } +// Describes a port range. +type RequestFilterPortRange struct { + _ struct{} `type:"structure"` + + // The first port in the range. + FromPort *int64 `type:"integer"` + + // The last port in the range. + ToPort *int64 `type:"integer"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s RequestFilterPortRange) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s RequestFilterPortRange) GoString() string { + return s.String() +} + +// SetFromPort sets the FromPort field's value. +func (s *RequestFilterPortRange) SetFromPort(v int64) *RequestFilterPortRange { + s.FromPort = &v + return s +} + +// SetToPort sets the ToPort field's value. +func (s *RequestFilterPortRange) SetToPort(v int64) *RequestFilterPortRange { + s.ToPort = &v + return s +} + // A tag on an IPAM resource. type RequestIpamResourceTag struct { _ struct{} `type:"structure"` @@ -153193,7 +166651,7 @@ func (s *RequestIpamResourceTag) SetValue(v string) *RequestIpamResourceTag { // // You must specify at least one parameter for the launch template data. type RequestLaunchTemplateData struct { - _ struct{} `type:"structure" sensitive:"true"` + _ struct{} `type:"structure"` // The block device mapping. BlockDeviceMappings []*LaunchTemplateBlockDeviceMappingRequest `locationName:"BlockDeviceMapping" locationNameList:"BlockDeviceMapping" type:"list"` @@ -153213,7 +166671,8 @@ type RequestLaunchTemplateData struct { CreditSpecification *CreditSpecificationRequest `type:"structure"` // Indicates whether to enable the instance for stop protection. For more information, - // see Stop Protection (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Stop_Start.html#Using_StopProtection). + // see Stop protection (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Stop_Start.html#Using_StopProtection) + // in the Amazon Elastic Compute Cloud User Guide. DisableApiStop *bool `type:"boolean"` // If you set this parameter to true, you can't terminate the instance using @@ -153230,10 +166689,26 @@ type RequestLaunchTemplateData struct { // an EBS-optimized instance. EbsOptimized *bool `type:"boolean"` - // An elastic GPU to associate with the instance. + // Deprecated. + // + // Amazon Elastic Graphics reached end of life on January 8, 2024. For workloads + // that require graphics acceleration, we recommend that you use Amazon EC2 + // G4ad, G4dn, or G5 instances. ElasticGpuSpecifications []*ElasticGpuSpecification `locationName:"ElasticGpuSpecification" locationNameList:"ElasticGpuSpecification" type:"list"` - // The elastic inference accelerator for the instance. + // An elastic inference accelerator to associate with the instance. Elastic + // inference accelerators are a resource you can attach to your Amazon EC2 instances + // to accelerate your Deep Learning (DL) inference workloads. + // + // You cannot specify accelerators from different generations in the same request. + // + // Starting April 15, 2023, Amazon Web Services will not onboard new customers + // to Amazon Elastic Inference (EI), and will help current customers migrate + // their workloads to options that offer better price and performance. After + // April 15, 2023, new customers will not be able to launch instances with Amazon + // EI accelerators in Amazon SageMaker, Amazon ECS, or Amazon EC2. However, + // customers who have used Amazon EI at least once during the past 30-day period + // are considered current customers and will be able to continue using the service. ElasticInferenceAccelerators []*LaunchTemplateElasticInferenceAccelerator `locationName:"ElasticInferenceAccelerator" locationNameList:"item" type:"list"` // Indicates whether the instance is enabled for Amazon Web Services Nitro Enclaves. @@ -153253,7 +166728,28 @@ type RequestLaunchTemplateData struct { // The name or Amazon Resource Name (ARN) of an IAM instance profile. IamInstanceProfile *LaunchTemplateIamInstanceProfileSpecificationRequest `type:"structure"` - // The ID of the AMI. + // The ID of the AMI. Alternatively, you can specify a Systems Manager parameter, + // which will resolve to an AMI ID on launch. + // + // Valid formats: + // + // * ami-17characters00000 + // + // * resolve:ssm:parameter-name + // + // * resolve:ssm:parameter-name:version-number + // + // * resolve:ssm:parameter-name:label + // + // * resolve:ssm:public-parameter + // + // Currently, EC2 Fleet and Spot Fleet do not support specifying a Systems Manager + // parameter. If the launch template will be used by an EC2 Fleet or Spot Fleet, + // you must specify the AMI ID. + // + // For more information, see Use a Systems Manager parameter instead of an AMI + // ID (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/create-launch-template.html#use-an-ssm-parameter-instead-of-an-ami-id) + // in the Amazon Elastic Compute Cloud User Guide. ImageId *string `type:"string"` // Indicates whether an instance stops or terminates when you initiate shutdown @@ -153268,7 +166764,37 @@ type RequestLaunchTemplateData struct { // The attributes for the instance types. When you specify instance attributes, // Amazon EC2 will identify instance types with these attributes. // + // You must specify VCpuCount and MemoryMiB. All other attributes are optional. + // Any unspecified optional attribute is set to its default. + // + // When you specify multiple attributes, you get instance types that satisfy + // all of the specified attributes. If you specify multiple values for an attribute, + // you get instance types that satisfy any of the specified values. + // + // To limit the list of instance types from which Amazon EC2 can identify matching + // instance types, you can use one of the following parameters, but not both + // in the same request: + // + // * AllowedInstanceTypes - The instance types to include in the list. All + // other instance types are ignored, even if they match your specified attributes. + // + // * ExcludedInstanceTypes - The instance types to exclude from the list, + // even if they match your specified attributes. + // // If you specify InstanceRequirements, you can't specify InstanceType. + // + // Attribute-based instance type selection is only supported when using Auto + // Scaling groups, EC2 Fleet, and Spot Fleet to launch instances. If you plan + // to use the launch template in the launch instance wizard (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-launch-instance-wizard.html), + // or with the RunInstances (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RunInstances.html) + // API or AWS::EC2::Instance (https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-instance.html) + // Amazon Web Services CloudFormation resource, you can't specify InstanceRequirements. + // + // For more information, see Attribute-based instance type selection for EC2 + // Fleet (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-fleet-attribute-based-instance-type-selection.html), + // Attribute-based instance type selection for Spot Fleet (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-fleet-attribute-based-instance-type-selection.html), + // and Spot placement score (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-placement-score.html) + // in the Amazon EC2 User Guide. InstanceRequirements *InstanceRequirementsRequest `type:"structure"` // The instance type. For more information, see Instance types (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html) @@ -153325,33 +166851,14 @@ type RequestLaunchTemplateData struct { // One or more security group IDs. You can create a security group using CreateSecurityGroup // (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateSecurityGroup.html). - // You cannot specify both a security group ID and security name in the same - // request. SecurityGroupIds []*string `locationName:"SecurityGroupId" locationNameList:"SecurityGroupId" type:"list"` // One or more security group names. For a nondefault VPC, you must use security - // group IDs instead. You cannot specify both a security group ID and security - // name in the same request. + // group IDs instead. SecurityGroups []*string `locationName:"SecurityGroup" locationNameList:"SecurityGroup" type:"list"` // The tags to apply to the resources that are created during instance launch. - // - // You can specify tags for the following resources only: - // - // * Instances - // - // * Volumes - // - // * Elastic graphics - // - // * Spot Instance requests - // - // * Network interfaces - // - // To tag a resource after it has been created, see CreateTags (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateTags.html). - // - // To tag the launch template itself, you must use the TagSpecification (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateLaunchTemplate.html) - // parameter. + // These tags are not applied to the launch template. TagSpecifications []*LaunchTemplateTagSpecificationRequest `locationName:"TagSpecification" locationNameList:"LaunchTemplateTagSpecificationRequest" type:"list"` // The user data to make available to the instance. You must provide base64-encoded @@ -153364,7 +166871,11 @@ type RequestLaunchTemplateData struct { // must be provided in the MIME multi-part archive format (https://cloudinit.readthedocs.io/en/latest/topics/format.html#mime-multi-part-archive). // For more information, see Amazon EC2 user data in launch templates (https://docs.aws.amazon.com/batch/latest/userguide/launch-templates.html) // in the Batch User Guide. - UserData *string `type:"string"` + // + // UserData is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by RequestLaunchTemplateData's + // String and GoString methods. + UserData *string `type:"string" sensitive:"true"` } // String returns the string representation. @@ -153922,7 +167433,7 @@ func (s *RequestSpotInstancesInput) SetValidUntil(v time.Time) *RequestSpotInsta type RequestSpotInstancesOutput struct { _ struct{} `type:"structure"` - // One or more Spot Instance requests. + // The Spot Instance requests. SpotInstanceRequests []*SpotInstanceRequest `locationName:"spotInstanceRequestSet" locationNameList:"item" type:"list"` } @@ -153957,8 +167468,8 @@ type RequestSpotLaunchSpecification struct { // Deprecated. AddressingType *string `locationName:"addressingType" type:"string"` - // One or more block device mapping entries. You can't specify both a snapshot - // ID and an encryption value. This is because only blank volumes can be encrypted + // The block device mapping entries. You can't specify both a snapshot ID and + // an encryption value. This is because only blank volumes can be encrypted // on creation. If a snapshot is the basis for a volume, it is not blank and // its encryption status is used for the volume encryption status. BlockDeviceMappings []*BlockDeviceMapping `locationName:"blockDeviceMapping" locationNameList:"item" type:"list"` @@ -153992,8 +167503,8 @@ type RequestSpotLaunchSpecification struct { // Default: Disabled Monitoring *RunInstancesMonitoringEnabled `locationName:"monitoring" type:"structure"` - // One or more network interfaces. If you specify a network interface, you must - // specify subnet IDs and security group IDs using the network interface. + // The network interfaces. If you specify a network interface, you must specify + // subnet IDs and security group IDs using the network interface. NetworkInterfaces []*InstanceNetworkInterfaceSpecification `locationName:"NetworkInterface" locationNameList:"item" type:"list"` // The placement information for the instance. @@ -154002,20 +167513,22 @@ type RequestSpotLaunchSpecification struct { // The ID of the RAM disk. RamdiskId *string `locationName:"ramdiskId" type:"string"` - // One or more security group IDs. + // The IDs of the security groups. SecurityGroupIds []*string `locationName:"SecurityGroupId" locationNameList:"item" type:"list"` - // One or more security groups. When requesting instances in a VPC, you must - // specify the IDs of the security groups. When requesting instances in EC2-Classic, - // you can specify the names or the IDs of the security groups. + // Not supported. SecurityGroups []*string `locationName:"SecurityGroup" locationNameList:"item" type:"list"` // The ID of the subnet in which to launch the instance. SubnetId *string `locationName:"subnetId" type:"string"` - // The Base64-encoded user data for the instance. User data is limited to 16 - // KB. - UserData *string `locationName:"userData" type:"string"` + // The base64-encoded user data that instances use when starting up. User data + // is limited to 16 KB. + // + // UserData is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by RequestSpotLaunchSpecification's + // String and GoString methods. + UserData *string `locationName:"userData" type:"string" sensitive:"true"` } // String returns the string representation. @@ -154153,7 +167666,7 @@ func (s *RequestSpotLaunchSpecification) SetUserData(v string) *RequestSpotLaunc type Reservation struct { _ struct{} `type:"structure"` - // [EC2-Classic only] The security groups. + // Not supported. Groups []*GroupIdentifier `locationName:"groupSet" locationNameList:"item" type:"list"` // The instances. @@ -154673,8 +168186,7 @@ type ReservedInstancesConfiguration struct { // The instance type for the modified Reserved Instances. InstanceType *string `locationName:"instanceType" type:"string" enum:"InstanceType"` - // The network platform of the modified Reserved Instances, which is either - // EC2-Classic or EC2-VPC. + // The network platform of the modified Reserved Instances. Platform *string `locationName:"platform" type:"string"` // Whether the Reserved Instance is applied to instances in a Region or instances @@ -155979,7 +169491,8 @@ type ResponseLaunchTemplateData struct { CreditSpecification *CreditSpecification `locationName:"creditSpecification" type:"structure"` // Indicates whether the instance is enabled for stop protection. For more information, - // see Stop Protection (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Stop_Start.html#Using_StopProtection). + // see Stop protection (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Stop_Start.html#Using_StopProtection) + // in the Amazon Elastic Compute Cloud User Guide. DisableApiStop *bool `locationName:"disableApiStop" type:"boolean"` // If set to true, indicates that the instance cannot be terminated using the @@ -155989,10 +169502,26 @@ type ResponseLaunchTemplateData struct { // Indicates whether the instance is optimized for Amazon EBS I/O. EbsOptimized *bool `locationName:"ebsOptimized" type:"boolean"` - // The elastic GPU specification. + // Deprecated. + // + // Amazon Elastic Graphics reached end of life on January 8, 2024. For workloads + // that require graphics acceleration, we recommend that you use Amazon EC2 + // G4ad, G4dn, or G5 instances. ElasticGpuSpecifications []*ElasticGpuSpecificationResponse `locationName:"elasticGpuSpecificationSet" locationNameList:"item" type:"list"` - // The elastic inference accelerator for the instance. + // An elastic inference accelerator to associate with the instance. Elastic + // inference accelerators are a resource you can attach to your Amazon EC2 instances + // to accelerate your Deep Learning (DL) inference workloads. + // + // You cannot specify accelerators from different generations in the same request. + // + // Starting April 15, 2023, Amazon Web Services will not onboard new customers + // to Amazon Elastic Inference (EI), and will help current customers migrate + // their workloads to options that offer better price and performance. After + // April 15, 2023, new customers will not be able to launch instances with Amazon + // EI accelerators in Amazon SageMaker, Amazon ECS, or Amazon EC2. However, + // customers who have used Amazon EI at least once during the past 30-day period + // are considered current customers and will be able to continue using the service. ElasticInferenceAccelerators []*LaunchTemplateElasticInferenceAcceleratorResponse `locationName:"elasticInferenceAcceleratorSet" locationNameList:"item" type:"list"` // Indicates whether the instance is enabled for Amazon Web Services Nitro Enclaves. @@ -156006,7 +169535,24 @@ type ResponseLaunchTemplateData struct { // The IAM instance profile. IamInstanceProfile *LaunchTemplateIamInstanceProfileSpecification `locationName:"iamInstanceProfile" type:"structure"` - // The ID of the AMI that was used to launch the instance. + // The ID of the AMI or a Systems Manager parameter. The Systems Manager parameter + // will resolve to the ID of the AMI at instance launch. + // + // The value depends on what you specified in the request. The possible values + // are: + // + // * If an AMI ID was specified in the request, then this is the AMI ID. + // + // * If a Systems Manager parameter was specified in the request, and ResolveAlias + // was configured as true, then this is the AMI ID that the parameter is + // mapped to in the Parameter Store. + // + // * If a Systems Manager parameter was specified in the request, and ResolveAlias + // was configured as false, then this is the parameter value. + // + // For more information, see Use a Systems Manager parameter instead of an AMI + // ID (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-launch-templates.html#use-an-ssm-parameter-instead-of-an-ami-id) + // in the Amazon Elastic Compute Cloud User Guide. ImageId *string `locationName:"imageId" type:"string"` // Indicates whether an instance stops or terminates when you initiate shutdown @@ -156068,7 +169614,11 @@ type ResponseLaunchTemplateData struct { TagSpecifications []*LaunchTemplateTagSpecification `locationName:"tagSpecificationSet" locationNameList:"item" type:"list"` // The user data for the instance. - UserData *string `locationName:"userData" type:"string"` + // + // UserData is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by ResponseLaunchTemplateData's + // String and GoString methods. + UserData *string `locationName:"userData" type:"string" sensitive:"true"` } // String returns the string representation. @@ -156647,8 +170197,8 @@ type RestoreSnapshotFromRecycleBinOutput struct { Encrypted *bool `locationName:"encrypted" type:"boolean"` // The ARN of the Outpost on which the snapshot is stored. For more information, - // see Amazon EBS local snapshots on Outposts (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/snapshots-outposts.html) - // in the Amazon Elastic Compute Cloud User Guide. + // see Amazon EBS local snapshots on Outposts (https://docs.aws.amazon.com/ebs/latest/userguide/snapshots-outposts.html) + // in the Amazon EBS User Guide. OutpostArn *string `locationName:"outpostArn" type:"string"` // The ID of the Amazon Web Services account that owns the EBS snapshot. @@ -156660,6 +170210,9 @@ type RestoreSnapshotFromRecycleBinOutput struct { // The ID of the snapshot. SnapshotId *string `locationName:"snapshotId" type:"string"` + // Reserved for future use. + SseType *string `locationName:"sseType" type:"string" enum:"SSEType"` + // The time stamp when the snapshot was initiated. StartTime *time.Time `locationName:"startTime" type:"timestamp"` @@ -156727,6 +170280,12 @@ func (s *RestoreSnapshotFromRecycleBinOutput) SetSnapshotId(v string) *RestoreSn return s } +// SetSseType sets the SseType field's value. +func (s *RestoreSnapshotFromRecycleBinOutput) SetSseType(v string) *RestoreSnapshotFromRecycleBinOutput { + s.SseType = &v + return s +} + // SetStartTime sets the StartTime field's value. func (s *RestoreSnapshotFromRecycleBinOutput) SetStartTime(v time.Time) *RestoreSnapshotFromRecycleBinOutput { s.StartTime = &v @@ -157204,19 +170763,16 @@ type RevokeSecurityGroupIngressInput struct { // it is UnauthorizedOperation. DryRun *bool `locationName:"dryRun" type:"boolean"` - // The start of port range for the TCP and UDP protocols, or an ICMP type number. - // For the ICMP type number, use -1 to specify all ICMP types. + // If the protocol is TCP or UDP, this is the start of the port range. If the + // protocol is ICMP, this is the ICMP type or -1 (all ICMP types). FromPort *int64 `type:"integer"` - // The ID of the security group. You must specify either the security group - // ID or the security group name in the request. For security groups in a nondefault - // VPC, you must specify the security group ID. + // The ID of the security group. GroupId *string `type:"string"` - // [EC2-Classic, default VPC] The name of the security group. You must specify - // either the security group ID or the security group name in the request. For - // security groups in a nondefault VPC, you must specify the security group - // ID. + // [Default VPC] The name of the security group. You must specify either the + // security group ID or the security group name in the request. For security + // groups in a nondefault VPC, you must specify the security group ID. GroupName *string `type:"string"` // The sets of IP permissions. You can't specify a source security group and @@ -157230,24 +170786,18 @@ type RevokeSecurityGroupIngressInput struct { // The IDs of the security group rules. SecurityGroupRuleIds []*string `locationName:"SecurityGroupRuleId" locationNameList:"item" type:"list"` - // [EC2-Classic, default VPC] The name of the source security group. You can't - // specify this parameter in combination with the following parameters: the - // CIDR IP address range, the start of the port range, the IP protocol, and - // the end of the port range. For EC2-VPC, the source security group must be - // in the same VPC. To revoke a specific rule for an IP protocol and port range, - // use a set of IP permissions instead. + // [Default VPC] The name of the source security group. You can't specify this + // parameter in combination with the following parameters: the CIDR IP address + // range, the start of the port range, the IP protocol, and the end of the port + // range. The source security group must be in the same VPC. To revoke a specific + // rule for an IP protocol and port range, use a set of IP permissions instead. SourceSecurityGroupName *string `type:"string"` - // [EC2-Classic] The Amazon Web Services account ID of the source security group, - // if the source security group is in a different account. You can't specify - // this parameter in combination with the following parameters: the CIDR IP - // address range, the IP protocol, the start of the port range, and the end - // of the port range. To revoke a specific rule for an IP protocol and port - // range, use a set of IP permissions instead. + // Not supported. SourceSecurityGroupOwnerId *string `type:"string"` - // The end of port range for the TCP and UDP protocols, or an ICMP code number. - // For the ICMP code number, use -1 to specify all ICMP codes for the ICMP type. + // If the protocol is TCP or UDP, this is the end of the port range. If the + // protocol is ICMP, this is the ICMP code or -1 (all ICMP codes). ToPort *int64 `type:"integer"` } @@ -157757,6 +171307,129 @@ func (s *RouteTableAssociationState) SetStatusMessage(v string) *RouteTableAssoc return s } +// Describes the rule options for a stateful rule group. +type RuleGroupRuleOptionsPair struct { + _ struct{} `type:"structure"` + + // The ARN of the rule group. + RuleGroupArn *string `locationName:"ruleGroupArn" min:"1" type:"string"` + + // The rule options. + RuleOptions []*RuleOption `locationName:"ruleOptionSet" locationNameList:"item" type:"list"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s RuleGroupRuleOptionsPair) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s RuleGroupRuleOptionsPair) GoString() string { + return s.String() +} + +// SetRuleGroupArn sets the RuleGroupArn field's value. +func (s *RuleGroupRuleOptionsPair) SetRuleGroupArn(v string) *RuleGroupRuleOptionsPair { + s.RuleGroupArn = &v + return s +} + +// SetRuleOptions sets the RuleOptions field's value. +func (s *RuleGroupRuleOptionsPair) SetRuleOptions(v []*RuleOption) *RuleGroupRuleOptionsPair { + s.RuleOptions = v + return s +} + +// Describes the type of a stateful rule group. +type RuleGroupTypePair struct { + _ struct{} `type:"structure"` + + // The ARN of the rule group. + RuleGroupArn *string `locationName:"ruleGroupArn" min:"1" type:"string"` + + // The rule group type. The possible values are Domain List and Suricata. + RuleGroupType *string `locationName:"ruleGroupType" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s RuleGroupTypePair) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s RuleGroupTypePair) GoString() string { + return s.String() +} + +// SetRuleGroupArn sets the RuleGroupArn field's value. +func (s *RuleGroupTypePair) SetRuleGroupArn(v string) *RuleGroupTypePair { + s.RuleGroupArn = &v + return s +} + +// SetRuleGroupType sets the RuleGroupType field's value. +func (s *RuleGroupTypePair) SetRuleGroupType(v string) *RuleGroupTypePair { + s.RuleGroupType = &v + return s +} + +// Describes additional settings for a stateful rule. +type RuleOption struct { + _ struct{} `type:"structure"` + + // The Suricata keyword. + Keyword *string `locationName:"keyword" type:"string"` + + // The settings for the keyword. + Settings []*string `locationName:"settingSet" locationNameList:"item" type:"list"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s RuleOption) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s RuleOption) GoString() string { + return s.String() +} + +// SetKeyword sets the Keyword field's value. +func (s *RuleOption) SetKeyword(v string) *RuleOption { + s.Keyword = &v + return s +} + +// SetSettings sets the Settings field's value. +func (s *RuleOption) SetSettings(v []*string) *RuleOption { + s.Settings = v + return s +} + type RunInstancesInput struct { _ struct{} `type:"structure"` @@ -157828,10 +171501,11 @@ type RunInstancesInput struct { // Default: false EbsOptimized *bool `locationName:"ebsOptimized" type:"boolean"` - // An elastic GPU to associate with the instance. An Elastic GPU is a GPU resource - // that you can attach to your Windows instance to accelerate the graphics performance - // of your applications. For more information, see Amazon EC2 Elastic GPUs (https://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/elastic-graphics.html) - // in the Amazon EC2 User Guide. + // Deprecated. + // + // Amazon Elastic Graphics reached end of life on January 8, 2024. For workloads + // that require graphics acceleration, we recommend that you use Amazon EC2 + // G4ad, G4dn, or G5 instances. ElasticGpuSpecification []*ElasticGpuSpecification `locationNameList:"item" type:"list"` // An elastic inference accelerator to associate with the instance. Elastic @@ -157839,8 +171513,31 @@ type RunInstancesInput struct { // to accelerate your Deep Learning (DL) inference workloads. // // You cannot specify accelerators from different generations in the same request. + // + // Starting April 15, 2023, Amazon Web Services will not onboard new customers + // to Amazon Elastic Inference (EI), and will help current customers migrate + // their workloads to options that offer better price and performance. After + // April 15, 2023, new customers will not be able to launch instances with Amazon + // EI accelerators in Amazon SageMaker, Amazon ECS, or Amazon EC2. However, + // customers who have used Amazon EI at least once during the past 30-day period + // are considered current customers and will be able to continue using the service. ElasticInferenceAccelerators []*ElasticInferenceAccelerator `locationName:"ElasticInferenceAccelerator" locationNameList:"item" type:"list"` + // If you’re launching an instance into a dual-stack or IPv6-only subnet, + // you can enable assigning a primary IPv6 address. A primary IPv6 address is + // an IPv6 GUA address associated with an ENI that you have enabled to use a + // primary IPv6 address. Use this option if an instance relies on its IPv6 address + // not changing. When you launch the instance, Amazon Web Services will automatically + // assign an IPv6 address associated with the ENI attached to your instance + // to be the primary IPv6 address. Once you enable an IPv6 GUA address to be + // a primary IPv6, you cannot disable it. When you enable an IPv6 GUA address + // to be a primary IPv6, the first IPv6 GUA will be made the primary IPv6 address + // until the instance is terminated or the network interface is detached. If + // you have multiple IPv6 addresses associated with an ENI attached to your + // instance and you enable a primary IPv6 address, the first IPv6 GUA address + // associated with the ENI becomes the primary IPv6 address. + EnablePrimaryIpv6 *bool `type:"boolean"` + // Indicates whether the instance is enabled for Amazon Web Services Nitro Enclaves. // For more information, see What is Amazon Web Services Nitro Enclaves? (https://docs.aws.amazon.com/enclaves/latest/user/nitro-enclave.html) // in the Amazon Web Services Nitro Enclaves User Guide. @@ -157849,8 +171546,9 @@ type RunInstancesInput struct { // same instance. EnclaveOptions *EnclaveOptionsRequest `type:"structure"` - // Indicates whether an instance is enabled for hibernation. For more information, - // see Hibernate your instance (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html) + // Indicates whether an instance is enabled for hibernation. This parameter + // is valid only if the instance meets the hibernation prerequisites (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/hibernating-prerequisites.html). + // For more information, see Hibernate your instance (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html) // in the Amazon EC2 User Guide. // // You can't enable hibernation and Amazon Web Services Nitro Enclaves on the @@ -157878,13 +171576,11 @@ type RunInstancesInput struct { // The instance type. For more information, see Instance types (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html) // in the Amazon EC2 User Guide. - // - // Default: m1.small InstanceType *string `type:"string" enum:"InstanceType"` - // [EC2-VPC] The number of IPv6 addresses to associate with the primary network - // interface. Amazon EC2 chooses the IPv6 addresses from the range of your subnet. - // You cannot specify this option and the option to assign specific IPv6 addresses + // The number of IPv6 addresses to associate with the primary network interface. + // Amazon EC2 chooses the IPv6 addresses from the range of your subnet. You + // cannot specify this option and the option to assign specific IPv6 addresses // in the same request. You can specify this option if you've specified a minimum // number of instances to launch. // @@ -157892,10 +171588,10 @@ type RunInstancesInput struct { // request. Ipv6AddressCount *int64 `type:"integer"` - // [EC2-VPC] The IPv6 addresses from the range of the subnet to associate with - // the primary network interface. You cannot specify this option and the option - // to assign a number of IPv6 addresses in the same request. You cannot specify - // this option if you've specified a minimum number of instances to launch. + // The IPv6 addresses from the range of the subnet to associate with the primary + // network interface. You cannot specify this option and the option to assign + // a number of IPv6 addresses in the same request. You cannot specify this option + // if you've specified a minimum number of instances to launch. // // You cannot specify this option and the network interfaces option in the same // request. @@ -157966,11 +171662,12 @@ type RunInstancesInput struct { Placement *Placement `type:"structure"` // The options for the instance hostname. The default values are inherited from - // the subnet. + // the subnet. Applies only if creating a network interface, not attaching an + // existing one. PrivateDnsNameOptions *PrivateDnsNameOptionsRequest `type:"structure"` - // [EC2-VPC] The primary IPv4 address. You must specify a value from the IPv4 - // address range of the subnet. + // The primary IPv4 address. You must specify a value from the IPv4 address + // range of the subnet. // // Only one private IP address can be designated as primary. You can't specify // this option if you've specified the option to designate a private IP address @@ -157998,8 +171695,7 @@ type RunInstancesInput struct { // as part of the network interface. SecurityGroupIds []*string `locationName:"SecurityGroupId" locationNameList:"SecurityGroupId" type:"list"` - // [EC2-Classic, default VPC] The names of the security groups. For a nondefault - // VPC, you must use security group IDs instead. + // [Default VPC] The names of the security groups. // // If you specify a network interface, you must specify any security groups // as part of the network interface. @@ -158007,7 +171703,7 @@ type RunInstancesInput struct { // Default: Amazon EC2 uses the default security group. SecurityGroups []*string `locationName:"SecurityGroup" locationNameList:"SecurityGroup" type:"list"` - // [EC2-VPC] The ID of the subnet to launch the instance into. + // The ID of the subnet to launch the instance into. // // If you specify a network interface, you must specify any subnets as part // of the network interface. @@ -158021,8 +171717,6 @@ type RunInstancesInput struct { // // * Volumes // - // * Elastic graphics - // // * Spot Instance requests // // * Network interfaces @@ -158179,6 +171873,12 @@ func (s *RunInstancesInput) SetElasticInferenceAccelerators(v []*ElasticInferenc return s } +// SetEnablePrimaryIpv6 sets the EnablePrimaryIpv6 field's value. +func (s *RunInstancesInput) SetEnablePrimaryIpv6(v bool) *RunInstancesInput { + s.EnablePrimaryIpv6 = &v + return s +} + // SetEnclaveOptions sets the EnclaveOptions field's value. func (s *RunInstancesInput) SetEnclaveOptions(v *EnclaveOptionsRequest) *RunInstancesInput { s.EnclaveOptions = v @@ -158417,8 +172117,12 @@ type RunScheduledInstancesInput struct { // The launch specification. You must match the instance type, Availability // Zone, network, and platform of the schedule that you purchased. // + // LaunchSpecification is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by RunScheduledInstancesInput's + // String and GoString methods. + // // LaunchSpecification is a required field - LaunchSpecification *ScheduledInstancesLaunchSpecification `type:"structure" required:"true"` + LaunchSpecification *ScheduledInstancesLaunchSpecification `type:"structure" required:"true" sensitive:"true"` // The Scheduled Instance ID. // @@ -158582,8 +172286,9 @@ type S3Storage struct { _ struct{} `type:"structure"` // The access key ID of the owner of the bucket. Before you specify a value - // for your access key ID, review and follow the guidance in Best practices - // for managing Amazon Web Services access keys (https://docs.aws.amazon.com/general/latest/gr/aws-access-keys-best-practices.html). + // for your access key ID, review and follow the guidance in Best Practices + // for Amazon Web Services accounts (https://docs.aws.amazon.com/accounts/latest/reference/best-practices.html) + // in the Account ManagementReference Guide. AWSAccessKeyId *string `type:"string"` // The bucket in which to store the AMI. You can specify a bucket that you already @@ -158600,7 +172305,11 @@ type S3Storage struct { UploadPolicy []byte `locationName:"uploadPolicy" type:"blob"` // The signature of the JSON document. - UploadPolicySignature *string `locationName:"uploadPolicySignature" type:"string"` + // + // UploadPolicySignature is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by S3Storage's + // String and GoString methods. + UploadPolicySignature *string `locationName:"uploadPolicySignature" type:"string" sensitive:"true"` } // String returns the string representation. @@ -158670,7 +172379,7 @@ type ScheduledInstance struct { // The instance type. InstanceType *string `locationName:"instanceType" type:"string"` - // The network platform (EC2-Classic or EC2-VPC). + // The network platform. NetworkPlatform *string `locationName:"networkPlatform" type:"string"` // The time for the next schedule to start. @@ -158835,7 +172544,7 @@ type ScheduledInstanceAvailability struct { // The minimum term. The only possible value is 365 days. MinTermDurationInDays *int64 `locationName:"minTermDurationInDays" type:"integer"` - // The network platform (EC2-Classic or EC2-VPC). + // The network platform. NetworkPlatform *string `locationName:"networkPlatform" type:"string"` // The platform (Linux/UNIX or Windows). @@ -159177,16 +172886,8 @@ type ScheduledInstancesEbs struct { // only to instances that support them. Encrypted *bool `type:"boolean"` - // The number of I/O operations per second (IOPS) to provision for an io1 or - // io2 volume, with a maximum ratio of 50 IOPS/GiB for io1, and 500 IOPS/GiB - // for io2. Range is 100 to 64,000 IOPS for volumes in most Regions. Maximum - // IOPS of 64,000 is guaranteed only on instances built on the Nitro System - // (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html#ec2-nitro-instances). - // Other instance families guarantee performance up to 32,000 IOPS. For more - // information, see Amazon EBS volume types (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html) - // in the Amazon EC2 User Guide. - // - // This parameter is valid only for Provisioned IOPS SSD (io1 and io2) volumes. + // The number of I/O operations per second (IOPS) to provision for a gp3, io1, + // or io2 volume. Iops *int64 `type:"integer"` // The ID of the snapshot. @@ -159198,9 +172899,7 @@ type ScheduledInstancesEbs struct { // a volume size, the default is the snapshot size. VolumeSize *int64 `type:"integer"` - // The volume type. gp2 for General Purpose SSD, io1 or io2 for Provisioned - // IOPS SSD, Throughput Optimized HDD for st1, Cold HDD for sc1, or standard - // for Magnetic. + // The volume type. // // Default: gp2 VolumeType *string `type:"string"` @@ -159339,7 +173038,7 @@ func (s *ScheduledInstancesIpv6Address) SetIpv6Address(v string) *ScheduledInsta // the ID of the subnet. You can specify the subnet using either SubnetId or // NetworkInterface. type ScheduledInstancesLaunchSpecification struct { - _ struct{} `type:"structure"` + _ struct{} `type:"structure" sensitive:"true"` // The block device mapping entries. BlockDeviceMappings []*ScheduledInstancesBlockDeviceMapping `locationName:"BlockDeviceMapping" locationNameList:"BlockDeviceMapping" type:"list"` @@ -159548,6 +173247,11 @@ type ScheduledInstancesNetworkInterface struct { // for eth0, and can only be assigned to a new network interface, not an existing // one. You cannot specify more than one network interface in the request. If // launching into a default subnet, the default value is true. + // + // Amazon Web Services charges for all public IPv4 addresses, including public + // IPv4 addresses associated with running instances and Elastic IP addresses. + // For more information, see the Public IPv4 Address tab on the Amazon VPC pricing + // page (http://aws.amazon.com/vpc/pricing/). AssociatePublicIpAddress *bool `type:"boolean"` // Indicates whether to delete the interface when the instance is terminated. @@ -159769,6 +173473,8 @@ type SearchLocalGatewayRoutesInput struct { // One or more filters. // + // * prefix-list-id - The ID of the prefix list. + // // * route-search.exact-match - The exact match of the specified filter. // // * route-search.longest-prefix-match - The longest prefix that matches @@ -159943,7 +173649,9 @@ type SearchTransitGatewayMulticastGroupsInput struct { NextToken *string `type:"string"` // The ID of the transit gateway multicast domain. - TransitGatewayMulticastDomainId *string `type:"string"` + // + // TransitGatewayMulticastDomainId is a required field + TransitGatewayMulticastDomainId *string `type:"string" required:"true"` } // String returns the string representation. @@ -159970,6 +173678,9 @@ func (s *SearchTransitGatewayMulticastGroupsInput) Validate() error { if s.MaxResults != nil && *s.MaxResults < 5 { invalidParams.Add(request.NewErrParamMinValue("MaxResults", 5)) } + if s.TransitGatewayMulticastDomainId == nil { + invalidParams.Add(request.NewErrParamRequired("TransitGatewayMulticastDomainId")) + } if invalidParams.Len() > 0 { return invalidParams @@ -160215,7 +173926,7 @@ type SecurityGroup struct { // The inbound rules associated with the security group. IpPermissions []*IpPermission `locationName:"ipPermissions" locationNameList:"item" type:"list"` - // [VPC only] The outbound rules associated with the security group. + // The outbound rules associated with the security group. IpPermissionsEgress []*IpPermission `locationName:"ipPermissionsEgress" locationNameList:"item" type:"list"` // The Amazon Web Services account ID of the owner of the security group. @@ -160224,7 +173935,7 @@ type SecurityGroup struct { // Any tags assigned to the security group. Tags []*Tag `locationName:"tagSet" locationNameList:"item" type:"list"` - // [VPC only] The ID of the VPC for the security group. + // The ID of the VPC for the security group. VpcId *string `locationName:"vpcId" type:"string"` } @@ -160294,6 +174005,83 @@ func (s *SecurityGroup) SetVpcId(v string) *SecurityGroup { return s } +// A security group that can be used by interfaces in the VPC. +type SecurityGroupForVpc struct { + _ struct{} `type:"structure"` + + // The security group's description. + Description *string `locationName:"description" type:"string"` + + // The security group ID. + GroupId *string `locationName:"groupId" type:"string"` + + // The security group name. + GroupName *string `locationName:"groupName" type:"string"` + + // The security group owner ID. + OwnerId *string `locationName:"ownerId" type:"string"` + + // The VPC ID in which the security group was created. + PrimaryVpcId *string `locationName:"primaryVpcId" type:"string"` + + // The security group tags. + Tags []*Tag `locationName:"tagSet" locationNameList:"item" type:"list"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s SecurityGroupForVpc) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s SecurityGroupForVpc) GoString() string { + return s.String() +} + +// SetDescription sets the Description field's value. +func (s *SecurityGroupForVpc) SetDescription(v string) *SecurityGroupForVpc { + s.Description = &v + return s +} + +// SetGroupId sets the GroupId field's value. +func (s *SecurityGroupForVpc) SetGroupId(v string) *SecurityGroupForVpc { + s.GroupId = &v + return s +} + +// SetGroupName sets the GroupName field's value. +func (s *SecurityGroupForVpc) SetGroupName(v string) *SecurityGroupForVpc { + s.GroupName = &v + return s +} + +// SetOwnerId sets the OwnerId field's value. +func (s *SecurityGroupForVpc) SetOwnerId(v string) *SecurityGroupForVpc { + s.OwnerId = &v + return s +} + +// SetPrimaryVpcId sets the PrimaryVpcId field's value. +func (s *SecurityGroupForVpc) SetPrimaryVpcId(v string) *SecurityGroupForVpc { + s.PrimaryVpcId = &v + return s +} + +// SetTags sets the Tags field's value. +func (s *SecurityGroupForVpc) SetTags(v []*Tag) *SecurityGroupForVpc { + s.Tags = v + return s +} + // Describes a security group. type SecurityGroupIdentifier struct { _ struct{} `type:"structure"` @@ -160345,7 +174133,16 @@ type SecurityGroupReference struct { // The ID of the VPC with the referencing security group. ReferencingVpcId *string `locationName:"referencingVpcId" type:"string"` - // The ID of the VPC peering connection. + // + // This parameter is in preview and may not be available for your account. + // + // The ID of the transit gateway (if applicable). + TransitGatewayId *string `locationName:"transitGatewayId" type:"string"` + + // The ID of the VPC peering connection (if applicable). For more information + // about security group referencing for peering connections, see Update your + // security groups to reference peer security groups (https://docs.aws.amazon.com/vpc/latest/peering/vpc-peering-security-groups.html) + // in the VPC Peering Guide. VpcPeeringConnectionId *string `locationName:"vpcPeeringConnectionId" type:"string"` } @@ -160379,6 +174176,12 @@ func (s *SecurityGroupReference) SetReferencingVpcId(v string) *SecurityGroupRef return s } +// SetTransitGatewayId sets the TransitGatewayId field's value. +func (s *SecurityGroupReference) SetTransitGatewayId(v string) *SecurityGroupReference { + s.TransitGatewayId = &v + return s +} + // SetVpcPeeringConnectionId sets the VpcPeeringConnectionId field's value. func (s *SecurityGroupReference) SetVpcPeeringConnectionId(v string) *SecurityGroupReference { s.VpcPeeringConnectionId = &v @@ -160398,9 +174201,8 @@ type SecurityGroupRule struct { // The security group rule description. Description *string `locationName:"description" type:"string"` - // The start of port range for the TCP and UDP protocols, or an ICMP/ICMPv6 - // type. A value of -1 indicates all ICMP/ICMPv6 types. If you specify all ICMP/ICMPv6 - // types, you must specify all codes. + // If the protocol is TCP or UDP, this is the start of the port range. If the + // protocol is ICMP or ICMPv6, this is the ICMP type or -1 (all ICMP types). FromPort *int64 `locationName:"fromPort" type:"integer"` // The ID of the security group. @@ -160430,9 +174232,10 @@ type SecurityGroupRule struct { // The tags applied to the security group rule. Tags []*Tag `locationName:"tagSet" locationNameList:"item" type:"list"` - // The end of port range for the TCP and UDP protocols, or an ICMP/ICMPv6 code. - // A value of -1 indicates all ICMP/ICMPv6 codes. If you specify all ICMP/ICMPv6 - // types, you must specify all codes. + // If the protocol is TCP or UDP, this is the end of the port range. If the + // protocol is ICMP or ICMPv6, this is the ICMP code or -1 (all ICMP codes). + // If the start port is -1 (all ICMP types), then the end port must be -1 (all + // ICMP codes). ToPort *int64 `locationName:"toPort" type:"integer"` } @@ -160606,9 +174409,8 @@ type SecurityGroupRuleRequest struct { // The description of the security group rule. Description *string `type:"string"` - // The start of port range for the TCP and UDP protocols, or an ICMP/ICMPv6 - // type. A value of -1 indicates all ICMP/ICMPv6 types. If you specify all ICMP/ICMPv6 - // types, you must specify all codes. + // If the protocol is TCP or UDP, this is the start of the port range. If the + // protocol is ICMP or ICMPv6, this is the ICMP type or -1 (all ICMP types). FromPort *int64 `type:"integer"` // The IP protocol name (tcp, udp, icmp, icmpv6) or number (see Protocol Numbers @@ -160623,9 +174425,10 @@ type SecurityGroupRuleRequest struct { // The ID of the security group that is referenced in the security group rule. ReferencedGroupId *string `type:"string"` - // The end of port range for the TCP and UDP protocols, or an ICMP/ICMPv6 code. - // A value of -1 indicates all ICMP/ICMPv6 codes. If you specify all ICMP/ICMPv6 - // types, you must specify all codes. + // If the protocol is TCP or UDP, this is the end of the port range. If the + // protocol is ICMP or ICMPv6, this is the ICMP code or -1 (all ICMP codes). + // If the start port is -1 (all ICMP types), then the end port must be -1 (all + // ICMP codes). ToPort *int64 `type:"integer"` } @@ -160703,7 +174506,9 @@ type SecurityGroupRuleUpdate struct { SecurityGroupRule *SecurityGroupRuleRequest `type:"structure"` // The ID of the security group rule. - SecurityGroupRuleId *string `type:"string"` + // + // SecurityGroupRuleId is a required field + SecurityGroupRuleId *string `type:"string" required:"true"` } // String returns the string representation. @@ -160724,6 +174529,19 @@ func (s SecurityGroupRuleUpdate) GoString() string { return s.String() } +// Validate inspects the fields of the type to determine if they are valid. +func (s *SecurityGroupRuleUpdate) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "SecurityGroupRuleUpdate"} + if s.SecurityGroupRuleId == nil { + invalidParams.Add(request.NewErrParamRequired("SecurityGroupRuleId")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + // SetSecurityGroupRule sets the SecurityGroupRule field's value. func (s *SecurityGroupRuleUpdate) SetSecurityGroupRule(v *SecurityGroupRuleRequest) *SecurityGroupRuleUpdate { s.SecurityGroupRule = v @@ -160864,7 +174682,7 @@ type ServiceConfiguration struct { // The supported IP address types. SupportedIpAddressTypes []*string `locationName:"supportedIpAddressTypeSet" locationNameList:"item" type:"list" enum:"ServiceConnectivityType"` - // Any tags assigned to the service. + // The tags assigned to the service. Tags []*Tag `locationName:"tagSet" locationNameList:"item" type:"list"` } @@ -161024,7 +174842,7 @@ type ServiceDetail struct { // The supported IP address types. SupportedIpAddressTypes []*string `locationName:"supportedIpAddressTypeSet" locationNameList:"item" type:"list" enum:"ServiceConnectivityType"` - // Any tags assigned to the service. + // The tags assigned to the service. Tags []*Tag `locationName:"tagSet" locationNameList:"item" type:"list"` // Indicates whether the service supports endpoint policies. @@ -161299,8 +175117,8 @@ type Snapshot struct { KmsKeyId *string `locationName:"kmsKeyId" type:"string"` // The ARN of the Outpost on which the snapshot is stored. For more information, - // see Amazon EBS local snapshots on Outposts (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/snapshots-outposts.html) - // in the Amazon Elastic Compute Cloud User Guide. + // see Amazon EBS local snapshots on Outposts (https://docs.aws.amazon.com/ebs/latest/userguide/snapshots-outposts.html) + // in the Amazon EBS User Guide. OutpostArn *string `locationName:"outpostArn" type:"string"` // The Amazon Web Services owner alias, from an Amazon-maintained list (amazon). @@ -161323,6 +175141,9 @@ type Snapshot struct { // is created. SnapshotId *string `locationName:"snapshotId" type:"string"` + // Reserved for future use. + SseType *string `locationName:"sseType" type:"string" enum:"SSEType"` + // The time stamp when the snapshot was initiated. StartTime *time.Time `locationName:"startTime" type:"timestamp"` @@ -161432,6 +175253,12 @@ func (s *Snapshot) SetSnapshotId(v string) *Snapshot { return s } +// SetSseType sets the SseType field's value. +func (s *Snapshot) SetSseType(v string) *Snapshot { + s.SseType = &v + return s +} + // SetStartTime sets the StartTime field's value. func (s *Snapshot) SetStartTime(v time.Time) *Snapshot { s.StartTime = &v @@ -161503,7 +175330,11 @@ type SnapshotDetail struct { StatusMessage *string `locationName:"statusMessage" type:"string"` // The URL used to access the disk image. - Url *string `locationName:"url" type:"string"` + // + // Url is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by SnapshotDetail's + // String and GoString methods. + Url *string `locationName:"url" type:"string" sensitive:"true"` // The Amazon S3 bucket for the disk image. UserBucket *UserBucketDetails `locationName:"userBucket" type:"structure"` @@ -161601,7 +175432,11 @@ type SnapshotDiskContainer struct { // The URL to the Amazon S3-based disk image being imported. It can either be // a https URL (https://..) or an Amazon S3 URL (s3://..). - Url *string `type:"string"` + // + // Url is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by SnapshotDiskContainer's + // String and GoString methods. + Url *string `type:"string" sensitive:"true"` // The Amazon S3 bucket for the disk image. UserBucket *UserBucket `type:"structure"` @@ -161661,8 +175496,8 @@ type SnapshotInfo struct { Encrypted *bool `locationName:"encrypted" type:"boolean"` // The ARN of the Outpost on which the snapshot is stored. For more information, - // see Amazon EBS local snapshots on Outposts (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/snapshots-outposts.html) - // in the Amazon Elastic Compute Cloud User Guide. + // see Amazon EBS local snapshots on Outposts (https://docs.aws.amazon.com/ebs/latest/userguide/snapshots-outposts.html) + // in the Amazon EBS User Guide. OutpostArn *string `locationName:"outpostArn" type:"string"` // Account id used when creating this snapshot. @@ -161674,6 +175509,9 @@ type SnapshotInfo struct { // Snapshot id that can be used to describe this snapshot. SnapshotId *string `locationName:"snapshotId" type:"string"` + // Reserved for future use. + SseType *string `locationName:"sseType" type:"string" enum:"SSEType"` + // Time this snapshot was started. This is the same for all snapshots initiated // by the same request. StartTime *time.Time `locationName:"startTime" type:"timestamp"` @@ -161745,6 +175583,12 @@ func (s *SnapshotInfo) SetSnapshotId(v string) *SnapshotInfo { return s } +// SetSseType sets the SseType field's value. +func (s *SnapshotInfo) SetSseType(v string) *SnapshotInfo { + s.SseType = &v + return s +} + // SetStartTime sets the StartTime field's value. func (s *SnapshotInfo) SetStartTime(v time.Time) *SnapshotInfo { s.StartTime = &v @@ -161876,7 +175720,11 @@ type SnapshotTaskDetail struct { StatusMessage *string `locationName:"statusMessage" type:"string"` // The URL of the disk image from which the snapshot is created. - Url *string `locationName:"url" type:"string"` + // + // Url is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by SnapshotTaskDetail's + // String and GoString methods. + Url *string `locationName:"url" type:"string" sensitive:"true"` // The Amazon S3 bucket for the disk image. UserBucket *UserBucketDetails `locationName:"userBucket" type:"structure"` @@ -162298,9 +176146,7 @@ type SpotFleetLaunchSpecification struct { // Resource Center and search for the kernel ID. RamdiskId *string `locationName:"ramdiskId" type:"string"` - // One or more security groups. When requesting instances in a VPC, you must - // specify the IDs of the security groups. When requesting instances in EC2-Classic, - // you can specify the names or the IDs of the security groups. + // The security groups. SecurityGroups []*GroupIdentifier `locationName:"groupSet" locationNameList:"item" type:"list"` // The maximum price per unit hour that you are willing to pay for a Spot Instance. @@ -162320,8 +176166,13 @@ type SpotFleetLaunchSpecification struct { // The tags to apply during creation. TagSpecifications []*SpotFleetTagSpecification `locationName:"tagSpecificationSet" locationNameList:"item" type:"list"` - // The Base64-encoded user data that instances use when starting up. - UserData *string `locationName:"userData" type:"string"` + // The base64-encoded user data that instances use when starting up. User data + // is limited to 16 KB. + // + // UserData is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by SpotFleetLaunchSpecification's + // String and GoString methods. + UserData *string `locationName:"userData" type:"string" sensitive:"true"` // The number of units provided by the specified instance type. These are the // same units that you chose to set the target capacity in terms of instances, @@ -162639,9 +176490,11 @@ type SpotFleetRequestConfigData struct { // Reserved. Context *string `locationName:"context" type:"string"` - // Indicates whether running Spot Instances should be terminated if you decrease + // Indicates whether running instances should be terminated if you decrease // the target capacity of the Spot Fleet request below the current size of the // Spot Fleet. + // + // Supported only for fleets of type maintain. ExcessCapacityTerminationPolicy *string `locationName:"excessCapacityTerminationPolicy" type:"string" enum:"ExcessCapacityTerminationPolicy"` // The number of units fulfilled by this request compared to the set target @@ -162681,6 +176534,10 @@ type SpotFleetRequestConfigData struct { // The launch specifications for the Spot Fleet request. If you specify LaunchSpecifications, // you can't specify LaunchTemplateConfigs. If you include On-Demand capacity // in your request, you must use LaunchTemplateConfigs. + // + // If an AMI specified in a launch specification is deregistered or disabled, + // no new instances can be launched from the AMI. For fleets of type maintain, + // the target capacity will not be maintained. LaunchSpecifications []*SpotFleetLaunchSpecification `locationName:"launchSpecifications" locationNameList:"item" type:"list"` // The launch template and overrides. If you specify LaunchTemplateConfigs, @@ -162717,6 +176574,14 @@ type SpotFleetRequestConfigData struct { // it reaches the maximum amount you're willing to pay. When the maximum amount // you're willing to pay is reached, the fleet stops launching instances even // if it hasn’t met the target capacity. + // + // If your fleet includes T instances that are configured as unlimited, and + // if their average CPU usage exceeds the baseline utilization, you will incur + // a charge for surplus credits. The onDemandMaxTotalPrice does not account + // for surplus credits, and, if you use surplus credits, your final cost might + // be higher than what you specified for onDemandMaxTotalPrice. For more information, + // see Surplus credits can incur charges (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances-unlimited-mode-concepts.html#unlimited-mode-surplus-credits) + // in the EC2 User Guide. OnDemandMaxTotalPrice *string `locationName:"onDemandMaxTotalPrice" type:"string"` // The number of On-Demand units to request. You can choose to set the target @@ -162734,13 +176599,21 @@ type SpotFleetRequestConfigData struct { SpotMaintenanceStrategies *SpotMaintenanceStrategies `locationName:"spotMaintenanceStrategies" type:"structure"` // The maximum amount per hour for Spot Instances that you're willing to pay. - // You can use the spotdMaxTotalPrice parameter, the onDemandMaxTotalPrice parameter, + // You can use the spotMaxTotalPrice parameter, the onDemandMaxTotalPrice parameter, // or both parameters to ensure that your fleet cost does not exceed your budget. // If you set a maximum price per hour for the On-Demand Instances and Spot // Instances in your request, Spot Fleet will launch instances until it reaches // the maximum amount you're willing to pay. When the maximum amount you're // willing to pay is reached, the fleet stops launching instances even if it // hasn’t met the target capacity. + // + // If your fleet includes T instances that are configured as unlimited, and + // if their average CPU usage exceeds the baseline utilization, you will incur + // a charge for surplus credits. The spotMaxTotalPrice does not account for + // surplus credits, and, if you use surplus credits, your final cost might be + // higher than what you specified for spotMaxTotalPrice. For more information, + // see Surplus credits can incur charges (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances-unlimited-mode-concepts.html#unlimited-mode-surplus-credits) + // in the EC2 User Guide. SpotMaxTotalPrice *string `locationName:"spotMaxTotalPrice" type:"string"` // The maximum price per unit hour that you are willing to pay for a Spot Instance. @@ -162759,7 +176632,7 @@ type SpotFleetRequestConfigData struct { // (valid only if you use LaunchTemplateConfigs) or in the SpotFleetTagSpecification // (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_SpotFleetTagSpecification.html) // (valid only if you use LaunchSpecifications). For information about tagging - // after launch, see Tagging Your Resources (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html#tag-resources). + // after launch, see Tag your resources (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html#tag-resources). TagSpecifications []*TagSpecification `locationName:"TagSpecification" locationNameList:"item" type:"list"` // The number of units to request for the Spot Fleet. You can choose to set @@ -162771,9 +176644,10 @@ type SpotFleetRequestConfigData struct { // TargetCapacity is a required field TargetCapacity *int64 `locationName:"targetCapacity" type:"integer" required:"true"` - // The unit for the target capacity. + // The unit for the target capacity. You can specify this parameter only when + // using attribute-based instance type selection. // - // Default: units (translates to number of instances) + // Default: units (the number of instances) TargetCapacityUnitType *string `locationName:"targetCapacityUnitType" type:"string" enum:"TargetCapacityUnitType"` // Indicates whether running Spot Instances are terminated when the Spot Fleet @@ -163404,7 +177278,18 @@ type SpotMarketOptions struct { // Deprecated. BlockDurationMinutes *int64 `type:"integer"` - // The behavior when a Spot Instance is interrupted. The default is terminate. + // The behavior when a Spot Instance is interrupted. + // + // If Configured (for HibernationOptions (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_HibernationOptionsRequest.html)) + // is set to true, the InstanceInterruptionBehavior parameter is automatically + // set to hibernate. If you set it to stop or terminate, you'll get an error. + // + // If Configured (for HibernationOptions (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_HibernationOptionsRequest.html)) + // is set to false or null, the InstanceInterruptionBehavior parameter is automatically + // set to terminate. You can also set it to stop or hibernate. + // + // For more information, see Interruption behavior (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/interruption-behavior.html) + // in the Amazon EC2 User Guide. InstanceInterruptionBehavior *string `type:"string" enum:"InstanceInterruptionBehavior"` // The maximum hourly price that you're willing to pay for a Spot Instance. @@ -163563,6 +177448,14 @@ type SpotOptions struct { // // If you specify a maximum price, your Spot Instances will be interrupted more // frequently than if you do not specify this parameter. + // + // If your fleet includes T instances that are configured as unlimited, and + // if their average CPU usage exceeds the baseline utilization, you will incur + // a charge for surplus credits. The maxTotalPrice does not account for surplus + // credits, and, if you use surplus credits, your final cost might be higher + // than what you specified for maxTotalPrice. For more information, see Surplus + // credits can incur charges (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances-unlimited-mode-concepts.html#unlimited-mode-surplus-credits) + // in the EC2 User Guide. MaxTotalPrice *string `locationName:"maxTotalPrice" type:"string"` // The minimum target capacity for Spot Instances in the fleet. If the minimum @@ -163735,6 +177628,14 @@ type SpotOptionsRequest struct { // // If you specify a maximum price, your Spot Instances will be interrupted more // frequently than if you do not specify this parameter. + // + // If your fleet includes T instances that are configured as unlimited, and + // if their average CPU usage exceeds the baseline utilization, you will incur + // a charge for surplus credits. The MaxTotalPrice does not account for surplus + // credits, and, if you use surplus credits, your final cost might be higher + // than what you specified for MaxTotalPrice. For more information, see Surplus + // credits can incur charges (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances-unlimited-mode-concepts.html#unlimited-mode-surplus-credits) + // in the EC2 User Guide. MaxTotalPrice *string `type:"string"` // The minimum target capacity for Spot Instances in the fleet. If the minimum @@ -164019,11 +177920,11 @@ func (s *SpotPrice) SetTimestamp(v time.Time) *SpotPrice { type StaleIpPermission struct { _ struct{} `type:"structure"` - // The start of the port range for the TCP and UDP protocols, or an ICMP type - // number. A value of -1 indicates all ICMP types. + // If the protocol is TCP or UDP, this is the start of the port range. If the + // protocol is ICMP or ICMPv6, this is the ICMP type or -1 (all ICMP types). FromPort *int64 `locationName:"fromPort" type:"integer"` - // The IP protocol name (for tcp, udp, and icmp) or number (see Protocol Numbers) + // The IP protocol name (tcp, udp, icmp, icmpv6) or number (see Protocol Numbers) // (http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml). IpProtocol *string `locationName:"ipProtocol" type:"string"` @@ -164033,8 +177934,8 @@ type StaleIpPermission struct { // The prefix list IDs. Not applicable for stale security group rules. PrefixListIds []*string `locationName:"prefixListIds" locationNameList:"item" type:"list"` - // The end of the port range for the TCP and UDP protocols, or an ICMP type - // number. A value of -1 indicates all ICMP types. + // If the protocol is TCP or UDP, this is the end of the port range. If the + // protocol is ICMP or ICMPv6, this is the ICMP code or -1 (all ICMP codes). ToPort *int64 `locationName:"toPort" type:"integer"` // The security group pairs. Returns the ID of the referenced security group @@ -164621,8 +178522,8 @@ type StateReason struct { // the Spot price exceeded available capacity or because of an increase in // the Spot price. // - // * Client.InstanceInitiatedShutdown: The instance was shut down using the - // shutdown -h command from the instance. + // * Client.InstanceInitiatedShutdown: The instance was shut down from the + // operating system of the instance. // // * Client.InstanceTerminated: The instance was terminated or rebooted during // AMI creation. @@ -164999,6 +178900,11 @@ type Subnet struct { // Indicates whether instances launched in this subnet receive a public IPv4 // address. + // + // Amazon Web Services charges for all public IPv4 addresses, including public + // IPv4 addresses associated with running instances and Elastic IP addresses. + // For more information, see the Public IPv4 Address tab on the Amazon VPC pricing + // page (http://aws.amazon.com/vpc/pricing/). MapPublicIpOnLaunch *bool `locationName:"mapPublicIpOnLaunch" type:"boolean"` // The Amazon Resource Name (ARN) of the Outpost. @@ -165339,6 +179245,68 @@ func (s *SubnetCidrReservation) SetTags(v []*Tag) *SubnetCidrReservation { return s } +// Describes the configuration of a subnet for a VPC endpoint. +type SubnetConfiguration struct { + _ struct{} `type:"structure"` + + // The IPv4 address to assign to the endpoint network interface in the subnet. + // You must provide an IPv4 address if the VPC endpoint supports IPv4. + // + // If you specify an IPv4 address when modifying a VPC endpoint, we replace + // the existing endpoint network interface with a new endpoint network interface + // with this IP address. This process temporarily disconnects the subnet and + // the VPC endpoint. + Ipv4 *string `type:"string"` + + // The IPv6 address to assign to the endpoint network interface in the subnet. + // You must provide an IPv6 address if the VPC endpoint supports IPv6. + // + // If you specify an IPv6 address when modifying a VPC endpoint, we replace + // the existing endpoint network interface with a new endpoint network interface + // with this IP address. This process temporarily disconnects the subnet and + // the VPC endpoint. + Ipv6 *string `type:"string"` + + // The ID of the subnet. + SubnetId *string `type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s SubnetConfiguration) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s SubnetConfiguration) GoString() string { + return s.String() +} + +// SetIpv4 sets the Ipv4 field's value. +func (s *SubnetConfiguration) SetIpv4(v string) *SubnetConfiguration { + s.Ipv4 = &v + return s +} + +// SetIpv6 sets the Ipv6 field's value. +func (s *SubnetConfiguration) SetIpv6(v string) *SubnetConfiguration { + s.Ipv6 = &v + return s +} + +// SetSubnetId sets the SubnetId field's value. +func (s *SubnetConfiguration) SetSubnetId(v string) *SubnetConfiguration { + s.SubnetId = &v + return s +} + // Describes an association between a subnet and an IPv6 CIDR block. type SubnetIpv6CidrBlockAssociation struct { _ struct{} `type:"structure"` @@ -165630,7 +179598,9 @@ func (s *TagDescription) SetValue(v string) *TagDescription { return s } -// The tags to apply to a resource when the resource is being created. +// The tags to apply to a resource when the resource is being created. When +// you specify a tag, you must specify the resource type to tag, otherwise the +// request will fail. // // The Valid Values lists all the resource types that can be tagged. However, // the action you're using might not support tagging all of these resource types. @@ -165694,7 +179664,7 @@ func (s *TagSpecification) SetTags(v []*Tag) *TagSpecification { type TargetCapacitySpecification struct { _ struct{} `type:"structure"` - // The default TotalTargetCapacity, which is either Spot or On-Demand. + // The default target capacity type. DefaultTargetCapacityType *string `locationName:"defaultTargetCapacityType" type:"string" enum:"DefaultTargetCapacityType"` // The number of On-Demand units to request. If you specify a target capacity @@ -165706,11 +179676,9 @@ type TargetCapacitySpecification struct { SpotTargetCapacity *int64 `locationName:"spotTargetCapacity" type:"integer"` // The unit for the target capacity. - // - // Default: units (translates to number of instances) TargetCapacityUnitType *string `locationName:"targetCapacityUnitType" type:"string" enum:"TargetCapacityUnitType"` - // The number of units to request, filled using DefaultTargetCapacityType. + // The number of units to request, filled the default target capacity type. TotalTargetCapacity *int64 `locationName:"totalTargetCapacity" type:"integer"` } @@ -165774,13 +179742,13 @@ func (s *TargetCapacitySpecification) SetTotalTargetCapacity(v int64) *TargetCap // On-Demand Instances and Spot Instances in your request, EC2 Fleet will launch // instances until it reaches the maximum amount that you're willing to pay. // When the maximum amount you're willing to pay is reached, the fleet stops -// launching instances even if it hasn’t met the target capacity. The MaxTotalPrice +// launching instances even if it hasn't met the target capacity. The MaxTotalPrice // parameters are located in OnDemandOptionsRequest (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_OnDemandOptionsRequest) // and SpotOptionsRequest (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_SpotOptionsRequest). type TargetCapacitySpecificationRequest struct { _ struct{} `type:"structure"` - // The default TotalTargetCapacity, which is either Spot or On-Demand. + // The default target capacity type. DefaultTargetCapacityType *string `type:"string" enum:"DefaultTargetCapacityType"` // The number of On-Demand units to request. @@ -165789,12 +179757,14 @@ type TargetCapacitySpecificationRequest struct { // The number of Spot units to request. SpotTargetCapacity *int64 `type:"integer"` - // The unit for the target capacity. + // The unit for the target capacity. You can specify this parameter only when + // using attributed-based instance type selection. // - // Default: units (translates to number of instances) + // Default: units (the number of instances) TargetCapacityUnitType *string `type:"string" enum:"TargetCapacityUnitType"` - // The number of units to request, filled using DefaultTargetCapacityType. + // The number of units to request, filled using the default target capacity + // type. // // TotalTargetCapacity is a required field TotalTargetCapacity *int64 `type:"integer" required:"true"` @@ -168454,6 +182424,18 @@ type TransitGatewayOptions struct { // The ID of the default propagation route table. PropagationDefaultRouteTableId *string `locationName:"propagationDefaultRouteTableId" type:"string"` + // + // This parameter is in preview and may not be available for your account. + // + // Enables you to reference a security group across VPCs attached to a transit + // gateway. Use this option to simplify security group management and control + // of instance-to-instance traffic across VPCs that are connected by transit + // gateway. You can also use this option to migrate from VPC peering (which + // was the only option that supported security group referencing) to transit + // gateways (which now also support security group referencing). This option + // is disabled by default and there are no additional costs to use this feature. + SecurityGroupReferencingSupport *string `locationName:"securityGroupReferencingSupport" type:"string" enum:"SecurityGroupReferencingSupportValue"` + // The transit gateway CIDR blocks. TransitGatewayCidrBlocks []*string `locationName:"transitGatewayCidrBlocks" locationNameList:"item" type:"list"` @@ -168527,6 +182509,12 @@ func (s *TransitGatewayOptions) SetPropagationDefaultRouteTableId(v string) *Tra return s } +// SetSecurityGroupReferencingSupport sets the SecurityGroupReferencingSupport field's value. +func (s *TransitGatewayOptions) SetSecurityGroupReferencingSupport(v string) *TransitGatewayOptions { + s.SecurityGroupReferencingSupport = &v + return s +} + // SetTransitGatewayCidrBlocks sets the TransitGatewayCidrBlocks field's value. func (s *TransitGatewayOptions) SetTransitGatewayCidrBlocks(v []*string) *TransitGatewayOptions { s.TransitGatewayCidrBlocks = v @@ -169214,6 +183202,18 @@ type TransitGatewayRequestOptions struct { // Indicates whether multicast is enabled on the transit gateway MulticastSupport *string `type:"string" enum:"MulticastSupportValue"` + // + // This parameter is in preview and may not be available for your account. + // + // Enables you to reference a security group across VPCs attached to a transit + // gateway. Use this option to simplify security group management and control + // of instance-to-instance traffic across VPCs that are connected by transit + // gateway. You can also use this option to migrate from VPC peering (which + // was the only option that supported security group referencing) to transit + // gateways (which now also support security group referencing). This option + // is disabled by default and there are no additional costs to use this feature. + SecurityGroupReferencingSupport *string `type:"string" enum:"SecurityGroupReferencingSupportValue"` + // One or more IPv4 or IPv6 CIDR blocks for the transit gateway. Must be a size // /24 CIDR block or larger for IPv4, or a size /64 CIDR block or larger for // IPv6. @@ -169277,6 +183277,12 @@ func (s *TransitGatewayRequestOptions) SetMulticastSupport(v string) *TransitGat return s } +// SetSecurityGroupReferencingSupport sets the SecurityGroupReferencingSupport field's value. +func (s *TransitGatewayRequestOptions) SetSecurityGroupReferencingSupport(v string) *TransitGatewayRequestOptions { + s.SecurityGroupReferencingSupport = &v + return s +} + // SetTransitGatewayCidrBlocks sets the TransitGatewayCidrBlocks field's value. func (s *TransitGatewayRequestOptions) SetTransitGatewayCidrBlocks(v []*string) *TransitGatewayRequestOptions { s.TransitGatewayCidrBlocks = v @@ -169960,6 +183966,18 @@ type TransitGatewayVpcAttachmentOptions struct { // Indicates whether IPv6 support is disabled. Ipv6Support *string `locationName:"ipv6Support" type:"string" enum:"Ipv6SupportValue"` + + // + // This parameter is in preview and may not be available for your account. + // + // Enables you to reference a security group across VPCs attached to a transit + // gateway. Use this option to simplify security group management and control + // of instance-to-instance traffic across VPCs that are connected by transit + // gateway. You can also use this option to migrate from VPC peering (which + // was the only option that supported security group referencing) to transit + // gateways (which now also support security group referencing). This option + // is disabled by default and there are no additional costs to use this feature. + SecurityGroupReferencingSupport *string `locationName:"securityGroupReferencingSupport" type:"string" enum:"SecurityGroupReferencingSupportValue"` } // String returns the string representation. @@ -169998,9 +184016,12 @@ func (s *TransitGatewayVpcAttachmentOptions) SetIpv6Support(v string) *TransitGa return s } -// Currently available in limited preview only. If you are interested in using -// this feature, contact your account manager. -// +// SetSecurityGroupReferencingSupport sets the SecurityGroupReferencingSupport field's value. +func (s *TransitGatewayVpcAttachmentOptions) SetSecurityGroupReferencingSupport(v string) *TransitGatewayVpcAttachmentOptions { + s.SecurityGroupReferencingSupport = &v + return s +} + // Information about an association between a branch network interface with // a trunk network interface. type TrunkInterfaceAssociation struct { @@ -170098,6 +184119,9 @@ type TunnelOption struct { // The number of seconds after which a DPD timeout occurs. DpdTimeoutSeconds *int64 `locationName:"dpdTimeoutSeconds" type:"integer"` + // Status of tunnel endpoint lifecycle control feature. + EnableTunnelLifecycleControl *bool `locationName:"enableTunnelLifecycleControl" type:"boolean"` + // The IKE versions that are permitted for the VPN tunnel. IkeVersions []*IKEVersionsListValue `locationName:"ikeVersionSet" locationNameList:"item" type:"list"` @@ -170135,7 +184159,11 @@ type TunnelOption struct { // The pre-shared key (PSK) to establish initial authentication between the // virtual private gateway and the customer gateway. - PreSharedKey *string `locationName:"preSharedKey" type:"string"` + // + // PreSharedKey is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by TunnelOption's + // String and GoString methods. + PreSharedKey *string `locationName:"preSharedKey" type:"string" sensitive:"true"` // The percentage of the rekey window determined by RekeyMarginTimeSeconds during // which the rekey time is randomly selected. @@ -170189,6 +184217,12 @@ func (s *TunnelOption) SetDpdTimeoutSeconds(v int64) *TunnelOption { return s } +// SetEnableTunnelLifecycleControl sets the EnableTunnelLifecycleControl field's value. +func (s *TunnelOption) SetEnableTunnelLifecycleControl(v bool) *TunnelOption { + s.EnableTunnelLifecycleControl = &v + return s +} + // SetIkeVersions sets the IkeVersions field's value. func (s *TunnelOption) SetIkeVersions(v []*IKEVersionsListValue) *TunnelOption { s.IkeVersions = v @@ -170498,6 +184532,221 @@ func (s UnassignPrivateIpAddressesOutput) GoString() string { return s.String() } +type UnassignPrivateNatGatewayAddressInput struct { + _ struct{} `type:"structure"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The maximum amount of time to wait (in seconds) before forcibly releasing + // the IP addresses if connections are still in progress. Default value is 350 + // seconds. + MaxDrainDurationSeconds *int64 `min:"1" type:"integer"` + + // The ID of the NAT gateway. + // + // NatGatewayId is a required field + NatGatewayId *string `type:"string" required:"true"` + + // The private IPv4 addresses you want to unassign. + // + // PrivateIpAddresses is a required field + PrivateIpAddresses []*string `locationName:"PrivateIpAddress" locationNameList:"item" type:"list" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s UnassignPrivateNatGatewayAddressInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s UnassignPrivateNatGatewayAddressInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *UnassignPrivateNatGatewayAddressInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "UnassignPrivateNatGatewayAddressInput"} + if s.MaxDrainDurationSeconds != nil && *s.MaxDrainDurationSeconds < 1 { + invalidParams.Add(request.NewErrParamMinValue("MaxDrainDurationSeconds", 1)) + } + if s.NatGatewayId == nil { + invalidParams.Add(request.NewErrParamRequired("NatGatewayId")) + } + if s.PrivateIpAddresses == nil { + invalidParams.Add(request.NewErrParamRequired("PrivateIpAddresses")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDryRun sets the DryRun field's value. +func (s *UnassignPrivateNatGatewayAddressInput) SetDryRun(v bool) *UnassignPrivateNatGatewayAddressInput { + s.DryRun = &v + return s +} + +// SetMaxDrainDurationSeconds sets the MaxDrainDurationSeconds field's value. +func (s *UnassignPrivateNatGatewayAddressInput) SetMaxDrainDurationSeconds(v int64) *UnassignPrivateNatGatewayAddressInput { + s.MaxDrainDurationSeconds = &v + return s +} + +// SetNatGatewayId sets the NatGatewayId field's value. +func (s *UnassignPrivateNatGatewayAddressInput) SetNatGatewayId(v string) *UnassignPrivateNatGatewayAddressInput { + s.NatGatewayId = &v + return s +} + +// SetPrivateIpAddresses sets the PrivateIpAddresses field's value. +func (s *UnassignPrivateNatGatewayAddressInput) SetPrivateIpAddresses(v []*string) *UnassignPrivateNatGatewayAddressInput { + s.PrivateIpAddresses = v + return s +} + +type UnassignPrivateNatGatewayAddressOutput struct { + _ struct{} `type:"structure"` + + // Information about the NAT gateway IP addresses. + NatGatewayAddresses []*NatGatewayAddress `locationName:"natGatewayAddressSet" locationNameList:"item" type:"list"` + + // The ID of the NAT gateway. + NatGatewayId *string `locationName:"natGatewayId" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s UnassignPrivateNatGatewayAddressOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s UnassignPrivateNatGatewayAddressOutput) GoString() string { + return s.String() +} + +// SetNatGatewayAddresses sets the NatGatewayAddresses field's value. +func (s *UnassignPrivateNatGatewayAddressOutput) SetNatGatewayAddresses(v []*NatGatewayAddress) *UnassignPrivateNatGatewayAddressOutput { + s.NatGatewayAddresses = v + return s +} + +// SetNatGatewayId sets the NatGatewayId field's value. +func (s *UnassignPrivateNatGatewayAddressOutput) SetNatGatewayId(v string) *UnassignPrivateNatGatewayAddressOutput { + s.NatGatewayId = &v + return s +} + +type UnlockSnapshotInput struct { + _ struct{} `type:"structure"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The ID of the snapshot to unlock. + // + // SnapshotId is a required field + SnapshotId *string `type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s UnlockSnapshotInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s UnlockSnapshotInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *UnlockSnapshotInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "UnlockSnapshotInput"} + if s.SnapshotId == nil { + invalidParams.Add(request.NewErrParamRequired("SnapshotId")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDryRun sets the DryRun field's value. +func (s *UnlockSnapshotInput) SetDryRun(v bool) *UnlockSnapshotInput { + s.DryRun = &v + return s +} + +// SetSnapshotId sets the SnapshotId field's value. +func (s *UnlockSnapshotInput) SetSnapshotId(v string) *UnlockSnapshotInput { + s.SnapshotId = &v + return s +} + +type UnlockSnapshotOutput struct { + _ struct{} `type:"structure"` + + // The ID of the snapshot. + SnapshotId *string `locationName:"snapshotId" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s UnlockSnapshotOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s UnlockSnapshotOutput) GoString() string { + return s.String() +} + +// SetSnapshotId sets the SnapshotId field's value. +func (s *UnlockSnapshotOutput) SetSnapshotId(v string) *UnlockSnapshotOutput { + s.SnapshotId = &v + return s +} + type UnmonitorInstancesInput struct { _ struct{} `type:"structure"` @@ -170770,7 +185019,7 @@ type UpdateSecurityGroupRuleDescriptionsEgressInput struct { GroupId *string `type:"string"` // [Default VPC] The name of the security group. You must specify either the - // security group ID or the security group name in the request. + // security group ID or the security group name. GroupName *string `type:"string"` // The IP permissions for the security group rule. You must specify either the @@ -170875,18 +185124,17 @@ type UpdateSecurityGroupRuleDescriptionsIngressInput struct { // VPC, you must specify the security group ID. GroupId *string `type:"string"` - // [EC2-Classic, default VPC] The name of the security group. You must specify - // either the security group ID or the security group name in the request. For - // security groups in a nondefault VPC, you must specify the security group - // ID. + // [Default VPC] The name of the security group. You must specify either the + // security group ID or the security group name. For security groups in a nondefault + // VPC, you must specify the security group ID. GroupName *string `type:"string"` // The IP permissions for the security group rule. You must specify either IP // permissions or a description. IpPermissions []*IpPermission `locationNameList:"item" type:"list"` - // [VPC only] The description for the ingress security group rules. You must - // specify either a description or IP permissions. + // The description for the ingress security group rules. You must specify either + // a description or IP permissions. SecurityGroupRuleDescriptions []*SecurityGroupRuleDescription `locationName:"SecurityGroupRuleDescription" locationNameList:"item" type:"list"` } @@ -171086,10 +185334,6 @@ func (s *UserData) SetData(v string) *UserData { } // Describes a security group and Amazon Web Services account ID pair. -// -// We are retiring EC2-Classic. We recommend that you migrate from EC2-Classic -// to a VPC. For more information, see Migrate from EC2-Classic to a VPC (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-migrate.html) -// in the Amazon Elastic Compute Cloud User Guide. type UserIdGroupPair struct { _ struct{} `type:"structure"` @@ -171103,8 +185347,7 @@ type UserIdGroupPair struct { // The ID of the security group. GroupId *string `locationName:"groupId" type:"string"` - // The name of the security group. In a request, use this parameter for a security - // group in EC2-Classic or a default VPC only. For a security group in a nondefault + // [Default VPC] The name of the security group. For a security group in a nondefault // VPC, use the security group ID. // // For a referenced security group in another VPC, this value is not returned @@ -171119,9 +185362,6 @@ type UserIdGroupPair struct { // For a referenced security group in another VPC, the account ID of the referenced // security group is returned in the response. If the referenced security group // is deleted, this value is not returned. - // - // [EC2-Classic] Required when adding or removing rules that reference a security - // group in another Amazon Web Services account. UserId *string `locationName:"userId" type:"string"` // The ID of the VPC for the referenced security group, if applicable. @@ -171489,6 +185729,9 @@ type VerifiedAccessEndpoint struct { // The IDs of the security groups for the endpoint. SecurityGroupIds []*string `locationName:"securityGroupIdSet" locationNameList:"item" type:"list"` + // The options in use for server side encryption. + SseSpecification *VerifiedAccessSseSpecificationResponse `locationName:"sseSpecification" type:"structure"` + // The endpoint status. Status *VerifiedAccessEndpointStatus `locationName:"status" type:"structure"` @@ -171601,6 +185844,12 @@ func (s *VerifiedAccessEndpoint) SetSecurityGroupIds(v []*string) *VerifiedAcces return s } +// SetSseSpecification sets the SseSpecification field's value. +func (s *VerifiedAccessEndpoint) SetSseSpecification(v *VerifiedAccessSseSpecificationResponse) *VerifiedAccessEndpoint { + s.SseSpecification = v + return s +} + // SetStatus sets the Status field's value. func (s *VerifiedAccessEndpoint) SetStatus(v *VerifiedAccessEndpointStatus) *VerifiedAccessEndpoint { s.Status = v @@ -171801,6 +186050,9 @@ type VerifiedAccessGroup struct { // The Amazon Web Services account number that owns the group. Owner *string `locationName:"owner" type:"string"` + // The options in use for server side encryption. + SseSpecification *VerifiedAccessSseSpecificationResponse `locationName:"sseSpecification" type:"structure"` + // The tags. Tags []*Tag `locationName:"tagSet" locationNameList:"item" type:"list"` @@ -171862,6 +186114,12 @@ func (s *VerifiedAccessGroup) SetOwner(v string) *VerifiedAccessGroup { return s } +// SetSseSpecification sets the SseSpecification field's value. +func (s *VerifiedAccessGroup) SetSseSpecification(v *VerifiedAccessSseSpecificationResponse) *VerifiedAccessGroup { + s.SseSpecification = v + return s +} + // SetTags sets the Tags field's value. func (s *VerifiedAccessGroup) SetTags(v []*Tag) *VerifiedAccessGroup { s.Tags = v @@ -171896,6 +186154,10 @@ type VerifiedAccessInstance struct { // A description for the Amazon Web Services Verified Access instance. Description *string `locationName:"description" type:"string"` + // Indicates whether support for Federal Information Processing Standards (FIPS) + // is enabled on the instance. + FipsEnabled *bool `locationName:"fipsEnabled" type:"boolean"` + // The last updated time. LastUpdatedTime *string `locationName:"lastUpdatedTime" type:"string"` @@ -171939,6 +186201,12 @@ func (s *VerifiedAccessInstance) SetDescription(v string) *VerifiedAccessInstanc return s } +// SetFipsEnabled sets the FipsEnabled field's value. +func (s *VerifiedAccessInstance) SetFipsEnabled(v bool) *VerifiedAccessInstance { + s.FipsEnabled = &v + return s +} + // SetLastUpdatedTime sets the LastUpdatedTime field's value. func (s *VerifiedAccessInstance) SetLastUpdatedTime(v string) *VerifiedAccessInstance { s.LastUpdatedTime = &v @@ -172257,16 +186525,24 @@ func (s *VerifiedAccessLogKinesisDataFirehoseDestinationOptions) SetEnabled(v bo return s } -// Describes the destinations for Verified Access logs. +// Options for Verified Access logs. type VerifiedAccessLogOptions struct { _ struct{} `type:"structure"` // Sends Verified Access logs to CloudWatch Logs. CloudWatchLogs *VerifiedAccessLogCloudWatchLogsDestinationOptions `type:"structure"` + // Indicates whether to include trust data sent by trust providers in the logs. + IncludeTrustContext *bool `type:"boolean"` + // Sends Verified Access logs to Kinesis. KinesisDataFirehose *VerifiedAccessLogKinesisDataFirehoseDestinationOptions `type:"structure"` + // The logging version. + // + // Valid values: ocsf-0.1 | ocsf-1.0.0-rc.2 + LogVersion *string `type:"string"` + // Sends Verified Access logs to Amazon S3. S3 *VerifiedAccessLogS3DestinationOptions `type:"structure"` } @@ -172320,12 +186596,24 @@ func (s *VerifiedAccessLogOptions) SetCloudWatchLogs(v *VerifiedAccessLogCloudWa return s } +// SetIncludeTrustContext sets the IncludeTrustContext field's value. +func (s *VerifiedAccessLogOptions) SetIncludeTrustContext(v bool) *VerifiedAccessLogOptions { + s.IncludeTrustContext = &v + return s +} + // SetKinesisDataFirehose sets the KinesisDataFirehose field's value. func (s *VerifiedAccessLogOptions) SetKinesisDataFirehose(v *VerifiedAccessLogKinesisDataFirehoseDestinationOptions) *VerifiedAccessLogOptions { s.KinesisDataFirehose = v return s } +// SetLogVersion sets the LogVersion field's value. +func (s *VerifiedAccessLogOptions) SetLogVersion(v string) *VerifiedAccessLogOptions { + s.LogVersion = &v + return s +} + // SetS3 sets the S3 field's value. func (s *VerifiedAccessLogOptions) SetS3(v *VerifiedAccessLogS3DestinationOptions) *VerifiedAccessLogOptions { s.S3 = v @@ -172474,16 +186762,22 @@ func (s *VerifiedAccessLogS3DestinationOptions) SetPrefix(v string) *VerifiedAcc return s } -// Describes the destinations for Verified Access logs. +// Describes the options for Verified Access logs. type VerifiedAccessLogs struct { _ struct{} `type:"structure"` // CloudWatch Logs logging destination. CloudWatchLogs *VerifiedAccessLogCloudWatchLogsDestination `locationName:"cloudWatchLogs" type:"structure"` + // Indicates whether trust data is included in the logs. + IncludeTrustContext *bool `locationName:"includeTrustContext" type:"boolean"` + // Kinesis logging destination. KinesisDataFirehose *VerifiedAccessLogKinesisDataFirehoseDestination `locationName:"kinesisDataFirehose" type:"structure"` + // The log version. + LogVersion *string `locationName:"logVersion" type:"string"` + // Amazon S3 logging options. S3 *VerifiedAccessLogS3Destination `locationName:"s3" type:"structure"` } @@ -172512,18 +186806,118 @@ func (s *VerifiedAccessLogs) SetCloudWatchLogs(v *VerifiedAccessLogCloudWatchLog return s } +// SetIncludeTrustContext sets the IncludeTrustContext field's value. +func (s *VerifiedAccessLogs) SetIncludeTrustContext(v bool) *VerifiedAccessLogs { + s.IncludeTrustContext = &v + return s +} + // SetKinesisDataFirehose sets the KinesisDataFirehose field's value. func (s *VerifiedAccessLogs) SetKinesisDataFirehose(v *VerifiedAccessLogKinesisDataFirehoseDestination) *VerifiedAccessLogs { s.KinesisDataFirehose = v return s } +// SetLogVersion sets the LogVersion field's value. +func (s *VerifiedAccessLogs) SetLogVersion(v string) *VerifiedAccessLogs { + s.LogVersion = &v + return s +} + // SetS3 sets the S3 field's value. func (s *VerifiedAccessLogs) SetS3(v *VerifiedAccessLogS3Destination) *VerifiedAccessLogs { s.S3 = v return s } +// Verified Access provides server side encryption by default to data at rest +// using Amazon Web Services-owned KMS keys. You also have the option of using +// customer managed KMS keys, which can be specified using the options below. +type VerifiedAccessSseSpecificationRequest struct { + _ struct{} `type:"structure"` + + // Enable or disable the use of customer managed KMS keys for server side encryption. + // + // Valid values: True | False + CustomerManagedKeyEnabled *bool `type:"boolean"` + + // The ARN of the KMS key. + KmsKeyArn *string `type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s VerifiedAccessSseSpecificationRequest) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s VerifiedAccessSseSpecificationRequest) GoString() string { + return s.String() +} + +// SetCustomerManagedKeyEnabled sets the CustomerManagedKeyEnabled field's value. +func (s *VerifiedAccessSseSpecificationRequest) SetCustomerManagedKeyEnabled(v bool) *VerifiedAccessSseSpecificationRequest { + s.CustomerManagedKeyEnabled = &v + return s +} + +// SetKmsKeyArn sets the KmsKeyArn field's value. +func (s *VerifiedAccessSseSpecificationRequest) SetKmsKeyArn(v string) *VerifiedAccessSseSpecificationRequest { + s.KmsKeyArn = &v + return s +} + +// The options in use for server side encryption. +type VerifiedAccessSseSpecificationResponse struct { + _ struct{} `type:"structure"` + + // Indicates whether customer managed KMS keys are in use for server side encryption. + // + // Valid values: True | False + CustomerManagedKeyEnabled *bool `locationName:"customerManagedKeyEnabled" type:"boolean"` + + // The ARN of the KMS key. + KmsKeyArn *string `locationName:"kmsKeyArn" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s VerifiedAccessSseSpecificationResponse) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s VerifiedAccessSseSpecificationResponse) GoString() string { + return s.String() +} + +// SetCustomerManagedKeyEnabled sets the CustomerManagedKeyEnabled field's value. +func (s *VerifiedAccessSseSpecificationResponse) SetCustomerManagedKeyEnabled(v bool) *VerifiedAccessSseSpecificationResponse { + s.CustomerManagedKeyEnabled = &v + return s +} + +// SetKmsKeyArn sets the KmsKeyArn field's value. +func (s *VerifiedAccessSseSpecificationResponse) SetKmsKeyArn(v string) *VerifiedAccessSseSpecificationResponse { + s.KmsKeyArn = &v + return s +} + // Describes a Verified Access trust provider. type VerifiedAccessTrustProvider struct { _ struct{} `type:"structure"` @@ -172534,7 +186928,7 @@ type VerifiedAccessTrustProvider struct { // A description for the Amazon Web Services Verified Access trust provider. Description *string `locationName:"description" type:"string"` - // The options for device-identity type trust provider. + // The options for device-identity trust provider. DeviceOptions *DeviceOptions `locationName:"deviceOptions" type:"structure"` // The type of device-based trust provider. @@ -172543,12 +186937,15 @@ type VerifiedAccessTrustProvider struct { // The last updated time. LastUpdatedTime *string `locationName:"lastUpdatedTime" type:"string"` - // The OpenID Connect details for an oidc-type, user-identity based trust provider. + // The options for an OpenID Connect-compatible user-identity trust provider. OidcOptions *OidcOptions `locationName:"oidcOptions" type:"structure"` // The identifier to be used when working with policy rules. PolicyReferenceName *string `locationName:"policyReferenceName" type:"string"` + // The options in use for server side encryption. + SseSpecification *VerifiedAccessSseSpecificationResponse `locationName:"sseSpecification" type:"structure"` + // The tags. Tags []*Tag `locationName:"tagSet" locationNameList:"item" type:"list"` @@ -172622,6 +187019,12 @@ func (s *VerifiedAccessTrustProvider) SetPolicyReferenceName(v string) *Verified return s } +// SetSseSpecification sets the SseSpecification field's value. +func (s *VerifiedAccessTrustProvider) SetSseSpecification(v *VerifiedAccessSseSpecificationResponse) *VerifiedAccessTrustProvider { + s.SseSpecification = v + return s +} + // SetTags sets the Tags field's value. func (s *VerifiedAccessTrustProvider) SetTags(v []*Tag) *VerifiedAccessTrustProvider { s.Tags = v @@ -172724,7 +187127,8 @@ type VgwTelemetry struct { // The Amazon Resource Name (ARN) of the VPN tunnel endpoint certificate. CertificateArn *string `locationName:"certificateArn" type:"string"` - // The date and time of the last change in status. + // The date and time of the last change in status. This field is updated when + // changes in IKE (Phase 1), IPSec (Phase 2), or BGP status are detected. LastStatusChange *time.Time `locationName:"lastStatusChange" type:"timestamp"` // The Internet-routable IP address of the virtual private gateway's outside @@ -172833,6 +187237,9 @@ type Volume struct { // The snapshot from which the volume was created, if applicable. SnapshotId *string `locationName:"snapshotId" type:"string"` + // Reserved for future use. + SseType *string `locationName:"sseType" type:"string" enum:"SSEType"` + // The volume state. State *string `locationName:"status" type:"string" enum:"VolumeState"` @@ -172933,6 +187340,12 @@ func (s *Volume) SetSnapshotId(v string) *Volume { return s } +// SetSseType sets the SseType field's value. +func (s *Volume) SetSseType(v string) *Volume { + s.SseType = &v + return s +} + // SetState sets the State field's value. func (s *Volume) SetState(v string) *Volume { s.State = &v @@ -172967,6 +187380,9 @@ func (s *Volume) SetVolumeType(v string) *Volume { type VolumeAttachment struct { _ struct{} `type:"structure"` + // The ARN of the Amazon ECS or Fargate task to which the volume is attached. + AssociatedResource *string `locationName:"associatedResource" type:"string"` + // The time stamp when the attachment initiated. AttachTime *time.Time `locationName:"attachTime" type:"timestamp"` @@ -172974,11 +187390,22 @@ type VolumeAttachment struct { DeleteOnTermination *bool `locationName:"deleteOnTermination" type:"boolean"` // The device name. + // + // If the volume is attached to a Fargate task, this parameter returns null. Device *string `locationName:"device" type:"string"` // The ID of the instance. + // + // If the volume is attached to a Fargate task, this parameter returns null. InstanceId *string `locationName:"instanceId" type:"string"` + // The service principal of Amazon Web Services service that owns the underlying + // instance to which the volume is attached. + // + // This parameter is returned only for volumes that are attached to Fargate + // tasks. + InstanceOwningService *string `locationName:"instanceOwningService" type:"string"` + // The attachment state of the volume. State *string `locationName:"status" type:"string" enum:"VolumeAttachmentState"` @@ -173004,6 +187431,12 @@ func (s VolumeAttachment) GoString() string { return s.String() } +// SetAssociatedResource sets the AssociatedResource field's value. +func (s *VolumeAttachment) SetAssociatedResource(v string) *VolumeAttachment { + s.AssociatedResource = &v + return s +} + // SetAttachTime sets the AttachTime field's value. func (s *VolumeAttachment) SetAttachTime(v time.Time) *VolumeAttachment { s.AttachTime = &v @@ -173028,6 +187461,12 @@ func (s *VolumeAttachment) SetInstanceId(v string) *VolumeAttachment { return s } +// SetInstanceOwningService sets the InstanceOwningService field's value. +func (s *VolumeAttachment) SetInstanceOwningService(v string) *VolumeAttachment { + s.InstanceOwningService = &v + return s +} + // SetState sets the State field's value. func (s *VolumeAttachment) SetState(v string) *VolumeAttachment { s.State = &v @@ -173847,9 +188286,7 @@ func (s *VpcCidrBlockState) SetStatusMessage(v string) *VpcCidrBlockState { return s } -// We are retiring EC2-Classic. We recommend that you migrate from EC2-Classic -// to a VPC. For more information, see Migrate from EC2-Classic to a VPC (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-migrate.html) -// in the Amazon Elastic Compute Cloud User Guide. +// Deprecated. // // Describes whether a VPC is enabled for ClassicLink. type VpcClassicLink struct { @@ -173924,7 +188361,7 @@ type VpcEndpoint struct { // The last error that occurred for endpoint. LastError *LastError `locationName:"lastError" type:"structure"` - // (Interface endpoint) One or more network interfaces for the endpoint. + // (Interface endpoint) The network interfaces for the endpoint. NetworkInterfaceIds []*string `locationName:"networkInterfaceIdSet" locationNameList:"item" type:"list"` // The ID of the Amazon Web Services account that owns the endpoint. @@ -173940,7 +188377,7 @@ type VpcEndpoint struct { // Indicates whether the endpoint is being managed by its service. RequesterManaged *bool `locationName:"requesterManaged" type:"boolean"` - // (Gateway endpoint) One or more route tables associated with the endpoint. + // (Gateway endpoint) The IDs of the route tables associated with the endpoint. RouteTableIds []*string `locationName:"routeTableIdSet" locationNameList:"item" type:"list"` // The name of the service to which the endpoint is associated. @@ -173952,7 +188389,7 @@ type VpcEndpoint struct { // (Interface endpoint) The subnets for the endpoint. SubnetIds []*string `locationName:"subnetIdSet" locationNameList:"item" type:"list"` - // Any tags assigned to the endpoint. + // The tags assigned to the endpoint. Tags []*Tag `locationName:"tagSet" locationNameList:"item" type:"list"` // The ID of the endpoint. @@ -174368,10 +188805,6 @@ func (s *VpcPeeringConnection) SetVpcPeeringConnectionId(v string) *VpcPeeringCo return s } -// We are retiring EC2-Classic. We recommend that you migrate from EC2-Classic -// to a VPC. For more information, see Migrate from EC2-Classic to a VPC (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-migrate.html) -// in the Amazon Elastic Compute Cloud User Guide. -// // Describes the VPC peering connection options. type VpcPeeringConnectionOptionsDescription struct { _ struct{} `type:"structure"` @@ -174380,12 +188813,10 @@ type VpcPeeringConnectionOptionsDescription struct { // IP addresses when queried from instances in a peer VPC. AllowDnsResolutionFromRemoteVpc *bool `locationName:"allowDnsResolutionFromRemoteVpc" type:"boolean"` - // Indicates whether a local ClassicLink connection can communicate with the - // peer VPC over the VPC peering connection. + // Deprecated. AllowEgressFromLocalClassicLinkToRemoteVpc *bool `locationName:"allowEgressFromLocalClassicLinkToRemoteVpc" type:"boolean"` - // Indicates whether a local VPC can communicate with a ClassicLink connection - // in the peer VPC over the VPC peering connection. + // Deprecated. AllowEgressFromLocalVpcToRemoteClassicLink *bool `locationName:"allowEgressFromLocalVpcToRemoteClassicLink" type:"boolean"` } @@ -174572,7 +189003,11 @@ type VpnConnection struct { // the native XML format). This element is always present in the CreateVpnConnection // response; however, it's present in the DescribeVpnConnections response only // if the VPN connection is in the pending or available state. - CustomerGatewayConfiguration *string `locationName:"customerGatewayConfiguration" type:"string"` + // + // CustomerGatewayConfiguration is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by VpnConnection's + // String and GoString methods. + CustomerGatewayConfiguration *string `locationName:"customerGatewayConfiguration" type:"string" sensitive:"true"` // The ID of the customer gateway at your end of the VPN connection. CustomerGatewayId *string `locationName:"customerGatewayId" type:"string"` @@ -175254,6 +189689,9 @@ type VpnTunnelOptionsSpecification struct { // Default: 30 DPDTimeoutSeconds *int64 `type:"integer"` + // Turn on or off tunnel endpoint lifecycle control feature. + EnableTunnelLifecycleControl *bool `type:"boolean"` + // The IKE versions that are permitted for the VPN tunnel. // // Valid values: ikev1 | ikev2 @@ -175319,7 +189757,11 @@ type VpnTunnelOptionsSpecification struct { // Constraints: Allowed characters are alphanumeric characters, periods (.), // and underscores (_). Must be between 8 and 64 characters in length and cannot // start with zero (0). - PreSharedKey *string `type:"string"` + // + // PreSharedKey is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by VpnTunnelOptionsSpecification's + // String and GoString methods. + PreSharedKey *string `type:"string" sensitive:"true"` // The percentage of the rekey window (determined by RekeyMarginTimeSeconds) // during which the rekey time is randomly selected. @@ -175336,7 +189778,7 @@ type VpnTunnelOptionsSpecification struct { // // Constraints: A value between 60 and half of Phase2LifetimeSeconds. // - // Default: 540 + // Default: 270 RekeyMarginTimeSeconds *int64 `type:"integer"` // The number of packets in an IKE replay window. @@ -175415,6 +189857,12 @@ func (s *VpnTunnelOptionsSpecification) SetDPDTimeoutSeconds(v int64) *VpnTunnel return s } +// SetEnableTunnelLifecycleControl sets the EnableTunnelLifecycleControl field's value. +func (s *VpnTunnelOptionsSpecification) SetEnableTunnelLifecycleControl(v bool) *VpnTunnelOptionsSpecification { + s.EnableTunnelLifecycleControl = &v + return s +} + // SetIKEVersions sets the IKEVersions field's value. func (s *VpnTunnelOptionsSpecification) SetIKEVersions(v []*IKEVersionsRequestListValue) *VpnTunnelOptionsSpecification { s.IKEVersions = v @@ -175607,26 +190055,30 @@ func (s *WithdrawByoipCidrOutput) SetByoipCidr(v *ByoipCidr) *WithdrawByoipCidrO } const ( - // AcceleratorManufacturerNvidia is a AcceleratorManufacturer enum value - AcceleratorManufacturerNvidia = "nvidia" + // AcceleratorManufacturerAmazonWebServices is a AcceleratorManufacturer enum value + AcceleratorManufacturerAmazonWebServices = "amazon-web-services" // AcceleratorManufacturerAmd is a AcceleratorManufacturer enum value AcceleratorManufacturerAmd = "amd" - // AcceleratorManufacturerAmazonWebServices is a AcceleratorManufacturer enum value - AcceleratorManufacturerAmazonWebServices = "amazon-web-services" + // AcceleratorManufacturerNvidia is a AcceleratorManufacturer enum value + AcceleratorManufacturerNvidia = "nvidia" // AcceleratorManufacturerXilinx is a AcceleratorManufacturer enum value AcceleratorManufacturerXilinx = "xilinx" + + // AcceleratorManufacturerHabana is a AcceleratorManufacturer enum value + AcceleratorManufacturerHabana = "habana" ) // AcceleratorManufacturer_Values returns all elements of the AcceleratorManufacturer enum func AcceleratorManufacturer_Values() []string { return []string{ - AcceleratorManufacturerNvidia, - AcceleratorManufacturerAmd, AcceleratorManufacturerAmazonWebServices, + AcceleratorManufacturerAmd, + AcceleratorManufacturerNvidia, AcceleratorManufacturerXilinx, + AcceleratorManufacturerHabana, } } @@ -175634,43 +190086,55 @@ const ( // AcceleratorNameA100 is a AcceleratorName enum value AcceleratorNameA100 = "a100" - // AcceleratorNameV100 is a AcceleratorName enum value - AcceleratorNameV100 = "v100" + // AcceleratorNameInferentia is a AcceleratorName enum value + AcceleratorNameInferentia = "inferentia" + + // AcceleratorNameK520 is a AcceleratorName enum value + AcceleratorNameK520 = "k520" // AcceleratorNameK80 is a AcceleratorName enum value AcceleratorNameK80 = "k80" - // AcceleratorNameT4 is a AcceleratorName enum value - AcceleratorNameT4 = "t4" - // AcceleratorNameM60 is a AcceleratorName enum value AcceleratorNameM60 = "m60" // AcceleratorNameRadeonProV520 is a AcceleratorName enum value AcceleratorNameRadeonProV520 = "radeon-pro-v520" + // AcceleratorNameT4 is a AcceleratorName enum value + AcceleratorNameT4 = "t4" + // AcceleratorNameVu9p is a AcceleratorName enum value AcceleratorNameVu9p = "vu9p" - // AcceleratorNameInferentia is a AcceleratorName enum value - AcceleratorNameInferentia = "inferentia" + // AcceleratorNameV100 is a AcceleratorName enum value + AcceleratorNameV100 = "v100" - // AcceleratorNameK520 is a AcceleratorName enum value - AcceleratorNameK520 = "k520" + // AcceleratorNameA10g is a AcceleratorName enum value + AcceleratorNameA10g = "a10g" + + // AcceleratorNameH100 is a AcceleratorName enum value + AcceleratorNameH100 = "h100" + + // AcceleratorNameT4g is a AcceleratorName enum value + AcceleratorNameT4g = "t4g" ) // AcceleratorName_Values returns all elements of the AcceleratorName enum func AcceleratorName_Values() []string { return []string{ AcceleratorNameA100, - AcceleratorNameV100, + AcceleratorNameInferentia, + AcceleratorNameK520, AcceleratorNameK80, - AcceleratorNameT4, AcceleratorNameM60, AcceleratorNameRadeonProV520, + AcceleratorNameT4, AcceleratorNameVu9p, - AcceleratorNameInferentia, - AcceleratorNameK520, + AcceleratorNameV100, + AcceleratorNameA10g, + AcceleratorNameH100, + AcceleratorNameT4g, } } @@ -175886,6 +190350,22 @@ func AllowsMultipleInstanceTypes_Values() []string { } } +const ( + // AmdSevSnpSpecificationEnabled is a AmdSevSnpSpecification enum value + AmdSevSnpSpecificationEnabled = "enabled" + + // AmdSevSnpSpecificationDisabled is a AmdSevSnpSpecification enum value + AmdSevSnpSpecificationDisabled = "disabled" +) + +// AmdSevSnpSpecification_Values returns all elements of the AmdSevSnpSpecification enum +func AmdSevSnpSpecification_Values() []string { + return []string{ + AmdSevSnpSpecificationEnabled, + AmdSevSnpSpecificationDisabled, + } +} + const ( // AnalysisStatusRunning is a AnalysisStatus enum value AnalysisStatusRunning = "running" @@ -175978,6 +190458,70 @@ func ArchitectureValues_Values() []string { } } +const ( + // AsnAssociationStateDisassociated is a AsnAssociationState enum value + AsnAssociationStateDisassociated = "disassociated" + + // AsnAssociationStateFailedDisassociation is a AsnAssociationState enum value + AsnAssociationStateFailedDisassociation = "failed-disassociation" + + // AsnAssociationStateFailedAssociation is a AsnAssociationState enum value + AsnAssociationStateFailedAssociation = "failed-association" + + // AsnAssociationStatePendingDisassociation is a AsnAssociationState enum value + AsnAssociationStatePendingDisassociation = "pending-disassociation" + + // AsnAssociationStatePendingAssociation is a AsnAssociationState enum value + AsnAssociationStatePendingAssociation = "pending-association" + + // AsnAssociationStateAssociated is a AsnAssociationState enum value + AsnAssociationStateAssociated = "associated" +) + +// AsnAssociationState_Values returns all elements of the AsnAssociationState enum +func AsnAssociationState_Values() []string { + return []string{ + AsnAssociationStateDisassociated, + AsnAssociationStateFailedDisassociation, + AsnAssociationStateFailedAssociation, + AsnAssociationStatePendingDisassociation, + AsnAssociationStatePendingAssociation, + AsnAssociationStateAssociated, + } +} + +const ( + // AsnStateDeprovisioned is a AsnState enum value + AsnStateDeprovisioned = "deprovisioned" + + // AsnStateFailedDeprovision is a AsnState enum value + AsnStateFailedDeprovision = "failed-deprovision" + + // AsnStateFailedProvision is a AsnState enum value + AsnStateFailedProvision = "failed-provision" + + // AsnStatePendingDeprovision is a AsnState enum value + AsnStatePendingDeprovision = "pending-deprovision" + + // AsnStatePendingProvision is a AsnState enum value + AsnStatePendingProvision = "pending-provision" + + // AsnStateProvisioned is a AsnState enum value + AsnStateProvisioned = "provisioned" +) + +// AsnState_Values returns all elements of the AsnState enum +func AsnState_Values() []string { + return []string{ + AsnStateDeprovisioned, + AsnStateFailedDeprovision, + AsnStateFailedProvision, + AsnStatePendingDeprovision, + AsnStatePendingProvision, + AsnStateProvisioned, + } +} + const ( // AssociatedNetworkTypeVpc is a AssociatedNetworkType enum value AssociatedNetworkTypeVpc = "vpc" @@ -176122,6 +190666,9 @@ const ( // AvailabilityZoneStateUnavailable is a AvailabilityZoneState enum value AvailabilityZoneStateUnavailable = "unavailable" + + // AvailabilityZoneStateConstrained is a AvailabilityZoneState enum value + AvailabilityZoneStateConstrained = "constrained" ) // AvailabilityZoneState_Values returns all elements of the AvailabilityZoneState enum @@ -176131,6 +190678,7 @@ func AvailabilityZoneState_Values() []string { AvailabilityZoneStateInformation, AvailabilityZoneStateImpaired, AvailabilityZoneStateUnavailable, + AvailabilityZoneStateConstrained, } } @@ -176228,6 +190776,9 @@ const ( // BootModeValuesUefi is a BootModeValues enum value BootModeValuesUefi = "uefi" + + // BootModeValuesUefiPreferred is a BootModeValues enum value + BootModeValuesUefiPreferred = "uefi-preferred" ) // BootModeValues_Values returns all elements of the BootModeValues enum @@ -176235,6 +190786,7 @@ func BootModeValues_Values() []string { return []string{ BootModeValuesLegacyBios, BootModeValuesUefi, + BootModeValuesUefiPreferred, } } @@ -176481,6 +191033,9 @@ const ( // CapacityReservationInstancePlatformRhelwithHaandSqlserverEnterprise is a CapacityReservationInstancePlatform enum value CapacityReservationInstancePlatformRhelwithHaandSqlserverEnterprise = "RHEL with HA and SQL Server Enterprise" + + // CapacityReservationInstancePlatformUbuntuPro is a CapacityReservationInstancePlatform enum value + CapacityReservationInstancePlatformUbuntuPro = "Ubuntu Pro" ) // CapacityReservationInstancePlatform_Values returns all elements of the CapacityReservationInstancePlatform enum @@ -176503,6 +191058,7 @@ func CapacityReservationInstancePlatform_Values() []string { CapacityReservationInstancePlatformRhelwithHa, CapacityReservationInstancePlatformRhelwithHaandSqlserverStandard, CapacityReservationInstancePlatformRhelwithHaandSqlserverEnterprise, + CapacityReservationInstancePlatformUbuntuPro, } } @@ -176537,6 +191093,15 @@ const ( // CapacityReservationStateFailed is a CapacityReservationState enum value CapacityReservationStateFailed = "failed" + + // CapacityReservationStateScheduled is a CapacityReservationState enum value + CapacityReservationStateScheduled = "scheduled" + + // CapacityReservationStatePaymentPending is a CapacityReservationState enum value + CapacityReservationStatePaymentPending = "payment-pending" + + // CapacityReservationStatePaymentFailed is a CapacityReservationState enum value + CapacityReservationStatePaymentFailed = "payment-failed" ) // CapacityReservationState_Values returns all elements of the CapacityReservationState enum @@ -176547,6 +191112,9 @@ func CapacityReservationState_Values() []string { CapacityReservationStateCancelled, CapacityReservationStatePending, CapacityReservationStateFailed, + CapacityReservationStateScheduled, + CapacityReservationStatePaymentPending, + CapacityReservationStatePaymentFailed, } } @@ -176566,6 +191134,22 @@ func CapacityReservationTenancy_Values() []string { } } +const ( + // CapacityReservationTypeDefault is a CapacityReservationType enum value + CapacityReservationTypeDefault = "default" + + // CapacityReservationTypeCapacityBlock is a CapacityReservationType enum value + CapacityReservationTypeCapacityBlock = "capacity-block" +) + +// CapacityReservationType_Values returns all elements of the CapacityReservationType enum +func CapacityReservationType_Values() []string { + return []string{ + CapacityReservationTypeDefault, + CapacityReservationTypeCapacityBlock, + } +} + const ( // CarrierGatewayStatePending is a CarrierGatewayState enum value CarrierGatewayStatePending = "pending" @@ -176916,6 +191500,9 @@ const ( // DefaultTargetCapacityTypeOnDemand is a DefaultTargetCapacityType enum value DefaultTargetCapacityTypeOnDemand = "on-demand" + + // DefaultTargetCapacityTypeCapacityBlock is a DefaultTargetCapacityType enum value + DefaultTargetCapacityTypeCapacityBlock = "capacity-block" ) // DefaultTargetCapacityType_Values returns all elements of the DefaultTargetCapacityType enum @@ -176923,6 +191510,7 @@ func DefaultTargetCapacityType_Values() []string { return []string{ DefaultTargetCapacityTypeSpot, DefaultTargetCapacityTypeOnDemand, + DefaultTargetCapacityTypeCapacityBlock, } } @@ -176992,6 +191580,9 @@ const ( // DeviceTrustProviderTypeCrowdstrike is a DeviceTrustProviderType enum value DeviceTrustProviderTypeCrowdstrike = "crowdstrike" + + // DeviceTrustProviderTypeJumpcloud is a DeviceTrustProviderType enum value + DeviceTrustProviderTypeJumpcloud = "jumpcloud" ) // DeviceTrustProviderType_Values returns all elements of the DeviceTrustProviderType enum @@ -176999,6 +191590,7 @@ func DeviceTrustProviderType_Values() []string { return []string{ DeviceTrustProviderTypeJamf, DeviceTrustProviderTypeCrowdstrike, + DeviceTrustProviderTypeJumpcloud, } } @@ -177202,6 +191794,38 @@ func EbsOptimizedSupport_Values() []string { } } +const ( + // Ec2InstanceConnectEndpointStateCreateInProgress is a Ec2InstanceConnectEndpointState enum value + Ec2InstanceConnectEndpointStateCreateInProgress = "create-in-progress" + + // Ec2InstanceConnectEndpointStateCreateComplete is a Ec2InstanceConnectEndpointState enum value + Ec2InstanceConnectEndpointStateCreateComplete = "create-complete" + + // Ec2InstanceConnectEndpointStateCreateFailed is a Ec2InstanceConnectEndpointState enum value + Ec2InstanceConnectEndpointStateCreateFailed = "create-failed" + + // Ec2InstanceConnectEndpointStateDeleteInProgress is a Ec2InstanceConnectEndpointState enum value + Ec2InstanceConnectEndpointStateDeleteInProgress = "delete-in-progress" + + // Ec2InstanceConnectEndpointStateDeleteComplete is a Ec2InstanceConnectEndpointState enum value + Ec2InstanceConnectEndpointStateDeleteComplete = "delete-complete" + + // Ec2InstanceConnectEndpointStateDeleteFailed is a Ec2InstanceConnectEndpointState enum value + Ec2InstanceConnectEndpointStateDeleteFailed = "delete-failed" +) + +// Ec2InstanceConnectEndpointState_Values returns all elements of the Ec2InstanceConnectEndpointState enum +func Ec2InstanceConnectEndpointState_Values() []string { + return []string{ + Ec2InstanceConnectEndpointStateCreateInProgress, + Ec2InstanceConnectEndpointStateCreateComplete, + Ec2InstanceConnectEndpointStateCreateFailed, + Ec2InstanceConnectEndpointStateDeleteInProgress, + Ec2InstanceConnectEndpointStateDeleteComplete, + Ec2InstanceConnectEndpointStateDeleteFailed, + } +} + const ( // ElasticGpuStateAttached is a ElasticGpuState enum value ElasticGpuStateAttached = "ATTACHED" @@ -177786,6 +192410,22 @@ func GatewayType_Values() []string { } } +const ( + // HostMaintenanceOn is a HostMaintenance enum value + HostMaintenanceOn = "on" + + // HostMaintenanceOff is a HostMaintenance enum value + HostMaintenanceOff = "off" +) + +// HostMaintenance_Values returns all elements of the HostMaintenance enum +func HostMaintenance_Values() []string { + return []string{ + HostMaintenanceOn, + HostMaintenanceOff, + } +} + const ( // HostRecoveryOn is a HostRecovery enum value HostRecoveryOn = "on" @@ -177962,6 +192602,30 @@ func ImageAttributeName_Values() []string { } } +const ( + // ImageBlockPublicAccessDisabledStateUnblocked is a ImageBlockPublicAccessDisabledState enum value + ImageBlockPublicAccessDisabledStateUnblocked = "unblocked" +) + +// ImageBlockPublicAccessDisabledState_Values returns all elements of the ImageBlockPublicAccessDisabledState enum +func ImageBlockPublicAccessDisabledState_Values() []string { + return []string{ + ImageBlockPublicAccessDisabledStateUnblocked, + } +} + +const ( + // ImageBlockPublicAccessEnabledStateBlockNewSharing is a ImageBlockPublicAccessEnabledState enum value + ImageBlockPublicAccessEnabledStateBlockNewSharing = "block-new-sharing" +) + +// ImageBlockPublicAccessEnabledState_Values returns all elements of the ImageBlockPublicAccessEnabledState enum +func ImageBlockPublicAccessEnabledState_Values() []string { + return []string{ + ImageBlockPublicAccessEnabledStateBlockNewSharing, + } +} + const ( // ImageStatePending is a ImageState enum value ImageStatePending = "pending" @@ -177983,6 +192647,9 @@ const ( // ImageStateError is a ImageState enum value ImageStateError = "error" + + // ImageStateDisabled is a ImageState enum value + ImageStateDisabled = "disabled" ) // ImageState_Values returns all elements of the ImageState enum @@ -177995,6 +192662,7 @@ func ImageState_Values() []string { ImageStateTransient, ImageStateFailed, ImageStateError, + ImageStateDisabled, } } @@ -178118,6 +192786,22 @@ func InstanceAutoRecoveryState_Values() []string { } } +const ( + // InstanceBootModeValuesLegacyBios is a InstanceBootModeValues enum value + InstanceBootModeValuesLegacyBios = "legacy-bios" + + // InstanceBootModeValuesUefi is a InstanceBootModeValues enum value + InstanceBootModeValuesUefi = "uefi" +) + +// InstanceBootModeValues_Values returns all elements of the InstanceBootModeValues enum +func InstanceBootModeValues_Values() []string { + return []string{ + InstanceBootModeValuesLegacyBios, + InstanceBootModeValuesUefi, + } +} + const ( // InstanceEventWindowStateCreating is a InstanceEventWindowState enum value InstanceEventWindowStateCreating = "creating" @@ -178216,6 +192900,9 @@ const ( // InstanceLifecycleTypeScheduled is a InstanceLifecycleType enum value InstanceLifecycleTypeScheduled = "scheduled" + + // InstanceLifecycleTypeCapacityBlock is a InstanceLifecycleType enum value + InstanceLifecycleTypeCapacityBlock = "capacity-block" ) // InstanceLifecycleType_Values returns all elements of the InstanceLifecycleType enum @@ -178223,6 +192910,7 @@ func InstanceLifecycleType_Values() []string { return []string{ InstanceLifecycleTypeSpot, InstanceLifecycleTypeScheduled, + InstanceLifecycleTypeCapacityBlock, } } @@ -180076,6 +194764,633 @@ const ( // InstanceTypeHpc6id32xlarge is a InstanceType enum value InstanceTypeHpc6id32xlarge = "hpc6id.32xlarge" + + // InstanceTypeC6inLarge is a InstanceType enum value + InstanceTypeC6inLarge = "c6in.large" + + // InstanceTypeC6inXlarge is a InstanceType enum value + InstanceTypeC6inXlarge = "c6in.xlarge" + + // InstanceTypeC6in2xlarge is a InstanceType enum value + InstanceTypeC6in2xlarge = "c6in.2xlarge" + + // InstanceTypeC6in4xlarge is a InstanceType enum value + InstanceTypeC6in4xlarge = "c6in.4xlarge" + + // InstanceTypeC6in8xlarge is a InstanceType enum value + InstanceTypeC6in8xlarge = "c6in.8xlarge" + + // InstanceTypeC6in12xlarge is a InstanceType enum value + InstanceTypeC6in12xlarge = "c6in.12xlarge" + + // InstanceTypeC6in16xlarge is a InstanceType enum value + InstanceTypeC6in16xlarge = "c6in.16xlarge" + + // InstanceTypeC6in24xlarge is a InstanceType enum value + InstanceTypeC6in24xlarge = "c6in.24xlarge" + + // InstanceTypeC6in32xlarge is a InstanceType enum value + InstanceTypeC6in32xlarge = "c6in.32xlarge" + + // InstanceTypeM6inLarge is a InstanceType enum value + InstanceTypeM6inLarge = "m6in.large" + + // InstanceTypeM6inXlarge is a InstanceType enum value + InstanceTypeM6inXlarge = "m6in.xlarge" + + // InstanceTypeM6in2xlarge is a InstanceType enum value + InstanceTypeM6in2xlarge = "m6in.2xlarge" + + // InstanceTypeM6in4xlarge is a InstanceType enum value + InstanceTypeM6in4xlarge = "m6in.4xlarge" + + // InstanceTypeM6in8xlarge is a InstanceType enum value + InstanceTypeM6in8xlarge = "m6in.8xlarge" + + // InstanceTypeM6in12xlarge is a InstanceType enum value + InstanceTypeM6in12xlarge = "m6in.12xlarge" + + // InstanceTypeM6in16xlarge is a InstanceType enum value + InstanceTypeM6in16xlarge = "m6in.16xlarge" + + // InstanceTypeM6in24xlarge is a InstanceType enum value + InstanceTypeM6in24xlarge = "m6in.24xlarge" + + // InstanceTypeM6in32xlarge is a InstanceType enum value + InstanceTypeM6in32xlarge = "m6in.32xlarge" + + // InstanceTypeM6idnLarge is a InstanceType enum value + InstanceTypeM6idnLarge = "m6idn.large" + + // InstanceTypeM6idnXlarge is a InstanceType enum value + InstanceTypeM6idnXlarge = "m6idn.xlarge" + + // InstanceTypeM6idn2xlarge is a InstanceType enum value + InstanceTypeM6idn2xlarge = "m6idn.2xlarge" + + // InstanceTypeM6idn4xlarge is a InstanceType enum value + InstanceTypeM6idn4xlarge = "m6idn.4xlarge" + + // InstanceTypeM6idn8xlarge is a InstanceType enum value + InstanceTypeM6idn8xlarge = "m6idn.8xlarge" + + // InstanceTypeM6idn12xlarge is a InstanceType enum value + InstanceTypeM6idn12xlarge = "m6idn.12xlarge" + + // InstanceTypeM6idn16xlarge is a InstanceType enum value + InstanceTypeM6idn16xlarge = "m6idn.16xlarge" + + // InstanceTypeM6idn24xlarge is a InstanceType enum value + InstanceTypeM6idn24xlarge = "m6idn.24xlarge" + + // InstanceTypeM6idn32xlarge is a InstanceType enum value + InstanceTypeM6idn32xlarge = "m6idn.32xlarge" + + // InstanceTypeR6inLarge is a InstanceType enum value + InstanceTypeR6inLarge = "r6in.large" + + // InstanceTypeR6inXlarge is a InstanceType enum value + InstanceTypeR6inXlarge = "r6in.xlarge" + + // InstanceTypeR6in2xlarge is a InstanceType enum value + InstanceTypeR6in2xlarge = "r6in.2xlarge" + + // InstanceTypeR6in4xlarge is a InstanceType enum value + InstanceTypeR6in4xlarge = "r6in.4xlarge" + + // InstanceTypeR6in8xlarge is a InstanceType enum value + InstanceTypeR6in8xlarge = "r6in.8xlarge" + + // InstanceTypeR6in12xlarge is a InstanceType enum value + InstanceTypeR6in12xlarge = "r6in.12xlarge" + + // InstanceTypeR6in16xlarge is a InstanceType enum value + InstanceTypeR6in16xlarge = "r6in.16xlarge" + + // InstanceTypeR6in24xlarge is a InstanceType enum value + InstanceTypeR6in24xlarge = "r6in.24xlarge" + + // InstanceTypeR6in32xlarge is a InstanceType enum value + InstanceTypeR6in32xlarge = "r6in.32xlarge" + + // InstanceTypeR6idnLarge is a InstanceType enum value + InstanceTypeR6idnLarge = "r6idn.large" + + // InstanceTypeR6idnXlarge is a InstanceType enum value + InstanceTypeR6idnXlarge = "r6idn.xlarge" + + // InstanceTypeR6idn2xlarge is a InstanceType enum value + InstanceTypeR6idn2xlarge = "r6idn.2xlarge" + + // InstanceTypeR6idn4xlarge is a InstanceType enum value + InstanceTypeR6idn4xlarge = "r6idn.4xlarge" + + // InstanceTypeR6idn8xlarge is a InstanceType enum value + InstanceTypeR6idn8xlarge = "r6idn.8xlarge" + + // InstanceTypeR6idn12xlarge is a InstanceType enum value + InstanceTypeR6idn12xlarge = "r6idn.12xlarge" + + // InstanceTypeR6idn16xlarge is a InstanceType enum value + InstanceTypeR6idn16xlarge = "r6idn.16xlarge" + + // InstanceTypeR6idn24xlarge is a InstanceType enum value + InstanceTypeR6idn24xlarge = "r6idn.24xlarge" + + // InstanceTypeR6idn32xlarge is a InstanceType enum value + InstanceTypeR6idn32xlarge = "r6idn.32xlarge" + + // InstanceTypeC7gMetal is a InstanceType enum value + InstanceTypeC7gMetal = "c7g.metal" + + // InstanceTypeM7gMedium is a InstanceType enum value + InstanceTypeM7gMedium = "m7g.medium" + + // InstanceTypeM7gLarge is a InstanceType enum value + InstanceTypeM7gLarge = "m7g.large" + + // InstanceTypeM7gXlarge is a InstanceType enum value + InstanceTypeM7gXlarge = "m7g.xlarge" + + // InstanceTypeM7g2xlarge is a InstanceType enum value + InstanceTypeM7g2xlarge = "m7g.2xlarge" + + // InstanceTypeM7g4xlarge is a InstanceType enum value + InstanceTypeM7g4xlarge = "m7g.4xlarge" + + // InstanceTypeM7g8xlarge is a InstanceType enum value + InstanceTypeM7g8xlarge = "m7g.8xlarge" + + // InstanceTypeM7g12xlarge is a InstanceType enum value + InstanceTypeM7g12xlarge = "m7g.12xlarge" + + // InstanceTypeM7g16xlarge is a InstanceType enum value + InstanceTypeM7g16xlarge = "m7g.16xlarge" + + // InstanceTypeM7gMetal is a InstanceType enum value + InstanceTypeM7gMetal = "m7g.metal" + + // InstanceTypeR7gMedium is a InstanceType enum value + InstanceTypeR7gMedium = "r7g.medium" + + // InstanceTypeR7gLarge is a InstanceType enum value + InstanceTypeR7gLarge = "r7g.large" + + // InstanceTypeR7gXlarge is a InstanceType enum value + InstanceTypeR7gXlarge = "r7g.xlarge" + + // InstanceTypeR7g2xlarge is a InstanceType enum value + InstanceTypeR7g2xlarge = "r7g.2xlarge" + + // InstanceTypeR7g4xlarge is a InstanceType enum value + InstanceTypeR7g4xlarge = "r7g.4xlarge" + + // InstanceTypeR7g8xlarge is a InstanceType enum value + InstanceTypeR7g8xlarge = "r7g.8xlarge" + + // InstanceTypeR7g12xlarge is a InstanceType enum value + InstanceTypeR7g12xlarge = "r7g.12xlarge" + + // InstanceTypeR7g16xlarge is a InstanceType enum value + InstanceTypeR7g16xlarge = "r7g.16xlarge" + + // InstanceTypeR7gMetal is a InstanceType enum value + InstanceTypeR7gMetal = "r7g.metal" + + // InstanceTypeC6inMetal is a InstanceType enum value + InstanceTypeC6inMetal = "c6in.metal" + + // InstanceTypeM6inMetal is a InstanceType enum value + InstanceTypeM6inMetal = "m6in.metal" + + // InstanceTypeM6idnMetal is a InstanceType enum value + InstanceTypeM6idnMetal = "m6idn.metal" + + // InstanceTypeR6inMetal is a InstanceType enum value + InstanceTypeR6inMetal = "r6in.metal" + + // InstanceTypeR6idnMetal is a InstanceType enum value + InstanceTypeR6idnMetal = "r6idn.metal" + + // InstanceTypeInf2Xlarge is a InstanceType enum value + InstanceTypeInf2Xlarge = "inf2.xlarge" + + // InstanceTypeInf28xlarge is a InstanceType enum value + InstanceTypeInf28xlarge = "inf2.8xlarge" + + // InstanceTypeInf224xlarge is a InstanceType enum value + InstanceTypeInf224xlarge = "inf2.24xlarge" + + // InstanceTypeInf248xlarge is a InstanceType enum value + InstanceTypeInf248xlarge = "inf2.48xlarge" + + // InstanceTypeTrn1n32xlarge is a InstanceType enum value + InstanceTypeTrn1n32xlarge = "trn1n.32xlarge" + + // InstanceTypeI4gLarge is a InstanceType enum value + InstanceTypeI4gLarge = "i4g.large" + + // InstanceTypeI4gXlarge is a InstanceType enum value + InstanceTypeI4gXlarge = "i4g.xlarge" + + // InstanceTypeI4g2xlarge is a InstanceType enum value + InstanceTypeI4g2xlarge = "i4g.2xlarge" + + // InstanceTypeI4g4xlarge is a InstanceType enum value + InstanceTypeI4g4xlarge = "i4g.4xlarge" + + // InstanceTypeI4g8xlarge is a InstanceType enum value + InstanceTypeI4g8xlarge = "i4g.8xlarge" + + // InstanceTypeI4g16xlarge is a InstanceType enum value + InstanceTypeI4g16xlarge = "i4g.16xlarge" + + // InstanceTypeHpc7g4xlarge is a InstanceType enum value + InstanceTypeHpc7g4xlarge = "hpc7g.4xlarge" + + // InstanceTypeHpc7g8xlarge is a InstanceType enum value + InstanceTypeHpc7g8xlarge = "hpc7g.8xlarge" + + // InstanceTypeHpc7g16xlarge is a InstanceType enum value + InstanceTypeHpc7g16xlarge = "hpc7g.16xlarge" + + // InstanceTypeC7gnMedium is a InstanceType enum value + InstanceTypeC7gnMedium = "c7gn.medium" + + // InstanceTypeC7gnLarge is a InstanceType enum value + InstanceTypeC7gnLarge = "c7gn.large" + + // InstanceTypeC7gnXlarge is a InstanceType enum value + InstanceTypeC7gnXlarge = "c7gn.xlarge" + + // InstanceTypeC7gn2xlarge is a InstanceType enum value + InstanceTypeC7gn2xlarge = "c7gn.2xlarge" + + // InstanceTypeC7gn4xlarge is a InstanceType enum value + InstanceTypeC7gn4xlarge = "c7gn.4xlarge" + + // InstanceTypeC7gn8xlarge is a InstanceType enum value + InstanceTypeC7gn8xlarge = "c7gn.8xlarge" + + // InstanceTypeC7gn12xlarge is a InstanceType enum value + InstanceTypeC7gn12xlarge = "c7gn.12xlarge" + + // InstanceTypeC7gn16xlarge is a InstanceType enum value + InstanceTypeC7gn16xlarge = "c7gn.16xlarge" + + // InstanceTypeP548xlarge is a InstanceType enum value + InstanceTypeP548xlarge = "p5.48xlarge" + + // InstanceTypeM7iLarge is a InstanceType enum value + InstanceTypeM7iLarge = "m7i.large" + + // InstanceTypeM7iXlarge is a InstanceType enum value + InstanceTypeM7iXlarge = "m7i.xlarge" + + // InstanceTypeM7i2xlarge is a InstanceType enum value + InstanceTypeM7i2xlarge = "m7i.2xlarge" + + // InstanceTypeM7i4xlarge is a InstanceType enum value + InstanceTypeM7i4xlarge = "m7i.4xlarge" + + // InstanceTypeM7i8xlarge is a InstanceType enum value + InstanceTypeM7i8xlarge = "m7i.8xlarge" + + // InstanceTypeM7i12xlarge is a InstanceType enum value + InstanceTypeM7i12xlarge = "m7i.12xlarge" + + // InstanceTypeM7i16xlarge is a InstanceType enum value + InstanceTypeM7i16xlarge = "m7i.16xlarge" + + // InstanceTypeM7i24xlarge is a InstanceType enum value + InstanceTypeM7i24xlarge = "m7i.24xlarge" + + // InstanceTypeM7i48xlarge is a InstanceType enum value + InstanceTypeM7i48xlarge = "m7i.48xlarge" + + // InstanceTypeM7iFlexLarge is a InstanceType enum value + InstanceTypeM7iFlexLarge = "m7i-flex.large" + + // InstanceTypeM7iFlexXlarge is a InstanceType enum value + InstanceTypeM7iFlexXlarge = "m7i-flex.xlarge" + + // InstanceTypeM7iFlex2xlarge is a InstanceType enum value + InstanceTypeM7iFlex2xlarge = "m7i-flex.2xlarge" + + // InstanceTypeM7iFlex4xlarge is a InstanceType enum value + InstanceTypeM7iFlex4xlarge = "m7i-flex.4xlarge" + + // InstanceTypeM7iFlex8xlarge is a InstanceType enum value + InstanceTypeM7iFlex8xlarge = "m7i-flex.8xlarge" + + // InstanceTypeM7aMedium is a InstanceType enum value + InstanceTypeM7aMedium = "m7a.medium" + + // InstanceTypeM7aLarge is a InstanceType enum value + InstanceTypeM7aLarge = "m7a.large" + + // InstanceTypeM7aXlarge is a InstanceType enum value + InstanceTypeM7aXlarge = "m7a.xlarge" + + // InstanceTypeM7a2xlarge is a InstanceType enum value + InstanceTypeM7a2xlarge = "m7a.2xlarge" + + // InstanceTypeM7a4xlarge is a InstanceType enum value + InstanceTypeM7a4xlarge = "m7a.4xlarge" + + // InstanceTypeM7a8xlarge is a InstanceType enum value + InstanceTypeM7a8xlarge = "m7a.8xlarge" + + // InstanceTypeM7a12xlarge is a InstanceType enum value + InstanceTypeM7a12xlarge = "m7a.12xlarge" + + // InstanceTypeM7a16xlarge is a InstanceType enum value + InstanceTypeM7a16xlarge = "m7a.16xlarge" + + // InstanceTypeM7a24xlarge is a InstanceType enum value + InstanceTypeM7a24xlarge = "m7a.24xlarge" + + // InstanceTypeM7a32xlarge is a InstanceType enum value + InstanceTypeM7a32xlarge = "m7a.32xlarge" + + // InstanceTypeM7a48xlarge is a InstanceType enum value + InstanceTypeM7a48xlarge = "m7a.48xlarge" + + // InstanceTypeM7aMetal48xl is a InstanceType enum value + InstanceTypeM7aMetal48xl = "m7a.metal-48xl" + + // InstanceTypeHpc7a12xlarge is a InstanceType enum value + InstanceTypeHpc7a12xlarge = "hpc7a.12xlarge" + + // InstanceTypeHpc7a24xlarge is a InstanceType enum value + InstanceTypeHpc7a24xlarge = "hpc7a.24xlarge" + + // InstanceTypeHpc7a48xlarge is a InstanceType enum value + InstanceTypeHpc7a48xlarge = "hpc7a.48xlarge" + + // InstanceTypeHpc7a96xlarge is a InstanceType enum value + InstanceTypeHpc7a96xlarge = "hpc7a.96xlarge" + + // InstanceTypeC7gdMedium is a InstanceType enum value + InstanceTypeC7gdMedium = "c7gd.medium" + + // InstanceTypeC7gdLarge is a InstanceType enum value + InstanceTypeC7gdLarge = "c7gd.large" + + // InstanceTypeC7gdXlarge is a InstanceType enum value + InstanceTypeC7gdXlarge = "c7gd.xlarge" + + // InstanceTypeC7gd2xlarge is a InstanceType enum value + InstanceTypeC7gd2xlarge = "c7gd.2xlarge" + + // InstanceTypeC7gd4xlarge is a InstanceType enum value + InstanceTypeC7gd4xlarge = "c7gd.4xlarge" + + // InstanceTypeC7gd8xlarge is a InstanceType enum value + InstanceTypeC7gd8xlarge = "c7gd.8xlarge" + + // InstanceTypeC7gd12xlarge is a InstanceType enum value + InstanceTypeC7gd12xlarge = "c7gd.12xlarge" + + // InstanceTypeC7gd16xlarge is a InstanceType enum value + InstanceTypeC7gd16xlarge = "c7gd.16xlarge" + + // InstanceTypeM7gdMedium is a InstanceType enum value + InstanceTypeM7gdMedium = "m7gd.medium" + + // InstanceTypeM7gdLarge is a InstanceType enum value + InstanceTypeM7gdLarge = "m7gd.large" + + // InstanceTypeM7gdXlarge is a InstanceType enum value + InstanceTypeM7gdXlarge = "m7gd.xlarge" + + // InstanceTypeM7gd2xlarge is a InstanceType enum value + InstanceTypeM7gd2xlarge = "m7gd.2xlarge" + + // InstanceTypeM7gd4xlarge is a InstanceType enum value + InstanceTypeM7gd4xlarge = "m7gd.4xlarge" + + // InstanceTypeM7gd8xlarge is a InstanceType enum value + InstanceTypeM7gd8xlarge = "m7gd.8xlarge" + + // InstanceTypeM7gd12xlarge is a InstanceType enum value + InstanceTypeM7gd12xlarge = "m7gd.12xlarge" + + // InstanceTypeM7gd16xlarge is a InstanceType enum value + InstanceTypeM7gd16xlarge = "m7gd.16xlarge" + + // InstanceTypeR7gdMedium is a InstanceType enum value + InstanceTypeR7gdMedium = "r7gd.medium" + + // InstanceTypeR7gdLarge is a InstanceType enum value + InstanceTypeR7gdLarge = "r7gd.large" + + // InstanceTypeR7gdXlarge is a InstanceType enum value + InstanceTypeR7gdXlarge = "r7gd.xlarge" + + // InstanceTypeR7gd2xlarge is a InstanceType enum value + InstanceTypeR7gd2xlarge = "r7gd.2xlarge" + + // InstanceTypeR7gd4xlarge is a InstanceType enum value + InstanceTypeR7gd4xlarge = "r7gd.4xlarge" + + // InstanceTypeR7gd8xlarge is a InstanceType enum value + InstanceTypeR7gd8xlarge = "r7gd.8xlarge" + + // InstanceTypeR7gd12xlarge is a InstanceType enum value + InstanceTypeR7gd12xlarge = "r7gd.12xlarge" + + // InstanceTypeR7gd16xlarge is a InstanceType enum value + InstanceTypeR7gd16xlarge = "r7gd.16xlarge" + + // InstanceTypeR7aMedium is a InstanceType enum value + InstanceTypeR7aMedium = "r7a.medium" + + // InstanceTypeR7aLarge is a InstanceType enum value + InstanceTypeR7aLarge = "r7a.large" + + // InstanceTypeR7aXlarge is a InstanceType enum value + InstanceTypeR7aXlarge = "r7a.xlarge" + + // InstanceTypeR7a2xlarge is a InstanceType enum value + InstanceTypeR7a2xlarge = "r7a.2xlarge" + + // InstanceTypeR7a4xlarge is a InstanceType enum value + InstanceTypeR7a4xlarge = "r7a.4xlarge" + + // InstanceTypeR7a8xlarge is a InstanceType enum value + InstanceTypeR7a8xlarge = "r7a.8xlarge" + + // InstanceTypeR7a12xlarge is a InstanceType enum value + InstanceTypeR7a12xlarge = "r7a.12xlarge" + + // InstanceTypeR7a16xlarge is a InstanceType enum value + InstanceTypeR7a16xlarge = "r7a.16xlarge" + + // InstanceTypeR7a24xlarge is a InstanceType enum value + InstanceTypeR7a24xlarge = "r7a.24xlarge" + + // InstanceTypeR7a32xlarge is a InstanceType enum value + InstanceTypeR7a32xlarge = "r7a.32xlarge" + + // InstanceTypeR7a48xlarge is a InstanceType enum value + InstanceTypeR7a48xlarge = "r7a.48xlarge" + + // InstanceTypeC7iLarge is a InstanceType enum value + InstanceTypeC7iLarge = "c7i.large" + + // InstanceTypeC7iXlarge is a InstanceType enum value + InstanceTypeC7iXlarge = "c7i.xlarge" + + // InstanceTypeC7i2xlarge is a InstanceType enum value + InstanceTypeC7i2xlarge = "c7i.2xlarge" + + // InstanceTypeC7i4xlarge is a InstanceType enum value + InstanceTypeC7i4xlarge = "c7i.4xlarge" + + // InstanceTypeC7i8xlarge is a InstanceType enum value + InstanceTypeC7i8xlarge = "c7i.8xlarge" + + // InstanceTypeC7i12xlarge is a InstanceType enum value + InstanceTypeC7i12xlarge = "c7i.12xlarge" + + // InstanceTypeC7i16xlarge is a InstanceType enum value + InstanceTypeC7i16xlarge = "c7i.16xlarge" + + // InstanceTypeC7i24xlarge is a InstanceType enum value + InstanceTypeC7i24xlarge = "c7i.24xlarge" + + // InstanceTypeC7i48xlarge is a InstanceType enum value + InstanceTypeC7i48xlarge = "c7i.48xlarge" + + // InstanceTypeMac2M2proMetal is a InstanceType enum value + InstanceTypeMac2M2proMetal = "mac2-m2pro.metal" + + // InstanceTypeR7izLarge is a InstanceType enum value + InstanceTypeR7izLarge = "r7iz.large" + + // InstanceTypeR7izXlarge is a InstanceType enum value + InstanceTypeR7izXlarge = "r7iz.xlarge" + + // InstanceTypeR7iz2xlarge is a InstanceType enum value + InstanceTypeR7iz2xlarge = "r7iz.2xlarge" + + // InstanceTypeR7iz4xlarge is a InstanceType enum value + InstanceTypeR7iz4xlarge = "r7iz.4xlarge" + + // InstanceTypeR7iz8xlarge is a InstanceType enum value + InstanceTypeR7iz8xlarge = "r7iz.8xlarge" + + // InstanceTypeR7iz12xlarge is a InstanceType enum value + InstanceTypeR7iz12xlarge = "r7iz.12xlarge" + + // InstanceTypeR7iz16xlarge is a InstanceType enum value + InstanceTypeR7iz16xlarge = "r7iz.16xlarge" + + // InstanceTypeR7iz32xlarge is a InstanceType enum value + InstanceTypeR7iz32xlarge = "r7iz.32xlarge" + + // InstanceTypeC7aMedium is a InstanceType enum value + InstanceTypeC7aMedium = "c7a.medium" + + // InstanceTypeC7aLarge is a InstanceType enum value + InstanceTypeC7aLarge = "c7a.large" + + // InstanceTypeC7aXlarge is a InstanceType enum value + InstanceTypeC7aXlarge = "c7a.xlarge" + + // InstanceTypeC7a2xlarge is a InstanceType enum value + InstanceTypeC7a2xlarge = "c7a.2xlarge" + + // InstanceTypeC7a4xlarge is a InstanceType enum value + InstanceTypeC7a4xlarge = "c7a.4xlarge" + + // InstanceTypeC7a8xlarge is a InstanceType enum value + InstanceTypeC7a8xlarge = "c7a.8xlarge" + + // InstanceTypeC7a12xlarge is a InstanceType enum value + InstanceTypeC7a12xlarge = "c7a.12xlarge" + + // InstanceTypeC7a16xlarge is a InstanceType enum value + InstanceTypeC7a16xlarge = "c7a.16xlarge" + + // InstanceTypeC7a24xlarge is a InstanceType enum value + InstanceTypeC7a24xlarge = "c7a.24xlarge" + + // InstanceTypeC7a32xlarge is a InstanceType enum value + InstanceTypeC7a32xlarge = "c7a.32xlarge" + + // InstanceTypeC7a48xlarge is a InstanceType enum value + InstanceTypeC7a48xlarge = "c7a.48xlarge" + + // InstanceTypeC7aMetal48xl is a InstanceType enum value + InstanceTypeC7aMetal48xl = "c7a.metal-48xl" + + // InstanceTypeR7aMetal48xl is a InstanceType enum value + InstanceTypeR7aMetal48xl = "r7a.metal-48xl" + + // InstanceTypeR7iLarge is a InstanceType enum value + InstanceTypeR7iLarge = "r7i.large" + + // InstanceTypeR7iXlarge is a InstanceType enum value + InstanceTypeR7iXlarge = "r7i.xlarge" + + // InstanceTypeR7i2xlarge is a InstanceType enum value + InstanceTypeR7i2xlarge = "r7i.2xlarge" + + // InstanceTypeR7i4xlarge is a InstanceType enum value + InstanceTypeR7i4xlarge = "r7i.4xlarge" + + // InstanceTypeR7i8xlarge is a InstanceType enum value + InstanceTypeR7i8xlarge = "r7i.8xlarge" + + // InstanceTypeR7i12xlarge is a InstanceType enum value + InstanceTypeR7i12xlarge = "r7i.12xlarge" + + // InstanceTypeR7i16xlarge is a InstanceType enum value + InstanceTypeR7i16xlarge = "r7i.16xlarge" + + // InstanceTypeR7i24xlarge is a InstanceType enum value + InstanceTypeR7i24xlarge = "r7i.24xlarge" + + // InstanceTypeR7i48xlarge is a InstanceType enum value + InstanceTypeR7i48xlarge = "r7i.48xlarge" + + // InstanceTypeDl2q24xlarge is a InstanceType enum value + InstanceTypeDl2q24xlarge = "dl2q.24xlarge" + + // InstanceTypeMac2M2Metal is a InstanceType enum value + InstanceTypeMac2M2Metal = "mac2-m2.metal" + + // InstanceTypeI4i12xlarge is a InstanceType enum value + InstanceTypeI4i12xlarge = "i4i.12xlarge" + + // InstanceTypeI4i24xlarge is a InstanceType enum value + InstanceTypeI4i24xlarge = "i4i.24xlarge" + + // InstanceTypeC7iMetal24xl is a InstanceType enum value + InstanceTypeC7iMetal24xl = "c7i.metal-24xl" + + // InstanceTypeC7iMetal48xl is a InstanceType enum value + InstanceTypeC7iMetal48xl = "c7i.metal-48xl" + + // InstanceTypeM7iMetal24xl is a InstanceType enum value + InstanceTypeM7iMetal24xl = "m7i.metal-24xl" + + // InstanceTypeM7iMetal48xl is a InstanceType enum value + InstanceTypeM7iMetal48xl = "m7i.metal-48xl" + + // InstanceTypeR7iMetal24xl is a InstanceType enum value + InstanceTypeR7iMetal24xl = "r7i.metal-24xl" + + // InstanceTypeR7iMetal48xl is a InstanceType enum value + InstanceTypeR7iMetal48xl = "r7i.metal-48xl" + + // InstanceTypeR7izMetal16xl is a InstanceType enum value + InstanceTypeR7izMetal16xl = "r7iz.metal-16xl" + + // InstanceTypeR7izMetal32xl is a InstanceType enum value + InstanceTypeR7izMetal32xl = "r7iz.metal-32xl" ) // InstanceType_Values returns all elements of the InstanceType enum @@ -180655,6 +195970,215 @@ func InstanceType_Values() []string { InstanceTypeTrn12xlarge, InstanceTypeTrn132xlarge, InstanceTypeHpc6id32xlarge, + InstanceTypeC6inLarge, + InstanceTypeC6inXlarge, + InstanceTypeC6in2xlarge, + InstanceTypeC6in4xlarge, + InstanceTypeC6in8xlarge, + InstanceTypeC6in12xlarge, + InstanceTypeC6in16xlarge, + InstanceTypeC6in24xlarge, + InstanceTypeC6in32xlarge, + InstanceTypeM6inLarge, + InstanceTypeM6inXlarge, + InstanceTypeM6in2xlarge, + InstanceTypeM6in4xlarge, + InstanceTypeM6in8xlarge, + InstanceTypeM6in12xlarge, + InstanceTypeM6in16xlarge, + InstanceTypeM6in24xlarge, + InstanceTypeM6in32xlarge, + InstanceTypeM6idnLarge, + InstanceTypeM6idnXlarge, + InstanceTypeM6idn2xlarge, + InstanceTypeM6idn4xlarge, + InstanceTypeM6idn8xlarge, + InstanceTypeM6idn12xlarge, + InstanceTypeM6idn16xlarge, + InstanceTypeM6idn24xlarge, + InstanceTypeM6idn32xlarge, + InstanceTypeR6inLarge, + InstanceTypeR6inXlarge, + InstanceTypeR6in2xlarge, + InstanceTypeR6in4xlarge, + InstanceTypeR6in8xlarge, + InstanceTypeR6in12xlarge, + InstanceTypeR6in16xlarge, + InstanceTypeR6in24xlarge, + InstanceTypeR6in32xlarge, + InstanceTypeR6idnLarge, + InstanceTypeR6idnXlarge, + InstanceTypeR6idn2xlarge, + InstanceTypeR6idn4xlarge, + InstanceTypeR6idn8xlarge, + InstanceTypeR6idn12xlarge, + InstanceTypeR6idn16xlarge, + InstanceTypeR6idn24xlarge, + InstanceTypeR6idn32xlarge, + InstanceTypeC7gMetal, + InstanceTypeM7gMedium, + InstanceTypeM7gLarge, + InstanceTypeM7gXlarge, + InstanceTypeM7g2xlarge, + InstanceTypeM7g4xlarge, + InstanceTypeM7g8xlarge, + InstanceTypeM7g12xlarge, + InstanceTypeM7g16xlarge, + InstanceTypeM7gMetal, + InstanceTypeR7gMedium, + InstanceTypeR7gLarge, + InstanceTypeR7gXlarge, + InstanceTypeR7g2xlarge, + InstanceTypeR7g4xlarge, + InstanceTypeR7g8xlarge, + InstanceTypeR7g12xlarge, + InstanceTypeR7g16xlarge, + InstanceTypeR7gMetal, + InstanceTypeC6inMetal, + InstanceTypeM6inMetal, + InstanceTypeM6idnMetal, + InstanceTypeR6inMetal, + InstanceTypeR6idnMetal, + InstanceTypeInf2Xlarge, + InstanceTypeInf28xlarge, + InstanceTypeInf224xlarge, + InstanceTypeInf248xlarge, + InstanceTypeTrn1n32xlarge, + InstanceTypeI4gLarge, + InstanceTypeI4gXlarge, + InstanceTypeI4g2xlarge, + InstanceTypeI4g4xlarge, + InstanceTypeI4g8xlarge, + InstanceTypeI4g16xlarge, + InstanceTypeHpc7g4xlarge, + InstanceTypeHpc7g8xlarge, + InstanceTypeHpc7g16xlarge, + InstanceTypeC7gnMedium, + InstanceTypeC7gnLarge, + InstanceTypeC7gnXlarge, + InstanceTypeC7gn2xlarge, + InstanceTypeC7gn4xlarge, + InstanceTypeC7gn8xlarge, + InstanceTypeC7gn12xlarge, + InstanceTypeC7gn16xlarge, + InstanceTypeP548xlarge, + InstanceTypeM7iLarge, + InstanceTypeM7iXlarge, + InstanceTypeM7i2xlarge, + InstanceTypeM7i4xlarge, + InstanceTypeM7i8xlarge, + InstanceTypeM7i12xlarge, + InstanceTypeM7i16xlarge, + InstanceTypeM7i24xlarge, + InstanceTypeM7i48xlarge, + InstanceTypeM7iFlexLarge, + InstanceTypeM7iFlexXlarge, + InstanceTypeM7iFlex2xlarge, + InstanceTypeM7iFlex4xlarge, + InstanceTypeM7iFlex8xlarge, + InstanceTypeM7aMedium, + InstanceTypeM7aLarge, + InstanceTypeM7aXlarge, + InstanceTypeM7a2xlarge, + InstanceTypeM7a4xlarge, + InstanceTypeM7a8xlarge, + InstanceTypeM7a12xlarge, + InstanceTypeM7a16xlarge, + InstanceTypeM7a24xlarge, + InstanceTypeM7a32xlarge, + InstanceTypeM7a48xlarge, + InstanceTypeM7aMetal48xl, + InstanceTypeHpc7a12xlarge, + InstanceTypeHpc7a24xlarge, + InstanceTypeHpc7a48xlarge, + InstanceTypeHpc7a96xlarge, + InstanceTypeC7gdMedium, + InstanceTypeC7gdLarge, + InstanceTypeC7gdXlarge, + InstanceTypeC7gd2xlarge, + InstanceTypeC7gd4xlarge, + InstanceTypeC7gd8xlarge, + InstanceTypeC7gd12xlarge, + InstanceTypeC7gd16xlarge, + InstanceTypeM7gdMedium, + InstanceTypeM7gdLarge, + InstanceTypeM7gdXlarge, + InstanceTypeM7gd2xlarge, + InstanceTypeM7gd4xlarge, + InstanceTypeM7gd8xlarge, + InstanceTypeM7gd12xlarge, + InstanceTypeM7gd16xlarge, + InstanceTypeR7gdMedium, + InstanceTypeR7gdLarge, + InstanceTypeR7gdXlarge, + InstanceTypeR7gd2xlarge, + InstanceTypeR7gd4xlarge, + InstanceTypeR7gd8xlarge, + InstanceTypeR7gd12xlarge, + InstanceTypeR7gd16xlarge, + InstanceTypeR7aMedium, + InstanceTypeR7aLarge, + InstanceTypeR7aXlarge, + InstanceTypeR7a2xlarge, + InstanceTypeR7a4xlarge, + InstanceTypeR7a8xlarge, + InstanceTypeR7a12xlarge, + InstanceTypeR7a16xlarge, + InstanceTypeR7a24xlarge, + InstanceTypeR7a32xlarge, + InstanceTypeR7a48xlarge, + InstanceTypeC7iLarge, + InstanceTypeC7iXlarge, + InstanceTypeC7i2xlarge, + InstanceTypeC7i4xlarge, + InstanceTypeC7i8xlarge, + InstanceTypeC7i12xlarge, + InstanceTypeC7i16xlarge, + InstanceTypeC7i24xlarge, + InstanceTypeC7i48xlarge, + InstanceTypeMac2M2proMetal, + InstanceTypeR7izLarge, + InstanceTypeR7izXlarge, + InstanceTypeR7iz2xlarge, + InstanceTypeR7iz4xlarge, + InstanceTypeR7iz8xlarge, + InstanceTypeR7iz12xlarge, + InstanceTypeR7iz16xlarge, + InstanceTypeR7iz32xlarge, + InstanceTypeC7aMedium, + InstanceTypeC7aLarge, + InstanceTypeC7aXlarge, + InstanceTypeC7a2xlarge, + InstanceTypeC7a4xlarge, + InstanceTypeC7a8xlarge, + InstanceTypeC7a12xlarge, + InstanceTypeC7a16xlarge, + InstanceTypeC7a24xlarge, + InstanceTypeC7a32xlarge, + InstanceTypeC7a48xlarge, + InstanceTypeC7aMetal48xl, + InstanceTypeR7aMetal48xl, + InstanceTypeR7iLarge, + InstanceTypeR7iXlarge, + InstanceTypeR7i2xlarge, + InstanceTypeR7i4xlarge, + InstanceTypeR7i8xlarge, + InstanceTypeR7i12xlarge, + InstanceTypeR7i16xlarge, + InstanceTypeR7i24xlarge, + InstanceTypeR7i48xlarge, + InstanceTypeDl2q24xlarge, + InstanceTypeMac2M2Metal, + InstanceTypeI4i12xlarge, + InstanceTypeI4i24xlarge, + InstanceTypeC7iMetal24xl, + InstanceTypeC7iMetal48xl, + InstanceTypeM7iMetal24xl, + InstanceTypeM7iMetal48xl, + InstanceTypeR7iMetal24xl, + InstanceTypeR7iMetal48xl, + InstanceTypeR7izMetal16xl, + InstanceTypeR7izMetal32xl, } } @@ -180754,6 +196278,22 @@ func IpamAddressHistoryResourceType_Values() []string { } } +const ( + // IpamAssociatedResourceDiscoveryStatusActive is a IpamAssociatedResourceDiscoveryStatus enum value + IpamAssociatedResourceDiscoveryStatusActive = "active" + + // IpamAssociatedResourceDiscoveryStatusNotFound is a IpamAssociatedResourceDiscoveryStatus enum value + IpamAssociatedResourceDiscoveryStatusNotFound = "not-found" +) + +// IpamAssociatedResourceDiscoveryStatus_Values returns all elements of the IpamAssociatedResourceDiscoveryStatus enum +func IpamAssociatedResourceDiscoveryStatus_Values() []string { + return []string{ + IpamAssociatedResourceDiscoveryStatusActive, + IpamAssociatedResourceDiscoveryStatusNotFound, + } +} + const ( // IpamComplianceStatusCompliant is a IpamComplianceStatus enum value IpamComplianceStatusCompliant = "compliant" @@ -180778,6 +196318,26 @@ func IpamComplianceStatus_Values() []string { } } +const ( + // IpamDiscoveryFailureCodeAssumeRoleFailure is a IpamDiscoveryFailureCode enum value + IpamDiscoveryFailureCodeAssumeRoleFailure = "assume-role-failure" + + // IpamDiscoveryFailureCodeThrottlingFailure is a IpamDiscoveryFailureCode enum value + IpamDiscoveryFailureCodeThrottlingFailure = "throttling-failure" + + // IpamDiscoveryFailureCodeUnauthorizedFailure is a IpamDiscoveryFailureCode enum value + IpamDiscoveryFailureCodeUnauthorizedFailure = "unauthorized-failure" +) + +// IpamDiscoveryFailureCode_Values returns all elements of the IpamDiscoveryFailureCode enum +func IpamDiscoveryFailureCode_Values() []string { + return []string{ + IpamDiscoveryFailureCodeAssumeRoleFailure, + IpamDiscoveryFailureCodeThrottlingFailure, + IpamDiscoveryFailureCodeUnauthorizedFailure, + } +} + const ( // IpamManagementStateManaged is a IpamManagementState enum value IpamManagementStateManaged = "managed" @@ -180830,6 +196390,9 @@ const ( // IpamPoolAllocationResourceTypeCustom is a IpamPoolAllocationResourceType enum value IpamPoolAllocationResourceTypeCustom = "custom" + + // IpamPoolAllocationResourceTypeSubnet is a IpamPoolAllocationResourceType enum value + IpamPoolAllocationResourceTypeSubnet = "subnet" ) // IpamPoolAllocationResourceType_Values returns all elements of the IpamPoolAllocationResourceType enum @@ -180839,6 +196402,7 @@ func IpamPoolAllocationResourceType_Values() []string { IpamPoolAllocationResourceTypeVpc, IpamPoolAllocationResourceTypeEc2PublicIpv4Pool, IpamPoolAllocationResourceTypeCustom, + IpamPoolAllocationResourceTypeSubnet, } } @@ -180857,12 +196421,16 @@ func IpamPoolAwsService_Values() []string { const ( // IpamPoolCidrFailureCodeCidrNotAvailable is a IpamPoolCidrFailureCode enum value IpamPoolCidrFailureCodeCidrNotAvailable = "cidr-not-available" + + // IpamPoolCidrFailureCodeLimitExceeded is a IpamPoolCidrFailureCode enum value + IpamPoolCidrFailureCodeLimitExceeded = "limit-exceeded" ) // IpamPoolCidrFailureCode_Values returns all elements of the IpamPoolCidrFailureCode enum func IpamPoolCidrFailureCode_Values() []string { return []string{ IpamPoolCidrFailureCodeCidrNotAvailable, + IpamPoolCidrFailureCodeLimitExceeded, } } @@ -180906,6 +196474,34 @@ func IpamPoolCidrState_Values() []string { } } +const ( + // IpamPoolPublicIpSourceAmazon is a IpamPoolPublicIpSource enum value + IpamPoolPublicIpSourceAmazon = "amazon" + + // IpamPoolPublicIpSourceByoip is a IpamPoolPublicIpSource enum value + IpamPoolPublicIpSourceByoip = "byoip" +) + +// IpamPoolPublicIpSource_Values returns all elements of the IpamPoolPublicIpSource enum +func IpamPoolPublicIpSource_Values() []string { + return []string{ + IpamPoolPublicIpSourceAmazon, + IpamPoolPublicIpSourceByoip, + } +} + +const ( + // IpamPoolSourceResourceTypeVpc is a IpamPoolSourceResourceType enum value + IpamPoolSourceResourceTypeVpc = "vpc" +) + +// IpamPoolSourceResourceType_Values returns all elements of the IpamPoolSourceResourceType enum +func IpamPoolSourceResourceType_Values() []string { + return []string{ + IpamPoolSourceResourceTypeVpc, + } +} + const ( // IpamPoolStateCreateInProgress is a IpamPoolState enum value IpamPoolStateCreateInProgress = "create-in-progress" @@ -180962,6 +196558,194 @@ func IpamPoolState_Values() []string { } } +const ( + // IpamPublicAddressAssociationStatusAssociated is a IpamPublicAddressAssociationStatus enum value + IpamPublicAddressAssociationStatusAssociated = "associated" + + // IpamPublicAddressAssociationStatusDisassociated is a IpamPublicAddressAssociationStatus enum value + IpamPublicAddressAssociationStatusDisassociated = "disassociated" +) + +// IpamPublicAddressAssociationStatus_Values returns all elements of the IpamPublicAddressAssociationStatus enum +func IpamPublicAddressAssociationStatus_Values() []string { + return []string{ + IpamPublicAddressAssociationStatusAssociated, + IpamPublicAddressAssociationStatusDisassociated, + } +} + +const ( + // IpamPublicAddressAwsServiceNatGateway is a IpamPublicAddressAwsService enum value + IpamPublicAddressAwsServiceNatGateway = "nat-gateway" + + // IpamPublicAddressAwsServiceDatabaseMigrationService is a IpamPublicAddressAwsService enum value + IpamPublicAddressAwsServiceDatabaseMigrationService = "database-migration-service" + + // IpamPublicAddressAwsServiceRedshift is a IpamPublicAddressAwsService enum value + IpamPublicAddressAwsServiceRedshift = "redshift" + + // IpamPublicAddressAwsServiceElasticContainerService is a IpamPublicAddressAwsService enum value + IpamPublicAddressAwsServiceElasticContainerService = "elastic-container-service" + + // IpamPublicAddressAwsServiceRelationalDatabaseService is a IpamPublicAddressAwsService enum value + IpamPublicAddressAwsServiceRelationalDatabaseService = "relational-database-service" + + // IpamPublicAddressAwsServiceSiteToSiteVpn is a IpamPublicAddressAwsService enum value + IpamPublicAddressAwsServiceSiteToSiteVpn = "site-to-site-vpn" + + // IpamPublicAddressAwsServiceLoadBalancer is a IpamPublicAddressAwsService enum value + IpamPublicAddressAwsServiceLoadBalancer = "load-balancer" + + // IpamPublicAddressAwsServiceGlobalAccelerator is a IpamPublicAddressAwsService enum value + IpamPublicAddressAwsServiceGlobalAccelerator = "global-accelerator" + + // IpamPublicAddressAwsServiceOther is a IpamPublicAddressAwsService enum value + IpamPublicAddressAwsServiceOther = "other" +) + +// IpamPublicAddressAwsService_Values returns all elements of the IpamPublicAddressAwsService enum +func IpamPublicAddressAwsService_Values() []string { + return []string{ + IpamPublicAddressAwsServiceNatGateway, + IpamPublicAddressAwsServiceDatabaseMigrationService, + IpamPublicAddressAwsServiceRedshift, + IpamPublicAddressAwsServiceElasticContainerService, + IpamPublicAddressAwsServiceRelationalDatabaseService, + IpamPublicAddressAwsServiceSiteToSiteVpn, + IpamPublicAddressAwsServiceLoadBalancer, + IpamPublicAddressAwsServiceGlobalAccelerator, + IpamPublicAddressAwsServiceOther, + } +} + +const ( + // IpamPublicAddressTypeServiceManagedIp is a IpamPublicAddressType enum value + IpamPublicAddressTypeServiceManagedIp = "service-managed-ip" + + // IpamPublicAddressTypeServiceManagedByoip is a IpamPublicAddressType enum value + IpamPublicAddressTypeServiceManagedByoip = "service-managed-byoip" + + // IpamPublicAddressTypeAmazonOwnedEip is a IpamPublicAddressType enum value + IpamPublicAddressTypeAmazonOwnedEip = "amazon-owned-eip" + + // IpamPublicAddressTypeByoip is a IpamPublicAddressType enum value + IpamPublicAddressTypeByoip = "byoip" + + // IpamPublicAddressTypeEc2PublicIp is a IpamPublicAddressType enum value + IpamPublicAddressTypeEc2PublicIp = "ec2-public-ip" +) + +// IpamPublicAddressType_Values returns all elements of the IpamPublicAddressType enum +func IpamPublicAddressType_Values() []string { + return []string{ + IpamPublicAddressTypeServiceManagedIp, + IpamPublicAddressTypeServiceManagedByoip, + IpamPublicAddressTypeAmazonOwnedEip, + IpamPublicAddressTypeByoip, + IpamPublicAddressTypeEc2PublicIp, + } +} + +const ( + // IpamResourceDiscoveryAssociationStateAssociateInProgress is a IpamResourceDiscoveryAssociationState enum value + IpamResourceDiscoveryAssociationStateAssociateInProgress = "associate-in-progress" + + // IpamResourceDiscoveryAssociationStateAssociateComplete is a IpamResourceDiscoveryAssociationState enum value + IpamResourceDiscoveryAssociationStateAssociateComplete = "associate-complete" + + // IpamResourceDiscoveryAssociationStateAssociateFailed is a IpamResourceDiscoveryAssociationState enum value + IpamResourceDiscoveryAssociationStateAssociateFailed = "associate-failed" + + // IpamResourceDiscoveryAssociationStateDisassociateInProgress is a IpamResourceDiscoveryAssociationState enum value + IpamResourceDiscoveryAssociationStateDisassociateInProgress = "disassociate-in-progress" + + // IpamResourceDiscoveryAssociationStateDisassociateComplete is a IpamResourceDiscoveryAssociationState enum value + IpamResourceDiscoveryAssociationStateDisassociateComplete = "disassociate-complete" + + // IpamResourceDiscoveryAssociationStateDisassociateFailed is a IpamResourceDiscoveryAssociationState enum value + IpamResourceDiscoveryAssociationStateDisassociateFailed = "disassociate-failed" + + // IpamResourceDiscoveryAssociationStateIsolateInProgress is a IpamResourceDiscoveryAssociationState enum value + IpamResourceDiscoveryAssociationStateIsolateInProgress = "isolate-in-progress" + + // IpamResourceDiscoveryAssociationStateIsolateComplete is a IpamResourceDiscoveryAssociationState enum value + IpamResourceDiscoveryAssociationStateIsolateComplete = "isolate-complete" + + // IpamResourceDiscoveryAssociationStateRestoreInProgress is a IpamResourceDiscoveryAssociationState enum value + IpamResourceDiscoveryAssociationStateRestoreInProgress = "restore-in-progress" +) + +// IpamResourceDiscoveryAssociationState_Values returns all elements of the IpamResourceDiscoveryAssociationState enum +func IpamResourceDiscoveryAssociationState_Values() []string { + return []string{ + IpamResourceDiscoveryAssociationStateAssociateInProgress, + IpamResourceDiscoveryAssociationStateAssociateComplete, + IpamResourceDiscoveryAssociationStateAssociateFailed, + IpamResourceDiscoveryAssociationStateDisassociateInProgress, + IpamResourceDiscoveryAssociationStateDisassociateComplete, + IpamResourceDiscoveryAssociationStateDisassociateFailed, + IpamResourceDiscoveryAssociationStateIsolateInProgress, + IpamResourceDiscoveryAssociationStateIsolateComplete, + IpamResourceDiscoveryAssociationStateRestoreInProgress, + } +} + +const ( + // IpamResourceDiscoveryStateCreateInProgress is a IpamResourceDiscoveryState enum value + IpamResourceDiscoveryStateCreateInProgress = "create-in-progress" + + // IpamResourceDiscoveryStateCreateComplete is a IpamResourceDiscoveryState enum value + IpamResourceDiscoveryStateCreateComplete = "create-complete" + + // IpamResourceDiscoveryStateCreateFailed is a IpamResourceDiscoveryState enum value + IpamResourceDiscoveryStateCreateFailed = "create-failed" + + // IpamResourceDiscoveryStateModifyInProgress is a IpamResourceDiscoveryState enum value + IpamResourceDiscoveryStateModifyInProgress = "modify-in-progress" + + // IpamResourceDiscoveryStateModifyComplete is a IpamResourceDiscoveryState enum value + IpamResourceDiscoveryStateModifyComplete = "modify-complete" + + // IpamResourceDiscoveryStateModifyFailed is a IpamResourceDiscoveryState enum value + IpamResourceDiscoveryStateModifyFailed = "modify-failed" + + // IpamResourceDiscoveryStateDeleteInProgress is a IpamResourceDiscoveryState enum value + IpamResourceDiscoveryStateDeleteInProgress = "delete-in-progress" + + // IpamResourceDiscoveryStateDeleteComplete is a IpamResourceDiscoveryState enum value + IpamResourceDiscoveryStateDeleteComplete = "delete-complete" + + // IpamResourceDiscoveryStateDeleteFailed is a IpamResourceDiscoveryState enum value + IpamResourceDiscoveryStateDeleteFailed = "delete-failed" + + // IpamResourceDiscoveryStateIsolateInProgress is a IpamResourceDiscoveryState enum value + IpamResourceDiscoveryStateIsolateInProgress = "isolate-in-progress" + + // IpamResourceDiscoveryStateIsolateComplete is a IpamResourceDiscoveryState enum value + IpamResourceDiscoveryStateIsolateComplete = "isolate-complete" + + // IpamResourceDiscoveryStateRestoreInProgress is a IpamResourceDiscoveryState enum value + IpamResourceDiscoveryStateRestoreInProgress = "restore-in-progress" +) + +// IpamResourceDiscoveryState_Values returns all elements of the IpamResourceDiscoveryState enum +func IpamResourceDiscoveryState_Values() []string { + return []string{ + IpamResourceDiscoveryStateCreateInProgress, + IpamResourceDiscoveryStateCreateComplete, + IpamResourceDiscoveryStateCreateFailed, + IpamResourceDiscoveryStateModifyInProgress, + IpamResourceDiscoveryStateModifyComplete, + IpamResourceDiscoveryStateModifyFailed, + IpamResourceDiscoveryStateDeleteInProgress, + IpamResourceDiscoveryStateDeleteComplete, + IpamResourceDiscoveryStateDeleteFailed, + IpamResourceDiscoveryStateIsolateInProgress, + IpamResourceDiscoveryStateIsolateComplete, + IpamResourceDiscoveryStateRestoreInProgress, + } +} + const ( // IpamResourceTypeVpc is a IpamResourceType enum value IpamResourceTypeVpc = "vpc" @@ -180977,6 +196761,9 @@ const ( // IpamResourceTypeIpv6Pool is a IpamResourceType enum value IpamResourceTypeIpv6Pool = "ipv6-pool" + + // IpamResourceTypeEni is a IpamResourceType enum value + IpamResourceTypeEni = "eni" ) // IpamResourceType_Values returns all elements of the IpamResourceType enum @@ -180987,6 +196774,7 @@ func IpamResourceType_Values() []string { IpamResourceTypeEip, IpamResourceTypePublicIpv4Pool, IpamResourceTypeIpv6Pool, + IpamResourceTypeEni, } } @@ -181118,6 +196906,22 @@ func IpamState_Values() []string { } } +const ( + // IpamTierFree is a IpamTier enum value + IpamTierFree = "free" + + // IpamTierAdvanced is a IpamTier enum value + IpamTierAdvanced = "advanced" +) + +// IpamTier_Values returns all elements of the IpamTier enum +func IpamTier_Values() []string { + return []string{ + IpamTierFree, + IpamTierAdvanced, + } +} + const ( // Ipv6SupportValueEnable is a Ipv6SupportValue enum value Ipv6SupportValueEnable = "enable" @@ -181447,6 +197251,9 @@ const ( // LocationTypeAvailabilityZoneId is a LocationType enum value LocationTypeAvailabilityZoneId = "availability-zone-id" + + // LocationTypeOutpost is a LocationType enum value + LocationTypeOutpost = "outpost" ) // LocationType_Values returns all elements of the LocationType enum @@ -181455,6 +197262,47 @@ func LocationType_Values() []string { LocationTypeRegion, LocationTypeAvailabilityZone, LocationTypeAvailabilityZoneId, + LocationTypeOutpost, + } +} + +const ( + // LockModeCompliance is a LockMode enum value + LockModeCompliance = "compliance" + + // LockModeGovernance is a LockMode enum value + LockModeGovernance = "governance" +) + +// LockMode_Values returns all elements of the LockMode enum +func LockMode_Values() []string { + return []string{ + LockModeCompliance, + LockModeGovernance, + } +} + +const ( + // LockStateCompliance is a LockState enum value + LockStateCompliance = "compliance" + + // LockStateGovernance is a LockState enum value + LockStateGovernance = "governance" + + // LockStateComplianceCooloff is a LockState enum value + LockStateComplianceCooloff = "compliance-cooloff" + + // LockStateExpired is a LockState enum value + LockStateExpired = "expired" +) + +// LockState_Values returns all elements of the LockState enum +func LockState_Values() []string { + return []string{ + LockStateCompliance, + LockStateGovernance, + LockStateComplianceCooloff, + LockStateExpired, } } @@ -181481,12 +197329,16 @@ func LogDestinationType_Values() []string { const ( // MarketTypeSpot is a MarketType enum value MarketTypeSpot = "spot" + + // MarketTypeCapacityBlock is a MarketType enum value + MarketTypeCapacityBlock = "capacity-block" ) // MarketType_Values returns all elements of the MarketType enum func MarketType_Values() []string { return []string{ MarketTypeSpot, + MarketTypeCapacityBlock, } } @@ -181590,6 +197442,38 @@ func MulticastSupportValue_Values() []string { } } +const ( + // NatGatewayAddressStatusAssigning is a NatGatewayAddressStatus enum value + NatGatewayAddressStatusAssigning = "assigning" + + // NatGatewayAddressStatusUnassigning is a NatGatewayAddressStatus enum value + NatGatewayAddressStatusUnassigning = "unassigning" + + // NatGatewayAddressStatusAssociating is a NatGatewayAddressStatus enum value + NatGatewayAddressStatusAssociating = "associating" + + // NatGatewayAddressStatusDisassociating is a NatGatewayAddressStatus enum value + NatGatewayAddressStatusDisassociating = "disassociating" + + // NatGatewayAddressStatusSucceeded is a NatGatewayAddressStatus enum value + NatGatewayAddressStatusSucceeded = "succeeded" + + // NatGatewayAddressStatusFailed is a NatGatewayAddressStatus enum value + NatGatewayAddressStatusFailed = "failed" +) + +// NatGatewayAddressStatus_Values returns all elements of the NatGatewayAddressStatus enum +func NatGatewayAddressStatus_Values() []string { + return []string{ + NatGatewayAddressStatusAssigning, + NatGatewayAddressStatusUnassigning, + NatGatewayAddressStatusAssociating, + NatGatewayAddressStatusDisassociating, + NatGatewayAddressStatusSucceeded, + NatGatewayAddressStatusFailed, + } +} + const ( // NatGatewayStatePending is a NatGatewayState enum value NatGatewayStatePending = "pending" @@ -181790,6 +197674,38 @@ func NetworkInterfaceType_Values() []string { } } +const ( + // NitroEnclavesSupportUnsupported is a NitroEnclavesSupport enum value + NitroEnclavesSupportUnsupported = "unsupported" + + // NitroEnclavesSupportSupported is a NitroEnclavesSupport enum value + NitroEnclavesSupportSupported = "supported" +) + +// NitroEnclavesSupport_Values returns all elements of the NitroEnclavesSupport enum +func NitroEnclavesSupport_Values() []string { + return []string{ + NitroEnclavesSupportUnsupported, + NitroEnclavesSupportSupported, + } +} + +const ( + // NitroTpmSupportUnsupported is a NitroTpmSupport enum value + NitroTpmSupportUnsupported = "unsupported" + + // NitroTpmSupportSupported is a NitroTpmSupport enum value + NitroTpmSupportSupported = "supported" +) + +// NitroTpmSupport_Values returns all elements of the NitroTpmSupport enum +func NitroTpmSupport_Values() []string { + return []string{ + NitroTpmSupportUnsupported, + NitroTpmSupportSupported, + } +} + const ( // OfferingClassTypeStandard is a OfferingClassType enum value OfferingClassTypeStandard = "standard" @@ -182651,6 +198567,15 @@ const ( // ResourceTypeVpcBlockPublicAccessExclusion is a ResourceType enum value ResourceTypeVpcBlockPublicAccessExclusion = "vpc-block-public-access-exclusion" + + // ResourceTypeIpamResourceDiscovery is a ResourceType enum value + ResourceTypeIpamResourceDiscovery = "ipam-resource-discovery" + + // ResourceTypeIpamResourceDiscoveryAssociation is a ResourceType enum value + ResourceTypeIpamResourceDiscoveryAssociation = "ipam-resource-discovery-association" + + // ResourceTypeInstanceConnectEndpoint is a ResourceType enum value + ResourceTypeInstanceConnectEndpoint = "instance-connect-endpoint" ) // ResourceType_Values returns all elements of the ResourceType enum @@ -182739,6 +198664,9 @@ func ResourceType_Values() []string { ResourceTypeVerifiedAccessTrustProvider, ResourceTypeVpnConnectionDeviceType, ResourceTypeVpcBlockPublicAccessExclusion, + ResourceTypeIpamResourceDiscovery, + ResourceTypeIpamResourceDiscoveryAssociation, + ResourceTypeInstanceConnectEndpoint, } } @@ -182838,6 +198766,26 @@ func RuleAction_Values() []string { } } +const ( + // SSETypeSseEbs is a SSEType enum value + SSETypeSseEbs = "sse-ebs" + + // SSETypeSseKms is a SSEType enum value + SSETypeSseKms = "sse-kms" + + // SSETypeNone is a SSEType enum value + SSETypeNone = "none" +) + +// SSEType_Values returns all elements of the SSEType enum +func SSEType_Values() []string { + return []string{ + SSETypeSseEbs, + SSETypeSseKms, + SSETypeNone, + } +} + const ( // ScopeAvailabilityZone is a Scope enum value ScopeAvailabilityZone = "Availability Zone" @@ -182854,6 +198802,22 @@ func Scope_Values() []string { } } +const ( + // SecurityGroupReferencingSupportValueEnable is a SecurityGroupReferencingSupportValue enum value + SecurityGroupReferencingSupportValueEnable = "enable" + + // SecurityGroupReferencingSupportValueDisable is a SecurityGroupReferencingSupportValue enum value + SecurityGroupReferencingSupportValueDisable = "disable" +) + +// SecurityGroupReferencingSupportValue_Values returns all elements of the SecurityGroupReferencingSupportValue enum +func SecurityGroupReferencingSupportValue_Values() []string { + return []string{ + SecurityGroupReferencingSupportValueEnable, + SecurityGroupReferencingSupportValueDisable, + } +} + const ( // SelfServicePortalEnabled is a SelfServicePortal enum value SelfServicePortalEnabled = "enabled" @@ -182966,6 +198930,26 @@ func SnapshotAttributeName_Values() []string { } } +const ( + // SnapshotBlockPublicAccessStateBlockAllSharing is a SnapshotBlockPublicAccessState enum value + SnapshotBlockPublicAccessStateBlockAllSharing = "block-all-sharing" + + // SnapshotBlockPublicAccessStateBlockNewSharing is a SnapshotBlockPublicAccessState enum value + SnapshotBlockPublicAccessStateBlockNewSharing = "block-new-sharing" + + // SnapshotBlockPublicAccessStateUnblocked is a SnapshotBlockPublicAccessState enum value + SnapshotBlockPublicAccessStateUnblocked = "unblocked" +) + +// SnapshotBlockPublicAccessState_Values returns all elements of the SnapshotBlockPublicAccessState enum +func SnapshotBlockPublicAccessState_Values() []string { + return []string{ + SnapshotBlockPublicAccessStateBlockAllSharing, + SnapshotBlockPublicAccessStateBlockNewSharing, + SnapshotBlockPublicAccessStateUnblocked, + } +} + const ( // SnapshotStatePending is a SnapshotState enum value SnapshotStatePending = "pending" @@ -183057,6 +199041,9 @@ const ( // SpotInstanceStateFailed is a SpotInstanceState enum value SpotInstanceStateFailed = "failed" + + // SpotInstanceStateDisabled is a SpotInstanceState enum value + SpotInstanceStateDisabled = "disabled" ) // SpotInstanceState_Values returns all elements of the SpotInstanceState enum @@ -183067,6 +199054,7 @@ func SpotInstanceState_Values() []string { SpotInstanceStateClosed, SpotInstanceStateCancelled, SpotInstanceStateFailed, + SpotInstanceStateDisabled, } } @@ -183296,6 +199284,9 @@ const ( // SubnetStateAvailable is a SubnetState enum value SubnetStateAvailable = "available" + + // SubnetStateUnavailable is a SubnetState enum value + SubnetStateUnavailable = "unavailable" ) // SubnetState_Values returns all elements of the SubnetState enum @@ -183303,6 +199294,7 @@ func SubnetState_Values() []string { return []string{ SubnetStatePending, SubnetStateAvailable, + SubnetStateUnavailable, } } @@ -183334,6 +199326,18 @@ func SummaryStatus_Values() []string { } } +const ( + // SupportedAdditionalProcessorFeatureAmdSevSnp is a SupportedAdditionalProcessorFeature enum value + SupportedAdditionalProcessorFeatureAmdSevSnp = "amd-sev-snp" +) + +// SupportedAdditionalProcessorFeature_Values returns all elements of the SupportedAdditionalProcessorFeature enum +func SupportedAdditionalProcessorFeature_Values() []string { + return []string{ + SupportedAdditionalProcessorFeatureAmdSevSnp, + } +} + const ( // TargetCapacityUnitTypeVcpu is a TargetCapacityUnitType enum value TargetCapacityUnitTypeVcpu = "vcpu" @@ -184104,6 +200108,9 @@ const ( // UsageClassTypeOnDemand is a UsageClassType enum value UsageClassTypeOnDemand = "on-demand" + + // UsageClassTypeCapacityBlock is a UsageClassType enum value + UsageClassTypeCapacityBlock = "capacity-block" ) // UsageClassType_Values returns all elements of the UsageClassType enum @@ -184111,6 +200118,7 @@ func UsageClassType_Values() []string { return []string{ UsageClassTypeSpot, UsageClassTypeOnDemand, + UsageClassTypeCapacityBlock, } } diff --git a/agent/vendor/github.com/aws/aws-sdk-go/service/ec2/customizations.go b/agent/vendor/github.com/aws/aws-sdk-go/service/ec2/customizations.go index 5b5395356fa..621712d29f0 100644 --- a/agent/vendor/github.com/aws/aws-sdk-go/service/ec2/customizations.go +++ b/agent/vendor/github.com/aws/aws-sdk-go/service/ec2/customizations.go @@ -11,6 +11,9 @@ import ( ) const ( + // ec2CopySnapshotPresignedUrlCustomization handler name + ec2CopySnapshotPresignedUrlCustomization = "ec2CopySnapshotPresignedUrl" + // customRetryerMinRetryDelay sets min retry delay customRetryerMinRetryDelay = 1 * time.Second @@ -21,7 +24,10 @@ const ( func init() { initRequest = func(r *request.Request) { if r.Operation.Name == opCopySnapshot { // fill the PresignedURL parameter - r.Handlers.Build.PushFront(fillPresignedURL) + r.Handlers.Build.PushFrontNamed(request.NamedHandler{ + Name: ec2CopySnapshotPresignedUrlCustomization, + Fn: fillPresignedURL, + }) } // only set the retryer on request if config doesn't have a retryer @@ -48,13 +54,15 @@ func fillPresignedURL(r *request.Request) { origParams := r.Params.(*CopySnapshotInput) - // Stop if PresignedURL/DestinationRegion is set - if origParams.PresignedUrl != nil || origParams.DestinationRegion != nil { + // Stop if PresignedURL is set + if origParams.PresignedUrl != nil { return } + // Always use config region as destination region for SDKs origParams.DestinationRegion = r.Config.Region - newParams := awsutil.CopyOf(r.Params).(*CopySnapshotInput) + + newParams := awsutil.CopyOf(origParams).(*CopySnapshotInput) // Create a new request based on the existing request. We will use this to // presign the CopySnapshot request against the source region. @@ -82,8 +90,12 @@ func fillPresignedURL(r *request.Request) { clientInfo.Endpoint = resolved.URL clientInfo.SigningRegion = resolved.SigningRegion + // Copy handlers without Presigned URL customization to avoid an infinite loop + handlersWithoutPresignCustomization := r.Handlers.Copy() + handlersWithoutPresignCustomization.Build.RemoveByName(ec2CopySnapshotPresignedUrlCustomization) + // Presign a CopySnapshot request with modified params - req := request.New(*cfg, clientInfo, r.Handlers, r.Retryer, r.Operation, newParams, r.Data) + req := request.New(*cfg, clientInfo, handlersWithoutPresignCustomization, r.Retryer, r.Operation, newParams, r.Data) url, err := req.Presign(5 * time.Minute) // 5 minutes should be enough. if err != nil { // bubble error back up to original request r.Error = err diff --git a/agent/vendor/github.com/aws/aws-sdk-go/service/ec2/doc.go b/agent/vendor/github.com/aws/aws-sdk-go/service/ec2/doc.go index d563a9fb230..7cd3917611c 100644 --- a/agent/vendor/github.com/aws/aws-sdk-go/service/ec2/doc.go +++ b/agent/vendor/github.com/aws/aws-sdk-go/service/ec2/doc.go @@ -3,30 +3,9 @@ // Package ec2 provides the client and types for making API // requests to Amazon Elastic Compute Cloud. // -// Amazon Elastic Compute Cloud (Amazon EC2) provides secure and resizable computing -// capacity in the Amazon Web Services Cloud. Using Amazon EC2 eliminates the -// need to invest in hardware up front, so you can develop and deploy applications -// faster. Amazon Virtual Private Cloud (Amazon VPC) enables you to provision -// a logically isolated section of the Amazon Web Services Cloud where you can -// launch Amazon Web Services resources in a virtual network that you've defined. -// Amazon Elastic Block Store (Amazon EBS) provides block level storage volumes -// for use with EC2 instances. EBS volumes are highly available and reliable -// storage volumes that can be attached to any running instance and used like -// a hard drive. -// -// To learn more, see the following resources: -// -// - Amazon EC2: AmazonEC2 product page (http://aws.amazon.com/ec2), Amazon -// EC2 documentation (http://aws.amazon.com/documentation/ec2) -// -// - Amazon EBS: Amazon EBS product page (http://aws.amazon.com/ebs), Amazon -// EBS documentation (http://aws.amazon.com/documentation/ebs) -// -// - Amazon VPC: Amazon VPC product page (http://aws.amazon.com/vpc), Amazon -// VPC documentation (http://aws.amazon.com/documentation/vpc) -// -// - Amazon Web Services VPN: Amazon Web Services VPN product page (http://aws.amazon.com/vpn), -// Amazon Web Services VPN documentation (http://aws.amazon.com/documentation/vpn) +// You can access the features of Amazon Elastic Compute Cloud (Amazon EC2) +// programmatically. For more information, see the Amazon EC2 Developer Guide +// (https://docs.aws.amazon.com/ec2/latest/devguide). // // See https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15 for more information on this service. // diff --git a/agent/vendor/github.com/aws/aws-sdk-go/service/ec2/waiters.go b/agent/vendor/github.com/aws/aws-sdk-go/service/ec2/waiters.go index a10de4f3f13..6dc68faf7a8 100644 --- a/agent/vendor/github.com/aws/aws-sdk-go/service/ec2/waiters.go +++ b/agent/vendor/github.com/aws/aws-sdk-go/service/ec2/waiters.go @@ -1156,6 +1156,57 @@ func (c *EC2) WaitUntilSnapshotCompletedWithContext(ctx aws.Context, input *Desc return w.WaitWithContext(ctx) } +// WaitUntilSnapshotImported uses the Amazon EC2 API operation +// DescribeImportSnapshotTasks to wait for a condition to be met before returning. +// If the condition is not met within the max attempt window, an error will +// be returned. +func (c *EC2) WaitUntilSnapshotImported(input *DescribeImportSnapshotTasksInput) error { + return c.WaitUntilSnapshotImportedWithContext(aws.BackgroundContext(), input) +} + +// WaitUntilSnapshotImportedWithContext is an extended version of WaitUntilSnapshotImported. +// With the support for passing in a context and options to configure the +// Waiter and the underlying request options. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) WaitUntilSnapshotImportedWithContext(ctx aws.Context, input *DescribeImportSnapshotTasksInput, opts ...request.WaiterOption) error { + w := request.Waiter{ + Name: "WaitUntilSnapshotImported", + MaxAttempts: 40, + Delay: request.ConstantWaiterDelay(15 * time.Second), + Acceptors: []request.WaiterAcceptor{ + { + State: request.SuccessWaiterState, + Matcher: request.PathAllWaiterMatch, Argument: "ImportSnapshotTasks[].SnapshotTaskDetail.Status", + Expected: "completed", + }, + { + State: request.FailureWaiterState, + Matcher: request.PathAnyWaiterMatch, Argument: "ImportSnapshotTasks[].SnapshotTaskDetail.Status", + Expected: "error", + }, + }, + Logger: c.Config.Logger, + NewRequest: func(opts []request.Option) (*request.Request, error) { + var inCpy *DescribeImportSnapshotTasksInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.DescribeImportSnapshotTasksRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + w.ApplyOptions(opts...) + + return w.WaitWithContext(ctx) +} + // WaitUntilSpotInstanceRequestFulfilled uses the Amazon EC2 API operation // DescribeSpotInstanceRequests to wait for a condition to be met before returning. // If the condition is not met within the max attempt window, an error will @@ -1232,6 +1283,62 @@ func (c *EC2) WaitUntilSpotInstanceRequestFulfilledWithContext(ctx aws.Context, return w.WaitWithContext(ctx) } +// WaitUntilStoreImageTaskComplete uses the Amazon EC2 API operation +// DescribeStoreImageTasks to wait for a condition to be met before returning. +// If the condition is not met within the max attempt window, an error will +// be returned. +func (c *EC2) WaitUntilStoreImageTaskComplete(input *DescribeStoreImageTasksInput) error { + return c.WaitUntilStoreImageTaskCompleteWithContext(aws.BackgroundContext(), input) +} + +// WaitUntilStoreImageTaskCompleteWithContext is an extended version of WaitUntilStoreImageTaskComplete. +// With the support for passing in a context and options to configure the +// Waiter and the underlying request options. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) WaitUntilStoreImageTaskCompleteWithContext(ctx aws.Context, input *DescribeStoreImageTasksInput, opts ...request.WaiterOption) error { + w := request.Waiter{ + Name: "WaitUntilStoreImageTaskComplete", + MaxAttempts: 40, + Delay: request.ConstantWaiterDelay(5 * time.Second), + Acceptors: []request.WaiterAcceptor{ + { + State: request.SuccessWaiterState, + Matcher: request.PathAllWaiterMatch, Argument: "StoreImageTaskResults[].StoreTaskState", + Expected: "Completed", + }, + { + State: request.FailureWaiterState, + Matcher: request.PathAnyWaiterMatch, Argument: "StoreImageTaskResults[].StoreTaskState", + Expected: "Failed", + }, + { + State: request.RetryWaiterState, + Matcher: request.PathAnyWaiterMatch, Argument: "StoreImageTaskResults[].StoreTaskState", + Expected: "InProgress", + }, + }, + Logger: c.Config.Logger, + NewRequest: func(opts []request.Option) (*request.Request, error) { + var inCpy *DescribeStoreImageTasksInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.DescribeStoreImageTasksRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + w.ApplyOptions(opts...) + + return w.WaitWithContext(ctx) +} + // WaitUntilSubnetAvailable uses the Amazon EC2 API operation // DescribeSubnets to wait for a condition to be met before returning. // If the condition is not met within the max attempt window, an error will diff --git a/agent/vendor/github.com/aws/aws-sdk-go/service/fsx/api.go b/agent/vendor/github.com/aws/aws-sdk-go/service/fsx/api.go index 278da89ff02..ac0622569c2 100644 --- a/agent/vendor/github.com/aws/aws-sdk-go/service/fsx/api.go +++ b/agent/vendor/github.com/aws/aws-sdk-go/service/fsx/api.go @@ -154,16 +154,19 @@ func (c *FSx) CancelDataRepositoryTaskRequest(input *CancelDataRepositoryTaskInp // CancelDataRepositoryTask API operation for Amazon FSx. // // Cancels an existing Amazon FSx for Lustre data repository task if that task -// is in either the PENDING or EXECUTING state. When you cancel a task, Amazon -// FSx does the following. +// is in either the PENDING or EXECUTING state. When you cancel am export task, +// Amazon FSx does the following. // // - Any files that FSx has already exported are not reverted. // -// - FSx continues to export any files that are "in-flight" when the cancel +// - FSx continues to export any files that are in-flight when the cancel // operation is received. // // - FSx does not export any files that have not yet been exported. // +// For a release task, Amazon FSx will stop releasing files upon cancellation. +// Any files that have already been released will remain in the released state. +// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -353,6 +356,100 @@ func (c *FSx) CopyBackupWithContext(ctx aws.Context, input *CopyBackupInput, opt return out, req.Send() } +const opCopySnapshotAndUpdateVolume = "CopySnapshotAndUpdateVolume" + +// CopySnapshotAndUpdateVolumeRequest generates a "aws/request.Request" representing the +// client's request for the CopySnapshotAndUpdateVolume operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See CopySnapshotAndUpdateVolume for more information on using the CopySnapshotAndUpdateVolume +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the CopySnapshotAndUpdateVolumeRequest method. +// req, resp := client.CopySnapshotAndUpdateVolumeRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/fsx-2018-03-01/CopySnapshotAndUpdateVolume +func (c *FSx) CopySnapshotAndUpdateVolumeRequest(input *CopySnapshotAndUpdateVolumeInput) (req *request.Request, output *CopySnapshotAndUpdateVolumeOutput) { + op := &request.Operation{ + Name: opCopySnapshotAndUpdateVolume, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &CopySnapshotAndUpdateVolumeInput{} + } + + output = &CopySnapshotAndUpdateVolumeOutput{} + req = c.newRequest(op, input, output) + return +} + +// CopySnapshotAndUpdateVolume API operation for Amazon FSx. +// +// Updates an existing volume by using a snapshot from another Amazon FSx for +// OpenZFS file system. For more information, see on-demand data replication +// (https://docs.aws.amazon.com/fsx/latest/OpenZFSGuide/on-demand-replication.html) +// in the Amazon FSx for OpenZFS User Guide. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon FSx's +// API operation CopySnapshotAndUpdateVolume for usage and error information. +// +// Returned Error Types: +// +// - BadRequest +// A generic error indicating a failure with a client request. +// +// - IncompatibleParameterError +// The error returned when a second request is received with the same client +// request token but different parameters settings. A client request token should +// always uniquely identify a single request. +// +// - InternalServerError +// A generic error indicating a server-side failure. +// +// - ServiceLimitExceeded +// An error indicating that a particular service limit was exceeded. You can +// increase some service limits by contacting Amazon Web Services Support. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/fsx-2018-03-01/CopySnapshotAndUpdateVolume +func (c *FSx) CopySnapshotAndUpdateVolume(input *CopySnapshotAndUpdateVolumeInput) (*CopySnapshotAndUpdateVolumeOutput, error) { + req, out := c.CopySnapshotAndUpdateVolumeRequest(input) + return out, req.Send() +} + +// CopySnapshotAndUpdateVolumeWithContext is the same as CopySnapshotAndUpdateVolume with the addition of +// the ability to pass a context and additional request options. +// +// See CopySnapshotAndUpdateVolume for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *FSx) CopySnapshotAndUpdateVolumeWithContext(ctx aws.Context, input *CopySnapshotAndUpdateVolumeInput, opts ...request.Option) (*CopySnapshotAndUpdateVolumeOutput, error) { + req, out := c.CopySnapshotAndUpdateVolumeRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opCreateBackup = "CreateBackup" // CreateBackupRequest generates a "aws/request.Request" representing the @@ -552,7 +649,8 @@ func (c *FSx) CreateDataRepositoryAssociationRequest(input *CreateDataRepository // repository association is a link between a directory on the file system and // an Amazon S3 bucket or prefix. You can have a maximum of 8 data repository // associations on a file system. Data repository associations are supported -// only for file systems with the Persistent_2 deployment type. +// on all FSx for Lustre 2.12 and 2.15 file systems, excluding scratch_1 deployment +// type. // // Each data repository association must have a unique Amazon FSx file system // directory and a unique S3 bucket or prefix associated with it. You can configure @@ -658,14 +756,22 @@ func (c *FSx) CreateDataRepositoryTaskRequest(input *CreateDataRepositoryTaskInp // CreateDataRepositoryTask API operation for Amazon FSx. // -// Creates an Amazon FSx for Lustre data repository task. You use data repository -// tasks to perform bulk operations between your Amazon FSx file system and -// its linked data repositories. An example of a data repository task is exporting -// any data and metadata changes, including POSIX metadata, to files, directories, -// and symbolic links (symlinks) from your FSx file system to a linked data -// repository. A CreateDataRepositoryTask operation will fail if a data repository -// is not linked to the FSx file system. To learn more about data repository -// tasks, see Data Repository Tasks (https://docs.aws.amazon.com/fsx/latest/LustreGuide/data-repository-tasks.html). +// Creates an Amazon FSx for Lustre data repository task. A CreateDataRepositoryTask +// operation will fail if a data repository is not linked to the FSx file system. +// +// You use import and export data repository tasks to perform bulk operations +// between your FSx for Lustre file system and its linked data repositories. +// An example of a data repository task is exporting any data and metadata changes, +// including POSIX metadata, to files, directories, and symbolic links (symlinks) +// from your FSx file system to a linked data repository. +// +// You use release data repository tasks to release data from your file system +// for files that are exported to S3. The metadata of released files remains +// on the file system so users or applications can still access released files +// by reading the files again, which will restore data from Amazon S3 to the +// FSx for Lustre file system. +// +// To learn more about data repository tasks, see Data Repository Tasks (https://docs.aws.amazon.com/fsx/latest/LustreGuide/data-repository-tasks.html). // To learn more about linking a data repository to your file system, see Linking // your file system to an S3 bucket (https://docs.aws.amazon.com/fsx/latest/LustreGuide/create-dra-linked-data-repo.html). // @@ -1705,8 +1811,9 @@ func (c *FSx) DeleteDataRepositoryAssociationRequest(input *DeleteDataRepository // Deleting the data repository association unlinks the file system from the // Amazon S3 bucket. When deleting a data repository association, you have the // option of deleting the data in the file system that corresponds to the data -// repository association. Data repository associations are supported only for -// file systems with the Persistent_2 deployment type. +// repository association. Data repository associations are supported on all +// FSx for Lustre 2.12 and 2.15 file systems, excluding scratch_1 deployment +// type. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -1917,6 +2024,21 @@ func (c *FSx) DeleteFileSystemRequest(input *DeleteFileSystemInput) (req *reques // a final backup is created upon deletion. This final backup isn't subject // to the file system's retention policy, and must be manually deleted. // +// To delete an Amazon FSx for Lustre file system, first unmount (https://docs.aws.amazon.com/fsx/latest/LustreGuide/unmounting-fs.html) +// it from every connected Amazon EC2 instance, then provide a FileSystemId +// value to the DeleFileSystem operation. By default, Amazon FSx will not take +// a final backup when the DeleteFileSystem operation is invoked. On file systems +// not linked to an Amazon S3 bucket, set SkipFinalBackup to false to take a +// final backup of the file system you are deleting. Backups cannot be enabled +// on S3-linked file systems. To ensure all of your data is written back to +// S3 before deleting your file system, you can either monitor for the AgeOfOldestQueuedMessage +// (https://docs.aws.amazon.com/fsx/latest/LustreGuide/monitoring-cloudwatch.html#auto-import-export-metrics) +// metric to be zero (if using automatic export) or you can run an export data +// repository task (https://docs.aws.amazon.com/fsx/latest/LustreGuide/export-data-repo-task-dra.html). +// If you have automatic export enabled and want to use an export data repository +// task, you have to disable automatic export before executing the export data +// repository task. +// // The DeleteFileSystem operation returns while the file system has the DELETING // status. You can check the file system deletion status by calling the DescribeFileSystems // (https://docs.aws.amazon.com/fsx/latest/APIReference/API_DescribeFileSystems.html) @@ -2230,6 +2352,10 @@ func (c *FSx) DeleteVolumeRequest(input *DeleteVolumeInput) (req *request.Reques // - VolumeNotFound // No Amazon FSx volumes were found based upon the supplied parameters. // +// - ServiceLimitExceeded +// An error indicating that a particular service limit was exceeded. You can +// increase some service limits by contacting Amazon Web Services Support. +// // See also, https://docs.aws.amazon.com/goto/WebAPI/fsx-2018-03-01/DeleteVolume func (c *FSx) DeleteVolume(input *DeleteVolumeInput) (*DeleteVolumeOutput, error) { req, out := c.DeleteVolumeRequest(input) @@ -2475,8 +2601,9 @@ func (c *FSx) DescribeDataRepositoryAssociationsRequest(input *DescribeDataRepos // Returns the description of specific Amazon FSx for Lustre or Amazon File // Cache data repository associations, if one or more AssociationIds values // are provided in the request, or if filters are used in the request. Data -// repository associations are supported only for Amazon FSx for Lustre file -// systems with the Persistent_2 deployment type and for Amazon File Cache resources. +// repository associations are supported on Amazon File Cache resources and +// all FSx for Lustre 2.12 and 2,15 file systems, excluding scratch_1 deployment +// type. // // You can use filters to narrow the response to include just data repository // associations for specific file systems (use the file-system-id filter with @@ -3224,6 +3351,91 @@ func (c *FSx) DescribeFileSystemsPagesWithContext(ctx aws.Context, input *Descri return p.Err() } +const opDescribeSharedVpcConfiguration = "DescribeSharedVpcConfiguration" + +// DescribeSharedVpcConfigurationRequest generates a "aws/request.Request" representing the +// client's request for the DescribeSharedVpcConfiguration operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DescribeSharedVpcConfiguration for more information on using the DescribeSharedVpcConfiguration +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the DescribeSharedVpcConfigurationRequest method. +// req, resp := client.DescribeSharedVpcConfigurationRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/fsx-2018-03-01/DescribeSharedVpcConfiguration +func (c *FSx) DescribeSharedVpcConfigurationRequest(input *DescribeSharedVpcConfigurationInput) (req *request.Request, output *DescribeSharedVpcConfigurationOutput) { + op := &request.Operation{ + Name: opDescribeSharedVpcConfiguration, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &DescribeSharedVpcConfigurationInput{} + } + + output = &DescribeSharedVpcConfigurationOutput{} + req = c.newRequest(op, input, output) + return +} + +// DescribeSharedVpcConfiguration API operation for Amazon FSx. +// +// Indicates whether participant accounts in your organization can create Amazon +// FSx for NetApp ONTAP Multi-AZ file systems in subnets that are shared by +// a virtual private cloud (VPC) owner. For more information, see Creating FSx +// for ONTAP file systems in shared subnets (https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/creating-file-systems.html#fsxn-vpc-shared-subnets). +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon FSx's +// API operation DescribeSharedVpcConfiguration for usage and error information. +// +// Returned Error Types: +// +// - BadRequest +// A generic error indicating a failure with a client request. +// +// - InternalServerError +// A generic error indicating a server-side failure. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/fsx-2018-03-01/DescribeSharedVpcConfiguration +func (c *FSx) DescribeSharedVpcConfiguration(input *DescribeSharedVpcConfigurationInput) (*DescribeSharedVpcConfigurationOutput, error) { + req, out := c.DescribeSharedVpcConfigurationRequest(input) + return out, req.Send() +} + +// DescribeSharedVpcConfigurationWithContext is the same as DescribeSharedVpcConfiguration with the addition of +// the ability to pass a context and additional request options. +// +// See DescribeSharedVpcConfiguration for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *FSx) DescribeSharedVpcConfigurationWithContext(ctx aws.Context, input *DescribeSharedVpcConfigurationInput, opts ...request.Option) (*DescribeSharedVpcConfigurationOutput, error) { + req, out := c.DescribeSharedVpcConfigurationRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opDescribeSnapshots = "DescribeSnapshots" // DescribeSnapshotsRequest generates a "aws/request.Request" representing the @@ -3721,8 +3933,8 @@ func (c *FSx) DisassociateFileSystemAliasesRequest(input *DisassociateFileSystem // Use this action to disassociate, or remove, one or more Domain Name Service // (DNS) aliases from an Amazon FSx for Windows File Server file system. If // you attempt to disassociate a DNS alias that is not associated with the file -// system, Amazon FSx responds with a 400 Bad Request. For more information, -// see Working with DNS Aliases (https://docs.aws.amazon.com/fsx/latest/WindowsGuide/managing-dns-aliases.html). +// system, Amazon FSx responds with an HTTP status code 400 (Bad Request). For +// more information, see Working with DNS Aliases (https://docs.aws.amazon.com/fsx/latest/WindowsGuide/managing-dns-aliases.html). // // The system generated response showing the DNS aliases that Amazon FSx is // attempting to disassociate from the file system. Use the API operation to @@ -4118,6 +4330,93 @@ func (c *FSx) RestoreVolumeFromSnapshotWithContext(ctx aws.Context, input *Resto return out, req.Send() } +const opStartMisconfiguredStateRecovery = "StartMisconfiguredStateRecovery" + +// StartMisconfiguredStateRecoveryRequest generates a "aws/request.Request" representing the +// client's request for the StartMisconfiguredStateRecovery operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See StartMisconfiguredStateRecovery for more information on using the StartMisconfiguredStateRecovery +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the StartMisconfiguredStateRecoveryRequest method. +// req, resp := client.StartMisconfiguredStateRecoveryRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/fsx-2018-03-01/StartMisconfiguredStateRecovery +func (c *FSx) StartMisconfiguredStateRecoveryRequest(input *StartMisconfiguredStateRecoveryInput) (req *request.Request, output *StartMisconfiguredStateRecoveryOutput) { + op := &request.Operation{ + Name: opStartMisconfiguredStateRecovery, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &StartMisconfiguredStateRecoveryInput{} + } + + output = &StartMisconfiguredStateRecoveryOutput{} + req = c.newRequest(op, input, output) + return +} + +// StartMisconfiguredStateRecovery API operation for Amazon FSx. +// +// After performing steps to repair the Active Directory configuration of an +// FSx for Windows File Server file system, use this action to initiate the +// process of Amazon FSx attempting to reconnect to the file system. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon FSx's +// API operation StartMisconfiguredStateRecovery for usage and error information. +// +// Returned Error Types: +// +// - BadRequest +// A generic error indicating a failure with a client request. +// +// - FileSystemNotFound +// No Amazon FSx file systems were found based upon supplied parameters. +// +// - InternalServerError +// A generic error indicating a server-side failure. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/fsx-2018-03-01/StartMisconfiguredStateRecovery +func (c *FSx) StartMisconfiguredStateRecovery(input *StartMisconfiguredStateRecoveryInput) (*StartMisconfiguredStateRecoveryOutput, error) { + req, out := c.StartMisconfiguredStateRecoveryRequest(input) + return out, req.Send() +} + +// StartMisconfiguredStateRecoveryWithContext is the same as StartMisconfiguredStateRecovery with the addition of +// the ability to pass a context and additional request options. +// +// See StartMisconfiguredStateRecovery for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *FSx) StartMisconfiguredStateRecoveryWithContext(ctx aws.Context, input *StartMisconfiguredStateRecoveryInput, opts ...request.Option) (*StartMisconfiguredStateRecoveryOutput, error) { + req, out := c.StartMisconfiguredStateRecoveryRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opTagResource = "TagResource" // TagResourceRequest generates a "aws/request.Request" representing the @@ -4349,7 +4648,8 @@ func (c *FSx) UpdateDataRepositoryAssociationRequest(input *UpdateDataRepository // // Updates the configuration of an existing data repository association on an // Amazon FSx for Lustre file system. Data repository associations are supported -// only for file systems with the Persistent_2 deployment type. +// on all FSx for Lustre 2.12 and 2.15 file systems, excluding scratch_1 deployment +// type. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -4547,7 +4847,7 @@ func (c *FSx) UpdateFileSystemRequest(input *UpdateFileSystemInput) (req *reques // Use this operation to update the configuration of an existing Amazon FSx // file system. You can update multiple properties in a single request. // -// For Amazon FSx for Windows File Server file systems, you can update the following +// For FSx for Windows File Server file systems, you can update the following // properties: // // - AuditLogConfiguration @@ -4560,11 +4860,15 @@ func (c *FSx) UpdateFileSystemRequest(input *UpdateFileSystemInput) (req *reques // // - StorageCapacity // +// - StorageType +// // - ThroughputCapacity // +// - DiskIopsConfiguration +// // - WeeklyMaintenanceStartTime // -// For Amazon FSx for Lustre file systems, you can update the following properties: +// For FSx for Lustre file systems, you can update the following properties: // // - AutoImportPolicy // @@ -4574,14 +4878,19 @@ func (c *FSx) UpdateFileSystemRequest(input *UpdateFileSystemInput) (req *reques // // - DataCompressionType // +// - LogConfiguration +// // - LustreRootSquashConfiguration // +// - PerUnitStorageThroughput +// // - StorageCapacity // // - WeeklyMaintenanceStartTime // -// For Amazon FSx for NetApp ONTAP file systems, you can update the following -// properties: +// For FSx for ONTAP file systems, you can update the following properties: +// +// - AddRouteTableIds // // - AutomaticBackupRetentionDays // @@ -4591,14 +4900,21 @@ func (c *FSx) UpdateFileSystemRequest(input *UpdateFileSystemInput) (req *reques // // - FsxAdminPassword // +// - HAPairs +// +// - RemoveRouteTableIds +// // - StorageCapacity // // - ThroughputCapacity // +// - ThroughputCapacityPerHAPair +// // - WeeklyMaintenanceStartTime // -// For the Amazon FSx for OpenZFS file systems, you can update the following -// properties: +// For FSx for OpenZFS file systems, you can update the following properties: +// +// - AddRouteTableIds // // - AutomaticBackupRetentionDays // @@ -4608,6 +4924,12 @@ func (c *FSx) UpdateFileSystemRequest(input *UpdateFileSystemInput) (req *reques // // - DailyAutomaticBackupStartTime // +// - DiskIopsConfiguration +// +// - RemoveRouteTableIds +// +// - StorageCapacity +// // - ThroughputCapacity // // - WeeklyMaintenanceStartTime @@ -4670,95 +4992,191 @@ func (c *FSx) UpdateFileSystemWithContext(ctx aws.Context, input *UpdateFileSyst return out, req.Send() } -const opUpdateSnapshot = "UpdateSnapshot" +const opUpdateSharedVpcConfiguration = "UpdateSharedVpcConfiguration" -// UpdateSnapshotRequest generates a "aws/request.Request" representing the -// client's request for the UpdateSnapshot operation. The "output" return +// UpdateSharedVpcConfigurationRequest generates a "aws/request.Request" representing the +// client's request for the UpdateSharedVpcConfiguration operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // // Use "Send" method on the returned Request to send the API call to the service. // the "output" return value is not valid until after Send returns without error. // -// See UpdateSnapshot for more information on using the UpdateSnapshot +// See UpdateSharedVpcConfiguration for more information on using the UpdateSharedVpcConfiguration // API call, and error handling. // // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // -// // Example sending a request using the UpdateSnapshotRequest method. -// req, resp := client.UpdateSnapshotRequest(params) +// // Example sending a request using the UpdateSharedVpcConfigurationRequest method. +// req, resp := client.UpdateSharedVpcConfigurationRequest(params) // // err := req.Send() // if err == nil { // resp is now filled // fmt.Println(resp) // } // -// See also, https://docs.aws.amazon.com/goto/WebAPI/fsx-2018-03-01/UpdateSnapshot -func (c *FSx) UpdateSnapshotRequest(input *UpdateSnapshotInput) (req *request.Request, output *UpdateSnapshotOutput) { +// See also, https://docs.aws.amazon.com/goto/WebAPI/fsx-2018-03-01/UpdateSharedVpcConfiguration +func (c *FSx) UpdateSharedVpcConfigurationRequest(input *UpdateSharedVpcConfigurationInput) (req *request.Request, output *UpdateSharedVpcConfigurationOutput) { op := &request.Operation{ - Name: opUpdateSnapshot, + Name: opUpdateSharedVpcConfiguration, HTTPMethod: "POST", HTTPPath: "/", } if input == nil { - input = &UpdateSnapshotInput{} + input = &UpdateSharedVpcConfigurationInput{} } - output = &UpdateSnapshotOutput{} + output = &UpdateSharedVpcConfigurationOutput{} req = c.newRequest(op, input, output) return } -// UpdateSnapshot API operation for Amazon FSx. +// UpdateSharedVpcConfiguration API operation for Amazon FSx. // -// Updates the name of an Amazon FSx for OpenZFS snapshot. +// Configures whether participant accounts in your organization can create Amazon +// FSx for NetApp ONTAP Multi-AZ file systems in subnets that are shared by +// a virtual private cloud (VPC) owner. For more information, see the Amazon +// FSx for NetApp ONTAP User Guide (https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/maz-shared-vpc.html). +// +// We strongly recommend that participant-created Multi-AZ file systems in the +// shared VPC are deleted before you disable this feature. Once the feature +// is disabled, these file systems will enter a MISCONFIGURED state and behave +// like Single-AZ file systems. For more information, see Important considerations +// before disabling shared VPC support for Multi-AZ file systems (https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/maz-shared-vpc.html#disabling-maz-vpc-sharing). // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. // // See the AWS API reference guide for Amazon FSx's -// API operation UpdateSnapshot for usage and error information. +// API operation UpdateSharedVpcConfiguration for usage and error information. // // Returned Error Types: // // - BadRequest // A generic error indicating a failure with a client request. // -// - SnapshotNotFound -// No Amazon FSx snapshots were found based on the supplied parameters. +// - IncompatibleParameterError +// The error returned when a second request is received with the same client +// request token but different parameters settings. A client request token should +// always uniquely identify a single request. // // - InternalServerError // A generic error indicating a server-side failure. // -// See also, https://docs.aws.amazon.com/goto/WebAPI/fsx-2018-03-01/UpdateSnapshot -func (c *FSx) UpdateSnapshot(input *UpdateSnapshotInput) (*UpdateSnapshotOutput, error) { - req, out := c.UpdateSnapshotRequest(input) +// See also, https://docs.aws.amazon.com/goto/WebAPI/fsx-2018-03-01/UpdateSharedVpcConfiguration +func (c *FSx) UpdateSharedVpcConfiguration(input *UpdateSharedVpcConfigurationInput) (*UpdateSharedVpcConfigurationOutput, error) { + req, out := c.UpdateSharedVpcConfigurationRequest(input) return out, req.Send() } -// UpdateSnapshotWithContext is the same as UpdateSnapshot with the addition of +// UpdateSharedVpcConfigurationWithContext is the same as UpdateSharedVpcConfiguration with the addition of // the ability to pass a context and additional request options. // -// See UpdateSnapshot for details on how to use this API operation. +// See UpdateSharedVpcConfiguration for details on how to use this API operation. // // The context must be non-nil and will be used for request cancellation. If // the context is nil a panic will occur. In the future the SDK may create // sub-contexts for http.Requests. See https://golang.org/pkg/context/ // for more information on using Contexts. -func (c *FSx) UpdateSnapshotWithContext(ctx aws.Context, input *UpdateSnapshotInput, opts ...request.Option) (*UpdateSnapshotOutput, error) { - req, out := c.UpdateSnapshotRequest(input) +func (c *FSx) UpdateSharedVpcConfigurationWithContext(ctx aws.Context, input *UpdateSharedVpcConfigurationInput, opts ...request.Option) (*UpdateSharedVpcConfigurationOutput, error) { + req, out := c.UpdateSharedVpcConfigurationRequest(input) req.SetContext(ctx) req.ApplyOptions(opts...) return out, req.Send() } -const opUpdateStorageVirtualMachine = "UpdateStorageVirtualMachine" +const opUpdateSnapshot = "UpdateSnapshot" -// UpdateStorageVirtualMachineRequest generates a "aws/request.Request" representing the -// client's request for the UpdateStorageVirtualMachine operation. The "output" return +// UpdateSnapshotRequest generates a "aws/request.Request" representing the +// client's request for the UpdateSnapshot operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See UpdateSnapshot for more information on using the UpdateSnapshot +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the UpdateSnapshotRequest method. +// req, resp := client.UpdateSnapshotRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/fsx-2018-03-01/UpdateSnapshot +func (c *FSx) UpdateSnapshotRequest(input *UpdateSnapshotInput) (req *request.Request, output *UpdateSnapshotOutput) { + op := &request.Operation{ + Name: opUpdateSnapshot, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &UpdateSnapshotInput{} + } + + output = &UpdateSnapshotOutput{} + req = c.newRequest(op, input, output) + return +} + +// UpdateSnapshot API operation for Amazon FSx. +// +// Updates the name of an Amazon FSx for OpenZFS snapshot. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon FSx's +// API operation UpdateSnapshot for usage and error information. +// +// Returned Error Types: +// +// - BadRequest +// A generic error indicating a failure with a client request. +// +// - SnapshotNotFound +// No Amazon FSx snapshots were found based on the supplied parameters. +// +// - InternalServerError +// A generic error indicating a server-side failure. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/fsx-2018-03-01/UpdateSnapshot +func (c *FSx) UpdateSnapshot(input *UpdateSnapshotInput) (*UpdateSnapshotOutput, error) { + req, out := c.UpdateSnapshotRequest(input) + return out, req.Send() +} + +// UpdateSnapshotWithContext is the same as UpdateSnapshot with the addition of +// the ability to pass a context and additional request options. +// +// See UpdateSnapshot for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *FSx) UpdateSnapshotWithContext(ctx aws.Context, input *UpdateSnapshotInput, opts ...request.Option) (*UpdateSnapshotOutput, error) { + req, out := c.UpdateSnapshotRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opUpdateStorageVirtualMachine = "UpdateStorageVirtualMachine" + +// UpdateStorageVirtualMachineRequest generates a "aws/request.Request" representing the +// client's request for the UpdateStorageVirtualMachine operation. The "output" return // value will be populated with the request's response once the request completes // successfully. // @@ -4798,7 +5216,7 @@ func (c *FSx) UpdateStorageVirtualMachineRequest(input *UpdateStorageVirtualMach // UpdateStorageVirtualMachine API operation for Amazon FSx. // -// Updates an Amazon FSx for ONTAP storage virtual machine (SVM). +// Updates an FSx for ONTAP storage virtual machine (SVM). // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -5072,7 +5490,7 @@ func (s *ActiveDirectoryError) RequestID() string { } // Describes a specific Amazon FSx administrative action for the current Windows, -// Lustre, or OpenZFS file system. +// Lustre, OpenZFS, or ONTAP file system or volume. type AdministrativeAction struct { _ struct{} `type:"structure"` @@ -5081,6 +5499,15 @@ type AdministrativeAction struct { // * FILE_SYSTEM_UPDATE - A file system update administrative action initiated // from the Amazon FSx console, API (UpdateFileSystem), or CLI (update-file-system). // + // * THROUGHPUT_OPTIMIZATION - After the FILE_SYSTEM_UPDATE task to increase + // a file system's throughput capacity has been completed successfully, a + // THROUGHPUT_OPTIMIZATION task starts. You can track the storage-optimization + // progress using the ProgressPercent property. When THROUGHPUT_OPTIMIZATION + // has been completed successfully, the parent FILE_SYSTEM_UPDATE action + // status changes to COMPLETED. For more information, see Managing throughput + // capacity (https://docs.aws.amazon.com/fsx/latest/WindowsGuide/managing-throughput-capacity.html) + // in the Amazon FSx for Windows File Server User Guide. + // // * STORAGE_OPTIMIZATION - After the FILE_SYSTEM_UPDATE task to increase // a file system's storage capacity has been completed successfully, a STORAGE_OPTIMIZATION // task starts. For Windows and ONTAP, storage optimization is the process @@ -5091,7 +5518,7 @@ type AdministrativeAction struct { // completed successfully, the parent FILE_SYSTEM_UPDATE action status changes // to COMPLETED. For more information, see Managing storage capacity (https://docs.aws.amazon.com/fsx/latest/WindowsGuide/managing-storage-capacity.html) // in the Amazon FSx for Windows File Server User Guide, Managing storage - // and throughput capacity (https://docs.aws.amazon.com/fsx/latest/LustreGuide/managing-storage-capacity.html) + // capacity (https://docs.aws.amazon.com/fsx/latest/LustreGuide/managing-storage-capacity.html) // in the Amazon FSx for Lustre User Guide, and Managing storage capacity // and provisioned IOPS (https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/managing-storage-capacity.html) // in the Amazon FSx for NetApp ONTAP User Guide. @@ -5104,9 +5531,23 @@ type AdministrativeAction struct { // a DNS alias from the file system. For more information, see DisassociateFileSystemAliases // (https://docs.aws.amazon.com/fsx/latest/APIReference/API_DisassociateFileSystemAliases.html). // - // * VOLUME_UPDATE - A volume update to an Amazon FSx for NetApp ONTAP or - // Amazon FSx for OpenZFS volume initiated from the Amazon FSx console, API - // (UpdateVolume), or CLI (update-volume). + // * IOPS_OPTIMIZATION - After the FILE_SYSTEM_UPDATE task to increase a + // file system's throughput capacity has been completed successfully, a IOPS_OPTIMIZATION + // task starts. You can track the storage-optimization progress using the + // ProgressPercent property. When IOPS_OPTIMIZATION has been completed successfully, + // the parent FILE_SYSTEM_UPDATE action status changes to COMPLETED. For + // more information, see Managing provisioned SSD IOPS (https://docs.aws.amazon.com/fsx/latest/WindowsGuide/managing-provisioned-ssd-iops.html) + // in the Amazon FSx for Windows File Server User Guide. + // + // * STORAGE_TYPE_OPTIMIZATION - After the FILE_SYSTEM_UPDATE task to increase + // a file system's throughput capacity has been completed successfully, a + // STORAGE_TYPE_OPTIMIZATION task starts. You can track the storage-optimization + // progress using the ProgressPercent property. When STORAGE_TYPE_OPTIMIZATION + // has been completed successfully, the parent FILE_SYSTEM_UPDATE action + // status changes to COMPLETED. + // + // * VOLUME_UPDATE - A volume update to an Amazon FSx for OpenZFS volume + // initiated from the Amazon FSx console, API (UpdateVolume), or CLI (update-volume). // // * VOLUME_RESTORE - An Amazon FSx for OpenZFS volume is returned to the // state saved by the specified snapshot, initiated from an API (RestoreVolumeFromSnapshot) @@ -5117,6 +5558,15 @@ type AdministrativeAction struct { // // * RELEASE_NFS_V3_LOCKS - Tracks the release of Network File System (NFS) // V3 locks on an Amazon FSx for OpenZFS file system. + // + // * VOLUME_INITIALIZE_WITH_SNAPSHOT - A volume is being created from a snapshot + // on a different FSx for OpenZFS file system. You can initiate this from + // the Amazon FSx console, API (CreateVolume), or CLI (create-volume) when + // using the using the FULL_COPY strategy. + // + // * VOLUME_UPDATE_WITH_SNAPSHOT - A volume is being updated from a snapshot + // on a different FSx for OpenZFS file system. You can initiate this from + // the Amazon FSx console, API (CopySnapshotAndUpdateVolume), or CLI (copy-snapshot-and-update-volume). AdministrativeActionType *string `type:"string" enum:"AdministrativeActionType"` // Provides information about a failed administrative action. @@ -5126,10 +5576,14 @@ type AdministrativeAction struct { // Does not apply to any other administrative action type. ProgressPercent *int64 `type:"integer"` + // The remaining bytes to transfer for the FSx for OpenZFS snapshot that you're + // copying. + RemainingTransferBytes *int64 `type:"long"` + // The time that the administrative action request was received. RequestTime *time.Time `type:"timestamp"` - // Describes the status of the administrative action, as follows: + // The status of the administrative action, as follows: // // * FAILED - Amazon FSx failed to process the administrative action successfully. // @@ -5144,16 +5598,19 @@ type AdministrativeAction struct { // now performing the storage-optimization process. Status *string `type:"string" enum:"Status"` - // Describes the target value for the administration action, provided in the - // UpdateFileSystem operation. Returned for FILE_SYSTEM_UPDATE administrative - // actions. + // The target value for the administration action, provided in the UpdateFileSystem + // operation. Returned for FILE_SYSTEM_UPDATE administrative actions. TargetFileSystemValues *FileSystem `type:"structure"` // A snapshot of an Amazon FSx for OpenZFS volume. TargetSnapshotValues *Snapshot `type:"structure"` - // Describes an Amazon FSx for NetApp ONTAP or Amazon FSx for OpenZFS volume. + // Describes an Amazon FSx volume. TargetVolumeValues *Volume `type:"structure"` + + // The number of bytes that have transferred for the FSx for OpenZFS snapshot + // that you're copying. + TotalTransferBytes *int64 `type:"long"` } // String returns the string representation. @@ -5192,6 +5649,12 @@ func (s *AdministrativeAction) SetProgressPercent(v int64) *AdministrativeAction return s } +// SetRemainingTransferBytes sets the RemainingTransferBytes field's value. +func (s *AdministrativeAction) SetRemainingTransferBytes(v int64) *AdministrativeAction { + s.RemainingTransferBytes = &v + return s +} + // SetRequestTime sets the RequestTime field's value. func (s *AdministrativeAction) SetRequestTime(v time.Time) *AdministrativeAction { s.RequestTime = &v @@ -5222,6 +5685,12 @@ func (s *AdministrativeAction) SetTargetVolumeValues(v *Volume) *AdministrativeA return s } +// SetTotalTransferBytes sets the TotalTransferBytes field's value. +func (s *AdministrativeAction) SetTotalTransferBytes(v int64) *AdministrativeAction { + s.TotalTransferBytes = &v + return s +} + // Provides information about a failed administrative action. type AdministrativeActionFailureDetails struct { _ struct{} `type:"structure"` @@ -5254,6 +5723,64 @@ func (s *AdministrativeActionFailureDetails) SetMessage(v string) *Administrativ return s } +// Used to specify configuration options for a volume’s storage aggregate +// or aggregates. +type AggregateConfiguration struct { + _ struct{} `type:"structure"` + + // The list of aggregates that this volume resides on. Aggregates are storage + // pools which make up your primary storage tier. Each high-availability (HA) + // pair has one aggregate. The names of the aggregates map to the names of the + // aggregates in the ONTAP CLI and REST API. For FlexVols, there will always + // be a single entry. + // + // Amazon FSx responds with an HTTP status code 400 (Bad Request) for the following + // conditions: + // + // * The strings in the value of Aggregates are not are not formatted as + // aggrX, where X is a number between 1 and 6. + // + // * The value of Aggregates contains aggregates that are not present. + // + // * One or more of the aggregates supplied are too close to the volume limit + // to support adding more volumes. + Aggregates []*string `type:"list"` + + // The total number of constituents this FlexGroup volume has. Not applicable + // for FlexVols. + TotalConstituents *int64 `min:"1" type:"integer"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s AggregateConfiguration) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s AggregateConfiguration) GoString() string { + return s.String() +} + +// SetAggregates sets the Aggregates field's value. +func (s *AggregateConfiguration) SetAggregates(v []*string) *AggregateConfiguration { + s.Aggregates = v + return s +} + +// SetTotalConstituents sets the TotalConstituents field's value. +func (s *AggregateConfiguration) SetTotalConstituents(v int64) *AggregateConfiguration { + s.TotalConstituents = &v + return s +} + // A DNS alias that is associated with the file system. You can use a DNS alias // to access a file system using user-defined DNS names, in addition to the // default DNS name that Amazon FSx assigns to the file system. For more information, @@ -5352,7 +5879,7 @@ type AssociateFileSystemAliasesInput struct { Aliases []*string `type:"list" required:"true"` // (Optional) An idempotency token for resource creation, in a string of up - // to 64 ASCII characters. This token is automatically filled on your behalf + // to 63 ASCII characters. This token is automatically filled on your behalf // when you use the Command Line Interface (CLI) or an Amazon Web Services SDK. ClientRequestToken *string `min:"1" type:"string" idempotencyToken:"true"` @@ -5464,8 +5991,8 @@ func (s *AssociateFileSystemAliasesOutput) SetAliases(v []*Alias) *AssociateFile // Amazon FSx for Lustre automatically exports the defined changes asynchronously // once your application finishes modifying the file. // -// This AutoExportPolicy is supported only for Amazon FSx for Lustre file systems -// with the Persistent_2 deployment type. +// The AutoExportPolicy is only supported on Amazon FSx for Lustre file systems +// with a data repository association. type AutoExportPolicy struct { _ struct{} `type:"structure"` @@ -5513,8 +6040,8 @@ func (s *AutoExportPolicy) SetEvents(v []*string) *AutoExportPolicy { // listings up to date by importing changes to your Amazon FSx for Lustre file // system as you modify objects in a linked S3 bucket. // -// The AutoImportPolicy is supported only for Amazon FSx for Lustre file systems -// with the Persistent_2 deployment type. +// The AutoImportPolicy is only supported on Amazon FSx for Lustre file systems +// with a data repository association. type AutoImportPolicy struct { _ struct{} `type:"structure"` @@ -5557,6 +6084,82 @@ func (s *AutoImportPolicy) SetEvents(v []*string) *AutoImportPolicy { return s } +// Sets the autocommit period of files in an FSx for ONTAP SnapLock volume, +// which determines how long the files must remain unmodified before they're +// automatically transitioned to the write once, read many (WORM) state. +// +// For more information, see Autocommit (https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/worm-state.html#worm-state-autocommit). +type AutocommitPeriod struct { + _ struct{} `type:"structure"` + + // Defines the type of time for the autocommit period of a file in an FSx for + // ONTAP SnapLock volume. Setting this value to NONE disables autocommit. The + // default value is NONE. + // + // Type is a required field + Type *string `type:"string" required:"true" enum:"AutocommitPeriodType"` + + // Defines the amount of time for the autocommit period of a file in an FSx + // for ONTAP SnapLock volume. The following ranges are valid: + // + // * Minutes: 5 - 65,535 + // + // * Hours: 1 - 65,535 + // + // * Days: 1 - 3,650 + // + // * Months: 1 - 120 + // + // * Years: 1 - 10 + Value *int64 `min:"1" type:"integer"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s AutocommitPeriod) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s AutocommitPeriod) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *AutocommitPeriod) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "AutocommitPeriod"} + if s.Type == nil { + invalidParams.Add(request.NewErrParamRequired("Type")) + } + if s.Value != nil && *s.Value < 1 { + invalidParams.Add(request.NewErrParamMinValue("Value", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetType sets the Type field's value. +func (s *AutocommitPeriod) SetType(v string) *AutocommitPeriod { + s.Type = &v + return s +} + +// SetValue sets the Value field's value. +func (s *AutocommitPeriod) SetValue(v int64) *AutocommitPeriod { + s.Value = &v + return s +} + // A backup of an Amazon FSx for Windows File Server, Amazon FSx for Lustre // file system, Amazon FSx for NetApp ONTAP volume, or Amazon FSx for OpenZFS // file system. @@ -5615,7 +6218,7 @@ type Backup struct { // use to construct Amazon Resource Names (ARNs) for resources. OwnerId *string `min:"12" type:"string"` - // The current percent of progress of an asynchronous task. + // Displays the current percent of progress of an asynchronous task. ProgressPercent *int64 `type:"integer"` // The Amazon Resource Name (ARN) for the backup resource. @@ -5639,7 +6242,7 @@ type Backup struct { // Type is a required field Type *string `type:"string" required:"true" enum:"BackupType"` - // Describes an Amazon FSx for NetApp ONTAP or Amazon FSx for OpenZFS volume. + // Describes an Amazon FSx volume. Volume *Volume `type:"structure"` } @@ -6253,8 +6856,7 @@ type CompletionReport struct { // Path you provide must be located within the file system’s ExportPath. An // example Path value is "s3://myBucket/myExportPath/optionalPrefix". The report // provides the following information for each file in the report: FilePath, - // FileStatus, and ErrorCode. To learn more about a file system's ExportPath, - // see . + // FileStatus, and ErrorCode. Path *string `min:"3" type:"string"` // Required if Enabled is set to true. Specifies the scope of the CompletionReport; @@ -6326,7 +6928,7 @@ type CopyBackupInput struct { _ struct{} `type:"structure"` // (Optional) An idempotency token for resource creation, in a string of up - // to 64 ASCII characters. This token is automatically filled on your behalf + // to 63 ASCII characters. This token is automatically filled on your behalf // when you use the Command Line Interface (CLI) or an Amazon Web Services SDK. ClientRequestToken *string `min:"1" type:"string" idempotencyToken:"true"` @@ -6495,9 +7097,243 @@ func (s CopyBackupOutput) GoString() string { return s.String() } -// SetBackup sets the Backup field's value. -func (s *CopyBackupOutput) SetBackup(v *Backup) *CopyBackupOutput { - s.Backup = v +// SetBackup sets the Backup field's value. +func (s *CopyBackupOutput) SetBackup(v *Backup) *CopyBackupOutput { + s.Backup = v + return s +} + +type CopySnapshotAndUpdateVolumeInput struct { + _ struct{} `type:"structure"` + + // (Optional) An idempotency token for resource creation, in a string of up + // to 63 ASCII characters. This token is automatically filled on your behalf + // when you use the Command Line Interface (CLI) or an Amazon Web Services SDK. + ClientRequestToken *string `min:"1" type:"string" idempotencyToken:"true"` + + // Specifies the strategy to use when copying data from a snapshot to the volume. + // + // * FULL_COPY - Copies all data from the snapshot to the volume. + // + // * INCREMENTAL_COPY - Copies only the snapshot data that's changed since + // the previous replication. + // + // CLONE isn't a valid copy strategy option for the CopySnapshotAndUpdateVolume + // operation. + CopyStrategy *string `type:"string" enum:"OpenZFSCopyStrategy"` + + // Confirms that you want to delete data on the destination volume that wasn’t + // there during the previous snapshot replication. + // + // Your replication will fail if you don’t include an option for a specific + // type of data and that data is on your destination. For example, if you don’t + // include DELETE_INTERMEDIATE_SNAPSHOTS and there are intermediate snapshots + // on the destination, you can’t copy the snapshot. + // + // * DELETE_INTERMEDIATE_SNAPSHOTS - Deletes snapshots on the destination + // volume that aren’t on the source volume. + // + // * DELETE_CLONED_VOLUMES - Deletes snapshot clones on the destination volume + // that aren't on the source volume. + // + // * DELETE_INTERMEDIATE_DATA - Overwrites snapshots on the destination volume + // that don’t match the source snapshot that you’re copying. + Options []*string `type:"list" enum:"UpdateOpenZFSVolumeOption"` + + // The Amazon Resource Name (ARN) for a given resource. ARNs uniquely identify + // Amazon Web Services resources. We require an ARN when you need to specify + // a resource unambiguously across all of Amazon Web Services. For more information, + // see Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) + // in the Amazon Web Services General Reference. + // + // SourceSnapshotARN is a required field + SourceSnapshotARN *string `min:"8" type:"string" required:"true"` + + // Specifies the ID of the volume that you are copying the snapshot to. + // + // VolumeId is a required field + VolumeId *string `min:"23" type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CopySnapshotAndUpdateVolumeInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CopySnapshotAndUpdateVolumeInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *CopySnapshotAndUpdateVolumeInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "CopySnapshotAndUpdateVolumeInput"} + if s.ClientRequestToken != nil && len(*s.ClientRequestToken) < 1 { + invalidParams.Add(request.NewErrParamMinLen("ClientRequestToken", 1)) + } + if s.SourceSnapshotARN == nil { + invalidParams.Add(request.NewErrParamRequired("SourceSnapshotARN")) + } + if s.SourceSnapshotARN != nil && len(*s.SourceSnapshotARN) < 8 { + invalidParams.Add(request.NewErrParamMinLen("SourceSnapshotARN", 8)) + } + if s.VolumeId == nil { + invalidParams.Add(request.NewErrParamRequired("VolumeId")) + } + if s.VolumeId != nil && len(*s.VolumeId) < 23 { + invalidParams.Add(request.NewErrParamMinLen("VolumeId", 23)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetClientRequestToken sets the ClientRequestToken field's value. +func (s *CopySnapshotAndUpdateVolumeInput) SetClientRequestToken(v string) *CopySnapshotAndUpdateVolumeInput { + s.ClientRequestToken = &v + return s +} + +// SetCopyStrategy sets the CopyStrategy field's value. +func (s *CopySnapshotAndUpdateVolumeInput) SetCopyStrategy(v string) *CopySnapshotAndUpdateVolumeInput { + s.CopyStrategy = &v + return s +} + +// SetOptions sets the Options field's value. +func (s *CopySnapshotAndUpdateVolumeInput) SetOptions(v []*string) *CopySnapshotAndUpdateVolumeInput { + s.Options = v + return s +} + +// SetSourceSnapshotARN sets the SourceSnapshotARN field's value. +func (s *CopySnapshotAndUpdateVolumeInput) SetSourceSnapshotARN(v string) *CopySnapshotAndUpdateVolumeInput { + s.SourceSnapshotARN = &v + return s +} + +// SetVolumeId sets the VolumeId field's value. +func (s *CopySnapshotAndUpdateVolumeInput) SetVolumeId(v string) *CopySnapshotAndUpdateVolumeInput { + s.VolumeId = &v + return s +} + +type CopySnapshotAndUpdateVolumeOutput struct { + _ struct{} `type:"structure"` + + // A list of administrative actions for the file system that are in process + // or waiting to be processed. Administrative actions describe changes to the + // Amazon FSx system. + AdministrativeActions []*AdministrativeAction `type:"list"` + + // The lifecycle state of the destination volume. + Lifecycle *string `type:"string" enum:"VolumeLifecycle"` + + // The ID of the volume that you copied the snapshot to. + VolumeId *string `min:"23" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CopySnapshotAndUpdateVolumeOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CopySnapshotAndUpdateVolumeOutput) GoString() string { + return s.String() +} + +// SetAdministrativeActions sets the AdministrativeActions field's value. +func (s *CopySnapshotAndUpdateVolumeOutput) SetAdministrativeActions(v []*AdministrativeAction) *CopySnapshotAndUpdateVolumeOutput { + s.AdministrativeActions = v + return s +} + +// SetLifecycle sets the Lifecycle field's value. +func (s *CopySnapshotAndUpdateVolumeOutput) SetLifecycle(v string) *CopySnapshotAndUpdateVolumeOutput { + s.Lifecycle = &v + return s +} + +// SetVolumeId sets the VolumeId field's value. +func (s *CopySnapshotAndUpdateVolumeOutput) SetVolumeId(v string) *CopySnapshotAndUpdateVolumeOutput { + s.VolumeId = &v + return s +} + +// Used to specify the configuration options for an FSx for ONTAP volume's storage +// aggregate or aggregates. +type CreateAggregateConfiguration struct { + _ struct{} `type:"structure"` + + // Used to specify the names of aggregates on which the volume will be created. + Aggregates []*string `type:"list"` + + // Used to explicitly set the number of constituents within the FlexGroup per + // storage aggregate. This field is optional when creating a FlexGroup volume. + // If unspecified, the default value will be 8. This field cannot be provided + // when creating a FlexVol volume. + ConstituentsPerAggregate *int64 `min:"1" type:"integer"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CreateAggregateConfiguration) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CreateAggregateConfiguration) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *CreateAggregateConfiguration) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "CreateAggregateConfiguration"} + if s.ConstituentsPerAggregate != nil && *s.ConstituentsPerAggregate < 1 { + invalidParams.Add(request.NewErrParamMinValue("ConstituentsPerAggregate", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetAggregates sets the Aggregates field's value. +func (s *CreateAggregateConfiguration) SetAggregates(v []*string) *CreateAggregateConfiguration { + s.Aggregates = v + return s +} + +// SetConstituentsPerAggregate sets the ConstituentsPerAggregate field's value. +func (s *CreateAggregateConfiguration) SetConstituentsPerAggregate(v int64) *CreateAggregateConfiguration { + s.ConstituentsPerAggregate = &v return s } @@ -6505,7 +7341,7 @@ func (s *CopyBackupOutput) SetBackup(v *Backup) *CopyBackupOutput { type CreateBackupInput struct { _ struct{} `type:"structure"` - // (Optional) A string of up to 64 ASCII characters that Amazon FSx uses to + // (Optional) A string of up to 63 ASCII characters that Amazon FSx uses to // ensure idempotent creation. This string is automatically filled on your behalf // when you use the Command Line Interface (CLI) or an Amazon Web Services SDK. ClientRequestToken *string `min:"1" type:"string" idempotencyToken:"true"` @@ -6639,7 +7475,7 @@ type CreateDataRepositoryAssociationInput struct { BatchImportMetaDataOnCreate *bool `type:"boolean"` // (Optional) An idempotency token for resource creation, in a string of up - // to 64 ASCII characters. This token is automatically filled on your behalf + // to 63 ASCII characters. This token is automatically filled on your behalf // when you use the Command Line Interface (CLI) or an Amazon Web Services SDK. ClientRequestToken *string `min:"1" type:"string" idempotencyToken:"true"` @@ -6842,7 +7678,7 @@ type CreateDataRepositoryTaskInput struct { CapacityToRelease *int64 `min:"1" type:"long"` // (Optional) An idempotency token for resource creation, in a string of up - // to 64 ASCII characters. This token is automatically filled on your behalf + // to 63 ASCII characters. This token is automatically filled on your behalf // when you use the Command Line Interface (CLI) or an Amazon Web Services SDK. ClientRequestToken *string `min:"1" type:"string" idempotencyToken:"true"` @@ -6852,21 +7688,36 @@ type CreateDataRepositoryTaskInput struct { FileSystemId *string `min:"11" type:"string" required:"true"` // A list of paths for the data repository task to use when the task is processed. - // If a path that you provide isn't valid, the task fails. - // - // * For export tasks, the list contains paths on the Amazon FSx file system - // from which the files are exported to the Amazon S3 bucket. The default - // path is the file system root directory. The paths you provide need to - // be relative to the mount point of the file system. If the mount point - // is /mnt/fsx and /mnt/fsx/path1 is a directory or file on the file system - // you want to export, then the path to provide is path1. + // If a path that you provide isn't valid, the task fails. If you don't provide + // paths, the default behavior is to export all files to S3 (for export tasks), + // import all files from S3 (for import tasks), or release all exported files + // that meet the last accessed time criteria (for release tasks). + // + // * For export tasks, the list contains paths on the FSx for Lustre file + // system from which the files are exported to the Amazon S3 bucket. The + // default path is the file system root directory. The paths you provide + // need to be relative to the mount point of the file system. If the mount + // point is /mnt/fsx and /mnt/fsx/path1 is a directory or file on the file + // system you want to export, then the path to provide is path1. // // * For import tasks, the list contains paths in the Amazon S3 bucket from - // which POSIX metadata changes are imported to the Amazon FSx file system. + // which POSIX metadata changes are imported to the FSx for Lustre file system. // The path can be an S3 bucket or prefix in the format s3://myBucket/myPrefix // (where myPrefix is optional). + // + // * For release tasks, the list contains directory or file paths on the + // FSx for Lustre file system from which to release exported files. If a + // directory is specified, files within the directory are released. If a + // file path is specified, only that file is released. To release all exported + // files in the file system, specify a forward slash (/) as the path. A file + // must also meet the last accessed time criteria specified in for the file + // to be released. Paths []*string `type:"list"` + // The configuration that specifies the last accessed time criteria for files + // that will be released from an Amazon FSx for Lustre file system. + ReleaseConfiguration *ReleaseConfiguration `type:"structure"` + // Defines whether or not Amazon FSx provides a CompletionReport once the task // has completed. A CompletionReport provides a detailed report on the files // that Amazon FSx processed that meet the criteria specified by the Scope parameter. @@ -6880,6 +7731,19 @@ type CreateDataRepositoryTaskInput struct { // Specifies the type of data repository task to create. // + // * EXPORT_TO_REPOSITORY tasks export from your Amazon FSx for Lustre file + // system to a linked data repository. + // + // * IMPORT_METADATA_FROM_REPOSITORY tasks import metadata changes from a + // linked S3 bucket to your Amazon FSx for Lustre file system. + // + // * RELEASE_DATA_FROM_FILESYSTEM tasks release files in your Amazon FSx + // for Lustre file system that have been exported to a linked S3 bucket and + // that meet your specified release criteria. + // + // * AUTO_RELEASE_DATA tasks automatically release files from an Amazon File + // Cache resource. + // // Type is a required field Type *string `type:"string" required:"true" enum:"DataRepositoryTaskType"` } @@ -6972,6 +7836,12 @@ func (s *CreateDataRepositoryTaskInput) SetPaths(v []*string) *CreateDataReposit return s } +// SetReleaseConfiguration sets the ReleaseConfiguration field's value. +func (s *CreateDataRepositoryTaskInput) SetReleaseConfiguration(v *ReleaseConfiguration) *CreateDataRepositoryTaskInput { + s.ReleaseConfiguration = v + return s +} + // SetReport sets the Report field's value. func (s *CreateDataRepositoryTaskInput) SetReport(v *CompletionReport) *CreateDataRepositoryTaskInput { s.Report = v @@ -7024,7 +7894,7 @@ func (s *CreateDataRepositoryTaskOutput) SetDataRepositoryTask(v *DataRepository type CreateFileCacheInput struct { _ struct{} `type:"structure"` - // An idempotency token for resource creation, in a string of up to 64 ASCII + // An idempotency token for resource creation, in a string of up to 63 ASCII // characters. This token is automatically filled on your behalf when you use // the Command Line Interface (CLI) or an Amazon Web Services SDK. // @@ -7386,13 +8256,13 @@ type CreateFileSystemFromBackupInput struct { // BackupId is a required field BackupId *string `min:"12" type:"string" required:"true"` - // A string of up to 64 ASCII characters that Amazon FSx uses to ensure idempotent + // A string of up to 63 ASCII characters that Amazon FSx uses to ensure idempotent // creation. This string is automatically filled on your behalf when you use // the Command Line Interface (CLI) or an Amazon Web Services SDK. ClientRequestToken *string `min:"1" type:"string" idempotencyToken:"true"` // Sets the version for the Amazon FSx for Lustre file system that you're creating - // from a backup. Valid values are 2.10 and 2.12. + // from a backup. Valid values are 2.10, 2.12, and 2.15. // // You don't need to specify FileSystemTypeVersion because it will be applied // using the backup's FileSystemTypeVersion setting. If you choose to specify @@ -7420,15 +8290,14 @@ type CreateFileSystemFromBackupInput struct { // The Lustre configuration for the file system being created. // - // The following parameters are not supported for file systems with the Persistent_2 - // deployment type. Instead, use CreateDataRepositoryAssociation to create a - // data repository association to link your Lustre file system to a data repository. + // The following parameters are not supported for file systems with a data repository + // association created with . // // * AutoImportPolicy // // * ExportPath // - // * ImportedChunkSize + // * ImportedFileChunkSize // // * ImportPath LustreConfiguration *CreateFileSystemLustreConfiguration `type:"structure"` @@ -7450,7 +8319,7 @@ type CreateFileSystemFromBackupInput struct { // // If used to create a file system other than OpenZFS, you must provide a value // that matches the backup's StorageCapacity value. If you provide any other - // value, Amazon FSx responds with a 400 Bad Request. + // value, Amazon FSx responds with with an HTTP status code 400 Bad Request. StorageCapacity *int64 `type:"integer"` // Sets the storage type for the Windows or OpenZFS file system that you're @@ -7674,7 +8543,7 @@ func (s *CreateFileSystemFromBackupOutput) SetFileSystem(v *FileSystem) *CreateF type CreateFileSystemInput struct { _ struct{} `type:"structure"` - // A string of up to 64 ASCII characters that Amazon FSx uses to ensure idempotent + // A string of up to 63 ASCII characters that Amazon FSx uses to ensure idempotent // creation. This string is automatically filled on your behalf when you use // the Command Line Interface (CLI) or an Amazon Web Services SDK. ClientRequestToken *string `min:"1" type:"string" idempotencyToken:"true"` @@ -7686,13 +8555,13 @@ type CreateFileSystemInput struct { FileSystemType *string `type:"string" required:"true" enum:"FileSystemType"` // (Optional) For FSx for Lustre file systems, sets the Lustre version for the - // file system that you're creating. Valid values are 2.10 and 2.12: + // file system that you're creating. Valid values are 2.10, 2.12, and 2.15: // // * 2.10 is supported by the Scratch and Persistent_1 Lustre deployment // types. // - // * 2.12 is supported by all Lustre deployment types. 2.12 is required when - // setting FSx for Lustre DeploymentType to PERSISTENT_2. + // * 2.12 and 2.15 are supported by all Lustre deployment types. 2.12 or + // 2.15 is required when setting FSx for Lustre DeploymentType to PERSISTENT_2. // // Default value = 2.10, except when DeploymentType is set to PERSISTENT_2, // then the default is 2.12. @@ -7721,15 +8590,14 @@ type CreateFileSystemInput struct { // The Lustre configuration for the file system being created. // - // The following parameters are not supported for file systems with the Persistent_2 - // deployment type. Instead, use CreateDataRepositoryAssociation to create a - // data repository association to link your Lustre file system to a data repository. + // The following parameters are not supported for file systems with a data repository + // association created with . // // * AutoImportPolicy // // * ExportPath // - // * ImportedChunkSize + // * ImportedFileChunkSize // // * ImportPath LustreConfiguration *CreateFileSystemLustreConfiguration `type:"structure"` @@ -7744,6 +8612,9 @@ type CreateFileSystemInput struct { // A list of IDs specifying the security groups to apply to all network interfaces // created for file system access. This list isn't returned in later requests // to describe the file system. + // + // You must specify a security group if you are creating a Multi-AZ FSx for + // ONTAP file system in a VPC subnet that has been shared with you. SecurityGroupIds []*string `type:"list"` // Sets the storage capacity of the file system that you're creating, in gibibytes @@ -7765,7 +8636,9 @@ type CreateFileSystemInput struct { // and increments of 3600 GiB. // // FSx for ONTAP file systems - The amount of storage capacity that you can - // configure is from 1024 GiB up to 196,608 GiB (192 TiB). + // configure depends on the value of the HAPairs property. The minimum value + // is calculated as 1,024 * HAPairs and the maximum is calculated as 524,288 + // * HAPairs. // // FSx for OpenZFS file systems - The amount of storage capacity that you can // configure is from 64 GiB up to 524,288 GiB (512 TiB). @@ -7982,25 +8855,23 @@ func (s *CreateFileSystemInput) SetWindowsConfiguration(v *CreateFileSystemWindo // The Lustre configuration for the file system being created. // -// The following parameters are not supported for file systems with the Persistent_2 -// deployment type. Instead, use CreateDataRepositoryAssociation to create a -// data repository association to link your Lustre file system to a data repository. +// The following parameters are not supported for file systems with a data repository +// association created with . // // - AutoImportPolicy // // - ExportPath // -// - ImportedChunkSize +// - ImportedFileChunkSize // // - ImportPath type CreateFileSystemLustreConfiguration struct { _ struct{} `type:"structure"` - // (Optional) Available with Scratch and Persistent_1 deployment types. When - // you create your file system, your existing S3 objects appear as file and - // directory listings. Use this property to choose how Amazon FSx keeps your - // file and directory listings up to date as you add or modify objects in your - // linked S3 bucket. AutoImportPolicy can have the following values: + // (Optional) When you create your file system, your existing S3 objects appear + // as file and directory listings. Use this parameter to choose how Amazon FSx + // keeps your file and directory listings up to date as you add or modify objects + // in your linked S3 bucket. AutoImportPolicy can have the following values: // // * NONE - (Default) AutoImport is off. Amazon FSx only updates file and // directory listings from the linked S3 bucket when the file system is created. @@ -8024,9 +8895,7 @@ type CreateFileSystemLustreConfiguration struct { // For more information, see Automatically import updates from your S3 bucket // (https://docs.aws.amazon.com/fsx/latest/LustreGuide/older-deployment-types.html#legacy-auto-import-from-s3). // - // This parameter is not supported for file systems with the Persistent_2 deployment - // type. Instead, use CreateDataRepositoryAssociation to create a data repository - // association to link your Lustre file system to a data repository. + // This parameter is not supported for file systems with a data repository association. AutoImportPolicy *string `type:"string" enum:"AutoImportPolicyType"` // The number of days to retain automatic backups. Setting this property to @@ -8091,10 +8960,9 @@ type CreateFileSystemLustreConfiguration struct { // // Encryption of data in transit is automatically turned on when you access // SCRATCH_2, PERSISTENT_1 and PERSISTENT_2 file systems from Amazon EC2 instances - // that support automatic encryption (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/data- - // protection.html) in the Amazon Web Services Regions where they are available. - // For more information about encryption in transit for FSx for Lustre file - // systems, see Encrypting data in transit (https://docs.aws.amazon.com/fsx/latest/LustreGuide/encryption-in-transit-fsxl.html) + // that support automatic encryption in the Amazon Web Services Regions where + // they are available. For more information about encryption in transit for + // FSx for Lustre file systems, see Encrypting data in transit (https://docs.aws.amazon.com/fsx/latest/LustreGuide/encryption-in-transit-fsxl.html) // in the Amazon FSx for Lustre User Guide. // // (Default = SCRATCH_1) @@ -8109,13 +8977,13 @@ type CreateFileSystemLustreConfiguration struct { // This parameter is required when StorageType is set to HDD. DriveCacheType *string `type:"string" enum:"DriveCacheType"` - // (Optional) Available with Scratch and Persistent_1 deployment types. Specifies - // the path in the Amazon S3 bucket where the root of your Amazon FSx file system - // is exported. The path must use the same Amazon S3 bucket as specified in - // ImportPath. You can provide an optional prefix to which new and changed data - // is to be exported from your Amazon FSx for Lustre file system. If an ExportPath - // value is not provided, Amazon FSx sets a default export path, s3://import-bucket/FSxLustre[creation-timestamp]. - // The timestamp is in UTC format, for example s3://import-bucket/FSxLustre20181105T222312Z. + // (Optional) Specifies the path in the Amazon S3 bucket where the root of your + // Amazon FSx file system is exported. The path must use the same Amazon S3 + // bucket as specified in ImportPath. You can provide an optional prefix to + // which new and changed data is to be exported from your Amazon FSx for Lustre + // file system. If an ExportPath value is not provided, Amazon FSx sets a default + // export path, s3://import-bucket/FSxLustre[creation-timestamp]. The timestamp + // is in UTC format, for example s3://import-bucket/FSxLustre20181105T222312Z. // // The Amazon S3 export bucket must be the same as the import bucket specified // by ImportPath. If you specify only a bucket name, such as s3://import-bucket, @@ -8125,9 +8993,7 @@ type CreateFileSystemLustreConfiguration struct { // Amazon FSx exports the contents of your file system to that export prefix // in the Amazon S3 bucket. // - // This parameter is not supported for file systems with the Persistent_2 deployment - // type. Instead, use CreateDataRepositoryAssociation to create a data repository - // association to link your Lustre file system to a data repository. + // This parameter is not supported for file systems with a data repository association. ExportPath *string `min:"3" type:"string"` // (Optional) The path to the Amazon S3 bucket (including the optional prefix) @@ -8137,9 +9003,7 @@ type CreateFileSystemLustreConfiguration struct { // If you specify a prefix after the Amazon S3 bucket name, only object keys // with that prefix are loaded into the file system. // - // This parameter is not supported for file systems with the Persistent_2 deployment - // type. Instead, use CreateDataRepositoryAssociation to create a data repository - // association to link your Lustre file system to a data repository. + // This parameter is not supported for file systems with a data repository association. ImportPath *string `min:"3" type:"string"` // (Optional) For files imported from a data repository, this value determines @@ -8151,9 +9015,7 @@ type CreateFileSystemLustreConfiguration struct { // The default chunk size is 1,024 MiB (1 GiB) and can go as high as 512,000 // MiB (500 GiB). Amazon S3 objects have a maximum size of 5 TB. // - // This parameter is not supported for file systems with the Persistent_2 deployment - // type. Instead, use CreateDataRepositoryAssociation to create a data repository - // association to link your Lustre file system to a data repository. + // This parameter is not supported for file systems with a data repository association. ImportedFileChunkSize *int64 `min:"1" type:"integer"` // The Lustre logging configuration used when creating an Amazon FSx for Lustre @@ -8337,7 +9199,7 @@ type CreateFileSystemOntapConfiguration struct { // The number of days to retain automatic backups. Setting this property to // 0 disables automatic backups. You can retain automatic backups for a maximum - // of 90 days. The default is 0. + // of 90 days. The default is 30. AutomaticBackupRetentionDays *int64 `type:"integer"` // A recurring daily time, in the format HH:MM. HH is the zero-padded hour of @@ -8353,6 +9215,9 @@ type CreateFileSystemOntapConfiguration struct { // // * SINGLE_AZ_1 - A file system configured for Single-AZ redundancy. // + // * SINGLE_AZ_2 - A file system configured with multiple high-availability + // (HA) pairs for Single-AZ redundancy. + // // For information about the use cases for Multi-AZ and Single-AZ deployments, // refer to Choosing a file system deployment type (https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/high-availability-AZ.html). // @@ -8368,7 +9233,8 @@ type CreateFileSystemOntapConfiguration struct { // By default in the Amazon FSx console, Amazon FSx chooses the last 64 IP addresses // from the VPC’s primary CIDR range to use as the endpoint IP address range // for the file system. You can have overlapping endpoint IP addresses for file - // systems deployed in the same VPC/route tables. + // systems deployed in the same VPC/route tables, as long as they don't overlap + // with any subnet. EndpointIpAddressRange *string `min:"9" type:"string"` // The ONTAP administrative password for the fsxadmin user with which you administer @@ -8379,21 +9245,81 @@ type CreateFileSystemOntapConfiguration struct { // String and GoString methods. FsxAdminPassword *string `min:"8" type:"string" sensitive:"true"` + // Specifies how many high-availability (HA) pairs of file servers will power + // your file system. Scale-up file systems are powered by 1 HA pair. The default + // value is 1. FSx for ONTAP scale-out file systems are powered by up to 12 + // HA pairs. The value of this property affects the values of StorageCapacity, + // Iops, and ThroughputCapacity. For more information, see High-availability + // (HA) pairs (https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/HA-pairs.html) + // in the FSx for ONTAP user guide. + // + // Amazon FSx responds with an HTTP status code 400 (Bad Request) for the following + // conditions: + // + // * The value of HAPairs is less than 1 or greater than 12. + // + // * The value of HAPairs is greater than 1 and the value of DeploymentType + // is SINGLE_AZ_1 or MULTI_AZ_1. + HAPairs *int64 `min:"1" type:"integer"` + // Required when DeploymentType is set to MULTI_AZ_1. This specifies the subnet // in which you want the preferred file server to be located. PreferredSubnetId *string `min:"15" type:"string"` - // (Multi-AZ only) Specifies the virtual private cloud (VPC) route tables in - // which your file system's endpoints will be created. You should specify all - // VPC route tables associated with the subnets in which your clients are located. - // By default, Amazon FSx selects your VPC's default route table. + // (Multi-AZ only) Specifies the route tables in which Amazon FSx creates the + // rules for routing traffic to the correct file server. You should specify + // all virtual private cloud (VPC) route tables associated with the subnets + // in which your clients are located. By default, Amazon FSx selects your VPC's + // default route table. + // + // Amazon FSx manages these route tables for Multi-AZ file systems using tag-based + // authentication. These route tables are tagged with Key: AmazonFSx; Value: + // ManagedByAmazonFSx. When creating FSx for ONTAP Multi-AZ file systems using + // CloudFormation we recommend that you add the Key: AmazonFSx; Value: ManagedByAmazonFSx + // tag manually. RouteTableIds []*string `type:"list"` - // Sets the throughput capacity for the file system that you're creating. Valid - // values are 128, 256, 512, 1024, 2048, and 4096 MBps. + // Sets the throughput capacity for the file system that you're creating in + // megabytes per second (MBps). For more information, see Managing throughput + // capacity (https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/managing-throughput-capacity.html) + // in the FSx for ONTAP User Guide. // - // ThroughputCapacity is a required field - ThroughputCapacity *int64 `min:"8" type:"integer" required:"true"` + // Amazon FSx responds with an HTTP status code 400 (Bad Request) for the following + // conditions: + // + // * The value of ThroughputCapacity and ThroughputCapacityPerHAPair are + // not the same value. + // + // * The value of ThroughputCapacity when divided by the value of HAPairs + // is outside of the valid range for ThroughputCapacity. + ThroughputCapacity *int64 `min:"8" type:"integer"` + + // Use to choose the throughput capacity per HA pair, rather than the total + // throughput for the file system. + // + // You can define either the ThroughputCapacityPerHAPair or the ThroughputCapacity + // when creating a file system, but not both. + // + // This field and ThroughputCapacity are the same for scale-up file systems + // powered by one HA pair. + // + // * For SINGLE_AZ_1 and MULTI_AZ_1 file systems, valid values are 128, 256, + // 512, 1024, 2048, or 4096 MBps. + // + // * For SINGLE_AZ_2 file systems, valid values are 3072 or 6144 MBps. + // + // Amazon FSx responds with an HTTP status code 400 (Bad Request) for the following + // conditions: + // + // * The value of ThroughputCapacity and ThroughputCapacityPerHAPair are + // not the same value for file systems with one HA pair. + // + // * The value of deployment type is SINGLE_AZ_2 and ThroughputCapacity / + // ThroughputCapacityPerHAPair is a valid HA pair (a value between 2 and + // 12). + // + // * The value of ThroughputCapacityPerHAPair is not a valid value. + ThroughputCapacityPerHAPair *int64 `min:"128" type:"integer"` // A recurring weekly time, in the format D:HH:MM. // @@ -8441,15 +9367,18 @@ func (s *CreateFileSystemOntapConfiguration) Validate() error { if s.FsxAdminPassword != nil && len(*s.FsxAdminPassword) < 8 { invalidParams.Add(request.NewErrParamMinLen("FsxAdminPassword", 8)) } + if s.HAPairs != nil && *s.HAPairs < 1 { + invalidParams.Add(request.NewErrParamMinValue("HAPairs", 1)) + } if s.PreferredSubnetId != nil && len(*s.PreferredSubnetId) < 15 { invalidParams.Add(request.NewErrParamMinLen("PreferredSubnetId", 15)) } - if s.ThroughputCapacity == nil { - invalidParams.Add(request.NewErrParamRequired("ThroughputCapacity")) - } if s.ThroughputCapacity != nil && *s.ThroughputCapacity < 8 { invalidParams.Add(request.NewErrParamMinValue("ThroughputCapacity", 8)) } + if s.ThroughputCapacityPerHAPair != nil && *s.ThroughputCapacityPerHAPair < 128 { + invalidParams.Add(request.NewErrParamMinValue("ThroughputCapacityPerHAPair", 128)) + } if s.WeeklyMaintenanceStartTime != nil && len(*s.WeeklyMaintenanceStartTime) < 7 { invalidParams.Add(request.NewErrParamMinLen("WeeklyMaintenanceStartTime", 7)) } @@ -8496,6 +9425,12 @@ func (s *CreateFileSystemOntapConfiguration) SetFsxAdminPassword(v string) *Crea return s } +// SetHAPairs sets the HAPairs field's value. +func (s *CreateFileSystemOntapConfiguration) SetHAPairs(v int64) *CreateFileSystemOntapConfiguration { + s.HAPairs = &v + return s +} + // SetPreferredSubnetId sets the PreferredSubnetId field's value. func (s *CreateFileSystemOntapConfiguration) SetPreferredSubnetId(v string) *CreateFileSystemOntapConfiguration { s.PreferredSubnetId = &v @@ -8514,6 +9449,12 @@ func (s *CreateFileSystemOntapConfiguration) SetThroughputCapacity(v int64) *Cre return s } +// SetThroughputCapacityPerHAPair sets the ThroughputCapacityPerHAPair field's value. +func (s *CreateFileSystemOntapConfiguration) SetThroughputCapacityPerHAPair(v int64) *CreateFileSystemOntapConfiguration { + s.ThroughputCapacityPerHAPair = &v + return s +} + // SetWeeklyMaintenanceStartTime sets the WeeklyMaintenanceStartTime field's value. func (s *CreateFileSystemOntapConfiguration) SetWeeklyMaintenanceStartTime(v string) *CreateFileSystemOntapConfiguration { s.WeeklyMaintenanceStartTime = &v @@ -8527,7 +9468,7 @@ type CreateFileSystemOpenZFSConfiguration struct { // The number of days to retain automatic backups. Setting this property to // 0 disables automatic backups. You can retain automatic backups for a maximum - // of 90 days. The default is 0. + // of 90 days. The default is 30. AutomaticBackupRetentionDays *int64 `type:"integer"` // A Boolean value indicating whether tags for the file system should be copied @@ -8556,16 +9497,23 @@ type CreateFileSystemOpenZFSConfiguration struct { // configured for redundancy within a single Availability Zone in an Amazon // Web Services Region . Valid values are the following: // - // * SINGLE_AZ_1- (Default) Creates file systems with throughput capacities - // of 64 - 4,096 MB/s. Single_AZ_1 is available in all Amazon Web Services - // Regions where Amazon FSx for OpenZFS is available, except US West (Oregon). + // * MULTI_AZ_1- Creates file systems with high availability that are configured + // for Multi-AZ redundancy to tolerate temporary unavailability in Availability + // Zones (AZs). Multi_AZ_1 is available only in the US East (N. Virginia), + // US East (Ohio), US West (Oregon), Asia Pacific (Singapore), Asia Pacific + // (Tokyo), and Europe (Ireland) Amazon Web Services Regions. + // + // * SINGLE_AZ_1- Creates file systems with throughput capacities of 64 - + // 4,096 MB/s. Single_AZ_1 is available in all Amazon Web Services Regions + // where Amazon FSx for OpenZFS is available. // // * SINGLE_AZ_2- Creates file systems with throughput capacities of 160 // - 10,240 MB/s using an NVMe L2ARC cache. Single_AZ_2 is available only - // in the US East (N. Virginia), US East (Ohio), US West (Oregon), and Europe - // (Ireland) Amazon Web Services Regions. + // in the US East (N. Virginia), US East (Ohio), US West (Oregon), Asia Pacific + // (Singapore), Asia Pacific (Tokyo), and Europe (Ireland) Amazon Web Services + // Regions. // - // For more information, see: Deployment type availability (https://docs.aws.amazon.com/fsx/latest/OpenZFSGuide/availability-durability.html#available-aws-regions) + // For more information, see Deployment type availability (https://docs.aws.amazon.com/fsx/latest/OpenZFSGuide/availability-durability.html#available-aws-regions) // and File system performance (https://docs.aws.amazon.com/fsx/latest/OpenZFSGuide/performance.html#zfs-fs-performance) // in the Amazon FSx for OpenZFS User Guide. // @@ -8573,25 +9521,44 @@ type CreateFileSystemOpenZFSConfiguration struct { DeploymentType *string `type:"string" required:"true" enum:"OpenZFSDeploymentType"` // The SSD IOPS (input/output operations per second) configuration for an Amazon - // FSx for NetApp ONTAP or Amazon FSx for OpenZFS file system. The default is - // 3 IOPS per GB of storage capacity, but you can provision additional IOPS - // per GB of storage. The configuration consists of the total number of provisioned - // SSD IOPS and how the amount was provisioned (by the customer or by the system). + // FSx for NetApp ONTAP, Amazon FSx for Windows File Server, or FSx for OpenZFS + // file system. By default, Amazon FSx automatically provisions 3 IOPS per GB + // of storage capacity. You can provision additional IOPS per GB of storage. + // The configuration consists of the total number of provisioned SSD IOPS and + // how it is was provisioned, or the mode (by the customer or by Amazon FSx). DiskIopsConfiguration *DiskIopsConfiguration `type:"structure"` + // (Multi-AZ only) Specifies the IP address range in which the endpoints to + // access your file system will be created. By default in the Amazon FSx API + // and Amazon FSx console, Amazon FSx selects an available /28 IP address range + // for you from one of the VPC's CIDR ranges. You can have overlapping endpoint + // IP addresses for file systems deployed in the same VPC/route tables. + EndpointIpAddressRange *string `min:"9" type:"string"` + + // Required when DeploymentType is set to MULTI_AZ_1. This specifies the subnet + // in which you want the preferred file server to be located. + PreferredSubnetId *string `min:"15" type:"string"` + // The configuration Amazon FSx uses when creating the root value of the Amazon // FSx for OpenZFS file system. All volumes are children of the root volume. RootVolumeConfiguration *OpenZFSCreateRootVolumeConfiguration `type:"structure"` + // (Multi-AZ only) Specifies the route tables in which Amazon FSx creates the + // rules for routing traffic to the correct file server. You should specify + // all virtual private cloud (VPC) route tables associated with the subnets + // in which your clients are located. By default, Amazon FSx selects your VPC's + // default route table. + RouteTableIds []*string `type:"list"` + // Specifies the throughput of an Amazon FSx for OpenZFS file system, measured - // in megabytes per second (MB/s). Valid values depend on the DeploymentType + // in megabytes per second (MBps). Valid values depend on the DeploymentType // you choose, as follows: // - // * For SINGLE_AZ_1, valid values are 64, 128, 256, 512, 1024, 2048, 3072, - // or 4096 MB/s. + // * For MULTI_AZ_1 and SINGLE_AZ_2, valid values are 160, 320, 640, 1280, + // 2560, 3840, 5120, 7680, or 10240 MBps. // - // * For SINGLE_AZ_2, valid values are 160, 320, 640, 1280, 2560, 3840, 5120, - // 7680, or 10240 MB/s. + // * For SINGLE_AZ_1, valid values are 64, 128, 256, 512, 1024, 2048, 3072, + // or 4096 MBps. // // You pay for additional throughput capacity that you provision. // @@ -8638,6 +9605,12 @@ func (s *CreateFileSystemOpenZFSConfiguration) Validate() error { if s.DeploymentType == nil { invalidParams.Add(request.NewErrParamRequired("DeploymentType")) } + if s.EndpointIpAddressRange != nil && len(*s.EndpointIpAddressRange) < 9 { + invalidParams.Add(request.NewErrParamMinLen("EndpointIpAddressRange", 9)) + } + if s.PreferredSubnetId != nil && len(*s.PreferredSubnetId) < 15 { + invalidParams.Add(request.NewErrParamMinLen("PreferredSubnetId", 15)) + } if s.ThroughputCapacity == nil { invalidParams.Add(request.NewErrParamRequired("ThroughputCapacity")) } @@ -8695,12 +9668,30 @@ func (s *CreateFileSystemOpenZFSConfiguration) SetDiskIopsConfiguration(v *DiskI return s } +// SetEndpointIpAddressRange sets the EndpointIpAddressRange field's value. +func (s *CreateFileSystemOpenZFSConfiguration) SetEndpointIpAddressRange(v string) *CreateFileSystemOpenZFSConfiguration { + s.EndpointIpAddressRange = &v + return s +} + +// SetPreferredSubnetId sets the PreferredSubnetId field's value. +func (s *CreateFileSystemOpenZFSConfiguration) SetPreferredSubnetId(v string) *CreateFileSystemOpenZFSConfiguration { + s.PreferredSubnetId = &v + return s +} + // SetRootVolumeConfiguration sets the RootVolumeConfiguration field's value. func (s *CreateFileSystemOpenZFSConfiguration) SetRootVolumeConfiguration(v *OpenZFSCreateRootVolumeConfiguration) *CreateFileSystemOpenZFSConfiguration { s.RootVolumeConfiguration = v return s } +// SetRouteTableIds sets the RouteTableIds field's value. +func (s *CreateFileSystemOpenZFSConfiguration) SetRouteTableIds(v []*string) *CreateFileSystemOpenZFSConfiguration { + s.RouteTableIds = v + return s +} + // SetThroughputCapacity sets the ThroughputCapacity field's value. func (s *CreateFileSystemOpenZFSConfiguration) SetThroughputCapacity(v int64) *CreateFileSystemOpenZFSConfiguration { s.ThroughputCapacity = &v @@ -8790,9 +9781,9 @@ type CreateFileSystemWindowsConfiguration struct { // Windows File Server file system. AuditLogConfiguration *WindowsAuditLogCreateConfiguration `type:"structure"` - // The number of days to retain automatic backups. The default is to retain - // backups for 7 days. Setting this value to 0 disables the creation of automatic - // backups. The maximum retention period for backups is 90 days. + // The number of days to retain automatic backups. Setting this property to + // 0 disables automatic backups. You can retain automatic backups for a maximum + // of 90 days. The default is 30. AutomaticBackupRetentionDays *int64 `type:"integer"` // A boolean flag indicating whether tags for the file system should be copied @@ -8827,6 +9818,13 @@ type CreateFileSystemWindowsConfiguration struct { // File Systems (https://docs.aws.amazon.com/fsx/latest/WindowsGuide/high-availability-multiAZ.html). DeploymentType *string `type:"string" enum:"WindowsDeploymentType"` + // The SSD IOPS (input/output operations per second) configuration for an Amazon + // FSx for Windows file system. By default, Amazon FSx automatically provisions + // 3 IOPS per GiB of storage capacity. You can provision additional IOPS per + // GiB of storage, up to the maximum limit associated with your chosen throughput + // capacity. + DiskIopsConfiguration *DiskIopsConfiguration `type:"structure"` + // Required when DeploymentType is set to MULTI_AZ_1. This specifies the subnet // in which you want the preferred file server to be located. For in-Amazon // Web Services applications, we recommend that you launch your clients in the @@ -8835,10 +9833,11 @@ type CreateFileSystemWindowsConfiguration struct { PreferredSubnetId *string `min:"15" type:"string"` // The configuration that Amazon FSx uses to join a FSx for Windows File Server - // file system or an ONTAP storage virtual machine (SVM) to a self-managed (including - // on-premises) Microsoft Active Directory (AD) directory. For more information, - // see Using Amazon FSx with your self-managed Microsoft Active Directory (https://docs.aws.amazon.com/fsx/latest/WindowsGuide/self-managed-AD.html) - // or Managing SVMs (https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/managing-svms.html). + // file system or an FSx for ONTAP storage virtual machine (SVM) to a self-managed + // (including on-premises) Microsoft Active Directory (AD) directory. For more + // information, see Using Amazon FSx for Windows with your self-managed Microsoft + // Active Directory (https://docs.aws.amazon.com/fsx/latest/WindowsGuide/self-managed-AD.html) + // or Managing FSx for ONTAP SVMs (https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/managing-svms.html). SelfManagedActiveDirectoryConfiguration *SelfManagedActiveDirectoryConfiguration `type:"structure"` // Sets the throughput capacity of an Amazon FSx file system, measured in megabytes @@ -8951,6 +9950,12 @@ func (s *CreateFileSystemWindowsConfiguration) SetDeploymentType(v string) *Crea return s } +// SetDiskIopsConfiguration sets the DiskIopsConfiguration field's value. +func (s *CreateFileSystemWindowsConfiguration) SetDiskIopsConfiguration(v *DiskIopsConfiguration) *CreateFileSystemWindowsConfiguration { + s.DiskIopsConfiguration = v + return s +} + // SetPreferredSubnetId sets the PreferredSubnetId field's value. func (s *CreateFileSystemWindowsConfiguration) SetPreferredSubnetId(v string) *CreateFileSystemWindowsConfiguration { s.PreferredSubnetId = &v @@ -8979,6 +9984,10 @@ func (s *CreateFileSystemWindowsConfiguration) SetWeeklyMaintenanceStartTime(v s type CreateOntapVolumeConfiguration struct { _ struct{} `type:"structure"` + // Use to specify configuration options for a volume’s storage aggregate or + // aggregates. + AggregateConfiguration *CreateAggregateConfiguration `type:"structure"` + // A boolean flag indicating whether tags for the volume should be copied to // backups. This value defaults to false. If it's set to true, all tags for // the volume are copied to all automatic and user-initiated backups where the @@ -8989,7 +9998,8 @@ type CreateOntapVolumeConfiguration struct { CopyTagsToBackups *bool `type:"boolean"` // Specifies the location in the SVM's namespace where the volume is mounted. - // The JunctionPath must have a leading forward slash, such as /vol3. + // This parameter is required. The JunctionPath must have a leading forward + // slash, such as /vol3. JunctionPath *string `min:"1" type:"string"` // Specifies the type of volume you are creating. Valid values are the following: @@ -9007,7 +10017,7 @@ type CreateOntapVolumeConfiguration struct { // is not specified, it is automatically set to the root volume's security style. // The security style determines the type of permissions that FSx for ONTAP // uses to control data access. For more information, see Volume security style - // (https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/managing-volumes.html#volume-security-style) + // (https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/volume-security-style) // in the Amazon FSx for NetApp ONTAP User Guide. Specify one of the following // values: // @@ -9019,14 +10029,25 @@ type CreateOntapVolumeConfiguration struct { // of users are SMB clients, and an application accessing the data uses a // Windows user as the service account. // - // * MIXED if the file system is managed by both UNIX and Windows administrators - // and users consist of both NFS and SMB clients. + // * MIXED This is an advanced setting. For more information, see the topic + // What the security styles and their effects are (https://docs.netapp.com/us-en/ontap/nfs-admin/security-styles-their-effects-concept.html) + // in the NetApp Documentation Center. + // + // For more information, see Volume security style (https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/volume-security-style.html) + // in the FSx for ONTAP User Guide. SecurityStyle *string `type:"string" enum:"SecurityStyle"` - // Specifies the size of the volume, in megabytes (MB), that you are creating. + // Specifies the configured size of the volume, in bytes. + SizeInBytes *int64 `type:"long"` + + // Use SizeInBytes instead. Specifies the size of the volume, in megabytes (MB), + // that you are creating. // - // SizeInMegabytes is a required field - SizeInMegabytes *int64 `type:"integer" required:"true"` + // Deprecated: This property is deprecated, use SizeInBytes instead + SizeInMegabytes *int64 `deprecated:"true" type:"integer"` + + // Specifies the SnapLock configuration for an FSx for ONTAP volume. + SnaplockConfiguration *CreateSnaplockConfiguration `type:"structure"` // Specifies the snapshot policy for the volume. There are three built-in snapshot // policies: @@ -9050,7 +10071,10 @@ type CreateOntapVolumeConfiguration struct { SnapshotPolicy *string `min:"1" type:"string"` // Set to true to enable deduplication, compression, and compaction storage - // efficiency features on the volume. + // efficiency features on the volume, or set to false to disable them. + // + // StorageEfficiencyEnabled is required when creating a RW volume (OntapVolumeType + // set to RW). StorageEfficiencyEnabled *bool `type:"boolean"` // Specifies the ONTAP SVM in which to create the volume. @@ -9077,6 +10101,12 @@ type CreateOntapVolumeConfiguration struct { // * NONE - keeps a volume's data in the primary storage tier, preventing // it from being moved to the capacity pool tier. TieringPolicy *TieringPolicy `type:"structure"` + + // Use to specify the style of an ONTAP volume. FSx for ONTAP offers two styles + // of volumes that you can use for different purposes, FlexVol and FlexGroup + // volumes. For more information, see Volume styles (https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/volume-styles.html) + // in the Amazon FSx for NetApp ONTAP User Guide. + VolumeStyle *string `type:"string" enum:"VolumeStyle"` } // String returns the string representation. @@ -9103,9 +10133,6 @@ func (s *CreateOntapVolumeConfiguration) Validate() error { if s.JunctionPath != nil && len(*s.JunctionPath) < 1 { invalidParams.Add(request.NewErrParamMinLen("JunctionPath", 1)) } - if s.SizeInMegabytes == nil { - invalidParams.Add(request.NewErrParamRequired("SizeInMegabytes")) - } if s.SnapshotPolicy != nil && len(*s.SnapshotPolicy) < 1 { invalidParams.Add(request.NewErrParamMinLen("SnapshotPolicy", 1)) } @@ -9115,6 +10142,16 @@ func (s *CreateOntapVolumeConfiguration) Validate() error { if s.StorageVirtualMachineId != nil && len(*s.StorageVirtualMachineId) < 21 { invalidParams.Add(request.NewErrParamMinLen("StorageVirtualMachineId", 21)) } + if s.AggregateConfiguration != nil { + if err := s.AggregateConfiguration.Validate(); err != nil { + invalidParams.AddNested("AggregateConfiguration", err.(request.ErrInvalidParams)) + } + } + if s.SnaplockConfiguration != nil { + if err := s.SnaplockConfiguration.Validate(); err != nil { + invalidParams.AddNested("SnaplockConfiguration", err.(request.ErrInvalidParams)) + } + } if s.TieringPolicy != nil { if err := s.TieringPolicy.Validate(); err != nil { invalidParams.AddNested("TieringPolicy", err.(request.ErrInvalidParams)) @@ -9127,6 +10164,12 @@ func (s *CreateOntapVolumeConfiguration) Validate() error { return nil } +// SetAggregateConfiguration sets the AggregateConfiguration field's value. +func (s *CreateOntapVolumeConfiguration) SetAggregateConfiguration(v *CreateAggregateConfiguration) *CreateOntapVolumeConfiguration { + s.AggregateConfiguration = v + return s +} + // SetCopyTagsToBackups sets the CopyTagsToBackups field's value. func (s *CreateOntapVolumeConfiguration) SetCopyTagsToBackups(v bool) *CreateOntapVolumeConfiguration { s.CopyTagsToBackups = &v @@ -9151,12 +10194,24 @@ func (s *CreateOntapVolumeConfiguration) SetSecurityStyle(v string) *CreateOntap return s } +// SetSizeInBytes sets the SizeInBytes field's value. +func (s *CreateOntapVolumeConfiguration) SetSizeInBytes(v int64) *CreateOntapVolumeConfiguration { + s.SizeInBytes = &v + return s +} + // SetSizeInMegabytes sets the SizeInMegabytes field's value. func (s *CreateOntapVolumeConfiguration) SetSizeInMegabytes(v int64) *CreateOntapVolumeConfiguration { s.SizeInMegabytes = &v return s } +// SetSnaplockConfiguration sets the SnaplockConfiguration field's value. +func (s *CreateOntapVolumeConfiguration) SetSnaplockConfiguration(v *CreateSnaplockConfiguration) *CreateOntapVolumeConfiguration { + s.SnaplockConfiguration = v + return s +} + // SetSnapshotPolicy sets the SnapshotPolicy field's value. func (s *CreateOntapVolumeConfiguration) SetSnapshotPolicy(v string) *CreateOntapVolumeConfiguration { s.SnapshotPolicy = &v @@ -9181,19 +10236,32 @@ func (s *CreateOntapVolumeConfiguration) SetTieringPolicy(v *TieringPolicy) *Cre return s } -// The snapshot configuration to use when creating an OpenZFS volume from a -// snapshot. +// SetVolumeStyle sets the VolumeStyle field's value. +func (s *CreateOntapVolumeConfiguration) SetVolumeStyle(v string) *CreateOntapVolumeConfiguration { + s.VolumeStyle = &v + return s +} + +// The snapshot configuration to use when creating an Amazon FSx for OpenZFS +// volume from a snapshot. type CreateOpenZFSOriginSnapshotConfiguration struct { _ struct{} `type:"structure"` - // The strategy used when copying data from the snapshot to the new volume. + // Specifies the strategy used when copying data from the snapshot to the new + // volume. // // * CLONE - The new volume references the data in the origin snapshot. Cloning // a snapshot is faster than copying data from the snapshot to a new volume // and doesn't consume disk throughput. However, the origin snapshot can't // be deleted if there is a volume using its copied data. // - // * FULL_COPY - Copies all data from the snapshot to the new volume. + // * FULL_COPY - Copies all data from the snapshot to the new volume. Specify + // this option to create the volume from a snapshot on another FSx for OpenZFS + // file system. + // + // The INCREMENTAL_COPY option is only for updating an existing volume by using + // a snapshot from another FSx for OpenZFS file system. For more information, + // see CopySnapshotAndUpdateVolume (https://docs.aws.amazon.com/fsx/latest/APIReference/API_CopySnapshotAndUpdateVolume.html). // // CopyStrategy is a required field CopyStrategy *string `type:"string" required:"true" enum:"OpenZFSCopyStrategy"` @@ -9336,7 +10404,7 @@ type CreateOpenZFSVolumeConfiguration struct { // in the Amazon FSx for OpenZFS User Guide. StorageCapacityReservationGiB *int64 `type:"integer"` - // An object specifying how much storage users or groups can use on the volume. + // Configures how much storage users and groups can use on the volume. UserAndGroupQuotas []*OpenZFSUserOrGroupQuota `type:"list"` } @@ -9468,11 +10536,146 @@ func (s *CreateOpenZFSVolumeConfiguration) SetUserAndGroupQuotas(v []*OpenZFSUse return s } +// Defines the SnapLock configuration when creating an FSx for ONTAP SnapLock +// volume. +type CreateSnaplockConfiguration struct { + _ struct{} `type:"structure"` + + // Enables or disables the audit log volume for an FSx for ONTAP SnapLock volume. + // The default value is false. If you set AuditLogVolume to true, the SnapLock + // volume is created as an audit log volume. The minimum retention period for + // an audit log volume is six months. + // + // For more information, see SnapLock audit log volumes (https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/how-snaplock-works.html#snaplock-audit-log-volume). + AuditLogVolume *bool `type:"boolean"` + + // The configuration object for setting the autocommit period of files in an + // FSx for ONTAP SnapLock volume. + AutocommitPeriod *AutocommitPeriod `type:"structure"` + + // Enables, disables, or permanently disables privileged delete on an FSx for + // ONTAP SnapLock Enterprise volume. Enabling privileged delete allows SnapLock + // administrators to delete WORM files even if they have active retention periods. + // PERMANENTLY_DISABLED is a terminal state. If privileged delete is permanently + // disabled on a SnapLock volume, you can't re-enable it. The default value + // is DISABLED. + // + // For more information, see Privileged delete (https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/snaplock-enterprise.html#privileged-delete). + PrivilegedDelete *string `type:"string" enum:"PrivilegedDelete"` + + // Specifies the retention period of an FSx for ONTAP SnapLock volume. + RetentionPeriod *SnaplockRetentionPeriod `type:"structure"` + + // Specifies the retention mode of an FSx for ONTAP SnapLock volume. After it + // is set, it can't be changed. You can choose one of the following retention + // modes: + // + // * COMPLIANCE: Files transitioned to write once, read many (WORM) on a + // Compliance volume can't be deleted until their retention periods expire. + // This retention mode is used to address government or industry-specific + // mandates or to protect against ransomware attacks. For more information, + // see SnapLock Compliance (https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/snaplock-compliance.html). + // + // * ENTERPRISE: Files transitioned to WORM on an Enterprise volume can be + // deleted by authorized users before their retention periods expire using + // privileged delete. This retention mode is used to advance an organization's + // data integrity and internal compliance or to test retention settings before + // using SnapLock Compliance. For more information, see SnapLock Enterprise + // (https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/snaplock-enterprise.html). + // + // SnaplockType is a required field + SnaplockType *string `type:"string" required:"true" enum:"SnaplockType"` + + // Enables or disables volume-append mode on an FSx for ONTAP SnapLock volume. + // Volume-append mode allows you to create WORM-appendable files and write data + // to them incrementally. The default value is false. + // + // For more information, see Volume-append mode (https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/worm-state.html#worm-state-append). + VolumeAppendModeEnabled *bool `type:"boolean"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CreateSnaplockConfiguration) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CreateSnaplockConfiguration) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *CreateSnaplockConfiguration) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "CreateSnaplockConfiguration"} + if s.SnaplockType == nil { + invalidParams.Add(request.NewErrParamRequired("SnaplockType")) + } + if s.AutocommitPeriod != nil { + if err := s.AutocommitPeriod.Validate(); err != nil { + invalidParams.AddNested("AutocommitPeriod", err.(request.ErrInvalidParams)) + } + } + if s.RetentionPeriod != nil { + if err := s.RetentionPeriod.Validate(); err != nil { + invalidParams.AddNested("RetentionPeriod", err.(request.ErrInvalidParams)) + } + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetAuditLogVolume sets the AuditLogVolume field's value. +func (s *CreateSnaplockConfiguration) SetAuditLogVolume(v bool) *CreateSnaplockConfiguration { + s.AuditLogVolume = &v + return s +} + +// SetAutocommitPeriod sets the AutocommitPeriod field's value. +func (s *CreateSnaplockConfiguration) SetAutocommitPeriod(v *AutocommitPeriod) *CreateSnaplockConfiguration { + s.AutocommitPeriod = v + return s +} + +// SetPrivilegedDelete sets the PrivilegedDelete field's value. +func (s *CreateSnaplockConfiguration) SetPrivilegedDelete(v string) *CreateSnaplockConfiguration { + s.PrivilegedDelete = &v + return s +} + +// SetRetentionPeriod sets the RetentionPeriod field's value. +func (s *CreateSnaplockConfiguration) SetRetentionPeriod(v *SnaplockRetentionPeriod) *CreateSnaplockConfiguration { + s.RetentionPeriod = v + return s +} + +// SetSnaplockType sets the SnaplockType field's value. +func (s *CreateSnaplockConfiguration) SetSnaplockType(v string) *CreateSnaplockConfiguration { + s.SnaplockType = &v + return s +} + +// SetVolumeAppendModeEnabled sets the VolumeAppendModeEnabled field's value. +func (s *CreateSnaplockConfiguration) SetVolumeAppendModeEnabled(v bool) *CreateSnaplockConfiguration { + s.VolumeAppendModeEnabled = &v + return s +} + type CreateSnapshotInput struct { _ struct{} `type:"structure"` // (Optional) An idempotency token for resource creation, in a string of up - // to 64 ASCII characters. This token is automatically filled on your behalf + // to 63 ASCII characters. This token is automatically filled on your behalf // when you use the Command Line Interface (CLI) or an Amazon Web Services SDK. ClientRequestToken *string `min:"1" type:"string" idempotencyToken:"true"` @@ -9606,12 +10809,12 @@ type CreateStorageVirtualMachineInput struct { // Describes the self-managed Microsoft Active Directory to which you want to // join the SVM. Joining an Active Directory provides user authentication and - // access control for SMB clients, including Microsoft Windows and macOS client + // access control for SMB clients, including Microsoft Windows and macOS clients // accessing the file system. ActiveDirectoryConfiguration *CreateSvmActiveDirectoryConfiguration `type:"structure"` // (Optional) An idempotency token for resource creation, in a string of up - // to 64 ASCII characters. This token is automatically filled on your behalf + // to 63 ASCII characters. This token is automatically filled on your behalf // when you use the Command Line Interface (CLI) or an Amazon Web Services SDK. ClientRequestToken *string `min:"1" type:"string" idempotencyToken:"true"` @@ -9632,12 +10835,13 @@ type CreateStorageVirtualMachineInput struct { // of users are NFS clients, and an application accessing the data uses a // UNIX user as the service account. // - // * NTFS if the file system is managed by a Windows administrator, the majority - // of users are SMB clients, and an application accessing the data uses a - // Windows user as the service account. + // * NTFS if the file system is managed by a Microsoft Windows administrator, + // the majority of users are SMB clients, and an application accessing the + // data uses a Microsoft Windows user as the service account. // - // * MIXED if the file system is managed by both UNIX and Windows administrators - // and users consist of both NFS and SMB clients. + // * MIXED This is an advanced setting. For more information, see Volume + // security style (fsx/latest/ONTAPGuide/volume-security-style.html) in the + // Amazon FSx for NetApp ONTAP User Guide. RootVolumeSecurityStyle *string `type:"string" enum:"StorageVirtualMachineRootVolumeSecurityStyle"` // The password to use when managing the SVM using the NetApp ONTAP CLI or REST @@ -9793,7 +10997,7 @@ func (s *CreateStorageVirtualMachineOutput) SetStorageVirtualMachine(v *StorageV // The configuration that Amazon FSx uses to join the ONTAP storage virtual // machine (SVM) to your self-managed (including on-premises) Microsoft Active -// Directory (AD) directory. +// Directory directory. type CreateSvmActiveDirectoryConfiguration struct { _ struct{} `type:"structure"` @@ -9804,10 +11008,11 @@ type CreateSvmActiveDirectoryConfiguration struct { NetBiosName *string `min:"1" type:"string" required:"true"` // The configuration that Amazon FSx uses to join a FSx for Windows File Server - // file system or an ONTAP storage virtual machine (SVM) to a self-managed (including - // on-premises) Microsoft Active Directory (AD) directory. For more information, - // see Using Amazon FSx with your self-managed Microsoft Active Directory (https://docs.aws.amazon.com/fsx/latest/WindowsGuide/self-managed-AD.html) - // or Managing SVMs (https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/managing-svms.html). + // file system or an FSx for ONTAP storage virtual machine (SVM) to a self-managed + // (including on-premises) Microsoft Active Directory (AD) directory. For more + // information, see Using Amazon FSx for Windows with your self-managed Microsoft + // Active Directory (https://docs.aws.amazon.com/fsx/latest/WindowsGuide/self-managed-AD.html) + // or Managing FSx for ONTAP SVMs (https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/managing-svms.html). SelfManagedActiveDirectoryConfiguration *SelfManagedActiveDirectoryConfiguration `type:"structure"` } @@ -9871,7 +11076,7 @@ type CreateVolumeFromBackupInput struct { BackupId *string `min:"12" type:"string" required:"true"` // (Optional) An idempotency token for resource creation, in a string of up - // to 64 ASCII characters. This token is automatically filled on your behalf + // to 63 ASCII characters. This token is automatically filled on your behalf // when you use the Command Line Interface (CLI) or an Amazon Web Services SDK. ClientRequestToken *string `min:"1" type:"string" idempotencyToken:"true"` @@ -10014,7 +11219,7 @@ type CreateVolumeInput struct { _ struct{} `type:"structure"` // (Optional) An idempotency token for resource creation, in a string of up - // to 64 ASCII characters. This token is automatically filled on your behalf + // to 63 ASCII characters. This token is automatically filled on your behalf // when you use the Command Line Interface (CLI) or an Amazon Web Services SDK. ClientRequestToken *string `min:"1" type:"string" idempotencyToken:"true"` @@ -10181,9 +11386,9 @@ func (s *CreateVolumeOutput) SetVolume(v *Volume) *CreateVolumeOutput { // // - DescribeDataRepositoryAssociations // -// Data repository associations are supported only for an Amazon FSx for Lustre -// file system with the Persistent_2 deployment type and for an Amazon File -// Cache resource. +// Data repository associations are supported on Amazon File Cache resources +// and all FSx for Lustre 2.12 and 2.15 file systems, excluding scratch_1 deployment +// type. type DataRepositoryAssociation struct { _ struct{} `type:"structure"` @@ -10510,8 +11715,8 @@ func (s *DataRepositoryAssociationNotFound) RequestID() string { // The data repository configuration object for Lustre file systems returned // in the response of the CreateFileSystem operation. // -// This data type is not supported for file systems with the Persistent_2 deployment -// type. Instead, use . +// This data type is not supported on file systems with a data repository association. +// For file systems with a data repository association, see . type DataRepositoryConfiguration struct { _ struct{} `type:"structure"` @@ -10673,10 +11878,19 @@ func (s *DataRepositoryFailureDetails) SetMessage(v string) *DataRepositoryFailu return s } -// A description of the data repository task. You use data repository tasks -// to perform bulk transfer operations between an Amazon FSx for Lustre file -// system and a linked data repository. An Amazon File Cache resource uses a -// task to automatically release files from the cache. +// A description of the data repository task. +// +// - You use import and export data repository tasks to perform bulk transfer +// operations between an Amazon FSx for Lustre file system and a linked data +// repository. +// +// - You use release data repository tasks to release files that have been +// exported to a linked S3 bucket from your Amazon FSx for Lustre file system. +// +// - An Amazon File Cache resource uses a task to automatically release files +// from the cache. +// +// To learn more about data repository tasks, see Data Repository Tasks (https://docs.aws.amazon.com/fsx/latest/LustreGuide/data-repository-tasks.html). type DataRepositoryTask struct { _ struct{} `type:"structure"` @@ -10738,6 +11952,10 @@ type DataRepositoryTask struct { // directory. Paths []*string `type:"list"` + // The configuration that specifies the last accessed time criteria for files + // that will be released from an Amazon FSx for Lustre file system. + ReleaseConfiguration *ReleaseConfiguration `type:"structure"` + // Provides a report detailing the data repository task results of the files // processed that match the criteria specified in the report Scope parameter. // FSx delivers the report to the file system's linked data repository in Amazon @@ -10775,6 +11993,10 @@ type DataRepositoryTask struct { // * IMPORT_METADATA_FROM_REPOSITORY tasks import metadata changes from a // linked S3 bucket to your Amazon FSx for Lustre file system. // + // * RELEASE_DATA_FROM_FILESYSTEM tasks release files in your Amazon FSx + // for Lustre file system that have been exported to a linked S3 bucket and + // that meet your specified release criteria. + // // * AUTO_RELEASE_DATA tasks automatically release files from an Amazon File // Cache resource. // @@ -10848,6 +12070,12 @@ func (s *DataRepositoryTask) SetPaths(v []*string) *DataRepositoryTask { return s } +// SetReleaseConfiguration sets the ReleaseConfiguration field's value. +func (s *DataRepositoryTask) SetReleaseConfiguration(v *ReleaseConfiguration) *DataRepositoryTask { + s.ReleaseConfiguration = v + return s +} + // SetReport sets the Report field's value. func (s *DataRepositoryTask) SetReport(v *CompletionReport) *DataRepositoryTask { s.Report = v @@ -11255,7 +12483,7 @@ type DeleteBackupInput struct { // BackupId is a required field BackupId *string `min:"12" type:"string" required:"true"` - // A string of up to 64 ASCII characters that Amazon FSx uses to ensure idempotent + // A string of up to 63 ASCII characters that Amazon FSx uses to ensure idempotent // deletion. This parameter is automatically filled on your behalf when using // the CLI or SDK. ClientRequestToken *string `min:"1" type:"string" idempotencyToken:"true"` @@ -11361,7 +12589,7 @@ type DeleteDataRepositoryAssociationInput struct { AssociationId *string `min:"13" type:"string" required:"true"` // (Optional) An idempotency token for resource creation, in a string of up - // to 64 ASCII characters. This token is automatically filled on your behalf + // to 63 ASCII characters. This token is automatically filled on your behalf // when you use the Command Line Interface (CLI) or an Amazon Web Services SDK. ClientRequestToken *string `min:"1" type:"string" idempotencyToken:"true"` @@ -11479,7 +12707,7 @@ type DeleteFileCacheInput struct { _ struct{} `type:"structure"` // (Optional) An idempotency token for resource creation, in a string of up - // to 64 ASCII characters. This token is automatically filled on your behalf + // to 63 ASCII characters. This token is automatically filled on your behalf // when you use the Command Line Interface (CLI) or an Amazon Web Services SDK. ClientRequestToken *string `min:"1" type:"string" idempotencyToken:"true"` @@ -11583,7 +12811,7 @@ func (s *DeleteFileCacheOutput) SetLifecycle(v string) *DeleteFileCacheOutput { type DeleteFileSystemInput struct { _ struct{} `type:"structure"` - // A string of up to 64 ASCII characters that Amazon FSx uses to ensure idempotent + // A string of up to 63 ASCII characters that Amazon FSx uses to ensure idempotent // deletion. This token is automatically filled on your behalf when using the // Command Line Interface (CLI) or an Amazon Web Services SDK. ClientRequestToken *string `min:"1" type:"string" idempotencyToken:"true"` @@ -12112,7 +13340,7 @@ type DeleteSnapshotInput struct { _ struct{} `type:"structure"` // (Optional) An idempotency token for resource creation, in a string of up - // to 64 ASCII characters. This token is automatically filled on your behalf + // to 63 ASCII characters. This token is automatically filled on your behalf // when you use the Command Line Interface (CLI) or an Amazon Web Services SDK. ClientRequestToken *string `min:"1" type:"string" idempotencyToken:"true"` @@ -12216,7 +13444,7 @@ type DeleteStorageVirtualMachineInput struct { _ struct{} `type:"structure"` // (Optional) An idempotency token for resource creation, in a string of up - // to 64 ASCII characters. This token is automatically filled on your behalf + // to 63 ASCII characters. This token is automatically filled on your behalf // when you use the Command Line Interface (CLI) or an Amazon Web Services SDK. ClientRequestToken *string `min:"1" type:"string" idempotencyToken:"true"` @@ -12319,7 +13547,7 @@ type DeleteVolumeInput struct { _ struct{} `type:"structure"` // (Optional) An idempotency token for resource creation, in a string of up - // to 64 ASCII characters. This token is automatically filled on your behalf + // to 63 ASCII characters. This token is automatically filled on your behalf // when you use the Command Line Interface (CLI) or an Amazon Web Services SDK. ClientRequestToken *string `min:"1" type:"string" idempotencyToken:"true"` @@ -12404,10 +13632,21 @@ func (s *DeleteVolumeInput) SetVolumeId(v string) *DeleteVolumeInput { return s } -// Use to specify skipping a final backup, or to add tags to a final backup. +// Use to specify skipping a final backup, adding tags to a final backup, or +// bypassing the retention period of an FSx for ONTAP SnapLock Enterprise volume +// when deleting an FSx for ONTAP volume. type DeleteVolumeOntapConfiguration struct { _ struct{} `type:"structure"` + // Setting this to true allows a SnapLock administrator to delete an FSx for + // ONTAP SnapLock Enterprise volume with unexpired write once, read many (WORM) + // files. The IAM permission fsx:BypassSnaplockEnterpriseRetention is also required + // to delete SnapLock Enterprise volumes with unexpired WORM files. The default + // value is false. + // + // For more information, see Deleting a SnapLock volume (https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/snaplock-delete-volume.html). + BypassSnaplockEnterpriseRetention *bool `type:"boolean"` + // A list of Tag values, with a maximum of 50 elements. FinalBackupTags []*Tag `min:"1" type:"list"` @@ -12457,6 +13696,12 @@ func (s *DeleteVolumeOntapConfiguration) Validate() error { return nil } +// SetBypassSnaplockEnterpriseRetention sets the BypassSnaplockEnterpriseRetention field's value. +func (s *DeleteVolumeOntapConfiguration) SetBypassSnaplockEnterpriseRetention(v bool) *DeleteVolumeOntapConfiguration { + s.BypassSnaplockEnterpriseRetention = &v + return s +} + // SetFinalBackupTags sets the FinalBackupTags field's value. func (s *DeleteVolumeOntapConfiguration) SetFinalBackupTags(v []*Tag) *DeleteVolumeOntapConfiguration { s.FinalBackupTags = v @@ -13075,7 +14320,7 @@ type DescribeFileSystemAliasesInput struct { _ struct{} `type:"structure"` // (Optional) An idempotency token for resource creation, in a string of up - // to 64 ASCII characters. This token is automatically filled on your behalf + // to 63 ASCII characters. This token is automatically filled on your behalf // when you use the Command Line Interface (CLI) or an Amazon Web Services SDK. ClientRequestToken *string `min:"1" type:"string" idempotencyToken:"true"` @@ -13319,12 +14564,71 @@ func (s *DescribeFileSystemsOutput) SetNextToken(v string) *DescribeFileSystemsO return s } +type DescribeSharedVpcConfigurationInput struct { + _ struct{} `type:"structure"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DescribeSharedVpcConfigurationInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DescribeSharedVpcConfigurationInput) GoString() string { + return s.String() +} + +type DescribeSharedVpcConfigurationOutput struct { + _ struct{} `type:"structure"` + + // Indicates whether participant accounts can create FSx for ONTAP Multi-AZ + // file systems in shared subnets. + EnableFsxRouteTableUpdatesFromParticipantAccounts *string `min:"4" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DescribeSharedVpcConfigurationOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DescribeSharedVpcConfigurationOutput) GoString() string { + return s.String() +} + +// SetEnableFsxRouteTableUpdatesFromParticipantAccounts sets the EnableFsxRouteTableUpdatesFromParticipantAccounts field's value. +func (s *DescribeSharedVpcConfigurationOutput) SetEnableFsxRouteTableUpdatesFromParticipantAccounts(v string) *DescribeSharedVpcConfigurationOutput { + s.EnableFsxRouteTableUpdatesFromParticipantAccounts = &v + return s +} + type DescribeSnapshotsInput struct { _ struct{} `type:"structure"` // The filters structure. The supported names are file-system-id or volume-id. Filters []*SnapshotFilter `type:"list"` + // Set to false (default) if you want to only see the snapshots owned by your + // Amazon Web Services account. Set to true if you want to see the snapshots + // in your account and the ones shared with you from another account. + IncludeShared *bool `type:"boolean"` + // The maximum number of resources to return in the response. This value must // be an integer greater than zero. MaxResults *int64 `min:"1" type:"integer"` @@ -13380,6 +14684,12 @@ func (s *DescribeSnapshotsInput) SetFilters(v []*SnapshotFilter) *DescribeSnapsh return s } +// SetIncludeShared sets the IncludeShared field's value. +func (s *DescribeSnapshotsInput) SetIncludeShared(v bool) *DescribeSnapshotsInput { + s.IncludeShared = &v + return s +} + // SetMaxResults sets the MaxResults field's value. func (s *DescribeSnapshotsInput) SetMaxResults(v int64) *DescribeSnapshotsInput { s.MaxResults = &v @@ -13691,7 +15001,7 @@ type DisassociateFileSystemAliasesInput struct { Aliases []*string `type:"list" required:"true"` // (Optional) An idempotency token for resource creation, in a string of up - // to 64 ASCII characters. This token is automatically filled on your behalf + // to 63 ASCII characters. This token is automatically filled on your behalf // when you use the Command Line Interface (CLI) or an Amazon Web Services SDK. ClientRequestToken *string `min:"1" type:"string" idempotencyToken:"true"` @@ -13795,18 +15105,27 @@ func (s *DisassociateFileSystemAliasesOutput) SetAliases(v []*Alias) *Disassocia } // The SSD IOPS (input/output operations per second) configuration for an Amazon -// FSx for NetApp ONTAP or Amazon FSx for OpenZFS file system. The default is -// 3 IOPS per GB of storage capacity, but you can provision additional IOPS -// per GB of storage. The configuration consists of the total number of provisioned -// SSD IOPS and how the amount was provisioned (by the customer or by the system). +// FSx for NetApp ONTAP, Amazon FSx for Windows File Server, or FSx for OpenZFS +// file system. By default, Amazon FSx automatically provisions 3 IOPS per GB +// of storage capacity. You can provision additional IOPS per GB of storage. +// The configuration consists of the total number of provisioned SSD IOPS and +// how it is was provisioned, or the mode (by the customer or by Amazon FSx). type DiskIopsConfiguration struct { _ struct{} `type:"structure"` // The total number of SSD IOPS provisioned for the file system. + // + // The minimum and maximum values for this property depend on the value of HAPairs + // and StorageCapacity. The minimum value is calculated as StorageCapacity * + // 3 * HAPairs (3 IOPS per GB of StorageCapacity). The maximum value is calculated + // as 200,000 * HAPairs. + // + // Amazon FSx responds with an HTTP status code 400 (Bad Request) if the value + // of Iops is outside of the minimum or maximum values. Iops *int64 `type:"long"` - // Specifies whether the number of IOPS for the file system is using the system - // default (AUTOMATIC) or was provisioned by the customer (USER_PROVISIONED). + // Specifies whether the file system is using the AUTOMATIC setting of SSD IOPS + // of 3 IOPS per GB of storage capacity, or if it using a USER_PROVISIONED value. Mode *string `type:"string" enum:"DiskIopsConfigurationMode"` } @@ -13840,6 +15159,60 @@ func (s *DiskIopsConfiguration) SetMode(v string) *DiskIopsConfiguration { return s } +// Defines the minimum amount of time since last access for a file to be eligible +// for release. Only files that have been exported to S3 and that were last +// accessed or modified before this point-in-time are eligible to be released +// from the Amazon FSx for Lustre file system. +type DurationSinceLastAccess struct { + _ struct{} `type:"structure"` + + // The unit of time used by the Value parameter to determine if a file can be + // released, based on when it was last accessed. DAYS is the only supported + // value. This is a required parameter. + Unit *string `type:"string" enum:"Unit"` + + // An integer that represents the minimum amount of time (in days) since a file + // was last accessed in the file system. Only exported files with a MAX(atime, + // ctime, mtime) timestamp that is more than this amount of time in the past + // (relative to the task create time) will be released. The default of Value + // is 0. This is a required parameter. + // + // If an exported file meets the last accessed time criteria, its file or directory + // path must also be specified in the Paths parameter of the operation in order + // for the file to be released. + Value *int64 `type:"long"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DurationSinceLastAccess) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DurationSinceLastAccess) GoString() string { + return s.String() +} + +// SetUnit sets the Unit field's value. +func (s *DurationSinceLastAccess) SetUnit(v string) *DurationSinceLastAccess { + s.Unit = &v + return s +} + +// SetValue sets the Value field's value. +func (s *DurationSinceLastAccess) SetValue(v int64) *DurationSinceLastAccess { + s.Value = &v + return s +} + // A description of a specific Amazon File Cache resource, which is a response // object from the DescribeFileCaches operation. type FileCache struct { @@ -14702,8 +16075,8 @@ type FileSystem struct { // or OPENZFS. FileSystemType *string `type:"string" enum:"FileSystemType"` - // The Lustre version of the Amazon FSx for Lustre file system, either 2.10 - // or 2.12. + // The Lustre version of the Amazon FSx for Lustre file system, which can be + // 2.10, 2.12, or 2.15. FileSystemTypeVersion *string `min:"1" type:"string"` // The ID of the Key Management Service (KMS) key used to encrypt Amazon FSx @@ -14764,14 +16137,17 @@ type FileSystem struct { OpenZFSConfiguration *OpenZFSFileSystemConfiguration `type:"structure"` // The Amazon Web Services account that created the file system. If the file - // system was created by an Identity and Access Management (IAM) user, the Amazon - // Web Services account to which the IAM user belongs is the owner. + // system was created by a user in IAM Identity Center, the Amazon Web Services + // account to which the IAM user belongs is the owner. OwnerId *string `min:"12" type:"string"` // The Amazon Resource Name (ARN) of the file system resource. ResourceARN *string `min:"8" type:"string"` // The storage capacity of the file system in gibibytes (GiB). + // + // Amazon FSx responds with an HTTP status code 400 (Bad Request) if the value + // of StorageCapacity is outside of the minimum or maximum values. StorageCapacity *int64 `type:"integer"` // The type of storage the file system is using. If set to SSD, the file system @@ -14792,8 +16168,8 @@ type FileSystem struct { SubnetIds []*string `type:"list"` // The tags to associate with the file system. For more information, see Tagging - // your Amazon EC2 resources (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html) - // in the Amazon EC2 User Guide. + // your Amazon FSx resources (https://docs.aws.amazon.com/fsx/latest/LustreGuide/tag-resources.html) + // in the Amazon FSx for Lustre User Guide. Tags []*Tag `min:"1" type:"list"` // The ID of the primary virtual private cloud (VPC) for the file system. @@ -14953,8 +16329,8 @@ func (s *FileSystem) SetWindowsConfiguration(v *WindowsFileSystemConfiguration) type FileSystemEndpoint struct { _ struct{} `type:"structure"` - // The Domain Name Service (DNS) name for the file system. You can mount your - // file system using its DNS name. + // The file system's DNS name. You can mount your file system using its DNS + // name. DNSName *string `min:"16" type:"string"` // IP addresses of the file system endpoint. @@ -16069,7 +17445,7 @@ type LustreFileSystemConfiguration struct { // The number of days to retain automatic backups. Setting this property to // 0 disables automatic backups. You can retain automatic backups for a maximum - // of 90 days. The default is 0. + // of 90 days. The default is 30. AutomaticBackupRetentionDays *int64 `type:"integer"` // A boolean flag indicating whether tags on the file system are copied to backups. @@ -16099,8 +17475,8 @@ type LustreFileSystemConfiguration struct { // The data repository configuration object for Lustre file systems returned // in the response of the CreateFileSystem operation. // - // This data type is not supported for file systems with the Persistent_2 deployment - // type. Instead, use . + // This data type is not supported on file systems with a data repository association. + // For file systems with a data repository association, see . DataRepositoryConfiguration *DataRepositoryConfiguration `type:"structure"` // The deployment type of the FSx for Lustre file system. Scratch deployment @@ -16112,11 +17488,10 @@ type LustreFileSystemConfiguration struct { // than SCRATCH_1. // // The PERSISTENT_1 and PERSISTENT_2 deployment type is used for longer-term - // storage and workloads and encryption of data in transit. PERSISTENT_2 is - // built on Lustre v2.12 and offers higher PerUnitStorageThroughput (up to 1000 - // MB/s/TiB) along with a lower minimum storage capacity requirement (600 GiB). - // To learn more about FSx for Lustre deployment types, see FSx for Lustre deployment - // options (https://docs.aws.amazon.com/fsx/latest/LustreGuide/lustre-deployment-types.html). + // storage and workloads and encryption of data in transit. PERSISTENT_2 offers + // higher PerUnitStorageThroughput (up to 1000 MB/s/TiB) along with a lower + // minimum storage capacity requirement (600 GiB). To learn more about FSx for + // Lustre deployment types, see FSx for Lustre deployment options (https://docs.aws.amazon.com/fsx/latest/LustreGuide/lustre-deployment-types.html). // // The default is SCRATCH_1. DeploymentType *string `type:"string" enum:"LustreDeploymentType"` @@ -16819,7 +18194,7 @@ type OntapFileSystemConfiguration struct { // The number of days to retain automatic backups. Setting this property to // 0 disables automatic backups. You can retain automatic backups for a maximum - // of 90 days. The default is 0. + // of 90 days. The default is 30. AutomaticBackupRetentionDays *int64 `type:"integer"` // A recurring daily time, in the format HH:MM. HH is the zero-padded hour of @@ -16835,6 +18210,9 @@ type OntapFileSystemConfiguration struct { // // * SINGLE_AZ_1 - A file system configured for Single-AZ redundancy. // + // * SINGLE_AZ_2 - A file system configured with multiple high-availability + // (HA) pairs for Single-AZ redundancy. + // // For information about the use cases for Multi-AZ and Single-AZ deployments, // refer to Choosing Multi-AZ or Single-AZ file system deployment (https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/high-availability-multiAZ.html). DeploymentType *string `type:"string" enum:"OntapDeploymentType"` @@ -16843,13 +18221,13 @@ type OntapFileSystemConfiguration struct { // of provisioned IOPS and the provision mode. DiskIopsConfiguration *DiskIopsConfiguration `type:"structure"` - // (Multi-AZ only) The IP address range in which the endpoints to access your - // file system are created. - // - // The Endpoint IP address range you select for your file system must exist - // outside the VPC's CIDR range and must be at least /30 or larger. If you do - // not specify this optional parameter, Amazon FSx will automatically select - // a CIDR block for you. + // (Multi-AZ only) Specifies the IP address range in which the endpoints to + // access your file system will be created. By default in the Amazon FSx API, + // Amazon FSx selects an unused IP address range for you from the 198.19.* range. + // By default in the Amazon FSx console, Amazon FSx chooses the last 64 IP addresses + // from the VPC’s primary CIDR range to use as the endpoint IP address range + // for the file system. You can have overlapping endpoint IP addresses for file + // systems deployed in the same VPC/route tables. EndpointIpAddressRange *string `min:"9" type:"string"` // The Management and Intercluster endpoints that are used to access data or @@ -16857,6 +18235,29 @@ type OntapFileSystemConfiguration struct { // SnapMirror. Endpoints *FileSystemEndpoints `type:"structure"` + // You can use the fsxadmin user account to access the NetApp ONTAP CLI and + // REST API. The password value is always redacted in the response. + // + // FsxAdminPassword is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by OntapFileSystemConfiguration's + // String and GoString methods. + FsxAdminPassword *string `min:"8" type:"string" sensitive:"true"` + + // Specifies how many high-availability (HA) file server pairs the file system + // will have. The default value is 1. The value of this property affects the + // values of StorageCapacity, Iops, and ThroughputCapacity. For more information, + // see High-availability (HA) pairs (https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/HA-pairs.html) + // in the FSx for ONTAP user guide. + // + // Amazon FSx responds with an HTTP status code 400 (Bad Request) for the following + // conditions: + // + // * The value of HAPairs is less than 1 or greater than 12. + // + // * The value of HAPairs is greater than 1 and the value of DeploymentType + // is SINGLE_AZ_1 or MULTI_AZ_1. + HAPairs *int64 `min:"1" type:"integer"` + // The ID for a subnet. A subnet is a range of IP addresses in your virtual // private cloud (VPC). For more information, see VPC and subnets (https://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_Subnets.html) // in the Amazon VPC User Guide. @@ -16870,6 +18271,34 @@ type OntapFileSystemConfiguration struct { // (MBps). ThroughputCapacity *int64 `min:"8" type:"integer"` + // Use to choose the throughput capacity per HA pair. When the value of HAPairs + // is equal to 1, the value of ThroughputCapacityPerHAPair is the total throughput + // for the file system. + // + // This field and ThroughputCapacity cannot be defined in the same API call, + // but one is required. + // + // This field and ThroughputCapacity are the same for file systems with one + // HA pair. + // + // * For SINGLE_AZ_1 and MULTI_AZ_1, valid values are 128, 256, 512, 1024, + // 2048, or 4096 MBps. + // + // * For SINGLE_AZ_2, valid values are 3072 or 6144 MBps. + // + // Amazon FSx responds with an HTTP status code 400 (Bad Request) for the following + // conditions: + // + // * The value of ThroughputCapacity and ThroughputCapacityPerHAPair are + // not the same value. + // + // * The value of deployment type is SINGLE_AZ_2 and ThroughputCapacity / + // ThroughputCapacityPerHAPair is a valid HA pair (a value between 2 and + // 12). + // + // * The value of ThroughputCapacityPerHAPair is not a valid value. + ThroughputCapacityPerHAPair *int64 `min:"128" type:"integer"` + // A recurring weekly time, in the format D:HH:MM. // // D is the day of the week, for which 1 represents Monday and 7 represents @@ -16937,6 +18366,18 @@ func (s *OntapFileSystemConfiguration) SetEndpoints(v *FileSystemEndpoints) *Ont return s } +// SetFsxAdminPassword sets the FsxAdminPassword field's value. +func (s *OntapFileSystemConfiguration) SetFsxAdminPassword(v string) *OntapFileSystemConfiguration { + s.FsxAdminPassword = &v + return s +} + +// SetHAPairs sets the HAPairs field's value. +func (s *OntapFileSystemConfiguration) SetHAPairs(v int64) *OntapFileSystemConfiguration { + s.HAPairs = &v + return s +} + // SetPreferredSubnetId sets the PreferredSubnetId field's value. func (s *OntapFileSystemConfiguration) SetPreferredSubnetId(v string) *OntapFileSystemConfiguration { s.PreferredSubnetId = &v @@ -16955,6 +18396,12 @@ func (s *OntapFileSystemConfiguration) SetThroughputCapacity(v int64) *OntapFile return s } +// SetThroughputCapacityPerHAPair sets the ThroughputCapacityPerHAPair field's value. +func (s *OntapFileSystemConfiguration) SetThroughputCapacityPerHAPair(v int64) *OntapFileSystemConfiguration { + s.ThroughputCapacityPerHAPair = &v + return s +} + // SetWeeklyMaintenanceStartTime sets the WeeklyMaintenanceStartTime field's value. func (s *OntapFileSystemConfiguration) SetWeeklyMaintenanceStartTime(v string) *OntapFileSystemConfiguration { s.WeeklyMaintenanceStartTime = &v @@ -16965,6 +18412,10 @@ func (s *OntapFileSystemConfiguration) SetWeeklyMaintenanceStartTime(v string) * type OntapVolumeConfiguration struct { _ struct{} `type:"structure"` + // This structure specifies configuration options for a volume’s storage aggregate + // or aggregates. + AggregateConfiguration *AggregateConfiguration `type:"structure"` + // A boolean flag indicating whether tags for the volume should be copied to // backups. This value defaults to false. If it's set to true, all tags for // the volume are copied to all automatic and user-initiated backups where the @@ -17010,9 +18461,15 @@ type OntapVolumeConfiguration struct { // The security style for the volume, which can be UNIX, NTFS, or MIXED. SecurityStyle *string `type:"string" enum:"SecurityStyle"` + // The configured size of the volume, in bytes. + SizeInBytes *int64 `type:"long"` + // The configured size of the volume, in megabytes (MBs). SizeInMegabytes *int64 `type:"integer"` + // The SnapLock configuration object for an FSx for ONTAP SnapLock volume. + SnaplockConfiguration *SnaplockConfiguration `type:"structure"` + // Specifies the snapshot policy for the volume. There are three built-in snapshot // policies: // @@ -17055,6 +18512,11 @@ type OntapVolumeConfiguration struct { // The volume's universally unique identifier (UUID). UUID *string `type:"string"` + + // Use to specify the style of an ONTAP volume. For more information about FlexVols + // and FlexGroups, see Volume types (https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/volume-types.html) + // in Amazon FSx for NetApp ONTAP User Guide. + VolumeStyle *string `type:"string" enum:"VolumeStyle"` } // String returns the string representation. @@ -17075,6 +18537,12 @@ func (s OntapVolumeConfiguration) GoString() string { return s.String() } +// SetAggregateConfiguration sets the AggregateConfiguration field's value. +func (s *OntapVolumeConfiguration) SetAggregateConfiguration(v *AggregateConfiguration) *OntapVolumeConfiguration { + s.AggregateConfiguration = v + return s +} + // SetCopyTagsToBackups sets the CopyTagsToBackups field's value. func (s *OntapVolumeConfiguration) SetCopyTagsToBackups(v bool) *OntapVolumeConfiguration { s.CopyTagsToBackups = &v @@ -17105,12 +18573,24 @@ func (s *OntapVolumeConfiguration) SetSecurityStyle(v string) *OntapVolumeConfig return s } +// SetSizeInBytes sets the SizeInBytes field's value. +func (s *OntapVolumeConfiguration) SetSizeInBytes(v int64) *OntapVolumeConfiguration { + s.SizeInBytes = &v + return s +} + // SetSizeInMegabytes sets the SizeInMegabytes field's value. func (s *OntapVolumeConfiguration) SetSizeInMegabytes(v int64) *OntapVolumeConfiguration { s.SizeInMegabytes = &v return s } +// SetSnaplockConfiguration sets the SnaplockConfiguration field's value. +func (s *OntapVolumeConfiguration) SetSnaplockConfiguration(v *SnaplockConfiguration) *OntapVolumeConfiguration { + s.SnaplockConfiguration = v + return s +} + // SetSnapshotPolicy sets the SnapshotPolicy field's value. func (s *OntapVolumeConfiguration) SetSnapshotPolicy(v string) *OntapVolumeConfiguration { s.SnapshotPolicy = &v @@ -17147,6 +18627,12 @@ func (s *OntapVolumeConfiguration) SetUUID(v string) *OntapVolumeConfiguration { return s } +// SetVolumeStyle sets the VolumeStyle field's value. +func (s *OntapVolumeConfiguration) SetVolumeStyle(v string) *OntapVolumeConfiguration { + s.VolumeStyle = &v + return s +} + // Specifies who can mount an OpenZFS file system and the options available // while mounting the file system. type OpenZFSClientConfiguration struct { @@ -17368,7 +18854,7 @@ type OpenZFSFileSystemConfiguration struct { // The number of days to retain automatic backups. Setting this property to // 0 disables automatic backups. You can retain automatic backups for a maximum - // of 90 days. The default is 0. + // of 90 days. The default is 30. AutomaticBackupRetentionDays *int64 `type:"integer"` // A Boolean value indicating whether tags on the file system should be copied @@ -17394,19 +18880,39 @@ type OpenZFSFileSystemConfiguration struct { DailyAutomaticBackupStartTime *string `min:"5" type:"string"` // Specifies the file-system deployment type. Amazon FSx for OpenZFS supports - // SINGLE_AZ_1 and SINGLE_AZ_2. + // MULTI_AZ_1, SINGLE_AZ_1, and SINGLE_AZ_2. DeploymentType *string `type:"string" enum:"OpenZFSDeploymentType"` // The SSD IOPS (input/output operations per second) configuration for an Amazon - // FSx for NetApp ONTAP or Amazon FSx for OpenZFS file system. The default is - // 3 IOPS per GB of storage capacity, but you can provision additional IOPS - // per GB of storage. The configuration consists of the total number of provisioned - // SSD IOPS and how the amount was provisioned (by the customer or by the system). + // FSx for NetApp ONTAP, Amazon FSx for Windows File Server, or FSx for OpenZFS + // file system. By default, Amazon FSx automatically provisions 3 IOPS per GB + // of storage capacity. You can provision additional IOPS per GB of storage. + // The configuration consists of the total number of provisioned SSD IOPS and + // how it is was provisioned, or the mode (by the customer or by Amazon FSx). DiskIopsConfiguration *DiskIopsConfiguration `type:"structure"` + // The IP address of the endpoint that is used to access data or to manage the + // file system. + EndpointIpAddress *string `min:"7" type:"string"` + + // (Multi-AZ only) Specifies the IP address range in which the endpoints to + // access your file system will be created. By default in the Amazon FSx API + // and Amazon FSx console, Amazon FSx selects an available /28 IP address range + // for you from one of the VPC's CIDR ranges. You can have overlapping endpoint + // IP addresses for file systems deployed in the same VPC/route tables. + EndpointIpAddressRange *string `min:"9" type:"string"` + + // Required when DeploymentType is set to MULTI_AZ_1. This specifies the subnet + // in which you want the preferred file server to be located. + PreferredSubnetId *string `min:"15" type:"string"` + // The ID of the root volume of the OpenZFS file system. RootVolumeId *string `min:"23" type:"string"` + // (Multi-AZ only) The VPC route tables in which your file system's endpoints + // are created. + RouteTableIds []*string `type:"list"` + // The throughput of an Amazon FSx file system, measured in megabytes per second // (MBps). ThroughputCapacity *int64 `min:"8" type:"integer"` @@ -17478,12 +18984,36 @@ func (s *OpenZFSFileSystemConfiguration) SetDiskIopsConfiguration(v *DiskIopsCon return s } +// SetEndpointIpAddress sets the EndpointIpAddress field's value. +func (s *OpenZFSFileSystemConfiguration) SetEndpointIpAddress(v string) *OpenZFSFileSystemConfiguration { + s.EndpointIpAddress = &v + return s +} + +// SetEndpointIpAddressRange sets the EndpointIpAddressRange field's value. +func (s *OpenZFSFileSystemConfiguration) SetEndpointIpAddressRange(v string) *OpenZFSFileSystemConfiguration { + s.EndpointIpAddressRange = &v + return s +} + +// SetPreferredSubnetId sets the PreferredSubnetId field's value. +func (s *OpenZFSFileSystemConfiguration) SetPreferredSubnetId(v string) *OpenZFSFileSystemConfiguration { + s.PreferredSubnetId = &v + return s +} + // SetRootVolumeId sets the RootVolumeId field's value. func (s *OpenZFSFileSystemConfiguration) SetRootVolumeId(v string) *OpenZFSFileSystemConfiguration { s.RootVolumeId = &v return s } +// SetRouteTableIds sets the RouteTableIds field's value. +func (s *OpenZFSFileSystemConfiguration) SetRouteTableIds(v []*string) *OpenZFSFileSystemConfiguration { + s.RouteTableIds = v + return s +} + // SetThroughputCapacity sets the ThroughputCapacity field's value. func (s *OpenZFSFileSystemConfiguration) SetThroughputCapacity(v int64) *OpenZFSFileSystemConfiguration { s.ThroughputCapacity = &v @@ -17555,8 +19085,8 @@ func (s *OpenZFSNfsExport) SetClientConfigurations(v []*OpenZFSClientConfigurati return s } -// The snapshot configuration to use when creating an OpenZFS volume from a -// snapshot. +// The snapshot configuration used when creating an Amazon FSx for OpenZFS volume +// from a snapshot. type OpenZFSOriginSnapshotConfiguration struct { _ struct{} `type:"structure"` @@ -17568,6 +19098,10 @@ type OpenZFSOriginSnapshotConfiguration struct { // be deleted if there is a volume using its copied data. // // * FULL_COPY - Copies all data from the snapshot to the new volume. + // + // The INCREMENTAL_COPY option is only for updating an existing volume by using + // a snapshot from another FSx for OpenZFS file system. For more information, + // see CopySnapshotAndUpdateVolume (https://docs.aws.amazon.com/fsx/latest/APIReference/API_CopySnapshotAndUpdateVolume.html). CopyStrategy *string `type:"string" enum:"OpenZFSCopyStrategy"` // The Amazon Resource Name (ARN) for a given resource. ARNs uniquely identify @@ -17608,21 +19142,24 @@ func (s *OpenZFSOriginSnapshotConfiguration) SetSnapshotARN(v string) *OpenZFSOr return s } -// The configuration for how much storage a user or group can use on the volume. +// Used to configure quotas that define how much storage a user or group can +// use on an FSx for OpenZFS volume. For more information, see Volume properties +// (https://docs.aws.amazon.com/fsx/latest/OpenZFSGuide/managing-volumes.html#volume-properties) +// in the FSx for OpenZFS User Guide. type OpenZFSUserOrGroupQuota struct { _ struct{} `type:"structure"` - // The ID of the user or group. + // The ID of the user or group that the quota applies to. // // Id is a required field Id *int64 `type:"integer" required:"true"` - // The amount of storage that the user or group can use in gibibytes (GiB). + // The user or group's storage quota, in gibibytes (GiB). // // StorageCapacityQuotaGiB is a required field StorageCapacityQuotaGiB *int64 `type:"integer" required:"true"` - // A value that specifies whether the quota applies to a user or group. + // Specifies whether the quota applies to a user or group. // // Type is a required field Type *string `type:"string" required:"true" enum:"OpenZFSQuotaType"` @@ -17687,6 +19224,23 @@ func (s *OpenZFSUserOrGroupQuota) SetType(v string) *OpenZFSUserOrGroupQuota { type OpenZFSVolumeConfiguration struct { _ struct{} `type:"structure"` + // Specifies the strategy used when copying data from the snapshot to the new + // volume. + // + // * CLONE - The new volume references the data in the origin snapshot. Cloning + // a snapshot is faster than copying data from the snapshot to a new volume + // and doesn't consume disk throughput. However, the origin snapshot can't + // be deleted if there is a volume using its copied data. + // + // * FULL_COPY - Copies all data from the snapshot to the new volume. Specify + // this option to create the volume from a snapshot on another FSx for OpenZFS + // file system. + // + // The INCREMENTAL_COPY option is only for updating an existing volume by using + // a snapshot from another FSx for OpenZFS file system. For more information, + // see CopySnapshotAndUpdateVolume (https://docs.aws.amazon.com/fsx/latest/APIReference/API_CopySnapshotAndUpdateVolume.html). + CopyStrategy *string `type:"string" enum:"OpenZFSCopyStrategy"` + // A Boolean value indicating whether tags for the volume should be copied to // snapshots. This value defaults to false. If it's set to true, all tags for // the volume are copied to snapshots where the user doesn't specify tags. If @@ -17713,10 +19267,19 @@ type OpenZFSVolumeConfiguration struct { // snapshots should be deleted when a volume is restored from snapshot. DeleteClonedVolumes *bool `type:"boolean"` + // A Boolean value indicating whether snapshot data that differs between the + // current state and the specified snapshot should be overwritten when a volume + // is restored from a snapshot. + DeleteIntermediateData *bool `type:"boolean"` + // A Boolean value indicating whether snapshots between the current state and // the specified snapshot should be deleted when a volume is restored from snapshot. DeleteIntermediateSnaphots *bool `type:"boolean"` + // The ID of the snapshot that's being copied or was most recently copied to + // the destination volume. + DestinationSnapshot *string `min:"11" type:"string"` + // The configuration object for mounting a Network File System (NFS) file system. NfsExports []*OpenZFSNfsExport `type:"list"` @@ -17739,6 +19302,13 @@ type OpenZFSVolumeConfiguration struct { // Specifies the ID of the snapshot to which the volume was restored. RestoreToSnapshot *string `min:"11" type:"string"` + // The Amazon Resource Name (ARN) for a given resource. ARNs uniquely identify + // Amazon Web Services resources. We require an ARN when you need to specify + // a resource unambiguously across all of Amazon Web Services. For more information, + // see Amazon Resource Names (ARNs) (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) + // in the Amazon Web Services General Reference. + SourceSnapshotARN *string `min:"8" type:"string"` + // The maximum amount of storage in gibibtyes (GiB) that the volume can use // from its parent. You can specify a quota larger than the storage on the parent // volume. @@ -17773,6 +19343,12 @@ func (s OpenZFSVolumeConfiguration) GoString() string { return s.String() } +// SetCopyStrategy sets the CopyStrategy field's value. +func (s *OpenZFSVolumeConfiguration) SetCopyStrategy(v string) *OpenZFSVolumeConfiguration { + s.CopyStrategy = &v + return s +} + // SetCopyTagsToSnapshots sets the CopyTagsToSnapshots field's value. func (s *OpenZFSVolumeConfiguration) SetCopyTagsToSnapshots(v bool) *OpenZFSVolumeConfiguration { s.CopyTagsToSnapshots = &v @@ -17791,12 +19367,24 @@ func (s *OpenZFSVolumeConfiguration) SetDeleteClonedVolumes(v bool) *OpenZFSVolu return s } +// SetDeleteIntermediateData sets the DeleteIntermediateData field's value. +func (s *OpenZFSVolumeConfiguration) SetDeleteIntermediateData(v bool) *OpenZFSVolumeConfiguration { + s.DeleteIntermediateData = &v + return s +} + // SetDeleteIntermediateSnaphots sets the DeleteIntermediateSnaphots field's value. func (s *OpenZFSVolumeConfiguration) SetDeleteIntermediateSnaphots(v bool) *OpenZFSVolumeConfiguration { s.DeleteIntermediateSnaphots = &v return s } +// SetDestinationSnapshot sets the DestinationSnapshot field's value. +func (s *OpenZFSVolumeConfiguration) SetDestinationSnapshot(v string) *OpenZFSVolumeConfiguration { + s.DestinationSnapshot = &v + return s +} + // SetNfsExports sets the NfsExports field's value. func (s *OpenZFSVolumeConfiguration) SetNfsExports(v []*OpenZFSNfsExport) *OpenZFSVolumeConfiguration { s.NfsExports = v @@ -17833,6 +19421,12 @@ func (s *OpenZFSVolumeConfiguration) SetRestoreToSnapshot(v string) *OpenZFSVolu return s } +// SetSourceSnapshotARN sets the SourceSnapshotARN field's value. +func (s *OpenZFSVolumeConfiguration) SetSourceSnapshotARN(v string) *OpenZFSVolumeConfiguration { + s.SourceSnapshotARN = &v + return s +} + // SetStorageCapacityQuotaGiB sets the StorageCapacityQuotaGiB field's value. func (s *OpenZFSVolumeConfiguration) SetStorageCapacityQuotaGiB(v int64) *OpenZFSVolumeConfiguration { s.StorageCapacityQuotaGiB = &v @@ -17857,11 +19451,61 @@ func (s *OpenZFSVolumeConfiguration) SetVolumePath(v string) *OpenZFSVolumeConfi return s } +// The configuration that specifies a minimum amount of time since last access +// for an exported file to be eligible for release from an Amazon FSx for Lustre +// file system. Only files that were last accessed before this point-in-time +// can be released. For example, if you specify a last accessed time criteria +// of 9 days, only files that were last accessed 9.00001 or more days ago can +// be released. +// +// Only file data that has been exported to S3 can be released. Files that have +// not yet been exported to S3, such as new or changed files that have not been +// exported, are not eligible for release. When files are released, their metadata +// stays on the file system, so they can still be accessed later. Users and +// applications can access a released file by reading the file again, which +// restores data from Amazon S3 to the FSx for Lustre file system. +// +// If a file meets the last accessed time criteria, its file or directory path +// must also be specified with the Paths parameter of the operation in order +// for the file to be released. +type ReleaseConfiguration struct { + _ struct{} `type:"structure"` + + // Defines the point-in-time since an exported file was last accessed, in order + // for that file to be eligible for release. Only files that were last accessed + // before this point-in-time are eligible to be released from the file system. + DurationSinceLastAccess *DurationSinceLastAccess `type:"structure"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ReleaseConfiguration) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ReleaseConfiguration) GoString() string { + return s.String() +} + +// SetDurationSinceLastAccess sets the DurationSinceLastAccess field's value. +func (s *ReleaseConfiguration) SetDurationSinceLastAccess(v *DurationSinceLastAccess) *ReleaseConfiguration { + s.DurationSinceLastAccess = v + return s +} + type ReleaseFileSystemNfsV3LocksInput struct { _ struct{} `type:"structure"` // (Optional) An idempotency token for resource creation, in a string of up - // to 64 ASCII characters. This token is automatically filled on your behalf + // to 63 ASCII characters. This token is automatically filled on your behalf // when you use the Command Line Interface (CLI) or an Amazon Web Services SDK. ClientRequestToken *string `min:"1" type:"string" idempotencyToken:"true"` @@ -18095,7 +19739,7 @@ type RestoreVolumeFromSnapshotInput struct { _ struct{} `type:"structure"` // (Optional) An idempotency token for resource creation, in a string of up - // to 64 ASCII characters. This token is automatically filled on your behalf + // to 63 ASCII characters. This token is automatically filled on your behalf // when you use the Command Line Interface (CLI) or an Amazon Web Services SDK. ClientRequestToken *string `min:"1" type:"string" idempotencyToken:"true"` @@ -18240,6 +19884,83 @@ func (s *RestoreVolumeFromSnapshotOutput) SetVolumeId(v string) *RestoreVolumeFr return s } +// Specifies the retention period of an FSx for ONTAP SnapLock volume. After +// it is set, it can't be changed. Files can't be deleted or modified during +// the retention period. +// +// For more information, see Working with the retention period in SnapLock (https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/snaplock-retention.html). +type RetentionPeriod struct { + _ struct{} `type:"structure"` + + // Defines the type of time for the retention period of an FSx for ONTAP SnapLock + // volume. Set it to one of the valid types. If you set it to INFINITE, the + // files are retained forever. If you set it to UNSPECIFIED, the files are retained + // until you set an explicit retention period. + // + // Type is a required field + Type *string `type:"string" required:"true" enum:"RetentionPeriodType"` + + // Defines the amount of time for the retention period of an FSx for ONTAP SnapLock + // volume. You can't set a value for INFINITE or UNSPECIFIED. For all other + // options, the following ranges are valid: + // + // * Seconds: 0 - 65,535 + // + // * Minutes: 0 - 65,535 + // + // * Hours: 0 - 24 + // + // * Days: 0 - 365 + // + // * Months: 0 - 12 + // + // * Years: 0 - 100 + Value *int64 `type:"integer"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s RetentionPeriod) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s RetentionPeriod) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *RetentionPeriod) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "RetentionPeriod"} + if s.Type == nil { + invalidParams.Add(request.NewErrParamRequired("Type")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetType sets the Type field's value. +func (s *RetentionPeriod) SetType(v string) *RetentionPeriod { + s.Type = &v + return s +} + +// SetValue sets the Value field's value. +func (s *RetentionPeriod) SetValue(v int64) *RetentionPeriod { + s.Value = &v + return s +} + // The configuration for an Amazon S3 data repository linked to an Amazon FSx // for Lustre file system with a data repository association. The configuration // consists of an AutoImportPolicy that defines which file events on the data @@ -18368,10 +20089,11 @@ func (s *SelfManagedActiveDirectoryAttributes) SetUserName(v string) *SelfManage } // The configuration that Amazon FSx uses to join a FSx for Windows File Server -// file system or an ONTAP storage virtual machine (SVM) to a self-managed (including -// on-premises) Microsoft Active Directory (AD) directory. For more information, -// see Using Amazon FSx with your self-managed Microsoft Active Directory (https://docs.aws.amazon.com/fsx/latest/WindowsGuide/self-managed-AD.html) -// or Managing SVMs (https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/managing-svms.html). +// file system or an FSx for ONTAP storage virtual machine (SVM) to a self-managed +// (including on-premises) Microsoft Active Directory (AD) directory. For more +// information, see Using Amazon FSx for Windows with your self-managed Microsoft +// Active Directory (https://docs.aws.amazon.com/fsx/latest/WindowsGuide/self-managed-AD.html) +// or Managing FSx for ONTAP SVMs (https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/managing-svms.html). type SelfManagedActiveDirectoryConfiguration struct { _ struct{} `type:"structure"` @@ -18521,27 +20243,41 @@ func (s *SelfManagedActiveDirectoryConfiguration) SetUserName(v string) *SelfMan return s } -// The configuration that Amazon FSx uses to join the Windows File Server instance -// to a self-managed Microsoft Active Directory (AD) directory. +// Specifies changes you are making to the self-managed Microsoft Active Directory +// (AD) configuration to which an FSx for Windows File Server file system or +// an FSx for ONTAP SVM is joined. type SelfManagedActiveDirectoryConfigurationUpdates struct { _ struct{} `type:"structure"` - // A list of up to three IP addresses of DNS servers or domain controllers in - // the self-managed AD directory. + // A list of up to three DNS server or domain controller IP addresses in your + // self-managed AD domain. DnsIps []*string `min:"1" type:"list"` - // The password for the service account on your self-managed AD domain that - // Amazon FSx will use to join to your AD domain. + // Specifies an updated fully qualified domain name of your self-managed AD + // configuration. + DomainName *string `min:"1" type:"string"` + + // Specifies the updated name of the self-managed AD domain group whose members + // are granted administrative privileges for the Amazon FSx resource. + FileSystemAdministratorsGroup *string `min:"1" type:"string"` + + // Specifies an updated fully qualified distinguished name of the organization + // unit within your self-managed AD. + OrganizationalUnitDistinguishedName *string `min:"1" type:"string"` + + // Specifies the updated password for the service account on your self-managed + // AD domain. Amazon FSx uses this account to join to your self-managed AD domain. // // Password is a sensitive parameter and its value will be // replaced with "sensitive" in string returned by SelfManagedActiveDirectoryConfigurationUpdates's // String and GoString methods. Password *string `min:"1" type:"string" sensitive:"true"` - // The user name for the service account on your self-managed AD domain that - // Amazon FSx will use to join to your AD domain. This account must have the - // permission to join computers to the domain in the organizational unit provided - // in OrganizationalUnitDistinguishedName. + // Specifies the updated user name for the service account on your self-managed + // AD domain. Amazon FSx uses this account to join to your self-managed AD domain. + // + // This account must have the permissions required to join computers to the + // domain in the organizational unit provided in OrganizationalUnitDistinguishedName. UserName *string `min:"1" type:"string"` } @@ -18569,6 +20305,15 @@ func (s *SelfManagedActiveDirectoryConfigurationUpdates) Validate() error { if s.DnsIps != nil && len(s.DnsIps) < 1 { invalidParams.Add(request.NewErrParamMinLen("DnsIps", 1)) } + if s.DomainName != nil && len(*s.DomainName) < 1 { + invalidParams.Add(request.NewErrParamMinLen("DomainName", 1)) + } + if s.FileSystemAdministratorsGroup != nil && len(*s.FileSystemAdministratorsGroup) < 1 { + invalidParams.Add(request.NewErrParamMinLen("FileSystemAdministratorsGroup", 1)) + } + if s.OrganizationalUnitDistinguishedName != nil && len(*s.OrganizationalUnitDistinguishedName) < 1 { + invalidParams.Add(request.NewErrParamMinLen("OrganizationalUnitDistinguishedName", 1)) + } if s.Password != nil && len(*s.Password) < 1 { invalidParams.Add(request.NewErrParamMinLen("Password", 1)) } @@ -18588,6 +20333,24 @@ func (s *SelfManagedActiveDirectoryConfigurationUpdates) SetDnsIps(v []*string) return s } +// SetDomainName sets the DomainName field's value. +func (s *SelfManagedActiveDirectoryConfigurationUpdates) SetDomainName(v string) *SelfManagedActiveDirectoryConfigurationUpdates { + s.DomainName = &v + return s +} + +// SetFileSystemAdministratorsGroup sets the FileSystemAdministratorsGroup field's value. +func (s *SelfManagedActiveDirectoryConfigurationUpdates) SetFileSystemAdministratorsGroup(v string) *SelfManagedActiveDirectoryConfigurationUpdates { + s.FileSystemAdministratorsGroup = &v + return s +} + +// SetOrganizationalUnitDistinguishedName sets the OrganizationalUnitDistinguishedName field's value. +func (s *SelfManagedActiveDirectoryConfigurationUpdates) SetOrganizationalUnitDistinguishedName(v string) *SelfManagedActiveDirectoryConfigurationUpdates { + s.OrganizationalUnitDistinguishedName = &v + return s +} + // SetPassword sets the Password field's value. func (s *SelfManagedActiveDirectoryConfigurationUpdates) SetPassword(v string) *SelfManagedActiveDirectoryConfigurationUpdates { s.Password = &v @@ -18671,6 +20434,213 @@ func (s *ServiceLimitExceeded) RequestID() string { return s.RespMetadata.RequestID } +// Specifies the SnapLock configuration for an FSx for ONTAP SnapLock volume. +type SnaplockConfiguration struct { + _ struct{} `type:"structure"` + + // Enables or disables the audit log volume for an FSx for ONTAP SnapLock volume. + // The default value is false. If you set AuditLogVolume to true, the SnapLock + // volume is created as an audit log volume. The minimum retention period for + // an audit log volume is six months. + // + // For more information, see SnapLock audit log volumes (https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/how-snaplock-works.html#snaplock-audit-log-volume). + AuditLogVolume *bool `type:"boolean"` + + // The configuration object for setting the autocommit period of files in an + // FSx for ONTAP SnapLock volume. + AutocommitPeriod *AutocommitPeriod `type:"structure"` + + // Enables, disables, or permanently disables privileged delete on an FSx for + // ONTAP SnapLock Enterprise volume. Enabling privileged delete allows SnapLock + // administrators to delete write once, read many (WORM) files even if they + // have active retention periods. PERMANENTLY_DISABLED is a terminal state. + // If privileged delete is permanently disabled on a SnapLock volume, you can't + // re-enable it. The default value is DISABLED. + // + // For more information, see Privileged delete (https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/snaplock-enterprise.html#privileged-delete). + PrivilegedDelete *string `type:"string" enum:"PrivilegedDelete"` + + // Specifies the retention period of an FSx for ONTAP SnapLock volume. + RetentionPeriod *SnaplockRetentionPeriod `type:"structure"` + + // Specifies the retention mode of an FSx for ONTAP SnapLock volume. After it + // is set, it can't be changed. You can choose one of the following retention + // modes: + // + // * COMPLIANCE: Files transitioned to write once, read many (WORM) on a + // Compliance volume can't be deleted until their retention periods expire. + // This retention mode is used to address government or industry-specific + // mandates or to protect against ransomware attacks. For more information, + // see SnapLock Compliance (https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/snaplock-compliance.html). + // + // * ENTERPRISE: Files transitioned to WORM on an Enterprise volume can be + // deleted by authorized users before their retention periods expire using + // privileged delete. This retention mode is used to advance an organization's + // data integrity and internal compliance or to test retention settings before + // using SnapLock Compliance. For more information, see SnapLock Enterprise + // (https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/snaplock-enterprise.html). + SnaplockType *string `type:"string" enum:"SnaplockType"` + + // Enables or disables volume-append mode on an FSx for ONTAP SnapLock volume. + // Volume-append mode allows you to create WORM-appendable files and write data + // to them incrementally. The default value is false. + // + // For more information, see Volume-append mode (https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/worm-state.html#worm-state-append). + VolumeAppendModeEnabled *bool `type:"boolean"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s SnaplockConfiguration) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s SnaplockConfiguration) GoString() string { + return s.String() +} + +// SetAuditLogVolume sets the AuditLogVolume field's value. +func (s *SnaplockConfiguration) SetAuditLogVolume(v bool) *SnaplockConfiguration { + s.AuditLogVolume = &v + return s +} + +// SetAutocommitPeriod sets the AutocommitPeriod field's value. +func (s *SnaplockConfiguration) SetAutocommitPeriod(v *AutocommitPeriod) *SnaplockConfiguration { + s.AutocommitPeriod = v + return s +} + +// SetPrivilegedDelete sets the PrivilegedDelete field's value. +func (s *SnaplockConfiguration) SetPrivilegedDelete(v string) *SnaplockConfiguration { + s.PrivilegedDelete = &v + return s +} + +// SetRetentionPeriod sets the RetentionPeriod field's value. +func (s *SnaplockConfiguration) SetRetentionPeriod(v *SnaplockRetentionPeriod) *SnaplockConfiguration { + s.RetentionPeriod = v + return s +} + +// SetSnaplockType sets the SnaplockType field's value. +func (s *SnaplockConfiguration) SetSnaplockType(v string) *SnaplockConfiguration { + s.SnaplockType = &v + return s +} + +// SetVolumeAppendModeEnabled sets the VolumeAppendModeEnabled field's value. +func (s *SnaplockConfiguration) SetVolumeAppendModeEnabled(v bool) *SnaplockConfiguration { + s.VolumeAppendModeEnabled = &v + return s +} + +// The configuration to set the retention period of an FSx for ONTAP SnapLock +// volume. The retention period includes default, maximum, and minimum settings. +// For more information, see Working with the retention period in SnapLock (https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/snaplock-retention.html). +type SnaplockRetentionPeriod struct { + _ struct{} `type:"structure"` + + // The retention period assigned to a write once, read many (WORM) file by default + // if an explicit retention period is not set for an FSx for ONTAP SnapLock + // volume. The default retention period must be greater than or equal to the + // minimum retention period and less than or equal to the maximum retention + // period. + // + // DefaultRetention is a required field + DefaultRetention *RetentionPeriod `type:"structure" required:"true"` + + // The longest retention period that can be assigned to a WORM file on an FSx + // for ONTAP SnapLock volume. + // + // MaximumRetention is a required field + MaximumRetention *RetentionPeriod `type:"structure" required:"true"` + + // The shortest retention period that can be assigned to a WORM file on an FSx + // for ONTAP SnapLock volume. + // + // MinimumRetention is a required field + MinimumRetention *RetentionPeriod `type:"structure" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s SnaplockRetentionPeriod) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s SnaplockRetentionPeriod) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *SnaplockRetentionPeriod) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "SnaplockRetentionPeriod"} + if s.DefaultRetention == nil { + invalidParams.Add(request.NewErrParamRequired("DefaultRetention")) + } + if s.MaximumRetention == nil { + invalidParams.Add(request.NewErrParamRequired("MaximumRetention")) + } + if s.MinimumRetention == nil { + invalidParams.Add(request.NewErrParamRequired("MinimumRetention")) + } + if s.DefaultRetention != nil { + if err := s.DefaultRetention.Validate(); err != nil { + invalidParams.AddNested("DefaultRetention", err.(request.ErrInvalidParams)) + } + } + if s.MaximumRetention != nil { + if err := s.MaximumRetention.Validate(); err != nil { + invalidParams.AddNested("MaximumRetention", err.(request.ErrInvalidParams)) + } + } + if s.MinimumRetention != nil { + if err := s.MinimumRetention.Validate(); err != nil { + invalidParams.AddNested("MinimumRetention", err.(request.ErrInvalidParams)) + } + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDefaultRetention sets the DefaultRetention field's value. +func (s *SnaplockRetentionPeriod) SetDefaultRetention(v *RetentionPeriod) *SnaplockRetentionPeriod { + s.DefaultRetention = v + return s +} + +// SetMaximumRetention sets the MaximumRetention field's value. +func (s *SnaplockRetentionPeriod) SetMaximumRetention(v *RetentionPeriod) *SnaplockRetentionPeriod { + s.MaximumRetention = v + return s +} + +// SetMinimumRetention sets the MinimumRetention field's value. +func (s *SnaplockRetentionPeriod) SetMinimumRetention(v *RetentionPeriod) *SnaplockRetentionPeriod { + s.MinimumRetention = v + return s +} + // A snapshot of an Amazon FSx for OpenZFS volume. type Snapshot struct { _ struct{} `type:"structure"` @@ -18967,6 +20937,100 @@ func (s *SourceBackupUnavailable) RequestID() string { return s.RespMetadata.RequestID } +type StartMisconfiguredStateRecoveryInput struct { + _ struct{} `type:"structure"` + + // (Optional) An idempotency token for resource creation, in a string of up + // to 63 ASCII characters. This token is automatically filled on your behalf + // when you use the Command Line Interface (CLI) or an Amazon Web Services SDK. + ClientRequestToken *string `min:"1" type:"string" idempotencyToken:"true"` + + // The globally unique ID of the file system, assigned by Amazon FSx. + // + // FileSystemId is a required field + FileSystemId *string `min:"11" type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s StartMisconfiguredStateRecoveryInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s StartMisconfiguredStateRecoveryInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *StartMisconfiguredStateRecoveryInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "StartMisconfiguredStateRecoveryInput"} + if s.ClientRequestToken != nil && len(*s.ClientRequestToken) < 1 { + invalidParams.Add(request.NewErrParamMinLen("ClientRequestToken", 1)) + } + if s.FileSystemId == nil { + invalidParams.Add(request.NewErrParamRequired("FileSystemId")) + } + if s.FileSystemId != nil && len(*s.FileSystemId) < 11 { + invalidParams.Add(request.NewErrParamMinLen("FileSystemId", 11)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetClientRequestToken sets the ClientRequestToken field's value. +func (s *StartMisconfiguredStateRecoveryInput) SetClientRequestToken(v string) *StartMisconfiguredStateRecoveryInput { + s.ClientRequestToken = &v + return s +} + +// SetFileSystemId sets the FileSystemId field's value. +func (s *StartMisconfiguredStateRecoveryInput) SetFileSystemId(v string) *StartMisconfiguredStateRecoveryInput { + s.FileSystemId = &v + return s +} + +type StartMisconfiguredStateRecoveryOutput struct { + _ struct{} `type:"structure"` + + // A description of a specific Amazon FSx file system. + FileSystem *FileSystem `type:"structure"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s StartMisconfiguredStateRecoveryOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s StartMisconfiguredStateRecoveryOutput) GoString() string { + return s.String() +} + +// SetFileSystem sets the FileSystem field's value. +func (s *StartMisconfiguredStateRecoveryOutput) SetFileSystem(v *FileSystem) *StartMisconfiguredStateRecoveryOutput { + s.FileSystem = v + return s +} + // Describes the Amazon FSx for NetApp ONTAP storage virtual machine (SVM) configuration. type StorageVirtualMachine struct { _ struct{} `type:"structure"` @@ -19236,14 +21300,13 @@ func (s *StorageVirtualMachineNotFound) RequestID() string { return s.RespMetadata.RequestID } -// Describes the configuration of the Microsoft Active Directory (AD) directory -// to which the Amazon FSx for ONTAP storage virtual machine (SVM) is joined. -// Pleae note, account credentials are not returned in the response payload. +// Describes the Microsoft Active Directory (AD) directory configuration to +// which the FSx for ONTAP storage virtual machine (SVM) is joined. Note that +// account credentials are not returned in the response payload. type SvmActiveDirectoryConfiguration struct { _ struct{} `type:"structure"` - // The NetBIOS name of the Active Directory computer object that is joined to - // your SVM. + // The NetBIOS name of the AD computer object to which the SVM is joined. NetBiosName *string `min:"1" type:"string"` // The configuration of the self-managed Microsoft Active Directory (AD) directory @@ -19289,8 +21352,8 @@ func (s *SvmActiveDirectoryConfiguration) SetSelfManagedActiveDirectoryConfigura type SvmEndpoint struct { _ struct{} `type:"structure"` - // The Domain Name Service (DNS) name for the file system. You can mount your - // file system using its DNS name. + // The file system's DNS name. You can mount your file system using its DNS + // name. DNSName *string `min:"16" type:"string"` // The SVM endpoint's IP addresses. @@ -19810,7 +21873,7 @@ type UpdateDataRepositoryAssociationInput struct { AssociationId *string `min:"13" type:"string" required:"true"` // (Optional) An idempotency token for resource creation, in a string of up - // to 64 ASCII characters. This token is automatically filled on your behalf + // to 63 ASCII characters. This token is automatically filled on your behalf // when you use the Command Line Interface (CLI) or an Amazon Web Services SDK. ClientRequestToken *string `min:"1" type:"string" idempotencyToken:"true"` @@ -19930,7 +21993,7 @@ type UpdateFileCacheInput struct { _ struct{} `type:"structure"` // (Optional) An idempotency token for resource creation, in a string of up - // to 64 ASCII characters. This token is automatically filled on your behalf + // to 63 ASCII characters. This token is automatically filled on your behalf // when you use the Command Line Interface (CLI) or an Amazon Web Services SDK. ClientRequestToken *string `min:"1" type:"string" idempotencyToken:"true"` @@ -20092,7 +22155,7 @@ func (s *UpdateFileCacheOutput) SetFileCache(v *FileCache) *UpdateFileCacheOutpu type UpdateFileSystemInput struct { _ struct{} `type:"structure"` - // A string of up to 64 ASCII characters that Amazon FSx uses to ensure idempotent + // A string of up to 63 ASCII characters that Amazon FSx uses to ensure idempotent // updates. This string is automatically filled on your behalf when you use // the Command Line Interface (CLI) or an Amazon Web Services SDK. ClientRequestToken *string `min:"1" type:"string" idempotencyToken:"true"` @@ -20109,23 +22172,17 @@ type UpdateFileSystemInput struct { // The configuration updates for an Amazon FSx for NetApp ONTAP file system. OntapConfiguration *UpdateFileSystemOntapConfiguration `type:"structure"` - // The configuration updates for an Amazon FSx for OpenZFS file system. + // The configuration updates for an FSx for OpenZFS file system. OpenZFSConfiguration *UpdateFileSystemOpenZFSConfiguration `type:"structure"` - // Use this parameter to increase the storage capacity of an Amazon FSx for - // Windows File Server, Amazon FSx for Lustre, or Amazon FSx for NetApp ONTAP - // file system. Specifies the storage capacity target value, in GiB, to increase - // the storage capacity for the file system that you're updating. + // Use this parameter to increase the storage capacity of an FSx for Windows + // File Server, FSx for Lustre, FSx for OpenZFS, or FSx for ONTAP file system. + // Specifies the storage capacity target value, in GiB, to increase the storage + // capacity for the file system that you're updating. // // You can't make a storage capacity increase request if there is an existing // storage capacity increase request in progress. // - // For Windows file systems, the storage capacity target value must be at least - // 10 percent greater than the current storage capacity value. To increase storage - // capacity, the file system must have at least 16 MBps of throughput capacity. - // For more information, see Managing storage capacity (https://docs.aws.amazon.com/fsx/latest/WindowsGuide/managing-storage-capacity.html) - // in the Amazon FSx for Windows File Server User Guide. - // // For Lustre file systems, the storage capacity target value can be the following: // // * For SCRATCH_2, PERSISTENT_1, and PERSISTENT_2 SSD deployment types, @@ -20140,7 +22197,18 @@ type UpdateFileSystemInput struct { // * For SCRATCH_1 file systems, you can't increase the storage capacity. // // For more information, see Managing storage and throughput capacity (https://docs.aws.amazon.com/fsx/latest/LustreGuide/managing-storage-capacity.html) - // in the Amazon FSx for Lustre User Guide. + // in the FSx for Lustre User Guide. + // + // For FSx for OpenZFS file systems, the storage capacity target value must + // be at least 10 percent greater than the current storage capacity value. For + // more information, see Managing storage capacity (https://docs.aws.amazon.com/fsx/latest/OpenZFSGuide/managing-storage-capacity.html) + // in the FSx for OpenZFS User Guide. + // + // For Windows file systems, the storage capacity target value must be at least + // 10 percent greater than the current storage capacity value. To increase storage + // capacity, the file system must have at least 16 MBps of throughput capacity. + // For more information, see Managing storage capacity (https://docs.aws.amazon.com/fsx/latest/WindowsGuide/managing-storage-capacity.html) + // in the Amazon FSxfor Windows File Server User Guide. // // For ONTAP file systems, the storage capacity target value must be at least // 10 percent greater than the current storage capacity value. For more information, @@ -20148,6 +22216,9 @@ type UpdateFileSystemInput struct { // in the Amazon FSx for NetApp ONTAP User Guide. StorageCapacity *int64 `type:"integer"` + // Specifies the file system's storage type. + StorageType *string `type:"string" enum:"StorageType"` + // The configuration updates for an Amazon FSx for Windows File Server file // system. WindowsConfiguration *UpdateFileSystemWindowsConfiguration `type:"structure"` @@ -20246,6 +22317,12 @@ func (s *UpdateFileSystemInput) SetStorageCapacity(v int64) *UpdateFileSystemInp return s } +// SetStorageType sets the StorageType field's value. +func (s *UpdateFileSystemInput) SetStorageType(v string) *UpdateFileSystemInput { + s.StorageType = &v + return s +} + // SetWindowsConfiguration sets the WindowsConfiguration field's value. func (s *UpdateFileSystemInput) SetWindowsConfiguration(v *UpdateFileSystemWindowsConfiguration) *UpdateFileSystemInput { s.WindowsConfiguration = v @@ -20281,9 +22358,7 @@ type UpdateFileSystemLustreConfiguration struct { // any existing objects that are changed in the S3 bucket, and any objects // that were deleted in the S3 bucket. // - // The AutoImportPolicy parameter is not supported for Lustre file systems with - // the Persistent_2 deployment type. Instead, use to update a data repository - // association on your Persistent_2 file system. + // This parameter is not supported for file systems with a data repository association. AutoImportPolicy *string `type:"string" enum:"AutoImportPolicyType"` // The number of days to retain automatic backups. Setting this property to @@ -20315,6 +22390,20 @@ type UpdateFileSystemLustreConfiguration struct { // Logs. LogConfiguration *LustreLogCreateConfiguration `type:"structure"` + // The throughput of an Amazon FSx for Lustre Persistent SSD-based file system, + // measured in megabytes per second per tebibyte (MB/s/TiB). You can increase + // or decrease your file system's throughput. Valid values depend on the deployment + // type of the file system, as follows: + // + // * For PERSISTENT_1 SSD-based deployment types, valid values are 50, 100, + // and 200 MB/s/TiB. + // + // * For PERSISTENT_2 SSD-based deployment types, valid values are 125, 250, + // 500, and 1000 MB/s/TiB. + // + // For more information, see Managing throughput capacity (https://docs.aws.amazon.com/fsx/latest/LustreGuide/managing-throughput-capacity.html). + PerUnitStorageThroughput *int64 `min:"12" type:"integer"` + // The Lustre root squash configuration used when updating an Amazon FSx for // Lustre file system. When enabled, root squash restricts root-level access // from clients that try to access your file system as a root user. @@ -20350,6 +22439,9 @@ func (s *UpdateFileSystemLustreConfiguration) Validate() error { if s.DailyAutomaticBackupStartTime != nil && len(*s.DailyAutomaticBackupStartTime) < 5 { invalidParams.Add(request.NewErrParamMinLen("DailyAutomaticBackupStartTime", 5)) } + if s.PerUnitStorageThroughput != nil && *s.PerUnitStorageThroughput < 12 { + invalidParams.Add(request.NewErrParamMinValue("PerUnitStorageThroughput", 12)) + } if s.WeeklyMaintenanceStartTime != nil && len(*s.WeeklyMaintenanceStartTime) < 7 { invalidParams.Add(request.NewErrParamMinLen("WeeklyMaintenanceStartTime", 7)) } @@ -20400,6 +22492,12 @@ func (s *UpdateFileSystemLustreConfiguration) SetLogConfiguration(v *LustreLogCr return s } +// SetPerUnitStorageThroughput sets the PerUnitStorageThroughput field's value. +func (s *UpdateFileSystemLustreConfiguration) SetPerUnitStorageThroughput(v int64) *UpdateFileSystemLustreConfiguration { + s.PerUnitStorageThroughput = &v + return s +} + // SetRootSquashConfiguration sets the RootSquashConfiguration field's value. func (s *UpdateFileSystemLustreConfiguration) SetRootSquashConfiguration(v *LustreRootSquashConfiguration) *UpdateFileSystemLustreConfiguration { s.RootSquashConfiguration = v @@ -20422,7 +22520,7 @@ type UpdateFileSystemOntapConfiguration struct { // The number of days to retain automatic backups. Setting this property to // 0 disables automatic backups. You can retain automatic backups for a maximum - // of 90 days. The default is 0. + // of 90 days. The default is 30. AutomaticBackupRetentionDays *int64 `type:"integer"` // A recurring daily time, in the format HH:MM. HH is the zero-padded hour of @@ -20430,14 +22528,18 @@ type UpdateFileSystemOntapConfiguration struct { // 05:00 specifies 5 AM daily. DailyAutomaticBackupStartTime *string `min:"5" type:"string"` - // The SSD IOPS (input/output operations per second) configuration for an Amazon + // The SSD IOPS (input output operations per second) configuration for an Amazon // FSx for NetApp ONTAP file system. The default is 3 IOPS per GB of storage // capacity, but you can provision additional IOPS per GB of storage. The configuration // consists of an IOPS mode (AUTOMATIC or USER_PROVISIONED), and in the case - // of USER_PROVISIONED IOPS, the total number of SSD IOPS provisioned. + // of USER_PROVISIONED IOPS, the total number of SSD IOPS provisioned. For more + // information, see Updating SSD storage capacity and IOPS (https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/increase-primary-storage.html). DiskIopsConfiguration *DiskIopsConfiguration `type:"structure"` - // The ONTAP administrative password for the fsxadmin user. + // Update the password for the fsxadmin user by entering a new password. You + // use the fsxadmin user to access the NetApp ONTAP CLI and REST API to manage + // your file system resources. For more information, see Managing resources + // using NetApp Applicaton (https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/managing-resources-ontap-apps.html). // // FsxAdminPassword is a sensitive parameter and its value will be // replaced with "sensitive" in string returned by UpdateFileSystemOntapConfiguration's @@ -20450,11 +22552,48 @@ type UpdateFileSystemOntapConfiguration struct { // IDs for a file system. RemoveRouteTableIds []*string `type:"list"` - // Specifies the throughput of an FSx for NetApp ONTAP file system, measured - // in megabytes per second (MBps). Valid values are 128, 256, 512, 1024, 2048, - // and 4096 MBps. + // Enter a new value to change the amount of throughput capacity for the file + // system in megabytes per second (MBps). For more information, see Managing + // throughput capacity (https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/managing-throughput-capacity.html) + // in the FSx for ONTAP User Guide. + // + // Amazon FSx responds with an HTTP status code 400 (Bad Request) for the following + // conditions: + // + // * The value of ThroughputCapacity and ThroughputCapacityPerHAPair are + // not the same value. + // + // * The value of ThroughputCapacity when divided by the value of HAPairs + // is outside of the valid range for ThroughputCapacity. ThroughputCapacity *int64 `min:"8" type:"integer"` + // Use to choose the throughput capacity per HA pair, rather than the total + // throughput for the file system. + // + // This field and ThroughputCapacity cannot be defined in the same API call, + // but one is required. + // + // This field and ThroughputCapacity are the same for file systems with one + // HA pair. + // + // * For SINGLE_AZ_1 and MULTI_AZ_1, valid values are 128, 256, 512, 1024, + // 2048, or 4096 MBps. + // + // * For SINGLE_AZ_2, valid values are 3072 or 6144 MBps. + // + // Amazon FSx responds with an HTTP status code 400 (Bad Request) for the following + // conditions: + // + // * The value of ThroughputCapacity and ThroughputCapacityPerHAPair are + // not the same value for file systems with one HA pair. + // + // * The value of deployment type is SINGLE_AZ_2 and ThroughputCapacity / + // ThroughputCapacityPerHAPair is a valid HA pair (a value between 2 and + // 12). + // + // * The value of ThroughputCapacityPerHAPair is not a valid value. + ThroughputCapacityPerHAPair *int64 `min:"128" type:"integer"` + // A recurring weekly time, in the format D:HH:MM. // // D is the day of the week, for which 1 represents Monday and 7 represents @@ -20498,6 +22637,9 @@ func (s *UpdateFileSystemOntapConfiguration) Validate() error { if s.ThroughputCapacity != nil && *s.ThroughputCapacity < 8 { invalidParams.Add(request.NewErrParamMinValue("ThroughputCapacity", 8)) } + if s.ThroughputCapacityPerHAPair != nil && *s.ThroughputCapacityPerHAPair < 128 { + invalidParams.Add(request.NewErrParamMinValue("ThroughputCapacityPerHAPair", 128)) + } if s.WeeklyMaintenanceStartTime != nil && len(*s.WeeklyMaintenanceStartTime) < 7 { invalidParams.Add(request.NewErrParamMinLen("WeeklyMaintenanceStartTime", 7)) } @@ -20550,6 +22692,12 @@ func (s *UpdateFileSystemOntapConfiguration) SetThroughputCapacity(v int64) *Upd return s } +// SetThroughputCapacityPerHAPair sets the ThroughputCapacityPerHAPair field's value. +func (s *UpdateFileSystemOntapConfiguration) SetThroughputCapacityPerHAPair(v int64) *UpdateFileSystemOntapConfiguration { + s.ThroughputCapacityPerHAPair = &v + return s +} + // SetWeeklyMaintenanceStartTime sets the WeeklyMaintenanceStartTime field's value. func (s *UpdateFileSystemOntapConfiguration) SetWeeklyMaintenanceStartTime(v string) *UpdateFileSystemOntapConfiguration { s.WeeklyMaintenanceStartTime = &v @@ -20560,9 +22708,13 @@ func (s *UpdateFileSystemOntapConfiguration) SetWeeklyMaintenanceStartTime(v str type UpdateFileSystemOpenZFSConfiguration struct { _ struct{} `type:"structure"` + // (Multi-AZ only) A list of IDs of new virtual private cloud (VPC) route tables + // to associate (add) with your Amazon FSx for OpenZFS file system. + AddRouteTableIds []*string `type:"list"` + // The number of days to retain automatic backups. Setting this property to // 0 disables automatic backups. You can retain automatic backups for a maximum - // of 90 days. The default is 0. + // of 90 days. The default is 30. AutomaticBackupRetentionDays *int64 `type:"integer"` // A Boolean value indicating whether tags for the file system should be copied @@ -20588,21 +22740,28 @@ type UpdateFileSystemOpenZFSConfiguration struct { DailyAutomaticBackupStartTime *string `min:"5" type:"string"` // The SSD IOPS (input/output operations per second) configuration for an Amazon - // FSx for NetApp ONTAP or Amazon FSx for OpenZFS file system. The default is - // 3 IOPS per GB of storage capacity, but you can provision additional IOPS - // per GB of storage. The configuration consists of the total number of provisioned - // SSD IOPS and how the amount was provisioned (by the customer or by the system). + // FSx for NetApp ONTAP, Amazon FSx for Windows File Server, or FSx for OpenZFS + // file system. By default, Amazon FSx automatically provisions 3 IOPS per GB + // of storage capacity. You can provision additional IOPS per GB of storage. + // The configuration consists of the total number of provisioned SSD IOPS and + // how it is was provisioned, or the mode (by the customer or by Amazon FSx). DiskIopsConfiguration *DiskIopsConfiguration `type:"structure"` + // (Multi-AZ only) A list of IDs of existing virtual private cloud (VPC) route + // tables to disassociate (remove) from your Amazon FSx for OpenZFS file system. + // You can use the API operation to retrieve the list of VPC route table IDs + // for a file system. + RemoveRouteTableIds []*string `type:"list"` + // The throughput of an Amazon FSx for OpenZFS file system, measured in megabytes // per second (MB/s). Valid values depend on the DeploymentType you choose, // as follows: // + // * For MULTI_AZ_1 and SINGLE_AZ_2, valid values are 160, 320, 640, 1280, + // 2560, 3840, 5120, 7680, or 10240 MB/s. + // // * For SINGLE_AZ_1, valid values are 64, 128, 256, 512, 1024, 2048, 3072, // or 4096 MB/s. - // - // * For SINGLE_AZ_2, valid values are 160, 320, 640, 1280, 2560, 3840, 5120, - // 7680, or 10240 MB/s. ThroughputCapacity *int64 `min:"8" type:"integer"` // A recurring weekly time, in the format D:HH:MM. @@ -20655,6 +22814,12 @@ func (s *UpdateFileSystemOpenZFSConfiguration) Validate() error { return nil } +// SetAddRouteTableIds sets the AddRouteTableIds field's value. +func (s *UpdateFileSystemOpenZFSConfiguration) SetAddRouteTableIds(v []*string) *UpdateFileSystemOpenZFSConfiguration { + s.AddRouteTableIds = v + return s +} + // SetAutomaticBackupRetentionDays sets the AutomaticBackupRetentionDays field's value. func (s *UpdateFileSystemOpenZFSConfiguration) SetAutomaticBackupRetentionDays(v int64) *UpdateFileSystemOpenZFSConfiguration { s.AutomaticBackupRetentionDays = &v @@ -20685,6 +22850,12 @@ func (s *UpdateFileSystemOpenZFSConfiguration) SetDiskIopsConfiguration(v *DiskI return s } +// SetRemoveRouteTableIds sets the RemoveRouteTableIds field's value. +func (s *UpdateFileSystemOpenZFSConfiguration) SetRemoveRouteTableIds(v []*string) *UpdateFileSystemOpenZFSConfiguration { + s.RemoveRouteTableIds = v + return s +} + // SetThroughputCapacity sets the ThroughputCapacity field's value. func (s *UpdateFileSystemOpenZFSConfiguration) SetThroughputCapacity(v int64) *UpdateFileSystemOpenZFSConfiguration { s.ThroughputCapacity = &v @@ -20740,9 +22911,9 @@ type UpdateFileSystemWindowsConfiguration struct { // Windows File Server file system.. AuditLogConfiguration *WindowsAuditLogCreateConfiguration `type:"structure"` - // The number of days to retain automatic daily backups. Setting this to zero - // (0) disables automatic daily backups. You can retain automatic daily backups - // for a maximum of 90 days. For more information, see Working with Automatic + // The number of days to retain automatic backups. Setting this property to + // 0 disables automatic backups. You can retain automatic backups for a maximum + // of 90 days. The default is 30. For more information, see Working with Automatic // Daily Backups (https://docs.aws.amazon.com/fsx/latest/WindowsGuide/using-backups.html#automatic-backups). AutomaticBackupRetentionDays *int64 `type:"integer"` @@ -20750,6 +22921,13 @@ type UpdateFileSystemWindowsConfiguration struct { // for example, 02:00 DailyAutomaticBackupStartTime *string `min:"5" type:"string"` + // The SSD IOPS (input/output operations per second) configuration for an Amazon + // FSx for Windows file system. By default, Amazon FSx automatically provisions + // 3 IOPS per GiB of storage capacity. You can provision additional IOPS per + // GiB of storage, up to the maximum limit associated with your chosen throughput + // capacity. + DiskIopsConfiguration *DiskIopsConfiguration `type:"structure"` + // The configuration Amazon FSx uses to join the Windows File Server instance // to the self-managed Microsoft AD directory. You cannot make a self-managed // Microsoft AD update request if there is an existing self-managed Microsoft @@ -20834,6 +23012,12 @@ func (s *UpdateFileSystemWindowsConfiguration) SetDailyAutomaticBackupStartTime( return s } +// SetDiskIopsConfiguration sets the DiskIopsConfiguration field's value. +func (s *UpdateFileSystemWindowsConfiguration) SetDiskIopsConfiguration(v *DiskIopsConfiguration) *UpdateFileSystemWindowsConfiguration { + s.DiskIopsConfiguration = v + return s +} + // SetSelfManagedActiveDirectoryConfiguration sets the SelfManagedActiveDirectoryConfiguration field's value. func (s *UpdateFileSystemWindowsConfiguration) SetSelfManagedActiveDirectoryConfiguration(v *SelfManagedActiveDirectoryConfigurationUpdates) *UpdateFileSystemWindowsConfiguration { s.SelfManagedActiveDirectoryConfiguration = v @@ -20870,12 +23054,19 @@ type UpdateOntapVolumeConfiguration struct { // The JunctionPath must have a leading forward slash, such as /vol3. JunctionPath *string `min:"1" type:"string"` - // The security style for the volume, which can be UNIX. NTFS, or MIXED. + // The security style for the volume, which can be UNIX, NTFS, or MIXED. SecurityStyle *string `type:"string" enum:"SecurityStyle"` + // The configured size of the volume, in bytes. + SizeInBytes *int64 `type:"long"` + // Specifies the size of the volume in megabytes. SizeInMegabytes *int64 `type:"integer"` + // The configuration object for updating the SnapLock configuration of an FSx + // for ONTAP SnapLock volume. + SnaplockConfiguration *UpdateSnaplockConfiguration `type:"structure"` + // Specifies the snapshot policy for the volume. There are three built-in snapshot // policies: // @@ -20932,6 +23123,11 @@ func (s *UpdateOntapVolumeConfiguration) Validate() error { if s.SnapshotPolicy != nil && len(*s.SnapshotPolicy) < 1 { invalidParams.Add(request.NewErrParamMinLen("SnapshotPolicy", 1)) } + if s.SnaplockConfiguration != nil { + if err := s.SnaplockConfiguration.Validate(); err != nil { + invalidParams.AddNested("SnaplockConfiguration", err.(request.ErrInvalidParams)) + } + } if s.TieringPolicy != nil { if err := s.TieringPolicy.Validate(); err != nil { invalidParams.AddNested("TieringPolicy", err.(request.ErrInvalidParams)) @@ -20962,12 +23158,24 @@ func (s *UpdateOntapVolumeConfiguration) SetSecurityStyle(v string) *UpdateOntap return s } +// SetSizeInBytes sets the SizeInBytes field's value. +func (s *UpdateOntapVolumeConfiguration) SetSizeInBytes(v int64) *UpdateOntapVolumeConfiguration { + s.SizeInBytes = &v + return s +} + // SetSizeInMegabytes sets the SizeInMegabytes field's value. func (s *UpdateOntapVolumeConfiguration) SetSizeInMegabytes(v int64) *UpdateOntapVolumeConfiguration { s.SizeInMegabytes = &v return s } +// SetSnaplockConfiguration sets the SnaplockConfiguration field's value. +func (s *UpdateOntapVolumeConfiguration) SetSnaplockConfiguration(v *UpdateSnaplockConfiguration) *UpdateOntapVolumeConfiguration { + s.SnaplockConfiguration = v + return s +} + // SetSnapshotPolicy sets the SnapshotPolicy field's value. func (s *UpdateOntapVolumeConfiguration) SetSnapshotPolicy(v string) *UpdateOntapVolumeConfiguration { s.SnapshotPolicy = &v @@ -21134,11 +23342,207 @@ func (s *UpdateOpenZFSVolumeConfiguration) SetUserAndGroupQuotas(v []*OpenZFSUse return s } +type UpdateSharedVpcConfigurationInput struct { + _ struct{} `type:"structure"` + + // (Optional) An idempotency token for resource creation, in a string of up + // to 63 ASCII characters. This token is automatically filled on your behalf + // when you use the Command Line Interface (CLI) or an Amazon Web Services SDK. + ClientRequestToken *string `min:"1" type:"string" idempotencyToken:"true"` + + // Specifies whether participant accounts can create FSx for ONTAP Multi-AZ + // file systems in shared subnets. Set to true to enable or false to disable. + EnableFsxRouteTableUpdatesFromParticipantAccounts *string `min:"4" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s UpdateSharedVpcConfigurationInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s UpdateSharedVpcConfigurationInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *UpdateSharedVpcConfigurationInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "UpdateSharedVpcConfigurationInput"} + if s.ClientRequestToken != nil && len(*s.ClientRequestToken) < 1 { + invalidParams.Add(request.NewErrParamMinLen("ClientRequestToken", 1)) + } + if s.EnableFsxRouteTableUpdatesFromParticipantAccounts != nil && len(*s.EnableFsxRouteTableUpdatesFromParticipantAccounts) < 4 { + invalidParams.Add(request.NewErrParamMinLen("EnableFsxRouteTableUpdatesFromParticipantAccounts", 4)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetClientRequestToken sets the ClientRequestToken field's value. +func (s *UpdateSharedVpcConfigurationInput) SetClientRequestToken(v string) *UpdateSharedVpcConfigurationInput { + s.ClientRequestToken = &v + return s +} + +// SetEnableFsxRouteTableUpdatesFromParticipantAccounts sets the EnableFsxRouteTableUpdatesFromParticipantAccounts field's value. +func (s *UpdateSharedVpcConfigurationInput) SetEnableFsxRouteTableUpdatesFromParticipantAccounts(v string) *UpdateSharedVpcConfigurationInput { + s.EnableFsxRouteTableUpdatesFromParticipantAccounts = &v + return s +} + +type UpdateSharedVpcConfigurationOutput struct { + _ struct{} `type:"structure"` + + // Indicates whether participant accounts can create FSx for ONTAP Multi-AZ + // file systems in shared subnets. + EnableFsxRouteTableUpdatesFromParticipantAccounts *string `min:"4" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s UpdateSharedVpcConfigurationOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s UpdateSharedVpcConfigurationOutput) GoString() string { + return s.String() +} + +// SetEnableFsxRouteTableUpdatesFromParticipantAccounts sets the EnableFsxRouteTableUpdatesFromParticipantAccounts field's value. +func (s *UpdateSharedVpcConfigurationOutput) SetEnableFsxRouteTableUpdatesFromParticipantAccounts(v string) *UpdateSharedVpcConfigurationOutput { + s.EnableFsxRouteTableUpdatesFromParticipantAccounts = &v + return s +} + +// Updates the SnapLock configuration for an existing FSx for ONTAP volume. +type UpdateSnaplockConfiguration struct { + _ struct{} `type:"structure"` + + // Enables or disables the audit log volume for an FSx for ONTAP SnapLock volume. + // The default value is false. If you set AuditLogVolume to true, the SnapLock + // volume is created as an audit log volume. The minimum retention period for + // an audit log volume is six months. + // + // For more information, see SnapLock audit log volumes (https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/how-snaplock-works.html#snaplock-audit-log-volume). + AuditLogVolume *bool `type:"boolean"` + + // The configuration object for setting the autocommit period of files in an + // FSx for ONTAP SnapLock volume. + AutocommitPeriod *AutocommitPeriod `type:"structure"` + + // Enables, disables, or permanently disables privileged delete on an FSx for + // ONTAP SnapLock Enterprise volume. Enabling privileged delete allows SnapLock + // administrators to delete write once, read many (WORM) files even if they + // have active retention periods. PERMANENTLY_DISABLED is a terminal state. + // If privileged delete is permanently disabled on a SnapLock volume, you can't + // re-enable it. The default value is DISABLED. + // + // For more information, see Privileged delete (https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/snaplock-enterprise.html#privileged-delete). + PrivilegedDelete *string `type:"string" enum:"PrivilegedDelete"` + + // Specifies the retention period of an FSx for ONTAP SnapLock volume. + RetentionPeriod *SnaplockRetentionPeriod `type:"structure"` + + // Enables or disables volume-append mode on an FSx for ONTAP SnapLock volume. + // Volume-append mode allows you to create WORM-appendable files and write data + // to them incrementally. The default value is false. + // + // For more information, see Volume-append mode (https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/worm-state.html#worm-state-append). + VolumeAppendModeEnabled *bool `type:"boolean"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s UpdateSnaplockConfiguration) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s UpdateSnaplockConfiguration) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *UpdateSnaplockConfiguration) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "UpdateSnaplockConfiguration"} + if s.AutocommitPeriod != nil { + if err := s.AutocommitPeriod.Validate(); err != nil { + invalidParams.AddNested("AutocommitPeriod", err.(request.ErrInvalidParams)) + } + } + if s.RetentionPeriod != nil { + if err := s.RetentionPeriod.Validate(); err != nil { + invalidParams.AddNested("RetentionPeriod", err.(request.ErrInvalidParams)) + } + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetAuditLogVolume sets the AuditLogVolume field's value. +func (s *UpdateSnaplockConfiguration) SetAuditLogVolume(v bool) *UpdateSnaplockConfiguration { + s.AuditLogVolume = &v + return s +} + +// SetAutocommitPeriod sets the AutocommitPeriod field's value. +func (s *UpdateSnaplockConfiguration) SetAutocommitPeriod(v *AutocommitPeriod) *UpdateSnaplockConfiguration { + s.AutocommitPeriod = v + return s +} + +// SetPrivilegedDelete sets the PrivilegedDelete field's value. +func (s *UpdateSnaplockConfiguration) SetPrivilegedDelete(v string) *UpdateSnaplockConfiguration { + s.PrivilegedDelete = &v + return s +} + +// SetRetentionPeriod sets the RetentionPeriod field's value. +func (s *UpdateSnaplockConfiguration) SetRetentionPeriod(v *SnaplockRetentionPeriod) *UpdateSnaplockConfiguration { + s.RetentionPeriod = v + return s +} + +// SetVolumeAppendModeEnabled sets the VolumeAppendModeEnabled field's value. +func (s *UpdateSnaplockConfiguration) SetVolumeAppendModeEnabled(v bool) *UpdateSnaplockConfiguration { + s.VolumeAppendModeEnabled = &v + return s +} + type UpdateSnapshotInput struct { _ struct{} `type:"structure"` // (Optional) An idempotency token for resource creation, in a string of up - // to 64 ASCII characters. This token is automatically filled on your behalf + // to 63 ASCII characters. This token is automatically filled on your behalf // when you use the Command Line Interface (CLI) or an Amazon Web Services SDK. ClientRequestToken *string `min:"1" type:"string" idempotencyToken:"true"` @@ -21249,12 +23653,11 @@ func (s *UpdateSnapshotOutput) SetSnapshot(v *Snapshot) *UpdateSnapshotOutput { type UpdateStorageVirtualMachineInput struct { _ struct{} `type:"structure"` - // Updates the Microsoft Active Directory (AD) configuration for an SVM that - // is joined to an AD. + // Specifies updates to an SVM's Microsoft Active Directory (AD) configuration. ActiveDirectoryConfiguration *UpdateSvmActiveDirectoryConfiguration `type:"structure"` // (Optional) An idempotency token for resource creation, in a string of up - // to 64 ASCII characters. This token is automatically filled on your behalf + // to 63 ASCII characters. This token is automatically filled on your behalf // when you use the Command Line Interface (CLI) or an Amazon Web Services SDK. ClientRequestToken *string `min:"1" type:"string" idempotencyToken:"true"` @@ -21263,7 +23666,7 @@ type UpdateStorageVirtualMachineInput struct { // StorageVirtualMachineId is a required field StorageVirtualMachineId *string `min:"21" type:"string" required:"true"` - // Enter a new SvmAdminPassword if you are updating it. + // Specifies a new SvmAdminPassword. // // SvmAdminPassword is a sensitive parameter and its value will be // replaced with "sensitive" in string returned by UpdateStorageVirtualMachineInput's @@ -21371,14 +23774,19 @@ func (s *UpdateStorageVirtualMachineOutput) SetStorageVirtualMachine(v *StorageV return s } -// Updates the Microsoft Active Directory (AD) configuration of an SVM joined -// to an AD. Please note, account credentials are not returned in the response -// payload. +// Specifies updates to an FSx for ONTAP storage virtual machine's (SVM) Microsoft +// Active Directory (AD) configuration. Note that account credentials are not +// returned in the response payload. type UpdateSvmActiveDirectoryConfiguration struct { _ struct{} `type:"structure"` - // The configuration that Amazon FSx uses to join the Windows File Server instance - // to a self-managed Microsoft Active Directory (AD) directory. + // Specifies an updated NetBIOS name of the AD computer object NetBiosName to + // which an SVM is joined. + NetBiosName *string `min:"1" type:"string"` + + // Specifies changes you are making to the self-managed Microsoft Active Directory + // (AD) configuration to which an FSx for Windows File Server file system or + // an FSx for ONTAP SVM is joined. SelfManagedActiveDirectoryConfiguration *SelfManagedActiveDirectoryConfigurationUpdates `type:"structure"` } @@ -21403,6 +23811,9 @@ func (s UpdateSvmActiveDirectoryConfiguration) GoString() string { // Validate inspects the fields of the type to determine if they are valid. func (s *UpdateSvmActiveDirectoryConfiguration) Validate() error { invalidParams := request.ErrInvalidParams{Context: "UpdateSvmActiveDirectoryConfiguration"} + if s.NetBiosName != nil && len(*s.NetBiosName) < 1 { + invalidParams.Add(request.NewErrParamMinLen("NetBiosName", 1)) + } if s.SelfManagedActiveDirectoryConfiguration != nil { if err := s.SelfManagedActiveDirectoryConfiguration.Validate(); err != nil { invalidParams.AddNested("SelfManagedActiveDirectoryConfiguration", err.(request.ErrInvalidParams)) @@ -21415,6 +23826,12 @@ func (s *UpdateSvmActiveDirectoryConfiguration) Validate() error { return nil } +// SetNetBiosName sets the NetBiosName field's value. +func (s *UpdateSvmActiveDirectoryConfiguration) SetNetBiosName(v string) *UpdateSvmActiveDirectoryConfiguration { + s.NetBiosName = &v + return s +} + // SetSelfManagedActiveDirectoryConfiguration sets the SelfManagedActiveDirectoryConfiguration field's value. func (s *UpdateSvmActiveDirectoryConfiguration) SetSelfManagedActiveDirectoryConfiguration(v *SelfManagedActiveDirectoryConfigurationUpdates) *UpdateSvmActiveDirectoryConfiguration { s.SelfManagedActiveDirectoryConfiguration = v @@ -21425,7 +23842,7 @@ type UpdateVolumeInput struct { _ struct{} `type:"structure"` // (Optional) An idempotency token for resource creation, in a string of up - // to 64 ASCII characters. This token is automatically filled on your behalf + // to 63 ASCII characters. This token is automatically filled on your behalf // when you use the Command Line Interface (CLI) or an Amazon Web Services SDK. ClientRequestToken *string `min:"1" type:"string" idempotencyToken:"true"` @@ -21558,7 +23975,7 @@ func (s *UpdateVolumeOutput) SetVolume(v *Volume) *UpdateVolumeOutput { return s } -// Describes an Amazon FSx for NetApp ONTAP or Amazon FSx for OpenZFS volume. +// Describes an Amazon FSx volume. type Volume struct { _ struct{} `type:"structure"` @@ -21831,7 +24248,7 @@ type WindowsAuditLogConfiguration struct { // Data Firehose delivery stream ARN. // // The name of the Amazon CloudWatch Logs log group must begin with the /aws/fsx - // prefix. The name of the Amazon Kinesis Data Firehouse delivery stream must + // prefix. The name of the Amazon Kinesis Data Firehose delivery stream must // begin with the aws-fsx prefix. // // The destination ARN (either CloudWatch Logs log group or Kinesis Data Firehose @@ -21923,7 +24340,7 @@ type WindowsAuditLogCreateConfiguration struct { // account as your Amazon FSx file system. // // * The name of the Amazon CloudWatch Logs log group must begin with the - // /aws/fsx prefix. The name of the Amazon Kinesis Data Firehouse delivery + // /aws/fsx prefix. The name of the Amazon Kinesis Data Firehose delivery // stream must begin with the aws-fsx prefix. // // * If you do not provide a destination in AuditLogDestination, Amazon FSx @@ -22078,6 +24495,13 @@ type WindowsFileSystemConfiguration struct { // For more information, see Single-AZ and Multi-AZ File Systems (https://docs.aws.amazon.com/fsx/latest/WindowsGuide/high-availability-multiAZ.html). DeploymentType *string `type:"string" enum:"WindowsDeploymentType"` + // The SSD IOPS (input/output operations per second) configuration for an Amazon + // FSx for Windows file system. By default, Amazon FSx automatically provisions + // 3 IOPS per GiB of storage capacity. You can provision additional IOPS per + // GiB of storage, up to the maximum limit associated with your chosen throughput + // capacity. + DiskIopsConfiguration *DiskIopsConfiguration `type:"structure"` + // The list of maintenance operations in progress for this file system. MaintenanceOperationsInProgress []*string `type:"list" enum:"FileSystemMaintenanceOperation"` @@ -22187,6 +24611,12 @@ func (s *WindowsFileSystemConfiguration) SetDeploymentType(v string) *WindowsFil return s } +// SetDiskIopsConfiguration sets the DiskIopsConfiguration field's value. +func (s *WindowsFileSystemConfiguration) SetDiskIopsConfiguration(v *DiskIopsConfiguration) *WindowsFileSystemConfiguration { + s.DiskIopsConfiguration = v + return s +} + // SetMaintenanceOperationsInProgress sets the MaintenanceOperationsInProgress field's value. func (s *WindowsFileSystemConfiguration) SetMaintenanceOperationsInProgress(v []*string) *WindowsFileSystemConfiguration { s.MaintenanceOperationsInProgress = v @@ -22264,6 +24694,15 @@ func ActiveDirectoryErrorType_Values() []string { // - FILE_SYSTEM_UPDATE - A file system update administrative action initiated // from the Amazon FSx console, API (UpdateFileSystem), or CLI (update-file-system). // +// - THROUGHPUT_OPTIMIZATION - After the FILE_SYSTEM_UPDATE task to increase +// a file system's throughput capacity has been completed successfully, a +// THROUGHPUT_OPTIMIZATION task starts. You can track the storage-optimization +// progress using the ProgressPercent property. When THROUGHPUT_OPTIMIZATION +// has been completed successfully, the parent FILE_SYSTEM_UPDATE action +// status changes to COMPLETED. For more information, see Managing throughput +// capacity (https://docs.aws.amazon.com/fsx/latest/WindowsGuide/managing-throughput-capacity.html) +// in the Amazon FSx for Windows File Server User Guide. +// // - STORAGE_OPTIMIZATION - After the FILE_SYSTEM_UPDATE task to increase // a file system's storage capacity has been completed successfully, a STORAGE_OPTIMIZATION // task starts. For Windows and ONTAP, storage optimization is the process @@ -22274,7 +24713,7 @@ func ActiveDirectoryErrorType_Values() []string { // completed successfully, the parent FILE_SYSTEM_UPDATE action status changes // to COMPLETED. For more information, see Managing storage capacity (https://docs.aws.amazon.com/fsx/latest/WindowsGuide/managing-storage-capacity.html) // in the Amazon FSx for Windows File Server User Guide, Managing storage -// and throughput capacity (https://docs.aws.amazon.com/fsx/latest/LustreGuide/managing-storage-capacity.html) +// capacity (https://docs.aws.amazon.com/fsx/latest/LustreGuide/managing-storage-capacity.html) // in the Amazon FSx for Lustre User Guide, and Managing storage capacity // and provisioned IOPS (https://docs.aws.amazon.com/fsx/latest/ONTAPGuide/managing-storage-capacity.html) // in the Amazon FSx for NetApp ONTAP User Guide. @@ -22287,9 +24726,23 @@ func ActiveDirectoryErrorType_Values() []string { // a DNS alias from the file system. For more information, see DisassociateFileSystemAliases // (https://docs.aws.amazon.com/fsx/latest/APIReference/API_DisassociateFileSystemAliases.html). // -// - VOLUME_UPDATE - A volume update to an Amazon FSx for NetApp ONTAP or -// Amazon FSx for OpenZFS volume initiated from the Amazon FSx console, API -// (UpdateVolume), or CLI (update-volume). +// - IOPS_OPTIMIZATION - After the FILE_SYSTEM_UPDATE task to increase a +// file system's throughput capacity has been completed successfully, a IOPS_OPTIMIZATION +// task starts. You can track the storage-optimization progress using the +// ProgressPercent property. When IOPS_OPTIMIZATION has been completed successfully, +// the parent FILE_SYSTEM_UPDATE action status changes to COMPLETED. For +// more information, see Managing provisioned SSD IOPS (https://docs.aws.amazon.com/fsx/latest/WindowsGuide/managing-provisioned-ssd-iops.html) +// in the Amazon FSx for Windows File Server User Guide. +// +// - STORAGE_TYPE_OPTIMIZATION - After the FILE_SYSTEM_UPDATE task to increase +// a file system's throughput capacity has been completed successfully, a +// STORAGE_TYPE_OPTIMIZATION task starts. You can track the storage-optimization +// progress using the ProgressPercent property. When STORAGE_TYPE_OPTIMIZATION +// has been completed successfully, the parent FILE_SYSTEM_UPDATE action +// status changes to COMPLETED. +// +// - VOLUME_UPDATE - A volume update to an Amazon FSx for OpenZFS volume +// initiated from the Amazon FSx console, API (UpdateVolume), or CLI (update-volume). // // - VOLUME_RESTORE - An Amazon FSx for OpenZFS volume is returned to the // state saved by the specified snapshot, initiated from an API (RestoreVolumeFromSnapshot) @@ -22300,6 +24753,15 @@ func ActiveDirectoryErrorType_Values() []string { // // - RELEASE_NFS_V3_LOCKS - Tracks the release of Network File System (NFS) // V3 locks on an Amazon FSx for OpenZFS file system. +// +// - VOLUME_INITIALIZE_WITH_SNAPSHOT - A volume is being created from a snapshot +// on a different FSx for OpenZFS file system. You can initiate this from +// the Amazon FSx console, API (CreateVolume), or CLI (create-volume) when +// using the using the FULL_COPY strategy. +// +// - VOLUME_UPDATE_WITH_SNAPSHOT - A volume is being updated from a snapshot +// on a different FSx for OpenZFS file system. You can initiate this from +// the Amazon FSx console, API (CopySnapshotAndUpdateVolume), or CLI (copy-snapshot-and-update-volume). const ( // AdministrativeActionTypeFileSystemUpdate is a AdministrativeActionType enum value AdministrativeActionTypeFileSystemUpdate = "FILE_SYSTEM_UPDATE" @@ -22324,6 +24786,24 @@ const ( // AdministrativeActionTypeVolumeRestore is a AdministrativeActionType enum value AdministrativeActionTypeVolumeRestore = "VOLUME_RESTORE" + + // AdministrativeActionTypeThroughputOptimization is a AdministrativeActionType enum value + AdministrativeActionTypeThroughputOptimization = "THROUGHPUT_OPTIMIZATION" + + // AdministrativeActionTypeIopsOptimization is a AdministrativeActionType enum value + AdministrativeActionTypeIopsOptimization = "IOPS_OPTIMIZATION" + + // AdministrativeActionTypeStorageTypeOptimization is a AdministrativeActionType enum value + AdministrativeActionTypeStorageTypeOptimization = "STORAGE_TYPE_OPTIMIZATION" + + // AdministrativeActionTypeMisconfiguredStateRecovery is a AdministrativeActionType enum value + AdministrativeActionTypeMisconfiguredStateRecovery = "MISCONFIGURED_STATE_RECOVERY" + + // AdministrativeActionTypeVolumeUpdateWithSnapshot is a AdministrativeActionType enum value + AdministrativeActionTypeVolumeUpdateWithSnapshot = "VOLUME_UPDATE_WITH_SNAPSHOT" + + // AdministrativeActionTypeVolumeInitializeWithSnapshot is a AdministrativeActionType enum value + AdministrativeActionTypeVolumeInitializeWithSnapshot = "VOLUME_INITIALIZE_WITH_SNAPSHOT" ) // AdministrativeActionType_Values returns all elements of the AdministrativeActionType enum @@ -22337,6 +24817,12 @@ func AdministrativeActionType_Values() []string { AdministrativeActionTypeSnapshotUpdate, AdministrativeActionTypeReleaseNfsV3Locks, AdministrativeActionTypeVolumeRestore, + AdministrativeActionTypeThroughputOptimization, + AdministrativeActionTypeIopsOptimization, + AdministrativeActionTypeStorageTypeOptimization, + AdministrativeActionTypeMisconfiguredStateRecovery, + AdministrativeActionTypeVolumeUpdateWithSnapshot, + AdministrativeActionTypeVolumeInitializeWithSnapshot, } } @@ -22392,6 +24878,38 @@ func AutoImportPolicyType_Values() []string { } } +const ( + // AutocommitPeriodTypeMinutes is a AutocommitPeriodType enum value + AutocommitPeriodTypeMinutes = "MINUTES" + + // AutocommitPeriodTypeHours is a AutocommitPeriodType enum value + AutocommitPeriodTypeHours = "HOURS" + + // AutocommitPeriodTypeDays is a AutocommitPeriodType enum value + AutocommitPeriodTypeDays = "DAYS" + + // AutocommitPeriodTypeMonths is a AutocommitPeriodType enum value + AutocommitPeriodTypeMonths = "MONTHS" + + // AutocommitPeriodTypeYears is a AutocommitPeriodType enum value + AutocommitPeriodTypeYears = "YEARS" + + // AutocommitPeriodTypeNone is a AutocommitPeriodType enum value + AutocommitPeriodTypeNone = "NONE" +) + +// AutocommitPeriodType_Values returns all elements of the AutocommitPeriodType enum +func AutocommitPeriodType_Values() []string { + return []string{ + AutocommitPeriodTypeMinutes, + AutocommitPeriodTypeHours, + AutocommitPeriodTypeDays, + AutocommitPeriodTypeMonths, + AutocommitPeriodTypeYears, + AutocommitPeriodTypeNone, + } +} + // The lifecycle status of the backup. // // - AVAILABLE - The backup is fully available. @@ -22940,6 +25458,9 @@ const ( // OntapDeploymentTypeSingleAz1 is a OntapDeploymentType enum value OntapDeploymentTypeSingleAz1 = "SINGLE_AZ_1" + + // OntapDeploymentTypeSingleAz2 is a OntapDeploymentType enum value + OntapDeploymentTypeSingleAz2 = "SINGLE_AZ_2" ) // OntapDeploymentType_Values returns all elements of the OntapDeploymentType enum @@ -22947,6 +25468,7 @@ func OntapDeploymentType_Values() []string { return []string{ OntapDeploymentTypeMultiAz1, OntapDeploymentTypeSingleAz1, + OntapDeploymentTypeSingleAz2, } } @@ -22976,6 +25498,9 @@ const ( // OpenZFSCopyStrategyFullCopy is a OpenZFSCopyStrategy enum value OpenZFSCopyStrategyFullCopy = "FULL_COPY" + + // OpenZFSCopyStrategyIncrementalCopy is a OpenZFSCopyStrategy enum value + OpenZFSCopyStrategyIncrementalCopy = "INCREMENTAL_COPY" ) // OpenZFSCopyStrategy_Values returns all elements of the OpenZFSCopyStrategy enum @@ -22983,6 +25508,7 @@ func OpenZFSCopyStrategy_Values() []string { return []string{ OpenZFSCopyStrategyClone, OpenZFSCopyStrategyFullCopy, + OpenZFSCopyStrategyIncrementalCopy, } } @@ -23012,6 +25538,9 @@ const ( // OpenZFSDeploymentTypeSingleAz2 is a OpenZFSDeploymentType enum value OpenZFSDeploymentTypeSingleAz2 = "SINGLE_AZ_2" + + // OpenZFSDeploymentTypeMultiAz1 is a OpenZFSDeploymentType enum value + OpenZFSDeploymentTypeMultiAz1 = "MULTI_AZ_1" ) // OpenZFSDeploymentType_Values returns all elements of the OpenZFSDeploymentType enum @@ -23019,6 +25548,7 @@ func OpenZFSDeploymentType_Values() []string { return []string{ OpenZFSDeploymentTypeSingleAz1, OpenZFSDeploymentTypeSingleAz2, + OpenZFSDeploymentTypeMultiAz1, } } @@ -23038,6 +25568,26 @@ func OpenZFSQuotaType_Values() []string { } } +const ( + // PrivilegedDeleteDisabled is a PrivilegedDelete enum value + PrivilegedDeleteDisabled = "DISABLED" + + // PrivilegedDeleteEnabled is a PrivilegedDelete enum value + PrivilegedDeleteEnabled = "ENABLED" + + // PrivilegedDeletePermanentlyDisabled is a PrivilegedDelete enum value + PrivilegedDeletePermanentlyDisabled = "PERMANENTLY_DISABLED" +) + +// PrivilegedDelete_Values returns all elements of the PrivilegedDelete enum +func PrivilegedDelete_Values() []string { + return []string{ + PrivilegedDeleteDisabled, + PrivilegedDeleteEnabled, + PrivilegedDeletePermanentlyDisabled, + } +} + const ( // ReportFormatReportCsv20191124 is a ReportFormat enum value ReportFormatReportCsv20191124 = "REPORT_CSV_20191124" @@ -23094,6 +25644,46 @@ func RestoreOpenZFSVolumeOption_Values() []string { } } +const ( + // RetentionPeriodTypeSeconds is a RetentionPeriodType enum value + RetentionPeriodTypeSeconds = "SECONDS" + + // RetentionPeriodTypeMinutes is a RetentionPeriodType enum value + RetentionPeriodTypeMinutes = "MINUTES" + + // RetentionPeriodTypeHours is a RetentionPeriodType enum value + RetentionPeriodTypeHours = "HOURS" + + // RetentionPeriodTypeDays is a RetentionPeriodType enum value + RetentionPeriodTypeDays = "DAYS" + + // RetentionPeriodTypeMonths is a RetentionPeriodType enum value + RetentionPeriodTypeMonths = "MONTHS" + + // RetentionPeriodTypeYears is a RetentionPeriodType enum value + RetentionPeriodTypeYears = "YEARS" + + // RetentionPeriodTypeInfinite is a RetentionPeriodType enum value + RetentionPeriodTypeInfinite = "INFINITE" + + // RetentionPeriodTypeUnspecified is a RetentionPeriodType enum value + RetentionPeriodTypeUnspecified = "UNSPECIFIED" +) + +// RetentionPeriodType_Values returns all elements of the RetentionPeriodType enum +func RetentionPeriodType_Values() []string { + return []string{ + RetentionPeriodTypeSeconds, + RetentionPeriodTypeMinutes, + RetentionPeriodTypeHours, + RetentionPeriodTypeDays, + RetentionPeriodTypeMonths, + RetentionPeriodTypeYears, + RetentionPeriodTypeInfinite, + RetentionPeriodTypeUnspecified, + } +} + const ( // SecurityStyleUnix is a SecurityStyle enum value SecurityStyleUnix = "UNIX" @@ -23167,6 +25757,22 @@ func ServiceLimit_Values() []string { } } +const ( + // SnaplockTypeCompliance is a SnaplockType enum value + SnaplockTypeCompliance = "COMPLIANCE" + + // SnaplockTypeEnterprise is a SnaplockType enum value + SnaplockTypeEnterprise = "ENTERPRISE" +) + +// SnaplockType_Values returns all elements of the SnaplockType enum +func SnaplockType_Values() []string { + return []string{ + SnaplockTypeCompliance, + SnaplockTypeEnterprise, + } +} + const ( // SnapshotFilterNameFileSystemId is a SnapshotFilterName enum value SnapshotFilterNameFileSystemId = "file-system-id" @@ -23235,7 +25841,7 @@ func Status_Values() []string { } } -// The storage type for your Amazon FSx file system. +// Specifies the file system's storage type. const ( // StorageTypeSsd is a StorageType enum value StorageTypeSsd = "SSD" @@ -23364,6 +25970,38 @@ func TieringPolicyName_Values() []string { } } +const ( + // UnitDays is a Unit enum value + UnitDays = "DAYS" +) + +// Unit_Values returns all elements of the Unit enum +func Unit_Values() []string { + return []string{ + UnitDays, + } +} + +const ( + // UpdateOpenZFSVolumeOptionDeleteIntermediateSnapshots is a UpdateOpenZFSVolumeOption enum value + UpdateOpenZFSVolumeOptionDeleteIntermediateSnapshots = "DELETE_INTERMEDIATE_SNAPSHOTS" + + // UpdateOpenZFSVolumeOptionDeleteClonedVolumes is a UpdateOpenZFSVolumeOption enum value + UpdateOpenZFSVolumeOptionDeleteClonedVolumes = "DELETE_CLONED_VOLUMES" + + // UpdateOpenZFSVolumeOptionDeleteIntermediateData is a UpdateOpenZFSVolumeOption enum value + UpdateOpenZFSVolumeOptionDeleteIntermediateData = "DELETE_INTERMEDIATE_DATA" +) + +// UpdateOpenZFSVolumeOption_Values returns all elements of the UpdateOpenZFSVolumeOption enum +func UpdateOpenZFSVolumeOption_Values() []string { + return []string{ + UpdateOpenZFSVolumeOptionDeleteIntermediateSnapshots, + UpdateOpenZFSVolumeOptionDeleteClonedVolumes, + UpdateOpenZFSVolumeOptionDeleteIntermediateData, + } +} + const ( // VolumeFilterNameFileSystemId is a VolumeFilterName enum value VolumeFilterNameFileSystemId = "file-system-id" @@ -23416,6 +26054,22 @@ func VolumeLifecycle_Values() []string { } } +const ( + // VolumeStyleFlexvol is a VolumeStyle enum value + VolumeStyleFlexvol = "FLEXVOL" + + // VolumeStyleFlexgroup is a VolumeStyle enum value + VolumeStyleFlexgroup = "FLEXGROUP" +) + +// VolumeStyle_Values returns all elements of the VolumeStyle enum +func VolumeStyle_Values() []string { + return []string{ + VolumeStyleFlexvol, + VolumeStyleFlexgroup, + } +} + const ( // VolumeTypeOntap is a VolumeType enum value VolumeTypeOntap = "ONTAP" diff --git a/agent/vendor/github.com/aws/aws-sdk-go/service/s3/api.go b/agent/vendor/github.com/aws/aws-sdk-go/service/s3/api.go index a9c653a00d4..f472cdc8d2b 100644 --- a/agent/vendor/github.com/aws/aws-sdk-go/service/s3/api.go +++ b/agent/vendor/github.com/aws/aws-sdk-go/service/s3/api.go @@ -67,19 +67,47 @@ func (c *S3) AbortMultipartUploadRequest(input *AbortMultipartUploadInput) (req // AbortMultipartUpload API operation for Amazon Simple Storage Service. // -// This action aborts a multipart upload. After a multipart upload is aborted, +// This operation aborts a multipart upload. After a multipart upload is aborted, // no additional parts can be uploaded using that upload ID. The storage consumed // by any previously uploaded parts will be freed. However, if any part uploads // are currently in progress, those part uploads might or might not succeed. // As a result, it might be necessary to abort a given multipart upload multiple // times in order to completely free all storage consumed by all parts. // -// To verify that all parts have been removed, so you don't get charged for +// To verify that all parts have been removed and prevent getting charged for // the part storage, you should call the ListParts (https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListParts.html) -// action and ensure that the parts list is empty. +// API operation and ensure that the parts list is empty. // -// For information about permissions required to use the multipart upload, see -// Multipart Upload and Permissions (https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuAndPermissions.html). +// Directory buckets - For directory buckets, you must make requests for this +// API operation to the Zonal endpoint. These endpoints support virtual-hosted-style +// requests in the format https://bucket_name.s3express-az_id.region.amazonaws.com/key-name +// . Path-style requests are not supported. For more information, see Regional +// and Zonal endpoints (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-Regions-and-Zones.html) +// in the Amazon S3 User Guide. +// +// Permissions +// +// - General purpose bucket permissions - For information about permissions +// required to use the multipart upload, see Multipart Upload and Permissions +// (https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuAndPermissions.html) +// in the Amazon S3 User Guide. +// +// - Directory bucket permissions - To grant access to this API operation +// on a directory bucket, we recommend that you use the CreateSession (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html) +// API operation for session-based authorization. Specifically, you grant +// the s3express:CreateSession permission to the directory bucket in a bucket +// policy or an IAM identity-based policy. Then, you make the CreateSession +// API call on the bucket to obtain a session token. With the session token +// in your request header, you can make API requests to this operation. After +// the session token expires, you make another CreateSession API call to +// generate a new session token for use. Amazon Web Services CLI or SDKs +// create session and refresh the session token automatically to avoid service +// interruptions when a session expires. For more information about authorization, +// see CreateSession (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html). +// +// # HTTP Host header syntax +// +// Directory buckets - The HTTP Host header syntax is Bucket_name.s3express-az_id.region.amazonaws.com. // // The following operations are related to AbortMultipartUpload: // @@ -173,54 +201,93 @@ func (c *S3) CompleteMultipartUploadRequest(input *CompleteMultipartUploadInput) // // You first initiate the multipart upload and then upload all parts using the // UploadPart (https://docs.aws.amazon.com/AmazonS3/latest/API/API_UploadPart.html) +// operation or the UploadPartCopy (https://docs.aws.amazon.com/AmazonS3/latest/API/API_UploadPartCopy.html) // operation. After successfully uploading all relevant parts of an upload, -// you call this action to complete the upload. Upon receiving this request, -// Amazon S3 concatenates all the parts in ascending order by part number to -// create a new object. In the Complete Multipart Upload request, you must provide -// the parts list. You must ensure that the parts list is complete. This action -// concatenates the parts that you provide in the list. For each part in the -// list, you must provide the part number and the ETag value, returned after -// that part was uploaded. -// -// Processing of a Complete Multipart Upload request could take several minutes -// to complete. After Amazon S3 begins processing the request, it sends an HTTP +// you call this CompleteMultipartUpload operation to complete the upload. Upon +// receiving this request, Amazon S3 concatenates all the parts in ascending +// order by part number to create a new object. In the CompleteMultipartUpload +// request, you must provide the parts list and ensure that the parts list is +// complete. The CompleteMultipartUpload API operation concatenates the parts +// that you provide in the list. For each part in the list, you must provide +// the PartNumber value and the ETag value that are returned after that part +// was uploaded. +// +// The processing of a CompleteMultipartUpload request could take several minutes +// to finalize. After Amazon S3 begins processing the request, it sends an HTTP // response header that specifies a 200 OK response. While processing is in // progress, Amazon S3 periodically sends white space characters to keep the -// connection from timing out. Because a request could fail after the initial -// 200 OK response has been sent, it is important that you check the response -// body to determine whether the request succeeded. +// connection from timing out. A request could fail after the initial 200 OK +// response has been sent. This means that a 200 OK response can contain either +// a success or an error. The error response might be embedded in the 200 OK +// response. If you call this API operation directly, make sure to design your +// application to parse the contents of the response and handle it appropriately. +// If you use Amazon Web Services SDKs, SDKs handle this condition. The SDKs +// detect the embedded error and apply error handling per your configuration +// settings (including automatically retrying the request as appropriate). If +// the condition persists, the SDKs throw an exception (or, for the SDKs that +// don't use exceptions, they return an error). // // Note that if CompleteMultipartUpload fails, applications should be prepared -// to retry the failed requests. For more information, see Amazon S3 Error Best -// Practices (https://docs.aws.amazon.com/AmazonS3/latest/dev/ErrorBestPractices.html). +// to retry any failed requests (including 500 error responses). For more information, +// see Amazon S3 Error Best Practices (https://docs.aws.amazon.com/AmazonS3/latest/dev/ErrorBestPractices.html). // -// You cannot use Content-Type: application/x-www-form-urlencoded with Complete -// Multipart Upload requests. Also, if you do not provide a Content-Type header, -// CompleteMultipartUpload returns a 200 OK response. +// You can't use Content-Type: application/x-www-form-urlencoded for the CompleteMultipartUpload +// requests. Also, if you don't provide a Content-Type header, CompleteMultipartUpload +// can still return a 200 OK response. // // For more information about multipart uploads, see Uploading Objects Using -// Multipart Upload (https://docs.aws.amazon.com/AmazonS3/latest/dev/uploadobjusingmpu.html). +// Multipart Upload (https://docs.aws.amazon.com/AmazonS3/latest/dev/uploadobjusingmpu.html) +// in the Amazon S3 User Guide. // -// For information about permissions required to use the multipart upload API, -// see Multipart Upload and Permissions (https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuAndPermissions.html). +// Directory buckets - For directory buckets, you must make requests for this +// API operation to the Zonal endpoint. These endpoints support virtual-hosted-style +// requests in the format https://bucket_name.s3express-az_id.region.amazonaws.com/key-name +// . Path-style requests are not supported. For more information, see Regional +// and Zonal endpoints (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-Regions-and-Zones.html) +// in the Amazon S3 User Guide. +// +// Permissions // -// CompleteMultipartUpload has the following special errors: +// - General purpose bucket permissions - For information about permissions +// required to use the multipart upload API, see Multipart Upload and Permissions +// (https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuAndPermissions.html) +// in the Amazon S3 User Guide. // -// - Error code: EntityTooSmall Description: Your proposed upload is smaller +// - Directory bucket permissions - To grant access to this API operation +// on a directory bucket, we recommend that you use the CreateSession (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html) +// API operation for session-based authorization. Specifically, you grant +// the s3express:CreateSession permission to the directory bucket in a bucket +// policy or an IAM identity-based policy. Then, you make the CreateSession +// API call on the bucket to obtain a session token. With the session token +// in your request header, you can make API requests to this operation. After +// the session token expires, you make another CreateSession API call to +// generate a new session token for use. Amazon Web Services CLI or SDKs +// create session and refresh the session token automatically to avoid service +// interruptions when a session expires. For more information about authorization, +// see CreateSession (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html). +// +// Special errors +// +// - Error Code: EntityTooSmall Description: Your proposed upload is smaller // than the minimum allowed object size. Each part must be at least 5 MB -// in size, except the last part. 400 Bad Request +// in size, except the last part. HTTP Status Code: 400 Bad Request // -// - Error code: InvalidPart Description: One or more of the specified parts +// - Error Code: InvalidPart Description: One or more of the specified parts // could not be found. The part might not have been uploaded, or the specified -// entity tag might not have matched the part's entity tag. 400 Bad Request +// ETag might not have matched the uploaded part's ETag. HTTP Status Code: +// 400 Bad Request // -// - Error code: InvalidPartOrder Description: The list of parts was not +// - Error Code: InvalidPartOrder Description: The list of parts was not // in ascending order. The parts list must be specified in order by part -// number. 400 Bad Request +// number. HTTP Status Code: 400 Bad Request // -// - Error code: NoSuchUpload Description: The specified multipart upload +// - Error Code: NoSuchUpload Description: The specified multipart upload // does not exist. The upload ID might be invalid, or the multipart upload -// might have been aborted or completed. 404 Not Found +// might have been aborted or completed. HTTP Status Code: 404 Not Found +// +// # HTTP Host header syntax +// +// Directory buckets - The HTTP Host header syntax is Bucket_name.s3express-az_id.region.amazonaws.com. // // The following operations are related to CompleteMultipartUpload: // @@ -313,157 +380,113 @@ func (c *S3) CopyObjectRequest(input *CopyObjectInput) (req *request.Request, ou // upload Upload Part - Copy (UploadPartCopy) API. For more information, see // Copy Object Using the REST Multipart Upload API (https://docs.aws.amazon.com/AmazonS3/latest/dev/CopyingObjctsUsingRESTMPUapi.html). // -// All copy requests must be authenticated. Additionally, you must have read -// access to the source object and write access to the destination bucket. For -// more information, see REST Authentication (https://docs.aws.amazon.com/AmazonS3/latest/dev/RESTAuthentication.html). -// Both the Region that you want to copy the object from and the Region that -// you want to copy the object to must be enabled for your account. -// -// A copy request might return an error when Amazon S3 receives the copy request -// or while Amazon S3 is copying the files. If the error occurs before the copy -// action starts, you receive a standard Amazon S3 error. If the error occurs -// during the copy operation, the error response is embedded in the 200 OK response. -// This means that a 200 OK response can contain either a success or an error. -// Design your application to parse the contents of the response and handle -// it appropriately. +// You can copy individual objects between general purpose buckets, between +// directory buckets, and between general purpose buckets and directory buckets. // -// If the copy is successful, you receive a response with information about -// the copied object. -// -// If the request is an HTTP 1.1 request, the response is chunk encoded. If -// it were not, it would not contain the content-length, and you would need -// to read the entire body. +// Directory buckets - For directory buckets, you must make requests for this +// API operation to the Zonal endpoint. These endpoints support virtual-hosted-style +// requests in the format https://bucket_name.s3express-az_id.region.amazonaws.com/key-name +// . Path-style requests are not supported. For more information, see Regional +// and Zonal endpoints (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-Regions-and-Zones.html) +// in the Amazon S3 User Guide. // -// The copy request charge is based on the storage class and Region that you -// specify for the destination object. For pricing information, see Amazon S3 -// pricing (http://aws.amazon.com/s3/pricing/). +// Both the Region that you want to copy the object from and the Region that +// you want to copy the object to must be enabled for your account. For more +// information about how to enable a Region for your account, see Enable or +// disable a Region for standalone accounts (https://docs.aws.amazon.com/accounts/latest/reference/manage-acct-regions.html#manage-acct-regions-enable-standalone) +// in the Amazon Web Services Account Management Guide. // // Amazon S3 transfer acceleration does not support cross-Region copies. If // you request a cross-Region copy using a transfer acceleration endpoint, you // get a 400 Bad Request error. For more information, see Transfer Acceleration // (https://docs.aws.amazon.com/AmazonS3/latest/dev/transfer-acceleration.html). // -// # Metadata -// -// When copying an object, you can preserve all metadata (default) or specify -// new metadata. However, the ACL is not preserved and is set to private for -// the user making the request. To override the default ACL setting, specify -// a new ACL when generating a copy request. For more information, see Using -// ACLs (https://docs.aws.amazon.com/AmazonS3/latest/dev/S3_ACLs_UsingACLs.html). -// -// To specify whether you want the object metadata copied from the source object -// or replaced with metadata provided in the request, you can optionally add -// the x-amz-metadata-directive header. When you grant permissions, you can -// use the s3:x-amz-metadata-directive condition key to enforce certain metadata -// behavior when objects are uploaded. For more information, see Specifying -// Conditions in a Policy (https://docs.aws.amazon.com/AmazonS3/latest/dev/amazon-s3-policy-keys.html) -// in the Amazon S3 User Guide. For a complete list of Amazon S3-specific condition -// keys, see Actions, Resources, and Condition Keys for Amazon S3 (https://docs.aws.amazon.com/AmazonS3/latest/dev/list_amazons3.html). -// -// x-amz-copy-source-if Headers -// -// To only copy an object under certain conditions, such as whether the Etag -// matches or whether the object was modified before or after a specified date, -// use the following request parameters: -// -// - x-amz-copy-source-if-match -// -// - x-amz-copy-source-if-none-match -// -// - x-amz-copy-source-if-unmodified-since -// -// - x-amz-copy-source-if-modified-since -// -// If both the x-amz-copy-source-if-match and x-amz-copy-source-if-unmodified-since -// headers are present in the request and evaluate as follows, Amazon S3 returns -// 200 OK and copies the data: -// -// - x-amz-copy-source-if-match condition evaluates to true -// -// - x-amz-copy-source-if-unmodified-since condition evaluates to false -// -// If both the x-amz-copy-source-if-none-match and x-amz-copy-source-if-modified-since -// headers are present in the request and evaluate as follows, Amazon S3 returns -// the 412 Precondition Failed response code: +// # Authentication and authorization // -// - x-amz-copy-source-if-none-match condition evaluates to false -// -// - x-amz-copy-source-if-modified-since condition evaluates to true -// -// All headers with the x-amz- prefix, including x-amz-copy-source, must be -// signed. -// -// # Server-side encryption -// -// When you perform a CopyObject operation, you can optionally use the appropriate -// encryption-related headers to encrypt the object using server-side encryption -// with Amazon Web Services managed encryption keys (SSE-S3 or SSE-KMS) or a -// customer-provided encryption key. With server-side encryption, Amazon S3 -// encrypts your data as it writes it to disks in its data centers and decrypts -// the data when you access it. For more information about server-side encryption, -// see Using Server-Side Encryption (https://docs.aws.amazon.com/AmazonS3/latest/dev/serv-side-encryption.html). -// -// If a target object uses SSE-KMS, you can enable an S3 Bucket Key for the -// object. For more information, see Amazon S3 Bucket Keys (https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-key.html) -// in the Amazon S3 User Guide. -// -// # Access Control List (ACL)-Specific Request Headers -// -// When copying an object, you can optionally use headers to grant ACL-based -// permissions. By default, all objects are private. Only the owner has full -// access control. When adding a new object, you can grant permissions to individual -// Amazon Web Services accounts or to predefined groups defined by Amazon S3. -// These permissions are then added to the ACL on the object. For more information, -// see Access Control List (ACL) Overview (https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html) -// and Managing ACLs Using the REST API (https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-using-rest-api.html). -// -// If the bucket that you're copying objects to uses the bucket owner enforced -// setting for S3 Object Ownership, ACLs are disabled and no longer affect permissions. -// Buckets that use this setting only accept PUT requests that don't specify -// an ACL or PUT requests that specify bucket owner full control ACLs, such -// as the bucket-owner-full-control canned ACL or an equivalent form of this -// ACL expressed in the XML format. -// -// For more information, see Controlling ownership of objects and disabling -// ACLs (https://docs.aws.amazon.com/AmazonS3/latest/userguide/about-object-ownership.html) -// in the Amazon S3 User Guide. -// -// If your bucket uses the bucket owner enforced setting for Object Ownership, -// all objects written to the bucket by any account will be owned by the bucket -// owner. +// All CopyObject requests must be authenticated and signed by using IAM credentials +// (access key ID and secret access key for the IAM identities). All headers +// with the x-amz- prefix, including x-amz-copy-source, must be signed. For +// more information, see REST Authentication (https://docs.aws.amazon.com/AmazonS3/latest/dev/RESTAuthentication.html). // -// # Checksums +// Directory buckets - You must use the IAM credentials to authenticate and +// authorize your access to the CopyObject API operation, instead of using the +// temporary security credentials through the CreateSession API operation. // -// When copying an object, if it has a checksum, that checksum will be copied -// to the new object by default. When you copy the object over, you may optionally -// specify a different checksum algorithm to use with the x-amz-checksum-algorithm -// header. +// Amazon Web Services CLI or SDKs handles authentication and authorization +// on your behalf. // -// # Storage Class Options +// # Permissions // -// You can use the CopyObject action to change the storage class of an object -// that is already stored in Amazon S3 using the StorageClass parameter. For -// more information, see Storage Classes (https://docs.aws.amazon.com/AmazonS3/latest/dev/storage-class-intro.html) -// in the Amazon S3 User Guide. +// You must have read access to the source object and write access to the destination +// bucket. // -// # Versioning +// - General purpose bucket permissions - You must have permissions in an +// IAM policy based on the source and destination bucket types in a CopyObject +// operation. If the source object is in a general purpose bucket, you must +// have s3:GetObject permission to read the source object that is being copied. +// If the destination bucket is a general purpose bucket, you must have s3:PutObject +// permission to write the object copy to the destination bucket. +// +// - Directory bucket permissions - You must have permissions in a bucket +// policy or an IAM identity-based policy based on the source and destination +// bucket types in a CopyObject operation. If the source object that you +// want to copy is in a directory bucket, you must have the s3express:CreateSession +// permission in the Action element of a policy to read the object. By default, +// the session is in the ReadWrite mode. If you want to restrict the access, +// you can explicitly set the s3express:SessionMode condition key to ReadOnly +// on the copy source bucket. If the copy destination is a directory bucket, +// you must have the s3express:CreateSession permission in the Action element +// of a policy to write the object to the destination. The s3express:SessionMode +// condition key can't be set to ReadOnly on the copy destination bucket. +// For example policies, see Example bucket policies for S3 Express One Zone +// (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-security-iam-example-bucket-policies.html) +// and Amazon Web Services Identity and Access Management (IAM) identity-based +// policies for S3 Express One Zone (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-security-iam-identity-policies.html) +// in the Amazon S3 User Guide. // -// By default, x-amz-copy-source identifies the current version of an object -// to copy. If the current version is a delete marker, Amazon S3 behaves as -// if the object was deleted. To copy a different version, use the versionId -// subresource. +// # Response and special errors +// +// When the request is an HTTP 1.1 request, the response is chunk encoded. When +// the request is not an HTTP 1.1 request, the response would not contain the +// Content-Length. You always need to read the entire response body to check +// if the copy succeeds. to keep the connection alive while we copy the data. +// +// - If the copy is successful, you receive a response with information about +// the copied object. +// +// - A copy request might return an error when Amazon S3 receives the copy +// request or while Amazon S3 is copying the files. A 200 OK response can +// contain either a success or an error. If the error occurs before the copy +// action starts, you receive a standard Amazon S3 error. If the error occurs +// during the copy operation, the error response is embedded in the 200 OK +// response. For example, in a cross-region copy, you may encounter throttling +// and receive a 200 OK response. For more information, see Resolve the Error +// 200 response when copying objects to Amazon S3 (https://repost.aws/knowledge-center/s3-resolve-200-internalerror). +// The 200 OK status code means the copy was accepted, but it doesn't mean +// the copy is complete. Another example is when you disconnect from Amazon +// S3 before the copy is complete, Amazon S3 might cancel the copy and you +// may receive a 200 OK response. You must stay connected to Amazon S3 until +// the entire response is successfully received and processed. If you call +// this API operation directly, make sure to design your application to parse +// the content of the response and handle it appropriately. If you use Amazon +// Web Services SDKs, SDKs handle this condition. The SDKs detect the embedded +// error and apply error handling per your configuration settings (including +// automatically retrying the request as appropriate). If the condition persists, +// the SDKs throw an exception (or, for the SDKs that don't use exceptions, +// they return an error). +// +// # Charge // -// If you enable versioning on the target bucket, Amazon S3 generates a unique -// version ID for the object being copied. This version ID is different from -// the version ID of the source object. Amazon S3 returns the version ID of -// the copied object in the x-amz-version-id response header in the response. +// The copy request charge is based on the storage class and Region that you +// specify for the destination object. The request can also result in a data +// retrieval charge for the source if the source storage class bills for data +// retrieval. If the copy source is in a different region, the data transfer +// is billed to the copy source account. For pricing information, see Amazon +// S3 pricing (http://aws.amazon.com/s3/pricing/). // -// If you do not enable versioning or suspend it on the target bucket, the version -// ID that Amazon S3 generates is always null. +// # HTTP Host header syntax // -// If the source object's storage class is GLACIER, you must restore a copy -// of this object before you can use it as a source object for the copy operation. -// For more information, see RestoreObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_RestoreObject.html). +// Directory buckets - The HTTP Host header syntax is Bucket_name.s3express-az_id.region.amazonaws.com. // // The following operations are related to CopyObject: // @@ -471,8 +494,6 @@ func (c *S3) CopyObjectRequest(input *CopyObjectInput) (req *request.Request, ou // // - GetObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObject.html) // -// For more information, see Copying Objects (https://docs.aws.amazon.com/AmazonS3/latest/dev/CopyingObjectsExamples.html). -// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -550,94 +571,97 @@ func (c *S3) CreateBucketRequest(input *CreateBucketInput) (req *request.Request // CreateBucket API operation for Amazon Simple Storage Service. // -// Creates a new S3 bucket. To create a bucket, you must register with Amazon -// S3 and have a valid Amazon Web Services Access Key ID to authenticate requests. +// This action creates an Amazon S3 bucket. To create an Amazon S3 on Outposts +// bucket, see CreateBucket (https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_CreateBucket.html). +// +// Creates a new S3 bucket. To create a bucket, you must set up Amazon S3 and +// have a valid Amazon Web Services Access Key ID to authenticate requests. // Anonymous requests are never allowed to create buckets. By creating the bucket, // you become the bucket owner. // -// Not every string is an acceptable bucket name. For information about bucket -// naming restrictions, see Bucket naming rules (https://docs.aws.amazon.com/AmazonS3/latest/userguide/bucketnamingrules.html). -// -// If you want to create an Amazon S3 on Outposts bucket, see Create Bucket -// (https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_CreateBucket.html). -// -// By default, the bucket is created in the US East (N. Virginia) Region. You -// can optionally specify a Region in the request body. You might choose a Region -// to optimize latency, minimize costs, or address regulatory requirements. -// For example, if you reside in Europe, you will probably find it advantageous -// to create buckets in the Europe (Ireland) Region. For more information, see -// Accessing a bucket (https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingBucket.html#access-bucket-intro). -// -// If you send your create bucket request to the s3.amazonaws.com endpoint, -// the request goes to the us-east-1 Region. Accordingly, the signature calculations -// in Signature Version 4 must use us-east-1 as the Region, even if the location -// constraint in the request specifies another Region where the bucket is to -// be created. If you create a bucket in a Region other than US East (N. Virginia), -// your application must be able to handle 307 redirect. For more information, -// see Virtual hosting of buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/VirtualHosting.html). -// -// Access control lists (ACLs) -// -// When creating a bucket using this operation, you can optionally configure -// the bucket ACL to specify the accounts or groups that should be granted specific -// permissions on the bucket. -// -// If your CreateBucket request sets bucket owner enforced for S3 Object Ownership -// and specifies a bucket ACL that provides access to an external Amazon Web -// Services account, your request fails with a 400 error and returns the InvalidBucketAclWithObjectOwnership -// error code. For more information, see Controlling object ownership (https://docs.aws.amazon.com/AmazonS3/latest/userguide/about-object-ownership.html) +// There are two types of buckets: general purpose buckets and directory buckets. +// For more information about these bucket types, see Creating, configuring, +// and working with Amazon S3 buckets (https://docs.aws.amazon.com/AmazonS3/latest/userguide/creating-buckets-s3.html) // in the Amazon S3 User Guide. // -// There are two ways to grant the appropriate permissions using the request -// headers. -// -// - Specify a canned ACL using the x-amz-acl request header. Amazon S3 supports -// a set of predefined ACLs, known as canned ACLs. Each canned ACL has a -// predefined set of grantees and permissions. For more information, see -// Canned ACL (https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#CannedACL). -// -// - Specify access permissions explicitly using the x-amz-grant-read, x-amz-grant-write, -// x-amz-grant-read-acp, x-amz-grant-write-acp, and x-amz-grant-full-control -// headers. These headers map to the set of permissions Amazon S3 supports -// in an ACL. For more information, see Access control list (ACL) overview -// (https://docs.aws.amazon.com/AmazonS3/latest/userguide/acl-overview.html). -// You specify each grantee as a type=value pair, where the type is one of -// the following: id – if the value specified is the canonical user ID -// of an Amazon Web Services account uri – if you are granting permissions -// to a predefined group emailAddress – if the value specified is the email -// address of an Amazon Web Services account Using email addresses to specify -// a grantee is only supported in the following Amazon Web Services Regions: -// US East (N. Virginia) US West (N. California) US West (Oregon) Asia Pacific -// (Singapore) Asia Pacific (Sydney) Asia Pacific (Tokyo) Europe (Ireland) -// South America (São Paulo) For a list of all the Amazon S3 supported Regions -// and endpoints, see Regions and Endpoints (https://docs.aws.amazon.com/general/latest/gr/rande.html#s3_region) -// in the Amazon Web Services General Reference. For example, the following -// x-amz-grant-read header grants the Amazon Web Services accounts identified -// by account IDs permissions to read object data and its metadata: x-amz-grant-read: -// id="11112222333", id="444455556666" -// -// You can use either a canned ACL or specify access permissions explicitly. -// You cannot do both. +// - General purpose buckets - If you send your CreateBucket request to the +// s3.amazonaws.com global endpoint, the request goes to the us-east-1 Region. +// So the signature calculations in Signature Version 4 must use us-east-1 +// as the Region, even if the location constraint in the request specifies +// another Region where the bucket is to be created. If you create a bucket +// in a Region other than US East (N. Virginia), your application must be +// able to handle 307 redirect. For more information, see Virtual hosting +// of buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/VirtualHosting.html) +// in the Amazon S3 User Guide. // -// # Permissions +// - Directory buckets - For directory buckets, you must make requests for +// this API operation to the Regional endpoint. These endpoints support path-style +// requests in the format https://s3express-control.region_code.amazonaws.com/bucket-name +// . Virtual-hosted-style requests aren't supported. For more information, +// see Regional and Zonal endpoints (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-Regions-and-Zones.html) +// in the Amazon S3 User Guide. // -// In addition to s3:CreateBucket, the following permissions are required when -// your CreateBucket includes specific headers: +// Permissions +// +// - General purpose bucket permissions - In addition to the s3:CreateBucket +// permission, the following permissions are required in a policy when your +// CreateBucket request includes specific headers: Access control lists (ACLs) +// +// - In your CreateBucket request, if you specify an access control list +// (ACL) and set it to public-read, public-read-write, authenticated-read, +// or if you explicitly specify any other custom ACLs, both s3:CreateBucket +// and s3:PutBucketAcl permissions are required. In your CreateBucket request, +// if you set the ACL to private, or if you don't specify any ACLs, only +// the s3:CreateBucket permission is required. Object Lock - In your CreateBucket +// request, if you set x-amz-bucket-object-lock-enabled to true, the s3:PutBucketObjectLockConfiguration +// and s3:PutBucketVersioning permissions are required. S3 Object Ownership +// +// - If your CreateBucket request includes the x-amz-object-ownership header, +// then the s3:PutBucketOwnershipControls permission is required. To set +// an ACL on a bucket as part of a CreateBucket request, you must explicitly +// set S3 Object Ownership for the bucket to a different value than the default, +// BucketOwnerEnforced. Additionally, if your desired bucket ACL grants public +// access, you must first create the bucket (without the bucket ACL) and +// then explicitly disable Block Public Access on the bucket before using +// PutBucketAcl to set the ACL. If you try to create a bucket with a public +// ACL, the request will fail. For the majority of modern use cases in S3, +// we recommend that you keep all Block Public Access settings enabled and +// keep ACLs disabled. If you would like to share data with users outside +// of your account, you can use bucket policies as needed. For more information, +// see Controlling ownership of objects and disabling ACLs for your bucket +// (https://docs.aws.amazon.com/AmazonS3/latest/userguide/about-object-ownership.html) +// and Blocking public access to your Amazon S3 storage (https://docs.aws.amazon.com/AmazonS3/latest/userguide/access-control-block-public-access.html) +// in the Amazon S3 User Guide. S3 Block Public Access - If your specific +// use case requires granting public access to your S3 resources, you can +// disable Block Public Access. Specifically, you can create a new bucket +// with Block Public Access enabled, then separately call the DeletePublicAccessBlock +// (https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeletePublicAccessBlock.html) +// API. To use this operation, you must have the s3:PutBucketPublicAccessBlock +// permission. For more information about S3 Block Public Access, see Blocking +// public access to your Amazon S3 storage (https://docs.aws.amazon.com/AmazonS3/latest/userguide/access-control-block-public-access.html) +// in the Amazon S3 User Guide. // -// - ACLs - If your CreateBucket request specifies ACL permissions and the -// ACL is public-read, public-read-write, authenticated-read, or if you specify -// access permissions explicitly through any other ACL, both s3:CreateBucket -// and s3:PutBucketAcl permissions are needed. If the ACL the CreateBucket -// request is private or doesn't specify any ACLs, only s3:CreateBucket permission -// is needed. +// - Directory bucket permissions - You must have the s3express:CreateBucket +// permission in an IAM identity-based policy instead of a bucket policy. +// Cross-account access to this API operation isn't supported. This operation +// can only be performed by the Amazon Web Services account that owns the +// resource. For more information about directory bucket policies and permissions, +// see Amazon Web Services Identity and Access Management (IAM) for S3 Express +// One Zone (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-security-iam.html) +// in the Amazon S3 User Guide. The permissions for ACLs, Object Lock, S3 +// Object Ownership, and S3 Block Public Access are not supported for directory +// buckets. For directory buckets, all Block Public Access settings are enabled +// at the bucket level and S3 Object Ownership is set to Bucket owner enforced +// (ACLs disabled). These settings can't be modified. For more information +// about permissions for creating and working with directory buckets, see +// Directory buckets (https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-buckets-overview.html) +// in the Amazon S3 User Guide. For more information about supported S3 features +// for directory buckets, see Features of S3 Express One Zone (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-one-zone.html#s3-express-features) +// in the Amazon S3 User Guide. // -// - Object Lock - If ObjectLockEnabledForBucket is set to true in your CreateBucket -// request, s3:PutBucketObjectLockConfiguration and s3:PutBucketVersioning -// permissions are required. +// # HTTP Host header syntax // -// - S3 Object Ownership - If your CreateBucket request includes the the -// x-amz-object-ownership header, s3:PutBucketOwnershipControls permission -// is required. +// Directory buckets - The HTTP Host header syntax is s3express-control.region.amazonaws.com. // // The following operations are related to CreateBucket: // @@ -735,143 +759,139 @@ func (c *S3) CreateMultipartUploadRequest(input *CreateMultipartUploadInput) (re // You specify this upload ID in each of your subsequent upload part requests // (see UploadPart (https://docs.aws.amazon.com/AmazonS3/latest/API/API_UploadPart.html)). // You also include this upload ID in the final request to either complete or -// abort the multipart upload request. +// abort the multipart upload request. For more information about multipart +// uploads, see Multipart Upload Overview (https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuoverview.html) +// in the Amazon S3 User Guide. // -// For more information about multipart uploads, see Multipart Upload Overview -// (https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuoverview.html). +// After you initiate a multipart upload and upload one or more parts, to stop +// being charged for storing the uploaded parts, you must either complete or +// abort the multipart upload. Amazon S3 frees up the space used to store the +// parts and stops charging you for storing them only after you either complete +// or abort a multipart upload. // // If you have configured a lifecycle rule to abort incomplete multipart uploads, -// the upload must complete within the number of days specified in the bucket -// lifecycle configuration. Otherwise, the incomplete multipart upload becomes -// eligible for an abort action and Amazon S3 aborts the multipart upload. For -// more information, see Aborting Incomplete Multipart Uploads Using a Bucket -// Lifecycle Policy (https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuoverview.html#mpu-abort-incomplete-mpu-lifecycle-config). +// the created multipart upload must be completed within the number of days +// specified in the bucket lifecycle configuration. Otherwise, the incomplete +// multipart upload becomes eligible for an abort action and Amazon S3 aborts +// the multipart upload. For more information, see Aborting Incomplete Multipart +// Uploads Using a Bucket Lifecycle Configuration (https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuoverview.html#mpu-abort-incomplete-mpu-lifecycle-config). +// +// - Directory buckets - S3 Lifecycle is not supported by directory buckets. +// +// - Directory buckets - For directory buckets, you must make requests for +// this API operation to the Zonal endpoint. These endpoints support virtual-hosted-style +// requests in the format https://bucket_name.s3express-az_id.region.amazonaws.com/key-name +// . Path-style requests are not supported. For more information, see Regional +// and Zonal endpoints (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-Regions-and-Zones.html) +// in the Amazon S3 User Guide. // -// For information about the permissions required to use the multipart upload -// API, see Multipart Upload and Permissions (https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuAndPermissions.html). +// # Request signing // // For request signing, multipart upload is just a series of regular requests. // You initiate a multipart upload, send one or more requests to upload parts, // and then complete the multipart upload process. You sign each request individually. // There is nothing special about signing multipart upload requests. For more // information about signing, see Authenticating Requests (Amazon Web Services -// Signature Version 4) (https://docs.aws.amazon.com/AmazonS3/latest/API/sig-v4-authenticating-requests.html). -// -// After you initiate a multipart upload and upload one or more parts, to stop -// being charged for storing the uploaded parts, you must either complete or -// abort the multipart upload. Amazon S3 frees up the space used to store the -// parts and stop charging you for storing them only after you either complete -// or abort a multipart upload. -// -// You can optionally request server-side encryption. For server-side encryption, -// Amazon S3 encrypts your data as it writes it to disks in its data centers -// and decrypts it when you access it. You can provide your own encryption key, -// or use Amazon Web Services KMS keys or Amazon S3-managed encryption keys. -// If you choose to provide your own encryption key, the request headers you -// provide in UploadPart (https://docs.aws.amazon.com/AmazonS3/latest/API/API_UploadPart.html) -// and UploadPartCopy (https://docs.aws.amazon.com/AmazonS3/latest/API/API_UploadPartCopy.html) -// requests must match the headers you used in the request to initiate the upload -// by using CreateMultipartUpload. -// -// To perform a multipart upload with encryption using an Amazon Web Services -// KMS key, the requester must have permission to the kms:Decrypt and kms:GenerateDataKey* -// actions on the key. These permissions are required because Amazon S3 must -// decrypt and read data from the encrypted file parts before it completes the -// multipart upload. For more information, see Multipart upload API and permissions -// (https://docs.aws.amazon.com/AmazonS3/latest/userguide/mpuoverview.html#mpuAndPermissions) +// Signature Version 4) (https://docs.aws.amazon.com/AmazonS3/latest/API/sig-v4-authenticating-requests.html) // in the Amazon S3 User Guide. // -// If your Identity and Access Management (IAM) user or role is in the same -// Amazon Web Services account as the KMS key, then you must have these permissions -// on the key policy. If your IAM user or role belongs to a different account -// than the key, then you must have the permissions on both the key policy and -// your IAM user or role. -// -// For more information, see Protecting Data Using Server-Side Encryption (https://docs.aws.amazon.com/AmazonS3/latest/dev/serv-side-encryption.html). -// -// # Access Permissions -// -// When copying an object, you can optionally specify the accounts or groups -// that should be granted specific permissions on the new object. There are -// two ways to grant the permissions using the request headers: -// -// - Specify a canned ACL with the x-amz-acl request header. For more information, -// see Canned ACL (https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#CannedACL). -// -// - Specify access permissions explicitly with the x-amz-grant-read, x-amz-grant-read-acp, -// x-amz-grant-write-acp, and x-amz-grant-full-control headers. These parameters -// map to the set of permissions that Amazon S3 supports in an ACL. For more -// information, see Access Control List (ACL) Overview (https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html). -// -// You can use either a canned ACL or specify access permissions explicitly. -// You cannot do both. -// -// # Server-Side- Encryption-Specific Request Headers -// -// You can optionally tell Amazon S3 to encrypt data at rest using server-side -// encryption. Server-side encryption is for data encryption at rest. Amazon -// S3 encrypts your data as it writes it to disks in its data centers and decrypts -// it when you access it. The option you use depends on whether you want to -// use Amazon Web Services managed encryption keys or provide your own encryption -// key. +// Permissions +// +// - General purpose bucket permissions - For information about the permissions +// required to use the multipart upload API, see Multipart upload and permissions +// (https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuAndPermissions.html) +// in the Amazon S3 User Guide. To perform a multipart upload with encryption +// by using an Amazon Web Services KMS key, the requester must have permission +// to the kms:Decrypt and kms:GenerateDataKey* actions on the key. These +// permissions are required because Amazon S3 must decrypt and read data +// from the encrypted file parts before it completes the multipart upload. +// For more information, see Multipart upload API and permissions (https://docs.aws.amazon.com/AmazonS3/latest/userguide/mpuoverview.html#mpuAndPermissions) +// and Protecting data using server-side encryption with Amazon Web Services +// KMS (https://docs.aws.amazon.com/AmazonS3/latest/userguide/UsingKMSEncryption.html) +// in the Amazon S3 User Guide. // -// - Use encryption keys managed by Amazon S3 or customer managed key stored -// in Amazon Web Services Key Management Service (Amazon Web Services KMS) -// – If you want Amazon Web Services to manage the keys used to encrypt +// - Directory bucket permissions - To grant access to this API operation +// on a directory bucket, we recommend that you use the CreateSession (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html) +// API operation for session-based authorization. Specifically, you grant +// the s3express:CreateSession permission to the directory bucket in a bucket +// policy or an IAM identity-based policy. Then, you make the CreateSession +// API call on the bucket to obtain a session token. With the session token +// in your request header, you can make API requests to this operation. After +// the session token expires, you make another CreateSession API call to +// generate a new session token for use. Amazon Web Services CLI or SDKs +// create session and refresh the session token automatically to avoid service +// interruptions when a session expires. For more information about authorization, +// see CreateSession (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html). +// +// Encryption +// +// - General purpose buckets - Server-side encryption is for data encryption +// at rest. Amazon S3 encrypts your data as it writes it to disks in its +// data centers and decrypts it when you access it. Amazon S3 automatically +// encrypts all new objects that are uploaded to an S3 bucket. When doing +// a multipart upload, if you don't specify encryption information in your +// request, the encryption setting of the uploaded parts is set to the default +// encryption configuration of the destination bucket. By default, all buckets +// have a base level of encryption configuration that uses server-side encryption +// with Amazon S3 managed keys (SSE-S3). If the destination bucket has a +// default encryption configuration that uses server-side encryption with +// an Key Management Service (KMS) key (SSE-KMS), or a customer-provided +// encryption key (SSE-C), Amazon S3 uses the corresponding KMS key, or a +// customer-provided key to encrypt the uploaded parts. When you perform +// a CreateMultipartUpload operation, if you want to use a different type +// of encryption setting for the uploaded parts, you can request that Amazon +// S3 encrypts the object with a different encryption key (such as an Amazon +// S3 managed key, a KMS key, or a customer-provided key). When the encryption +// setting in your request is different from the default encryption configuration +// of the destination bucket, the encryption setting in your request takes +// precedence. If you choose to provide your own encryption key, the request +// headers you provide in UploadPart (https://docs.aws.amazon.com/AmazonS3/latest/API/API_UploadPart.html) +// and UploadPartCopy (https://docs.aws.amazon.com/AmazonS3/latest/API/API_UploadPartCopy.html) +// requests must match the headers you used in the CreateMultipartUpload +// request. Use KMS keys (SSE-KMS) that include the Amazon Web Services managed +// key (aws/s3) and KMS customer managed keys stored in Key Management Service +// (KMS) – If you want Amazon Web Services to manage the keys used to encrypt // data, specify the following headers in the request. x-amz-server-side-encryption // x-amz-server-side-encryption-aws-kms-key-id x-amz-server-side-encryption-context // If you specify x-amz-server-side-encryption:aws:kms, but don't provide // x-amz-server-side-encryption-aws-kms-key-id, Amazon S3 uses the Amazon -// Web Services managed key in Amazon Web Services KMS to protect the data. -// All GET and PUT requests for an object protected by Amazon Web Services -// KMS fail if you don't make them with SSL or by using SigV4. For more information -// about server-side encryption with KMS key (SSE-KMS), see Protecting Data -// Using Server-Side Encryption with KMS keys (https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingKMSEncryption.html). -// -// - Use customer-provided encryption keys – If you want to manage your -// own encryption keys, provide all the following headers in the request. -// x-amz-server-side-encryption-customer-algorithm x-amz-server-side-encryption-customer-key -// x-amz-server-side-encryption-customer-key-MD5 For more information about -// server-side encryption with KMS keys (SSE-KMS), see Protecting Data Using -// Server-Side Encryption with KMS keys (https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingKMSEncryption.html). -// -// # Access-Control-List (ACL)-Specific Request Headers -// -// You also can use the following access control–related headers with this -// operation. By default, all objects are private. Only the owner has full access -// control. When adding a new object, you can grant permissions to individual -// Amazon Web Services accounts or to predefined groups defined by Amazon S3. -// These permissions are then added to the access control list (ACL) on the -// object. For more information, see Using ACLs (https://docs.aws.amazon.com/AmazonS3/latest/dev/S3_ACLs_UsingACLs.html). -// With this operation, you can grant access permissions using one of the following -// two methods: -// -// - Specify a canned ACL (x-amz-acl) — Amazon S3 supports a set of predefined -// ACLs, known as canned ACLs. Each canned ACL has a predefined set of grantees -// and permissions. For more information, see Canned ACL (https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#CannedACL). -// -// - Specify access permissions explicitly — To explicitly grant access -// permissions to specific Amazon Web Services accounts or groups, use the -// following headers. Each header maps to specific permissions that Amazon -// S3 supports in an ACL. For more information, see Access Control List (ACL) -// Overview (https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html). -// In the header, you specify a list of grantees who get the specific permission. -// To grant permissions explicitly, use: x-amz-grant-read x-amz-grant-write -// x-amz-grant-read-acp x-amz-grant-write-acp x-amz-grant-full-control You -// specify each grantee as a type=value pair, where the type is one of the -// following: id – if the value specified is the canonical user ID of an -// Amazon Web Services account uri – if you are granting permissions to -// a predefined group emailAddress – if the value specified is the email -// address of an Amazon Web Services account Using email addresses to specify -// a grantee is only supported in the following Amazon Web Services Regions: -// US East (N. Virginia) US West (N. California) US West (Oregon) Asia Pacific -// (Singapore) Asia Pacific (Sydney) Asia Pacific (Tokyo) Europe (Ireland) -// South America (São Paulo) For a list of all the Amazon S3 supported Regions -// and endpoints, see Regions and Endpoints (https://docs.aws.amazon.com/general/latest/gr/rande.html#s3_region) -// in the Amazon Web Services General Reference. For example, the following -// x-amz-grant-read header grants the Amazon Web Services accounts identified -// by account IDs permissions to read object data and its metadata: x-amz-grant-read: -// id="11112222333", id="444455556666" +// Web Services managed key (aws/s3 key) in KMS to protect the data. To perform +// a multipart upload with encryption by using an Amazon Web Services KMS +// key, the requester must have permission to the kms:Decrypt and kms:GenerateDataKey* +// actions on the key. These permissions are required because Amazon S3 must +// decrypt and read data from the encrypted file parts before it completes +// the multipart upload. For more information, see Multipart upload API and +// permissions (https://docs.aws.amazon.com/AmazonS3/latest/userguide/mpuoverview.html#mpuAndPermissions) +// and Protecting data using server-side encryption with Amazon Web Services +// KMS (https://docs.aws.amazon.com/AmazonS3/latest/userguide/UsingKMSEncryption.html) +// in the Amazon S3 User Guide. If your Identity and Access Management (IAM) +// user or role is in the same Amazon Web Services account as the KMS key, +// then you must have these permissions on the key policy. If your IAM user +// or role is in a different account from the key, then you must have the +// permissions on both the key policy and your IAM user or role. All GET +// and PUT requests for an object protected by KMS fail if you don't make +// them by using Secure Sockets Layer (SSL), Transport Layer Security (TLS), +// or Signature Version 4. For information about configuring any of the officially +// supported Amazon Web Services SDKs and Amazon Web Services CLI, see Specifying +// the Signature Version in Request Authentication (https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingAWSSDK.html#specify-signature-version) +// in the Amazon S3 User Guide. For more information about server-side encryption +// with KMS keys (SSE-KMS), see Protecting Data Using Server-Side Encryption +// with KMS keys (https://docs.aws.amazon.com/AmazonS3/latest/userguide/UsingKMSEncryption.html) +// in the Amazon S3 User Guide. Use customer-provided encryption keys (SSE-C) +// – If you want to manage your own encryption keys, provide all the following +// headers in the request. x-amz-server-side-encryption-customer-algorithm +// x-amz-server-side-encryption-customer-key x-amz-server-side-encryption-customer-key-MD5 +// For more information about server-side encryption with customer-provided +// encryption keys (SSE-C), see Protecting data using server-side encryption +// with customer-provided encryption keys (SSE-C) (https://docs.aws.amazon.com/AmazonS3/latest/userguide/ServerSideEncryptionCustomerKeys.html) +// in the Amazon S3 User Guide. +// +// - Directory buckets -For directory buckets, only server-side encryption +// with Amazon S3 managed keys (SSE-S3) (AES256) is supported. +// +// # HTTP Host header syntax +// +// Directory buckets - The HTTP Host header syntax is Bucket_name.s3express-az_id.region.amazonaws.com. // // The following operations are related to CreateMultipartUpload: // @@ -913,6 +933,152 @@ func (c *S3) CreateMultipartUploadWithContext(ctx aws.Context, input *CreateMult return out, req.Send() } +const opCreateSession = "CreateSession" + +// CreateSessionRequest generates a "aws/request.Request" representing the +// client's request for the CreateSession operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See CreateSession for more information on using the CreateSession +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the CreateSessionRequest method. +// req, resp := client.CreateSessionRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/CreateSession +func (c *S3) CreateSessionRequest(input *CreateSessionInput) (req *request.Request, output *CreateSessionOutput) { + op := &request.Operation{ + Name: opCreateSession, + HTTPMethod: "GET", + HTTPPath: "/{Bucket}?session", + } + + if input == nil { + input = &CreateSessionInput{} + } + + output = &CreateSessionOutput{} + req = c.newRequest(op, input, output) + return +} + +// CreateSession API operation for Amazon Simple Storage Service. +// +// Creates a session that establishes temporary security credentials to support +// fast authentication and authorization for the Zonal endpoint APIs on directory +// buckets. For more information about Zonal endpoint APIs that include the +// Availability Zone in the request endpoint, see S3 Express One Zone APIs (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-APIs.html) +// in the Amazon S3 User Guide. +// +// To make Zonal endpoint API requests on a directory bucket, use the CreateSession +// API operation. Specifically, you grant s3express:CreateSession permission +// to a bucket in a bucket policy or an IAM identity-based policy. Then, you +// use IAM credentials to make the CreateSession API request on the bucket, +// which returns temporary security credentials that include the access key +// ID, secret access key, session token, and expiration. These credentials have +// associated permissions to access the Zonal endpoint APIs. After the session +// is created, you don’t need to use other policies to grant permissions to +// each Zonal endpoint API individually. Instead, in your Zonal endpoint API +// requests, you sign your requests by applying the temporary security credentials +// of the session to the request headers and following the SigV4 protocol for +// authentication. You also apply the session token to the x-amz-s3session-token +// request header for authorization. Temporary security credentials are scoped +// to the bucket and expire after 5 minutes. After the expiration time, any +// calls that you make with those credentials will fail. You must use IAM credentials +// again to make a CreateSession API request that generates a new set of temporary +// credentials for use. Temporary credentials cannot be extended or refreshed +// beyond the original specified interval. +// +// If you use Amazon Web Services SDKs, SDKs handle the session token refreshes +// automatically to avoid service interruptions when a session expires. We recommend +// that you use the Amazon Web Services SDKs to initiate and manage requests +// to the CreateSession API. For more information, see Performance guidelines +// and design patterns (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-optimizing-performance-guidelines-design-patterns.html#s3-express-optimizing-performance-session-authentication) +// in the Amazon S3 User Guide. +// +// - You must make requests for this API operation to the Zonal endpoint. +// These endpoints support virtual-hosted-style requests in the format https://bucket_name.s3express-az_id.region.amazonaws.com. +// Path-style requests are not supported. For more information, see Regional +// and Zonal endpoints (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-Regions-and-Zones.html) +// in the Amazon S3 User Guide. +// +// - CopyObject API operation - Unlike other Zonal endpoint APIs, the CopyObject +// API operation doesn't use the temporary security credentials returned +// from the CreateSession API operation for authentication and authorization. +// For information about authentication and authorization of the CopyObject +// API operation on directory buckets, see CopyObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CopyObject.html). +// +// - HeadBucket API operation - Unlike other Zonal endpoint APIs, the HeadBucket +// API operation doesn't use the temporary security credentials returned +// from the CreateSession API operation for authentication and authorization. +// For information about authentication and authorization of the HeadBucket +// API operation on directory buckets, see HeadBucket (https://docs.aws.amazon.com/AmazonS3/latest/API/API_HeadBucket.html). +// +// # Permissions +// +// To obtain temporary security credentials, you must create a bucket policy +// or an IAM identity-based policy that grants s3express:CreateSession permission +// to the bucket. In a policy, you can have the s3express:SessionMode condition +// key to control who can create a ReadWrite or ReadOnly session. For more information +// about ReadWrite or ReadOnly sessions, see x-amz-create-session-mode (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html#API_CreateSession_RequestParameters). +// For example policies, see Example bucket policies for S3 Express One Zone +// (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-security-iam-example-bucket-policies.html) +// and Amazon Web Services Identity and Access Management (IAM) identity-based +// policies for S3 Express One Zone (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-security-iam-identity-policies.html) +// in the Amazon S3 User Guide. +// +// To grant cross-account access to Zonal endpoint APIs, the bucket policy should +// also grant both accounts the s3express:CreateSession permission. +// +// # HTTP Host header syntax +// +// Directory buckets - The HTTP Host header syntax is Bucket_name.s3express-az_id.region.amazonaws.com. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Simple Storage Service's +// API operation CreateSession for usage and error information. +// +// Returned Error Codes: +// - ErrCodeNoSuchBucket "NoSuchBucket" +// The specified bucket does not exist. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/CreateSession +func (c *S3) CreateSession(input *CreateSessionInput) (*CreateSessionOutput, error) { + req, out := c.CreateSessionRequest(input) + return out, req.Send() +} + +// CreateSessionWithContext is the same as CreateSession with the addition of +// the ability to pass a context and additional request options. +// +// See CreateSession for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *S3) CreateSessionWithContext(ctx aws.Context, input *CreateSessionInput, opts ...request.Option) (*CreateSessionOutput, error) { + req, out := c.CreateSessionRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opDeleteBucket = "DeleteBucket" // DeleteBucketRequest generates a "aws/request.Request" representing the @@ -960,7 +1126,36 @@ func (c *S3) DeleteBucketRequest(input *DeleteBucketInput) (req *request.Request // Deletes the S3 bucket. All objects (including all object versions and delete // markers) in the bucket must be deleted before the bucket itself can be deleted. // -// Related Resources +// - Directory buckets - If multipart uploads in a directory bucket are in +// progress, you can't delete the bucket until all the in-progress multipart +// uploads are aborted or completed. +// +// - Directory buckets - For directory buckets, you must make requests for +// this API operation to the Regional endpoint. These endpoints support path-style +// requests in the format https://s3express-control.region_code.amazonaws.com/bucket-name +// . Virtual-hosted-style requests aren't supported. For more information, +// see Regional and Zonal endpoints (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-Regions-and-Zones.html) +// in the Amazon S3 User Guide. +// +// Permissions +// +// - General purpose bucket permissions - You must have the s3:DeleteBucket +// permission on the specified bucket in a policy. +// +// - Directory bucket permissions - You must have the s3express:DeleteBucket +// permission in an IAM identity-based policy instead of a bucket policy. +// Cross-account access to this API operation isn't supported. This operation +// can only be performed by the Amazon Web Services account that owns the +// resource. For more information about directory bucket policies and permissions, +// see Amazon Web Services Identity and Access Management (IAM) for S3 Express +// One Zone (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-security-iam.html) +// in the Amazon S3 User Guide. +// +// # HTTP Host header syntax +// +// Directory buckets - The HTTP Host header syntax is s3express-control.region.amazonaws.com. +// +// The following operations are related to DeleteBucket: // // - CreateBucket (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateBucket.html) // @@ -1038,6 +1233,8 @@ func (c *S3) DeleteBucketAnalyticsConfigurationRequest(input *DeleteBucketAnalyt // DeleteBucketAnalyticsConfiguration API operation for Amazon Simple Storage Service. // +// This operation is not supported by directory buckets. +// // Deletes an analytics configuration for the bucket (specified by the analytics // configuration ID). // @@ -1130,6 +1327,8 @@ func (c *S3) DeleteBucketCorsRequest(input *DeleteBucketCorsInput) (req *request // DeleteBucketCors API operation for Amazon Simple Storage Service. // +// This operation is not supported by directory buckets. +// // Deletes the cors configuration information set for the bucket. // // To use this operation, you must have permission to perform the s3:PutBucketCORS @@ -1139,7 +1338,7 @@ func (c *S3) DeleteBucketCorsRequest(input *DeleteBucketCorsInput) (req *request // For information about cors, see Enabling Cross-Origin Resource Sharing (https://docs.aws.amazon.com/AmazonS3/latest/dev/cors.html) // in the Amazon S3 User Guide. // -// Related Resources: +// Related Resources // // - PutBucketCors (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketCors.html) // @@ -1217,9 +1416,12 @@ func (c *S3) DeleteBucketEncryptionRequest(input *DeleteBucketEncryptionInput) ( // DeleteBucketEncryption API operation for Amazon Simple Storage Service. // -// This implementation of the DELETE action removes default encryption from -// the bucket. For information about the Amazon S3 default encryption feature, -// see Amazon S3 Default Bucket Encryption (https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-encryption.html) +// This operation is not supported by directory buckets. +// +// This implementation of the DELETE action resets the default encryption for +// the bucket as server-side encryption with Amazon S3 managed keys (SSE-S3). +// For information about the bucket default encryption feature, see Amazon S3 +// Bucket Default Encryption (https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-encryption.html) // in the Amazon S3 User Guide. // // To use this operation, you must have permissions to perform the s3:PutEncryptionConfiguration @@ -1229,7 +1431,7 @@ func (c *S3) DeleteBucketEncryptionRequest(input *DeleteBucketEncryptionInput) ( // and Managing Access Permissions to your Amazon S3 Resources (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-access-control.html) // in the Amazon S3 User Guide. // -// Related Resources +// The following operations are related to DeleteBucketEncryption: // // - PutBucketEncryption (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketEncryption.html) // @@ -1307,6 +1509,8 @@ func (c *S3) DeleteBucketIntelligentTieringConfigurationRequest(input *DeleteBuc // DeleteBucketIntelligentTieringConfiguration API operation for Amazon Simple Storage Service. // +// This operation is not supported by directory buckets. +// // Deletes the S3 Intelligent-Tiering configuration from the specified bucket. // // The S3 Intelligent-Tiering storage class is designed to optimize storage @@ -1406,6 +1610,8 @@ func (c *S3) DeleteBucketInventoryConfigurationRequest(input *DeleteBucketInvent // DeleteBucketInventoryConfiguration API operation for Amazon Simple Storage Service. // +// This operation is not supported by directory buckets. +// // Deletes an inventory configuration (identified by the inventory ID) from // the bucket. // @@ -1498,6 +1704,8 @@ func (c *S3) DeleteBucketLifecycleRequest(input *DeleteBucketLifecycleInput) (re // DeleteBucketLifecycle API operation for Amazon Simple Storage Service. // +// This operation is not supported by directory buckets. +// // Deletes the lifecycle configuration from the specified bucket. Amazon S3 // removes all the lifecycle configuration rules in the lifecycle subresource // associated with the bucket. Your objects never expire, and Amazon S3 no longer @@ -1592,6 +1800,8 @@ func (c *S3) DeleteBucketMetricsConfigurationRequest(input *DeleteBucketMetricsC // DeleteBucketMetricsConfiguration API operation for Amazon Simple Storage Service. // +// This operation is not supported by directory buckets. +// // Deletes a metrics configuration for the Amazon CloudWatch request metrics // (specified by the metrics configuration ID) from the bucket. Note that this // doesn't include the daily storage metrics. @@ -1687,6 +1897,8 @@ func (c *S3) DeleteBucketOwnershipControlsRequest(input *DeleteBucketOwnershipCo // DeleteBucketOwnershipControls API operation for Amazon Simple Storage Service. // +// This operation is not supported by directory buckets. +// // Removes OwnershipControls for an Amazon S3 bucket. To use this operation, // you must have the s3:PutBucketOwnershipControls permission. For more information // about Amazon S3 permissions, see Specifying Permissions in a Policy (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-with-s3-actions.html). @@ -1772,23 +1984,52 @@ func (c *S3) DeleteBucketPolicyRequest(input *DeleteBucketPolicyInput) (req *req // DeleteBucketPolicy API operation for Amazon Simple Storage Service. // -// This implementation of the DELETE action uses the policy subresource to delete -// the policy of a specified bucket. If you are using an identity other than -// the root user of the Amazon Web Services account that owns the bucket, the -// calling identity must have the DeleteBucketPolicy permissions on the specified -// bucket and belong to the bucket owner's account to use this operation. +// Deletes the policy of a specified bucket. +// +// Directory buckets - For directory buckets, you must make requests for this +// API operation to the Regional endpoint. These endpoints support path-style +// requests in the format https://s3express-control.region_code.amazonaws.com/bucket-name +// . Virtual-hosted-style requests aren't supported. For more information, see +// Regional and Zonal endpoints (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-Regions-and-Zones.html) +// in the Amazon S3 User Guide. +// +// # Permissions +// +// If you are using an identity other than the root user of the Amazon Web Services +// account that owns the bucket, the calling identity must both have the DeleteBucketPolicy +// permissions on the specified bucket and belong to the bucket owner's account +// in order to use this operation. // // If you don't have DeleteBucketPolicy permissions, Amazon S3 returns a 403 // Access Denied error. If you have the correct permissions, but you're not // using an identity that belongs to the bucket owner's account, Amazon S3 returns // a 405 Method Not Allowed error. // -// As a security precaution, the root user of the Amazon Web Services account -// that owns a bucket can always use this operation, even if the policy explicitly -// denies the root user the ability to perform this action. +// To ensure that bucket owners don't inadvertently lock themselves out of their +// own buckets, the root principal in a bucket owner's Amazon Web Services account +// can perform the GetBucketPolicy, PutBucketPolicy, and DeleteBucketPolicy +// API actions, even if their bucket policy explicitly denies the root principal's +// access. Bucket owner root principals can only be blocked from performing +// these API actions by VPC endpoint policies and Amazon Web Services Organizations +// policies. +// +// - General purpose bucket permissions - The s3:DeleteBucketPolicy permission +// is required in a policy. For more information about general purpose buckets +// bucket policies, see Using Bucket Policies and User Policies (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-iam-policies.html) +// in the Amazon S3 User Guide. +// +// - Directory bucket permissions - To grant access to this API operation, +// you must have the s3express:DeleteBucketPolicy permission in an IAM identity-based +// policy instead of a bucket policy. Cross-account access to this API operation +// isn't supported. This operation can only be performed by the Amazon Web +// Services account that owns the resource. For more information about directory +// bucket policies and permissions, see Amazon Web Services Identity and +// Access Management (IAM) for S3 Express One Zone (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-security-iam.html) +// in the Amazon S3 User Guide. +// +// # HTTP Host header syntax // -// For more information about bucket policies, see Using Bucket Policies and -// UserPolicies (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-iam-policies.html). +// Directory buckets - The HTTP Host header syntax is s3express-control.region.amazonaws.com. // // The following operations are related to DeleteBucketPolicy // @@ -1868,6 +2109,8 @@ func (c *S3) DeleteBucketReplicationRequest(input *DeleteBucketReplicationInput) // DeleteBucketReplication API operation for Amazon Simple Storage Service. // +// This operation is not supported by directory buckets. +// // Deletes the replication configuration from the bucket. // // To use this operation, you must have permissions to perform the s3:PutReplicationConfiguration @@ -1960,6 +2203,8 @@ func (c *S3) DeleteBucketTaggingRequest(input *DeleteBucketTaggingInput) (req *r // DeleteBucketTagging API operation for Amazon Simple Storage Service. // +// This operation is not supported by directory buckets. +// // Deletes the tags from the bucket. // // To use this operation, you must have permission to perform the s3:PutBucketTagging @@ -2044,6 +2289,8 @@ func (c *S3) DeleteBucketWebsiteRequest(input *DeleteBucketWebsiteInput) (req *r // DeleteBucketWebsite API operation for Amazon Simple Storage Service. // +// This operation is not supported by directory buckets. +// // This action removes the website configuration for a bucket. Amazon S3 returns // a 200 OK response upon successfully deleting a website configuration on the // specified bucket. You will get a 200 OK response if the website configuration @@ -2136,31 +2383,88 @@ func (c *S3) DeleteObjectRequest(input *DeleteObjectInput) (req *request.Request // DeleteObject API operation for Amazon Simple Storage Service. // -// Removes the null version (if there is one) of an object and inserts a delete -// marker, which becomes the latest version of the object. If there isn't a -// null version, Amazon S3 does not remove any objects but will still respond -// that the command was successful. +// Removes an object from a bucket. The behavior depends on the bucket's versioning +// state: +// +// - If bucket versioning is not enabled, the operation permanently deletes +// the object. +// +// - If bucket versioning is enabled, the operation inserts a delete marker, +// which becomes the current version of the object. To permanently delete +// an object in a versioned bucket, you must include the object’s versionId +// in the request. For more information about versioning-enabled buckets, +// see Deleting object versions from a versioning-enabled bucket (https://docs.aws.amazon.com/AmazonS3/latest/userguide/DeletingObjectVersions.html). +// +// - If bucket versioning is suspended, the operation removes the object +// that has a null versionId, if there is one, and inserts a delete marker +// that becomes the current version of the object. If there isn't an object +// with a null versionId, and all versions of the object have a versionId, +// Amazon S3 does not remove the object and only inserts a delete marker. +// To permanently delete an object that has a versionId, you must include +// the object’s versionId in the request. For more information about versioning-suspended +// buckets, see Deleting objects from versioning-suspended buckets (https://docs.aws.amazon.com/AmazonS3/latest/userguide/DeletingObjectsfromVersioningSuspendedBuckets.html). +// +// - Directory buckets - S3 Versioning isn't enabled and supported for directory +// buckets. For this API operation, only the null value of the version ID +// is supported by directory buckets. You can only specify null to the versionId +// query parameter in the request. +// +// - Directory buckets - For directory buckets, you must make requests for +// this API operation to the Zonal endpoint. These endpoints support virtual-hosted-style +// requests in the format https://bucket_name.s3express-az_id.region.amazonaws.com/key-name +// . Path-style requests are not supported. For more information, see Regional +// and Zonal endpoints (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-Regions-and-Zones.html) +// in the Amazon S3 User Guide. // -// To remove a specific version, you must be the bucket owner and you must use -// the version Id subresource. Using this subresource permanently deletes the -// version. If the object deleted is a delete marker, Amazon S3 sets the response -// header, x-amz-delete-marker, to true. +// To remove a specific version, you must use the versionId query parameter. +// Using this query parameter permanently deletes the version. If the object +// deleted is a delete marker, Amazon S3 sets the response header x-amz-delete-marker +// to true. // // If the object you want to delete is in a bucket where the bucket versioning // configuration is MFA Delete enabled, you must include the x-amz-mfa request // header in the DELETE versionId request. Requests that include x-amz-mfa must -// use HTTPS. +// use HTTPS. For more information about MFA Delete, see Using MFA Delete (https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingMFADelete.html) +// in the Amazon S3 User Guide. To see sample requests that use versioning, +// see Sample Request (https://docs.aws.amazon.com/AmazonS3/latest/API/RESTObjectDELETE.html#ExampleVersionObjectDelete). // -// For more information about MFA Delete, see Using MFA Delete (https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingMFADelete.html). -// To see sample requests that use versioning, see Sample Request (https://docs.aws.amazon.com/AmazonS3/latest/API/RESTObjectDELETE.html#ExampleVersionObjectDelete). +// Directory buckets - MFA delete is not supported by directory buckets. // -// You can delete objects by explicitly calling DELETE Object or configure its -// lifecycle (PutBucketLifecycle (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketLifecycle.html)) +// You can delete objects by explicitly calling DELETE Object or calling (PutBucketLifecycle +// (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketLifecycle.html)) // to enable Amazon S3 to remove them for you. If you want to block users or // accounts from removing or deleting objects from your bucket, you must deny // them the s3:DeleteObject, s3:DeleteObjectVersion, and s3:PutLifeCycleConfiguration // actions. // +// Directory buckets - S3 Lifecycle is not supported by directory buckets. +// +// Permissions +// +// - General purpose bucket permissions - The following permissions are required +// in your policies when your DeleteObjects request includes specific headers. +// s3:DeleteObject - To delete an object from a bucket, you must always have +// the s3:DeleteObject permission. s3:DeleteObjectVersion - To delete a specific +// version of an object from a versioning-enabled bucket, you must have the +// s3:DeleteObjectVersion permission. +// +// - Directory bucket permissions - To grant access to this API operation +// on a directory bucket, we recommend that you use the CreateSession (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html) +// API operation for session-based authorization. Specifically, you grant +// the s3express:CreateSession permission to the directory bucket in a bucket +// policy or an IAM identity-based policy. Then, you make the CreateSession +// API call on the bucket to obtain a session token. With the session token +// in your request header, you can make API requests to this operation. After +// the session token expires, you make another CreateSession API call to +// generate a new session token for use. Amazon Web Services CLI or SDKs +// create session and refresh the session token automatically to avoid service +// interruptions when a session expires. For more information about authorization, +// see CreateSession (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html). +// +// # HTTP Host header syntax +// +// Directory buckets - The HTTP Host header syntax is Bucket_name.s3express-az_id.region.amazonaws.com. +// // The following action is related to DeleteObject: // // - PutObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObject.html) @@ -2236,6 +2540,8 @@ func (c *S3) DeleteObjectTaggingRequest(input *DeleteObjectTaggingInput) (req *r // DeleteObjectTagging API operation for Amazon Simple Storage Service. // +// This operation is not supported by directory buckets. +// // Removes the entire tag set from the specified object. For more information // about managing object tags, see Object Tagging (https://docs.aws.amazon.com/AmazonS3/latest/dev/object-tagging.html). // @@ -2246,7 +2552,7 @@ func (c *S3) DeleteObjectTaggingRequest(input *DeleteObjectTaggingInput) (req *r // in the request. You will need permission for the s3:DeleteObjectVersionTagging // action. // -// The following operations are related to DeleteBucketMetricsConfiguration: +// The following operations are related to DeleteObjectTagging: // // - PutObjectTagging (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObjectTagging.html) // @@ -2327,36 +2633,82 @@ func (c *S3) DeleteObjectsRequest(input *DeleteObjectsInput) (req *request.Reque // DeleteObjects API operation for Amazon Simple Storage Service. // -// This action enables you to delete multiple objects from a bucket using a -// single HTTP request. If you know the object keys that you want to delete, -// then this action provides a suitable alternative to sending individual delete -// requests, reducing per-request overhead. +// This operation enables you to delete multiple objects from a bucket using +// a single HTTP request. If you know the object keys that you want to delete, +// then this operation provides a suitable alternative to sending individual +// delete requests, reducing per-request overhead. // -// The request contains a list of up to 1000 keys that you want to delete. In -// the XML, you provide the object key names, and optionally, version IDs if -// you want to delete a specific version of the object from a versioning-enabled -// bucket. For each key, Amazon S3 performs a delete action and returns the -// result of that delete, success, or failure, in the response. Note that if +// The request can contain a list of up to 1000 keys that you want to delete. +// In the XML, you provide the object key names, and optionally, version IDs +// if you want to delete a specific version of the object from a versioning-enabled +// bucket. For each key, Amazon S3 performs a delete operation and returns the +// result of that delete, success or failure, in the response. Note that if // the object specified in the request is not found, Amazon S3 returns the result // as deleted. // -// The action supports two modes for the response: verbose and quiet. By default, -// the action uses verbose mode in which the response includes the result of -// deletion of each key in your request. In quiet mode the response includes -// only keys where the delete action encountered an error. For a successful -// deletion, the action does not return any information about the delete in -// the response body. +// - Directory buckets - S3 Versioning isn't enabled and supported for directory +// buckets. +// +// - Directory buckets - For directory buckets, you must make requests for +// this API operation to the Zonal endpoint. These endpoints support virtual-hosted-style +// requests in the format https://bucket_name.s3express-az_id.region.amazonaws.com/key-name +// . Path-style requests are not supported. For more information, see Regional +// and Zonal endpoints (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-Regions-and-Zones.html) +// in the Amazon S3 User Guide. +// +// The operation supports two modes for the response: verbose and quiet. By +// default, the operation uses verbose mode in which the response includes the +// result of deletion of each key in your request. In quiet mode the response +// includes only keys where the delete operation encountered an error. For a +// successful deletion in a quiet mode, the operation does not return any information +// about the delete in the response body. // // When performing this action on an MFA Delete enabled bucket, that attempts // to delete any versioned objects, you must include an MFA token. If you do // not provide one, the entire request will fail, even if there are non-versioned // objects you are trying to delete. If you provide an invalid token, whether // there are versioned keys in the request or not, the entire Multi-Object Delete -// request will fail. For information about MFA Delete, see MFA Delete (https://docs.aws.amazon.com/AmazonS3/latest/dev/Versioning.html#MultiFactorAuthenticationDelete). +// request will fail. For information about MFA Delete, see MFA Delete (https://docs.aws.amazon.com/AmazonS3/latest/dev/Versioning.html#MultiFactorAuthenticationDelete) +// in the Amazon S3 User Guide. +// +// Directory buckets - MFA delete is not supported by directory buckets. // -// Finally, the Content-MD5 header is required for all Multi-Object Delete requests. -// Amazon S3 uses the header value to ensure that your request body has not -// been altered in transit. +// Permissions +// +// - General purpose bucket permissions - The following permissions are required +// in your policies when your DeleteObjects request includes specific headers. +// s3:DeleteObject - To delete an object from a bucket, you must always specify +// the s3:DeleteObject permission. s3:DeleteObjectVersion - To delete a specific +// version of an object from a versiong-enabled bucket, you must specify +// the s3:DeleteObjectVersion permission. +// +// - Directory bucket permissions - To grant access to this API operation +// on a directory bucket, we recommend that you use the CreateSession (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html) +// API operation for session-based authorization. Specifically, you grant +// the s3express:CreateSession permission to the directory bucket in a bucket +// policy or an IAM identity-based policy. Then, you make the CreateSession +// API call on the bucket to obtain a session token. With the session token +// in your request header, you can make API requests to this operation. After +// the session token expires, you make another CreateSession API call to +// generate a new session token for use. Amazon Web Services CLI or SDKs +// create session and refresh the session token automatically to avoid service +// interruptions when a session expires. For more information about authorization, +// see CreateSession (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html). +// +// Content-MD5 request header +// +// - General purpose bucket - The Content-MD5 request header is required +// for all Multi-Object Delete requests. Amazon S3 uses the header value +// to ensure that your request body has not been altered in transit. +// +// - Directory bucket - The Content-MD5 request header or a additional checksum +// request header (including x-amz-checksum-crc32, x-amz-checksum-crc32c, +// x-amz-checksum-sha1, or x-amz-checksum-sha256) is required for all Multi-Object +// Delete requests. +// +// # HTTP Host header syntax +// +// Directory buckets - The HTTP Host header syntax is Bucket_name.s3express-az_id.region.amazonaws.com. // // The following operations are related to DeleteObjects: // @@ -2442,6 +2794,8 @@ func (c *S3) DeletePublicAccessBlockRequest(input *DeletePublicAccessBlockInput) // DeletePublicAccessBlock API operation for Amazon Simple Storage Service. // +// This operation is not supported by directory buckets. +// // Removes the PublicAccessBlock configuration for an Amazon S3 bucket. To use // this operation, you must have the s3:PutBucketPublicAccessBlock permission. // For more information about permissions, see Permissions Related to Bucket @@ -2529,6 +2883,8 @@ func (c *S3) GetBucketAccelerateConfigurationRequest(input *GetBucketAccelerateC // GetBucketAccelerateConfiguration API operation for Amazon Simple Storage Service. // +// This operation is not supported by directory buckets. +// // This implementation of the GET action uses the accelerate subresource to // return the Transfer Acceleration state of a bucket, which is either Enabled // or Suspended. Amazon S3 Transfer Acceleration is a bucket-level feature that @@ -2553,7 +2909,7 @@ func (c *S3) GetBucketAccelerateConfigurationRequest(input *GetBucketAccelerateC // (https://docs.aws.amazon.com/AmazonS3/latest/dev/transfer-acceleration.html) // in the Amazon S3 User Guide. // -// Related Resources +// The following operations are related to GetBucketAccelerateConfiguration: // // - PutBucketAccelerateConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketAccelerateConfiguration.html) // @@ -2628,11 +2984,22 @@ func (c *S3) GetBucketAclRequest(input *GetBucketAclInput) (req *request.Request // GetBucketAcl API operation for Amazon Simple Storage Service. // +// This operation is not supported by directory buckets. +// // This implementation of the GET action uses the acl subresource to return // the access control list (ACL) of a bucket. To use GET to return the ACL of -// the bucket, you must have READ_ACP access to the bucket. If READ_ACP permission -// is granted to the anonymous user, you can return the ACL of the bucket without -// using an authorization header. +// the bucket, you must have the READ_ACP access to the bucket. If READ_ACP +// permission is granted to the anonymous user, you can return the ACL of the +// bucket without using an authorization header. +// +// When you use this API operation with an access point, provide the alias of +// the access point in place of the bucket name. +// +// When you use this API operation with an Object Lambda access point, provide +// the alias of the Object Lambda access point in place of the bucket name. +// If the Object Lambda access point alias in a request is not valid, the error +// code InvalidAccessPointAliasError is returned. For more information about +// InvalidAccessPointAliasError, see List of Error Codes (https://docs.aws.amazon.com/AmazonS3/latest/API/ErrorResponses.html#ErrorCodeList). // // If your bucket uses the bucket owner enforced setting for S3 Object Ownership, // requests to read ACLs are still supported and return the bucket-owner-full-control @@ -2640,7 +3007,7 @@ func (c *S3) GetBucketAclRequest(input *GetBucketAclInput) (req *request.Request // see Controlling object ownership and disabling ACLs (https://docs.aws.amazon.com/AmazonS3/latest/userguide/about-object-ownership.html) // in the Amazon S3 User Guide. // -// Related Resources +// The following operations are related to GetBucketAcl: // // - ListObjects (https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListObjects.html) // @@ -2715,6 +3082,8 @@ func (c *S3) GetBucketAnalyticsConfigurationRequest(input *GetBucketAnalyticsCon // GetBucketAnalyticsConfiguration API operation for Amazon Simple Storage Service. // +// This operation is not supported by directory buckets. +// // This implementation of the GET action returns an analytics configuration // (identified by the analytics configuration ID) from the bucket. // @@ -2729,7 +3098,7 @@ func (c *S3) GetBucketAnalyticsConfigurationRequest(input *GetBucketAnalyticsCon // – Storage Class Analysis (https://docs.aws.amazon.com/AmazonS3/latest/dev/analytics-storage-class.html) // in the Amazon S3 User Guide. // -// Related Resources +// The following operations are related to GetBucketAnalyticsConfiguration: // // - DeleteBucketAnalyticsConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketAnalyticsConfiguration.html) // @@ -2808,6 +3177,8 @@ func (c *S3) GetBucketCorsRequest(input *GetBucketCorsInput) (req *request.Reque // GetBucketCors API operation for Amazon Simple Storage Service. // +// This operation is not supported by directory buckets. +// // Returns the Cross-Origin Resource Sharing (CORS) configuration information // set for the bucket. // @@ -2815,6 +3186,15 @@ func (c *S3) GetBucketCorsRequest(input *GetBucketCorsInput) (req *request.Reque // action. By default, the bucket owner has this permission and can grant it // to others. // +// When you use this API operation with an access point, provide the alias of +// the access point in place of the bucket name. +// +// When you use this API operation with an Object Lambda access point, provide +// the alias of the Object Lambda access point in place of the bucket name. +// If the Object Lambda access point alias in a request is not valid, the error +// code InvalidAccessPointAliasError is returned. For more information about +// InvalidAccessPointAliasError, see List of Error Codes (https://docs.aws.amazon.com/AmazonS3/latest/API/ErrorResponses.html#ErrorCodeList). +// // For more information about CORS, see Enabling Cross-Origin Resource Sharing // (https://docs.aws.amazon.com/AmazonS3/latest/dev/cors.html). // @@ -2895,12 +3275,14 @@ func (c *S3) GetBucketEncryptionRequest(input *GetBucketEncryptionInput) (req *r // GetBucketEncryption API operation for Amazon Simple Storage Service. // -// Returns the default encryption configuration for an Amazon S3 bucket. If -// the bucket does not have a default encryption configuration, GetBucketEncryption -// returns ServerSideEncryptionConfigurationNotFoundError. +// This operation is not supported by directory buckets. // -// For information about the Amazon S3 default encryption feature, see Amazon -// S3 Default Bucket Encryption (https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-encryption.html). +// Returns the default encryption configuration for an Amazon S3 bucket. By +// default, all buckets have a default encryption configuration that uses server-side +// encryption with Amazon S3 managed keys (SSE-S3). For information about the +// bucket default encryption feature, see Amazon S3 Bucket Default Encryption +// (https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-encryption.html) +// in the Amazon S3 User Guide. // // To use this operation, you must have permission to perform the s3:GetEncryptionConfiguration // action. The bucket owner has this permission by default. The bucket owner @@ -2985,6 +3367,8 @@ func (c *S3) GetBucketIntelligentTieringConfigurationRequest(input *GetBucketInt // GetBucketIntelligentTieringConfiguration API operation for Amazon Simple Storage Service. // +// This operation is not supported by directory buckets. +// // Gets the S3 Intelligent-Tiering configuration from the specified bucket. // // The S3 Intelligent-Tiering storage class is designed to optimize storage @@ -3083,6 +3467,8 @@ func (c *S3) GetBucketInventoryConfigurationRequest(input *GetBucketInventoryCon // GetBucketInventoryConfiguration API operation for Amazon Simple Storage Service. // +// This operation is not supported by directory buckets. +// // Returns an inventory configuration (identified by the inventory configuration // ID) from the bucket. // @@ -3184,6 +3570,8 @@ func (c *S3) GetBucketLifecycleRequest(input *GetBucketLifecycleInput) (req *req // see the updated version of this topic. This topic is provided for backward // compatibility. // +// This operation is not supported by directory buckets. +// // Returns the lifecycle configuration information set on the bucket. For information // about lifecycle configuration, see Object Lifecycle Management (https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lifecycle-mgmt.html). // @@ -3282,13 +3670,18 @@ func (c *S3) GetBucketLifecycleConfigurationRequest(input *GetBucketLifecycleCon // GetBucketLifecycleConfiguration API operation for Amazon Simple Storage Service. // +// This operation is not supported by directory buckets. +// // Bucket lifecycle configuration now supports specifying a lifecycle rule using -// an object key name prefix, one or more object tags, or a combination of both. +// an object key name prefix, one or more object tags, object size, or any combination +// of these. Accordingly, this section describes the latest API. The previous +// version of the API supported filtering based only on an object key name prefix, +// which is supported for backward compatibility. For the related API description, +// see GetBucketLifecycle (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketLifecycle.html). // Accordingly, this section describes the latest API. The response describes // the new filter element that you can use to specify a filter to select a subset // of objects to which the rule applies. If you are using a previous version -// of the lifecycle configuration, it still works. For the earlier action, see -// GetBucketLifecycle (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketLifecycle.html). +// of the lifecycle configuration, it still works. For the earlier action, // // Returns the lifecycle configuration information set on the bucket. For information // about lifecycle configuration, see Object Lifecycle Management (https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lifecycle-mgmt.html). @@ -3384,14 +3777,24 @@ func (c *S3) GetBucketLocationRequest(input *GetBucketLocationInput) (req *reque // GetBucketLocation API operation for Amazon Simple Storage Service. // +// This operation is not supported by directory buckets. +// // Returns the Region the bucket resides in. You set the bucket's Region using // the LocationConstraint request parameter in a CreateBucket request. For more // information, see CreateBucket (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateBucket.html). // -// To use this implementation of the operation, you must be the bucket owner. +// When you use this API operation with an access point, provide the alias of +// the access point in place of the bucket name. +// +// When you use this API operation with an Object Lambda access point, provide +// the alias of the Object Lambda access point in place of the bucket name. +// If the Object Lambda access point alias in a request is not valid, the error +// code InvalidAccessPointAliasError is returned. For more information about +// InvalidAccessPointAliasError, see List of Error Codes (https://docs.aws.amazon.com/AmazonS3/latest/API/ErrorResponses.html#ErrorCodeList). // -// To use this API against an access point, provide the alias of the access -// point in place of the bucket name. +// We recommend that you use HeadBucket (https://docs.aws.amazon.com/AmazonS3/latest/API/API_HeadBucket.html) +// to return the Region that a bucket resides in. For backward compatibility, +// Amazon S3 continues to support GetBucketLocation. // // The following operations are related to GetBucketLocation: // @@ -3470,8 +3873,10 @@ func (c *S3) GetBucketLoggingRequest(input *GetBucketLoggingInput) (req *request // GetBucketLogging API operation for Amazon Simple Storage Service. // +// This operation is not supported by directory buckets. +// // Returns the logging status of a bucket and the permissions users have to -// view and modify that status. To use GET, you must be the bucket owner. +// view and modify that status. // // The following operations are related to GetBucketLogging: // @@ -3550,6 +3955,8 @@ func (c *S3) GetBucketMetricsConfigurationRequest(input *GetBucketMetricsConfigu // GetBucketMetricsConfiguration API operation for Amazon Simple Storage Service. // +// This operation is not supported by directory buckets. +// // Gets a metrics configuration (specified by the metrics configuration ID) // from the bucket. Note that this doesn't include the daily storage metrics. // @@ -3648,6 +4055,8 @@ func (c *S3) GetBucketNotificationRequest(input *GetBucketNotificationConfigurat // GetBucketNotification API operation for Amazon Simple Storage Service. // +// This operation is not supported by directory buckets. +// // No longer used, see GetBucketNotificationConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketNotificationConfiguration.html). // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -3725,6 +4134,8 @@ func (c *S3) GetBucketNotificationConfigurationRequest(input *GetBucketNotificat // GetBucketNotificationConfiguration API operation for Amazon Simple Storage Service. // +// This operation is not supported by directory buckets. +// // Returns the notification configuration of a bucket. // // If notifications are not enabled on the bucket, the action returns an empty @@ -3735,6 +4146,15 @@ func (c *S3) GetBucketNotificationConfigurationRequest(input *GetBucketNotificat // to other users to read this configuration with the s3:GetBucketNotification // permission. // +// When you use this API operation with an access point, provide the alias of +// the access point in place of the bucket name. +// +// When you use this API operation with an Object Lambda access point, provide +// the alias of the Object Lambda access point in place of the bucket name. +// If the Object Lambda access point alias in a request is not valid, the error +// code InvalidAccessPointAliasError is returned. For more information about +// InvalidAccessPointAliasError, see List of Error Codes (https://docs.aws.amazon.com/AmazonS3/latest/API/ErrorResponses.html#ErrorCodeList). +// // For more information about setting and reading the notification configuration // on a bucket, see Setting Up Notification of Bucket Events (https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html). // For more information about bucket policies, see Using Bucket Policies (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-iam-policies.html). @@ -3814,6 +4234,8 @@ func (c *S3) GetBucketOwnershipControlsRequest(input *GetBucketOwnershipControls // GetBucketOwnershipControls API operation for Amazon Simple Storage Service. // +// This operation is not supported by directory buckets. +// // Retrieves OwnershipControls for an Amazon S3 bucket. To use this operation, // you must have the s3:GetBucketOwnershipControls permission. For more information // about Amazon S3 permissions, see Specifying permissions in a policy (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-with-s3-actions.html). @@ -3898,22 +4320,62 @@ func (c *S3) GetBucketPolicyRequest(input *GetBucketPolicyInput) (req *request.R // GetBucketPolicy API operation for Amazon Simple Storage Service. // -// Returns the policy of a specified bucket. If you are using an identity other -// than the root user of the Amazon Web Services account that owns the bucket, -// the calling identity must have the GetBucketPolicy permissions on the specified -// bucket and belong to the bucket owner's account in order to use this operation. +// Returns the policy of a specified bucket. +// +// Directory buckets - For directory buckets, you must make requests for this +// API operation to the Regional endpoint. These endpoints support path-style +// requests in the format https://s3express-control.region_code.amazonaws.com/bucket-name +// . Virtual-hosted-style requests aren't supported. For more information, see +// Regional and Zonal endpoints (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-Regions-and-Zones.html) +// in the Amazon S3 User Guide. +// +// # Permissions +// +// If you are using an identity other than the root user of the Amazon Web Services +// account that owns the bucket, the calling identity must both have the GetBucketPolicy +// permissions on the specified bucket and belong to the bucket owner's account +// in order to use this operation. // // If you don't have GetBucketPolicy permissions, Amazon S3 returns a 403 Access // Denied error. If you have the correct permissions, but you're not using an // identity that belongs to the bucket owner's account, Amazon S3 returns a // 405 Method Not Allowed error. // -// As a security precaution, the root user of the Amazon Web Services account -// that owns a bucket can always use this operation, even if the policy explicitly -// denies the root user the ability to perform this action. +// To ensure that bucket owners don't inadvertently lock themselves out of their +// own buckets, the root principal in a bucket owner's Amazon Web Services account +// can perform the GetBucketPolicy, PutBucketPolicy, and DeleteBucketPolicy +// API actions, even if their bucket policy explicitly denies the root principal's +// access. Bucket owner root principals can only be blocked from performing +// these API actions by VPC endpoint policies and Amazon Web Services Organizations +// policies. +// +// - General purpose bucket permissions - The s3:GetBucketPolicy permission +// is required in a policy. For more information about general purpose buckets +// bucket policies, see Using Bucket Policies and User Policies (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-iam-policies.html) +// in the Amazon S3 User Guide. +// +// - Directory bucket permissions - To grant access to this API operation, +// you must have the s3express:GetBucketPolicy permission in an IAM identity-based +// policy instead of a bucket policy. Cross-account access to this API operation +// isn't supported. This operation can only be performed by the Amazon Web +// Services account that owns the resource. For more information about directory +// bucket policies and permissions, see Amazon Web Services Identity and +// Access Management (IAM) for S3 Express One Zone (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-security-iam.html) +// in the Amazon S3 User Guide. // -// For more information about bucket policies, see Using Bucket Policies and -// User Policies (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-iam-policies.html). +// # Example bucket policies +// +// General purpose buckets example bucket policies - See Bucket policy examples +// (https://docs.aws.amazon.com/AmazonS3/latest/userguide/example-bucket-policies.html) +// in the Amazon S3 User Guide. +// +// Directory bucket example bucket policies - See Example bucket policies for +// S3 Express One Zone (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-security-iam-example-bucket-policies.html) +// in the Amazon S3 User Guide. +// +// # HTTP Host header syntax +// +// Directory buckets - The HTTP Host header syntax is s3express-control.region.amazonaws.com. // // The following action is related to GetBucketPolicy: // @@ -3990,6 +4452,8 @@ func (c *S3) GetBucketPolicyStatusRequest(input *GetBucketPolicyStatusInput) (re // GetBucketPolicyStatus API operation for Amazon Simple Storage Service. // +// This operation is not supported by directory buckets. +// // Retrieves the policy status for an Amazon S3 bucket, indicating whether the // bucket is public. In order to use this operation, you must have the s3:GetBucketPolicyStatus // permission. For more information about Amazon S3 permissions, see Specifying @@ -4079,6 +4543,8 @@ func (c *S3) GetBucketReplicationRequest(input *GetBucketReplicationInput) (req // GetBucketReplication API operation for Amazon Simple Storage Service. // +// This operation is not supported by directory buckets. +// // Returns the replication configuration of a bucket. // // It can take a while to propagate the put or delete a replication configuration @@ -4176,6 +4642,8 @@ func (c *S3) GetBucketRequestPaymentRequest(input *GetBucketRequestPaymentInput) // GetBucketRequestPayment API operation for Amazon Simple Storage Service. // +// This operation is not supported by directory buckets. +// // Returns the request payment configuration of a bucket. To use this version // of the operation, you must be the bucket owner. For more information, see // Requester Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/RequesterPaysBuckets.html). @@ -4255,6 +4723,8 @@ func (c *S3) GetBucketTaggingRequest(input *GetBucketTaggingInput) (req *request // GetBucketTagging API operation for Amazon Simple Storage Service. // +// This operation is not supported by directory buckets. +// // Returns the tag set associated with the bucket. // // To use this operation, you must have permission to perform the s3:GetBucketTagging @@ -4343,6 +4813,8 @@ func (c *S3) GetBucketVersioningRequest(input *GetBucketVersioningInput) (req *r // GetBucketVersioning API operation for Amazon Simple Storage Service. // +// This operation is not supported by directory buckets. +// // Returns the versioning state of a bucket. // // To retrieve the versioning state of a bucket, you must be the bucket owner. @@ -4430,6 +4902,8 @@ func (c *S3) GetBucketWebsiteRequest(input *GetBucketWebsiteInput) (req *request // GetBucketWebsite API operation for Amazon Simple Storage Service. // +// This operation is not supported by directory buckets. +// // Returns the website configuration for a bucket. To host website on Amazon // S3, you can configure a bucket as website by adding a website configuration. // For more information about hosting websites, see Hosting Websites on Amazon @@ -4440,7 +4914,7 @@ func (c *S3) GetBucketWebsiteRequest(input *GetBucketWebsiteInput) (req *request // bucket owners can allow other users to read the website configuration by // writing a bucket policy granting them the S3:GetBucketWebsite permission. // -// The following operations are related to DeleteBucketWebsite: +// The following operations are related to GetBucketWebsite: // // - DeleteBucketWebsite (https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketWebsite.html) // @@ -4517,110 +4991,106 @@ func (c *S3) GetObjectRequest(input *GetObjectInput) (req *request.Request, outp // GetObject API operation for Amazon Simple Storage Service. // -// Retrieves objects from Amazon S3. To use GET, you must have READ access to -// the object. If you grant READ access to the anonymous user, you can return -// the object without using an authorization header. -// -// An Amazon S3 bucket has no directory hierarchy such as you would find in -// a typical computer file system. You can, however, create a logical hierarchy -// by using object key names that imply a folder structure. For example, instead -// of naming an object sample.jpg, you can name it photos/2006/February/sample.jpg. -// -// To get an object from such a logical hierarchy, specify the full key name -// for the object in the GET operation. For a virtual hosted-style request example, -// if you have the object photos/2006/February/sample.jpg, specify the resource -// as /photos/2006/February/sample.jpg. For a path-style request example, if -// you have the object photos/2006/February/sample.jpg in the bucket named examplebucket, -// specify the resource as /examplebucket/photos/2006/February/sample.jpg. For -// more information about request types, see HTTP Host Header Bucket Specification -// (https://docs.aws.amazon.com/AmazonS3/latest/dev/VirtualHosting.html#VirtualHostingSpecifyBucket). -// -// For more information about returning the ACL of an object, see GetObjectAcl -// (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObjectAcl.html). -// -// If the object you are retrieving is stored in the S3 Glacier or S3 Glacier -// Deep Archive storage class, or S3 Intelligent-Tiering Archive or S3 Intelligent-Tiering -// Deep Archive tiers, before you can retrieve the object you must first restore -// a copy using RestoreObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_RestoreObject.html). -// Otherwise, this action returns an InvalidObjectStateError error. For information -// about restoring archived objects, see Restoring Archived Objects (https://docs.aws.amazon.com/AmazonS3/latest/dev/restoring-objects.html). -// -// Encryption request headers, like x-amz-server-side-encryption, should not -// be sent for GET requests if your object uses server-side encryption with -// KMS keys (SSE-KMS) or server-side encryption with Amazon S3–managed encryption -// keys (SSE-S3). If your object does use these types of keys, you’ll get -// an HTTP 400 BadRequest error. -// -// If you encrypt an object by using server-side encryption with customer-provided -// encryption keys (SSE-C) when you store the object in Amazon S3, then when -// you GET the object, you must use the following headers: -// -// - x-amz-server-side-encryption-customer-algorithm +// Retrieves an object from Amazon S3. // -// - x-amz-server-side-encryption-customer-key -// -// - x-amz-server-side-encryption-customer-key-MD5 +// In the GetObject request, specify the full key name for the object. // -// For more information about SSE-C, see Server-Side Encryption (Using Customer-Provided -// Encryption Keys) (https://docs.aws.amazon.com/AmazonS3/latest/dev/ServerSideEncryptionCustomerKeys.html). -// -// Assuming you have the relevant permission to read object tags, the response -// also returns the x-amz-tagging-count header that provides the count of number -// of tags associated with the object. You can use GetObjectTagging (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObjectTagging.html) -// to retrieve the tag set associated with an object. -// -// # Permissions -// -// You need the relevant read object (or version) permission for this operation. -// For more information, see Specifying Permissions in a Policy (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-with-s3-actions.html). -// If the object you request does not exist, the error Amazon S3 returns depends -// on whether you also have the s3:ListBucket permission. -// -// - If you have the s3:ListBucket permission on the bucket, Amazon S3 will -// return an HTTP status code 404 ("no such key") error. -// -// - If you don’t have the s3:ListBucket permission, Amazon S3 will return -// an HTTP status code 403 ("access denied") error. +// General purpose buckets - Both the virtual-hosted-style requests and the +// path-style requests are supported. For a virtual hosted-style request example, +// if you have the object photos/2006/February/sample.jpg, specify the object +// key name as /photos/2006/February/sample.jpg. For a path-style request example, +// if you have the object photos/2006/February/sample.jpg in the bucket named +// examplebucket, specify the object key name as /examplebucket/photos/2006/February/sample.jpg. +// For more information about request types, see HTTP Host Header Bucket Specification +// (https://docs.aws.amazon.com/AmazonS3/latest/dev/VirtualHosting.html#VirtualHostingSpecifyBucket) +// in the Amazon S3 User Guide. // -// # Versioning +// Directory buckets - Only virtual-hosted-style requests are supported. For +// a virtual hosted-style request example, if you have the object photos/2006/February/sample.jpg +// in the bucket named examplebucket--use1-az5--x-s3, specify the object key +// name as /photos/2006/February/sample.jpg. Also, when you make requests to +// this API operation, your requests are sent to the Zonal endpoint. These endpoints +// support virtual-hosted-style requests in the format https://bucket_name.s3express-az_id.region.amazonaws.com/key-name +// . Path-style requests are not supported. For more information, see Regional +// and Zonal endpoints (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-Regions-and-Zones.html) +// in the Amazon S3 User Guide. // -// By default, the GET action returns the current version of an object. To return -// a different version, use the versionId subresource. +// Permissions +// +// - General purpose bucket permissions - You must have the required permissions +// in a policy. To use GetObject, you must have the READ access to the object +// (or version). If you grant READ access to the anonymous user, the GetObject +// operation returns the object without using an authorization header. For +// more information, see Specifying permissions in a policy (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-with-s3-actions.html) +// in the Amazon S3 User Guide. If you include a versionId in your request +// header, you must have the s3:GetObjectVersion permission to access a specific +// version of an object. The s3:GetObject permission is not required in this +// scenario. If you request the current version of an object without a specific +// versionId in the request header, only the s3:GetObject permission is required. +// The s3:GetObjectVersion permission is not required in this scenario. If +// the object that you request doesn’t exist, the error that Amazon S3 +// returns depends on whether you also have the s3:ListBucket permission. +// If you have the s3:ListBucket permission on the bucket, Amazon S3 returns +// an HTTP status code 404 Not Found error. If you don’t have the s3:ListBucket +// permission, Amazon S3 returns an HTTP status code 403 Access Denied error. +// +// - Directory bucket permissions - To grant access to this API operation +// on a directory bucket, we recommend that you use the CreateSession (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html) +// API operation for session-based authorization. Specifically, you grant +// the s3express:CreateSession permission to the directory bucket in a bucket +// policy or an IAM identity-based policy. Then, you make the CreateSession +// API call on the bucket to obtain a session token. With the session token +// in your request header, you can make API requests to this operation. After +// the session token expires, you make another CreateSession API call to +// generate a new session token for use. Amazon Web Services CLI or SDKs +// create session and refresh the session token automatically to avoid service +// interruptions when a session expires. For more information about authorization, +// see CreateSession (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html). +// +// # Storage classes +// +// If the object you are retrieving is stored in the S3 Glacier Flexible Retrieval +// storage class, the S3 Glacier Deep Archive storage class, the S3 Intelligent-Tiering +// Archive Access tier, or the S3 Intelligent-Tiering Deep Archive Access tier, +// before you can retrieve the object you must first restore a copy using RestoreObject +// (https://docs.aws.amazon.com/AmazonS3/latest/API/API_RestoreObject.html). +// Otherwise, this operation returns an InvalidObjectState error. For information +// about restoring archived objects, see Restoring Archived Objects (https://docs.aws.amazon.com/AmazonS3/latest/dev/restoring-objects.html) +// in the Amazon S3 User Guide. // -// - If you supply a versionId, you need the s3:GetObjectVersion permission -// to access a specific version of an object. If you request a specific version, -// you do not need to have the s3:GetObject permission. +// Directory buckets - For directory buckets, only the S3 Express One Zone storage +// class is supported to store newly created objects. Unsupported storage class +// values won't write a destination object and will respond with the HTTP status +// code 400 Bad Request. // -// - If the current version of the object is a delete marker, Amazon S3 behaves -// as if the object was deleted and includes x-amz-delete-marker: true in -// the response. +// # Encryption // -// For more information about versioning, see PutBucketVersioning (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketVersioning.html). +// Encryption request headers, like x-amz-server-side-encryption, should not +// be sent for the GetObject requests, if your object uses server-side encryption +// with Amazon S3 managed encryption keys (SSE-S3), server-side encryption with +// Key Management Service (KMS) keys (SSE-KMS), or dual-layer server-side encryption +// with Amazon Web Services KMS keys (DSSE-KMS). If you include the header in +// your GetObject requests for the object that uses these types of keys, you’ll +// get an HTTP 400 Bad Request error. // -// # Overriding Response Header Values +// # Overriding response header values through the request // // There are times when you want to override certain response header values -// in a GET response. For example, you might override the Content-Disposition -// response header value in your GET request. -// -// You can override values for a set of response headers using the following -// query parameters. These response header values are sent only on a successful -// request, that is, when status code 200 OK is returned. The set of headers -// you can override using these parameters is a subset of the headers that Amazon -// S3 accepts when you create an object. The response headers that you can override -// for the GET response are Content-Type, Content-Language, Expires, Cache-Control, -// Content-Disposition, and Content-Encoding. To override these header values -// in the GET response, you use the following request parameters. -// -// You must sign the request, either using an Authorization header or a presigned -// URL, when using these parameters. They cannot be used with an unsigned (anonymous) -// request. +// of a GetObject response. For example, you might override the Content-Disposition +// response header value through your GetObject request. // -// - response-content-type +// You can override values for a set of response headers. These modified response +// header values are included only in a successful response, that is, when the +// HTTP status code 200 OK is returned. The headers you can override using the +// following query parameters in the request are a subset of the headers that +// Amazon S3 accepts when you create an object. // -// - response-content-language +// The response headers that you can override for the GetObject response are +// Cache-Control, Content-Disposition, Content-Encoding, Content-Language, Content-Type, +// and Expires. // -// - response-expires +// To override values for a set of response headers in the GetObject response, +// you can use the following query parameters in the request. // // - response-cache-control // @@ -4628,17 +5098,19 @@ func (c *S3) GetObjectRequest(input *GetObjectInput) (req *request.Request, outp // // - response-content-encoding // -// # Additional Considerations about Request Headers +// - response-content-language +// +// - response-content-type +// +// - response-expires // -// If both of the If-Match and If-Unmodified-Since headers are present in the -// request as follows: If-Match condition evaluates to true, and; If-Unmodified-Since -// condition evaluates to false; then, S3 returns 200 OK and the data requested. +// When you use these parameters, you must sign the request by using either +// an Authorization header or a presigned URL. These parameters cannot be used +// with an unsigned (anonymous) request. // -// If both of the If-None-Match and If-Modified-Since headers are present in -// the request as follows:If-None-Match condition evaluates to false, and; If-Modified-Since -// condition evaluates to true; then, S3 returns 304 Not Modified response code. +// # HTTP Host header syntax // -// For more information about conditional requests, see RFC 7232 (https://tools.ietf.org/html/rfc7232). +// Directory buckets - The HTTP Host header syntax is Bucket_name.s3express-az_id.region.amazonaws.com. // // The following operations are related to GetObject: // @@ -4661,6 +5133,15 @@ func (c *S3) GetObjectRequest(input *GetObjectInput) (req *request.Request, outp // - ErrCodeInvalidObjectState "InvalidObjectState" // Object is archived and inaccessible until restored. // +// If the object you are retrieving is stored in the S3 Glacier Flexible Retrieval +// storage class, the S3 Glacier Deep Archive storage class, the S3 Intelligent-Tiering +// Archive Access tier, or the S3 Intelligent-Tiering Deep Archive Access tier, +// before you can retrieve the object you must first restore a copy using RestoreObject +// (https://docs.aws.amazon.com/AmazonS3/latest/API/API_RestoreObject.html). +// Otherwise, this operation returns an InvalidObjectState error. For information +// about restoring archived objects, see Restoring Archived Objects (https://docs.aws.amazon.com/AmazonS3/latest/dev/restoring-objects.html) +// in the Amazon S3 User Guide. +// // See also, https://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/GetObject func (c *S3) GetObject(input *GetObjectInput) (*GetObjectOutput, error) { req, out := c.GetObjectRequest(input) @@ -4726,15 +5207,15 @@ func (c *S3) GetObjectAclRequest(input *GetObjectAclInput) (req *request.Request // GetObjectAcl API operation for Amazon Simple Storage Service. // +// This operation is not supported by directory buckets. +// // Returns the access control list (ACL) of an object. To use this operation, // you must have s3:GetObjectAcl permissions or READ_ACP access to the object. // For more information, see Mapping of ACL permissions and access policy permissions // (https://docs.aws.amazon.com/AmazonS3/latest/userguide/acl-overview.html#acl-access-policy-permission-mapping) // in the Amazon S3 User Guide // -// This action is not supported by Amazon S3 on Outposts. -// -// # Versioning +// This functionality is not supported for Amazon S3 on Outposts. // // By default, GET returns ACL information about the current version of an object. // To return ACL information about a different version, use the versionId subresource. @@ -4832,17 +5313,65 @@ func (c *S3) GetObjectAttributesRequest(input *GetObjectAttributesInput) (req *r // GetObjectAttributes API operation for Amazon Simple Storage Service. // // Retrieves all the metadata from an object without returning the object itself. -// This action is useful if you're interested only in an object's metadata. -// To use GetObjectAttributes, you must have READ access to the object. +// This operation is useful if you're interested only in an object's metadata. // -// GetObjectAttributes combines the functionality of GetObjectAcl, GetObjectLegalHold, -// GetObjectLockConfiguration, GetObjectRetention, GetObjectTagging, HeadObject, -// and ListParts. All of the data returned with each of those individual calls -// can be returned with a single call to GetObjectAttributes. +// GetObjectAttributes combines the functionality of HeadObject and ListParts. +// All of the data returned with each of those individual calls can be returned +// with a single call to GetObjectAttributes. +// +// Directory buckets - For directory buckets, you must make requests for this +// API operation to the Zonal endpoint. These endpoints support virtual-hosted-style +// requests in the format https://bucket_name.s3express-az_id.region.amazonaws.com/key-name +// . Path-style requests are not supported. For more information, see Regional +// and Zonal endpoints (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-Regions-and-Zones.html) +// in the Amazon S3 User Guide. +// +// Permissions +// +// - General purpose bucket permissions - To use GetObjectAttributes, you +// must have READ access to the object. The permissions that you need to +// use this operation with depend on whether the bucket is versioned. If +// the bucket is versioned, you need both the s3:GetObjectVersion and s3:GetObjectVersionAttributes +// permissions for this operation. If the bucket is not versioned, you need +// the s3:GetObject and s3:GetObjectAttributes permissions. For more information, +// see Specifying Permissions in a Policy (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-with-s3-actions.html) +// in the Amazon S3 User Guide. If the object that you request does not exist, +// the error Amazon S3 returns depends on whether you also have the s3:ListBucket +// permission. If you have the s3:ListBucket permission on the bucket, Amazon +// S3 returns an HTTP status code 404 Not Found ("no such key") error. If +// you don't have the s3:ListBucket permission, Amazon S3 returns an HTTP +// status code 403 Forbidden ("access denied") error. +// +// - Directory bucket permissions - To grant access to this API operation +// on a directory bucket, we recommend that you use the CreateSession (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html) +// API operation for session-based authorization. Specifically, you grant +// the s3express:CreateSession permission to the directory bucket in a bucket +// policy or an IAM identity-based policy. Then, you make the CreateSession +// API call on the bucket to obtain a session token. With the session token +// in your request header, you can make API requests to this operation. After +// the session token expires, you make another CreateSession API call to +// generate a new session token for use. Amazon Web Services CLI or SDKs +// create session and refresh the session token automatically to avoid service +// interruptions when a session expires. For more information about authorization, +// see CreateSession (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html). +// +// # Encryption +// +// Encryption request headers, like x-amz-server-side-encryption, should not +// be sent for HEAD requests if your object uses server-side encryption with +// Key Management Service (KMS) keys (SSE-KMS), dual-layer server-side encryption +// with Amazon Web Services KMS keys (DSSE-KMS), or server-side encryption with +// Amazon S3 managed encryption keys (SSE-S3). The x-amz-server-side-encryption +// header is used when you PUT an object to S3 and want to specify the encryption +// method. If you include this header in a GET request for an object that uses +// these types of keys, you’ll get an HTTP 400 Bad Request error. It's because +// the encryption method can't be changed when you retrieve the object. // // If you encrypt an object by using server-side encryption with customer-provided // encryption keys (SSE-C) when you store the object in Amazon S3, then when -// you retrieve the metadata from the object, you must use the following headers: +// you retrieve the metadata from the object, you must use the following headers +// to provide the encryption key for the server to be able to retrieve the object's +// metadata. The headers are: // // - x-amz-server-side-encryption-customer-algorithm // @@ -4854,47 +5383,35 @@ func (c *S3) GetObjectAttributesRequest(input *GetObjectAttributesInput) (req *r // Encryption Keys) (https://docs.aws.amazon.com/AmazonS3/latest/dev/ServerSideEncryptionCustomerKeys.html) // in the Amazon S3 User Guide. // -// - Encryption request headers, such as x-amz-server-side-encryption, should -// not be sent for GET requests if your object uses server-side encryption -// with Amazon Web Services KMS keys stored in Amazon Web Services Key Management -// Service (SSE-KMS) or server-side encryption with Amazon S3 managed encryption -// keys (SSE-S3). If your object does use these types of keys, you'll get -// an HTTP 400 Bad Request error. +// Directory bucket permissions - For directory buckets, only server-side encryption +// with Amazon S3 managed keys (SSE-S3) (AES256) is supported. +// +// # Versioning +// +// Directory buckets - S3 Versioning isn't enabled and supported for directory +// buckets. For this API operation, only the null value of the version ID is +// supported by directory buckets. You can only specify null to the versionId +// query parameter in the request. // -// - The last modified property in this case is the creation date of the -// object. +// # Conditional request headers // // Consider the following when using request headers: // // - If both of the If-Match and If-Unmodified-Since headers are present // in the request as follows, then Amazon S3 returns the HTTP status code // 200 OK and the data requested: If-Match condition evaluates to true. If-Unmodified-Since -// condition evaluates to false. +// condition evaluates to false. For more information about conditional requests, +// see RFC 7232 (https://tools.ietf.org/html/rfc7232). // // - If both of the If-None-Match and If-Modified-Since headers are present // in the request as follows, then Amazon S3 returns the HTTP status code // 304 Not Modified: If-None-Match condition evaluates to false. If-Modified-Since -// condition evaluates to true. -// -// For more information about conditional requests, see RFC 7232 (https://tools.ietf.org/html/rfc7232). -// -// # Permissions -// -// The permissions that you need to use this operation depend on whether the -// bucket is versioned. If the bucket is versioned, you need both the s3:GetObjectVersion -// and s3:GetObjectVersionAttributes permissions for this operation. If the -// bucket is not versioned, you need the s3:GetObject and s3:GetObjectAttributes -// permissions. For more information, see Specifying Permissions in a Policy -// (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-with-s3-actions.html) -// in the Amazon S3 User Guide. If the object that you request does not exist, -// the error Amazon S3 returns depends on whether you also have the s3:ListBucket -// permission. +// condition evaluates to true. For more information about conditional requests, +// see RFC 7232 (https://tools.ietf.org/html/rfc7232). // -// - If you have the s3:ListBucket permission on the bucket, Amazon S3 returns -// an HTTP status code 404 Not Found ("no such key") error. +// # HTTP Host header syntax // -// - If you don't have the s3:ListBucket permission, Amazon S3 returns an -// HTTP status code 403 Forbidden ("access denied") error. +// Directory buckets - The HTTP Host header syntax is Bucket_name.s3express-az_id.region.amazonaws.com. // // The following actions are related to GetObjectAttributes: // @@ -4990,10 +5507,12 @@ func (c *S3) GetObjectLegalHoldRequest(input *GetObjectLegalHoldInput) (req *req // GetObjectLegalHold API operation for Amazon Simple Storage Service. // +// This operation is not supported by directory buckets. +// // Gets an object's current legal hold status. For more information, see Locking // Objects (https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock.html). // -// This action is not supported by Amazon S3 on Outposts. +// This functionality is not supported for Amazon S3 on Outposts. // // The following action is related to GetObjectLegalHold: // @@ -5070,6 +5589,8 @@ func (c *S3) GetObjectLockConfigurationRequest(input *GetObjectLockConfiguration // GetObjectLockConfiguration API operation for Amazon Simple Storage Service. // +// This operation is not supported by directory buckets. +// // Gets the Object Lock configuration for a bucket. The rule specified in the // Object Lock configuration will be applied by default to every new object // placed in the specified bucket. For more information, see Locking Objects @@ -5150,10 +5671,12 @@ func (c *S3) GetObjectRetentionRequest(input *GetObjectRetentionInput) (req *req // GetObjectRetention API operation for Amazon Simple Storage Service. // +// This operation is not supported by directory buckets. +// // Retrieves an object's retention settings. For more information, see Locking // Objects (https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock.html). // -// This action is not supported by Amazon S3 on Outposts. +// This functionality is not supported for Amazon S3 on Outposts. // // The following action is related to GetObjectRetention: // @@ -5230,6 +5753,8 @@ func (c *S3) GetObjectTaggingRequest(input *GetObjectTaggingInput) (req *request // GetObjectTagging API operation for Amazon Simple Storage Service. // +// This operation is not supported by directory buckets. +// // Returns the tag-set of an object. You send the GET request against the tagging // subresource associated with the object. // @@ -5325,9 +5850,10 @@ func (c *S3) GetObjectTorrentRequest(input *GetObjectTorrentInput) (req *request // GetObjectTorrent API operation for Amazon Simple Storage Service. // +// This operation is not supported by directory buckets. +// // Returns torrent files from a bucket. BitTorrent can save you bandwidth when -// you're distributing large files. For more information about BitTorrent, see -// Using BitTorrent with Amazon S3 (https://docs.aws.amazon.com/AmazonS3/latest/dev/S3Torrent.html). +// you're distributing large files. // // You can get torrent only for objects that are less than 5 GB in size, and // that are not encrypted using server-side encryption with a customer-provided @@ -5335,7 +5861,7 @@ func (c *S3) GetObjectTorrentRequest(input *GetObjectTorrentInput) (req *request // // To use GET, you must have READ access to the object. // -// This action is not supported by Amazon S3 on Outposts. +// This functionality is not supported for Amazon S3 on Outposts. // // The following action is related to GetObjectTorrent: // @@ -5412,6 +5938,8 @@ func (c *S3) GetPublicAccessBlockRequest(input *GetPublicAccessBlockInput) (req // GetPublicAccessBlock API operation for Amazon Simple Storage Service. // +// This operation is not supported by directory buckets. +// // Retrieves the PublicAccessBlock configuration for an Amazon S3 bucket. To // use this operation, you must have the s3:GetBucketPublicAccessBlock permission. // For more information about Amazon S3 permissions, see Specifying Permissions @@ -5503,33 +6031,63 @@ func (c *S3) HeadBucketRequest(input *HeadBucketInput) (req *request.Request, ou output = &HeadBucketOutput{} req = c.newRequest(op, input, output) - req.Handlers.Unmarshal.Swap(restxml.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) return } // HeadBucket API operation for Amazon Simple Storage Service. // -// This action is useful to determine if a bucket exists and you have permission -// to access it. The action returns a 200 OK if the bucket exists and you have -// permission to access it. +// You can use this operation to determine if a bucket exists and if you have +// permission to access it. The action returns a 200 OK if the bucket exists +// and you have permission to access it. // // If the bucket does not exist or you do not have permission to access it, -// the HEAD request returns a generic 404 Not Found or 403 Forbidden code. A -// message body is not included, so you cannot determine the exception beyond -// these error codes. +// the HEAD request returns a generic 400 Bad Request, 403 Forbidden or 404 +// Not Found code. A message body is not included, so you cannot determine the +// exception beyond these HTTP response codes. +// +// Directory buckets - You must make requests for this API operation to the +// Zonal endpoint. These endpoints support virtual-hosted-style requests in +// the format https://bucket_name.s3express-az_id.region.amazonaws.com. Path-style +// requests are not supported. For more information, see Regional and Zonal +// endpoints (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-Regions-and-Zones.html) +// in the Amazon S3 User Guide. // -// To use this operation, you must have permissions to perform the s3:ListBucket -// action. The bucket owner has this permission by default and can grant this -// permission to others. For more information about permissions, see Permissions -// Related to Bucket Subresource Operations (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources) -// and Managing Access Permissions to Your Amazon S3 Resources (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-access-control.html). +// # Authentication and authorization +// +// All HeadBucket requests must be authenticated and signed by using IAM credentials +// (access key ID and secret access key for the IAM identities). All headers +// with the x-amz- prefix, including x-amz-copy-source, must be signed. For +// more information, see REST Authentication (https://docs.aws.amazon.com/AmazonS3/latest/dev/RESTAuthentication.html). +// +// Directory bucket - You must use IAM credentials to authenticate and authorize +// your access to the HeadBucket API operation, instead of using the temporary +// security credentials through the CreateSession API operation. // -// To use this API against an access point, you must provide the alias of the -// access point in place of the bucket name or specify the access point ARN. -// When using the access point ARN, you must direct requests to the access point -// hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. -// When using the Amazon Web Services SDKs, you provide the ARN in place of -// the bucket name. For more information see, Using access points (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html). +// Amazon Web Services CLI or SDKs handles authentication and authorization +// on your behalf. +// +// Permissions +// +// - General purpose bucket permissions - To use this operation, you must +// have permissions to perform the s3:ListBucket action. The bucket owner +// has this permission by default and can grant this permission to others. +// For more information about permissions, see Managing access permissions +// to your Amazon S3 resources (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-access-control.html) +// in the Amazon S3 User Guide. +// +// - Directory bucket permissions - You must have the s3express:CreateSession +// permission in the Action element of a policy. By default, the session +// is in the ReadWrite mode. If you want to restrict the access, you can +// explicitly set the s3express:SessionMode condition key to ReadOnly on +// the bucket. For more information about example bucket policies, see Example +// bucket policies for S3 Express One Zone (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-security-iam-example-bucket-policies.html) +// and Amazon Web Services Identity and Access Management (IAM) identity-based +// policies for S3 Express One Zone (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-security-iam-identity-policies.html) +// in the Amazon S3 User Guide. +// +// # HTTP Host header syntax +// +// Directory buckets - The HTTP Host header syntax is Bucket_name.s3express-az_id.region.amazonaws.com. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -5607,19 +6165,70 @@ func (c *S3) HeadObjectRequest(input *HeadObjectInput) (req *request.Request, ou // HeadObject API operation for Amazon Simple Storage Service. // -// The HEAD action retrieves metadata from an object without returning the object -// itself. This action is useful if you're only interested in an object's metadata. -// To use HEAD, you must have READ access to the object. +// The HEAD operation retrieves metadata from an object without returning the +// object itself. This operation is useful if you're interested only in an object's +// metadata. +// +// A HEAD request has the same options as a GET operation on an object. The +// response is identical to the GET response except that there is no response +// body. Because of this, if the HEAD request generates an error, it returns +// a generic code, such as 400 Bad Request, 403 Forbidden, 404 Not Found, 405 +// Method Not Allowed, 412 Precondition Failed, or 304 Not Modified. It's not +// possible to retrieve the exact exception of these error codes. // -// A HEAD request has the same options as a GET action on an object. The response -// is identical to the GET response except that there is no response body. Because -// of this, if the HEAD request generates an error, it returns a generic 404 -// Not Found or 403 Forbidden code. It is not possible to retrieve the exact -// exception beyond these error codes. +// Request headers are limited to 8 KB in size. For more information, see Common +// Request Headers (https://docs.aws.amazon.com/AmazonS3/latest/API/RESTCommonRequestHeaders.html). +// +// Directory buckets - For directory buckets, you must make requests for this +// API operation to the Zonal endpoint. These endpoints support virtual-hosted-style +// requests in the format https://bucket_name.s3express-az_id.region.amazonaws.com/key-name +// . Path-style requests are not supported. For more information, see Regional +// and Zonal endpoints (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-Regions-and-Zones.html) +// in the Amazon S3 User Guide. +// +// Permissions +// +// - General purpose bucket permissions - To use HEAD, you must have the +// s3:GetObject permission. You need the relevant read object (or version) +// permission for this operation. For more information, see Actions, resources, +// and condition keys for Amazon S3 (https://docs.aws.amazon.com/AmazonS3/latest/dev/list_amazons3.html) +// in the Amazon S3 User Guide. If the object you request doesn't exist, +// the error that Amazon S3 returns depends on whether you also have the +// s3:ListBucket permission. If you have the s3:ListBucket permission on +// the bucket, Amazon S3 returns an HTTP status code 404 Not Found error. +// If you don’t have the s3:ListBucket permission, Amazon S3 returns an +// HTTP status code 403 Forbidden error. +// +// - Directory bucket permissions - To grant access to this API operation +// on a directory bucket, we recommend that you use the CreateSession (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html) +// API operation for session-based authorization. Specifically, you grant +// the s3express:CreateSession permission to the directory bucket in a bucket +// policy or an IAM identity-based policy. Then, you make the CreateSession +// API call on the bucket to obtain a session token. With the session token +// in your request header, you can make API requests to this operation. After +// the session token expires, you make another CreateSession API call to +// generate a new session token for use. Amazon Web Services CLI or SDKs +// create session and refresh the session token automatically to avoid service +// interruptions when a session expires. For more information about authorization, +// see CreateSession (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html). +// +// # Encryption +// +// Encryption request headers, like x-amz-server-side-encryption, should not +// be sent for HEAD requests if your object uses server-side encryption with +// Key Management Service (KMS) keys (SSE-KMS), dual-layer server-side encryption +// with Amazon Web Services KMS keys (DSSE-KMS), or server-side encryption with +// Amazon S3 managed encryption keys (SSE-S3). The x-amz-server-side-encryption +// header is used when you PUT an object to S3 and want to specify the encryption +// method. If you include this header in a HEAD request for an object that uses +// these types of keys, you’ll get an HTTP 400 Bad Request error. It's because +// the encryption method can't be changed when you retrieve the object. // // If you encrypt an object by using server-side encryption with customer-provided // encryption keys (SSE-C) when you store the object in Amazon S3, then when -// you retrieve the metadata from the object, you must use the following headers: +// you retrieve the metadata from the object, you must use the following headers +// to provide the encryption key for the server to be able to retrieve the object's +// metadata. The headers are: // // - x-amz-server-side-encryption-customer-algorithm // @@ -5628,46 +6237,32 @@ func (c *S3) HeadObjectRequest(input *HeadObjectInput) (req *request.Request, ou // - x-amz-server-side-encryption-customer-key-MD5 // // For more information about SSE-C, see Server-Side Encryption (Using Customer-Provided -// Encryption Keys) (https://docs.aws.amazon.com/AmazonS3/latest/dev/ServerSideEncryptionCustomerKeys.html). -// -// - Encryption request headers, like x-amz-server-side-encryption, should -// not be sent for GET requests if your object uses server-side encryption -// with KMS keys (SSE-KMS) or server-side encryption with Amazon S3–managed -// encryption keys (SSE-S3). If your object does use these types of keys, -// you’ll get an HTTP 400 BadRequest error. -// -// - The last modified property in this case is the creation date of the -// object. -// -// Request headers are limited to 8 KB in size. For more information, see Common -// Request Headers (https://docs.aws.amazon.com/AmazonS3/latest/API/RESTCommonRequestHeaders.html). +// Encryption Keys) (https://docs.aws.amazon.com/AmazonS3/latest/dev/ServerSideEncryptionCustomerKeys.html) +// in the Amazon S3 User Guide. // -// Consider the following when using request headers: +// Directory bucket permissions - For directory buckets, only server-side encryption +// with Amazon S3 managed keys (SSE-S3) (AES256) is supported. // -// - Consideration 1 – If both of the If-Match and If-Unmodified-Since -// headers are present in the request as follows: If-Match condition evaluates -// to true, and; If-Unmodified-Since condition evaluates to false; Then Amazon -// S3 returns 200 OK and the data requested. +// Versioning // -// - Consideration 2 – If both of the If-None-Match and If-Modified-Since -// headers are present in the request as follows: If-None-Match condition -// evaluates to false, and; If-Modified-Since condition evaluates to true; -// Then Amazon S3 returns the 304 Not Modified response code. +// - If the current version of the object is a delete marker, Amazon S3 behaves +// as if the object was deleted and includes x-amz-delete-marker: true in +// the response. // -// For more information about conditional requests, see RFC 7232 (https://tools.ietf.org/html/rfc7232). +// - If the specified version is a delete marker, the response returns a +// 405 Method Not Allowed error and the Last-Modified: timestamp response +// header. // -// # Permissions +// - Directory buckets - Delete marker is not supported by directory buckets. // -// You need the relevant read object (or version) permission for this operation. -// For more information, see Specifying Permissions in a Policy (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-with-s3-actions.html). -// If the object you request does not exist, the error Amazon S3 returns depends -// on whether you also have the s3:ListBucket permission. +// - Directory buckets - S3 Versioning isn't enabled and supported for directory +// buckets. For this API operation, only the null value of the version ID +// is supported by directory buckets. You can only specify null to the versionId +// query parameter in the request. // -// - If you have the s3:ListBucket permission on the bucket, Amazon S3 returns -// an HTTP status code 404 ("no such key") error. +// # HTTP Host header syntax // -// - If you don’t have the s3:ListBucket permission, Amazon S3 returns -// an HTTP status code 403 ("access denied") error. +// Directory buckets - The HTTP Host header syntax is Bucket_name.s3express-az_id.region.amazonaws.com. // // The following actions are related to HeadObject: // @@ -5749,6 +6344,8 @@ func (c *S3) ListBucketAnalyticsConfigurationsRequest(input *ListBucketAnalytics // ListBucketAnalyticsConfigurations API operation for Amazon Simple Storage Service. // +// This operation is not supported by directory buckets. +// // Lists the analytics configurations for the bucket. You can have up to 1,000 // analytics configurations per bucket. // @@ -5848,6 +6445,8 @@ func (c *S3) ListBucketIntelligentTieringConfigurationsRequest(input *ListBucket // ListBucketIntelligentTieringConfigurations API operation for Amazon Simple Storage Service. // +// This operation is not supported by directory buckets. +// // Lists the S3 Intelligent-Tiering configuration from the specified bucket. // // The S3 Intelligent-Tiering storage class is designed to optimize storage @@ -5946,6 +6545,8 @@ func (c *S3) ListBucketInventoryConfigurationsRequest(input *ListBucketInventory // ListBucketInventoryConfigurations API operation for Amazon Simple Storage Service. // +// This operation is not supported by directory buckets. +// // Returns a list of inventory configurations for the bucket. You can have up // to 1,000 analytics configurations per bucket. // @@ -6045,6 +6646,8 @@ func (c *S3) ListBucketMetricsConfigurationsRequest(input *ListBucketMetricsConf // ListBucketMetricsConfigurations API operation for Amazon Simple Storage Service. // +// This operation is not supported by directory buckets. +// // Lists the metrics configurations for the bucket. The metrics configurations // are only for the request metrics of the bucket and do not provide information // on daily storage metrics. You can have up to 1,000 configurations per bucket. @@ -6145,9 +6748,14 @@ func (c *S3) ListBucketsRequest(input *ListBucketsInput) (req *request.Request, // ListBuckets API operation for Amazon Simple Storage Service. // +// This operation is not supported by directory buckets. +// // Returns a list of all buckets owned by the authenticated sender of the request. // To use this operation, you must have the s3:ListAllMyBuckets permission. // +// For information about Amazon S3 buckets, see Creating, configuring, and working +// with Amazon S3 buckets (https://docs.aws.amazon.com/AmazonS3/latest/userguide/creating-buckets-s3.html). +// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -6176,6 +6784,160 @@ func (c *S3) ListBucketsWithContext(ctx aws.Context, input *ListBucketsInput, op return out, req.Send() } +const opListDirectoryBuckets = "ListDirectoryBuckets" + +// ListDirectoryBucketsRequest generates a "aws/request.Request" representing the +// client's request for the ListDirectoryBuckets operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See ListDirectoryBuckets for more information on using the ListDirectoryBuckets +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the ListDirectoryBucketsRequest method. +// req, resp := client.ListDirectoryBucketsRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/ListDirectoryBuckets +func (c *S3) ListDirectoryBucketsRequest(input *ListDirectoryBucketsInput) (req *request.Request, output *ListDirectoryBucketsOutput) { + op := &request.Operation{ + Name: opListDirectoryBuckets, + HTTPMethod: "GET", + HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"ContinuationToken"}, + OutputTokens: []string{"ContinuationToken"}, + LimitToken: "MaxDirectoryBuckets", + TruncationToken: "", + }, + } + + if input == nil { + input = &ListDirectoryBucketsInput{} + } + + output = &ListDirectoryBucketsOutput{} + req = c.newRequest(op, input, output) + return +} + +// ListDirectoryBuckets API operation for Amazon Simple Storage Service. +// +// Returns a list of all Amazon S3 directory buckets owned by the authenticated +// sender of the request. For more information about directory buckets, see +// Directory buckets (https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-buckets-overview.html) +// in the Amazon S3 User Guide. +// +// Directory buckets - For directory buckets, you must make requests for this +// API operation to the Regional endpoint. These endpoints support path-style +// requests in the format https://s3express-control.region_code.amazonaws.com/bucket-name +// . Virtual-hosted-style requests aren't supported. For more information, see +// Regional and Zonal endpoints (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-Regions-and-Zones.html) +// in the Amazon S3 User Guide. +// +// # Permissions +// +// You must have the s3express:ListAllMyDirectoryBuckets permission in an IAM +// identity-based policy instead of a bucket policy. Cross-account access to +// this API operation isn't supported. This operation can only be performed +// by the Amazon Web Services account that owns the resource. For more information +// about directory bucket policies and permissions, see Amazon Web Services +// Identity and Access Management (IAM) for S3 Express One Zone (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-security-iam.html) +// in the Amazon S3 User Guide. +// +// # HTTP Host header syntax +// +// Directory buckets - The HTTP Host header syntax is s3express-control.region.amazonaws.com. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Simple Storage Service's +// API operation ListDirectoryBuckets for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/ListDirectoryBuckets +func (c *S3) ListDirectoryBuckets(input *ListDirectoryBucketsInput) (*ListDirectoryBucketsOutput, error) { + req, out := c.ListDirectoryBucketsRequest(input) + return out, req.Send() +} + +// ListDirectoryBucketsWithContext is the same as ListDirectoryBuckets with the addition of +// the ability to pass a context and additional request options. +// +// See ListDirectoryBuckets for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *S3) ListDirectoryBucketsWithContext(ctx aws.Context, input *ListDirectoryBucketsInput, opts ...request.Option) (*ListDirectoryBucketsOutput, error) { + req, out := c.ListDirectoryBucketsRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +// ListDirectoryBucketsPages iterates over the pages of a ListDirectoryBuckets operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See ListDirectoryBuckets method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a ListDirectoryBuckets operation. +// pageNum := 0 +// err := client.ListDirectoryBucketsPages(params, +// func(page *s3.ListDirectoryBucketsOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +func (c *S3) ListDirectoryBucketsPages(input *ListDirectoryBucketsInput, fn func(*ListDirectoryBucketsOutput, bool) bool) error { + return c.ListDirectoryBucketsPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// ListDirectoryBucketsPagesWithContext same as ListDirectoryBucketsPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *S3) ListDirectoryBucketsPagesWithContext(ctx aws.Context, input *ListDirectoryBucketsInput, fn func(*ListDirectoryBucketsOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *ListDirectoryBucketsInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.ListDirectoryBucketsRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*ListDirectoryBucketsOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + const opListMultipartUploads = "ListMultipartUploads" // ListMultipartUploadsRequest generates a "aws/request.Request" representing the @@ -6225,28 +6987,79 @@ func (c *S3) ListMultipartUploadsRequest(input *ListMultipartUploadsInput) (req // ListMultipartUploads API operation for Amazon Simple Storage Service. // -// This action lists in-progress multipart uploads. An in-progress multipart -// upload is a multipart upload that has been initiated using the Initiate Multipart -// Upload request, but has not yet been completed or aborted. +// This operation lists in-progress multipart uploads in a bucket. An in-progress +// multipart upload is a multipart upload that has been initiated by the CreateMultipartUpload +// request, but has not yet been completed or aborted. +// +// Directory buckets - If multipart uploads in a directory bucket are in progress, +// you can't delete the bucket until all the in-progress multipart uploads are +// aborted or completed. +// +// The ListMultipartUploads operation returns a maximum of 1,000 multipart uploads +// in the response. The limit of 1,000 multipart uploads is also the default +// value. You can further limit the number of uploads in a response by specifying +// the max-uploads request parameter. If there are more than 1,000 multipart +// uploads that satisfy your ListMultipartUploads request, the response returns +// an IsTruncated element with the value of true, a NextKeyMarker element, and +// a NextUploadIdMarker element. To list the remaining multipart uploads, you +// need to make subsequent ListMultipartUploads requests. In these requests, +// include two query parameters: key-marker and upload-id-marker. Set the value +// of key-marker to the NextKeyMarker value from the previous response. Similarly, +// set the value of upload-id-marker to the NextUploadIdMarker value from the +// previous response. +// +// Directory buckets - The upload-id-marker element and the NextUploadIdMarker +// element aren't supported by directory buckets. To list the additional multipart +// uploads, you only need to set the value of key-marker to the NextKeyMarker +// value from the previous response. +// +// For more information about multipart uploads, see Uploading Objects Using +// Multipart Upload (https://docs.aws.amazon.com/AmazonS3/latest/dev/uploadobjusingmpu.html) +// in the Amazon S3 User Guide. +// +// Directory buckets - For directory buckets, you must make requests for this +// API operation to the Zonal endpoint. These endpoints support virtual-hosted-style +// requests in the format https://bucket_name.s3express-az_id.region.amazonaws.com/key-name +// . Path-style requests are not supported. For more information, see Regional +// and Zonal endpoints (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-Regions-and-Zones.html) +// in the Amazon S3 User Guide. // -// This action returns at most 1,000 multipart uploads in the response. 1,000 -// multipart uploads is the maximum number of uploads a response can include, -// which is also the default value. You can further limit the number of uploads -// in a response by specifying the max-uploads parameter in the response. If -// additional multipart uploads satisfy the list criteria, the response will -// contain an IsTruncated element with the value true. To list the additional -// multipart uploads, use the key-marker and upload-id-marker request parameters. +// Permissions // -// In the response, the uploads are sorted by key. If your application has initiated -// more than one multipart upload using the same object key, then uploads in -// the response are first sorted by key. Additionally, uploads are sorted in -// ascending order within each key by the upload initiation time. +// - General purpose bucket permissions - For information about permissions +// required to use the multipart upload API, see Multipart Upload and Permissions +// (https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuAndPermissions.html) +// in the Amazon S3 User Guide. // -// For more information on multipart uploads, see Uploading Objects Using Multipart -// Upload (https://docs.aws.amazon.com/AmazonS3/latest/dev/uploadobjusingmpu.html). +// - Directory bucket permissions - To grant access to this API operation +// on a directory bucket, we recommend that you use the CreateSession (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html) +// API operation for session-based authorization. Specifically, you grant +// the s3express:CreateSession permission to the directory bucket in a bucket +// policy or an IAM identity-based policy. Then, you make the CreateSession +// API call on the bucket to obtain a session token. With the session token +// in your request header, you can make API requests to this operation. After +// the session token expires, you make another CreateSession API call to +// generate a new session token for use. Amazon Web Services CLI or SDKs +// create session and refresh the session token automatically to avoid service +// interruptions when a session expires. For more information about authorization, +// see CreateSession (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html). // -// For information on permissions required to use the multipart upload API, -// see Multipart Upload and Permissions (https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuAndPermissions.html). +// Sorting of multipart uploads in response +// +// - General purpose bucket - In the ListMultipartUploads response, the multipart +// uploads are sorted based on two criteria: Key-based sorting - Multipart +// uploads are initially sorted in ascending order based on their object +// keys. Time-based sorting - For uploads that share the same object key, +// they are further sorted in ascending order based on the upload initiation +// time. Among uploads with the same key, the one that was initiated first +// will appear before the ones that were initiated later. +// +// - Directory bucket - In the ListMultipartUploads response, the multipart +// uploads aren't sorted lexicographically based on the object keys. +// +// # HTTP Host header syntax +// +// Directory buckets - The HTTP Host header syntax is Bucket_name.s3express-az_id.region.amazonaws.com. // // The following operations are related to ListMultipartUploads: // @@ -6388,11 +7201,13 @@ func (c *S3) ListObjectVersionsRequest(input *ListObjectVersionsInput) (req *req // ListObjectVersions API operation for Amazon Simple Storage Service. // +// This operation is not supported by directory buckets. +// // Returns metadata about all versions of the objects in a bucket. You can also // use request parameters as selection criteria to return metadata about a subset // of all the object versions. // -// To use this operation, you must have permissions to perform the s3:ListBucketVersions +// To use this operation, you must have permission to perform the s3:ListBucketVersions // action. Be aware of the name difference. // // A 200 OK response can contain valid or invalid XML. Make sure to design your @@ -6400,8 +7215,6 @@ func (c *S3) ListObjectVersionsRequest(input *ListObjectVersionsInput) (req *req // // To use this operation, you must have READ access to the bucket. // -// This action is not supported by Amazon S3 on Outposts. -// // The following operations are related to ListObjectVersions: // // - ListObjectsV2 (https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListObjectsV2.html) @@ -6540,6 +7353,8 @@ func (c *S3) ListObjectsRequest(input *ListObjectsInput) (req *request.Request, // ListObjects API operation for Amazon Simple Storage Service. // +// This operation is not supported by directory buckets. +// // Returns some or all (up to 1,000) of the objects in a bucket. You can use // the request parameters as selection criteria to return a subset of the objects // in a bucket. A 200 OK response can contain valid or invalid XML. Be sure @@ -6700,25 +7515,57 @@ func (c *S3) ListObjectsV2Request(input *ListObjectsV2Input) (req *request.Reque // You can use the request parameters as selection criteria to return a subset // of the objects in a bucket. A 200 OK response can contain valid or invalid // XML. Make sure to design your application to parse the contents of the response -// and handle it appropriately. Objects are returned sorted in an ascending -// order of the respective key names in the list. For more information about -// listing objects, see Listing object keys programmatically (https://docs.aws.amazon.com/AmazonS3/latest/userguide/ListingKeysUsingAPIs.html) +// and handle it appropriately. For more information about listing objects, +// see Listing object keys programmatically (https://docs.aws.amazon.com/AmazonS3/latest/userguide/ListingKeysUsingAPIs.html) +// in the Amazon S3 User Guide. To get a list of your buckets, see ListBuckets +// (https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListBuckets.html). +// +// Directory buckets - For directory buckets, you must make requests for this +// API operation to the Zonal endpoint. These endpoints support virtual-hosted-style +// requests in the format https://bucket_name.s3express-az_id.region.amazonaws.com/key-name +// . Path-style requests are not supported. For more information, see Regional +// and Zonal endpoints (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-Regions-and-Zones.html) +// in the Amazon S3 User Guide. // -// To use this operation, you must have READ access to the bucket. +// Permissions // -// To use this action in an Identity and Access Management (IAM) policy, you -// must have permissions to perform the s3:ListBucket action. The bucket owner -// has this permission by default and can grant this permission to others. For -// more information about permissions, see Permissions Related to Bucket Subresource -// Operations (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources) -// and Managing Access Permissions to Your Amazon S3 Resources (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-access-control.html). +// - General purpose bucket permissions - To use this operation, you must +// have READ access to the bucket. You must have permission to perform the +// s3:ListBucket action. The bucket owner has this permission by default +// and can grant this permission to others. For more information about permissions, +// see Permissions Related to Bucket Subresource Operations (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources) +// and Managing Access Permissions to Your Amazon S3 Resources (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-access-control.html) +// in the Amazon S3 User Guide. // -// This section describes the latest revision of this action. We recommend that -// you use this revised API for application development. For backward compatibility, -// Amazon S3 continues to support the prior version of this API, ListObjects -// (https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListObjects.html). +// - Directory bucket permissions - To grant access to this API operation +// on a directory bucket, we recommend that you use the CreateSession (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html) +// API operation for session-based authorization. Specifically, you grant +// the s3express:CreateSession permission to the directory bucket in a bucket +// policy or an IAM identity-based policy. Then, you make the CreateSession +// API call on the bucket to obtain a session token. With the session token +// in your request header, you can make API requests to this operation. After +// the session token expires, you make another CreateSession API call to +// generate a new session token for use. Amazon Web Services CLI or SDKs +// create session and refresh the session token automatically to avoid service +// interruptions when a session expires. For more information about authorization, +// see CreateSession (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html). +// +// Sorting order of returned objects +// +// - General purpose bucket - For general purpose buckets, ListObjectsV2 +// returns objects in lexicographical order based on their key names. +// +// - Directory bucket - For directory buckets, ListObjectsV2 does not return +// objects in lexicographical order. +// +// # HTTP Host header syntax // -// To get a list of your buckets, see ListBuckets (https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListBuckets.html). +// Directory buckets - The HTTP Host header syntax is Bucket_name.s3express-az_id.region.amazonaws.com. +// +// This section describes the latest revision of this action. We recommend that +// you use this revised API operation for application development. For backward +// compatibility, Amazon S3 continues to support the prior version of this API +// operation, ListObjects (https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListObjects.html). // // The following operations are related to ListObjectsV2: // @@ -6862,24 +7709,58 @@ func (c *S3) ListPartsRequest(input *ListPartsInput) (req *request.Request, outp // ListParts API operation for Amazon Simple Storage Service. // // Lists the parts that have been uploaded for a specific multipart upload. -// This operation must include the upload ID, which you obtain by sending the -// initiate multipart upload request (see CreateMultipartUpload (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateMultipartUpload.html)). -// This request returns a maximum of 1,000 uploaded parts. The default number -// of parts returned is 1,000 parts. You can restrict the number of parts returned -// by specifying the max-parts request parameter. If your multipart upload consists -// of more than 1,000 parts, the response returns an IsTruncated field with -// the value of true, and a NextPartNumberMarker element. In subsequent ListParts -// requests you can include the part-number-marker query string parameter and -// set its value to the NextPartNumberMarker field value from the previous response. -// -// If the upload was created using a checksum algorithm, you will need to have -// permission to the kms:Decrypt action for the request to succeed. +// +// To use this operation, you must provide the upload ID in the request. You +// obtain this uploadID by sending the initiate multipart upload request through +// CreateMultipartUpload (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateMultipartUpload.html). +// +// The ListParts request returns a maximum of 1,000 uploaded parts. The limit +// of 1,000 parts is also the default value. You can restrict the number of +// parts in a response by specifying the max-parts request parameter. If your +// multipart upload consists of more than 1,000 parts, the response returns +// an IsTruncated field with the value of true, and a NextPartNumberMarker element. +// To list remaining uploaded parts, in subsequent ListParts requests, include +// the part-number-marker query string parameter and set its value to the NextPartNumberMarker +// field value from the previous response. // // For more information on multipart uploads, see Uploading Objects Using Multipart -// Upload (https://docs.aws.amazon.com/AmazonS3/latest/dev/uploadobjusingmpu.html). +// Upload (https://docs.aws.amazon.com/AmazonS3/latest/dev/uploadobjusingmpu.html) +// in the Amazon S3 User Guide. +// +// Directory buckets - For directory buckets, you must make requests for this +// API operation to the Zonal endpoint. These endpoints support virtual-hosted-style +// requests in the format https://bucket_name.s3express-az_id.region.amazonaws.com/key-name +// . Path-style requests are not supported. For more information, see Regional +// and Zonal endpoints (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-Regions-and-Zones.html) +// in the Amazon S3 User Guide. // -// For information on permissions required to use the multipart upload API, -// see Multipart Upload and Permissions (https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuAndPermissions.html). +// Permissions +// +// - General purpose bucket permissions - For information about permissions +// required to use the multipart upload API, see Multipart Upload and Permissions +// (https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuAndPermissions.html) +// in the Amazon S3 User Guide. If the upload was created using server-side +// encryption with Key Management Service (KMS) keys (SSE-KMS) or dual-layer +// server-side encryption with Amazon Web Services KMS keys (DSSE-KMS), you +// must have permission to the kms:Decrypt action for the ListParts request +// to succeed. +// +// - Directory bucket permissions - To grant access to this API operation +// on a directory bucket, we recommend that you use the CreateSession (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html) +// API operation for session-based authorization. Specifically, you grant +// the s3express:CreateSession permission to the directory bucket in a bucket +// policy or an IAM identity-based policy. Then, you make the CreateSession +// API call on the bucket to obtain a session token. With the session token +// in your request header, you can make API requests to this operation. After +// the session token expires, you make another CreateSession API call to +// generate a new session token for use. Amazon Web Services CLI or SDKs +// create session and refresh the session token automatically to avoid service +// interruptions when a session expires. For more information about authorization, +// see CreateSession (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html). +// +// # HTTP Host header syntax +// +// Directory buckets - The HTTP Host header syntax is Bucket_name.s3express-az_id.region.amazonaws.com. // // The following operations are related to ListParts: // @@ -7018,6 +7899,8 @@ func (c *S3) PutBucketAccelerateConfigurationRequest(input *PutBucketAccelerateC // PutBucketAccelerateConfiguration API operation for Amazon Simple Storage Service. // +// This operation is not supported by directory buckets. +// // Sets the accelerate configuration of an existing bucket. Amazon S3 Transfer // Acceleration is a bucket-level feature that enables you to perform faster // data transfers to Amazon S3. @@ -7130,9 +8013,11 @@ func (c *S3) PutBucketAclRequest(input *PutBucketAclInput) (req *request.Request // PutBucketAcl API operation for Amazon Simple Storage Service. // +// This operation is not supported by directory buckets. +// // Sets the permissions on an existing bucket using access control lists (ACL). // For more information, see Using ACLs (https://docs.aws.amazon.com/AmazonS3/latest/dev/S3_ACLs_UsingACLs.html). -// To set the ACL of a bucket, you must have WRITE_ACP permission. +// To set the ACL of a bucket, you must have the WRITE_ACP permission. // // You can use one of the following two ways to set a bucket's permissions: // @@ -7156,9 +8041,9 @@ func (c *S3) PutBucketAclRequest(input *PutBucketAclInput) (req *request.Request // object ownership (https://docs.aws.amazon.com/AmazonS3/latest/userguide/about-object-ownership.html) // in the Amazon S3 User Guide. // -// # Access Permissions +// # Permissions // -// You can set access permissions using one of the following methods: +// You can set access permissions by using one of the following methods: // // - Specify a canned ACL with the x-amz-acl request header. Amazon S3 supports // a set of predefined ACLs, known as canned ACLs. Each canned ACL has a @@ -7208,7 +8093,7 @@ func (c *S3) PutBucketAclRequest(input *PutBucketAclInput) (req *request.Request // xsi:type="Group"><>http://acs.amazonaws.com/groups/global/AuthenticatedUsers<> // // - By Email address: <>Grantees@email.com<>lt;/Grantee> +// xsi:type="AmazonCustomerByEmail"><>Grantees@email.com<>& // The grantee is resolved to the CanonicalUser and, in a response to a GET // Object acl request, appears as the CanonicalUser. Using email addresses // to specify a grantee is only supported in the following Amazon Web Services @@ -7218,7 +8103,7 @@ func (c *S3) PutBucketAclRequest(input *PutBucketAclInput) (req *request.Request // Regions and endpoints, see Regions and Endpoints (https://docs.aws.amazon.com/general/latest/gr/rande.html#s3_region) // in the Amazon Web Services General Reference. // -// Related Resources +// The following operations are related to PutBucketAcl: // // - CreateBucket (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateBucket.html) // @@ -7298,6 +8183,8 @@ func (c *S3) PutBucketAnalyticsConfigurationRequest(input *PutBucketAnalyticsCon // PutBucketAnalyticsConfiguration API operation for Amazon Simple Storage Service. // +// This operation is not supported by directory buckets. +// // Sets an analytics configuration for the bucket (specified by the analytics // configuration ID). You can have up to 1,000 analytics configurations per // bucket. @@ -7323,7 +8210,7 @@ func (c *S3) PutBucketAnalyticsConfigurationRequest(input *PutBucketAnalyticsCon // see Permissions Related to Bucket Subresource Operations (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources) // and Managing Access Permissions to Your Amazon S3 Resources (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-access-control.html). // -// Special Errors +// PutBucketAnalyticsConfiguration has the following special errors: // // - HTTP Error: HTTP 400 Bad Request Code: InvalidArgument Cause: Invalid // argument. @@ -7336,7 +8223,7 @@ func (c *S3) PutBucketAnalyticsConfigurationRequest(input *PutBucketAnalyticsCon // the owner of the specified bucket, or you do not have the s3:PutAnalyticsConfiguration // bucket permission to set the configuration on the bucket. // -// Related Resources +// The following operations are related to PutBucketAnalyticsConfiguration: // // - GetBucketAnalyticsConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketAnalyticsConfiguration.html) // @@ -7420,6 +8307,8 @@ func (c *S3) PutBucketCorsRequest(input *PutBucketCorsInput) (req *request.Reque // PutBucketCors API operation for Amazon Simple Storage Service. // +// This operation is not supported by directory buckets. +// // Sets the cors configuration for your bucket. If the configuration exists, // Amazon S3 replaces it. // @@ -7456,7 +8345,7 @@ func (c *S3) PutBucketCorsRequest(input *PutBucketCorsInput) (req *request.Reque // (https://docs.aws.amazon.com/AmazonS3/latest/dev/cors.html) in the Amazon // S3 User Guide. // -// Related Resources +// The following operations are related to PutBucketCors: // // - GetBucketCors (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketCors.html) // @@ -7540,31 +8429,33 @@ func (c *S3) PutBucketEncryptionRequest(input *PutBucketEncryptionInput) (req *r // PutBucketEncryption API operation for Amazon Simple Storage Service. // +// This operation is not supported by directory buckets. +// // This action uses the encryption subresource to configure default encryption -// and Amazon S3 Bucket Key for an existing bucket. -// -// Default encryption for a bucket can use server-side encryption with Amazon -// S3-managed keys (SSE-S3) or customer managed keys (SSE-KMS). If you specify -// default encryption using SSE-KMS, you can also configure Amazon S3 Bucket -// Key. When the default encryption is SSE-KMS, if you upload an object to the -// bucket and do not specify the KMS key to use for encryption, Amazon S3 uses -// the default Amazon Web Services managed KMS key for your account. For information -// about default encryption, see Amazon S3 default bucket encryption (https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-encryption.html) -// in the Amazon S3 User Guide. For more information about S3 Bucket Keys, see -// Amazon S3 Bucket Keys (https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-key.html) -// in the Amazon S3 User Guide. +// and Amazon S3 Bucket Keys for an existing bucket. +// +// By default, all buckets have a default encryption configuration that uses +// server-side encryption with Amazon S3 managed keys (SSE-S3). You can optionally +// configure default encryption for a bucket by using server-side encryption +// with Key Management Service (KMS) keys (SSE-KMS) or dual-layer server-side +// encryption with Amazon Web Services KMS keys (DSSE-KMS). If you specify default +// encryption by using SSE-KMS, you can also configure Amazon S3 Bucket Keys +// (https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-key.html). If you +// use PutBucketEncryption to set your default bucket encryption (https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-encryption.html) +// to SSE-KMS, you should verify that your KMS key ID is correct. Amazon S3 +// does not validate the KMS key ID provided in PutBucketEncryption requests. // // This action requires Amazon Web Services Signature Version 4. For more information, // see Authenticating Requests (Amazon Web Services Signature Version 4) (https://docs.aws.amazon.com/AmazonS3/latest/API/sig-v4-authenticating-requests.html). // -// To use this operation, you must have permissions to perform the s3:PutEncryptionConfiguration +// To use this operation, you must have permission to perform the s3:PutEncryptionConfiguration // action. The bucket owner has this permission by default. The bucket owner // can grant this permission to others. For more information about permissions, // see Permissions Related to Bucket Subresource Operations (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources) // and Managing Access Permissions to Your Amazon S3 Resources (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-access-control.html) // in the Amazon S3 User Guide. // -// Related Resources +// The following operations are related to PutBucketEncryption: // // - GetBucketEncryption (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketEncryption.html) // @@ -7642,6 +8533,8 @@ func (c *S3) PutBucketIntelligentTieringConfigurationRequest(input *PutBucketInt // PutBucketIntelligentTieringConfiguration API operation for Amazon Simple Storage Service. // +// This operation is not supported by directory buckets. +// // Puts a S3 Intelligent-Tiering configuration to the specified bucket. You // can have up to 1,000 S3 Intelligent-Tiering configurations per bucket. // @@ -7674,17 +8567,26 @@ func (c *S3) PutBucketIntelligentTieringConfigurationRequest(input *PutBucketInt // move objects stored in the S3 Intelligent-Tiering storage class to the Archive // Access or Deep Archive Access tier. // -// Special Errors +// PutBucketIntelligentTieringConfiguration has the following special errors: // -// - HTTP 400 Bad Request Error Code: InvalidArgument Cause: Invalid Argument +// # HTTP 400 Bad Request Error // -// - HTTP 400 Bad Request Error Code: TooManyConfigurations Cause: You are -// attempting to create a new configuration but have already reached the -// 1,000-configuration limit. +// Code: InvalidArgument // -// - HTTP 403 Forbidden Error Code: AccessDenied Cause: You are not the owner -// of the specified bucket, or you do not have the s3:PutIntelligentTieringConfiguration -// bucket permission to set the configuration on the bucket. +// Cause: Invalid Argument +// +// # HTTP 400 Bad Request Error +// +// Code: TooManyConfigurations +// +// Cause: You are attempting to create a new configuration but have already +// reached the 1,000-configuration limit. +// +// # HTTP 403 Forbidden Error +// +// Cause: You are not the owner of the specified bucket, or you do not have +// the s3:PutIntelligentTieringConfiguration bucket permission to set the configuration +// on the bucket. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -7758,6 +8660,8 @@ func (c *S3) PutBucketInventoryConfigurationRequest(input *PutBucketInventoryCon // PutBucketInventoryConfiguration API operation for Amazon Simple Storage Service. // +// This operation is not supported by directory buckets. +// // This implementation of the PUT action adds an inventory configuration (identified // by the inventory ID) to the bucket. You can have up to 1,000 inventory configurations // per bucket. @@ -7780,26 +8684,50 @@ func (c *S3) PutBucketInventoryConfigurationRequest(input *PutBucketInventoryCon // an example policy, see Granting Permissions for Amazon S3 Inventory and Storage // Class Analysis (https://docs.aws.amazon.com/AmazonS3/latest/dev/example-bucket-policies.html#example-bucket-policies-use-case-9). // -// To use this operation, you must have permissions to perform the s3:PutInventoryConfiguration +// # Permissions +// +// To use this operation, you must have permission to perform the s3:PutInventoryConfiguration // action. The bucket owner has this permission by default and can grant this -// permission to others. For more information about permissions, see Permissions -// Related to Bucket Subresource Operations (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources) -// and Managing Access Permissions to Your Amazon S3 Resources (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-access-control.html) +// permission to others. +// +// The s3:PutInventoryConfiguration permission allows a user to create an S3 +// Inventory (https://docs.aws.amazon.com/AmazonS3/latest/userguide/storage-inventory.html) +// report that includes all object metadata fields available and to specify +// the destination bucket to store the inventory. A user with read access to +// objects in the destination bucket can also access all object metadata fields +// that are available in the inventory report. +// +// To restrict access to an inventory report, see Restricting access to an Amazon +// S3 Inventory report (https://docs.aws.amazon.com/AmazonS3/latest/userguide/example-bucket-policies.html#example-bucket-policies-use-case-10) +// in the Amazon S3 User Guide. For more information about the metadata fields +// available in S3 Inventory, see Amazon S3 Inventory lists (https://docs.aws.amazon.com/AmazonS3/latest/userguide/storage-inventory.html#storage-inventory-contents) +// in the Amazon S3 User Guide. For more information about permissions, see +// Permissions related to bucket subresource operations (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources) +// and Identity and access management in Amazon S3 (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-access-control.html) // in the Amazon S3 User Guide. // -// Special Errors +// PutBucketInventoryConfiguration has the following special errors: // -// - HTTP 400 Bad Request Error Code: InvalidArgument Cause: Invalid Argument +// # HTTP 400 Bad Request Error // -// - HTTP 400 Bad Request Error Code: TooManyConfigurations Cause: You are -// attempting to create a new configuration but have already reached the -// 1,000-configuration limit. +// Code: InvalidArgument // -// - HTTP 403 Forbidden Error Code: AccessDenied Cause: You are not the owner -// of the specified bucket, or you do not have the s3:PutInventoryConfiguration -// bucket permission to set the configuration on the bucket. +// Cause: Invalid Argument // -// Related Resources +// # HTTP 400 Bad Request Error +// +// Code: TooManyConfigurations +// +// Cause: You are attempting to create a new configuration but have already +// reached the 1,000-configuration limit. +// +// # HTTP 403 Forbidden Error +// +// Cause: You are not the owner of the specified bucket, or you do not have +// the s3:PutInventoryConfiguration bucket permission to set the configuration +// on the bucket. +// +// The following operations are related to PutBucketInventoryConfiguration: // // - GetBucketInventoryConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketInventoryConfiguration.html) // @@ -7888,6 +8816,8 @@ func (c *S3) PutBucketLifecycleRequest(input *PutBucketLifecycleInput) (req *req // PutBucketLifecycle API operation for Amazon Simple Storage Service. // +// This operation is not supported by directory buckets. +// // For an updated version of this API, see PutBucketLifecycleConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketLifecycleConfiguration.html). // This version has been deprecated. Existing lifecycle configurations will // work. For new lifecycle configurations, use the updated API. @@ -7922,7 +8852,7 @@ func (c *S3) PutBucketLifecycleRequest(input *PutBucketLifecycleInput) (req *req // For more examples of transitioning objects to storage classes such as STANDARD_IA // or ONEZONE_IA, see Examples of Lifecycle Configuration (https://docs.aws.amazon.com/AmazonS3/latest/dev/intro-lifecycle-rules.html#lifecycle-configuration-examples). // -// Related Resources +// The following operations are related to PutBucketLifecycle: // // - GetBucketLifecycle (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketLifecycle.html)(Deprecated) // @@ -8017,6 +8947,8 @@ func (c *S3) PutBucketLifecycleConfigurationRequest(input *PutBucketLifecycleCon // PutBucketLifecycleConfiguration API operation for Amazon Simple Storage Service. // +// This operation is not supported by directory buckets. +// // Creates a new lifecycle configuration for the bucket or replaces an existing // lifecycle configuration. Keep in mind that this will overwrite an existing // lifecycle configuration, so if you want to retain any configuration details, @@ -8024,10 +8956,10 @@ func (c *S3) PutBucketLifecycleConfigurationRequest(input *PutBucketLifecycleCon // about lifecycle configuration, see Managing your storage lifecycle (https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-lifecycle-mgmt.html). // // Bucket lifecycle configuration now supports specifying a lifecycle rule using -// an object key name prefix, one or more object tags, or a combination of both. -// Accordingly, this section describes the latest API. The previous version -// of the API supported filtering based only on an object key name prefix, which -// is supported for backward compatibility. For the related API description, +// an object key name prefix, one or more object tags, object size, or any combination +// of these. Accordingly, this section describes the latest API. The previous +// version of the API supported filtering based only on an object key name prefix, +// which is supported for backward compatibility. For the related API description, // see PutBucketLifecycle (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketLifecycle.html). // // # Rules @@ -8037,11 +8969,11 @@ func (c *S3) PutBucketLifecycleConfigurationRequest(input *PutBucketLifecycleCon // S3 Lifecycle configuration can have up to 1,000 rules. This limit is not // adjustable. Each rule consists of the following: // -// - Filter identifying a subset of objects to which the rule applies. The -// filter can be based on a key name prefix, object tags, or a combination -// of both. +// - A filter identifying a subset of objects to which the rule applies. +// The filter can be based on a key name prefix, object tags, object size, +// or any combination of these. // -// - Status whether the rule is in effect. +// - A status indicating whether the rule is in effect. // // - One or more lifecycle transition and expiration actions that you want // Amazon S3 to perform on the objects identified by the filter. If the state @@ -8062,10 +8994,10 @@ func (c *S3) PutBucketLifecycleConfigurationRequest(input *PutBucketLifecycleCon // optionally grant access permissions to others by writing an access policy. // For this operation, a user must get the s3:PutLifecycleConfiguration permission. // -// You can also explicitly deny permissions. Explicit deny also supersedes any -// other permissions. If you want to block users or accounts from removing or -// deleting objects from your bucket, you must deny them permissions for the -// following actions: +// You can also explicitly deny permissions. An explicit deny also supersedes +// any other permissions. If you want to block users or accounts from removing +// or deleting objects from your bucket, you must deny them permissions for +// the following actions: // // - s3:DeleteObject // @@ -8076,7 +9008,7 @@ func (c *S3) PutBucketLifecycleConfigurationRequest(input *PutBucketLifecycleCon // For more information about permissions, see Managing Access Permissions to // Your Amazon S3 Resources (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-access-control.html). // -// The following are related to PutBucketLifecycleConfiguration: +// The following operations are related to PutBucketLifecycleConfiguration: // // - Examples of Lifecycle Configuration (https://docs.aws.amazon.com/AmazonS3/latest/dev/lifecycle-configuration-examples.html) // @@ -8160,6 +9092,8 @@ func (c *S3) PutBucketLoggingRequest(input *PutBucketLoggingInput) (req *request // PutBucketLogging API operation for Amazon Simple Storage Service. // +// This operation is not supported by directory buckets. +// // Set the logging parameters for a bucket and to specify permissions for who // can view and modify the logging parameters. All logs are saved to buckets // in the same Amazon Web Services Region as the source bucket. To set the logging @@ -8178,7 +9112,7 @@ func (c *S3) PutBucketLoggingRequest(input *PutBucketLoggingInput) (req *request // # Grantee Values // // You can specify the person (grantee) to whom you're assigning access rights -// (using request elements) in the following ways: +// (by using request elements) in the following ways: // // - By the person's ID: <>ID<><>GranteesEmail<> @@ -8186,8 +9120,8 @@ func (c *S3) PutBucketLoggingRequest(input *PutBucketLoggingInput) (req *request // // - By Email address: <>Grantees@email.com<> -// The grantee is resolved to the CanonicalUser and, in a response to a GET -// Object acl request, appears as the CanonicalUser. +// The grantee is resolved to the CanonicalUser and, in a response to a GETObjectAcl +// request, appears as the CanonicalUser. // // - By URI: <>http://acs.amazonaws.com/groups/global/AuthenticatedUsers<> @@ -8287,6 +9221,8 @@ func (c *S3) PutBucketMetricsConfigurationRequest(input *PutBucketMetricsConfigu // PutBucketMetricsConfiguration API operation for Amazon Simple Storage Service. // +// This operation is not supported by directory buckets. +// // Sets a metrics configuration (specified by the metrics configuration ID) // for the bucket. You can have up to 1,000 metrics configurations per bucket. // If you're updating an existing metrics configuration, note that this is a @@ -8310,7 +9246,7 @@ func (c *S3) PutBucketMetricsConfigurationRequest(input *PutBucketMetricsConfigu // // - ListBucketMetricsConfigurations (https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListBucketMetricsConfigurations.html) // -// GetBucketLifecycle has the following special error: +// PutBucketMetricsConfiguration has the following special error: // // - Error code: TooManyConfigurations Description: You are attempting to // create a new configuration but have already reached the 1,000-configuration @@ -8397,6 +9333,8 @@ func (c *S3) PutBucketNotificationRequest(input *PutBucketNotificationInput) (re // PutBucketNotification API operation for Amazon Simple Storage Service. // +// This operation is not supported by directory buckets. +// // No longer used, see the PutBucketNotificationConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketNotificationConfiguration.html) // operation. // @@ -8476,6 +9414,8 @@ func (c *S3) PutBucketNotificationConfigurationRequest(input *PutBucketNotificat // PutBucketNotificationConfiguration API operation for Amazon Simple Storage Service. // +// This operation is not supported by directory buckets. +// // Enables notifications of specified events for a bucket. For more information // about event notifications, see Configuring Event Notifications (https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html). // @@ -8511,7 +9451,8 @@ func (c *S3) PutBucketNotificationConfigurationRequest(input *PutBucketNotificat // // By default, only the bucket owner can configure notifications on a bucket. // However, bucket owners can use a bucket policy to grant permission to other -// users to set this configuration with s3:PutBucketNotification permission. +// users to set this configuration with the required s3:PutBucketNotification +// permission. // // The PUT notification is an atomic operation. For example, suppose your notification // configuration includes SNS topic, SQS queue, and Lambda function configurations. @@ -8519,8 +9460,6 @@ func (c *S3) PutBucketNotificationConfigurationRequest(input *PutBucketNotificat // messages to your SNS topic. If the message fails, the entire PUT action will // fail, and Amazon S3 will not add the configuration to your bucket. // -// # Responses -// // If the configuration in the request body includes only one TopicConfiguration // specifying only the s3:ReducedRedundancyLostObject event type, the response // will also include the x-amz-sns-test-message-id header containing the message @@ -8606,6 +9545,8 @@ func (c *S3) PutBucketOwnershipControlsRequest(input *PutBucketOwnershipControls // PutBucketOwnershipControls API operation for Amazon Simple Storage Service. // +// This operation is not supported by directory buckets. +// // Creates or modifies OwnershipControls for an Amazon S3 bucket. To use this // operation, you must have the s3:PutBucketOwnershipControls permission. For // more information about Amazon S3 permissions, see Specifying permissions @@ -8696,22 +9637,62 @@ func (c *S3) PutBucketPolicyRequest(input *PutBucketPolicyInput) (req *request.R // PutBucketPolicy API operation for Amazon Simple Storage Service. // -// Applies an Amazon S3 bucket policy to an Amazon S3 bucket. If you are using -// an identity other than the root user of the Amazon Web Services account that -// owns the bucket, the calling identity must have the PutBucketPolicy permissions -// on the specified bucket and belong to the bucket owner's account in order -// to use this operation. +// Applies an Amazon S3 bucket policy to an Amazon S3 bucket. +// +// Directory buckets - For directory buckets, you must make requests for this +// API operation to the Regional endpoint. These endpoints support path-style +// requests in the format https://s3express-control.region_code.amazonaws.com/bucket-name +// . Virtual-hosted-style requests aren't supported. For more information, see +// Regional and Zonal endpoints (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-Regions-and-Zones.html) +// in the Amazon S3 User Guide. +// +// # Permissions +// +// If you are using an identity other than the root user of the Amazon Web Services +// account that owns the bucket, the calling identity must both have the PutBucketPolicy +// permissions on the specified bucket and belong to the bucket owner's account +// in order to use this operation. // // If you don't have PutBucketPolicy permissions, Amazon S3 returns a 403 Access // Denied error. If you have the correct permissions, but you're not using an // identity that belongs to the bucket owner's account, Amazon S3 returns a // 405 Method Not Allowed error. // -// As a security precaution, the root user of the Amazon Web Services account -// that owns a bucket can always use this operation, even if the policy explicitly -// denies the root user the ability to perform this action. +// To ensure that bucket owners don't inadvertently lock themselves out of their +// own buckets, the root principal in a bucket owner's Amazon Web Services account +// can perform the GetBucketPolicy, PutBucketPolicy, and DeleteBucketPolicy +// API actions, even if their bucket policy explicitly denies the root principal's +// access. Bucket owner root principals can only be blocked from performing +// these API actions by VPC endpoint policies and Amazon Web Services Organizations +// policies. +// +// - General purpose bucket permissions - The s3:PutBucketPolicy permission +// is required in a policy. For more information about general purpose buckets +// bucket policies, see Using Bucket Policies and User Policies (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-iam-policies.html) +// in the Amazon S3 User Guide. // -// For more information, see Bucket policy examples (https://docs.aws.amazon.com/AmazonS3/latest/userguide/example-bucket-policies.html). +// - Directory bucket permissions - To grant access to this API operation, +// you must have the s3express:PutBucketPolicy permission in an IAM identity-based +// policy instead of a bucket policy. Cross-account access to this API operation +// isn't supported. This operation can only be performed by the Amazon Web +// Services account that owns the resource. For more information about directory +// bucket policies and permissions, see Amazon Web Services Identity and +// Access Management (IAM) for S3 Express One Zone (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-security-iam.html) +// in the Amazon S3 User Guide. +// +// # Example bucket policies +// +// General purpose buckets example bucket policies - See Bucket policy examples +// (https://docs.aws.amazon.com/AmazonS3/latest/userguide/example-bucket-policies.html) +// in the Amazon S3 User Guide. +// +// Directory bucket example bucket policies - See Example bucket policies for +// S3 Express One Zone (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-security-iam-example-bucket-policies.html) +// in the Amazon S3 User Guide. +// +// # HTTP Host header syntax +// +// Directory buckets - The HTTP Host header syntax is s3express-control.region.amazonaws.com. // // The following operations are related to PutBucketPolicy: // @@ -8795,6 +9776,8 @@ func (c *S3) PutBucketReplicationRequest(input *PutBucketReplicationInput) (req // PutBucketReplication API operation for Amazon Simple Storage Service. // +// This operation is not supported by directory buckets. +// // Creates a replication configuration or replaces an existing one. For more // information, see Replication (https://docs.aws.amazon.com/AmazonS3/latest/dev/replication.html) // in the Amazon S3 User Guide. @@ -8803,6 +9786,9 @@ func (c *S3) PutBucketReplicationRequest(input *PutBucketReplicationInput) (req // configuration, you provide the name of the destination bucket or buckets // where you want Amazon S3 to replicate objects, the IAM role that Amazon S3 // can assume to replicate objects on your behalf, and other relevant information. +// You can invoke this request for a specific Amazon Web Services Region by +// using the aws:RequestedRegion (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-requestedregion) +// condition key. // // A replication configuration must include at least one rule, and can contain // a maximum of 1,000. Each rule identifies a subset of objects to replicate @@ -8931,6 +9917,8 @@ func (c *S3) PutBucketRequestPaymentRequest(input *PutBucketRequestPaymentInput) // PutBucketRequestPayment API operation for Amazon Simple Storage Service. // +// This operation is not supported by directory buckets. +// // Sets the request payment configuration for a bucket. By default, the bucket // owner pays for downloads from the bucket. This configuration parameter enables // the bucket owner (only) to specify that the person requesting the download @@ -9019,6 +10007,8 @@ func (c *S3) PutBucketTaggingRequest(input *PutBucketTaggingInput) (req *request // PutBucketTagging API operation for Amazon Simple Storage Service. // +// This operation is not supported by directory buckets. +// // Sets the tags for a bucket. // // Use tags to organize your Amazon Web Services bill to reflect your own cost @@ -9029,7 +10019,7 @@ func (c *S3) PutBucketTaggingRequest(input *PutBucketTaggingInput) (req *request // name, and then organize your billing information to see the total cost of // that application across several services. For more information, see Cost // Allocation and Tagging (https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/cost-alloc-tags.html) -// and Using Cost Allocation in Amazon S3 Bucket Tags (https://docs.aws.amazon.com/AmazonS3/latest/dev/CostAllocTagging.html). +// and Using Cost Allocation in Amazon S3 Bucket Tags (https://docs.aws.amazon.com/AmazonS3/latest/userguide/CostAllocTagging.html). // // When this operation sets the tags for a bucket, it will overwrite any current // tags the bucket already has. You cannot use this operation to add tags to @@ -9041,22 +10031,20 @@ func (c *S3) PutBucketTaggingRequest(input *PutBucketTaggingInput) (req *request // Related to Bucket Subresource Operations (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources) // and Managing Access Permissions to Your Amazon S3 Resources (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-access-control.html). // -// PutBucketTagging has the following special errors: +// PutBucketTagging has the following special errors. For more Amazon S3 errors +// see, Error Responses (https://docs.aws.amazon.com/AmazonS3/latest/API/ErrorResponses.html). // -// - Error code: InvalidTagError Description: The tag provided was not a -// valid tag. This error can occur if the tag did not pass input validation. -// For information about tag restrictions, see User-Defined Tag Restrictions -// (https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/allocation-tag-restrictions.html) -// and Amazon Web Services-Generated Cost Allocation Tag Restrictions (https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/aws-tag-restrictions.html). +// - InvalidTag - The tag provided was not a valid tag. This error can occur +// if the tag did not pass input validation. For more information, see Using +// Cost Allocation in Amazon S3 Bucket Tags (https://docs.aws.amazon.com/AmazonS3/latest/userguide/CostAllocTagging.html). // -// - Error code: MalformedXMLError Description: The XML provided does not -// match the schema. +// - MalformedXML - The XML provided does not match the schema. // -// - Error code: OperationAbortedError Description: A conflicting conditional -// action is currently in progress against this resource. Please try again. +// - OperationAborted - A conflicting conditional action is currently in +// progress against this resource. Please try again. // -// - Error code: InternalError Description: The service was unable to apply -// the provided tag to the bucket. +// - InternalError - The service was unable to apply the provided tag to +// the bucket. // // The following operations are related to PutBucketTagging: // @@ -9140,6 +10128,8 @@ func (c *S3) PutBucketVersioningRequest(input *PutBucketVersioningInput) (req *r // PutBucketVersioning API operation for Amazon Simple Storage Service. // +// This operation is not supported by directory buckets. +// // Sets the versioning state of an existing bucket. // // You can set the versioning state with one of the following values: @@ -9159,15 +10149,15 @@ func (c *S3) PutBucketVersioningRequest(input *PutBucketVersioningInput) (req *r // you must include the x-amz-mfa request header and the Status and the MfaDelete // request elements in a request to set the versioning state of the bucket. // -// If you have an object expiration lifecycle policy in your non-versioned bucket -// and you want to maintain the same permanent delete behavior when you enable -// versioning, you must add a noncurrent expiration policy. The noncurrent expiration -// lifecycle policy will manage the deletes of the noncurrent object versions -// in the version-enabled bucket. (A version-enabled bucket maintains one current -// and zero or more noncurrent object versions.) For more information, see Lifecycle -// and Versioning (https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lifecycle-mgmt.html#lifecycle-and-other-bucket-config). +// If you have an object expiration lifecycle configuration in your non-versioned +// bucket and you want to maintain the same permanent delete behavior when you +// enable versioning, you must add a noncurrent expiration policy. The noncurrent +// expiration lifecycle configuration will manage the deletes of the noncurrent +// object versions in the version-enabled bucket. (A version-enabled bucket +// maintains one current and zero or more noncurrent object versions.) For more +// information, see Lifecycle and Versioning (https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lifecycle-mgmt.html#lifecycle-and-other-bucket-config). // -// Related Resources +// The following operations are related to PutBucketVersioning: // // - CreateBucket (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateBucket.html) // @@ -9251,6 +10241,8 @@ func (c *S3) PutBucketWebsiteRequest(input *PutBucketWebsiteInput) (req *request // PutBucketWebsite API operation for Amazon Simple Storage Service. // +// This operation is not supported by directory buckets. +// // Sets the configuration of the website that is specified in the website subresource. // To configure a bucket as a website, you can add this subresource on the bucket // with website configuration information such as the file name of the index @@ -9318,6 +10310,8 @@ func (c *S3) PutBucketWebsiteRequest(input *PutBucketWebsiteInput) (req *request // more information, see Configuring an Object Redirect (https://docs.aws.amazon.com/AmazonS3/latest/dev/how-to-page-redirect.html) // in the Amazon S3 User Guide. // +// The maximum request length is limited to 128 KB. +// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -9389,99 +10383,85 @@ func (c *S3) PutObjectRequest(input *PutObjectInput) (req *request.Request, outp // PutObject API operation for Amazon Simple Storage Service. // -// Adds an object to a bucket. You must have WRITE permissions on a bucket to -// add an object to it. -// -// Amazon S3 never adds partial objects; if you receive a success response, -// Amazon S3 added the entire object to the bucket. -// -// Amazon S3 is a distributed system. If it receives multiple write requests -// for the same object simultaneously, it overwrites all but the last object -// written. Amazon S3 does not provide object locking; if you need this, make -// sure to build it into your application layer or use versioning instead. -// -// To ensure that data is not corrupted traversing the network, use the Content-MD5 -// header. When you use this header, Amazon S3 checks the object against the -// provided MD5 value and, if they do not match, returns an error. Additionally, -// you can calculate the MD5 while putting an object to Amazon S3 and compare -// the returned ETag to the calculated MD5 value. +// Adds an object to a bucket. // -// - To successfully complete the PutObject request, you must have the s3:PutObject -// in your IAM permissions. +// - Amazon S3 never adds partial objects; if you receive a success response, +// Amazon S3 added the entire object to the bucket. You cannot use PutObject +// to only update a single piece of metadata for an existing object. You +// must put the entire object with updated metadata if you want to update +// some values. // -// - To successfully change the objects acl of your PutObject request, you -// must have the s3:PutObjectAcl in your IAM permissions. +// - If your bucket uses the bucket owner enforced setting for Object Ownership, +// ACLs are disabled and no longer affect permissions. All objects written +// to the bucket by any account will be owned by the bucket owner. // -// - The Content-MD5 header is required for any request to upload an object -// with a retention period configured using Amazon S3 Object Lock. For more -// information about Amazon S3 Object Lock, see Amazon S3 Object Lock Overview -// (https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock-overview.html) +// - Directory buckets - For directory buckets, you must make requests for +// this API operation to the Zonal endpoint. These endpoints support virtual-hosted-style +// requests in the format https://bucket_name.s3express-az_id.region.amazonaws.com/key-name +// . Path-style requests are not supported. For more information, see Regional +// and Zonal endpoints (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-Regions-and-Zones.html) // in the Amazon S3 User Guide. // -// # Server-side Encryption -// -// You can optionally request server-side encryption. With server-side encryption, -// Amazon S3 encrypts your data as it writes it to disks in its data centers -// and decrypts the data when you access it. You have the option to provide -// your own encryption key or use Amazon Web Services managed encryption keys -// (SSE-S3 or SSE-KMS). For more information, see Using Server-Side Encryption -// (https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingServerSideEncryption.html). -// -// If you request server-side encryption using Amazon Web Services Key Management -// Service (SSE-KMS), you can enable an S3 Bucket Key at the object-level. For -// more information, see Amazon S3 Bucket Keys (https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-key.html) -// in the Amazon S3 User Guide. -// -// # Access Control List (ACL)-Specific Request Headers -// -// You can use headers to grant ACL- based permissions. By default, all objects -// are private. Only the owner has full access control. When adding a new object, -// you can grant permissions to individual Amazon Web Services accounts or to -// predefined groups defined by Amazon S3. These permissions are then added -// to the ACL on the object. For more information, see Access Control List (ACL) -// Overview (https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html) -// and Managing ACLs Using the REST API (https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-using-rest-api.html). -// -// If the bucket that you're uploading objects to uses the bucket owner enforced -// setting for S3 Object Ownership, ACLs are disabled and no longer affect permissions. -// Buckets that use this setting only accept PUT requests that don't specify -// an ACL or PUT requests that specify bucket owner full control ACLs, such -// as the bucket-owner-full-control canned ACL or an equivalent form of this -// ACL expressed in the XML format. PUT requests that contain other ACLs (for -// example, custom grants to certain Amazon Web Services accounts) fail and -// return a 400 error with the error code AccessControlListNotSupported. -// -// For more information, see Controlling ownership of objects and disabling -// ACLs (https://docs.aws.amazon.com/AmazonS3/latest/userguide/about-object-ownership.html) -// in the Amazon S3 User Guide. -// -// If your bucket uses the bucket owner enforced setting for Object Ownership, -// all objects written to the bucket by any account will be owned by the bucket -// owner. -// -// # Storage Class Options -// -// By default, Amazon S3 uses the STANDARD Storage Class to store newly created -// objects. The STANDARD storage class provides high durability and high availability. -// Depending on performance needs, you can specify a different Storage Class. -// Amazon S3 on Outposts only uses the OUTPOSTS Storage Class. For more information, -// see Storage Classes (https://docs.aws.amazon.com/AmazonS3/latest/dev/storage-class-intro.html) -// in the Amazon S3 User Guide. -// -// # Versioning -// -// If you enable versioning for a bucket, Amazon S3 automatically generates -// a unique version ID for the object being stored. Amazon S3 returns this ID -// in the response. When you enable versioning for a bucket, if Amazon S3 receives -// multiple write requests for the same object simultaneously, it stores all -// of the objects. -// -// For more information about versioning, see Adding Objects to Versioning Enabled -// Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/AddingObjectstoVersioningEnabledBuckets.html). -// For information about returning the versioning state of a bucket, see GetBucketVersioning -// (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketVersioning.html). -// -// Related Resources +// Amazon S3 is a distributed system. If it receives multiple write requests +// for the same object simultaneously, it overwrites all but the last object +// written. However, Amazon S3 provides features that can modify this behavior: +// +// - S3 Object Lock - To prevent objects from being deleted or overwritten, +// you can use Amazon S3 Object Lock (https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-lock.html) +// in the Amazon S3 User Guide. This functionality is not supported for directory +// buckets. +// +// - S3 Versioning - When you enable versioning for a bucket, if Amazon S3 +// receives multiple write requests for the same object simultaneously, it +// stores all versions of the objects. For each write request that is made +// to the same object, Amazon S3 automatically generates a unique version +// ID of that object being stored in Amazon S3. You can retrieve, replace, +// or delete any version of the object. For more information about versioning, +// see Adding Objects to Versioning-Enabled Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/AddingObjectstoVersioningEnabledBuckets.html) +// in the Amazon S3 User Guide. For information about returning the versioning +// state of a bucket, see GetBucketVersioning (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketVersioning.html). +// This functionality is not supported for directory buckets. +// +// Permissions +// +// - General purpose bucket permissions - The following permissions are required +// in your policies when your PutObject request includes specific headers. +// s3:PutObject - To successfully complete the PutObject request, you must +// always have the s3:PutObject permission on a bucket to add an object to +// it. s3:PutObjectAcl - To successfully change the objects ACL of your PutObject +// request, you must have the s3:PutObjectAcl. s3:PutObjectTagging - To successfully +// set the tag-set with your PutObject request, you must have the s3:PutObjectTagging. +// +// - Directory bucket permissions - To grant access to this API operation +// on a directory bucket, we recommend that you use the CreateSession (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html) +// API operation for session-based authorization. Specifically, you grant +// the s3express:CreateSession permission to the directory bucket in a bucket +// policy or an IAM identity-based policy. Then, you make the CreateSession +// API call on the bucket to obtain a session token. With the session token +// in your request header, you can make API requests to this operation. After +// the session token expires, you make another CreateSession API call to +// generate a new session token for use. Amazon Web Services CLI or SDKs +// create session and refresh the session token automatically to avoid service +// interruptions when a session expires. For more information about authorization, +// see CreateSession (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html). +// +// Data integrity with Content-MD5 +// +// - General purpose bucket - To ensure that data is not corrupted traversing +// the network, use the Content-MD5 header. When you use this header, Amazon +// S3 checks the object against the provided MD5 value and, if they do not +// match, Amazon S3 returns an error. Alternatively, when the object's ETag +// is its MD5 digest, you can calculate the MD5 while putting the object +// to Amazon S3 and compare the returned ETag to the calculated MD5 value. +// +// - Directory bucket - This functionality is not supported for directory +// buckets. +// +// # HTTP Host header syntax +// +// Directory buckets - The HTTP Host header syntax is Bucket_name.s3express-az_id.region.amazonaws.com. +// +// For more information about related Amazon S3 APIs, see the following: // // - CopyObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CopyObject.html) // @@ -9562,13 +10542,15 @@ func (c *S3) PutObjectAclRequest(input *PutObjectAclInput) (req *request.Request // PutObjectAcl API operation for Amazon Simple Storage Service. // +// This operation is not supported by directory buckets. +// // Uses the acl subresource to set the access control list (ACL) permissions -// for a new or existing object in an S3 bucket. You must have WRITE_ACP permission -// to set the ACL of an object. For more information, see What permissions can -// I grant? (https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#permissions) +// for a new or existing object in an S3 bucket. You must have the WRITE_ACP +// permission to set the ACL of an object. For more information, see What permissions +// can I grant? (https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#permissions) // in the Amazon S3 User Guide. // -// This action is not supported by Amazon S3 on Outposts. +// This functionality is not supported for Amazon S3 on Outposts. // // Depending on your application needs, you can choose to set the ACL on an // object using either the request body or the headers. For example, if you @@ -9585,7 +10567,7 @@ func (c *S3) PutObjectAclRequest(input *PutObjectAclInput) (req *request.Request // object ownership (https://docs.aws.amazon.com/AmazonS3/latest/userguide/about-object-ownership.html) // in the Amazon S3 User Guide. // -// # Access Permissions +// # Permissions // // You can set access permissions using one of the following methods: // @@ -9651,7 +10633,7 @@ func (c *S3) PutObjectAclRequest(input *PutObjectAclInput) (req *request.Request // sets the ACL of the current version of an object. To set the ACL of a different // version, use the versionId subresource. // -// Related Resources +// The following operations are related to PutObjectAcl: // // - CopyObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CopyObject.html) // @@ -9737,10 +10719,12 @@ func (c *S3) PutObjectLegalHoldRequest(input *PutObjectLegalHoldInput) (req *req // PutObjectLegalHold API operation for Amazon Simple Storage Service. // +// This operation is not supported by directory buckets. +// // Applies a legal hold configuration to the specified object. For more information, // see Locking Objects (https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock.html). // -// This action is not supported by Amazon S3 on Outposts. +// This functionality is not supported for Amazon S3 on Outposts. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -9817,6 +10801,8 @@ func (c *S3) PutObjectLockConfigurationRequest(input *PutObjectLockConfiguration // PutObjectLockConfiguration API operation for Amazon Simple Storage Service. // +// This operation is not supported by directory buckets. +// // Places an Object Lock configuration on the specified bucket. The rule specified // in the Object Lock configuration will be applied by default to every new // object placed in the specified bucket. For more information, see Locking @@ -9827,8 +10813,8 @@ func (c *S3) PutObjectLockConfigurationRequest(input *PutObjectLockConfiguration // - The DefaultRetention period can be either Days or Years but you must // select one. You cannot specify Days and Years at the same time. // -// - You can only enable Object Lock for new buckets. If you want to turn -// on Object Lock for an existing bucket, contact Amazon Web Services Support. +// - You can enable Object Lock for new or existing buckets. For more information, +// see Configuring Object Lock (https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-lock-configure.html). // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -9905,13 +10891,15 @@ func (c *S3) PutObjectRetentionRequest(input *PutObjectRetentionInput) (req *req // PutObjectRetention API operation for Amazon Simple Storage Service. // +// This operation is not supported by directory buckets. +// // Places an Object Retention configuration on an object. For more information, // see Locking Objects (https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock.html). // Users or accounts require the s3:PutObjectRetention permission in order to // place an Object Retention configuration on objects. Bypassing a Governance // Retention configuration requires the s3:BypassGovernanceRetention permission. // -// This action is not supported by Amazon S3 on Outposts. +// This functionality is not supported for Amazon S3 on Outposts. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -9988,12 +10976,15 @@ func (c *S3) PutObjectTaggingRequest(input *PutObjectTaggingInput) (req *request // PutObjectTagging API operation for Amazon Simple Storage Service. // -// Sets the supplied tag-set to an object that already exists in a bucket. +// This operation is not supported by directory buckets. // -// A tag is a key-value pair. You can associate tags with an object by sending -// a PUT request against the tagging subresource that is associated with the -// object. You can retrieve tags by sending a GET request. For more information, -// see GetObjectTagging (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObjectTagging.html). +// Sets the supplied tag-set to an object that already exists in a bucket. A +// tag is a key-value pair. For more information, see Object Tagging (https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-tagging.html). +// +// You can associate tags with an object by sending a PUT request against the +// tagging subresource that is associated with the object. You can retrieve +// tags by sending a GET request. For more information, see GetObjectTagging +// (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObjectTagging.html). // // For tagging-related restrictions related to characters and encodings, see // Tag Restrictions (https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/allocation-tag-restrictions.html). @@ -10006,24 +10997,22 @@ func (c *S3) PutObjectTaggingRequest(input *PutObjectTaggingInput) (req *request // To put tags of any other version, use the versionId query parameter. You // also need permission for the s3:PutObjectVersionTagging action. // -// For information about the Amazon S3 object tagging feature, see Object Tagging -// (https://docs.aws.amazon.com/AmazonS3/latest/dev/object-tagging.html). +// PutObjectTagging has the following special errors. For more Amazon S3 errors +// see, Error Responses (https://docs.aws.amazon.com/AmazonS3/latest/API/ErrorResponses.html). // -// Special Errors +// - InvalidTag - The tag provided was not a valid tag. This error can occur +// if the tag did not pass input validation. For more information, see Object +// Tagging (https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-tagging.html). // -// - Code: InvalidTagError Cause: The tag provided was not a valid tag. This -// error can occur if the tag did not pass input validation. For more information, -// see Object Tagging (https://docs.aws.amazon.com/AmazonS3/latest/dev/object-tagging.html). +// - MalformedXML - The XML provided does not match the schema. // -// - Code: MalformedXMLError Cause: The XML provided does not match the schema. +// - OperationAborted - A conflicting conditional action is currently in +// progress against this resource. Please try again. // -// - Code: OperationAbortedError Cause: A conflicting conditional action -// is currently in progress against this resource. Please try again. +// - InternalError - The service was unable to apply the provided tag to +// the object. // -// - Code: InternalError Cause: The service was unable to apply the provided -// tag to the object. -// -// Related Resources +// The following operations are related to PutObjectTagging: // // - GetObjectTagging (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObjectTagging.html) // @@ -10105,6 +11094,8 @@ func (c *S3) PutPublicAccessBlockRequest(input *PutPublicAccessBlockInput) (req // PutPublicAccessBlock API operation for Amazon Simple Storage Service. // +// This operation is not supported by directory buckets. +// // Creates or modifies the PublicAccessBlock configuration for an Amazon S3 // bucket. To use this operation, you must have the s3:PutBucketPublicAccessBlock // permission. For more information about Amazon S3 permissions, see Specifying @@ -10120,7 +11111,7 @@ func (c *S3) PutPublicAccessBlockRequest(input *PutPublicAccessBlockInput) (req // For more information about when Amazon S3 considers a bucket or an object // public, see The Meaning of "Public" (https://docs.aws.amazon.com/AmazonS3/latest/dev/access-control-block-public-access.html#access-control-block-public-access-policy-status). // -// Related Resources +// The following operations are related to PutPublicAccessBlock: // // - GetPublicAccessBlock (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetPublicAccessBlock.html) // @@ -10201,131 +11192,87 @@ func (c *S3) RestoreObjectRequest(input *RestoreObjectInput) (req *request.Reque // RestoreObject API operation for Amazon Simple Storage Service. // +// This operation is not supported by directory buckets. +// // # Restores an archived copy of an object back into Amazon S3 // -// This action is not supported by Amazon S3 on Outposts. +// This functionality is not supported for Amazon S3 on Outposts. // // This action performs the following types of requests: // -// - select - Perform a select query on an archived object -// // - restore an archive - Restore an archived object // -// To use this operation, you must have permissions to perform the s3:RestoreObject -// action. The bucket owner has this permission by default and can grant this -// permission to others. For more information about permissions, see Permissions -// Related to Bucket Subresource Operations (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources) -// and Managing Access Permissions to Your Amazon S3 Resources (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-access-control.html) -// in the Amazon S3 User Guide. +// For more information about the S3 structure in the request body, see the +// following: // -// # Querying Archives with Select Requests -// -// You use a select type of request to perform SQL queries on archived objects. -// The archived objects that are being queried by the select request must be -// formatted as uncompressed comma-separated values (CSV) files. You can run -// queries and custom analytics on your archived data without having to restore -// your data to a hotter Amazon S3 tier. For an overview about select requests, -// see Querying Archived Objects (https://docs.aws.amazon.com/AmazonS3/latest/dev/querying-glacier-archives.html) -// in the Amazon S3 User Guide. +// - PutObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObject.html) // -// When making a select request, do the following: -// -// - Define an output location for the select query's output. This must be -// an Amazon S3 bucket in the same Amazon Web Services Region as the bucket -// that contains the archive object that is being queried. The Amazon Web -// Services account that initiates the job must have permissions to write -// to the S3 bucket. You can specify the storage class and encryption for -// the output objects stored in the bucket. For more information about output, -// see Querying Archived Objects (https://docs.aws.amazon.com/AmazonS3/latest/dev/querying-glacier-archives.html) -// in the Amazon S3 User Guide. For more information about the S3 structure -// in the request body, see the following: PutObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObject.html) -// Managing Access with ACLs (https://docs.aws.amazon.com/AmazonS3/latest/dev/S3_ACLs_UsingACLs.html) -// in the Amazon S3 User Guide Protecting Data Using Server-Side Encryption -// (https://docs.aws.amazon.com/AmazonS3/latest/dev/serv-side-encryption.html) +// - Managing Access with ACLs (https://docs.aws.amazon.com/AmazonS3/latest/dev/S3_ACLs_UsingACLs.html) // in the Amazon S3 User Guide // -// - Define the SQL expression for the SELECT type of restoration for your -// query in the request body's SelectParameters structure. You can use expressions -// like the following examples. The following expression returns all records -// from the specified object. SELECT * FROM Object Assuming that you are -// not using any headers for data stored in the object, you can specify columns -// with positional headers. SELECT s._1, s._2 FROM Object s WHERE s._3 > -// 100 If you have headers and you set the fileHeaderInfo in the CSV structure -// in the request body to USE, you can specify headers in the query. (If -// you set the fileHeaderInfo field to IGNORE, the first row is skipped for -// the query.) You cannot mix ordinal positions with header column names. -// SELECT s.Id, s.FirstName, s.SSN FROM S3Object s -// -// For more information about using SQL with S3 Glacier Select restore, see -// SQL Reference for Amazon S3 Select and S3 Glacier Select (https://docs.aws.amazon.com/AmazonS3/latest/dev/s3-glacier-select-sql-reference.html) -// in the Amazon S3 User Guide. -// -// When making a select request, you can also do the following: -// -// - To expedite your queries, specify the Expedited tier. For more information -// about tiers, see "Restoring Archives," later in this topic. -// -// - Specify details about the data serialization format of both the input -// object that is being queried and the serialization of the CSV-encoded -// query results. -// -// The following are additional important facts about the select feature: -// -// - The output results are new Amazon S3 objects. Unlike archive retrievals, -// they are stored until explicitly deleted-manually or through a lifecycle -// policy. +// - Protecting Data Using Server-Side Encryption (https://docs.aws.amazon.com/AmazonS3/latest/dev/serv-side-encryption.html) +// in the Amazon S3 User Guide // -// - You can issue more than one select request on the same Amazon S3 object. -// Amazon S3 doesn't deduplicate requests, so avoid issuing duplicate requests. +// # Permissions // -// - Amazon S3 accepts a select request even if the object has already been -// restored. A select request doesn’t return error response 409. +// To use this operation, you must have permissions to perform the s3:RestoreObject +// action. The bucket owner has this permission by default and can grant this +// permission to others. For more information about permissions, see Permissions +// Related to Bucket Subresource Operations (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources) +// and Managing Access Permissions to Your Amazon S3 Resources (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-access-control.html) +// in the Amazon S3 User Guide. // // # Restoring objects // -// Objects that you archive to the S3 Glacier or S3 Glacier Deep Archive storage -// class, and S3 Intelligent-Tiering Archive or S3 Intelligent-Tiering Deep -// Archive tiers are not accessible in real time. For objects in Archive Access -// or Deep Archive Access tiers you must first initiate a restore request, and -// then wait until the object is moved into the Frequent Access tier. For objects -// in S3 Glacier or S3 Glacier Deep Archive storage classes you must first initiate -// a restore request, and then wait until a temporary copy of the object is -// available. To access an archived object, you must restore the object for -// the duration (number of days) that you specify. +// Objects that you archive to the S3 Glacier Flexible Retrieval Flexible Retrieval +// or S3 Glacier Deep Archive storage class, and S3 Intelligent-Tiering Archive +// or S3 Intelligent-Tiering Deep Archive tiers, are not accessible in real +// time. For objects in the S3 Glacier Flexible Retrieval Flexible Retrieval +// or S3 Glacier Deep Archive storage classes, you must first initiate a restore +// request, and then wait until a temporary copy of the object is available. +// If you want a permanent copy of the object, create a copy of it in the Amazon +// S3 Standard storage class in your S3 bucket. To access an archived object, +// you must restore the object for the duration (number of days) that you specify. +// For objects in the Archive Access or Deep Archive Access tiers of S3 Intelligent-Tiering, +// you must first initiate a restore request, and then wait until the object +// is moved into the Frequent Access tier. // // To restore a specific object version, you can provide a version ID. If you // don't provide a version ID, Amazon S3 restores the current version. // -// When restoring an archived object (or using a select request), you can specify -// one of the following data access tier options in the Tier element of the -// request body: +// When restoring an archived object, you can specify one of the following data +// access tier options in the Tier element of the request body: // // - Expedited - Expedited retrievals allow you to quickly access your data -// stored in the S3 Glacier storage class or S3 Intelligent-Tiering Archive -// tier when occasional urgent requests for a subset of archives are required. -// For all but the largest archived objects (250 MB+), data accessed using -// Expedited retrievals is typically made available within 1–5 minutes. -// Provisioned capacity ensures that retrieval capacity for Expedited retrievals -// is available when you need it. Expedited retrievals and provisioned capacity -// are not available for objects stored in the S3 Glacier Deep Archive storage -// class or S3 Intelligent-Tiering Deep Archive tier. +// stored in the S3 Glacier Flexible Retrieval Flexible Retrieval storage +// class or S3 Intelligent-Tiering Archive tier when occasional urgent requests +// for restoring archives are required. For all but the largest archived +// objects (250 MB+), data accessed using Expedited retrievals is typically +// made available within 1–5 minutes. Provisioned capacity ensures that +// retrieval capacity for Expedited retrievals is available when you need +// it. Expedited retrievals and provisioned capacity are not available for +// objects stored in the S3 Glacier Deep Archive storage class or S3 Intelligent-Tiering +// Deep Archive tier. // // - Standard - Standard retrievals allow you to access any of your archived // objects within several hours. This is the default option for retrieval // requests that do not specify the retrieval option. Standard retrievals // typically finish within 3–5 hours for objects stored in the S3 Glacier -// storage class or S3 Intelligent-Tiering Archive tier. They typically finish -// within 12 hours for objects stored in the S3 Glacier Deep Archive storage -// class or S3 Intelligent-Tiering Deep Archive tier. Standard retrievals -// are free for objects stored in S3 Intelligent-Tiering. -// -// - Bulk - Bulk retrievals are the lowest-cost retrieval option in S3 Glacier, -// enabling you to retrieve large amounts, even petabytes, of data inexpensively. -// Bulk retrievals typically finish within 5–12 hours for objects stored -// in the S3 Glacier storage class or S3 Intelligent-Tiering Archive tier. -// They typically finish within 48 hours for objects stored in the S3 Glacier -// Deep Archive storage class or S3 Intelligent-Tiering Deep Archive tier. -// Bulk retrievals are free for objects stored in S3 Intelligent-Tiering. +// Flexible Retrieval Flexible Retrieval storage class or S3 Intelligent-Tiering +// Archive tier. They typically finish within 12 hours for objects stored +// in the S3 Glacier Deep Archive storage class or S3 Intelligent-Tiering +// Deep Archive tier. Standard retrievals are free for objects stored in +// S3 Intelligent-Tiering. +// +// - Bulk - Bulk retrievals free for objects stored in the S3 Glacier Flexible +// Retrieval and S3 Intelligent-Tiering storage classes, enabling you to +// retrieve large amounts, even petabytes, of data at no cost. Bulk retrievals +// typically finish within 5–12 hours for objects stored in the S3 Glacier +// Flexible Retrieval Flexible Retrieval storage class or S3 Intelligent-Tiering +// Archive tier. Bulk retrievals are also the lowest-cost retrieval option +// when restoring objects from S3 Glacier Deep Archive. They typically finish +// within 48 hours for objects stored in the S3 Glacier Deep Archive storage +// class or S3 Intelligent-Tiering Deep Archive tier. // // For more information about archive retrieval options and provisioned capacity // for Expedited data access, see Restoring Archived Objects (https://docs.aws.amazon.com/AmazonS3/latest/dev/restoring-objects.html) @@ -10368,11 +11315,9 @@ func (c *S3) RestoreObjectRequest(input *RestoreObjectInput) (req *request.Reque // - If the object is previously restored, Amazon S3 returns 200 OK in the // response. // -// Special Errors -// -// - Code: RestoreAlreadyInProgress Cause: Object restore is already in progress. -// (This error does not apply to SELECT type requests.) HTTP Status Code: -// 409 Conflict SOAP Fault Code Prefix: Client +// - Special errors: Code: RestoreAlreadyInProgress Cause: Object restore +// is already in progress. HTTP Status Code: 409 Conflict SOAP Fault Code +// Prefix: Client // // - Code: GlacierExpeditedRetrievalNotAvailable Cause: expedited retrievals // are currently not available. Try again later. (Returned if there is insufficient @@ -10380,15 +11325,12 @@ func (c *S3) RestoreObjectRequest(input *RestoreObjectInput) (req *request.Reque // Expedited retrievals and not to S3 Standard or Bulk retrievals.) HTTP // Status Code: 503 SOAP Fault Code Prefix: N/A // -// Related Resources +// The following operations are related to RestoreObject: // // - PutBucketLifecycleConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketLifecycleConfiguration.html) // // - GetBucketNotificationConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketNotificationConfiguration.html) // -// - SQL Reference for Amazon S3 Select and S3 Glacier Select (https://docs.aws.amazon.com/AmazonS3/latest/dev/s3-glacier-select-sql-reference.html) -// in the Amazon S3 User Guide -// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -10474,6 +11416,8 @@ func (c *S3) SelectObjectContentRequest(input *SelectObjectContentInput) (req *r // SelectObjectContent API operation for Amazon Simple Storage Service. // +// This operation is not supported by directory buckets. +// // This action filters the contents of an Amazon S3 object based on a simple // structured query language (SQL) statement. In the request, along with the // SQL expression, you must also specify a data serialization format (JSON, @@ -10482,20 +11426,16 @@ func (c *S3) SelectObjectContentRequest(input *SelectObjectContentInput) (req *r // SQL expression. You must also specify the data serialization format for the // response. // -// This action is not supported by Amazon S3 on Outposts. +// This functionality is not supported for Amazon S3 on Outposts. // // For more information about Amazon S3 Select, see Selecting Content from Objects // (https://docs.aws.amazon.com/AmazonS3/latest/dev/selecting-content-from-objects.html) // and SELECT Command (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-glacier-select-sql-reference-select.html) // in the Amazon S3 User Guide. // -// For more information about using SQL with Amazon S3 Select, see SQL Reference -// for Amazon S3 Select and S3 Glacier Select (https://docs.aws.amazon.com/AmazonS3/latest/dev/s3-glacier-select-sql-reference.html) -// in the Amazon S3 User Guide. -// // # Permissions // -// You must have s3:GetObject permission for this operation. Amazon S3 Select +// You must have the s3:GetObject permission for this operation. Amazon S3 Select // does not support anonymous access. For more information about permissions, // see Specifying Permissions in a Policy (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-with-s3-actions.html) // in the Amazon S3 User Guide. @@ -10522,10 +11462,10 @@ func (c *S3) SelectObjectContentRequest(input *SelectObjectContentInput) (req *r // For more information about SSE-C, see Server-Side Encryption (Using Customer-Provided // Encryption Keys) (https://docs.aws.amazon.com/AmazonS3/latest/dev/ServerSideEncryptionCustomerKeys.html) // in the Amazon S3 User Guide. For objects that are encrypted with Amazon -// S3 managed encryption keys (SSE-S3) and Amazon Web Services KMS keys (SSE-KMS), -// server-side encryption is handled transparently, so you don't need to -// specify anything. For more information about server-side encryption, including -// SSE-S3 and SSE-KMS, see Protecting Data Using Server-Side Encryption (https://docs.aws.amazon.com/AmazonS3/latest/dev/serv-side-encryption.html) +// S3 managed keys (SSE-S3) and Amazon Web Services KMS keys (SSE-KMS), server-side +// encryption is handled transparently, so you don't need to specify anything. +// For more information about server-side encryption, including SSE-S3 and +// SSE-KMS, see Protecting Data Using Server-Side Encryption (https://docs.aws.amazon.com/AmazonS3/latest/dev/serv-side-encryption.html) // in the Amazon S3 User Guide. // // # Working with the Response Body @@ -10545,9 +11485,13 @@ func (c *S3) SelectObjectContentRequest(input *SelectObjectContentInput) (req *r // in the request parameters), you cannot specify the range of bytes of an // object to return. // -// - GLACIER, DEEP_ARCHIVE and REDUCED_REDUNDANCY storage classes: You cannot -// specify the GLACIER, DEEP_ARCHIVE, or REDUCED_REDUNDANCY storage classes. -// For more information, about storage classes see Storage Classes (https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingMetadata.html#storage-class-intro) +// - The GLACIER, DEEP_ARCHIVE, and REDUCED_REDUNDANCY storage classes, or +// the ARCHIVE_ACCESS and DEEP_ARCHIVE_ACCESS access tiers of the INTELLIGENT_TIERING +// storage class: You cannot query objects in the GLACIER, DEEP_ARCHIVE, +// or REDUCED_REDUNDANCY storage classes, nor objects in the ARCHIVE_ACCESS +// or DEEP_ARCHIVE_ACCESS access tiers of the INTELLIGENT_TIERING storage +// class. For more information about storage classes, see Using Amazon S3 +// storage classes (https://docs.aws.amazon.com/AmazonS3/latest/userguide/storage-class-intro.html) // in the Amazon S3 User Guide. // // # Special Errors @@ -10555,7 +11499,7 @@ func (c *S3) SelectObjectContentRequest(input *SelectObjectContentInput) (req *r // For a list of special errors for this operation, see List of SELECT Object // Content Error Codes (https://docs.aws.amazon.com/AmazonS3/latest/API/ErrorResponses.html#SelectObjectContentErrorCodeList) // -// Related Resources +// The following operations are related to SelectObjectContent: // // - GetObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObject.html) // @@ -10592,6 +11536,7 @@ func (c *S3) SelectObjectContentWithContext(ctx aws.Context, input *SelectObject } var _ awserr.Error +var _ time.Time // SelectObjectContentEventStream provides the event stream handling for the SelectObjectContent. // @@ -10803,15 +11748,15 @@ func (c *S3) UploadPartRequest(input *UploadPartInput) (req *request.Request, ou // // Uploads a part in a multipart upload. // -// In this operation, you provide part data in your request. However, you have -// an option to specify your existing Amazon S3 object as a data source for -// the part you are uploading. To upload a part from an existing object, you -// use the UploadPartCopy (https://docs.aws.amazon.com/AmazonS3/latest/API/API_UploadPartCopy.html) +// In this operation, you provide new data as a part of an object in your request. +// However, you have an option to specify your existing Amazon S3 object as +// a data source for the part you are uploading. To upload a part from an existing +// object, you use the UploadPartCopy (https://docs.aws.amazon.com/AmazonS3/latest/API/API_UploadPartCopy.html) // operation. // // You must initiate a multipart upload (see CreateMultipartUpload (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateMultipartUpload.html)) // before you can upload any part. In response to your initiate request, Amazon -// S3 returns an upload ID, a unique identifier, that you must include in your +// S3 returns an upload ID, a unique identifier that you must include in your // upload part request. // // Part numbers can be any number from 1 to 10,000, inclusive. A part number @@ -10823,18 +11768,8 @@ func (c *S3) UploadPartRequest(input *UploadPartInput) (req *request.Request, ou // upload specifications, see Multipart upload limits (https://docs.aws.amazon.com/AmazonS3/latest/userguide/qfacts.html) // in the Amazon S3 User Guide. // -// To ensure that data is not corrupted when traversing the network, specify -// the Content-MD5 header in the upload part request. Amazon S3 checks the part -// data against the provided MD5 value. If they do not match, Amazon S3 returns -// an error. -// -// If the upload request is signed with Signature Version 4, then Amazon Web -// Services S3 uses the x-amz-content-sha256 header as a checksum instead of -// Content-MD5. For more information see Authenticating Requests: Using the -// Authorization Header (Amazon Web Services Signature Version 4) (https://docs.aws.amazon.com/AmazonS3/latest/API/sigv4-auth-using-authorization-header.html). -// -// Note: After you initiate multipart upload and upload one or more parts, you -// must either complete or abort multipart upload in order to stop getting charged +// After you initiate multipart upload and upload one or more parts, you must +// either complete or abort multipart upload in order to stop getting charged // for storage of the uploaded parts. Only after you either complete or abort // multipart upload, Amazon S3 frees up the parts storage and stops charging // you for the parts storage. @@ -10843,44 +11778,90 @@ func (c *S3) UploadPartRequest(input *UploadPartInput) (req *request.Request, ou // (https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuoverview.html) in the // Amazon S3 User Guide . // -// For information on the permissions required to use the multipart upload API, -// go to Multipart Upload and Permissions (https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuAndPermissions.html) +// Directory buckets - For directory buckets, you must make requests for this +// API operation to the Zonal endpoint. These endpoints support virtual-hosted-style +// requests in the format https://bucket_name.s3express-az_id.region.amazonaws.com/key-name +// . Path-style requests are not supported. For more information, see Regional +// and Zonal endpoints (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-Regions-and-Zones.html) // in the Amazon S3 User Guide. // -// You can optionally request server-side encryption where Amazon S3 encrypts -// your data as it writes it to disks in its data centers and decrypts it for -// you when you access it. You have the option of providing your own encryption -// key, or you can use the Amazon Web Services managed encryption keys. If you -// choose to provide your own encryption key, the request headers you provide -// in the request must match the headers you used in the request to initiate -// the upload by using CreateMultipartUpload (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateMultipartUpload.html). -// For more information, go to Using Server-Side Encryption (https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingServerSideEncryption.html) -// in the Amazon S3 User Guide. +// Permissions // -// Server-side encryption is supported by the S3 Multipart Upload actions. Unless -// you are using a customer-provided encryption key, you don't need to specify -// the encryption parameters in each UploadPart request. Instead, you only need -// to specify the server-side encryption parameters in the initial Initiate -// Multipart request. For more information, see CreateMultipartUpload (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateMultipartUpload.html). +// - General purpose bucket permissions - For information on the permissions +// required to use the multipart upload API, see Multipart Upload and Permissions +// (https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuAndPermissions.html) +// in the Amazon S3 User Guide. // -// If you requested server-side encryption using a customer-provided encryption -// key in your initiate multipart upload request, you must provide identical -// encryption information in each part upload using the following headers. +// - Directory bucket permissions - To grant access to this API operation +// on a directory bucket, we recommend that you use the CreateSession (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html) +// API operation for session-based authorization. Specifically, you grant +// the s3express:CreateSession permission to the directory bucket in a bucket +// policy or an IAM identity-based policy. Then, you make the CreateSession +// API call on the bucket to obtain a session token. With the session token +// in your request header, you can make API requests to this operation. After +// the session token expires, you make another CreateSession API call to +// generate a new session token for use. Amazon Web Services CLI or SDKs +// create session and refresh the session token automatically to avoid service +// interruptions when a session expires. For more information about authorization, +// see CreateSession (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html). +// +// # Data integrity +// +// General purpose bucket - To ensure that data is not corrupted traversing +// the network, specify the Content-MD5 header in the upload part request. Amazon +// S3 checks the part data against the provided MD5 value. If they do not match, +// Amazon S3 returns an error. If the upload request is signed with Signature +// Version 4, then Amazon Web Services S3 uses the x-amz-content-sha256 header +// as a checksum instead of Content-MD5. For more information see Authenticating +// Requests: Using the Authorization Header (Amazon Web Services Signature Version +// 4) (https://docs.aws.amazon.com/AmazonS3/latest/API/sigv4-auth-using-authorization-header.html). +// +// Directory buckets - MD5 is not supported by directory buckets. You can use +// checksum algorithms to check object integrity. +// +// Encryption +// +// - General purpose bucket - Server-side encryption is for data encryption +// at rest. Amazon S3 encrypts your data as it writes it to disks in its +// data centers and decrypts it when you access it. You have mutually exclusive +// options to protect data using server-side encryption in Amazon S3, depending +// on how you choose to manage the encryption keys. Specifically, the encryption +// key options are Amazon S3 managed keys (SSE-S3), Amazon Web Services KMS +// keys (SSE-KMS), and Customer-Provided Keys (SSE-C). Amazon S3 encrypts +// data with server-side encryption using Amazon S3 managed keys (SSE-S3) +// by default. You can optionally tell Amazon S3 to encrypt data at rest +// using server-side encryption with other key options. The option you use +// depends on whether you want to use KMS keys (SSE-KMS) or provide your +// own encryption key (SSE-C). Server-side encryption is supported by the +// S3 Multipart Upload operations. Unless you are using a customer-provided +// encryption key (SSE-C), you don't need to specify the encryption parameters +// in each UploadPart request. Instead, you only need to specify the server-side +// encryption parameters in the initial Initiate Multipart request. For more +// information, see CreateMultipartUpload (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateMultipartUpload.html). +// If you request server-side encryption using a customer-provided encryption +// key (SSE-C) in your initiate multipart upload request, you must provide +// identical encryption information in each part upload using the following +// request headers. x-amz-server-side-encryption-customer-algorithm x-amz-server-side-encryption-customer-key +// x-amz-server-side-encryption-customer-key-MD5 +// +// - Directory bucket - For directory buckets, only server-side encryption +// with Amazon S3 managed keys (SSE-S3) (AES256) is supported. +// +// For more information, see Using Server-Side Encryption (https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingServerSideEncryption.html) +// in the Amazon S3 User Guide. // -// - x-amz-server-side-encryption-customer-algorithm +// Special errors // -// - x-amz-server-side-encryption-customer-key +// - Error Code: NoSuchUpload Description: The specified multipart upload +// does not exist. The upload ID might be invalid, or the multipart upload +// might have been aborted or completed. HTTP Status Code: 404 Not Found +// SOAP Fault Code Prefix: Client // -// - x-amz-server-side-encryption-customer-key-MD5 +// # HTTP Host header syntax // -// Special Errors +// Directory buckets - The HTTP Host header syntax is Bucket_name.s3express-az_id.region.amazonaws.com. // -// - Code: NoSuchUpload Cause: The specified multipart upload does not exist. -// The upload ID might be invalid, or the multipart upload might have been -// aborted or completed. HTTP Status Code: 404 Not Found SOAP Fault Code -// Prefix: Client -// -// Related Resources +// The following operations are related to UploadPart: // // - CreateMultipartUpload (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateMultipartUpload.html) // @@ -10963,83 +11944,107 @@ func (c *S3) UploadPartCopyRequest(input *UploadPartCopyInput) (req *request.Req // UploadPartCopy API operation for Amazon Simple Storage Service. // -// Uploads a part by copying data from an existing object as data source. You -// specify the data source by adding the request header x-amz-copy-source in -// your request and a byte range by adding the request header x-amz-copy-source-range +// Uploads a part by copying data from an existing object as data source. To +// specify the data source, you add the request header x-amz-copy-source in +// your request. To specify a byte range, you add the request header x-amz-copy-source-range // in your request. // // For information about maximum and minimum part sizes and other multipart // upload specifications, see Multipart upload limits (https://docs.aws.amazon.com/AmazonS3/latest/userguide/qfacts.html) // in the Amazon S3 User Guide. // -// Instead of using an existing object as part data, you might use the UploadPart -// (https://docs.aws.amazon.com/AmazonS3/latest/API/API_UploadPart.html) action -// and provide data in your request. +// Instead of copying data from an existing object as part data, you might use +// the UploadPart (https://docs.aws.amazon.com/AmazonS3/latest/API/API_UploadPart.html) +// action to upload new data as a part of an object in your request. // // You must initiate a multipart upload before you can upload any part. In response -// to your initiate request. Amazon S3 returns a unique identifier, the upload -// ID, that you must include in your upload part request. +// to your initiate request, Amazon S3 returns the upload ID, a unique identifier +// that you must include in your upload part request. +// +// For conceptual information about multipart uploads, see Uploading Objects +// Using Multipart Upload (https://docs.aws.amazon.com/AmazonS3/latest/dev/uploadobjusingmpu.html) +// in the Amazon S3 User Guide. For information about copying objects using +// a single atomic action vs. a multipart upload, see Operations on Objects +// (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectOperations.html) in +// the Amazon S3 User Guide. // -// For more information about using the UploadPartCopy operation, see the following: +// Directory buckets - For directory buckets, you must make requests for this +// API operation to the Zonal endpoint. These endpoints support virtual-hosted-style +// requests in the format https://bucket_name.s3express-az_id.region.amazonaws.com/key-name +// . Path-style requests are not supported. For more information, see Regional +// and Zonal endpoints (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-Regions-and-Zones.html) +// in the Amazon S3 User Guide. // -// - For conceptual information about multipart uploads, see Uploading Objects -// Using Multipart Upload (https://docs.aws.amazon.com/AmazonS3/latest/dev/uploadobjusingmpu.html) -// in the Amazon S3 User Guide. +// # Authentication and authorization // -// - For information about permissions required to use the multipart upload -// API, see Multipart Upload and Permissions (https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuAndPermissions.html) -// in the Amazon S3 User Guide. +// All UploadPartCopy requests must be authenticated and signed by using IAM +// credentials (access key ID and secret access key for the IAM identities). +// All headers with the x-amz- prefix, including x-amz-copy-source, must be +// signed. For more information, see REST Authentication (https://docs.aws.amazon.com/AmazonS3/latest/dev/RESTAuthentication.html). // -// - For information about copying objects using a single atomic action vs. -// a multipart upload, see Operations on Objects (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectOperations.html) -// in the Amazon S3 User Guide. +// Directory buckets - You must use IAM credentials to authenticate and authorize +// your access to the UploadPartCopy API operation, instead of using the temporary +// security credentials through the CreateSession API operation. // -// - For information about using server-side encryption with customer-provided -// encryption keys with the UploadPartCopy operation, see CopyObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CopyObject.html) -// and UploadPart (https://docs.aws.amazon.com/AmazonS3/latest/API/API_UploadPart.html). +// Amazon Web Services CLI or SDKs handles authentication and authorization +// on your behalf. // -// Note the following additional considerations about the request headers x-amz-copy-source-if-match, -// x-amz-copy-source-if-none-match, x-amz-copy-source-if-unmodified-since, and -// x-amz-copy-source-if-modified-since: +// # Permissions // -// - Consideration 1 - If both of the x-amz-copy-source-if-match and x-amz-copy-source-if-unmodified-since -// headers are present in the request as follows: x-amz-copy-source-if-match -// condition evaluates to true, and; x-amz-copy-source-if-unmodified-since -// condition evaluates to false; Amazon S3 returns 200 OK and copies the -// data. +// You must have READ access to the source object and WRITE access to the destination +// bucket. // -// - Consideration 2 - If both of the x-amz-copy-source-if-none-match and -// x-amz-copy-source-if-modified-since headers are present in the request -// as follows: x-amz-copy-source-if-none-match condition evaluates to false, -// and; x-amz-copy-source-if-modified-since condition evaluates to true; -// Amazon S3 returns 412 Precondition Failed response code. +// - General purpose bucket permissions - You must have the permissions in +// a policy based on the bucket types of your source bucket and destination +// bucket in an UploadPartCopy operation. If the source object is in a general +// purpose bucket, you must have the s3:GetObject permission to read the +// source object that is being copied. If the destination bucket is a general +// purpose bucket, you must have the s3:PutObject permission to write the +// object copy to the destination bucket. For information about permissions +// required to use the multipart upload API, see Multipart Upload and Permissions +// (https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuAndPermissions.html) +// in the Amazon S3 User Guide. // -// # Versioning +// - Directory bucket permissions - You must have permissions in a bucket +// policy or an IAM identity-based policy based on the source and destination +// bucket types in an UploadPartCopy operation. If the source object that +// you want to copy is in a directory bucket, you must have the s3express:CreateSession +// permission in the Action element of a policy to read the object . By default, +// the session is in the ReadWrite mode. If you want to restrict the access, +// you can explicitly set the s3express:SessionMode condition key to ReadOnly +// on the copy source bucket. If the copy destination is a directory bucket, +// you must have the s3express:CreateSession permission in the Action element +// of a policy to write the object to the destination. The s3express:SessionMode +// condition key cannot be set to ReadOnly on the copy destination. For example +// policies, see Example bucket policies for S3 Express One Zone (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-security-iam-example-bucket-policies.html) +// and Amazon Web Services Identity and Access Management (IAM) identity-based +// policies for S3 Express One Zone (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-security-iam-identity-policies.html) +// in the Amazon S3 User Guide. +// +// Encryption // -// If your bucket has versioning enabled, you could have multiple versions of -// the same object. By default, x-amz-copy-source identifies the current version -// of the object to copy. If the current version is a delete marker and you -// don't specify a versionId in the x-amz-copy-source, Amazon S3 returns a 404 -// error, because the object does not exist. If you specify versionId in the -// x-amz-copy-source and the versionId is a delete marker, Amazon S3 returns -// an HTTP 400 error, because you are not allowed to specify a delete marker -// as a version for the x-amz-copy-source. +// - General purpose buckets - For information about using server-side encryption +// with customer-provided encryption keys with the UploadPartCopy operation, +// see CopyObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CopyObject.html) +// and UploadPart (https://docs.aws.amazon.com/AmazonS3/latest/API/API_UploadPart.html). +// +// - Directory buckets - For directory buckets, only server-side encryption +// with Amazon S3 managed keys (SSE-S3) (AES256) is supported. // -// You can optionally specify a specific version of the source object to copy -// by adding the versionId subresource as shown in the following example: +// Special errors // -// x-amz-copy-source: /bucket/object?versionId=version id +// - Error Code: NoSuchUpload Description: The specified multipart upload +// does not exist. The upload ID might be invalid, or the multipart upload +// might have been aborted or completed. HTTP Status Code: 404 Not Found // -// Special Errors +// - Error Code: InvalidRequest Description: The specified copy source is +// not supported as a byte-range copy source. HTTP Status Code: 400 Bad Request // -// - Code: NoSuchUpload Cause: The specified multipart upload does not exist. -// The upload ID might be invalid, or the multipart upload might have been -// aborted or completed. HTTP Status Code: 404 Not Found +// # HTTP Host header syntax // -// - Code: InvalidRequest Cause: The specified copy source is not supported -// as a byte-range copy source. HTTP Status Code: 400 Bad Request +// Directory buckets - The HTTP Host header syntax is Bucket_name.s3express-az_id.region.amazonaws.com. // -// Related Resources +// The following operations are related to UploadPartCopy: // // - CreateMultipartUpload (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateMultipartUpload.html) // @@ -11130,6 +12135,8 @@ func (c *S3) WriteGetObjectResponseRequest(input *WriteGetObjectResponseInput) ( // WriteGetObjectResponse API operation for Amazon Simple Storage Service. // +// This operation is not supported by directory buckets. +// // Passes transformed objects to a GetObject operation when using Object Lambda // access points. For information about Object Lambda access points, see Transforming // objects with Object Lambda access points (https://docs.aws.amazon.com/AmazonS3/latest/userguide/transforming-objects.html) @@ -11205,7 +12212,7 @@ func (c *S3) WriteGetObjectResponseWithContext(ctx aws.Context, input *WriteGetO // Specifies the days since the initiation of an incomplete multipart upload // that Amazon S3 will wait before permanently removing all parts of the upload. // For more information, see Aborting Incomplete Multipart Uploads Using a Bucket -// Lifecycle Policy (https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuoverview.html#mpu-abort-incomplete-mpu-lifecycle-config) +// Lifecycle Configuration (https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuoverview.html#mpu-abort-incomplete-mpu-lifecycle-config) // in the Amazon S3 User Guide. type AbortIncompleteMultipartUpload struct { _ struct{} `type:"structure"` @@ -11244,27 +12251,41 @@ type AbortMultipartUploadInput struct { // The bucket name to which the upload was taking place. // - // When using this action with an access point, you must direct requests to - // the access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. + // Directory buckets - When you use this operation with a directory bucket, + // you must use virtual-hosted-style requests in the format Bucket_name.s3express-az_id.region.amazonaws.com. + // Path-style requests are not supported. Directory bucket names must be unique + // in the chosen Availability Zone. Bucket names must follow the format bucket_base_name--az-id--x-s3 + // (for example, DOC-EXAMPLE-BUCKET--usw2-az1--x-s3). For information about + // bucket naming restrictions, see Directory bucket naming rules (https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-bucket-naming-rules.html) + // in the Amazon S3 User Guide. + // + // Access points - When you use this action with an access point, you must provide + // the alias of the access point in place of the bucket name or specify the + // access point ARN. When using the access point ARN, you must direct requests + // to the access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. // When using this action with an access point through the Amazon Web Services // SDKs, you provide the access point ARN in place of the bucket name. For more // information about access point ARNs, see Using access points (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html) // in the Amazon S3 User Guide. // - // When using this action with Amazon S3 on Outposts, you must direct requests - // to the S3 on Outposts hostname. The S3 on Outposts hostname takes the form - // AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com. When - // using this action with S3 on Outposts through the Amazon Web Services SDKs, - // you provide the Outposts bucket ARN in place of the bucket name. For more - // information about S3 on Outposts ARNs, see Using Amazon S3 on Outposts (https://docs.aws.amazon.com/AmazonS3/latest/userguide/S3onOutposts.html) + // Access points and Object Lambda access points are not supported by directory + // buckets. + // + // S3 on Outposts - When you use this action with Amazon S3 on Outposts, you + // must direct requests to the S3 on Outposts hostname. The S3 on Outposts hostname + // takes the form AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com. + // When you use this action with S3 on Outposts through the Amazon Web Services + // SDKs, you provide the Outposts access point ARN in place of the bucket name. + // For more information about S3 on Outposts ARNs, see What is S3 on Outposts? + // (https://docs.aws.amazon.com/AmazonS3/latest/userguide/S3onOutposts.html) // in the Amazon S3 User Guide. // // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` // Key of the object for which the multipart upload was initiated. @@ -11273,10 +12294,14 @@ type AbortMultipartUploadInput struct { Key *string `location:"uri" locationName:"Key" min:"1" type:"string" required:"true"` // Confirms that the requester knows that they will be charged for the request. - // Bucket owners need not specify this parameter in their requests. For information - // about downloading objects from Requester Pays buckets, see Downloading Objects + // Bucket owners need not specify this parameter in their requests. If either + // the source or destination S3 bucket has Requester Pays enabled, the requester + // will pay for corresponding charges to copy the object. For information about + // downloading objects from Requester Pays buckets, see Downloading Objects // in Requester Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) // in the Amazon S3 User Guide. + // + // This functionality is not supported for directory buckets. RequestPayer *string `location:"header" locationName:"x-amz-request-payer" type:"string" enum:"RequestPayer"` // Upload ID that identifies the multipart upload. @@ -11397,6 +12422,8 @@ type AbortMultipartUploadOutput struct { // If present, indicates that the requester was successfully charged for the // request. + // + // This functionality is not supported for directory buckets. RequestCharged *string `location:"header" locationName:"x-amz-request-charged" type:"string" enum:"RequestCharged"` } @@ -11931,9 +12958,7 @@ func (s *AnalyticsS3BucketDestination) SetPrefix(v string) *AnalyticsS3BucketDes return s } -// In terms of implementation, a Bucket is a resource. An Amazon S3 bucket name -// is globally unique, and the namespace is shared by all Amazon Web Services -// accounts. +// In terms of implementation, a Bucket is a resource. type Bucket struct { _ struct{} `type:"structure"` @@ -11975,6 +13000,51 @@ func (s *Bucket) SetName(v string) *Bucket { return s } +// Specifies the information about the bucket that will be created. For more +// information about directory buckets, see Directory buckets (https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-buckets-overview.html) +// in the Amazon S3 User Guide. +// +// This functionality is only supported by directory buckets. +type BucketInfo struct { + _ struct{} `type:"structure"` + + // The number of Availability Zone that's used for redundancy for the bucket. + DataRedundancy *string `type:"string" enum:"DataRedundancy"` + + // The type of bucket. + Type *string `type:"string" enum:"BucketType"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s BucketInfo) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s BucketInfo) GoString() string { + return s.String() +} + +// SetDataRedundancy sets the DataRedundancy field's value. +func (s *BucketInfo) SetDataRedundancy(v string) *BucketInfo { + s.DataRedundancy = &v + return s +} + +// SetType sets the Type field's value. +func (s *BucketInfo) SetType(v string) *BucketInfo { + s.Type = &v + return s +} + // Specifies the lifecycle configuration for objects in an Amazon S3 bucket. // For more information, see Object Lifecycle Management (https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lifecycle-mgmt.html) // in the Amazon S3 User Guide. @@ -12261,7 +13331,9 @@ type CSVInput struct { // A single character used to indicate that a row should be ignored when the // character is present at the start of that row. You can specify any character - // to indicate a comment line. + // to indicate a comment line. The default character is #. + // + // Default: # Comments *string `type:"string"` // A single character used to separate individual fields in a record. You can @@ -12444,34 +13516,42 @@ type Checksum struct { _ struct{} `type:"structure"` // The base64-encoded, 32-bit CRC32 checksum of the object. This will only be - // present if it was uploaded with the object. With multipart uploads, this - // may not be a checksum value of the object. For more information about how - // checksums are calculated with multipart uploads, see Checking object integrity - // (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) + // present if it was uploaded with the object. When you use an API operation + // on an object that was uploaded using multipart uploads, this value may not + // be a direct checksum value of the full object. Instead, it's a calculation + // based on the checksum values of each individual part. For more information + // about how checksums are calculated with multipart uploads, see Checking object + // integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) // in the Amazon S3 User Guide. ChecksumCRC32 *string `type:"string"` // The base64-encoded, 32-bit CRC32C checksum of the object. This will only - // be present if it was uploaded with the object. With multipart uploads, this - // may not be a checksum value of the object. For more information about how - // checksums are calculated with multipart uploads, see Checking object integrity - // (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) + // be present if it was uploaded with the object. When you use an API operation + // on an object that was uploaded using multipart uploads, this value may not + // be a direct checksum value of the full object. Instead, it's a calculation + // based on the checksum values of each individual part. For more information + // about how checksums are calculated with multipart uploads, see Checking object + // integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) // in the Amazon S3 User Guide. ChecksumCRC32C *string `type:"string"` // The base64-encoded, 160-bit SHA-1 digest of the object. This will only be - // present if it was uploaded with the object. With multipart uploads, this - // may not be a checksum value of the object. For more information about how - // checksums are calculated with multipart uploads, see Checking object integrity - // (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) + // present if it was uploaded with the object. When you use the API operation + // on an object that was uploaded using multipart uploads, this value may not + // be a direct checksum value of the full object. Instead, it's a calculation + // based on the checksum values of each individual part. For more information + // about how checksums are calculated with multipart uploads, see Checking object + // integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) // in the Amazon S3 User Guide. ChecksumSHA1 *string `type:"string"` // The base64-encoded, 256-bit SHA-256 digest of the object. This will only - // be present if it was uploaded with the object. With multipart uploads, this - // may not be a checksum value of the object. For more information about how - // checksums are calculated with multipart uploads, see Checking object integrity - // (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) + // be present if it was uploaded with the object. When you use an API operation + // on an object that was uploaded using multipart uploads, this value may not + // be a direct checksum value of the full object. Instead, it's a calculation + // based on the checksum values of each individual part. For more information + // about how checksums are calculated with multipart uploads, see Checking object + // integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) // in the Amazon S3 User Guide. ChecksumSHA256 *string `type:"string"` } @@ -12631,19 +13711,33 @@ type CompleteMultipartUploadInput struct { // Name of the bucket to which the multipart upload was initiated. // - // When using this action with an access point, you must direct requests to - // the access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. + // Directory buckets - When you use this operation with a directory bucket, + // you must use virtual-hosted-style requests in the format Bucket_name.s3express-az_id.region.amazonaws.com. + // Path-style requests are not supported. Directory bucket names must be unique + // in the chosen Availability Zone. Bucket names must follow the format bucket_base_name--az-id--x-s3 + // (for example, DOC-EXAMPLE-BUCKET--usw2-az1--x-s3). For information about + // bucket naming restrictions, see Directory bucket naming rules (https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-bucket-naming-rules.html) + // in the Amazon S3 User Guide. + // + // Access points - When you use this action with an access point, you must provide + // the alias of the access point in place of the bucket name or specify the + // access point ARN. When using the access point ARN, you must direct requests + // to the access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. // When using this action with an access point through the Amazon Web Services // SDKs, you provide the access point ARN in place of the bucket name. For more // information about access point ARNs, see Using access points (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html) // in the Amazon S3 User Guide. // - // When using this action with Amazon S3 on Outposts, you must direct requests - // to the S3 on Outposts hostname. The S3 on Outposts hostname takes the form - // AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com. When - // using this action with S3 on Outposts through the Amazon Web Services SDKs, - // you provide the Outposts bucket ARN in place of the bucket name. For more - // information about S3 on Outposts ARNs, see Using Amazon S3 on Outposts (https://docs.aws.amazon.com/AmazonS3/latest/userguide/S3onOutposts.html) + // Access points and Object Lambda access points are not supported by directory + // buckets. + // + // S3 on Outposts - When you use this action with Amazon S3 on Outposts, you + // must direct requests to the S3 on Outposts hostname. The S3 on Outposts hostname + // takes the form AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com. + // When you use this action with S3 on Outposts through the Amazon Web Services + // SDKs, you provide the Outposts access point ARN in place of the bucket name. + // For more information about S3 on Outposts ARNs, see What is S3 on Outposts? + // (https://docs.aws.amazon.com/AmazonS3/latest/userguide/S3onOutposts.html) // in the Amazon S3 User Guide. // // Bucket is a required field @@ -12677,9 +13771,9 @@ type CompleteMultipartUploadInput struct { // in the Amazon S3 User Guide. ChecksumSHA256 *string `location:"header" locationName:"x-amz-checksum-sha256" type:"string"` - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` // Object key for which the multipart upload was initiated. @@ -12691,16 +13785,23 @@ type CompleteMultipartUploadInput struct { MultipartUpload *CompletedMultipartUpload `locationName:"CompleteMultipartUpload" type:"structure" xmlURI:"http://s3.amazonaws.com/doc/2006-03-01/"` // Confirms that the requester knows that they will be charged for the request. - // Bucket owners need not specify this parameter in their requests. For information - // about downloading objects from Requester Pays buckets, see Downloading Objects + // Bucket owners need not specify this parameter in their requests. If either + // the source or destination S3 bucket has Requester Pays enabled, the requester + // will pay for corresponding charges to copy the object. For information about + // downloading objects from Requester Pays buckets, see Downloading Objects // in Requester Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) // in the Amazon S3 User Guide. + // + // This functionality is not supported for directory buckets. RequestPayer *string `location:"header" locationName:"x-amz-request-payer" type:"string" enum:"RequestPayer"` // The server-side encryption (SSE) algorithm used to encrypt the object. This - // parameter is needed only when the object was created using a checksum algorithm. - // For more information, see Protecting data using SSE-C keys (https://docs.aws.amazon.com/AmazonS3/latest/dev/ServerSideEncryptionCustomerKeys.html) + // parameter is required only when the object was created using a checksum algorithm + // or if your bucket policy requires the use of SSE-C. For more information, + // see Protecting data using SSE-C keys (https://docs.aws.amazon.com/AmazonS3/latest/userguide/ServerSideEncryptionCustomerKeys.html#ssec-require-condition-key) // in the Amazon S3 User Guide. + // + // This functionality is not supported for directory buckets. SSECustomerAlgorithm *string `location:"header" locationName:"x-amz-server-side-encryption-customer-algorithm" type:"string"` // The server-side encryption (SSE) customer managed key. This parameter is @@ -12708,6 +13809,8 @@ type CompleteMultipartUploadInput struct { // information, see Protecting data using SSE-C keys (https://docs.aws.amazon.com/AmazonS3/latest/dev/ServerSideEncryptionCustomerKeys.html) // in the Amazon S3 User Guide. // + // This functionality is not supported for directory buckets. + // // SSECustomerKey is a sensitive parameter and its value will be // replaced with "sensitive" in string returned by CompleteMultipartUploadInput's // String and GoString methods. @@ -12717,6 +13820,8 @@ type CompleteMultipartUploadInput struct { // is needed only when the object was created using a checksum algorithm. For // more information, see Protecting data using SSE-C keys (https://docs.aws.amazon.com/AmazonS3/latest/dev/ServerSideEncryptionCustomerKeys.html) // in the Amazon S3 User Guide. + // + // This functionality is not supported for directory buckets. SSECustomerKeyMD5 *string `location:"header" locationName:"x-amz-server-side-encryption-customer-key-MD5" type:"string"` // ID for the initiated multipart upload. @@ -12893,55 +13998,52 @@ type CompleteMultipartUploadOutput struct { // The name of the bucket that contains the newly created object. Does not return // the access point ARN or access point alias if used. // - // When using this action with an access point, you must direct requests to - // the access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. - // When using this action with an access point through the Amazon Web Services - // SDKs, you provide the access point ARN in place of the bucket name. For more - // information about access point ARNs, see Using access points (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html) - // in the Amazon S3 User Guide. - // - // When using this action with Amazon S3 on Outposts, you must direct requests - // to the S3 on Outposts hostname. The S3 on Outposts hostname takes the form - // AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com. When - // using this action with S3 on Outposts through the Amazon Web Services SDKs, - // you provide the Outposts bucket ARN in place of the bucket name. For more - // information about S3 on Outposts ARNs, see Using Amazon S3 on Outposts (https://docs.aws.amazon.com/AmazonS3/latest/userguide/S3onOutposts.html) - // in the Amazon S3 User Guide. + // Access points are not supported by directory buckets. Bucket *string `type:"string"` // Indicates whether the multipart upload uses an S3 Bucket Key for server-side - // encryption with Amazon Web Services KMS (SSE-KMS). + // encryption with Key Management Service (KMS) keys (SSE-KMS). + // + // This functionality is not supported for directory buckets. BucketKeyEnabled *bool `location:"header" locationName:"x-amz-server-side-encryption-bucket-key-enabled" type:"boolean"` // The base64-encoded, 32-bit CRC32 checksum of the object. This will only be - // present if it was uploaded with the object. With multipart uploads, this - // may not be a checksum value of the object. For more information about how - // checksums are calculated with multipart uploads, see Checking object integrity - // (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) + // present if it was uploaded with the object. When you use an API operation + // on an object that was uploaded using multipart uploads, this value may not + // be a direct checksum value of the full object. Instead, it's a calculation + // based on the checksum values of each individual part. For more information + // about how checksums are calculated with multipart uploads, see Checking object + // integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) // in the Amazon S3 User Guide. ChecksumCRC32 *string `type:"string"` // The base64-encoded, 32-bit CRC32C checksum of the object. This will only - // be present if it was uploaded with the object. With multipart uploads, this - // may not be a checksum value of the object. For more information about how - // checksums are calculated with multipart uploads, see Checking object integrity - // (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) + // be present if it was uploaded with the object. When you use an API operation + // on an object that was uploaded using multipart uploads, this value may not + // be a direct checksum value of the full object. Instead, it's a calculation + // based on the checksum values of each individual part. For more information + // about how checksums are calculated with multipart uploads, see Checking object + // integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) // in the Amazon S3 User Guide. ChecksumCRC32C *string `type:"string"` // The base64-encoded, 160-bit SHA-1 digest of the object. This will only be - // present if it was uploaded with the object. With multipart uploads, this - // may not be a checksum value of the object. For more information about how - // checksums are calculated with multipart uploads, see Checking object integrity - // (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) + // present if it was uploaded with the object. When you use the API operation + // on an object that was uploaded using multipart uploads, this value may not + // be a direct checksum value of the full object. Instead, it's a calculation + // based on the checksum values of each individual part. For more information + // about how checksums are calculated with multipart uploads, see Checking object + // integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) // in the Amazon S3 User Guide. ChecksumSHA1 *string `type:"string"` // The base64-encoded, 256-bit SHA-256 digest of the object. This will only - // be present if it was uploaded with the object. With multipart uploads, this - // may not be a checksum value of the object. For more information about how - // checksums are calculated with multipart uploads, see Checking object integrity - // (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) + // be present if it was uploaded with the object. When you use an API operation + // on an object that was uploaded using multipart uploads, this value may not + // be a direct checksum value of the full object. Instead, it's a calculation + // based on the checksum values of each individual part. For more information + // about how checksums are calculated with multipart uploads, see Checking object + // integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) // in the Amazon S3 User Guide. ChecksumSHA256 *string `type:"string"` @@ -12957,6 +14059,8 @@ type CompleteMultipartUploadOutput struct { // If the object expiration is configured, this will contain the expiration // date (expiry-date) and rule ID (rule-id). The value of rule-id is URL-encoded. + // + // This functionality is not supported for directory buckets. Expiration *string `location:"header" locationName:"x-amz-expiration" type:"string"` // The object key of the newly created object. @@ -12967,25 +14071,31 @@ type CompleteMultipartUploadOutput struct { // If present, indicates that the requester was successfully charged for the // request. + // + // This functionality is not supported for directory buckets. RequestCharged *string `location:"header" locationName:"x-amz-request-charged" type:"string" enum:"RequestCharged"` - // If present, specifies the ID of the Amazon Web Services Key Management Service - // (Amazon Web Services KMS) symmetric customer managed key that was used for - // the object. + // If present, indicates the ID of the Key Management Service (KMS) symmetric + // encryption customer managed key that was used for the object. + // + // This functionality is not supported for directory buckets. // // SSEKMSKeyId is a sensitive parameter and its value will be // replaced with "sensitive" in string returned by CompleteMultipartUploadOutput's // String and GoString methods. SSEKMSKeyId *string `location:"header" locationName:"x-amz-server-side-encryption-aws-kms-key-id" type:"string" sensitive:"true"` - // If you specified server-side encryption either with an Amazon S3-managed - // encryption key or an Amazon Web Services KMS key in your initiate multipart - // upload request, the response includes this header. It confirms the encryption - // algorithm that Amazon S3 used to encrypt the object. + // The server-side encryption algorithm used when storing this object in Amazon + // S3 (for example, AES256, aws:kms). + // + // For directory buckets, only server-side encryption with Amazon S3 managed + // keys (SSE-S3) (AES256) is supported. ServerSideEncryption *string `location:"header" locationName:"x-amz-server-side-encryption" type:"string" enum:"ServerSideEncryption"` // Version ID of the newly created object, in case the bucket has versioning // turned on. + // + // This functionality is not supported for directory buckets. VersionId *string `location:"header" locationName:"x-amz-version-id" type:"string"` } @@ -13138,34 +14248,42 @@ type CompletedPart struct { _ struct{} `type:"structure"` // The base64-encoded, 32-bit CRC32 checksum of the object. This will only be - // present if it was uploaded with the object. With multipart uploads, this - // may not be a checksum value of the object. For more information about how - // checksums are calculated with multipart uploads, see Checking object integrity - // (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) + // present if it was uploaded with the object. When you use an API operation + // on an object that was uploaded using multipart uploads, this value may not + // be a direct checksum value of the full object. Instead, it's a calculation + // based on the checksum values of each individual part. For more information + // about how checksums are calculated with multipart uploads, see Checking object + // integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) // in the Amazon S3 User Guide. ChecksumCRC32 *string `type:"string"` // The base64-encoded, 32-bit CRC32C checksum of the object. This will only - // be present if it was uploaded with the object. With multipart uploads, this - // may not be a checksum value of the object. For more information about how - // checksums are calculated with multipart uploads, see Checking object integrity - // (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) + // be present if it was uploaded with the object. When you use an API operation + // on an object that was uploaded using multipart uploads, this value may not + // be a direct checksum value of the full object. Instead, it's a calculation + // based on the checksum values of each individual part. For more information + // about how checksums are calculated with multipart uploads, see Checking object + // integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) // in the Amazon S3 User Guide. ChecksumCRC32C *string `type:"string"` // The base64-encoded, 160-bit SHA-1 digest of the object. This will only be - // present if it was uploaded with the object. With multipart uploads, this - // may not be a checksum value of the object. For more information about how - // checksums are calculated with multipart uploads, see Checking object integrity - // (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) + // present if it was uploaded with the object. When you use the API operation + // on an object that was uploaded using multipart uploads, this value may not + // be a direct checksum value of the full object. Instead, it's a calculation + // based on the checksum values of each individual part. For more information + // about how checksums are calculated with multipart uploads, see Checking object + // integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) // in the Amazon S3 User Guide. ChecksumSHA1 *string `type:"string"` // The base64-encoded, 256-bit SHA-256 digest of the object. This will only - // be present if it was uploaded with the object. With multipart uploads, this - // may not be a checksum value of the object. For more information about how - // checksums are calculated with multipart uploads, see Checking object integrity - // (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) + // be present if it was uploaded with the object. When you use an API operation + // on an object that was uploaded using multipart uploads, this value may not + // be a direct checksum value of the full object. Instead, it's a calculation + // based on the checksum values of each individual part. For more information + // about how checksums are calculated with multipart uploads, see Checking object + // integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) // in the Amazon S3 User Guide. ChecksumSHA256 *string `type:"string"` @@ -13174,6 +14292,16 @@ type CompletedPart struct { // Part number that identifies the part. This is a positive integer between // 1 and 10,000. + // + // * General purpose buckets - In CompleteMultipartUpload, when a additional + // checksum (including x-amz-checksum-crc32, x-amz-checksum-crc32c, x-amz-checksum-sha1, + // or x-amz-checksum-sha256) is applied to each part, the PartNumber must + // start at 1 and the part numbers must be consecutive. Otherwise, Amazon + // S3 generates an HTTP 400 Bad Request status code and an InvalidPartOrder + // error code. + // + // * Directory buckets - In CompleteMultipartUpload, the PartNumber must + // start at 1 and the part numbers must be consecutive. PartNumber *int64 `type:"integer"` } @@ -13333,71 +14461,134 @@ func (s *ContinuationEvent) MarshalEvent(pm protocol.PayloadMarshaler) (msg even type CopyObjectInput struct { _ struct{} `locationName:"CopyObjectRequest" type:"structure"` - // The canned ACL to apply to the object. + // The canned access control list (ACL) to apply to the object. + // + // When you copy an object, the ACL metadata is not preserved and is set to + // private by default. Only the owner has full access control. To override the + // default ACL setting, specify a new ACL when you generate a copy request. + // For more information, see Using ACLs (https://docs.aws.amazon.com/AmazonS3/latest/dev/S3_ACLs_UsingACLs.html). // - // This action is not supported by Amazon S3 on Outposts. + // If the destination bucket that you're copying objects to uses the bucket + // owner enforced setting for S3 Object Ownership, ACLs are disabled and no + // longer affect permissions. Buckets that use this setting only accept PUT + // requests that don't specify an ACL or PUT requests that specify bucket owner + // full control ACLs, such as the bucket-owner-full-control canned ACL or an + // equivalent form of this ACL expressed in the XML format. For more information, + // see Controlling ownership of objects and disabling ACLs (https://docs.aws.amazon.com/AmazonS3/latest/userguide/about-object-ownership.html) + // in the Amazon S3 User Guide. + // + // * If your destination bucket uses the bucket owner enforced setting for + // Object Ownership, all objects written to the bucket by any account will + // be owned by the bucket owner. + // + // * This functionality is not supported for directory buckets. + // + // * This functionality is not supported for Amazon S3 on Outposts. ACL *string `location:"header" locationName:"x-amz-acl" type:"string" enum:"ObjectCannedACL"` // The name of the destination bucket. // - // When using this action with an access point, you must direct requests to - // the access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. + // Directory buckets - When you use this operation with a directory bucket, + // you must use virtual-hosted-style requests in the format Bucket_name.s3express-az_id.region.amazonaws.com. + // Path-style requests are not supported. Directory bucket names must be unique + // in the chosen Availability Zone. Bucket names must follow the format bucket_base_name--az-id--x-s3 + // (for example, DOC-EXAMPLE-BUCKET--usw2-az1--x-s3). For information about + // bucket naming restrictions, see Directory bucket naming rules (https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-bucket-naming-rules.html) + // in the Amazon S3 User Guide. + // + // Access points - When you use this action with an access point, you must provide + // the alias of the access point in place of the bucket name or specify the + // access point ARN. When using the access point ARN, you must direct requests + // to the access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. // When using this action with an access point through the Amazon Web Services // SDKs, you provide the access point ARN in place of the bucket name. For more // information about access point ARNs, see Using access points (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html) // in the Amazon S3 User Guide. // - // When using this action with Amazon S3 on Outposts, you must direct requests - // to the S3 on Outposts hostname. The S3 on Outposts hostname takes the form - // AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com. When - // using this action with S3 on Outposts through the Amazon Web Services SDKs, - // you provide the Outposts bucket ARN in place of the bucket name. For more - // information about S3 on Outposts ARNs, see Using Amazon S3 on Outposts (https://docs.aws.amazon.com/AmazonS3/latest/userguide/S3onOutposts.html) + // Access points and Object Lambda access points are not supported by directory + // buckets. + // + // S3 on Outposts - When you use this action with Amazon S3 on Outposts, you + // must direct requests to the S3 on Outposts hostname. The S3 on Outposts hostname + // takes the form AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com. + // When you use this action with S3 on Outposts through the Amazon Web Services + // SDKs, you provide the Outposts access point ARN in place of the bucket name. + // For more information about S3 on Outposts ARNs, see What is S3 on Outposts? + // (https://docs.aws.amazon.com/AmazonS3/latest/userguide/S3onOutposts.html) // in the Amazon S3 User Guide. // // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` // Specifies whether Amazon S3 should use an S3 Bucket Key for object encryption - // with server-side encryption using AWS KMS (SSE-KMS). Setting this header - // to true causes Amazon S3 to use an S3 Bucket Key for object encryption with - // SSE-KMS. + // with server-side encryption using Key Management Service (KMS) keys (SSE-KMS). + // If a target object uses SSE-KMS, you can enable an S3 Bucket Key for the + // object. // - // Specifying this header with a COPY action doesn’t affect bucket-level settings - // for S3 Bucket Key. + // Setting this header to true causes Amazon S3 to use an S3 Bucket Key for + // object encryption with SSE-KMS. Specifying this header with a COPY action + // doesn’t affect bucket-level settings for S3 Bucket Key. + // + // For more information, see Amazon S3 Bucket Keys (https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-key.html) + // in the Amazon S3 User Guide. + // + // This functionality is not supported when the destination bucket is a directory + // bucket. BucketKeyEnabled *bool `location:"header" locationName:"x-amz-server-side-encryption-bucket-key-enabled" type:"boolean"` - // Specifies caching behavior along the request/reply chain. + // Specifies the caching behavior along the request/reply chain. CacheControl *string `location:"header" locationName:"Cache-Control" type:"string"` - // Indicates the algorithm you want Amazon S3 to use to create the checksum + // Indicates the algorithm that you want Amazon S3 to use to create the checksum // for the object. For more information, see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) // in the Amazon S3 User Guide. + // + // When you copy an object, if the source object has a checksum, that checksum + // value will be copied to the new object by default. If the CopyObject request + // does not include this x-amz-checksum-algorithm header, the checksum algorithm + // will be copied from the source object to the destination object (if it's + // present on the source object). You can optionally specify a different checksum + // algorithm to use with the x-amz-checksum-algorithm header. Unrecognized or + // unsupported values will respond with the HTTP status code 400 Bad Request. + // + // For directory buckets, when you use Amazon Web Services SDKs, CRC32 is the + // default checksum algorithm that's used for performance. ChecksumAlgorithm *string `location:"header" locationName:"x-amz-checksum-algorithm" type:"string" enum:"ChecksumAlgorithm"` - // Specifies presentational information for the object. + // Specifies presentational information for the object. Indicates whether an + // object should be displayed in a web browser or downloaded as a file. It allows + // specifying the desired filename for the downloaded file. ContentDisposition *string `location:"header" locationName:"Content-Disposition" type:"string"` // Specifies what content encodings have been applied to the object and thus // what decoding mechanisms must be applied to obtain the media-type referenced // by the Content-Type header field. + // + // For directory buckets, only the aws-chunked value is supported in this header + // field. ContentEncoding *string `location:"header" locationName:"Content-Encoding" type:"string"` // The language the content is in. ContentLanguage *string `location:"header" locationName:"Content-Language" type:"string"` - // A standard MIME type describing the format of the object data. + // A standard MIME type that describes the format of the object data. ContentType *string `location:"header" locationName:"Content-Type" type:"string"` - // Specifies the source object for the copy operation. You specify the value - // in one of two formats, depending on whether you want to access the source - // object through an access point (https://docs.aws.amazon.com/AmazonS3/latest/userguide/access-points.html): + // Specifies the source object for the copy operation. The source object can + // be up to 5 GB. If the source object is an object that was uploaded by using + // a multipart upload, the object copy will be a single part object after the + // source object is copied to the destination bucket. + // + // You specify the value of the copy source in one of two formats, depending + // on whether you want to access the source object through an access point (https://docs.aws.amazon.com/AmazonS3/latest/userguide/access-points.html): // // * For objects not accessed through an access point, specify the name of // the source bucket and the key of the source object, separated by a slash - // (/). For example, to copy the object reports/january.pdf from the bucket - // awsexamplebucket, use awsexamplebucket/reports/january.pdf. The value - // must be URL-encoded. + // (/). For example, to copy the object reports/january.pdf from the general + // purpose bucket awsexamplebucket, use awsexamplebucket/reports/january.pdf. + // The value must be URL-encoded. To copy the object reports/january.pdf + // from the directory bucket awsexamplebucket--use1-az5--x-s3, use awsexamplebucket--use1-az5--x-s3/reports/january.pdf. + // The value must be URL-encoded. // // * For objects accessed through access points, specify the Amazon Resource // Name (ARN) of the object as accessed through the access point, in the @@ -13406,43 +14597,104 @@ type CopyObjectInput struct { // my-access-point owned by account 123456789012 in Region us-west-2, use // the URL encoding of arn:aws:s3:us-west-2:123456789012:accesspoint/my-access-point/object/reports/january.pdf. // The value must be URL encoded. Amazon S3 supports copy operations using - // access points only when the source and destination buckets are in the - // same Amazon Web Services Region. Alternatively, for objects accessed through - // Amazon S3 on Outposts, specify the ARN of the object as accessed in the - // format arn:aws:s3-outposts:::outpost//object/. + // Access points only when the source and destination buckets are in the + // same Amazon Web Services Region. Access points are not supported by directory + // buckets. Alternatively, for objects accessed through Amazon S3 on Outposts, + // specify the ARN of the object as accessed in the format arn:aws:s3-outposts:::outpost//object/. // For example, to copy the object reports/january.pdf through outpost my-outpost // owned by account 123456789012 in Region us-west-2, use the URL encoding // of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/object/reports/january.pdf. // The value must be URL-encoded. // - // To copy a specific version of an object, append ?versionId= to - // the value (for example, awsexamplebucket/reports/january.pdf?versionId=QUpfdndhfd8438MNFDN93jdnJFkdmqnh893). + // If your source bucket versioning is enabled, the x-amz-copy-source header + // by default identifies the current version of an object to copy. If the current + // version is a delete marker, Amazon S3 behaves as if the object was deleted. + // To copy a different version, use the versionId query parameter. Specifically, + // append ?versionId= to the value (for example, awsexamplebucket/reports/january.pdf?versionId=QUpfdndhfd8438MNFDN93jdnJFkdmqnh893). // If you don't specify a version ID, Amazon S3 copies the latest version of // the source object. // + // If you enable versioning on the destination bucket, Amazon S3 generates a + // unique version ID for the copied object. This version ID is different from + // the version ID of the source object. Amazon S3 returns the version ID of + // the copied object in the x-amz-version-id response header in the response. + // + // If you do not enable versioning or suspend it on the destination bucket, + // the version ID that Amazon S3 generates in the x-amz-version-id response + // header is always null. + // + // Directory buckets - S3 Versioning isn't enabled and supported for directory + // buckets. + // // CopySource is a required field CopySource *string `location:"header" locationName:"x-amz-copy-source" type:"string" required:"true"` // Copies the object if its entity tag (ETag) matches the specified tag. + // + // If both the x-amz-copy-source-if-match and x-amz-copy-source-if-unmodified-since + // headers are present in the request and evaluate as follows, Amazon S3 returns + // 200 OK and copies the data: + // + // * x-amz-copy-source-if-match condition evaluates to true + // + // * x-amz-copy-source-if-unmodified-since condition evaluates to false CopySourceIfMatch *string `location:"header" locationName:"x-amz-copy-source-if-match" type:"string"` // Copies the object if it has been modified since the specified time. + // + // If both the x-amz-copy-source-if-none-match and x-amz-copy-source-if-modified-since + // headers are present in the request and evaluate as follows, Amazon S3 returns + // the 412 Precondition Failed response code: + // + // * x-amz-copy-source-if-none-match condition evaluates to false + // + // * x-amz-copy-source-if-modified-since condition evaluates to true CopySourceIfModifiedSince *time.Time `location:"header" locationName:"x-amz-copy-source-if-modified-since" type:"timestamp"` // Copies the object if its entity tag (ETag) is different than the specified // ETag. + // + // If both the x-amz-copy-source-if-none-match and x-amz-copy-source-if-modified-since + // headers are present in the request and evaluate as follows, Amazon S3 returns + // the 412 Precondition Failed response code: + // + // * x-amz-copy-source-if-none-match condition evaluates to false + // + // * x-amz-copy-source-if-modified-since condition evaluates to true CopySourceIfNoneMatch *string `location:"header" locationName:"x-amz-copy-source-if-none-match" type:"string"` // Copies the object if it hasn't been modified since the specified time. + // + // If both the x-amz-copy-source-if-match and x-amz-copy-source-if-unmodified-since + // headers are present in the request and evaluate as follows, Amazon S3 returns + // 200 OK and copies the data: + // + // * x-amz-copy-source-if-match condition evaluates to true + // + // * x-amz-copy-source-if-unmodified-since condition evaluates to false CopySourceIfUnmodifiedSince *time.Time `location:"header" locationName:"x-amz-copy-source-if-unmodified-since" type:"timestamp"` // Specifies the algorithm to use when decrypting the source object (for example, // AES256). + // + // If the source object for the copy is stored in Amazon S3 using SSE-C, you + // must provide the necessary encryption information in your request so that + // Amazon S3 can decrypt the object for copying. + // + // This functionality is not supported when the source object is in a directory + // bucket. CopySourceSSECustomerAlgorithm *string `location:"header" locationName:"x-amz-copy-source-server-side-encryption-customer-algorithm" type:"string"` // Specifies the customer-provided encryption key for Amazon S3 to use to decrypt - // the source object. The encryption key provided in this header must be one - // that was used when the source object was created. + // the source object. The encryption key provided in this header must be the + // same one that was used when the source object was created. + // + // If the source object for the copy is stored in Amazon S3 using SSE-C, you + // must provide the necessary encryption information in your request so that + // Amazon S3 can decrypt the object for copying. + // + // This functionality is not supported when the source object is in a directory + // bucket. // // CopySourceSSECustomerKey is a sensitive parameter and its value will be // replaced with "sensitive" in string returned by CopyObjectInput's @@ -13452,16 +14704,23 @@ type CopyObjectInput struct { // Specifies the 128-bit MD5 digest of the encryption key according to RFC 1321. // Amazon S3 uses this header for a message integrity check to ensure that the // encryption key was transmitted without error. + // + // If the source object for the copy is stored in Amazon S3 using SSE-C, you + // must provide the necessary encryption information in your request so that + // Amazon S3 can decrypt the object for copying. + // + // This functionality is not supported when the source object is in a directory + // bucket. CopySourceSSECustomerKeyMD5 *string `location:"header" locationName:"x-amz-copy-source-server-side-encryption-customer-key-MD5" type:"string"` - // The account ID of the expected destination bucket owner. If the destination - // bucket is owned by a different account, the request fails with the HTTP status - // code 403 Forbidden (access denied). + // The account ID of the expected destination bucket owner. If the account ID + // that you provide does not match the actual owner of the destination bucket, + // the request fails with the HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` - // The account ID of the expected source bucket owner. If the source bucket - // is owned by a different account, the request fails with the HTTP status code - // 403 Forbidden (access denied). + // The account ID of the expected source bucket owner. If the account ID that + // you provide does not match the actual owner of the source bucket, the request + // fails with the HTTP status code 403 Forbidden (access denied). ExpectedSourceBucketOwner *string `location:"header" locationName:"x-amz-source-expected-bucket-owner" type:"string"` // The date and time at which the object is no longer cacheable. @@ -13469,22 +14728,30 @@ type CopyObjectInput struct { // Gives the grantee READ, READ_ACP, and WRITE_ACP permissions on the object. // - // This action is not supported by Amazon S3 on Outposts. + // * This functionality is not supported for directory buckets. + // + // * This functionality is not supported for Amazon S3 on Outposts. GrantFullControl *string `location:"header" locationName:"x-amz-grant-full-control" type:"string"` // Allows grantee to read the object data and its metadata. // - // This action is not supported by Amazon S3 on Outposts. + // * This functionality is not supported for directory buckets. + // + // * This functionality is not supported for Amazon S3 on Outposts. GrantRead *string `location:"header" locationName:"x-amz-grant-read" type:"string"` // Allows grantee to read the object ACL. // - // This action is not supported by Amazon S3 on Outposts. + // * This functionality is not supported for directory buckets. + // + // * This functionality is not supported for Amazon S3 on Outposts. GrantReadACP *string `location:"header" locationName:"x-amz-grant-read-acp" type:"string"` // Allows grantee to write the ACL for the applicable object. // - // This action is not supported by Amazon S3 on Outposts. + // * This functionality is not supported for directory buckets. + // + // * This functionality is not supported for Amazon S3 on Outposts. GrantWriteACP *string `location:"header" locationName:"x-amz-grant-write-acp" type:"string"` // The key of the destination object. @@ -13496,35 +14763,69 @@ type CopyObjectInput struct { Metadata map[string]*string `location:"headers" locationName:"x-amz-meta-" type:"map"` // Specifies whether the metadata is copied from the source object or replaced - // with metadata provided in the request. + // with metadata that's provided in the request. When copying an object, you + // can preserve all metadata (the default) or specify new metadata. If this + // header isn’t specified, COPY is the default behavior. + // + // General purpose bucket - For general purpose buckets, when you grant permissions, + // you can use the s3:x-amz-metadata-directive condition key to enforce certain + // metadata behavior when objects are uploaded. For more information, see Amazon + // S3 condition key examples (https://docs.aws.amazon.com/AmazonS3/latest/dev/amazon-s3-policy-keys.html) + // in the Amazon S3 User Guide. + // + // x-amz-website-redirect-location is unique to each object and is not copied + // when using the x-amz-metadata-directive header. To copy the value, you must + // specify x-amz-website-redirect-location in the request header. MetadataDirective *string `location:"header" locationName:"x-amz-metadata-directive" type:"string" enum:"MetadataDirective"` - // Specifies whether you want to apply a legal hold to the copied object. + // Specifies whether you want to apply a legal hold to the object copy. + // + // This functionality is not supported for directory buckets. ObjectLockLegalHoldStatus *string `location:"header" locationName:"x-amz-object-lock-legal-hold" type:"string" enum:"ObjectLockLegalHoldStatus"` - // The Object Lock mode that you want to apply to the copied object. + // The Object Lock mode that you want to apply to the object copy. + // + // This functionality is not supported for directory buckets. ObjectLockMode *string `location:"header" locationName:"x-amz-object-lock-mode" type:"string" enum:"ObjectLockMode"` - // The date and time when you want the copied object's Object Lock to expire. + // The date and time when you want the Object Lock of the object copy to expire. + // + // This functionality is not supported for directory buckets. ObjectLockRetainUntilDate *time.Time `location:"header" locationName:"x-amz-object-lock-retain-until-date" type:"timestamp" timestampFormat:"iso8601"` // Confirms that the requester knows that they will be charged for the request. - // Bucket owners need not specify this parameter in their requests. For information - // about downloading objects from Requester Pays buckets, see Downloading Objects + // Bucket owners need not specify this parameter in their requests. If either + // the source or destination S3 bucket has Requester Pays enabled, the requester + // will pay for corresponding charges to copy the object. For information about + // downloading objects from Requester Pays buckets, see Downloading Objects // in Requester Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) // in the Amazon S3 User Guide. + // + // This functionality is not supported for directory buckets. RequestPayer *string `location:"header" locationName:"x-amz-request-payer" type:"string" enum:"RequestPayer"` - // Specifies the algorithm to use to when encrypting the object (for example, - // AES256). + // Specifies the algorithm to use when encrypting the object (for example, AES256). + // + // When you perform a CopyObject operation, if you want to use a different type + // of encryption setting for the target object, you can specify appropriate + // encryption-related headers to encrypt the target object with an Amazon S3 + // managed key, a KMS key, or a customer-provided key. If the encryption setting + // in your request is different from the default encryption configuration of + // the destination bucket, the encryption setting in your request takes precedence. + // + // This functionality is not supported when the destination bucket is a directory + // bucket. SSECustomerAlgorithm *string `location:"header" locationName:"x-amz-server-side-encryption-customer-algorithm" type:"string"` // Specifies the customer-provided encryption key for Amazon S3 to use in encrypting - // data. This value is used to store the object and then it is discarded; Amazon + // data. This value is used to store the object and then it is discarded. Amazon // S3 does not store the encryption key. The key must be appropriate for use // with the algorithm specified in the x-amz-server-side-encryption-customer-algorithm // header. // + // This functionality is not supported when the destination bucket is a directory + // bucket. + // // SSECustomerKey is a sensitive parameter and its value will be // replaced with "sensitive" in string returned by CopyObjectInput's // String and GoString methods. @@ -13533,54 +14834,201 @@ type CopyObjectInput struct { // Specifies the 128-bit MD5 digest of the encryption key according to RFC 1321. // Amazon S3 uses this header for a message integrity check to ensure that the // encryption key was transmitted without error. + // + // This functionality is not supported when the destination bucket is a directory + // bucket. SSECustomerKeyMD5 *string `location:"header" locationName:"x-amz-server-side-encryption-customer-key-MD5" type:"string"` // Specifies the Amazon Web Services KMS Encryption Context to use for object // encryption. The value of this header is a base64-encoded UTF-8 string holding - // JSON with the encryption context key-value pairs. + // JSON with the encryption context key-value pairs. This value must be explicitly + // added to specify encryption context for CopyObject requests. + // + // This functionality is not supported when the destination bucket is a directory + // bucket. // // SSEKMSEncryptionContext is a sensitive parameter and its value will be // replaced with "sensitive" in string returned by CopyObjectInput's // String and GoString methods. SSEKMSEncryptionContext *string `location:"header" locationName:"x-amz-server-side-encryption-context" type:"string" sensitive:"true"` - // Specifies the Amazon Web Services KMS key ID to use for object encryption. - // All GET and PUT requests for an object protected by Amazon Web Services KMS - // will fail if not made via SSL or using SigV4. For information about configuring - // using any of the officially supported Amazon Web Services SDKs and Amazon - // Web Services CLI, see Specifying the Signature Version in Request Authentication - // (https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingAWSSDK.html#specify-signature-version) + // Specifies the KMS ID (Key ID, Key ARN, or Key Alias) to use for object encryption. + // All GET and PUT requests for an object protected by KMS will fail if they're + // not made via SSL or using SigV4. For information about configuring any of + // the officially supported Amazon Web Services SDKs and Amazon Web Services + // CLI, see Specifying the Signature Version in Request Authentication (https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingAWSSDK.html#specify-signature-version) // in the Amazon S3 User Guide. // + // This functionality is not supported when the destination bucket is a directory + // bucket. + // // SSEKMSKeyId is a sensitive parameter and its value will be // replaced with "sensitive" in string returned by CopyObjectInput's // String and GoString methods. SSEKMSKeyId *string `location:"header" locationName:"x-amz-server-side-encryption-aws-kms-key-id" type:"string" sensitive:"true"` // The server-side encryption algorithm used when storing this object in Amazon - // S3 (for example, AES256, aws:kms). + // S3 (for example, AES256, aws:kms, aws:kms:dsse). Unrecognized or unsupported + // values won’t write a destination object and will receive a 400 Bad Request + // response. + // + // Amazon S3 automatically encrypts all new objects that are copied to an S3 + // bucket. When copying an object, if you don't specify encryption information + // in your copy request, the encryption setting of the target object is set + // to the default encryption configuration of the destination bucket. By default, + // all buckets have a base level of encryption configuration that uses server-side + // encryption with Amazon S3 managed keys (SSE-S3). If the destination bucket + // has a default encryption configuration that uses server-side encryption with + // Key Management Service (KMS) keys (SSE-KMS), dual-layer server-side encryption + // with Amazon Web Services KMS keys (DSSE-KMS), or server-side encryption with + // customer-provided encryption keys (SSE-C), Amazon S3 uses the corresponding + // KMS key, or a customer-provided key to encrypt the target object copy. + // + // When you perform a CopyObject operation, if you want to use a different type + // of encryption setting for the target object, you can specify appropriate + // encryption-related headers to encrypt the target object with an Amazon S3 + // managed key, a KMS key, or a customer-provided key. If the encryption setting + // in your request is different from the default encryption configuration of + // the destination bucket, the encryption setting in your request takes precedence. + // + // With server-side encryption, Amazon S3 encrypts your data as it writes your + // data to disks in its data centers and decrypts the data when you access it. + // For more information about server-side encryption, see Using Server-Side + // Encryption (https://docs.aws.amazon.com/AmazonS3/latest/dev/serv-side-encryption.html) + // in the Amazon S3 User Guide. + // + // For directory buckets, only server-side encryption with Amazon S3 managed + // keys (SSE-S3) (AES256) is supported. ServerSideEncryption *string `location:"header" locationName:"x-amz-server-side-encryption" type:"string" enum:"ServerSideEncryption"` - // By default, Amazon S3 uses the STANDARD Storage Class to store newly created - // objects. The STANDARD storage class provides high durability and high availability. - // Depending on performance needs, you can specify a different Storage Class. - // Amazon S3 on Outposts only uses the OUTPOSTS Storage Class. For more information, - // see Storage Classes (https://docs.aws.amazon.com/AmazonS3/latest/dev/storage-class-intro.html) + // If the x-amz-storage-class header is not used, the copied object will be + // stored in the STANDARD Storage Class by default. The STANDARD storage class + // provides high durability and high availability. Depending on performance + // needs, you can specify a different Storage Class. + // + // * Directory buckets - For directory buckets, only the S3 Express One Zone + // storage class is supported to store newly created objects. Unsupported + // storage class values won't write a destination object and will respond + // with the HTTP status code 400 Bad Request. + // + // * Amazon S3 on Outposts - S3 on Outposts only uses the OUTPOSTS Storage + // Class. + // + // You can use the CopyObject action to change the storage class of an object + // that is already stored in Amazon S3 by using the x-amz-storage-class header. + // For more information, see Storage Classes (https://docs.aws.amazon.com/AmazonS3/latest/dev/storage-class-intro.html) + // in the Amazon S3 User Guide. + // + // Before using an object as a source object for the copy operation, you must + // restore a copy of it if it meets any of the following conditions: + // + // * The storage class of the source object is GLACIER or DEEP_ARCHIVE. + // + // * The storage class of the source object is INTELLIGENT_TIERING and it's + // S3 Intelligent-Tiering access tier (https://docs.aws.amazon.com/AmazonS3/latest/userguide/intelligent-tiering-overview.html#intel-tiering-tier-definition) + // is Archive Access or Deep Archive Access. + // + // For more information, see RestoreObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_RestoreObject.html) + // and Copying Objects (https://docs.aws.amazon.com/AmazonS3/latest/dev/CopyingObjectsExamples.html) // in the Amazon S3 User Guide. StorageClass *string `location:"header" locationName:"x-amz-storage-class" type:"string" enum:"StorageClass"` - // The tag-set for the object destination object this value must be used in - // conjunction with the TaggingDirective. The tag-set must be encoded as URL - // Query parameters. + // The tag-set for the object copy in the destination bucket. This value must + // be used in conjunction with the x-amz-tagging-directive if you choose REPLACE + // for the x-amz-tagging-directive. If you choose COPY for the x-amz-tagging-directive, + // you don't need to set the x-amz-tagging header, because the tag-set will + // be copied from the source object directly. The tag-set must be encoded as + // URL Query parameters. + // + // The default value is the empty value. + // + // Directory buckets - For directory buckets in a CopyObject operation, only + // the empty tag-set is supported. Any requests that attempt to write non-empty + // tags into directory buckets will receive a 501 Not Implemented status code. + // When the destination bucket is a directory bucket, you will receive a 501 + // Not Implemented response in any of the following situations: + // + // * When you attempt to COPY the tag-set from an S3 source object that has + // non-empty tags. + // + // * When you attempt to REPLACE the tag-set of a source object and set a + // non-empty value to x-amz-tagging. + // + // * When you don't set the x-amz-tagging-directive header and the source + // object has non-empty tags. This is because the default value of x-amz-tagging-directive + // is COPY. + // + // Because only the empty tag-set is supported for directory buckets in a CopyObject + // operation, the following situations are allowed: + // + // * When you attempt to COPY the tag-set from a directory bucket source + // object that has no tags to a general purpose bucket. It copies an empty + // tag-set to the destination object. + // + // * When you attempt to REPLACE the tag-set of a directory bucket source + // object and set the x-amz-tagging value of the directory bucket destination + // object to empty. + // + // * When you attempt to REPLACE the tag-set of a general purpose bucket + // source object that has non-empty tags and set the x-amz-tagging value + // of the directory bucket destination object to empty. + // + // * When you attempt to REPLACE the tag-set of a directory bucket source + // object and don't set the x-amz-tagging value of the directory bucket destination + // object. This is because the default value of x-amz-tagging is the empty + // value. Tagging *string `location:"header" locationName:"x-amz-tagging" type:"string"` - // Specifies whether the object tag-set are copied from the source object or - // replaced with tag-set provided in the request. + // Specifies whether the object tag-set is copied from the source object or + // replaced with the tag-set that's provided in the request. + // + // The default value is COPY. + // + // Directory buckets - For directory buckets in a CopyObject operation, only + // the empty tag-set is supported. Any requests that attempt to write non-empty + // tags into directory buckets will receive a 501 Not Implemented status code. + // When the destination bucket is a directory bucket, you will receive a 501 + // Not Implemented response in any of the following situations: + // + // * When you attempt to COPY the tag-set from an S3 source object that has + // non-empty tags. + // + // * When you attempt to REPLACE the tag-set of a source object and set a + // non-empty value to x-amz-tagging. + // + // * When you don't set the x-amz-tagging-directive header and the source + // object has non-empty tags. This is because the default value of x-amz-tagging-directive + // is COPY. + // + // Because only the empty tag-set is supported for directory buckets in a CopyObject + // operation, the following situations are allowed: + // + // * When you attempt to COPY the tag-set from a directory bucket source + // object that has no tags to a general purpose bucket. It copies an empty + // tag-set to the destination object. + // + // * When you attempt to REPLACE the tag-set of a directory bucket source + // object and set the x-amz-tagging value of the directory bucket destination + // object to empty. + // + // * When you attempt to REPLACE the tag-set of a general purpose bucket + // source object that has non-empty tags and set the x-amz-tagging value + // of the directory bucket destination object to empty. + // + // * When you attempt to REPLACE the tag-set of a directory bucket source + // object and don't set the x-amz-tagging value of the directory bucket destination + // object. This is because the default value of x-amz-tagging is the empty + // value. TaggingDirective *string `location:"header" locationName:"x-amz-tagging-directive" type:"string" enum:"TaggingDirective"` - // If the bucket is configured as a website, redirects requests for this object - // to another object in the same bucket or to an external URL. Amazon S3 stores - // the value of this header in the object metadata. + // If the destination bucket is configured as a website, redirects requests + // for this object copy to another object in the same bucket or to an external + // URL. Amazon S3 stores the value of this header in the object metadata. This + // value is unique to each object and is not copied when using the x-amz-metadata-directive + // header. Instead, you may opt to provide this header in combination with the + // x-amz-metadata-directive header. + // + // This functionality is not supported for directory buckets. WebsiteRedirectLocation *string `location:"header" locationName:"x-amz-website-redirect-location" type:"string"` } @@ -13925,55 +15373,76 @@ type CopyObjectOutput struct { _ struct{} `type:"structure" payload:"CopyObjectResult"` // Indicates whether the copied object uses an S3 Bucket Key for server-side - // encryption with Amazon Web Services KMS (SSE-KMS). + // encryption with Key Management Service (KMS) keys (SSE-KMS). + // + // This functionality is not supported for directory buckets. BucketKeyEnabled *bool `location:"header" locationName:"x-amz-server-side-encryption-bucket-key-enabled" type:"boolean"` // Container for all response elements. CopyObjectResult *CopyObjectResult `type:"structure"` - // Version of the copied object in the destination bucket. + // Version ID of the source object that was copied. + // + // This functionality is not supported when the source object is in a directory + // bucket. CopySourceVersionId *string `location:"header" locationName:"x-amz-copy-source-version-id" type:"string"` // If the object expiration is configured, the response includes this header. + // + // This functionality is not supported for directory buckets. Expiration *string `location:"header" locationName:"x-amz-expiration" type:"string"` // If present, indicates that the requester was successfully charged for the // request. + // + // This functionality is not supported for directory buckets. RequestCharged *string `location:"header" locationName:"x-amz-request-charged" type:"string" enum:"RequestCharged"` // If server-side encryption with a customer-provided encryption key was requested, - // the response will include this header confirming the encryption algorithm - // used. + // the response will include this header to confirm the encryption algorithm + // that's used. + // + // This functionality is not supported for directory buckets. SSECustomerAlgorithm *string `location:"header" locationName:"x-amz-server-side-encryption-customer-algorithm" type:"string"` // If server-side encryption with a customer-provided encryption key was requested, - // the response will include this header to provide round-trip message integrity + // the response will include this header to provide the round-trip message integrity // verification of the customer-provided encryption key. + // + // This functionality is not supported for directory buckets. SSECustomerKeyMD5 *string `location:"header" locationName:"x-amz-server-side-encryption-customer-key-MD5" type:"string"` - // If present, specifies the Amazon Web Services KMS Encryption Context to use + // If present, indicates the Amazon Web Services KMS Encryption Context to use // for object encryption. The value of this header is a base64-encoded UTF-8 // string holding JSON with the encryption context key-value pairs. // + // This functionality is not supported for directory buckets. + // // SSEKMSEncryptionContext is a sensitive parameter and its value will be // replaced with "sensitive" in string returned by CopyObjectOutput's // String and GoString methods. SSEKMSEncryptionContext *string `location:"header" locationName:"x-amz-server-side-encryption-context" type:"string" sensitive:"true"` - // If present, specifies the ID of the Amazon Web Services Key Management Service - // (Amazon Web Services KMS) symmetric customer managed key that was used for - // the object. + // If present, indicates the ID of the Key Management Service (KMS) symmetric + // encryption customer managed key that was used for the object. + // + // This functionality is not supported for directory buckets. // // SSEKMSKeyId is a sensitive parameter and its value will be // replaced with "sensitive" in string returned by CopyObjectOutput's // String and GoString methods. SSEKMSKeyId *string `location:"header" locationName:"x-amz-server-side-encryption-aws-kms-key-id" type:"string" sensitive:"true"` - // The server-side encryption algorithm used when storing this object in Amazon - // S3 (for example, AES256, aws:kms). + // The server-side encryption algorithm used when you store this object in Amazon + // S3 (for example, AES256, aws:kms, aws:kms:dsse). + // + // For directory buckets, only server-side encryption with Amazon S3 managed + // keys (SSE-S3) (AES256) is supported. ServerSideEncryption *string `location:"header" locationName:"x-amz-server-side-encryption" type:"string" enum:"ServerSideEncryption"` // Version ID of the newly created copy. + // + // This functionality is not supported for directory buckets. VersionId *string `location:"header" locationName:"x-amz-version-id" type:"string"` } @@ -14066,34 +15535,26 @@ type CopyObjectResult struct { _ struct{} `type:"structure"` // The base64-encoded, 32-bit CRC32 checksum of the object. This will only be - // present if it was uploaded with the object. With multipart uploads, this - // may not be a checksum value of the object. For more information about how - // checksums are calculated with multipart uploads, see Checking object integrity - // (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) + // present if it was uploaded with the object. For more information, see Checking + // object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) // in the Amazon S3 User Guide. ChecksumCRC32 *string `type:"string"` // The base64-encoded, 32-bit CRC32C checksum of the object. This will only - // be present if it was uploaded with the object. With multipart uploads, this - // may not be a checksum value of the object. For more information about how - // checksums are calculated with multipart uploads, see Checking object integrity - // (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) + // be present if it was uploaded with the object. For more information, see + // Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) // in the Amazon S3 User Guide. ChecksumCRC32C *string `type:"string"` // The base64-encoded, 160-bit SHA-1 digest of the object. This will only be - // present if it was uploaded with the object. With multipart uploads, this - // may not be a checksum value of the object. For more information about how - // checksums are calculated with multipart uploads, see Checking object integrity - // (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) + // present if it was uploaded with the object. For more information, see Checking + // object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) // in the Amazon S3 User Guide. ChecksumSHA1 *string `type:"string"` // The base64-encoded, 256-bit SHA-256 digest of the object. This will only - // be present if it was uploaded with the object. With multipart uploads, this - // may not be a checksum value of the object. For more information about how - // checksums are calculated with multipart uploads, see Checking object integrity - // (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) + // be present if it was uploaded with the object. For more information, see + // Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) // in the Amazon S3 User Guide. ChecksumSHA256 *string `type:"string"` @@ -14164,34 +15625,42 @@ type CopyPartResult struct { _ struct{} `type:"structure"` // The base64-encoded, 32-bit CRC32 checksum of the object. This will only be - // present if it was uploaded with the object. With multipart uploads, this - // may not be a checksum value of the object. For more information about how - // checksums are calculated with multipart uploads, see Checking object integrity - // (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) + // present if it was uploaded with the object. When you use an API operation + // on an object that was uploaded using multipart uploads, this value may not + // be a direct checksum value of the full object. Instead, it's a calculation + // based on the checksum values of each individual part. For more information + // about how checksums are calculated with multipart uploads, see Checking object + // integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) // in the Amazon S3 User Guide. ChecksumCRC32 *string `type:"string"` // The base64-encoded, 32-bit CRC32C checksum of the object. This will only - // be present if it was uploaded with the object. With multipart uploads, this - // may not be a checksum value of the object. For more information about how - // checksums are calculated with multipart uploads, see Checking object integrity - // (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) + // be present if it was uploaded with the object. When you use an API operation + // on an object that was uploaded using multipart uploads, this value may not + // be a direct checksum value of the full object. Instead, it's a calculation + // based on the checksum values of each individual part. For more information + // about how checksums are calculated with multipart uploads, see Checking object + // integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) // in the Amazon S3 User Guide. ChecksumCRC32C *string `type:"string"` // The base64-encoded, 160-bit SHA-1 digest of the object. This will only be - // present if it was uploaded with the object. With multipart uploads, this - // may not be a checksum value of the object. For more information about how - // checksums are calculated with multipart uploads, see Checking object integrity - // (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) + // present if it was uploaded with the object. When you use the API operation + // on an object that was uploaded using multipart uploads, this value may not + // be a direct checksum value of the full object. Instead, it's a calculation + // based on the checksum values of each individual part. For more information + // about how checksums are calculated with multipart uploads, see Checking object + // integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) // in the Amazon S3 User Guide. ChecksumSHA1 *string `type:"string"` // The base64-encoded, 256-bit SHA-256 digest of the object. This will only - // be present if it was uploaded with the object. With multipart uploads, this - // may not be a checksum value of the object. For more information about how - // checksums are calculated with multipart uploads, see Checking object integrity - // (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) + // be present if it was uploaded with the object. When you use an API operation + // on an object that was uploaded using multipart uploads, this value may not + // be a direct checksum value of the full object. Instead, it's a calculation + // based on the checksum values of each individual part. For more information + // about how checksums are calculated with multipart uploads, see Checking object + // integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) // in the Amazon S3 User Guide. ChecksumSHA256 *string `type:"string"` @@ -14260,8 +15729,29 @@ func (s *CopyPartResult) SetLastModified(v time.Time) *CopyPartResult { type CreateBucketConfiguration struct { _ struct{} `type:"structure"` - // Specifies the Region where the bucket will be created. If you don't specify - // a Region, the bucket is created in the US East (N. Virginia) Region (us-east-1). + // Specifies the information about the bucket that will be created. + // + // This functionality is only supported by directory buckets. + Bucket *BucketInfo `type:"structure"` + + // Specifies the location where the bucket will be created. + // + // For directory buckets, the location type is Availability Zone. + // + // This functionality is only supported by directory buckets. + Location *LocationInfo `type:"structure"` + + // Specifies the Region where the bucket will be created. You might choose a + // Region to optimize latency, minimize costs, or address regulatory requirements. + // For example, if you reside in Europe, you will probably find it advantageous + // to create buckets in the Europe (Ireland) Region. For more information, see + // Accessing a bucket (https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingBucket.html#access-bucket-intro) + // in the Amazon S3 User Guide. + // + // If you don't specify a Region, the bucket is created in the US East (N. Virginia) + // Region (us-east-1) by default. + // + // This functionality is not supported for directory buckets. LocationConstraint *string `type:"string" enum:"BucketLocationConstraint"` } @@ -14283,6 +15773,22 @@ func (s CreateBucketConfiguration) GoString() string { return s.String() } +// SetBucket sets the Bucket field's value. +func (s *CreateBucketConfiguration) SetBucket(v *BucketInfo) *CreateBucketConfiguration { + s.Bucket = v + return s +} + +func (s *CreateBucketConfiguration) getBucket() (v *BucketInfo) { + return s.Bucket +} + +// SetLocation sets the Location field's value. +func (s *CreateBucketConfiguration) SetLocation(v *LocationInfo) *CreateBucketConfiguration { + s.Location = v + return s +} + // SetLocationConstraint sets the LocationConstraint field's value. func (s *CreateBucketConfiguration) SetLocationConstraint(v string) *CreateBucketConfiguration { s.LocationConstraint = &v @@ -14293,10 +15799,25 @@ type CreateBucketInput struct { _ struct{} `locationName:"CreateBucketRequest" type:"structure" payload:"CreateBucketConfiguration"` // The canned ACL to apply to the bucket. + // + // This functionality is not supported for directory buckets. ACL *string `location:"header" locationName:"x-amz-acl" type:"string" enum:"BucketCannedACL"` // The name of the bucket to create. // + // General purpose buckets - For information about bucket naming restrictions, + // see Bucket naming rules (https://docs.aws.amazon.com/AmazonS3/latest/userguide/bucketnamingrules.html) + // in the Amazon S3 User Guide. + // + // Directory buckets - When you use this operation with a directory bucket, + // you must use path-style requests in the format https://s3express-control.region_code.amazonaws.com/bucket-name + // . Virtual-hosted-style requests aren't supported. Directory bucket names + // must be unique in the chosen Availability Zone. Bucket names must also follow + // the format bucket_base_name--az_id--x-s3 (for example, DOC-EXAMPLE-BUCKET--usw2-az1--x-s3). + // For information about bucket naming restrictions, see Directory bucket naming + // rules (https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-bucket-naming-rules.html) + // in the Amazon S3 User Guide + // // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` @@ -14305,24 +15826,36 @@ type CreateBucketInput struct { // Allows grantee the read, write, read ACP, and write ACP permissions on the // bucket. + // + // This functionality is not supported for directory buckets. GrantFullControl *string `location:"header" locationName:"x-amz-grant-full-control" type:"string"` // Allows grantee to list the objects in the bucket. + // + // This functionality is not supported for directory buckets. GrantRead *string `location:"header" locationName:"x-amz-grant-read" type:"string"` // Allows grantee to read the bucket ACL. + // + // This functionality is not supported for directory buckets. GrantReadACP *string `location:"header" locationName:"x-amz-grant-read-acp" type:"string"` // Allows grantee to create new objects in the bucket. // // For the bucket and object owners of existing objects, also allows deletions // and overwrites of those objects. + // + // This functionality is not supported for directory buckets. GrantWrite *string `location:"header" locationName:"x-amz-grant-write" type:"string"` // Allows grantee to write the ACL for the applicable bucket. + // + // This functionality is not supported for directory buckets. GrantWriteACP *string `location:"header" locationName:"x-amz-grant-write-acp" type:"string"` // Specifies whether you want S3 Object Lock to be enabled for the new bucket. + // + // This functionality is not supported for directory buckets. ObjectLockEnabledForBucket *bool `location:"header" locationName:"x-amz-bucket-object-lock-enabled" type:"boolean"` // The container element for object ownership for a bucket's ownership controls. @@ -14337,8 +15870,19 @@ type CreateBucketInput struct { // BucketOwnerEnforced - Access control lists (ACLs) are disabled and no longer // affect permissions. The bucket owner automatically owns and has full control // over every object in the bucket. The bucket only accepts PUT requests that - // don't specify an ACL or bucket owner full control ACLs, such as the bucket-owner-full-control - // canned ACL or an equivalent form of this ACL expressed in the XML format. + // don't specify an ACL or specify bucket owner full control ACLs (such as the + // predefined bucket-owner-full-control canned ACL or a custom ACL in XML format + // that grants the same permissions). + // + // By default, ObjectOwnership is set to BucketOwnerEnforced and ACLs are disabled. + // We recommend keeping ACLs disabled, except in uncommon use cases where you + // must control access for each object individually. For more information about + // S3 Object Ownership, see Controlling ownership of objects and disabling ACLs + // for your bucket (https://docs.aws.amazon.com/AmazonS3/latest/userguide/about-object-ownership.html) + // in the Amazon S3 User Guide. + // + // This functionality is not supported for directory buckets. Directory buckets + // use the bucket owner enforced setting for S3 Object Ownership. ObjectOwnership *string `location:"header" locationName:"x-amz-object-ownership" type:"string" enum:"ObjectOwnership"` } @@ -14477,44 +16021,74 @@ func (s *CreateBucketOutput) SetLocation(v string) *CreateBucketOutput { type CreateMultipartUploadInput struct { _ struct{} `locationName:"CreateMultipartUploadRequest" type:"structure"` - // The canned ACL to apply to the object. + // The canned ACL to apply to the object. Amazon S3 supports a set of predefined + // ACLs, known as canned ACLs. Each canned ACL has a predefined set of grantees + // and permissions. For more information, see Canned ACL (https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#CannedACL) + // in the Amazon S3 User Guide. + // + // By default, all objects are private. Only the owner has full access control. + // When uploading an object, you can grant access permissions to individual + // Amazon Web Services accounts or to predefined groups defined by Amazon S3. + // These permissions are then added to the access control list (ACL) on the + // new object. For more information, see Using ACLs (https://docs.aws.amazon.com/AmazonS3/latest/dev/S3_ACLs_UsingACLs.html). + // One way to grant the permissions using the request headers is to specify + // a canned ACL with the x-amz-acl request header. // - // This action is not supported by Amazon S3 on Outposts. + // * This functionality is not supported for directory buckets. + // + // * This functionality is not supported for Amazon S3 on Outposts. ACL *string `location:"header" locationName:"x-amz-acl" type:"string" enum:"ObjectCannedACL"` - // The name of the bucket to which to initiate the upload + // The name of the bucket where the multipart upload is initiated and where + // the object is uploaded. + // + // Directory buckets - When you use this operation with a directory bucket, + // you must use virtual-hosted-style requests in the format Bucket_name.s3express-az_id.region.amazonaws.com. + // Path-style requests are not supported. Directory bucket names must be unique + // in the chosen Availability Zone. Bucket names must follow the format bucket_base_name--az-id--x-s3 + // (for example, DOC-EXAMPLE-BUCKET--usw2-az1--x-s3). For information about + // bucket naming restrictions, see Directory bucket naming rules (https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-bucket-naming-rules.html) + // in the Amazon S3 User Guide. // - // When using this action with an access point, you must direct requests to - // the access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. + // Access points - When you use this action with an access point, you must provide + // the alias of the access point in place of the bucket name or specify the + // access point ARN. When using the access point ARN, you must direct requests + // to the access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. // When using this action with an access point through the Amazon Web Services // SDKs, you provide the access point ARN in place of the bucket name. For more // information about access point ARNs, see Using access points (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html) // in the Amazon S3 User Guide. // - // When using this action with Amazon S3 on Outposts, you must direct requests - // to the S3 on Outposts hostname. The S3 on Outposts hostname takes the form - // AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com. When - // using this action with S3 on Outposts through the Amazon Web Services SDKs, - // you provide the Outposts bucket ARN in place of the bucket name. For more - // information about S3 on Outposts ARNs, see Using Amazon S3 on Outposts (https://docs.aws.amazon.com/AmazonS3/latest/userguide/S3onOutposts.html) + // Access points and Object Lambda access points are not supported by directory + // buckets. + // + // S3 on Outposts - When you use this action with Amazon S3 on Outposts, you + // must direct requests to the S3 on Outposts hostname. The S3 on Outposts hostname + // takes the form AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com. + // When you use this action with S3 on Outposts through the Amazon Web Services + // SDKs, you provide the Outposts access point ARN in place of the bucket name. + // For more information about S3 on Outposts ARNs, see What is S3 on Outposts? + // (https://docs.aws.amazon.com/AmazonS3/latest/userguide/S3onOutposts.html) // in the Amazon S3 User Guide. // // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` // Specifies whether Amazon S3 should use an S3 Bucket Key for object encryption - // with server-side encryption using AWS KMS (SSE-KMS). Setting this header - // to true causes Amazon S3 to use an S3 Bucket Key for object encryption with - // SSE-KMS. + // with server-side encryption using Key Management Service (KMS) keys (SSE-KMS). + // Setting this header to true causes Amazon S3 to use an S3 Bucket Key for + // object encryption with SSE-KMS. // // Specifying this header with an object action doesn’t affect bucket-level // settings for S3 Bucket Key. + // + // This functionality is not supported for directory buckets. BucketKeyEnabled *bool `location:"header" locationName:"x-amz-server-side-encryption-bucket-key-enabled" type:"boolean"` // Specifies caching behavior along the request/reply chain. CacheControl *string `location:"header" locationName:"Cache-Control" type:"string"` - // Indicates the algorithm you want Amazon S3 to use to create the checksum + // Indicates the algorithm that you want Amazon S3 to use to create the checksum // for the object. For more information, see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) // in the Amazon S3 User Guide. ChecksumAlgorithm *string `location:"header" locationName:"x-amz-checksum-algorithm" type:"string" enum:"ChecksumAlgorithm"` @@ -14525,40 +16099,175 @@ type CreateMultipartUploadInput struct { // Specifies what content encodings have been applied to the object and thus // what decoding mechanisms must be applied to obtain the media-type referenced // by the Content-Type header field. + // + // For directory buckets, only the aws-chunked value is supported in this header + // field. ContentEncoding *string `location:"header" locationName:"Content-Encoding" type:"string"` - // The language the content is in. + // The language that the content is in. ContentLanguage *string `location:"header" locationName:"Content-Language" type:"string"` // A standard MIME type describing the format of the object data. ContentType *string `location:"header" locationName:"Content-Type" type:"string"` - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` // The date and time at which the object is no longer cacheable. Expires *time.Time `location:"header" locationName:"Expires" type:"timestamp"` - // Gives the grantee READ, READ_ACP, and WRITE_ACP permissions on the object. + // Specify access permissions explicitly to give the grantee READ, READ_ACP, + // and WRITE_ACP permissions on the object. + // + // By default, all objects are private. Only the owner has full access control. + // When uploading an object, you can use this header to explicitly grant access + // permissions to specific Amazon Web Services accounts or groups. This header + // maps to specific permissions that Amazon S3 supports in an ACL. For more + // information, see Access Control List (ACL) Overview (https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html) + // in the Amazon S3 User Guide. + // + // You specify each grantee as a type=value pair, where the type is one of the + // following: // - // This action is not supported by Amazon S3 on Outposts. + // * id – if the value specified is the canonical user ID of an Amazon + // Web Services account + // + // * uri – if you are granting permissions to a predefined group + // + // * emailAddress – if the value specified is the email address of an Amazon + // Web Services account Using email addresses to specify a grantee is only + // supported in the following Amazon Web Services Regions: US East (N. Virginia) + // US West (N. California) US West (Oregon) Asia Pacific (Singapore) Asia + // Pacific (Sydney) Asia Pacific (Tokyo) Europe (Ireland) South America (São + // Paulo) For a list of all the Amazon S3 supported Regions and endpoints, + // see Regions and Endpoints (https://docs.aws.amazon.com/general/latest/gr/rande.html#s3_region) + // in the Amazon Web Services General Reference. + // + // For example, the following x-amz-grant-read header grants the Amazon Web + // Services accounts identified by account IDs permissions to read object data + // and its metadata: + // + // x-amz-grant-read: id="11112222333", id="444455556666" + // + // * This functionality is not supported for directory buckets. + // + // * This functionality is not supported for Amazon S3 on Outposts. GrantFullControl *string `location:"header" locationName:"x-amz-grant-full-control" type:"string"` - // Allows grantee to read the object data and its metadata. + // Specify access permissions explicitly to allow grantee to read the object + // data and its metadata. + // + // By default, all objects are private. Only the owner has full access control. + // When uploading an object, you can use this header to explicitly grant access + // permissions to specific Amazon Web Services accounts or groups. This header + // maps to specific permissions that Amazon S3 supports in an ACL. For more + // information, see Access Control List (ACL) Overview (https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html) + // in the Amazon S3 User Guide. + // + // You specify each grantee as a type=value pair, where the type is one of the + // following: + // + // * id – if the value specified is the canonical user ID of an Amazon + // Web Services account + // + // * uri – if you are granting permissions to a predefined group + // + // * emailAddress – if the value specified is the email address of an Amazon + // Web Services account Using email addresses to specify a grantee is only + // supported in the following Amazon Web Services Regions: US East (N. Virginia) + // US West (N. California) US West (Oregon) Asia Pacific (Singapore) Asia + // Pacific (Sydney) Asia Pacific (Tokyo) Europe (Ireland) South America (São + // Paulo) For a list of all the Amazon S3 supported Regions and endpoints, + // see Regions and Endpoints (https://docs.aws.amazon.com/general/latest/gr/rande.html#s3_region) + // in the Amazon Web Services General Reference. + // + // For example, the following x-amz-grant-read header grants the Amazon Web + // Services accounts identified by account IDs permissions to read object data + // and its metadata: + // + // x-amz-grant-read: id="11112222333", id="444455556666" // - // This action is not supported by Amazon S3 on Outposts. + // * This functionality is not supported for directory buckets. + // + // * This functionality is not supported for Amazon S3 on Outposts. GrantRead *string `location:"header" locationName:"x-amz-grant-read" type:"string"` - // Allows grantee to read the object ACL. + // Specify access permissions explicitly to allows grantee to read the object + // ACL. + // + // By default, all objects are private. Only the owner has full access control. + // When uploading an object, you can use this header to explicitly grant access + // permissions to specific Amazon Web Services accounts or groups. This header + // maps to specific permissions that Amazon S3 supports in an ACL. For more + // information, see Access Control List (ACL) Overview (https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html) + // in the Amazon S3 User Guide. + // + // You specify each grantee as a type=value pair, where the type is one of the + // following: + // + // * id – if the value specified is the canonical user ID of an Amazon + // Web Services account + // + // * uri – if you are granting permissions to a predefined group // - // This action is not supported by Amazon S3 on Outposts. + // * emailAddress – if the value specified is the email address of an Amazon + // Web Services account Using email addresses to specify a grantee is only + // supported in the following Amazon Web Services Regions: US East (N. Virginia) + // US West (N. California) US West (Oregon) Asia Pacific (Singapore) Asia + // Pacific (Sydney) Asia Pacific (Tokyo) Europe (Ireland) South America (São + // Paulo) For a list of all the Amazon S3 supported Regions and endpoints, + // see Regions and Endpoints (https://docs.aws.amazon.com/general/latest/gr/rande.html#s3_region) + // in the Amazon Web Services General Reference. + // + // For example, the following x-amz-grant-read header grants the Amazon Web + // Services accounts identified by account IDs permissions to read object data + // and its metadata: + // + // x-amz-grant-read: id="11112222333", id="444455556666" + // + // * This functionality is not supported for directory buckets. + // + // * This functionality is not supported for Amazon S3 on Outposts. GrantReadACP *string `location:"header" locationName:"x-amz-grant-read-acp" type:"string"` - // Allows grantee to write the ACL for the applicable object. + // Specify access permissions explicitly to allows grantee to allow grantee + // to write the ACL for the applicable object. + // + // By default, all objects are private. Only the owner has full access control. + // When uploading an object, you can use this header to explicitly grant access + // permissions to specific Amazon Web Services accounts or groups. This header + // maps to specific permissions that Amazon S3 supports in an ACL. For more + // information, see Access Control List (ACL) Overview (https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html) + // in the Amazon S3 User Guide. + // + // You specify each grantee as a type=value pair, where the type is one of the + // following: // - // This action is not supported by Amazon S3 on Outposts. + // * id – if the value specified is the canonical user ID of an Amazon + // Web Services account + // + // * uri – if you are granting permissions to a predefined group + // + // * emailAddress – if the value specified is the email address of an Amazon + // Web Services account Using email addresses to specify a grantee is only + // supported in the following Amazon Web Services Regions: US East (N. Virginia) + // US West (N. California) US West (Oregon) Asia Pacific (Singapore) Asia + // Pacific (Sydney) Asia Pacific (Tokyo) Europe (Ireland) South America (São + // Paulo) For a list of all the Amazon S3 supported Regions and endpoints, + // see Regions and Endpoints (https://docs.aws.amazon.com/general/latest/gr/rande.html#s3_region) + // in the Amazon Web Services General Reference. + // + // For example, the following x-amz-grant-read header grants the Amazon Web + // Services accounts identified by account IDs permissions to read object data + // and its metadata: + // + // x-amz-grant-read: id="11112222333", id="444455556666" + // + // * This functionality is not supported for directory buckets. + // + // * This functionality is not supported for Amazon S3 on Outposts. GrantWriteACP *string `location:"header" locationName:"x-amz-grant-write-acp" type:"string"` // Object key for which the multipart upload is to be initiated. @@ -14570,23 +16279,34 @@ type CreateMultipartUploadInput struct { Metadata map[string]*string `location:"headers" locationName:"x-amz-meta-" type:"map"` // Specifies whether you want to apply a legal hold to the uploaded object. + // + // This functionality is not supported for directory buckets. ObjectLockLegalHoldStatus *string `location:"header" locationName:"x-amz-object-lock-legal-hold" type:"string" enum:"ObjectLockLegalHoldStatus"` // Specifies the Object Lock mode that you want to apply to the uploaded object. + // + // This functionality is not supported for directory buckets. ObjectLockMode *string `location:"header" locationName:"x-amz-object-lock-mode" type:"string" enum:"ObjectLockMode"` // Specifies the date and time when you want the Object Lock to expire. + // + // This functionality is not supported for directory buckets. ObjectLockRetainUntilDate *time.Time `location:"header" locationName:"x-amz-object-lock-retain-until-date" type:"timestamp" timestampFormat:"iso8601"` // Confirms that the requester knows that they will be charged for the request. - // Bucket owners need not specify this parameter in their requests. For information - // about downloading objects from Requester Pays buckets, see Downloading Objects + // Bucket owners need not specify this parameter in their requests. If either + // the source or destination S3 bucket has Requester Pays enabled, the requester + // will pay for corresponding charges to copy the object. For information about + // downloading objects from Requester Pays buckets, see Downloading Objects // in Requester Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) // in the Amazon S3 User Guide. + // + // This functionality is not supported for directory buckets. RequestPayer *string `location:"header" locationName:"x-amz-request-payer" type:"string" enum:"RequestPayer"` - // Specifies the algorithm to use to when encrypting the object (for example, - // AES256). + // Specifies the algorithm to use when encrypting the object (for example, AES256). + // + // This functionality is not supported for directory buckets. SSECustomerAlgorithm *string `location:"header" locationName:"x-amz-server-side-encryption-customer-algorithm" type:"string"` // Specifies the customer-provided encryption key for Amazon S3 to use in encrypting @@ -14595,56 +16315,70 @@ type CreateMultipartUploadInput struct { // with the algorithm specified in the x-amz-server-side-encryption-customer-algorithm // header. // + // This functionality is not supported for directory buckets. + // // SSECustomerKey is a sensitive parameter and its value will be // replaced with "sensitive" in string returned by CreateMultipartUploadInput's // String and GoString methods. SSECustomerKey *string `marshal-as:"blob" location:"header" locationName:"x-amz-server-side-encryption-customer-key" type:"string" sensitive:"true"` - // Specifies the 128-bit MD5 digest of the encryption key according to RFC 1321. - // Amazon S3 uses this header for a message integrity check to ensure that the - // encryption key was transmitted without error. + // Specifies the 128-bit MD5 digest of the customer-provided encryption key + // according to RFC 1321. Amazon S3 uses this header for a message integrity + // check to ensure that the encryption key was transmitted without error. + // + // This functionality is not supported for directory buckets. SSECustomerKeyMD5 *string `location:"header" locationName:"x-amz-server-side-encryption-customer-key-MD5" type:"string"` // Specifies the Amazon Web Services KMS Encryption Context to use for object // encryption. The value of this header is a base64-encoded UTF-8 string holding // JSON with the encryption context key-value pairs. // + // This functionality is not supported for directory buckets. + // // SSEKMSEncryptionContext is a sensitive parameter and its value will be // replaced with "sensitive" in string returned by CreateMultipartUploadInput's // String and GoString methods. SSEKMSEncryptionContext *string `location:"header" locationName:"x-amz-server-side-encryption-context" type:"string" sensitive:"true"` - // Specifies the ID of the symmetric customer managed key to use for object - // encryption. All GET and PUT requests for an object protected by Amazon Web - // Services KMS will fail if not made via SSL or using SigV4. For information - // about configuring using any of the officially supported Amazon Web Services - // SDKs and Amazon Web Services CLI, see Specifying the Signature Version in - // Request Authentication (https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingAWSSDK.html#specify-signature-version) - // in the Amazon S3 User Guide. + // Specifies the ID (Key ID, Key ARN, or Key Alias) of the symmetric encryption + // customer managed key to use for object encryption. + // + // This functionality is not supported for directory buckets. // // SSEKMSKeyId is a sensitive parameter and its value will be // replaced with "sensitive" in string returned by CreateMultipartUploadInput's // String and GoString methods. SSEKMSKeyId *string `location:"header" locationName:"x-amz-server-side-encryption-aws-kms-key-id" type:"string" sensitive:"true"` - // The server-side encryption algorithm used when storing this object in Amazon + // The server-side encryption algorithm used when you store this object in Amazon // S3 (for example, AES256, aws:kms). + // + // For directory buckets, only server-side encryption with Amazon S3 managed + // keys (SSE-S3) (AES256) is supported. ServerSideEncryption *string `location:"header" locationName:"x-amz-server-side-encryption" type:"string" enum:"ServerSideEncryption"` // By default, Amazon S3 uses the STANDARD Storage Class to store newly created // objects. The STANDARD storage class provides high durability and high availability. // Depending on performance needs, you can specify a different Storage Class. - // Amazon S3 on Outposts only uses the OUTPOSTS Storage Class. For more information, - // see Storage Classes (https://docs.aws.amazon.com/AmazonS3/latest/dev/storage-class-intro.html) + // For more information, see Storage Classes (https://docs.aws.amazon.com/AmazonS3/latest/dev/storage-class-intro.html) // in the Amazon S3 User Guide. + // + // * For directory buckets, only the S3 Express One Zone storage class is + // supported to store newly created objects. + // + // * Amazon S3 on Outposts only uses the OUTPOSTS Storage Class. StorageClass *string `location:"header" locationName:"x-amz-storage-class" type:"string" enum:"StorageClass"` // The tag-set for the object. The tag-set must be encoded as URL Query parameters. + // + // This functionality is not supported for directory buckets. Tagging *string `location:"header" locationName:"x-amz-tagging" type:"string"` // If the bucket is configured as a website, redirects requests for this object // to another object in the same bucket or to an external URL. Amazon S3 stores // the value of this header in the object metadata. + // + // This functionality is not supported for directory buckets. WebsiteRedirectLocation *string `location:"header" locationName:"x-amz-website-redirect-location" type:"string"` } @@ -14917,38 +16651,32 @@ type CreateMultipartUploadOutput struct { // name in the request, the response includes this header. The header indicates // when the initiated multipart upload becomes eligible for an abort operation. // For more information, see Aborting Incomplete Multipart Uploads Using a Bucket - // Lifecycle Policy (https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuoverview.html#mpu-abort-incomplete-mpu-lifecycle-config). + // Lifecycle Configuration (https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuoverview.html#mpu-abort-incomplete-mpu-lifecycle-config) + // in the Amazon S3 User Guide. // // The response also includes the x-amz-abort-rule-id header that provides the - // ID of the lifecycle configuration rule that defines this action. + // ID of the lifecycle configuration rule that defines the abort action. + // + // This functionality is not supported for directory buckets. AbortDate *time.Time `location:"header" locationName:"x-amz-abort-date" type:"timestamp"` // This header is returned along with the x-amz-abort-date header. It identifies // the applicable lifecycle configuration rule that defines the action to abort // incomplete multipart uploads. + // + // This functionality is not supported for directory buckets. AbortRuleId *string `location:"header" locationName:"x-amz-abort-rule-id" type:"string"` // The name of the bucket to which the multipart upload was initiated. Does // not return the access point ARN or access point alias if used. // - // When using this action with an access point, you must direct requests to - // the access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. - // When using this action with an access point through the Amazon Web Services - // SDKs, you provide the access point ARN in place of the bucket name. For more - // information about access point ARNs, see Using access points (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html) - // in the Amazon S3 User Guide. - // - // When using this action with Amazon S3 on Outposts, you must direct requests - // to the S3 on Outposts hostname. The S3 on Outposts hostname takes the form - // AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com. When - // using this action with S3 on Outposts through the Amazon Web Services SDKs, - // you provide the Outposts bucket ARN in place of the bucket name. For more - // information about S3 on Outposts ARNs, see Using Amazon S3 on Outposts (https://docs.aws.amazon.com/AmazonS3/latest/userguide/S3onOutposts.html) - // in the Amazon S3 User Guide. + // Access points are not supported by directory buckets. Bucket *string `locationName:"Bucket" type:"string"` // Indicates whether the multipart upload uses an S3 Bucket Key for server-side - // encryption with Amazon Web Services KMS (SSE-KMS). + // encryption with Key Management Service (KMS) keys (SSE-KMS). + // + // This functionality is not supported for directory buckets. BucketKeyEnabled *bool `location:"header" locationName:"x-amz-server-side-encryption-bucket-key-enabled" type:"boolean"` // The algorithm that was used to create a checksum of the object. @@ -14959,38 +16687,50 @@ type CreateMultipartUploadOutput struct { // If present, indicates that the requester was successfully charged for the // request. + // + // This functionality is not supported for directory buckets. RequestCharged *string `location:"header" locationName:"x-amz-request-charged" type:"string" enum:"RequestCharged"` // If server-side encryption with a customer-provided encryption key was requested, - // the response will include this header confirming the encryption algorithm - // used. + // the response will include this header to confirm the encryption algorithm + // that's used. + // + // This functionality is not supported for directory buckets. SSECustomerAlgorithm *string `location:"header" locationName:"x-amz-server-side-encryption-customer-algorithm" type:"string"` // If server-side encryption with a customer-provided encryption key was requested, - // the response will include this header to provide round-trip message integrity + // the response will include this header to provide the round-trip message integrity // verification of the customer-provided encryption key. + // + // This functionality is not supported for directory buckets. SSECustomerKeyMD5 *string `location:"header" locationName:"x-amz-server-side-encryption-customer-key-MD5" type:"string"` - // If present, specifies the Amazon Web Services KMS Encryption Context to use + // If present, indicates the Amazon Web Services KMS Encryption Context to use // for object encryption. The value of this header is a base64-encoded UTF-8 // string holding JSON with the encryption context key-value pairs. // + // This functionality is not supported for directory buckets. + // // SSEKMSEncryptionContext is a sensitive parameter and its value will be // replaced with "sensitive" in string returned by CreateMultipartUploadOutput's // String and GoString methods. SSEKMSEncryptionContext *string `location:"header" locationName:"x-amz-server-side-encryption-context" type:"string" sensitive:"true"` - // If present, specifies the ID of the Amazon Web Services Key Management Service - // (Amazon Web Services KMS) symmetric customer managed key that was used for - // the object. + // If present, indicates the ID of the Key Management Service (KMS) symmetric + // encryption customer managed key that was used for the object. + // + // This functionality is not supported for directory buckets. // // SSEKMSKeyId is a sensitive parameter and its value will be // replaced with "sensitive" in string returned by CreateMultipartUploadOutput's // String and GoString methods. SSEKMSKeyId *string `location:"header" locationName:"x-amz-server-side-encryption-aws-kms-key-id" type:"string" sensitive:"true"` - // The server-side encryption algorithm used when storing this object in Amazon + // The server-side encryption algorithm used when you store this object in Amazon // S3 (for example, AES256, aws:kms). + // + // For directory buckets, only server-side encryption with Amazon S3 managed + // keys (SSE-S3) (AES256) is supported. ServerSideEncryption *string `location:"header" locationName:"x-amz-server-side-encryption" type:"string" enum:"ServerSideEncryption"` // ID for the initiated multipart upload. @@ -15100,6 +16840,136 @@ func (s *CreateMultipartUploadOutput) SetUploadId(v string) *CreateMultipartUplo return s } +type CreateSessionInput struct { + _ struct{} `locationName:"CreateSessionRequest" type:"structure"` + + // The name of the bucket that you create a session for. + // + // Bucket is a required field + Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` + + // Specifies the mode of the session that will be created, either ReadWrite + // or ReadOnly. By default, a ReadWrite session is created. A ReadWrite session + // is capable of executing all the Zonal endpoint APIs on a directory bucket. + // A ReadOnly session is constrained to execute the following Zonal endpoint + // APIs: GetObject, HeadObject, ListObjectsV2, GetObjectAttributes, ListParts, + // and ListMultipartUploads. + SessionMode *string `location:"header" locationName:"x-amz-create-session-mode" type:"string" enum:"SessionMode"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CreateSessionInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CreateSessionInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *CreateSessionInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "CreateSessionInput"} + if s.Bucket == nil { + invalidParams.Add(request.NewErrParamRequired("Bucket")) + } + if s.Bucket != nil && len(*s.Bucket) < 1 { + invalidParams.Add(request.NewErrParamMinLen("Bucket", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetBucket sets the Bucket field's value. +func (s *CreateSessionInput) SetBucket(v string) *CreateSessionInput { + s.Bucket = &v + return s +} + +func (s *CreateSessionInput) getBucket() (v string) { + if s.Bucket == nil { + return v + } + return *s.Bucket +} + +// SetSessionMode sets the SessionMode field's value. +func (s *CreateSessionInput) SetSessionMode(v string) *CreateSessionInput { + s.SessionMode = &v + return s +} + +func (s *CreateSessionInput) getEndpointARN() (arn.Resource, error) { + if s.Bucket == nil { + return nil, fmt.Errorf("member Bucket is nil") + } + return parseEndpointARN(*s.Bucket) +} + +func (s *CreateSessionInput) hasEndpointARN() bool { + if s.Bucket == nil { + return false + } + return arn.IsARN(*s.Bucket) +} + +// updateArnableField updates the value of the input field that +// takes an ARN as an input. This method is useful to backfill +// the parsed resource name from ARN into the input member. +// It returns a pointer to a modified copy of input and an error. +// Note that original input is not modified. +func (s CreateSessionInput) updateArnableField(v string) (interface{}, error) { + if s.Bucket == nil { + return nil, fmt.Errorf("member Bucket is nil") + } + s.Bucket = aws.String(v) + return &s, nil +} + +type CreateSessionOutput struct { + _ struct{} `type:"structure"` + + // The established temporary security credentials for the created session.. + // + // Credentials is a required field + Credentials *SessionCredentials `locationName:"Credentials" type:"structure" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CreateSessionOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CreateSessionOutput) GoString() string { + return s.String() +} + +// SetCredentials sets the Credentials field's value. +func (s *CreateSessionOutput) SetCredentials(v *SessionCredentials) *CreateSessionOutput { + s.Credentials = v + return s +} + // The container element for specifying the default Object Lock retention settings // for new objects placed in the specified bucket. // @@ -15163,7 +17033,12 @@ func (s *DefaultRetention) SetYears(v int64) *DefaultRetention { type Delete struct { _ struct{} `type:"structure"` - // The objects to delete. + // The object to delete. + // + // Directory buckets - For directory buckets, an object that's composed entirely + // of whitespace characters is not supported by the DeleteObjects API operation. + // The request will receive a 400 Bad Request error and none of the objects + // in the request will be deleted. // // Objects is a required field Objects []*ObjectIdentifier `locationName:"Object" type:"list" flattened:"true" required:"true"` @@ -15234,9 +17109,9 @@ type DeleteBucketAnalyticsConfigurationInput struct { // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` // The ID that identifies the analytics configuration. @@ -15364,9 +17239,9 @@ type DeleteBucketCorsInput struct { // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` } @@ -15481,9 +17356,9 @@ type DeleteBucketEncryptionInput struct { // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` } @@ -15594,12 +17469,25 @@ type DeleteBucketInput struct { // Specifies the bucket being deleted. // + // Directory buckets - When you use this operation with a directory bucket, + // you must use path-style requests in the format https://s3express-control.region_code.amazonaws.com/bucket-name + // . Virtual-hosted-style requests aren't supported. Directory bucket names + // must be unique in the chosen Availability Zone. Bucket names must also follow + // the format bucket_base_name--az_id--x-s3 (for example, DOC-EXAMPLE-BUCKET--usw2-az1--x-s3). + // For information about bucket naming restrictions, see Directory bucket naming + // rules (https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-bucket-naming-rules.html) + // in the Amazon S3 User Guide + // // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). + // + // For directory buckets, this header is not supported in this API operation. + // If you specify this header, the request fails with the HTTP status code 501 + // Not Implemented. ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` } @@ -15811,9 +17699,9 @@ type DeleteBucketInventoryConfigurationInput struct { // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` // The ID used to identify the inventory configuration. @@ -15941,9 +17829,9 @@ type DeleteBucketLifecycleInput struct { // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` } @@ -16057,12 +17945,13 @@ type DeleteBucketMetricsConfigurationInput struct { // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` - // The ID used to identify the metrics configuration. + // The ID used to identify the metrics configuration. The ID has a 64 character + // limit and can only contain letters, numbers, periods, dashes, and underscores. // // Id is a required field Id *string `location:"querystring" locationName:"id" type:"string" required:"true"` @@ -16209,9 +18098,9 @@ type DeleteBucketOwnershipControlsInput struct { // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` } @@ -16322,12 +18211,25 @@ type DeleteBucketPolicyInput struct { // The bucket name. // + // Directory buckets - When you use this operation with a directory bucket, + // you must use path-style requests in the format https://s3express-control.region_code.amazonaws.com/bucket-name + // . Virtual-hosted-style requests aren't supported. Directory bucket names + // must be unique in the chosen Availability Zone. Bucket names must also follow + // the format bucket_base_name--az_id--x-s3 (for example, DOC-EXAMPLE-BUCKET--usw2-az1--x-s3). + // For information about bucket naming restrictions, see Directory bucket naming + // rules (https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-bucket-naming-rules.html) + // in the Amazon S3 User Guide + // // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). + // + // For directory buckets, this header is not supported in this API operation. + // If you specify this header, the request fails with the HTTP status code 501 + // Not Implemented. ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` } @@ -16441,9 +18343,9 @@ type DeleteBucketReplicationInput struct { // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` } @@ -16557,9 +18459,9 @@ type DeleteBucketTaggingInput struct { // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` } @@ -16673,9 +18575,9 @@ type DeleteBucketWebsiteInput struct { // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` } @@ -16792,7 +18694,7 @@ type DeleteMarkerEntry struct { // The object key. Key *string `min:"1" type:"string"` - // Date and time the object was last modified. + // Date and time when the object was last modified. LastModified *time.Time `type:"timestamp"` // The account that created the delete marker.> @@ -16901,19 +18803,33 @@ type DeleteObjectInput struct { // The bucket name of the bucket containing the object. // - // When using this action with an access point, you must direct requests to - // the access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. + // Directory buckets - When you use this operation with a directory bucket, + // you must use virtual-hosted-style requests in the format Bucket_name.s3express-az_id.region.amazonaws.com. + // Path-style requests are not supported. Directory bucket names must be unique + // in the chosen Availability Zone. Bucket names must follow the format bucket_base_name--az-id--x-s3 + // (for example, DOC-EXAMPLE-BUCKET--usw2-az1--x-s3). For information about + // bucket naming restrictions, see Directory bucket naming rules (https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-bucket-naming-rules.html) + // in the Amazon S3 User Guide. + // + // Access points - When you use this action with an access point, you must provide + // the alias of the access point in place of the bucket name or specify the + // access point ARN. When using the access point ARN, you must direct requests + // to the access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. // When using this action with an access point through the Amazon Web Services // SDKs, you provide the access point ARN in place of the bucket name. For more // information about access point ARNs, see Using access points (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html) // in the Amazon S3 User Guide. // - // When using this action with Amazon S3 on Outposts, you must direct requests - // to the S3 on Outposts hostname. The S3 on Outposts hostname takes the form - // AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com. When - // using this action with S3 on Outposts through the Amazon Web Services SDKs, - // you provide the Outposts bucket ARN in place of the bucket name. For more - // information about S3 on Outposts ARNs, see Using Amazon S3 on Outposts (https://docs.aws.amazon.com/AmazonS3/latest/userguide/S3onOutposts.html) + // Access points and Object Lambda access points are not supported by directory + // buckets. + // + // S3 on Outposts - When you use this action with Amazon S3 on Outposts, you + // must direct requests to the S3 on Outposts hostname. The S3 on Outposts hostname + // takes the form AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com. + // When you use this action with S3 on Outposts through the Amazon Web Services + // SDKs, you provide the Outposts access point ARN in place of the bucket name. + // For more information about S3 on Outposts ARNs, see What is S3 on Outposts? + // (https://docs.aws.amazon.com/AmazonS3/latest/userguide/S3onOutposts.html) // in the Amazon S3 User Guide. // // Bucket is a required field @@ -16922,11 +18838,13 @@ type DeleteObjectInput struct { // Indicates whether S3 Object Lock should bypass Governance-mode restrictions // to process this operation. To use this header, you must have the s3:BypassGovernanceRetention // permission. + // + // This functionality is not supported for directory buckets. BypassGovernanceRetention *bool `location:"header" locationName:"x-amz-bypass-governance-retention" type:"boolean"` - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` // Key name of the object to delete. @@ -16938,16 +18856,25 @@ type DeleteObjectInput struct { // and the value that is displayed on your authentication device. Required to // permanently delete a versioned object if versioning is configured with MFA // delete enabled. + // + // This functionality is not supported for directory buckets. MFA *string `location:"header" locationName:"x-amz-mfa" type:"string"` // Confirms that the requester knows that they will be charged for the request. - // Bucket owners need not specify this parameter in their requests. For information - // about downloading objects from Requester Pays buckets, see Downloading Objects + // Bucket owners need not specify this parameter in their requests. If either + // the source or destination S3 bucket has Requester Pays enabled, the requester + // will pay for corresponding charges to copy the object. For information about + // downloading objects from Requester Pays buckets, see Downloading Objects // in Requester Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) // in the Amazon S3 User Guide. + // + // This functionality is not supported for directory buckets. RequestPayer *string `location:"header" locationName:"x-amz-request-payer" type:"string" enum:"RequestPayer"` - // VersionId used to reference a specific version of the object. + // Version ID used to reference a specific version of the object. + // + // For directory buckets in this API operation, only the null value of the version + // ID is supported. VersionId *string `location:"querystring" locationName:"versionId" type:"string"` } @@ -17070,16 +18997,24 @@ func (s DeleteObjectInput) updateArnableField(v string) (interface{}, error) { type DeleteObjectOutput struct { _ struct{} `type:"structure"` - // Specifies whether the versioned object that was permanently deleted was (true) - // or was not (false) a delete marker. + // Indicates whether the specified object version that was permanently deleted + // was (true) or was not (false) a delete marker before deletion. In a simple + // DELETE, this header indicates whether (true) or not (false) the current version + // of the object is a delete marker. + // + // This functionality is not supported for directory buckets. DeleteMarker *bool `location:"header" locationName:"x-amz-delete-marker" type:"boolean"` // If present, indicates that the requester was successfully charged for the // request. + // + // This functionality is not supported for directory buckets. RequestCharged *string `location:"header" locationName:"x-amz-request-charged" type:"string" enum:"RequestCharged"` // Returns the version ID of the delete marker created as a result of the DELETE // operation. + // + // This functionality is not supported for directory buckets. VersionId *string `location:"header" locationName:"x-amz-version-id" type:"string"` } @@ -17124,27 +19059,30 @@ type DeleteObjectTaggingInput struct { // The bucket name containing the objects from which to remove the tags. // - // When using this action with an access point, you must direct requests to - // the access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. + // Access points - When you use this action with an access point, you must provide + // the alias of the access point in place of the bucket name or specify the + // access point ARN. When using the access point ARN, you must direct requests + // to the access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. // When using this action with an access point through the Amazon Web Services // SDKs, you provide the access point ARN in place of the bucket name. For more // information about access point ARNs, see Using access points (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html) // in the Amazon S3 User Guide. // - // When using this action with Amazon S3 on Outposts, you must direct requests - // to the S3 on Outposts hostname. The S3 on Outposts hostname takes the form - // AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com. When - // using this action with S3 on Outposts through the Amazon Web Services SDKs, - // you provide the Outposts bucket ARN in place of the bucket name. For more - // information about S3 on Outposts ARNs, see Using Amazon S3 on Outposts (https://docs.aws.amazon.com/AmazonS3/latest/userguide/S3onOutposts.html) + // S3 on Outposts - When you use this action with Amazon S3 on Outposts, you + // must direct requests to the S3 on Outposts hostname. The S3 on Outposts hostname + // takes the form AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com. + // When you use this action with S3 on Outposts through the Amazon Web Services + // SDKs, you provide the Outposts access point ARN in place of the bucket name. + // For more information about S3 on Outposts ARNs, see What is S3 on Outposts? + // (https://docs.aws.amazon.com/AmazonS3/latest/userguide/S3onOutposts.html) // in the Amazon S3 User Guide. // // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` // The key that identifies the object in the bucket from which to remove all @@ -17291,19 +19229,33 @@ type DeleteObjectsInput struct { // The bucket name containing the objects to delete. // - // When using this action with an access point, you must direct requests to - // the access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. + // Directory buckets - When you use this operation with a directory bucket, + // you must use virtual-hosted-style requests in the format Bucket_name.s3express-az_id.region.amazonaws.com. + // Path-style requests are not supported. Directory bucket names must be unique + // in the chosen Availability Zone. Bucket names must follow the format bucket_base_name--az-id--x-s3 + // (for example, DOC-EXAMPLE-BUCKET--usw2-az1--x-s3). For information about + // bucket naming restrictions, see Directory bucket naming rules (https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-bucket-naming-rules.html) + // in the Amazon S3 User Guide. + // + // Access points - When you use this action with an access point, you must provide + // the alias of the access point in place of the bucket name or specify the + // access point ARN. When using the access point ARN, you must direct requests + // to the access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. // When using this action with an access point through the Amazon Web Services // SDKs, you provide the access point ARN in place of the bucket name. For more // information about access point ARNs, see Using access points (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html) // in the Amazon S3 User Guide. // - // When using this action with Amazon S3 on Outposts, you must direct requests - // to the S3 on Outposts hostname. The S3 on Outposts hostname takes the form - // AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com. When - // using this action with S3 on Outposts through the Amazon Web Services SDKs, - // you provide the Outposts bucket ARN in place of the bucket name. For more - // information about S3 on Outposts ARNs, see Using Amazon S3 on Outposts (https://docs.aws.amazon.com/AmazonS3/latest/userguide/S3onOutposts.html) + // Access points and Object Lambda access points are not supported by directory + // buckets. + // + // S3 on Outposts - When you use this action with Amazon S3 on Outposts, you + // must direct requests to the S3 on Outposts hostname. The S3 on Outposts hostname + // takes the form AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com. + // When you use this action with S3 on Outposts through the Amazon Web Services + // SDKs, you provide the Outposts access point ARN in place of the bucket name. + // For more information about S3 on Outposts ARNs, see What is S3 on Outposts? + // (https://docs.aws.amazon.com/AmazonS3/latest/userguide/S3onOutposts.html) // in the Amazon S3 User Guide. // // Bucket is a required field @@ -17312,22 +19264,38 @@ type DeleteObjectsInput struct { // Specifies whether you want to delete this object even if it has a Governance-type // Object Lock in place. To use this header, you must have the s3:BypassGovernanceRetention // permission. + // + // This functionality is not supported for directory buckets. BypassGovernanceRetention *bool `location:"header" locationName:"x-amz-bypass-governance-retention" type:"boolean"` - // Indicates the algorithm used to create the checksum for the object when using - // the SDK. This header will not provide any additional functionality if not - // using the SDK. When sending this header, there must be a corresponding x-amz-checksum - // or x-amz-trailer header sent. Otherwise, Amazon S3 fails the request with - // the HTTP status code 400 Bad Request. For more information, see Checking - // object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) + // Indicates the algorithm used to create the checksum for the object when you + // use the SDK. This header will not provide any additional functionality if + // you don't use the SDK. When you send this header, there must be a corresponding + // x-amz-checksum-algorithm or x-amz-trailer header sent. Otherwise, Amazon + // S3 fails the request with the HTTP status code 400 Bad Request. + // + // For the x-amz-checksum-algorithm header, replace algorithm with the supported + // algorithm from the following list: + // + // * CRC32 + // + // * CRC32C + // + // * SHA1 + // + // * SHA256 + // + // For more information, see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) // in the Amazon S3 User Guide. // + // If the individual checksum value you provide through x-amz-checksum-algorithm + // doesn't match the checksum algorithm you set through x-amz-sdk-checksum-algorithm, + // Amazon S3 ignores any provided ChecksumAlgorithm parameter and uses the checksum + // algorithm that matches the provided value in x-amz-checksum-algorithm . + // // If you provide an individual checksum, Amazon S3 ignores any provided ChecksumAlgorithm // parameter. // - // This checksum algorithm must be the same for all parts and it match the checksum - // value supplied in the CreateMultipartUpload request. - // // The AWS SDK for Go v1 does not support automatic computing request payload // checksum. This feature is available in the AWS SDK for Go v2. If a value // is specified for this parameter, the matching algorithm's checksum member @@ -17343,22 +19311,37 @@ type DeleteObjectsInput struct { // Delete is a required field Delete *Delete `locationName:"Delete" type:"structure" required:"true" xmlURI:"http://s3.amazonaws.com/doc/2006-03-01/"` - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` // The concatenation of the authentication device's serial number, a space, // and the value that is displayed on your authentication device. Required to // permanently delete a versioned object if versioning is configured with MFA // delete enabled. + // + // When performing the DeleteObjects operation on an MFA delete enabled bucket, + // which attempts to delete the specified versioned objects, you must include + // an MFA token. If you don't provide an MFA token, the entire request will + // fail, even if there are non-versioned objects that you are trying to delete. + // If you provide an invalid token, whether there are versioned object keys + // in the request or not, the entire Multi-Object Delete request will fail. + // For information about MFA Delete, see MFA Delete (https://docs.aws.amazon.com/AmazonS3/latest/dev/Versioning.html#MultiFactorAuthenticationDelete) + // in the Amazon S3 User Guide. + // + // This functionality is not supported for directory buckets. MFA *string `location:"header" locationName:"x-amz-mfa" type:"string"` // Confirms that the requester knows that they will be charged for the request. - // Bucket owners need not specify this parameter in their requests. For information - // about downloading objects from Requester Pays buckets, see Downloading Objects + // Bucket owners need not specify this parameter in their requests. If either + // the source or destination S3 bucket has Requester Pays enabled, the requester + // will pay for corresponding charges to copy the object. For information about + // downloading objects from Requester Pays buckets, see Downloading Objects // in Requester Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) // in the Amazon S3 User Guide. + // + // This functionality is not supported for directory buckets. RequestPayer *string `location:"header" locationName:"x-amz-request-payer" type:"string" enum:"RequestPayer"` } @@ -17493,6 +19476,8 @@ type DeleteObjectsOutput struct { // If present, indicates that the requester was successfully charged for the // request. + // + // This functionality is not supported for directory buckets. RequestCharged *string `location:"header" locationName:"x-amz-request-charged" type:"string" enum:"RequestCharged"` } @@ -17540,9 +19525,9 @@ type DeletePublicAccessBlockInput struct { // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` } @@ -17652,20 +19637,27 @@ func (s DeletePublicAccessBlockOutput) GoString() string { type DeletedObject struct { _ struct{} `type:"structure"` - // Specifies whether the versioned object that was permanently deleted was (true) - // or was not (false) a delete marker. In a simple DELETE, this header indicates - // whether (true) or not (false) a delete marker was created. + // Indicates whether the specified object version that was permanently deleted + // was (true) or was not (false) a delete marker before deletion. In a simple + // DELETE, this header indicates whether (true) or not (false) the current version + // of the object is a delete marker. + // + // This functionality is not supported for directory buckets. DeleteMarker *bool `type:"boolean"` // The version ID of the delete marker created as a result of the DELETE operation. // If you delete a specific object version, the value returned by this header // is the version ID of the object version deleted. + // + // This functionality is not supported for directory buckets. DeleteMarkerVersionId *string `type:"string"` // The name of the deleted object. Key *string `min:"1" type:"string"` // The version ID of the deleted object. + // + // This functionality is not supported for directory buckets. VersionId *string `type:"string"` } @@ -17871,9 +19863,9 @@ type Encryption struct { KMSContext *string `type:"string"` // If the encryption type is aws:kms, this optional value specifies the ID of - // the symmetric customer managed key to use for encryption of job results. - // Amazon S3 only supports symmetric keys. For more information, see Using symmetric - // and asymmetric keys (https://docs.aws.amazon.com/kms/latest/developerguide/symmetric-asymmetric.html) + // the symmetric encryption customer managed key to use for encryption of job + // results. Amazon S3 only supports symmetric encryption KMS keys. For more + // information, see Asymmetric keys in KMS (https://docs.aws.amazon.com/kms/latest/developerguide/symmetric-asymmetric.html) // in the Amazon Web Services Key Management Service Developer Guide. // // KMSKeyId is a sensitive parameter and its value will be @@ -17939,8 +19931,8 @@ type EncryptionConfiguration struct { // Specifies the ID (Key ARN or Alias ARN) of the customer managed Amazon Web // Services KMS key stored in Amazon Web Services Key Management Service (KMS) // for the destination bucket. Amazon S3 uses this key to encrypt replica objects. - // Amazon S3 only supports symmetric, customer managed KMS keys. For more information, - // see Using symmetric and asymmetric keys (https://docs.aws.amazon.com/kms/latest/developerguide/symmetric-asymmetric.html) + // Amazon S3 only supports symmetric encryption KMS keys. For more information, + // see Asymmetric keys in Amazon Web Services KMS (https://docs.aws.amazon.com/kms/latest/developerguide/symmetric-asymmetric.html) // in the Amazon Web Services Key Management Service Developer Guide. ReplicaKmsKeyID *string `type:"string"` } @@ -18019,9 +20011,8 @@ type Error struct { // The error code is a string that uniquely identifies an error condition. It // is meant to be read and understood by programs that detect and handle errors - // by type. - // - // Amazon S3 error codes + // by type. The following is a list of Amazon S3 error codes. For more information, + // see Error responses (https://docs.aws.amazon.com/AmazonS3/latest/API/ErrorResponses.html). // // * Code: AccessDenied Description: Access Denied HTTP Status Code: 403 // Forbidden SOAP Fault Code Prefix: Client @@ -18341,8 +20332,8 @@ type Error struct { // and SOAP Authentication (https://docs.aws.amazon.com/AmazonS3/latest/dev/SOAPAuthentication.html) // for details. HTTP Status Code: 403 Forbidden SOAP Fault Code Prefix: Client // - // * Code: ServiceUnavailable Description: Reduce your request rate. HTTP - // Status Code: 503 Service Unavailable SOAP Fault Code Prefix: Server + // * Code: ServiceUnavailable Description: Service is unable to handle request. + // HTTP Status Code: 503 Service Unavailable SOAP Fault Code Prefix: Server // // * Code: SlowDown Description: Reduce your request rate. HTTP Status Code: // 503 Slow Down SOAP Fault Code Prefix: Server @@ -18382,6 +20373,8 @@ type Error struct { Message *string `type:"string"` // The version ID of the error. + // + // This functionality is not supported for directory buckets. VersionId *string `type:"string"` } @@ -18510,6 +20503,8 @@ func (s EventBridgeConfiguration) GoString() string { type ExistingObjectReplication struct { _ struct{} `type:"structure"` + // Specifies whether Amazon S3 replicates existing source bucket objects. + // // Status is a required field Status *string `type:"string" required:"true" enum:"ExistingObjectReplicationStatus"` } @@ -18551,8 +20546,15 @@ func (s *ExistingObjectReplication) SetStatus(v string) *ExistingObjectReplicati return s } -// Specifies the Amazon S3 object key name to filter on and whether to filter -// on the suffix or prefix of the key name. +// Specifies the Amazon S3 object key name to filter on. An object key name +// is the name assigned to an object in your Amazon S3 bucket. You specify whether +// to filter on the suffix or prefix of the object key name. A prefix is a specific +// string of characters at the beginning of an object key name, which you can +// use to organize objects. For example, you can start the key names of related +// objects with a prefix, such as 2023- or engineering/. Then, you can use FilterRule +// to find objects in a bucket with key names that have the same prefix. A suffix +// is similar to a prefix, but it is at the end of the object key name instead +// of at the beginning. type FilterRule struct { _ struct{} `type:"structure"` @@ -18605,10 +20607,21 @@ type GetBucketAccelerateConfigurationInput struct { // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` + + // Confirms that the requester knows that they will be charged for the request. + // Bucket owners need not specify this parameter in their requests. If either + // the source or destination S3 bucket has Requester Pays enabled, the requester + // will pay for corresponding charges to copy the object. For information about + // downloading objects from Requester Pays buckets, see Downloading Objects + // in Requester Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) + // in the Amazon S3 User Guide. + // + // This functionality is not supported for directory buckets. + RequestPayer *string `location:"header" locationName:"x-amz-request-payer" type:"string" enum:"RequestPayer"` } // String returns the string representation. @@ -18664,6 +20677,12 @@ func (s *GetBucketAccelerateConfigurationInput) SetExpectedBucketOwner(v string) return s } +// SetRequestPayer sets the RequestPayer field's value. +func (s *GetBucketAccelerateConfigurationInput) SetRequestPayer(v string) *GetBucketAccelerateConfigurationInput { + s.RequestPayer = &v + return s +} + func (s *GetBucketAccelerateConfigurationInput) getEndpointARN() (arn.Resource, error) { if s.Bucket == nil { return nil, fmt.Errorf("member Bucket is nil") @@ -18694,6 +20713,12 @@ func (s GetBucketAccelerateConfigurationInput) updateArnableField(v string) (int type GetBucketAccelerateConfigurationOutput struct { _ struct{} `type:"structure"` + // If present, indicates that the requester was successfully charged for the + // request. + // + // This functionality is not supported for directory buckets. + RequestCharged *string `location:"header" locationName:"x-amz-request-charged" type:"string" enum:"RequestCharged"` + // The accelerate configuration of the bucket. Status *string `type:"string" enum:"BucketAccelerateStatus"` } @@ -18716,6 +20741,12 @@ func (s GetBucketAccelerateConfigurationOutput) GoString() string { return s.String() } +// SetRequestCharged sets the RequestCharged field's value. +func (s *GetBucketAccelerateConfigurationOutput) SetRequestCharged(v string) *GetBucketAccelerateConfigurationOutput { + s.RequestCharged = &v + return s +} + // SetStatus sets the Status field's value. func (s *GetBucketAccelerateConfigurationOutput) SetStatus(v string) *GetBucketAccelerateConfigurationOutput { s.Status = &v @@ -18727,12 +20758,21 @@ type GetBucketAclInput struct { // Specifies the S3 bucket whose ACL is being requested. // + // When you use this API operation with an access point, provide the alias of + // the access point in place of the bucket name. + // + // When you use this API operation with an Object Lambda access point, provide + // the alias of the Object Lambda access point in place of the bucket name. + // If the Object Lambda access point alias in a request is not valid, the error + // code InvalidAccessPointAliasError is returned. For more information about + // InvalidAccessPointAliasError, see List of Error Codes (https://docs.aws.amazon.com/AmazonS3/latest/API/ErrorResponses.html#ErrorCodeList). + // // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` } @@ -18864,9 +20904,9 @@ type GetBucketAnalyticsConfigurationInput struct { // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` // The ID that identifies the analytics configuration. @@ -19000,12 +21040,21 @@ type GetBucketCorsInput struct { // The bucket name for which to get the cors configuration. // + // When you use this API operation with an access point, provide the alias of + // the access point in place of the bucket name. + // + // When you use this API operation with an Object Lambda access point, provide + // the alias of the Object Lambda access point in place of the bucket name. + // If the Object Lambda access point alias in a request is not valid, the error + // code InvalidAccessPointAliasError is returned. For more information about + // InvalidAccessPointAliasError, see List of Error Codes (https://docs.aws.amazon.com/AmazonS3/latest/API/ErrorResponses.html#ErrorCodeList). + // // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` } @@ -19130,9 +21179,9 @@ type GetBucketEncryptionInput struct { // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` } @@ -19384,9 +21433,9 @@ type GetBucketInventoryConfigurationInput struct { // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` // The ID used to identify the inventory configuration. @@ -19523,9 +21572,9 @@ type GetBucketLifecycleConfigurationInput struct { // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` } @@ -19648,9 +21697,9 @@ type GetBucketLifecycleInput struct { // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` } @@ -19770,12 +21819,21 @@ type GetBucketLocationInput struct { // The name of the bucket for which to get the location. // + // When you use this API operation with an access point, provide the alias of + // the access point in place of the bucket name. + // + // When you use this API operation with an Object Lambda access point, provide + // the alias of the Object Lambda access point in place of the bucket name. + // If the Object Lambda access point alias in a request is not valid, the error + // code InvalidAccessPointAliasError is returned. For more information about + // InvalidAccessPointAliasError, see List of Error Codes (https://docs.aws.amazon.com/AmazonS3/latest/API/ErrorResponses.html#ErrorCodeList). + // // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` } @@ -19900,9 +21958,9 @@ type GetBucketLoggingInput struct { // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` } @@ -20028,12 +22086,13 @@ type GetBucketMetricsConfigurationInput struct { // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` - // The ID used to identify the metrics configuration. + // The ID used to identify the metrics configuration. The ID has a 64 character + // limit and can only contain letters, numbers, periods, dashes, and underscores. // // Id is a required field Id *string `location:"querystring" locationName:"id" type:"string" required:"true"` @@ -20164,12 +22223,21 @@ type GetBucketNotificationConfigurationRequest struct { // The name of the bucket for which to get the notification configuration. // + // When you use this API operation with an access point, provide the alias of + // the access point in place of the bucket name. + // + // When you use this API operation with an Object Lambda access point, provide + // the alias of the Object Lambda access point in place of the bucket name. + // If the Object Lambda access point alias in a request is not valid, the error + // code InvalidAccessPointAliasError is returned. For more information about + // InvalidAccessPointAliasError, see List of Error Codes (https://docs.aws.amazon.com/AmazonS3/latest/API/ErrorResponses.html#ErrorCodeList). + // // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` } @@ -20261,9 +22329,9 @@ type GetBucketOwnershipControlsInput struct { // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` } @@ -20382,14 +22450,40 @@ func (s *GetBucketOwnershipControlsOutput) SetOwnershipControls(v *OwnershipCont type GetBucketPolicyInput struct { _ struct{} `locationName:"GetBucketPolicyRequest" type:"structure"` - // The bucket name for which to get the bucket policy. + // The bucket name to get the bucket policy for. + // + // Directory buckets - When you use this operation with a directory bucket, + // you must use path-style requests in the format https://s3express-control.region_code.amazonaws.com/bucket-name + // . Virtual-hosted-style requests aren't supported. Directory bucket names + // must be unique in the chosen Availability Zone. Bucket names must also follow + // the format bucket_base_name--az_id--x-s3 (for example, DOC-EXAMPLE-BUCKET--usw2-az1--x-s3). + // For information about bucket naming restrictions, see Directory bucket naming + // rules (https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-bucket-naming-rules.html) + // in the Amazon S3 User Guide + // + // Access points - When you use this API operation with an access point, provide + // the alias of the access point in place of the bucket name. + // + // Object Lambda access points - When you use this API operation with an Object + // Lambda access point, provide the alias of the Object Lambda access point + // in place of the bucket name. If the Object Lambda access point alias in a + // request is not valid, the error code InvalidAccessPointAliasError is returned. + // For more information about InvalidAccessPointAliasError, see List of Error + // Codes (https://docs.aws.amazon.com/AmazonS3/latest/API/ErrorResponses.html#ErrorCodeList). + // + // Access points and Object Lambda access points are not supported by directory + // buckets. // // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). + // + // For directory buckets, this header is not supported in this API operation. + // If you specify this header, the request fails with the HTTP status code 501 + // Not Implemented. ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` } @@ -20512,9 +22606,9 @@ type GetBucketPolicyStatusInput struct { // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` } @@ -20637,9 +22731,9 @@ type GetBucketReplicationInput struct { // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` } @@ -20763,9 +22857,9 @@ type GetBucketRequestPaymentInput struct { // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` } @@ -20888,9 +22982,9 @@ type GetBucketTaggingInput struct { // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` } @@ -21015,9 +23109,9 @@ type GetBucketVersioningInput struct { // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` } @@ -21151,9 +23245,9 @@ type GetBucketWebsiteInput struct { // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` } @@ -21301,8 +23395,10 @@ type GetObjectAclInput struct { // The bucket name that contains the object for which to get the ACL information. // - // When using this action with an access point, you must direct requests to - // the access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. + // Access points - When you use this action with an access point, you must provide + // the alias of the access point in place of the bucket name or specify the + // access point ARN. When using the access point ARN, you must direct requests + // to the access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. // When using this action with an access point through the Amazon Web Services // SDKs, you provide the access point ARN in place of the bucket name. For more // information about access point ARNs, see Using access points (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html) @@ -21311,9 +23407,9 @@ type GetObjectAclInput struct { // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` // The key of the object for which to get the ACL information. @@ -21322,13 +23418,19 @@ type GetObjectAclInput struct { Key *string `location:"uri" locationName:"Key" min:"1" type:"string" required:"true"` // Confirms that the requester knows that they will be charged for the request. - // Bucket owners need not specify this parameter in their requests. For information - // about downloading objects from Requester Pays buckets, see Downloading Objects + // Bucket owners need not specify this parameter in their requests. If either + // the source or destination S3 bucket has Requester Pays enabled, the requester + // will pay for corresponding charges to copy the object. For information about + // downloading objects from Requester Pays buckets, see Downloading Objects // in Requester Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) // in the Amazon S3 User Guide. + // + // This functionality is not supported for directory buckets. RequestPayer *string `location:"header" locationName:"x-amz-request-payer" type:"string" enum:"RequestPayer"` - // VersionId used to reference a specific version of the object. + // Version ID used to reference a specific version of the object. + // + // This functionality is not supported for directory buckets. VersionId *string `location:"querystring" locationName:"versionId" type:"string"` } @@ -21447,6 +23549,8 @@ type GetObjectAclOutput struct { // If present, indicates that the requester was successfully charged for the // request. + // + // This functionality is not supported for directory buckets. RequestCharged *string `location:"header" locationName:"x-amz-request-charged" type:"string" enum:"RequestCharged"` } @@ -21491,27 +23595,41 @@ type GetObjectAttributesInput struct { // The name of the bucket that contains the object. // - // When using this action with an access point, you must direct requests to - // the access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. + // Directory buckets - When you use this operation with a directory bucket, + // you must use virtual-hosted-style requests in the format Bucket_name.s3express-az_id.region.amazonaws.com. + // Path-style requests are not supported. Directory bucket names must be unique + // in the chosen Availability Zone. Bucket names must follow the format bucket_base_name--az-id--x-s3 + // (for example, DOC-EXAMPLE-BUCKET--usw2-az1--x-s3). For information about + // bucket naming restrictions, see Directory bucket naming rules (https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-bucket-naming-rules.html) + // in the Amazon S3 User Guide. + // + // Access points - When you use this action with an access point, you must provide + // the alias of the access point in place of the bucket name or specify the + // access point ARN. When using the access point ARN, you must direct requests + // to the access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. // When using this action with an access point through the Amazon Web Services // SDKs, you provide the access point ARN in place of the bucket name. For more // information about access point ARNs, see Using access points (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html) // in the Amazon S3 User Guide. // - // When using this action with Amazon S3 on Outposts, you must direct requests - // to the S3 on Outposts hostname. The S3 on Outposts hostname takes the form - // AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com. When - // using this action with S3 on Outposts through the Amazon Web Services SDKs, - // you provide the Outposts bucket ARN in place of the bucket name. For more - // information about S3 on Outposts ARNs, see Using Amazon S3 on Outposts (https://docs.aws.amazon.com/AmazonS3/latest/userguide/S3onOutposts.html) + // Access points and Object Lambda access points are not supported by directory + // buckets. + // + // S3 on Outposts - When you use this action with Amazon S3 on Outposts, you + // must direct requests to the S3 on Outposts hostname. The S3 on Outposts hostname + // takes the form AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com. + // When you use this action with S3 on Outposts through the Amazon Web Services + // SDKs, you provide the Outposts access point ARN in place of the bucket name. + // For more information about S3 on Outposts ARNs, see What is S3 on Outposts? + // (https://docs.aws.amazon.com/AmazonS3/latest/userguide/S3onOutposts.html) // in the Amazon S3 User Guide. // // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` // The object key. @@ -21522,8 +23640,8 @@ type GetObjectAttributesInput struct { // Sets the maximum number of parts to return. MaxParts *int64 `location:"header" locationName:"x-amz-max-parts" type:"integer"` - // An XML header that specifies the fields at the root level that you want returned - // in the response. Fields that you do not specify are not returned. + // Specifies the fields at the root level that you want returned in the response. + // Fields that you do not specify are not returned. // // ObjectAttributes is a required field ObjectAttributes []*string `location:"header" locationName:"x-amz-object-attributes" type:"list" required:"true" enum:"ObjectAttributes"` @@ -21533,13 +23651,19 @@ type GetObjectAttributesInput struct { PartNumberMarker *int64 `location:"header" locationName:"x-amz-part-number-marker" type:"integer"` // Confirms that the requester knows that they will be charged for the request. - // Bucket owners need not specify this parameter in their requests. For information - // about downloading objects from Requester Pays buckets, see Downloading Objects + // Bucket owners need not specify this parameter in their requests. If either + // the source or destination S3 bucket has Requester Pays enabled, the requester + // will pay for corresponding charges to copy the object. For information about + // downloading objects from Requester Pays buckets, see Downloading Objects // in Requester Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) // in the Amazon S3 User Guide. + // + // This functionality is not supported for directory buckets. RequestPayer *string `location:"header" locationName:"x-amz-request-payer" type:"string" enum:"RequestPayer"` // Specifies the algorithm to use when encrypting the object (for example, AES256). + // + // This functionality is not supported for directory buckets. SSECustomerAlgorithm *string `location:"header" locationName:"x-amz-server-side-encryption-customer-algorithm" type:"string"` // Specifies the customer-provided encryption key for Amazon S3 to use in encrypting @@ -21548,6 +23672,8 @@ type GetObjectAttributesInput struct { // with the algorithm specified in the x-amz-server-side-encryption-customer-algorithm // header. // + // This functionality is not supported for directory buckets. + // // SSECustomerKey is a sensitive parameter and its value will be // replaced with "sensitive" in string returned by GetObjectAttributesInput's // String and GoString methods. @@ -21556,9 +23682,16 @@ type GetObjectAttributesInput struct { // Specifies the 128-bit MD5 digest of the encryption key according to RFC 1321. // Amazon S3 uses this header for a message integrity check to ensure that the // encryption key was transmitted without error. + // + // This functionality is not supported for directory buckets. SSECustomerKeyMD5 *string `location:"header" locationName:"x-amz-server-side-encryption-customer-key-MD5" type:"string"` // The version ID used to reference a specific version of the object. + // + // S3 Versioning isn't enabled and supported for directory buckets. For this + // API operation, only the null value of the version ID is supported by directory + // buckets. You can only specify null to the versionId query parameter in the + // request. VersionId *string `location:"querystring" locationName:"versionId" type:"string"` } @@ -21720,6 +23853,8 @@ type GetObjectAttributesOutput struct { // Specifies whether the object retrieved was (true) or was not (false) a delete // marker. If false, this response header does not appear in the response. + // + // This functionality is not supported for directory buckets. DeleteMarker *bool `location:"header" locationName:"x-amz-delete-marker" type:"boolean"` // An ETag is an opaque identifier assigned by a web server to a specific version @@ -21737,15 +23872,22 @@ type GetObjectAttributesOutput struct { // If present, indicates that the requester was successfully charged for the // request. + // + // This functionality is not supported for directory buckets. RequestCharged *string `location:"header" locationName:"x-amz-request-charged" type:"string" enum:"RequestCharged"` // Provides the storage class information of the object. Amazon S3 returns this // header for all objects except for S3 Standard storage class objects. // // For more information, see Storage Classes (https://docs.aws.amazon.com/AmazonS3/latest/dev/storage-class-intro.html). + // + // Directory buckets - Only the S3 Express One Zone storage class is supported + // by directory buckets to store objects. StorageClass *string `type:"string" enum:"StorageClass"` // The version ID of the object. + // + // This functionality is not supported for directory buckets. VersionId *string `location:"header" locationName:"x-amz-version-id" type:"string"` } @@ -21843,6 +23985,15 @@ type GetObjectAttributesParts struct { // A container for elements related to a particular part. A response can contain // zero or more Parts elements. + // + // * General purpose buckets - For GetObjectAttributes, if a additional checksum + // (including x-amz-checksum-crc32, x-amz-checksum-crc32c, x-amz-checksum-sha1, + // or x-amz-checksum-sha256) isn't applied to the object specified in the + // request, the response doesn't return Part. + // + // * Directory buckets - For GetObjectAttributes, no matter whether a additional + // checksum is applied to the object specified in the request, the response + // returns Part. Parts []*ObjectPart `locationName:"Part" type:"list" flattened:"true"` // The total number of parts. @@ -21908,21 +24059,37 @@ type GetObjectInput struct { // The bucket name containing the object. // - // When using this action with an access point, you must direct requests to - // the access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. + // Directory buckets - When you use this operation with a directory bucket, + // you must use virtual-hosted-style requests in the format Bucket_name.s3express-az_id.region.amazonaws.com. + // Path-style requests are not supported. Directory bucket names must be unique + // in the chosen Availability Zone. Bucket names must follow the format bucket_base_name--az-id--x-s3 + // (for example, DOC-EXAMPLE-BUCKET--usw2-az1--x-s3). For information about + // bucket naming restrictions, see Directory bucket naming rules (https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-bucket-naming-rules.html) + // in the Amazon S3 User Guide. + // + // Access points - When you use this action with an access point, you must provide + // the alias of the access point in place of the bucket name or specify the + // access point ARN. When using the access point ARN, you must direct requests + // to the access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. // When using this action with an access point through the Amazon Web Services // SDKs, you provide the access point ARN in place of the bucket name. For more // information about access point ARNs, see Using access points (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html) // in the Amazon S3 User Guide. // - // When using an Object Lambda access point the hostname takes the form AccessPointName-AccountId.s3-object-lambda.Region.amazonaws.com. + // Object Lambda access points - When you use this action with an Object Lambda + // access point, you must direct requests to the Object Lambda access point + // hostname. The Object Lambda access point hostname takes the form AccessPointName-AccountId.s3-object-lambda.Region.amazonaws.com. + // + // Access points and Object Lambda access points are not supported by directory + // buckets. // - // When using this action with Amazon S3 on Outposts, you must direct requests - // to the S3 on Outposts hostname. The S3 on Outposts hostname takes the form - // AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com. When - // using this action with S3 on Outposts through the Amazon Web Services SDKs, - // you provide the Outposts bucket ARN in place of the bucket name. For more - // information about S3 on Outposts ARNs, see Using Amazon S3 on Outposts (https://docs.aws.amazon.com/AmazonS3/latest/userguide/S3onOutposts.html) + // S3 on Outposts - When you use this action with Amazon S3 on Outposts, you + // must direct requests to the S3 on Outposts hostname. The S3 on Outposts hostname + // takes the form AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com. + // When you use this action with S3 on Outposts through the Amazon Web Services + // SDKs, you provide the Outposts access point ARN in place of the bucket name. + // For more information about S3 on Outposts ARNs, see What is S3 on Outposts? + // (https://docs.aws.amazon.com/AmazonS3/latest/userguide/S3onOutposts.html) // in the Amazon S3 User Guide. // // Bucket is a required field @@ -21934,25 +24101,50 @@ type GetObjectInput struct { // validation. This feature is available in the AWS SDK for Go v2. ChecksumMode *string `location:"header" locationName:"x-amz-checksum-mode" type:"string" enum:"ChecksumMode"` - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` - // Return the object only if its entity tag (ETag) is the same as the one specified; - // otherwise, return a 412 (precondition failed) error. + // Return the object only if its entity tag (ETag) is the same as the one specified + // in this header; otherwise, return a 412 Precondition Failed error. + // + // If both of the If-Match and If-Unmodified-Since headers are present in the + // request as follows: If-Match condition evaluates to true, and; If-Unmodified-Since + // condition evaluates to false; then, S3 returns 200 OK and the data requested. + // + // For more information about conditional requests, see RFC 7232 (https://tools.ietf.org/html/rfc7232). IfMatch *string `location:"header" locationName:"If-Match" type:"string"` // Return the object only if it has been modified since the specified time; - // otherwise, return a 304 (not modified) error. + // otherwise, return a 304 Not Modified error. + // + // If both of the If-None-Match and If-Modified-Since headers are present in + // the request as follows:If-None-Match condition evaluates to false, and; If-Modified-Since + // condition evaluates to true; then, S3 returns 304 Not Modified status code. + // + // For more information about conditional requests, see RFC 7232 (https://tools.ietf.org/html/rfc7232). IfModifiedSince *time.Time `location:"header" locationName:"If-Modified-Since" type:"timestamp"` // Return the object only if its entity tag (ETag) is different from the one - // specified; otherwise, return a 304 (not modified) error. + // specified in this header; otherwise, return a 304 Not Modified error. + // + // If both of the If-None-Match and If-Modified-Since headers are present in + // the request as follows:If-None-Match condition evaluates to false, and; If-Modified-Since + // condition evaluates to true; then, S3 returns 304 Not Modified HTTP status + // code. + // + // For more information about conditional requests, see RFC 7232 (https://tools.ietf.org/html/rfc7232). IfNoneMatch *string `location:"header" locationName:"If-None-Match" type:"string"` // Return the object only if it has not been modified since the specified time; - // otherwise, return a 412 (precondition failed) error. + // otherwise, return a 412 Precondition Failed error. + // + // If both of the If-Match and If-Unmodified-Since headers are present in the + // request as follows: If-Match condition evaluates to true, and; If-Unmodified-Since + // condition evaluates to false; then, S3 returns 200 OK and the data requested. + // + // For more information about conditional requests, see RFC 7232 (https://tools.ietf.org/html/rfc7232). IfUnmodifiedSince *time.Time `location:"header" locationName:"If-Unmodified-Since" type:"timestamp"` // Key of the object to get. @@ -21965,24 +24157,28 @@ type GetObjectInput struct { // Useful for downloading just a part of an object. PartNumber *int64 `location:"querystring" locationName:"partNumber" type:"integer"` - // Downloads the specified range bytes of an object. For more information about - // the HTTP Range header, see https://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.35 - // (https://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.35). + // Downloads the specified byte range of an object. For more information about + // the HTTP Range header, see https://www.rfc-editor.org/rfc/rfc9110.html#name-range + // (https://www.rfc-editor.org/rfc/rfc9110.html#name-range). // // Amazon S3 doesn't support retrieving multiple ranges of data per GET request. Range *string `location:"header" locationName:"Range" type:"string"` // Confirms that the requester knows that they will be charged for the request. - // Bucket owners need not specify this parameter in their requests. For information - // about downloading objects from Requester Pays buckets, see Downloading Objects + // Bucket owners need not specify this parameter in their requests. If either + // the source or destination S3 bucket has Requester Pays enabled, the requester + // will pay for corresponding charges to copy the object. For information about + // downloading objects from Requester Pays buckets, see Downloading Objects // in Requester Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) // in the Amazon S3 User Guide. + // + // This functionality is not supported for directory buckets. RequestPayer *string `location:"header" locationName:"x-amz-request-payer" type:"string" enum:"RequestPayer"` // Sets the Cache-Control header of the response. ResponseCacheControl *string `location:"querystring" locationName:"response-cache-control" type:"string"` - // Sets the Content-Disposition header of the response + // Sets the Content-Disposition header of the response. ResponseContentDisposition *string `location:"querystring" locationName:"response-content-disposition" type:"string"` // Sets the Content-Encoding header of the response. @@ -21997,27 +24193,92 @@ type GetObjectInput struct { // Sets the Expires header of the response. ResponseExpires *time.Time `location:"querystring" locationName:"response-expires" type:"timestamp" timestampFormat:"rfc822"` - // Specifies the algorithm to use to when decrypting the object (for example, - // AES256). + // Specifies the algorithm to use when decrypting the object (for example, AES256). + // + // If you encrypt an object by using server-side encryption with customer-provided + // encryption keys (SSE-C) when you store the object in Amazon S3, then when + // you GET the object, you must use the following headers: + // + // * x-amz-server-side-encryption-customer-algorithm + // + // * x-amz-server-side-encryption-customer-key + // + // * x-amz-server-side-encryption-customer-key-MD5 + // + // For more information about SSE-C, see Server-Side Encryption (Using Customer-Provided + // Encryption Keys) (https://docs.aws.amazon.com/AmazonS3/latest/dev/ServerSideEncryptionCustomerKeys.html) + // in the Amazon S3 User Guide. + // + // This functionality is not supported for directory buckets. SSECustomerAlgorithm *string `location:"header" locationName:"x-amz-server-side-encryption-customer-algorithm" type:"string"` - // Specifies the customer-provided encryption key for Amazon S3 used to encrypt - // the data. This value is used to decrypt the object when recovering it and - // must match the one used when storing the data. The key must be appropriate - // for use with the algorithm specified in the x-amz-server-side-encryption-customer-algorithm - // header. + // Specifies the customer-provided encryption key that you originally provided + // for Amazon S3 to encrypt the data before storing it. This value is used to + // decrypt the object when recovering it and must match the one used when storing + // the data. The key must be appropriate for use with the algorithm specified + // in the x-amz-server-side-encryption-customer-algorithm header. + // + // If you encrypt an object by using server-side encryption with customer-provided + // encryption keys (SSE-C) when you store the object in Amazon S3, then when + // you GET the object, you must use the following headers: + // + // * x-amz-server-side-encryption-customer-algorithm + // + // * x-amz-server-side-encryption-customer-key + // + // * x-amz-server-side-encryption-customer-key-MD5 + // + // For more information about SSE-C, see Server-Side Encryption (Using Customer-Provided + // Encryption Keys) (https://docs.aws.amazon.com/AmazonS3/latest/dev/ServerSideEncryptionCustomerKeys.html) + // in the Amazon S3 User Guide. + // + // This functionality is not supported for directory buckets. // // SSECustomerKey is a sensitive parameter and its value will be // replaced with "sensitive" in string returned by GetObjectInput's // String and GoString methods. SSECustomerKey *string `marshal-as:"blob" location:"header" locationName:"x-amz-server-side-encryption-customer-key" type:"string" sensitive:"true"` - // Specifies the 128-bit MD5 digest of the encryption key according to RFC 1321. - // Amazon S3 uses this header for a message integrity check to ensure that the - // encryption key was transmitted without error. + // Specifies the 128-bit MD5 digest of the customer-provided encryption key + // according to RFC 1321. Amazon S3 uses this header for a message integrity + // check to ensure that the encryption key was transmitted without error. + // + // If you encrypt an object by using server-side encryption with customer-provided + // encryption keys (SSE-C) when you store the object in Amazon S3, then when + // you GET the object, you must use the following headers: + // + // * x-amz-server-side-encryption-customer-algorithm + // + // * x-amz-server-side-encryption-customer-key + // + // * x-amz-server-side-encryption-customer-key-MD5 + // + // For more information about SSE-C, see Server-Side Encryption (Using Customer-Provided + // Encryption Keys) (https://docs.aws.amazon.com/AmazonS3/latest/dev/ServerSideEncryptionCustomerKeys.html) + // in the Amazon S3 User Guide. + // + // This functionality is not supported for directory buckets. SSECustomerKeyMD5 *string `location:"header" locationName:"x-amz-server-side-encryption-customer-key-MD5" type:"string"` - // VersionId used to reference a specific version of the object. + // Version ID used to reference a specific version of the object. + // + // By default, the GetObject operation returns the current version of an object. + // To return a different version, use the versionId subresource. + // + // * If you include a versionId in your request header, you must have the + // s3:GetObjectVersion permission to access a specific version of an object. + // The s3:GetObject permission is not required in this scenario. + // + // * If you request the current version of an object without a specific versionId + // in the request header, only the s3:GetObject permission is required. The + // s3:GetObjectVersion permission is not required in this scenario. + // + // * Directory buckets - S3 Versioning isn't enabled and supported for directory + // buckets. For this API operation, only the null value of the version ID + // is supported by directory buckets. You can only specify null to the versionId + // query parameter in the request. + // + // For more information about versioning, see PutBucketVersioning (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketVersioning.html). VersionId *string `location:"querystring" locationName:"versionId" type:"string"` } @@ -22234,8 +24495,10 @@ type GetObjectLegalHoldInput struct { // The bucket name containing the object whose legal hold status you want to // retrieve. // - // When using this action with an access point, you must direct requests to - // the access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. + // Access points - When you use this action with an access point, you must provide + // the alias of the access point in place of the bucket name or specify the + // access point ARN. When using the access point ARN, you must direct requests + // to the access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. // When using this action with an access point through the Amazon Web Services // SDKs, you provide the access point ARN in place of the bucket name. For more // information about access point ARNs, see Using access points (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html) @@ -22244,9 +24507,9 @@ type GetObjectLegalHoldInput struct { // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` // The key name for the object whose legal hold status you want to retrieve. @@ -22255,10 +24518,14 @@ type GetObjectLegalHoldInput struct { Key *string `location:"uri" locationName:"Key" min:"1" type:"string" required:"true"` // Confirms that the requester knows that they will be charged for the request. - // Bucket owners need not specify this parameter in their requests. For information - // about downloading objects from Requester Pays buckets, see Downloading Objects + // Bucket owners need not specify this parameter in their requests. If either + // the source or destination S3 bucket has Requester Pays enabled, the requester + // will pay for corresponding charges to copy the object. For information about + // downloading objects from Requester Pays buckets, see Downloading Objects // in Requester Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) // in the Amazon S3 User Guide. + // + // This functionality is not supported for directory buckets. RequestPayer *string `location:"header" locationName:"x-amz-request-payer" type:"string" enum:"RequestPayer"` // The version ID of the object whose legal hold status you want to retrieve. @@ -22373,7 +24640,7 @@ type GetObjectLegalHoldOutput struct { _ struct{} `type:"structure" payload:"LegalHold"` // The current legal hold status for the specified object. - LegalHold *ObjectLockLegalHold `type:"structure"` + LegalHold *ObjectLockLegalHold `locationName:"LegalHold" type:"structure"` } // String returns the string representation. @@ -22405,8 +24672,10 @@ type GetObjectLockConfigurationInput struct { // The bucket whose Object Lock configuration you want to retrieve. // - // When using this action with an access point, you must direct requests to - // the access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. + // Access points - When you use this action with an access point, you must provide + // the alias of the access point in place of the bucket name or specify the + // access point ARN. When using the access point ARN, you must direct requests + // to the access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. // When using this action with an access point through the Amazon Web Services // SDKs, you provide the access point ARN in place of the bucket name. For more // information about access point ARNs, see Using access points (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html) @@ -22415,9 +24684,9 @@ type GetObjectLockConfigurationInput struct { // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` } @@ -22535,55 +24804,49 @@ func (s *GetObjectLockConfigurationOutput) SetObjectLockConfiguration(v *ObjectL type GetObjectOutput struct { _ struct{} `type:"structure" payload:"Body"` - // Indicates that a range of bytes was specified. + // Indicates that a range of bytes was specified in the request. AcceptRanges *string `location:"header" locationName:"accept-ranges" type:"string"` // Object data. Body io.ReadCloser `type:"blob"` // Indicates whether the object uses an S3 Bucket Key for server-side encryption - // with Amazon Web Services KMS (SSE-KMS). + // with Key Management Service (KMS) keys (SSE-KMS). + // + // This functionality is not supported for directory buckets. BucketKeyEnabled *bool `location:"header" locationName:"x-amz-server-side-encryption-bucket-key-enabled" type:"boolean"` // Specifies caching behavior along the request/reply chain. CacheControl *string `location:"header" locationName:"Cache-Control" type:"string"` // The base64-encoded, 32-bit CRC32 checksum of the object. This will only be - // present if it was uploaded with the object. With multipart uploads, this - // may not be a checksum value of the object. For more information about how - // checksums are calculated with multipart uploads, see Checking object integrity - // (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) + // present if it was uploaded with the object. For more information, see Checking + // object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) // in the Amazon S3 User Guide. ChecksumCRC32 *string `location:"header" locationName:"x-amz-checksum-crc32" type:"string"` // The base64-encoded, 32-bit CRC32C checksum of the object. This will only - // be present if it was uploaded with the object. With multipart uploads, this - // may not be a checksum value of the object. For more information about how - // checksums are calculated with multipart uploads, see Checking object integrity - // (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) + // be present if it was uploaded with the object. For more information, see + // Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) // in the Amazon S3 User Guide. ChecksumCRC32C *string `location:"header" locationName:"x-amz-checksum-crc32c" type:"string"` // The base64-encoded, 160-bit SHA-1 digest of the object. This will only be - // present if it was uploaded with the object. With multipart uploads, this - // may not be a checksum value of the object. For more information about how - // checksums are calculated with multipart uploads, see Checking object integrity - // (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) + // present if it was uploaded with the object. For more information, see Checking + // object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) // in the Amazon S3 User Guide. ChecksumSHA1 *string `location:"header" locationName:"x-amz-checksum-sha1" type:"string"` // The base64-encoded, 256-bit SHA-256 digest of the object. This will only - // be present if it was uploaded with the object. With multipart uploads, this - // may not be a checksum value of the object. For more information about how - // checksums are calculated with multipart uploads, see Checking object integrity - // (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) + // be present if it was uploaded with the object. For more information, see + // Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) // in the Amazon S3 User Guide. ChecksumSHA256 *string `location:"header" locationName:"x-amz-checksum-sha256" type:"string"` // Specifies presentational information for the object. ContentDisposition *string `location:"header" locationName:"Content-Disposition" type:"string"` - // Specifies what content encodings have been applied to the object and thus + // Indicates what content encodings have been applied to the object and thus // what decoding mechanisms must be applied to obtain the media-type referenced // by the Content-Type header field. ContentEncoding *string `location:"header" locationName:"Content-Encoding" type:"string"` @@ -22600,23 +24863,40 @@ type GetObjectOutput struct { // A standard MIME type describing the format of the object data. ContentType *string `location:"header" locationName:"Content-Type" type:"string"` - // Specifies whether the object retrieved was (true) or was not (false) a Delete + // Indicates whether the object retrieved was (true) or was not (false) a Delete // Marker. If false, this response header does not appear in the response. + // + // * If the current version of the object is a delete marker, Amazon S3 behaves + // as if the object was deleted and includes x-amz-delete-marker: true in + // the response. + // + // * If the specified version in the request is a delete marker, the response + // returns a 405 Method Not Allowed error and the Last-Modified: timestamp + // response header. DeleteMarker *bool `location:"header" locationName:"x-amz-delete-marker" type:"boolean"` // An entity tag (ETag) is an opaque identifier assigned by a web server to // a specific version of a resource found at a URL. ETag *string `location:"header" locationName:"ETag" type:"string"` - // If the object expiration is configured (see PUT Bucket lifecycle), the response - // includes this header. It includes the expiry-date and rule-id key-value pairs - // providing object expiration information. The value of the rule-id is URL-encoded. + // If the object expiration is configured (see PutBucketLifecycleConfiguration + // (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketLifecycleConfiguration.html)), + // the response includes this header. It includes the expiry-date and rule-id + // key-value pairs providing object expiration information. The value of the + // rule-id is URL-encoded. + // + // This functionality is not supported for directory buckets. Expiration *string `location:"header" locationName:"x-amz-expiration" type:"string"` // The date and time at which the object is no longer cacheable. Expires *string `location:"header" locationName:"Expires" type:"string"` - // Creation date of the object. + // Date and time when the object was last modified. + // + // General purpose buckets - When you specify a versionId of the object in your + // request, if the specified version in the request is a delete marker, the + // response returns a 405 Method Not Allowed error and the Last-Modified: timestamp + // response header. LastModified *time.Time `location:"header" locationName:"Last-Modified" type:"timestamp"` // A map of metadata to store with the object in S3. @@ -22626,20 +24906,29 @@ type GetObjectOutput struct { // Set `aws.Config.LowerCaseHeaderMaps` to `true` to write unmarshaled keys to the map as lowercase. Metadata map[string]*string `location:"headers" locationName:"x-amz-meta-" type:"map"` - // This is set to the number of metadata entries not returned in x-amz-meta - // headers. This can happen if you create metadata using an API like SOAP that - // supports more flexible metadata than the REST API. For example, using SOAP, - // you can create metadata whose values are not legal HTTP headers. + // This is set to the number of metadata entries not returned in the headers + // that are prefixed with x-amz-meta-. This can happen if you create metadata + // using an API like SOAP that supports more flexible metadata than the REST + // API. For example, using SOAP, you can create metadata whose values are not + // legal HTTP headers. + // + // This functionality is not supported for directory buckets. MissingMeta *int64 `location:"header" locationName:"x-amz-missing-meta" type:"integer"` // Indicates whether this object has an active legal hold. This field is only // returned if you have permission to view an object's legal hold status. + // + // This functionality is not supported for directory buckets. ObjectLockLegalHoldStatus *string `location:"header" locationName:"x-amz-object-lock-legal-hold" type:"string" enum:"ObjectLockLegalHoldStatus"` - // The Object Lock mode currently in place for this object. + // The Object Lock mode that's currently in place for this object. + // + // This functionality is not supported for directory buckets. ObjectLockMode *string `location:"header" locationName:"x-amz-object-lock-mode" type:"string" enum:"ObjectLockMode"` // The date and time when this object's Object Lock will expire. + // + // This functionality is not supported for directory buckets. ObjectLockRetainUntilDate *time.Time `location:"header" locationName:"x-amz-object-lock-retain-until-date" type:"timestamp" timestampFormat:"iso8601"` // The count of parts this object has. This value is only returned if you specify @@ -22648,52 +24937,80 @@ type GetObjectOutput struct { // Amazon S3 can return this if your request involves a bucket that is either // a source or destination in a replication rule. + // + // This functionality is not supported for directory buckets. ReplicationStatus *string `location:"header" locationName:"x-amz-replication-status" type:"string" enum:"ReplicationStatus"` // If present, indicates that the requester was successfully charged for the // request. + // + // This functionality is not supported for directory buckets. RequestCharged *string `location:"header" locationName:"x-amz-request-charged" type:"string" enum:"RequestCharged"` // Provides information about object restoration action and expiration time // of the restored object copy. + // + // This functionality is not supported for directory buckets. Only the S3 Express + // One Zone storage class is supported by directory buckets to store objects. Restore *string `location:"header" locationName:"x-amz-restore" type:"string"` // If server-side encryption with a customer-provided encryption key was requested, - // the response will include this header confirming the encryption algorithm - // used. + // the response will include this header to confirm the encryption algorithm + // that's used. + // + // This functionality is not supported for directory buckets. SSECustomerAlgorithm *string `location:"header" locationName:"x-amz-server-side-encryption-customer-algorithm" type:"string"` // If server-side encryption with a customer-provided encryption key was requested, - // the response will include this header to provide round-trip message integrity + // the response will include this header to provide the round-trip message integrity // verification of the customer-provided encryption key. + // + // This functionality is not supported for directory buckets. SSECustomerKeyMD5 *string `location:"header" locationName:"x-amz-server-side-encryption-customer-key-MD5" type:"string"` - // If present, specifies the ID of the Amazon Web Services Key Management Service - // (Amazon Web Services KMS) symmetric customer managed key that was used for - // the object. + // If present, indicates the ID of the Key Management Service (KMS) symmetric + // encryption customer managed key that was used for the object. + // + // This functionality is not supported for directory buckets. // // SSEKMSKeyId is a sensitive parameter and its value will be // replaced with "sensitive" in string returned by GetObjectOutput's // String and GoString methods. SSEKMSKeyId *string `location:"header" locationName:"x-amz-server-side-encryption-aws-kms-key-id" type:"string" sensitive:"true"` - // The server-side encryption algorithm used when storing this object in Amazon - // S3 (for example, AES256, aws:kms). + // The server-side encryption algorithm used when you store this object in Amazon + // S3 (for example, AES256, aws:kms, aws:kms:dsse). + // + // For directory buckets, only server-side encryption with Amazon S3 managed + // keys (SSE-S3) (AES256) is supported. ServerSideEncryption *string `location:"header" locationName:"x-amz-server-side-encryption" type:"string" enum:"ServerSideEncryption"` // Provides storage class information of the object. Amazon S3 returns this // header for all objects except for S3 Standard storage class objects. + // + // Directory buckets - Only the S3 Express One Zone storage class is supported + // by directory buckets to store objects. StorageClass *string `location:"header" locationName:"x-amz-storage-class" type:"string" enum:"StorageClass"` - // The number of tags, if any, on the object. + // The number of tags, if any, on the object, when you have the relevant permission + // to read object tags. + // + // You can use GetObjectTagging (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObjectTagging.html) + // to retrieve the tag set associated with an object. + // + // This functionality is not supported for directory buckets. TagCount *int64 `location:"header" locationName:"x-amz-tagging-count" type:"integer"` - // Version of the object. + // Version ID of the object. + // + // This functionality is not supported for directory buckets. VersionId *string `location:"header" locationName:"x-amz-version-id" type:"string"` // If the bucket is configured as a website, redirects requests for this object // to another object in the same bucket or to an external URL. Amazon S3 stores // the value of this header in the object metadata. + // + // This functionality is not supported for directory buckets. WebsiteRedirectLocation *string `location:"header" locationName:"x-amz-website-redirect-location" type:"string"` } @@ -22937,8 +25254,10 @@ type GetObjectRetentionInput struct { // The bucket name containing the object whose retention settings you want to // retrieve. // - // When using this action with an access point, you must direct requests to - // the access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. + // Access points - When you use this action with an access point, you must provide + // the alias of the access point in place of the bucket name or specify the + // access point ARN. When using the access point ARN, you must direct requests + // to the access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. // When using this action with an access point through the Amazon Web Services // SDKs, you provide the access point ARN in place of the bucket name. For more // information about access point ARNs, see Using access points (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html) @@ -22947,9 +25266,9 @@ type GetObjectRetentionInput struct { // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` // The key name for the object whose retention settings you want to retrieve. @@ -22958,10 +25277,14 @@ type GetObjectRetentionInput struct { Key *string `location:"uri" locationName:"Key" min:"1" type:"string" required:"true"` // Confirms that the requester knows that they will be charged for the request. - // Bucket owners need not specify this parameter in their requests. For information - // about downloading objects from Requester Pays buckets, see Downloading Objects + // Bucket owners need not specify this parameter in their requests. If either + // the source or destination S3 bucket has Requester Pays enabled, the requester + // will pay for corresponding charges to copy the object. For information about + // downloading objects from Requester Pays buckets, see Downloading Objects // in Requester Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) // in the Amazon S3 User Guide. + // + // This functionality is not supported for directory buckets. RequestPayer *string `location:"header" locationName:"x-amz-request-payer" type:"string" enum:"RequestPayer"` // The version ID for the object whose retention settings you want to retrieve. @@ -23076,7 +25399,7 @@ type GetObjectRetentionOutput struct { _ struct{} `type:"structure" payload:"Retention"` // The container element for an object's retention settings. - Retention *ObjectLockRetention `type:"structure"` + Retention *ObjectLockRetention `locationName:"Retention" type:"structure"` } // String returns the string representation. @@ -23108,27 +25431,30 @@ type GetObjectTaggingInput struct { // The bucket name containing the object for which to get the tagging information. // - // When using this action with an access point, you must direct requests to - // the access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. + // Access points - When you use this action with an access point, you must provide + // the alias of the access point in place of the bucket name or specify the + // access point ARN. When using the access point ARN, you must direct requests + // to the access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. // When using this action with an access point through the Amazon Web Services // SDKs, you provide the access point ARN in place of the bucket name. For more // information about access point ARNs, see Using access points (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html) // in the Amazon S3 User Guide. // - // When using this action with Amazon S3 on Outposts, you must direct requests - // to the S3 on Outposts hostname. The S3 on Outposts hostname takes the form - // AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com. When - // using this action with S3 on Outposts through the Amazon Web Services SDKs, - // you provide the Outposts bucket ARN in place of the bucket name. For more - // information about S3 on Outposts ARNs, see Using Amazon S3 on Outposts (https://docs.aws.amazon.com/AmazonS3/latest/userguide/S3onOutposts.html) + // S3 on Outposts - When you use this action with Amazon S3 on Outposts, you + // must direct requests to the S3 on Outposts hostname. The S3 on Outposts hostname + // takes the form AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com. + // When you use this action with S3 on Outposts through the Amazon Web Services + // SDKs, you provide the Outposts access point ARN in place of the bucket name. + // For more information about S3 on Outposts ARNs, see What is S3 on Outposts? + // (https://docs.aws.amazon.com/AmazonS3/latest/userguide/S3onOutposts.html) // in the Amazon S3 User Guide. // // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` // Object key for which to get the tagging information. @@ -23137,10 +25463,14 @@ type GetObjectTaggingInput struct { Key *string `location:"uri" locationName:"Key" min:"1" type:"string" required:"true"` // Confirms that the requester knows that they will be charged for the request. - // Bucket owners need not specify this parameter in their requests. For information - // about downloading objects from Requester Pays buckets, see Downloading Objects + // Bucket owners need not specify this parameter in their requests. If either + // the source or destination S3 bucket has Requester Pays enabled, the requester + // will pay for corresponding charges to copy the object. For information about + // downloading objects from Requester Pays buckets, see Downloading Objects // in Requester Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) // in the Amazon S3 User Guide. + // + // This functionality is not supported for directory buckets. RequestPayer *string `location:"header" locationName:"x-amz-request-payer" type:"string" enum:"RequestPayer"` // The versionId of the object for which to get the tagging information. @@ -23302,9 +25632,9 @@ type GetObjectTorrentInput struct { // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` // The object key for which to get the information. @@ -23313,10 +25643,14 @@ type GetObjectTorrentInput struct { Key *string `location:"uri" locationName:"Key" min:"1" type:"string" required:"true"` // Confirms that the requester knows that they will be charged for the request. - // Bucket owners need not specify this parameter in their requests. For information - // about downloading objects from Requester Pays buckets, see Downloading Objects + // Bucket owners need not specify this parameter in their requests. If either + // the source or destination S3 bucket has Requester Pays enabled, the requester + // will pay for corresponding charges to copy the object. For information about + // downloading objects from Requester Pays buckets, see Downloading Objects // in Requester Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) // in the Amazon S3 User Guide. + // + // This functionality is not supported for directory buckets. RequestPayer *string `location:"header" locationName:"x-amz-request-payer" type:"string" enum:"RequestPayer"` } @@ -23426,6 +25760,8 @@ type GetObjectTorrentOutput struct { // If present, indicates that the requester was successfully charged for the // request. + // + // This functionality is not supported for directory buckets. RequestCharged *string `location:"header" locationName:"x-amz-request-charged" type:"string" enum:"RequestCharged"` } @@ -23468,9 +25804,9 @@ type GetPublicAccessBlockInput struct { // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` } @@ -23800,27 +26136,48 @@ type HeadBucketInput struct { // The bucket name. // - // When using this action with an access point, you must direct requests to - // the access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. + // Directory buckets - When you use this operation with a directory bucket, + // you must use virtual-hosted-style requests in the format Bucket_name.s3express-az_id.region.amazonaws.com. + // Path-style requests are not supported. Directory bucket names must be unique + // in the chosen Availability Zone. Bucket names must follow the format bucket_base_name--az-id--x-s3 + // (for example, DOC-EXAMPLE-BUCKET--usw2-az1--x-s3). For information about + // bucket naming restrictions, see Directory bucket naming rules (https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-bucket-naming-rules.html) + // in the Amazon S3 User Guide. + // + // Access points - When you use this action with an access point, you must provide + // the alias of the access point in place of the bucket name or specify the + // access point ARN. When using the access point ARN, you must direct requests + // to the access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. // When using this action with an access point through the Amazon Web Services // SDKs, you provide the access point ARN in place of the bucket name. For more // information about access point ARNs, see Using access points (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html) // in the Amazon S3 User Guide. // - // When using this action with Amazon S3 on Outposts, you must direct requests - // to the S3 on Outposts hostname. The S3 on Outposts hostname takes the form - // AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com. When - // using this action with S3 on Outposts through the Amazon Web Services SDKs, - // you provide the Outposts bucket ARN in place of the bucket name. For more - // information about S3 on Outposts ARNs, see Using Amazon S3 on Outposts (https://docs.aws.amazon.com/AmazonS3/latest/userguide/S3onOutposts.html) + // Object Lambda access points - When you use this API operation with an Object + // Lambda access point, provide the alias of the Object Lambda access point + // in place of the bucket name. If the Object Lambda access point alias in a + // request is not valid, the error code InvalidAccessPointAliasError is returned. + // For more information about InvalidAccessPointAliasError, see List of Error + // Codes (https://docs.aws.amazon.com/AmazonS3/latest/API/ErrorResponses.html#ErrorCodeList). + // + // Access points and Object Lambda access points are not supported by directory + // buckets. + // + // S3 on Outposts - When you use this action with Amazon S3 on Outposts, you + // must direct requests to the S3 on Outposts hostname. The S3 on Outposts hostname + // takes the form AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com. + // When you use this action with S3 on Outposts through the Amazon Web Services + // SDKs, you provide the Outposts access point ARN in place of the bucket name. + // For more information about S3 on Outposts ARNs, see What is S3 on Outposts? + // (https://docs.aws.amazon.com/AmazonS3/latest/userguide/S3onOutposts.html) // in the Amazon S3 User Guide. // // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` } @@ -23906,6 +26263,30 @@ func (s HeadBucketInput) updateArnableField(v string) (interface{}, error) { type HeadBucketOutput struct { _ struct{} `type:"structure"` + + // Indicates whether the bucket name used in the request is an access point + // alias. + // + // This functionality is not supported for directory buckets. + AccessPointAlias *bool `location:"header" locationName:"x-amz-access-point-alias" type:"boolean"` + + // The name of the location where the bucket will be created. + // + // For directory buckets, the AZ ID of the Availability Zone where the bucket + // is created. An example AZ ID value is usw2-az1. + // + // This functionality is only supported by directory buckets. + BucketLocationName *string `location:"header" locationName:"x-amz-bucket-location-name" type:"string"` + + // The type of location where the bucket is created. + // + // This functionality is only supported by directory buckets. + BucketLocationType *string `location:"header" locationName:"x-amz-bucket-location-type" type:"string" enum:"LocationType"` + + // The Region that the bucket is located. + // + // This functionality is not supported for directory buckets. + BucketRegion *string `location:"header" locationName:"x-amz-bucket-region" type:"string"` } // String returns the string representation. @@ -23926,24 +26307,62 @@ func (s HeadBucketOutput) GoString() string { return s.String() } +// SetAccessPointAlias sets the AccessPointAlias field's value. +func (s *HeadBucketOutput) SetAccessPointAlias(v bool) *HeadBucketOutput { + s.AccessPointAlias = &v + return s +} + +// SetBucketLocationName sets the BucketLocationName field's value. +func (s *HeadBucketOutput) SetBucketLocationName(v string) *HeadBucketOutput { + s.BucketLocationName = &v + return s +} + +// SetBucketLocationType sets the BucketLocationType field's value. +func (s *HeadBucketOutput) SetBucketLocationType(v string) *HeadBucketOutput { + s.BucketLocationType = &v + return s +} + +// SetBucketRegion sets the BucketRegion field's value. +func (s *HeadBucketOutput) SetBucketRegion(v string) *HeadBucketOutput { + s.BucketRegion = &v + return s +} + type HeadObjectInput struct { _ struct{} `locationName:"HeadObjectRequest" type:"structure"` - // The name of the bucket containing the object. + // The name of the bucket that contains the object. // - // When using this action with an access point, you must direct requests to - // the access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. + // Directory buckets - When you use this operation with a directory bucket, + // you must use virtual-hosted-style requests in the format Bucket_name.s3express-az_id.region.amazonaws.com. + // Path-style requests are not supported. Directory bucket names must be unique + // in the chosen Availability Zone. Bucket names must follow the format bucket_base_name--az-id--x-s3 + // (for example, DOC-EXAMPLE-BUCKET--usw2-az1--x-s3). For information about + // bucket naming restrictions, see Directory bucket naming rules (https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-bucket-naming-rules.html) + // in the Amazon S3 User Guide. + // + // Access points - When you use this action with an access point, you must provide + // the alias of the access point in place of the bucket name or specify the + // access point ARN. When using the access point ARN, you must direct requests + // to the access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. // When using this action with an access point through the Amazon Web Services // SDKs, you provide the access point ARN in place of the bucket name. For more // information about access point ARNs, see Using access points (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html) // in the Amazon S3 User Guide. // - // When using this action with Amazon S3 on Outposts, you must direct requests - // to the S3 on Outposts hostname. The S3 on Outposts hostname takes the form - // AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com. When - // using this action with S3 on Outposts through the Amazon Web Services SDKs, - // you provide the Outposts bucket ARN in place of the bucket name. For more - // information about S3 on Outposts ARNs, see Using Amazon S3 on Outposts (https://docs.aws.amazon.com/AmazonS3/latest/userguide/S3onOutposts.html) + // Access points and Object Lambda access points are not supported by directory + // buckets. + // + // S3 on Outposts - When you use this action with Amazon S3 on Outposts, you + // must direct requests to the S3 on Outposts hostname. The S3 on Outposts hostname + // takes the form AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com. + // When you use this action with S3 on Outposts through the Amazon Web Services + // SDKs, you provide the Outposts access point ARN in place of the bucket name. + // For more information about S3 on Outposts ARNs, see What is S3 on Outposts? + // (https://docs.aws.amazon.com/AmazonS3/latest/userguide/S3onOutposts.html) // in the Amazon S3 User Guide. // // Bucket is a required field @@ -23956,25 +26375,69 @@ type HeadObjectInput struct { // must have permission to use the kms:Decrypt action for the request to succeed. ChecksumMode *string `location:"header" locationName:"x-amz-checksum-mode" type:"string" enum:"ChecksumMode"` - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` // Return the object only if its entity tag (ETag) is the same as the one specified; // otherwise, return a 412 (precondition failed) error. + // + // If both of the If-Match and If-Unmodified-Since headers are present in the + // request as follows: + // + // * If-Match condition evaluates to true, and; + // + // * If-Unmodified-Since condition evaluates to false; + // + // Then Amazon S3 returns 200 OK and the data requested. + // + // For more information about conditional requests, see RFC 7232 (https://tools.ietf.org/html/rfc7232). IfMatch *string `location:"header" locationName:"If-Match" type:"string"` // Return the object only if it has been modified since the specified time; // otherwise, return a 304 (not modified) error. + // + // If both of the If-None-Match and If-Modified-Since headers are present in + // the request as follows: + // + // * If-None-Match condition evaluates to false, and; + // + // * If-Modified-Since condition evaluates to true; + // + // Then Amazon S3 returns the 304 Not Modified response code. + // + // For more information about conditional requests, see RFC 7232 (https://tools.ietf.org/html/rfc7232). IfModifiedSince *time.Time `location:"header" locationName:"If-Modified-Since" type:"timestamp"` // Return the object only if its entity tag (ETag) is different from the one // specified; otherwise, return a 304 (not modified) error. + // + // If both of the If-None-Match and If-Modified-Since headers are present in + // the request as follows: + // + // * If-None-Match condition evaluates to false, and; + // + // * If-Modified-Since condition evaluates to true; + // + // Then Amazon S3 returns the 304 Not Modified response code. + // + // For more information about conditional requests, see RFC 7232 (https://tools.ietf.org/html/rfc7232). IfNoneMatch *string `location:"header" locationName:"If-None-Match" type:"string"` // Return the object only if it has not been modified since the specified time; // otherwise, return a 412 (precondition failed) error. + // + // If both of the If-Match and If-Unmodified-Since headers are present in the + // request as follows: + // + // * If-Match condition evaluates to true, and; + // + // * If-Unmodified-Since condition evaluates to false; + // + // Then Amazon S3 returns 200 OK and the data requested. + // + // For more information about conditional requests, see RFC 7232 (https://tools.ietf.org/html/rfc7232). IfUnmodifiedSince *time.Time `location:"header" locationName:"If-Unmodified-Since" type:"timestamp"` // The object key. @@ -23988,19 +26451,25 @@ type HeadObjectInput struct { // object. PartNumber *int64 `location:"querystring" locationName:"partNumber" type:"integer"` - // Because HeadObject returns only the metadata for an object, this parameter - // has no effect. + // HeadObject returns only the metadata for an object. If the Range is satisfiable, + // only the ContentLength is affected in the response. If the Range is not satisfiable, + // S3 returns a 416 - Requested Range Not Satisfiable error. Range *string `location:"header" locationName:"Range" type:"string"` // Confirms that the requester knows that they will be charged for the request. - // Bucket owners need not specify this parameter in their requests. For information - // about downloading objects from Requester Pays buckets, see Downloading Objects + // Bucket owners need not specify this parameter in their requests. If either + // the source or destination S3 bucket has Requester Pays enabled, the requester + // will pay for corresponding charges to copy the object. For information about + // downloading objects from Requester Pays buckets, see Downloading Objects // in Requester Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) // in the Amazon S3 User Guide. + // + // This functionality is not supported for directory buckets. RequestPayer *string `location:"header" locationName:"x-amz-request-payer" type:"string" enum:"RequestPayer"` - // Specifies the algorithm to use to when encrypting the object (for example, - // AES256). + // Specifies the algorithm to use when encrypting the object (for example, AES256). + // + // This functionality is not supported for directory buckets. SSECustomerAlgorithm *string `location:"header" locationName:"x-amz-server-side-encryption-customer-algorithm" type:"string"` // Specifies the customer-provided encryption key for Amazon S3 to use in encrypting @@ -24009,6 +26478,8 @@ type HeadObjectInput struct { // with the algorithm specified in the x-amz-server-side-encryption-customer-algorithm // header. // + // This functionality is not supported for directory buckets. + // // SSECustomerKey is a sensitive parameter and its value will be // replaced with "sensitive" in string returned by HeadObjectInput's // String and GoString methods. @@ -24017,9 +26488,14 @@ type HeadObjectInput struct { // Specifies the 128-bit MD5 digest of the encryption key according to RFC 1321. // Amazon S3 uses this header for a message integrity check to ensure that the // encryption key was transmitted without error. + // + // This functionality is not supported for directory buckets. SSECustomerKeyMD5 *string `location:"header" locationName:"x-amz-server-side-encryption-customer-key-MD5" type:"string"` - // VersionId used to reference a specific version of the object. + // Version ID used to reference a specific version of the object. + // + // For directory buckets in this API operation, only the null value of the version + // ID is supported. VersionId *string `location:"querystring" locationName:"versionId" type:"string"` } @@ -24201,51 +26677,63 @@ type HeadObjectOutput struct { AcceptRanges *string `location:"header" locationName:"accept-ranges" type:"string"` // The archive state of the head object. + // + // This functionality is not supported for directory buckets. ArchiveStatus *string `location:"header" locationName:"x-amz-archive-status" type:"string" enum:"ArchiveStatus"` // Indicates whether the object uses an S3 Bucket Key for server-side encryption - // with Amazon Web Services KMS (SSE-KMS). + // with Key Management Service (KMS) keys (SSE-KMS). + // + // This functionality is not supported for directory buckets. BucketKeyEnabled *bool `location:"header" locationName:"x-amz-server-side-encryption-bucket-key-enabled" type:"boolean"` // Specifies caching behavior along the request/reply chain. CacheControl *string `location:"header" locationName:"Cache-Control" type:"string"` // The base64-encoded, 32-bit CRC32 checksum of the object. This will only be - // present if it was uploaded with the object. With multipart uploads, this - // may not be a checksum value of the object. For more information about how - // checksums are calculated with multipart uploads, see Checking object integrity - // (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) + // present if it was uploaded with the object. When you use an API operation + // on an object that was uploaded using multipart uploads, this value may not + // be a direct checksum value of the full object. Instead, it's a calculation + // based on the checksum values of each individual part. For more information + // about how checksums are calculated with multipart uploads, see Checking object + // integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) // in the Amazon S3 User Guide. ChecksumCRC32 *string `location:"header" locationName:"x-amz-checksum-crc32" type:"string"` // The base64-encoded, 32-bit CRC32C checksum of the object. This will only - // be present if it was uploaded with the object. With multipart uploads, this - // may not be a checksum value of the object. For more information about how - // checksums are calculated with multipart uploads, see Checking object integrity - // (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) + // be present if it was uploaded with the object. When you use an API operation + // on an object that was uploaded using multipart uploads, this value may not + // be a direct checksum value of the full object. Instead, it's a calculation + // based on the checksum values of each individual part. For more information + // about how checksums are calculated with multipart uploads, see Checking object + // integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) // in the Amazon S3 User Guide. ChecksumCRC32C *string `location:"header" locationName:"x-amz-checksum-crc32c" type:"string"` // The base64-encoded, 160-bit SHA-1 digest of the object. This will only be - // present if it was uploaded with the object. With multipart uploads, this - // may not be a checksum value of the object. For more information about how - // checksums are calculated with multipart uploads, see Checking object integrity - // (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) + // present if it was uploaded with the object. When you use the API operation + // on an object that was uploaded using multipart uploads, this value may not + // be a direct checksum value of the full object. Instead, it's a calculation + // based on the checksum values of each individual part. For more information + // about how checksums are calculated with multipart uploads, see Checking object + // integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) // in the Amazon S3 User Guide. ChecksumSHA1 *string `location:"header" locationName:"x-amz-checksum-sha1" type:"string"` // The base64-encoded, 256-bit SHA-256 digest of the object. This will only - // be present if it was uploaded with the object. With multipart uploads, this - // may not be a checksum value of the object. For more information about how - // checksums are calculated with multipart uploads, see Checking object integrity - // (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) + // be present if it was uploaded with the object. When you use an API operation + // on an object that was uploaded using multipart uploads, this value may not + // be a direct checksum value of the full object. Instead, it's a calculation + // based on the checksum values of each individual part. For more information + // about how checksums are calculated with multipart uploads, see Checking object + // integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) // in the Amazon S3 User Guide. ChecksumSHA256 *string `location:"header" locationName:"x-amz-checksum-sha256" type:"string"` // Specifies presentational information for the object. ContentDisposition *string `location:"header" locationName:"Content-Disposition" type:"string"` - // Specifies what content encodings have been applied to the object and thus + // Indicates what content encodings have been applied to the object and thus // what decoding mechanisms must be applied to obtain the media-type referenced // by the Content-Type header field. ContentEncoding *string `location:"header" locationName:"Content-Encoding" type:"string"` @@ -24261,21 +26749,27 @@ type HeadObjectOutput struct { // Specifies whether the object retrieved was (true) or was not (false) a Delete // Marker. If false, this response header does not appear in the response. + // + // This functionality is not supported for directory buckets. DeleteMarker *bool `location:"header" locationName:"x-amz-delete-marker" type:"boolean"` // An entity tag (ETag) is an opaque identifier assigned by a web server to // a specific version of a resource found at a URL. ETag *string `location:"header" locationName:"ETag" type:"string"` - // If the object expiration is configured (see PUT Bucket lifecycle), the response - // includes this header. It includes the expiry-date and rule-id key-value pairs - // providing object expiration information. The value of the rule-id is URL-encoded. + // If the object expiration is configured (see PutBucketLifecycleConfiguration + // (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketLifecycleConfiguration.html)), + // the response includes this header. It includes the expiry-date and rule-id + // key-value pairs providing object expiration information. The value of the + // rule-id is URL-encoded. + // + // This functionality is not supported for directory buckets. Expiration *string `location:"header" locationName:"x-amz-expiration" type:"string"` // The date and time at which the object is no longer cacheable. Expires *string `location:"header" locationName:"Expires" type:"string"` - // Creation date of the object. + // Date and time when the object was last modified. LastModified *time.Time `location:"header" locationName:"Last-Modified" type:"timestamp"` // A map of metadata to store with the object in S3. @@ -24289,6 +26783,8 @@ type HeadObjectOutput struct { // headers. This can happen if you create metadata using an API like SOAP that // supports more flexible metadata than the REST API. For example, using SOAP, // you can create metadata whose values are not legal HTTP headers. + // + // This functionality is not supported for directory buckets. MissingMeta *int64 `location:"header" locationName:"x-amz-missing-meta" type:"integer"` // Specifies whether a legal hold is in effect for this object. This header @@ -24296,15 +26792,21 @@ type HeadObjectOutput struct { // This header is not returned if the specified version of this object has never // had a legal hold applied. For more information about S3 Object Lock, see // Object Lock (https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock.html). + // + // This functionality is not supported for directory buckets. ObjectLockLegalHoldStatus *string `location:"header" locationName:"x-amz-object-lock-legal-hold" type:"string" enum:"ObjectLockLegalHoldStatus"` // The Object Lock mode, if any, that's in effect for this object. This header // is only returned if the requester has the s3:GetObjectRetention permission. // For more information about S3 Object Lock, see Object Lock (https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock.html). + // + // This functionality is not supported for directory buckets. ObjectLockMode *string `location:"header" locationName:"x-amz-object-lock-mode" type:"string" enum:"ObjectLockMode"` // The date and time when the Object Lock retention period expires. This header // is only returned if the requester has the s3:GetObjectRetention permission. + // + // This functionality is not supported for directory buckets. ObjectLockRetainUntilDate *time.Time `location:"header" locationName:"x-amz-object-lock-retain-until-date" type:"timestamp" timestampFormat:"iso8601"` // The count of parts this object has. This value is only returned if you specify @@ -24343,10 +26845,14 @@ type HeadObjectOutput struct { // header will return FAILED. // // For more information, see Replication (https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html). + // + // This functionality is not supported for directory buckets. ReplicationStatus *string `location:"header" locationName:"x-amz-replication-status" type:"string" enum:"ReplicationStatus"` // If present, indicates that the requester was successfully charged for the // request. + // + // This functionality is not supported for directory buckets. RequestCharged *string `location:"header" locationName:"x-amz-request-charged" type:"string" enum:"RequestCharged"` // If the object is an archived object (an object whose storage class is GLACIER), @@ -24364,45 +26870,61 @@ type HeadObjectOutput struct { // // For more information about archiving objects, see Transitioning Objects: // General Considerations (https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lifecycle-mgmt.html#lifecycle-transition-general-considerations). + // + // This functionality is not supported for directory buckets. Only the S3 Express + // One Zone storage class is supported by directory buckets to store objects. Restore *string `location:"header" locationName:"x-amz-restore" type:"string"` // If server-side encryption with a customer-provided encryption key was requested, - // the response will include this header confirming the encryption algorithm - // used. + // the response will include this header to confirm the encryption algorithm + // that's used. + // + // This functionality is not supported for directory buckets. SSECustomerAlgorithm *string `location:"header" locationName:"x-amz-server-side-encryption-customer-algorithm" type:"string"` // If server-side encryption with a customer-provided encryption key was requested, - // the response will include this header to provide round-trip message integrity + // the response will include this header to provide the round-trip message integrity // verification of the customer-provided encryption key. + // + // This functionality is not supported for directory buckets. SSECustomerKeyMD5 *string `location:"header" locationName:"x-amz-server-side-encryption-customer-key-MD5" type:"string"` - // If present, specifies the ID of the Amazon Web Services Key Management Service - // (Amazon Web Services KMS) symmetric customer managed key that was used for - // the object. + // If present, indicates the ID of the Key Management Service (KMS) symmetric + // encryption customer managed key that was used for the object. + // + // This functionality is not supported for directory buckets. // // SSEKMSKeyId is a sensitive parameter and its value will be // replaced with "sensitive" in string returned by HeadObjectOutput's // String and GoString methods. SSEKMSKeyId *string `location:"header" locationName:"x-amz-server-side-encryption-aws-kms-key-id" type:"string" sensitive:"true"` - // If the object is stored using server-side encryption either with an Amazon - // Web Services KMS key or an Amazon S3-managed encryption key, the response - // includes this header with the value of the server-side encryption algorithm - // used when storing this object in Amazon S3 (for example, AES256, aws:kms). + // The server-side encryption algorithm used when you store this object in Amazon + // S3 (for example, AES256, aws:kms, aws:kms:dsse). + // + // For directory buckets, only server-side encryption with Amazon S3 managed + // keys (SSE-S3) (AES256) is supported. ServerSideEncryption *string `location:"header" locationName:"x-amz-server-side-encryption" type:"string" enum:"ServerSideEncryption"` // Provides storage class information of the object. Amazon S3 returns this // header for all objects except for S3 Standard storage class objects. // // For more information, see Storage Classes (https://docs.aws.amazon.com/AmazonS3/latest/dev/storage-class-intro.html). + // + // Directory buckets - Only the S3 Express One Zone storage class is supported + // by directory buckets to store objects. StorageClass *string `location:"header" locationName:"x-amz-storage-class" type:"string" enum:"StorageClass"` - // Version of the object. + // Version ID of the object. + // + // This functionality is not supported for directory buckets. VersionId *string `location:"header" locationName:"x-amz-version-id" type:"string"` // If the bucket is configured as a website, redirects requests for this object // to another object in the same bucket or to an external URL. Amazon S3 stores // the value of this header in the object metadata. + // + // This functionality is not supported for directory buckets. WebsiteRedirectLocation *string `location:"header" locationName:"x-amz-website-redirect-location" type:"string"` } @@ -24688,10 +27210,16 @@ type Initiator struct { _ struct{} `type:"structure"` // Name of the Principal. + // + // This functionality is not supported for directory buckets. DisplayName *string `type:"string"` // If the principal is an Amazon Web Services account, it provides the Canonical // User ID. If the principal is an IAM User, it provides a user ARN value. + // + // Directory buckets - If the principal is an Amazon Web Services account, it + // provides the Amazon Web Services account ID. If the principal is an IAM User, + // it provides a user ARN value. ID *string `type:"string"` } @@ -25596,7 +28124,8 @@ type LambdaFunctionConfiguration struct { Events []*string `locationName:"Event" type:"list" flattened:"true" required:"true" enum:"Event"` // Specifies object key name filtering rules. For information about key name - // filtering, see Configuring Event Notifications (https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html) + // filtering, see Configuring event notifications using object key name filtering + // (https://docs.aws.amazon.com/AmazonS3/latest/userguide/notification-how-to-filtering.html) // in the Amazon S3 User Guide. Filter *NotificationConfigurationFilter `type:"structure"` @@ -25670,6 +28199,9 @@ func (s *LambdaFunctionConfiguration) SetLambdaFunctionArn(v string) *LambdaFunc } // Container for lifecycle rules. You can add as many as 1000 rules. +// +// For more information see, Managing your storage lifecycle (https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-lifecycle-mgmt.html) +// in the Amazon S3 User Guide. type LifecycleConfiguration struct { _ struct{} `type:"structure"` @@ -25727,11 +28259,14 @@ func (s *LifecycleConfiguration) SetRules(v []*Rule) *LifecycleConfiguration { } // Container for the expiration for the lifecycle of the object. +// +// For more information see, Managing your storage lifecycle (https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-lifecycle-mgmt.html) +// in the Amazon S3 User Guide. type LifecycleExpiration struct { _ struct{} `type:"structure"` - // Indicates at what date the object is to be moved or deleted. Should be in - // GMT ISO 8601 Format. + // Indicates at what date the object is to be moved or deleted. The date value + // must conform to the ISO 8601 format. The time is always midnight UTC. Date *time.Time `type:"timestamp" timestampFormat:"iso8601"` // Indicates the lifetime, in days, of the objects that are subject to the rule. @@ -25782,13 +28317,16 @@ func (s *LifecycleExpiration) SetExpiredObjectDeleteMarker(v bool) *LifecycleExp } // A lifecycle rule for individual objects in an Amazon S3 bucket. +// +// For more information see, Managing your storage lifecycle (https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-lifecycle-mgmt.html) +// in the Amazon S3 User Guide. type LifecycleRule struct { _ struct{} `type:"structure"` // Specifies the days since the initiation of an incomplete multipart upload // that Amazon S3 will wait before permanently removing all parts of the upload. // For more information, see Aborting Incomplete Multipart Uploads Using a Bucket - // Lifecycle Policy (https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuoverview.html#mpu-abort-incomplete-mpu-lifecycle-config) + // Lifecycle Configuration (https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuoverview.html#mpu-abort-incomplete-mpu-lifecycle-config) // in the Amazon S3 User Guide. AbortIncompleteMultipartUpload *AbortIncompleteMultipartUpload `type:"structure"` @@ -26011,7 +28549,9 @@ func (s *LifecycleRuleAndOperator) SetTags(v []*Tag) *LifecycleRuleAndOperator { } // The Filter is used to identify objects that a Lifecycle Rule applies to. -// A Filter must have exactly one of Prefix, Tag, or And specified. +// A Filter can have exactly one of Prefix, Tag, ObjectSizeGreaterThan, ObjectSizeLessThan, +// or And specified. If the Filter element is left empty, the Lifecycle Rule +// applies to all objects in the bucket. type LifecycleRuleFilter struct { _ struct{} `type:"structure"` @@ -26117,9 +28657,9 @@ type ListBucketAnalyticsConfigurationsInput struct { // should begin. ContinuationToken *string `location:"querystring" locationName:"continuation-token" type:"string"` - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` } @@ -26443,9 +28983,9 @@ type ListBucketInventoryConfigurationsInput struct { // that Amazon S3 understands. ContinuationToken *string `location:"querystring" locationName:"continuation-token" type:"string"` - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` } @@ -26612,9 +29152,9 @@ type ListBucketMetricsConfigurationsInput struct { // value that Amazon S3 understands. ContinuationToken *string `location:"querystring" locationName:"continuation-token" type:"string"` - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` } @@ -26830,24 +29370,123 @@ func (s *ListBucketsOutput) SetOwner(v *Owner) *ListBucketsOutput { return s } +type ListDirectoryBucketsInput struct { + _ struct{} `locationName:"ListDirectoryBucketsRequest" type:"structure"` + + // ContinuationToken indicates to Amazon S3 that the list is being continued + // on this bucket with a token. ContinuationToken is obfuscated and is not a + // real key. You can use this ContinuationToken for pagination of the list results. + ContinuationToken *string `location:"querystring" locationName:"continuation-token" type:"string"` + + // Maximum number of buckets to be returned in response. When the number is + // more than the count of buckets that are owned by an Amazon Web Services account, + // return all the buckets in response. + MaxDirectoryBuckets *int64 `location:"querystring" locationName:"max-directory-buckets" type:"integer"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ListDirectoryBucketsInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ListDirectoryBucketsInput) GoString() string { + return s.String() +} + +// SetContinuationToken sets the ContinuationToken field's value. +func (s *ListDirectoryBucketsInput) SetContinuationToken(v string) *ListDirectoryBucketsInput { + s.ContinuationToken = &v + return s +} + +// SetMaxDirectoryBuckets sets the MaxDirectoryBuckets field's value. +func (s *ListDirectoryBucketsInput) SetMaxDirectoryBuckets(v int64) *ListDirectoryBucketsInput { + s.MaxDirectoryBuckets = &v + return s +} + +type ListDirectoryBucketsOutput struct { + _ struct{} `type:"structure"` + + // The list of buckets owned by the requester. + Buckets []*Bucket `locationNameList:"Bucket" type:"list"` + + // If ContinuationToken was sent with the request, it is included in the response. + // You can use the returned ContinuationToken for pagination of the list response. + ContinuationToken *string `type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ListDirectoryBucketsOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ListDirectoryBucketsOutput) GoString() string { + return s.String() +} + +// SetBuckets sets the Buckets field's value. +func (s *ListDirectoryBucketsOutput) SetBuckets(v []*Bucket) *ListDirectoryBucketsOutput { + s.Buckets = v + return s +} + +// SetContinuationToken sets the ContinuationToken field's value. +func (s *ListDirectoryBucketsOutput) SetContinuationToken(v string) *ListDirectoryBucketsOutput { + s.ContinuationToken = &v + return s +} + type ListMultipartUploadsInput struct { _ struct{} `locationName:"ListMultipartUploadsRequest" type:"structure"` // The name of the bucket to which the multipart upload was initiated. // - // When using this action with an access point, you must direct requests to - // the access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. + // Directory buckets - When you use this operation with a directory bucket, + // you must use virtual-hosted-style requests in the format Bucket_name.s3express-az_id.region.amazonaws.com. + // Path-style requests are not supported. Directory bucket names must be unique + // in the chosen Availability Zone. Bucket names must follow the format bucket_base_name--az-id--x-s3 + // (for example, DOC-EXAMPLE-BUCKET--usw2-az1--x-s3). For information about + // bucket naming restrictions, see Directory bucket naming rules (https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-bucket-naming-rules.html) + // in the Amazon S3 User Guide. + // + // Access points - When you use this action with an access point, you must provide + // the alias of the access point in place of the bucket name or specify the + // access point ARN. When using the access point ARN, you must direct requests + // to the access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. // When using this action with an access point through the Amazon Web Services // SDKs, you provide the access point ARN in place of the bucket name. For more // information about access point ARNs, see Using access points (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html) // in the Amazon S3 User Guide. // - // When using this action with Amazon S3 on Outposts, you must direct requests - // to the S3 on Outposts hostname. The S3 on Outposts hostname takes the form - // AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com. When - // using this action with S3 on Outposts through the Amazon Web Services SDKs, - // you provide the Outposts bucket ARN in place of the bucket name. For more - // information about S3 on Outposts ARNs, see Using Amazon S3 on Outposts (https://docs.aws.amazon.com/AmazonS3/latest/userguide/S3onOutposts.html) + // Access points and Object Lambda access points are not supported by directory + // buckets. + // + // S3 on Outposts - When you use this action with Amazon S3 on Outposts, you + // must direct requests to the S3 on Outposts hostname. The S3 on Outposts hostname + // takes the form AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com. + // When you use this action with S3 on Outposts through the Amazon Web Services + // SDKs, you provide the Outposts access point ARN in place of the bucket name. + // For more information about S3 on Outposts ARNs, see What is S3 on Outposts? + // (https://docs.aws.amazon.com/AmazonS3/latest/userguide/S3onOutposts.html) // in the Amazon S3 User Guide. // // Bucket is a required field @@ -26861,30 +29500,40 @@ type ListMultipartUploadsInput struct { // parameter, then the substring starts at the beginning of the key. The keys // that are grouped under CommonPrefixes result element are not returned elsewhere // in the response. + // + // Directory buckets - For directory buckets, / is the only supported delimiter. Delimiter *string `location:"querystring" locationName:"delimiter" type:"string"` // Requests Amazon S3 to encode the object keys in the response and specifies - // the encoding method to use. An object key may contain any Unicode character; - // however, XML 1.0 parser cannot parse some characters, such as characters + // the encoding method to use. An object key can contain any Unicode character; + // however, the XML 1.0 parser cannot parse some characters, such as characters // with an ASCII value from 0 to 10. For characters that are not supported in // XML 1.0, you can add this parameter to request that Amazon S3 encode the // keys in the response. EncodingType *string `location:"querystring" locationName:"encoding-type" type:"string" enum:"EncodingType"` - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` - // Together with upload-id-marker, this parameter specifies the multipart upload - // after which listing should begin. - // - // If upload-id-marker is not specified, only the keys lexicographically greater - // than the specified key-marker will be included in the list. - // - // If upload-id-marker is specified, any multipart uploads for a key equal to - // the key-marker might also be included, provided those multipart uploads have - // upload IDs lexicographically greater than the specified upload-id-marker. + // Specifies the multipart upload after which listing should begin. + // + // * General purpose buckets - For general purpose buckets, key-marker is + // an object key. Together with upload-id-marker, this parameter specifies + // the multipart upload after which listing should begin. If upload-id-marker + // is not specified, only the keys lexicographically greater than the specified + // key-marker will be included in the list. If upload-id-marker is specified, + // any multipart uploads for a key equal to the key-marker might also be + // included, provided those multipart uploads have upload IDs lexicographically + // greater than the specified upload-id-marker. + // + // * Directory buckets - For directory buckets, key-marker is obfuscated + // and isn't a real object key. The upload-id-marker parameter isn't supported + // by directory buckets. To list the additional multipart uploads, you only + // need to set the value of key-marker to the NextKeyMarker value from the + // previous response. In the ListMultipartUploads response, the multipart + // uploads aren't sorted lexicographically based on the object keys. KeyMarker *string `location:"querystring" locationName:"key-marker" type:"string"` // Sets the maximum number of multipart uploads, from 1 to 1,000, to return @@ -26894,15 +29543,31 @@ type ListMultipartUploadsInput struct { // Lists in-progress uploads only for those keys that begin with the specified // prefix. You can use prefixes to separate a bucket into different grouping - // of keys. (You can think of using prefix to make groups in the same way you'd - // use a folder in a file system.) + // of keys. (You can think of using prefix to make groups in the same way that + // you'd use a folder in a file system.) + // + // Directory buckets - For directory buckets, only prefixes that end in a delimiter + // (/) are supported. Prefix *string `location:"querystring" locationName:"prefix" type:"string"` + // Confirms that the requester knows that they will be charged for the request. + // Bucket owners need not specify this parameter in their requests. If either + // the source or destination S3 bucket has Requester Pays enabled, the requester + // will pay for corresponding charges to copy the object. For information about + // downloading objects from Requester Pays buckets, see Downloading Objects + // in Requester Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) + // in the Amazon S3 User Guide. + // + // This functionality is not supported for directory buckets. + RequestPayer *string `location:"header" locationName:"x-amz-request-payer" type:"string" enum:"RequestPayer"` + // Together with key-marker, specifies the multipart upload after which listing // should begin. If key-marker is not specified, the upload-id-marker parameter // is ignored. Otherwise, any multipart uploads for a key equal to the key-marker // might be included in the list only if they have an upload ID lexicographically // greater than the specified upload-id-marker. + // + // This functionality is not supported for directory buckets. UploadIdMarker *string `location:"querystring" locationName:"upload-id-marker" type:"string"` } @@ -26989,6 +29654,12 @@ func (s *ListMultipartUploadsInput) SetPrefix(v string) *ListMultipartUploadsInp return s } +// SetRequestPayer sets the RequestPayer field's value. +func (s *ListMultipartUploadsInput) SetRequestPayer(v string) *ListMultipartUploadsInput { + s.RequestPayer = &v + return s +} + // SetUploadIdMarker sets the UploadIdMarker field's value. func (s *ListMultipartUploadsInput) SetUploadIdMarker(v string) *ListMultipartUploadsInput { s.UploadIdMarker = &v @@ -27032,17 +29703,22 @@ type ListMultipartUploadsOutput struct { // If you specify a delimiter in the request, then the result returns each distinct // key prefix containing the delimiter in a CommonPrefixes element. The distinct // key prefixes are returned in the Prefix child element. + // + // Directory buckets - For directory buckets, only prefixes that end in a delimiter + // (/) are supported. CommonPrefixes []*CommonPrefix `type:"list" flattened:"true"` // Contains the delimiter you specified in the request. If you don't specify // a delimiter in your request, this element is absent from the response. + // + // Directory buckets - For directory buckets, / is the only supported delimiter. Delimiter *string `type:"string"` // Encoding type used by Amazon S3 to encode object keys in the response. // - // If you specify encoding-type request parameter, Amazon S3 includes this element - // in the response, and returns encoded key name values in the following response - // elements: + // If you specify the encoding-type request parameter, Amazon S3 includes this + // element in the response, and returns encoded key name values in the following + // response elements: // // Delimiter, KeyMarker, Prefix, NextKeyMarker, Key. EncodingType *string `type:"string" enum:"EncodingType"` @@ -27066,13 +29742,30 @@ type ListMultipartUploadsOutput struct { // When a list is truncated, this element specifies the value that should be // used for the upload-id-marker request parameter in a subsequent request. + // + // This functionality is not supported for directory buckets. NextUploadIdMarker *string `type:"string"` // When a prefix is provided in the request, this field contains the specified // prefix. The result contains only keys starting with the specified prefix. + // + // Directory buckets - For directory buckets, only prefixes that end in a delimiter + // (/) are supported. Prefix *string `type:"string"` - // Upload ID after which listing began. + // If present, indicates that the requester was successfully charged for the + // request. + // + // This functionality is not supported for directory buckets. + RequestCharged *string `location:"header" locationName:"x-amz-request-charged" type:"string" enum:"RequestCharged"` + + // Together with key-marker, specifies the multipart upload after which listing + // should begin. If key-marker is not specified, the upload-id-marker parameter + // is ignored. Otherwise, any multipart uploads for a key equal to the key-marker + // might be included in the list only if they have an upload ID lexicographically + // greater than the specified upload-id-marker. + // + // This functionality is not supported for directory buckets. UploadIdMarker *string `type:"string"` // Container for elements related to a particular multipart upload. A response @@ -27165,6 +29858,12 @@ func (s *ListMultipartUploadsOutput) SetPrefix(v string) *ListMultipartUploadsOu return s } +// SetRequestCharged sets the RequestCharged field's value. +func (s *ListMultipartUploadsOutput) SetRequestCharged(v string) *ListMultipartUploadsOutput { + s.RequestCharged = &v + return s +} + // SetUploadIdMarker sets the UploadIdMarker field's value. func (s *ListMultipartUploadsOutput) SetUploadIdMarker(v string) *ListMultipartUploadsOutput { s.UploadIdMarker = &v @@ -27193,22 +29892,22 @@ type ListObjectVersionsInput struct { Delimiter *string `location:"querystring" locationName:"delimiter" type:"string"` // Requests Amazon S3 to encode the object keys in the response and specifies - // the encoding method to use. An object key may contain any Unicode character; - // however, XML 1.0 parser cannot parse some characters, such as characters + // the encoding method to use. An object key can contain any Unicode character; + // however, the XML 1.0 parser cannot parse some characters, such as characters // with an ASCII value from 0 to 10. For characters that are not supported in // XML 1.0, you can add this parameter to request that Amazon S3 encode the // keys in the response. EncodingType *string `location:"querystring" locationName:"encoding-type" type:"string" enum:"EncodingType"` - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` // Specifies the key to start with when listing objects in a bucket. KeyMarker *string `location:"querystring" locationName:"key-marker" type:"string"` - // Sets the maximum number of keys returned in the response. By default the + // Sets the maximum number of keys returned in the response. By default, the // action returns up to 1,000 key names. The response might contain fewer keys // but will never contain more. If additional keys satisfy the search criteria, // but were not returned because max-keys was exceeded, the response contains @@ -27216,13 +29915,28 @@ type ListObjectVersionsInput struct { // and version-id-marker. MaxKeys *int64 `location:"querystring" locationName:"max-keys" type:"integer"` + // Specifies the optional fields that you want returned in the response. Fields + // that you do not specify are not returned. + OptionalObjectAttributes []*string `location:"header" locationName:"x-amz-optional-object-attributes" type:"list" enum:"OptionalObjectAttributes"` + // Use this parameter to select only those keys that begin with the specified // prefix. You can use prefixes to separate a bucket into different groupings - // of keys. (You can think of using prefix to make groups in the same way you'd - // use a folder in a file system.) You can use prefix with delimiter to roll - // up numerous objects into a single result under CommonPrefixes. + // of keys. (You can think of using prefix to make groups in the same way that + // you'd use a folder in a file system.) You can use prefix with delimiter to + // roll up numerous objects into a single result under CommonPrefixes. Prefix *string `location:"querystring" locationName:"prefix" type:"string"` + // Confirms that the requester knows that they will be charged for the request. + // Bucket owners need not specify this parameter in their requests. If either + // the source or destination S3 bucket has Requester Pays enabled, the requester + // will pay for corresponding charges to copy the object. For information about + // downloading objects from Requester Pays buckets, see Downloading Objects + // in Requester Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) + // in the Amazon S3 User Guide. + // + // This functionality is not supported for directory buckets. + RequestPayer *string `location:"header" locationName:"x-amz-request-payer" type:"string" enum:"RequestPayer"` + // Specifies the object version you want to start listing from. VersionIdMarker *string `location:"querystring" locationName:"version-id-marker" type:"string"` } @@ -27304,12 +30018,24 @@ func (s *ListObjectVersionsInput) SetMaxKeys(v int64) *ListObjectVersionsInput { return s } +// SetOptionalObjectAttributes sets the OptionalObjectAttributes field's value. +func (s *ListObjectVersionsInput) SetOptionalObjectAttributes(v []*string) *ListObjectVersionsInput { + s.OptionalObjectAttributes = v + return s +} + // SetPrefix sets the Prefix field's value. func (s *ListObjectVersionsInput) SetPrefix(v string) *ListObjectVersionsInput { s.Prefix = &v return s } +// SetRequestPayer sets the RequestPayer field's value. +func (s *ListObjectVersionsInput) SetRequestPayer(v string) *ListObjectVersionsInput { + s.RequestPayer = &v + return s +} + // SetVersionIdMarker sets the VersionIdMarker field's value. func (s *ListObjectVersionsInput) SetVersionIdMarker(v string) *ListObjectVersionsInput { s.VersionIdMarker = &v @@ -27363,16 +30089,16 @@ type ListObjectVersionsOutput struct { // Encoding type used by Amazon S3 to encode object key names in the XML response. // - // If you specify encoding-type request parameter, Amazon S3 includes this element - // in the response, and returns encoded key name values in the following response - // elements: + // If you specify the encoding-type request parameter, Amazon S3 includes this + // element in the response, and returns encoded key name values in the following + // response elements: // // KeyMarker, NextKeyMarker, Prefix, Key, and Delimiter. EncodingType *string `type:"string" enum:"EncodingType"` // A flag that indicates whether Amazon S3 returned all of the results that // satisfied the search criteria. If your results were truncated, you can make - // a follow-up paginated request using the NextKeyMarker and NextVersionIdMarker + // a follow-up paginated request by using the NextKeyMarker and NextVersionIdMarker // response parameters as a starting place in another request to return the // rest of the results. IsTruncated *bool `type:"boolean"` @@ -27400,6 +30126,12 @@ type ListObjectVersionsOutput struct { // Selects objects that start with the value supplied by this parameter. Prefix *string `type:"string"` + // If present, indicates that the requester was successfully charged for the + // request. + // + // This functionality is not supported for directory buckets. + RequestCharged *string `location:"header" locationName:"x-amz-request-charged" type:"string" enum:"RequestCharged"` + // Marks the last version of the key returned in a truncated response. VersionIdMarker *string `type:"string"` @@ -27491,6 +30223,12 @@ func (s *ListObjectVersionsOutput) SetPrefix(v string) *ListObjectVersionsOutput return s } +// SetRequestCharged sets the RequestCharged field's value. +func (s *ListObjectVersionsOutput) SetRequestCharged(v string) *ListObjectVersionsOutput { + s.RequestCharged = &v + return s +} + // SetVersionIdMarker sets the VersionIdMarker field's value. func (s *ListObjectVersionsOutput) SetVersionIdMarker(v string) *ListObjectVersionsOutput { s.VersionIdMarker = &v @@ -27508,49 +30246,67 @@ type ListObjectsInput struct { // The name of the bucket containing the objects. // - // When using this action with an access point, you must direct requests to - // the access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. + // Directory buckets - When you use this operation with a directory bucket, + // you must use virtual-hosted-style requests in the format Bucket_name.s3express-az_id.region.amazonaws.com. + // Path-style requests are not supported. Directory bucket names must be unique + // in the chosen Availability Zone. Bucket names must follow the format bucket_base_name--az-id--x-s3 + // (for example, DOC-EXAMPLE-BUCKET--usw2-az1--x-s3). For information about + // bucket naming restrictions, see Directory bucket naming rules (https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-bucket-naming-rules.html) + // in the Amazon S3 User Guide. + // + // Access points - When you use this action with an access point, you must provide + // the alias of the access point in place of the bucket name or specify the + // access point ARN. When using the access point ARN, you must direct requests + // to the access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. // When using this action with an access point through the Amazon Web Services // SDKs, you provide the access point ARN in place of the bucket name. For more // information about access point ARNs, see Using access points (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html) // in the Amazon S3 User Guide. // - // When using this action with Amazon S3 on Outposts, you must direct requests - // to the S3 on Outposts hostname. The S3 on Outposts hostname takes the form - // AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com. When - // using this action with S3 on Outposts through the Amazon Web Services SDKs, - // you provide the Outposts bucket ARN in place of the bucket name. For more - // information about S3 on Outposts ARNs, see Using Amazon S3 on Outposts (https://docs.aws.amazon.com/AmazonS3/latest/userguide/S3onOutposts.html) + // Access points and Object Lambda access points are not supported by directory + // buckets. + // + // S3 on Outposts - When you use this action with Amazon S3 on Outposts, you + // must direct requests to the S3 on Outposts hostname. The S3 on Outposts hostname + // takes the form AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com. + // When you use this action with S3 on Outposts through the Amazon Web Services + // SDKs, you provide the Outposts access point ARN in place of the bucket name. + // For more information about S3 on Outposts ARNs, see What is S3 on Outposts? + // (https://docs.aws.amazon.com/AmazonS3/latest/userguide/S3onOutposts.html) // in the Amazon S3 User Guide. // // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // A delimiter is a character you use to group keys. + // A delimiter is a character that you use to group keys. Delimiter *string `location:"querystring" locationName:"delimiter" type:"string"` // Requests Amazon S3 to encode the object keys in the response and specifies - // the encoding method to use. An object key may contain any Unicode character; - // however, XML 1.0 parser cannot parse some characters, such as characters + // the encoding method to use. An object key can contain any Unicode character; + // however, the XML 1.0 parser cannot parse some characters, such as characters // with an ASCII value from 0 to 10. For characters that are not supported in // XML 1.0, you can add this parameter to request that Amazon S3 encode the // keys in the response. EncodingType *string `location:"querystring" locationName:"encoding-type" type:"string" enum:"EncodingType"` - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` // Marker is where you want Amazon S3 to start listing from. Amazon S3 starts // listing after this specified key. Marker can be any key in the bucket. Marker *string `location:"querystring" locationName:"marker" type:"string"` - // Sets the maximum number of keys returned in the response. By default the + // Sets the maximum number of keys returned in the response. By default, the // action returns up to 1,000 key names. The response might contain fewer keys // but will never contain more. MaxKeys *int64 `location:"querystring" locationName:"max-keys" type:"integer"` + // Specifies the optional fields that you want returned in the response. Fields + // that you do not specify are not returned. + OptionalObjectAttributes []*string `location:"header" locationName:"x-amz-optional-object-attributes" type:"list" enum:"OptionalObjectAttributes"` + // Limits the response to keys that begin with the specified prefix. Prefix *string `location:"querystring" locationName:"prefix" type:"string"` @@ -27637,6 +30393,12 @@ func (s *ListObjectsInput) SetMaxKeys(v int64) *ListObjectsInput { return s } +// SetOptionalObjectAttributes sets the OptionalObjectAttributes field's value. +func (s *ListObjectsInput) SetOptionalObjectAttributes(v []*string) *ListObjectsInput { + s.OptionalObjectAttributes = v + return s +} + // SetPrefix sets the Prefix field's value. func (s *ListObjectsInput) SetPrefix(v string) *ListObjectsInput { s.Prefix = &v @@ -27690,7 +30452,7 @@ type ListObjectsOutput struct { // CommonPrefixes lists keys that act like subdirectories in the directory specified // by Prefix. // - // For example, if the prefix is notes/ and the delimiter is a slash (/) as + // For example, if the prefix is notes/ and the delimiter is a slash (/), as // in notes/summer/july, the common prefix is notes/summer/. All of the keys // that roll up into a common prefix count as a single return when calculating // the number of returns. @@ -27706,7 +30468,9 @@ type ListObjectsOutput struct { // the MaxKeys value. Delimiter *string `type:"string"` - // Encoding type used by Amazon S3 to encode object keys in the response. + // Encoding type used by Amazon S3 to encode object keys in the response. If + // using url, non-ASCII characters used in an object's key name will be URL + // encoded. For example, the object test_file(3).png will appear as test_file%283%29.png. EncodingType *string `type:"string" enum:"EncodingType"` // A flag that indicates whether Amazon S3 returned all of the results that @@ -27723,17 +30487,26 @@ type ListObjectsOutput struct { // The bucket name. Name *string `type:"string"` - // When response is truncated (the IsTruncated element value in the response - // is true), you can use the key name in this field as marker in the subsequent - // request to get next set of objects. Amazon S3 lists objects in alphabetical - // order Note: This element is returned only if you have delimiter request parameter - // specified. If response does not include the NextMarker and it is truncated, - // you can use the value of the last Key in the response as the marker in the - // subsequent request to get the next set of object keys. + // When the response is truncated (the IsTruncated element value in the response + // is true), you can use the key name in this field as the marker parameter + // in the subsequent request to get the next set of objects. Amazon S3 lists + // objects in alphabetical order. + // + // This element is returned only if you have the delimiter request parameter + // specified. If the response does not include the NextMarker element and it + // is truncated, you can use the value of the last Key element in the response + // as the marker parameter in the subsequent request to get the next set of + // object keys. NextMarker *string `type:"string"` // Keys that begin with the indicated prefix. Prefix *string `type:"string"` + + // If present, indicates that the requester was successfully charged for the + // request. + // + // This functionality is not supported for directory buckets. + RequestCharged *string `location:"header" locationName:"x-amz-request-charged" type:"string" enum:"RequestCharged"` } // String returns the string representation. @@ -27814,65 +30587,110 @@ func (s *ListObjectsOutput) SetPrefix(v string) *ListObjectsOutput { return s } +// SetRequestCharged sets the RequestCharged field's value. +func (s *ListObjectsOutput) SetRequestCharged(v string) *ListObjectsOutput { + s.RequestCharged = &v + return s +} + type ListObjectsV2Input struct { _ struct{} `locationName:"ListObjectsV2Request" type:"structure"` - // Bucket name to list. + // Directory buckets - When you use this operation with a directory bucket, + // you must use virtual-hosted-style requests in the format Bucket_name.s3express-az_id.region.amazonaws.com. + // Path-style requests are not supported. Directory bucket names must be unique + // in the chosen Availability Zone. Bucket names must follow the format bucket_base_name--az-id--x-s3 + // (for example, DOC-EXAMPLE-BUCKET--usw2-az1--x-s3). For information about + // bucket naming restrictions, see Directory bucket naming rules (https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-bucket-naming-rules.html) + // in the Amazon S3 User Guide. // - // When using this action with an access point, you must direct requests to - // the access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. + // Access points - When you use this action with an access point, you must provide + // the alias of the access point in place of the bucket name or specify the + // access point ARN. When using the access point ARN, you must direct requests + // to the access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. // When using this action with an access point through the Amazon Web Services // SDKs, you provide the access point ARN in place of the bucket name. For more // information about access point ARNs, see Using access points (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html) // in the Amazon S3 User Guide. // - // When using this action with Amazon S3 on Outposts, you must direct requests - // to the S3 on Outposts hostname. The S3 on Outposts hostname takes the form - // AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com. When - // using this action with S3 on Outposts through the Amazon Web Services SDKs, - // you provide the Outposts bucket ARN in place of the bucket name. For more - // information about S3 on Outposts ARNs, see Using Amazon S3 on Outposts (https://docs.aws.amazon.com/AmazonS3/latest/userguide/S3onOutposts.html) + // Access points and Object Lambda access points are not supported by directory + // buckets. + // + // S3 on Outposts - When you use this action with Amazon S3 on Outposts, you + // must direct requests to the S3 on Outposts hostname. The S3 on Outposts hostname + // takes the form AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com. + // When you use this action with S3 on Outposts through the Amazon Web Services + // SDKs, you provide the Outposts access point ARN in place of the bucket name. + // For more information about S3 on Outposts ARNs, see What is S3 on Outposts? + // (https://docs.aws.amazon.com/AmazonS3/latest/userguide/S3onOutposts.html) // in the Amazon S3 User Guide. // // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // ContinuationToken indicates Amazon S3 that the list is being continued on - // this bucket with a token. ContinuationToken is obfuscated and is not a real - // key. + // ContinuationToken indicates to Amazon S3 that the list is being continued + // on this bucket with a token. ContinuationToken is obfuscated and is not a + // real key. You can use this ContinuationToken for pagination of the list results. ContinuationToken *string `location:"querystring" locationName:"continuation-token" type:"string"` - // A delimiter is a character you use to group keys. + // A delimiter is a character that you use to group keys. + // + // * Directory buckets - For directory buckets, / is the only supported delimiter. + // + // * Directory buckets - When you query ListObjectsV2 with a delimiter during + // in-progress multipart uploads, the CommonPrefixes response parameter contains + // the prefixes that are associated with the in-progress multipart uploads. + // For more information about multipart uploads, see Multipart Upload Overview + // (https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuoverview.html) in + // the Amazon S3 User Guide. Delimiter *string `location:"querystring" locationName:"delimiter" type:"string"` - // Encoding type used by Amazon S3 to encode object keys in the response. + // Encoding type used by Amazon S3 to encode object keys in the response. If + // using url, non-ASCII characters used in an object's key name will be URL + // encoded. For example, the object test_file(3).png will appear as test_file%283%29.png. EncodingType *string `location:"querystring" locationName:"encoding-type" type:"string" enum:"EncodingType"` - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` - // The owner field is not present in listV2 by default, if you want to return - // owner field with each key in the result then set the fetch owner field to - // true. + // The owner field is not present in ListObjectsV2 by default. If you want to + // return the owner field with each key in the result, then set the FetchOwner + // field to true. + // + // Directory buckets - For directory buckets, the bucket owner is returned as + // the object owner for all objects. FetchOwner *bool `location:"querystring" locationName:"fetch-owner" type:"boolean"` - // Sets the maximum number of keys returned in the response. By default the + // Sets the maximum number of keys returned in the response. By default, the // action returns up to 1,000 key names. The response might contain fewer keys // but will never contain more. MaxKeys *int64 `location:"querystring" locationName:"max-keys" type:"integer"` + // Specifies the optional fields that you want returned in the response. Fields + // that you do not specify are not returned. + // + // This functionality is not supported for directory buckets. + OptionalObjectAttributes []*string `location:"header" locationName:"x-amz-optional-object-attributes" type:"list" enum:"OptionalObjectAttributes"` + // Limits the response to keys that begin with the specified prefix. + // + // Directory buckets - For directory buckets, only prefixes that end in a delimiter + // (/) are supported. Prefix *string `location:"querystring" locationName:"prefix" type:"string"` // Confirms that the requester knows that she or he will be charged for the // list objects request in V2 style. Bucket owners need not specify this parameter // in their requests. + // + // This functionality is not supported for directory buckets. RequestPayer *string `location:"header" locationName:"x-amz-request-payer" type:"string" enum:"RequestPayer"` // StartAfter is where you want Amazon S3 to start listing from. Amazon S3 starts // listing after this specified key. StartAfter can be any key in the bucket. + // + // This functionality is not supported for directory buckets. StartAfter *string `location:"querystring" locationName:"start-after" type:"string"` } @@ -27959,6 +30777,12 @@ func (s *ListObjectsV2Input) SetMaxKeys(v int64) *ListObjectsV2Input { return s } +// SetOptionalObjectAttributes sets the OptionalObjectAttributes field's value. +func (s *ListObjectsV2Input) SetOptionalObjectAttributes(v []*string) *ListObjectsV2Input { + s.OptionalObjectAttributes = v + return s +} + // SetPrefix sets the Prefix field's value. func (s *ListObjectsV2Input) SetPrefix(v string) *ListObjectsV2Input { s.Prefix = &v @@ -28007,8 +30831,9 @@ func (s ListObjectsV2Input) updateArnableField(v string) (interface{}, error) { type ListObjectsV2Output struct { _ struct{} `type:"structure"` - // All of the keys (up to 1,000) rolled up into a common prefix count as a single - // return when calculating the number of returns. + // All of the keys (up to 1,000) that share the same prefix are grouped together. + // When counting the total numbers of returns by this API operation, this group + // of keys is considered as one item. // // A response can contain CommonPrefixes only if you specify a delimiter. // @@ -28022,12 +30847,24 @@ type ListObjectsV2Output struct { // in notes/summer/july, the common prefix is notes/summer/. All of the keys // that roll up into a common prefix count as a single return when calculating // the number of returns. + // + // * Directory buckets - For directory buckets, only prefixes that end in + // a delimiter (/) are supported. + // + // * Directory buckets - When you query ListObjectsV2 with a delimiter during + // in-progress multipart uploads, the CommonPrefixes response parameter contains + // the prefixes that are associated with the in-progress multipart uploads. + // For more information about multipart uploads, see Multipart Upload Overview + // (https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuoverview.html) in + // the Amazon S3 User Guide. CommonPrefixes []*CommonPrefix `type:"list" flattened:"true"` // Metadata about each object returned. Contents []*Object `type:"list" flattened:"true"` // If ContinuationToken was sent with the request, it is included in the response. + // You can use the returned ContinuationToken for pagination of the list response. + // You can use this ContinuationToken for pagination of the list results. ContinuationToken *string `type:"string"` // Causes keys that contain the same string between the prefix and the first @@ -28035,6 +30872,8 @@ type ListObjectsV2Output struct { // in the CommonPrefixes collection. These rolled-up keys are not returned elsewhere // in the response. Each rolled-up result counts as only one return against // the MaxKeys value. + // + // Directory buckets - For directory buckets, / is the only supported delimiter. Delimiter *string `type:"string"` // Encoding type used by Amazon S3 to encode object key names in the XML response. @@ -28052,31 +30891,16 @@ type ListObjectsV2Output struct { IsTruncated *bool `type:"boolean"` // KeyCount is the number of keys returned with this request. KeyCount will - // always be less than or equals to MaxKeys field. Say you ask for 50 keys, - // your result will include less than equals 50 keys + // always be less than or equal to the MaxKeys field. For example, if you ask + // for 50 keys, your result will include 50 keys or fewer. KeyCount *int64 `type:"integer"` - // Sets the maximum number of keys returned in the response. By default the + // Sets the maximum number of keys returned in the response. By default, the // action returns up to 1,000 key names. The response might contain fewer keys // but will never contain more. MaxKeys *int64 `type:"integer"` // The bucket name. - // - // When using this action with an access point, you must direct requests to - // the access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. - // When using this action with an access point through the Amazon Web Services - // SDKs, you provide the access point ARN in place of the bucket name. For more - // information about access point ARNs, see Using access points (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html) - // in the Amazon S3 User Guide. - // - // When using this action with Amazon S3 on Outposts, you must direct requests - // to the S3 on Outposts hostname. The S3 on Outposts hostname takes the form - // AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com. When - // using this action with S3 on Outposts through the Amazon Web Services SDKs, - // you provide the Outposts bucket ARN in place of the bucket name. For more - // information about S3 on Outposts ARNs, see Using Amazon S3 on Outposts (https://docs.aws.amazon.com/AmazonS3/latest/userguide/S3onOutposts.html) - // in the Amazon S3 User Guide. Name *string `type:"string"` // NextContinuationToken is sent when isTruncated is true, which means there @@ -28086,9 +30910,20 @@ type ListObjectsV2Output struct { NextContinuationToken *string `type:"string"` // Keys that begin with the indicated prefix. + // + // Directory buckets - For directory buckets, only prefixes that end in a delimiter + // (/) are supported. Prefix *string `type:"string"` + // If present, indicates that the requester was successfully charged for the + // request. + // + // This functionality is not supported for directory buckets. + RequestCharged *string `location:"header" locationName:"x-amz-request-charged" type:"string" enum:"RequestCharged"` + // If StartAfter was sent with the request, it is included in the response. + // + // This functionality is not supported for directory buckets. StartAfter *string `type:"string"` } @@ -28176,6 +31011,12 @@ func (s *ListObjectsV2Output) SetPrefix(v string) *ListObjectsV2Output { return s } +// SetRequestCharged sets the RequestCharged field's value. +func (s *ListObjectsV2Output) SetRequestCharged(v string) *ListObjectsV2Output { + s.RequestCharged = &v + return s +} + // SetStartAfter sets the StartAfter field's value. func (s *ListObjectsV2Output) SetStartAfter(v string) *ListObjectsV2Output { s.StartAfter = &v @@ -28187,27 +31028,41 @@ type ListPartsInput struct { // The name of the bucket to which the parts are being uploaded. // - // When using this action with an access point, you must direct requests to - // the access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. + // Directory buckets - When you use this operation with a directory bucket, + // you must use virtual-hosted-style requests in the format Bucket_name.s3express-az_id.region.amazonaws.com. + // Path-style requests are not supported. Directory bucket names must be unique + // in the chosen Availability Zone. Bucket names must follow the format bucket_base_name--az-id--x-s3 + // (for example, DOC-EXAMPLE-BUCKET--usw2-az1--x-s3). For information about + // bucket naming restrictions, see Directory bucket naming rules (https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-bucket-naming-rules.html) + // in the Amazon S3 User Guide. + // + // Access points - When you use this action with an access point, you must provide + // the alias of the access point in place of the bucket name or specify the + // access point ARN. When using the access point ARN, you must direct requests + // to the access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. // When using this action with an access point through the Amazon Web Services // SDKs, you provide the access point ARN in place of the bucket name. For more // information about access point ARNs, see Using access points (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html) // in the Amazon S3 User Guide. // - // When using this action with Amazon S3 on Outposts, you must direct requests - // to the S3 on Outposts hostname. The S3 on Outposts hostname takes the form - // AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com. When - // using this action with S3 on Outposts through the Amazon Web Services SDKs, - // you provide the Outposts bucket ARN in place of the bucket name. For more - // information about S3 on Outposts ARNs, see Using Amazon S3 on Outposts (https://docs.aws.amazon.com/AmazonS3/latest/userguide/S3onOutposts.html) + // Access points and Object Lambda access points are not supported by directory + // buckets. + // + // S3 on Outposts - When you use this action with Amazon S3 on Outposts, you + // must direct requests to the S3 on Outposts hostname. The S3 on Outposts hostname + // takes the form AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com. + // When you use this action with S3 on Outposts through the Amazon Web Services + // SDKs, you provide the Outposts access point ARN in place of the bucket name. + // For more information about S3 on Outposts ARNs, see What is S3 on Outposts? + // (https://docs.aws.amazon.com/AmazonS3/latest/userguide/S3onOutposts.html) // in the Amazon S3 User Guide. // // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` // Object key for which the multipart upload was initiated. @@ -28223,16 +31078,22 @@ type ListPartsInput struct { PartNumberMarker *int64 `location:"querystring" locationName:"part-number-marker" type:"integer"` // Confirms that the requester knows that they will be charged for the request. - // Bucket owners need not specify this parameter in their requests. For information - // about downloading objects from Requester Pays buckets, see Downloading Objects + // Bucket owners need not specify this parameter in their requests. If either + // the source or destination S3 bucket has Requester Pays enabled, the requester + // will pay for corresponding charges to copy the object. For information about + // downloading objects from Requester Pays buckets, see Downloading Objects // in Requester Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) // in the Amazon S3 User Guide. + // + // This functionality is not supported for directory buckets. RequestPayer *string `location:"header" locationName:"x-amz-request-payer" type:"string" enum:"RequestPayer"` // The server-side encryption (SSE) algorithm used to encrypt the object. This // parameter is needed only when the object was created using a checksum algorithm. // For more information, see Protecting data using SSE-C keys (https://docs.aws.amazon.com/AmazonS3/latest/dev/ServerSideEncryptionCustomerKeys.html) // in the Amazon S3 User Guide. + // + // This functionality is not supported for directory buckets. SSECustomerAlgorithm *string `location:"header" locationName:"x-amz-server-side-encryption-customer-algorithm" type:"string"` // The server-side encryption (SSE) customer managed key. This parameter is @@ -28240,6 +31101,8 @@ type ListPartsInput struct { // information, see Protecting data using SSE-C keys (https://docs.aws.amazon.com/AmazonS3/latest/dev/ServerSideEncryptionCustomerKeys.html) // in the Amazon S3 User Guide. // + // This functionality is not supported for directory buckets. + // // SSECustomerKey is a sensitive parameter and its value will be // replaced with "sensitive" in string returned by ListPartsInput's // String and GoString methods. @@ -28249,6 +31112,8 @@ type ListPartsInput struct { // is needed only when the object was created using a checksum algorithm. For // more information, see Protecting data using SSE-C keys (https://docs.aws.amazon.com/AmazonS3/latest/dev/ServerSideEncryptionCustomerKeys.html) // in the Amazon S3 User Guide. + // + // This functionality is not supported for directory buckets. SSECustomerKeyMD5 *string `location:"header" locationName:"x-amz-server-side-encryption-customer-key-MD5" type:"string"` // Upload ID identifying the multipart upload whose parts are being listed. @@ -28409,15 +31274,19 @@ type ListPartsOutput struct { // name in the request, then the response includes this header indicating when // the initiated multipart upload will become eligible for abort operation. // For more information, see Aborting Incomplete Multipart Uploads Using a Bucket - // Lifecycle Policy (https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuoverview.html#mpu-abort-incomplete-mpu-lifecycle-config). + // Lifecycle Configuration (https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuoverview.html#mpu-abort-incomplete-mpu-lifecycle-config). // // The response will also include the x-amz-abort-rule-id header that will provide // the ID of the lifecycle configuration rule that defines this action. + // + // This functionality is not supported for directory buckets. AbortDate *time.Time `location:"header" locationName:"x-amz-abort-date" type:"timestamp"` // This header is returned along with the x-amz-abort-date header. It identifies // applicable lifecycle configuration rule that defines the action to abort // incomplete multipart uploads. + // + // This functionality is not supported for directory buckets. AbortRuleId *string `location:"header" locationName:"x-amz-abort-rule-id" type:"string"` // The name of the bucket to which the multipart upload was initiated. Does @@ -28452,11 +31321,13 @@ type ListPartsOutput struct { // Container element that identifies the object owner, after the object is created. // If multipart upload is initiated by an IAM user, this element provides the // parent account ID and display name. + // + // Directory buckets - The bucket owner is returned as the object owner for + // all the parts. Owner *Owner `type:"structure"` - // When a list is truncated, this element specifies the last part in the list, - // as well as the value to use for the part-number-marker request parameter - // in a subsequent request. + // Specifies the part after which listing should begin. Only parts with higher + // part numbers will be listed. PartNumberMarker *int64 `type:"integer"` // Container for elements related to a particular part. A response can contain @@ -28465,10 +31336,14 @@ type ListPartsOutput struct { // If present, indicates that the requester was successfully charged for the // request. + // + // This functionality is not supported for directory buckets. RequestCharged *string `location:"header" locationName:"x-amz-request-charged" type:"string" enum:"RequestCharged"` - // Class of storage (STANDARD or REDUCED_REDUNDANCY) used to store the uploaded - // object. + // The class of storage used to store the uploaded object. + // + // Directory buckets - Only the S3 Express One Zone storage class is supported + // by directory buckets to store objects. StorageClass *string `type:"string" enum:"StorageClass"` // Upload ID identifying the multipart upload whose parts are being listed. @@ -28726,6 +31601,56 @@ func (s *Location) SetUserMetadata(v []*MetadataEntry) *Location { return s } +// Specifies the location where the bucket will be created. +// +// For directory buckets, the location type is Availability Zone. For more information +// about directory buckets, see Directory buckets (https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-buckets-overview.html) +// in the Amazon S3 User Guide. +// +// This functionality is only supported by directory buckets. +type LocationInfo struct { + _ struct{} `type:"structure"` + + // The name of the location where the bucket will be created. + // + // For directory buckets, the name of the location is the AZ ID of the Availability + // Zone where the bucket will be created. An example AZ ID value is usw2-az1. + Name *string `type:"string"` + + // The type of location where the bucket will be created. + Type *string `type:"string" enum:"LocationType"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s LocationInfo) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s LocationInfo) GoString() string { + return s.String() +} + +// SetName sets the Name field's value. +func (s *LocationInfo) SetName(v string) *LocationInfo { + s.Name = &v + return s +} + +// SetType sets the Type field's value. +func (s *LocationInfo) SetType(v string) *LocationInfo { + s.Type = &v + return s +} + // Describes where logs are stored and the prefix that Amazon S3 assigns to // all log object keys for a bucket. For more information, see PUT Bucket logging // (https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTlogging.html) @@ -28751,6 +31676,9 @@ type LoggingEnabled struct { // in the Amazon S3 User Guide. TargetGrants []*TargetGrant `locationNameList:"Grant" type:"list"` + // Amazon S3 key format for log objects. + TargetObjectKeyFormat *TargetObjectKeyFormat `type:"structure"` + // A prefix for all log object keys. If you store log files from multiple Amazon // S3 buckets in a single bucket, you can use a prefix to distinguish which // log files came from which bucket. @@ -28815,6 +31743,12 @@ func (s *LoggingEnabled) SetTargetGrants(v []*TargetGrant) *LoggingEnabled { return s } +// SetTargetObjectKeyFormat sets the TargetObjectKeyFormat field's value. +func (s *LoggingEnabled) SetTargetObjectKeyFormat(v *TargetObjectKeyFormat) *LoggingEnabled { + s.TargetObjectKeyFormat = v + return s +} + // SetTargetPrefix sets the TargetPrefix field's value. func (s *LoggingEnabled) SetTargetPrefix(v string) *LoggingEnabled { s.TargetPrefix = &v @@ -28825,10 +31759,10 @@ func (s *LoggingEnabled) SetTargetPrefix(v string) *LoggingEnabled { type MetadataEntry struct { _ struct{} `type:"structure"` - // Name of the Object. + // Name of the object. Name *string `type:"string"` - // Value of the Object. + // Value of the object. Value *string `type:"string"` } @@ -29006,7 +31940,8 @@ type MetricsConfiguration struct { // prefix, an object tag, an access point ARN, or a conjunction (MetricsAndOperator). Filter *MetricsFilter `type:"structure"` - // The ID used to identify the metrics configuration. + // The ID used to identify the metrics configuration. The ID has a 64 character + // limit and can only contain letters, numbers, periods, dashes, and underscores. // // Id is a required field Id *string `type:"string" required:"true"` @@ -29161,9 +32096,15 @@ type MultipartUpload struct { Key *string `min:"1" type:"string"` // Specifies the owner of the object that is part of the multipart upload. + // + // Directory buckets - The bucket owner is returned as the object owner for + // all the objects. Owner *Owner `type:"structure"` // The class of storage used to store the object. + // + // Directory buckets - Only the S3 Express One Zone storage class is supported + // by directory buckets to store objects. StorageClass *string `type:"string" enum:"StorageClass"` // Upload ID that identifies the multipart upload. @@ -29238,9 +32179,10 @@ func (s *MultipartUpload) SetUploadId(v string) *MultipartUpload { type NoncurrentVersionExpiration struct { _ struct{} `type:"structure"` - // Specifies how many noncurrent versions Amazon S3 will retain. If there are - // this many more recent noncurrent versions, Amazon S3 will take the associated - // action. For more information about noncurrent versions, see Lifecycle configuration + // Specifies how many newer noncurrent versions must exist before Amazon S3 + // can perform the associated action on a given version. If there are this many + // more recent noncurrent versions, Amazon S3 will take the associated action. + // For more information about noncurrent versions, see Lifecycle configuration // elements (https://docs.aws.amazon.com/AmazonS3/latest/userguide/intro-lifecycle-rules.html) // in the Amazon S3 User Guide. NewerNoncurrentVersions *int64 `type:"integer"` @@ -29293,9 +32235,10 @@ func (s *NoncurrentVersionExpiration) SetNoncurrentDays(v int64) *NoncurrentVers type NoncurrentVersionTransition struct { _ struct{} `type:"structure"` - // Specifies how many noncurrent versions Amazon S3 will retain. If there are - // this many more recent noncurrent versions, Amazon S3 will take the associated - // action. For more information about noncurrent versions, see Lifecycle configuration + // Specifies how many newer noncurrent versions must exist before Amazon S3 + // can perform the associated action on a given version. If there are this many + // more recent noncurrent versions, Amazon S3 will take the associated action. + // For more information about noncurrent versions, see Lifecycle configuration // elements (https://docs.aws.amazon.com/AmazonS3/latest/userguide/intro-lifecycle-rules.html) // in the Amazon S3 User Guide. NewerNoncurrentVersions *int64 `type:"integer"` @@ -29504,7 +32447,8 @@ func (s *NotificationConfigurationDeprecated) SetTopicConfiguration(v *TopicConf } // Specifies object key name filtering rules. For information about key name -// filtering, see Configuring Event Notifications (https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html) +// filtering, see Configuring event notifications using object key name filtering +// (https://docs.aws.amazon.com/AmazonS3/latest/userguide/notification-how-to-filtering.html) // in the Amazon S3 User Guide. type NotificationConfigurationFilter struct { _ struct{} `type:"structure"` @@ -29564,6 +32508,8 @@ type Object struct { // encryption. If an object is larger than 16 MB, the Amazon Web Services // Management Console will upload or copy that object as a Multipart Upload, // and therefore the ETag will not be an MD5 digest. + // + // Directory buckets - MD5 is not supported by directory buckets. ETag *string `type:"string"` // The name that you assign to an object. You use the object key to retrieve @@ -29574,12 +32520,27 @@ type Object struct { LastModified *time.Time `type:"timestamp"` // The owner of the object + // + // Directory buckets - The bucket owner is returned as the object owner. Owner *Owner `type:"structure"` + // Specifies the restoration status of an object. Objects in certain storage + // classes must be restored before they can be retrieved. For more information + // about these storage classes and how to work with archived objects, see Working + // with archived objects (https://docs.aws.amazon.com/AmazonS3/latest/userguide/archived-objects.html) + // in the Amazon S3 User Guide. + // + // This functionality is not supported for directory buckets. Only the S3 Express + // One Zone storage class is supported by directory buckets to store objects. + RestoreStatus *RestoreStatus `type:"structure"` + // Size in bytes of the object - Size *int64 `type:"integer"` + Size *int64 `type:"long"` // The class of storage used to store the object. + // + // Directory buckets - Only the S3 Express One Zone storage class is supported + // by directory buckets to store objects. StorageClass *string `type:"string" enum:"ObjectStorageClass"` } @@ -29631,6 +32592,12 @@ func (s *Object) SetOwner(v *Owner) *Object { return s } +// SetRestoreStatus sets the RestoreStatus field's value. +func (s *Object) SetRestoreStatus(v *RestoreStatus) *Object { + s.RestoreStatus = v + return s +} + // SetSize sets the Size field's value. func (s *Object) SetSize(v int64) *Object { s.Size = &v @@ -29656,7 +32623,9 @@ type ObjectIdentifier struct { // Key is a required field Key *string `min:"1" type:"string" required:"true"` - // VersionId for the specific version of the object to delete. + // Version ID for the specific version of the object to delete. + // + // This functionality is not supported for directory buckets. VersionId *string `type:"string"` } @@ -29871,26 +32840,32 @@ type ObjectPart struct { ChecksumCRC32 *string `type:"string"` // The base64-encoded, 32-bit CRC32C checksum of the object. This will only - // be present if it was uploaded with the object. With multipart uploads, this - // may not be a checksum value of the object. For more information about how - // checksums are calculated with multipart uploads, see Checking object integrity - // (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) + // be present if it was uploaded with the object. When you use an API operation + // on an object that was uploaded using multipart uploads, this value may not + // be a direct checksum value of the full object. Instead, it's a calculation + // based on the checksum values of each individual part. For more information + // about how checksums are calculated with multipart uploads, see Checking object + // integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) // in the Amazon S3 User Guide. ChecksumCRC32C *string `type:"string"` // The base64-encoded, 160-bit SHA-1 digest of the object. This will only be - // present if it was uploaded with the object. With multipart uploads, this - // may not be a checksum value of the object. For more information about how - // checksums are calculated with multipart uploads, see Checking object integrity - // (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) + // present if it was uploaded with the object. When you use the API operation + // on an object that was uploaded using multipart uploads, this value may not + // be a direct checksum value of the full object. Instead, it's a calculation + // based on the checksum values of each individual part. For more information + // about how checksums are calculated with multipart uploads, see Checking object + // integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) // in the Amazon S3 User Guide. ChecksumSHA1 *string `type:"string"` // The base64-encoded, 256-bit SHA-256 digest of the object. This will only - // be present if it was uploaded with the object. With multipart uploads, this - // may not be a checksum value of the object. For more information about how - // checksums are calculated with multipart uploads, see Checking object integrity - // (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) + // be present if it was uploaded with the object. When you use an API operation + // on an object that was uploaded using multipart uploads, this value may not + // be a direct checksum value of the full object. Instead, it's a calculation + // based on the checksum values of each individual part. For more information + // about how checksums are calculated with multipart uploads, see Checking object + // integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) // in the Amazon S3 User Guide. ChecksumSHA256 *string `type:"string"` @@ -29899,7 +32874,7 @@ type ObjectPart struct { PartNumber *int64 `type:"integer"` // The size of the uploaded part in bytes. - Size *int64 `type:"integer"` + Size *int64 `type:"long"` } // String returns the string representation. @@ -29973,14 +32948,21 @@ type ObjectVersion struct { // The object key. Key *string `min:"1" type:"string"` - // Date and time the object was last modified. + // Date and time when the object was last modified. LastModified *time.Time `type:"timestamp"` // Specifies the owner of the object. Owner *Owner `type:"structure"` + // Specifies the restoration status of an object. Objects in certain storage + // classes must be restored before they can be retrieved. For more information + // about these storage classes and how to work with archived objects, see Working + // with archived objects (https://docs.aws.amazon.com/AmazonS3/latest/userguide/archived-objects.html) + // in the Amazon S3 User Guide. + RestoreStatus *RestoreStatus `type:"structure"` + // Size in bytes of the object. - Size *int64 `type:"integer"` + Size *int64 `type:"long"` // The class of storage used to store the object. StorageClass *string `type:"string" enum:"ObjectVersionStorageClass"` @@ -30043,6 +33025,12 @@ func (s *ObjectVersion) SetOwner(v *Owner) *ObjectVersion { return s } +// SetRestoreStatus sets the RestoreStatus field's value. +func (s *ObjectVersion) SetRestoreStatus(v *RestoreStatus) *ObjectVersion { + s.RestoreStatus = v + return s +} + // SetSize sets the Size field's value. func (s *ObjectVersion) SetSize(v int64) *ObjectVersion { s.Size = &v @@ -30153,7 +33141,26 @@ func (s *OutputSerialization) SetJSON(v *JSONOutput) *OutputSerialization { type Owner struct { _ struct{} `type:"structure"` - // Container for the display name of the owner. + // Container for the display name of the owner. This value is only supported + // in the following Amazon Web Services Regions: + // + // * US East (N. Virginia) + // + // * US West (N. California) + // + // * US West (Oregon) + // + // * Asia Pacific (Singapore) + // + // * Asia Pacific (Sydney) + // + // * Asia Pacific (Tokyo) + // + // * Europe (Ireland) + // + // * South America (São Paulo) + // + // This functionality is not supported for directory buckets. DisplayName *string `type:"string"` // Container for the ID of the owner. @@ -30263,8 +33270,19 @@ type OwnershipControlsRule struct { // BucketOwnerEnforced - Access control lists (ACLs) are disabled and no longer // affect permissions. The bucket owner automatically owns and has full control // over every object in the bucket. The bucket only accepts PUT requests that - // don't specify an ACL or bucket owner full control ACLs, such as the bucket-owner-full-control - // canned ACL or an equivalent form of this ACL expressed in the XML format. + // don't specify an ACL or specify bucket owner full control ACLs (such as the + // predefined bucket-owner-full-control canned ACL or a custom ACL in XML format + // that grants the same permissions). + // + // By default, ObjectOwnership is set to BucketOwnerEnforced and ACLs are disabled. + // We recommend keeping ACLs disabled, except in uncommon use cases where you + // must control access for each object individually. For more information about + // S3 Object Ownership, see Controlling ownership of objects and disabling ACLs + // for your bucket (https://docs.aws.amazon.com/AmazonS3/latest/userguide/about-object-ownership.html) + // in the Amazon S3 User Guide. + // + // This functionality is not supported for directory buckets. Directory buckets + // use the bucket owner enforced setting for S3 Object Ownership. // // ObjectOwnership is a required field ObjectOwnership *string `type:"string" required:"true" enum:"ObjectOwnership"` @@ -30342,18 +33360,22 @@ type Part struct { ChecksumCRC32 *string `type:"string"` // The base64-encoded, 32-bit CRC32C checksum of the object. This will only - // be present if it was uploaded with the object. With multipart uploads, this - // may not be a checksum value of the object. For more information about how - // checksums are calculated with multipart uploads, see Checking object integrity - // (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) + // be present if it was uploaded with the object. When you use an API operation + // on an object that was uploaded using multipart uploads, this value may not + // be a direct checksum value of the full object. Instead, it's a calculation + // based on the checksum values of each individual part. For more information + // about how checksums are calculated with multipart uploads, see Checking object + // integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) // in the Amazon S3 User Guide. ChecksumCRC32C *string `type:"string"` // The base64-encoded, 160-bit SHA-1 digest of the object. This will only be - // present if it was uploaded with the object. With multipart uploads, this - // may not be a checksum value of the object. For more information about how - // checksums are calculated with multipart uploads, see Checking object integrity - // (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) + // present if it was uploaded with the object. When you use the API operation + // on an object that was uploaded using multipart uploads, this value may not + // be a direct checksum value of the full object. Instead, it's a calculation + // based on the checksum values of each individual part. For more information + // about how checksums are calculated with multipart uploads, see Checking object + // integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) // in the Amazon S3 User Guide. ChecksumSHA1 *string `type:"string"` @@ -30375,7 +33397,7 @@ type Part struct { PartNumber *int64 `type:"integer"` // Size in bytes of the uploaded part data. - Size *int64 `type:"integer"` + Size *int64 `type:"long"` } // String returns the string representation. @@ -30444,6 +33466,44 @@ func (s *Part) SetSize(v int64) *Part { return s } +// Amazon S3 keys for log objects are partitioned in the following format: +// +// [DestinationPrefix][SourceAccountId]/[SourceRegion]/[SourceBucket]/[YYYY]/[MM]/[DD]/[YYYY]-[MM]-[DD]-[hh]-[mm]-[ss]-[UniqueString] +// +// PartitionedPrefix defaults to EventTime delivery when server access logs +// are delivered. +type PartitionedPrefix struct { + _ struct{} `locationName:"PartitionedPrefix" type:"structure"` + + // Specifies the partition date source for the partitioned prefix. PartitionDateSource + // can be EventTime or DeliveryTime. + PartitionDateSource *string `type:"string" enum:"PartitionDateSource"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s PartitionedPrefix) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s PartitionedPrefix) GoString() string { + return s.String() +} + +// SetPartitionDateSource sets the PartitionDateSource field's value. +func (s *PartitionedPrefix) SetPartitionDateSource(v string) *PartitionedPrefix { + s.PartitionDateSource = &v + return s +} + // The container element for a bucket's policy status. type PolicyStatus struct { _ struct{} `type:"structure"` @@ -30691,12 +33751,12 @@ type PutBucketAccelerateConfigurationInput struct { // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // Indicates the algorithm used to create the checksum for the object when using - // the SDK. This header will not provide any additional functionality if not - // using the SDK. When sending this header, there must be a corresponding x-amz-checksum - // or x-amz-trailer header sent. Otherwise, Amazon S3 fails the request with - // the HTTP status code 400 Bad Request. For more information, see Checking - // object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) + // Indicates the algorithm used to create the checksum for the object when you + // use the SDK. This header will not provide any additional functionality if + // you don't use the SDK. When you send this header, there must be a corresponding + // x-amz-checksum or x-amz-trailer header sent. Otherwise, Amazon S3 fails the + // request with the HTTP status code 400 Bad Request. For more information, + // see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) // in the Amazon S3 User Guide. // // If you provide an individual checksum, Amazon S3 ignores any provided ChecksumAlgorithm @@ -30708,9 +33768,9 @@ type PutBucketAccelerateConfigurationInput struct { // must be populated with the algorithm's checksum of the request payload. ChecksumAlgorithm *string `location:"header" locationName:"x-amz-sdk-checksum-algorithm" type:"string" enum:"ChecksumAlgorithm"` - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` } @@ -30845,12 +33905,12 @@ type PutBucketAclInput struct { // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // Indicates the algorithm used to create the checksum for the object when using - // the SDK. This header will not provide any additional functionality if not - // using the SDK. When sending this header, there must be a corresponding x-amz-checksum - // or x-amz-trailer header sent. Otherwise, Amazon S3 fails the request with - // the HTTP status code 400 Bad Request. For more information, see Checking - // object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) + // Indicates the algorithm used to create the checksum for the object when you + // use the SDK. This header will not provide any additional functionality if + // you don't use the SDK. When you send this header, there must be a corresponding + // x-amz-checksum or x-amz-trailer header sent. Otherwise, Amazon S3 fails the + // request with the HTTP status code 400 Bad Request. For more information, + // see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) // in the Amazon S3 User Guide. // // If you provide an individual checksum, Amazon S3 ignores any provided ChecksumAlgorithm @@ -30866,9 +33926,9 @@ type PutBucketAclInput struct { // to be used. ChecksumAlgorithm *string `location:"header" locationName:"x-amz-sdk-checksum-algorithm" type:"string" enum:"ChecksumAlgorithm"` - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` // Allows grantee the read, write, read ACP, and write ACP permissions on the @@ -31059,9 +34119,9 @@ type PutBucketAnalyticsConfigurationInput struct { // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` // The ID that identifies the analytics configuration. @@ -31211,12 +34271,12 @@ type PutBucketCorsInput struct { // CORSConfiguration is a required field CORSConfiguration *CORSConfiguration `locationName:"CORSConfiguration" type:"structure" required:"true" xmlURI:"http://s3.amazonaws.com/doc/2006-03-01/"` - // Indicates the algorithm used to create the checksum for the object when using - // the SDK. This header will not provide any additional functionality if not - // using the SDK. When sending this header, there must be a corresponding x-amz-checksum - // or x-amz-trailer header sent. Otherwise, Amazon S3 fails the request with - // the HTTP status code 400 Bad Request. For more information, see Checking - // object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) + // Indicates the algorithm used to create the checksum for the object when you + // use the SDK. This header will not provide any additional functionality if + // you don't use the SDK. When you send this header, there must be a corresponding + // x-amz-checksum or x-amz-trailer header sent. Otherwise, Amazon S3 fails the + // request with the HTTP status code 400 Bad Request. For more information, + // see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) // in the Amazon S3 User Guide. // // If you provide an individual checksum, Amazon S3 ignores any provided ChecksumAlgorithm @@ -31232,9 +34292,9 @@ type PutBucketCorsInput struct { // to be used. ChecksumAlgorithm *string `location:"header" locationName:"x-amz-sdk-checksum-algorithm" type:"string" enum:"ChecksumAlgorithm"` - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` } @@ -31364,20 +34424,23 @@ type PutBucketEncryptionInput struct { _ struct{} `locationName:"PutBucketEncryptionRequest" type:"structure" payload:"ServerSideEncryptionConfiguration"` // Specifies default encryption for a bucket using server-side encryption with - // Amazon S3-managed keys (SSE-S3) or customer managed keys (SSE-KMS). For information - // about the Amazon S3 default encryption feature, see Amazon S3 Default Bucket - // Encryption (https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-encryption.html) + // different key options. By default, all buckets have a default encryption + // configuration that uses server-side encryption with Amazon S3 managed keys + // (SSE-S3). You can optionally configure default encryption for a bucket by + // using server-side encryption with an Amazon Web Services KMS key (SSE-KMS) + // or a customer-provided key (SSE-C). For information about the bucket default + // encryption feature, see Amazon S3 Bucket Default Encryption (https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-encryption.html) // in the Amazon S3 User Guide. // // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // Indicates the algorithm used to create the checksum for the object when using - // the SDK. This header will not provide any additional functionality if not - // using the SDK. When sending this header, there must be a corresponding x-amz-checksum - // or x-amz-trailer header sent. Otherwise, Amazon S3 fails the request with - // the HTTP status code 400 Bad Request. For more information, see Checking - // object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) + // Indicates the algorithm used to create the checksum for the object when you + // use the SDK. This header will not provide any additional functionality if + // you don't use the SDK. When you send this header, there must be a corresponding + // x-amz-checksum or x-amz-trailer header sent. Otherwise, Amazon S3 fails the + // request with the HTTP status code 400 Bad Request. For more information, + // see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) // in the Amazon S3 User Guide. // // If you provide an individual checksum, Amazon S3 ignores any provided ChecksumAlgorithm @@ -31393,9 +34456,9 @@ type PutBucketEncryptionInput struct { // to be used. ChecksumAlgorithm *string `location:"header" locationName:"x-amz-sdk-checksum-algorithm" type:"string" enum:"ChecksumAlgorithm"` - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` // Specifies the default server-side-encryption configuration. @@ -31673,9 +34736,9 @@ type PutBucketInventoryConfigurationInput struct { // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` // The ID used to identify the inventory configuration. @@ -31822,12 +34885,12 @@ type PutBucketLifecycleConfigurationInput struct { // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // Indicates the algorithm used to create the checksum for the object when using - // the SDK. This header will not provide any additional functionality if not - // using the SDK. When sending this header, there must be a corresponding x-amz-checksum - // or x-amz-trailer header sent. Otherwise, Amazon S3 fails the request with - // the HTTP status code 400 Bad Request. For more information, see Checking - // object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) + // Indicates the algorithm used to create the checksum for the object when you + // use the SDK. This header will not provide any additional functionality if + // you don't use the SDK. When you send this header, there must be a corresponding + // x-amz-checksum or x-amz-trailer header sent. Otherwise, Amazon S3 fails the + // request with the HTTP status code 400 Bad Request. For more information, + // see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) // in the Amazon S3 User Guide. // // If you provide an individual checksum, Amazon S3 ignores any provided ChecksumAlgorithm @@ -31843,9 +34906,9 @@ type PutBucketLifecycleConfigurationInput struct { // to be used. ChecksumAlgorithm *string `location:"header" locationName:"x-amz-sdk-checksum-algorithm" type:"string" enum:"ChecksumAlgorithm"` - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` // Container for lifecycle rules. You can add as many as 1,000 rules. @@ -31977,12 +35040,12 @@ type PutBucketLifecycleInput struct { // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // Indicates the algorithm used to create the checksum for the object when using - // the SDK. This header will not provide any additional functionality if not - // using the SDK. When sending this header, there must be a corresponding x-amz-checksum - // or x-amz-trailer header sent. Otherwise, Amazon S3 fails the request with - // the HTTP status code 400 Bad Request. For more information, see Checking - // object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) + // Indicates the algorithm used to create the checksum for the object when you + // use the SDK. This header will not provide any additional functionality if + // you don't use the SDK. When you send this header, there must be a corresponding + // x-amz-checksum or x-amz-trailer header sent. Otherwise, Amazon S3 fails the + // request with the HTTP status code 400 Bad Request. For more information, + // see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) // in the Amazon S3 User Guide. // // If you provide an individual checksum, Amazon S3 ignores any provided ChecksumAlgorithm @@ -31998,12 +35061,15 @@ type PutBucketLifecycleInput struct { // to be used. ChecksumAlgorithm *string `location:"header" locationName:"x-amz-sdk-checksum-algorithm" type:"string" enum:"ChecksumAlgorithm"` - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` // Container for lifecycle rules. You can add as many as 1000 rules. + // + // For more information see, Managing your storage lifecycle (https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-lifecycle-mgmt.html) + // in the Amazon S3 User Guide. LifecycleConfiguration *LifecycleConfiguration `locationName:"LifecycleConfiguration" type:"structure" xmlURI:"http://s3.amazonaws.com/doc/2006-03-01/"` } @@ -32139,12 +35205,12 @@ type PutBucketLoggingInput struct { // BucketLoggingStatus is a required field BucketLoggingStatus *BucketLoggingStatus `locationName:"BucketLoggingStatus" type:"structure" required:"true" xmlURI:"http://s3.amazonaws.com/doc/2006-03-01/"` - // Indicates the algorithm used to create the checksum for the object when using - // the SDK. This header will not provide any additional functionality if not - // using the SDK. When sending this header, there must be a corresponding x-amz-checksum - // or x-amz-trailer header sent. Otherwise, Amazon S3 fails the request with - // the HTTP status code 400 Bad Request. For more information, see Checking - // object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) + // Indicates the algorithm used to create the checksum for the object when you + // use the SDK. This header will not provide any additional functionality if + // you don't use the SDK. When you send this header, there must be a corresponding + // x-amz-checksum or x-amz-trailer header sent. Otherwise, Amazon S3 fails the + // request with the HTTP status code 400 Bad Request. For more information, + // see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) // in the Amazon S3 User Guide. // // If you provide an individual checksum, Amazon S3 ignores any provided ChecksumAlgorithm @@ -32160,9 +35226,9 @@ type PutBucketLoggingInput struct { // to be used. ChecksumAlgorithm *string `location:"header" locationName:"x-amz-sdk-checksum-algorithm" type:"string" enum:"ChecksumAlgorithm"` - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` } @@ -32296,12 +35362,13 @@ type PutBucketMetricsConfigurationInput struct { // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` - // The ID used to identify the metrics configuration. + // The ID used to identify the metrics configuration. The ID has a 64 character + // limit and can only contain letters, numbers, periods, dashes, and underscores. // // Id is a required field Id *string `location:"querystring" locationName:"id" type:"string" required:"true"` @@ -32445,9 +35512,9 @@ type PutBucketNotificationConfigurationInput struct { // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` // A container for specifying the notification configuration of the bucket. @@ -32591,12 +35658,12 @@ type PutBucketNotificationInput struct { // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // Indicates the algorithm used to create the checksum for the object when using - // the SDK. This header will not provide any additional functionality if not - // using the SDK. When sending this header, there must be a corresponding x-amz-checksum - // or x-amz-trailer header sent. Otherwise, Amazon S3 fails the request with - // the HTTP status code 400 Bad Request. For more information, see Checking - // object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) + // Indicates the algorithm used to create the checksum for the object when you + // use the SDK. This header will not provide any additional functionality if + // you don't use the SDK. When you send this header, there must be a corresponding + // x-amz-checksum or x-amz-trailer header sent. Otherwise, Amazon S3 fails the + // request with the HTTP status code 400 Bad Request. For more information, + // see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) // in the Amazon S3 User Guide. // // If you provide an individual checksum, Amazon S3 ignores any provided ChecksumAlgorithm @@ -32612,9 +35679,9 @@ type PutBucketNotificationInput struct { // to be used. ChecksumAlgorithm *string `location:"header" locationName:"x-amz-sdk-checksum-algorithm" type:"string" enum:"ChecksumAlgorithm"` - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` // The container for the configuration. @@ -32748,9 +35815,9 @@ type PutBucketOwnershipControlsInput struct { // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` // The OwnershipControls (BucketOwnerEnforced, BucketOwnerPreferred, or ObjectWriter) @@ -32881,19 +35948,45 @@ type PutBucketPolicyInput struct { // The name of the bucket. // + // Directory buckets - When you use this operation with a directory bucket, + // you must use path-style requests in the format https://s3express-control.region_code.amazonaws.com/bucket-name + // . Virtual-hosted-style requests aren't supported. Directory bucket names + // must be unique in the chosen Availability Zone. Bucket names must also follow + // the format bucket_base_name--az_id--x-s3 (for example, DOC-EXAMPLE-BUCKET--usw2-az1--x-s3). + // For information about bucket naming restrictions, see Directory bucket naming + // rules (https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-bucket-naming-rules.html) + // in the Amazon S3 User Guide + // // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // Indicates the algorithm used to create the checksum for the object when using - // the SDK. This header will not provide any additional functionality if not - // using the SDK. When sending this header, there must be a corresponding x-amz-checksum - // or x-amz-trailer header sent. Otherwise, Amazon S3 fails the request with - // the HTTP status code 400 Bad Request. For more information, see Checking - // object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) + // Indicates the algorithm used to create the checksum for the object when you + // use the SDK. This header will not provide any additional functionality if + // you don't use the SDK. When you send this header, there must be a corresponding + // x-amz-checksum-algorithm or x-amz-trailer header sent. Otherwise, Amazon + // S3 fails the request with the HTTP status code 400 Bad Request. + // + // For the x-amz-checksum-algorithm header, replace algorithm with the supported + // algorithm from the following list: + // + // * CRC32 + // + // * CRC32C + // + // * SHA1 + // + // * SHA256 + // + // For more information, see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) // in the Amazon S3 User Guide. // - // If you provide an individual checksum, Amazon S3 ignores any provided ChecksumAlgorithm - // parameter. + // If the individual checksum value you provide through x-amz-checksum-algorithm + // doesn't match the checksum algorithm you set through x-amz-sdk-checksum-algorithm, + // Amazon S3 ignores any provided ChecksumAlgorithm parameter and uses the checksum + // algorithm that matches the provided value in x-amz-checksum-algorithm . + // + // For directory buckets, when you use Amazon Web Services SDKs, CRC32 is the + // default checksum algorithm that's used for performance. // // The AWS SDK for Go v1 does not support automatic computing request payload // checksum. This feature is available in the AWS SDK for Go v2. If a value @@ -32907,15 +36000,24 @@ type PutBucketPolicyInput struct { // Set this parameter to true to confirm that you want to remove your permissions // to change this bucket policy in the future. + // + // This functionality is not supported for directory buckets. ConfirmRemoveSelfBucketAccess *bool `location:"header" locationName:"x-amz-confirm-remove-self-bucket-access" type:"boolean"` - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). + // + // For directory buckets, this header is not supported in this API operation. + // If you specify this header, the request fails with the HTTP status code 501 + // Not Implemented. ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` // The bucket policy as a JSON document. // + // For directory buckets, the only IAM action supported in the bucket policy + // is s3express:CreateSession. + // // Policy is a required field Policy *string `type:"string" required:"true"` } @@ -33051,12 +36153,12 @@ type PutBucketReplicationInput struct { // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // Indicates the algorithm used to create the checksum for the object when using - // the SDK. This header will not provide any additional functionality if not - // using the SDK. When sending this header, there must be a corresponding x-amz-checksum - // or x-amz-trailer header sent. Otherwise, Amazon S3 fails the request with - // the HTTP status code 400 Bad Request. For more information, see Checking - // object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) + // Indicates the algorithm used to create the checksum for the object when you + // use the SDK. This header will not provide any additional functionality if + // you don't use the SDK. When you send this header, there must be a corresponding + // x-amz-checksum or x-amz-trailer header sent. Otherwise, Amazon S3 fails the + // request with the HTTP status code 400 Bad Request. For more information, + // see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) // in the Amazon S3 User Guide. // // If you provide an individual checksum, Amazon S3 ignores any provided ChecksumAlgorithm @@ -33072,9 +36174,9 @@ type PutBucketReplicationInput struct { // to be used. ChecksumAlgorithm *string `location:"header" locationName:"x-amz-sdk-checksum-algorithm" type:"string" enum:"ChecksumAlgorithm"` - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` // A container for replication rules. You can add up to 1,000 rules. The maximum @@ -33223,12 +36325,12 @@ type PutBucketRequestPaymentInput struct { // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // Indicates the algorithm used to create the checksum for the object when using - // the SDK. This header will not provide any additional functionality if not - // using the SDK. When sending this header, there must be a corresponding x-amz-checksum - // or x-amz-trailer header sent. Otherwise, Amazon S3 fails the request with - // the HTTP status code 400 Bad Request. For more information, see Checking - // object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) + // Indicates the algorithm used to create the checksum for the object when you + // use the SDK. This header will not provide any additional functionality if + // you don't use the SDK. When you send this header, there must be a corresponding + // x-amz-checksum or x-amz-trailer header sent. Otherwise, Amazon S3 fails the + // request with the HTTP status code 400 Bad Request. For more information, + // see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) // in the Amazon S3 User Guide. // // If you provide an individual checksum, Amazon S3 ignores any provided ChecksumAlgorithm @@ -33244,9 +36346,9 @@ type PutBucketRequestPaymentInput struct { // to be used. ChecksumAlgorithm *string `location:"header" locationName:"x-amz-sdk-checksum-algorithm" type:"string" enum:"ChecksumAlgorithm"` - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` // Container for Payer. @@ -33385,12 +36487,12 @@ type PutBucketTaggingInput struct { // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // Indicates the algorithm used to create the checksum for the object when using - // the SDK. This header will not provide any additional functionality if not - // using the SDK. When sending this header, there must be a corresponding x-amz-checksum - // or x-amz-trailer header sent. Otherwise, Amazon S3 fails the request with - // the HTTP status code 400 Bad Request. For more information, see Checking - // object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) + // Indicates the algorithm used to create the checksum for the object when you + // use the SDK. This header will not provide any additional functionality if + // you don't use the SDK. When you send this header, there must be a corresponding + // x-amz-checksum or x-amz-trailer header sent. Otherwise, Amazon S3 fails the + // request with the HTTP status code 400 Bad Request. For more information, + // see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) // in the Amazon S3 User Guide. // // If you provide an individual checksum, Amazon S3 ignores any provided ChecksumAlgorithm @@ -33406,9 +36508,9 @@ type PutBucketTaggingInput struct { // to be used. ChecksumAlgorithm *string `location:"header" locationName:"x-amz-sdk-checksum-algorithm" type:"string" enum:"ChecksumAlgorithm"` - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` // Container for the TagSet and Tag elements. @@ -33547,12 +36649,12 @@ type PutBucketVersioningInput struct { // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // Indicates the algorithm used to create the checksum for the object when using - // the SDK. This header will not provide any additional functionality if not - // using the SDK. When sending this header, there must be a corresponding x-amz-checksum - // or x-amz-trailer header sent. Otherwise, Amazon S3 fails the request with - // the HTTP status code 400 Bad Request. For more information, see Checking - // object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) + // Indicates the algorithm used to create the checksum for the object when you + // use the SDK. This header will not provide any additional functionality if + // you don't use the SDK. When you send this header, there must be a corresponding + // x-amz-checksum or x-amz-trailer header sent. Otherwise, Amazon S3 fails the + // request with the HTTP status code 400 Bad Request. For more information, + // see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) // in the Amazon S3 User Guide. // // If you provide an individual checksum, Amazon S3 ignores any provided ChecksumAlgorithm @@ -33568,9 +36670,9 @@ type PutBucketVersioningInput struct { // to be used. ChecksumAlgorithm *string `location:"header" locationName:"x-amz-sdk-checksum-algorithm" type:"string" enum:"ChecksumAlgorithm"` - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` // The concatenation of the authentication device's serial number, a space, @@ -33714,12 +36816,12 @@ type PutBucketWebsiteInput struct { // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // Indicates the algorithm used to create the checksum for the object when using - // the SDK. This header will not provide any additional functionality if not - // using the SDK. When sending this header, there must be a corresponding x-amz-checksum - // or x-amz-trailer header sent. Otherwise, Amazon S3 fails the request with - // the HTTP status code 400 Bad Request. For more information, see Checking - // object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) + // Indicates the algorithm used to create the checksum for the object when you + // use the SDK. This header will not provide any additional functionality if + // you don't use the SDK. When you send this header, there must be a corresponding + // x-amz-checksum or x-amz-trailer header sent. Otherwise, Amazon S3 fails the + // request with the HTTP status code 400 Bad Request. For more information, + // see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) // in the Amazon S3 User Guide. // // If you provide an individual checksum, Amazon S3 ignores any provided ChecksumAlgorithm @@ -33735,9 +36837,9 @@ type PutBucketWebsiteInput struct { // to be used. ChecksumAlgorithm *string `location:"header" locationName:"x-amz-sdk-checksum-algorithm" type:"string" enum:"ChecksumAlgorithm"` - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` // Container for the request. @@ -33881,22 +36983,33 @@ type PutObjectAclInput struct { // The bucket name that contains the object to which you want to attach the // ACL. // - // When using this action with an access point, you must direct requests to - // the access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. + // Access points - When you use this action with an access point, you must provide + // the alias of the access point in place of the bucket name or specify the + // access point ARN. When using the access point ARN, you must direct requests + // to the access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. // When using this action with an access point through the Amazon Web Services // SDKs, you provide the access point ARN in place of the bucket name. For more // information about access point ARNs, see Using access points (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html) // in the Amazon S3 User Guide. // + // S3 on Outposts - When you use this action with Amazon S3 on Outposts, you + // must direct requests to the S3 on Outposts hostname. The S3 on Outposts hostname + // takes the form AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com. + // When you use this action with S3 on Outposts through the Amazon Web Services + // SDKs, you provide the Outposts access point ARN in place of the bucket name. + // For more information about S3 on Outposts ARNs, see What is S3 on Outposts? + // (https://docs.aws.amazon.com/AmazonS3/latest/userguide/S3onOutposts.html) + // in the Amazon S3 User Guide. + // // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // Indicates the algorithm used to create the checksum for the object when using - // the SDK. This header will not provide any additional functionality if not - // using the SDK. When sending this header, there must be a corresponding x-amz-checksum - // or x-amz-trailer header sent. Otherwise, Amazon S3 fails the request with - // the HTTP status code 400 Bad Request. For more information, see Checking - // object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) + // Indicates the algorithm used to create the checksum for the object when you + // use the SDK. This header will not provide any additional functionality if + // you don't use the SDK. When you send this header, there must be a corresponding + // x-amz-checksum or x-amz-trailer header sent. Otherwise, Amazon S3 fails the + // request with the HTTP status code 400 Bad Request. For more information, + // see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) // in the Amazon S3 User Guide. // // If you provide an individual checksum, Amazon S3 ignores any provided ChecksumAlgorithm @@ -33912,25 +37025,25 @@ type PutObjectAclInput struct { // to be used. ChecksumAlgorithm *string `location:"header" locationName:"x-amz-sdk-checksum-algorithm" type:"string" enum:"ChecksumAlgorithm"` - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` // Allows grantee the read, write, read ACP, and write ACP permissions on the // bucket. // - // This action is not supported by Amazon S3 on Outposts. + // This functionality is not supported for Amazon S3 on Outposts. GrantFullControl *string `location:"header" locationName:"x-amz-grant-full-control" type:"string"` // Allows grantee to list the objects in the bucket. // - // This action is not supported by Amazon S3 on Outposts. + // This functionality is not supported for Amazon S3 on Outposts. GrantRead *string `location:"header" locationName:"x-amz-grant-read" type:"string"` // Allows grantee to read the bucket ACL. // - // This action is not supported by Amazon S3 on Outposts. + // This functionality is not supported for Amazon S3 on Outposts. GrantReadACP *string `location:"header" locationName:"x-amz-grant-read-acp" type:"string"` // Allows grantee to create new objects in the bucket. @@ -33941,37 +37054,28 @@ type PutObjectAclInput struct { // Allows grantee to write the ACL for the applicable bucket. // - // This action is not supported by Amazon S3 on Outposts. + // This functionality is not supported for Amazon S3 on Outposts. GrantWriteACP *string `location:"header" locationName:"x-amz-grant-write-acp" type:"string"` // Key for which the PUT action was initiated. // - // When using this action with an access point, you must direct requests to - // the access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. - // When using this action with an access point through the Amazon Web Services - // SDKs, you provide the access point ARN in place of the bucket name. For more - // information about access point ARNs, see Using access points (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html) - // in the Amazon S3 User Guide. - // - // When using this action with Amazon S3 on Outposts, you must direct requests - // to the S3 on Outposts hostname. The S3 on Outposts hostname takes the form - // AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com. When - // using this action with S3 on Outposts through the Amazon Web Services SDKs, - // you provide the Outposts bucket ARN in place of the bucket name. For more - // information about S3 on Outposts ARNs, see Using Amazon S3 on Outposts (https://docs.aws.amazon.com/AmazonS3/latest/userguide/S3onOutposts.html) - // in the Amazon S3 User Guide. - // // Key is a required field Key *string `location:"uri" locationName:"Key" min:"1" type:"string" required:"true"` // Confirms that the requester knows that they will be charged for the request. - // Bucket owners need not specify this parameter in their requests. For information - // about downloading objects from Requester Pays buckets, see Downloading Objects + // Bucket owners need not specify this parameter in their requests. If either + // the source or destination S3 bucket has Requester Pays enabled, the requester + // will pay for corresponding charges to copy the object. For information about + // downloading objects from Requester Pays buckets, see Downloading Objects // in Requester Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) // in the Amazon S3 User Guide. + // + // This functionality is not supported for directory buckets. RequestPayer *string `location:"header" locationName:"x-amz-request-payer" type:"string" enum:"RequestPayer"` - // VersionId used to reference a specific version of the object. + // Version ID used to reference a specific version of the object. + // + // This functionality is not supported for directory buckets. VersionId *string `location:"querystring" locationName:"versionId" type:"string"` } @@ -34137,6 +37241,8 @@ type PutObjectAclOutput struct { // If present, indicates that the requester was successfully charged for the // request. + // + // This functionality is not supported for directory buckets. RequestCharged *string `location:"header" locationName:"x-amz-request-charged" type:"string" enum:"RequestCharged"` } @@ -34168,9 +37274,32 @@ type PutObjectInput struct { _ struct{} `locationName:"PutObjectRequest" type:"structure" payload:"Body"` // The canned ACL to apply to the object. For more information, see Canned ACL - // (https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#CannedACL). + // (https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#CannedACL) + // in the Amazon S3 User Guide. + // + // When adding a new object, you can use headers to grant ACL-based permissions + // to individual Amazon Web Services accounts or to predefined groups defined + // by Amazon S3. These permissions are then added to the ACL on the object. + // By default, all objects are private. Only the owner has full access control. + // For more information, see Access Control List (ACL) Overview (https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html) + // and Managing ACLs Using the REST API (https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-using-rest-api.html) + // in the Amazon S3 User Guide. + // + // If the bucket that you're uploading objects to uses the bucket owner enforced + // setting for S3 Object Ownership, ACLs are disabled and no longer affect permissions. + // Buckets that use this setting only accept PUT requests that don't specify + // an ACL or PUT requests that specify bucket owner full control ACLs, such + // as the bucket-owner-full-control canned ACL or an equivalent form of this + // ACL expressed in the XML format. PUT requests that contain other ACLs (for + // example, custom grants to certain Amazon Web Services accounts) fail and + // return a 400 error with the error code AccessControlListNotSupported. For + // more information, see Controlling ownership of objects and disabling ACLs + // (https://docs.aws.amazon.com/AmazonS3/latest/userguide/about-object-ownership.html) + // in the Amazon S3 User Guide. + // + // * This functionality is not supported for directory buckets. // - // This action is not supported by Amazon S3 on Outposts. + // * This functionality is not supported for Amazon S3 on Outposts. ACL *string `location:"header" locationName:"x-amz-acl" type:"string" enum:"ObjectCannedACL"` // Object data. @@ -34178,31 +37307,47 @@ type PutObjectInput struct { // The bucket name to which the PUT action was initiated. // - // When using this action with an access point, you must direct requests to - // the access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. + // Directory buckets - When you use this operation with a directory bucket, + // you must use virtual-hosted-style requests in the format Bucket_name.s3express-az_id.region.amazonaws.com. + // Path-style requests are not supported. Directory bucket names must be unique + // in the chosen Availability Zone. Bucket names must follow the format bucket_base_name--az-id--x-s3 + // (for example, DOC-EXAMPLE-BUCKET--usw2-az1--x-s3). For information about + // bucket naming restrictions, see Directory bucket naming rules (https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-bucket-naming-rules.html) + // in the Amazon S3 User Guide. + // + // Access points - When you use this action with an access point, you must provide + // the alias of the access point in place of the bucket name or specify the + // access point ARN. When using the access point ARN, you must direct requests + // to the access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. // When using this action with an access point through the Amazon Web Services // SDKs, you provide the access point ARN in place of the bucket name. For more // information about access point ARNs, see Using access points (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html) // in the Amazon S3 User Guide. // - // When using this action with Amazon S3 on Outposts, you must direct requests - // to the S3 on Outposts hostname. The S3 on Outposts hostname takes the form - // AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com. When - // using this action with S3 on Outposts through the Amazon Web Services SDKs, - // you provide the Outposts bucket ARN in place of the bucket name. For more - // information about S3 on Outposts ARNs, see Using Amazon S3 on Outposts (https://docs.aws.amazon.com/AmazonS3/latest/userguide/S3onOutposts.html) + // Access points and Object Lambda access points are not supported by directory + // buckets. + // + // S3 on Outposts - When you use this action with Amazon S3 on Outposts, you + // must direct requests to the S3 on Outposts hostname. The S3 on Outposts hostname + // takes the form AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com. + // When you use this action with S3 on Outposts through the Amazon Web Services + // SDKs, you provide the Outposts access point ARN in place of the bucket name. + // For more information about S3 on Outposts ARNs, see What is S3 on Outposts? + // (https://docs.aws.amazon.com/AmazonS3/latest/userguide/S3onOutposts.html) // in the Amazon S3 User Guide. // // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` // Specifies whether Amazon S3 should use an S3 Bucket Key for object encryption - // with server-side encryption using AWS KMS (SSE-KMS). Setting this header - // to true causes Amazon S3 to use an S3 Bucket Key for object encryption with - // SSE-KMS. + // with server-side encryption using Key Management Service (KMS) keys (SSE-KMS). + // Setting this header to true causes Amazon S3 to use an S3 Bucket Key for + // object encryption with SSE-KMS. // // Specifying this header with a PUT action doesn’t affect bucket-level settings // for S3 Bucket Key. + // + // This functionality is not supported for directory buckets. BucketKeyEnabled *bool `location:"header" locationName:"x-amz-server-side-encryption-bucket-key-enabled" type:"boolean"` // Can be used to specify caching behavior along the request/reply chain. For @@ -34210,16 +37355,33 @@ type PutObjectInput struct { // (http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.9). CacheControl *string `location:"header" locationName:"Cache-Control" type:"string"` - // Indicates the algorithm used to create the checksum for the object when using - // the SDK. This header will not provide any additional functionality if not - // using the SDK. When sending this header, there must be a corresponding x-amz-checksum - // or x-amz-trailer header sent. Otherwise, Amazon S3 fails the request with - // the HTTP status code 400 Bad Request. For more information, see Checking - // object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) + // Indicates the algorithm used to create the checksum for the object when you + // use the SDK. This header will not provide any additional functionality if + // you don't use the SDK. When you send this header, there must be a corresponding + // x-amz-checksum-algorithm or x-amz-trailer header sent. Otherwise, Amazon + // S3 fails the request with the HTTP status code 400 Bad Request. + // + // For the x-amz-checksum-algorithm header, replace algorithm with the supported + // algorithm from the following list: + // + // * CRC32 + // + // * CRC32C + // + // * SHA1 + // + // * SHA256 + // + // For more information, see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) // in the Amazon S3 User Guide. // - // If you provide an individual checksum, Amazon S3 ignores any provided ChecksumAlgorithm - // parameter. + // If the individual checksum value you provide through x-amz-checksum-algorithm + // doesn't match the checksum algorithm you set through x-amz-sdk-checksum-algorithm, + // Amazon S3 ignores any provided ChecksumAlgorithm parameter and uses the checksum + // algorithm that matches the provided value in x-amz-checksum-algorithm . + // + // For directory buckets, when you use Amazon Web Services SDKs, CRC32 is the + // default checksum algorithm that's used for performance. // // The AWS SDK for Go v1 does not support automatic computing request payload // checksum. This feature is available in the AWS SDK for Go v2. If a value @@ -34256,21 +37418,21 @@ type PutObjectInput struct { ChecksumSHA256 *string `location:"header" locationName:"x-amz-checksum-sha256" type:"string"` // Specifies presentational information for the object. For more information, - // see http://www.w3.org/Protocols/rfc2616/rfc2616-sec19.html#sec19.5.1 (http://www.w3.org/Protocols/rfc2616/rfc2616-sec19.html#sec19.5.1). + // see https://www.rfc-editor.org/rfc/rfc6266#section-4 (https://www.rfc-editor.org/rfc/rfc6266#section-4). ContentDisposition *string `location:"header" locationName:"Content-Disposition" type:"string"` // Specifies what content encodings have been applied to the object and thus // what decoding mechanisms must be applied to obtain the media-type referenced - // by the Content-Type header field. For more information, see http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.11 - // (http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.11). + // by the Content-Type header field. For more information, see https://www.rfc-editor.org/rfc/rfc9110.html#field.content-encoding + // (https://www.rfc-editor.org/rfc/rfc9110.html#field.content-encoding). ContentEncoding *string `location:"header" locationName:"Content-Encoding" type:"string"` // The language the content is in. ContentLanguage *string `location:"header" locationName:"Content-Language" type:"string"` // Size of the body in bytes. This parameter is useful when the size of the - // body cannot be determined automatically. For more information, see http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.13 - // (http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.13). + // body cannot be determined automatically. For more information, see https://www.rfc-editor.org/rfc/rfc9110.html#name-content-length + // (https://www.rfc-editor.org/rfc/rfc9110.html#name-content-length). ContentLength *int64 `location:"header" locationName:"Content-Length" type:"long"` // The base64-encoded 128-bit MD5 digest of the message (without the headers) @@ -34279,39 +37441,54 @@ type PutObjectInput struct { // it is optional, we recommend using the Content-MD5 mechanism as an end-to-end // integrity check. For more information about REST request authentication, // see REST Authentication (https://docs.aws.amazon.com/AmazonS3/latest/dev/RESTAuthentication.html). + // + // The Content-MD5 header is required for any request to upload an object with + // a retention period configured using Amazon S3 Object Lock. For more information + // about Amazon S3 Object Lock, see Amazon S3 Object Lock Overview (https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock-overview.html) + // in the Amazon S3 User Guide. + // + // This functionality is not supported for directory buckets. ContentMD5 *string `location:"header" locationName:"Content-MD5" type:"string"` // A standard MIME type describing the format of the contents. For more information, - // see http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.17 (http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.17). + // see https://www.rfc-editor.org/rfc/rfc9110.html#name-content-type (https://www.rfc-editor.org/rfc/rfc9110.html#name-content-type). ContentType *string `location:"header" locationName:"Content-Type" type:"string"` - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` // The date and time at which the object is no longer cacheable. For more information, - // see http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.21 (http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.21). + // see https://www.rfc-editor.org/rfc/rfc7234#section-5.3 (https://www.rfc-editor.org/rfc/rfc7234#section-5.3). Expires *time.Time `location:"header" locationName:"Expires" type:"timestamp"` // Gives the grantee READ, READ_ACP, and WRITE_ACP permissions on the object. // - // This action is not supported by Amazon S3 on Outposts. + // * This functionality is not supported for directory buckets. + // + // * This functionality is not supported for Amazon S3 on Outposts. GrantFullControl *string `location:"header" locationName:"x-amz-grant-full-control" type:"string"` // Allows grantee to read the object data and its metadata. // - // This action is not supported by Amazon S3 on Outposts. + // * This functionality is not supported for directory buckets. + // + // * This functionality is not supported for Amazon S3 on Outposts. GrantRead *string `location:"header" locationName:"x-amz-grant-read" type:"string"` // Allows grantee to read the object ACL. // - // This action is not supported by Amazon S3 on Outposts. + // * This functionality is not supported for directory buckets. + // + // * This functionality is not supported for Amazon S3 on Outposts. GrantReadACP *string `location:"header" locationName:"x-amz-grant-read-acp" type:"string"` // Allows grantee to write the ACL for the applicable object. // - // This action is not supported by Amazon S3 on Outposts. + // * This functionality is not supported for directory buckets. + // + // * This functionality is not supported for Amazon S3 on Outposts. GrantWriteACP *string `location:"header" locationName:"x-amz-grant-write-acp" type:"string"` // Object key for which the PUT action was initiated. @@ -34323,25 +37500,37 @@ type PutObjectInput struct { Metadata map[string]*string `location:"headers" locationName:"x-amz-meta-" type:"map"` // Specifies whether a legal hold will be applied to this object. For more information - // about S3 Object Lock, see Object Lock (https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock.html). + // about S3 Object Lock, see Object Lock (https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock.html) + // in the Amazon S3 User Guide. + // + // This functionality is not supported for directory buckets. ObjectLockLegalHoldStatus *string `location:"header" locationName:"x-amz-object-lock-legal-hold" type:"string" enum:"ObjectLockLegalHoldStatus"` // The Object Lock mode that you want to apply to this object. + // + // This functionality is not supported for directory buckets. ObjectLockMode *string `location:"header" locationName:"x-amz-object-lock-mode" type:"string" enum:"ObjectLockMode"` // The date and time when you want this object's Object Lock to expire. Must // be formatted as a timestamp parameter. + // + // This functionality is not supported for directory buckets. ObjectLockRetainUntilDate *time.Time `location:"header" locationName:"x-amz-object-lock-retain-until-date" type:"timestamp" timestampFormat:"iso8601"` // Confirms that the requester knows that they will be charged for the request. - // Bucket owners need not specify this parameter in their requests. For information - // about downloading objects from Requester Pays buckets, see Downloading Objects + // Bucket owners need not specify this parameter in their requests. If either + // the source or destination S3 bucket has Requester Pays enabled, the requester + // will pay for corresponding charges to copy the object. For information about + // downloading objects from Requester Pays buckets, see Downloading Objects // in Requester Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) // in the Amazon S3 User Guide. + // + // This functionality is not supported for directory buckets. RequestPayer *string `location:"header" locationName:"x-amz-request-payer" type:"string" enum:"RequestPayer"` - // Specifies the algorithm to use to when encrypting the object (for example, - // AES256). + // Specifies the algorithm to use when encrypting the object (for example, AES256). + // + // This functionality is not supported for directory buckets. SSECustomerAlgorithm *string `location:"header" locationName:"x-amz-server-side-encryption-customer-algorithm" type:"string"` // Specifies the customer-provided encryption key for Amazon S3 to use in encrypting @@ -34350,6 +37539,8 @@ type PutObjectInput struct { // with the algorithm specified in the x-amz-server-side-encryption-customer-algorithm // header. // + // This functionality is not supported for directory buckets. + // // SSECustomerKey is a sensitive parameter and its value will be // replaced with "sensitive" in string returned by PutObjectInput's // String and GoString methods. @@ -34358,51 +37549,81 @@ type PutObjectInput struct { // Specifies the 128-bit MD5 digest of the encryption key according to RFC 1321. // Amazon S3 uses this header for a message integrity check to ensure that the // encryption key was transmitted without error. + // + // This functionality is not supported for directory buckets. SSECustomerKeyMD5 *string `location:"header" locationName:"x-amz-server-side-encryption-customer-key-MD5" type:"string"` // Specifies the Amazon Web Services KMS Encryption Context to use for object // encryption. The value of this header is a base64-encoded UTF-8 string holding - // JSON with the encryption context key-value pairs. + // JSON with the encryption context key-value pairs. This value is stored as + // object metadata and automatically gets passed on to Amazon Web Services KMS + // for future GetObject or CopyObject operations on this object. This value + // must be explicitly added during CopyObject operations. + // + // This functionality is not supported for directory buckets. // // SSEKMSEncryptionContext is a sensitive parameter and its value will be // replaced with "sensitive" in string returned by PutObjectInput's // String and GoString methods. SSEKMSEncryptionContext *string `location:"header" locationName:"x-amz-server-side-encryption-context" type:"string" sensitive:"true"` - // If x-amz-server-side-encryption is present and has the value of aws:kms, - // this header specifies the ID of the Amazon Web Services Key Management Service - // (Amazon Web Services KMS) symmetrical customer managed key that was used - // for the object. If you specify x-amz-server-side-encryption:aws:kms, but - // do not providex-amz-server-side-encryption-aws-kms-key-id, Amazon S3 uses - // the Amazon Web Services managed key to protect the data. If the KMS key does - // not exist in the same account issuing the command, you must use the full - // ARN and not just the ID. + // If x-amz-server-side-encryption has a valid value of aws:kms or aws:kms:dsse, + // this header specifies the ID (Key ID, Key ARN, or Key Alias) of the Key Management + // Service (KMS) symmetric encryption customer managed key that was used for + // the object. If you specify x-amz-server-side-encryption:aws:kms or x-amz-server-side-encryption:aws:kms:dsse, + // but do not providex-amz-server-side-encryption-aws-kms-key-id, Amazon S3 + // uses the Amazon Web Services managed key (aws/s3) to protect the data. If + // the KMS key does not exist in the same account that's issuing the command, + // you must use the full ARN and not just the ID. + // + // This functionality is not supported for directory buckets. // // SSEKMSKeyId is a sensitive parameter and its value will be // replaced with "sensitive" in string returned by PutObjectInput's // String and GoString methods. SSEKMSKeyId *string `location:"header" locationName:"x-amz-server-side-encryption-aws-kms-key-id" type:"string" sensitive:"true"` - // The server-side encryption algorithm used when storing this object in Amazon - // S3 (for example, AES256, aws:kms). + // The server-side encryption algorithm that was used when you store this object + // in Amazon S3 (for example, AES256, aws:kms, aws:kms:dsse). + // + // General purpose buckets - You have four mutually exclusive options to protect + // data using server-side encryption in Amazon S3, depending on how you choose + // to manage the encryption keys. Specifically, the encryption key options are + // Amazon S3 managed keys (SSE-S3), Amazon Web Services KMS keys (SSE-KMS or + // DSSE-KMS), and customer-provided keys (SSE-C). Amazon S3 encrypts data with + // server-side encryption by using Amazon S3 managed keys (SSE-S3) by default. + // You can optionally tell Amazon S3 to encrypt data at rest by using server-side + // encryption with other key options. For more information, see Using Server-Side + // Encryption (https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingServerSideEncryption.html) + // in the Amazon S3 User Guide. + // + // Directory buckets - For directory buckets, only the server-side encryption + // with Amazon S3 managed keys (SSE-S3) (AES256) value is supported. ServerSideEncryption *string `location:"header" locationName:"x-amz-server-side-encryption" type:"string" enum:"ServerSideEncryption"` // By default, Amazon S3 uses the STANDARD Storage Class to store newly created // objects. The STANDARD storage class provides high durability and high availability. // Depending on performance needs, you can specify a different Storage Class. - // Amazon S3 on Outposts only uses the OUTPOSTS Storage Class. For more information, - // see Storage Classes (https://docs.aws.amazon.com/AmazonS3/latest/dev/storage-class-intro.html) + // For more information, see Storage Classes (https://docs.aws.amazon.com/AmazonS3/latest/dev/storage-class-intro.html) // in the Amazon S3 User Guide. + // + // * For directory buckets, only the S3 Express One Zone storage class is + // supported to store newly created objects. + // + // * Amazon S3 on Outposts only uses the OUTPOSTS Storage Class. StorageClass *string `location:"header" locationName:"x-amz-storage-class" type:"string" enum:"StorageClass"` // The tag-set for the object. The tag-set must be encoded as URL Query parameters. // (For example, "Key1=Value1") + // + // This functionality is not supported for directory buckets. Tagging *string `location:"header" locationName:"x-amz-tagging" type:"string"` // If the bucket is configured as a website, redirects requests for this object // to another object in the same bucket or to an external URL. Amazon S3 stores // the value of this header in the object metadata. For information about object - // metadata, see Object Key and Metadata (https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingMetadata.html). + // metadata, see Object Key and Metadata (https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingMetadata.html) + // in the Amazon S3 User Guide. // // In the following example, the request header sets the redirect to an object // (anotherPage.html) in the same bucket: @@ -34416,7 +37637,10 @@ type PutObjectInput struct { // // For more information about website hosting in Amazon S3, see Hosting Websites // on Amazon S3 (https://docs.aws.amazon.com/AmazonS3/latest/dev/WebsiteHosting.html) - // and How to Configure Website Page Redirects (https://docs.aws.amazon.com/AmazonS3/latest/dev/how-to-page-redirect.html). + // and How to Configure Website Page Redirects (https://docs.aws.amazon.com/AmazonS3/latest/dev/how-to-page-redirect.html) + // in the Amazon S3 User Guide. + // + // This functionality is not supported for directory buckets. WebsiteRedirectLocation *string `location:"header" locationName:"x-amz-website-redirect-location" type:"string"` } @@ -34729,8 +37953,10 @@ type PutObjectLegalHoldInput struct { // The bucket name containing the object that you want to place a legal hold // on. // - // When using this action with an access point, you must direct requests to - // the access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. + // Access points - When you use this action with an access point, you must provide + // the alias of the access point in place of the bucket name or specify the + // access point ARN. When using the access point ARN, you must direct requests + // to the access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. // When using this action with an access point through the Amazon Web Services // SDKs, you provide the access point ARN in place of the bucket name. For more // information about access point ARNs, see Using access points (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html) @@ -34739,12 +37965,12 @@ type PutObjectLegalHoldInput struct { // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // Indicates the algorithm used to create the checksum for the object when using - // the SDK. This header will not provide any additional functionality if not - // using the SDK. When sending this header, there must be a corresponding x-amz-checksum - // or x-amz-trailer header sent. Otherwise, Amazon S3 fails the request with - // the HTTP status code 400 Bad Request. For more information, see Checking - // object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) + // Indicates the algorithm used to create the checksum for the object when you + // use the SDK. This header will not provide any additional functionality if + // you don't use the SDK. When you send this header, there must be a corresponding + // x-amz-checksum or x-amz-trailer header sent. Otherwise, Amazon S3 fails the + // request with the HTTP status code 400 Bad Request. For more information, + // see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) // in the Amazon S3 User Guide. // // If you provide an individual checksum, Amazon S3 ignores any provided ChecksumAlgorithm @@ -34760,9 +37986,9 @@ type PutObjectLegalHoldInput struct { // to be used. ChecksumAlgorithm *string `location:"header" locationName:"x-amz-sdk-checksum-algorithm" type:"string" enum:"ChecksumAlgorithm"` - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` // The key name for the object that you want to place a legal hold on. @@ -34775,10 +38001,14 @@ type PutObjectLegalHoldInput struct { LegalHold *ObjectLockLegalHold `locationName:"LegalHold" type:"structure" xmlURI:"http://s3.amazonaws.com/doc/2006-03-01/"` // Confirms that the requester knows that they will be charged for the request. - // Bucket owners need not specify this parameter in their requests. For information - // about downloading objects from Requester Pays buckets, see Downloading Objects + // Bucket owners need not specify this parameter in their requests. If either + // the source or destination S3 bucket has Requester Pays enabled, the requester + // will pay for corresponding charges to copy the object. For information about + // downloading objects from Requester Pays buckets, see Downloading Objects // in Requester Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) // in the Amazon S3 User Guide. + // + // This functionality is not supported for directory buckets. RequestPayer *string `location:"header" locationName:"x-amz-request-payer" type:"string" enum:"RequestPayer"` // The version ID of the object that you want to place a legal hold on. @@ -34906,6 +38136,8 @@ type PutObjectLegalHoldOutput struct { // If present, indicates that the requester was successfully charged for the // request. + // + // This functionality is not supported for directory buckets. RequestCharged *string `location:"header" locationName:"x-amz-request-charged" type:"string" enum:"RequestCharged"` } @@ -34941,12 +38173,12 @@ type PutObjectLockConfigurationInput struct { // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // Indicates the algorithm used to create the checksum for the object when using - // the SDK. This header will not provide any additional functionality if not - // using the SDK. When sending this header, there must be a corresponding x-amz-checksum - // or x-amz-trailer header sent. Otherwise, Amazon S3 fails the request with - // the HTTP status code 400 Bad Request. For more information, see Checking - // object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) + // Indicates the algorithm used to create the checksum for the object when you + // use the SDK. This header will not provide any additional functionality if + // you don't use the SDK. When you send this header, there must be a corresponding + // x-amz-checksum or x-amz-trailer header sent. Otherwise, Amazon S3 fails the + // request with the HTTP status code 400 Bad Request. For more information, + // see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) // in the Amazon S3 User Guide. // // If you provide an individual checksum, Amazon S3 ignores any provided ChecksumAlgorithm @@ -34962,19 +38194,23 @@ type PutObjectLockConfigurationInput struct { // to be used. ChecksumAlgorithm *string `location:"header" locationName:"x-amz-sdk-checksum-algorithm" type:"string" enum:"ChecksumAlgorithm"` - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` // The Object Lock configuration that you want to apply to the specified bucket. ObjectLockConfiguration *ObjectLockConfiguration `locationName:"ObjectLockConfiguration" type:"structure" xmlURI:"http://s3.amazonaws.com/doc/2006-03-01/"` // Confirms that the requester knows that they will be charged for the request. - // Bucket owners need not specify this parameter in their requests. For information - // about downloading objects from Requester Pays buckets, see Downloading Objects + // Bucket owners need not specify this parameter in their requests. If either + // the source or destination S3 bucket has Requester Pays enabled, the requester + // will pay for corresponding charges to copy the object. For information about + // downloading objects from Requester Pays buckets, see Downloading Objects // in Requester Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) // in the Amazon S3 User Guide. + // + // This functionality is not supported for directory buckets. RequestPayer *string `location:"header" locationName:"x-amz-request-payer" type:"string" enum:"RequestPayer"` // A token to allow Object Lock to be enabled for an existing bucket. @@ -35090,6 +38326,8 @@ type PutObjectLockConfigurationOutput struct { // If present, indicates that the requester was successfully charged for the // request. + // + // This functionality is not supported for directory buckets. RequestCharged *string `location:"header" locationName:"x-amz-request-charged" type:"string" enum:"RequestCharged"` } @@ -35121,91 +38359,134 @@ type PutObjectOutput struct { _ struct{} `type:"structure"` // Indicates whether the uploaded object uses an S3 Bucket Key for server-side - // encryption with Amazon Web Services KMS (SSE-KMS). + // encryption with Key Management Service (KMS) keys (SSE-KMS). + // + // This functionality is not supported for directory buckets. BucketKeyEnabled *bool `location:"header" locationName:"x-amz-server-side-encryption-bucket-key-enabled" type:"boolean"` // The base64-encoded, 32-bit CRC32 checksum of the object. This will only be - // present if it was uploaded with the object. With multipart uploads, this - // may not be a checksum value of the object. For more information about how - // checksums are calculated with multipart uploads, see Checking object integrity - // (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) + // present if it was uploaded with the object. When you use an API operation + // on an object that was uploaded using multipart uploads, this value may not + // be a direct checksum value of the full object. Instead, it's a calculation + // based on the checksum values of each individual part. For more information + // about how checksums are calculated with multipart uploads, see Checking object + // integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) // in the Amazon S3 User Guide. ChecksumCRC32 *string `location:"header" locationName:"x-amz-checksum-crc32" type:"string"` // The base64-encoded, 32-bit CRC32C checksum of the object. This will only - // be present if it was uploaded with the object. With multipart uploads, this - // may not be a checksum value of the object. For more information about how - // checksums are calculated with multipart uploads, see Checking object integrity - // (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) + // be present if it was uploaded with the object. When you use an API operation + // on an object that was uploaded using multipart uploads, this value may not + // be a direct checksum value of the full object. Instead, it's a calculation + // based on the checksum values of each individual part. For more information + // about how checksums are calculated with multipart uploads, see Checking object + // integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) // in the Amazon S3 User Guide. ChecksumCRC32C *string `location:"header" locationName:"x-amz-checksum-crc32c" type:"string"` // The base64-encoded, 160-bit SHA-1 digest of the object. This will only be - // present if it was uploaded with the object. With multipart uploads, this - // may not be a checksum value of the object. For more information about how - // checksums are calculated with multipart uploads, see Checking object integrity - // (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) + // present if it was uploaded with the object. When you use the API operation + // on an object that was uploaded using multipart uploads, this value may not + // be a direct checksum value of the full object. Instead, it's a calculation + // based on the checksum values of each individual part. For more information + // about how checksums are calculated with multipart uploads, see Checking object + // integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) // in the Amazon S3 User Guide. ChecksumSHA1 *string `location:"header" locationName:"x-amz-checksum-sha1" type:"string"` // The base64-encoded, 256-bit SHA-256 digest of the object. This will only - // be present if it was uploaded with the object. With multipart uploads, this - // may not be a checksum value of the object. For more information about how - // checksums are calculated with multipart uploads, see Checking object integrity - // (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) + // be present if it was uploaded with the object. When you use an API operation + // on an object that was uploaded using multipart uploads, this value may not + // be a direct checksum value of the full object. Instead, it's a calculation + // based on the checksum values of each individual part. For more information + // about how checksums are calculated with multipart uploads, see Checking object + // integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) // in the Amazon S3 User Guide. ChecksumSHA256 *string `location:"header" locationName:"x-amz-checksum-sha256" type:"string"` // Entity tag for the uploaded object. + // + // General purpose buckets - To ensure that data is not corrupted traversing + // the network, for objects where the ETag is the MD5 digest of the object, + // you can calculate the MD5 while putting an object to Amazon S3 and compare + // the returned ETag to the calculated MD5 value. + // + // Directory buckets - The ETag for the object in a directory bucket isn't the + // MD5 digest of the object. ETag *string `location:"header" locationName:"ETag" type:"string"` // If the expiration is configured for the object (see PutBucketLifecycleConfiguration - // (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketLifecycleConfiguration.html)), - // the response includes this header. It includes the expiry-date and rule-id - // key-value pairs that provide information about object expiration. The value - // of the rule-id is URL-encoded. + // (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketLifecycleConfiguration.html)) + // in the Amazon S3 User Guide, the response includes this header. It includes + // the expiry-date and rule-id key-value pairs that provide information about + // object expiration. The value of the rule-id is URL-encoded. + // + // This functionality is not supported for directory buckets. Expiration *string `location:"header" locationName:"x-amz-expiration" type:"string"` // If present, indicates that the requester was successfully charged for the // request. + // + // This functionality is not supported for directory buckets. RequestCharged *string `location:"header" locationName:"x-amz-request-charged" type:"string" enum:"RequestCharged"` // If server-side encryption with a customer-provided encryption key was requested, - // the response will include this header confirming the encryption algorithm - // used. + // the response will include this header to confirm the encryption algorithm + // that's used. + // + // This functionality is not supported for directory buckets. SSECustomerAlgorithm *string `location:"header" locationName:"x-amz-server-side-encryption-customer-algorithm" type:"string"` // If server-side encryption with a customer-provided encryption key was requested, - // the response will include this header to provide round-trip message integrity + // the response will include this header to provide the round-trip message integrity // verification of the customer-provided encryption key. + // + // This functionality is not supported for directory buckets. SSECustomerKeyMD5 *string `location:"header" locationName:"x-amz-server-side-encryption-customer-key-MD5" type:"string"` - // If present, specifies the Amazon Web Services KMS Encryption Context to use + // If present, indicates the Amazon Web Services KMS Encryption Context to use // for object encryption. The value of this header is a base64-encoded UTF-8 - // string holding JSON with the encryption context key-value pairs. + // string holding JSON with the encryption context key-value pairs. This value + // is stored as object metadata and automatically gets passed on to Amazon Web + // Services KMS for future GetObject or CopyObject operations on this object. + // + // This functionality is not supported for directory buckets. // // SSEKMSEncryptionContext is a sensitive parameter and its value will be // replaced with "sensitive" in string returned by PutObjectOutput's // String and GoString methods. SSEKMSEncryptionContext *string `location:"header" locationName:"x-amz-server-side-encryption-context" type:"string" sensitive:"true"` - // If x-amz-server-side-encryption is present and has the value of aws:kms, - // this header specifies the ID of the Amazon Web Services Key Management Service - // (Amazon Web Services KMS) symmetric customer managed key that was used for - // the object. + // If x-amz-server-side-encryption has a valid value of aws:kms or aws:kms:dsse, + // this header indicates the ID of the Key Management Service (KMS) symmetric + // encryption customer managed key that was used for the object. + // + // This functionality is not supported for directory buckets. // // SSEKMSKeyId is a sensitive parameter and its value will be // replaced with "sensitive" in string returned by PutObjectOutput's // String and GoString methods. SSEKMSKeyId *string `location:"header" locationName:"x-amz-server-side-encryption-aws-kms-key-id" type:"string" sensitive:"true"` - // If you specified server-side encryption either with an Amazon Web Services - // KMS key or Amazon S3-managed encryption key in your PUT request, the response - // includes this header. It confirms the encryption algorithm that Amazon S3 - // used to encrypt the object. + // The server-side encryption algorithm used when you store this object in Amazon + // S3 (for example, AES256, aws:kms, aws:kms:dsse). + // + // For directory buckets, only server-side encryption with Amazon S3 managed + // keys (SSE-S3) (AES256) is supported. ServerSideEncryption *string `location:"header" locationName:"x-amz-server-side-encryption" type:"string" enum:"ServerSideEncryption"` - // Version of the object. + // Version ID of the object. + // + // If you enable versioning for a bucket, Amazon S3 automatically generates + // a unique version ID for the object being stored. Amazon S3 returns this ID + // in the response. When you enable versioning for a bucket, if Amazon S3 receives + // multiple write requests for the same object simultaneously, it stores all + // of the objects. For more information about versioning, see Adding Objects + // to Versioning-Enabled Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/AddingObjectstoVersioningEnabledBuckets.html) + // in the Amazon S3 User Guide. For information about returning the versioning + // state of a bucket, see GetBucketVersioning (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketVersioning.html). + // + // This functionality is not supported for directory buckets. VersionId *string `location:"header" locationName:"x-amz-version-id" type:"string"` } @@ -35317,8 +38598,10 @@ type PutObjectRetentionInput struct { // The bucket name that contains the object you want to apply this Object Retention // configuration to. // - // When using this action with an access point, you must direct requests to - // the access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. + // Access points - When you use this action with an access point, you must provide + // the alias of the access point in place of the bucket name or specify the + // access point ARN. When using the access point ARN, you must direct requests + // to the access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. // When using this action with an access point through the Amazon Web Services // SDKs, you provide the access point ARN in place of the bucket name. For more // information about access point ARNs, see Using access points (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html) @@ -35330,12 +38613,12 @@ type PutObjectRetentionInput struct { // Indicates whether this action should bypass Governance-mode restrictions. BypassGovernanceRetention *bool `location:"header" locationName:"x-amz-bypass-governance-retention" type:"boolean"` - // Indicates the algorithm used to create the checksum for the object when using - // the SDK. This header will not provide any additional functionality if not - // using the SDK. When sending this header, there must be a corresponding x-amz-checksum - // or x-amz-trailer header sent. Otherwise, Amazon S3 fails the request with - // the HTTP status code 400 Bad Request. For more information, see Checking - // object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) + // Indicates the algorithm used to create the checksum for the object when you + // use the SDK. This header will not provide any additional functionality if + // you don't use the SDK. When you send this header, there must be a corresponding + // x-amz-checksum or x-amz-trailer header sent. Otherwise, Amazon S3 fails the + // request with the HTTP status code 400 Bad Request. For more information, + // see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) // in the Amazon S3 User Guide. // // If you provide an individual checksum, Amazon S3 ignores any provided ChecksumAlgorithm @@ -35351,9 +38634,9 @@ type PutObjectRetentionInput struct { // to be used. ChecksumAlgorithm *string `location:"header" locationName:"x-amz-sdk-checksum-algorithm" type:"string" enum:"ChecksumAlgorithm"` - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` // The key name for the object that you want to apply this Object Retention @@ -35363,10 +38646,14 @@ type PutObjectRetentionInput struct { Key *string `location:"uri" locationName:"Key" min:"1" type:"string" required:"true"` // Confirms that the requester knows that they will be charged for the request. - // Bucket owners need not specify this parameter in their requests. For information - // about downloading objects from Requester Pays buckets, see Downloading Objects + // Bucket owners need not specify this parameter in their requests. If either + // the source or destination S3 bucket has Requester Pays enabled, the requester + // will pay for corresponding charges to copy the object. For information about + // downloading objects from Requester Pays buckets, see Downloading Objects // in Requester Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) // in the Amazon S3 User Guide. + // + // This functionality is not supported for directory buckets. RequestPayer *string `location:"header" locationName:"x-amz-request-payer" type:"string" enum:"RequestPayer"` // The container element for the Object Retention configuration. @@ -35504,6 +38791,8 @@ type PutObjectRetentionOutput struct { // If present, indicates that the requester was successfully charged for the // request. + // + // This functionality is not supported for directory buckets. RequestCharged *string `location:"header" locationName:"x-amz-request-charged" type:"string" enum:"RequestCharged"` } @@ -35536,30 +38825,33 @@ type PutObjectTaggingInput struct { // The bucket name containing the object. // - // When using this action with an access point, you must direct requests to - // the access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. + // Access points - When you use this action with an access point, you must provide + // the alias of the access point in place of the bucket name or specify the + // access point ARN. When using the access point ARN, you must direct requests + // to the access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. // When using this action with an access point through the Amazon Web Services // SDKs, you provide the access point ARN in place of the bucket name. For more // information about access point ARNs, see Using access points (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html) // in the Amazon S3 User Guide. // - // When using this action with Amazon S3 on Outposts, you must direct requests - // to the S3 on Outposts hostname. The S3 on Outposts hostname takes the form - // AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com. When - // using this action with S3 on Outposts through the Amazon Web Services SDKs, - // you provide the Outposts bucket ARN in place of the bucket name. For more - // information about S3 on Outposts ARNs, see Using Amazon S3 on Outposts (https://docs.aws.amazon.com/AmazonS3/latest/userguide/S3onOutposts.html) + // S3 on Outposts - When you use this action with Amazon S3 on Outposts, you + // must direct requests to the S3 on Outposts hostname. The S3 on Outposts hostname + // takes the form AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com. + // When you use this action with S3 on Outposts through the Amazon Web Services + // SDKs, you provide the Outposts access point ARN in place of the bucket name. + // For more information about S3 on Outposts ARNs, see What is S3 on Outposts? + // (https://docs.aws.amazon.com/AmazonS3/latest/userguide/S3onOutposts.html) // in the Amazon S3 User Guide. // // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // Indicates the algorithm used to create the checksum for the object when using - // the SDK. This header will not provide any additional functionality if not - // using the SDK. When sending this header, there must be a corresponding x-amz-checksum - // or x-amz-trailer header sent. Otherwise, Amazon S3 fails the request with - // the HTTP status code 400 Bad Request. For more information, see Checking - // object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) + // Indicates the algorithm used to create the checksum for the object when you + // use the SDK. This header will not provide any additional functionality if + // you don't use the SDK. When you send this header, there must be a corresponding + // x-amz-checksum or x-amz-trailer header sent. Otherwise, Amazon S3 fails the + // request with the HTTP status code 400 Bad Request. For more information, + // see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) // in the Amazon S3 User Guide. // // If you provide an individual checksum, Amazon S3 ignores any provided ChecksumAlgorithm @@ -35575,9 +38867,9 @@ type PutObjectTaggingInput struct { // to be used. ChecksumAlgorithm *string `location:"header" locationName:"x-amz-sdk-checksum-algorithm" type:"string" enum:"ChecksumAlgorithm"` - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` // Name of the object key. @@ -35586,10 +38878,14 @@ type PutObjectTaggingInput struct { Key *string `location:"uri" locationName:"Key" min:"1" type:"string" required:"true"` // Confirms that the requester knows that they will be charged for the request. - // Bucket owners need not specify this parameter in their requests. For information - // about downloading objects from Requester Pays buckets, see Downloading Objects + // Bucket owners need not specify this parameter in their requests. If either + // the source or destination S3 bucket has Requester Pays enabled, the requester + // will pay for corresponding charges to copy the object. For information about + // downloading objects from Requester Pays buckets, see Downloading Objects // in Requester Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) // in the Amazon S3 User Guide. + // + // This functionality is not supported for directory buckets. RequestPayer *string `location:"header" locationName:"x-amz-request-payer" type:"string" enum:"RequestPayer"` // Container for the TagSet and Tag elements @@ -35765,12 +39061,12 @@ type PutPublicAccessBlockInput struct { // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // Indicates the algorithm used to create the checksum for the object when using - // the SDK. This header will not provide any additional functionality if not - // using the SDK. When sending this header, there must be a corresponding x-amz-checksum - // or x-amz-trailer header sent. Otherwise, Amazon S3 fails the request with - // the HTTP status code 400 Bad Request. For more information, see Checking - // object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) + // Indicates the algorithm used to create the checksum for the object when you + // use the SDK. This header will not provide any additional functionality if + // you don't use the SDK. When you send this header, there must be a corresponding + // x-amz-checksum or x-amz-trailer header sent. Otherwise, Amazon S3 fails the + // request with the HTTP status code 400 Bad Request. For more information, + // see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) // in the Amazon S3 User Guide. // // If you provide an individual checksum, Amazon S3 ignores any provided ChecksumAlgorithm @@ -35786,9 +39082,9 @@ type PutPublicAccessBlockInput struct { // to be used. ChecksumAlgorithm *string `location:"header" locationName:"x-amz-sdk-checksum-algorithm" type:"string" enum:"ChecksumAlgorithm"` - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` // The PublicAccessBlock configuration that you want to apply to this Amazon @@ -35929,7 +39225,8 @@ type QueueConfiguration struct { Events []*string `locationName:"Event" type:"list" flattened:"true" required:"true" enum:"Event"` // Specifies object key name filtering rules. For information about key name - // filtering, see Configuring Event Notifications (https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html) + // filtering, see Configuring event notifications using object key name filtering + // (https://docs.aws.amazon.com/AmazonS3/latest/userguide/notification-how-to-filtering.html) // in the Amazon S3 User Guide. Filter *NotificationConfigurationFilter `type:"structure"` @@ -36922,30 +40219,33 @@ type RestoreObjectInput struct { // The bucket name containing the object to restore. // - // When using this action with an access point, you must direct requests to - // the access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. + // Access points - When you use this action with an access point, you must provide + // the alias of the access point in place of the bucket name or specify the + // access point ARN. When using the access point ARN, you must direct requests + // to the access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. // When using this action with an access point through the Amazon Web Services // SDKs, you provide the access point ARN in place of the bucket name. For more // information about access point ARNs, see Using access points (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html) // in the Amazon S3 User Guide. // - // When using this action with Amazon S3 on Outposts, you must direct requests - // to the S3 on Outposts hostname. The S3 on Outposts hostname takes the form - // AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com. When - // using this action with S3 on Outposts through the Amazon Web Services SDKs, - // you provide the Outposts bucket ARN in place of the bucket name. For more - // information about S3 on Outposts ARNs, see Using Amazon S3 on Outposts (https://docs.aws.amazon.com/AmazonS3/latest/userguide/S3onOutposts.html) + // S3 on Outposts - When you use this action with Amazon S3 on Outposts, you + // must direct requests to the S3 on Outposts hostname. The S3 on Outposts hostname + // takes the form AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com. + // When you use this action with S3 on Outposts through the Amazon Web Services + // SDKs, you provide the Outposts access point ARN in place of the bucket name. + // For more information about S3 on Outposts ARNs, see What is S3 on Outposts? + // (https://docs.aws.amazon.com/AmazonS3/latest/userguide/S3onOutposts.html) // in the Amazon S3 User Guide. // // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // Indicates the algorithm used to create the checksum for the object when using - // the SDK. This header will not provide any additional functionality if not - // using the SDK. When sending this header, there must be a corresponding x-amz-checksum - // or x-amz-trailer header sent. Otherwise, Amazon S3 fails the request with - // the HTTP status code 400 Bad Request. For more information, see Checking - // object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) + // Indicates the algorithm used to create the checksum for the object when you + // use the SDK. This header will not provide any additional functionality if + // you don't use the SDK. When you send this header, there must be a corresponding + // x-amz-checksum or x-amz-trailer header sent. Otherwise, Amazon S3 fails the + // request with the HTTP status code 400 Bad Request. For more information, + // see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) // in the Amazon S3 User Guide. // // If you provide an individual checksum, Amazon S3 ignores any provided ChecksumAlgorithm @@ -36957,9 +40257,9 @@ type RestoreObjectInput struct { // must be populated with the algorithm's checksum of the request payload. ChecksumAlgorithm *string `location:"header" locationName:"x-amz-sdk-checksum-algorithm" type:"string" enum:"ChecksumAlgorithm"` - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` // Object key for which the action was initiated. @@ -36968,10 +40268,14 @@ type RestoreObjectInput struct { Key *string `location:"uri" locationName:"Key" min:"1" type:"string" required:"true"` // Confirms that the requester knows that they will be charged for the request. - // Bucket owners need not specify this parameter in their requests. For information - // about downloading objects from Requester Pays buckets, see Downloading Objects + // Bucket owners need not specify this parameter in their requests. If either + // the source or destination S3 bucket has Requester Pays enabled, the requester + // will pay for corresponding charges to copy the object. For information about + // downloading objects from Requester Pays buckets, see Downloading Objects // in Requester Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) // in the Amazon S3 User Guide. + // + // This functionality is not supported for directory buckets. RequestPayer *string `location:"header" locationName:"x-amz-request-payer" type:"string" enum:"RequestPayer"` // Container for restore job parameters. @@ -37107,6 +40411,8 @@ type RestoreObjectOutput struct { // If present, indicates that the requester was successfully charged for the // request. + // + // This functionality is not supported for directory buckets. RequestCharged *string `location:"header" locationName:"x-amz-request-charged" type:"string" enum:"RequestCharged"` // Indicates the path in the provided S3 output location where Select results @@ -37260,6 +40566,67 @@ func (s *RestoreRequest) SetType(v string) *RestoreRequest { return s } +// Specifies the restoration status of an object. Objects in certain storage +// classes must be restored before they can be retrieved. For more information +// about these storage classes and how to work with archived objects, see Working +// with archived objects (https://docs.aws.amazon.com/AmazonS3/latest/userguide/archived-objects.html) +// in the Amazon S3 User Guide. +// +// This functionality is not supported for directory buckets. Only the S3 Express +// One Zone storage class is supported by directory buckets to store objects. +type RestoreStatus struct { + _ struct{} `type:"structure"` + + // Specifies whether the object is currently being restored. If the object restoration + // is in progress, the header returns the value TRUE. For example: + // + // x-amz-optional-object-attributes: IsRestoreInProgress="true" + // + // If the object restoration has completed, the header returns the value FALSE. + // For example: + // + // x-amz-optional-object-attributes: IsRestoreInProgress="false", RestoreExpiryDate="2012-12-21T00:00:00.000Z" + // + // If the object hasn't been restored, there is no header response. + IsRestoreInProgress *bool `type:"boolean"` + + // Indicates when the restored copy will expire. This value is populated only + // if the object has already been restored. For example: + // + // x-amz-optional-object-attributes: IsRestoreInProgress="false", RestoreExpiryDate="2012-12-21T00:00:00.000Z" + RestoreExpiryDate *time.Time `type:"timestamp"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s RestoreStatus) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s RestoreStatus) GoString() string { + return s.String() +} + +// SetIsRestoreInProgress sets the IsRestoreInProgress field's value. +func (s *RestoreStatus) SetIsRestoreInProgress(v bool) *RestoreStatus { + s.IsRestoreInProgress = &v + return s +} + +// SetRestoreExpiryDate sets the RestoreExpiryDate field's value. +func (s *RestoreStatus) SetRestoreExpiryDate(v time.Time) *RestoreStatus { + s.RestoreExpiryDate = &v + return s +} + // Specifies the redirect behavior and when a redirect is applied. For more // information about routing rules, see Configuring advanced conditional redirects // (https://docs.aws.amazon.com/AmazonS3/latest/dev/how-to-page-redirect.html#advanced-conditional-redirects) @@ -37334,7 +40701,7 @@ type Rule struct { // Specifies the days since the initiation of an incomplete multipart upload // that Amazon S3 will wait before permanently removing all parts of the upload. // For more information, see Aborting Incomplete Multipart Uploads Using a Bucket - // Lifecycle Policy (https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuoverview.html#mpu-abort-incomplete-mpu-lifecycle-config) + // Lifecycle Configuration (https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuoverview.html#mpu-abort-incomplete-mpu-lifecycle-config) // in the Amazon S3 User Guide. AbortIncompleteMultipartUpload *AbortIncompleteMultipartUpload `type:"structure"` @@ -37469,9 +40836,8 @@ func (s *Rule) SetTransition(v *Transition) *Rule { type SSEKMS struct { _ struct{} `locationName:"SSE-KMS" type:"structure"` - // Specifies the ID of the Amazon Web Services Key Management Service (Amazon - // Web Services KMS) symmetric customer managed key to use for encrypting inventory - // reports. + // Specifies the ID of the Key Management Service (KMS) symmetric encryption + // customer managed key to use for encrypting inventory reports. // // KeyId is a sensitive parameter and its value will be // replaced with "sensitive" in string returned by SSEKMS's @@ -37775,9 +41141,9 @@ type SelectObjectContentInput struct { // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` // The expression that is used to query the object. @@ -38154,21 +41520,26 @@ type ServerSideEncryptionByDefault struct { // Amazon Web Services Key Management Service (KMS) customer Amazon Web Services // KMS key ID to use for the default encryption. This parameter is allowed if - // and only if SSEAlgorithm is set to aws:kms. + // and only if SSEAlgorithm is set to aws:kms or aws:kms:dsse. // - // You can specify the key ID or the Amazon Resource Name (ARN) of the KMS key. - // However, if you are using encryption with cross-account or Amazon Web Services - // service operations you must use a fully qualified KMS key ARN. For more information, - // see Using encryption for cross-account operations (https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-encryption.html#bucket-encryption-update-bucket-policy). - // - // For example: + // You can specify the key ID, key alias, or the Amazon Resource Name (ARN) + // of the KMS key. // // * Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab // // * Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab // - // Amazon S3 only supports symmetric KMS keys and not asymmetric KMS keys. For - // more information, see Using symmetric and asymmetric keys (https://docs.aws.amazon.com/kms/latest/developerguide/symmetric-asymmetric.html) + // * Key Alias: alias/alias-name + // + // If you use a key ID, you can run into a LogDestination undeliverable error + // when creating a VPC flow log. + // + // If you are using encryption with cross-account or Amazon Web Services service + // operations you must use a fully qualified KMS key ARN. For more information, + // see Using encryption for cross-account operations (https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-encryption.html#bucket-encryption-update-bucket-policy). + // + // Amazon S3 only supports symmetric encryption KMS keys. For more information, + // see Asymmetric keys in Amazon Web Services KMS (https://docs.aws.amazon.com/kms/latest/developerguide/symmetric-asymmetric.html) // in the Amazon Web Services Key Management Service Developer Guide. // // KMSMasterKeyID is a sensitive parameter and its value will be @@ -38347,6 +41718,118 @@ func (s *ServerSideEncryptionRule) SetBucketKeyEnabled(v bool) *ServerSideEncryp return s } +// The established temporary security credentials of the session. +// +// Directory buckets - These session credentials are only supported for the +// authentication and authorization of Zonal endpoint APIs on directory buckets. +type SessionCredentials struct { + _ struct{} `type:"structure"` + + // A unique identifier that's associated with a secret access key. The access + // key ID and the secret access key are used together to sign programmatic Amazon + // Web Services requests cryptographically. + // + // AccessKeyId is a required field + AccessKeyId *string `locationName:"AccessKeyId" type:"string" required:"true"` + + // Temporary security credentials expire after a specified interval. After temporary + // credentials expire, any calls that you make with those credentials will fail. + // So you must generate a new set of temporary credentials. Temporary credentials + // cannot be extended or refreshed beyond the original specified interval. + // + // Expiration is a required field + Expiration *time.Time `locationName:"Expiration" type:"timestamp" required:"true"` + + // A key that's used with the access key ID to cryptographically sign programmatic + // Amazon Web Services requests. Signing a request identifies the sender and + // prevents the request from being altered. + // + // SecretAccessKey is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by SessionCredentials's + // String and GoString methods. + // + // SecretAccessKey is a required field + SecretAccessKey *string `locationName:"SecretAccessKey" type:"string" required:"true" sensitive:"true"` + + // A part of the temporary security credentials. The session token is used to + // validate the temporary security credentials. + // + // SessionToken is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by SessionCredentials's + // String and GoString methods. + // + // SessionToken is a required field + SessionToken *string `locationName:"SessionToken" type:"string" required:"true" sensitive:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s SessionCredentials) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s SessionCredentials) GoString() string { + return s.String() +} + +// SetAccessKeyId sets the AccessKeyId field's value. +func (s *SessionCredentials) SetAccessKeyId(v string) *SessionCredentials { + s.AccessKeyId = &v + return s +} + +// SetExpiration sets the Expiration field's value. +func (s *SessionCredentials) SetExpiration(v time.Time) *SessionCredentials { + s.Expiration = &v + return s +} + +// SetSecretAccessKey sets the SecretAccessKey field's value. +func (s *SessionCredentials) SetSecretAccessKey(v string) *SessionCredentials { + s.SecretAccessKey = &v + return s +} + +// SetSessionToken sets the SessionToken field's value. +func (s *SessionCredentials) SetSessionToken(v string) *SessionCredentials { + s.SessionToken = &v + return s +} + +// To use simple format for S3 keys for log objects, set SimplePrefix to an +// empty object. +// +// [DestinationPrefix][YYYY]-[MM]-[DD]-[hh]-[mm]-[ss]-[UniqueString] +type SimplePrefix struct { + _ struct{} `locationName:"SimplePrefix" type:"structure"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s SimplePrefix) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s SimplePrefix) GoString() string { + return s.String() +} + // A container that describes additional filters for identifying the source // objects that you want to replicate. You can choose to enable or disable the // replication of these objects. Currently, Amazon S3 supports only the filter @@ -38883,6 +42366,49 @@ func (s *TargetGrant) SetPermission(v string) *TargetGrant { return s } +// Amazon S3 key format for log objects. Only one format, PartitionedPrefix +// or SimplePrefix, is allowed. +type TargetObjectKeyFormat struct { + _ struct{} `type:"structure"` + + // Partitioned S3 key for log objects. + PartitionedPrefix *PartitionedPrefix `locationName:"PartitionedPrefix" type:"structure"` + + // To use the simple format for S3 keys for log objects. To specify SimplePrefix + // format, set SimplePrefix to {}. + SimplePrefix *SimplePrefix `locationName:"SimplePrefix" type:"structure"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s TargetObjectKeyFormat) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s TargetObjectKeyFormat) GoString() string { + return s.String() +} + +// SetPartitionedPrefix sets the PartitionedPrefix field's value. +func (s *TargetObjectKeyFormat) SetPartitionedPrefix(v *PartitionedPrefix) *TargetObjectKeyFormat { + s.PartitionedPrefix = v + return s +} + +// SetSimplePrefix sets the SimplePrefix field's value. +func (s *TargetObjectKeyFormat) SetSimplePrefix(v *SimplePrefix) *TargetObjectKeyFormat { + s.SimplePrefix = v + return s +} + // The S3 Intelligent-Tiering storage class is designed to optimize storage // costs by automatically moving data to the most cost-effective storage access // tier, without additional operational overhead. @@ -38966,7 +42492,8 @@ type TopicConfiguration struct { Events []*string `locationName:"Event" type:"list" flattened:"true" required:"true" enum:"Event"` // Specifies object key name filtering rules. For information about key name - // filtering, see Configuring Event Notifications (https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html) + // filtering, see Configuring event notifications using object key name filtering + // (https://docs.aws.amazon.com/AmazonS3/latest/userguide/notification-how-to-filtering.html) // in the Amazon S3 User Guide. Filter *NotificationConfigurationFilter `type:"structure"` @@ -39166,19 +42693,33 @@ type UploadPartCopyInput struct { // The bucket name. // - // When using this action with an access point, you must direct requests to - // the access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. + // Directory buckets - When you use this operation with a directory bucket, + // you must use virtual-hosted-style requests in the format Bucket_name.s3express-az_id.region.amazonaws.com. + // Path-style requests are not supported. Directory bucket names must be unique + // in the chosen Availability Zone. Bucket names must follow the format bucket_base_name--az-id--x-s3 + // (for example, DOC-EXAMPLE-BUCKET--usw2-az1--x-s3). For information about + // bucket naming restrictions, see Directory bucket naming rules (https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-bucket-naming-rules.html) + // in the Amazon S3 User Guide. + // + // Access points - When you use this action with an access point, you must provide + // the alias of the access point in place of the bucket name or specify the + // access point ARN. When using the access point ARN, you must direct requests + // to the access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. // When using this action with an access point through the Amazon Web Services // SDKs, you provide the access point ARN in place of the bucket name. For more // information about access point ARNs, see Using access points (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html) // in the Amazon S3 User Guide. // - // When using this action with Amazon S3 on Outposts, you must direct requests - // to the S3 on Outposts hostname. The S3 on Outposts hostname takes the form - // AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com. When - // using this action with S3 on Outposts through the Amazon Web Services SDKs, - // you provide the Outposts bucket ARN in place of the bucket name. For more - // information about S3 on Outposts ARNs, see Using Amazon S3 on Outposts (https://docs.aws.amazon.com/AmazonS3/latest/userguide/S3onOutposts.html) + // Access points and Object Lambda access points are not supported by directory + // buckets. + // + // S3 on Outposts - When you use this action with Amazon S3 on Outposts, you + // must direct requests to the S3 on Outposts hostname. The S3 on Outposts hostname + // takes the form AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com. + // When you use this action with S3 on Outposts through the Amazon Web Services + // SDKs, you provide the Outposts access point ARN in place of the bucket name. + // For more information about S3 on Outposts ARNs, see What is S3 on Outposts? + // (https://docs.aws.amazon.com/AmazonS3/latest/userguide/S3onOutposts.html) // in the Amazon S3 User Guide. // // Bucket is a required field @@ -39200,34 +42741,81 @@ type UploadPartCopyInput struct { // my-access-point owned by account 123456789012 in Region us-west-2, use // the URL encoding of arn:aws:s3:us-west-2:123456789012:accesspoint/my-access-point/object/reports/january.pdf. // The value must be URL encoded. Amazon S3 supports copy operations using - // access points only when the source and destination buckets are in the - // same Amazon Web Services Region. Alternatively, for objects accessed through - // Amazon S3 on Outposts, specify the ARN of the object as accessed in the - // format arn:aws:s3-outposts:::outpost//object/. + // Access points only when the source and destination buckets are in the + // same Amazon Web Services Region. Access points are not supported by directory + // buckets. Alternatively, for objects accessed through Amazon S3 on Outposts, + // specify the ARN of the object as accessed in the format arn:aws:s3-outposts:::outpost//object/. // For example, to copy the object reports/january.pdf through outpost my-outpost // owned by account 123456789012 in Region us-west-2, use the URL encoding // of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/object/reports/january.pdf. // The value must be URL-encoded. // - // To copy a specific version of an object, append ?versionId= to - // the value (for example, awsexamplebucket/reports/january.pdf?versionId=QUpfdndhfd8438MNFDN93jdnJFkdmqnh893). - // If you don't specify a version ID, Amazon S3 copies the latest version of - // the source object. + // If your bucket has versioning enabled, you could have multiple versions of + // the same object. By default, x-amz-copy-source identifies the current version + // of the source object to copy. To copy a specific version of the source object + // to copy, append ?versionId= to the x-amz-copy-source request + // header (for example, x-amz-copy-source: /awsexamplebucket/reports/january.pdf?versionId=QUpfdndhfd8438MNFDN93jdnJFkdmqnh893). + // + // If the current version is a delete marker and you don't specify a versionId + // in the x-amz-copy-source request header, Amazon S3 returns a 404 Not Found + // error, because the object does not exist. If you specify versionId in the + // x-amz-copy-source and the versionId is a delete marker, Amazon S3 returns + // an HTTP 400 Bad Request error, because you are not allowed to specify a delete + // marker as a version for the x-amz-copy-source. + // + // Directory buckets - S3 Versioning isn't enabled and supported for directory + // buckets. // // CopySource is a required field CopySource *string `location:"header" locationName:"x-amz-copy-source" type:"string" required:"true"` // Copies the object if its entity tag (ETag) matches the specified tag. + // + // If both of the x-amz-copy-source-if-match and x-amz-copy-source-if-unmodified-since + // headers are present in the request as follows: + // + // x-amz-copy-source-if-match condition evaluates to true, and; + // + // x-amz-copy-source-if-unmodified-since condition evaluates to false; + // + // Amazon S3 returns 200 OK and copies the data. CopySourceIfMatch *string `location:"header" locationName:"x-amz-copy-source-if-match" type:"string"` // Copies the object if it has been modified since the specified time. + // + // If both of the x-amz-copy-source-if-none-match and x-amz-copy-source-if-modified-since + // headers are present in the request as follows: + // + // x-amz-copy-source-if-none-match condition evaluates to false, and; + // + // x-amz-copy-source-if-modified-since condition evaluates to true; + // + // Amazon S3 returns 412 Precondition Failed response code. CopySourceIfModifiedSince *time.Time `location:"header" locationName:"x-amz-copy-source-if-modified-since" type:"timestamp"` // Copies the object if its entity tag (ETag) is different than the specified // ETag. + // + // If both of the x-amz-copy-source-if-none-match and x-amz-copy-source-if-modified-since + // headers are present in the request as follows: + // + // x-amz-copy-source-if-none-match condition evaluates to false, and; + // + // x-amz-copy-source-if-modified-since condition evaluates to true; + // + // Amazon S3 returns 412 Precondition Failed response code. CopySourceIfNoneMatch *string `location:"header" locationName:"x-amz-copy-source-if-none-match" type:"string"` // Copies the object if it hasn't been modified since the specified time. + // + // If both of the x-amz-copy-source-if-match and x-amz-copy-source-if-unmodified-since + // headers are present in the request as follows: + // + // x-amz-copy-source-if-match condition evaluates to true, and; + // + // x-amz-copy-source-if-unmodified-since condition evaluates to false; + // + // Amazon S3 returns 200 OK and copies the data. CopySourceIfUnmodifiedSince *time.Time `location:"header" locationName:"x-amz-copy-source-if-unmodified-since" type:"timestamp"` // The range of bytes to copy from the source object. The range value must use @@ -39239,12 +42827,18 @@ type UploadPartCopyInput struct { // Specifies the algorithm to use when decrypting the source object (for example, // AES256). + // + // This functionality is not supported when the source object is in a directory + // bucket. CopySourceSSECustomerAlgorithm *string `location:"header" locationName:"x-amz-copy-source-server-side-encryption-customer-algorithm" type:"string"` // Specifies the customer-provided encryption key for Amazon S3 to use to decrypt // the source object. The encryption key provided in this header must be one // that was used when the source object was created. // + // This functionality is not supported when the source object is in a directory + // bucket. + // // CopySourceSSECustomerKey is a sensitive parameter and its value will be // replaced with "sensitive" in string returned by UploadPartCopyInput's // String and GoString methods. @@ -39253,16 +42847,19 @@ type UploadPartCopyInput struct { // Specifies the 128-bit MD5 digest of the encryption key according to RFC 1321. // Amazon S3 uses this header for a message integrity check to ensure that the // encryption key was transmitted without error. + // + // This functionality is not supported when the source object is in a directory + // bucket. CopySourceSSECustomerKeyMD5 *string `location:"header" locationName:"x-amz-copy-source-server-side-encryption-customer-key-MD5" type:"string"` - // The account ID of the expected destination bucket owner. If the destination - // bucket is owned by a different account, the request fails with the HTTP status - // code 403 Forbidden (access denied). + // The account ID of the expected destination bucket owner. If the account ID + // that you provide does not match the actual owner of the destination bucket, + // the request fails with the HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` - // The account ID of the expected source bucket owner. If the source bucket - // is owned by a different account, the request fails with the HTTP status code - // 403 Forbidden (access denied). + // The account ID of the expected source bucket owner. If the account ID that + // you provide does not match the actual owner of the source bucket, the request + // fails with the HTTP status code 403 Forbidden (access denied). ExpectedSourceBucketOwner *string `location:"header" locationName:"x-amz-source-expected-bucket-owner" type:"string"` // Object key for which the multipart upload was initiated. @@ -39277,14 +42874,20 @@ type UploadPartCopyInput struct { PartNumber *int64 `location:"querystring" locationName:"partNumber" type:"integer" required:"true"` // Confirms that the requester knows that they will be charged for the request. - // Bucket owners need not specify this parameter in their requests. For information - // about downloading objects from Requester Pays buckets, see Downloading Objects + // Bucket owners need not specify this parameter in their requests. If either + // the source or destination S3 bucket has Requester Pays enabled, the requester + // will pay for corresponding charges to copy the object. For information about + // downloading objects from Requester Pays buckets, see Downloading Objects // in Requester Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) // in the Amazon S3 User Guide. + // + // This functionality is not supported for directory buckets. RequestPayer *string `location:"header" locationName:"x-amz-request-payer" type:"string" enum:"RequestPayer"` - // Specifies the algorithm to use to when encrypting the object (for example, - // AES256). + // Specifies the algorithm to use when encrypting the object (for example, AES256). + // + // This functionality is not supported when the destination bucket is a directory + // bucket. SSECustomerAlgorithm *string `location:"header" locationName:"x-amz-server-side-encryption-customer-algorithm" type:"string"` // Specifies the customer-provided encryption key for Amazon S3 to use in encrypting @@ -39294,6 +42897,9 @@ type UploadPartCopyInput struct { // header. This must be the same encryption key specified in the initiate multipart // upload request. // + // This functionality is not supported when the destination bucket is a directory + // bucket. + // // SSECustomerKey is a sensitive parameter and its value will be // replaced with "sensitive" in string returned by UploadPartCopyInput's // String and GoString methods. @@ -39302,6 +42908,9 @@ type UploadPartCopyInput struct { // Specifies the 128-bit MD5 digest of the encryption key according to RFC 1321. // Amazon S3 uses this header for a message integrity check to ensure that the // encryption key was transmitted without error. + // + // This functionality is not supported when the destination bucket is a directory + // bucket. SSECustomerKeyMD5 *string `location:"header" locationName:"x-amz-server-side-encryption-customer-key-MD5" type:"string"` // Upload ID identifying the multipart upload whose part is being copied. @@ -39525,7 +43134,9 @@ type UploadPartCopyOutput struct { _ struct{} `type:"structure" payload:"CopyPartResult"` // Indicates whether the multipart upload uses an S3 Bucket Key for server-side - // encryption with Amazon Web Services KMS (SSE-KMS). + // encryption with Key Management Service (KMS) keys (SSE-KMS). + // + // This functionality is not supported for directory buckets. BucketKeyEnabled *bool `location:"header" locationName:"x-amz-server-side-encryption-bucket-key-enabled" type:"boolean"` // Container for all response elements. @@ -39533,33 +43144,46 @@ type UploadPartCopyOutput struct { // The version of the source object that was copied, if you have enabled versioning // on the source bucket. + // + // This functionality is not supported when the source object is in a directory + // bucket. CopySourceVersionId *string `location:"header" locationName:"x-amz-copy-source-version-id" type:"string"` // If present, indicates that the requester was successfully charged for the // request. + // + // This functionality is not supported for directory buckets. RequestCharged *string `location:"header" locationName:"x-amz-request-charged" type:"string" enum:"RequestCharged"` // If server-side encryption with a customer-provided encryption key was requested, - // the response will include this header confirming the encryption algorithm - // used. + // the response will include this header to confirm the encryption algorithm + // that's used. + // + // This functionality is not supported for directory buckets. SSECustomerAlgorithm *string `location:"header" locationName:"x-amz-server-side-encryption-customer-algorithm" type:"string"` // If server-side encryption with a customer-provided encryption key was requested, - // the response will include this header to provide round-trip message integrity + // the response will include this header to provide the round-trip message integrity // verification of the customer-provided encryption key. + // + // This functionality is not supported for directory buckets. SSECustomerKeyMD5 *string `location:"header" locationName:"x-amz-server-side-encryption-customer-key-MD5" type:"string"` - // If present, specifies the ID of the Amazon Web Services Key Management Service - // (Amazon Web Services KMS) symmetric customer managed key that was used for - // the object. + // If present, indicates the ID of the Key Management Service (KMS) symmetric + // encryption customer managed key that was used for the object. + // + // This functionality is not supported for directory buckets. // // SSEKMSKeyId is a sensitive parameter and its value will be // replaced with "sensitive" in string returned by UploadPartCopyOutput's // String and GoString methods. SSEKMSKeyId *string `location:"header" locationName:"x-amz-server-side-encryption-aws-kms-key-id" type:"string" sensitive:"true"` - // The server-side encryption algorithm used when storing this object in Amazon + // The server-side encryption algorithm used when you store this object in Amazon // S3 (for example, AES256, aws:kms). + // + // For directory buckets, only server-side encryption with Amazon S3 managed + // keys (SSE-S3) (AES256) is supported. ServerSideEncryption *string `location:"header" locationName:"x-amz-server-side-encryption" type:"string" enum:"ServerSideEncryption"` } @@ -39637,30 +43261,44 @@ type UploadPartInput struct { // The name of the bucket to which the multipart upload was initiated. // - // When using this action with an access point, you must direct requests to - // the access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. + // Directory buckets - When you use this operation with a directory bucket, + // you must use virtual-hosted-style requests in the format Bucket_name.s3express-az_id.region.amazonaws.com. + // Path-style requests are not supported. Directory bucket names must be unique + // in the chosen Availability Zone. Bucket names must follow the format bucket_base_name--az-id--x-s3 + // (for example, DOC-EXAMPLE-BUCKET--usw2-az1--x-s3). For information about + // bucket naming restrictions, see Directory bucket naming rules (https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-bucket-naming-rules.html) + // in the Amazon S3 User Guide. + // + // Access points - When you use this action with an access point, you must provide + // the alias of the access point in place of the bucket name or specify the + // access point ARN. When using the access point ARN, you must direct requests + // to the access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. // When using this action with an access point through the Amazon Web Services // SDKs, you provide the access point ARN in place of the bucket name. For more // information about access point ARNs, see Using access points (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html) // in the Amazon S3 User Guide. // - // When using this action with Amazon S3 on Outposts, you must direct requests - // to the S3 on Outposts hostname. The S3 on Outposts hostname takes the form - // AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com. When - // using this action with S3 on Outposts through the Amazon Web Services SDKs, - // you provide the Outposts bucket ARN in place of the bucket name. For more - // information about S3 on Outposts ARNs, see Using Amazon S3 on Outposts (https://docs.aws.amazon.com/AmazonS3/latest/userguide/S3onOutposts.html) + // Access points and Object Lambda access points are not supported by directory + // buckets. + // + // S3 on Outposts - When you use this action with Amazon S3 on Outposts, you + // must direct requests to the S3 on Outposts hostname. The S3 on Outposts hostname + // takes the form AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com. + // When you use this action with S3 on Outposts through the Amazon Web Services + // SDKs, you provide the Outposts access point ARN in place of the bucket name. + // For more information about S3 on Outposts ARNs, see What is S3 on Outposts? + // (https://docs.aws.amazon.com/AmazonS3/latest/userguide/S3onOutposts.html) // in the Amazon S3 User Guide. // // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // Indicates the algorithm used to create the checksum for the object when using - // the SDK. This header will not provide any additional functionality if not - // using the SDK. When sending this header, there must be a corresponding x-amz-checksum - // or x-amz-trailer header sent. Otherwise, Amazon S3 fails the request with - // the HTTP status code 400 Bad Request. For more information, see Checking - // object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) + // Indicates the algorithm used to create the checksum for the object when you + // use the SDK. This header will not provide any additional functionality if + // you don't use the SDK. When you send this header, there must be a corresponding + // x-amz-checksum or x-amz-trailer header sent. Otherwise, Amazon S3 fails the + // request with the HTTP status code 400 Bad Request. For more information, + // see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) // in the Amazon S3 User Guide. // // If you provide an individual checksum, Amazon S3 ignores any provided ChecksumAlgorithm @@ -39710,11 +43348,13 @@ type UploadPartInput struct { // The base64-encoded 128-bit MD5 digest of the part data. This parameter is // auto-populated when using the command from the CLI. This parameter is required // if object lock parameters are specified. + // + // This functionality is not supported for directory buckets. ContentMD5 *string `location:"header" locationName:"Content-MD5" type:"string"` - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` // Object key for which the multipart upload was initiated. @@ -39729,14 +43369,19 @@ type UploadPartInput struct { PartNumber *int64 `location:"querystring" locationName:"partNumber" type:"integer" required:"true"` // Confirms that the requester knows that they will be charged for the request. - // Bucket owners need not specify this parameter in their requests. For information - // about downloading objects from Requester Pays buckets, see Downloading Objects + // Bucket owners need not specify this parameter in their requests. If either + // the source or destination S3 bucket has Requester Pays enabled, the requester + // will pay for corresponding charges to copy the object. For information about + // downloading objects from Requester Pays buckets, see Downloading Objects // in Requester Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) // in the Amazon S3 User Guide. + // + // This functionality is not supported for directory buckets. RequestPayer *string `location:"header" locationName:"x-amz-request-payer" type:"string" enum:"RequestPayer"` - // Specifies the algorithm to use to when encrypting the object (for example, - // AES256). + // Specifies the algorithm to use when encrypting the object (for example, AES256). + // + // This functionality is not supported for directory buckets. SSECustomerAlgorithm *string `location:"header" locationName:"x-amz-server-side-encryption-customer-algorithm" type:"string"` // Specifies the customer-provided encryption key for Amazon S3 to use in encrypting @@ -39746,6 +43391,8 @@ type UploadPartInput struct { // header. This must be the same encryption key specified in the initiate multipart // upload request. // + // This functionality is not supported for directory buckets. + // // SSECustomerKey is a sensitive parameter and its value will be // replaced with "sensitive" in string returned by UploadPartInput's // String and GoString methods. @@ -39754,6 +43401,8 @@ type UploadPartInput struct { // Specifies the 128-bit MD5 digest of the encryption key according to RFC 1321. // Amazon S3 uses this header for a message integrity check to ensure that the // encryption key was transmitted without error. + // + // This functionality is not supported for directory buckets. SSECustomerKeyMD5 *string `location:"header" locationName:"x-amz-server-side-encryption-customer-key-MD5" type:"string"` // Upload ID identifying the multipart upload whose part is being uploaded. @@ -39955,38 +43604,48 @@ type UploadPartOutput struct { _ struct{} `type:"structure"` // Indicates whether the multipart upload uses an S3 Bucket Key for server-side - // encryption with Amazon Web Services KMS (SSE-KMS). + // encryption with Key Management Service (KMS) keys (SSE-KMS). + // + // This functionality is not supported for directory buckets. BucketKeyEnabled *bool `location:"header" locationName:"x-amz-server-side-encryption-bucket-key-enabled" type:"boolean"` // The base64-encoded, 32-bit CRC32 checksum of the object. This will only be - // present if it was uploaded with the object. With multipart uploads, this - // may not be a checksum value of the object. For more information about how - // checksums are calculated with multipart uploads, see Checking object integrity - // (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) + // present if it was uploaded with the object. When you use an API operation + // on an object that was uploaded using multipart uploads, this value may not + // be a direct checksum value of the full object. Instead, it's a calculation + // based on the checksum values of each individual part. For more information + // about how checksums are calculated with multipart uploads, see Checking object + // integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) // in the Amazon S3 User Guide. ChecksumCRC32 *string `location:"header" locationName:"x-amz-checksum-crc32" type:"string"` // The base64-encoded, 32-bit CRC32C checksum of the object. This will only - // be present if it was uploaded with the object. With multipart uploads, this - // may not be a checksum value of the object. For more information about how - // checksums are calculated with multipart uploads, see Checking object integrity - // (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) + // be present if it was uploaded with the object. When you use an API operation + // on an object that was uploaded using multipart uploads, this value may not + // be a direct checksum value of the full object. Instead, it's a calculation + // based on the checksum values of each individual part. For more information + // about how checksums are calculated with multipart uploads, see Checking object + // integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) // in the Amazon S3 User Guide. ChecksumCRC32C *string `location:"header" locationName:"x-amz-checksum-crc32c" type:"string"` // The base64-encoded, 160-bit SHA-1 digest of the object. This will only be - // present if it was uploaded with the object. With multipart uploads, this - // may not be a checksum value of the object. For more information about how - // checksums are calculated with multipart uploads, see Checking object integrity - // (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) + // present if it was uploaded with the object. When you use the API operation + // on an object that was uploaded using multipart uploads, this value may not + // be a direct checksum value of the full object. Instead, it's a calculation + // based on the checksum values of each individual part. For more information + // about how checksums are calculated with multipart uploads, see Checking object + // integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) // in the Amazon S3 User Guide. ChecksumSHA1 *string `location:"header" locationName:"x-amz-checksum-sha1" type:"string"` // The base64-encoded, 256-bit SHA-256 digest of the object. This will only - // be present if it was uploaded with the object. With multipart uploads, this - // may not be a checksum value of the object. For more information about how - // checksums are calculated with multipart uploads, see Checking object integrity - // (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) + // be present if it was uploaded with the object. When you use an API operation + // on an object that was uploaded using multipart uploads, this value may not + // be a direct checksum value of the full object. Instead, it's a calculation + // based on the checksum values of each individual part. For more information + // about how checksums are calculated with multipart uploads, see Checking object + // integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) // in the Amazon S3 User Guide. ChecksumSHA256 *string `location:"header" locationName:"x-amz-checksum-sha256" type:"string"` @@ -39995,29 +43654,39 @@ type UploadPartOutput struct { // If present, indicates that the requester was successfully charged for the // request. + // + // This functionality is not supported for directory buckets. RequestCharged *string `location:"header" locationName:"x-amz-request-charged" type:"string" enum:"RequestCharged"` // If server-side encryption with a customer-provided encryption key was requested, - // the response will include this header confirming the encryption algorithm - // used. + // the response will include this header to confirm the encryption algorithm + // that's used. + // + // This functionality is not supported for directory buckets. SSECustomerAlgorithm *string `location:"header" locationName:"x-amz-server-side-encryption-customer-algorithm" type:"string"` // If server-side encryption with a customer-provided encryption key was requested, - // the response will include this header to provide round-trip message integrity + // the response will include this header to provide the round-trip message integrity // verification of the customer-provided encryption key. + // + // This functionality is not supported for directory buckets. SSECustomerKeyMD5 *string `location:"header" locationName:"x-amz-server-side-encryption-customer-key-MD5" type:"string"` - // If present, specifies the ID of the Amazon Web Services Key Management Service - // (Amazon Web Services KMS) symmetric customer managed key was used for the - // object. + // If present, indicates the ID of the Key Management Service (KMS) symmetric + // encryption customer managed key that was used for the object. + // + // This functionality is not supported for directory buckets. // // SSEKMSKeyId is a sensitive parameter and its value will be // replaced with "sensitive" in string returned by UploadPartOutput's // String and GoString methods. SSEKMSKeyId *string `location:"header" locationName:"x-amz-server-side-encryption-aws-kms-key-id" type:"string" sensitive:"true"` - // The server-side encryption algorithm used when storing this object in Amazon + // The server-side encryption algorithm used when you store this object in Amazon // S3 (for example, AES256, aws:kms). + // + // For directory buckets, only server-side encryption with Amazon S3 managed + // keys (SSE-S3) (AES256) is supported. ServerSideEncryption *string `location:"header" locationName:"x-amz-server-side-encryption" type:"string" enum:"ServerSideEncryption"` } @@ -40401,6 +44070,8 @@ type WriteGetObjectResponseInput struct { // If present, indicates that the requester was successfully charged for the // request. + // + // This functionality is not supported for directory buckets. RequestCharged *string `location:"header" locationName:"x-amz-fwd-header-x-amz-request-charged" type:"string" enum:"RequestCharged"` // Route prefix to the HTTP URL generated. @@ -40427,9 +44098,9 @@ type WriteGetObjectResponseInput struct { // server-side encryption with customer-provided encryption keys (SSE-C) (https://docs.aws.amazon.com/AmazonS3/latest/userguide/ServerSideEncryptionCustomerKeys.html). SSECustomerKeyMD5 *string `location:"header" locationName:"x-amz-fwd-header-x-amz-server-side-encryption-customer-key-MD5" type:"string"` - // If present, specifies the ID of the Amazon Web Services Key Management Service - // (Amazon Web Services KMS) symmetric customer managed key that was used for - // stored in Amazon S3 object. + // If present, specifies the ID (Key ID, Key ARN, or Key Alias) of the Amazon + // Web Services Key Management Service (Amazon Web Services KMS) symmetric encryption + // customer managed key that was used for stored in Amazon S3 object. // // SSEKMSKeyId is a sensitive parameter and its value will be // replaced with "sensitive" in string returned by WriteGetObjectResponseInput's @@ -40441,9 +44112,7 @@ type WriteGetObjectResponseInput struct { ServerSideEncryption *string `location:"header" locationName:"x-amz-fwd-header-x-amz-server-side-encryption" type:"string" enum:"ServerSideEncryption"` // The integer status code for an HTTP response of a corresponding GetObject - // request. - // - // Status Codes + // request. The following is a list of status codes. // // * 200 - OK // @@ -40879,6 +44548,9 @@ const ( // BucketLocationConstraintApSouth1 is a BucketLocationConstraint enum value BucketLocationConstraintApSouth1 = "ap-south-1" + // BucketLocationConstraintApSouth2 is a BucketLocationConstraint enum value + BucketLocationConstraintApSouth2 = "ap-south-2" + // BucketLocationConstraintApSoutheast1 is a BucketLocationConstraint enum value BucketLocationConstraintApSoutheast1 = "ap-southeast-1" @@ -40909,6 +44581,9 @@ const ( // BucketLocationConstraintEuSouth1 is a BucketLocationConstraint enum value BucketLocationConstraintEuSouth1 = "eu-south-1" + // BucketLocationConstraintEuSouth2 is a BucketLocationConstraint enum value + BucketLocationConstraintEuSouth2 = "eu-south-2" + // BucketLocationConstraintEuWest1 is a BucketLocationConstraint enum value BucketLocationConstraintEuWest1 = "eu-west-1" @@ -40949,6 +44624,7 @@ func BucketLocationConstraint_Values() []string { BucketLocationConstraintApNortheast2, BucketLocationConstraintApNortheast3, BucketLocationConstraintApSouth1, + BucketLocationConstraintApSouth2, BucketLocationConstraintApSoutheast1, BucketLocationConstraintApSoutheast2, BucketLocationConstraintApSoutheast3, @@ -40959,6 +44635,7 @@ func BucketLocationConstraint_Values() []string { BucketLocationConstraintEuCentral1, BucketLocationConstraintEuNorth1, BucketLocationConstraintEuSouth1, + BucketLocationConstraintEuSouth2, BucketLocationConstraintEuWest1, BucketLocationConstraintEuWest2, BucketLocationConstraintEuWest3, @@ -40992,6 +44669,18 @@ func BucketLogsPermission_Values() []string { } } +const ( + // BucketTypeDirectory is a BucketType enum value + BucketTypeDirectory = "Directory" +) + +// BucketType_Values returns all elements of the BucketType enum +func BucketType_Values() []string { + return []string{ + BucketTypeDirectory, + } +} + const ( // BucketVersioningStatusEnabled is a BucketVersioningStatus enum value BucketVersioningStatusEnabled = "Enabled" @@ -41064,6 +44753,18 @@ func CompressionType_Values() []string { } } +const ( + // DataRedundancySingleAvailabilityZone is a DataRedundancy enum value + DataRedundancySingleAvailabilityZone = "SingleAvailabilityZone" +) + +// DataRedundancy_Values returns all elements of the DataRedundancy enum +func DataRedundancy_Values() []string { + return []string{ + DataRedundancySingleAvailabilityZone, + } +} + const ( // DeleteMarkerReplicationStatusEnabled is a DeleteMarkerReplicationStatus enum value DeleteMarkerReplicationStatusEnabled = "Enabled" @@ -41081,8 +44782,8 @@ func DeleteMarkerReplicationStatus_Values() []string { } // Requests Amazon S3 to encode the object keys in the response and specifies -// the encoding method to use. An object key may contain any Unicode character; -// however, XML 1.0 parser cannot parse some characters, such as characters +// the encoding method to use. An object key can contain any Unicode character; +// however, the XML 1.0 parser cannot parse some characters, such as characters // with an ASCII value from 0 to 10. For characters that are not supported in // XML 1.0, you can add this parameter to request that Amazon S3 encode the // keys in the response. @@ -41418,6 +45119,12 @@ const ( // InventoryOptionalFieldChecksumAlgorithm is a InventoryOptionalField enum value InventoryOptionalFieldChecksumAlgorithm = "ChecksumAlgorithm" + + // InventoryOptionalFieldObjectAccessControlList is a InventoryOptionalField enum value + InventoryOptionalFieldObjectAccessControlList = "ObjectAccessControlList" + + // InventoryOptionalFieldObjectOwner is a InventoryOptionalField enum value + InventoryOptionalFieldObjectOwner = "ObjectOwner" ) // InventoryOptionalField_Values returns all elements of the InventoryOptionalField enum @@ -41436,6 +45143,8 @@ func InventoryOptionalField_Values() []string { InventoryOptionalFieldIntelligentTieringAccessTier, InventoryOptionalFieldBucketKeyStatus, InventoryOptionalFieldChecksumAlgorithm, + InventoryOptionalFieldObjectAccessControlList, + InventoryOptionalFieldObjectOwner, } } @@ -41455,6 +45164,18 @@ func JSONType_Values() []string { } } +const ( + // LocationTypeAvailabilityZone is a LocationType enum value + LocationTypeAvailabilityZone = "AvailabilityZone" +) + +// LocationType_Values returns all elements of the LocationType enum +func LocationType_Values() []string { + return []string{ + LocationTypeAvailabilityZone, + } +} + const ( // MFADeleteEnabled is a MFADelete enum value MFADeleteEnabled = "Enabled" @@ -41655,8 +45376,19 @@ func ObjectLockRetentionMode_Values() []string { // BucketOwnerEnforced - Access control lists (ACLs) are disabled and no longer // affect permissions. The bucket owner automatically owns and has full control // over every object in the bucket. The bucket only accepts PUT requests that -// don't specify an ACL or bucket owner full control ACLs, such as the bucket-owner-full-control -// canned ACL or an equivalent form of this ACL expressed in the XML format. +// don't specify an ACL or specify bucket owner full control ACLs (such as the +// predefined bucket-owner-full-control canned ACL or a custom ACL in XML format +// that grants the same permissions). +// +// By default, ObjectOwnership is set to BucketOwnerEnforced and ACLs are disabled. +// We recommend keeping ACLs disabled, except in uncommon use cases where you +// must control access for each object individually. For more information about +// S3 Object Ownership, see Controlling ownership of objects and disabling ACLs +// for your bucket (https://docs.aws.amazon.com/AmazonS3/latest/userguide/about-object-ownership.html) +// in the Amazon S3 User Guide. +// +// This functionality is not supported for directory buckets. Directory buckets +// use the bucket owner enforced setting for S3 Object Ownership. const ( // ObjectOwnershipBucketOwnerPreferred is a ObjectOwnership enum value ObjectOwnershipBucketOwnerPreferred = "BucketOwnerPreferred" @@ -41704,6 +45436,12 @@ const ( // ObjectStorageClassGlacierIr is a ObjectStorageClass enum value ObjectStorageClassGlacierIr = "GLACIER_IR" + + // ObjectStorageClassSnow is a ObjectStorageClass enum value + ObjectStorageClassSnow = "SNOW" + + // ObjectStorageClassExpressOnezone is a ObjectStorageClass enum value + ObjectStorageClassExpressOnezone = "EXPRESS_ONEZONE" ) // ObjectStorageClass_Values returns all elements of the ObjectStorageClass enum @@ -41718,6 +45456,8 @@ func ObjectStorageClass_Values() []string { ObjectStorageClassDeepArchive, ObjectStorageClassOutposts, ObjectStorageClassGlacierIr, + ObjectStorageClassSnow, + ObjectStorageClassExpressOnezone, } } @@ -41733,6 +45473,18 @@ func ObjectVersionStorageClass_Values() []string { } } +const ( + // OptionalObjectAttributesRestoreStatus is a OptionalObjectAttributes enum value + OptionalObjectAttributesRestoreStatus = "RestoreStatus" +) + +// OptionalObjectAttributes_Values returns all elements of the OptionalObjectAttributes enum +func OptionalObjectAttributes_Values() []string { + return []string{ + OptionalObjectAttributesRestoreStatus, + } +} + const ( // OwnerOverrideDestination is a OwnerOverride enum value OwnerOverrideDestination = "Destination" @@ -41745,6 +45497,22 @@ func OwnerOverride_Values() []string { } } +const ( + // PartitionDateSourceEventTime is a PartitionDateSource enum value + PartitionDateSourceEventTime = "EventTime" + + // PartitionDateSourceDeliveryTime is a PartitionDateSource enum value + PartitionDateSourceDeliveryTime = "DeliveryTime" +) + +// PartitionDateSource_Values returns all elements of the PartitionDateSource enum +func PartitionDateSource_Values() []string { + return []string{ + PartitionDateSourceEventTime, + PartitionDateSourceDeliveryTime, + } +} + const ( // PayerRequester is a Payer enum value PayerRequester = "Requester" @@ -41865,6 +45633,9 @@ const ( // ReplicationStatusReplica is a ReplicationStatus enum value ReplicationStatusReplica = "REPLICA" + + // ReplicationStatusCompleted is a ReplicationStatus enum value + ReplicationStatusCompleted = "COMPLETED" ) // ReplicationStatus_Values returns all elements of the ReplicationStatus enum @@ -41874,6 +45645,7 @@ func ReplicationStatus_Values() []string { ReplicationStatusPending, ReplicationStatusFailed, ReplicationStatusReplica, + ReplicationStatusCompleted, } } @@ -41895,6 +45667,8 @@ func ReplicationTimeStatus_Values() []string { // If present, indicates that the requester was successfully charged for the // request. +// +// This functionality is not supported for directory buckets. const ( // RequestChargedRequester is a RequestCharged enum value RequestChargedRequester = "requester" @@ -41908,10 +45682,14 @@ func RequestCharged_Values() []string { } // Confirms that the requester knows that they will be charged for the request. -// Bucket owners need not specify this parameter in their requests. For information -// about downloading objects from Requester Pays buckets, see Downloading Objects +// Bucket owners need not specify this parameter in their requests. If either +// the source or destination S3 bucket has Requester Pays enabled, the requester +// will pay for corresponding charges to copy the object. For information about +// downloading objects from Requester Pays buckets, see Downloading Objects // in Requester Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) // in the Amazon S3 User Guide. +// +// This functionality is not supported for directory buckets. const ( // RequestPayerRequester is a RequestPayer enum value RequestPayerRequester = "requester" @@ -41942,6 +45720,9 @@ const ( // ServerSideEncryptionAwsKms is a ServerSideEncryption enum value ServerSideEncryptionAwsKms = "aws:kms" + + // ServerSideEncryptionAwsKmsDsse is a ServerSideEncryption enum value + ServerSideEncryptionAwsKmsDsse = "aws:kms:dsse" ) // ServerSideEncryption_Values returns all elements of the ServerSideEncryption enum @@ -41949,6 +45730,23 @@ func ServerSideEncryption_Values() []string { return []string{ ServerSideEncryptionAes256, ServerSideEncryptionAwsKms, + ServerSideEncryptionAwsKmsDsse, + } +} + +const ( + // SessionModeReadOnly is a SessionMode enum value + SessionModeReadOnly = "ReadOnly" + + // SessionModeReadWrite is a SessionMode enum value + SessionModeReadWrite = "ReadWrite" +) + +// SessionMode_Values returns all elements of the SessionMode enum +func SessionMode_Values() []string { + return []string{ + SessionModeReadOnly, + SessionModeReadWrite, } } @@ -41995,6 +45793,12 @@ const ( // StorageClassGlacierIr is a StorageClass enum value StorageClassGlacierIr = "GLACIER_IR" + + // StorageClassSnow is a StorageClass enum value + StorageClassSnow = "SNOW" + + // StorageClassExpressOnezone is a StorageClass enum value + StorageClassExpressOnezone = "EXPRESS_ONEZONE" ) // StorageClass_Values returns all elements of the StorageClass enum @@ -42009,6 +45813,8 @@ func StorageClass_Values() []string { StorageClassDeepArchive, StorageClassOutposts, StorageClassGlacierIr, + StorageClassSnow, + StorageClassExpressOnezone, } } diff --git a/agent/vendor/github.com/aws/aws-sdk-go/service/s3/errors.go b/agent/vendor/github.com/aws/aws-sdk-go/service/s3/errors.go index cd6a2e8ae49..8a67333ab26 100644 --- a/agent/vendor/github.com/aws/aws-sdk-go/service/s3/errors.go +++ b/agent/vendor/github.com/aws/aws-sdk-go/service/s3/errors.go @@ -25,6 +25,15 @@ const ( // "InvalidObjectState". // // Object is archived and inaccessible until restored. + // + // If the object you are retrieving is stored in the S3 Glacier Flexible Retrieval + // storage class, the S3 Glacier Deep Archive storage class, the S3 Intelligent-Tiering + // Archive Access tier, or the S3 Intelligent-Tiering Deep Archive Access tier, + // before you can retrieve the object you must first restore a copy using RestoreObject + // (https://docs.aws.amazon.com/AmazonS3/latest/API/API_RestoreObject.html). + // Otherwise, this operation returns an InvalidObjectState error. For information + // about restoring archived objects, see Restoring Archived Objects (https://docs.aws.amazon.com/AmazonS3/latest/dev/restoring-objects.html) + // in the Amazon S3 User Guide. ErrCodeInvalidObjectState = "InvalidObjectState" // ErrCodeNoSuchBucket for service response error code diff --git a/agent/vendor/github.com/aws/aws-sdk-go/service/s3/platform_handlers_go1.6.go b/agent/vendor/github.com/aws/aws-sdk-go/service/s3/platform_handlers_go1.6.go index 339019d3217..70feffab752 100644 --- a/agent/vendor/github.com/aws/aws-sdk-go/service/s3/platform_handlers_go1.6.go +++ b/agent/vendor/github.com/aws/aws-sdk-go/service/s3/platform_handlers_go1.6.go @@ -25,5 +25,5 @@ func add100Continue(r *request.Request) { return } - r.HTTPRequest.Header.Set("Expect", "100-Continue") + r.HTTPRequest.Header.Set("Expect", "100-continue") } diff --git a/agent/vendor/github.com/aws/aws-sdk-go/service/s3/s3iface/interface.go b/agent/vendor/github.com/aws/aws-sdk-go/service/s3/s3iface/interface.go index 6d679a2990f..d13b4617030 100644 --- a/agent/vendor/github.com/aws/aws-sdk-go/service/s3/s3iface/interface.go +++ b/agent/vendor/github.com/aws/aws-sdk-go/service/s3/s3iface/interface.go @@ -80,6 +80,10 @@ type S3API interface { CreateMultipartUploadWithContext(aws.Context, *s3.CreateMultipartUploadInput, ...request.Option) (*s3.CreateMultipartUploadOutput, error) CreateMultipartUploadRequest(*s3.CreateMultipartUploadInput) (*request.Request, *s3.CreateMultipartUploadOutput) + CreateSession(*s3.CreateSessionInput) (*s3.CreateSessionOutput, error) + CreateSessionWithContext(aws.Context, *s3.CreateSessionInput, ...request.Option) (*s3.CreateSessionOutput, error) + CreateSessionRequest(*s3.CreateSessionInput) (*request.Request, *s3.CreateSessionOutput) + DeleteBucket(*s3.DeleteBucketInput) (*s3.DeleteBucketOutput, error) DeleteBucketWithContext(aws.Context, *s3.DeleteBucketInput, ...request.Option) (*s3.DeleteBucketOutput, error) DeleteBucketRequest(*s3.DeleteBucketInput) (*request.Request, *s3.DeleteBucketOutput) @@ -300,6 +304,13 @@ type S3API interface { ListBucketsWithContext(aws.Context, *s3.ListBucketsInput, ...request.Option) (*s3.ListBucketsOutput, error) ListBucketsRequest(*s3.ListBucketsInput) (*request.Request, *s3.ListBucketsOutput) + ListDirectoryBuckets(*s3.ListDirectoryBucketsInput) (*s3.ListDirectoryBucketsOutput, error) + ListDirectoryBucketsWithContext(aws.Context, *s3.ListDirectoryBucketsInput, ...request.Option) (*s3.ListDirectoryBucketsOutput, error) + ListDirectoryBucketsRequest(*s3.ListDirectoryBucketsInput) (*request.Request, *s3.ListDirectoryBucketsOutput) + + ListDirectoryBucketsPages(*s3.ListDirectoryBucketsInput, func(*s3.ListDirectoryBucketsOutput, bool) bool) error + ListDirectoryBucketsPagesWithContext(aws.Context, *s3.ListDirectoryBucketsInput, func(*s3.ListDirectoryBucketsOutput, bool) bool, ...request.Option) error + ListMultipartUploads(*s3.ListMultipartUploadsInput) (*s3.ListMultipartUploadsOutput, error) ListMultipartUploadsWithContext(aws.Context, *s3.ListMultipartUploadsInput, ...request.Option) (*s3.ListMultipartUploadsOutput, error) ListMultipartUploadsRequest(*s3.ListMultipartUploadsInput) (*request.Request, *s3.ListMultipartUploadsOutput) diff --git a/agent/vendor/github.com/aws/aws-sdk-go/service/s3/s3manager/upload_input.go b/agent/vendor/github.com/aws/aws-sdk-go/service/s3/s3manager/upload_input.go index 1cd115f48ce..f9c6e786de2 100644 --- a/agent/vendor/github.com/aws/aws-sdk-go/service/s3/s3manager/upload_input.go +++ b/agent/vendor/github.com/aws/aws-sdk-go/service/s3/s3manager/upload_input.go @@ -23,9 +23,32 @@ type UploadInput struct { _ struct{} `locationName:"PutObjectRequest" type:"structure" payload:"Body"` // The canned ACL to apply to the object. For more information, see Canned ACL - // (https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#CannedACL). + // (https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#CannedACL) + // in the Amazon S3 User Guide. + // + // When adding a new object, you can use headers to grant ACL-based permissions + // to individual Amazon Web Services accounts or to predefined groups defined + // by Amazon S3. These permissions are then added to the ACL on the object. + // By default, all objects are private. Only the owner has full access control. + // For more information, see Access Control List (ACL) Overview (https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html) + // and Managing ACLs Using the REST API (https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-using-rest-api.html) + // in the Amazon S3 User Guide. + // + // If the bucket that you're uploading objects to uses the bucket owner enforced + // setting for S3 Object Ownership, ACLs are disabled and no longer affect permissions. + // Buckets that use this setting only accept PUT requests that don't specify + // an ACL or PUT requests that specify bucket owner full control ACLs, such + // as the bucket-owner-full-control canned ACL or an equivalent form of this + // ACL expressed in the XML format. PUT requests that contain other ACLs (for + // example, custom grants to certain Amazon Web Services accounts) fail and + // return a 400 error with the error code AccessControlListNotSupported. For + // more information, see Controlling ownership of objects and disabling ACLs + // (https://docs.aws.amazon.com/AmazonS3/latest/userguide/about-object-ownership.html) + // in the Amazon S3 User Guide. + // + // * This functionality is not supported for directory buckets. // - // This action is not supported by Amazon S3 on Outposts. + // * This functionality is not supported for Amazon S3 on Outposts. ACL *string `location:"header" locationName:"x-amz-acl" type:"string" enum:"ObjectCannedACL"` // The readable body payload to send to S3. @@ -33,31 +56,47 @@ type UploadInput struct { // The bucket name to which the PUT action was initiated. // - // When using this action with an access point, you must direct requests to - // the access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. + // Directory buckets - When you use this operation with a directory bucket, + // you must use virtual-hosted-style requests in the format Bucket_name.s3express-az_id.region.amazonaws.com. + // Path-style requests are not supported. Directory bucket names must be unique + // in the chosen Availability Zone. Bucket names must follow the format bucket_base_name--az-id--x-s3 + // (for example, DOC-EXAMPLE-BUCKET--usw2-az1--x-s3). For information about + // bucket naming restrictions, see Directory bucket naming rules (https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-bucket-naming-rules.html) + // in the Amazon S3 User Guide. + // + // Access points - When you use this action with an access point, you must provide + // the alias of the access point in place of the bucket name or specify the + // access point ARN. When using the access point ARN, you must direct requests + // to the access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. // When using this action with an access point through the Amazon Web Services // SDKs, you provide the access point ARN in place of the bucket name. For more // information about access point ARNs, see Using access points (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html) // in the Amazon S3 User Guide. // - // When using this action with Amazon S3 on Outposts, you must direct requests - // to the S3 on Outposts hostname. The S3 on Outposts hostname takes the form - // AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com. When - // using this action with S3 on Outposts through the Amazon Web Services SDKs, - // you provide the Outposts bucket ARN in place of the bucket name. For more - // information about S3 on Outposts ARNs, see Using Amazon S3 on Outposts (https://docs.aws.amazon.com/AmazonS3/latest/userguide/S3onOutposts.html) + // Access points and Object Lambda access points are not supported by directory + // buckets. + // + // S3 on Outposts - When you use this action with Amazon S3 on Outposts, you + // must direct requests to the S3 on Outposts hostname. The S3 on Outposts hostname + // takes the form AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com. + // When you use this action with S3 on Outposts through the Amazon Web Services + // SDKs, you provide the Outposts access point ARN in place of the bucket name. + // For more information about S3 on Outposts ARNs, see What is S3 on Outposts? + // (https://docs.aws.amazon.com/AmazonS3/latest/userguide/S3onOutposts.html) // in the Amazon S3 User Guide. // // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` // Specifies whether Amazon S3 should use an S3 Bucket Key for object encryption - // with server-side encryption using AWS KMS (SSE-KMS). Setting this header - // to true causes Amazon S3 to use an S3 Bucket Key for object encryption with - // SSE-KMS. + // with server-side encryption using Key Management Service (KMS) keys (SSE-KMS). + // Setting this header to true causes Amazon S3 to use an S3 Bucket Key for + // object encryption with SSE-KMS. // // Specifying this header with a PUT action doesn’t affect bucket-level settings // for S3 Bucket Key. + // + // This functionality is not supported for directory buckets. BucketKeyEnabled *bool `location:"header" locationName:"x-amz-server-side-encryption-bucket-key-enabled" type:"boolean"` // Can be used to specify caching behavior along the request/reply chain. For @@ -65,16 +104,33 @@ type UploadInput struct { // (http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.9). CacheControl *string `location:"header" locationName:"Cache-Control" type:"string"` - // Indicates the algorithm used to create the checksum for the object when using - // the SDK. This header will not provide any additional functionality if not - // using the SDK. When sending this header, there must be a corresponding x-amz-checksum - // or x-amz-trailer header sent. Otherwise, Amazon S3 fails the request with - // the HTTP status code 400 Bad Request. For more information, see Checking - // object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) + // Indicates the algorithm used to create the checksum for the object when you + // use the SDK. This header will not provide any additional functionality if + // you don't use the SDK. When you send this header, there must be a corresponding + // x-amz-checksum-algorithm or x-amz-trailer header sent. Otherwise, Amazon + // S3 fails the request with the HTTP status code 400 Bad Request. + // + // For the x-amz-checksum-algorithm header, replace algorithm with the supported + // algorithm from the following list: + // + // * CRC32 + // + // * CRC32C + // + // * SHA1 + // + // * SHA256 + // + // For more information, see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) // in the Amazon S3 User Guide. // - // If you provide an individual checksum, Amazon S3 ignores any provided ChecksumAlgorithm - // parameter. + // If the individual checksum value you provide through x-amz-checksum-algorithm + // doesn't match the checksum algorithm you set through x-amz-sdk-checksum-algorithm, + // Amazon S3 ignores any provided ChecksumAlgorithm parameter and uses the checksum + // algorithm that matches the provided value in x-amz-checksum-algorithm . + // + // For directory buckets, when you use Amazon Web Services SDKs, CRC32 is the + // default checksum algorithm that's used for performance. // // The AWS SDK for Go v1 does not support automatic computing request payload // checksum. This feature is available in the AWS SDK for Go v2. If a value @@ -111,13 +167,13 @@ type UploadInput struct { ChecksumSHA256 *string `location:"header" locationName:"x-amz-checksum-sha256" type:"string"` // Specifies presentational information for the object. For more information, - // see http://www.w3.org/Protocols/rfc2616/rfc2616-sec19.html#sec19.5.1 (http://www.w3.org/Protocols/rfc2616/rfc2616-sec19.html#sec19.5.1). + // see https://www.rfc-editor.org/rfc/rfc6266#section-4 (https://www.rfc-editor.org/rfc/rfc6266#section-4). ContentDisposition *string `location:"header" locationName:"Content-Disposition" type:"string"` // Specifies what content encodings have been applied to the object and thus // what decoding mechanisms must be applied to obtain the media-type referenced - // by the Content-Type header field. For more information, see http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.11 - // (http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.11). + // by the Content-Type header field. For more information, see https://www.rfc-editor.org/rfc/rfc9110.html#field.content-encoding + // (https://www.rfc-editor.org/rfc/rfc9110.html#field.content-encoding). ContentEncoding *string `location:"header" locationName:"Content-Encoding" type:"string"` // The language the content is in. @@ -130,41 +186,56 @@ type UploadInput struct { // integrity check. For more information about REST request authentication, // see REST Authentication (https://docs.aws.amazon.com/AmazonS3/latest/dev/RESTAuthentication.html). // + // The Content-MD5 header is required for any request to upload an object with + // a retention period configured using Amazon S3 Object Lock. For more information + // about Amazon S3 Object Lock, see Amazon S3 Object Lock Overview (https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock-overview.html) + // in the Amazon S3 User Guide. + // + // This functionality is not supported for directory buckets. + // // If the ContentMD5 is provided for a multipart upload, it will be ignored. // Objects that will be uploaded in a single part, the ContentMD5 will be used. ContentMD5 *string `location:"header" locationName:"Content-MD5" type:"string"` // A standard MIME type describing the format of the contents. For more information, - // see http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.17 (http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.17). + // see https://www.rfc-editor.org/rfc/rfc9110.html#name-content-type (https://www.rfc-editor.org/rfc/rfc9110.html#name-content-type). ContentType *string `location:"header" locationName:"Content-Type" type:"string"` - // The account ID of the expected bucket owner. If the bucket is owned by a - // different account, the request fails with the HTTP status code 403 Forbidden - // (access denied). + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` // The date and time at which the object is no longer cacheable. For more information, - // see http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.21 (http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.21). + // see https://www.rfc-editor.org/rfc/rfc7234#section-5.3 (https://www.rfc-editor.org/rfc/rfc7234#section-5.3). Expires *time.Time `location:"header" locationName:"Expires" type:"timestamp"` // Gives the grantee READ, READ_ACP, and WRITE_ACP permissions on the object. // - // This action is not supported by Amazon S3 on Outposts. + // * This functionality is not supported for directory buckets. + // + // * This functionality is not supported for Amazon S3 on Outposts. GrantFullControl *string `location:"header" locationName:"x-amz-grant-full-control" type:"string"` // Allows grantee to read the object data and its metadata. // - // This action is not supported by Amazon S3 on Outposts. + // * This functionality is not supported for directory buckets. + // + // * This functionality is not supported for Amazon S3 on Outposts. GrantRead *string `location:"header" locationName:"x-amz-grant-read" type:"string"` // Allows grantee to read the object ACL. // - // This action is not supported by Amazon S3 on Outposts. + // * This functionality is not supported for directory buckets. + // + // * This functionality is not supported for Amazon S3 on Outposts. GrantReadACP *string `location:"header" locationName:"x-amz-grant-read-acp" type:"string"` // Allows grantee to write the ACL for the applicable object. // - // This action is not supported by Amazon S3 on Outposts. + // * This functionality is not supported for directory buckets. + // + // * This functionality is not supported for Amazon S3 on Outposts. GrantWriteACP *string `location:"header" locationName:"x-amz-grant-write-acp" type:"string"` // Object key for which the PUT action was initiated. @@ -176,25 +247,37 @@ type UploadInput struct { Metadata map[string]*string `location:"headers" locationName:"x-amz-meta-" type:"map"` // Specifies whether a legal hold will be applied to this object. For more information - // about S3 Object Lock, see Object Lock (https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock.html). + // about S3 Object Lock, see Object Lock (https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock.html) + // in the Amazon S3 User Guide. + // + // This functionality is not supported for directory buckets. ObjectLockLegalHoldStatus *string `location:"header" locationName:"x-amz-object-lock-legal-hold" type:"string" enum:"ObjectLockLegalHoldStatus"` // The Object Lock mode that you want to apply to this object. + // + // This functionality is not supported for directory buckets. ObjectLockMode *string `location:"header" locationName:"x-amz-object-lock-mode" type:"string" enum:"ObjectLockMode"` // The date and time when you want this object's Object Lock to expire. Must // be formatted as a timestamp parameter. + // + // This functionality is not supported for directory buckets. ObjectLockRetainUntilDate *time.Time `location:"header" locationName:"x-amz-object-lock-retain-until-date" type:"timestamp" timestampFormat:"iso8601"` // Confirms that the requester knows that they will be charged for the request. - // Bucket owners need not specify this parameter in their requests. For information - // about downloading objects from Requester Pays buckets, see Downloading Objects + // Bucket owners need not specify this parameter in their requests. If either + // the source or destination S3 bucket has Requester Pays enabled, the requester + // will pay for corresponding charges to copy the object. For information about + // downloading objects from Requester Pays buckets, see Downloading Objects // in Requester Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) // in the Amazon S3 User Guide. + // + // This functionality is not supported for directory buckets. RequestPayer *string `location:"header" locationName:"x-amz-request-payer" type:"string" enum:"RequestPayer"` - // Specifies the algorithm to use to when encrypting the object (for example, - // AES256). + // Specifies the algorithm to use when encrypting the object (for example, AES256). + // + // This functionality is not supported for directory buckets. SSECustomerAlgorithm *string `location:"header" locationName:"x-amz-server-side-encryption-customer-algorithm" type:"string"` // Specifies the customer-provided encryption key for Amazon S3 to use in encrypting @@ -202,48 +285,80 @@ type UploadInput struct { // S3 does not store the encryption key. The key must be appropriate for use // with the algorithm specified in the x-amz-server-side-encryption-customer-algorithm // header. + // + // This functionality is not supported for directory buckets. SSECustomerKey *string `marshal-as:"blob" location:"header" locationName:"x-amz-server-side-encryption-customer-key" type:"string" sensitive:"true"` // Specifies the 128-bit MD5 digest of the encryption key according to RFC 1321. // Amazon S3 uses this header for a message integrity check to ensure that the // encryption key was transmitted without error. + // + // This functionality is not supported for directory buckets. SSECustomerKeyMD5 *string `location:"header" locationName:"x-amz-server-side-encryption-customer-key-MD5" type:"string"` // Specifies the Amazon Web Services KMS Encryption Context to use for object // encryption. The value of this header is a base64-encoded UTF-8 string holding - // JSON with the encryption context key-value pairs. + // JSON with the encryption context key-value pairs. This value is stored as + // object metadata and automatically gets passed on to Amazon Web Services KMS + // for future GetObject or CopyObject operations on this object. This value + // must be explicitly added during CopyObject operations. + // + // This functionality is not supported for directory buckets. SSEKMSEncryptionContext *string `location:"header" locationName:"x-amz-server-side-encryption-context" type:"string" sensitive:"true"` - // If x-amz-server-side-encryption is present and has the value of aws:kms, - // this header specifies the ID of the Amazon Web Services Key Management Service - // (Amazon Web Services KMS) symmetrical customer managed key that was used - // for the object. If you specify x-amz-server-side-encryption:aws:kms, but - // do not providex-amz-server-side-encryption-aws-kms-key-id, Amazon S3 uses - // the Amazon Web Services managed key to protect the data. If the KMS key does - // not exist in the same account issuing the command, you must use the full - // ARN and not just the ID. + // If x-amz-server-side-encryption has a valid value of aws:kms or aws:kms:dsse, + // this header specifies the ID (Key ID, Key ARN, or Key Alias) of the Key Management + // Service (KMS) symmetric encryption customer managed key that was used for + // the object. If you specify x-amz-server-side-encryption:aws:kms or x-amz-server-side-encryption:aws:kms:dsse, + // but do not providex-amz-server-side-encryption-aws-kms-key-id, Amazon S3 + // uses the Amazon Web Services managed key (aws/s3) to protect the data. If + // the KMS key does not exist in the same account that's issuing the command, + // you must use the full ARN and not just the ID. + // + // This functionality is not supported for directory buckets. SSEKMSKeyId *string `location:"header" locationName:"x-amz-server-side-encryption-aws-kms-key-id" type:"string" sensitive:"true"` - // The server-side encryption algorithm used when storing this object in Amazon - // S3 (for example, AES256, aws:kms). + // The server-side encryption algorithm that was used when you store this object + // in Amazon S3 (for example, AES256, aws:kms, aws:kms:dsse). + // + // General purpose buckets - You have four mutually exclusive options to protect + // data using server-side encryption in Amazon S3, depending on how you choose + // to manage the encryption keys. Specifically, the encryption key options are + // Amazon S3 managed keys (SSE-S3), Amazon Web Services KMS keys (SSE-KMS or + // DSSE-KMS), and customer-provided keys (SSE-C). Amazon S3 encrypts data with + // server-side encryption by using Amazon S3 managed keys (SSE-S3) by default. + // You can optionally tell Amazon S3 to encrypt data at rest by using server-side + // encryption with other key options. For more information, see Using Server-Side + // Encryption (https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingServerSideEncryption.html) + // in the Amazon S3 User Guide. + // + // Directory buckets - For directory buckets, only the server-side encryption + // with Amazon S3 managed keys (SSE-S3) (AES256) value is supported. ServerSideEncryption *string `location:"header" locationName:"x-amz-server-side-encryption" type:"string" enum:"ServerSideEncryption"` // By default, Amazon S3 uses the STANDARD Storage Class to store newly created // objects. The STANDARD storage class provides high durability and high availability. // Depending on performance needs, you can specify a different Storage Class. - // Amazon S3 on Outposts only uses the OUTPOSTS Storage Class. For more information, - // see Storage Classes (https://docs.aws.amazon.com/AmazonS3/latest/dev/storage-class-intro.html) + // For more information, see Storage Classes (https://docs.aws.amazon.com/AmazonS3/latest/dev/storage-class-intro.html) // in the Amazon S3 User Guide. + // + // * For directory buckets, only the S3 Express One Zone storage class is + // supported to store newly created objects. + // + // * Amazon S3 on Outposts only uses the OUTPOSTS Storage Class. StorageClass *string `location:"header" locationName:"x-amz-storage-class" type:"string" enum:"StorageClass"` // The tag-set for the object. The tag-set must be encoded as URL Query parameters. // (For example, "Key1=Value1") + // + // This functionality is not supported for directory buckets. Tagging *string `location:"header" locationName:"x-amz-tagging" type:"string"` // If the bucket is configured as a website, redirects requests for this object // to another object in the same bucket or to an external URL. Amazon S3 stores // the value of this header in the object metadata. For information about object - // metadata, see Object Key and Metadata (https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingMetadata.html). + // metadata, see Object Key and Metadata (https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingMetadata.html) + // in the Amazon S3 User Guide. // // In the following example, the request header sets the redirect to an object // (anotherPage.html) in the same bucket: @@ -257,6 +372,9 @@ type UploadInput struct { // // For more information about website hosting in Amazon S3, see Hosting Websites // on Amazon S3 (https://docs.aws.amazon.com/AmazonS3/latest/dev/WebsiteHosting.html) - // and How to Configure Website Page Redirects (https://docs.aws.amazon.com/AmazonS3/latest/dev/how-to-page-redirect.html). + // and How to Configure Website Page Redirects (https://docs.aws.amazon.com/AmazonS3/latest/dev/how-to-page-redirect.html) + // in the Amazon S3 User Guide. + // + // This functionality is not supported for directory buckets. WebsiteRedirectLocation *string `location:"header" locationName:"x-amz-website-redirect-location" type:"string"` } diff --git a/agent/vendor/github.com/aws/aws-sdk-go/service/secretsmanager/api.go b/agent/vendor/github.com/aws/aws-sdk-go/service/secretsmanager/api.go index 4e2ffdcc693..4b72692d274 100644 --- a/agent/vendor/github.com/aws/aws-sdk-go/service/secretsmanager/api.go +++ b/agent/vendor/github.com/aws/aws-sdk-go/service/secretsmanager/api.go @@ -13,6 +13,189 @@ import ( "github.com/aws/aws-sdk-go/private/protocol/jsonrpc" ) +const opBatchGetSecretValue = "BatchGetSecretValue" + +// BatchGetSecretValueRequest generates a "aws/request.Request" representing the +// client's request for the BatchGetSecretValue operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See BatchGetSecretValue for more information on using the BatchGetSecretValue +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the BatchGetSecretValueRequest method. +// req, resp := client.BatchGetSecretValueRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/secretsmanager-2017-10-17/BatchGetSecretValue +func (c *SecretsManager) BatchGetSecretValueRequest(input *BatchGetSecretValueInput) (req *request.Request, output *BatchGetSecretValueOutput) { + op := &request.Operation{ + Name: opBatchGetSecretValue, + HTTPMethod: "POST", + HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "MaxResults", + TruncationToken: "", + }, + } + + if input == nil { + input = &BatchGetSecretValueInput{} + } + + output = &BatchGetSecretValueOutput{} + req = c.newRequest(op, input, output) + return +} + +// BatchGetSecretValue API operation for AWS Secrets Manager. +// +// Retrieves the contents of the encrypted fields SecretString or SecretBinary +// for up to 20 secrets. To retrieve a single secret, call GetSecretValue. +// +// To choose which secrets to retrieve, you can specify a list of secrets by +// name or ARN, or you can use filters. If Secrets Manager encounters errors +// such as AccessDeniedException while attempting to retrieve any of the secrets, +// you can see the errors in Errors in the response. +// +// Secrets Manager generates CloudTrail GetSecretValue log entries for each +// secret you request when you call this action. Do not include sensitive information +// in request parameters because it might be logged. For more information, see +// Logging Secrets Manager events with CloudTrail (https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieve-ct-entries.html). +// +// Required permissions: secretsmanager:BatchGetSecretValue, and you must have +// secretsmanager:GetSecretValue for each secret. If you use filters, you must +// also have secretsmanager:ListSecrets. If the secrets are encrypted using +// customer-managed keys instead of the Amazon Web Services managed key aws/secretsmanager, +// then you also need kms:Decrypt permissions for the keys. For more information, +// see IAM policy actions for Secrets Manager (https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions) +// and Authentication and access control in Secrets Manager (https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html). +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for AWS Secrets Manager's +// API operation BatchGetSecretValue for usage and error information. +// +// Returned Error Types: +// +// - ResourceNotFoundException +// Secrets Manager can't find the resource that you asked for. +// +// - InvalidParameterException +// The parameter name or value is invalid. +// +// - InvalidRequestException +// A parameter value is not valid for the current state of the resource. +// +// Possible causes: +// +// - The secret is scheduled for deletion. +// +// - You tried to enable rotation on a secret that doesn't already have a +// Lambda function ARN configured and you didn't include such an ARN as a +// parameter in this call. +// +// - The secret is managed by another service, and you must use that service +// to update it. For more information, see Secrets managed by other Amazon +// Web Services services (https://docs.aws.amazon.com/secretsmanager/latest/userguide/service-linked-secrets.html). +// +// - DecryptionFailure +// Secrets Manager can't decrypt the protected secret text using the provided +// KMS key. +// +// - InternalServiceError +// An error occurred on the server side. +// +// - InvalidNextTokenException +// The NextToken value is invalid. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/secretsmanager-2017-10-17/BatchGetSecretValue +func (c *SecretsManager) BatchGetSecretValue(input *BatchGetSecretValueInput) (*BatchGetSecretValueOutput, error) { + req, out := c.BatchGetSecretValueRequest(input) + return out, req.Send() +} + +// BatchGetSecretValueWithContext is the same as BatchGetSecretValue with the addition of +// the ability to pass a context and additional request options. +// +// See BatchGetSecretValue for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *SecretsManager) BatchGetSecretValueWithContext(ctx aws.Context, input *BatchGetSecretValueInput, opts ...request.Option) (*BatchGetSecretValueOutput, error) { + req, out := c.BatchGetSecretValueRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +// BatchGetSecretValuePages iterates over the pages of a BatchGetSecretValue operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See BatchGetSecretValue method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a BatchGetSecretValue operation. +// pageNum := 0 +// err := client.BatchGetSecretValuePages(params, +// func(page *secretsmanager.BatchGetSecretValueOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +func (c *SecretsManager) BatchGetSecretValuePages(input *BatchGetSecretValueInput, fn func(*BatchGetSecretValueOutput, bool) bool) error { + return c.BatchGetSecretValuePagesWithContext(aws.BackgroundContext(), input, fn) +} + +// BatchGetSecretValuePagesWithContext same as BatchGetSecretValuePages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *SecretsManager) BatchGetSecretValuePagesWithContext(ctx aws.Context, input *BatchGetSecretValueInput, fn func(*BatchGetSecretValueOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *BatchGetSecretValueInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.BatchGetSecretValueRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*BatchGetSecretValueOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + const opCancelRotateSecret = "CancelRotateSecret" // CancelRotateSecretRequest generates a "aws/request.Request" representing the @@ -184,6 +367,10 @@ func (c *SecretsManager) CreateSecretRequest(input *CreateSecretInput) (req *req // protected secret data and the important information needed to manage the // secret. // +// For secrets that use managed rotation, you need to create the secret through +// the managing service. For more information, see Secrets Manager secrets managed +// by other Amazon Web Services services (https://docs.aws.amazon.com/secretsmanager/latest/userguide/service-linked-secrets.html). +// // For information about creating a secret in the console, see Create a secret // (https://docs.aws.amazon.com/secretsmanager/latest/userguide/manage_create-basic-secret.html). // @@ -686,12 +873,10 @@ func (c *SecretsManager) GetRandomPasswordRequest(input *GetRandomPasswordInput) // // Generates a random password. We recommend that you specify the maximum length // and include every character type that the system you are generating a password -// for can support. +// for can support. By default, Secrets Manager uses uppercase and lowercase +// letters, numbers, and the following characters in passwords: !\"#$%&'()*+,-./:;<=>?@[\\]^_`{|}~ // // Secrets Manager generates a CloudTrail log entry when you call this action. -// Do not include sensitive information in request parameters because it might -// be logged. For more information, see Logging Secrets Manager events with -// CloudTrail (https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieve-ct-entries.html). // // Required permissions: secretsmanager:GetRandomPassword. For more information, // see IAM policy actions for Secrets Manager (https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions) @@ -906,6 +1091,8 @@ func (c *SecretsManager) GetSecretValueRequest(input *GetSecretValueInput) (req // Retrieves the contents of the encrypted fields SecretString or SecretBinary // from the specified version of a secret, whichever contains content. // +// To retrieve the values for a group of secrets, call BatchGetSecretValue. +// // We recommend that you cache your secret values by using client-side caching. // Caching secrets improves speed and reduces your costs. For more information, // see Cache secrets for your applications (https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieving-secrets.html). @@ -1195,13 +1382,13 @@ func (c *SecretsManager) ListSecretsRequest(input *ListSecretsInput) (req *reque // account, not including secrets that are marked for deletion. To see secrets // marked for deletion, use the Secrets Manager console. // -// ListSecrets is eventually consistent, however it might not reflect changes -// from the last five minutes. To get the latest information for a specific -// secret, use DescribeSecret. +// All Secrets Manager operations are eventually consistent. ListSecrets might +// not reflect changes from the last five minutes. You can get more recent information +// for a specific secret by calling DescribeSecret. // // To list the versions of a secret, use ListSecretVersionIds. // -// To get the secret value from SecretString or SecretBinary, call GetSecretValue. +// To retrieve the values for the secrets, call BatchGetSecretValue or GetSecretValue. // // For information about finding secrets in the console, see Find secrets in // Secrets Manager (https://docs.aws.amazon.com/secretsmanager/latest/userguide/manage_search-secret.html). @@ -1227,6 +1414,21 @@ func (c *SecretsManager) ListSecretsRequest(input *ListSecretsInput) (req *reque // - InvalidParameterException // The parameter name or value is invalid. // +// - InvalidRequestException +// A parameter value is not valid for the current state of the resource. +// +// Possible causes: +// +// - The secret is scheduled for deletion. +// +// - You tried to enable rotation on a secret that doesn't already have a +// Lambda function ARN configured and you didn't include such an ARN as a +// parameter in this call. +// +// - The secret is managed by another service, and you must use that service +// to update it. For more information, see Secrets managed by other Amazon +// Web Services services (https://docs.aws.amazon.com/secretsmanager/latest/userguide/service-linked-secrets.html). +// // - InvalidNextTokenException // The NextToken value is invalid. // @@ -1736,8 +1938,12 @@ func (c *SecretsManager) ReplicateSecretToRegionsRequest(input *ReplicateSecretT // be logged. For more information, see Logging Secrets Manager events with // CloudTrail (https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieve-ct-entries.html). // -// Required permissions: secretsmanager:ReplicateSecretToRegions. For more information, -// see IAM policy actions for Secrets Manager (https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions) +// Required permissions: secretsmanager:ReplicateSecretToRegions. If the primary +// secret is encrypted with a KMS key other than aws/secretsmanager, you also +// need kms:Decrypt permission to the key. To encrypt the replicated secret +// with a KMS key other than aws/secretsmanager, you need kms:GenerateDataKey +// and kms:Encrypt to the key. For more information, see IAM policy actions +// for Secrets Manager (https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions) // and Authentication and access control in Secrets Manager (https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html). // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -1949,42 +2155,20 @@ func (c *SecretsManager) RotateSecretRequest(input *RotateSecretInput) (req *req // RotateSecret API operation for AWS Secrets Manager. // // Configures and starts the asynchronous process of rotating the secret. For -// more information about rotation, see Rotate secrets (https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotating-secrets.html). -// -// If you include the configuration parameters, the operation sets the values -// for the secret and then immediately starts a rotation. If you don't include -// the configuration parameters, the operation starts a rotation with the values -// already stored in the secret. -// -// For database credentials you want to rotate, for Secrets Manager to be able -// to rotate the secret, you must make sure the secret value is in the JSON -// structure of a database secret (https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_secret_json_structure.html). -// In particular, if you want to use the alternating users strategy (https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotating-secrets_strategies.html#rotating-secrets-two-users), -// your secret must contain the ARN of a superuser secret. -// -// To configure rotation, you also need the ARN of an Amazon Web Services Lambda -// function and the schedule for the rotation. The Lambda rotation function -// creates a new version of the secret and creates or updates the credentials -// on the database or service to match. After testing the new credentials, the -// function marks the new secret version with the staging label AWSCURRENT. -// Then anyone who retrieves the secret gets the new version. For more information, -// see How rotation works (https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotate-secrets_how.html). -// -// You can create the Lambda rotation function based on the rotation function -// templates (https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_available-rotation-templates.html) -// that Secrets Manager provides. Choose a template that matches your Rotation -// strategy (https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotating-secrets_strategies.html). +// information about rotation, see Rotate secrets (https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotating-secrets.html) +// in the Secrets Manager User Guide. If you include the configuration parameters, +// the operation sets the values for the secret and then immediately starts +// a rotation. If you don't include the configuration parameters, the operation +// starts a rotation with the values already stored in the secret. // // When rotation is successful, the AWSPENDING staging label might be attached // to the same version as the AWSCURRENT version, or it might not be attached // to any version. If the AWSPENDING staging label is present but not attached // to the same version as AWSCURRENT, then any later invocation of RotateSecret // assumes that a previous rotation request is still in progress and returns -// an error. -// -// When rotation is unsuccessful, the AWSPENDING staging label might be attached -// to an empty secret version. For more information, see Troubleshoot rotation -// (https://docs.aws.amazon.com/secretsmanager/latest/userguide/troubleshoot_rotation.html) +// an error. When rotation is unsuccessful, the AWSPENDING staging label might +// be attached to an empty secret version. For more information, see Troubleshoot +// rotation (https://docs.aws.amazon.com/secretsmanager/latest/userguide/troubleshoot_rotation.html) // in the Secrets Manager User Guide. // // Secrets Manager generates a CloudTrail log entry when you call this action. @@ -2214,25 +2398,8 @@ func (c *SecretsManager) TagResourceRequest(input *TagResourceInput) (req *reque // part of the secret's metadata. They are not associated with specific versions // of the secret. This operation appends tags to the existing list of tags. // -// The following restrictions apply to tags: -// -// - Maximum number of tags per secret: 50 -// -// - Maximum key length: 127 Unicode characters in UTF-8 -// -// - Maximum value length: 255 Unicode characters in UTF-8 -// -// - Tag keys and values are case sensitive. -// -// - Do not use the aws: prefix in your tag names or values because Amazon -// Web Services reserves it for Amazon Web Services use. You can't edit or -// delete tag names or values with this prefix. Tags with this prefix do -// not count against your tags per secret limit. -// -// - If you use your tagging schema across multiple services and resources, -// other services might have restrictions on allowed characters. Generally -// allowed characters: letters, spaces, and numbers representable in UTF-8, -// plus the following special characters: + - = . _ : / @. +// For tag quotas and naming restrictions, see Service quotas for Tagging (https://docs.aws.amazon.com/general/latest/gr/arg.html#taged-reference-quotas) +// in the Amazon Web Services General Reference guide. // // If you use tags as part of your security strategy, then adding or removing // a tag can change permissions. If successfully completing this operation would @@ -2469,6 +2636,10 @@ func (c *SecretsManager) UpdateSecretRequest(input *UpdateSecretInput) (req *req // // To change the rotation configuration of a secret, use RotateSecret instead. // +// To change a secret so that it is managed by another service, you need to +// recreate the secret in that service. See Secrets Manager secrets managed +// by other Amazon Web Services services (https://docs.aws.amazon.com/secretsmanager/latest/userguide/service-linked-secrets.html). +// // We recommend you avoid calling UpdateSecret at a sustained rate of more than // once every 10 minutes. When you call UpdateSecret to update the secret value, // Secrets Manager creates a new version of the secret. Secrets Manager removes @@ -2495,9 +2666,11 @@ func (c *SecretsManager) UpdateSecretRequest(input *UpdateSecretInput) (req *req // Required permissions: secretsmanager:UpdateSecret. For more information, // see IAM policy actions for Secrets Manager (https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions) // and Authentication and access control in Secrets Manager (https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html). -// If you use a customer managed key, you must also have kms:GenerateDataKey -// and kms:Decrypt permissions on the key. For more information, see Secret -// encryption and decryption (https://docs.aws.amazon.com/secretsmanager/latest/userguide/security-encryption.html). +// If you use a customer managed key, you must also have kms:GenerateDataKey, +// kms:Encrypt, and kms:Decrypt permissions on the key. If you change the KMS +// key and you don't have kms:Encrypt permission to the new key, Secrets Manager +// does not re-ecrypt existing secret versions with the new key. For more information, +// see Secret encryption and decryption (https://docs.aws.amazon.com/secretsmanager/latest/userguide/security-encryption.html). // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -2768,8 +2941,8 @@ func (c *SecretsManager) ValidateResourcePolicyRequest(input *ValidateResourcePo // be logged. For more information, see Logging Secrets Manager events with // CloudTrail (https://docs.aws.amazon.com/secretsmanager/latest/userguide/retrieve-ct-entries.html). // -// Required permissions: secretsmanager:ValidateResourcePolicy. For more information, -// see IAM policy actions for Secrets Manager (https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions) +// Required permissions: secretsmanager:ValidateResourcePolicy and secretsmanager:PutResourcePolicy. +// For more information, see IAM policy actions for Secrets Manager (https://docs.aws.amazon.com/secretsmanager/latest/userguide/reference_iam-permissions.html#reference_iam-permissions_actions) // and Authentication and access control in Secrets Manager (https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html). // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -2830,6 +3003,209 @@ func (c *SecretsManager) ValidateResourcePolicyWithContext(ctx aws.Context, inpu return out, req.Send() } +// The error Secrets Manager encountered while retrieving an individual secret +// as part of BatchGetSecretValue. +type APIErrorType struct { + _ struct{} `type:"structure"` + + // The error Secrets Manager encountered while retrieving an individual secret + // as part of BatchGetSecretValue, for example ResourceNotFoundException,InvalidParameterException, + // InvalidRequestException, DecryptionFailure, or AccessDeniedException. + ErrorCode *string `type:"string"` + + // A message describing the error. + Message *string `type:"string"` + + // The ARN or name of the secret. + SecretId *string `min:"1" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s APIErrorType) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s APIErrorType) GoString() string { + return s.String() +} + +// SetErrorCode sets the ErrorCode field's value. +func (s *APIErrorType) SetErrorCode(v string) *APIErrorType { + s.ErrorCode = &v + return s +} + +// SetMessage sets the Message field's value. +func (s *APIErrorType) SetMessage(v string) *APIErrorType { + s.Message = &v + return s +} + +// SetSecretId sets the SecretId field's value. +func (s *APIErrorType) SetSecretId(v string) *APIErrorType { + s.SecretId = &v + return s +} + +type BatchGetSecretValueInput struct { + _ struct{} `type:"structure"` + + // The filters to choose which secrets to retrieve. You must include Filters + // or SecretIdList, but not both. + Filters []*Filter `type:"list"` + + // The number of results to include in the response. + // + // If there are more results available, in the response, Secrets Manager includes + // NextToken. To get the next results, call BatchGetSecretValue again with the + // value from NextToken. To use this parameter, you must also use the Filters + // parameter. + MaxResults *int64 `min:"1" type:"integer"` + + // A token that indicates where the output should continue from, if a previous + // call did not show all results. To get the next results, call BatchGetSecretValue + // again with this value. + NextToken *string `min:"1" type:"string"` + + // The ARN or names of the secrets to retrieve. You must include Filters or + // SecretIdList, but not both. + SecretIdList []*string `min:"1" type:"list"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s BatchGetSecretValueInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s BatchGetSecretValueInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *BatchGetSecretValueInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "BatchGetSecretValueInput"} + if s.MaxResults != nil && *s.MaxResults < 1 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1)) + } + if s.NextToken != nil && len(*s.NextToken) < 1 { + invalidParams.Add(request.NewErrParamMinLen("NextToken", 1)) + } + if s.SecretIdList != nil && len(s.SecretIdList) < 1 { + invalidParams.Add(request.NewErrParamMinLen("SecretIdList", 1)) + } + if s.Filters != nil { + for i, v := range s.Filters { + if v == nil { + continue + } + if err := v.Validate(); err != nil { + invalidParams.AddNested(fmt.Sprintf("%s[%v]", "Filters", i), err.(request.ErrInvalidParams)) + } + } + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetFilters sets the Filters field's value. +func (s *BatchGetSecretValueInput) SetFilters(v []*Filter) *BatchGetSecretValueInput { + s.Filters = v + return s +} + +// SetMaxResults sets the MaxResults field's value. +func (s *BatchGetSecretValueInput) SetMaxResults(v int64) *BatchGetSecretValueInput { + s.MaxResults = &v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *BatchGetSecretValueInput) SetNextToken(v string) *BatchGetSecretValueInput { + s.NextToken = &v + return s +} + +// SetSecretIdList sets the SecretIdList field's value. +func (s *BatchGetSecretValueInput) SetSecretIdList(v []*string) *BatchGetSecretValueInput { + s.SecretIdList = v + return s +} + +type BatchGetSecretValueOutput struct { + _ struct{} `type:"structure"` + + // A list of errors Secrets Manager encountered while attempting to retrieve + // individual secrets. + Errors []*APIErrorType `type:"list"` + + // Secrets Manager includes this value if there's more output available than + // what is included in the current response. This can occur even when the response + // includes no values at all, such as when you ask for a filtered view of a + // long list. To get the next results, call BatchGetSecretValue again with this + // value. + NextToken *string `min:"1" type:"string"` + + // A list of secret values. + SecretValues []*SecretValueEntry `type:"list"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s BatchGetSecretValueOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s BatchGetSecretValueOutput) GoString() string { + return s.String() +} + +// SetErrors sets the Errors field's value. +func (s *BatchGetSecretValueOutput) SetErrors(v []*APIErrorType) *BatchGetSecretValueOutput { + s.Errors = v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *BatchGetSecretValueOutput) SetNextToken(v string) *BatchGetSecretValueOutput { + s.NextToken = &v + return s +} + +// SetSecretValues sets the SecretValues field's value. +func (s *BatchGetSecretValueOutput) SetSecretValues(v []*SecretValueEntry) *BatchGetSecretValueOutput { + s.SecretValues = v + return s +} + type CancelRotateSecretInput struct { _ struct{} `type:"structure"` @@ -2948,10 +3324,10 @@ type CreateSecretInput struct { // If you use the Amazon Web Services CLI or one of the Amazon Web Services // SDKs to call this operation, then you can leave this parameter empty. The // CLI or SDK generates a random UUID for you and includes it as the value for - // this parameter in the request. If you don't use the SDK and instead generate - // a raw HTTP request to the Secrets Manager service endpoint, then you must - // generate a ClientRequestToken yourself for the new version and include the - // value in the request. + // this parameter in the request. + // + // If you generate a raw HTTP request to the Secrets Manager service endpoint, + // then you must generate a ClientRequestToken and include it in the request. // // This value helps ensure idempotency. Secrets Manager uses this value to prevent // the accidental creation of duplicate versions if there are failures and retries @@ -2977,7 +3353,7 @@ type CreateSecretInput struct { Description *string `type:"string"` // Specifies whether to overwrite a secret with the same name in the destination - // Region. + // Region. By default, secrets aren't overwritten. ForceOverwriteReplicaSecret *bool `type:"boolean"` // The ARN, key ID, or alias of the KMS key that Secrets Manager uses to encrypt @@ -3022,7 +3398,7 @@ type CreateSecretInput struct { // String and GoString methods. // // SecretBinary is automatically base64 encoded/decoded by the SDK. - SecretBinary []byte `type:"blob" sensitive:"true"` + SecretBinary []byte `min:"1" type:"blob" sensitive:"true"` // The text data to encrypt and store in this new version of the secret. We // recommend you use a JSON structure of key/value pairs for your secret value. @@ -3037,7 +3413,7 @@ type CreateSecretInput struct { // SecretString is a sensitive parameter and its value will be // replaced with "sensitive" in string returned by CreateSecretInput's // String and GoString methods. - SecretString *string `type:"string" sensitive:"true"` + SecretString *string `min:"1" type:"string" sensitive:"true"` // A list of tags to attach to the secret. Each tag is a key and value pair // of strings in a JSON text string, for example: @@ -3060,25 +3436,8 @@ type CreateSecretInput struct { // you should use single quotes to avoid confusion with the double quotes required // in the JSON text. // - // The following restrictions apply to tags: - // - // * Maximum number of tags per secret: 50 - // - // * Maximum key length: 127 Unicode characters in UTF-8 - // - // * Maximum value length: 255 Unicode characters in UTF-8 - // - // * Tag keys and values are case sensitive. - // - // * Do not use the aws: prefix in your tag names or values because Amazon - // Web Services reserves it for Amazon Web Services use. You can't edit or - // delete tag names or values with this prefix. Tags with this prefix do - // not count against your tags per secret limit. - // - // * If you use your tagging schema across multiple services and resources, - // other services might have restrictions on allowed characters. Generally - // allowed characters: letters, spaces, and numbers representable in UTF-8, - // plus the following special characters: + - = . _ : / @. + // For tag quotas and naming restrictions, see Service quotas for Tagging (https://docs.aws.amazon.com/general/latest/gr/arg.html#taged-reference-quotas) + // in the Amazon Web Services General Reference guide. Tags []*Tag `type:"list"` } @@ -3115,6 +3474,12 @@ func (s *CreateSecretInput) Validate() error { if s.Name != nil && len(*s.Name) < 1 { invalidParams.Add(request.NewErrParamMinLen("Name", 1)) } + if s.SecretBinary != nil && len(s.SecretBinary) < 1 { + invalidParams.Add(request.NewErrParamMinLen("SecretBinary", 1)) + } + if s.SecretString != nil && len(*s.SecretString) < 1 { + invalidParams.Add(request.NewErrParamMinLen("SecretString", 1)) + } if s.AddReplicaRegions != nil { for i, v := range s.AddReplicaRegions { if v == nil { @@ -3427,13 +3792,17 @@ type DeleteSecretInput struct { // Specifies whether to delete the secret without any recovery window. You can't // use both this parameter and RecoveryWindowInDays in the same call. If you - // don't use either, then Secrets Manager defaults to a 30 day recovery window. + // don't use either, then by default Secrets Manager uses a 30 day recovery + // window. // // Secrets Manager performs the actual deletion with an asynchronous background // process, so there might be a short delay before the secret is permanently // deleted. If you delete a secret and then immediately create a secret with // the same name, use appropriate back off and retry logic. // + // If you forcibly delete an already deleted or nonexistent secret, the operation + // does not return ResourceNotFoundException. + // // Use this parameter with caution. This parameter causes the operation to skip // the normal recovery window before the permanent deletion that Secrets Manager // would normally impose with the RecoveryWindowInDays parameter. If you delete @@ -3443,8 +3812,8 @@ type DeleteSecretInput struct { // The number of days from 7 to 30 that Secrets Manager waits before permanently // deleting the secret. You can't use both this parameter and ForceDeleteWithoutRecovery - // in the same call. If you don't use either, then Secrets Manager defaults - // to a 30 day recovery window. + // in the same call. If you don't use either, then by default Secrets Manager + // uses a 30 day recovery window. RecoveryWindowInDays *int64 `type:"long"` // The ARN or name of the secret to delete. @@ -3648,12 +4017,23 @@ type DescribeSecretOutput struct { LastChangedDate *time.Time `type:"timestamp"` // The last date and time that Secrets Manager rotated the secret. If the secret - // isn't configured for rotation, Secrets Manager returns null. + // isn't configured for rotation or rotation has been disabled, Secrets Manager + // returns null. LastRotatedDate *time.Time `type:"timestamp"` // The name of the secret. Name *string `min:"1" type:"string"` + // The next rotation is scheduled to occur on or before this date. If the secret + // isn't configured for rotation or rotation has been disabled, Secrets Manager + // returns null. If rotation fails, Secrets Manager retries the entire rotation + // process multiple times. If rotation is unsuccessful, this date may be in + // the past. + // + // This date represents the latest date that rotation will occur, but it is + // not an approximate rotation date. In some cases, for example if you turn + // off automatic rotation and then turn it back on, the next rotation may occur + // much sooner than this date. NextRotationDate *time.Time `type:"timestamp"` // The ID of the service that created this secret. For more information, see @@ -3925,6 +4305,8 @@ type Filter struct { // // * primary-region: Prefix match, case-sensitive. // + // * owning-service: Prefix match, case-sensitive. + // // * all: Breaks the filter value string into words and then searches all // attributes for matches. Not case-sensitive. Key *string `type:"string" enum:"FilterNameStringType"` @@ -4337,9 +4719,9 @@ type GetSecretValueOutput struct { Name *string `min:"1" type:"string"` // The decrypted secret value, if the secret value was originally provided as - // binary data in the form of a byte array. The response parameter represents - // the binary data as a base64-encoded (https://tools.ietf.org/html/rfc4648#section-4) - // string. + // binary data in the form of a byte array. When you retrieve a SecretBinary + // using the HTTP API, the Python SDK, or the Amazon Web Services CLI, the value + // is Base64-encoded. Otherwise, it is not encoded. // // If the secret was created by using the Secrets Manager console, or if the // secret value was originally provided as a string, then this field is omitted. @@ -4350,7 +4732,7 @@ type GetSecretValueOutput struct { // String and GoString methods. // // SecretBinary is automatically base64 encoded/decoded by the SDK. - SecretBinary []byte `type:"blob" sensitive:"true"` + SecretBinary []byte `min:"1" type:"blob" sensitive:"true"` // The decrypted secret value, if the secret value was originally provided as // a string or through the Secrets Manager console. @@ -4361,7 +4743,7 @@ type GetSecretValueOutput struct { // SecretString is a sensitive parameter and its value will be // replaced with "sensitive" in string returned by GetSecretValueOutput's // String and GoString methods. - SecretString *string `type:"string" sensitive:"true"` + SecretString *string `min:"1" type:"string" sensitive:"true"` // The unique identifier of this version of the secret. VersionId *string `min:"32" type:"string"` @@ -4768,7 +5150,8 @@ type ListSecretVersionIdsInput struct { // Specifies whether to include versions of secrets that don't have any staging // labels attached to them. Versions without staging labels are considered deprecated - // and are subject to deletion by Secrets Manager. + // and are subject to deletion by Secrets Manager. By default, versions without + // staging labels aren't included. IncludeDeprecated *bool `type:"boolean"` // The number of results to include in the response. @@ -4924,6 +5307,8 @@ type ListSecretsInput struct { // The filters to apply to the list of secrets. Filters []*Filter `type:"list"` + // Specifies whether to include secrets scheduled for deletion. By default, + // secrets scheduled for deletion aren't included. IncludePlannedDeletion *bool `type:"boolean"` // The number of results to include in the response. @@ -5256,7 +5641,8 @@ type PutResourcePolicyInput struct { _ struct{} `type:"structure"` // Specifies whether to block resource-based policies that allow broad access - // to the secret, for example those that use a wildcard for the principal. + // to the secret, for example those that use a wildcard for the principal. By + // default, public policies aren't blocked. BlockPublicPolicy *bool `type:"boolean"` // A JSON-formatted string for an Amazon Web Services resource-based policy. @@ -5378,17 +5764,17 @@ type PutSecretValueInput struct { // A unique identifier for the new version of the secret. // // If you use the Amazon Web Services CLI or one of the Amazon Web Services - // SDKs to call this operation, then you can leave this parameter empty because - // they generate a random UUID for you. If you don't use the SDK and instead - // generate a raw HTTP request to the Secrets Manager service endpoint, then - // you must generate a ClientRequestToken yourself for new versions and include - // that value in the request. + // SDKs to call this operation, then you can leave this parameter empty. The + // CLI or SDK generates a random UUID for you and includes it as the value for + // this parameter in the request. + // + // If you generate a raw HTTP request to the Secrets Manager service endpoint, + // then you must generate a ClientRequestToken and include it in the request. // // This value helps ensure idempotency. Secrets Manager uses this value to prevent // the accidental creation of duplicate versions if there are failures and retries - // during the Lambda rotation function processing. We recommend that you generate - // a UUID-type (https://wikipedia.org/wiki/Universally_unique_identifier) value - // to ensure uniqueness within the specified secret. + // during a rotation. We recommend that you generate a UUID-type (https://wikipedia.org/wiki/Universally_unique_identifier) + // value to ensure uniqueness of your versions within the specified secret. // // * If the ClientRequestToken value isn't already associated with a version // of the secret then a new version of the secret is created. @@ -5418,7 +5804,7 @@ type PutSecretValueInput struct { // String and GoString methods. // // SecretBinary is automatically base64 encoded/decoded by the SDK. - SecretBinary []byte `type:"blob" sensitive:"true"` + SecretBinary []byte `min:"1" type:"blob" sensitive:"true"` // The ARN or name of the secret to add a new version to. // @@ -5440,7 +5826,7 @@ type PutSecretValueInput struct { // SecretString is a sensitive parameter and its value will be // replaced with "sensitive" in string returned by PutSecretValueInput's // String and GoString methods. - SecretString *string `type:"string" sensitive:"true"` + SecretString *string `min:"1" type:"string" sensitive:"true"` // A list of staging labels to attach to this version of the secret. Secrets // Manager uses staging labels to track versions of a secret through the rotation @@ -5482,12 +5868,18 @@ func (s *PutSecretValueInput) Validate() error { if s.ClientRequestToken != nil && len(*s.ClientRequestToken) < 32 { invalidParams.Add(request.NewErrParamMinLen("ClientRequestToken", 32)) } + if s.SecretBinary != nil && len(s.SecretBinary) < 1 { + invalidParams.Add(request.NewErrParamMinLen("SecretBinary", 1)) + } if s.SecretId == nil { invalidParams.Add(request.NewErrParamRequired("SecretId")) } if s.SecretId != nil && len(*s.SecretId) < 1 { invalidParams.Add(request.NewErrParamMinLen("SecretId", 1)) } + if s.SecretString != nil && len(*s.SecretString) < 1 { + invalidParams.Add(request.NewErrParamMinLen("SecretString", 1)) + } if s.VersionStages != nil && len(s.VersionStages) < 1 { invalidParams.Add(request.NewErrParamMinLen("VersionStages", 1)) } @@ -5758,7 +6150,7 @@ type ReplicateSecretToRegionsInput struct { AddReplicaRegions []*ReplicaRegionType `min:"1" type:"list" required:"true"` // Specifies whether to overwrite a secret with the same name in the destination - // Region. + // Region. By default, secrets aren't overwritten. ForceOverwriteReplicaSecret *bool `type:"boolean"` // The ARN or name of the secret to replicate. @@ -6168,38 +6560,42 @@ func (s *RestoreSecretOutput) SetName(v string) *RestoreSecretOutput { type RotateSecretInput struct { _ struct{} `type:"structure"` - // A unique identifier for the new version of the secret that helps ensure idempotency. - // Secrets Manager uses this value to prevent the accidental creation of duplicate - // versions if there are failures and retries during rotation. This value becomes - // the VersionId of the new version. + // A unique identifier for the new version of the secret. You only need to specify + // this value if you implement your own retry logic and you want to ensure that + // Secrets Manager doesn't attempt to create a secret version twice. // // If you use the Amazon Web Services CLI or one of the Amazon Web Services - // SDK to call this operation, then you can leave this parameter empty. The - // CLI or SDK generates a random UUID for you and includes that in the request - // for this parameter. If you don't use the SDK and instead generate a raw HTTP - // request to the Secrets Manager service endpoint, then you must generate a - // ClientRequestToken yourself for new versions and include that value in the - // request. - // - // You only need to specify this value if you implement your own retry logic - // and you want to ensure that Secrets Manager doesn't attempt to create a secret - // version twice. We recommend that you generate a UUID-type (https://wikipedia.org/wiki/Universally_unique_identifier) - // value to ensure uniqueness within the specified secret. + // SDKs to call this operation, then you can leave this parameter empty. The + // CLI or SDK generates a random UUID for you and includes it as the value for + // this parameter in the request. + // + // If you generate a raw HTTP request to the Secrets Manager service endpoint, + // then you must generate a ClientRequestToken and include it in the request. + // + // This value helps ensure idempotency. Secrets Manager uses this value to prevent + // the accidental creation of duplicate versions if there are failures and retries + // during a rotation. We recommend that you generate a UUID-type (https://wikipedia.org/wiki/Universally_unique_identifier) + // value to ensure uniqueness of your versions within the specified secret. ClientRequestToken *string `min:"32" type:"string" idempotencyToken:"true"` // Specifies whether to rotate the secret immediately or wait until the next // scheduled rotation window. The rotation schedule is defined in RotateSecretRequest$RotationRules. // - // If you don't immediately rotate the secret, Secrets Manager tests the rotation - // configuration by running the testSecret step (https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotate-secrets_how.html) + // For secrets that use a Lambda rotation function to rotate, if you don't immediately + // rotate the secret, Secrets Manager tests the rotation configuration by running + // the testSecret step (https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotate-secrets_how.html) // of the Lambda rotation function. The test creates an AWSPENDING version of // the secret and then removes it. // - // If you don't specify this value, then by default, Secrets Manager rotates - // the secret immediately. + // By default, Secrets Manager rotates the secret immediately. RotateImmediately *bool `type:"boolean"` - // The ARN of the Lambda rotation function that can rotate the secret. + // For secrets that use a Lambda rotation function to rotate, the ARN of the + // Lambda rotation function. + // + // For secrets that use managed rotation, omit this field. For more information, + // see Managed rotation (https://docs.aws.amazon.com/secretsmanager/latest/userguide/rotate-secrets_managed.html) + // in the Secrets Manager User Guide. RotationLambdaARN *string `type:"string"` // A structure that defines the rotation configuration for this secret. @@ -6339,9 +6735,12 @@ func (s *RotateSecretOutput) SetVersionId(v string) *RotateSecretOutput { type RotationRulesType struct { _ struct{} `type:"structure"` - // The number of days between automatic scheduled rotations of the secret. You - // can use this value to check that your secret meets your compliance guidelines - // for how often secrets must be rotated. + // The number of days between rotations of the secret. You can use this value + // to check that your secret meets your compliance guidelines for how often + // secrets must be rotated. If you use this field to set the rotation schedule, + // Secrets Manager calculates the next rotation date based on the previous rotation. + // Manually updating the secret value by calling PutSecretValue or UpdateSecret + // is considered a valid rotation. // // In DescribeSecret and ListSecrets, this value is calculated from the rotation // schedule after every successful rotation. In RotateSecret, you can set the @@ -6478,12 +6877,12 @@ type SecretListEntry struct { // successfully completed. This value is null if the secret hasn't ever rotated. LastRotatedDate *time.Time `type:"timestamp"` - // The friendly name of the secret. You can use forward slashes in the name - // to represent a path hierarchy. For example, /prod/databases/dbserver1 could - // represent the secret for a server named dbserver1 in the folder databases - // in the folder prod. + // The friendly name of the secret. Name *string `min:"1" type:"string"` + // The next rotation is scheduled to occur on or before this date. If the secret + // isn't configured for rotation or rotation has been disabled, Secrets Manager + // returns null. NextRotationDate *time.Time `type:"timestamp"` // Returns the name of the service that created the secret. @@ -6637,6 +7036,107 @@ func (s *SecretListEntry) SetTags(v []*Tag) *SecretListEntry { return s } +// A structure that contains the secret value and other details for a secret. +type SecretValueEntry struct { + _ struct{} `type:"structure"` + + // The Amazon Resource Name (ARN) of the secret. + ARN *string `min:"20" type:"string"` + + // The date the secret was created. + CreatedDate *time.Time `type:"timestamp"` + + // The friendly name of the secret. + Name *string `min:"1" type:"string"` + + // The decrypted secret value, if the secret value was originally provided as + // binary data in the form of a byte array. The parameter represents the binary + // data as a base64-encoded (https://tools.ietf.org/html/rfc4648#section-4) + // string. + // + // SecretBinary is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by SecretValueEntry's + // String and GoString methods. + // + // SecretBinary is automatically base64 encoded/decoded by the SDK. + SecretBinary []byte `min:"1" type:"blob" sensitive:"true"` + + // The decrypted secret value, if the secret value was originally provided as + // a string or through the Secrets Manager console. + // + // SecretString is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by SecretValueEntry's + // String and GoString methods. + SecretString *string `min:"1" type:"string" sensitive:"true"` + + // The unique version identifier of this version of the secret. + VersionId *string `min:"32" type:"string"` + + // A list of all of the staging labels currently attached to this version of + // the secret. + VersionStages []*string `min:"1" type:"list"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s SecretValueEntry) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s SecretValueEntry) GoString() string { + return s.String() +} + +// SetARN sets the ARN field's value. +func (s *SecretValueEntry) SetARN(v string) *SecretValueEntry { + s.ARN = &v + return s +} + +// SetCreatedDate sets the CreatedDate field's value. +func (s *SecretValueEntry) SetCreatedDate(v time.Time) *SecretValueEntry { + s.CreatedDate = &v + return s +} + +// SetName sets the Name field's value. +func (s *SecretValueEntry) SetName(v string) *SecretValueEntry { + s.Name = &v + return s +} + +// SetSecretBinary sets the SecretBinary field's value. +func (s *SecretValueEntry) SetSecretBinary(v []byte) *SecretValueEntry { + s.SecretBinary = v + return s +} + +// SetSecretString sets the SecretString field's value. +func (s *SecretValueEntry) SetSecretString(v string) *SecretValueEntry { + s.SecretString = &v + return s +} + +// SetVersionId sets the VersionId field's value. +func (s *SecretValueEntry) SetVersionId(v string) *SecretValueEntry { + s.VersionId = &v + return s +} + +// SetVersionStages sets the VersionStages field's value. +func (s *SecretValueEntry) SetVersionStages(v []*string) *SecretValueEntry { + s.VersionStages = v + return s +} + // A structure that contains information about one version of a secret. type SecretVersionsListEntry struct { _ struct{} `type:"structure"` @@ -7053,12 +7553,15 @@ type UpdateSecretInput struct { // If you use the Amazon Web Services CLI or one of the Amazon Web Services // SDKs to call this operation, then you can leave this parameter empty. The // CLI or SDK generates a random UUID for you and includes it as the value for - // this parameter in the request. If you don't use the SDK and instead generate - // a raw HTTP request to the Secrets Manager service endpoint, then you must - // generate a ClientRequestToken yourself for the new version and include the - // value in the request. + // this parameter in the request. // - // This value becomes the VersionId of the new version. + // If you generate a raw HTTP request to the Secrets Manager service endpoint, + // then you must generate a ClientRequestToken and include it in the request. + // + // This value helps ensure idempotency. Secrets Manager uses this value to prevent + // the accidental creation of duplicate versions if there are failures and retries + // during a rotation. We recommend that you generate a UUID-type (https://wikipedia.org/wiki/Universally_unique_identifier) + // value to ensure uniqueness of your versions within the specified secret. ClientRequestToken *string `min:"32" type:"string" idempotencyToken:"true"` // The description of the secret. @@ -7066,8 +7569,10 @@ type UpdateSecretInput struct { // The ARN, key ID, or alias of the KMS key that Secrets Manager uses to encrypt // new secret versions as well as any existing versions with the staging labels - // AWSCURRENT, AWSPENDING, or AWSPREVIOUS. For more information about versions - // and staging labels, see Concepts: Version (https://docs.aws.amazon.com/secretsmanager/latest/userguide/getting-started.html#term_version). + // AWSCURRENT, AWSPENDING, or AWSPREVIOUS. If you don't have kms:Encrypt permission + // to the new key, Secrets Manager does not re-ecrypt existing secret versions + // with the new key. For more information about versions and staging labels, + // see Concepts: Version (https://docs.aws.amazon.com/secretsmanager/latest/userguide/getting-started.html#term_version). // // A key alias is always prefixed by alias/, for example alias/aws/secretsmanager. // For more information, see About aliases (https://docs.aws.amazon.com/kms/latest/developerguide/alias-about.html). @@ -7100,7 +7605,7 @@ type UpdateSecretInput struct { // String and GoString methods. // // SecretBinary is automatically base64 encoded/decoded by the SDK. - SecretBinary []byte `type:"blob" sensitive:"true"` + SecretBinary []byte `min:"1" type:"blob" sensitive:"true"` // The ARN or name of the secret. // @@ -7118,7 +7623,7 @@ type UpdateSecretInput struct { // SecretString is a sensitive parameter and its value will be // replaced with "sensitive" in string returned by UpdateSecretInput's // String and GoString methods. - SecretString *string `type:"string" sensitive:"true"` + SecretString *string `min:"1" type:"string" sensitive:"true"` } // String returns the string representation. @@ -7145,12 +7650,18 @@ func (s *UpdateSecretInput) Validate() error { if s.ClientRequestToken != nil && len(*s.ClientRequestToken) < 32 { invalidParams.Add(request.NewErrParamMinLen("ClientRequestToken", 32)) } + if s.SecretBinary != nil && len(s.SecretBinary) < 1 { + invalidParams.Add(request.NewErrParamMinLen("SecretBinary", 1)) + } if s.SecretId == nil { invalidParams.Add(request.NewErrParamRequired("SecretId")) } if s.SecretId != nil && len(*s.SecretId) < 1 { invalidParams.Add(request.NewErrParamMinLen("SecretId", 1)) } + if s.SecretString != nil && len(*s.SecretString) < 1 { + invalidParams.Add(request.NewErrParamMinLen("SecretString", 1)) + } if invalidParams.Len() > 0 { return invalidParams diff --git a/agent/vendor/github.com/aws/aws-sdk-go/service/secretsmanager/doc.go b/agent/vendor/github.com/aws/aws-sdk-go/service/secretsmanager/doc.go index e4a983867e4..402a2dd6e55 100644 --- a/agent/vendor/github.com/aws/aws-sdk-go/service/secretsmanager/doc.go +++ b/agent/vendor/github.com/aws/aws-sdk-go/service/secretsmanager/doc.go @@ -15,6 +15,9 @@ // This version of the Secrets Manager API Reference documents the Secrets Manager // API version 2017-10-17. // +// For a list of endpoints, see Amazon Web Services Secrets Manager endpoints +// (https://docs.aws.amazon.com/secretsmanager/latest/userguide/asm_access.html#endpoints). +// // # Support and Feedback for Amazon Web Services Secrets Manager // // We welcome your feedback. Send your comments to awssecretsmanager-feedback@amazon.com diff --git a/agent/vendor/github.com/aws/aws-sdk-go/service/secretsmanager/secretsmanageriface/interface.go b/agent/vendor/github.com/aws/aws-sdk-go/service/secretsmanager/secretsmanageriface/interface.go index 4bf6e8cda13..c2607b12e80 100644 --- a/agent/vendor/github.com/aws/aws-sdk-go/service/secretsmanager/secretsmanageriface/interface.go +++ b/agent/vendor/github.com/aws/aws-sdk-go/service/secretsmanager/secretsmanageriface/interface.go @@ -26,7 +26,7 @@ import ( // // myFunc uses an SDK service client to make a request to // // AWS Secrets Manager. // func myFunc(svc secretsmanageriface.SecretsManagerAPI) bool { -// // Make svc.CancelRotateSecret request +// // Make svc.BatchGetSecretValue request // } // // func main() { @@ -42,7 +42,7 @@ import ( // type mockSecretsManagerClient struct { // secretsmanageriface.SecretsManagerAPI // } -// func (m *mockSecretsManagerClient) CancelRotateSecret(input *secretsmanager.CancelRotateSecretInput) (*secretsmanager.CancelRotateSecretOutput, error) { +// func (m *mockSecretsManagerClient) BatchGetSecretValue(input *secretsmanager.BatchGetSecretValueInput) (*secretsmanager.BatchGetSecretValueOutput, error) { // // mock response/functionality // } // @@ -60,6 +60,13 @@ import ( // and waiters. Its suggested to use the pattern above for testing, or using // tooling to generate mocks to satisfy the interfaces. type SecretsManagerAPI interface { + BatchGetSecretValue(*secretsmanager.BatchGetSecretValueInput) (*secretsmanager.BatchGetSecretValueOutput, error) + BatchGetSecretValueWithContext(aws.Context, *secretsmanager.BatchGetSecretValueInput, ...request.Option) (*secretsmanager.BatchGetSecretValueOutput, error) + BatchGetSecretValueRequest(*secretsmanager.BatchGetSecretValueInput) (*request.Request, *secretsmanager.BatchGetSecretValueOutput) + + BatchGetSecretValuePages(*secretsmanager.BatchGetSecretValueInput, func(*secretsmanager.BatchGetSecretValueOutput, bool) bool) error + BatchGetSecretValuePagesWithContext(aws.Context, *secretsmanager.BatchGetSecretValueInput, func(*secretsmanager.BatchGetSecretValueOutput, bool) bool, ...request.Option) error + CancelRotateSecret(*secretsmanager.CancelRotateSecretInput) (*secretsmanager.CancelRotateSecretOutput, error) CancelRotateSecretWithContext(aws.Context, *secretsmanager.CancelRotateSecretInput, ...request.Option) (*secretsmanager.CancelRotateSecretOutput, error) CancelRotateSecretRequest(*secretsmanager.CancelRotateSecretInput) (*request.Request, *secretsmanager.CancelRotateSecretOutput) diff --git a/agent/vendor/github.com/aws/aws-sdk-go/service/ssm/api.go b/agent/vendor/github.com/aws/aws-sdk-go/service/ssm/api.go index e56d756788d..5970b13555b 100644 --- a/agent/vendor/github.com/aws/aws-sdk-go/service/ssm/api.go +++ b/agent/vendor/github.com/aws/aws-sdk-go/service/ssm/api.go @@ -88,7 +88,7 @@ func (c *SSM) AddTagsToResourceRequest(input *AddTagsToResourceInput) (req *requ // strictly as a string of characters. // // For more information about using tags with Amazon Elastic Compute Cloud (Amazon -// EC2) instances, see Tagging your Amazon EC2 resources (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html) +// EC2) instances, see Tag your Amazon EC2 resources (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html) // in the Amazon EC2 User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -205,8 +205,7 @@ func (c *SSM) AssociateOpsItemRelatedItemRequest(input *AssociateOpsItemRelatedI // The specified OpsItem ID doesn't exist. Verify the ID and try again. // // - OpsItemLimitExceededException -// The request caused OpsItems to exceed one or more quotas. For information -// about OpsItem quotas, see What are the resource limits for OpsCenter? (https://docs.aws.amazon.com/systems-manager/latest/userguide/OpsCenter-learn-more.html#OpsCenter-learn-more-limits). +// The request caused OpsItems to exceed one or more quotas. // // - OpsItemInvalidParameterException // A specified parameter argument isn't valid. Verify the available arguments @@ -215,6 +214,9 @@ func (c *SSM) AssociateOpsItemRelatedItemRequest(input *AssociateOpsItemRelatedI // - OpsItemRelatedItemAlreadyExistsException // The Amazon Resource Name (ARN) is already associated with the OpsItem. // +// - OpsItemConflictException +// The specified OpsItem is in the process of being deleted. +// // See also, https://docs.aws.amazon.com/goto/WebAPI/ssm-2014-11-06/AssociateOpsItemRelatedItem func (c *SSM) AssociateOpsItemRelatedItem(input *AssociateOpsItemRelatedItemInput) (*AssociateOpsItemRelatedItemOutput, error) { req, out := c.AssociateOpsItemRelatedItemRequest(input) @@ -304,14 +306,15 @@ func (c *SSM) CancelCommandRequest(input *CancelCommandInput) (req *request.Requ // // - You don't have permission to access the managed node. // -// - Amazon Web Services Systems Manager Agent(SSM Agent) isn't running. +// - Amazon Web Services Systems Manager Agent (SSM Agent) isn't running. // Verify that SSM Agent is running. // // - SSM Agent isn't registered with the SSM endpoint. Try reinstalling SSM // Agent. // -// - The managed node isn't in valid state. Valid states are: Running, Pending, -// Stopped, and Stopping. Invalid states are: Shutting-down and Terminated. +// - The managed node isn't in a valid state. Valid states are: Running, +// Pending, Stopped, and Stopping. Invalid states are: Shutting-down and +// Terminated. // // - DuplicateInstanceId // You can't specify a managed node ID in more than one association. @@ -477,7 +480,7 @@ func (c *SSM) CreateActivationRequest(input *CreateActivationInput) (req *reques // use the activation code and ID when installing SSM Agent on machines in your // hybrid environment. For more information about requirements for managing // on-premises machines using Systems Manager, see Setting up Amazon Web Services -// Systems Manager for hybrid environments (https://docs.aws.amazon.com/systems-manager/latest/userguide/systems-manager-managedinstances.html) +// Systems Manager for hybrid and multicloud environments (https://docs.aws.amazon.com/systems-manager/latest/userguide/systems-manager-managedinstances.html) // in the Amazon Web Services Systems Manager User Guide. // // Amazon Elastic Compute Cloud (Amazon EC2) instances, edge devices, and on-premises @@ -609,19 +612,20 @@ func (c *SSM) CreateAssociationRequest(input *CreateAssociationInput) (req *requ // // - You don't have permission to access the managed node. // -// - Amazon Web Services Systems Manager Agent(SSM Agent) isn't running. +// - Amazon Web Services Systems Manager Agent (SSM Agent) isn't running. // Verify that SSM Agent is running. // // - SSM Agent isn't registered with the SSM endpoint. Try reinstalling SSM // Agent. // -// - The managed node isn't in valid state. Valid states are: Running, Pending, -// Stopped, and Stopping. Invalid states are: Shutting-down and Terminated. +// - The managed node isn't in a valid state. Valid states are: Running, +// Pending, Stopped, and Stopping. Invalid states are: Shutting-down and +// Terminated. // // - UnsupportedPlatformType // The document doesn't support the platform type of the given managed node -// ID(s). For example, you sent an document for a Windows managed node to a -// Linux node. +// IDs. For example, you sent an document for a Windows managed node to a Linux +// node. // // - InvalidOutputLocation // The output location isn't valid or doesn't exist. @@ -742,14 +746,15 @@ func (c *SSM) CreateAssociationBatchRequest(input *CreateAssociationBatchInput) // // - You don't have permission to access the managed node. // -// - Amazon Web Services Systems Manager Agent(SSM Agent) isn't running. +// - Amazon Web Services Systems Manager Agent (SSM Agent) isn't running. // Verify that SSM Agent is running. // // - SSM Agent isn't registered with the SSM endpoint. Try reinstalling SSM // Agent. // -// - The managed node isn't in valid state. Valid states are: Running, Pending, -// Stopped, and Stopping. Invalid states are: Shutting-down and Terminated. +// - The managed node isn't in a valid state. Valid states are: Running, +// Pending, Stopped, and Stopping. Invalid states are: Shutting-down and +// Terminated. // // - InvalidParameters // You must specify values for all required parameters in the Amazon Web Services @@ -764,8 +769,8 @@ func (c *SSM) CreateAssociationBatchRequest(input *CreateAssociationBatchInput) // // - UnsupportedPlatformType // The document doesn't support the platform type of the given managed node -// ID(s). For example, you sent an document for a Windows managed node to a -// Linux node. +// IDs. For example, you sent an document for a Windows managed node to a Linux +// node. // // - InvalidOutputLocation // The output location isn't valid or doesn't exist. @@ -1043,8 +1048,8 @@ func (c *SSM) CreateOpsItemRequest(input *CreateOpsItemInput) (req *request.Requ // CreateOpsItem API operation for Amazon Simple Systems Manager (SSM). // // Creates a new OpsItem. You must have permission in Identity and Access Management -// (IAM) to create a new OpsItem. For more information, see Getting started -// with OpsCenter (https://docs.aws.amazon.com/systems-manager/latest/userguide/OpsCenter-getting-started.html) +// (IAM) to create a new OpsItem. For more information, see Set up OpsCenter +// (https://docs.aws.amazon.com/systems-manager/latest/userguide/OpsCenter-setup.html) // in the Amazon Web Services Systems Manager User Guide. // // Operations engineers and IT professionals use Amazon Web Services Systems @@ -1069,8 +1074,7 @@ func (c *SSM) CreateOpsItemRequest(input *CreateOpsItemInput) (req *request.Requ // The OpsItem already exists. // // - OpsItemLimitExceededException -// The request caused OpsItems to exceed one or more quotas. For information -// about OpsItem quotas, see What are the resource limits for OpsCenter? (https://docs.aws.amazon.com/systems-manager/latest/userguide/OpsCenter-learn-more.html#OpsCenter-learn-more-limits). +// The request caused OpsItems to exceed one or more quotas. // // - OpsItemInvalidParameterException // A specified parameter argument isn't valid. Verify the available arguments @@ -1580,14 +1584,15 @@ func (c *SSM) DeleteAssociationRequest(input *DeleteAssociationInput) (req *requ // // - You don't have permission to access the managed node. // -// - Amazon Web Services Systems Manager Agent(SSM Agent) isn't running. +// - Amazon Web Services Systems Manager Agent (SSM Agent) isn't running. // Verify that SSM Agent is running. // // - SSM Agent isn't registered with the SSM endpoint. Try reinstalling SSM // Agent. // -// - The managed node isn't in valid state. Valid states are: Running, Pending, -// Stopped, and Stopping. Invalid states are: Shutting-down and Terminated. +// - The managed node isn't in a valid state. Valid states are: Running, +// Pending, Stopped, and Stopping. Invalid states are: Shutting-down and +// Terminated. // // - TooManyUpdates // There are concurrent updates for a resource that supports one update at a @@ -1883,6 +1888,112 @@ func (c *SSM) DeleteMaintenanceWindowWithContext(ctx aws.Context, input *DeleteM return out, req.Send() } +const opDeleteOpsItem = "DeleteOpsItem" + +// DeleteOpsItemRequest generates a "aws/request.Request" representing the +// client's request for the DeleteOpsItem operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DeleteOpsItem for more information on using the DeleteOpsItem +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the DeleteOpsItemRequest method. +// req, resp := client.DeleteOpsItemRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ssm-2014-11-06/DeleteOpsItem +func (c *SSM) DeleteOpsItemRequest(input *DeleteOpsItemInput) (req *request.Request, output *DeleteOpsItemOutput) { + op := &request.Operation{ + Name: opDeleteOpsItem, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &DeleteOpsItemInput{} + } + + output = &DeleteOpsItemOutput{} + req = c.newRequest(op, input, output) + req.Handlers.Unmarshal.Swap(jsonrpc.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) + return +} + +// DeleteOpsItem API operation for Amazon Simple Systems Manager (SSM). +// +// Delete an OpsItem. You must have permission in Identity and Access Management +// (IAM) to delete an OpsItem. +// +// Note the following important information about this operation. +// +// - Deleting an OpsItem is irreversible. You can't restore a deleted OpsItem. +// +// - This operation uses an eventual consistency model, which means the system +// can take a few minutes to complete this operation. If you delete an OpsItem +// and immediately call, for example, GetOpsItem, the deleted OpsItem might +// still appear in the response. +// +// - This operation is idempotent. The system doesn't throw an exception +// if you repeatedly call this operation for the same OpsItem. If the first +// call is successful, all additional calls return the same successful response +// as the first call. +// +// - This operation doesn't support cross-account calls. A delegated administrator +// or management account can't delete OpsItems in other accounts, even if +// OpsCenter has been set up for cross-account administration. For more information +// about cross-account administration, see Setting up OpsCenter to centrally +// manage OpsItems across accounts (https://docs.aws.amazon.com/systems-manager/latest/userguide/OpsCenter-setting-up-cross-account.html) +// in the Systems Manager User Guide. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Simple Systems Manager (SSM)'s +// API operation DeleteOpsItem for usage and error information. +// +// Returned Error Types: +// +// - InternalServerError +// An error occurred on the server side. +// +// - OpsItemInvalidParameterException +// A specified parameter argument isn't valid. Verify the available arguments +// and try again. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ssm-2014-11-06/DeleteOpsItem +func (c *SSM) DeleteOpsItem(input *DeleteOpsItemInput) (*DeleteOpsItemOutput, error) { + req, out := c.DeleteOpsItemRequest(input) + return out, req.Send() +} + +// DeleteOpsItemWithContext is the same as DeleteOpsItem with the addition of +// the ability to pass a context and additional request options. +// +// See DeleteOpsItem for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *SSM) DeleteOpsItemWithContext(ctx aws.Context, input *DeleteOpsItemInput, opts ...request.Option) (*DeleteOpsItemOutput, error) { + req, out := c.DeleteOpsItemRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opDeleteOpsMetadata = "DeleteOpsMetadata" // DeleteOpsMetadataRequest generates a "aws/request.Request" representing the @@ -2349,10 +2460,18 @@ func (c *SSM) DeleteResourcePolicyRequest(input *DeleteResourcePolicyInput) (req // // Deletes a Systems Manager resource policy. A resource policy helps you to // define the IAM entity (for example, an Amazon Web Services account) that -// can manage your Systems Manager resources. Currently, OpsItemGroup is the -// only resource that supports Systems Manager resource policies. The resource -// policy for OpsItemGroup enables Amazon Web Services accounts to view and -// interact with OpsCenter operational work items (OpsItems). +// can manage your Systems Manager resources. The following resources support +// Systems Manager resource policies. +// +// - OpsItemGroup - The resource policy for OpsItemGroup enables Amazon Web +// Services accounts to view and interact with OpsCenter operational work +// items (OpsItems). +// +// - Parameter - The resource policy is used to share a parameter with other +// accounts using Resource Access Manager (RAM). For more information about +// cross-account sharing of parameters, see Working with shared parameters +// (https://docs.aws.amazon.com/systems-manager/latest/userguide/parameter-store-shared-parameters.html) +// in the Amazon Web Services Systems Manager User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -2375,6 +2494,16 @@ func (c *SSM) DeleteResourcePolicyRequest(input *DeleteResourcePolicyInput) (req // is thrown when trying to update an obsolete policy version or when multiple // requests to update a policy are sent. // +// - ResourceNotFoundException +// The specified parameter to be shared could not be found. +// +// - MalformedResourcePolicyDocumentException +// The specified policy document is malformed or invalid, or excessive PutResourcePolicy +// or DeleteResourcePolicy calls have been made. +// +// - ResourcePolicyNotFoundException +// No policies with the specified policy ID and hash could be found. +// // See also, https://docs.aws.amazon.com/goto/WebAPI/ssm-2014-11-06/DeleteResourcePolicy func (c *SSM) DeleteResourcePolicy(input *DeleteResourcePolicyInput) (*DeleteResourcePolicyOutput, error) { req, out := c.DeleteResourcePolicyRequest(input) @@ -2459,14 +2588,15 @@ func (c *SSM) DeregisterManagedInstanceRequest(input *DeregisterManagedInstanceI // // - You don't have permission to access the managed node. // -// - Amazon Web Services Systems Manager Agent(SSM Agent) isn't running. +// - Amazon Web Services Systems Manager Agent (SSM Agent) isn't running. // Verify that SSM Agent is running. // // - SSM Agent isn't registered with the SSM endpoint. Try reinstalling SSM // Agent. // -// - The managed node isn't in valid state. Valid states are: Running, Pending, -// Stopped, and Stopping. Invalid states are: Shutting-down and Terminated. +// - The managed node isn't in a valid state. Valid states are: Running, +// Pending, Stopped, and Stopping. Invalid states are: Shutting-down and +// Terminated. // // - InternalServerError // An error occurred on the server side. @@ -2975,14 +3105,15 @@ func (c *SSM) DescribeAssociationRequest(input *DescribeAssociationInput) (req * // // - You don't have permission to access the managed node. // -// - Amazon Web Services Systems Manager Agent(SSM Agent) isn't running. +// - Amazon Web Services Systems Manager Agent (SSM Agent) isn't running. // Verify that SSM Agent is running. // // - SSM Agent isn't registered with the SSM endpoint. Try reinstalling SSM // Agent. // -// - The managed node isn't in valid state. Valid states are: Running, Pending, -// Stopped, and Stopping. Invalid states are: Shutting-down and Terminated. +// - The managed node isn't in a valid state. Valid states are: Running, +// Pending, Stopped, and Stopping. Invalid states are: Shutting-down and +// Terminated. // // See also, https://docs.aws.amazon.com/goto/WebAPI/ssm-2014-11-06/DescribeAssociation func (c *SSM) DescribeAssociation(input *DescribeAssociationInput) (*DescribeAssociationOutput, error) { @@ -3639,6 +3770,9 @@ func (c *SSM) DescribeAvailablePatchesRequest(input *DescribeAvailablePatchesInp // // Lists all patches eligible to be included in a patch baseline. // +// Currently, DescribeAvailablePatches supports only the Amazon Linux 1, Amazon +// Linux 2, and Windows Server operating systems. +// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -3954,7 +4088,7 @@ func (c *SSM) DescribeEffectiveInstanceAssociationsRequest(input *DescribeEffect // DescribeEffectiveInstanceAssociations API operation for Amazon Simple Systems Manager (SSM). // -// All associations for the managed node(s). +// All associations for the managed nodes. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -3973,14 +4107,15 @@ func (c *SSM) DescribeEffectiveInstanceAssociationsRequest(input *DescribeEffect // // - You don't have permission to access the managed node. // -// - Amazon Web Services Systems Manager Agent(SSM Agent) isn't running. +// - Amazon Web Services Systems Manager Agent (SSM Agent) isn't running. // Verify that SSM Agent is running. // // - SSM Agent isn't registered with the SSM endpoint. Try reinstalling SSM // Agent. // -// - The managed node isn't in valid state. Valid states are: Running, Pending, -// Stopped, and Stopping. Invalid states are: Shutting-down and Terminated. +// - The managed node isn't in a valid state. Valid states are: Running, +// Pending, Stopped, and Stopping. Invalid states are: Shutting-down and +// Terminated. // // - InvalidNextToken // The specified token isn't valid. @@ -4261,7 +4396,7 @@ func (c *SSM) DescribeInstanceAssociationsStatusRequest(input *DescribeInstanceA // DescribeInstanceAssociationsStatus API operation for Amazon Simple Systems Manager (SSM). // -// The status of the associations for the managed node(s). +// The status of the associations for the managed nodes. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -4280,14 +4415,15 @@ func (c *SSM) DescribeInstanceAssociationsStatusRequest(input *DescribeInstanceA // // - You don't have permission to access the managed node. // -// - Amazon Web Services Systems Manager Agent(SSM Agent) isn't running. +// - Amazon Web Services Systems Manager Agent (SSM Agent) isn't running. // Verify that SSM Agent is running. // // - SSM Agent isn't registered with the SSM endpoint. Try reinstalling SSM // Agent. // -// - The managed node isn't in valid state. Valid states are: Running, Pending, -// Stopped, and Stopping. Invalid states are: Shutting-down and Terminated. +// - The managed node isn't in a valid state. Valid states are: Running, +// Pending, Stopped, and Stopping. Invalid states are: Shutting-down and +// Terminated. // // - InvalidNextToken // The specified token isn't valid. @@ -4414,18 +4550,19 @@ func (c *SSM) DescribeInstanceInformationRequest(input *DescribeInstanceInformat // DescribeInstanceInformation API operation for Amazon Simple Systems Manager (SSM). // -// Describes one or more of your managed nodes, including information about -// the operating system platform, the version of SSM Agent installed on the -// managed node, node status, and so on. +// Provides information about one or more of your managed nodes, including the +// operating system platform, SSM Agent version, association status, and IP +// address. This operation does not return information for nodes that are either +// Stopped or Terminated. // -// If you specify one or more managed node IDs, it returns information for those -// managed nodes. If you don't specify node IDs, it returns information for -// all your managed nodes. If you specify a node ID that isn't valid or a node -// that you don't own, you receive an error. +// If you specify one or more node IDs, the operation returns information for +// those managed nodes. If you don't specify node IDs, it returns information +// for all your managed nodes. If you specify a node ID that isn't valid or +// a node that you don't own, you receive an error. // -// The IamRole field for this API operation is the Identity and Access Management -// (IAM) role assigned to on-premises managed nodes. This call doesn't return -// the IAM role for EC2 instances. +// The IamRole field returned for this API operation is the Identity and Access +// Management (IAM) role assigned to on-premises managed nodes. This operation +// does not return the IAM role for EC2 instances. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -4444,14 +4581,15 @@ func (c *SSM) DescribeInstanceInformationRequest(input *DescribeInstanceInformat // // - You don't have permission to access the managed node. // -// - Amazon Web Services Systems Manager Agent(SSM Agent) isn't running. +// - Amazon Web Services Systems Manager Agent (SSM Agent) isn't running. // Verify that SSM Agent is running. // // - SSM Agent isn't registered with the SSM endpoint. Try reinstalling SSM // Agent. // -// - The managed node isn't in valid state. Valid states are: Running, Pending, -// Stopped, and Stopping. Invalid states are: Shutting-down and Terminated. +// - The managed node isn't in a valid state. Valid states are: Running, +// Pending, Stopped, and Stopping. Invalid states are: Shutting-down and +// Terminated. // // - InvalidNextToken // The specified token isn't valid. @@ -4887,14 +5025,15 @@ func (c *SSM) DescribeInstancePatchesRequest(input *DescribeInstancePatchesInput // // - You don't have permission to access the managed node. // -// - Amazon Web Services Systems Manager Agent(SSM Agent) isn't running. +// - Amazon Web Services Systems Manager Agent (SSM Agent) isn't running. // Verify that SSM Agent is running. // // - SSM Agent isn't registered with the SSM endpoint. Try reinstalling SSM // Agent. // -// - The managed node isn't in valid state. Valid states are: Running, Pending, -// Stopped, and Stopping. Invalid states are: Shutting-down and Terminated. +// - The managed node isn't in a valid state. Valid states are: Running, +// Pending, Stopped, and Stopping. Invalid states are: Shutting-down and +// Terminated. // // - InvalidFilter // The filter name isn't valid. Verify the you entered the correct name and @@ -6303,14 +6442,14 @@ func (c *SSM) DescribeOpsItemsRequest(input *DescribeOpsItemsInput) (req *reques // DescribeOpsItems API operation for Amazon Simple Systems Manager (SSM). // // Query a set of OpsItems. You must have permission in Identity and Access -// Management (IAM) to query a list of OpsItems. For more information, see Getting -// started with OpsCenter (https://docs.aws.amazon.com/systems-manager/latest/userguide/OpsCenter-getting-started.html) +// Management (IAM) to query a list of OpsItems. For more information, see Set +// up OpsCenter (https://docs.aws.amazon.com/systems-manager/latest/userguide/OpsCenter-setup.html) // in the Amazon Web Services Systems Manager User Guide. // // Operations engineers and IT professionals use Amazon Web Services Systems // Manager OpsCenter to view, investigate, and remediate operational issues // impacting the performance and health of their Amazon Web Services resources. -// For more information, see OpsCenter (https://docs.aws.amazon.com/systems-manager/latest/userguide/OpsCenter.html) +// For more information, see Amazon Web Services Systems Manager OpsCenter (https://docs.aws.amazon.com/systems-manager/latest/userguide/OpsCenter.html) // in the Amazon Web Services Systems Manager User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -6446,7 +6585,9 @@ func (c *SSM) DescribeParametersRequest(input *DescribeParametersInput) (req *re // DescribeParameters API operation for Amazon Simple Systems Manager (SSM). // -// Get information about a parameter. +// Lists the parameters in your Amazon Web Services account or the parameters +// shared with you when you enable the Shared (https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_DescribeParameters.html#systemsmanager-DescribeParameters-request-Shared) +// option. // // Request results are returned on a best-effort basis. If you specify MaxResults // in the request, the response includes information up to the limit specified. @@ -7308,6 +7449,9 @@ func (c *SSM) DisassociateOpsItemRelatedItemRequest(input *DisassociateOpsItemRe // A specified parameter argument isn't valid. Verify the available arguments // and try again. // +// - OpsItemConflictException +// The specified OpsItem is in the process of being deleted. +// // See also, https://docs.aws.amazon.com/goto/WebAPI/ssm-2014-11-06/DisassociateOpsItemRelatedItem func (c *SSM) DisassociateOpsItemRelatedItem(input *DisassociateOpsItemRelatedItemInput) (*DisassociateOpsItemRelatedItemOutput, error) { req, out := c.DisassociateOpsItemRelatedItemRequest(input) @@ -7586,14 +7730,15 @@ func (c *SSM) GetCommandInvocationRequest(input *GetCommandInvocationInput) (req // // - You don't have permission to access the managed node. // -// - Amazon Web Services Systems Manager Agent(SSM Agent) isn't running. +// - Amazon Web Services Systems Manager Agent (SSM Agent) isn't running. // Verify that SSM Agent is running. // // - SSM Agent isn't registered with the SSM endpoint. Try reinstalling SSM // Agent. // -// - The managed node isn't in valid state. Valid states are: Running, Pending, -// Stopped, and Stopping. Invalid states are: Shutting-down and Terminated. +// - The managed node isn't in a valid state. Valid states are: Running, +// Pending, Stopped, and Stopping. Invalid states are: Shutting-down and +// Terminated. // // - InvalidPluginName // The plugin name isn't valid. @@ -7861,7 +8006,7 @@ func (c *SSM) GetDeployablePatchSnapshotForInstanceRequest(input *GetDeployableP // Patching for applications released by Microsoft is only available on EC2 // instances and advanced instances. To patch applications released by Microsoft // on on-premises servers and VMs, you must enable advanced instances. For more -// information, see Enabling the advanced-instances tier (https://docs.aws.amazon.com/systems-manager/latest/userguide/systems-manager-managedinstances-advanced.html) +// information, see Turning on the advanced-instances tier (https://docs.aws.amazon.com/systems-manager/latest/userguide/systems-manager-managedinstances-advanced.html) // in the Amazon Web Services Systems Manager User Guide. // // See also, https://docs.aws.amazon.com/goto/WebAPI/ssm-2014-11-06/GetDeployablePatchSnapshotForInstance @@ -8761,13 +8906,13 @@ func (c *SSM) GetOpsItemRequest(input *GetOpsItemInput) (req *request.Request, o // // Get information about an OpsItem by using the ID. You must have permission // in Identity and Access Management (IAM) to view information about an OpsItem. -// For more information, see Getting started with OpsCenter (https://docs.aws.amazon.com/systems-manager/latest/userguide/OpsCenter-getting-started.html) +// For more information, see Set up OpsCenter (https://docs.aws.amazon.com/systems-manager/latest/userguide/OpsCenter-setup.html) // in the Amazon Web Services Systems Manager User Guide. // // Operations engineers and IT professionals use Amazon Web Services Systems // Manager OpsCenter to view, investigate, and remediate operational issues // impacting the performance and health of their Amazon Web Services resources. -// For more information, see OpsCenter (https://docs.aws.amazon.com/systems-manager/latest/userguide/OpsCenter.html) +// For more information, see Amazon Web Services Systems Manager OpsCenter (https://docs.aws.amazon.com/systems-manager/latest/userguide/OpsCenter.html) // in the Amazon Web Services Systems Manager User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -9779,6 +9924,9 @@ func (c *SSM) GetResourcePoliciesRequest(input *GetResourcePoliciesInput) (req * // One or more parameters specified for the call aren't valid. Verify the parameters // and their values and try again. // +// - ResourceNotFoundException +// The specified parameter to be shared could not be found. +// // See also, https://docs.aws.amazon.com/goto/WebAPI/ssm-2014-11-06/GetResourcePolicies func (c *SSM) GetResourcePolicies(input *GetResourcePoliciesInput) (*GetResourcePoliciesOutput, error) { req, out := c.GetResourcePoliciesRequest(input) @@ -10432,14 +10580,15 @@ func (c *SSM) ListCommandInvocationsRequest(input *ListCommandInvocationsInput) // // - You don't have permission to access the managed node. // -// - Amazon Web Services Systems Manager Agent(SSM Agent) isn't running. +// - Amazon Web Services Systems Manager Agent (SSM Agent) isn't running. // Verify that SSM Agent is running. // // - SSM Agent isn't registered with the SSM endpoint. Try reinstalling SSM // Agent. // -// - The managed node isn't in valid state. Valid states are: Running, Pending, -// Stopped, and Stopping. Invalid states are: Shutting-down and Terminated. +// - The managed node isn't in a valid state. Valid states are: Running, +// Pending, Stopped, and Stopping. Invalid states are: Shutting-down and +// Terminated. // // - InvalidFilterKey // The specified key isn't valid. @@ -10591,14 +10740,15 @@ func (c *SSM) ListCommandsRequest(input *ListCommandsInput) (req *request.Reques // // - You don't have permission to access the managed node. // -// - Amazon Web Services Systems Manager Agent(SSM Agent) isn't running. +// - Amazon Web Services Systems Manager Agent (SSM Agent) isn't running. // Verify that SSM Agent is running. // // - SSM Agent isn't registered with the SSM endpoint. Try reinstalling SSM // Agent. // -// - The managed node isn't in valid state. Valid states are: Running, Pending, -// Stopped, and Stopping. Invalid states are: Shutting-down and Terminated. +// - The managed node isn't in a valid state. Valid states are: Running, +// Pending, Stopped, and Stopping. Invalid states are: Shutting-down and +// Terminated. // // - InvalidFilterKey // The specified key isn't valid. @@ -11415,14 +11565,15 @@ func (c *SSM) ListInventoryEntriesRequest(input *ListInventoryEntriesInput) (req // // - You don't have permission to access the managed node. // -// - Amazon Web Services Systems Manager Agent(SSM Agent) isn't running. +// - Amazon Web Services Systems Manager Agent (SSM Agent) isn't running. // Verify that SSM Agent is running. // // - SSM Agent isn't registered with the SSM endpoint. Try reinstalling SSM // Agent. // -// - The managed node isn't in valid state. Valid states are: Running, Pending, -// Stopped, and Stopping. Invalid states are: Shutting-down and Terminated. +// - The managed node isn't in a valid state. Valid states are: Running, +// Pending, Stopped, and Stopping. Invalid states are: Shutting-down and +// Terminated. // // - InvalidTypeNameException // The parameter type name isn't valid. @@ -11525,8 +11676,7 @@ func (c *SSM) ListOpsItemEventsRequest(input *ListOpsItemEventsInput) (req *requ // The specified OpsItem ID doesn't exist. Verify the ID and try again. // // - OpsItemLimitExceededException -// The request caused OpsItems to exceed one or more quotas. For information -// about OpsItem quotas, see What are the resource limits for OpsCenter? (https://docs.aws.amazon.com/systems-manager/latest/userguide/OpsCenter-learn-more.html#OpsCenter-learn-more-limits). +// The request caused OpsItems to exceed one or more quotas. // // - OpsItemInvalidParameterException // A specified parameter argument isn't valid. Verify the available arguments @@ -12318,8 +12468,8 @@ func (c *SSM) ModifyDocumentPermissionRequest(input *ModifyDocumentPermissionInp // // Shares a Amazon Web Services Systems Manager document (SSM document)publicly // or privately. If you share a document privately, you must specify the Amazon -// Web Services user account IDs for those people who can use the document. -// If you share a document publicly, you must specify All as the account ID. +// Web Services user IDs for those people who can use the document. If you share +// a document publicly, you must specify All as the account ID. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -12341,8 +12491,8 @@ func (c *SSM) ModifyDocumentPermissionRequest(input *ModifyDocumentPermissionInp // type. // // - DocumentPermissionLimit -// The document can't be shared with more Amazon Web Services user accounts. -// You can specify a maximum of 20 accounts per API operation to share a private +// The document can't be shared with more Amazon Web Services accounts. You +// can specify a maximum of 20 accounts per API operation to share a private // document. // // By default, you can share a private document with a maximum of 1,000 accounts @@ -12582,14 +12732,15 @@ func (c *SSM) PutInventoryRequest(input *PutInventoryInput) (req *request.Reques // // - You don't have permission to access the managed node. // -// - Amazon Web Services Systems Manager Agent(SSM Agent) isn't running. +// - Amazon Web Services Systems Manager Agent (SSM Agent) isn't running. // Verify that SSM Agent is running. // // - SSM Agent isn't registered with the SSM endpoint. Try reinstalling SSM // Agent. // -// - The managed node isn't in valid state. Valid states are: Running, Pending, -// Stopped, and Stopping. Invalid states are: Shutting-down and Terminated. +// - The managed node isn't in a valid state. Valid states are: Running, +// Pending, Stopped, and Stopping. Invalid states are: Shutting-down and +// Terminated. // // - InvalidTypeNameException // The parameter type name isn't valid. @@ -12843,10 +12994,36 @@ func (c *SSM) PutResourcePolicyRequest(input *PutResourcePolicyInput) (req *requ // // Creates or updates a Systems Manager resource policy. A resource policy helps // you to define the IAM entity (for example, an Amazon Web Services account) -// that can manage your Systems Manager resources. Currently, OpsItemGroup is -// the only resource that supports Systems Manager resource policies. The resource -// policy for OpsItemGroup enables Amazon Web Services accounts to view and -// interact with OpsCenter operational work items (OpsItems). +// that can manage your Systems Manager resources. The following resources support +// Systems Manager resource policies. +// +// - OpsItemGroup - The resource policy for OpsItemGroup enables Amazon Web +// Services accounts to view and interact with OpsCenter operational work +// items (OpsItems). +// +// - Parameter - The resource policy is used to share a parameter with other +// accounts using Resource Access Manager (RAM). To share a parameter, it +// must be in the advanced parameter tier. For information about parameter +// tiers, see Managing parameter tiers (https://docs.aws.amazon.com/systems-manager/latest/userguide/parameter-store-advanced-parameters.html). +// For information about changing an existing standard parameter to an advanced +// parameter, see Changing a standard parameter to an advanced parameter +// (https://docs.aws.amazon.com/systems-manager/latest/userguide/parameter-store-advanced-parameters.html#parameter-store-advanced-parameters-enabling). +// To share a SecureString parameter, it must be encrypted with a customer +// managed key, and you must share the key separately through Key Management +// Service. Amazon Web Services managed keys cannot be shared. Parameters +// encrypted with the default Amazon Web Services managed key can be updated +// to use a customer managed key instead. For KMS key definitions, see KMS +// concepts (https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html) +// in the Key Management Service Developer Guide. While you can share a parameter +// using the Systems Manager PutResourcePolicy operation, we recommend using +// Resource Access Manager (RAM) instead. This is because using PutResourcePolicy +// requires the extra step of promoting the parameter to a standard RAM Resource +// Share using the RAM PromoteResourceShareCreatedFromPolicy (https://docs.aws.amazon.com/ram/latest/APIReference/API_PromoteResourceShareCreatedFromPolicy.html) +// API operation. Otherwise, the parameter won't be returned by the Systems +// Manager DescribeParameters (https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_DescribeParameters.html) +// API operation using the --shared option. For more information, see Sharing +// a parameter (https://docs.aws.amazon.com/systems-manager/latest/userguide/parameter-store-shared-parameters.html#share) +// in the Amazon Web Services Systems Manager User Guide // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -12874,6 +13051,16 @@ func (c *SSM) PutResourcePolicyRequest(input *PutResourcePolicyInput) (req *requ // is thrown when trying to update an obsolete policy version or when multiple // requests to update a policy are sent. // +// - ResourceNotFoundException +// The specified parameter to be shared could not be found. +// +// - MalformedResourcePolicyDocumentException +// The specified policy document is malformed or invalid, or excessive PutResourcePolicy +// or DeleteResourcePolicy calls have been made. +// +// - ResourcePolicyNotFoundException +// No policies with the specified policy ID and hash could be found. +// // See also, https://docs.aws.amazon.com/goto/WebAPI/ssm-2014-11-06/PutResourcePolicy func (c *SSM) PutResourcePolicy(input *PutResourcePolicyInput) (*PutResourcePolicyOutput, error) { req, out := c.PutResourcePolicyRequest(input) @@ -13740,14 +13927,15 @@ func (c *SSM) SendCommandRequest(input *SendCommandInput) (req *request.Request, // // - You don't have permission to access the managed node. // -// - Amazon Web Services Systems Manager Agent(SSM Agent) isn't running. +// - Amazon Web Services Systems Manager Agent (SSM Agent) isn't running. // Verify that SSM Agent is running. // // - SSM Agent isn't registered with the SSM endpoint. Try reinstalling SSM // Agent. // -// - The managed node isn't in valid state. Valid states are: Running, Pending, -// Stopped, and Stopping. Invalid states are: Shutting-down and Terminated. +// - The managed node isn't in a valid state. Valid states are: Running, +// Pending, Stopped, and Stopping. Invalid states are: Shutting-down and +// Terminated. // // - InvalidDocument // The specified SSM document doesn't exist. @@ -13765,8 +13953,8 @@ func (c *SSM) SendCommandRequest(input *SendCommandInput) (req *request.Request, // // - UnsupportedPlatformType // The document doesn't support the platform type of the given managed node -// ID(s). For example, you sent an document for a Windows managed node to a -// Linux node. +// IDs. For example, you sent an document for a Windows managed node to a Linux +// node. // // - MaxDocumentSizeExceeded // The size limit of a document is 64 KB. @@ -13775,7 +13963,8 @@ func (c *SSM) SendCommandRequest(input *SendCommandInput) (req *request.Request, // The role name can't contain invalid characters. Also verify that you specified // an IAM role for notifications that includes the required trust policy. For // information about configuring the IAM role for Run Command notifications, -// see Configuring Amazon SNS Notifications for Run Command (https://docs.aws.amazon.com/systems-manager/latest/userguide/rc-sns-notifications.html) +// see Monitoring Systems Manager status changes using Amazon SNS notifications +// (https://docs.aws.amazon.com/systems-manager/latest/userguide/monitoring-sns-notifications.html) // in the Amazon Web Services Systems Manager User Guide. // // - InvalidNotificationConfig @@ -14505,13 +14694,12 @@ func (c *SSM) UpdateAssociationRequest(input *UpdateAssociationInput) (req *requ // that you call the DescribeAssociation API operation and make a note of all // optional parameters required for your UpdateAssociation call. // -// In order to call this API operation, your Identity and Access Management -// (IAM) user account, group, or role must be configured with permission to -// call the DescribeAssociation API operation. If you don't have permission -// to call DescribeAssociation, then you receive the following error: An error -// occurred (AccessDeniedException) when calling the UpdateAssociation operation: -// User: isn't authorized to perform: ssm:DescribeAssociation on -// resource: +// In order to call this API operation, a user, group, or role must be granted +// permission to call the DescribeAssociation API operation. If you don't have +// permission to call DescribeAssociation, then you receive the following error: +// An error occurred (AccessDeniedException) when calling the UpdateAssociation +// operation: User: isn't authorized to perform: ssm:DescribeAssociation +// on resource: // // When you update an association, the association immediately runs against // the specified targets. You can add the ApplyOnlyAtCronInterval parameter @@ -14661,14 +14849,15 @@ func (c *SSM) UpdateAssociationStatusRequest(input *UpdateAssociationStatusInput // // - You don't have permission to access the managed node. // -// - Amazon Web Services Systems Manager Agent(SSM Agent) isn't running. +// - Amazon Web Services Systems Manager Agent (SSM Agent) isn't running. // Verify that SSM Agent is running. // // - SSM Agent isn't registered with the SSM endpoint. Try reinstalling SSM // Agent. // -// - The managed node isn't in valid state. Valid states are: Running, Pending, -// Stopped, and Stopping. Invalid states are: Shutting-down and Terminated. +// - The managed node isn't in a valid state. Valid states are: Running, +// Pending, Stopped, and Stopping. Invalid states are: Shutting-down and +// Terminated. // // - InvalidDocument // The specified SSM document doesn't exist. @@ -15381,14 +15570,15 @@ func (c *SSM) UpdateManagedInstanceRoleRequest(input *UpdateManagedInstanceRoleI // // - You don't have permission to access the managed node. // -// - Amazon Web Services Systems Manager Agent(SSM Agent) isn't running. +// - Amazon Web Services Systems Manager Agent (SSM Agent) isn't running. // Verify that SSM Agent is running. // // - SSM Agent isn't registered with the SSM endpoint. Try reinstalling SSM // Agent. // -// - The managed node isn't in valid state. Valid states are: Running, Pending, -// Stopped, and Stopping. Invalid states are: Shutting-down and Terminated. +// - The managed node isn't in a valid state. Valid states are: Running, +// Pending, Stopped, and Stopping. Invalid states are: Shutting-down and +// Terminated. // // - InternalServerError // An error occurred on the server side. @@ -15460,14 +15650,14 @@ func (c *SSM) UpdateOpsItemRequest(input *UpdateOpsItemInput) (req *request.Requ // UpdateOpsItem API operation for Amazon Simple Systems Manager (SSM). // // Edit or change an OpsItem. You must have permission in Identity and Access -// Management (IAM) to update an OpsItem. For more information, see Getting -// started with OpsCenter (https://docs.aws.amazon.com/systems-manager/latest/userguide/OpsCenter-getting-started.html) +// Management (IAM) to update an OpsItem. For more information, see Set up OpsCenter +// (https://docs.aws.amazon.com/systems-manager/latest/userguide/OpsCenter-setup.html) // in the Amazon Web Services Systems Manager User Guide. // // Operations engineers and IT professionals use Amazon Web Services Systems // Manager OpsCenter to view, investigate, and remediate operational issues // impacting the performance and health of their Amazon Web Services resources. -// For more information, see OpsCenter (https://docs.aws.amazon.com/systems-manager/latest/userguide/OpsCenter.html) +// For more information, see Amazon Web Services Systems Manager OpsCenter (https://docs.aws.amazon.com/systems-manager/latest/userguide/OpsCenter.html) // in the Amazon Web Services Systems Manager User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -15489,8 +15679,7 @@ func (c *SSM) UpdateOpsItemRequest(input *UpdateOpsItemInput) (req *request.Requ // The OpsItem already exists. // // - OpsItemLimitExceededException -// The request caused OpsItems to exceed one or more quotas. For information -// about OpsItem quotas, see What are the resource limits for OpsCenter? (https://docs.aws.amazon.com/systems-manager/latest/userguide/OpsCenter-learn-more.html#OpsCenter-learn-more-limits). +// The request caused OpsItems to exceed one or more quotas. // // - OpsItemInvalidParameterException // A specified parameter argument isn't valid. Verify the available arguments @@ -15501,6 +15690,9 @@ func (c *SSM) UpdateOpsItemRequest(input *UpdateOpsItemInput) (req *request.Requ // that your account is configured either as a Systems Manager delegated administrator // or that you are logged into the Organizations management account. // +// - OpsItemConflictException +// The specified OpsItem is in the process of being deleted. +// // See also, https://docs.aws.amazon.com/goto/WebAPI/ssm-2014-11-06/UpdateOpsItem func (c *SSM) UpdateOpsItem(input *UpdateOpsItemInput) (*UpdateOpsItemOutput, error) { req, out := c.UpdateOpsItemRequest(input) @@ -16086,7 +16278,8 @@ type AddTagsToResourceInput struct { // object with an ARN of arn:aws:ssm:us-east-2:1234567890:opsmetadata/aws/ssm/MyGroup/appmanager // has a ResourceID of either aws/ssm/MyGroup/appmanager or /aws/ssm/MyGroup/appmanager. // - // For the Document and Parameter values, use the name of the resource. + // For the Document and Parameter values, use the name of the resource. If you're + // tagging a shared document, you must use the full ARN of the document. // // ManagedInstance: mi-012345abcde // @@ -16261,9 +16454,11 @@ type AlarmConfiguration struct { // Alarms is a required field Alarms []*Alarm `min:"1" type:"list" required:"true"` - // If you specify true for this value, your automation or command continue to - // run even if we can't gather information about the state of your CloudWatch - // alarm. The default value is false. + // When this value is true, your automation or command continues to run in cases + // where we can’t retrieve alarm status information from CloudWatch. In cases + // where we successfully retrieve an alarm status of OK or INSUFFICIENT_DATA, + // the automation or command continues to run, regardless of this value. Default + // is false. IgnorePollAlarmFailure *bool `type:"boolean"` } @@ -16653,6 +16848,11 @@ type Association struct { // form another account, you must set the document version to default. DocumentVersion *string `type:"string"` + // The number of hours that an association can run on specified targets. After + // the resulting cutoff time passes, associations that are currently running + // are cancelled, and no pending executions are started on remaining targets. + Duration *int64 `min:"1" type:"integer"` + // The managed node ID. InstanceId *string `type:"string"` @@ -16724,6 +16924,12 @@ func (s *Association) SetDocumentVersion(v string) *Association { return s } +// SetDuration sets the Duration field's value. +func (s *Association) SetDuration(v int64) *Association { + s.Duration = &v + return s +} + // SetInstanceId sets the InstanceId field's value. func (s *Association) SetInstanceId(v string) *Association { s.InstanceId = &v @@ -16880,6 +17086,11 @@ type AssociationDescription struct { // The document version. DocumentVersion *string `type:"string"` + // The number of hours that an association can run on specified targets. After + // the resulting cutoff time passes, associations that are currently running + // are cancelled, and no pending executions are started on remaining targets. + Duration *int64 `min:"1" type:"integer"` + // The managed node ID. InstanceId *string `type:"string"` @@ -17050,6 +17261,12 @@ func (s *AssociationDescription) SetDocumentVersion(v string) *AssociationDescri return s } +// SetDuration sets the Duration field's value. +func (s *AssociationDescription) SetDuration(v int64) *AssociationDescription { + s.Duration = &v + return s +} + // SetInstanceId sets the InstanceId field's value. func (s *AssociationDescription) SetInstanceId(v string) *AssociationDescription { s.InstanceId = &v @@ -17952,6 +18169,11 @@ type AssociationVersionInfo struct { // used when the association version was created. DocumentVersion *string `type:"string"` + // The number of hours that an association can run on specified targets. After + // the resulting cutoff time passes, associations that are currently running + // are cancelled, and no pending executions are started on remaining targets. + Duration *int64 `min:"1" type:"integer"` + // The maximum number of targets allowed to run the association at the same // time. You can specify a number, for example 10, or a percentage of the target // set, for example 10%. The default value is 100%, which means all targets @@ -18093,6 +18315,12 @@ func (s *AssociationVersionInfo) SetDocumentVersion(v string) *AssociationVersio return s } +// SetDuration sets the Duration field's value. +func (s *AssociationVersionInfo) SetDuration(v int64) *AssociationVersionInfo { + s.Duration = &v + return s +} + // SetMaxConcurrency sets the MaxConcurrency field's value. func (s *AssociationVersionInfo) SetMaxConcurrency(v string) *AssociationVersionInfo { s.MaxConcurrency = &v @@ -18714,6 +18942,9 @@ type AutomationExecution struct { // The CloudWatch alarm that was invoked by the automation. TriggeredAlarms []*AlarmStateInformation `min:"1" type:"list"` + + // Variables defined for the automation. + Variables map[string][]*string `min:"1" type:"map"` } // String returns the string representation. @@ -18932,6 +19163,12 @@ func (s *AutomationExecution) SetTriggeredAlarms(v []*AlarmStateInformation) *Au return s } +// SetVariables sets the Variables field's value. +func (s *AutomationExecution) SetVariables(v map[string][]*string) *AutomationExecution { + s.Variables = v + return s +} + // A filter used to match specific automation executions. This is used to limit // the scope of Automation execution information returned. type AutomationExecutionFilter struct { @@ -19920,7 +20157,7 @@ type Command struct { // The maximum number of managed nodes that are allowed to run the command at // the same time. You can specify a number of managed nodes, such as 10, or // a percentage of nodes, such as 10%. The default value is 50. For more information - // about how to use MaxConcurrency, see Running commands using Systems Manager + // about how to use MaxConcurrency, see Amazon Web Services Systems Manager // Run Command (https://docs.aws.amazon.com/systems-manager/latest/userguide/run-command.html) // in the Amazon Web Services Systems Manager User Guide. MaxConcurrency *string `min:"1" type:"string"` @@ -19928,8 +20165,8 @@ type Command struct { // The maximum number of errors allowed before the system stops sending the // command to additional targets. You can specify a number of errors, such as // 10, or a percentage or errors, such as 10%. The default value is 0. For more - // information about how to use MaxErrors, see Running commands using Systems - // Manager Run Command (https://docs.aws.amazon.com/systems-manager/latest/userguide/run-command.html) + // information about how to use MaxErrors, see Amazon Web Services Systems Manager + // Run Command (https://docs.aws.amazon.com/systems-manager/latest/userguide/run-command.html) // in the Amazon Web Services Systems Manager User Guide. MaxErrors *string `min:"1" type:"string"` @@ -20733,7 +20970,7 @@ func (s *CommandPlugin) SetStatusDetails(v string) *CommandPlugin { // A summary of the call execution that includes an execution ID, the type of // execution (for example, Command), and the date/time of the execution using -// a datetime object that is saved in the following format: yyyy-MM-dd'T'HH:mm:ss'Z'. +// a datetime object that is saved in the following format: yyyy-MM-dd'T'HH:mm:ss'Z' type ComplianceExecutionSummary struct { _ struct{} `type:"structure"` @@ -20742,7 +20979,7 @@ type ComplianceExecutionSummary struct { ExecutionId *string `type:"string"` // The time the execution ran as a datetime object that is saved in the following - // format: yyyy-MM-dd'T'HH:mm:ss'Z'. + // format: yyyy-MM-dd'T'HH:mm:ss'Z' // // ExecutionTime is a required field ExecutionTime *time.Time `type:"timestamp" required:"true"` @@ -21256,8 +21493,8 @@ type CreateActivationInput struct { // The name of the Identity and Access Management (IAM) role that you want to // assign to the managed node. This IAM role must provide AssumeRole permissions // for the Amazon Web Services Systems Manager service principal ssm.amazonaws.com. - // For more information, see Create an IAM service role for a hybrid environment - // (https://docs.aws.amazon.com/systems-manager/latest/userguide/sysman-service-role.html) + // For more information, see Create an IAM service role for a hybrid and multicloud + // environment (https://docs.aws.amazon.com/systems-manager/latest/userguide/sysman-service-role.html) // in the Amazon Web Services Systems Manager User Guide. // // You can't specify an IAM service-linked role for this parameter. You must @@ -21570,6 +21807,22 @@ type CreateAssociationBatchRequestEntry struct { // The document version. DocumentVersion *string `type:"string"` + // The number of hours the association can run before it is canceled. Duration + // applies to associations that are currently running, and any pending and in + // progress commands on all targets. If a target was taken offline for the association + // to run, it is made available again immediately, without a reboot. + // + // The Duration parameter applies only when both these conditions are true: + // + // * The association for which you specify a duration is cancelable according + // to the parameters of the SSM command document or Automation runbook associated + // with this execution. + // + // * The command specifies the ApplyOnlyAtCronInterval (https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_CreateAssociationBatchRequestEntry.html#systemsmanager-Type-CreateAssociationBatchRequestEntry-ApplyOnlyAtCronInterval) + // parameter, which means that the association doesn't run immediately after + // it is created, but only according to the specified schedule. + Duration *int64 `min:"1" type:"integer"` + // The managed node ID. // // InstanceId has been deprecated. To specify a managed node ID for an association, @@ -21696,6 +21949,9 @@ func (s *CreateAssociationBatchRequestEntry) Validate() error { if s.AutomationTargetParameterName != nil && len(*s.AutomationTargetParameterName) < 1 { invalidParams.Add(request.NewErrParamMinLen("AutomationTargetParameterName", 1)) } + if s.Duration != nil && *s.Duration < 1 { + invalidParams.Add(request.NewErrParamMinValue("Duration", 1)) + } if s.MaxConcurrency != nil && len(*s.MaxConcurrency) < 1 { invalidParams.Add(request.NewErrParamMinLen("MaxConcurrency", 1)) } @@ -21793,6 +22049,12 @@ func (s *CreateAssociationBatchRequestEntry) SetDocumentVersion(v string) *Creat return s } +// SetDuration sets the Duration field's value. +func (s *CreateAssociationBatchRequestEntry) SetDuration(v int64) *CreateAssociationBatchRequestEntry { + s.Duration = &v + return s +} + // SetInstanceId sets the InstanceId field's value. func (s *CreateAssociationBatchRequestEntry) SetInstanceId(v string) *CreateAssociationBatchRequestEntry { s.InstanceId = &v @@ -21896,7 +22158,7 @@ type CreateAssociationInput struct { // The severity level to assign to the association. ComplianceSeverity *string `type:"string" enum:"AssociationComplianceSeverity"` - // The document version you want to associate with the target(s). Can be a specific + // The document version you want to associate with the targets. Can be a specific // version or the default version. // // State Manager doesn't support running associations that use a new version @@ -21907,6 +22169,22 @@ type CreateAssociationInput struct { // form another account, you must set the document version to default. DocumentVersion *string `type:"string"` + // The number of hours the association can run before it is canceled. Duration + // applies to associations that are currently running, and any pending and in + // progress commands on all targets. If a target was taken offline for the association + // to run, it is made available again immediately, without a reboot. + // + // The Duration parameter applies only when both these conditions are true: + // + // * The association for which you specify a duration is cancelable according + // to the parameters of the SSM command document or Automation runbook associated + // with this execution. + // + // * The command specifies the ApplyOnlyAtCronInterval (https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_CreateAssociation.html#systemsmanager-CreateAssociation-request-ApplyOnlyAtCronInterval) + // parameter, which means that the association doesn't run immediately after + // it is created, but only according to the specified schedule. + Duration *int64 `min:"1" type:"integer"` + // The managed node ID. // // InstanceId has been deprecated. To specify a managed node ID for an association, @@ -21948,7 +22226,7 @@ type CreateAssociationInput struct { // the configuration information for the managed node. // // You can specify Amazon Web Services-predefined documents, documents you created, - // or a document that is shared with you from another account. + // or a document that is shared with you from another Amazon Web Services account. // // For Systems Manager documents (SSM documents) that are shared with you from // other Amazon Web Services accounts, you must specify the complete SSM document @@ -21978,7 +22256,7 @@ type CreateAssociationInput struct { // String and GoString methods. Parameters map[string][]*string `type:"map" sensitive:"true"` - // A cron expression when the association will be applied to the target(s). + // A cron expression when the association will be applied to the targets. ScheduleExpression *string `min:"1" type:"string"` // Number of days to wait after the scheduled day to run an association. For @@ -22028,7 +22306,7 @@ type CreateAssociationInput struct { // account, or individual managed node IDs. You can target all managed nodes // in an Amazon Web Services account by specifying the InstanceIds key with // a value of *. For more information about choosing targets for an association, - // see Using targets and rate controls with State Manager associations (https://docs.aws.amazon.com/systems-manager/latest/userguide/systems-manager-state-manager-targets-and-rate-controls.html) + // see About targets and rate controls in State Manager associations (https://docs.aws.amazon.com/systems-manager/latest/userguide/systems-manager-state-manager-targets-and-rate-controls.html) // in the Amazon Web Services Systems Manager User Guide. Targets []*Target `type:"list"` } @@ -22057,6 +22335,9 @@ func (s *CreateAssociationInput) Validate() error { if s.AutomationTargetParameterName != nil && len(*s.AutomationTargetParameterName) < 1 { invalidParams.Add(request.NewErrParamMinLen("AutomationTargetParameterName", 1)) } + if s.Duration != nil && *s.Duration < 1 { + invalidParams.Add(request.NewErrParamMinValue("Duration", 1)) + } if s.MaxConcurrency != nil && len(*s.MaxConcurrency) < 1 { invalidParams.Add(request.NewErrParamMinLen("MaxConcurrency", 1)) } @@ -22164,6 +22445,12 @@ func (s *CreateAssociationInput) SetDocumentVersion(v string) *CreateAssociation return s } +// SetDuration sets the Duration field's value. +func (s *CreateAssociationInput) SetDuration(v int64) *CreateAssociationInput { + s.Duration = &v + return s +} + // SetInstanceId sets the InstanceId field's value. func (s *CreateAssociationInput) SetInstanceId(v string) *CreateAssociationInput { s.InstanceId = &v @@ -22279,18 +22566,20 @@ type CreateDocumentInput struct { // A list of key-value pairs that describe attachments to a version of a document. Attachments []*AttachmentsSource `type:"list"` - // The content for the new SSM document in JSON or YAML format. We recommend - // storing the contents for your new document in an external JSON or YAML file - // and referencing the file in a command. + // The content for the new SSM document in JSON or YAML format. The content + // of the document must not exceed 64KB. This quota also includes the content + // specified for input parameters at runtime. We recommend storing the contents + // for your new document in an external JSON or YAML file and referencing the + // file in a command. // // For examples, see the following topics in the Amazon Web Services Systems // Manager User Guide. // - // * Create an SSM document (Amazon Web Services API) (https://docs.aws.amazon.com/systems-manager/latest/userguide/create-ssm-document-api.html) + // * Create an SSM document (console) (https://docs.aws.amazon.com/systems-manager/latest/userguide/documents-using.html#create-ssm-console) // - // * Create an SSM document (Amazon Web Services CLI) (https://docs.aws.amazon.com/systems-manager/latest/userguide/create-ssm-document-cli.html) + // * Create an SSM document (command line) (https://docs.aws.amazon.com/systems-manager/latest/userguide/documents-using.html#create-ssm-document-cli) // - // * Create an SSM document (API) (https://docs.aws.amazon.com/systems-manager/latest/userguide/create-ssm-document-api.html) + // * Create an SSM document (API) (https://docs.aws.amazon.com/systems-manager/latest/userguide/documents-using.html#create-ssm-document-api) // // Content is a required field Content *string `min:"1" type:"string" required:"true"` @@ -22792,8 +23081,7 @@ type CreateOpsItemInput struct { // The target Amazon Web Services account where you want to create an OpsItem. // To make this call, your account must be configured to work with OpsItems - // across accounts. For more information, see Setting up OpsCenter to work with - // OpsItems across accounts (https://docs.aws.amazon.com/systems-manager/latest/userguide/systems-manager-OpsCenter-multiple-accounts.html) + // across accounts. For more information, see Set up OpsCenter (https://docs.aws.amazon.com/systems-manager/latest/userguide/OpsCenter-setup.html) // in the Amazon Web Services Systems Manager User Guide. AccountId *string `type:"string"` @@ -22808,7 +23096,11 @@ type CreateOpsItemInput struct { // Specify a category to assign to an OpsItem. Category *string `min:"1" type:"string"` - // Information about the OpsItem. + // User-defined text that contains information about the OpsItem, in Markdown + // format. + // + // Provide enough information so that users viewing this OpsItem for the first + // time understand the issue. // // Description is a required field Description *string `min:"1" type:"string" required:"true"` @@ -22836,7 +23128,7 @@ type CreateOpsItemInput struct { // Use the /aws/resources key in OperationalData to specify a related resource // in the request. Use the /aws/automations key in OperationalData to associate // an Automation runbook with the OpsItem. To view Amazon Web Services CLI example - // commands that use these keys, see Creating OpsItems manually (https://docs.aws.amazon.com/systems-manager/latest/userguide/OpsCenter-creating-OpsItems.html#OpsCenter-manually-create-OpsItems) + // commands that use these keys, see Create OpsItems manually (https://docs.aws.amazon.com/systems-manager/latest/userguide/OpsCenter-manually-create-OpsItems.html) // in the Amazon Web Services Systems Manager User Guide. OperationalData map[string]*OpsItemDataValue `type:"map"` @@ -22849,7 +23141,7 @@ type CreateOpsItemInput struct { // * /aws/changerequest This type of OpsItem is used by Change Manager for // reviewing and approving or rejecting change requests. // - // * /aws/insights This type of OpsItem is used by OpsCenter for aggregating + // * /aws/insight This type of OpsItem is used by OpsCenter for aggregating // and reporting on duplicate OpsItems. OpsItemType *string `type:"string"` @@ -22879,10 +23171,7 @@ type CreateOpsItemInput struct { // Source is a required field Source *string `min:"1" type:"string" required:"true"` - // Optional metadata that you assign to a resource. You can restrict access - // to OpsItems by using an inline IAM policy that specifies tags. For more information, - // see Getting started with OpsCenter (https://docs.aws.amazon.com/systems-manager/latest/userguide/OpsCenter-getting-started.html#OpsCenter-getting-started-user-permissions) - // in the Amazon Web Services Systems Manager User Guide. + // Optional metadata that you assign to a resource. // // Tags use a key-value pair. For example: // @@ -23300,11 +23589,11 @@ type CreatePatchBaselineInput struct { // with the patch baseline, and its status is reported as InstalledOther. // This is the default action if no option is specified. // - // * BLOCK : Packages in the RejectedPatches list, and packages that include - // them as dependencies, aren't installed under any circumstances. If a package - // was installed before it was added to the Rejected patches list, it is - // considered non-compliant with the patch baseline, and its status is reported - // as InstalledRejected. + // * BLOCK: Packages in the Rejected patches list, and packages that include + // them as dependencies, aren't installed by Patch Manager under any circumstances. + // If a package was installed before it was added to the Rejected patches + // list, or is installed outside of Patch Manager afterward, it's considered + // noncompliant with the patch baseline and its status is reported as InstalledRejected. RejectedPatchesAction *string `type:"string" enum:"PatchAction"` // Information about the patches to use to update the managed nodes, including @@ -24038,7 +24327,7 @@ type DeleteInventoryOutput struct { DeletionId *string `type:"string"` // A summary of the delete operation. For more information about this summary, - // see Deleting custom inventory (https://docs.aws.amazon.com/systems-manager/latest/userguide/sysman-inventory-custom.html#sysman-inventory-delete-summary) + // see Understanding the delete inventory summary (https://docs.aws.amazon.com/systems-manager/latest/userguide/sysman-inventory-custom.html#sysman-inventory-delete-summary) // in the Amazon Web Services Systems Manager User Guide. DeletionSummary *InventoryDeletionSummary `type:"structure"` @@ -24162,6 +24451,74 @@ func (s *DeleteMaintenanceWindowOutput) SetWindowId(v string) *DeleteMaintenance return s } +type DeleteOpsItemInput struct { + _ struct{} `type:"structure"` + + // The ID of the OpsItem that you want to delete. + // + // OpsItemId is a required field + OpsItemId *string `type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DeleteOpsItemInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DeleteOpsItemInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DeleteOpsItemInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DeleteOpsItemInput"} + if s.OpsItemId == nil { + invalidParams.Add(request.NewErrParamRequired("OpsItemId")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetOpsItemId sets the OpsItemId field's value. +func (s *DeleteOpsItemInput) SetOpsItemId(v string) *DeleteOpsItemInput { + s.OpsItemId = &v + return s +} + +type DeleteOpsItemOutput struct { + _ struct{} `type:"structure"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DeleteOpsItemOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DeleteOpsItemOutput) GoString() string { + return s.String() +} + type DeleteOpsMetadataInput struct { _ struct{} `type:"structure"` @@ -24238,6 +24595,9 @@ type DeleteParameterInput struct { // The name of the parameter to delete. // + // You can't enter the Amazon Resource Name (ARN) for a parameter, only the + // parameter name itself. + // // Name is a required field Name *string `min:"1" type:"string" required:"true"` } @@ -24310,6 +24670,9 @@ type DeleteParametersInput struct { // The names of the parameters to delete. After deleting a parameter, wait for // at least 30 seconds to create a parameter with the same name. // + // You can't enter the Amazon Resource Name (ARN) for a parameter, only the + // parameter name itself. + // // Names is a required field Names []*string `min:"1" type:"list" required:"true"` } @@ -26035,8 +26398,8 @@ type DescribeDocumentInput struct { Name *string `type:"string" required:"true"` // An optional field specifying the version of the artifact associated with - // the document. For example, "Release 12, Update 6". This value is unique across - // all versions of a document, and can't be changed. + // the document. For example, 12.6. This value is unique across all versions + // of a document, and can't be changed. VersionName *string `type:"string"` } @@ -26594,8 +26957,9 @@ type DescribeInstanceInformationInput struct { _ struct{} `type:"structure"` // One or more filters. Use a filter to return a more specific list of managed - // nodes. You can filter based on tags applied to your managed nodes. Use this - // Filters data type instead of InstanceInformationFilterList, which is deprecated. + // nodes. You can filter based on tags applied to your managed nodes. Tag filters + // can't be combined with other filter types. Use this Filters data type instead + // of InstanceInformationFilterList, which is deprecated. Filters []*InstanceInformationStringFilter `type:"list"` // This is a legacy method. We recommend that you don't use this method. Instead, @@ -26608,7 +26972,7 @@ type DescribeInstanceInformationInput struct { // The maximum number of items to return for this call. The call also returns // a token that you can specify in a subsequent call to get the next set of - // results. + // results. The default value is 10 items. MaxResults *int64 `min:"5" type:"integer"` // The token for the next set of items to return. (You received this token from @@ -26993,6 +27357,9 @@ type DescribeInstancePatchesInput struct { // * Severity Sample values: Important | Medium | Low // // * State Sample values: Installed | InstalledOther | InstalledPendingReboot + // For lists of all State values, see Understanding patch compliance state + // values (https://docs.aws.amazon.com/systems-manager/latest/userguide/patch-manager-compliance-states.html) + // in the Amazon Web Services Systems Manager User Guide. Filters []*PatchOrchestratorFilter `type:"list"` // The ID of the managed node whose patch state information should be retrieved. @@ -28388,6 +28755,8 @@ type DescribeOpsItemsInput struct { // // * Key: AutomationId Operations: Equals // + // * Key: AccountId Operations: Equals + // // *The Equals operator for Title matches the first 100 characters. If you specify // more than 100 characters, they system returns an error that the filter value // exceeds the length limit. @@ -28514,6 +28883,21 @@ type DescribeParametersInput struct { // Filters to limit the request results. ParameterFilters []*ParameterStringFilter `type:"list"` + + // Lists parameters that are shared with you. + // + // By default when using this option, the command returns parameters that have + // been shared using a standard Resource Access Manager Resource Share. In order + // for a parameter that was shared using the PutResourcePolicy command to be + // returned, the associated RAM Resource Share Created From Policy must have + // been promoted to a standard Resource Share using the RAM PromoteResourceShareCreatedFromPolicy + // (https://docs.aws.amazon.com/ram/latest/APIReference/API_PromoteResourceShareCreatedFromPolicy.html) + // API operation. + // + // For more information about sharing parameters, see Working with shared parameters + // (https://docs.aws.amazon.com/systems-manager/latest/userguide/parameter-store-shared-parameters.html) + // in the Amazon Web Services Systems Manager User Guide. + Shared *bool `type:"boolean"` } // String returns the string representation. @@ -28591,6 +28975,12 @@ func (s *DescribeParametersInput) SetParameterFilters(v []*ParameterStringFilter return s } +// SetShared sets the Shared field's value. +func (s *DescribeParametersInput) SetShared(v bool) *DescribeParametersInput { + s.Shared = &v + return s +} + type DescribeParametersOutput struct { _ struct{} `type:"structure"` @@ -29602,7 +29992,7 @@ type DocumentDescription struct { // The name of the SSM document. Name *string `type:"string"` - // The Amazon Web Services user account that created the document. + // The Amazon Web Services user that created the document. Owner *string `type:"string"` // A description of the parameters for a document. @@ -29941,7 +30331,7 @@ type DocumentIdentifier struct { // The name of the SSM document. Name *string `type:"string"` - // The Amazon Web Services user account that created the document. + // The Amazon Web Services user that created the document. Owner *string `type:"string"` // The operating system platform. @@ -29967,8 +30357,8 @@ type DocumentIdentifier struct { TargetType *string `type:"string"` // An optional field specifying the version of the artifact associated with - // the document. For example, "Release 12, Update 6". This value is unique across - // all versions of a document, and can't be changed. + // the document. For example, 12.6. This value is unique across all versions + // of a document, and can't be changed. VersionName *string `type:"string"` } @@ -30297,7 +30687,7 @@ func (s *DocumentMetadataResponseInfo) SetReviewerResponse(v []*DocumentReviewer return s } -// Parameters specified in a System Manager document that run on the server +// Parameters specified in a Systems Manager document that run on the server // when the command is run. type DocumentParameter struct { _ struct{} `type:"structure"` @@ -30359,8 +30749,8 @@ func (s *DocumentParameter) SetType(v string) *DocumentParameter { return s } -// The document can't be shared with more Amazon Web Services user accounts. -// You can specify a maximum of 20 accounts per API operation to share a private +// The document can't be shared with more Amazon Web Services accounts. You +// can specify a maximum of 20 accounts per API operation to share a private // document. // // By default, you can share a private document with a maximum of 1,000 accounts @@ -30448,8 +30838,8 @@ type DocumentRequires struct { Version *string `type:"string"` // An optional field specifying the version of the artifact associated with - // the document. For example, "Release 12, Update 6". This value is unique across - // all versions of a document, and can't be changed. + // the document. For example, 12.6. This value is unique across all versions + // of a document, and can't be changed. VersionName *string `type:"string"` } @@ -30743,9 +31133,8 @@ type DocumentVersionInfo struct { // S3 bucket is correct." StatusInformation *string `type:"string"` - // The version of the artifact associated with the document. For example, "Release - // 12, Update 6". This value is unique across all versions of a document, and - // can't be changed. + // The version of the artifact associated with the document. For example, 12.6. + // This value is unique across all versions of a document, and can't be changed. VersionName *string `type:"string"` } @@ -31956,8 +32345,7 @@ func (s *GetConnectionStatusInput) SetTarget(v string) *GetConnectionStatusInput type GetConnectionStatusOutput struct { _ struct{} `type:"structure"` - // The status of the connection to the managed node. For example, 'Connected' - // or 'Not Connected'. + // The status of the connection to the managed node. Status *string `type:"string" enum:"ConnectionStatus"` // The ID of the managed node to check connection status. @@ -32219,8 +32607,8 @@ type GetDocumentInput struct { Name *string `type:"string" required:"true"` // An optional field specifying the version of the artifact associated with - // the document. For example, "Release 12, Update 6". This value is unique across - // all versions of a document and can't be changed. + // the document. For example, 12.6. This value is unique across all versions + // of a document and can't be changed. VersionName *string `type:"string"` } @@ -32333,9 +32721,8 @@ type GetDocumentOutput struct { // S3 bucket is correct." StatusInformation *string `type:"string"` - // The version of the artifact associated with the document. For example, "Release - // 12, Update 6". This value is unique across all versions of a document, and - // can't be changed. + // The version of the artifact associated with the document. For example, 12.6. + // This value is unique across all versions of a document, and can't be changed. VersionName *string `type:"string"` } @@ -34207,7 +34594,9 @@ type GetParameterHistoryInput struct { // results. MaxResults *int64 `min:"1" type:"integer"` - // The name of the parameter for which you want to review history. + // The name or Amazon Resource Name (ARN) of the parameter for which you want + // to review history. For parameters shared with you from another account, you + // must use the full ARN. // // Name is a required field Name *string `min:"1" type:"string" required:"true"` @@ -34326,11 +34715,17 @@ func (s *GetParameterHistoryOutput) SetParameters(v []*ParameterHistory) *GetPar type GetParameterInput struct { _ struct{} `type:"structure"` - // The name of the parameter you want to query. + // The name or Amazon Resource Name (ARN) of the parameter that you want to + // query. For parameters shared with you from another account, you must use + // the full ARN. // // To query by parameter label, use "Name": "name:label". To query by parameter // version, use "Name": "name:version". // + // For more information about shared parameters, see Working with shared parameters + // (https://docs.aws.amazon.com/systems-manager/latest/userguide/sharing.html) + // in the Amazon Web Services Systems Manager User Guide. + // // Name is a required field Name *string `min:"1" type:"string" required:"true"` @@ -34585,11 +34980,17 @@ func (s *GetParametersByPathOutput) SetParameters(v []*Parameter) *GetParameters type GetParametersInput struct { _ struct{} `type:"structure"` - // Names of the parameters for which you want to query information. + // The names or Amazon Resource Names (ARNs) of the parameters that you want + // to query. For parameters shared with you from another account, you must use + // the full ARNs. // // To query by parameter label, use "Name": "name:label". To query by parameter // version, use "Name": "name:version". // + // For more information about shared parameters, see Working with shared parameters + // (https://docs.aws.amazon.com/systems-manager/latest/userguide/parameter-store-shared-parameters.html) + // in the Amazon Web Services Systems Manager User Guide. + // // Names is a required field Names []*string `min:"1" type:"list" required:"true"` @@ -35191,6 +35592,8 @@ type GetServiceSettingInput struct { // The ID of the service setting to get. The setting ID can be one of the following. // + // * /ssm/managed-instance/default-ec2-instance-management-role + // // * /ssm/automation/customer-script-log-destination // // * /ssm/automation/customer-script-log-group-name @@ -35288,8 +35691,8 @@ type HierarchyLevelLimitExceededException struct { _ struct{} `type:"structure"` RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` - // A hierarchy can have a maximum of 15 levels. For more information, see Requirements - // and constraints for parameter names (https://docs.aws.amazon.com/systems-manager/latest/userguide/sysman-parameter-name-constraints.html) + // A hierarchy can have a maximum of 15 levels. For more information, see About + // requirements and constraints for parameter names (https://docs.aws.amazon.com/systems-manager/latest/userguide/sysman-paramstore-su-create.html#sysman-parameter-name-constraints) // in the Amazon Web Services Systems Manager User Guide. Message_ *string `locationName:"message" type:"string"` } @@ -35557,7 +35960,7 @@ type InstanceAggregatedAssociationOverview struct { // Detailed status information about the aggregated associations. DetailedStatus *string `type:"string"` - // The number of associations for the managed node(s). + // The number of associations for the managed nodes. InstanceAssociationStatusAggregatedCount map[string]*int64 `type:"map"` } @@ -35601,7 +36004,7 @@ type InstanceAssociation struct { // Version information for the association on the managed node. AssociationVersion *string `type:"string"` - // The content of the association document for the managed node(s). + // The content of the association document for the managed nodes. Content *string `min:"1" type:"string"` // The managed node ID. @@ -35653,7 +36056,7 @@ func (s *InstanceAssociation) SetInstanceId(v string) *InstanceAssociation { // An S3 bucket where you want to store the results of this request. // // For the minimal permissions required to enable Amazon S3 output for an association, -// see Creating associations (https://docs.aws.amazon.com/systems-manager/latest/userguide/sysman-state-assoc.html) +// see Create an association (console) (https://docs.aws.amazon.com/systems-manager/latest/userguide/state-manager-associations-creating.html#state-manager-associations-console) // in the Systems Manager User Guide. type InstanceAssociationOutputLocation struct { _ struct{} `type:"structure"` @@ -35892,7 +36295,7 @@ type InstanceInformation struct { // Elastic Compute Cloud (Amazon EC2) instances. To retrieve the IAM role for // an EC2 instance, use the Amazon EC2 DescribeInstances operation. For information, // see DescribeInstances (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeInstances.html) - // in the Amazon EC2 API Reference or describe-instances (https://docs.aws.amazon.com/cli/latest/ec2/describe-instances.html) + // in the Amazon EC2 API Reference or describe-instances (https://docs.aws.amazon.com/cli/latest/reference/ec2/describe-instances.html) // in the Amazon Web Services CLI Command Reference. IamRole *string `type:"string"` @@ -35919,11 +36322,11 @@ type InstanceInformation struct { // specified as the DefaultInstanceName property using the CreateActivation // command. It is applied to the managed node by specifying the Activation Code // and Activation ID when you install SSM Agent on the node, as explained in - // Install SSM Agent for a hybrid environment (Linux) (https://docs.aws.amazon.com/systems-manager/latest/userguide/sysman-install-managed-linux.html) - // and Install SSM Agent for a hybrid environment (Windows) (https://docs.aws.amazon.com/systems-manager/latest/userguide/sysman-install-managed-win.html). + // Install SSM Agent for a hybrid and multicloud environment (Linux) (https://docs.aws.amazon.com/systems-manager/latest/userguide/sysman-install-managed-linux.html) + // and Install SSM Agent for a hybrid and multicloud environment (Windows) (https://docs.aws.amazon.com/systems-manager/latest/userguide/sysman-install-managed-win.html). // To retrieve the Name tag of an EC2 instance, use the Amazon EC2 DescribeInstances // operation. For information, see DescribeInstances (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeInstances.html) - // in the Amazon EC2 API Reference or describe-instances (https://docs.aws.amazon.com/cli/latest/ec2/describe-instances.html) + // in the Amazon EC2 API Reference or describe-instances (https://docs.aws.amazon.com/cli/latest/reference/ec2/describe-instances.html) // in the Amazon Web Services CLI Command Reference. Name *string `type:"string"` @@ -36285,8 +36688,8 @@ type InstancePatchState struct { // baseline. // // For more information about the InstallOverrideList parameter, see About the - // AWS-RunPatchBaseline (https://docs.aws.amazon.com/systems-manager/latest/userguide/patch-manager-about-aws-runpatchbaseline.html) - // SSM document in the Amazon Web Services Systems Manager User Guide. + // AWS-RunPatchBaseline SSM document (https://docs.aws.amazon.com/systems-manager/latest/userguide/patch-manager-about-aws-runpatchbaseline.html) + // in the Amazon Web Services Systems Manager User Guide. InstallOverrideList *string `min:"1" type:"string"` // The number of patches from the patch baseline that are installed on the managed @@ -38149,14 +38552,15 @@ func (s *InvalidFilterValue) RequestID() string { // // - You don't have permission to access the managed node. // -// - Amazon Web Services Systems Manager Agent(SSM Agent) isn't running. +// - Amazon Web Services Systems Manager Agent (SSM Agent) isn't running. // Verify that SSM Agent is running. // // - SSM Agent isn't registered with the SSM endpoint. Try reinstalling SSM // Agent. // -// - The managed node isn't in valid state. Valid states are: Running, Pending, -// Stopped, and Stopping. Invalid states are: Shutting-down and Terminated. +// - The managed node isn't in a valid state. Valid states are: Running, +// Pending, Stopped, and Stopping. Invalid states are: Shutting-down and +// Terminated. type InvalidInstanceId struct { _ struct{} `type:"structure"` RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` @@ -39450,7 +39854,8 @@ func (s *InvalidResultAttributeException) RequestID() string { // The role name can't contain invalid characters. Also verify that you specified // an IAM role for notifications that includes the required trust policy. For // information about configuring the IAM role for Run Command notifications, -// see Configuring Amazon SNS Notifications for Run Command (https://docs.aws.amazon.com/systems-manager/latest/userguide/rc-sns-notifications.html) +// see Monitoring Systems Manager status changes using Amazon SNS notifications +// (https://docs.aws.amazon.com/systems-manager/latest/userguide/monitoring-sns-notifications.html) // in the Amazon Web Services Systems Manager User Guide. type InvalidRole struct { _ struct{} `type:"structure"` @@ -40900,6 +41305,9 @@ type LabelParameterVersionInput struct { // The parameter name on which you want to attach one or more labels. // + // You can't enter the Amazon Resource Name (ARN) for a parameter, only the + // parameter name itself. + // // Name is a required field Name *string `min:"1" type:"string" required:"true"` @@ -40971,7 +41379,7 @@ type LabelParameterVersionOutput struct { _ struct{} `type:"structure"` // The label doesn't meet the requirements. For information about parameter - // label requirements, see Labeling parameters (https://docs.aws.amazon.com/systems-manager/latest/userguide/sysman-paramstore-labels.html) + // label requirements, see Working with parameter labels (https://docs.aws.amazon.com/systems-manager/latest/userguide/sysman-paramstore-labels.html) // in the Amazon Web Services Systems Manager User Guide. InvalidLabels []*string `min:"1" type:"list"` @@ -42333,10 +42741,10 @@ func (s *ListInventoryEntriesInput) SetTypeName(v string) *ListInventoryEntriesI type ListInventoryEntriesOutput struct { _ struct{} `type:"structure"` - // The time that inventory information was collected for the managed node(s). + // The time that inventory information was collected for the managed nodes. CaptureTime *string `type:"string"` - // A list of inventory items on the managed node(s). + // A list of inventory items on the managed nodes. Entries []map[string]*string `type:"list"` // The managed node ID targeted by the request to query inventory information. @@ -42346,7 +42754,7 @@ type ListInventoryEntriesOutput struct { // items to return, the string is empty. NextToken *string `type:"string"` - // The inventory schema version used by the managed node(s). + // The inventory schema version used by the managed nodes. SchemaVersion *string `type:"string"` // The type of inventory item returned by the request. @@ -44607,6 +45015,71 @@ func (s *MaintenanceWindowTaskParameterValueExpression) SetValues(v []*string) * return s } +// The specified policy document is malformed or invalid, or excessive PutResourcePolicy +// or DeleteResourcePolicy calls have been made. +type MalformedResourcePolicyDocumentException struct { + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` + + Message_ *string `locationName:"Message" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s MalformedResourcePolicyDocumentException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s MalformedResourcePolicyDocumentException) GoString() string { + return s.String() +} + +func newErrorMalformedResourcePolicyDocumentException(v protocol.ResponseMetadata) error { + return &MalformedResourcePolicyDocumentException{ + RespMetadata: v, + } +} + +// Code returns the exception type name. +func (s *MalformedResourcePolicyDocumentException) Code() string { + return "MalformedResourcePolicyDocumentException" +} + +// Message returns the exception's message. +func (s *MalformedResourcePolicyDocumentException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s *MalformedResourcePolicyDocumentException) OrigErr() error { + return nil +} + +func (s *MalformedResourcePolicyDocumentException) Error() string { + return fmt.Sprintf("%s: %s", s.Code(), s.Message()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s *MalformedResourcePolicyDocumentException) StatusCode() int { + return s.RespMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s *MalformedResourcePolicyDocumentException) RequestID() string { + return s.RespMetadata.RequestID +} + // The size limit of a document is 64 KB. type MaxDocumentSizeExceeded struct { _ struct{} `type:"structure"` @@ -44719,15 +45192,14 @@ func (s *MetadataValue) SetValue(v string) *MetadataValue { type ModifyDocumentPermissionInput struct { _ struct{} `type:"structure"` - // The Amazon Web Services user accounts that should have access to the document. - // The account IDs can either be a group of account IDs or All. + // The Amazon Web Services users that should have access to the document. The + // account IDs can either be a group of account IDs or All. AccountIdsToAdd []*string `type:"list"` - // The Amazon Web Services user accounts that should no longer have access to - // the document. The Amazon Web Services user account can either be a group - // of account IDs or All. This action has a higher priority than AccountIdsToAdd. - // If you specify an account ID to add and the same ID to remove, the system - // removes access to the document. + // The Amazon Web Services users that should no longer have access to the document. + // The Amazon Web Services user can either be a group of account IDs or All. + // This action has a higher priority than AccountIdsToAdd. If you specify an + // ID to add and the same ID to remove, the system removes access to the document. AccountIdsToRemove []*string `type:"list"` // The name of the document that you want to share. @@ -45231,7 +45703,7 @@ func (s *OpsFilter) SetValues(v []*string) *OpsFilter { // timeline graph. For the Amazon Web Services resource, OpsCenter aggregates // information from Config, CloudTrail logs, and EventBridge, so you don't have // to navigate across multiple console pages during your investigation. For -// more information, see OpsCenter (https://docs.aws.amazon.com/systems-manager/latest/userguide/OpsCenter.html) +// more information, see Amazon Web Services Systems Manager OpsCenter (https://docs.aws.amazon.com/systems-manager/latest/userguide/OpsCenter.html) // in the Amazon Web Services Systems Manager User Guide. type OpsItem struct { _ struct{} `type:"structure"` @@ -45286,7 +45758,7 @@ type OpsItem struct { // Use the /aws/resources key in OperationalData to specify a related resource // in the request. Use the /aws/automations key in OperationalData to associate // an Automation runbook with the OpsItem. To view Amazon Web Services CLI example - // commands that use these keys, see Creating OpsItems manually (https://docs.aws.amazon.com/systems-manager/latest/userguide/OpsCenter-creating-OpsItems.html#OpsCenter-manually-create-OpsItems) + // commands that use these keys, see Creating OpsItems manually (https://docs.aws.amazon.com/systems-manager/latest/userguide/OpsCenter-manually-create-OpsItems.html) // in the Amazon Web Services Systems Manager User Guide. OperationalData map[string]*OpsItemDataValue `type:"map"` @@ -45304,7 +45776,7 @@ type OpsItem struct { // * /aws/changerequest This type of OpsItem is used by Change Manager for // reviewing and approving or rejecting change requests. // - // * /aws/insights This type of OpsItem is used by OpsCenter for aggregating + // * /aws/insight This type of OpsItem is used by OpsCenter for aggregating // and reporting on duplicate OpsItems. OpsItemType *string `type:"string"` @@ -45627,6 +46099,70 @@ func (s *OpsItemAlreadyExistsException) RequestID() string { return s.RespMetadata.RequestID } +// The specified OpsItem is in the process of being deleted. +type OpsItemConflictException struct { + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` + + Message_ *string `locationName:"Message" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s OpsItemConflictException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s OpsItemConflictException) GoString() string { + return s.String() +} + +func newErrorOpsItemConflictException(v protocol.ResponseMetadata) error { + return &OpsItemConflictException{ + RespMetadata: v, + } +} + +// Code returns the exception type name. +func (s *OpsItemConflictException) Code() string { + return "OpsItemConflictException" +} + +// Message returns the exception's message. +func (s *OpsItemConflictException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s *OpsItemConflictException) OrigErr() error { + return nil +} + +func (s *OpsItemConflictException) Error() string { + return fmt.Sprintf("%s: %s", s.Code(), s.Message()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s *OpsItemConflictException) StatusCode() int { + return s.RespMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s *OpsItemConflictException) RequestID() string { + return s.RespMetadata.RequestID +} + // An object that defines the value of the key and its type in the OperationalData // map. type OpsItemDataValue struct { @@ -46009,8 +46545,7 @@ func (s *OpsItemInvalidParameterException) RequestID() string { return s.RespMetadata.RequestID } -// The request caused OpsItems to exceed one or more quotas. For information -// about OpsItem quotas, see What are the resource limits for OpsCenter? (https://docs.aws.amazon.com/systems-manager/latest/userguide/OpsCenter-learn-more.html#OpsCenter-learn-more-limits). +// The request caused OpsItems to exceed one or more quotas. type OpsItemLimitExceededException struct { _ struct{} `type:"structure"` RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` @@ -46532,7 +47067,7 @@ type OpsItemSummary struct { // * /aws/changerequest This type of OpsItem is used by Change Manager for // reviewing and approving or rejecting change requests. // - // * /aws/insights This type of OpsItem is used by OpsCenter for aggregating + // * /aws/insight This type of OpsItem is used by OpsCenter for aggregating // and reporting on duplicate OpsItems. OpsItemType *string `type:"string"` @@ -47501,7 +48036,8 @@ type ParameterHistory struct { // Information about the parameter. Description *string `type:"string"` - // The ID of the query key used for this parameter. + // The alias of the Key Management Service (KMS) key used to encrypt the parameter. + // Applies to SecureString parameters only KeyId *string `min:"1" type:"string"` // Labels assigned to the parameter version. @@ -47838,11 +48374,15 @@ func (s *ParameterMaxVersionLimitExceeded) RequestID() string { return s.RespMetadata.RequestID } -// Metadata includes information like the ARN of the last user and the date/time -// the parameter was last used. +// Metadata includes information like the Amazon Resource Name (ARN) of the +// last user to update the parameter and the date and time the parameter was +// last used. type ParameterMetadata struct { _ struct{} `type:"structure"` + // The (ARN) of the last user to update the parameter. + ARN *string `type:"string"` + // A parameter name can include only the following letters and symbols. // // a-zA-Z0-9_.- @@ -47855,7 +48395,8 @@ type ParameterMetadata struct { // Description of the parameter actions. Description *string `type:"string"` - // The ID of the query key used for this parameter. + // The alias of the Key Management Service (KMS) key used to encrypt the parameter. + // Applies to SecureString parameters only. KeyId *string `min:"1" type:"string"` // Date the parameter was last changed or updated. @@ -47900,6 +48441,12 @@ func (s ParameterMetadata) GoString() string { return s.String() } +// SetARN sets the ARN field's value. +func (s *ParameterMetadata) SetARN(v string) *ParameterMetadata { + s.ARN = &v + return s +} + // SetAllowedPattern sets the AllowedPattern field's value. func (s *ParameterMetadata) SetAllowedPattern(v string) *ParameterMetadata { s.AllowedPattern = &v @@ -48382,6 +48929,74 @@ func (s *ParametersFilter) SetValues(v []*string) *ParametersFilter { return s } +// A detailed status of the parent step. +type ParentStepDetails struct { + _ struct{} `type:"structure"` + + // The name of the automation action. + Action *string `type:"string"` + + // The current repetition of the loop represented by an integer. + Iteration *int64 `type:"integer"` + + // The current value of the specified iterator in the loop. + IteratorValue *string `type:"string"` + + // The unique ID of a step execution. + StepExecutionId *string `type:"string"` + + // The name of the step. + StepName *string `type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ParentStepDetails) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ParentStepDetails) GoString() string { + return s.String() +} + +// SetAction sets the Action field's value. +func (s *ParentStepDetails) SetAction(v string) *ParentStepDetails { + s.Action = &v + return s +} + +// SetIteration sets the Iteration field's value. +func (s *ParentStepDetails) SetIteration(v int64) *ParentStepDetails { + s.Iteration = &v + return s +} + +// SetIteratorValue sets the IteratorValue field's value. +func (s *ParentStepDetails) SetIteratorValue(v string) *ParentStepDetails { + s.IteratorValue = &v + return s +} + +// SetStepExecutionId sets the StepExecutionId field's value. +func (s *ParentStepDetails) SetStepExecutionId(v string) *ParentStepDetails { + s.StepExecutionId = &v + return s +} + +// SetStepName sets the StepName field's value. +func (s *ParentStepDetails) SetStepName(v string) *ParentStepDetails { + s.StepName = &v + return s +} + // Represents metadata about a patch. type Patch struct { _ struct{} `type:"structure"` @@ -48709,6 +49324,9 @@ type PatchComplianceData struct { // The IDs of one or more Common Vulnerabilities and Exposure (CVE) issues that // are resolved by the patch. + // + // Currently, CVE ID values are reported only for patches with a status of Missing + // or Failed. CVEIds *string `type:"string"` // The classification of the patch, such as SecurityUpdates, Updates, and CriticalUpdates. @@ -49514,7 +50132,7 @@ type PutComplianceItemsInput struct { // A summary of the call execution that includes an execution ID, the type of // execution (for example, Command), and the date/time of the execution using - // a datetime object that is saved in the following format: yyyy-MM-dd'T'HH:mm:ss'Z'. + // a datetime object that is saved in the following format: yyyy-MM-dd'T'HH:mm:ss'Z' // // ExecutionSummary is a required field ExecutionSummary *ComplianceExecutionSummary `type:"structure" required:"true"` @@ -49812,9 +50430,21 @@ type PutParameterInput struct { // When you create a String parameter and specify aws:ec2:image, Amazon Web // Services Systems Manager validates the parameter value is in the required // format, such as ami-12345abcdeEXAMPLE, and that the specified AMI is available - // in your Amazon Web Services account. For more information, see Native parameter - // support for Amazon Machine Image (AMI) IDs (https://docs.aws.amazon.com/systems-manager/latest/userguide/parameter-store-ec2-aliases.html) - // in the Amazon Web Services Systems Manager User Guide. + // in your Amazon Web Services account. + // + // If the action is successful, the service sends back an HTTP 200 response + // which indicates a successful PutParameter call for all cases except for data + // type aws:ec2:image. If you call PutParameter with aws:ec2:image data type, + // a successful HTTP 200 response does not guarantee that your parameter was + // successfully created or updated. The aws:ec2:image value is validated asynchronously, + // and the PutParameter call returns before the validation is complete. If you + // submit an invalid AMI value, the PutParameter operation will return success, + // but the asynchronous validation will fail and the parameter will not be created + // or updated. To monitor whether your aws:ec2:image parameters are created + // successfully, see Setting up notifications or trigger actions based on Parameter + // Store events (https://docs.aws.amazon.com/systems-manager/latest/userguide/sysman-paramstore-cwe.html). + // For more information about AMI format validation , see Native parameter support + // for Amazon Machine Image IDs (https://docs.aws.amazon.com/systems-manager/latest/userguide/parameter-store-ec2-aliases.html). DataType *string `type:"string"` // Information about the parameter that you want to add to the system. Optional @@ -49824,22 +50454,22 @@ type PutParameterInput struct { Description *string `type:"string"` // The Key Management Service (KMS) ID that you want to use to encrypt a parameter. - // Either the default KMS key automatically assigned to your Amazon Web Services - // account or a custom key. Required for parameters that use the SecureString - // data type. + // Use a custom key for better security. Required for parameters that use the + // SecureString data type. // // If you don't specify a key ID, the system uses the default key associated - // with your Amazon Web Services account. - // - // * To use your default KMS key, choose the SecureString data type, and - // do not specify the Key ID when you create the parameter. The system automatically - // populates Key ID with your default KMS key. + // with your Amazon Web Services account which is not as secure as using a custom + // key. // // * To use a custom KMS key, choose the SecureString data type with the // Key ID parameter. KeyId *string `min:"1" type:"string"` // The fully qualified name of the parameter that you want to add to the system. + // + // You can't enter the Amazon Resource Name (ARN) for a parameter, only the + // parameter name itself. + // // The fully qualified name includes the complete hierarchy of the parameter // path and name. For parameters in a hierarchy, you must include a leading // forward slash character (/) when you create or reference a parameter. For @@ -49929,8 +50559,7 @@ type PutParameterInput struct { // Advanced parameters have a content size limit of 8 KB and can be configured // to use parameter policies. You can create a maximum of 100,000 advanced parameters // for each Region in an Amazon Web Services account. Advanced parameters incur - // a charge. For more information, see Standard and advanced parameter tiers - // (https://docs.aws.amazon.com/systems-manager/latest/userguide/parameter-store-advanced-parameters.html) + // a charge. For more information, see Managing parameter tiers (https://docs.aws.amazon.com/systems-manager/latest/userguide/parameter-store-advanced-parameters.html) // in the Amazon Web Services Systems Manager User Guide. // // You can change a standard parameter to an advanced parameter any time. But @@ -49978,7 +50607,7 @@ type PutParameterInput struct { // account in the current Amazon Web Services Region. // // For more information about configuring the default tier option, see Specifying - // a default parameter tier (https://docs.aws.amazon.com/systems-manager/latest/userguide/ps-default-tier.html) + // a default parameter tier (https://docs.aws.amazon.com/systems-manager/latest/userguide/parameter-store-advanced-parameters.html#ps-default-tier) // in the Amazon Web Services Systems Manager User Guide. Tier *string `type:"string" enum:"ParameterTier"` @@ -50773,13 +51402,9 @@ type RegisterTaskWithMaintenanceWindowInput struct { // role. If no service-linked role for Systems Manager exists in your account, // it is created when you run RegisterTaskWithMaintenanceWindow. // - // For more information, see the following topics in the in the Amazon Web Services - // Systems Manager User Guide: - // - // * Using service-linked roles for Systems Manager (https://docs.aws.amazon.com/systems-manager/latest/userguide/using-service-linked-roles.html#slr-permissions) - // - // * Should I use a service-linked role or a custom service role to run maintenance - // window tasks? (https://docs.aws.amazon.com/systems-manager/latest/userguide/sysman-maintenance-permissions.html#maintenance-window-tasks-service-role) + // For more information, see Using service-linked roles for Systems Manager + // (https://docs.aws.amazon.com/systems-manager/latest/userguide/using-service-linked-roles.html#slr-permissions) + // in the in the Amazon Web Services Systems Manager User Guide: ServiceRoleArn *string `type:"string"` // The targets (either managed nodes or maintenance window targets). @@ -51285,6 +51910,8 @@ type ResetServiceSettingInput struct { // The Amazon Resource Name (ARN) of the service setting to reset. The setting // ID can be one of the following. // + // * /ssm/managed-instance/default-ec2-instance-management-role + // // * /ssm/automation/customer-script-log-destination // // * /ssm/automation/customer-script-log-group-name @@ -52263,7 +52890,8 @@ type ResourceDataSyncSource struct { // options, then Systems Manager automatically enables all OpsData sources in // the selected Amazon Web Services Regions for all Amazon Web Services accounts // in your organization (or in the selected organization units). For more information, - // see About multiple account and Region resource data syncs (https://docs.aws.amazon.com/systems-manager/latest/userguide/Explorer-resouce-data-sync-multiple-accounts-and-regions.html) + // see Setting up Systems Manager Explorer to display data from multiple accounts + // and Regions (https://docs.aws.amazon.com/systems-manager/latest/userguide/Explorer-resource-data-sync.html) // in the Amazon Web Services Systems Manager User Guide. EnableAllOpsDataSources *bool `type:"boolean"` @@ -52381,7 +53009,8 @@ type ResourceDataSyncSourceWithState struct { // options, then Systems Manager automatically enables all OpsData sources in // the selected Amazon Web Services Regions for all Amazon Web Services accounts // in your organization (or in the selected organization units). For more information, - // see About multiple account and Region resource data syncs (https://docs.aws.amazon.com/systems-manager/latest/userguide/Explorer-resouce-data-sync-multiple-accounts-and-regions.html) + // see Setting up Systems Manager Explorer to display data from multiple accounts + // and Regions (https://docs.aws.amazon.com/systems-manager/latest/userguide/Explorer-resource-data-sync.html) // in the Amazon Web Services Systems Manager User Guide. EnableAllOpsDataSources *bool `type:"boolean"` @@ -52601,6 +53230,70 @@ func (s *ResourceLimitExceededException) RequestID() string { return s.RespMetadata.RequestID } +// The specified parameter to be shared could not be found. +type ResourceNotFoundException struct { + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` + + Message_ *string `locationName:"Message" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ResourceNotFoundException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ResourceNotFoundException) GoString() string { + return s.String() +} + +func newErrorResourceNotFoundException(v protocol.ResponseMetadata) error { + return &ResourceNotFoundException{ + RespMetadata: v, + } +} + +// Code returns the exception type name. +func (s *ResourceNotFoundException) Code() string { + return "ResourceNotFoundException" +} + +// Message returns the exception's message. +func (s *ResourceNotFoundException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s *ResourceNotFoundException) OrigErr() error { + return nil +} + +func (s *ResourceNotFoundException) Error() string { + return fmt.Sprintf("%s: %s", s.Code(), s.Message()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s *ResourceNotFoundException) StatusCode() int { + return s.RespMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s *ResourceNotFoundException) RequestID() string { + return s.RespMetadata.RequestID +} + // The hash provided in the call doesn't match the stored hash. This exception // is thrown when trying to update an obsolete policy version or when multiple // requests to update a policy are sent. @@ -52804,6 +53497,70 @@ func (s *ResourcePolicyLimitExceededException) RequestID() string { return s.RespMetadata.RequestID } +// No policies with the specified policy ID and hash could be found. +type ResourcePolicyNotFoundException struct { + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` + + Message_ *string `locationName:"Message" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ResourcePolicyNotFoundException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ResourcePolicyNotFoundException) GoString() string { + return s.String() +} + +func newErrorResourcePolicyNotFoundException(v protocol.ResponseMetadata) error { + return &ResourcePolicyNotFoundException{ + RespMetadata: v, + } +} + +// Code returns the exception type name. +func (s *ResourcePolicyNotFoundException) Code() string { + return "ResourcePolicyNotFoundException" +} + +// Message returns the exception's message. +func (s *ResourcePolicyNotFoundException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s *ResourcePolicyNotFoundException) OrigErr() error { + return nil +} + +func (s *ResourcePolicyNotFoundException) Error() string { + return fmt.Sprintf("%s: %s", s.Code(), s.Message()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s *ResourcePolicyNotFoundException) StatusCode() int { + return s.RespMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s *ResourcePolicyNotFoundException) RequestID() string { + return s.RespMetadata.RequestID +} + // The inventory item result attribute. type ResultAttribute struct { _ struct{} `type:"structure"` @@ -53472,8 +54229,8 @@ type SendCommandInput struct { // The name of the Amazon Web Services Systems Manager document (SSM document) // to run. This can be a public document or a custom document. To run a shared // document belonging to another account, specify the document Amazon Resource - // Name (ARN). For more information about how to use shared documents, see Using - // shared SSM documents (https://docs.aws.amazon.com/systems-manager/latest/userguide/ssm-using-shared.html) + // Name (ARN). For more information about how to use shared documents, see Sharing + // SSM documents (https://docs.aws.amazon.com/systems-manager/latest/userguide/ssm-using-shared.html) // in the Amazon Web Services Systems Manager User Guide. // // If you specify a document name or ARN that hasn't been shared with your account, @@ -53505,8 +54262,8 @@ type SendCommandInput struct { // to send commands to, you can a send command to tens, hundreds, or thousands // of nodes at once. // - // For more information about how to use targets, see Using targets and rate - // controls to send commands to a fleet (https://docs.aws.amazon.com/systems-manager/latest/userguide/send-commands-multiple.html) + // For more information about how to use targets, see Run commands at scale + // (https://docs.aws.amazon.com/systems-manager/latest/userguide/send-commands-multiple.html) // in the Amazon Web Services Systems Manager User Guide. InstanceIds []*string `type:"list"` @@ -53566,8 +54323,8 @@ type SendCommandInput struct { // To send a command to a smaller number of managed nodes, you can use the InstanceIds // option instead. // - // For more information about how to use targets, see Sending commands to a - // fleet (https://docs.aws.amazon.com/systems-manager/latest/userguide/send-commands-multiple.html) + // For more information about how to use targets, see Run commands at scale + // (https://docs.aws.amazon.com/systems-manager/latest/userguide/send-commands-multiple.html) // in the Amazon Web Services Systems Manager User Guide. Targets []*Target `type:"list"` @@ -53971,7 +54728,7 @@ type Session struct { // Reserved for future use. OutputUrl *SessionManagerOutputUrl `type:"structure"` - // The ID of the Amazon Web Services user account that started the session. + // The ID of the Amazon Web Services user that started the session. Owner *string `min:"1" type:"string"` // The reason for connecting to the instance. @@ -54096,8 +54853,8 @@ type SessionFilter struct { // * Target: Specify a managed node to which session connections have been // made. // - // * Owner: Specify an Amazon Web Services user account to see a list of - // sessions started by that user. + // * Owner: Specify an Amazon Web Services user to see a list of sessions + // started by that user. // // * Status: Specify a valid session status to see a list of all sessions // with that status. Status values you can specify include: Connected Connecting @@ -54373,7 +55130,7 @@ type StartAutomationExecutionInput struct { // The name of the SSM document to run. This can be a public document or a custom // document. To run a shared document belonging to another account, specify // the document ARN. For more information about how to use shared documents, - // see Using shared SSM documents (https://docs.aws.amazon.com/systems-manager/latest/userguide/ssm-using-shared.html) + // see Sharing SSM documents (https://docs.aws.amazon.com/systems-manager/latest/userguide/documents-ssm-sharing.html) // in the Amazon Web Services Systems Manager User Guide. // // DocumentName is a required field @@ -55140,6 +55897,9 @@ type StepExecution struct { // A user-specified list of parameters to override when running a step. OverriddenParameters map[string][]*string `min:"1" type:"map"` + // Information about the parent step. + ParentStepDetails *ParentStepDetails `type:"structure"` + // A message associated with the response code for an execution. Response *string `type:"string"` @@ -55272,6 +56032,12 @@ func (s *StepExecution) SetOverriddenParameters(v map[string][]*string) *StepExe return s } +// SetParentStepDetails sets the ParentStepDetails field's value. +func (s *StepExecution) SetParentStepDetails(v *ParentStepDetails) *StepExecution { + s.ParentStepDetails = v + return s +} + // SetResponse sets the Response field's value. func (s *StepExecution) SetResponse(v string) *StepExecution { s.Response = &v @@ -55337,9 +56103,7 @@ func (s *StepExecution) SetValidNextSteps(v []*string) *StepExecution { type StepExecutionFilter struct { _ struct{} `type:"structure"` - // One or more keys to limit the results. Valid filter keys include the following: - // StepName, Action, StepExecutionId, StepExecutionStatus, StartTimeBefore, - // StartTimeAfter. + // One or more keys to limit the results. // // Key is a required field Key *string `type:"string" required:"true" enum:"StepExecutionFilterKey"` @@ -55659,7 +56423,7 @@ func (s *Tag) SetValue(v string) *Tag { // Web Services Region where the association was created. // // For more information about how to send commands that target managed nodes -// using Key,Value parameters, see Targeting multiple instances (https://docs.aws.amazon.com/systems-manager/latest/userguide/send-commands-multiple.html#send-commands-targeting) +// using Key,Value parameters, see Targeting multiple managed nodes (https://docs.aws.amazon.com/systems-manager/latest/userguide/send-commands-multiple.html#send-commands-targeting) // in the Amazon Web Services Systems Manager User Guide. type Target struct { _ struct{} `type:"structure"` @@ -56250,6 +57014,9 @@ type UnlabelParameterVersionInput struct { // The name of the parameter from which you want to delete one or more labels. // + // You can't enter the Amazon Resource Name (ARN) for a parameter, only the + // parameter name itself. + // // Name is a required field Name *string `min:"1" type:"string" required:"true"` @@ -56428,7 +57195,7 @@ func (s *UnsupportedCalendarException) RequestID() string { // Patching for applications released by Microsoft is only available on EC2 // instances and advanced instances. To patch applications released by Microsoft // on on-premises servers and VMs, you must enable advanced instances. For more -// information, see Enabling the advanced-instances tier (https://docs.aws.amazon.com/systems-manager/latest/userguide/systems-manager-managedinstances-advanced.html) +// information, see Turning on the advanced-instances tier (https://docs.aws.amazon.com/systems-manager/latest/userguide/systems-manager-managedinstances-advanced.html) // in the Amazon Web Services Systems Manager User Guide. type UnsupportedFeatureRequiredException struct { _ struct{} `type:"structure"` @@ -56757,8 +57524,8 @@ func (s *UnsupportedParameterType) RequestID() string { } // The document doesn't support the platform type of the given managed node -// ID(s). For example, you sent an document for a Windows managed node to a -// Linux node. +// IDs. For example, you sent an document for a Windows managed node to a Linux +// node. type UnsupportedPlatformType struct { _ struct{} `type:"structure"` RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` @@ -56888,6 +57655,22 @@ type UpdateAssociationInput struct { // form another account, you must set the document version to default. DocumentVersion *string `type:"string"` + // The number of hours the association can run before it is canceled. Duration + // applies to associations that are currently running, and any pending and in + // progress commands on all targets. If a target was taken offline for the association + // to run, it is made available again immediately, without a reboot. + // + // The Duration parameter applies only when both these conditions are true: + // + // * The association for which you specify a duration is cancelable according + // to the parameters of the SSM command document or Automation runbook associated + // with this execution. + // + // * The command specifies the ApplyOnlyAtCronInterval (https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_UpdateAssociation.html#systemsmanager-UpdateAssociation-request-ApplyOnlyAtCronInterval) + // parameter, which means that the association doesn't run immediately after + // it is updated, but only according to the specified schedule. + Duration *int64 `min:"1" type:"integer"` + // The maximum number of targets allowed to run the association at the same // time. You can specify a number, for example 10, or a percentage of the target // set, for example 10%. The default value is 100%, which means all targets @@ -57016,6 +57799,9 @@ func (s *UpdateAssociationInput) Validate() error { if s.AutomationTargetParameterName != nil && len(*s.AutomationTargetParameterName) < 1 { invalidParams.Add(request.NewErrParamMinLen("AutomationTargetParameterName", 1)) } + if s.Duration != nil && *s.Duration < 1 { + invalidParams.Add(request.NewErrParamMinValue("Duration", 1)) + } if s.MaxConcurrency != nil && len(*s.MaxConcurrency) < 1 { invalidParams.Add(request.NewErrParamMinLen("MaxConcurrency", 1)) } @@ -57122,6 +57908,12 @@ func (s *UpdateAssociationInput) SetDocumentVersion(v string) *UpdateAssociation return s } +// SetDuration sets the Duration field's value. +func (s *UpdateAssociationInput) SetDuration(v int64) *UpdateAssociationInput { + s.Duration = &v + return s +} + // SetMaxConcurrency sets the MaxConcurrency field's value. func (s *UpdateAssociationInput) SetMaxConcurrency(v string) *UpdateAssociationInput { s.MaxConcurrency = &v @@ -57460,8 +58252,8 @@ type UpdateDocumentInput struct { TargetType *string `type:"string"` // An optional field specifying the version of the artifact you are updating - // with the document. For example, "Release 12, Update 6". This value is unique - // across all versions of a document, and can't be changed. + // with the document. For example, 12.6. This value is unique across all versions + // of a document, and can't be changed. VersionName *string `type:"string"` } @@ -58331,13 +59123,9 @@ type UpdateMaintenanceWindowTaskInput struct { // role. If no service-linked role for Systems Manager exists in your account, // it is created when you run RegisterTaskWithMaintenanceWindow. // - // For more information, see the following topics in the in the Amazon Web Services - // Systems Manager User Guide: - // - // * Using service-linked roles for Systems Manager (https://docs.aws.amazon.com/systems-manager/latest/userguide/using-service-linked-roles.html#slr-permissions) - // - // * Should I use a service-linked role or a custom service role to run maintenance - // window tasks? (https://docs.aws.amazon.com/systems-manager/latest/userguide/sysman-maintenance-permissions.html#maintenance-window-tasks-service-role) + // For more information, see Using service-linked roles for Systems Manager + // (https://docs.aws.amazon.com/systems-manager/latest/userguide/using-service-linked-roles.html#slr-permissions) + // in the in the Amazon Web Services Systems Manager User Guide: ServiceRoleArn *string `type:"string"` // The targets (either managed nodes or tags) to modify. Managed nodes are specified @@ -58758,8 +59546,8 @@ type UpdateManagedInstanceRoleInput struct { // The name of the Identity and Access Management (IAM) role that you want to // assign to the managed node. This IAM role must provide AssumeRole permissions // for the Amazon Web Services Systems Manager service principal ssm.amazonaws.com. - // For more information, see Create an IAM service role for a hybrid environment - // (https://docs.aws.amazon.com/systems-manager/latest/userguide/sysman-service-role.html) + // For more information, see Create an IAM service role for a hybrid and multicloud + // environment (https://docs.aws.amazon.com/systems-manager/latest/userguide/sysman-service-role.html) // in the Amazon Web Services Systems Manager User Guide. // // You can't specify an IAM service-linked role for this parameter. You must @@ -58859,8 +59647,8 @@ type UpdateOpsItemInput struct { // Specify a new category for an OpsItem. Category *string `min:"1" type:"string"` - // Update the information about the OpsItem. Provide enough information so that - // users reading this OpsItem for the first time understand the issue. + // User-defined text that contains information about the OpsItem, in Markdown + // format. Description *string `min:"1" type:"string"` // The Amazon Resource Name (ARN) of an SNS topic where notifications are sent @@ -58889,7 +59677,7 @@ type UpdateOpsItemInput struct { // Use the /aws/resources key in OperationalData to specify a related resource // in the request. Use the /aws/automations key in OperationalData to associate // an Automation runbook with the OpsItem. To view Amazon Web Services CLI example - // commands that use these keys, see Creating OpsItems manually (https://docs.aws.amazon.com/systems-manager/latest/userguide/OpsCenter-creating-OpsItems.html#OpsCenter-manually-create-OpsItems) + // commands that use these keys, see Creating OpsItems manually (https://docs.aws.amazon.com/systems-manager/latest/userguide/OpsCenter-manually-create-OpsItems.html) // in the Amazon Web Services Systems Manager User Guide. OperationalData map[string]*OpsItemDataValue `type:"map"` @@ -58924,7 +59712,7 @@ type UpdateOpsItemInput struct { Severity *string `min:"1" type:"string"` // The OpsItem status. Status can be Open, In Progress, or Resolved. For more - // information, see Editing OpsItem details (https://docs.aws.amazon.com/systems-manager/latest/userguide/OpsCenter-working-with-OpsItems.html#OpsCenter-working-with-OpsItems-editing-details) + // information, see Editing OpsItem details (https://docs.aws.amazon.com/systems-manager/latest/userguide/OpsCenter-working-with-OpsItems-editing-details.html) // in the Amazon Web Services Systems Manager User Guide. Status *string `type:"string" enum:"OpsItemStatus"` @@ -59276,11 +60064,11 @@ type UpdatePatchBaselineInput struct { // with the patch baseline, and its status is reported as InstalledOther. // This is the default action if no option is specified. // - // * BLOCK : Packages in the RejectedPatches list, and packages that include - // them as dependencies, aren't installed under any circumstances. If a package - // was installed before it was added to the Rejected patches list, it is - // considered non-compliant with the patch baseline, and its status is reported - // as InstalledRejected. + // * BLOCK: Packages in the Rejected patches list, and packages that include + // them as dependencies, aren't installed by Patch Manager under any circumstances. + // If a package was installed before it was added to the Rejected patches + // list, or is installed outside of Patch Manager afterward, it's considered + // noncompliant with the patch baseline and its status is reported as InstalledRejected. RejectedPatchesAction *string `type:"string" enum:"PatchAction"` // If True, then all fields that are required by the CreatePatchBaseline operation @@ -59692,10 +60480,12 @@ func (s UpdateResourceDataSyncOutput) GoString() string { type UpdateServiceSettingInput struct { _ struct{} `type:"structure"` - // The Amazon Resource Name (ARN) of the service setting to reset. For example, + // The Amazon Resource Name (ARN) of the service setting to update. For example, // arn:aws:ssm:us-east-1:111122223333:servicesetting/ssm/parameter-store/high-throughput-enabled. // The setting ID can be one of the following. // + // * /ssm/managed-instance/default-ec2-instance-management-role + // // * /ssm/automation/customer-script-log-destination // // * /ssm/automation/customer-script-log-group-name @@ -59710,26 +60500,36 @@ type UpdateServiceSettingInput struct { // // * /ssm/parameter-store/high-throughput-enabled // + // Permissions to update the /ssm/managed-instance/default-ec2-instance-management-role + // setting should only be provided to administrators. Implement least privilege + // access when allowing individuals to configure or modify the Default Host + // Management Configuration. + // // SettingId is a required field SettingId *string `min:"1" type:"string" required:"true"` // The new value to specify for the service setting. The following list specifies // the available values for each setting. // - // * /ssm/automation/customer-script-log-destination: CloudWatch + // * For /ssm/managed-instance/default-ec2-instance-management-role, enter + // the name of an IAM role. // - // * /ssm/automation/customer-script-log-group-name: the name of an Amazon - // CloudWatch Logs log group + // * For /ssm/automation/customer-script-log-destination, enter CloudWatch. // - // * /ssm/documents/console/public-sharing-permission: Enable or Disable + // * For /ssm/automation/customer-script-log-group-name, enter the name of + // an Amazon CloudWatch Logs log group. // - // * /ssm/managed-instance/activation-tier: standard or advanced + // * For /ssm/documents/console/public-sharing-permission, enter Enable or + // Disable. // - // * /ssm/opsinsights/opscenter: Enabled or Disabled + // * For /ssm/managed-instance/activation-tier, enter standard or advanced. // - // * /ssm/parameter-store/default-parameter-tier: Standard, Advanced, Intelligent-Tiering + // * For /ssm/opsinsights/opscenter, enter Enabled or Disabled. // - // * /ssm/parameter-store/high-throughput-enabled: true or false + // * For /ssm/parameter-store/default-parameter-tier, enter Standard, Advanced, + // or Intelligent-Tiering + // + // * For /ssm/parameter-store/high-throughput-enabled, enter true or false. // // SettingValue is a required field SettingValue *string `min:"1" type:"string" required:"true"` @@ -60116,6 +60916,9 @@ const ( // AutomationExecutionStatusCompletedWithFailure is a AutomationExecutionStatus enum value AutomationExecutionStatusCompletedWithFailure = "CompletedWithFailure" + + // AutomationExecutionStatusExited is a AutomationExecutionStatus enum value + AutomationExecutionStatusExited = "Exited" ) // AutomationExecutionStatus_Values returns all elements of the AutomationExecutionStatus enum @@ -60139,6 +60942,7 @@ func AutomationExecutionStatus_Values() []string { AutomationExecutionStatusChangeCalendarOverrideRejected, AutomationExecutionStatusCompletedWithSuccess, AutomationExecutionStatusCompletedWithFailure, + AutomationExecutionStatusExited, } } @@ -60416,17 +61220,17 @@ func ComplianceUploadType_Values() []string { const ( // ConnectionStatusConnected is a ConnectionStatus enum value - ConnectionStatusConnected = "Connected" + ConnectionStatusConnected = "connected" - // ConnectionStatusNotConnected is a ConnectionStatus enum value - ConnectionStatusNotConnected = "NotConnected" + // ConnectionStatusNotconnected is a ConnectionStatus enum value + ConnectionStatusNotconnected = "notconnected" ) // ConnectionStatus_Values returns all elements of the ConnectionStatus enum func ConnectionStatus_Values() []string { return []string{ ConnectionStatusConnected, - ConnectionStatusNotConnected, + ConnectionStatusNotconnected, } } @@ -61082,6 +61886,12 @@ const ( // OperatingSystemRockyLinux is a OperatingSystem enum value OperatingSystemRockyLinux = "ROCKY_LINUX" + + // OperatingSystemAlmaLinux is a OperatingSystem enum value + OperatingSystemAlmaLinux = "ALMA_LINUX" + + // OperatingSystemAmazonLinux2023 is a OperatingSystem enum value + OperatingSystemAmazonLinux2023 = "AMAZON_LINUX_2023" ) // OperatingSystem_Values returns all elements of the OperatingSystem enum @@ -61100,6 +61910,8 @@ func OperatingSystem_Values() []string { OperatingSystemMacos, OperatingSystemRaspbian, OperatingSystemRockyLinux, + OperatingSystemAlmaLinux, + OperatingSystemAmazonLinux2023, } } @@ -61823,9 +62635,6 @@ const ( // ResourceTypeManagedInstance is a ResourceType enum value ResourceTypeManagedInstance = "ManagedInstance" - // ResourceTypeDocument is a ResourceType enum value - ResourceTypeDocument = "Document" - // ResourceTypeEc2instance is a ResourceType enum value ResourceTypeEc2instance = "EC2Instance" ) @@ -61834,7 +62643,6 @@ const ( func ResourceType_Values() []string { return []string{ ResourceTypeManagedInstance, - ResourceTypeDocument, ResourceTypeEc2instance, } } @@ -62053,6 +62861,15 @@ const ( // StepExecutionFilterKeyAction is a StepExecutionFilterKey enum value StepExecutionFilterKeyAction = "Action" + + // StepExecutionFilterKeyParentStepExecutionId is a StepExecutionFilterKey enum value + StepExecutionFilterKeyParentStepExecutionId = "ParentStepExecutionId" + + // StepExecutionFilterKeyParentStepIteration is a StepExecutionFilterKey enum value + StepExecutionFilterKeyParentStepIteration = "ParentStepIteration" + + // StepExecutionFilterKeyParentStepIteratorValue is a StepExecutionFilterKey enum value + StepExecutionFilterKeyParentStepIteratorValue = "ParentStepIteratorValue" ) // StepExecutionFilterKey_Values returns all elements of the StepExecutionFilterKey enum @@ -62064,6 +62881,9 @@ func StepExecutionFilterKey_Values() []string { StepExecutionFilterKeyStepExecutionId, StepExecutionFilterKeyStepName, StepExecutionFilterKeyAction, + StepExecutionFilterKeyParentStepExecutionId, + StepExecutionFilterKeyParentStepIteration, + StepExecutionFilterKeyParentStepIteratorValue, } } diff --git a/agent/vendor/github.com/aws/aws-sdk-go/service/ssm/doc.go b/agent/vendor/github.com/aws/aws-sdk-go/service/ssm/doc.go index 0bb97bb8e31..a527ef256c4 100644 --- a/agent/vendor/github.com/aws/aws-sdk-go/service/ssm/doc.go +++ b/agent/vendor/github.com/aws/aws-sdk-go/service/ssm/doc.go @@ -15,7 +15,7 @@ // Related resources // // - For information about each of the capabilities that comprise Systems -// Manager, see Systems Manager capabilities (https://docs.aws.amazon.com/systems-manager-automation-runbooks/latest/userguide/what-is-systems-manager.html#systems-manager-capabilities) +// Manager, see Systems Manager capabilities (https://docs.aws.amazon.com/systems-manager/latest/userguide/what-is-systems-manager.html#systems-manager-capabilities) // in the Amazon Web Services Systems Manager User Guide. // // - For details about predefined runbooks for Automation, a capability of diff --git a/agent/vendor/github.com/aws/aws-sdk-go/service/ssm/errors.go b/agent/vendor/github.com/aws/aws-sdk-go/service/ssm/errors.go index fe84c7a1585..7029a44239c 100644 --- a/agent/vendor/github.com/aws/aws-sdk-go/service/ssm/errors.go +++ b/agent/vendor/github.com/aws/aws-sdk-go/service/ssm/errors.go @@ -122,8 +122,8 @@ const ( // ErrCodeDocumentPermissionLimit for service response error code // "DocumentPermissionLimit". // - // The document can't be shared with more Amazon Web Services user accounts. - // You can specify a maximum of 20 accounts per API operation to share a private + // The document can't be shared with more Amazon Web Services accounts. You + // can specify a maximum of 20 accounts per API operation to share a private // document. // // By default, you can share a private document with a maximum of 1,000 accounts @@ -367,14 +367,15 @@ const ( // // * You don't have permission to access the managed node. // - // * Amazon Web Services Systems Manager Agent(SSM Agent) isn't running. + // * Amazon Web Services Systems Manager Agent (SSM Agent) isn't running. // Verify that SSM Agent is running. // // * SSM Agent isn't registered with the SSM endpoint. Try reinstalling SSM // Agent. // - // * The managed node isn't in valid state. Valid states are: Running, Pending, - // Stopped, and Stopping. Invalid states are: Shutting-down and Terminated. + // * The managed node isn't in a valid state. Valid states are: Running, + // Pending, Stopped, and Stopping. Invalid states are: Shutting-down and + // Terminated. ErrCodeInvalidInstanceId = "InvalidInstanceId" // ErrCodeInvalidInstanceInformationFilterValue for service response error code @@ -506,7 +507,8 @@ const ( // The role name can't contain invalid characters. Also verify that you specified // an IAM role for notifications that includes the required trust policy. For // information about configuring the IAM role for Run Command notifications, - // see Configuring Amazon SNS Notifications for Run Command (https://docs.aws.amazon.com/systems-manager/latest/userguide/rc-sns-notifications.html) + // see Monitoring Systems Manager status changes using Amazon SNS notifications + // (https://docs.aws.amazon.com/systems-manager/latest/userguide/monitoring-sns-notifications.html) // in the Amazon Web Services Systems Manager User Guide. ErrCodeInvalidRole = "InvalidRole" @@ -566,6 +568,13 @@ const ( // The inventory item size has exceeded the size limit. ErrCodeItemSizeLimitExceededException = "ItemSizeLimitExceededException" + // ErrCodeMalformedResourcePolicyDocumentException for service response error code + // "MalformedResourcePolicyDocumentException". + // + // The specified policy document is malformed or invalid, or excessive PutResourcePolicy + // or DeleteResourcePolicy calls have been made. + ErrCodeMalformedResourcePolicyDocumentException = "MalformedResourcePolicyDocumentException" + // ErrCodeMaxDocumentSizeExceeded for service response error code // "MaxDocumentSizeExceeded". // @@ -586,6 +595,12 @@ const ( // The OpsItem already exists. ErrCodeOpsItemAlreadyExistsException = "OpsItemAlreadyExistsException" + // ErrCodeOpsItemConflictException for service response error code + // "OpsItemConflictException". + // + // The specified OpsItem is in the process of being deleted. + ErrCodeOpsItemConflictException = "OpsItemConflictException" + // ErrCodeOpsItemInvalidParameterException for service response error code // "OpsItemInvalidParameterException". // @@ -596,8 +611,7 @@ const ( // ErrCodeOpsItemLimitExceededException for service response error code // "OpsItemLimitExceededException". // - // The request caused OpsItems to exceed one or more quotas. For information - // about OpsItem quotas, see What are the resource limits for OpsCenter? (https://docs.aws.amazon.com/systems-manager/latest/userguide/OpsCenter-learn-more.html#OpsCenter-learn-more-limits). + // The request caused OpsItems to exceed one or more quotas. ErrCodeOpsItemLimitExceededException = "OpsItemLimitExceededException" // ErrCodeOpsItemNotFoundException for service response error code @@ -777,6 +791,12 @@ const ( // in the Amazon Web Services General Reference. ErrCodeResourceLimitExceededException = "ResourceLimitExceededException" + // ErrCodeResourceNotFoundException for service response error code + // "ResourceNotFoundException". + // + // The specified parameter to be shared could not be found. + ErrCodeResourceNotFoundException = "ResourceNotFoundException" + // ErrCodeResourcePolicyConflictException for service response error code // "ResourcePolicyConflictException". // @@ -800,6 +820,12 @@ const ( // Verify these limits and try again. ErrCodeResourcePolicyLimitExceededException = "ResourcePolicyLimitExceededException" + // ErrCodeResourcePolicyNotFoundException for service response error code + // "ResourcePolicyNotFoundException". + // + // No policies with the specified policy ID and hash could be found. + ErrCodeResourcePolicyNotFoundException = "ResourcePolicyNotFoundException" + // ErrCodeServiceSettingNotFound for service response error code // "ServiceSettingNotFound". // @@ -869,7 +895,7 @@ const ( // Patching for applications released by Microsoft is only available on EC2 // instances and advanced instances. To patch applications released by Microsoft // on on-premises servers and VMs, you must enable advanced instances. For more - // information, see Enabling the advanced-instances tier (https://docs.aws.amazon.com/systems-manager/latest/userguide/systems-manager-managedinstances-advanced.html) + // information, see Turning on the advanced-instances tier (https://docs.aws.amazon.com/systems-manager/latest/userguide/systems-manager-managedinstances-advanced.html) // in the Amazon Web Services Systems Manager User Guide. ErrCodeUnsupportedFeatureRequiredException = "UnsupportedFeatureRequiredException" @@ -906,8 +932,8 @@ const ( // "UnsupportedPlatformType". // // The document doesn't support the platform type of the given managed node - // ID(s). For example, you sent an document for a Windows managed node to a - // Linux node. + // IDs. For example, you sent an document for a Windows managed node to a Linux + // node. ErrCodeUnsupportedPlatformType = "UnsupportedPlatformType" ) @@ -993,9 +1019,11 @@ var exceptionFromCode = map[string]func(protocol.ResponseMetadata) error{ "InvocationDoesNotExist": newErrorInvocationDoesNotExist, "ItemContentMismatchException": newErrorItemContentMismatchException, "ItemSizeLimitExceededException": newErrorItemSizeLimitExceededException, + "MalformedResourcePolicyDocumentException": newErrorMalformedResourcePolicyDocumentException, "MaxDocumentSizeExceeded": newErrorMaxDocumentSizeExceeded, "OpsItemAccessDeniedException": newErrorOpsItemAccessDeniedException, "OpsItemAlreadyExistsException": newErrorOpsItemAlreadyExistsException, + "OpsItemConflictException": newErrorOpsItemConflictException, "OpsItemInvalidParameterException": newErrorOpsItemInvalidParameterException, "OpsItemLimitExceededException": newErrorOpsItemLimitExceededException, "OpsItemNotFoundException": newErrorOpsItemNotFoundException, @@ -1022,9 +1050,11 @@ var exceptionFromCode = map[string]func(protocol.ResponseMetadata) error{ "ResourceDataSyncNotFoundException": newErrorResourceDataSyncNotFoundException, "ResourceInUseException": newErrorResourceInUseException, "ResourceLimitExceededException": newErrorResourceLimitExceededException, + "ResourceNotFoundException": newErrorResourceNotFoundException, "ResourcePolicyConflictException": newErrorResourcePolicyConflictException, "ResourcePolicyInvalidParameterException": newErrorResourcePolicyInvalidParameterException, "ResourcePolicyLimitExceededException": newErrorResourcePolicyLimitExceededException, + "ResourcePolicyNotFoundException": newErrorResourcePolicyNotFoundException, "ServiceSettingNotFound": newErrorServiceSettingNotFound, "StatusUnchanged": newErrorStatusUnchanged, "SubTypeCountLimitExceededException": newErrorSubTypeCountLimitExceededException, diff --git a/agent/vendor/github.com/aws/aws-sdk-go/service/ssooidc/api.go b/agent/vendor/github.com/aws/aws-sdk-go/service/ssooidc/api.go new file mode 100644 index 00000000000..04f6c811b63 --- /dev/null +++ b/agent/vendor/github.com/aws/aws-sdk-go/service/ssooidc/api.go @@ -0,0 +1,2252 @@ +// Code generated by private/model/cli/gen-api/main.go. DO NOT EDIT. + +package ssooidc + +import ( + "fmt" + + "github.com/aws/aws-sdk-go/aws" + "github.com/aws/aws-sdk-go/aws/awsutil" + "github.com/aws/aws-sdk-go/aws/credentials" + "github.com/aws/aws-sdk-go/aws/request" + "github.com/aws/aws-sdk-go/private/protocol" +) + +const opCreateToken = "CreateToken" + +// CreateTokenRequest generates a "aws/request.Request" representing the +// client's request for the CreateToken operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See CreateToken for more information on using the CreateToken +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the CreateTokenRequest method. +// req, resp := client.CreateTokenRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/sso-oidc-2019-06-10/CreateToken +func (c *SSOOIDC) CreateTokenRequest(input *CreateTokenInput) (req *request.Request, output *CreateTokenOutput) { + op := &request.Operation{ + Name: opCreateToken, + HTTPMethod: "POST", + HTTPPath: "/token", + } + + if input == nil { + input = &CreateTokenInput{} + } + + output = &CreateTokenOutput{} + req = c.newRequest(op, input, output) + req.Config.Credentials = credentials.AnonymousCredentials + return +} + +// CreateToken API operation for AWS SSO OIDC. +// +// Creates and returns access and refresh tokens for clients that are authenticated +// using client secrets. The access token can be used to fetch short-term credentials +// for the assigned AWS accounts or to access application APIs using bearer +// authentication. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for AWS SSO OIDC's +// API operation CreateToken for usage and error information. +// +// Returned Error Types: +// +// - InvalidRequestException +// Indicates that something is wrong with the input to the request. For example, +// a required parameter might be missing or out of range. +// +// - InvalidClientException +// Indicates that the clientId or clientSecret in the request is invalid. For +// example, this can occur when a client sends an incorrect clientId or an expired +// clientSecret. +// +// - InvalidGrantException +// Indicates that a request contains an invalid grant. This can occur if a client +// makes a CreateToken request with an invalid grant type. +// +// - UnauthorizedClientException +// Indicates that the client is not currently authorized to make the request. +// This can happen when a clientId is not issued for a public client. +// +// - UnsupportedGrantTypeException +// Indicates that the grant type in the request is not supported by the service. +// +// - InvalidScopeException +// Indicates that the scope provided in the request is invalid. +// +// - AuthorizationPendingException +// Indicates that a request to authorize a client with an access user session +// token is pending. +// +// - SlowDownException +// Indicates that the client is making the request too frequently and is more +// than the service can handle. +// +// - AccessDeniedException +// You do not have sufficient access to perform this action. +// +// - ExpiredTokenException +// Indicates that the token issued by the service is expired and is no longer +// valid. +// +// - InternalServerException +// Indicates that an error from the service occurred while trying to process +// a request. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/sso-oidc-2019-06-10/CreateToken +func (c *SSOOIDC) CreateToken(input *CreateTokenInput) (*CreateTokenOutput, error) { + req, out := c.CreateTokenRequest(input) + return out, req.Send() +} + +// CreateTokenWithContext is the same as CreateToken with the addition of +// the ability to pass a context and additional request options. +// +// See CreateToken for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *SSOOIDC) CreateTokenWithContext(ctx aws.Context, input *CreateTokenInput, opts ...request.Option) (*CreateTokenOutput, error) { + req, out := c.CreateTokenRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opCreateTokenWithIAM = "CreateTokenWithIAM" + +// CreateTokenWithIAMRequest generates a "aws/request.Request" representing the +// client's request for the CreateTokenWithIAM operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See CreateTokenWithIAM for more information on using the CreateTokenWithIAM +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the CreateTokenWithIAMRequest method. +// req, resp := client.CreateTokenWithIAMRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/sso-oidc-2019-06-10/CreateTokenWithIAM +func (c *SSOOIDC) CreateTokenWithIAMRequest(input *CreateTokenWithIAMInput) (req *request.Request, output *CreateTokenWithIAMOutput) { + op := &request.Operation{ + Name: opCreateTokenWithIAM, + HTTPMethod: "POST", + HTTPPath: "/token?aws_iam=t", + } + + if input == nil { + input = &CreateTokenWithIAMInput{} + } + + output = &CreateTokenWithIAMOutput{} + req = c.newRequest(op, input, output) + return +} + +// CreateTokenWithIAM API operation for AWS SSO OIDC. +// +// Creates and returns access and refresh tokens for clients and applications +// that are authenticated using IAM entities. The access token can be used to +// fetch short-term credentials for the assigned AWS accounts or to access application +// APIs using bearer authentication. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for AWS SSO OIDC's +// API operation CreateTokenWithIAM for usage and error information. +// +// Returned Error Types: +// +// - InvalidRequestException +// Indicates that something is wrong with the input to the request. For example, +// a required parameter might be missing or out of range. +// +// - InvalidClientException +// Indicates that the clientId or clientSecret in the request is invalid. For +// example, this can occur when a client sends an incorrect clientId or an expired +// clientSecret. +// +// - InvalidGrantException +// Indicates that a request contains an invalid grant. This can occur if a client +// makes a CreateToken request with an invalid grant type. +// +// - UnauthorizedClientException +// Indicates that the client is not currently authorized to make the request. +// This can happen when a clientId is not issued for a public client. +// +// - UnsupportedGrantTypeException +// Indicates that the grant type in the request is not supported by the service. +// +// - InvalidScopeException +// Indicates that the scope provided in the request is invalid. +// +// - AuthorizationPendingException +// Indicates that a request to authorize a client with an access user session +// token is pending. +// +// - SlowDownException +// Indicates that the client is making the request too frequently and is more +// than the service can handle. +// +// - AccessDeniedException +// You do not have sufficient access to perform this action. +// +// - ExpiredTokenException +// Indicates that the token issued by the service is expired and is no longer +// valid. +// +// - InternalServerException +// Indicates that an error from the service occurred while trying to process +// a request. +// +// - InvalidRequestRegionException +// Indicates that a token provided as input to the request was issued by and +// is only usable by calling IAM Identity Center endpoints in another region. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/sso-oidc-2019-06-10/CreateTokenWithIAM +func (c *SSOOIDC) CreateTokenWithIAM(input *CreateTokenWithIAMInput) (*CreateTokenWithIAMOutput, error) { + req, out := c.CreateTokenWithIAMRequest(input) + return out, req.Send() +} + +// CreateTokenWithIAMWithContext is the same as CreateTokenWithIAM with the addition of +// the ability to pass a context and additional request options. +// +// See CreateTokenWithIAM for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *SSOOIDC) CreateTokenWithIAMWithContext(ctx aws.Context, input *CreateTokenWithIAMInput, opts ...request.Option) (*CreateTokenWithIAMOutput, error) { + req, out := c.CreateTokenWithIAMRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opRegisterClient = "RegisterClient" + +// RegisterClientRequest generates a "aws/request.Request" representing the +// client's request for the RegisterClient operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See RegisterClient for more information on using the RegisterClient +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the RegisterClientRequest method. +// req, resp := client.RegisterClientRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/sso-oidc-2019-06-10/RegisterClient +func (c *SSOOIDC) RegisterClientRequest(input *RegisterClientInput) (req *request.Request, output *RegisterClientOutput) { + op := &request.Operation{ + Name: opRegisterClient, + HTTPMethod: "POST", + HTTPPath: "/client/register", + } + + if input == nil { + input = &RegisterClientInput{} + } + + output = &RegisterClientOutput{} + req = c.newRequest(op, input, output) + req.Config.Credentials = credentials.AnonymousCredentials + return +} + +// RegisterClient API operation for AWS SSO OIDC. +// +// Registers a client with IAM Identity Center. This allows clients to initiate +// device authorization. The output should be persisted for reuse through many +// authentication requests. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for AWS SSO OIDC's +// API operation RegisterClient for usage and error information. +// +// Returned Error Types: +// +// - InvalidRequestException +// Indicates that something is wrong with the input to the request. For example, +// a required parameter might be missing or out of range. +// +// - InvalidScopeException +// Indicates that the scope provided in the request is invalid. +// +// - InvalidClientMetadataException +// Indicates that the client information sent in the request during registration +// is invalid. +// +// - InternalServerException +// Indicates that an error from the service occurred while trying to process +// a request. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/sso-oidc-2019-06-10/RegisterClient +func (c *SSOOIDC) RegisterClient(input *RegisterClientInput) (*RegisterClientOutput, error) { + req, out := c.RegisterClientRequest(input) + return out, req.Send() +} + +// RegisterClientWithContext is the same as RegisterClient with the addition of +// the ability to pass a context and additional request options. +// +// See RegisterClient for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *SSOOIDC) RegisterClientWithContext(ctx aws.Context, input *RegisterClientInput, opts ...request.Option) (*RegisterClientOutput, error) { + req, out := c.RegisterClientRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opStartDeviceAuthorization = "StartDeviceAuthorization" + +// StartDeviceAuthorizationRequest generates a "aws/request.Request" representing the +// client's request for the StartDeviceAuthorization operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See StartDeviceAuthorization for more information on using the StartDeviceAuthorization +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the StartDeviceAuthorizationRequest method. +// req, resp := client.StartDeviceAuthorizationRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/sso-oidc-2019-06-10/StartDeviceAuthorization +func (c *SSOOIDC) StartDeviceAuthorizationRequest(input *StartDeviceAuthorizationInput) (req *request.Request, output *StartDeviceAuthorizationOutput) { + op := &request.Operation{ + Name: opStartDeviceAuthorization, + HTTPMethod: "POST", + HTTPPath: "/device_authorization", + } + + if input == nil { + input = &StartDeviceAuthorizationInput{} + } + + output = &StartDeviceAuthorizationOutput{} + req = c.newRequest(op, input, output) + req.Config.Credentials = credentials.AnonymousCredentials + return +} + +// StartDeviceAuthorization API operation for AWS SSO OIDC. +// +// Initiates device authorization by requesting a pair of verification codes +// from the authorization service. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for AWS SSO OIDC's +// API operation StartDeviceAuthorization for usage and error information. +// +// Returned Error Types: +// +// - InvalidRequestException +// Indicates that something is wrong with the input to the request. For example, +// a required parameter might be missing or out of range. +// +// - InvalidClientException +// Indicates that the clientId or clientSecret in the request is invalid. For +// example, this can occur when a client sends an incorrect clientId or an expired +// clientSecret. +// +// - UnauthorizedClientException +// Indicates that the client is not currently authorized to make the request. +// This can happen when a clientId is not issued for a public client. +// +// - SlowDownException +// Indicates that the client is making the request too frequently and is more +// than the service can handle. +// +// - InternalServerException +// Indicates that an error from the service occurred while trying to process +// a request. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/sso-oidc-2019-06-10/StartDeviceAuthorization +func (c *SSOOIDC) StartDeviceAuthorization(input *StartDeviceAuthorizationInput) (*StartDeviceAuthorizationOutput, error) { + req, out := c.StartDeviceAuthorizationRequest(input) + return out, req.Send() +} + +// StartDeviceAuthorizationWithContext is the same as StartDeviceAuthorization with the addition of +// the ability to pass a context and additional request options. +// +// See StartDeviceAuthorization for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *SSOOIDC) StartDeviceAuthorizationWithContext(ctx aws.Context, input *StartDeviceAuthorizationInput, opts ...request.Option) (*StartDeviceAuthorizationOutput, error) { + req, out := c.StartDeviceAuthorizationRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +// You do not have sufficient access to perform this action. +type AccessDeniedException struct { + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` + + // Single error code. For this exception the value will be access_denied. + Error_ *string `locationName:"error" type:"string"` + + // Human-readable text providing additional information, used to assist the + // client developer in understanding the error that occurred. + Error_description *string `locationName:"error_description" type:"string"` + + Message_ *string `locationName:"message" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s AccessDeniedException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s AccessDeniedException) GoString() string { + return s.String() +} + +func newErrorAccessDeniedException(v protocol.ResponseMetadata) error { + return &AccessDeniedException{ + RespMetadata: v, + } +} + +// Code returns the exception type name. +func (s *AccessDeniedException) Code() string { + return "AccessDeniedException" +} + +// Message returns the exception's message. +func (s *AccessDeniedException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s *AccessDeniedException) OrigErr() error { + return nil +} + +func (s *AccessDeniedException) Error() string { + return fmt.Sprintf("%s: %s\n%s", s.Code(), s.Message(), s.String()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s *AccessDeniedException) StatusCode() int { + return s.RespMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s *AccessDeniedException) RequestID() string { + return s.RespMetadata.RequestID +} + +// Indicates that a request to authorize a client with an access user session +// token is pending. +type AuthorizationPendingException struct { + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` + + // Single error code. For this exception the value will be authorization_pending. + Error_ *string `locationName:"error" type:"string"` + + // Human-readable text providing additional information, used to assist the + // client developer in understanding the error that occurred. + Error_description *string `locationName:"error_description" type:"string"` + + Message_ *string `locationName:"message" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s AuthorizationPendingException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s AuthorizationPendingException) GoString() string { + return s.String() +} + +func newErrorAuthorizationPendingException(v protocol.ResponseMetadata) error { + return &AuthorizationPendingException{ + RespMetadata: v, + } +} + +// Code returns the exception type name. +func (s *AuthorizationPendingException) Code() string { + return "AuthorizationPendingException" +} + +// Message returns the exception's message. +func (s *AuthorizationPendingException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s *AuthorizationPendingException) OrigErr() error { + return nil +} + +func (s *AuthorizationPendingException) Error() string { + return fmt.Sprintf("%s: %s\n%s", s.Code(), s.Message(), s.String()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s *AuthorizationPendingException) StatusCode() int { + return s.RespMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s *AuthorizationPendingException) RequestID() string { + return s.RespMetadata.RequestID +} + +type CreateTokenInput struct { + _ struct{} `type:"structure"` + + // The unique identifier string for the client or application. This value comes + // from the result of the RegisterClient API. + // + // ClientId is a required field + ClientId *string `locationName:"clientId" type:"string" required:"true"` + + // A secret string generated for the client. This value should come from the + // persisted result of the RegisterClient API. + // + // ClientSecret is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by CreateTokenInput's + // String and GoString methods. + // + // ClientSecret is a required field + ClientSecret *string `locationName:"clientSecret" type:"string" required:"true" sensitive:"true"` + + // Used only when calling this API for the Authorization Code grant type. The + // short-term code is used to identify this authorization request. This grant + // type is currently unsupported for the CreateToken API. + Code *string `locationName:"code" type:"string"` + + // Used only when calling this API for the Device Code grant type. This short-term + // code is used to identify this authorization request. This comes from the + // result of the StartDeviceAuthorization API. + DeviceCode *string `locationName:"deviceCode" type:"string"` + + // Supports the following OAuth grant types: Device Code and Refresh Token. + // Specify either of the following values, depending on the grant type that + // you want: + // + // * Device Code - urn:ietf:params:oauth:grant-type:device_code + // + // * Refresh Token - refresh_token + // + // For information about how to obtain the device code, see the StartDeviceAuthorization + // topic. + // + // GrantType is a required field + GrantType *string `locationName:"grantType" type:"string" required:"true"` + + // Used only when calling this API for the Authorization Code grant type. This + // value specifies the location of the client or application that has registered + // to receive the authorization code. + RedirectUri *string `locationName:"redirectUri" type:"string"` + + // Used only when calling this API for the Refresh Token grant type. This token + // is used to refresh short-term tokens, such as the access token, that might + // expire. + // + // For more information about the features and limitations of the current IAM + // Identity Center OIDC implementation, see Considerations for Using this Guide + // in the IAM Identity Center OIDC API Reference (https://docs.aws.amazon.com/singlesignon/latest/OIDCAPIReference/Welcome.html). + // + // RefreshToken is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by CreateTokenInput's + // String and GoString methods. + RefreshToken *string `locationName:"refreshToken" type:"string" sensitive:"true"` + + // The list of scopes for which authorization is requested. The access token + // that is issued is limited to the scopes that are granted. If this value is + // not specified, IAM Identity Center authorizes all scopes that are configured + // for the client during the call to RegisterClient. + Scope []*string `locationName:"scope" type:"list"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CreateTokenInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CreateTokenInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *CreateTokenInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "CreateTokenInput"} + if s.ClientId == nil { + invalidParams.Add(request.NewErrParamRequired("ClientId")) + } + if s.ClientSecret == nil { + invalidParams.Add(request.NewErrParamRequired("ClientSecret")) + } + if s.GrantType == nil { + invalidParams.Add(request.NewErrParamRequired("GrantType")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetClientId sets the ClientId field's value. +func (s *CreateTokenInput) SetClientId(v string) *CreateTokenInput { + s.ClientId = &v + return s +} + +// SetClientSecret sets the ClientSecret field's value. +func (s *CreateTokenInput) SetClientSecret(v string) *CreateTokenInput { + s.ClientSecret = &v + return s +} + +// SetCode sets the Code field's value. +func (s *CreateTokenInput) SetCode(v string) *CreateTokenInput { + s.Code = &v + return s +} + +// SetDeviceCode sets the DeviceCode field's value. +func (s *CreateTokenInput) SetDeviceCode(v string) *CreateTokenInput { + s.DeviceCode = &v + return s +} + +// SetGrantType sets the GrantType field's value. +func (s *CreateTokenInput) SetGrantType(v string) *CreateTokenInput { + s.GrantType = &v + return s +} + +// SetRedirectUri sets the RedirectUri field's value. +func (s *CreateTokenInput) SetRedirectUri(v string) *CreateTokenInput { + s.RedirectUri = &v + return s +} + +// SetRefreshToken sets the RefreshToken field's value. +func (s *CreateTokenInput) SetRefreshToken(v string) *CreateTokenInput { + s.RefreshToken = &v + return s +} + +// SetScope sets the Scope field's value. +func (s *CreateTokenInput) SetScope(v []*string) *CreateTokenInput { + s.Scope = v + return s +} + +type CreateTokenOutput struct { + _ struct{} `type:"structure"` + + // A bearer token to access AWS accounts and applications assigned to a user. + // + // AccessToken is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by CreateTokenOutput's + // String and GoString methods. + AccessToken *string `locationName:"accessToken" type:"string" sensitive:"true"` + + // Indicates the time in seconds when an access token will expire. + ExpiresIn *int64 `locationName:"expiresIn" type:"integer"` + + // The idToken is not implemented or supported. For more information about the + // features and limitations of the current IAM Identity Center OIDC implementation, + // see Considerations for Using this Guide in the IAM Identity Center OIDC API + // Reference (https://docs.aws.amazon.com/singlesignon/latest/OIDCAPIReference/Welcome.html). + // + // A JSON Web Token (JWT) that identifies who is associated with the issued + // access token. + // + // IdToken is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by CreateTokenOutput's + // String and GoString methods. + IdToken *string `locationName:"idToken" type:"string" sensitive:"true"` + + // A token that, if present, can be used to refresh a previously issued access + // token that might have expired. + // + // For more information about the features and limitations of the current IAM + // Identity Center OIDC implementation, see Considerations for Using this Guide + // in the IAM Identity Center OIDC API Reference (https://docs.aws.amazon.com/singlesignon/latest/OIDCAPIReference/Welcome.html). + // + // RefreshToken is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by CreateTokenOutput's + // String and GoString methods. + RefreshToken *string `locationName:"refreshToken" type:"string" sensitive:"true"` + + // Used to notify the client that the returned token is an access token. The + // supported token type is Bearer. + TokenType *string `locationName:"tokenType" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CreateTokenOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CreateTokenOutput) GoString() string { + return s.String() +} + +// SetAccessToken sets the AccessToken field's value. +func (s *CreateTokenOutput) SetAccessToken(v string) *CreateTokenOutput { + s.AccessToken = &v + return s +} + +// SetExpiresIn sets the ExpiresIn field's value. +func (s *CreateTokenOutput) SetExpiresIn(v int64) *CreateTokenOutput { + s.ExpiresIn = &v + return s +} + +// SetIdToken sets the IdToken field's value. +func (s *CreateTokenOutput) SetIdToken(v string) *CreateTokenOutput { + s.IdToken = &v + return s +} + +// SetRefreshToken sets the RefreshToken field's value. +func (s *CreateTokenOutput) SetRefreshToken(v string) *CreateTokenOutput { + s.RefreshToken = &v + return s +} + +// SetTokenType sets the TokenType field's value. +func (s *CreateTokenOutput) SetTokenType(v string) *CreateTokenOutput { + s.TokenType = &v + return s +} + +type CreateTokenWithIAMInput struct { + _ struct{} `type:"structure"` + + // Used only when calling this API for the JWT Bearer grant type. This value + // specifies the JSON Web Token (JWT) issued by a trusted token issuer. To authorize + // a trusted token issuer, configure the JWT Bearer GrantOptions for the application. + // + // Assertion is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by CreateTokenWithIAMInput's + // String and GoString methods. + Assertion *string `locationName:"assertion" type:"string" sensitive:"true"` + + // The unique identifier string for the client or application. This value is + // an application ARN that has OAuth grants configured. + // + // ClientId is a required field + ClientId *string `locationName:"clientId" type:"string" required:"true"` + + // Used only when calling this API for the Authorization Code grant type. This + // short-term code is used to identify this authorization request. The code + // is obtained through a redirect from IAM Identity Center to a redirect URI + // persisted in the Authorization Code GrantOptions for the application. + Code *string `locationName:"code" type:"string"` + + // Supports the following OAuth grant types: Authorization Code, Refresh Token, + // JWT Bearer, and Token Exchange. Specify one of the following values, depending + // on the grant type that you want: + // + // * Authorization Code - authorization_code + // + // * Refresh Token - refresh_token + // + // * JWT Bearer - urn:ietf:params:oauth:grant-type:jwt-bearer + // + // * Token Exchange - urn:ietf:params:oauth:grant-type:token-exchange + // + // GrantType is a required field + GrantType *string `locationName:"grantType" type:"string" required:"true"` + + // Used only when calling this API for the Authorization Code grant type. This + // value specifies the location of the client or application that has registered + // to receive the authorization code. + RedirectUri *string `locationName:"redirectUri" type:"string"` + + // Used only when calling this API for the Refresh Token grant type. This token + // is used to refresh short-term tokens, such as the access token, that might + // expire. + // + // For more information about the features and limitations of the current IAM + // Identity Center OIDC implementation, see Considerations for Using this Guide + // in the IAM Identity Center OIDC API Reference (https://docs.aws.amazon.com/singlesignon/latest/OIDCAPIReference/Welcome.html). + // + // RefreshToken is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by CreateTokenWithIAMInput's + // String and GoString methods. + RefreshToken *string `locationName:"refreshToken" type:"string" sensitive:"true"` + + // Used only when calling this API for the Token Exchange grant type. This value + // specifies the type of token that the requester can receive. The following + // values are supported: + // + // * Access Token - urn:ietf:params:oauth:token-type:access_token + // + // * Refresh Token - urn:ietf:params:oauth:token-type:refresh_token + RequestedTokenType *string `locationName:"requestedTokenType" type:"string"` + + // The list of scopes for which authorization is requested. The access token + // that is issued is limited to the scopes that are granted. If the value is + // not specified, IAM Identity Center authorizes all scopes configured for the + // application, including the following default scopes: openid, aws, sts:identity_context. + Scope []*string `locationName:"scope" type:"list"` + + // Used only when calling this API for the Token Exchange grant type. This value + // specifies the subject of the exchange. The value of the subject token must + // be an access token issued by IAM Identity Center to a different client or + // application. The access token must have authorized scopes that indicate the + // requested application as a target audience. + // + // SubjectToken is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by CreateTokenWithIAMInput's + // String and GoString methods. + SubjectToken *string `locationName:"subjectToken" type:"string" sensitive:"true"` + + // Used only when calling this API for the Token Exchange grant type. This value + // specifies the type of token that is passed as the subject of the exchange. + // The following value is supported: + // + // * Access Token - urn:ietf:params:oauth:token-type:access_token + SubjectTokenType *string `locationName:"subjectTokenType" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CreateTokenWithIAMInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CreateTokenWithIAMInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *CreateTokenWithIAMInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "CreateTokenWithIAMInput"} + if s.ClientId == nil { + invalidParams.Add(request.NewErrParamRequired("ClientId")) + } + if s.GrantType == nil { + invalidParams.Add(request.NewErrParamRequired("GrantType")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetAssertion sets the Assertion field's value. +func (s *CreateTokenWithIAMInput) SetAssertion(v string) *CreateTokenWithIAMInput { + s.Assertion = &v + return s +} + +// SetClientId sets the ClientId field's value. +func (s *CreateTokenWithIAMInput) SetClientId(v string) *CreateTokenWithIAMInput { + s.ClientId = &v + return s +} + +// SetCode sets the Code field's value. +func (s *CreateTokenWithIAMInput) SetCode(v string) *CreateTokenWithIAMInput { + s.Code = &v + return s +} + +// SetGrantType sets the GrantType field's value. +func (s *CreateTokenWithIAMInput) SetGrantType(v string) *CreateTokenWithIAMInput { + s.GrantType = &v + return s +} + +// SetRedirectUri sets the RedirectUri field's value. +func (s *CreateTokenWithIAMInput) SetRedirectUri(v string) *CreateTokenWithIAMInput { + s.RedirectUri = &v + return s +} + +// SetRefreshToken sets the RefreshToken field's value. +func (s *CreateTokenWithIAMInput) SetRefreshToken(v string) *CreateTokenWithIAMInput { + s.RefreshToken = &v + return s +} + +// SetRequestedTokenType sets the RequestedTokenType field's value. +func (s *CreateTokenWithIAMInput) SetRequestedTokenType(v string) *CreateTokenWithIAMInput { + s.RequestedTokenType = &v + return s +} + +// SetScope sets the Scope field's value. +func (s *CreateTokenWithIAMInput) SetScope(v []*string) *CreateTokenWithIAMInput { + s.Scope = v + return s +} + +// SetSubjectToken sets the SubjectToken field's value. +func (s *CreateTokenWithIAMInput) SetSubjectToken(v string) *CreateTokenWithIAMInput { + s.SubjectToken = &v + return s +} + +// SetSubjectTokenType sets the SubjectTokenType field's value. +func (s *CreateTokenWithIAMInput) SetSubjectTokenType(v string) *CreateTokenWithIAMInput { + s.SubjectTokenType = &v + return s +} + +type CreateTokenWithIAMOutput struct { + _ struct{} `type:"structure"` + + // A bearer token to access AWS accounts and applications assigned to a user. + // + // AccessToken is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by CreateTokenWithIAMOutput's + // String and GoString methods. + AccessToken *string `locationName:"accessToken" type:"string" sensitive:"true"` + + // Indicates the time in seconds when an access token will expire. + ExpiresIn *int64 `locationName:"expiresIn" type:"integer"` + + // A JSON Web Token (JWT) that identifies the user associated with the issued + // access token. + // + // IdToken is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by CreateTokenWithIAMOutput's + // String and GoString methods. + IdToken *string `locationName:"idToken" type:"string" sensitive:"true"` + + // Indicates the type of tokens that are issued by IAM Identity Center. The + // following values are supported: + // + // * Access Token - urn:ietf:params:oauth:token-type:access_token + // + // * Refresh Token - urn:ietf:params:oauth:token-type:refresh_token + IssuedTokenType *string `locationName:"issuedTokenType" type:"string"` + + // A token that, if present, can be used to refresh a previously issued access + // token that might have expired. + // + // For more information about the features and limitations of the current IAM + // Identity Center OIDC implementation, see Considerations for Using this Guide + // in the IAM Identity Center OIDC API Reference (https://docs.aws.amazon.com/singlesignon/latest/OIDCAPIReference/Welcome.html). + // + // RefreshToken is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by CreateTokenWithIAMOutput's + // String and GoString methods. + RefreshToken *string `locationName:"refreshToken" type:"string" sensitive:"true"` + + // The list of scopes for which authorization is granted. The access token that + // is issued is limited to the scopes that are granted. + Scope []*string `locationName:"scope" type:"list"` + + // Used to notify the requester that the returned token is an access token. + // The supported token type is Bearer. + TokenType *string `locationName:"tokenType" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CreateTokenWithIAMOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CreateTokenWithIAMOutput) GoString() string { + return s.String() +} + +// SetAccessToken sets the AccessToken field's value. +func (s *CreateTokenWithIAMOutput) SetAccessToken(v string) *CreateTokenWithIAMOutput { + s.AccessToken = &v + return s +} + +// SetExpiresIn sets the ExpiresIn field's value. +func (s *CreateTokenWithIAMOutput) SetExpiresIn(v int64) *CreateTokenWithIAMOutput { + s.ExpiresIn = &v + return s +} + +// SetIdToken sets the IdToken field's value. +func (s *CreateTokenWithIAMOutput) SetIdToken(v string) *CreateTokenWithIAMOutput { + s.IdToken = &v + return s +} + +// SetIssuedTokenType sets the IssuedTokenType field's value. +func (s *CreateTokenWithIAMOutput) SetIssuedTokenType(v string) *CreateTokenWithIAMOutput { + s.IssuedTokenType = &v + return s +} + +// SetRefreshToken sets the RefreshToken field's value. +func (s *CreateTokenWithIAMOutput) SetRefreshToken(v string) *CreateTokenWithIAMOutput { + s.RefreshToken = &v + return s +} + +// SetScope sets the Scope field's value. +func (s *CreateTokenWithIAMOutput) SetScope(v []*string) *CreateTokenWithIAMOutput { + s.Scope = v + return s +} + +// SetTokenType sets the TokenType field's value. +func (s *CreateTokenWithIAMOutput) SetTokenType(v string) *CreateTokenWithIAMOutput { + s.TokenType = &v + return s +} + +// Indicates that the token issued by the service is expired and is no longer +// valid. +type ExpiredTokenException struct { + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` + + // Single error code. For this exception the value will be expired_token. + Error_ *string `locationName:"error" type:"string"` + + // Human-readable text providing additional information, used to assist the + // client developer in understanding the error that occurred. + Error_description *string `locationName:"error_description" type:"string"` + + Message_ *string `locationName:"message" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ExpiredTokenException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ExpiredTokenException) GoString() string { + return s.String() +} + +func newErrorExpiredTokenException(v protocol.ResponseMetadata) error { + return &ExpiredTokenException{ + RespMetadata: v, + } +} + +// Code returns the exception type name. +func (s *ExpiredTokenException) Code() string { + return "ExpiredTokenException" +} + +// Message returns the exception's message. +func (s *ExpiredTokenException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s *ExpiredTokenException) OrigErr() error { + return nil +} + +func (s *ExpiredTokenException) Error() string { + return fmt.Sprintf("%s: %s\n%s", s.Code(), s.Message(), s.String()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s *ExpiredTokenException) StatusCode() int { + return s.RespMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s *ExpiredTokenException) RequestID() string { + return s.RespMetadata.RequestID +} + +// Indicates that an error from the service occurred while trying to process +// a request. +type InternalServerException struct { + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` + + // Single error code. For this exception the value will be server_error. + Error_ *string `locationName:"error" type:"string"` + + // Human-readable text providing additional information, used to assist the + // client developer in understanding the error that occurred. + Error_description *string `locationName:"error_description" type:"string"` + + Message_ *string `locationName:"message" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s InternalServerException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s InternalServerException) GoString() string { + return s.String() +} + +func newErrorInternalServerException(v protocol.ResponseMetadata) error { + return &InternalServerException{ + RespMetadata: v, + } +} + +// Code returns the exception type name. +func (s *InternalServerException) Code() string { + return "InternalServerException" +} + +// Message returns the exception's message. +func (s *InternalServerException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s *InternalServerException) OrigErr() error { + return nil +} + +func (s *InternalServerException) Error() string { + return fmt.Sprintf("%s: %s\n%s", s.Code(), s.Message(), s.String()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s *InternalServerException) StatusCode() int { + return s.RespMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s *InternalServerException) RequestID() string { + return s.RespMetadata.RequestID +} + +// Indicates that the clientId or clientSecret in the request is invalid. For +// example, this can occur when a client sends an incorrect clientId or an expired +// clientSecret. +type InvalidClientException struct { + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` + + // Single error code. For this exception the value will be invalid_client. + Error_ *string `locationName:"error" type:"string"` + + // Human-readable text providing additional information, used to assist the + // client developer in understanding the error that occurred. + Error_description *string `locationName:"error_description" type:"string"` + + Message_ *string `locationName:"message" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s InvalidClientException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s InvalidClientException) GoString() string { + return s.String() +} + +func newErrorInvalidClientException(v protocol.ResponseMetadata) error { + return &InvalidClientException{ + RespMetadata: v, + } +} + +// Code returns the exception type name. +func (s *InvalidClientException) Code() string { + return "InvalidClientException" +} + +// Message returns the exception's message. +func (s *InvalidClientException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s *InvalidClientException) OrigErr() error { + return nil +} + +func (s *InvalidClientException) Error() string { + return fmt.Sprintf("%s: %s\n%s", s.Code(), s.Message(), s.String()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s *InvalidClientException) StatusCode() int { + return s.RespMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s *InvalidClientException) RequestID() string { + return s.RespMetadata.RequestID +} + +// Indicates that the client information sent in the request during registration +// is invalid. +type InvalidClientMetadataException struct { + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` + + // Single error code. For this exception the value will be invalid_client_metadata. + Error_ *string `locationName:"error" type:"string"` + + // Human-readable text providing additional information, used to assist the + // client developer in understanding the error that occurred. + Error_description *string `locationName:"error_description" type:"string"` + + Message_ *string `locationName:"message" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s InvalidClientMetadataException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s InvalidClientMetadataException) GoString() string { + return s.String() +} + +func newErrorInvalidClientMetadataException(v protocol.ResponseMetadata) error { + return &InvalidClientMetadataException{ + RespMetadata: v, + } +} + +// Code returns the exception type name. +func (s *InvalidClientMetadataException) Code() string { + return "InvalidClientMetadataException" +} + +// Message returns the exception's message. +func (s *InvalidClientMetadataException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s *InvalidClientMetadataException) OrigErr() error { + return nil +} + +func (s *InvalidClientMetadataException) Error() string { + return fmt.Sprintf("%s: %s\n%s", s.Code(), s.Message(), s.String()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s *InvalidClientMetadataException) StatusCode() int { + return s.RespMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s *InvalidClientMetadataException) RequestID() string { + return s.RespMetadata.RequestID +} + +// Indicates that a request contains an invalid grant. This can occur if a client +// makes a CreateToken request with an invalid grant type. +type InvalidGrantException struct { + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` + + // Single error code. For this exception the value will be invalid_grant. + Error_ *string `locationName:"error" type:"string"` + + // Human-readable text providing additional information, used to assist the + // client developer in understanding the error that occurred. + Error_description *string `locationName:"error_description" type:"string"` + + Message_ *string `locationName:"message" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s InvalidGrantException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s InvalidGrantException) GoString() string { + return s.String() +} + +func newErrorInvalidGrantException(v protocol.ResponseMetadata) error { + return &InvalidGrantException{ + RespMetadata: v, + } +} + +// Code returns the exception type name. +func (s *InvalidGrantException) Code() string { + return "InvalidGrantException" +} + +// Message returns the exception's message. +func (s *InvalidGrantException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s *InvalidGrantException) OrigErr() error { + return nil +} + +func (s *InvalidGrantException) Error() string { + return fmt.Sprintf("%s: %s\n%s", s.Code(), s.Message(), s.String()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s *InvalidGrantException) StatusCode() int { + return s.RespMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s *InvalidGrantException) RequestID() string { + return s.RespMetadata.RequestID +} + +// Indicates that something is wrong with the input to the request. For example, +// a required parameter might be missing or out of range. +type InvalidRequestException struct { + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` + + // Single error code. For this exception the value will be invalid_request. + Error_ *string `locationName:"error" type:"string"` + + // Human-readable text providing additional information, used to assist the + // client developer in understanding the error that occurred. + Error_description *string `locationName:"error_description" type:"string"` + + Message_ *string `locationName:"message" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s InvalidRequestException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s InvalidRequestException) GoString() string { + return s.String() +} + +func newErrorInvalidRequestException(v protocol.ResponseMetadata) error { + return &InvalidRequestException{ + RespMetadata: v, + } +} + +// Code returns the exception type name. +func (s *InvalidRequestException) Code() string { + return "InvalidRequestException" +} + +// Message returns the exception's message. +func (s *InvalidRequestException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s *InvalidRequestException) OrigErr() error { + return nil +} + +func (s *InvalidRequestException) Error() string { + return fmt.Sprintf("%s: %s\n%s", s.Code(), s.Message(), s.String()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s *InvalidRequestException) StatusCode() int { + return s.RespMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s *InvalidRequestException) RequestID() string { + return s.RespMetadata.RequestID +} + +// Indicates that a token provided as input to the request was issued by and +// is only usable by calling IAM Identity Center endpoints in another region. +type InvalidRequestRegionException struct { + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` + + // Indicates the IAM Identity Center endpoint which the requester may call with + // this token. + Endpoint *string `locationName:"endpoint" type:"string"` + + // Single error code. For this exception the value will be invalid_request. + Error_ *string `locationName:"error" type:"string"` + + // Human-readable text providing additional information, used to assist the + // client developer in understanding the error that occurred. + Error_description *string `locationName:"error_description" type:"string"` + + Message_ *string `locationName:"message" type:"string"` + + // Indicates the region which the requester may call with this token. + Region *string `locationName:"region" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s InvalidRequestRegionException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s InvalidRequestRegionException) GoString() string { + return s.String() +} + +func newErrorInvalidRequestRegionException(v protocol.ResponseMetadata) error { + return &InvalidRequestRegionException{ + RespMetadata: v, + } +} + +// Code returns the exception type name. +func (s *InvalidRequestRegionException) Code() string { + return "InvalidRequestRegionException" +} + +// Message returns the exception's message. +func (s *InvalidRequestRegionException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s *InvalidRequestRegionException) OrigErr() error { + return nil +} + +func (s *InvalidRequestRegionException) Error() string { + return fmt.Sprintf("%s: %s\n%s", s.Code(), s.Message(), s.String()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s *InvalidRequestRegionException) StatusCode() int { + return s.RespMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s *InvalidRequestRegionException) RequestID() string { + return s.RespMetadata.RequestID +} + +// Indicates that the scope provided in the request is invalid. +type InvalidScopeException struct { + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` + + // Single error code. For this exception the value will be invalid_scope. + Error_ *string `locationName:"error" type:"string"` + + // Human-readable text providing additional information, used to assist the + // client developer in understanding the error that occurred. + Error_description *string `locationName:"error_description" type:"string"` + + Message_ *string `locationName:"message" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s InvalidScopeException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s InvalidScopeException) GoString() string { + return s.String() +} + +func newErrorInvalidScopeException(v protocol.ResponseMetadata) error { + return &InvalidScopeException{ + RespMetadata: v, + } +} + +// Code returns the exception type name. +func (s *InvalidScopeException) Code() string { + return "InvalidScopeException" +} + +// Message returns the exception's message. +func (s *InvalidScopeException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s *InvalidScopeException) OrigErr() error { + return nil +} + +func (s *InvalidScopeException) Error() string { + return fmt.Sprintf("%s: %s\n%s", s.Code(), s.Message(), s.String()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s *InvalidScopeException) StatusCode() int { + return s.RespMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s *InvalidScopeException) RequestID() string { + return s.RespMetadata.RequestID +} + +type RegisterClientInput struct { + _ struct{} `type:"structure"` + + // The friendly name of the client. + // + // ClientName is a required field + ClientName *string `locationName:"clientName" type:"string" required:"true"` + + // The type of client. The service supports only public as a client type. Anything + // other than public will be rejected by the service. + // + // ClientType is a required field + ClientType *string `locationName:"clientType" type:"string" required:"true"` + + // The list of scopes that are defined by the client. Upon authorization, this + // list is used to restrict permissions when granting an access token. + Scopes []*string `locationName:"scopes" type:"list"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s RegisterClientInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s RegisterClientInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *RegisterClientInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "RegisterClientInput"} + if s.ClientName == nil { + invalidParams.Add(request.NewErrParamRequired("ClientName")) + } + if s.ClientType == nil { + invalidParams.Add(request.NewErrParamRequired("ClientType")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetClientName sets the ClientName field's value. +func (s *RegisterClientInput) SetClientName(v string) *RegisterClientInput { + s.ClientName = &v + return s +} + +// SetClientType sets the ClientType field's value. +func (s *RegisterClientInput) SetClientType(v string) *RegisterClientInput { + s.ClientType = &v + return s +} + +// SetScopes sets the Scopes field's value. +func (s *RegisterClientInput) SetScopes(v []*string) *RegisterClientInput { + s.Scopes = v + return s +} + +type RegisterClientOutput struct { + _ struct{} `type:"structure"` + + // An endpoint that the client can use to request authorization. + AuthorizationEndpoint *string `locationName:"authorizationEndpoint" type:"string"` + + // The unique identifier string for each client. This client uses this identifier + // to get authenticated by the service in subsequent calls. + ClientId *string `locationName:"clientId" type:"string"` + + // Indicates the time at which the clientId and clientSecret were issued. + ClientIdIssuedAt *int64 `locationName:"clientIdIssuedAt" type:"long"` + + // A secret string generated for the client. The client will use this string + // to get authenticated by the service in subsequent calls. + // + // ClientSecret is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by RegisterClientOutput's + // String and GoString methods. + ClientSecret *string `locationName:"clientSecret" type:"string" sensitive:"true"` + + // Indicates the time at which the clientId and clientSecret will become invalid. + ClientSecretExpiresAt *int64 `locationName:"clientSecretExpiresAt" type:"long"` + + // An endpoint that the client can use to create tokens. + TokenEndpoint *string `locationName:"tokenEndpoint" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s RegisterClientOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s RegisterClientOutput) GoString() string { + return s.String() +} + +// SetAuthorizationEndpoint sets the AuthorizationEndpoint field's value. +func (s *RegisterClientOutput) SetAuthorizationEndpoint(v string) *RegisterClientOutput { + s.AuthorizationEndpoint = &v + return s +} + +// SetClientId sets the ClientId field's value. +func (s *RegisterClientOutput) SetClientId(v string) *RegisterClientOutput { + s.ClientId = &v + return s +} + +// SetClientIdIssuedAt sets the ClientIdIssuedAt field's value. +func (s *RegisterClientOutput) SetClientIdIssuedAt(v int64) *RegisterClientOutput { + s.ClientIdIssuedAt = &v + return s +} + +// SetClientSecret sets the ClientSecret field's value. +func (s *RegisterClientOutput) SetClientSecret(v string) *RegisterClientOutput { + s.ClientSecret = &v + return s +} + +// SetClientSecretExpiresAt sets the ClientSecretExpiresAt field's value. +func (s *RegisterClientOutput) SetClientSecretExpiresAt(v int64) *RegisterClientOutput { + s.ClientSecretExpiresAt = &v + return s +} + +// SetTokenEndpoint sets the TokenEndpoint field's value. +func (s *RegisterClientOutput) SetTokenEndpoint(v string) *RegisterClientOutput { + s.TokenEndpoint = &v + return s +} + +// Indicates that the client is making the request too frequently and is more +// than the service can handle. +type SlowDownException struct { + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` + + // Single error code. For this exception the value will be slow_down. + Error_ *string `locationName:"error" type:"string"` + + // Human-readable text providing additional information, used to assist the + // client developer in understanding the error that occurred. + Error_description *string `locationName:"error_description" type:"string"` + + Message_ *string `locationName:"message" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s SlowDownException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s SlowDownException) GoString() string { + return s.String() +} + +func newErrorSlowDownException(v protocol.ResponseMetadata) error { + return &SlowDownException{ + RespMetadata: v, + } +} + +// Code returns the exception type name. +func (s *SlowDownException) Code() string { + return "SlowDownException" +} + +// Message returns the exception's message. +func (s *SlowDownException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s *SlowDownException) OrigErr() error { + return nil +} + +func (s *SlowDownException) Error() string { + return fmt.Sprintf("%s: %s\n%s", s.Code(), s.Message(), s.String()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s *SlowDownException) StatusCode() int { + return s.RespMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s *SlowDownException) RequestID() string { + return s.RespMetadata.RequestID +} + +type StartDeviceAuthorizationInput struct { + _ struct{} `type:"structure"` + + // The unique identifier string for the client that is registered with IAM Identity + // Center. This value should come from the persisted result of the RegisterClient + // API operation. + // + // ClientId is a required field + ClientId *string `locationName:"clientId" type:"string" required:"true"` + + // A secret string that is generated for the client. This value should come + // from the persisted result of the RegisterClient API operation. + // + // ClientSecret is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by StartDeviceAuthorizationInput's + // String and GoString methods. + // + // ClientSecret is a required field + ClientSecret *string `locationName:"clientSecret" type:"string" required:"true" sensitive:"true"` + + // The URL for the Amazon Web Services access portal. For more information, + // see Using the Amazon Web Services access portal (https://docs.aws.amazon.com/singlesignon/latest/userguide/using-the-portal.html) + // in the IAM Identity Center User Guide. + // + // StartUrl is a required field + StartUrl *string `locationName:"startUrl" type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s StartDeviceAuthorizationInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s StartDeviceAuthorizationInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *StartDeviceAuthorizationInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "StartDeviceAuthorizationInput"} + if s.ClientId == nil { + invalidParams.Add(request.NewErrParamRequired("ClientId")) + } + if s.ClientSecret == nil { + invalidParams.Add(request.NewErrParamRequired("ClientSecret")) + } + if s.StartUrl == nil { + invalidParams.Add(request.NewErrParamRequired("StartUrl")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetClientId sets the ClientId field's value. +func (s *StartDeviceAuthorizationInput) SetClientId(v string) *StartDeviceAuthorizationInput { + s.ClientId = &v + return s +} + +// SetClientSecret sets the ClientSecret field's value. +func (s *StartDeviceAuthorizationInput) SetClientSecret(v string) *StartDeviceAuthorizationInput { + s.ClientSecret = &v + return s +} + +// SetStartUrl sets the StartUrl field's value. +func (s *StartDeviceAuthorizationInput) SetStartUrl(v string) *StartDeviceAuthorizationInput { + s.StartUrl = &v + return s +} + +type StartDeviceAuthorizationOutput struct { + _ struct{} `type:"structure"` + + // The short-lived code that is used by the device when polling for a session + // token. + DeviceCode *string `locationName:"deviceCode" type:"string"` + + // Indicates the number of seconds in which the verification code will become + // invalid. + ExpiresIn *int64 `locationName:"expiresIn" type:"integer"` + + // Indicates the number of seconds the client must wait between attempts when + // polling for a session. + Interval *int64 `locationName:"interval" type:"integer"` + + // A one-time user verification code. This is needed to authorize an in-use + // device. + UserCode *string `locationName:"userCode" type:"string"` + + // The URI of the verification page that takes the userCode to authorize the + // device. + VerificationUri *string `locationName:"verificationUri" type:"string"` + + // An alternate URL that the client can use to automatically launch a browser. + // This process skips the manual step in which the user visits the verification + // page and enters their code. + VerificationUriComplete *string `locationName:"verificationUriComplete" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s StartDeviceAuthorizationOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s StartDeviceAuthorizationOutput) GoString() string { + return s.String() +} + +// SetDeviceCode sets the DeviceCode field's value. +func (s *StartDeviceAuthorizationOutput) SetDeviceCode(v string) *StartDeviceAuthorizationOutput { + s.DeviceCode = &v + return s +} + +// SetExpiresIn sets the ExpiresIn field's value. +func (s *StartDeviceAuthorizationOutput) SetExpiresIn(v int64) *StartDeviceAuthorizationOutput { + s.ExpiresIn = &v + return s +} + +// SetInterval sets the Interval field's value. +func (s *StartDeviceAuthorizationOutput) SetInterval(v int64) *StartDeviceAuthorizationOutput { + s.Interval = &v + return s +} + +// SetUserCode sets the UserCode field's value. +func (s *StartDeviceAuthorizationOutput) SetUserCode(v string) *StartDeviceAuthorizationOutput { + s.UserCode = &v + return s +} + +// SetVerificationUri sets the VerificationUri field's value. +func (s *StartDeviceAuthorizationOutput) SetVerificationUri(v string) *StartDeviceAuthorizationOutput { + s.VerificationUri = &v + return s +} + +// SetVerificationUriComplete sets the VerificationUriComplete field's value. +func (s *StartDeviceAuthorizationOutput) SetVerificationUriComplete(v string) *StartDeviceAuthorizationOutput { + s.VerificationUriComplete = &v + return s +} + +// Indicates that the client is not currently authorized to make the request. +// This can happen when a clientId is not issued for a public client. +type UnauthorizedClientException struct { + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` + + // Single error code. For this exception the value will be unauthorized_client. + Error_ *string `locationName:"error" type:"string"` + + // Human-readable text providing additional information, used to assist the + // client developer in understanding the error that occurred. + Error_description *string `locationName:"error_description" type:"string"` + + Message_ *string `locationName:"message" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s UnauthorizedClientException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s UnauthorizedClientException) GoString() string { + return s.String() +} + +func newErrorUnauthorizedClientException(v protocol.ResponseMetadata) error { + return &UnauthorizedClientException{ + RespMetadata: v, + } +} + +// Code returns the exception type name. +func (s *UnauthorizedClientException) Code() string { + return "UnauthorizedClientException" +} + +// Message returns the exception's message. +func (s *UnauthorizedClientException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s *UnauthorizedClientException) OrigErr() error { + return nil +} + +func (s *UnauthorizedClientException) Error() string { + return fmt.Sprintf("%s: %s\n%s", s.Code(), s.Message(), s.String()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s *UnauthorizedClientException) StatusCode() int { + return s.RespMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s *UnauthorizedClientException) RequestID() string { + return s.RespMetadata.RequestID +} + +// Indicates that the grant type in the request is not supported by the service. +type UnsupportedGrantTypeException struct { + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` + + // Single error code. For this exception the value will be unsupported_grant_type. + Error_ *string `locationName:"error" type:"string"` + + // Human-readable text providing additional information, used to assist the + // client developer in understanding the error that occurred. + Error_description *string `locationName:"error_description" type:"string"` + + Message_ *string `locationName:"message" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s UnsupportedGrantTypeException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s UnsupportedGrantTypeException) GoString() string { + return s.String() +} + +func newErrorUnsupportedGrantTypeException(v protocol.ResponseMetadata) error { + return &UnsupportedGrantTypeException{ + RespMetadata: v, + } +} + +// Code returns the exception type name. +func (s *UnsupportedGrantTypeException) Code() string { + return "UnsupportedGrantTypeException" +} + +// Message returns the exception's message. +func (s *UnsupportedGrantTypeException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s *UnsupportedGrantTypeException) OrigErr() error { + return nil +} + +func (s *UnsupportedGrantTypeException) Error() string { + return fmt.Sprintf("%s: %s\n%s", s.Code(), s.Message(), s.String()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s *UnsupportedGrantTypeException) StatusCode() int { + return s.RespMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s *UnsupportedGrantTypeException) RequestID() string { + return s.RespMetadata.RequestID +} diff --git a/agent/vendor/github.com/aws/aws-sdk-go/service/ssooidc/doc.go b/agent/vendor/github.com/aws/aws-sdk-go/service/ssooidc/doc.go new file mode 100644 index 00000000000..083568c616f --- /dev/null +++ b/agent/vendor/github.com/aws/aws-sdk-go/service/ssooidc/doc.go @@ -0,0 +1,67 @@ +// Code generated by private/model/cli/gen-api/main.go. DO NOT EDIT. + +// Package ssooidc provides the client and types for making API +// requests to AWS SSO OIDC. +// +// IAM Identity Center OpenID Connect (OIDC) is a web service that enables a +// client (such as CLI or a native application) to register with IAM Identity +// Center. The service also enables the client to fetch the user’s access +// token upon successful authentication and authorization with IAM Identity +// Center. +// +// IAM Identity Center uses the sso and identitystore API namespaces. +// +// # Considerations for Using This Guide +// +// Before you begin using this guide, we recommend that you first review the +// following important information about how the IAM Identity Center OIDC service +// works. +// +// - The IAM Identity Center OIDC service currently implements only the portions +// of the OAuth 2.0 Device Authorization Grant standard (https://tools.ietf.org/html/rfc8628 +// (https://tools.ietf.org/html/rfc8628)) that are necessary to enable single +// sign-on authentication with the CLI. +// +// - With older versions of the CLI, the service only emits OIDC access tokens, +// so to obtain a new token, users must explicitly re-authenticate. To access +// the OIDC flow that supports token refresh and doesn’t require re-authentication, +// update to the latest CLI version (1.27.10 for CLI V1 and 2.9.0 for CLI +// V2) with support for OIDC token refresh and configurable IAM Identity +// Center session durations. For more information, see Configure Amazon Web +// Services access portal session duration (https://docs.aws.amazon.com/singlesignon/latest/userguide/configure-user-session.html). +// +// - The access tokens provided by this service grant access to all Amazon +// Web Services account entitlements assigned to an IAM Identity Center user, +// not just a particular application. +// +// - The documentation in this guide does not describe the mechanism to convert +// the access token into Amazon Web Services Auth (“sigv4”) credentials +// for use with IAM-protected Amazon Web Services service endpoints. For +// more information, see GetRoleCredentials (https://docs.aws.amazon.com/singlesignon/latest/PortalAPIReference/API_GetRoleCredentials.html) +// in the IAM Identity Center Portal API Reference Guide. +// +// For general information about IAM Identity Center, see What is IAM Identity +// Center? (https://docs.aws.amazon.com/singlesignon/latest/userguide/what-is.html) +// in the IAM Identity Center User Guide. +// +// See https://docs.aws.amazon.com/goto/WebAPI/sso-oidc-2019-06-10 for more information on this service. +// +// See ssooidc package documentation for more information. +// https://docs.aws.amazon.com/sdk-for-go/api/service/ssooidc/ +// +// # Using the Client +// +// To contact AWS SSO OIDC with the SDK use the New function to create +// a new service client. With that client you can make API requests to the service. +// These clients are safe to use concurrently. +// +// See the SDK's documentation for more information on how to use the SDK. +// https://docs.aws.amazon.com/sdk-for-go/api/ +// +// See aws.Config documentation for more information on configuring SDK clients. +// https://docs.aws.amazon.com/sdk-for-go/api/aws/#Config +// +// See the AWS SSO OIDC client SSOOIDC for more +// information on creating client for this service. +// https://docs.aws.amazon.com/sdk-for-go/api/service/ssooidc/#New +package ssooidc diff --git a/agent/vendor/github.com/aws/aws-sdk-go/service/ssooidc/errors.go b/agent/vendor/github.com/aws/aws-sdk-go/service/ssooidc/errors.go new file mode 100644 index 00000000000..e6242e4928d --- /dev/null +++ b/agent/vendor/github.com/aws/aws-sdk-go/service/ssooidc/errors.go @@ -0,0 +1,115 @@ +// Code generated by private/model/cli/gen-api/main.go. DO NOT EDIT. + +package ssooidc + +import ( + "github.com/aws/aws-sdk-go/private/protocol" +) + +const ( + + // ErrCodeAccessDeniedException for service response error code + // "AccessDeniedException". + // + // You do not have sufficient access to perform this action. + ErrCodeAccessDeniedException = "AccessDeniedException" + + // ErrCodeAuthorizationPendingException for service response error code + // "AuthorizationPendingException". + // + // Indicates that a request to authorize a client with an access user session + // token is pending. + ErrCodeAuthorizationPendingException = "AuthorizationPendingException" + + // ErrCodeExpiredTokenException for service response error code + // "ExpiredTokenException". + // + // Indicates that the token issued by the service is expired and is no longer + // valid. + ErrCodeExpiredTokenException = "ExpiredTokenException" + + // ErrCodeInternalServerException for service response error code + // "InternalServerException". + // + // Indicates that an error from the service occurred while trying to process + // a request. + ErrCodeInternalServerException = "InternalServerException" + + // ErrCodeInvalidClientException for service response error code + // "InvalidClientException". + // + // Indicates that the clientId or clientSecret in the request is invalid. For + // example, this can occur when a client sends an incorrect clientId or an expired + // clientSecret. + ErrCodeInvalidClientException = "InvalidClientException" + + // ErrCodeInvalidClientMetadataException for service response error code + // "InvalidClientMetadataException". + // + // Indicates that the client information sent in the request during registration + // is invalid. + ErrCodeInvalidClientMetadataException = "InvalidClientMetadataException" + + // ErrCodeInvalidGrantException for service response error code + // "InvalidGrantException". + // + // Indicates that a request contains an invalid grant. This can occur if a client + // makes a CreateToken request with an invalid grant type. + ErrCodeInvalidGrantException = "InvalidGrantException" + + // ErrCodeInvalidRequestException for service response error code + // "InvalidRequestException". + // + // Indicates that something is wrong with the input to the request. For example, + // a required parameter might be missing or out of range. + ErrCodeInvalidRequestException = "InvalidRequestException" + + // ErrCodeInvalidRequestRegionException for service response error code + // "InvalidRequestRegionException". + // + // Indicates that a token provided as input to the request was issued by and + // is only usable by calling IAM Identity Center endpoints in another region. + ErrCodeInvalidRequestRegionException = "InvalidRequestRegionException" + + // ErrCodeInvalidScopeException for service response error code + // "InvalidScopeException". + // + // Indicates that the scope provided in the request is invalid. + ErrCodeInvalidScopeException = "InvalidScopeException" + + // ErrCodeSlowDownException for service response error code + // "SlowDownException". + // + // Indicates that the client is making the request too frequently and is more + // than the service can handle. + ErrCodeSlowDownException = "SlowDownException" + + // ErrCodeUnauthorizedClientException for service response error code + // "UnauthorizedClientException". + // + // Indicates that the client is not currently authorized to make the request. + // This can happen when a clientId is not issued for a public client. + ErrCodeUnauthorizedClientException = "UnauthorizedClientException" + + // ErrCodeUnsupportedGrantTypeException for service response error code + // "UnsupportedGrantTypeException". + // + // Indicates that the grant type in the request is not supported by the service. + ErrCodeUnsupportedGrantTypeException = "UnsupportedGrantTypeException" +) + +var exceptionFromCode = map[string]func(protocol.ResponseMetadata) error{ + "AccessDeniedException": newErrorAccessDeniedException, + "AuthorizationPendingException": newErrorAuthorizationPendingException, + "ExpiredTokenException": newErrorExpiredTokenException, + "InternalServerException": newErrorInternalServerException, + "InvalidClientException": newErrorInvalidClientException, + "InvalidClientMetadataException": newErrorInvalidClientMetadataException, + "InvalidGrantException": newErrorInvalidGrantException, + "InvalidRequestException": newErrorInvalidRequestException, + "InvalidRequestRegionException": newErrorInvalidRequestRegionException, + "InvalidScopeException": newErrorInvalidScopeException, + "SlowDownException": newErrorSlowDownException, + "UnauthorizedClientException": newErrorUnauthorizedClientException, + "UnsupportedGrantTypeException": newErrorUnsupportedGrantTypeException, +} diff --git a/agent/vendor/github.com/aws/aws-sdk-go/service/ssooidc/service.go b/agent/vendor/github.com/aws/aws-sdk-go/service/ssooidc/service.go new file mode 100644 index 00000000000..782bae3692d --- /dev/null +++ b/agent/vendor/github.com/aws/aws-sdk-go/service/ssooidc/service.go @@ -0,0 +1,106 @@ +// Code generated by private/model/cli/gen-api/main.go. DO NOT EDIT. + +package ssooidc + +import ( + "github.com/aws/aws-sdk-go/aws" + "github.com/aws/aws-sdk-go/aws/client" + "github.com/aws/aws-sdk-go/aws/client/metadata" + "github.com/aws/aws-sdk-go/aws/request" + "github.com/aws/aws-sdk-go/aws/signer/v4" + "github.com/aws/aws-sdk-go/private/protocol" + "github.com/aws/aws-sdk-go/private/protocol/restjson" +) + +// SSOOIDC provides the API operation methods for making requests to +// AWS SSO OIDC. See this package's package overview docs +// for details on the service. +// +// SSOOIDC methods are safe to use concurrently. It is not safe to +// modify mutate any of the struct's properties though. +type SSOOIDC struct { + *client.Client +} + +// Used for custom client initialization logic +var initClient func(*client.Client) + +// Used for custom request initialization logic +var initRequest func(*request.Request) + +// Service information constants +const ( + ServiceName = "SSO OIDC" // Name of service. + EndpointsID = "oidc" // ID to lookup a service endpoint with. + ServiceID = "SSO OIDC" // ServiceID is a unique identifier of a specific service. +) + +// New creates a new instance of the SSOOIDC client with a session. +// If additional configuration is needed for the client instance use the optional +// aws.Config parameter to add your extra config. +// +// Example: +// +// mySession := session.Must(session.NewSession()) +// +// // Create a SSOOIDC client from just a session. +// svc := ssooidc.New(mySession) +// +// // Create a SSOOIDC client with additional configuration +// svc := ssooidc.New(mySession, aws.NewConfig().WithRegion("us-west-2")) +func New(p client.ConfigProvider, cfgs ...*aws.Config) *SSOOIDC { + c := p.ClientConfig(EndpointsID, cfgs...) + if c.SigningNameDerived || len(c.SigningName) == 0 { + c.SigningName = "sso-oauth" + } + return newClient(*c.Config, c.Handlers, c.PartitionID, c.Endpoint, c.SigningRegion, c.SigningName, c.ResolvedRegion) +} + +// newClient creates, initializes and returns a new service client instance. +func newClient(cfg aws.Config, handlers request.Handlers, partitionID, endpoint, signingRegion, signingName, resolvedRegion string) *SSOOIDC { + svc := &SSOOIDC{ + Client: client.New( + cfg, + metadata.ClientInfo{ + ServiceName: ServiceName, + ServiceID: ServiceID, + SigningName: signingName, + SigningRegion: signingRegion, + PartitionID: partitionID, + Endpoint: endpoint, + APIVersion: "2019-06-10", + ResolvedRegion: resolvedRegion, + }, + handlers, + ), + } + + // Handlers + svc.Handlers.Sign.PushBackNamed(v4.SignRequestHandler) + svc.Handlers.Build.PushBackNamed(restjson.BuildHandler) + svc.Handlers.Unmarshal.PushBackNamed(restjson.UnmarshalHandler) + svc.Handlers.UnmarshalMeta.PushBackNamed(restjson.UnmarshalMetaHandler) + svc.Handlers.UnmarshalError.PushBackNamed( + protocol.NewUnmarshalErrorHandler(restjson.NewUnmarshalTypedError(exceptionFromCode)).NamedHandler(), + ) + + // Run custom client initialization if present + if initClient != nil { + initClient(svc.Client) + } + + return svc +} + +// newRequest creates a new request for a SSOOIDC operation and runs any +// custom request initialization. +func (c *SSOOIDC) newRequest(op *request.Operation, params, data interface{}) *request.Request { + req := c.NewRequest(op, params, data) + + // Run custom request initialization if present + if initRequest != nil { + initRequest(req) + } + + return req +} diff --git a/agent/vendor/github.com/aws/aws-sdk-go/service/sts/api.go b/agent/vendor/github.com/aws/aws-sdk-go/service/sts/api.go index c0706bec93d..2c395f5f673 100644 --- a/agent/vendor/github.com/aws/aws-sdk-go/service/sts/api.go +++ b/agent/vendor/github.com/aws/aws-sdk-go/service/sts/api.go @@ -56,12 +56,11 @@ func (c *STS) AssumeRoleRequest(input *AssumeRoleInput) (req *request.Request, o // AssumeRole API operation for AWS Security Token Service. // // Returns a set of temporary security credentials that you can use to access -// Amazon Web Services resources that you might not normally have access to. -// These temporary credentials consist of an access key ID, a secret access -// key, and a security token. Typically, you use AssumeRole within your account -// or for cross-account access. For a comparison of AssumeRole with other API -// operations that produce temporary credentials, see Requesting Temporary Security -// Credentials (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html) +// Amazon Web Services resources. These temporary credentials consist of an +// access key ID, a secret access key, and a security token. Typically, you +// use AssumeRole within your account or for cross-account access. For a comparison +// of AssumeRole with other API operations that produce temporary credentials, +// see Requesting Temporary Security Credentials (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html) // and Comparing the Amazon Web Services STS API operations (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#stsapi_comparison) // in the IAM User Guide. // @@ -86,9 +85,9 @@ func (c *STS) AssumeRoleRequest(input *AssumeRoleInput) (req *request.Request, o // assumed. For more information, see Session Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session) // in the IAM User Guide. // -// When you create a role, you create two policies: A role trust policy that -// specifies who can assume the role and a permissions policy that specifies -// what can be done with the role. You specify the trusted principal who is +// When you create a role, you create two policies: a role trust policy that +// specifies who can assume the role, and a permissions policy that specifies +// what can be done with the role. You specify the trusted principal that is // allowed to assume the role in the role trust policy. // // To assume a role from a different account, your Amazon Web Services account @@ -97,9 +96,9 @@ func (c *STS) AssumeRoleRequest(input *AssumeRoleInput) (req *request.Request, o // are allowed to delegate that access to users in the account. // // A user who wants to access a role in a different account must also have permissions -// that are delegated from the user account administrator. The administrator -// must attach a policy that allows the user to call AssumeRole for the ARN -// of the role in the other account. +// that are delegated from the account administrator. The administrator must +// attach a policy that allows the user to call AssumeRole for the ARN of the +// role in the other account. // // To allow a user to assume a role in the same account, you can do either of // the following: @@ -518,10 +517,8 @@ func (c *STS) AssumeRoleWithWebIdentityRequest(input *AssumeRoleWithWebIdentityI // a user. You can also supply the user with a consistent identity throughout // the lifetime of an application. // -// To learn more about Amazon Cognito, see Amazon Cognito Overview (https://docs.aws.amazon.com/mobile/sdkforandroid/developerguide/cognito-auth.html#d0e840) -// in Amazon Web Services SDK for Android Developer Guide and Amazon Cognito -// Overview (https://docs.aws.amazon.com/mobile/sdkforios/developerguide/cognito-auth.html#d0e664) -// in the Amazon Web Services SDK for iOS Developer Guide. +// To learn more about Amazon Cognito, see Amazon Cognito identity pools (https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-identity.html) +// in Amazon Cognito Developer Guide. // // Calling AssumeRoleWithWebIdentity does not require the use of Amazon Web // Services security credentials. Therefore, you can distribute an application @@ -985,11 +982,11 @@ func (c *STS) GetCallerIdentityRequest(input *GetCallerIdentityInput) (req *requ // call the operation. // // No permissions are required to perform this operation. If an administrator -// adds a policy to your IAM user or role that explicitly denies access to the -// sts:GetCallerIdentity action, you can still perform this operation. Permissions -// are not required because the same information is returned when an IAM user -// or role is denied access. To view an example response, see I Am Not Authorized -// to Perform: iam:DeleteVirtualMFADevice (https://docs.aws.amazon.com/IAM/latest/UserGuide/troubleshoot_general.html#troubleshoot_general_access-denied-delete-mfa) +// attaches a policy to your identity that explicitly denies access to the sts:GetCallerIdentity +// action, you can still perform this operation. Permissions are not required +// because the same information is returned when access is denied. To view an +// example response, see I Am Not Authorized to Perform: iam:DeleteVirtualMFADevice +// (https://docs.aws.amazon.com/IAM/latest/UserGuide/troubleshoot_general.html#troubleshoot_general_access-denied-delete-mfa) // in the IAM User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -1064,18 +1061,26 @@ func (c *STS) GetFederationTokenRequest(input *GetFederationTokenInput) (req *re // GetFederationToken API operation for AWS Security Token Service. // // Returns a set of temporary security credentials (consisting of an access -// key ID, a secret access key, and a security token) for a federated user. -// A typical use is in a proxy application that gets temporary security credentials -// on behalf of distributed applications inside a corporate network. You must -// call the GetFederationToken operation using the long-term security credentials -// of an IAM user. As a result, this call is appropriate in contexts where those -// credentials can be safely stored, usually in a server-based application. +// key ID, a secret access key, and a security token) for a user. A typical +// use is in a proxy application that gets temporary security credentials on +// behalf of distributed applications inside a corporate network. +// +// You must call the GetFederationToken operation using the long-term security +// credentials of an IAM user. As a result, this call is appropriate in contexts +// where those credentials can be safeguarded, usually in a server-based application. // For a comparison of GetFederationToken with the other API operations that // produce temporary credentials, see Requesting Temporary Security Credentials // (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html) // and Comparing the Amazon Web Services STS API operations (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#stsapi_comparison) // in the IAM User Guide. // +// Although it is possible to call GetFederationToken using the security credentials +// of an Amazon Web Services account root user rather than an IAM user that +// you create for the purpose of a proxy application, we do not recommend it. +// For more information, see Safeguard your root user credentials and don't +// use them for everyday tasks (https://docs.aws.amazon.com/IAM/latest/UserGuide/best-practices.html#lock-away-credentials) +// in the IAM User Guide. +// // You can create a mobile-based or browser-based app that can authenticate // users using a web identity provider like Login with Amazon, Facebook, Google, // or an OpenID Connect-compatible identity provider. In this case, we recommend @@ -1084,32 +1089,26 @@ func (c *STS) GetFederationTokenRequest(input *GetFederationTokenInput) (req *re // (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#api_assumerolewithwebidentity) // in the IAM User Guide. // -// You can also call GetFederationToken using the security credentials of an -// Amazon Web Services account root user, but we do not recommend it. Instead, -// we recommend that you create an IAM user for the purpose of the proxy application. -// Then attach a policy to the IAM user that limits federated users to only -// the actions and resources that they need to access. For more information, -// see IAM Best Practices (https://docs.aws.amazon.com/IAM/latest/UserGuide/best-practices.html) -// in the IAM User Guide. -// // # Session duration // // The temporary credentials are valid for the specified duration, from 900 // seconds (15 minutes) up to a maximum of 129,600 seconds (36 hours). The default // session duration is 43,200 seconds (12 hours). Temporary credentials obtained -// by using the Amazon Web Services account root user credentials have a maximum -// duration of 3,600 seconds (1 hour). +// by using the root user credentials have a maximum duration of 3,600 seconds +// (1 hour). // // # Permissions // // You can use the temporary credentials created by GetFederationToken in any -// Amazon Web Services service except the following: +// Amazon Web Services service with the following exceptions: // // - You cannot call any IAM operations using the CLI or the Amazon Web Services -// API. +// API. This limitation does not apply to console sessions. // // - You cannot call any STS operations except GetCallerIdentity. // +// You can use temporary credentials for single sign-on (SSO) to the console. +// // You must pass an inline or managed session policy (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session) // to this operation. You can pass a single JSON policy document to use as an // inline session policy. You can also specify up to 10 managed policy Amazon @@ -1266,12 +1265,13 @@ func (c *STS) GetSessionTokenRequest(input *GetSessionTokenInput) (req *request. // or IAM user. The credentials consist of an access key ID, a secret access // key, and a security token. Typically, you use GetSessionToken if you want // to use MFA to protect programmatic calls to specific Amazon Web Services -// API operations like Amazon EC2 StopInstances. MFA-enabled IAM users would -// need to call GetSessionToken and submit an MFA code that is associated with -// their MFA device. Using the temporary security credentials that are returned -// from the call, IAM users can then make programmatic calls to API operations -// that require MFA authentication. If you do not supply a correct MFA code, -// then the API returns an access denied error. For a comparison of GetSessionToken +// API operations like Amazon EC2 StopInstances. +// +// MFA-enabled IAM users must call GetSessionToken and submit an MFA code that +// is associated with their MFA device. Using the temporary security credentials +// that the call returns, IAM users can then make programmatic calls to API +// operations that require MFA authentication. An incorrect MFA code causes +// the API to return an access denied error. For a comparison of GetSessionToken // with the other API operations that produce temporary credentials, see Requesting // Temporary Security Credentials (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html) // and Comparing the Amazon Web Services STS API operations (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#stsapi_comparison) @@ -1286,13 +1286,12 @@ func (c *STS) GetSessionTokenRequest(input *GetSessionTokenInput) (req *request. // # Session Duration // // The GetSessionToken operation must be called by using the long-term Amazon -// Web Services security credentials of the Amazon Web Services account root -// user or an IAM user. Credentials that are created by IAM users are valid -// for the duration that you specify. This duration can range from 900 seconds -// (15 minutes) up to a maximum of 129,600 seconds (36 hours), with a default -// of 43,200 seconds (12 hours). Credentials based on account credentials can -// range from 900 seconds (15 minutes) up to 3,600 seconds (1 hour), with a -// default of 1 hour. +// Web Services security credentials of an IAM user. Credentials that are created +// by IAM users are valid for the duration that you specify. This duration can +// range from 900 seconds (15 minutes) up to a maximum of 129,600 seconds (36 +// hours), with a default of 43,200 seconds (12 hours). Credentials based on +// account credentials can range from 900 seconds (15 minutes) up to 3,600 seconds +// (1 hour), with a default of 1 hour. // // # Permissions // @@ -1304,20 +1303,20 @@ func (c *STS) GetSessionTokenRequest(input *GetSessionTokenInput) (req *request. // // - You cannot call any STS API except AssumeRole or GetCallerIdentity. // -// We recommend that you do not call GetSessionToken with Amazon Web Services -// account root user credentials. Instead, follow our best practices (https://docs.aws.amazon.com/IAM/latest/UserGuide/best-practices.html#create-iam-users) -// by creating one or more IAM users, giving them the necessary permissions, -// and using IAM users for everyday interaction with Amazon Web Services. +// The credentials that GetSessionToken returns are based on permissions associated +// with the IAM user whose credentials were used to call the operation. The +// temporary credentials have the same permissions as the IAM user. // -// The credentials that are returned by GetSessionToken are based on permissions -// associated with the user whose credentials were used to call the operation. -// If GetSessionToken is called using Amazon Web Services account root user -// credentials, the temporary credentials have root user permissions. Similarly, -// if GetSessionToken is called using the credentials of an IAM user, the temporary -// credentials have the same permissions as the IAM user. +// Although it is possible to call GetSessionToken using the security credentials +// of an Amazon Web Services account root user rather than an IAM user, we do +// not recommend it. If GetSessionToken is called using root user credentials, +// the temporary credentials have root user permissions. For more information, +// see Safeguard your root user credentials and don't use them for everyday +// tasks (https://docs.aws.amazon.com/IAM/latest/UserGuide/best-practices.html#lock-away-credentials) +// in the IAM User Guide // // For more information about using GetSessionToken to create temporary credentials, -// go to Temporary Credentials for Users in Untrusted Environments (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#api_getsessiontoken) +// see Temporary Credentials for Users in Untrusted Environments (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#api_getsessiontoken) // in the IAM User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -1461,6 +1460,17 @@ type AssumeRoleInput struct { // in the IAM User Guide. PolicyArns []*PolicyDescriptorType `type:"list"` + // A list of previously acquired trusted context assertions in the format of + // a JSON array. The trusted context assertion is signed and encrypted by Amazon + // Web Services STS. + // + // The following is an example of a ProvidedContext value that includes a single + // trusted context assertion and the ARN of the context provider from which + // the trusted context assertion was generated. + // + // [{"ProviderArn":"arn:aws:iam::aws:contextProvider/IdentityCenter","ContextAssertion":"trusted-context-assertion"}] + ProvidedContexts []*ProvidedContext `type:"list"` + // The Amazon Resource Name (ARN) of the role to assume. // // RoleArn is a required field @@ -1634,6 +1644,16 @@ func (s *AssumeRoleInput) Validate() error { } } } + if s.ProvidedContexts != nil { + for i, v := range s.ProvidedContexts { + if v == nil { + continue + } + if err := v.Validate(); err != nil { + invalidParams.AddNested(fmt.Sprintf("%s[%v]", "ProvidedContexts", i), err.(request.ErrInvalidParams)) + } + } + } if s.Tags != nil { for i, v := range s.Tags { if v == nil { @@ -1675,6 +1695,12 @@ func (s *AssumeRoleInput) SetPolicyArns(v []*PolicyDescriptorType) *AssumeRoleIn return s } +// SetProvidedContexts sets the ProvidedContexts field's value. +func (s *AssumeRoleInput) SetProvidedContexts(v []*ProvidedContext) *AssumeRoleInput { + s.ProvidedContexts = v + return s +} + // SetRoleArn sets the RoleArn field's value. func (s *AssumeRoleInput) SetRoleArn(v string) *AssumeRoleInput { s.RoleArn = &v @@ -1899,8 +1925,12 @@ type AssumeRoleWithSAMLInput struct { // For more information, see Configuring a Relying Party and Adding Claims (https://docs.aws.amazon.com/IAM/latest/UserGuide/create-role-saml-IdP-tasks.html) // in the IAM User Guide. // + // SAMLAssertion is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by AssumeRoleWithSAMLInput's + // String and GoString methods. + // // SAMLAssertion is a required field - SAMLAssertion *string `min:"4" type:"string" required:"true"` + SAMLAssertion *string `min:"4" type:"string" required:"true" sensitive:"true"` } // String returns the string representation. @@ -2035,7 +2065,7 @@ type AssumeRoleWithSAMLOutput struct { // IAM. // // The combination of NameQualifier and Subject can be used to uniquely identify - // a federated user. + // a user. // // The following pseudocode shows how the hash value is calculated: // @@ -2263,10 +2293,15 @@ type AssumeRoleWithWebIdentityInput struct { // The OAuth 2.0 access token or OpenID Connect ID token that is provided by // the identity provider. Your application must get this token by authenticating // the user who is using your application with a web identity provider before - // the application makes an AssumeRoleWithWebIdentity call. + // the application makes an AssumeRoleWithWebIdentity call. Only tokens with + // RSA algorithms (RS256) are supported. + // + // WebIdentityToken is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by AssumeRoleWithWebIdentityInput's + // String and GoString methods. // // WebIdentityToken is a required field - WebIdentityToken *string `min:"4" type:"string" required:"true"` + WebIdentityToken *string `min:"4" type:"string" required:"true" sensitive:"true"` } // String returns the string representation. @@ -2572,8 +2607,12 @@ type Credentials struct { // The secret access key that can be used to sign requests. // + // SecretAccessKey is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by Credentials's + // String and GoString methods. + // // SecretAccessKey is a required field - SecretAccessKey *string `type:"string" required:"true"` + SecretAccessKey *string `type:"string" required:"true" sensitive:"true"` // The token that users must pass to the service API to use the temporary credentials. // @@ -2921,10 +2960,9 @@ type GetFederationTokenInput struct { // The duration, in seconds, that the session should last. Acceptable durations // for federation sessions range from 900 seconds (15 minutes) to 129,600 seconds // (36 hours), with 43,200 seconds (12 hours) as the default. Sessions obtained - // using Amazon Web Services account root user credentials are restricted to - // a maximum of 3,600 seconds (one hour). If the specified duration is longer - // than one hour, the session obtained by using root user credentials defaults - // to one hour. + // using root user credentials are restricted to a maximum of 3,600 seconds + // (one hour). If the specified duration is longer than one hour, the session + // obtained by using root user credentials defaults to one hour. DurationSeconds *int64 `min:"900" type:"integer"` // The name of the federated user. The name is used as an identifier for the @@ -3375,6 +3413,67 @@ func (s *PolicyDescriptorType) SetArn(v string) *PolicyDescriptorType { return s } +// Contains information about the provided context. This includes the signed +// and encrypted trusted context assertion and the context provider ARN from +// which the trusted context assertion was generated. +type ProvidedContext struct { + _ struct{} `type:"structure"` + + // The signed and encrypted trusted context assertion generated by the context + // provider. The trusted context assertion is signed and encrypted by Amazon + // Web Services STS. + ContextAssertion *string `min:"4" type:"string"` + + // The context provider ARN from which the trusted context assertion was generated. + ProviderArn *string `min:"20" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ProvidedContext) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ProvidedContext) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *ProvidedContext) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "ProvidedContext"} + if s.ContextAssertion != nil && len(*s.ContextAssertion) < 4 { + invalidParams.Add(request.NewErrParamMinLen("ContextAssertion", 4)) + } + if s.ProviderArn != nil && len(*s.ProviderArn) < 20 { + invalidParams.Add(request.NewErrParamMinLen("ProviderArn", 20)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetContextAssertion sets the ContextAssertion field's value. +func (s *ProvidedContext) SetContextAssertion(v string) *ProvidedContext { + s.ContextAssertion = &v + return s +} + +// SetProviderArn sets the ProviderArn field's value. +func (s *ProvidedContext) SetProviderArn(v string) *ProvidedContext { + s.ProviderArn = &v + return s +} + // You can pass custom key-value pair attributes when you assume a role or federate // a user. These are called session tags. You can then use the session tags // to control access to resources. For more information, see Tagging Amazon diff --git a/agent/vendor/github.com/aws/aws-sdk-go/service/sts/doc.go b/agent/vendor/github.com/aws/aws-sdk-go/service/sts/doc.go index c40f5a2a52b..ea1d9eb0ccf 100644 --- a/agent/vendor/github.com/aws/aws-sdk-go/service/sts/doc.go +++ b/agent/vendor/github.com/aws/aws-sdk-go/service/sts/doc.go @@ -4,10 +4,9 @@ // requests to AWS Security Token Service. // // Security Token Service (STS) enables you to request temporary, limited-privilege -// credentials for Identity and Access Management (IAM) users or for users that -// you authenticate (federated users). This guide provides descriptions of the -// STS API. For more information about using this service, see Temporary Security -// Credentials (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp.html). +// credentials for users. This guide provides descriptions of the STS API. For +// more information about using this service, see Temporary Security Credentials +// (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp.html). // // See https://docs.aws.amazon.com/goto/WebAPI/sts-2011-06-15 for more information on this service. // diff --git a/agent/vendor/modules.txt b/agent/vendor/modules.txt index 7a0c2d1c6e4..8cb0ed9d640 100644 --- a/agent/vendor/modules.txt +++ b/agent/vendor/modules.txt @@ -76,10 +76,11 @@ github.com/aws/amazon-ecs-agent/ecs-agent/utils/ttime/mocks github.com/aws/amazon-ecs-agent/ecs-agent/wsclient github.com/aws/amazon-ecs-agent/ecs-agent/wsclient/mock github.com/aws/amazon-ecs-agent/ecs-agent/wsclient/wsconn -# github.com/aws/aws-sdk-go v1.44.173 -## explicit; go 1.11 +# github.com/aws/aws-sdk-go v1.51.3 +## explicit; go 1.19 github.com/aws/aws-sdk-go/aws github.com/aws/aws-sdk-go/aws/arn +github.com/aws/aws-sdk-go/aws/auth/bearer github.com/aws/aws-sdk-go/aws/awserr github.com/aws/aws-sdk-go/aws/awsutil github.com/aws/aws-sdk-go/aws/client @@ -136,6 +137,7 @@ github.com/aws/aws-sdk-go/service/secretsmanager/secretsmanageriface github.com/aws/aws-sdk-go/service/ssm github.com/aws/aws-sdk-go/service/sso github.com/aws/aws-sdk-go/service/sso/ssoiface +github.com/aws/aws-sdk-go/service/ssooidc github.com/aws/aws-sdk-go/service/sts github.com/aws/aws-sdk-go/service/sts/stsiface # github.com/awslabs/go-config-generator-for-fluentd-and-fluentbit v0.0.0-20210308162251-8959c62cb8f9 diff --git a/ecs-agent/go.mod b/ecs-agent/go.mod index 44e4a69d2f8..687e706d039 100644 --- a/ecs-agent/go.mod +++ b/ecs-agent/go.mod @@ -4,7 +4,7 @@ go 1.19 require ( github.com/Microsoft/hcsshim v0.9.9 - github.com/aws/aws-sdk-go v1.44.173 + github.com/aws/aws-sdk-go v1.51.3 github.com/cihub/seelog v0.0.0-20170130134532-f561c5e57575 github.com/container-storage-interface/spec v1.8.0 github.com/containernetworking/cni v1.1.2 diff --git a/ecs-agent/go.sum b/ecs-agent/go.sum index 2187b4fd8be..f4d0d8ba6e9 100644 --- a/ecs-agent/go.sum +++ b/ecs-agent/go.sum @@ -76,8 +76,8 @@ github.com/antihax/optional v1.0.0/go.mod h1:uupD/76wgC+ih3iEmQUL+0Ugr19nfwCT1kd github.com/armon/consul-api v0.0.0-20180202201655-eb2c6b5be1b6/go.mod h1:grANhF5doyWs3UAsr3K4I6qtAmlQcZDesFNEHPZAzj8= github.com/asaskevich/govalidator v0.0.0-20190424111038-f61b66f89f4a/go.mod h1:lB+ZfQJz7igIIfQNfa7Ml4HSf2uFQQRzpGGRXenZAgY= github.com/aws/aws-sdk-go v1.15.11/go.mod h1:mFuSZ37Z9YOHbQEwBWztmVzqXrEkub65tZoCYDt7FT0= -github.com/aws/aws-sdk-go v1.44.173 h1:8kXIxvQnBpGhmR3Eof6SnCKgR0q5/L/3Qbv9vAC5wic= -github.com/aws/aws-sdk-go v1.44.173/go.mod h1:aVsgQcEevwlmQ7qHE9I3h+dtQgpqhFB+i8Phjh7fkwI= +github.com/aws/aws-sdk-go v1.51.3 h1:OqSyEXcJwf/XhZNVpMRgKlLA9nmbo5X8dwbll4RWxq8= +github.com/aws/aws-sdk-go v1.51.3/go.mod h1:LF8svs817+Nz+DmiMQKTO3ubZ/6IaTpq3TjupRn3Eqk= github.com/beorn7/perks v0.0.0-20160804104726-4c0e84591b9a/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q= github.com/beorn7/perks v0.0.0-20180321164747-3a771d992973/go.mod h1:Dwedo/Wpr24TaqPxmxbtue+5NUziq4I4S80YR8gNf3Q= github.com/beorn7/perks v1.0.0/go.mod h1:KWe93zE9D1o94FZ5RNwFwVgaQK1VOXiVxmqh+CedLV8= @@ -704,7 +704,6 @@ github.com/xordataexchange/crypt v0.0.3-0.20170626215501-b2862e3d0a77/go.mod h1: github.com/yuin/goldmark v1.1.27/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.2.1/go.mod h1:3hX8gzYuyVAZsxl0MRgGTJEmQBFcNTphYh9decYSb74= github.com/yuin/goldmark v1.3.5/go.mod h1:mwnBkeHKe2W/ZEtQ+71ViKU8L12m81fl3OWwC1Zlc8k= -github.com/yuin/goldmark v1.4.13/go.mod h1:6yULJ656Px+3vBD8DxQVa3kxgyrAnzto9xy5taEt/CY= github.com/yvasiyarov/go-metrics v0.0.0-20140926110328-57bccd1ccd43/go.mod h1:aX5oPXxHm3bOH+xeAttToC8pqch2ScQN/JoXYupl6xs= github.com/yvasiyarov/gorelic v0.0.0-20141212073537-a9bba5b9ab50/go.mod h1:NUSPSUX/bi6SeDMUh6brw0nXpxHnc96TguQh0+r/ssA= github.com/yvasiyarov/newrelic_platform_go v0.0.0-20140908184405-b21fdbd4370f/go.mod h1:GlGEuHIJweS1mbCqG+7vt2nvWLzLLnRHbXz5JKd/Qbg= @@ -739,7 +738,6 @@ golang.org/x/crypto v0.0.0-20200622213623-75b288015ac9/go.mod h1:LzIPMQfyMNhhGPh golang.org/x/crypto v0.0.0-20200728195943-123391ffb6de/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/crypto v0.0.0-20201002170205-7f63de1d35b0/go.mod h1:LzIPMQfyMNhhGPhUkYOs5KpL4U8rLKemX1yGLhDgUto= golang.org/x/crypto v0.0.0-20210322153248-0c34fe9e7dc2/go.mod h1:T9bdIzuCu7OtxOm1hfPfRQxPLYneinmdGuTeoZ9dtd4= -golang.org/x/crypto v0.0.0-20210921155107-089bfa567519/go.mod h1:GvvjBRRGRdwPK5ydBHafDWAxML/pGHZbMvKqRZ5+Abc= golang.org/x/exp v0.0.0-20190121172915-509febef88a4/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190306152737-a1d7652674e8/go.mod h1:CJ0aWSM057203Lf6IL+f9T1iT9GByDxfZKAQTCR3kQA= golang.org/x/exp v0.0.0-20190510132918-efd6b22b2522/go.mod h1:ZjyILWgesfNpC6sMxTJOJm9Kp84zZh5NQWvqDGG3Qr8= @@ -771,7 +769,6 @@ golang.org/x/mod v0.1.1-0.20191107180719-034126e5016b/go.mod h1:QqPTAvyqsEbceGzB golang.org/x/mod v0.2.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.3.0/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= golang.org/x/mod v0.4.2/go.mod h1:s0Qsj1ACt9ePp/hMypM3fl4fZqREWJwdYDEqhRiZZUA= -golang.org/x/mod v0.6.0-dev.0.20220419223038-86c51ed26bb4/go.mod h1:jJ57K6gSWd91VN4djpZkiMVwK6gcyfeH4XE8wZrZaV4= golang.org/x/mod v0.10.0 h1:lFO9qtOdlre5W1jxS3r/4szv2/6iXxScdzjoBMXNhYk= golang.org/x/mod v0.10.0/go.mod h1:iBbtSCu2XBx23ZKBPSOrRkjjQPZFPuis4dIYUhu/chs= golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= @@ -816,8 +813,6 @@ golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96bSt6lcn1PtDYWL6XObtHCRCNQM= golang.org/x/net v0.0.0-20210428140749-89ef3d95e781/go.mod h1:OJAsFXCWl8Ukc7SiCT/9KSuxbyM7479/AVlXFRxuMCk= golang.org/x/net v0.0.0-20210825183410-e898025ed96a/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y= -golang.org/x/net v0.0.0-20220722155237-a158d28d115b/go.mod h1:XRhObCWvk6IyKnWLug+ECip1KBveYUHfp+8e9klMJ9c= -golang.org/x/net v0.1.0/go.mod h1:Cx3nUiGt4eDBEyega/BKRp+/AlGL8hYe7U9odMt2Cco= golang.org/x/net v0.17.0 h1:pVaXccu2ozPjCXewfr1S7xza/zcXTity9cCdXQYSjIM= golang.org/x/net v0.17.0/go.mod h1:NxSsAGuq816PNPmqtQdLE42eU2Fs7NoRIZrHJAlaCOE= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= @@ -836,7 +831,6 @@ golang.org/x/sync v0.0.0-20200625203802-6e8e738ad208/go.mod h1:RxMgew5VJxzue5/jJ golang.org/x/sync v0.0.0-20201020160332-67f06af15bc9/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20201207232520-09787c993a3a/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20210220032951-036812b2e83c/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= -golang.org/x/sync v0.0.0-20220722155255-886fb9371eb4/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.1.0 h1:wsuoTGHzEhffawBOhz5CYhcrV4IdKZbEyZjBMuTp12o= golang.org/x/sys v0.0.0-20180830151530-49385e6e1522/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= golang.org/x/sys v0.0.0-20180905080454-ebe1bf3edb33/go.mod h1:STP8DvDyc/dI5b8T5hshtkjS+E42TnysNCUPdjciGhY= @@ -906,17 +900,11 @@ golang.org/x/sys v0.0.0-20210330210617-4fbd30eecc44/go.mod h1:h1NjWce9XRLGQEsW7w golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210426230700-d19ff857e887/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20210510120138-977fb7262007/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20210615035016-665e8c7367d1/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20211216021012-1d35b9e2eb4e/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.0.0-20220722155257-8c9f86f7a55f/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.1.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.13.0 h1:Af8nKPmuFypiUBjVoU9V20FiaFXOcuZI21p0ycVYYGE= golang.org/x/sys v0.13.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= -golang.org/x/term v0.0.0-20210927222741-03fcf44c2211/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= -golang.org/x/term v0.1.0/go.mod h1:jbD1KX2456YbFQfuXm/mYQcufACuNUgVhRMnK/tPxf8= golang.org/x/text v0.0.0-20170915032832-14c0d48ead0c/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.1-0.20180807135948-17ff2d5776d2/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= @@ -924,8 +912,6 @@ golang.org/x/text v0.3.2/go.mod h1:bEr9sfX3Q8Zfm5fL9x+3itogRgK3+ptLWKqgva+5dAk= golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.4/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= golang.org/x/text v0.3.6/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= -golang.org/x/text v0.3.7/go.mod h1:u+2+/6zg+i71rQMx5EYifcz6MCKuco9NR6JIITiCfzQ= -golang.org/x/text v0.4.0/go.mod h1:mrYo+phRRbMaCq/xk9113O4dZlRixOauAjOtrjsXDZ8= golang.org/x/text v0.13.0 h1:ablQoSUd0tRdKxZewP80B+BaqeKJuVhuRxj/dkrun3k= golang.org/x/text v0.13.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE= golang.org/x/time v0.0.0-20180412165947-fbb02b2291d2/go.mod h1:tRJNPiyCQ0inRvYxbN9jk5I+vvW/OXSQhTDSoE431IQ= @@ -981,7 +967,6 @@ golang.org/x/tools v0.0.0-20200916195026-c9a70fc28ce3/go.mod h1:z6u4i615ZeAfBE4X golang.org/x/tools v0.0.0-20201224043029-2b0845dc783e/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= golang.org/x/tools v0.0.0-20210106214847-113979e3529a/go.mod h1:emZCQorbCU4vsT4fOWvOPXz4eW1wZW4PmDk9uLelYpA= golang.org/x/tools v0.1.1/go.mod h1:o0xws9oXOQQZyjljx8fwUC0k7L1pTE6eaCbjGeHmOkk= -golang.org/x/tools v0.1.12/go.mod h1:hNGJHUnrk76NpqgfD5Aqm5Crs+Hm0VOH/i9J2+nxYbc= golang.org/x/tools v0.8.0 h1:vSDcovVPld282ceKgDimkRSC8kpaH1dgyc9UMzlt84Y= golang.org/x/tools v0.8.0/go.mod h1:JxBZ99ISMI5ViVkT1tr6tdNmXeTrcpVSD3vZ1RsRdN4= golang.org/x/xerrors v0.0.0-20190717185122-a985d3407aa7/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= diff --git a/ecs-agent/vendor/github.com/aws/aws-sdk-go/aws/auth/bearer/token.go b/ecs-agent/vendor/github.com/aws/aws-sdk-go/aws/auth/bearer/token.go new file mode 100644 index 00000000000..dd950a286fb --- /dev/null +++ b/ecs-agent/vendor/github.com/aws/aws-sdk-go/aws/auth/bearer/token.go @@ -0,0 +1,50 @@ +package bearer + +import ( + "github.com/aws/aws-sdk-go/aws" + "time" +) + +// Token provides a type wrapping a bearer token and expiration metadata. +type Token struct { + Value string + + CanExpire bool + Expires time.Time +} + +// Expired returns if the token's Expires time is before or equal to the time +// provided. If CanExpire is false, Expired will always return false. +func (t Token) Expired(now time.Time) bool { + if !t.CanExpire { + return false + } + now = now.Round(0) + return now.Equal(t.Expires) || now.After(t.Expires) +} + +// TokenProvider provides interface for retrieving bearer tokens. +type TokenProvider interface { + RetrieveBearerToken(aws.Context) (Token, error) +} + +// TokenProviderFunc provides a helper utility to wrap a function as a type +// that implements the TokenProvider interface. +type TokenProviderFunc func(aws.Context) (Token, error) + +// RetrieveBearerToken calls the wrapped function, returning the Token or +// error. +func (fn TokenProviderFunc) RetrieveBearerToken(ctx aws.Context) (Token, error) { + return fn(ctx) +} + +// StaticTokenProvider provides a utility for wrapping a static bearer token +// value within an implementation of a token provider. +type StaticTokenProvider struct { + Token Token +} + +// RetrieveBearerToken returns the static token specified. +func (s StaticTokenProvider) RetrieveBearerToken(aws.Context) (Token, error) { + return s.Token, nil +} diff --git a/ecs-agent/vendor/github.com/aws/aws-sdk-go/aws/config.go b/ecs-agent/vendor/github.com/aws/aws-sdk-go/aws/config.go index 4818ea427e3..c483e0cb8e6 100644 --- a/ecs-agent/vendor/github.com/aws/aws-sdk-go/aws/config.go +++ b/ecs-agent/vendor/github.com/aws/aws-sdk-go/aws/config.go @@ -20,16 +20,16 @@ type RequestRetryer interface{} // A Config provides service configuration for service clients. By default, // all clients will use the defaults.DefaultConfig structure. // -// // Create Session with MaxRetries configuration to be shared by multiple -// // service clients. -// sess := session.Must(session.NewSession(&aws.Config{ -// MaxRetries: aws.Int(3), -// })) +// // Create Session with MaxRetries configuration to be shared by multiple +// // service clients. +// sess := session.Must(session.NewSession(&aws.Config{ +// MaxRetries: aws.Int(3), +// })) // -// // Create S3 service client with a specific Region. -// svc := s3.New(sess, &aws.Config{ -// Region: aws.String("us-west-2"), -// }) +// // Create S3 service client with a specific Region. +// svc := s3.New(sess, &aws.Config{ +// Region: aws.String("us-west-2"), +// }) type Config struct { // Enables verbose error printing of all credential chain errors. // Should be used when wanting to see all errors while attempting to @@ -192,6 +192,23 @@ type Config struct { // EC2MetadataDisableTimeoutOverride *bool + // Set this to `false` to disable EC2Metadata client from falling back to IMDSv1. + // By default, EC2 role credentials will fall back to IMDSv1 as needed for backwards compatibility. + // You can disable this behavior by explicitly setting this flag to `false`. When false, the EC2Metadata + // client will return any errors encountered from attempting to fetch a token instead of silently + // using the insecure data flow of IMDSv1. + // + // Example: + // sess := session.Must(session.NewSession(aws.NewConfig() + // .WithEC2MetadataEnableFallback(false))) + // + // svc := s3.New(sess) + // + // See [configuring IMDS] for more information. + // + // [configuring IMDS]: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/configuring-instance-metadata-service.html + EC2MetadataEnableFallback *bool + // Instructs the endpoint to be generated for a service client to // be the dual stack endpoint. The dual stack endpoint will support // both IPv4 and IPv6 addressing. @@ -283,16 +300,16 @@ type Config struct { // NewConfig returns a new Config pointer that can be chained with builder // methods to set multiple configuration values inline without using pointers. // -// // Create Session with MaxRetries configuration to be shared by multiple -// // service clients. -// sess := session.Must(session.NewSession(aws.NewConfig(). -// WithMaxRetries(3), -// )) +// // Create Session with MaxRetries configuration to be shared by multiple +// // service clients. +// sess := session.Must(session.NewSession(aws.NewConfig(). +// WithMaxRetries(3), +// )) // -// // Create S3 service client with a specific Region. -// svc := s3.New(sess, aws.NewConfig(). -// WithRegion("us-west-2"), -// ) +// // Create S3 service client with a specific Region. +// svc := s3.New(sess, aws.NewConfig(). +// WithRegion("us-west-2"), +// ) func NewConfig() *Config { return &Config{} } @@ -425,6 +442,17 @@ func (c *Config) WithUseDualStack(enable bool) *Config { return c } +// WithUseFIPSEndpoint sets a config UseFIPSEndpoint value returning a Config +// pointer for chaining. +func (c *Config) WithUseFIPSEndpoint(enable bool) *Config { + if enable { + c.UseFIPSEndpoint = endpoints.FIPSEndpointStateEnabled + } else { + c.UseFIPSEndpoint = endpoints.FIPSEndpointStateDisabled + } + return c +} + // WithEC2MetadataDisableTimeoutOverride sets a config EC2MetadataDisableTimeoutOverride value // returning a Config pointer for chaining. func (c *Config) WithEC2MetadataDisableTimeoutOverride(enable bool) *Config { @@ -432,6 +460,13 @@ func (c *Config) WithEC2MetadataDisableTimeoutOverride(enable bool) *Config { return c } +// WithEC2MetadataEnableFallback sets a config EC2MetadataEnableFallback value +// returning a Config pointer for chaining. +func (c *Config) WithEC2MetadataEnableFallback(v bool) *Config { + c.EC2MetadataEnableFallback = &v + return c +} + // WithSleepDelay overrides the function used to sleep while waiting for the // next retry. Defaults to time.Sleep. func (c *Config) WithSleepDelay(fn func(time.Duration)) *Config { @@ -576,6 +611,10 @@ func mergeInConfig(dst *Config, other *Config) { dst.EC2MetadataDisableTimeoutOverride = other.EC2MetadataDisableTimeoutOverride } + if other.EC2MetadataEnableFallback != nil { + dst.EC2MetadataEnableFallback = other.EC2MetadataEnableFallback + } + if other.SleepDelay != nil { dst.SleepDelay = other.SleepDelay } diff --git a/ecs-agent/vendor/github.com/aws/aws-sdk-go/aws/corehandlers/awsinternal.go b/ecs-agent/vendor/github.com/aws/aws-sdk-go/aws/corehandlers/awsinternal.go new file mode 100644 index 00000000000..140242dd1b8 --- /dev/null +++ b/ecs-agent/vendor/github.com/aws/aws-sdk-go/aws/corehandlers/awsinternal.go @@ -0,0 +1,4 @@ +// DO NOT EDIT +package corehandlers + +const isAwsInternal = "" \ No newline at end of file diff --git a/ecs-agent/vendor/github.com/aws/aws-sdk-go/aws/corehandlers/user_agent.go b/ecs-agent/vendor/github.com/aws/aws-sdk-go/aws/corehandlers/user_agent.go index ab69c7a6f38..ac842c55d89 100644 --- a/ecs-agent/vendor/github.com/aws/aws-sdk-go/aws/corehandlers/user_agent.go +++ b/ecs-agent/vendor/github.com/aws/aws-sdk-go/aws/corehandlers/user_agent.go @@ -35,3 +35,13 @@ var AddHostExecEnvUserAgentHander = request.NamedHandler{ request.AddToUserAgent(r, execEnvUAKey+"/"+v) }, } + +var AddAwsInternal = request.NamedHandler{ + Name: "core.AddAwsInternal", + Fn: func(r *request.Request) { + if len(isAwsInternal) == 0 { + return + } + request.AddToUserAgent(r, isAwsInternal) + }, +} diff --git a/ecs-agent/vendor/github.com/aws/aws-sdk-go/aws/credentials/endpointcreds/provider.go b/ecs-agent/vendor/github.com/aws/aws-sdk-go/aws/credentials/endpointcreds/provider.go index 785f30d8e6c..329f788a38a 100644 --- a/ecs-agent/vendor/github.com/aws/aws-sdk-go/aws/credentials/endpointcreds/provider.go +++ b/ecs-agent/vendor/github.com/aws/aws-sdk-go/aws/credentials/endpointcreds/provider.go @@ -31,6 +31,8 @@ package endpointcreds import ( "encoding/json" + "fmt" + "strings" "time" "github.com/aws/aws-sdk-go/aws" @@ -69,7 +71,37 @@ type Provider struct { // Optional authorization token value if set will be used as the value of // the Authorization header of the endpoint credential request. + // + // When constructed from environment, the provider will use the value of + // AWS_CONTAINER_AUTHORIZATION_TOKEN environment variable as the token + // + // Will be overridden if AuthorizationTokenProvider is configured AuthorizationToken string + + // Optional auth provider func to dynamically load the auth token from a file + // everytime a credential is retrieved + // + // When constructed from environment, the provider will read and use the content + // of the file pointed to by AWS_CONTAINER_AUTHORIZATION_TOKEN_FILE environment variable + // as the auth token everytime credentials are retrieved + // + // Will override AuthorizationToken if configured + AuthorizationTokenProvider AuthTokenProvider +} + +// AuthTokenProvider defines an interface to dynamically load a value to be passed +// for the Authorization header of a credentials request. +type AuthTokenProvider interface { + GetToken() (string, error) +} + +// TokenProviderFunc is a func type implementing AuthTokenProvider interface +// and enables customizing token provider behavior +type TokenProviderFunc func() (string, error) + +// GetToken func retrieves auth token according to TokenProviderFunc implementation +func (p TokenProviderFunc) GetToken() (string, error) { + return p() } // NewProviderClient returns a credentials Provider for retrieving AWS credentials @@ -164,7 +196,20 @@ func (p *Provider) getCredentials(ctx aws.Context) (*getCredentialsOutput, error req := p.Client.NewRequest(op, nil, out) req.SetContext(ctx) req.HTTPRequest.Header.Set("Accept", "application/json") - if authToken := p.AuthorizationToken; len(authToken) != 0 { + + authToken := p.AuthorizationToken + var err error + if p.AuthorizationTokenProvider != nil { + authToken, err = p.AuthorizationTokenProvider.GetToken() + if err != nil { + return nil, fmt.Errorf("get authorization token: %v", err) + } + } + + if strings.ContainsAny(authToken, "\r\n") { + return nil, fmt.Errorf("authorization token contains invalid newline sequence") + } + if len(authToken) != 0 { req.HTTPRequest.Header.Set("Authorization", authToken) } diff --git a/ecs-agent/vendor/github.com/aws/aws-sdk-go/aws/credentials/processcreds/provider.go b/ecs-agent/vendor/github.com/aws/aws-sdk-go/aws/credentials/processcreds/provider.go index e6248360029..18694f07f7f 100644 --- a/ecs-agent/vendor/github.com/aws/aws-sdk-go/aws/credentials/processcreds/provider.go +++ b/ecs-agent/vendor/github.com/aws/aws-sdk-go/aws/credentials/processcreds/provider.go @@ -226,12 +226,24 @@ func NewCredentialsCommand(command *exec.Cmd, options ...func(*ProcessProvider)) return credentials.NewCredentials(p) } -type credentialProcessResponse struct { - Version int - AccessKeyID string `json:"AccessKeyId"` +// A CredentialProcessResponse is the AWS credentials format that must be +// returned when executing an external credential_process. +type CredentialProcessResponse struct { + // As of this writing, the Version key must be set to 1. This might + // increment over time as the structure evolves. + Version int + + // The access key ID that identifies the temporary security credentials. + AccessKeyID string `json:"AccessKeyId"` + + // The secret access key that can be used to sign requests. SecretAccessKey string - SessionToken string - Expiration *time.Time + + // The token that users must pass to the service API to use the temporary credentials. + SessionToken string + + // The date on which the current credentials expire. + Expiration *time.Time } // Retrieve executes the 'credential_process' and returns the credentials. @@ -242,7 +254,7 @@ func (p *ProcessProvider) Retrieve() (credentials.Value, error) { } // Serialize and validate response - resp := &credentialProcessResponse{} + resp := &CredentialProcessResponse{} if err = json.Unmarshal(out, resp); err != nil { return credentials.Value{ProviderName: ProviderName}, awserr.New( ErrCodeProcessProviderParse, diff --git a/ecs-agent/vendor/github.com/aws/aws-sdk-go/aws/credentials/ssocreds/provider.go b/ecs-agent/vendor/github.com/aws/aws-sdk-go/aws/credentials/ssocreds/provider.go index 6eda2a5557f..4138e725dde 100644 --- a/ecs-agent/vendor/github.com/aws/aws-sdk-go/aws/credentials/ssocreds/provider.go +++ b/ecs-agent/vendor/github.com/aws/aws-sdk-go/aws/credentials/ssocreds/provider.go @@ -4,13 +4,13 @@ import ( "crypto/sha1" "encoding/hex" "encoding/json" - "fmt" "io/ioutil" "path/filepath" "strings" "time" "github.com/aws/aws-sdk-go/aws" + "github.com/aws/aws-sdk-go/aws/auth/bearer" "github.com/aws/aws-sdk-go/aws/awserr" "github.com/aws/aws-sdk-go/aws/client" "github.com/aws/aws-sdk-go/aws/credentials" @@ -55,6 +55,19 @@ type Provider struct { // The URL that points to the organization's AWS Single Sign-On (AWS SSO) user portal. StartURL string + + // The filepath the cached token will be retrieved from. If unset Provider will + // use the startURL to determine the filepath at. + // + // ~/.aws/sso/cache/.json + // + // If custom cached token filepath is used, the Provider's startUrl + // parameter will be ignored. + CachedTokenFilepath string + + // Used by the SSOCredentialProvider if a token configuration + // profile is used in the shared config + TokenProvider bearer.TokenProvider } // NewCredentials returns a new AWS Single Sign-On (AWS SSO) credential provider. The ConfigProvider is expected to be configured @@ -89,13 +102,31 @@ func (p *Provider) Retrieve() (credentials.Value, error) { // RetrieveWithContext retrieves temporary AWS credentials from the configured Amazon Single Sign-On (AWS SSO) user portal // by exchanging the accessToken present in ~/.aws/sso/cache. func (p *Provider) RetrieveWithContext(ctx credentials.Context) (credentials.Value, error) { - tokenFile, err := loadTokenFile(p.StartURL) - if err != nil { - return credentials.Value{}, err + var accessToken *string + if p.TokenProvider != nil { + token, err := p.TokenProvider.RetrieveBearerToken(ctx) + if err != nil { + return credentials.Value{}, err + } + accessToken = &token.Value + } else { + if p.CachedTokenFilepath == "" { + cachedTokenFilePath, err := getCachedFilePath(p.StartURL) + if err != nil { + return credentials.Value{}, err + } + p.CachedTokenFilepath = cachedTokenFilePath + } + + tokenFile, err := loadTokenFile(p.CachedTokenFilepath) + if err != nil { + return credentials.Value{}, err + } + accessToken = &tokenFile.AccessToken } output, err := p.Client.GetRoleCredentialsWithContext(ctx, &sso.GetRoleCredentialsInput{ - AccessToken: &tokenFile.AccessToken, + AccessToken: accessToken, AccountId: &p.AccountID, RoleName: &p.RoleName, }) @@ -114,32 +145,13 @@ func (p *Provider) RetrieveWithContext(ctx credentials.Context) (credentials.Val }, nil } -func getCacheFileName(url string) (string, error) { +func getCachedFilePath(startUrl string) (string, error) { hash := sha1.New() - _, err := hash.Write([]byte(url)) + _, err := hash.Write([]byte(startUrl)) if err != nil { return "", err } - return strings.ToLower(hex.EncodeToString(hash.Sum(nil))) + ".json", nil -} - -type rfc3339 time.Time - -func (r *rfc3339) UnmarshalJSON(bytes []byte) error { - var value string - - if err := json.Unmarshal(bytes, &value); err != nil { - return err - } - - parse, err := time.Parse(time.RFC3339, value) - if err != nil { - return fmt.Errorf("expected RFC3339 timestamp: %v", err) - } - - *r = rfc3339(parse) - - return nil + return filepath.Join(defaultCacheLocation(), strings.ToLower(hex.EncodeToString(hash.Sum(nil)))+".json"), nil } type token struct { @@ -153,13 +165,8 @@ func (t token) Expired() bool { return nowTime().Round(0).After(time.Time(t.ExpiresAt)) } -func loadTokenFile(startURL string) (t token, err error) { - key, err := getCacheFileName(startURL) - if err != nil { - return token{}, awserr.New(ErrCodeSSOProviderInvalidToken, invalidTokenMessage, err) - } - - fileBytes, err := ioutil.ReadFile(filepath.Join(defaultCacheLocation(), key)) +func loadTokenFile(cachedTokenPath string) (t token, err error) { + fileBytes, err := ioutil.ReadFile(cachedTokenPath) if err != nil { return token{}, awserr.New(ErrCodeSSOProviderInvalidToken, invalidTokenMessage, err) } diff --git a/ecs-agent/vendor/github.com/aws/aws-sdk-go/aws/credentials/ssocreds/sso_cached_token.go b/ecs-agent/vendor/github.com/aws/aws-sdk-go/aws/credentials/ssocreds/sso_cached_token.go new file mode 100644 index 00000000000..f6fa88451af --- /dev/null +++ b/ecs-agent/vendor/github.com/aws/aws-sdk-go/aws/credentials/ssocreds/sso_cached_token.go @@ -0,0 +1,237 @@ +package ssocreds + +import ( + "crypto/sha1" + "encoding/hex" + "encoding/json" + "fmt" + "github.com/aws/aws-sdk-go/internal/shareddefaults" + "io/ioutil" + "os" + "path/filepath" + "strconv" + "strings" + "time" +) + +var resolvedOsUserHomeDir = shareddefaults.UserHomeDir + +// StandardCachedTokenFilepath returns the filepath for the cached SSO token file, or +// error if unable get derive the path. Key that will be used to compute a SHA1 +// value that is hex encoded. +// +// Derives the filepath using the Key as: +// +// ~/.aws/sso/cache/.json +func StandardCachedTokenFilepath(key string) (string, error) { + homeDir := resolvedOsUserHomeDir() + if len(homeDir) == 0 { + return "", fmt.Errorf("unable to get USER's home directory for cached token") + } + hash := sha1.New() + if _, err := hash.Write([]byte(key)); err != nil { + return "", fmt.Errorf("unable to compute cached token filepath key SHA1 hash, %v", err) + } + + cacheFilename := strings.ToLower(hex.EncodeToString(hash.Sum(nil))) + ".json" + + return filepath.Join(homeDir, ".aws", "sso", "cache", cacheFilename), nil +} + +type tokenKnownFields struct { + AccessToken string `json:"accessToken,omitempty"` + ExpiresAt *rfc3339 `json:"expiresAt,omitempty"` + + RefreshToken string `json:"refreshToken,omitempty"` + ClientID string `json:"clientId,omitempty"` + ClientSecret string `json:"clientSecret,omitempty"` +} + +type cachedToken struct { + tokenKnownFields + UnknownFields map[string]interface{} `json:"-"` +} + +// MarshalJSON provides custom marshalling because the standard library Go marshaller ignores unknown/unspecified fields +// when marshalling from a struct: https://pkg.go.dev/encoding/json#Marshal +// This function adds some extra validation to the known fields and captures unknown fields. +func (t cachedToken) MarshalJSON() ([]byte, error) { + fields := map[string]interface{}{} + + setTokenFieldString(fields, "accessToken", t.AccessToken) + setTokenFieldRFC3339(fields, "expiresAt", t.ExpiresAt) + + setTokenFieldString(fields, "refreshToken", t.RefreshToken) + setTokenFieldString(fields, "clientId", t.ClientID) + setTokenFieldString(fields, "clientSecret", t.ClientSecret) + + for k, v := range t.UnknownFields { + if _, ok := fields[k]; ok { + return nil, fmt.Errorf("unknown token field %v, duplicates known field", k) + } + fields[k] = v + } + + return json.Marshal(fields) +} + +func setTokenFieldString(fields map[string]interface{}, key, value string) { + if value == "" { + return + } + fields[key] = value +} +func setTokenFieldRFC3339(fields map[string]interface{}, key string, value *rfc3339) { + if value == nil { + return + } + fields[key] = value +} + +// UnmarshalJSON provides custom unmarshalling because the standard library Go unmarshaller ignores unknown/unspecified +// fields when unmarshalling from a struct: https://pkg.go.dev/encoding/json#Unmarshal +// This function adds some extra validation to the known fields and captures unknown fields. +func (t *cachedToken) UnmarshalJSON(b []byte) error { + var fields map[string]interface{} + if err := json.Unmarshal(b, &fields); err != nil { + return nil + } + + t.UnknownFields = map[string]interface{}{} + + for k, v := range fields { + var err error + switch k { + case "accessToken": + err = getTokenFieldString(v, &t.AccessToken) + case "expiresAt": + err = getTokenFieldRFC3339(v, &t.ExpiresAt) + case "refreshToken": + err = getTokenFieldString(v, &t.RefreshToken) + case "clientId": + err = getTokenFieldString(v, &t.ClientID) + case "clientSecret": + err = getTokenFieldString(v, &t.ClientSecret) + default: + t.UnknownFields[k] = v + } + + if err != nil { + return fmt.Errorf("field %q, %v", k, err) + } + } + + return nil +} + +func getTokenFieldString(v interface{}, value *string) error { + var ok bool + *value, ok = v.(string) + if !ok { + return fmt.Errorf("expect value to be string, got %T", v) + } + return nil +} + +func getTokenFieldRFC3339(v interface{}, value **rfc3339) error { + var stringValue string + if err := getTokenFieldString(v, &stringValue); err != nil { + return err + } + + timeValue, err := parseRFC3339(stringValue) + if err != nil { + return err + } + + *value = &timeValue + return nil +} + +func loadCachedToken(filename string) (cachedToken, error) { + fileBytes, err := ioutil.ReadFile(filename) + if err != nil { + return cachedToken{}, fmt.Errorf("failed to read cached SSO token file, %v", err) + } + + var t cachedToken + if err := json.Unmarshal(fileBytes, &t); err != nil { + return cachedToken{}, fmt.Errorf("failed to parse cached SSO token file, %v", err) + } + + if len(t.AccessToken) == 0 || t.ExpiresAt == nil || time.Time(*t.ExpiresAt).IsZero() { + return cachedToken{}, fmt.Errorf( + "cached SSO token must contain accessToken and expiresAt fields") + } + + return t, nil +} + +func storeCachedToken(filename string, t cachedToken, fileMode os.FileMode) (err error) { + tmpFilename := filename + ".tmp-" + strconv.FormatInt(nowTime().UnixNano(), 10) + if err := writeCacheFile(tmpFilename, fileMode, t); err != nil { + return err + } + + if err := os.Rename(tmpFilename, filename); err != nil { + return fmt.Errorf("failed to replace old cached SSO token file, %v", err) + } + + return nil +} + +func writeCacheFile(filename string, fileMode os.FileMode, t cachedToken) (err error) { + var f *os.File + f, err = os.OpenFile(filename, os.O_CREATE|os.O_TRUNC|os.O_RDWR, fileMode) + if err != nil { + return fmt.Errorf("failed to create cached SSO token file %v", err) + } + + defer func() { + closeErr := f.Close() + if err == nil && closeErr != nil { + err = fmt.Errorf("failed to close cached SSO token file, %v", closeErr) + } + }() + + encoder := json.NewEncoder(f) + + if err = encoder.Encode(t); err != nil { + return fmt.Errorf("failed to serialize cached SSO token, %v", err) + } + + return nil +} + +type rfc3339 time.Time + +// UnmarshalJSON decode rfc3339 from JSON format +func (r *rfc3339) UnmarshalJSON(bytes []byte) error { + var value string + var err error + + if err = json.Unmarshal(bytes, &value); err != nil { + return err + } + + *r, err = parseRFC3339(value) + return err +} + +func parseRFC3339(v string) (rfc3339, error) { + parsed, err := time.Parse(time.RFC3339, v) + if err != nil { + return rfc3339{}, fmt.Errorf("expected RFC3339 timestamp: %v", err) + } + + return rfc3339(parsed), nil +} + +// MarshalJSON encode rfc3339 to JSON format time +func (r *rfc3339) MarshalJSON() ([]byte, error) { + value := time.Time(*r).Format(time.RFC3339) + + // Use JSON unmarshal to unescape the quoted value making use of JSON's + // quoting rules. + return json.Marshal(value) +} diff --git a/ecs-agent/vendor/github.com/aws/aws-sdk-go/aws/credentials/ssocreds/token_provider.go b/ecs-agent/vendor/github.com/aws/aws-sdk-go/aws/credentials/ssocreds/token_provider.go new file mode 100644 index 00000000000..3388b78b4f4 --- /dev/null +++ b/ecs-agent/vendor/github.com/aws/aws-sdk-go/aws/credentials/ssocreds/token_provider.go @@ -0,0 +1,148 @@ +package ssocreds + +import ( + "fmt" + "os" + "time" + + "github.com/aws/aws-sdk-go/aws" + "github.com/aws/aws-sdk-go/aws/auth/bearer" + "github.com/aws/aws-sdk-go/service/ssooidc" +) + +// CreateTokenAPIClient provides the interface for the SSOTokenProvider's API +// client for calling CreateToken operation to refresh the SSO token. +type CreateTokenAPIClient interface { + CreateToken(input *ssooidc.CreateTokenInput) (*ssooidc.CreateTokenOutput, error) +} + +// SSOTokenProviderOptions provides the options for configuring the +// SSOTokenProvider. +type SSOTokenProviderOptions struct { + // Client that can be overridden + Client CreateTokenAPIClient + + // The path the file containing the cached SSO token will be read from. + // Initialized the NewSSOTokenProvider's cachedTokenFilepath parameter. + CachedTokenFilepath string +} + +// SSOTokenProvider provides a utility for refreshing SSO AccessTokens for +// Bearer Authentication. The SSOTokenProvider can only be used to refresh +// already cached SSO Tokens. This utility cannot perform the initial SSO +// create token. +// +// The initial SSO create token should be preformed with the AWS CLI before the +// Go application using the SSOTokenProvider will need to retrieve the SSO +// token. If the AWS CLI has not created the token cache file, this provider +// will return an error when attempting to retrieve the cached token. +// +// This provider will attempt to refresh the cached SSO token periodically if +// needed when RetrieveBearerToken is called. +// +// A utility such as the AWS CLI must be used to initially create the SSO +// session and cached token file. +// https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-sso.html +type SSOTokenProvider struct { + options SSOTokenProviderOptions +} + +// NewSSOTokenProvider returns an initialized SSOTokenProvider that will +// periodically refresh the SSO token cached stored in the cachedTokenFilepath. +// The cachedTokenFilepath file's content will be rewritten by the token +// provider when the token is refreshed. +// +// The client must be configured for the AWS region the SSO token was created for. +func NewSSOTokenProvider(client CreateTokenAPIClient, cachedTokenFilepath string, optFns ...func(o *SSOTokenProviderOptions)) *SSOTokenProvider { + options := SSOTokenProviderOptions{ + Client: client, + CachedTokenFilepath: cachedTokenFilepath, + } + for _, fn := range optFns { + fn(&options) + } + + provider := &SSOTokenProvider{ + options: options, + } + + return provider +} + +// RetrieveBearerToken returns the SSO token stored in the cachedTokenFilepath +// the SSOTokenProvider was created with. If the token has expired +// RetrieveBearerToken will attempt to refresh it. If the token cannot be +// refreshed or is not present an error will be returned. +// +// A utility such as the AWS CLI must be used to initially create the SSO +// session and cached token file. https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-sso.html +func (p *SSOTokenProvider) RetrieveBearerToken(ctx aws.Context) (bearer.Token, error) { + cachedToken, err := loadCachedToken(p.options.CachedTokenFilepath) + if err != nil { + return bearer.Token{}, err + } + + if cachedToken.ExpiresAt != nil && nowTime().After(time.Time(*cachedToken.ExpiresAt)) { + cachedToken, err = p.refreshToken(cachedToken) + if err != nil { + return bearer.Token{}, fmt.Errorf("refresh cached SSO token failed, %v", err) + } + } + + expiresAt := toTime((*time.Time)(cachedToken.ExpiresAt)) + return bearer.Token{ + Value: cachedToken.AccessToken, + CanExpire: !expiresAt.IsZero(), + Expires: expiresAt, + }, nil +} + +func (p *SSOTokenProvider) refreshToken(token cachedToken) (cachedToken, error) { + if token.ClientSecret == "" || token.ClientID == "" || token.RefreshToken == "" { + return cachedToken{}, fmt.Errorf("cached SSO token is expired, or not present, and cannot be refreshed") + } + + createResult, err := p.options.Client.CreateToken(&ssooidc.CreateTokenInput{ + ClientId: &token.ClientID, + ClientSecret: &token.ClientSecret, + RefreshToken: &token.RefreshToken, + GrantType: aws.String("refresh_token"), + }) + if err != nil { + return cachedToken{}, fmt.Errorf("unable to refresh SSO token, %v", err) + } + if createResult.ExpiresIn == nil { + return cachedToken{}, fmt.Errorf("missing required field ExpiresIn") + } + if createResult.AccessToken == nil { + return cachedToken{}, fmt.Errorf("missing required field AccessToken") + } + if createResult.RefreshToken == nil { + return cachedToken{}, fmt.Errorf("missing required field RefreshToken") + } + + expiresAt := nowTime().Add(time.Duration(*createResult.ExpiresIn) * time.Second) + + token.AccessToken = *createResult.AccessToken + token.ExpiresAt = (*rfc3339)(&expiresAt) + token.RefreshToken = *createResult.RefreshToken + + fileInfo, err := os.Stat(p.options.CachedTokenFilepath) + if err != nil { + return cachedToken{}, fmt.Errorf("failed to stat cached SSO token file %v", err) + } + + if err = storeCachedToken(p.options.CachedTokenFilepath, token, fileInfo.Mode()); err != nil { + return cachedToken{}, fmt.Errorf("unable to cache refreshed SSO token, %v", err) + } + + return token, nil +} + +func toTime(p *time.Time) (v time.Time) { + if p == nil { + return v + } + + return *p +} diff --git a/ecs-agent/vendor/github.com/aws/aws-sdk-go/aws/credentials/stscreds/assume_role_provider.go b/ecs-agent/vendor/github.com/aws/aws-sdk-go/aws/credentials/stscreds/assume_role_provider.go index 260a37cbbab..86db488defa 100644 --- a/ecs-agent/vendor/github.com/aws/aws-sdk-go/aws/credentials/stscreds/assume_role_provider.go +++ b/ecs-agent/vendor/github.com/aws/aws-sdk-go/aws/credentials/stscreds/assume_role_provider.go @@ -9,7 +9,7 @@ to refresh the credentials will be synchronized. But, the SDK is unable to ensure synchronous usage of the AssumeRoleProvider if the value is shared between multiple Credentials, Sessions or service clients. -Assume Role +# Assume Role To assume an IAM role using STS with the SDK you can create a new Credentials with the SDKs's stscreds package. @@ -27,7 +27,7 @@ with the SDKs's stscreds package. // from assumed role. svc := s3.New(sess, &aws.Config{Credentials: creds}) -Assume Role with static MFA Token +# Assume Role with static MFA Token To assume an IAM role with a MFA token you can either specify a MFA token code directly or provide a function to prompt the user each time the credentials @@ -49,7 +49,7 @@ credentials. // from assumed role. svc := s3.New(sess, &aws.Config{Credentials: creds}) -Assume Role with MFA Token Provider +# Assume Role with MFA Token Provider To assume an IAM role with MFA for longer running tasks where the credentials may need to be refreshed setting the TokenProvider field of AssumeRoleProvider @@ -74,7 +74,6 @@ single Credentials with an AssumeRoleProvider can be shared safely. // Create service client value configured for credentials // from assumed role. svc := s3.New(sess, &aws.Config{Credentials: creds}) - */ package stscreds @@ -199,6 +198,10 @@ type AssumeRoleProvider struct { // or an Amazon Resource Name (ARN) for a virtual device (such as arn:aws:iam::123456789012:mfa/user). SerialNumber *string + // The SourceIdentity which is used to identity a persistent identity through the whole session. + // For more details see https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_control-access_monitor.html + SourceIdentity *string + // The value provided by the MFA device, if the trust policy of the role being // assumed requires MFA (that is, if the policy includes a condition that tests // for MFA). If the role being assumed requires MFA and if the TokenCode value @@ -320,6 +323,7 @@ func (p *AssumeRoleProvider) RetrieveWithContext(ctx credentials.Context) (crede Tags: p.Tags, PolicyArns: p.PolicyArns, TransitiveTagKeys: p.TransitiveTagKeys, + SourceIdentity: p.SourceIdentity, } if p.Policy != nil { input.Policy = p.Policy diff --git a/ecs-agent/vendor/github.com/aws/aws-sdk-go/aws/defaults/defaults.go b/ecs-agent/vendor/github.com/aws/aws-sdk-go/aws/defaults/defaults.go index 23bb639e018..1ba80b57609 100644 --- a/ecs-agent/vendor/github.com/aws/aws-sdk-go/aws/defaults/defaults.go +++ b/ecs-agent/vendor/github.com/aws/aws-sdk-go/aws/defaults/defaults.go @@ -9,6 +9,7 @@ package defaults import ( "fmt" + "io/ioutil" "net" "net/http" "net/url" @@ -74,6 +75,7 @@ func Handlers() request.Handlers { handlers.Validate.PushBackNamed(corehandlers.ValidateEndpointHandler) handlers.Validate.AfterEachFn = request.HandlerListStopOnError handlers.Build.PushBackNamed(corehandlers.SDKVersionUserAgentHandler) + handlers.Build.PushBackNamed(corehandlers.AddAwsInternal) handlers.Build.PushBackNamed(corehandlers.AddHostExecEnvUserAgentHander) handlers.Build.AfterEachFn = request.HandlerListStopOnError handlers.Sign.PushBackNamed(corehandlers.BuildContentLengthHandler) @@ -114,9 +116,31 @@ func CredProviders(cfg *aws.Config, handlers request.Handlers) []credentials.Pro const ( httpProviderAuthorizationEnvVar = "AWS_CONTAINER_AUTHORIZATION_TOKEN" + httpProviderAuthFileEnvVar = "AWS_CONTAINER_AUTHORIZATION_TOKEN_FILE" httpProviderEnvVar = "AWS_CONTAINER_CREDENTIALS_FULL_URI" ) +// direct representation of the IPv4 address for the ECS container +// "169.254.170.2" +var ecsContainerIPv4 net.IP = []byte{ + 169, 254, 170, 2, +} + +// direct representation of the IPv4 address for the EKS container +// "169.254.170.23" +var eksContainerIPv4 net.IP = []byte{ + 169, 254, 170, 23, +} + +// direct representation of the IPv6 address for the EKS container +// "fd00:ec2::23" +var eksContainerIPv6 net.IP = []byte{ + 0xFD, 0, 0xE, 0xC2, + 0, 0, 0, 0, + 0, 0, 0, 0, + 0, 0, 0, 0x23, +} + // RemoteCredProvider returns a credentials provider for the default remote // endpoints such as EC2 or ECS Roles. func RemoteCredProvider(cfg aws.Config, handlers request.Handlers) credentials.Provider { @@ -134,19 +158,22 @@ func RemoteCredProvider(cfg aws.Config, handlers request.Handlers) credentials.P var lookupHostFn = net.LookupHost -func isLoopbackHost(host string) (bool, error) { - ip := net.ParseIP(host) - if ip != nil { - return ip.IsLoopback(), nil +// isAllowedHost allows host to be loopback or known ECS/EKS container IPs +// +// host can either be an IP address OR an unresolved hostname - resolution will +// be automatically performed in the latter case +func isAllowedHost(host string) (bool, error) { + if ip := net.ParseIP(host); ip != nil { + return isIPAllowed(ip), nil } - // Host is not an ip, perform lookup addrs, err := lookupHostFn(host) if err != nil { return false, err } + for _, addr := range addrs { - if !net.ParseIP(addr).IsLoopback() { + if ip := net.ParseIP(addr); ip == nil || !isIPAllowed(ip) { return false, nil } } @@ -154,6 +181,13 @@ func isLoopbackHost(host string) (bool, error) { return true, nil } +func isIPAllowed(ip net.IP) bool { + return ip.IsLoopback() || + ip.Equal(ecsContainerIPv4) || + ip.Equal(eksContainerIPv4) || + ip.Equal(eksContainerIPv6) +} + func localHTTPCredProvider(cfg aws.Config, handlers request.Handlers, u string) credentials.Provider { var errMsg string @@ -164,10 +198,12 @@ func localHTTPCredProvider(cfg aws.Config, handlers request.Handlers, u string) host := aws.URLHostname(parsed) if len(host) == 0 { errMsg = "unable to parse host from local HTTP cred provider URL" - } else if isLoopback, loopbackErr := isLoopbackHost(host); loopbackErr != nil { - errMsg = fmt.Sprintf("failed to resolve host %q, %v", host, loopbackErr) - } else if !isLoopback { - errMsg = fmt.Sprintf("invalid endpoint host, %q, only loopback hosts are allowed.", host) + } else if parsed.Scheme == "http" { + if isAllowedHost, allowHostErr := isAllowedHost(host); allowHostErr != nil { + errMsg = fmt.Sprintf("failed to resolve host %q, %v", host, allowHostErr) + } else if !isAllowedHost { + errMsg = fmt.Sprintf("invalid endpoint host, %q, only loopback/ecs/eks hosts are allowed.", host) + } } } @@ -189,6 +225,15 @@ func httpCredProvider(cfg aws.Config, handlers request.Handlers, u string) crede func(p *endpointcreds.Provider) { p.ExpiryWindow = 5 * time.Minute p.AuthorizationToken = os.Getenv(httpProviderAuthorizationEnvVar) + if authFilePath := os.Getenv(httpProviderAuthFileEnvVar); authFilePath != "" { + p.AuthorizationTokenProvider = endpointcreds.TokenProviderFunc(func() (string, error) { + if contents, err := ioutil.ReadFile(authFilePath); err != nil { + return "", fmt.Errorf("failed to read authorization token from %v: %v", authFilePath, err) + } else { + return string(contents), nil + } + }) + } }, ) } diff --git a/ecs-agent/vendor/github.com/aws/aws-sdk-go/aws/ec2metadata/service.go b/ecs-agent/vendor/github.com/aws/aws-sdk-go/aws/ec2metadata/service.go index df63bade104..f4cc8751d04 100644 --- a/ecs-agent/vendor/github.com/aws/aws-sdk-go/aws/ec2metadata/service.go +++ b/ecs-agent/vendor/github.com/aws/aws-sdk-go/aws/ec2metadata/service.go @@ -57,13 +57,13 @@ type EC2Metadata struct { // New creates a new instance of the EC2Metadata client with a session. // This client is safe to use across multiple goroutines. // -// // Example: -// // Create a EC2Metadata client from just a session. -// svc := ec2metadata.New(mySession) // -// // Create a EC2Metadata client with additional configuration -// svc := ec2metadata.New(mySession, aws.NewConfig().WithLogLevel(aws.LogDebugHTTPBody)) +// // Create a EC2Metadata client from just a session. +// svc := ec2metadata.New(mySession) +// +// // Create a EC2Metadata client with additional configuration +// svc := ec2metadata.New(mySession, aws.NewConfig().WithLogLevel(aws.LogDebugHTTPBody)) func New(p client.ConfigProvider, cfgs ...*aws.Config) *EC2Metadata { c := p.ClientConfig(ServiceName, cfgs...) return NewClient(*c.Config, c.Handlers, c.Endpoint, c.SigningRegion) diff --git a/ecs-agent/vendor/github.com/aws/aws-sdk-go/aws/ec2metadata/token_provider.go b/ecs-agent/vendor/github.com/aws/aws-sdk-go/aws/ec2metadata/token_provider.go index 4b29f190bf9..f1f9ba4ec58 100644 --- a/ecs-agent/vendor/github.com/aws/aws-sdk-go/aws/ec2metadata/token_provider.go +++ b/ecs-agent/vendor/github.com/aws/aws-sdk-go/aws/ec2metadata/token_provider.go @@ -1,6 +1,8 @@ package ec2metadata import ( + "fmt" + "github.com/aws/aws-sdk-go/aws" "net/http" "sync/atomic" "time" @@ -33,11 +35,15 @@ func newTokenProvider(c *EC2Metadata, duration time.Duration) *tokenProvider { return &tokenProvider{client: c, configuredTTL: duration} } +// check if fallback is enabled +func (t *tokenProvider) fallbackEnabled() bool { + return t.client.Config.EC2MetadataEnableFallback == nil || *t.client.Config.EC2MetadataEnableFallback +} + // fetchTokenHandler fetches token for EC2Metadata service client by default. func (t *tokenProvider) fetchTokenHandler(r *request.Request) { - // short-circuits to insecure data flow if tokenProvider is disabled. - if v := atomic.LoadUint32(&t.disabled); v == 1 { + if v := atomic.LoadUint32(&t.disabled); v == 1 && t.fallbackEnabled() { return } @@ -49,23 +55,23 @@ func (t *tokenProvider) fetchTokenHandler(r *request.Request) { output, err := t.client.getToken(r.Context(), t.configuredTTL) if err != nil { + // only attempt fallback to insecure data flow if IMDSv1 is enabled + if !t.fallbackEnabled() { + r.Error = awserr.New("EC2MetadataError", "failed to get IMDSv2 token and fallback to IMDSv1 is disabled", err) + return + } - // change the disabled flag on token provider to true, - // when error is request timeout error. + // change the disabled flag on token provider to true and fallback if requestFailureError, ok := err.(awserr.RequestFailure); ok { switch requestFailureError.StatusCode() { case http.StatusForbidden, http.StatusNotFound, http.StatusMethodNotAllowed: atomic.StoreUint32(&t.disabled, 1) + if t.client.Config.LogLevel.Matches(aws.LogDebugWithDeprecated) { + t.client.Config.Logger.Log(fmt.Sprintf("WARN: failed to get session token, falling back to IMDSv1: %v", requestFailureError)) + } case http.StatusBadRequest: r.Error = requestFailureError } - - // Check if request timed out while waiting for response - if e, ok := requestFailureError.OrigErr().(awserr.Error); ok { - if e.Code() == request.ErrCodeRequestError { - atomic.StoreUint32(&t.disabled, 1) - } - } } return } diff --git a/ecs-agent/vendor/github.com/aws/aws-sdk-go/aws/endpoints/defaults.go b/ecs-agent/vendor/github.com/aws/aws-sdk-go/aws/endpoints/defaults.go index 917df74ae10..1047722cacd 100644 --- a/ecs-agent/vendor/github.com/aws/aws-sdk-go/aws/endpoints/defaults.go +++ b/ecs-agent/vendor/github.com/aws/aws-sdk-go/aws/endpoints/defaults.go @@ -13,6 +13,8 @@ const ( AwsUsGovPartitionID = "aws-us-gov" // AWS GovCloud (US) partition. AwsIsoPartitionID = "aws-iso" // AWS ISO (US) partition. AwsIsoBPartitionID = "aws-iso-b" // AWS ISOB (US) partition. + AwsIsoEPartitionID = "aws-iso-e" // AWS ISOE (Europe) partition. + AwsIsoFPartitionID = "aws-iso-f" // AWS ISOF partition. ) // AWS Standard partition's regions. @@ -27,7 +29,9 @@ const ( ApSoutheast1RegionID = "ap-southeast-1" // Asia Pacific (Singapore). ApSoutheast2RegionID = "ap-southeast-2" // Asia Pacific (Sydney). ApSoutheast3RegionID = "ap-southeast-3" // Asia Pacific (Jakarta). + ApSoutheast4RegionID = "ap-southeast-4" // Asia Pacific (Melbourne). CaCentral1RegionID = "ca-central-1" // Canada (Central). + CaWest1RegionID = "ca-west-1" // Canada West (Calgary). EuCentral1RegionID = "eu-central-1" // Europe (Frankfurt). EuCentral2RegionID = "eu-central-2" // Europe (Zurich). EuNorth1RegionID = "eu-north-1" // Europe (Stockholm). @@ -36,6 +40,7 @@ const ( EuWest1RegionID = "eu-west-1" // Europe (Ireland). EuWest2RegionID = "eu-west-2" // Europe (London). EuWest3RegionID = "eu-west-3" // Europe (Paris). + IlCentral1RegionID = "il-central-1" // Israel (Tel Aviv). MeCentral1RegionID = "me-central-1" // Middle East (UAE). MeSouth1RegionID = "me-south-1" // Middle East (Bahrain). SaEast1RegionID = "sa-east-1" // South America (Sao Paulo). @@ -68,8 +73,14 @@ const ( UsIsobEast1RegionID = "us-isob-east-1" // US ISOB East (Ohio). ) +// AWS ISOE (Europe) partition's regions. +const () + +// AWS ISOF partition's regions. +const () + // DefaultResolver returns an Endpoint resolver that will be able -// to resolve endpoints for: AWS Standard, AWS China, AWS GovCloud (US), AWS ISO (US), and AWS ISOB (US). +// to resolve endpoints for: AWS Standard, AWS China, AWS GovCloud (US), AWS ISO (US), AWS ISOB (US), AWS ISOE (Europe), and AWS ISOF. // // Use DefaultPartitions() to get the list of the default partitions. func DefaultResolver() Resolver { @@ -77,7 +88,7 @@ func DefaultResolver() Resolver { } // DefaultPartitions returns a list of the partitions the SDK is bundled -// with. The available partitions are: AWS Standard, AWS China, AWS GovCloud (US), AWS ISO (US), and AWS ISOB (US). +// with. The available partitions are: AWS Standard, AWS China, AWS GovCloud (US), AWS ISO (US), AWS ISOB (US), AWS ISOE (Europe), and AWS ISOF. // // partitions := endpoints.DefaultPartitions // for _, p := range partitions { @@ -93,6 +104,8 @@ var defaultPartitions = partitions{ awsusgovPartition, awsisoPartition, awsisobPartition, + awsisoePartition, + awsisofPartition, } // AwsPartition returns the Resolver for AWS Standard. @@ -106,7 +119,7 @@ var awsPartition = partition{ DNSSuffix: "amazonaws.com", RegionRegex: regionRegex{ Regexp: func() *regexp.Regexp { - reg, _ := regexp.Compile("^(us|eu|ap|sa|ca|me|af)\\-\\w+\\-\\d+$") + reg, _ := regexp.Compile("^(us|eu|ap|sa|ca|me|af|il)\\-\\w+\\-\\d+$") return reg }(), }, @@ -172,9 +185,15 @@ var awsPartition = partition{ "ap-southeast-3": region{ Description: "Asia Pacific (Jakarta)", }, + "ap-southeast-4": region{ + Description: "Asia Pacific (Melbourne)", + }, "ca-central-1": region{ Description: "Canada (Central)", }, + "ca-west-1": region{ + Description: "Canada West (Calgary)", + }, "eu-central-1": region{ Description: "Europe (Frankfurt)", }, @@ -199,6 +218,9 @@ var awsPartition = partition{ "eu-west-3": region{ Description: "Europe (Paris)", }, + "il-central-1": region{ + Description: "Israel (Tel Aviv)", + }, "me-central-1": region{ Description: "Middle East (UAE)", }, @@ -261,6 +283,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, @@ -270,6 +295,9 @@ var awsPartition = partition{ }: endpoint{ Hostname: "access-analyzer-fips.ca-central-1.amazonaws.com", }, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, @@ -339,6 +367,9 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, endpointKey{ Region: "me-central-1", }: endpoint{}, @@ -432,6 +463,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, @@ -450,6 +484,24 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "acm-fips.ca-west-1.amazonaws.com", + }, + endpointKey{ + Region: "ca-west-1-fips", + }: endpoint{ + Hostname: "acm-fips.ca-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-west-1", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "eu-central-1", }: endpoint{}, @@ -474,6 +526,9 @@ var awsPartition = partition{ endpointKey{ Region: "eu-west-3", }: endpoint{}, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, endpointKey{ Region: "me-central-1", }: endpoint{}, @@ -582,6 +637,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-south-1", }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, endpointKey{ Region: "ap-southeast-1", }: endpoint{}, @@ -591,6 +649,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, @@ -600,15 +661,30 @@ var awsPartition = partition{ }: endpoint{ Hostname: "acm-pca-fips.ca-central-1.amazonaws.com", }, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "acm-pca-fips.ca-west-1.amazonaws.com", + }, endpointKey{ Region: "eu-central-1", }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, endpointKey{ Region: "eu-north-1", }: endpoint{}, endpointKey{ Region: "eu-south-1", }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, endpointKey{ Region: "eu-west-1", }: endpoint{}, @@ -627,6 +703,15 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "fips-ca-west-1", + }: endpoint{ + Hostname: "acm-pca-fips.ca-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-west-1", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "fips-us-east-1", }: endpoint{ @@ -663,6 +748,9 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, endpointKey{ Region: "me-central-1", }: endpoint{}, @@ -710,6 +798,13 @@ var awsPartition = partition{ }, }, }, + "agreement-marketplace": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + }, + }, "airflow": service{ Endpoints: serviceEndpoints{ endpointKey{ @@ -846,6 +941,9 @@ var awsPartition = partition{ endpointKey{ Region: "eu-north-1", }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, endpointKey{ Region: "eu-west-1", }: endpoint{}, @@ -901,6 +999,9 @@ var awsPartition = partition{ endpointKey{ Region: "eu-north-1", }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, endpointKey{ Region: "eu-west-1", }: endpoint{}, @@ -935,6 +1036,15 @@ var awsPartition = partition{ endpointKey{ Region: "ap-northeast-1", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, endpointKey{ Region: "eu-west-1", }: endpoint{}, @@ -980,6 +1090,21 @@ var awsPartition = partition{ endpointKey{ Region: "ca-central-1", }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "api.detective-fips.ca-central-1.amazonaws.com", + }, + endpointKey{ + Region: "ca-central-1-fips", + }: endpoint{ + Hostname: "api.detective-fips.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "eu-central-1", }: endpoint{}, @@ -998,6 +1123,9 @@ var awsPartition = partition{ endpointKey{ Region: "eu-west-3", }: endpoint{}, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, endpointKey{ Region: "me-south-1", }: endpoint{}, @@ -1168,6 +1296,14 @@ var awsPartition = partition{ Region: "ap-southeast-3", }, }, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{ + Hostname: "api.ecr.ap-southeast-4.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-southeast-4", + }, + }, endpointKey{ Region: "ca-central-1", }: endpoint{ @@ -1176,6 +1312,14 @@ var awsPartition = partition{ Region: "ca-central-1", }, }, + endpointKey{ + Region: "ca-west-1", + }: endpoint{ + Hostname: "api.ecr.ca-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-west-1", + }, + }, endpointKey{ Region: "dkr-us-east-1", }: endpoint{ @@ -1384,6 +1528,14 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{ + Hostname: "api.ecr.il-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "il-central-1", + }, + }, endpointKey{ Region: "me-central-1", }: endpoint{ @@ -1733,24 +1885,54 @@ var awsPartition = partition{ }, "api.mediatailor": service{ Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, endpointKey{ Region: "ap-northeast-1", }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, endpointKey{ Region: "ap-southeast-1", }: endpoint{}, endpointKey{ Region: "ap-southeast-2", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, endpointKey{ Region: "eu-west-1", }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, endpointKey{ Region: "us-east-1", }: endpoint{}, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, endpointKey{ Region: "us-west-2", }: endpoint{}, @@ -1768,6 +1950,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-south-1", }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, endpointKey{ Region: "us-east-1", }: endpoint{}, @@ -1801,6 +1986,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-south-1", }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, endpointKey{ Region: "ap-southeast-1", }: endpoint{}, @@ -1810,18 +1998,30 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, endpointKey{ Region: "eu-north-1", }: endpoint{}, endpointKey{ Region: "eu-south-1", }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, endpointKey{ Region: "eu-west-1", }: endpoint{}, @@ -1831,6 +2031,9 @@ var awsPartition = partition{ endpointKey{ Region: "eu-west-3", }: endpoint{}, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, endpointKey{ Region: "me-central-1", }: endpoint{}, @@ -2011,6 +2214,9 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, endpointKey{ Region: "me-south-1", }: endpoint{}, @@ -2087,6 +2293,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, @@ -2096,6 +2305,15 @@ var awsPartition = partition{ }: endpoint{ Hostname: "apigateway-fips.ca-central-1.amazonaws.com", }, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "apigateway-fips.ca-west-1.amazonaws.com", + }, endpointKey{ Region: "eu-central-1", }: endpoint{}, @@ -2129,6 +2347,15 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "fips-ca-west-1", + }: endpoint{ + Hostname: "apigateway-fips.ca-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-west-1", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "fips-us-east-1", }: endpoint{ @@ -2165,6 +2392,9 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, endpointKey{ Region: "me-central-1", }: endpoint{}, @@ -2278,9 +2508,15 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, @@ -2305,6 +2541,9 @@ var awsPartition = partition{ endpointKey{ Region: "eu-west-3", }: endpoint{}, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, endpointKey{ Region: "me-central-1", }: endpoint{}, @@ -2348,24 +2587,42 @@ var awsPartition = partition{ endpointKey{ Region: "ap-south-1", }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, endpointKey{ Region: "ap-southeast-1", }: endpoint{}, endpointKey{ Region: "ap-southeast-2", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, endpointKey{ Region: "eu-north-1", }: endpoint{}, endpointKey{ Region: "eu-south-1", }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, endpointKey{ Region: "eu-west-1", }: endpoint{}, @@ -2375,6 +2632,12 @@ var awsPartition = partition{ endpointKey{ Region: "eu-west-3", }: endpoint{}, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, endpointKey{ Region: "me-south-1", }: endpoint{}, @@ -2430,21 +2693,81 @@ var awsPartition = partition{ endpointKey{ Region: "eu-west-3", }: endpoint{}, + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "appflow-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ + Hostname: "appflow-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-1", + }: endpoint{ + Hostname: "appflow-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "appflow-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "sa-east-1", }: endpoint{}, endpointKey{ Region: "us-east-1", }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "appflow-fips.us-east-1.amazonaws.com", + }, endpointKey{ Region: "us-east-2", }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "appflow-fips.us-east-2.amazonaws.com", + }, endpointKey{ Region: "us-west-1", }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "appflow-fips.us-west-1.amazonaws.com", + }, endpointKey{ Region: "us-west-2", }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "appflow-fips.us-west-2.amazonaws.com", + }, }, }, "application-autoscaling": service{ @@ -2484,9 +2807,15 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, @@ -2511,6 +2840,9 @@ var awsPartition = partition{ endpointKey{ Region: "eu-west-3", }: endpoint{}, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, endpointKey{ Region: "me-central-1", }: endpoint{}, @@ -2554,24 +2886,36 @@ var awsPartition = partition{ endpointKey{ Region: "ap-south-1", }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, endpointKey{ Region: "ap-southeast-1", }: endpoint{}, endpointKey{ Region: "ap-southeast-2", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, endpointKey{ Region: "eu-north-1", }: endpoint{}, endpointKey{ Region: "eu-south-1", }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, endpointKey{ Region: "eu-west-1", }: endpoint{}, @@ -2581,6 +2925,9 @@ var awsPartition = partition{ endpointKey{ Region: "eu-west-3", }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, endpointKey{ Region: "me-south-1", }: endpoint{}, @@ -2768,6 +3115,15 @@ var awsPartition = partition{ }: endpoint{ Hostname: "appmesh.eu-west-3.api.aws", }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "il-central-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "appmesh.il-central-1.api.aws", + }, endpointKey{ Region: "me-south-1", }: endpoint{}, @@ -2913,9 +3269,27 @@ var awsPartition = partition{ endpointKey{ Region: "ap-northeast-1", }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, endpointKey{ Region: "eu-west-1", }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, endpointKey{ Region: "fips-us-east-1", }: endpoint{ @@ -3082,6 +3456,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-south-1", }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, endpointKey{ Region: "ap-southeast-1", }: endpoint{}, @@ -3091,18 +3468,27 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, endpointKey{ Region: "eu-north-1", }: endpoint{}, endpointKey{ Region: "eu-south-1", }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, endpointKey{ Region: "eu-west-1", }: endpoint{}, @@ -3112,6 +3498,12 @@ var awsPartition = partition{ endpointKey{ Region: "eu-west-3", }: endpoint{}, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, endpointKey{ Region: "me-south-1", }: endpoint{}, @@ -3142,6 +3534,12 @@ var awsPartition = partition{ endpointKey{ Region: "ap-northeast-1", }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, endpointKey{ Region: "ap-southeast-1", }: endpoint{}, @@ -3160,6 +3558,12 @@ var awsPartition = partition{ endpointKey{ Region: "eu-west-2", }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, endpointKey{ Region: "us-east-1", }: endpoint{}, @@ -3173,30 +3577,90 @@ var awsPartition = partition{ }, "arc-zonal-shift": service{ Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, endpointKey{ Region: "ap-northeast-1", }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, endpointKey{ Region: "ap-southeast-2", }: endpoint{}, endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, endpointKey{ Region: "eu-north-1", }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, endpointKey{ Region: "eu-west-1", }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, endpointKey{ Region: "us-east-1", }: endpoint{}, endpointKey{ Region: "us-east-2", }: endpoint{}, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, endpointKey{ Region: "us-west-2", }: endpoint{}, @@ -3258,6 +3722,15 @@ var awsPartition = partition{ }: endpoint{ Hostname: "athena.ap-south-1.api.aws", }, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "athena.ap-south-2.api.aws", + }, endpointKey{ Region: "ap-southeast-1", }: endpoint{}, @@ -3285,6 +3758,15 @@ var awsPartition = partition{ }: endpoint{ Hostname: "athena.ap-southeast-3.api.aws", }, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "athena.ap-southeast-4.api.aws", + }, endpointKey{ Region: "ca-central-1", }: endpoint{}, @@ -3294,6 +3776,15 @@ var awsPartition = partition{ }: endpoint{ Hostname: "athena.ca-central-1.api.aws", }, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "athena.ca-west-1.api.aws", + }, endpointKey{ Region: "eu-central-1", }: endpoint{}, @@ -3303,6 +3794,15 @@ var awsPartition = partition{ }: endpoint{ Hostname: "athena.eu-central-1.api.aws", }, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "athena.eu-central-2.api.aws", + }, endpointKey{ Region: "eu-north-1", }: endpoint{}, @@ -3321,6 +3821,15 @@ var awsPartition = partition{ }: endpoint{ Hostname: "athena.eu-south-1.api.aws", }, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "athena.eu-south-2.api.aws", + }, endpointKey{ Region: "eu-west-1", }: endpoint{}, @@ -3384,6 +3893,24 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "il-central-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "athena.il-central-1.api.aws", + }, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "athena.me-central-1.api.aws", + }, endpointKey{ Region: "me-south-1", }: endpoint{}, @@ -3417,6 +3944,12 @@ var awsPartition = partition{ }: endpoint{ Hostname: "athena-fips.us-east-1.amazonaws.com", }, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant | dualStackVariant, + }: endpoint{ + Hostname: "athena-fips.us-east-1.api.aws", + }, endpointKey{ Region: "us-east-2", }: endpoint{}, @@ -3432,6 +3965,12 @@ var awsPartition = partition{ }: endpoint{ Hostname: "athena-fips.us-east-2.amazonaws.com", }, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant | dualStackVariant, + }: endpoint{ + Hostname: "athena-fips.us-east-2.api.aws", + }, endpointKey{ Region: "us-west-1", }: endpoint{}, @@ -3447,6 +3986,12 @@ var awsPartition = partition{ }: endpoint{ Hostname: "athena-fips.us-west-1.amazonaws.com", }, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant | dualStackVariant, + }: endpoint{ + Hostname: "athena-fips.us-west-1.api.aws", + }, endpointKey{ Region: "us-west-2", }: endpoint{}, @@ -3462,6 +4007,12 @@ var awsPartition = partition{ }: endpoint{ Hostname: "athena-fips.us-west-2.amazonaws.com", }, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant | dualStackVariant, + }: endpoint{ + Hostname: "athena-fips.us-west-2.api.aws", + }, }, }, "auditmanager": service{ @@ -3494,104 +4045,263 @@ var awsPartition = partition{ Region: "us-east-1", }: endpoint{}, endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - }, - }, - "autoscaling": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - Protocols: []string{"http", "https"}, + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "auditmanager-fips.us-east-1.amazonaws.com", }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-south-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-3", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-2", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, + Region: "us-east-1-fips", + }: endpoint{ + Hostname: "auditmanager-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, + }, endpointKey{ - Region: "eu-west-2", + Region: "us-east-2", }: endpoint{}, endpointKey{ - Region: "eu-west-3", - }: endpoint{}, + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "auditmanager-fips.us-east-2.amazonaws.com", + }, endpointKey{ - Region: "me-central-1", - }: endpoint{}, + Region: "us-east-2-fips", + }: endpoint{ + Hostname: "auditmanager-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + Deprecated: boxedTrue, + }, endpointKey{ - Region: "me-south-1", + Region: "us-west-1", }: endpoint{}, endpointKey{ - Region: "sa-east-1", - }: endpoint{}, + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "auditmanager-fips.us-west-1.amazonaws.com", + }, endpointKey{ - Region: "us-east-1", - }: endpoint{}, + Region: "us-west-1-fips", + }: endpoint{ + Hostname: "auditmanager-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + Deprecated: boxedTrue, + }, endpointKey{ - Region: "us-east-2", + Region: "us-west-2", }: endpoint{}, endpointKey{ - Region: "us-west-1", - }: endpoint{}, + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "auditmanager-fips.us-west-2.amazonaws.com", + }, endpointKey{ - Region: "us-west-2", - }: endpoint{}, + Region: "us-west-2-fips", + }: endpoint{ + Hostname: "auditmanager-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, }, }, - "autoscaling-plans": service{ + "autoscaling": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + Protocols: []string{"http", "https"}, + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "autoscaling-fips.ca-central-1.amazonaws.com", + }, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "autoscaling-fips.ca-west-1.amazonaws.com", + }, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "fips-ca-central-1", + }: endpoint{ + Hostname: "autoscaling-fips.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-ca-west-1", + }: endpoint{ + Hostname: "autoscaling-fips.ca-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "autoscaling-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ + Hostname: "autoscaling-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-1", + }: endpoint{ + Hostname: "autoscaling-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "autoscaling-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "autoscaling-fips.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "autoscaling-fips.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "autoscaling-fips.us-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "autoscaling-fips.us-west-2.amazonaws.com", + }, + }, + }, + "autoscaling-plans": service{ Defaults: endpointDefaults{ defaultKey{}: endpoint{ Protocols: []string{"http", "https"}, @@ -3686,6 +4396,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-south-1", }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, endpointKey{ Region: "ap-southeast-1", }: endpoint{}, @@ -3695,18 +4408,30 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, endpointKey{ Region: "eu-north-1", }: endpoint{}, endpointKey{ Region: "eu-south-1", }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, endpointKey{ Region: "eu-west-1", }: endpoint{}, @@ -3716,6 +4441,12 @@ var awsPartition = partition{ endpointKey{ Region: "eu-west-3", }: endpoint{}, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, endpointKey{ Region: "me-south-1", }: endpoint{}, @@ -3805,15 +4536,84 @@ var awsPartition = partition{ }, "backupstorage": service{ Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, endpointKey{ Region: "eu-west-1", }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, endpointKey{ Region: "us-east-1", }: endpoint{}, endpointKey{ Region: "us-east-2", }: endpoint{}, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, endpointKey{ Region: "us-west-2", }: endpoint{}, @@ -3847,6 +4647,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-south-1", }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, endpointKey{ Region: "ap-southeast-1", }: endpoint{}, @@ -3856,18 +4659,30 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, endpointKey{ Region: "eu-north-1", }: endpoint{}, endpointKey{ Region: "eu-south-1", }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, endpointKey{ Region: "eu-west-1", }: endpoint{}, @@ -3913,6 +4728,12 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, endpointKey{ Region: "me-south-1", }: endpoint{}, @@ -3957,6 +4778,137 @@ var awsPartition = partition{ }, }, }, + "bedrock": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "bedrock-ap-northeast-1", + }: endpoint{ + Hostname: "bedrock.ap-northeast-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-northeast-1", + }, + }, + endpointKey{ + Region: "bedrock-ap-southeast-1", + }: endpoint{ + Hostname: "bedrock.ap-southeast-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-southeast-1", + }, + }, + endpointKey{ + Region: "bedrock-eu-central-1", + }: endpoint{ + Hostname: "bedrock.eu-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-central-1", + }, + }, + endpointKey{ + Region: "bedrock-fips-us-east-1", + }: endpoint{ + Hostname: "bedrock-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + endpointKey{ + Region: "bedrock-fips-us-west-2", + }: endpoint{ + Hostname: "bedrock-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, + endpointKey{ + Region: "bedrock-runtime-ap-northeast-1", + }: endpoint{ + Hostname: "bedrock-runtime.ap-northeast-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-northeast-1", + }, + }, + endpointKey{ + Region: "bedrock-runtime-ap-southeast-1", + }: endpoint{ + Hostname: "bedrock-runtime.ap-southeast-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-southeast-1", + }, + }, + endpointKey{ + Region: "bedrock-runtime-eu-central-1", + }: endpoint{ + Hostname: "bedrock-runtime.eu-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-central-1", + }, + }, + endpointKey{ + Region: "bedrock-runtime-fips-us-east-1", + }: endpoint{ + Hostname: "bedrock-runtime-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + endpointKey{ + Region: "bedrock-runtime-fips-us-west-2", + }: endpoint{ + Hostname: "bedrock-runtime-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, + endpointKey{ + Region: "bedrock-runtime-us-east-1", + }: endpoint{ + Hostname: "bedrock-runtime.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + endpointKey{ + Region: "bedrock-runtime-us-west-2", + }: endpoint{ + Hostname: "bedrock-runtime.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, + endpointKey{ + Region: "bedrock-us-east-1", + }: endpoint{ + Hostname: "bedrock.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + endpointKey{ + Region: "bedrock-us-west-2", + }: endpoint{ + Hostname: "bedrock.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + }, + }, "billingconductor": service{ PartitionEndpoint: "aws-global", IsRegionalized: boxedFalse, @@ -4003,12 +4955,47 @@ var awsPartition = partition{ }, "cases": service{ Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + + Deprecated: boxedTrue, + }, endpointKey{ Region: "us-east-1", }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{}, endpointKey{ Region: "us-west-2", }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{}, }, }, "cassandra": service{ @@ -4140,6 +5127,43 @@ var awsPartition = partition{ }, }, }, + "cleanrooms": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + }, + }, "cloud9": service{ Endpoints: serviceEndpoints{ endpointKey{ @@ -4187,6 +5211,9 @@ var awsPartition = partition{ endpointKey{ Region: "eu-west-3", }: endpoint{}, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, endpointKey{ Region: "me-south-1", }: endpoint{}, @@ -4239,6 +5266,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, @@ -4248,6 +5278,15 @@ var awsPartition = partition{ }: endpoint{ Hostname: "cloudcontrolapi-fips.ca-central-1.amazonaws.com", }, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "cloudcontrolapi-fips.ca-west-1.amazonaws.com", + }, endpointKey{ Region: "eu-central-1", }: endpoint{}, @@ -4281,6 +5320,15 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "fips-ca-west-1", + }: endpoint{ + Hostname: "cloudcontrolapi-fips.ca-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-west-1", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "fips-us-east-1", }: endpoint{ @@ -4317,6 +5365,9 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, endpointKey{ Region: "me-central-1", }: endpoint{}, @@ -4427,9 +5478,15 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, @@ -4454,6 +5511,9 @@ var awsPartition = partition{ endpointKey{ Region: "eu-west-3", }: endpoint{}, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, endpointKey{ Region: "me-central-1", }: endpoint{}, @@ -4586,6 +5646,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-south-1", }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, endpointKey{ Region: "ap-southeast-1", }: endpoint{}, @@ -4619,6 +5682,9 @@ var awsPartition = partition{ endpointKey{ Region: "eu-west-3", }: endpoint{}, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, endpointKey{ Region: "me-central-1", }: endpoint{}, @@ -4708,9 +5774,15 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, @@ -4771,6 +5843,9 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, endpointKey{ Region: "me-central-1", }: endpoint{}, @@ -4818,6 +5893,79 @@ var awsPartition = partition{ }, }, }, + "cloudtrail-data": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + }, + }, "codeartifact": service{ Endpoints: serviceEndpoints{ endpointKey{ @@ -4881,6 +6029,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-south-1", }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, endpointKey{ Region: "ap-southeast-1", }: endpoint{}, @@ -4890,18 +6041,27 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, endpointKey{ Region: "eu-north-1", }: endpoint{}, endpointKey{ Region: "eu-south-1", }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, endpointKey{ Region: "eu-west-1", }: endpoint{}, @@ -4911,6 +6071,12 @@ var awsPartition = partition{ endpointKey{ Region: "eu-west-3", }: endpoint{}, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, endpointKey{ Region: "me-south-1", }: endpoint{}, @@ -5022,12 +6188,18 @@ var awsPartition = partition{ endpointKey{ Region: "ap-south-1", }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, endpointKey{ Region: "ap-southeast-1", }: endpoint{}, endpointKey{ Region: "ap-southeast-2", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, @@ -5073,6 +6245,12 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, endpointKey{ Region: "me-south-1", }: endpoint{}, @@ -5185,9 +6363,15 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, @@ -5212,6 +6396,9 @@ var awsPartition = partition{ endpointKey{ Region: "eu-west-3", }: endpoint{}, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, endpointKey{ Region: "me-central-1", }: endpoint{}, @@ -5331,6 +6518,9 @@ var awsPartition = partition{ }, "codepipeline": service{ Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, endpointKey{ Region: "ap-east-1", }: endpoint{}, @@ -5340,15 +6530,27 @@ var awsPartition = partition{ endpointKey{ Region: "ap-northeast-2", }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, endpointKey{ Region: "ap-south-1", }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, endpointKey{ Region: "ap-southeast-1", }: endpoint{}, endpointKey{ Region: "ap-southeast-2", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, @@ -5361,12 +6563,18 @@ var awsPartition = partition{ endpointKey{ Region: "eu-central-1", }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, endpointKey{ Region: "eu-north-1", }: endpoint{}, endpointKey{ Region: "eu-south-1", }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, endpointKey{ Region: "eu-west-1", }: endpoint{}, @@ -5421,6 +6629,15 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, endpointKey{ Region: "sa-east-1", }: endpoint{}, @@ -5531,6 +6748,9 @@ var awsPartition = partition{ endpointKey{ Region: "eu-north-1", }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, endpointKey{ Region: "eu-west-1", }: endpoint{}, @@ -5617,12 +6837,18 @@ var awsPartition = partition{ }, "cognito-identity": service{ Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, endpointKey{ Region: "ap-northeast-1", }: endpoint{}, endpointKey{ Region: "ap-northeast-2", }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, endpointKey{ Region: "ap-south-1", }: endpoint{}, @@ -5632,12 +6858,18 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-2", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, endpointKey{ Region: "eu-north-1", }: endpoint{}, @@ -5671,6 +6903,15 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "fips-us-west-1", + }: endpoint{ + Hostname: "cognito-identity-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "fips-us-west-2", }: endpoint{ @@ -5680,6 +6921,12 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, endpointKey{ Region: "me-south-1", }: endpoint{}, @@ -5707,6 +6954,12 @@ var awsPartition = partition{ endpointKey{ Region: "us-west-1", }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "cognito-identity-fips.us-west-1.amazonaws.com", + }, endpointKey{ Region: "us-west-2", }: endpoint{}, @@ -5720,12 +6973,18 @@ var awsPartition = partition{ }, "cognito-idp": service{ Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, endpointKey{ Region: "ap-northeast-1", }: endpoint{}, endpointKey{ Region: "ap-northeast-2", }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, endpointKey{ Region: "ap-south-1", }: endpoint{}, @@ -5735,12 +6994,18 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-2", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, endpointKey{ Region: "eu-north-1", }: endpoint{}, @@ -5792,6 +7057,12 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, endpointKey{ Region: "me-south-1", }: endpoint{}, @@ -5971,12 +7242,27 @@ var awsPartition = partition{ endpointKey{ Region: "ca-central-1", }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "comprehendmedical-fips.ca-central-1.amazonaws.com", + }, endpointKey{ Region: "eu-west-1", }: endpoint{}, endpointKey{ Region: "eu-west-2", }: endpoint{}, + endpointKey{ + Region: "fips-ca-central-1", + }: endpoint{ + Hostname: "comprehendmedical-fips.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "fips-us-east-1", }: endpoint{ @@ -6083,6 +7369,14 @@ var awsPartition = partition{ Region: "ap-south-1", }, }, + endpointKey{ + Region: "ap-south-2", + }: endpoint{ + Hostname: "compute-optimizer.ap-south-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-south-2", + }, + }, endpointKey{ Region: "ap-southeast-1", }: endpoint{ @@ -6099,6 +7393,22 @@ var awsPartition = partition{ Region: "ap-southeast-2", }, }, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{ + Hostname: "compute-optimizer.ap-southeast-3.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-southeast-3", + }, + }, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{ + Hostname: "compute-optimizer.ap-southeast-4.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-southeast-4", + }, + }, endpointKey{ Region: "ca-central-1", }: endpoint{ @@ -6115,6 +7425,14 @@ var awsPartition = partition{ Region: "eu-central-1", }, }, + endpointKey{ + Region: "eu-central-2", + }: endpoint{ + Hostname: "compute-optimizer.eu-central-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-central-2", + }, + }, endpointKey{ Region: "eu-north-1", }: endpoint{ @@ -6131,6 +7449,14 @@ var awsPartition = partition{ Region: "eu-south-1", }, }, + endpointKey{ + Region: "eu-south-2", + }: endpoint{ + Hostname: "compute-optimizer.eu-south-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-south-2", + }, + }, endpointKey{ Region: "eu-west-1", }: endpoint{ @@ -6155,6 +7481,22 @@ var awsPartition = partition{ Region: "eu-west-3", }, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{ + Hostname: "compute-optimizer.il-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "il-central-1", + }, + }, + endpointKey{ + Region: "me-central-1", + }: endpoint{ + Hostname: "compute-optimizer.me-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "me-central-1", + }, + }, endpointKey{ Region: "me-south-1", }: endpoint{ @@ -6237,9 +7579,15 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, @@ -6300,6 +7648,9 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, endpointKey{ Region: "me-central-1", }: endpoint{}, @@ -6373,12 +7724,42 @@ var awsPartition = partition{ endpointKey{ Region: "eu-west-2", }: endpoint{}, + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "connect-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "connect-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "us-east-1", }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "connect-fips.us-east-1.amazonaws.com", + }, endpointKey{ Region: "us-west-2", }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "connect-fips.us-west-2.amazonaws.com", + }, }, }, "connect-campaigns": service{ @@ -6386,6 +7767,12 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-2", }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, endpointKey{ Region: "eu-west-2", }: endpoint{}, @@ -6435,6 +7822,12 @@ var awsPartition = partition{ endpointKey{ Region: "ap-northeast-2", }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, endpointKey{ Region: "ap-southeast-2", }: endpoint{}, @@ -6457,21 +7850,39 @@ var awsPartition = partition{ }, "controltower": service{ Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, endpointKey{ Region: "ap-northeast-1", }: endpoint{}, endpointKey{ Region: "ap-northeast-2", }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, endpointKey{ Region: "ap-south-1", }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, endpointKey{ Region: "ap-southeast-1", }: endpoint{}, endpointKey{ Region: "ap-southeast-2", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, @@ -6493,9 +7904,18 @@ var awsPartition = partition{ endpointKey{ Region: "eu-central-1", }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, endpointKey{ Region: "eu-north-1", }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, endpointKey{ Region: "eu-west-1", }: endpoint{}, @@ -6505,6 +7925,15 @@ var awsPartition = partition{ endpointKey{ Region: "eu-west-3", }: endpoint{}, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, endpointKey{ Region: "sa-east-1", }: endpoint{}, @@ -6544,6 +7973,24 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "controltower-fips.us-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-west-1-fips", + }: endpoint{ + Hostname: "controltower-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "us-west-2", }: endpoint{}, @@ -6564,6 +8011,18 @@ var awsPartition = partition{ }, }, }, + "cost-optimization-hub": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-east-1", + }: endpoint{ + Hostname: "cost-optimization-hub.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + }, + }, "cur": service{ Endpoints: serviceEndpoints{ endpointKey{ @@ -7076,6 +8535,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-south-1", }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, endpointKey{ Region: "ap-southeast-1", }: endpoint{}, @@ -7085,6 +8547,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, @@ -7094,15 +8559,30 @@ var awsPartition = partition{ }: endpoint{ Hostname: "datasync-fips.ca-central-1.amazonaws.com", }, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "datasync-fips.ca-west-1.amazonaws.com", + }, endpointKey{ Region: "eu-central-1", }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, endpointKey{ Region: "eu-north-1", }: endpoint{}, endpointKey{ Region: "eu-south-1", }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, endpointKey{ Region: "eu-west-1", }: endpoint{}, @@ -7121,6 +8601,15 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "fips-ca-west-1", + }: endpoint{ + Hostname: "datasync-fips.ca-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-west-1", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "fips-us-east-1", }: endpoint{ @@ -7157,6 +8646,9 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, endpointKey{ Region: "me-central-1", }: endpoint{}, @@ -7204,6 +8696,190 @@ var awsPartition = partition{ }, }, }, + "datazone": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + DNSSuffix: "api.aws", + }, + defaultKey{ + Variant: fipsVariant, + }: endpoint{ + Hostname: "{service}-fips.{region}.{dnsSuffix}", + DNSSuffix: "api.aws", + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{ + Hostname: "datazone.af-south-1.api.aws", + }, + endpointKey{ + Region: "ap-east-1", + }: endpoint{ + Hostname: "datazone.ap-east-1.api.aws", + }, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{ + Hostname: "datazone.ap-northeast-1.api.aws", + }, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{ + Hostname: "datazone.ap-northeast-2.api.aws", + }, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{ + Hostname: "datazone.ap-northeast-3.api.aws", + }, + endpointKey{ + Region: "ap-south-1", + }: endpoint{ + Hostname: "datazone.ap-south-1.api.aws", + }, + endpointKey{ + Region: "ap-south-2", + }: endpoint{ + Hostname: "datazone.ap-south-2.api.aws", + }, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{ + Hostname: "datazone.ap-southeast-1.api.aws", + }, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{ + Hostname: "datazone.ap-southeast-2.api.aws", + }, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{ + Hostname: "datazone.ap-southeast-3.api.aws", + }, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{ + Hostname: "datazone.ap-southeast-4.api.aws", + }, + endpointKey{ + Region: "ca-central-1", + }: endpoint{ + Hostname: "datazone.ca-central-1.api.aws", + }, + endpointKey{ + Region: "ca-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "datazone-fips.ca-central-1.amazonaws.com", + }, + endpointKey{ + Region: "ca-west-1", + }: endpoint{ + Hostname: "datazone.ca-west-1.api.aws", + }, + endpointKey{ + Region: "eu-central-1", + }: endpoint{ + Hostname: "datazone.eu-central-1.api.aws", + }, + endpointKey{ + Region: "eu-central-2", + }: endpoint{ + Hostname: "datazone.eu-central-2.api.aws", + }, + endpointKey{ + Region: "eu-north-1", + }: endpoint{ + Hostname: "datazone.eu-north-1.api.aws", + }, + endpointKey{ + Region: "eu-south-1", + }: endpoint{ + Hostname: "datazone.eu-south-1.api.aws", + }, + endpointKey{ + Region: "eu-south-2", + }: endpoint{ + Hostname: "datazone.eu-south-2.api.aws", + }, + endpointKey{ + Region: "eu-west-1", + }: endpoint{ + Hostname: "datazone.eu-west-1.api.aws", + }, + endpointKey{ + Region: "eu-west-2", + }: endpoint{ + Hostname: "datazone.eu-west-2.api.aws", + }, + endpointKey{ + Region: "eu-west-3", + }: endpoint{ + Hostname: "datazone.eu-west-3.api.aws", + }, + endpointKey{ + Region: "il-central-1", + }: endpoint{ + Hostname: "datazone.il-central-1.api.aws", + }, + endpointKey{ + Region: "me-central-1", + }: endpoint{ + Hostname: "datazone.me-central-1.api.aws", + }, + endpointKey{ + Region: "me-south-1", + }: endpoint{ + Hostname: "datazone.me-south-1.api.aws", + }, + endpointKey{ + Region: "sa-east-1", + }: endpoint{ + Hostname: "datazone.sa-east-1.api.aws", + }, + endpointKey{ + Region: "us-east-1", + }: endpoint{ + Hostname: "datazone.us-east-1.api.aws", + }, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "datazone-fips.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{ + Hostname: "datazone.us-east-2.api.aws", + }, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "datazone-fips.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-1", + }: endpoint{ + Hostname: "datazone.us-west-1.api.aws", + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{ + Hostname: "datazone.us-west-2.api.aws", + }, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "datazone-fips.us-west-2.amazonaws.com", + }, + }, + }, "dax": service{ Endpoints: serviceEndpoints{ endpointKey{ @@ -7279,6 +8955,12 @@ var awsPartition = partition{ endpointKey{ Region: "ca-central-1", }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "devops-guru-fips.ca-central-1.amazonaws.com", + }, endpointKey{ Region: "eu-central-1", }: endpoint{}, @@ -7294,6 +8976,15 @@ var awsPartition = partition{ endpointKey{ Region: "eu-west-3", }: endpoint{}, + endpointKey{ + Region: "fips-ca-central-1", + }: endpoint{ + Hostname: "devops-guru-fips.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "fips-us-east-1", }: endpoint{ @@ -7312,6 +9003,15 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "fips-us-west-1", + }: endpoint{ + Hostname: "devops-guru-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "fips-us-west-2", }: endpoint{ @@ -7345,6 +9045,12 @@ var awsPartition = partition{ endpointKey{ Region: "us-west-1", }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "devops-guru-fips.us-west-1.amazonaws.com", + }, endpointKey{ Region: "us-west-2", }: endpoint{}, @@ -7388,9 +9094,15 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, @@ -7451,6 +9163,9 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, endpointKey{ Region: "me-central-1", }: endpoint{}, @@ -7543,6 +9258,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-south-1", }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, endpointKey{ Region: "ap-southeast-1", }: endpoint{}, @@ -7552,18 +9270,30 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, endpointKey{ Region: "eu-north-1", }: endpoint{}, endpointKey{ Region: "eu-south-1", }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, endpointKey{ Region: "eu-west-1", }: endpoint{}, @@ -7573,6 +9303,9 @@ var awsPartition = partition{ endpointKey{ Region: "eu-west-3", }: endpoint{}, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, endpointKey{ Region: "me-central-1", }: endpoint{}, @@ -7628,9 +9361,15 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, endpointKey{ Region: "dms", }: endpoint{ @@ -7682,6 +9421,9 @@ var awsPartition = partition{ endpointKey{ Region: "eu-west-3", }: endpoint{}, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, endpointKey{ Region: "me-central-1", }: endpoint{}, @@ -7902,74 +9644,7 @@ var awsPartition = partition{ Region: "ap-south-1", }: endpoint{}, endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-3", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - }, - }, - "ds": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", + Region: "ap-south-2", }: endpoint{}, endpointKey{ Region: "ap-southeast-1", @@ -7981,179 +9656,11 @@ var awsPartition = partition{ Region: "ap-southeast-3", }: endpoint{}, endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "ds-fips.ca-central-1.amazonaws.com", - }, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "fips-ca-central-1", - }: endpoint{ - Hostname: "ds-fips.ca-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-1", - }: endpoint{ - Hostname: "ds-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-2", - }: endpoint{ - Hostname: "ds-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-1", - }: endpoint{ - Hostname: "ds-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-2", - }: endpoint{ - Hostname: "ds-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "me-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "ds-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "ds-fips.us-east-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "ds-fips.us-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "ds-fips.us-west-2.amazonaws.com", - }, - }, - }, - "dynamodb": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - Protocols: []string{"http", "https"}, - }, - }, - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-south-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-3", + Region: "ap-southeast-4", }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "dynamodb-fips.ca-central-1.amazonaws.com", - }, - endpointKey{ - Region: "ca-central-1-fips", - }: endpoint{ - Hostname: "dynamodb-fips.ca-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, - Deprecated: boxedTrue, - }, endpointKey{ Region: "eu-central-1", }: endpoint{}, @@ -8178,6 +9685,376 @@ var awsPartition = partition{ endpointKey{ Region: "eu-west-3", }: endpoint{}, + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "drs-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ + Hostname: "drs-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-1", + }: endpoint{ + Hostname: "drs-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "drs-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "drs-fips.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "drs-fips.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "drs-fips.us-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "drs-fips.us-west-2.amazonaws.com", + }, + }, + }, + "ds": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "ds-fips.ca-central-1.amazonaws.com", + }, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "ds-fips.ca-west-1.amazonaws.com", + }, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "fips-ca-central-1", + }: endpoint{ + Hostname: "ds-fips.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-ca-west-1", + }: endpoint{ + Hostname: "ds-fips.ca-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "ds-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ + Hostname: "ds-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-1", + }: endpoint{ + Hostname: "ds-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "ds-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "ds-fips.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "ds-fips.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "ds-fips.us-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "ds-fips.us-west-2.amazonaws.com", + }, + }, + }, + "dynamodb": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + Protocols: []string{"http", "https"}, + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "dynamodb-fips.ca-central-1.amazonaws.com", + }, + endpointKey{ + Region: "ca-central-1-fips", + }: endpoint{ + Hostname: "dynamodb-fips.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "dynamodb-fips.ca-west-1.amazonaws.com", + }, + endpointKey{ + Region: "ca-west-1-fips", + }: endpoint{ + Hostname: "dynamodb-fips.ca-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, endpointKey{ Region: "local", }: endpoint{ @@ -8290,6 +10167,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-south-1", }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, endpointKey{ Region: "ap-southeast-1", }: endpoint{}, @@ -8299,6 +10179,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, @@ -8308,15 +10191,30 @@ var awsPartition = partition{ }: endpoint{ Hostname: "ebs-fips.ca-central-1.amazonaws.com", }, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "ebs-fips.ca-west-1.amazonaws.com", + }, endpointKey{ Region: "eu-central-1", }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, endpointKey{ Region: "eu-north-1", }: endpoint{}, endpointKey{ Region: "eu-south-1", }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, endpointKey{ Region: "eu-west-1", }: endpoint{}, @@ -8335,6 +10233,15 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "fips-ca-west-1", + }: endpoint{ + Hostname: "ebs-fips.ca-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-west-1", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "fips-us-east-1", }: endpoint{ @@ -8371,6 +10278,9 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, endpointKey{ Region: "me-central-1", }: endpoint{}, @@ -8461,6 +10371,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, @@ -8470,6 +10383,15 @@ var awsPartition = partition{ }: endpoint{ Hostname: "ec2-fips.ca-central-1.amazonaws.com", }, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "ec2-fips.ca-west-1.amazonaws.com", + }, endpointKey{ Region: "eu-central-1", }: endpoint{}, @@ -8509,6 +10431,15 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "fips-ca-west-1", + }: endpoint{ + Hostname: "ec2-fips.ca-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-west-1", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "fips-us-east-1", }: endpoint{ @@ -8545,6 +10476,9 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, endpointKey{ Region: "me-central-1", }: endpoint{}, @@ -8648,9 +10582,15 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, @@ -8711,6 +10651,9 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, endpointKey{ Region: "me-central-1", }: endpoint{}, @@ -8811,6 +10754,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-south-1", }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, endpointKey{ Region: "ap-southeast-1", }: endpoint{}, @@ -8820,18 +10766,30 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, endpointKey{ Region: "eu-north-1", }: endpoint{}, endpointKey{ Region: "eu-south-1", }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, endpointKey{ Region: "eu-west-1", }: endpoint{}, @@ -8877,6 +10835,9 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, endpointKey{ Region: "me-central-1", }: endpoint{}, @@ -8924,6 +10885,166 @@ var awsPartition = partition{ }, }, }, + "eks-auth": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + DNSSuffix: "api.aws", + }, + defaultKey{ + Variant: fipsVariant, + }: endpoint{ + Hostname: "{service}-fips.{region}.{dnsSuffix}", + DNSSuffix: "api.aws", + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{ + Hostname: "eks-auth.af-south-1.api.aws", + }, + endpointKey{ + Region: "ap-east-1", + }: endpoint{ + Hostname: "eks-auth.ap-east-1.api.aws", + }, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{ + Hostname: "eks-auth.ap-northeast-1.api.aws", + }, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{ + Hostname: "eks-auth.ap-northeast-2.api.aws", + }, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{ + Hostname: "eks-auth.ap-northeast-3.api.aws", + }, + endpointKey{ + Region: "ap-south-1", + }: endpoint{ + Hostname: "eks-auth.ap-south-1.api.aws", + }, + endpointKey{ + Region: "ap-south-2", + }: endpoint{ + Hostname: "eks-auth.ap-south-2.api.aws", + }, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{ + Hostname: "eks-auth.ap-southeast-1.api.aws", + }, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{ + Hostname: "eks-auth.ap-southeast-2.api.aws", + }, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{ + Hostname: "eks-auth.ap-southeast-3.api.aws", + }, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{ + Hostname: "eks-auth.ap-southeast-4.api.aws", + }, + endpointKey{ + Region: "ca-central-1", + }: endpoint{ + Hostname: "eks-auth.ca-central-1.api.aws", + }, + endpointKey{ + Region: "ca-west-1", + }: endpoint{ + Hostname: "eks-auth.ca-west-1.api.aws", + }, + endpointKey{ + Region: "eu-central-1", + }: endpoint{ + Hostname: "eks-auth.eu-central-1.api.aws", + }, + endpointKey{ + Region: "eu-central-2", + }: endpoint{ + Hostname: "eks-auth.eu-central-2.api.aws", + }, + endpointKey{ + Region: "eu-north-1", + }: endpoint{ + Hostname: "eks-auth.eu-north-1.api.aws", + }, + endpointKey{ + Region: "eu-south-1", + }: endpoint{ + Hostname: "eks-auth.eu-south-1.api.aws", + }, + endpointKey{ + Region: "eu-south-2", + }: endpoint{ + Hostname: "eks-auth.eu-south-2.api.aws", + }, + endpointKey{ + Region: "eu-west-1", + }: endpoint{ + Hostname: "eks-auth.eu-west-1.api.aws", + }, + endpointKey{ + Region: "eu-west-2", + }: endpoint{ + Hostname: "eks-auth.eu-west-2.api.aws", + }, + endpointKey{ + Region: "eu-west-3", + }: endpoint{ + Hostname: "eks-auth.eu-west-3.api.aws", + }, + endpointKey{ + Region: "il-central-1", + }: endpoint{ + Hostname: "eks-auth.il-central-1.api.aws", + }, + endpointKey{ + Region: "me-central-1", + }: endpoint{ + Hostname: "eks-auth.me-central-1.api.aws", + }, + endpointKey{ + Region: "me-south-1", + }: endpoint{ + Hostname: "eks-auth.me-south-1.api.aws", + }, + endpointKey{ + Region: "sa-east-1", + }: endpoint{ + Hostname: "eks-auth.sa-east-1.api.aws", + }, + endpointKey{ + Region: "us-east-1", + }: endpoint{ + Hostname: "eks-auth.us-east-1.api.aws", + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{ + Hostname: "eks-auth.us-east-2.api.aws", + }, + endpointKey{ + Region: "us-west-1", + }: endpoint{ + Hostname: "eks-auth.us-west-1.api.aws", + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{ + Hostname: "eks-auth.us-west-2.api.aws", + }, + }, + }, "elasticache": service{ Endpoints: serviceEndpoints{ endpointKey{ @@ -8956,9 +11077,15 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, @@ -8992,6 +11119,9 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, endpointKey{ Region: "me-central-1", }: endpoint{}, @@ -9161,6 +11291,9 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, endpointKey{ Region: "me-south-1", }: endpoint{}, @@ -9261,6 +11394,15 @@ var awsPartition = partition{ }: endpoint{ Hostname: "elasticfilesystem-fips.ap-south-1.amazonaws.com", }, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "elasticfilesystem-fips.ap-south-2.amazonaws.com", + }, endpointKey{ Region: "ap-southeast-1", }: endpoint{}, @@ -9288,6 +11430,15 @@ var awsPartition = partition{ }: endpoint{ Hostname: "elasticfilesystem-fips.ap-southeast-3.amazonaws.com", }, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + Variant: fipsVariant, + }: endpoint{ + Hostname: "elasticfilesystem-fips.ap-southeast-4.amazonaws.com", + }, endpointKey{ Region: "ca-central-1", }: endpoint{}, @@ -9297,6 +11448,15 @@ var awsPartition = partition{ }: endpoint{ Hostname: "elasticfilesystem-fips.ca-central-1.amazonaws.com", }, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "elasticfilesystem-fips.ca-west-1.amazonaws.com", + }, endpointKey{ Region: "eu-central-1", }: endpoint{}, @@ -9333,6 +11493,15 @@ var awsPartition = partition{ }: endpoint{ Hostname: "elasticfilesystem-fips.eu-south-1.amazonaws.com", }, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "elasticfilesystem-fips.eu-south-2.amazonaws.com", + }, endpointKey{ Region: "eu-west-1", }: endpoint{}, @@ -9414,6 +11583,15 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "fips-ap-south-2", + }: endpoint{ + Hostname: "elasticfilesystem-fips.ap-south-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-south-2", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "fips-ap-southeast-1", }: endpoint{ @@ -9441,6 +11619,15 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "fips-ap-southeast-4", + }: endpoint{ + Hostname: "elasticfilesystem-fips.ap-southeast-4.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-southeast-4", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "fips-ca-central-1", }: endpoint{ @@ -9450,6 +11637,15 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "fips-ca-west-1", + }: endpoint{ + Hostname: "elasticfilesystem-fips.ca-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-west-1", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "fips-eu-central-1", }: endpoint{ @@ -9486,6 +11682,15 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "fips-eu-south-2", + }: endpoint{ + Hostname: "elasticfilesystem-fips.eu-south-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-south-2", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "fips-eu-west-1", }: endpoint{ @@ -9513,6 +11718,15 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "fips-il-central-1", + }: endpoint{ + Hostname: "elasticfilesystem-fips.il-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "il-central-1", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "fips-me-central-1", }: endpoint{ @@ -9576,6 +11790,15 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "il-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "elasticfilesystem-fips.il-central-1.amazonaws.com", + }, endpointKey{ Region: "me-central-1", }: endpoint{}, @@ -9678,9 +11901,15 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, @@ -9741,6 +11970,9 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, endpointKey{ Region: "me-central-1", }: endpoint{}, @@ -9826,6 +12058,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, @@ -9835,6 +12070,15 @@ var awsPartition = partition{ }: endpoint{ Hostname: "elasticmapreduce-fips.ca-central-1.amazonaws.com", }, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "elasticmapreduce-fips.ca-west-1.amazonaws.com", + }, endpointKey{ Region: "eu-central-1", }: endpoint{ @@ -9870,6 +12114,15 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "fips-ca-west-1", + }: endpoint{ + Hostname: "elasticmapreduce-fips.ca-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-west-1", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "fips-us-east-1", }: endpoint{ @@ -9906,6 +12159,9 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, endpointKey{ Region: "me-central-1", }: endpoint{}, @@ -9930,6 +12186,12 @@ var awsPartition = partition{ endpointKey{ Region: "us-east-2", }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "elasticmapreduce.us-east-2.api.aws", + }, endpointKey{ Region: "us-east-2", Variant: fipsVariant, @@ -10013,6 +12275,12 @@ var awsPartition = partition{ endpointKey{ Region: "ca-central-1", }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "email-fips.ca-central-1.amazonaws.com", + }, endpointKey{ Region: "eu-central-1", }: endpoint{}, @@ -10031,6 +12299,15 @@ var awsPartition = partition{ endpointKey{ Region: "eu-west-3", }: endpoint{}, + endpointKey{ + Region: "fips-ca-central-1", + }: endpoint{ + Hostname: "email-fips.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "fips-us-east-1", }: endpoint{ @@ -10040,6 +12317,24 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ + Hostname: "email-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-1", + }: endpoint{ + Hostname: "email-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "fips-us-west-2", }: endpoint{ @@ -10049,6 +12344,9 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, endpointKey{ Region: "me-south-1", }: endpoint{}, @@ -10067,9 +12365,21 @@ var awsPartition = partition{ endpointKey{ Region: "us-east-2", }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "email-fips.us-east-2.amazonaws.com", + }, endpointKey{ Region: "us-west-1", }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "email-fips.us-west-1.amazonaws.com", + }, endpointKey{ Region: "us-west-2", }: endpoint{}, @@ -10083,12 +12393,21 @@ var awsPartition = partition{ }, "emr-containers": service{ Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, endpointKey{ Region: "ap-northeast-1", }: endpoint{}, endpointKey{ Region: "ap-northeast-2", }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, endpointKey{ Region: "ap-south-1", }: endpoint{}, @@ -10098,6 +12417,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-2", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, @@ -10113,6 +12435,12 @@ var awsPartition = partition{ endpointKey{ Region: "eu-north-1", }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, endpointKey{ Region: "eu-west-1", }: endpoint{}, @@ -10167,6 +12495,12 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, endpointKey{ Region: "sa-east-1", }: endpoint{}, @@ -10210,12 +12544,21 @@ var awsPartition = partition{ }, "emr-serverless": service{ Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, endpointKey{ Region: "ap-northeast-1", }: endpoint{}, endpointKey{ Region: "ap-northeast-2", }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, endpointKey{ Region: "ap-south-1", }: endpoint{}, @@ -10225,6 +12568,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-2", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, @@ -10240,6 +12586,12 @@ var awsPartition = partition{ endpointKey{ Region: "eu-north-1", }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, endpointKey{ Region: "eu-west-1", }: endpoint{}, @@ -10294,6 +12646,12 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, endpointKey{ Region: "sa-east-1", }: endpoint{}, @@ -10350,6 +12708,340 @@ var awsPartition = partition{ }, }, "es": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "af-south-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "aos.af-south-1.api.aws", + }, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "aos.ap-east-1.api.aws", + }, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "aos.ap-northeast-1.api.aws", + }, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "aos.ap-northeast-2.api.aws", + }, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "aos.ap-northeast-3.api.aws", + }, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "aos.ap-south-1.api.aws", + }, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "aos.ap-south-2.api.aws", + }, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "aos.ap-southeast-1.api.aws", + }, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "aos.ap-southeast-2.api.aws", + }, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "aos.ap-southeast-3.api.aws", + }, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "aos.ap-southeast-4.api.aws", + }, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "aos.ca-central-1.api.aws", + }, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "aos.ca-west-1.api.aws", + }, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "aos.eu-central-1.api.aws", + }, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "aos.eu-central-2.api.aws", + }, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "aos.eu-north-1.api.aws", + }, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "aos.eu-south-1.api.aws", + }, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "aos.eu-south-2.api.aws", + }, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "aos.eu-west-1.api.aws", + }, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "aos.eu-west-2.api.aws", + }, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "aos.eu-west-3.api.aws", + }, + endpointKey{ + Region: "fips", + }: endpoint{ + Hostname: "es-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "il-central-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "aos.il-central-1.api.aws", + }, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "aos.me-central-1.api.aws", + }, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "aos.me-south-1.api.aws", + }, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "aos.sa-east-1.api.aws", + }, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "aos.us-east-1.api.aws", + }, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "es-fips.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-1-fips", + }: endpoint{ + Hostname: "es-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "aos.us-east-2.api.aws", + }, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "es-fips.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-east-2-fips", + }: endpoint{ + Hostname: "es-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "aos.us-west-1.api.aws", + }, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "es-fips.us-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-west-1-fips", + }: endpoint{ + Hostname: "es-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "aos.us-west-2.api.aws", + }, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "es-fips.us-west-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2-fips", + }: endpoint{ + Hostname: "es-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, + }, + }, + "events": service{ Endpoints: serviceEndpoints{ endpointKey{ Region: "af-south-1", @@ -10382,158 +13074,13 @@ var awsPartition = partition{ Region: "ap-southeast-3", }: endpoint{}, endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-central-2", - }: endpoint{}, - endpointKey{ - Region: "eu-north-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-1", - }: endpoint{}, - endpointKey{ - Region: "eu-south-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "eu-west-3", - }: endpoint{}, - endpointKey{ - Region: "fips", - }: endpoint{ - Hostname: "es-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "me-central-1", - }: endpoint{}, - endpointKey{ - Region: "me-south-1", - }: endpoint{}, - endpointKey{ - Region: "sa-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "es-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-east-1-fips", - }: endpoint{ - Hostname: "es-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-east-2", - }: endpoint{}, - endpointKey{ - Region: "us-east-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "es-fips.us-east-2.amazonaws.com", - }, - endpointKey{ - Region: "us-east-2-fips", - }: endpoint{ - Hostname: "es-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-west-1", - }: endpoint{}, - endpointKey{ - Region: "us-west-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "es-fips.us-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-west-1-fips", - }: endpoint{ - Hostname: "es-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "es-fips.us-west-2.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2-fips", - }: endpoint{ - Hostname: "es-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - }, - }, - "events": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-east-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-northeast-3", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", + Region: "ap-southeast-4", }: endpoint{}, endpointKey{ - Region: "ap-south-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-3", + Region: "ca-central-1", }: endpoint{}, endpointKey{ - Region: "ca-central-1", + Region: "ca-west-1", }: endpoint{}, endpointKey{ Region: "eu-central-1", @@ -10595,6 +13142,9 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, endpointKey{ Region: "me-central-1", }: endpoint{}, @@ -10693,12 +13243,27 @@ var awsPartition = partition{ }, "finspace": service{ Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, endpointKey{ Region: "eu-west-1", }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, endpointKey{ Region: "us-east-1", }: endpoint{}, @@ -10749,6 +13314,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-south-1", }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, endpointKey{ Region: "ap-southeast-1", }: endpoint{}, @@ -10758,18 +13326,30 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, endpointKey{ Region: "eu-north-1", }: endpoint{}, endpointKey{ Region: "eu-south-1", }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, endpointKey{ Region: "eu-west-1", }: endpoint{}, @@ -10815,6 +13395,9 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, endpointKey{ Region: "me-central-1", }: endpoint{}, @@ -10917,6 +13500,9 @@ var awsPartition = partition{ }: endpoint{ Hostname: "fms-fips.ap-south-1.amazonaws.com", }, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, endpointKey{ Region: "ap-southeast-1", }: endpoint{}, @@ -10935,6 +13521,12 @@ var awsPartition = partition{ }: endpoint{ Hostname: "fms-fips.ap-southeast-2.amazonaws.com", }, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, @@ -10953,6 +13545,9 @@ var awsPartition = partition{ }: endpoint{ Hostname: "fms-fips.eu-central-1.amazonaws.com", }, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, endpointKey{ Region: "eu-north-1", }: endpoint{}, @@ -10965,6 +13560,9 @@ var awsPartition = partition{ }: endpoint{ Hostname: "fms-fips.eu-south-1.amazonaws.com", }, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, endpointKey{ Region: "eu-west-1", }: endpoint{}, @@ -11163,6 +13761,12 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, endpointKey{ Region: "me-south-1", }: endpoint{}, @@ -11419,6 +14023,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-south-1", }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, endpointKey{ Region: "ap-southeast-1", }: endpoint{}, @@ -11428,6 +14035,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, @@ -11440,12 +14050,18 @@ var awsPartition = partition{ endpointKey{ Region: "eu-central-1", }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, endpointKey{ Region: "eu-north-1", }: endpoint{}, endpointKey{ Region: "eu-south-1", }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, endpointKey{ Region: "eu-west-1", }: endpoint{}, @@ -11545,6 +14161,12 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, endpointKey{ Region: "me-south-1", }: endpoint{}, @@ -11746,16 +14368,6 @@ var awsPartition = partition{ }: endpoint{}, }, }, - "gamesparks": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - }, - }, "geo": service{ Endpoints: serviceEndpoints{ endpointKey{ @@ -11969,6 +14581,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-south-1", }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, endpointKey{ Region: "ap-southeast-1", }: endpoint{}, @@ -11978,18 +14593,30 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, endpointKey{ Region: "eu-north-1", }: endpoint{}, endpointKey{ Region: "eu-south-1", }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, endpointKey{ Region: "eu-west-1", }: endpoint{}, @@ -12035,6 +14662,12 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, endpointKey{ Region: "me-south-1", }: endpoint{}, @@ -12189,6 +14822,12 @@ var awsPartition = partition{ endpointKey{ Region: "ca-central-1", }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "greengrass-fips.ca-central-1.amazonaws.com", + }, endpointKey{ Region: "eu-central-1", }: endpoint{}, @@ -12198,15 +14837,69 @@ var awsPartition = partition{ endpointKey{ Region: "eu-west-2", }: endpoint{}, + endpointKey{ + Region: "fips-ca-central-1", + }: endpoint{ + Hostname: "greengrass-fips.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "greengrass-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ + Hostname: "greengrass-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "greengrass-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "us-east-1", }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "greengrass-fips.us-east-1.amazonaws.com", + }, endpointKey{ Region: "us-east-2", }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "greengrass-fips.us-east-2.amazonaws.com", + }, endpointKey{ Region: "us-west-2", }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "greengrass-fips.us-west-2.amazonaws.com", + }, }, }, "groundstation": service{ @@ -12320,6 +15013,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-south-1", }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, endpointKey{ Region: "ap-southeast-1", }: endpoint{}, @@ -12329,9 +15025,15 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, @@ -12344,6 +15046,9 @@ var awsPartition = partition{ endpointKey{ Region: "eu-south-1", }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, endpointKey{ Region: "eu-west-1", }: endpoint{}, @@ -12353,6 +15058,9 @@ var awsPartition = partition{ endpointKey{ Region: "eu-west-3", }: endpoint{}, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, endpointKey{ Region: "me-central-1", }: endpoint{}, @@ -12490,6 +15198,9 @@ var awsPartition = partition{ }, }, Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, endpointKey{ Region: "us-east-1", }: endpoint{}, @@ -12597,6 +15308,9 @@ var awsPartition = partition{ endpointKey{ Region: "af-south-1", }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, endpointKey{ Region: "ap-northeast-1", }: endpoint{}, @@ -12609,6 +15323,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-south-1", }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, endpointKey{ Region: "ap-southeast-1", }: endpoint{}, @@ -12618,18 +15335,27 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, endpointKey{ Region: "eu-north-1", }: endpoint{}, endpointKey{ Region: "eu-south-1", }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, endpointKey{ Region: "eu-west-1", }: endpoint{}, @@ -12639,6 +15365,15 @@ var awsPartition = partition{ endpointKey{ Region: "eu-west-3", }: endpoint{}, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, endpointKey{ Region: "sa-east-1", }: endpoint{}, @@ -12648,6 +15383,9 @@ var awsPartition = partition{ endpointKey{ Region: "us-east-2", }: endpoint{}, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, endpointKey{ Region: "us-west-2", }: endpoint{}, @@ -12877,6 +15615,9 @@ var awsPartition = partition{ }, "inspector2": service{ Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, endpointKey{ Region: "ap-east-1", }: endpoint{}, @@ -12886,6 +15627,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-northeast-2", }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, endpointKey{ Region: "ap-south-1", }: endpoint{}, @@ -12895,12 +15639,18 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-2", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, endpointKey{ Region: "eu-north-1", }: endpoint{}, @@ -12916,6 +15666,42 @@ var awsPartition = partition{ endpointKey{ Region: "eu-west-3", }: endpoint{}, + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "inspector2-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ + Hostname: "inspector2-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-1", + }: endpoint{ + Hostname: "inspector2-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "inspector2-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "me-south-1", }: endpoint{}, @@ -12925,25 +15711,232 @@ var awsPartition = partition{ endpointKey{ Region: "us-east-1", }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "inspector2-fips.us-east-1.amazonaws.com", + }, endpointKey{ Region: "us-east-2", }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "inspector2-fips.us-east-2.amazonaws.com", + }, endpointKey{ Region: "us-west-1", }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "inspector2-fips.us-west-1.amazonaws.com", + }, endpointKey{ Region: "us-west-2", }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "inspector2-fips.us-west-2.amazonaws.com", + }, }, }, - "iot": service{ + "internetmonitor": service{ Defaults: endpointDefaults{ defaultKey{}: endpoint{ - CredentialScope: credentialScope{ - Service: "execute-api", - }, + DNSSuffix: "api.aws", + }, + defaultKey{ + Variant: fipsVariant, + }: endpoint{ + Hostname: "{service}-fips.{region}.{dnsSuffix}", + DNSSuffix: "api.aws", + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{ + Hostname: "internetmonitor.af-south-1.api.aws", + }, + endpointKey{ + Region: "ap-east-1", + }: endpoint{ + Hostname: "internetmonitor.ap-east-1.api.aws", + }, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{ + Hostname: "internetmonitor.ap-northeast-1.api.aws", + }, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{ + Hostname: "internetmonitor.ap-northeast-2.api.aws", + }, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{ + Hostname: "internetmonitor.ap-northeast-3.api.aws", + }, + endpointKey{ + Region: "ap-south-1", + }: endpoint{ + Hostname: "internetmonitor.ap-south-1.api.aws", + }, + endpointKey{ + Region: "ap-south-2", + }: endpoint{ + Hostname: "internetmonitor.ap-south-2.api.aws", + }, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{ + Hostname: "internetmonitor.ap-southeast-1.api.aws", + }, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{ + Hostname: "internetmonitor.ap-southeast-2.api.aws", + }, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{ + Hostname: "internetmonitor.ap-southeast-3.api.aws", + }, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{ + Hostname: "internetmonitor.ap-southeast-4.api.aws", + }, + endpointKey{ + Region: "ca-central-1", + }: endpoint{ + Hostname: "internetmonitor.ca-central-1.api.aws", + }, + endpointKey{ + Region: "ca-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "internetmonitor-fips.ca-central-1.amazonaws.com", + }, + endpointKey{ + Region: "ca-west-1", + }: endpoint{ + Hostname: "internetmonitor.ca-west-1.api.aws", + }, + endpointKey{ + Region: "eu-central-1", + }: endpoint{ + Hostname: "internetmonitor.eu-central-1.api.aws", + }, + endpointKey{ + Region: "eu-central-2", + }: endpoint{ + Hostname: "internetmonitor.eu-central-2.api.aws", + }, + endpointKey{ + Region: "eu-north-1", + }: endpoint{ + Hostname: "internetmonitor.eu-north-1.api.aws", + }, + endpointKey{ + Region: "eu-south-1", + }: endpoint{ + Hostname: "internetmonitor.eu-south-1.api.aws", + }, + endpointKey{ + Region: "eu-south-2", + }: endpoint{ + Hostname: "internetmonitor.eu-south-2.api.aws", + }, + endpointKey{ + Region: "eu-west-1", + }: endpoint{ + Hostname: "internetmonitor.eu-west-1.api.aws", + }, + endpointKey{ + Region: "eu-west-2", + }: endpoint{ + Hostname: "internetmonitor.eu-west-2.api.aws", + }, + endpointKey{ + Region: "eu-west-3", + }: endpoint{ + Hostname: "internetmonitor.eu-west-3.api.aws", + }, + endpointKey{ + Region: "il-central-1", + }: endpoint{ + Hostname: "internetmonitor.il-central-1.api.aws", + }, + endpointKey{ + Region: "me-central-1", + }: endpoint{ + Hostname: "internetmonitor.me-central-1.api.aws", + }, + endpointKey{ + Region: "me-south-1", + }: endpoint{ + Hostname: "internetmonitor.me-south-1.api.aws", + }, + endpointKey{ + Region: "sa-east-1", + }: endpoint{ + Hostname: "internetmonitor.sa-east-1.api.aws", + }, + endpointKey{ + Region: "us-east-1", + }: endpoint{ + Hostname: "internetmonitor.us-east-1.api.aws", + }, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "internetmonitor-fips.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{ + Hostname: "internetmonitor.us-east-2.api.aws", + }, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "internetmonitor-fips.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-1", + }: endpoint{ + Hostname: "internetmonitor.us-west-1.api.aws", + }, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "internetmonitor-fips.us-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{ + Hostname: "internetmonitor.us-west-2.api.aws", + }, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "internetmonitor-fips.us-west-2.amazonaws.com", }, }, + }, + "iot": service{ Endpoints: serviceEndpoints{ endpointKey{ Region: "ap-east-1", @@ -12991,45 +15984,35 @@ var awsPartition = partition{ Region: "fips-ca-central-1", }: endpoint{ Hostname: "iot-fips.ca-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Service: "execute-api", - }, + Deprecated: boxedTrue, }, endpointKey{ Region: "fips-us-east-1", }: endpoint{ Hostname: "iot-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Service: "execute-api", - }, + Deprecated: boxedTrue, }, endpointKey{ Region: "fips-us-east-2", }: endpoint{ Hostname: "iot-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Service: "execute-api", - }, + Deprecated: boxedTrue, }, endpointKey{ Region: "fips-us-west-1", }: endpoint{ Hostname: "iot-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Service: "execute-api", - }, + Deprecated: boxedTrue, }, endpointKey{ Region: "fips-us-west-2", }: endpoint{ Hostname: "iot-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Service: "execute-api", - }, + Deprecated: boxedTrue, }, endpointKey{ @@ -13389,16 +16372,6 @@ var awsPartition = partition{ }: endpoint{}, }, }, - "iotroborunner": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - }, - }, "iotsecuredtunneling": service{ Defaults: endpointDefaults{ defaultKey{}: endpoint{}, @@ -13668,24 +16641,239 @@ var awsPartition = partition{ }, "iottwinmaker": service{ Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, endpointKey{ Region: "ap-southeast-1", }: endpoint{}, endpointKey{ Region: "ap-southeast-2", }: endpoint{}, + endpointKey{ + Region: "api-ap-northeast-1", + }: endpoint{ + Hostname: "api.iottwinmaker.ap-northeast-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-northeast-1", + }, + }, + endpointKey{ + Region: "api-ap-northeast-2", + }: endpoint{ + Hostname: "api.iottwinmaker.ap-northeast-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-northeast-2", + }, + }, + endpointKey{ + Region: "api-ap-south-1", + }: endpoint{ + Hostname: "api.iottwinmaker.ap-south-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-south-1", + }, + }, + endpointKey{ + Region: "api-ap-southeast-1", + }: endpoint{ + Hostname: "api.iottwinmaker.ap-southeast-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-southeast-1", + }, + }, + endpointKey{ + Region: "api-ap-southeast-2", + }: endpoint{ + Hostname: "api.iottwinmaker.ap-southeast-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-southeast-2", + }, + }, + endpointKey{ + Region: "api-eu-central-1", + }: endpoint{ + Hostname: "api.iottwinmaker.eu-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-central-1", + }, + }, + endpointKey{ + Region: "api-eu-west-1", + }: endpoint{ + Hostname: "api.iottwinmaker.eu-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-west-1", + }, + }, + endpointKey{ + Region: "api-us-east-1", + }: endpoint{ + Hostname: "api.iottwinmaker.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + endpointKey{ + Region: "api-us-west-2", + }: endpoint{ + Hostname: "api.iottwinmaker.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, + endpointKey{ + Region: "data-ap-northeast-1", + }: endpoint{ + Hostname: "data.iottwinmaker.ap-northeast-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-northeast-1", + }, + }, + endpointKey{ + Region: "data-ap-northeast-2", + }: endpoint{ + Hostname: "data.iottwinmaker.ap-northeast-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-northeast-2", + }, + }, + endpointKey{ + Region: "data-ap-south-1", + }: endpoint{ + Hostname: "data.iottwinmaker.ap-south-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-south-1", + }, + }, + endpointKey{ + Region: "data-ap-southeast-1", + }: endpoint{ + Hostname: "data.iottwinmaker.ap-southeast-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-southeast-1", + }, + }, + endpointKey{ + Region: "data-ap-southeast-2", + }: endpoint{ + Hostname: "data.iottwinmaker.ap-southeast-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-southeast-2", + }, + }, + endpointKey{ + Region: "data-eu-central-1", + }: endpoint{ + Hostname: "data.iottwinmaker.eu-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-central-1", + }, + }, + endpointKey{ + Region: "data-eu-west-1", + }: endpoint{ + Hostname: "data.iottwinmaker.eu-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-west-1", + }, + }, + endpointKey{ + Region: "data-us-east-1", + }: endpoint{ + Hostname: "data.iottwinmaker.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + endpointKey{ + Region: "data-us-west-2", + }: endpoint{ + Hostname: "data.iottwinmaker.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, endpointKey{ Region: "eu-central-1", }: endpoint{}, endpointKey{ Region: "eu-west-1", }: endpoint{}, + endpointKey{ + Region: "fips-api-us-east-1", + }: endpoint{ + Hostname: "api.iottwinmaker-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + endpointKey{ + Region: "fips-api-us-west-2", + }: endpoint{ + Hostname: "api.iottwinmaker-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, + endpointKey{ + Region: "fips-data-us-east-1", + }: endpoint{ + Hostname: "data.iottwinmaker-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + endpointKey{ + Region: "fips-data-us-west-2", + }: endpoint{ + Hostname: "data.iottwinmaker-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "iottwinmaker-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "iottwinmaker-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "us-east-1", }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "iottwinmaker-fips.us-east-1.amazonaws.com", + }, endpointKey{ Region: "us-west-2", }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "iottwinmaker-fips.us-west-2.amazonaws.com", + }, }, }, "iotwireless": service{ @@ -13782,6 +16970,31 @@ var awsPartition = partition{ }: endpoint{}, }, }, + "ivsrealtime": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + }, + }, "kafka": service{ Endpoints: serviceEndpoints{ endpointKey{ @@ -13802,6 +17015,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-south-1", }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, endpointKey{ Region: "ap-southeast-1", }: endpoint{}, @@ -13811,18 +17027,33 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "kafka-fips.ca-central-1.amazonaws.com", + }, endpointKey{ Region: "eu-central-1", }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, endpointKey{ Region: "eu-north-1", }: endpoint{}, endpointKey{ Region: "eu-south-1", }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, endpointKey{ Region: "eu-west-1", }: endpoint{}, @@ -13832,6 +17063,57 @@ var awsPartition = partition{ endpointKey{ Region: "eu-west-3", }: endpoint{}, + endpointKey{ + Region: "fips-ca-central-1", + }: endpoint{ + Hostname: "kafka-fips.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "kafka-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ + Hostname: "kafka-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-1", + }: endpoint{ + Hostname: "kafka-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "kafka-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, endpointKey{ Region: "me-south-1", }: endpoint{}, @@ -13841,15 +17123,39 @@ var awsPartition = partition{ endpointKey{ Region: "us-east-1", }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "kafka-fips.us-east-1.amazonaws.com", + }, endpointKey{ Region: "us-east-2", }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "kafka-fips.us-east-2.amazonaws.com", + }, endpointKey{ Region: "us-west-1", }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "kafka-fips.us-west-1.amazonaws.com", + }, endpointKey{ Region: "us-west-2", }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "kafka-fips.us-west-2.amazonaws.com", + }, }, }, "kafkaconnect": service{ @@ -13906,6 +17212,9 @@ var awsPartition = partition{ }, "kendra": service{ Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, endpointKey{ Region: "ap-south-1", }: endpoint{}, @@ -13921,6 +17230,9 @@ var awsPartition = partition{ endpointKey{ Region: "eu-west-1", }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, endpointKey{ Region: "fips-us-east-1", }: endpoint{ @@ -13977,6 +17289,180 @@ var awsPartition = partition{ }, }, }, + "kendra-ranking": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + DNSSuffix: "api.aws", + }, + defaultKey{ + Variant: fipsVariant, + }: endpoint{ + Hostname: "{service}-fips.{region}.{dnsSuffix}", + DNSSuffix: "api.aws", + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{ + Hostname: "kendra-ranking.af-south-1.api.aws", + }, + endpointKey{ + Region: "ap-east-1", + }: endpoint{ + Hostname: "kendra-ranking.ap-east-1.api.aws", + }, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{ + Hostname: "kendra-ranking.ap-northeast-1.api.aws", + }, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{ + Hostname: "kendra-ranking.ap-northeast-2.api.aws", + }, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{ + Hostname: "kendra-ranking.ap-northeast-3.api.aws", + }, + endpointKey{ + Region: "ap-south-1", + }: endpoint{ + Hostname: "kendra-ranking.ap-south-1.api.aws", + }, + endpointKey{ + Region: "ap-south-2", + }: endpoint{ + Hostname: "kendra-ranking.ap-south-2.api.aws", + }, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{ + Hostname: "kendra-ranking.ap-southeast-1.api.aws", + }, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{ + Hostname: "kendra-ranking.ap-southeast-2.api.aws", + }, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{ + Hostname: "kendra-ranking.ap-southeast-3.api.aws", + }, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{ + Hostname: "kendra-ranking.ap-southeast-4.api.aws", + }, + endpointKey{ + Region: "ca-central-1", + }: endpoint{ + Hostname: "kendra-ranking.ca-central-1.api.aws", + }, + endpointKey{ + Region: "ca-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "kendra-ranking-fips.ca-central-1.api.aws", + }, + endpointKey{ + Region: "ca-west-1", + }: endpoint{ + Hostname: "kendra-ranking.ca-west-1.api.aws", + }, + endpointKey{ + Region: "eu-central-2", + }: endpoint{ + Hostname: "kendra-ranking.eu-central-2.api.aws", + }, + endpointKey{ + Region: "eu-north-1", + }: endpoint{ + Hostname: "kendra-ranking.eu-north-1.api.aws", + }, + endpointKey{ + Region: "eu-south-1", + }: endpoint{ + Hostname: "kendra-ranking.eu-south-1.api.aws", + }, + endpointKey{ + Region: "eu-south-2", + }: endpoint{ + Hostname: "kendra-ranking.eu-south-2.api.aws", + }, + endpointKey{ + Region: "eu-west-1", + }: endpoint{ + Hostname: "kendra-ranking.eu-west-1.api.aws", + }, + endpointKey{ + Region: "eu-west-3", + }: endpoint{ + Hostname: "kendra-ranking.eu-west-3.api.aws", + }, + endpointKey{ + Region: "il-central-1", + }: endpoint{ + Hostname: "kendra-ranking.il-central-1.api.aws", + }, + endpointKey{ + Region: "me-central-1", + }: endpoint{ + Hostname: "kendra-ranking.me-central-1.api.aws", + }, + endpointKey{ + Region: "me-south-1", + }: endpoint{ + Hostname: "kendra-ranking.me-south-1.api.aws", + }, + endpointKey{ + Region: "sa-east-1", + }: endpoint{ + Hostname: "kendra-ranking.sa-east-1.api.aws", + }, + endpointKey{ + Region: "us-east-1", + }: endpoint{ + Hostname: "kendra-ranking.us-east-1.api.aws", + }, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "kendra-ranking-fips.us-east-1.api.aws", + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{ + Hostname: "kendra-ranking.us-east-2.api.aws", + }, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "kendra-ranking-fips.us-east-2.api.aws", + }, + endpointKey{ + Region: "us-west-1", + }: endpoint{ + Hostname: "kendra-ranking.us-west-1.api.aws", + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{ + Hostname: "kendra-ranking.us-west-2.api.aws", + }, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "kendra-ranking-fips.us-west-2.api.aws", + }, + }, + }, "kinesis": service{ Endpoints: serviceEndpoints{ endpointKey{ @@ -14009,9 +17495,15 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, @@ -14072,6 +17564,9 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, endpointKey{ Region: "me-central-1", }: endpoint{}, @@ -14139,6 +17634,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-south-1", }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, endpointKey{ Region: "ap-southeast-1", }: endpoint{}, @@ -14148,18 +17646,30 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, endpointKey{ Region: "eu-north-1", }: endpoint{}, endpointKey{ Region: "eu-south-1", }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, endpointKey{ Region: "eu-west-1", }: endpoint{}, @@ -14169,6 +17679,12 @@ var awsPartition = partition{ endpointKey{ Region: "eu-west-3", }: endpoint{}, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, endpointKey{ Region: "me-south-1", }: endpoint{}, @@ -14432,6 +17948,15 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + Variant: fipsVariant, + }: endpoint{ + Hostname: "kms-fips.ap-southeast-4.amazonaws.com", + }, endpointKey{ Region: "ap-southeast-4-fips", }: endpoint{ @@ -14459,6 +17984,24 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "kms-fips.ca-west-1.amazonaws.com", + }, + endpointKey{ + Region: "ca-west-1-fips", + }: endpoint{ + Hostname: "kms-fips.ca-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-west-1", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "eu-central-1", }: endpoint{}, @@ -14603,6 +18146,24 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "il-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "kms-fips.il-central-1.amazonaws.com", + }, + endpointKey{ + Region: "il-central-1-fips", + }: endpoint{ + Hostname: "kms-fips.il-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "il-central-1", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "me-central-1", }: endpoint{}, @@ -14751,24 +18312,42 @@ var awsPartition = partition{ endpointKey{ Region: "ap-south-1", }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, endpointKey{ Region: "ap-southeast-1", }: endpoint{}, endpointKey{ Region: "ap-southeast-2", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, endpointKey{ Region: "eu-north-1", }: endpoint{}, endpointKey{ Region: "eu-south-1", }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, endpointKey{ Region: "eu-west-1", }: endpoint{}, @@ -14814,6 +18393,12 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, endpointKey{ Region: "me-south-1", }: endpoint{}, @@ -14950,6 +18535,15 @@ var awsPartition = partition{ }: endpoint{ Hostname: "lambda.ap-southeast-3.api.aws", }, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "lambda.ap-southeast-4.api.aws", + }, endpointKey{ Region: "ca-central-1", }: endpoint{}, @@ -14959,6 +18553,15 @@ var awsPartition = partition{ }: endpoint{ Hostname: "lambda.ca-central-1.api.aws", }, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "lambda.ca-west-1.api.aws", + }, endpointKey{ Region: "eu-central-1", }: endpoint{}, @@ -15067,6 +18670,15 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "il-central-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "lambda.il-central-1.api.aws", + }, endpointKey{ Region: "me-central-1", }: endpoint{}, @@ -15176,6 +18788,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-south-1", }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, endpointKey{ Region: "ap-southeast-1", }: endpoint{}, @@ -15185,18 +18800,27 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, endpointKey{ Region: "eu-north-1", }: endpoint{}, endpointKey{ Region: "eu-south-1", }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, endpointKey{ Region: "eu-west-1", }: endpoint{}, @@ -15242,6 +18866,12 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, endpointKey{ Region: "me-south-1", }: endpoint{}, @@ -15288,6 +18918,12 @@ var awsPartition = partition{ }, "license-manager-linux-subscriptions": service{ Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, endpointKey{ Region: "ap-northeast-1", }: endpoint{}, @@ -15300,21 +18936,42 @@ var awsPartition = partition{ endpointKey{ Region: "ap-south-1", }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, endpointKey{ Region: "ap-southeast-1", }: endpoint{}, endpointKey{ Region: "ap-southeast-2", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, endpointKey{ Region: "eu-north-1", }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, endpointKey{ Region: "eu-west-1", }: endpoint{}, @@ -15360,6 +19017,15 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, endpointKey{ Region: "sa-east-1", }: endpoint{}, @@ -15421,24 +19087,39 @@ var awsPartition = partition{ endpointKey{ Region: "ap-south-1", }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, endpointKey{ Region: "ap-southeast-1", }: endpoint{}, endpointKey{ Region: "ap-southeast-2", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, endpointKey{ Region: "eu-north-1", }: endpoint{}, endpointKey{ Region: "eu-south-1", }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, endpointKey{ Region: "eu-west-1", }: endpoint{}, @@ -15484,6 +19165,12 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, endpointKey{ Region: "me-south-1", }: endpoint{}, @@ -15579,60 +19266,222 @@ var awsPartition = partition{ endpointKey{ Region: "af-south-1", }: endpoint{}, + endpointKey{ + Region: "af-south-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "logs.af-south-1.api.aws", + }, endpointKey{ Region: "ap-east-1", }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "logs.ap-east-1.api.aws", + }, endpointKey{ Region: "ap-northeast-1", }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "logs.ap-northeast-1.api.aws", + }, endpointKey{ Region: "ap-northeast-2", }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "logs.ap-northeast-2.api.aws", + }, endpointKey{ Region: "ap-northeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "logs.ap-northeast-3.api.aws", + }, endpointKey{ Region: "ap-south-1", }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "logs.ap-south-1.api.aws", + }, endpointKey{ Region: "ap-south-2", }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "logs.ap-south-2.api.aws", + }, endpointKey{ Region: "ap-southeast-1", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "logs.ap-southeast-1.api.aws", + }, endpointKey{ Region: "ap-southeast-2", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "logs.ap-southeast-2.api.aws", + }, endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "logs.ap-southeast-3.api.aws", + }, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "logs.ap-southeast-4.api.aws", + }, endpointKey{ Region: "ca-central-1", }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "logs.ca-central-1.api.aws", + }, + endpointKey{ + Region: "ca-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "logs-fips.ca-central-1.amazonaws.com", + }, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "logs.ca-west-1.api.aws", + }, + endpointKey{ + Region: "ca-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "logs-fips.ca-west-1.amazonaws.com", + }, endpointKey{ Region: "eu-central-1", }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "logs.eu-central-1.api.aws", + }, endpointKey{ Region: "eu-central-2", }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "logs.eu-central-2.api.aws", + }, endpointKey{ Region: "eu-north-1", }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "logs.eu-north-1.api.aws", + }, endpointKey{ Region: "eu-south-1", }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "logs.eu-south-1.api.aws", + }, endpointKey{ Region: "eu-south-2", }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "logs.eu-south-2.api.aws", + }, endpointKey{ Region: "eu-west-1", }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "logs.eu-west-1.api.aws", + }, endpointKey{ Region: "eu-west-2", }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "logs.eu-west-2.api.aws", + }, endpointKey{ Region: "eu-west-3", }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "logs.eu-west-3.api.aws", + }, + endpointKey{ + Region: "fips-ca-central-1", + }: endpoint{ + Hostname: "logs-fips.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-ca-west-1", + }: endpoint{ + Hostname: "logs-fips.ca-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-west-1", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "fips-us-east-1", }: endpoint{ @@ -15669,18 +19518,51 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "il-central-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "logs.il-central-1.api.aws", + }, endpointKey{ Region: "me-central-1", }: endpoint{}, + endpointKey{ + Region: "me-central-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "logs.me-central-1.api.aws", + }, endpointKey{ Region: "me-south-1", }: endpoint{}, + endpointKey{ + Region: "me-south-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "logs.me-south-1.api.aws", + }, endpointKey{ Region: "sa-east-1", }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "logs.sa-east-1.api.aws", + }, endpointKey{ Region: "us-east-1", }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "logs.us-east-1.api.aws", + }, endpointKey{ Region: "us-east-1", Variant: fipsVariant, @@ -15690,6 +19572,12 @@ var awsPartition = partition{ endpointKey{ Region: "us-east-2", }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "logs.us-east-2.api.aws", + }, endpointKey{ Region: "us-east-2", Variant: fipsVariant, @@ -15699,6 +19587,12 @@ var awsPartition = partition{ endpointKey{ Region: "us-west-1", }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "logs.us-west-1.api.aws", + }, endpointKey{ Region: "us-west-1", Variant: fipsVariant, @@ -15708,6 +19602,12 @@ var awsPartition = partition{ endpointKey{ Region: "us-west-2", }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "logs.us-west-2.api.aws", + }, endpointKey{ Region: "us-west-2", Variant: fipsVariant, @@ -15787,9 +19687,18 @@ var awsPartition = partition{ }, "m2": service{ Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, endpointKey{ Region: "ap-northeast-1", }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, endpointKey{ Region: "ap-south-1", }: endpoint{}, @@ -15809,6 +19718,15 @@ var awsPartition = partition{ endpointKey{ Region: "eu-central-1", }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, endpointKey{ Region: "eu-west-1", }: endpoint{}, @@ -15830,12 +19748,27 @@ var awsPartition = partition{ Deprecated: boxedTrue, }, + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ + + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-1", + }: endpoint{ + + Deprecated: boxedTrue, + }, endpointKey{ Region: "fips-us-west-2", }: endpoint{ Deprecated: boxedTrue, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, endpointKey{ Region: "sa-east-1", }: endpoint{}, @@ -15846,6 +19779,20 @@ var awsPartition = partition{ Region: "us-east-1", Variant: fipsVariant, }: endpoint{}, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{}, endpointKey{ Region: "us-west-2", }: endpoint{}, @@ -15865,46 +19812,6 @@ var awsPartition = partition{ }: endpoint{}, }, }, - "macie": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "fips-us-east-1", - }: endpoint{ - Hostname: "macie-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-2", - }: endpoint{ - Hostname: "macie-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "macie-fips.us-east-1.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "macie-fips.us-west-2.amazonaws.com", - }, - }, - }, "macie2": service{ Endpoints: serviceEndpoints{ endpointKey{ @@ -15988,6 +19895,9 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, endpointKey{ Region: "me-south-1", }: endpoint{}, @@ -16054,6 +19964,13 @@ var awsPartition = partition{ }: endpoint{}, }, }, + "managedblockchain-query": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + }, + }, "marketplacecommerceanalytics": service{ Endpoints: serviceEndpoints{ endpointKey{ @@ -16109,6 +20026,9 @@ var awsPartition = partition{ }, "mediaconnect": service{ Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, endpointKey{ Region: "ap-east-1", }: endpoint{}, @@ -16118,15 +20038,27 @@ var awsPartition = partition{ endpointKey{ Region: "ap-northeast-2", }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, endpointKey{ Region: "ap-south-1", }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, endpointKey{ Region: "ap-southeast-1", }: endpoint{}, endpointKey{ Region: "ap-southeast-2", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, @@ -16142,6 +20074,9 @@ var awsPartition = partition{ endpointKey{ Region: "eu-west-3", }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, endpointKey{ Region: "sa-east-1", }: endpoint{}, @@ -16170,6 +20105,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-northeast-2", }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, endpointKey{ Region: "ap-south-1", }: endpoint{}, @@ -16179,6 +20117,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-2", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, @@ -16297,6 +20238,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-northeast-2", }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, endpointKey{ Region: "ap-south-1", }: endpoint{}, @@ -16306,6 +20250,12 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-2", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, @@ -16388,6 +20338,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-northeast-2", }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, endpointKey{ Region: "ap-south-1", }: endpoint{}, @@ -16397,6 +20350,12 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-2", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, @@ -16437,6 +20396,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-northeast-2", }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, endpointKey{ Region: "ap-south-1", }: endpoint{}, @@ -16446,6 +20408,70 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-2", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + }, + }, + "mediapackagev2": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, @@ -16511,12 +20537,33 @@ var awsPartition = partition{ }, "meetings-chime": service{ Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, endpointKey{ Region: "ap-southeast-1", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, endpointKey{ Region: "us-east-1", }: endpoint{}, @@ -16685,6 +20732,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, @@ -16712,6 +20762,9 @@ var awsPartition = partition{ endpointKey{ Region: "eu-west-3", }: endpoint{}, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, endpointKey{ Region: "me-central-1", }: endpoint{}, @@ -16755,6 +20808,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-south-1", }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, endpointKey{ Region: "ap-southeast-1", }: endpoint{}, @@ -16764,24 +20820,42 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, endpointKey{ Region: "eu-north-1", }: endpoint{}, endpointKey{ Region: "eu-south-1", }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, endpointKey{ Region: "eu-west-1", }: endpoint{}, endpointKey{ Region: "eu-west-2", }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, endpointKey{ Region: "me-central-1", }: endpoint{}, @@ -16850,6 +20924,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-south-1", }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, endpointKey{ Region: "ap-southeast-1", }: endpoint{}, @@ -16859,18 +20936,27 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, endpointKey{ Region: "eu-north-1", }: endpoint{}, endpointKey{ Region: "eu-south-1", }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, endpointKey{ Region: "eu-west-1", }: endpoint{}, @@ -16916,6 +21002,12 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, endpointKey{ Region: "me-south-1", }: endpoint{}, @@ -17164,9 +21256,15 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, @@ -17227,6 +21325,9 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, endpointKey{ Region: "me-central-1", }: endpoint{}, @@ -17294,6 +21395,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-south-1", }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, endpointKey{ Region: "ap-southeast-1", }: endpoint{}, @@ -17303,18 +21407,27 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, endpointKey{ Region: "eu-north-1", }: endpoint{}, endpointKey{ Region: "eu-south-1", }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, endpointKey{ Region: "eu-west-1", }: endpoint{}, @@ -17360,6 +21473,9 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, endpointKey{ Region: "me-central-1", }: endpoint{}, @@ -17588,6 +21704,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-south-1", }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, endpointKey{ Region: "ap-southeast-1", }: endpoint{}, @@ -17597,6 +21716,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, @@ -17609,12 +21731,18 @@ var awsPartition = partition{ endpointKey{ Region: "eu-central-1", }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, endpointKey{ Region: "eu-north-1", }: endpoint{}, endpointKey{ Region: "eu-south-1", }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, endpointKey{ Region: "eu-west-1", }: endpoint{}, @@ -17669,6 +21797,12 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, endpointKey{ Region: "me-south-1", }: endpoint{}, @@ -17725,6 +21859,24 @@ var awsPartition = partition{ Region: "us-west-2", }, }, + endpointKey{ + Region: "aws-global", + Variant: fipsVariant, + }: endpoint{ + Hostname: "networkmanager-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, + endpointKey{ + Region: "fips-aws-global", + }: endpoint{ + Hostname: "networkmanager-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, }, }, "nimble": service{ @@ -17732,18 +21884,33 @@ var awsPartition = partition{ endpointKey{ Region: "ap-northeast-1", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, endpointKey{ Region: "ap-southeast-2", }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, endpointKey{ Region: "eu-west-2", }: endpoint{}, endpointKey{ Region: "us-east-1", }: endpoint{}, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, endpointKey{ Region: "us-west-2", }: endpoint{}, @@ -17781,9 +21948,15 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, @@ -17808,6 +21981,9 @@ var awsPartition = partition{ endpointKey{ Region: "eu-west-3", }: endpoint{}, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, endpointKey{ Region: "me-central-1", }: endpoint{}, @@ -17905,6 +22081,14 @@ var awsPartition = partition{ Region: "ap-southeast-3", }, }, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{ + Hostname: "oidc.ap-southeast-4.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-southeast-4", + }, + }, endpointKey{ Region: "ca-central-1", }: endpoint{ @@ -17921,6 +22105,14 @@ var awsPartition = partition{ Region: "eu-central-1", }, }, + endpointKey{ + Region: "eu-central-2", + }: endpoint{ + Hostname: "oidc.eu-central-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-central-2", + }, + }, endpointKey{ Region: "eu-north-1", }: endpoint{ @@ -17961,6 +22153,22 @@ var awsPartition = partition{ Region: "eu-west-3", }, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{ + Hostname: "oidc.il-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "il-central-1", + }, + }, + endpointKey{ + Region: "me-central-1", + }: endpoint{ + Hostname: "oidc.me-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "me-central-1", + }, + }, endpointKey{ Region: "me-south-1", }: endpoint{ @@ -18011,6 +22219,102 @@ var awsPartition = partition{ }, }, }, + "omics": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{ + Hostname: "omics.ap-southeast-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-southeast-1", + }, + }, + endpointKey{ + Region: "eu-central-1", + }: endpoint{ + Hostname: "omics.eu-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-central-1", + }, + }, + endpointKey{ + Region: "eu-west-1", + }: endpoint{ + Hostname: "omics.eu-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-west-1", + }, + }, + endpointKey{ + Region: "eu-west-2", + }: endpoint{ + Hostname: "omics.eu-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-west-2", + }, + }, + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "omics-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "omics-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "il-central-1", + }: endpoint{ + Hostname: "omics.il-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "il-central-1", + }, + }, + endpointKey{ + Region: "us-east-1", + }: endpoint{ + Hostname: "omics.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "omics-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{ + Hostname: "omics.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "omics-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, + }, + }, "opsworks": service{ Endpoints: serviceEndpoints{ endpointKey{ @@ -18123,6 +22427,55 @@ var awsPartition = partition{ }, }, }, + "osis": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + }, + }, "outposts": service{ Endpoints: serviceEndpoints{ endpointKey{ @@ -18224,6 +22577,12 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, endpointKey{ Region: "me-south-1", }: endpoint{}, @@ -18401,9 +22760,15 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, @@ -18428,6 +22793,9 @@ var awsPartition = partition{ endpointKey{ Region: "eu-west-3", }: endpoint{}, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, endpointKey{ Region: "me-central-1", }: endpoint{}, @@ -18610,6 +22978,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-south-1", }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, endpointKey{ Region: "ap-southeast-1", }: endpoint{}, @@ -18625,12 +22996,18 @@ var awsPartition = partition{ endpointKey{ Region: "eu-central-1", }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, endpointKey{ Region: "eu-north-1", }: endpoint{}, endpointKey{ Region: "eu-south-1", }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, endpointKey{ Region: "eu-west-1", }: endpoint{}, @@ -18677,6 +23054,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-northeast-2", }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, endpointKey{ Region: "ap-south-1", }: endpoint{}, @@ -18858,6 +23238,14 @@ var awsPartition = partition{ Region: "ap-southeast-3", }, }, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{ + Hostname: "portal.sso.ap-southeast-4.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-southeast-4", + }, + }, endpointKey{ Region: "ca-central-1", }: endpoint{ @@ -18874,6 +23262,14 @@ var awsPartition = partition{ Region: "eu-central-1", }, }, + endpointKey{ + Region: "eu-central-2", + }: endpoint{ + Hostname: "portal.sso.eu-central-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-central-2", + }, + }, endpointKey{ Region: "eu-north-1", }: endpoint{ @@ -18914,6 +23310,22 @@ var awsPartition = partition{ Region: "eu-west-3", }, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{ + Hostname: "portal.sso.il-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "il-central-1", + }, + }, + endpointKey{ + Region: "me-central-1", + }: endpoint{ + Hostname: "portal.sso.me-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "me-central-1", + }, + }, endpointKey{ Region: "me-south-1", }: endpoint{ @@ -18964,6 +23376,19 @@ var awsPartition = partition{ }, }, }, + "private-networks": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + }, + }, "profile": service{ Endpoints: serviceEndpoints{ endpointKey{ @@ -18984,18 +23409,63 @@ var awsPartition = partition{ endpointKey{ Region: "ca-central-1", }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "profile-fips.ca-central-1.amazonaws.com", + }, endpointKey{ Region: "eu-central-1", }: endpoint{}, endpointKey{ Region: "eu-west-2", }: endpoint{}, + endpointKey{ + Region: "fips-ca-central-1", + }: endpoint{ + Hostname: "profile-fips.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "profile-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "profile-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "us-east-1", }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "profile-fips.us-east-1.amazonaws.com", + }, endpointKey{ Region: "us-west-2", }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "profile-fips.us-west-2.amazonaws.com", + }, }, }, "projects.iot1click": service{ @@ -19060,6 +23530,166 @@ var awsPartition = partition{ }: endpoint{}, }, }, + "qbusiness": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + DNSSuffix: "api.aws", + }, + defaultKey{ + Variant: fipsVariant, + }: endpoint{ + Hostname: "{service}-fips.{region}.{dnsSuffix}", + DNSSuffix: "api.aws", + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{ + Hostname: "qbusiness.af-south-1.api.aws", + }, + endpointKey{ + Region: "ap-east-1", + }: endpoint{ + Hostname: "qbusiness.ap-east-1.api.aws", + }, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{ + Hostname: "qbusiness.ap-northeast-1.api.aws", + }, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{ + Hostname: "qbusiness.ap-northeast-2.api.aws", + }, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{ + Hostname: "qbusiness.ap-northeast-3.api.aws", + }, + endpointKey{ + Region: "ap-south-1", + }: endpoint{ + Hostname: "qbusiness.ap-south-1.api.aws", + }, + endpointKey{ + Region: "ap-south-2", + }: endpoint{ + Hostname: "qbusiness.ap-south-2.api.aws", + }, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{ + Hostname: "qbusiness.ap-southeast-1.api.aws", + }, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{ + Hostname: "qbusiness.ap-southeast-2.api.aws", + }, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{ + Hostname: "qbusiness.ap-southeast-3.api.aws", + }, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{ + Hostname: "qbusiness.ap-southeast-4.api.aws", + }, + endpointKey{ + Region: "ca-central-1", + }: endpoint{ + Hostname: "qbusiness.ca-central-1.api.aws", + }, + endpointKey{ + Region: "ca-west-1", + }: endpoint{ + Hostname: "qbusiness.ca-west-1.api.aws", + }, + endpointKey{ + Region: "eu-central-1", + }: endpoint{ + Hostname: "qbusiness.eu-central-1.api.aws", + }, + endpointKey{ + Region: "eu-central-2", + }: endpoint{ + Hostname: "qbusiness.eu-central-2.api.aws", + }, + endpointKey{ + Region: "eu-north-1", + }: endpoint{ + Hostname: "qbusiness.eu-north-1.api.aws", + }, + endpointKey{ + Region: "eu-south-1", + }: endpoint{ + Hostname: "qbusiness.eu-south-1.api.aws", + }, + endpointKey{ + Region: "eu-south-2", + }: endpoint{ + Hostname: "qbusiness.eu-south-2.api.aws", + }, + endpointKey{ + Region: "eu-west-1", + }: endpoint{ + Hostname: "qbusiness.eu-west-1.api.aws", + }, + endpointKey{ + Region: "eu-west-2", + }: endpoint{ + Hostname: "qbusiness.eu-west-2.api.aws", + }, + endpointKey{ + Region: "eu-west-3", + }: endpoint{ + Hostname: "qbusiness.eu-west-3.api.aws", + }, + endpointKey{ + Region: "il-central-1", + }: endpoint{ + Hostname: "qbusiness.il-central-1.api.aws", + }, + endpointKey{ + Region: "me-central-1", + }: endpoint{ + Hostname: "qbusiness.me-central-1.api.aws", + }, + endpointKey{ + Region: "me-south-1", + }: endpoint{ + Hostname: "qbusiness.me-south-1.api.aws", + }, + endpointKey{ + Region: "sa-east-1", + }: endpoint{ + Hostname: "qbusiness.sa-east-1.api.aws", + }, + endpointKey{ + Region: "us-east-1", + }: endpoint{ + Hostname: "qbusiness.us-east-1.api.aws", + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{ + Hostname: "qbusiness.us-east-2.api.aws", + }, + endpointKey{ + Region: "us-west-1", + }: endpoint{ + Hostname: "qbusiness.us-west-1.api.aws", + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{ + Hostname: "qbusiness.us-west-2.api.aws", + }, + }, + }, "qldb": service{ Endpoints: serviceEndpoints{ endpointKey{ @@ -19174,9 +23804,6 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-2", }: endpoint{}, - endpointKey{ - Region: "api", - }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, @@ -19241,6 +23868,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, @@ -19250,6 +23880,15 @@ var awsPartition = partition{ }: endpoint{ Hostname: "ram-fips.ca-central-1.amazonaws.com", }, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "ram-fips.ca-west-1.amazonaws.com", + }, endpointKey{ Region: "eu-central-1", }: endpoint{}, @@ -19283,6 +23922,15 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "fips-ca-west-1", + }: endpoint{ + Hostname: "ram-fips.ca-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-west-1", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "fips-us-east-1", }: endpoint{ @@ -19319,6 +23967,9 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, endpointKey{ Region: "me-central-1", }: endpoint{}, @@ -19398,6 +24049,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, @@ -19407,6 +24061,15 @@ var awsPartition = partition{ }: endpoint{ Hostname: "rbin-fips.ca-central-1.amazonaws.com", }, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "rbin-fips.ca-west-1.amazonaws.com", + }, endpointKey{ Region: "eu-central-1", }: endpoint{}, @@ -19440,6 +24103,15 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "fips-ca-west-1", + }: endpoint{ + Hostname: "rbin-fips.ca-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-west-1", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "fips-us-east-1", }: endpoint{ @@ -19476,6 +24148,9 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, endpointKey{ Region: "me-central-1", }: endpoint{}, @@ -19555,6 +24230,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, @@ -19573,6 +24251,24 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "rds-fips.ca-west-1.amazonaws.com", + }, + endpointKey{ + Region: "ca-west-1-fips", + }: endpoint{ + Hostname: "rds-fips.ca-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-west-1", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "eu-central-1", }: endpoint{}, @@ -19597,6 +24293,9 @@ var awsPartition = partition{ endpointKey{ Region: "eu-west-3", }: endpoint{}, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, endpointKey{ Region: "me-central-1", }: endpoint{}, @@ -19612,6 +24311,15 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "rds-fips.ca-west-1", + }: endpoint{ + Hostname: "rds-fips.ca-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-west-1", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "rds-fips.us-east-1", }: endpoint{ @@ -19666,6 +24374,24 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "rds.ca-west-1", + }: endpoint{ + CredentialScope: credentialScope{ + Region: "ca-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "rds.ca-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "rds-fips.ca-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-west-1", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "rds.us-east-1", }: endpoint{ @@ -19956,6 +24682,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, @@ -19965,6 +24694,15 @@ var awsPartition = partition{ }: endpoint{ Hostname: "redshift-fips.ca-central-1.amazonaws.com", }, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "redshift-fips.ca-west-1.amazonaws.com", + }, endpointKey{ Region: "eu-central-1", }: endpoint{}, @@ -19998,6 +24736,15 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "fips-ca-west-1", + }: endpoint{ + Hostname: "redshift-fips.ca-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-west-1", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "fips-us-east-1", }: endpoint{ @@ -20034,6 +24781,9 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, endpointKey{ Region: "me-central-1", }: endpoint{}, @@ -20089,12 +24839,24 @@ var awsPartition = partition{ endpointKey{ Region: "ap-northeast-2", }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, endpointKey{ Region: "ap-southeast-1", }: endpoint{}, endpointKey{ Region: "ap-southeast-2", }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "redshift-serverless-fips.ca-central-1.amazonaws.com", + }, endpointKey{ Region: "eu-central-1", }: endpoint{}, @@ -20107,15 +24869,90 @@ var awsPartition = partition{ endpointKey{ Region: "eu-west-2", }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "fips-ca-central-1", + }: endpoint{ + Hostname: "redshift-serverless-fips.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "redshift-serverless-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ + Hostname: "redshift-serverless-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-1", + }: endpoint{ + Hostname: "redshift-serverless-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "redshift-serverless-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "us-east-1", }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "redshift-serverless-fips.us-east-1.amazonaws.com", + }, endpointKey{ Region: "us-east-2", }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "redshift-serverless-fips.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "redshift-serverless-fips.us-west-1.amazonaws.com", + }, endpointKey{ Region: "us-west-2", }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "redshift-serverless-fips.us-west-2.amazonaws.com", + }, }, }, "rekognition": service{ @@ -20162,6 +24999,9 @@ var awsPartition = partition{ endpointKey{ Region: "eu-west-2", }: endpoint{}, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, endpointKey{ Region: "rekognition-fips.ca-central-1", }: endpoint{ @@ -20436,123 +25276,64 @@ var awsPartition = partition{ }, }, "resource-explorer-2": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - DNSSuffix: "api.aws", - }, - defaultKey{ - Variant: fipsVariant, - }: endpoint{ - Hostname: "{service}-fips.{region}.{dnsSuffix}", - DNSSuffix: "api.aws", - }, - }, Endpoints: serviceEndpoints{ - endpointKey{ - Region: "af-south-1", - }: endpoint{ - Hostname: "resource-explorer-2.af-south-1.api.aws", - }, - endpointKey{ - Region: "ap-east-1", - }: endpoint{ - Hostname: "resource-explorer-2.ap-east-1.api.aws", - }, endpointKey{ Region: "ap-northeast-1", - }: endpoint{ - Hostname: "resource-explorer-2.ap-northeast-1.api.aws", - }, + }: endpoint{}, endpointKey{ Region: "ap-northeast-2", - }: endpoint{ - Hostname: "resource-explorer-2.ap-northeast-2.api.aws", - }, + }: endpoint{}, endpointKey{ Region: "ap-northeast-3", - }: endpoint{ - Hostname: "resource-explorer-2.ap-northeast-3.api.aws", - }, + }: endpoint{}, endpointKey{ Region: "ap-south-1", - }: endpoint{ - Hostname: "resource-explorer-2.ap-south-1.api.aws", - }, - endpointKey{ - Region: "ap-south-2", - }: endpoint{ - Hostname: "resource-explorer-2.ap-south-2.api.aws", - }, + }: endpoint{}, endpointKey{ Region: "ap-southeast-1", - }: endpoint{ - Hostname: "resource-explorer-2.ap-southeast-1.api.aws", - }, + }: endpoint{}, endpointKey{ Region: "ap-southeast-2", - }: endpoint{ - Hostname: "resource-explorer-2.ap-southeast-2.api.aws", - }, + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, endpointKey{ Region: "ca-central-1", - }: endpoint{ - Hostname: "resource-explorer-2.ca-central-1.api.aws", - }, + }: endpoint{}, endpointKey{ Region: "eu-central-1", - }: endpoint{ - Hostname: "resource-explorer-2.eu-central-1.api.aws", - }, - endpointKey{ - Region: "eu-central-2", - }: endpoint{ - Hostname: "resource-explorer-2.eu-central-2.api.aws", - }, + }: endpoint{}, endpointKey{ Region: "eu-north-1", - }: endpoint{ - Hostname: "resource-explorer-2.eu-north-1.api.aws", - }, + }: endpoint{}, endpointKey{ Region: "eu-west-1", - }: endpoint{ - Hostname: "resource-explorer-2.eu-west-1.api.aws", - }, + }: endpoint{}, endpointKey{ Region: "eu-west-2", - }: endpoint{ - Hostname: "resource-explorer-2.eu-west-2.api.aws", - }, + }: endpoint{}, endpointKey{ Region: "eu-west-3", - }: endpoint{ - Hostname: "resource-explorer-2.eu-west-3.api.aws", - }, + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, endpointKey{ Region: "sa-east-1", - }: endpoint{ - Hostname: "resource-explorer-2.sa-east-1.api.aws", - }, + }: endpoint{}, endpointKey{ Region: "us-east-1", - }: endpoint{ - Hostname: "resource-explorer-2.us-east-1.api.aws", - }, + }: endpoint{}, endpointKey{ Region: "us-east-2", - }: endpoint{ - Hostname: "resource-explorer-2.us-east-2.api.aws", - }, + }: endpoint{}, endpointKey{ Region: "us-west-1", - }: endpoint{ - Hostname: "resource-explorer-2.us-west-1.api.aws", - }, + }: endpoint{}, endpointKey{ Region: "us-west-2", - }: endpoint{ - Hostname: "resource-explorer-2.us-west-2.api.aws", - }, + }: endpoint{}, }, }, "resource-groups": service{ @@ -20575,6 +25356,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-south-1", }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, endpointKey{ Region: "ap-southeast-1", }: endpoint{}, @@ -20584,18 +25368,30 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, endpointKey{ Region: "eu-north-1", }: endpoint{}, endpointKey{ Region: "eu-south-1", }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, endpointKey{ Region: "eu-west-1", }: endpoint{}, @@ -20641,6 +25437,9 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, endpointKey{ Region: "me-central-1", }: endpoint{}, @@ -20733,6 +25532,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-south-1", }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, endpointKey{ Region: "ap-southeast-1", }: endpoint{}, @@ -20742,18 +25544,30 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, endpointKey{ Region: "eu-north-1", }: endpoint{}, endpointKey{ Region: "eu-south-1", }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, endpointKey{ Region: "eu-west-1", }: endpoint{}, @@ -20763,6 +25577,48 @@ var awsPartition = partition{ endpointKey{ Region: "eu-west-3", }: endpoint{}, + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "rolesanywhere-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ + Hostname: "rolesanywhere-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-1", + }: endpoint{ + Hostname: "rolesanywhere-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "rolesanywhere-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, endpointKey{ Region: "me-south-1", }: endpoint{}, @@ -20772,15 +25628,39 @@ var awsPartition = partition{ endpointKey{ Region: "us-east-1", }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "rolesanywhere-fips.us-east-1.amazonaws.com", + }, endpointKey{ Region: "us-east-2", }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "rolesanywhere-fips.us-east-2.amazonaws.com", + }, endpointKey{ Region: "us-west-1", }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "rolesanywhere-fips.us-west-1.amazonaws.com", + }, endpointKey{ Region: "us-west-2", }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "rolesanywhere-fips.us-west-2.amazonaws.com", + }, }, }, "route53": service{ @@ -20859,6 +25739,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-south-1", }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, endpointKey{ Region: "ap-southeast-1", }: endpoint{}, @@ -20868,18 +25751,30 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, endpointKey{ Region: "eu-north-1", }: endpoint{}, endpointKey{ Region: "eu-south-1", }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, endpointKey{ Region: "eu-west-1", }: endpoint{}, @@ -20889,6 +25784,12 @@ var awsPartition = partition{ endpointKey{ Region: "eu-west-3", }: endpoint{}, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, endpointKey{ Region: "me-south-1", }: endpoint{}, @@ -21081,6 +25982,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-south-1", }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, endpointKey{ Region: "ap-southeast-1", }: endpoint{}, @@ -21090,18 +25994,30 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, endpointKey{ Region: "eu-north-1", }: endpoint{}, endpointKey{ Region: "eu-south-1", }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, endpointKey{ Region: "eu-west-1", }: endpoint{}, @@ -21111,6 +26027,9 @@ var awsPartition = partition{ endpointKey{ Region: "eu-west-3", }: endpoint{}, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, endpointKey{ Region: "me-central-1", }: endpoint{}, @@ -21322,6 +26241,15 @@ var awsPartition = partition{ }: endpoint{ Hostname: "s3.dualstack.ap-southeast-3.amazonaws.com", }, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "s3.dualstack.ap-southeast-4.amazonaws.com", + }, endpointKey{ Region: "aws-global", }: endpoint{ @@ -21352,6 +26280,27 @@ var awsPartition = partition{ }: endpoint{ Hostname: "s3-fips.dualstack.ca-central-1.amazonaws.com", }, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "s3.dualstack.ca-west-1.amazonaws.com", + }, + endpointKey{ + Region: "ca-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "s3-fips.ca-west-1.amazonaws.com", + }, + endpointKey{ + Region: "ca-west-1", + Variant: fipsVariant | dualStackVariant, + }: endpoint{ + Hostname: "s3-fips.dualstack.ca-west-1.amazonaws.com", + }, endpointKey{ Region: "eu-central-1", }: endpoint{}, @@ -21437,6 +26386,15 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "fips-ca-west-1", + }: endpoint{ + Hostname: "s3-fips.ca-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-west-1", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "fips-us-east-1", }: endpoint{ @@ -21473,6 +26431,15 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "il-central-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "s3.dualstack.il-central-1.amazonaws.com", + }, endpointKey{ Region: "me-central-1", }: endpoint{}, @@ -22121,55 +27088,123 @@ var awsPartition = partition{ endpointKey{ Region: "af-south-1", }: endpoint{}, + endpointKey{ + Region: "af-south-1", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "ap-east-1", }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "ap-northeast-1", }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "ap-northeast-2", }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "ap-northeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "ap-south-1", }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "ap-southeast-1", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "ap-southeast-2", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "ca-central-1", Variant: fipsVariant, }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + Variant: fipsVariant | dualStackVariant, + }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "eu-north-1", }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "eu-south-1", }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "eu-west-1", }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "eu-west-2", }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "eu-west-3", }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "fips-ca-central-1", }: endpoint{ @@ -22200,40 +27235,87 @@ var awsPartition = partition{ Deprecated: boxedTrue, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "il-central-1", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "me-south-1", }: endpoint{}, + endpointKey{ + Region: "me-south-1", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "sa-east-1", }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "us-east-1", }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "us-east-1", Variant: fipsVariant, }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant | dualStackVariant, + }: endpoint{}, endpointKey{ Region: "us-east-2", }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "us-east-2", Variant: fipsVariant, }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant | dualStackVariant, + }: endpoint{}, endpointKey{ Region: "us-west-1", }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "us-west-1", Variant: fipsVariant, }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant | dualStackVariant, + }: endpoint{}, endpointKey{ Region: "us-west-2", }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "us-west-2", Variant: fipsVariant, }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant | dualStackVariant, + }: endpoint{}, }, }, "sagemaker-geospatial": service{ @@ -22259,30 +27341,84 @@ var awsPartition = partition{ }, "scheduler": service{ Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, endpointKey{ Region: "ap-northeast-1", }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, endpointKey{ Region: "ap-southeast-1", }: endpoint{}, endpointKey{ Region: "ap-southeast-2", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, endpointKey{ Region: "eu-north-1", }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, endpointKey{ Region: "eu-west-1", }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, endpointKey{ Region: "us-east-1", }: endpoint{}, endpointKey{ Region: "us-east-2", }: endpoint{}, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, endpointKey{ Region: "us-west-2", }: endpoint{}, @@ -22290,6 +27426,9 @@ var awsPartition = partition{ }, "schemas": service{ Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, endpointKey{ Region: "ap-east-1", }: endpoint{}, @@ -22299,6 +27438,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-northeast-2", }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, endpointKey{ Region: "ap-south-1", }: endpoint{}, @@ -22308,15 +27450,27 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-2", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, endpointKey{ Region: "eu-north-1", }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, endpointKey{ Region: "eu-west-1", }: endpoint{}, @@ -22326,6 +27480,12 @@ var awsPartition = partition{ endpointKey{ Region: "eu-west-3", }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, endpointKey{ Region: "sa-east-1", }: endpoint{}, @@ -22384,154 +27544,288 @@ var awsPartition = partition{ endpointKey{ Region: "af-south-1", }: endpoint{}, + endpointKey{ + Region: "af-south-1", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "ap-east-1", }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "ap-northeast-1", }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "ap-northeast-2", }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "ap-northeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "ap-south-1", }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "ap-south-2", }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "ap-southeast-1", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "ap-southeast-2", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + Variant: dualStackVariant, + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "ca-central-1", Variant: fipsVariant, + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + Variant: fipsVariant | dualStackVariant, + }: endpoint{}, + endpointKey{ + Region: "ca-central-1-fips", }: endpoint{ - Hostname: "secretsmanager-fips.ca-central-1.amazonaws.com", + + Deprecated: boxedTrue, }, endpointKey{ - Region: "ca-central-1-fips", + Region: "ca-west-1", + }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + Variant: dualStackVariant, + }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + Variant: fipsVariant, + }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + Variant: fipsVariant | dualStackVariant, + }: endpoint{}, + endpointKey{ + Region: "ca-west-1-fips", }: endpoint{ - Hostname: "secretsmanager-fips.ca-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, + Deprecated: boxedTrue, }, endpointKey{ Region: "eu-central-1", }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "eu-central-2", }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "eu-north-1", }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "eu-south-1", }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "eu-south-2", }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "eu-west-1", }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "eu-west-2", }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "eu-west-3", }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + Variant: dualStackVariant, + }: endpoint{}, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "il-central-1", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "me-central-1", }: endpoint{}, + endpointKey{ + Region: "me-central-1", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "me-south-1", }: endpoint{}, + endpointKey{ + Region: "me-south-1", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "sa-east-1", }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "us-east-1", }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "us-east-1", Variant: fipsVariant, - }: endpoint{ - Hostname: "secretsmanager-fips.us-east-1.amazonaws.com", - }, + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant | dualStackVariant, + }: endpoint{}, endpointKey{ Region: "us-east-1-fips", }: endpoint{ - Hostname: "secretsmanager-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, + Deprecated: boxedTrue, }, endpointKey{ Region: "us-east-2", }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "us-east-2", Variant: fipsVariant, - }: endpoint{ - Hostname: "secretsmanager-fips.us-east-2.amazonaws.com", - }, + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant | dualStackVariant, + }: endpoint{}, endpointKey{ Region: "us-east-2-fips", }: endpoint{ - Hostname: "secretsmanager-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, + Deprecated: boxedTrue, }, endpointKey{ Region: "us-west-1", }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "us-west-1", Variant: fipsVariant, - }: endpoint{ - Hostname: "secretsmanager-fips.us-west-1.amazonaws.com", - }, + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant | dualStackVariant, + }: endpoint{}, endpointKey{ Region: "us-west-1-fips", }: endpoint{ - Hostname: "secretsmanager-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, + Deprecated: boxedTrue, }, endpointKey{ Region: "us-west-2", }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "us-west-2", Variant: fipsVariant, - }: endpoint{ - Hostname: "secretsmanager-fips.us-west-2.amazonaws.com", - }, + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant | dualStackVariant, + }: endpoint{}, endpointKey{ Region: "us-west-2-fips", }: endpoint{ - Hostname: "secretsmanager-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, + Deprecated: boxedTrue, }, }, @@ -22556,6 +27850,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-south-1", }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, endpointKey{ Region: "ap-southeast-1", }: endpoint{}, @@ -22565,18 +27862,30 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, endpointKey{ Region: "eu-north-1", }: endpoint{}, endpointKey{ Region: "eu-south-1", }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, endpointKey{ Region: "eu-west-1", }: endpoint{}, @@ -22622,6 +27931,12 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, endpointKey{ Region: "me-south-1", }: endpoint{}, @@ -22671,24 +27986,114 @@ var awsPartition = partition{ endpointKey{ Region: "ap-northeast-1", }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, endpointKey{ Region: "ap-southeast-2", }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, endpointKey{ Region: "eu-west-1", }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "securitylake-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ + Hostname: "securitylake-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-1", + }: endpoint{ + Hostname: "securitylake-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "securitylake-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, endpointKey{ Region: "us-east-1", }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "securitylake-fips.us-east-1.amazonaws.com", + }, endpointKey{ Region: "us-east-2", }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "securitylake-fips.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "securitylake-fips.us-west-1.amazonaws.com", + }, endpointKey{ Region: "us-west-2", }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "securitylake-fips.us-west-2.amazonaws.com", + }, }, }, "serverlessrepo": service{ @@ -22810,6 +28215,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-south-1", }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, endpointKey{ Region: "ap-southeast-1", }: endpoint{}, @@ -22819,18 +28227,27 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, endpointKey{ Region: "eu-north-1", }: endpoint{}, endpointKey{ Region: "eu-south-1", }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, endpointKey{ Region: "eu-west-1", }: endpoint{}, @@ -22840,6 +28257,12 @@ var awsPartition = partition{ endpointKey{ Region: "eu-west-3", }: endpoint{}, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, endpointKey{ Region: "me-south-1", }: endpoint{}, @@ -22940,6 +28363,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-south-1", }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, endpointKey{ Region: "ap-southeast-1", }: endpoint{}, @@ -22949,6 +28375,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, @@ -22958,15 +28387,24 @@ var awsPartition = partition{ }: endpoint{ Hostname: "servicecatalog-appregistry-fips.ca-central-1.amazonaws.com", }, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, endpointKey{ Region: "eu-north-1", }: endpoint{}, endpointKey{ Region: "eu-south-1", }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, endpointKey{ Region: "eu-west-1", }: endpoint{}, @@ -23021,6 +28459,12 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, endpointKey{ Region: "me-south-1", }: endpoint{}, @@ -23074,7 +28518,7 @@ var awsPartition = partition{ Region: "af-south-1", Variant: dualStackVariant, }: endpoint{ - Hostname: "servicediscovery.af-south-1.amazonaws.com", + Hostname: "servicediscovery.af-south-1.api.aws", }, endpointKey{ Region: "ap-east-1", @@ -23083,7 +28527,7 @@ var awsPartition = partition{ Region: "ap-east-1", Variant: dualStackVariant, }: endpoint{ - Hostname: "servicediscovery.ap-east-1.amazonaws.com", + Hostname: "servicediscovery.ap-east-1.api.aws", }, endpointKey{ Region: "ap-northeast-1", @@ -23092,7 +28536,7 @@ var awsPartition = partition{ Region: "ap-northeast-1", Variant: dualStackVariant, }: endpoint{ - Hostname: "servicediscovery.ap-northeast-1.amazonaws.com", + Hostname: "servicediscovery.ap-northeast-1.api.aws", }, endpointKey{ Region: "ap-northeast-2", @@ -23101,7 +28545,7 @@ var awsPartition = partition{ Region: "ap-northeast-2", Variant: dualStackVariant, }: endpoint{ - Hostname: "servicediscovery.ap-northeast-2.amazonaws.com", + Hostname: "servicediscovery.ap-northeast-2.api.aws", }, endpointKey{ Region: "ap-northeast-3", @@ -23110,7 +28554,7 @@ var awsPartition = partition{ Region: "ap-northeast-3", Variant: dualStackVariant, }: endpoint{ - Hostname: "servicediscovery.ap-northeast-3.amazonaws.com", + Hostname: "servicediscovery.ap-northeast-3.api.aws", }, endpointKey{ Region: "ap-south-1", @@ -23119,7 +28563,7 @@ var awsPartition = partition{ Region: "ap-south-1", Variant: dualStackVariant, }: endpoint{ - Hostname: "servicediscovery.ap-south-1.amazonaws.com", + Hostname: "servicediscovery.ap-south-1.api.aws", }, endpointKey{ Region: "ap-south-2", @@ -23128,7 +28572,7 @@ var awsPartition = partition{ Region: "ap-south-2", Variant: dualStackVariant, }: endpoint{ - Hostname: "servicediscovery.ap-south-2.amazonaws.com", + Hostname: "servicediscovery.ap-south-2.api.aws", }, endpointKey{ Region: "ap-southeast-1", @@ -23137,7 +28581,7 @@ var awsPartition = partition{ Region: "ap-southeast-1", Variant: dualStackVariant, }: endpoint{ - Hostname: "servicediscovery.ap-southeast-1.amazonaws.com", + Hostname: "servicediscovery.ap-southeast-1.api.aws", }, endpointKey{ Region: "ap-southeast-2", @@ -23146,7 +28590,7 @@ var awsPartition = partition{ Region: "ap-southeast-2", Variant: dualStackVariant, }: endpoint{ - Hostname: "servicediscovery.ap-southeast-2.amazonaws.com", + Hostname: "servicediscovery.ap-southeast-2.api.aws", }, endpointKey{ Region: "ap-southeast-3", @@ -23155,7 +28599,16 @@ var awsPartition = partition{ Region: "ap-southeast-3", Variant: dualStackVariant, }: endpoint{ - Hostname: "servicediscovery.ap-southeast-3.amazonaws.com", + Hostname: "servicediscovery.ap-southeast-3.api.aws", + }, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "servicediscovery.ap-southeast-4.api.aws", }, endpointKey{ Region: "ca-central-1", @@ -23164,7 +28617,7 @@ var awsPartition = partition{ Region: "ca-central-1", Variant: dualStackVariant, }: endpoint{ - Hostname: "servicediscovery.ca-central-1.amazonaws.com", + Hostname: "servicediscovery.ca-central-1.api.aws", }, endpointKey{ Region: "ca-central-1", @@ -23172,6 +28625,12 @@ var awsPartition = partition{ }: endpoint{ Hostname: "servicediscovery-fips.ca-central-1.amazonaws.com", }, + endpointKey{ + Region: "ca-central-1", + Variant: fipsVariant | dualStackVariant, + }: endpoint{ + Hostname: "servicediscovery-fips.ca-central-1.api.aws", + }, endpointKey{ Region: "ca-central-1-fips", }: endpoint{ @@ -23188,7 +28647,7 @@ var awsPartition = partition{ Region: "eu-central-1", Variant: dualStackVariant, }: endpoint{ - Hostname: "servicediscovery.eu-central-1.amazonaws.com", + Hostname: "servicediscovery.eu-central-1.api.aws", }, endpointKey{ Region: "eu-central-2", @@ -23197,7 +28656,7 @@ var awsPartition = partition{ Region: "eu-central-2", Variant: dualStackVariant, }: endpoint{ - Hostname: "servicediscovery.eu-central-2.amazonaws.com", + Hostname: "servicediscovery.eu-central-2.api.aws", }, endpointKey{ Region: "eu-north-1", @@ -23206,7 +28665,7 @@ var awsPartition = partition{ Region: "eu-north-1", Variant: dualStackVariant, }: endpoint{ - Hostname: "servicediscovery.eu-north-1.amazonaws.com", + Hostname: "servicediscovery.eu-north-1.api.aws", }, endpointKey{ Region: "eu-south-1", @@ -23215,7 +28674,7 @@ var awsPartition = partition{ Region: "eu-south-1", Variant: dualStackVariant, }: endpoint{ - Hostname: "servicediscovery.eu-south-1.amazonaws.com", + Hostname: "servicediscovery.eu-south-1.api.aws", }, endpointKey{ Region: "eu-south-2", @@ -23224,7 +28683,7 @@ var awsPartition = partition{ Region: "eu-south-2", Variant: dualStackVariant, }: endpoint{ - Hostname: "servicediscovery.eu-south-2.amazonaws.com", + Hostname: "servicediscovery.eu-south-2.api.aws", }, endpointKey{ Region: "eu-west-1", @@ -23233,7 +28692,7 @@ var awsPartition = partition{ Region: "eu-west-1", Variant: dualStackVariant, }: endpoint{ - Hostname: "servicediscovery.eu-west-1.amazonaws.com", + Hostname: "servicediscovery.eu-west-1.api.aws", }, endpointKey{ Region: "eu-west-2", @@ -23242,7 +28701,7 @@ var awsPartition = partition{ Region: "eu-west-2", Variant: dualStackVariant, }: endpoint{ - Hostname: "servicediscovery.eu-west-2.amazonaws.com", + Hostname: "servicediscovery.eu-west-2.api.aws", }, endpointKey{ Region: "eu-west-3", @@ -23251,7 +28710,16 @@ var awsPartition = partition{ Region: "eu-west-3", Variant: dualStackVariant, }: endpoint{ - Hostname: "servicediscovery.eu-west-3.amazonaws.com", + Hostname: "servicediscovery.eu-west-3.api.aws", + }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "il-central-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "servicediscovery.il-central-1.api.aws", }, endpointKey{ Region: "me-central-1", @@ -23260,7 +28728,7 @@ var awsPartition = partition{ Region: "me-central-1", Variant: dualStackVariant, }: endpoint{ - Hostname: "servicediscovery.me-central-1.amazonaws.com", + Hostname: "servicediscovery.me-central-1.api.aws", }, endpointKey{ Region: "me-south-1", @@ -23269,7 +28737,7 @@ var awsPartition = partition{ Region: "me-south-1", Variant: dualStackVariant, }: endpoint{ - Hostname: "servicediscovery.me-south-1.amazonaws.com", + Hostname: "servicediscovery.me-south-1.api.aws", }, endpointKey{ Region: "sa-east-1", @@ -23278,34 +28746,7 @@ var awsPartition = partition{ Region: "sa-east-1", Variant: dualStackVariant, }: endpoint{ - Hostname: "servicediscovery.sa-east-1.amazonaws.com", - }, - endpointKey{ - Region: "servicediscovery", - }: endpoint{ - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "servicediscovery", - Variant: fipsVariant, - }: endpoint{ - Hostname: "servicediscovery-fips.ca-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "servicediscovery-fips", - }: endpoint{ - Hostname: "servicediscovery-fips.ca-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, - Deprecated: boxedTrue, + Hostname: "servicediscovery.sa-east-1.api.aws", }, endpointKey{ Region: "us-east-1", @@ -23314,7 +28755,7 @@ var awsPartition = partition{ Region: "us-east-1", Variant: dualStackVariant, }: endpoint{ - Hostname: "servicediscovery.us-east-1.amazonaws.com", + Hostname: "servicediscovery.us-east-1.api.aws", }, endpointKey{ Region: "us-east-1", @@ -23322,6 +28763,12 @@ var awsPartition = partition{ }: endpoint{ Hostname: "servicediscovery-fips.us-east-1.amazonaws.com", }, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant | dualStackVariant, + }: endpoint{ + Hostname: "servicediscovery-fips.us-east-1.api.aws", + }, endpointKey{ Region: "us-east-1-fips", }: endpoint{ @@ -23338,7 +28785,7 @@ var awsPartition = partition{ Region: "us-east-2", Variant: dualStackVariant, }: endpoint{ - Hostname: "servicediscovery.us-east-2.amazonaws.com", + Hostname: "servicediscovery.us-east-2.api.aws", }, endpointKey{ Region: "us-east-2", @@ -23346,6 +28793,12 @@ var awsPartition = partition{ }: endpoint{ Hostname: "servicediscovery-fips.us-east-2.amazonaws.com", }, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant | dualStackVariant, + }: endpoint{ + Hostname: "servicediscovery-fips.us-east-2.api.aws", + }, endpointKey{ Region: "us-east-2-fips", }: endpoint{ @@ -23362,7 +28815,7 @@ var awsPartition = partition{ Region: "us-west-1", Variant: dualStackVariant, }: endpoint{ - Hostname: "servicediscovery.us-west-1.amazonaws.com", + Hostname: "servicediscovery.us-west-1.api.aws", }, endpointKey{ Region: "us-west-1", @@ -23370,6 +28823,12 @@ var awsPartition = partition{ }: endpoint{ Hostname: "servicediscovery-fips.us-west-1.amazonaws.com", }, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant | dualStackVariant, + }: endpoint{ + Hostname: "servicediscovery-fips.us-west-1.api.aws", + }, endpointKey{ Region: "us-west-1-fips", }: endpoint{ @@ -23386,7 +28845,7 @@ var awsPartition = partition{ Region: "us-west-2", Variant: dualStackVariant, }: endpoint{ - Hostname: "servicediscovery.us-west-2.amazonaws.com", + Hostname: "servicediscovery.us-west-2.api.aws", }, endpointKey{ Region: "us-west-2", @@ -23394,6 +28853,12 @@ var awsPartition = partition{ }: endpoint{ Hostname: "servicediscovery-fips.us-west-2.amazonaws.com", }, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant | dualStackVariant, + }: endpoint{ + Hostname: "servicediscovery-fips.us-west-2.api.aws", + }, endpointKey{ Region: "us-west-2-fips", }: endpoint{ @@ -23430,6 +28895,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-south-1", }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, endpointKey{ Region: "ap-southeast-1", }: endpoint{}, @@ -23439,18 +28907,30 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, endpointKey{ Region: "eu-north-1", }: endpoint{}, endpointKey{ Region: "eu-south-1", }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, endpointKey{ Region: "eu-west-1", }: endpoint{}, @@ -23460,6 +28940,9 @@ var awsPartition = partition{ endpointKey{ Region: "eu-west-3", }: endpoint{}, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, endpointKey{ Region: "me-central-1", }: endpoint{}, @@ -23603,6 +29086,322 @@ var awsPartition = partition{ }, }, }, + "signer": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "signer-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ + Hostname: "signer-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-1", + }: endpoint{ + Hostname: "signer-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "signer-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-verification-us-east-1", + }: endpoint{ + Hostname: "verification.signer-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + endpointKey{ + Region: "fips-verification-us-east-2", + }: endpoint{ + Hostname: "verification.signer-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + }, + endpointKey{ + Region: "fips-verification-us-west-1", + }: endpoint{ + Hostname: "verification.signer-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + }, + endpointKey{ + Region: "fips-verification-us-west-2", + }: endpoint{ + Hostname: "verification.signer-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "signer-fips.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "signer-fips.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "signer-fips.us-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "signer-fips.us-west-2.amazonaws.com", + }, + endpointKey{ + Region: "verification-af-south-1", + }: endpoint{ + Hostname: "verification.signer.af-south-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "af-south-1", + }, + }, + endpointKey{ + Region: "verification-ap-east-1", + }: endpoint{ + Hostname: "verification.signer.ap-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-east-1", + }, + }, + endpointKey{ + Region: "verification-ap-northeast-1", + }: endpoint{ + Hostname: "verification.signer.ap-northeast-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-northeast-1", + }, + }, + endpointKey{ + Region: "verification-ap-northeast-2", + }: endpoint{ + Hostname: "verification.signer.ap-northeast-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-northeast-2", + }, + }, + endpointKey{ + Region: "verification-ap-south-1", + }: endpoint{ + Hostname: "verification.signer.ap-south-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-south-1", + }, + }, + endpointKey{ + Region: "verification-ap-southeast-1", + }: endpoint{ + Hostname: "verification.signer.ap-southeast-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-southeast-1", + }, + }, + endpointKey{ + Region: "verification-ap-southeast-2", + }: endpoint{ + Hostname: "verification.signer.ap-southeast-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-southeast-2", + }, + }, + endpointKey{ + Region: "verification-ca-central-1", + }: endpoint{ + Hostname: "verification.signer.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + }, + endpointKey{ + Region: "verification-eu-central-1", + }: endpoint{ + Hostname: "verification.signer.eu-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-central-1", + }, + }, + endpointKey{ + Region: "verification-eu-north-1", + }: endpoint{ + Hostname: "verification.signer.eu-north-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-north-1", + }, + }, + endpointKey{ + Region: "verification-eu-south-1", + }: endpoint{ + Hostname: "verification.signer.eu-south-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-south-1", + }, + }, + endpointKey{ + Region: "verification-eu-west-1", + }: endpoint{ + Hostname: "verification.signer.eu-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-west-1", + }, + }, + endpointKey{ + Region: "verification-eu-west-2", + }: endpoint{ + Hostname: "verification.signer.eu-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-west-2", + }, + }, + endpointKey{ + Region: "verification-eu-west-3", + }: endpoint{ + Hostname: "verification.signer.eu-west-3.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-west-3", + }, + }, + endpointKey{ + Region: "verification-me-south-1", + }: endpoint{ + Hostname: "verification.signer.me-south-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "me-south-1", + }, + }, + endpointKey{ + Region: "verification-sa-east-1", + }: endpoint{ + Hostname: "verification.signer.sa-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "sa-east-1", + }, + }, + endpointKey{ + Region: "verification-us-east-1", + }: endpoint{ + Hostname: "verification.signer.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + endpointKey{ + Region: "verification-us-east-2", + }: endpoint{ + Hostname: "verification.signer.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + }, + endpointKey{ + Region: "verification-us-west-1", + }: endpoint{ + Hostname: "verification.signer.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + }, + endpointKey{ + Region: "verification-us-west-2", + }: endpoint{ + Hostname: "verification.signer.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, + }, + }, "simspaceweaver": service{ Endpoints: serviceEndpoints{ endpointKey{ @@ -23634,10 +29433,29 @@ var awsPartition = partition{ "sms": service{ Endpoints: serviceEndpoints{ endpointKey{ - Region: "af-south-1", + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "sms-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-west-2", }: endpoint{}, endpointKey{ - Region: "ap-east-1", + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "sms-fips.us-west-2.amazonaws.com", + }, + }, + }, + "sms-voice": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", }: endpoint{}, endpointKey{ Region: "ap-northeast-1", @@ -23645,27 +29463,51 @@ var awsPartition = partition{ endpointKey{ Region: "ap-northeast-2", }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, endpointKey{ Region: "ap-south-1", }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, endpointKey{ Region: "ap-southeast-1", }: endpoint{}, endpointKey{ Region: "ap-southeast-2", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "sms-voice-fips.ca-central-1.amazonaws.com", + }, endpointKey{ Region: "eu-central-1", }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, endpointKey{ Region: "eu-north-1", }: endpoint{}, endpointKey{ Region: "eu-south-1", }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, endpointKey{ Region: "eu-west-1", }: endpoint{}, @@ -23675,10 +29517,19 @@ var awsPartition = partition{ endpointKey{ Region: "eu-west-3", }: endpoint{}, + endpointKey{ + Region: "fips-ca-central-1", + }: endpoint{ + Hostname: "sms-voice-fips.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "fips-us-east-1", }: endpoint{ - Hostname: "sms-fips.us-east-1.amazonaws.com", + Hostname: "sms-voice-fips.us-east-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-east-1", }, @@ -23687,7 +29538,7 @@ var awsPartition = partition{ endpointKey{ Region: "fips-us-east-2", }: endpoint{ - Hostname: "sms-fips.us-east-2.amazonaws.com", + Hostname: "sms-voice-fips.us-east-2.amazonaws.com", CredentialScope: credentialScope{ Region: "us-east-2", }, @@ -23696,7 +29547,7 @@ var awsPartition = partition{ endpointKey{ Region: "fips-us-west-1", }: endpoint{ - Hostname: "sms-fips.us-west-1.amazonaws.com", + Hostname: "sms-voice-fips.us-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-west-1", }, @@ -23705,12 +29556,18 @@ var awsPartition = partition{ endpointKey{ Region: "fips-us-west-2", }: endpoint{ - Hostname: "sms-fips.us-west-2.amazonaws.com", + Hostname: "sms-voice-fips.us-west-2.amazonaws.com", CredentialScope: credentialScope{ Region: "us-west-2", }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, endpointKey{ Region: "me-south-1", }: endpoint{}, @@ -23724,7 +29581,7 @@ var awsPartition = partition{ Region: "us-east-1", Variant: fipsVariant, }: endpoint{ - Hostname: "sms-fips.us-east-1.amazonaws.com", + Hostname: "sms-voice-fips.us-east-1.amazonaws.com", }, endpointKey{ Region: "us-east-2", @@ -23733,7 +29590,7 @@ var awsPartition = partition{ Region: "us-east-2", Variant: fipsVariant, }: endpoint{ - Hostname: "sms-fips.us-east-2.amazonaws.com", + Hostname: "sms-voice-fips.us-east-2.amazonaws.com", }, endpointKey{ Region: "us-west-1", @@ -23742,86 +29599,7 @@ var awsPartition = partition{ Region: "us-west-1", Variant: fipsVariant, }: endpoint{ - Hostname: "sms-fips.us-west-1.amazonaws.com", - }, - endpointKey{ - Region: "us-west-2", - }: endpoint{}, - endpointKey{ - Region: "us-west-2", - Variant: fipsVariant, - }: endpoint{ - Hostname: "sms-fips.us-west-2.amazonaws.com", - }, - }, - }, - "sms-voice": service{ - Endpoints: serviceEndpoints{ - endpointKey{ - Region: "ap-northeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-south-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-1", - }: endpoint{}, - endpointKey{ - Region: "ap-southeast-2", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - }: endpoint{}, - endpointKey{ - Region: "ca-central-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "sms-voice-fips.ca-central-1.amazonaws.com", - }, - endpointKey{ - Region: "eu-central-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-1", - }: endpoint{}, - endpointKey{ - Region: "eu-west-2", - }: endpoint{}, - endpointKey{ - Region: "fips-ca-central-1", - }: endpoint{ - Hostname: "sms-voice-fips.ca-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-east-1", - }: endpoint{ - Hostname: "sms-voice-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "fips-us-west-2", - }: endpoint{ - Hostname: "sms-voice-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, - Deprecated: boxedTrue, - }, - endpointKey{ - Region: "us-east-1", - }: endpoint{}, - endpointKey{ - Region: "us-east-1", - Variant: fipsVariant, - }: endpoint{ - Hostname: "sms-voice-fips.us-east-1.amazonaws.com", + Hostname: "sms-voice-fips.us-west-1.amazonaws.com", }, endpointKey{ Region: "us-west-2", @@ -24094,6 +29872,9 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, endpointKey{ Region: "sa-east-1", }: endpoint{}, @@ -24178,9 +29959,21 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "sns-fips.ca-west-1.amazonaws.com", + }, endpointKey{ Region: "eu-central-1", }: endpoint{}, @@ -24205,6 +29998,15 @@ var awsPartition = partition{ endpointKey{ Region: "eu-west-3", }: endpoint{}, + endpointKey{ + Region: "fips-ca-west-1", + }: endpoint{ + Hostname: "sns-fips.ca-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-west-1", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "fips-us-east-1", }: endpoint{ @@ -24241,6 +30043,9 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, endpointKey{ Region: "me-central-1", }: endpoint{}, @@ -24326,9 +30131,15 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, @@ -24389,6 +30200,9 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, endpointKey{ Region: "me-central-1", }: endpoint{}, @@ -24471,6 +30285,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, @@ -24480,6 +30297,15 @@ var awsPartition = partition{ }: endpoint{ Hostname: "ssm-fips.ca-central-1.amazonaws.com", }, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "ssm-fips.ca-west-1.amazonaws.com", + }, endpointKey{ Region: "eu-central-1", }: endpoint{}, @@ -24513,6 +30339,15 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "fips-ca-west-1", + }: endpoint{ + Hostname: "ssm-fips.ca-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-west-1", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "fips-us-east-1", }: endpoint{ @@ -24549,6 +30384,9 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, endpointKey{ Region: "me-central-1", }: endpoint{}, @@ -24596,6 +30434,118 @@ var awsPartition = partition{ }, }, }, + "ssm-contacts": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "ssm-contacts-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ + Hostname: "ssm-contacts-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-1", + }: endpoint{ + Hostname: "ssm-contacts-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "ssm-contacts-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "ssm-contacts-fips.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "ssm-contacts-fips.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "ssm-contacts-fips.us-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "ssm-contacts-fips.us-west-2.amazonaws.com", + }, + }, + }, "ssm-incidents": service{ Endpoints: serviceEndpoints{ endpointKey{ @@ -24616,6 +30566,12 @@ var awsPartition = partition{ endpointKey{ Region: "ca-central-1", }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "ssm-incidents-fips.ca-central-1.amazonaws.com", + }, endpointKey{ Region: "eu-central-1", }: endpoint{}, @@ -24631,28 +30587,235 @@ var awsPartition = partition{ endpointKey{ Region: "eu-west-3", }: endpoint{}, + endpointKey{ + Region: "fips-ca-central-1", + }: endpoint{ + Hostname: "ssm-incidents-fips.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "ssm-incidents-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ + Hostname: "ssm-incidents-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-1", + }: endpoint{ + Hostname: "ssm-incidents-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "ssm-incidents-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "sa-east-1", }: endpoint{}, endpointKey{ Region: "us-east-1", }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "ssm-incidents-fips.us-east-1.amazonaws.com", + }, endpointKey{ Region: "us-east-2", }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "ssm-incidents-fips.us-east-2.amazonaws.com", + }, endpointKey{ Region: "us-west-1", }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "ssm-incidents-fips.us-west-1.amazonaws.com", + }, endpointKey{ Region: "us-west-2", }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "ssm-incidents-fips.us-west-2.amazonaws.com", + }, }, }, "ssm-sap": service{ Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "ssm-sap-fips.ca-central-1.amazonaws.com", + }, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "fips-ca-central-1", + }: endpoint{ + Hostname: "ssm-sap-fips.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "ssm-sap-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ + Hostname: "ssm-sap-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-1", + }: endpoint{ + Hostname: "ssm-sap-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "ssm-sap-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, endpointKey{ Region: "us-east-1", }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "ssm-sap-fips.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "ssm-sap-fips.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "ssm-sap-fips.us-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "ssm-sap-fips.us-west-2.amazonaws.com", + }, }, }, "sso": service{ @@ -24684,12 +30847,18 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, endpointKey{ Region: "eu-north-1", }: endpoint{}, @@ -24705,6 +30874,12 @@ var awsPartition = partition{ endpointKey{ Region: "eu-west-3", }: endpoint{}, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, endpointKey{ Region: "me-south-1", }: endpoint{}, @@ -24757,9 +30932,15 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, @@ -24820,6 +31001,9 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, endpointKey{ Region: "me-central-1", }: endpoint{}, @@ -24887,6 +31071,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-south-1", }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, endpointKey{ Region: "ap-southeast-1", }: endpoint{}, @@ -24896,6 +31083,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, @@ -24917,12 +31107,18 @@ var awsPartition = partition{ endpointKey{ Region: "eu-central-1", }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, endpointKey{ Region: "eu-north-1", }: endpoint{}, endpointKey{ Region: "eu-south-1", }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, endpointKey{ Region: "eu-west-1", }: endpoint{}, @@ -24933,14 +31129,8 @@ var awsPartition = partition{ Region: "eu-west-3", }: endpoint{}, endpointKey{ - Region: "fips", - }: endpoint{ - Hostname: "storagegateway-fips.ca-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, - Deprecated: boxedTrue, - }, + Region: "il-central-1", + }: endpoint{}, endpointKey{ Region: "me-central-1", }: endpoint{}, @@ -25064,9 +31254,15 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, @@ -25091,6 +31287,9 @@ var awsPartition = partition{ endpointKey{ Region: "eu-west-3", }: endpoint{}, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, endpointKey{ Region: "local", }: endpoint{ @@ -25156,6 +31355,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "aws-global", }: endpoint{ @@ -25167,6 +31369,9 @@ var awsPartition = partition{ endpointKey{ Region: "ca-central-1", }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, @@ -25191,6 +31396,9 @@ var awsPartition = partition{ endpointKey{ Region: "eu-west-3", }: endpoint{}, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, endpointKey{ Region: "me-central-1", }: endpoint{}, @@ -25332,9 +31540,15 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, @@ -25395,6 +31609,9 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, endpointKey{ Region: "me-central-1", }: endpoint{}, @@ -25474,9 +31691,15 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, @@ -25537,6 +31760,9 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, endpointKey{ Region: "me-central-1", }: endpoint{}, @@ -25616,9 +31842,15 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, @@ -25643,6 +31875,9 @@ var awsPartition = partition{ endpointKey{ Region: "eu-west-3", }: endpoint{}, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, endpointKey{ Region: "me-central-1", }: endpoint{}, @@ -25784,6 +32019,65 @@ var awsPartition = partition{ }, }, }, + "thinclient": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + }, + }, + "tnb": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + }, + }, "transcribe": service{ Defaults: endpointDefaults{ defaultKey{}: endpoint{ @@ -25933,12 +32227,21 @@ var awsPartition = partition{ }, "transcribestreaming": service{ Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, endpointKey{ Region: "ap-northeast-1", }: endpoint{}, endpointKey{ Region: "ap-northeast-2", }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, endpointKey{ Region: "ap-southeast-2", }: endpoint{}, @@ -26096,6 +32399,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-south-1", }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, endpointKey{ Region: "ap-southeast-1", }: endpoint{}, @@ -26105,6 +32411,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, @@ -26117,12 +32426,18 @@ var awsPartition = partition{ endpointKey{ Region: "eu-central-1", }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, endpointKey{ Region: "eu-north-1", }: endpoint{}, endpointKey{ Region: "eu-south-1", }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, endpointKey{ Region: "eu-west-1", }: endpoint{}, @@ -26177,6 +32492,12 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, endpointKey{ Region: "me-south-1", }: endpoint{}, @@ -26323,6 +32644,91 @@ var awsPartition = partition{ }, }, }, + "verifiedpermissions": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + }, + }, "voice-chime": service{ Endpoints: serviceEndpoints{ endpointKey{ @@ -26334,6 +32740,9 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-1", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, @@ -26472,6 +32881,43 @@ var awsPartition = partition{ }, }, }, + "vpc-lattice": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + }, + }, "waf": service{ PartitionEndpoint: "aws-global", IsRegionalized: boxedFalse, @@ -26635,6 +33081,23 @@ var awsPartition = partition{ Region: "ap-south-1", }, }, + endpointKey{ + Region: "ap-south-2", + }: endpoint{ + Hostname: "waf-regional.ap-south-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-south-2", + }, + }, + endpointKey{ + Region: "ap-south-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "waf-regional-fips.ap-south-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-south-2", + }, + }, endpointKey{ Region: "ap-southeast-1", }: endpoint{ @@ -26686,6 +33149,23 @@ var awsPartition = partition{ Region: "ap-southeast-3", }, }, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{ + Hostname: "waf-regional.ap-southeast-4.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-southeast-4", + }, + }, + endpointKey{ + Region: "ap-southeast-4", + Variant: fipsVariant, + }: endpoint{ + Hostname: "waf-regional-fips.ap-southeast-4.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-southeast-4", + }, + }, endpointKey{ Region: "ca-central-1", }: endpoint{ @@ -26720,6 +33200,23 @@ var awsPartition = partition{ Region: "eu-central-1", }, }, + endpointKey{ + Region: "eu-central-2", + }: endpoint{ + Hostname: "waf-regional.eu-central-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-central-2", + }, + }, + endpointKey{ + Region: "eu-central-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "waf-regional-fips.eu-central-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-central-2", + }, + }, endpointKey{ Region: "eu-north-1", }: endpoint{ @@ -26754,6 +33251,23 @@ var awsPartition = partition{ Region: "eu-south-1", }, }, + endpointKey{ + Region: "eu-south-2", + }: endpoint{ + Hostname: "waf-regional.eu-south-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-south-2", + }, + }, + endpointKey{ + Region: "eu-south-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "waf-regional-fips.eu-south-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-south-2", + }, + }, endpointKey{ Region: "eu-west-1", }: endpoint{ @@ -26859,6 +33373,15 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "fips-ap-south-2", + }: endpoint{ + Hostname: "waf-regional-fips.ap-south-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-south-2", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "fips-ap-southeast-1", }: endpoint{ @@ -26886,6 +33409,15 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "fips-ap-southeast-4", + }: endpoint{ + Hostname: "waf-regional-fips.ap-southeast-4.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-southeast-4", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "fips-ca-central-1", }: endpoint{ @@ -26904,6 +33436,15 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "fips-eu-central-2", + }: endpoint{ + Hostname: "waf-regional-fips.eu-central-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-central-2", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "fips-eu-north-1", }: endpoint{ @@ -26922,6 +33463,15 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "fips-eu-south-2", + }: endpoint{ + Hostname: "waf-regional-fips.eu-south-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-south-2", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "fips-eu-west-1", }: endpoint{ @@ -26949,6 +33499,24 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "fips-il-central-1", + }: endpoint{ + Hostname: "waf-regional-fips.il-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "il-central-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-me-central-1", + }: endpoint{ + Hostname: "waf-regional-fips.me-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "me-central-1", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "fips-me-south-1", }: endpoint{ @@ -27003,6 +33571,40 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{ + Hostname: "waf-regional.il-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "il-central-1", + }, + }, + endpointKey{ + Region: "il-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "waf-regional-fips.il-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "il-central-1", + }, + }, + endpointKey{ + Region: "me-central-1", + }: endpoint{ + Hostname: "waf-regional.me-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "me-central-1", + }, + }, + endpointKey{ + Region: "me-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "waf-regional-fips.me-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "me-central-1", + }, + }, endpointKey{ Region: "me-south-1", }: endpoint{ @@ -27211,6 +33813,23 @@ var awsPartition = partition{ Region: "ap-south-1", }, }, + endpointKey{ + Region: "ap-south-2", + }: endpoint{ + Hostname: "wafv2.ap-south-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-south-2", + }, + }, + endpointKey{ + Region: "ap-south-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "wafv2-fips.ap-south-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-south-2", + }, + }, endpointKey{ Region: "ap-southeast-1", }: endpoint{ @@ -27262,6 +33881,23 @@ var awsPartition = partition{ Region: "ap-southeast-3", }, }, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{ + Hostname: "wafv2.ap-southeast-4.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-southeast-4", + }, + }, + endpointKey{ + Region: "ap-southeast-4", + Variant: fipsVariant, + }: endpoint{ + Hostname: "wafv2-fips.ap-southeast-4.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-southeast-4", + }, + }, endpointKey{ Region: "ca-central-1", }: endpoint{ @@ -27296,6 +33932,23 @@ var awsPartition = partition{ Region: "eu-central-1", }, }, + endpointKey{ + Region: "eu-central-2", + }: endpoint{ + Hostname: "wafv2.eu-central-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-central-2", + }, + }, + endpointKey{ + Region: "eu-central-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "wafv2-fips.eu-central-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-central-2", + }, + }, endpointKey{ Region: "eu-north-1", }: endpoint{ @@ -27330,6 +33983,23 @@ var awsPartition = partition{ Region: "eu-south-1", }, }, + endpointKey{ + Region: "eu-south-2", + }: endpoint{ + Hostname: "wafv2.eu-south-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-south-2", + }, + }, + endpointKey{ + Region: "eu-south-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "wafv2-fips.eu-south-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-south-2", + }, + }, endpointKey{ Region: "eu-west-1", }: endpoint{ @@ -27435,6 +34105,15 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "fips-ap-south-2", + }: endpoint{ + Hostname: "wafv2-fips.ap-south-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-south-2", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "fips-ap-southeast-1", }: endpoint{ @@ -27462,6 +34141,15 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "fips-ap-southeast-4", + }: endpoint{ + Hostname: "wafv2-fips.ap-southeast-4.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-southeast-4", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "fips-ca-central-1", }: endpoint{ @@ -27480,6 +34168,15 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "fips-eu-central-2", + }: endpoint{ + Hostname: "wafv2-fips.eu-central-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-central-2", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "fips-eu-north-1", }: endpoint{ @@ -27498,6 +34195,15 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "fips-eu-south-2", + }: endpoint{ + Hostname: "wafv2-fips.eu-south-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-south-2", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "fips-eu-west-1", }: endpoint{ @@ -27525,6 +34231,24 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "fips-il-central-1", + }: endpoint{ + Hostname: "wafv2-fips.il-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "il-central-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-me-central-1", + }: endpoint{ + Hostname: "wafv2-fips.me-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "me-central-1", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "fips-me-south-1", }: endpoint{ @@ -27579,6 +34303,40 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{ + Hostname: "wafv2.il-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "il-central-1", + }, + }, + endpointKey{ + Region: "il-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "wafv2-fips.il-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "il-central-1", + }, + }, + endpointKey{ + Region: "me-central-1", + }: endpoint{ + Hostname: "wafv2.me-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "me-central-1", + }, + }, + endpointKey{ + Region: "me-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "wafv2-fips.me-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "me-central-1", + }, + }, endpointKey{ Region: "me-south-1", }: endpoint{ @@ -27746,9 +34504,18 @@ var awsPartition = partition{ endpointKey{ Region: "ap-northeast-1", }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, endpointKey{ Region: "ap-southeast-2", }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, @@ -27770,9 +34537,18 @@ var awsPartition = partition{ endpointKey{ Region: "ui-ap-northeast-1", }: endpoint{}, + endpointKey{ + Region: "ui-ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ui-ap-southeast-1", + }: endpoint{}, endpointKey{ Region: "ui-ap-southeast-2", }: endpoint{}, + endpointKey{ + Region: "ui-ca-central-1", + }: endpoint{}, endpointKey{ Region: "ui-eu-central-1", }: endpoint{}, @@ -27921,6 +34697,9 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, endpointKey{ Region: "sa-east-1", }: endpoint{}, @@ -28010,9 +34789,15 @@ var awsPartition = partition{ endpointKey{ Region: "ap-southeast-3", }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, endpointKey{ Region: "ca-central-1", }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, endpointKey{ Region: "eu-central-1", }: endpoint{}, @@ -28073,6 +34858,9 @@ var awsPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, endpointKey{ Region: "me-central-1", }: endpoint{}, @@ -28212,6 +35000,16 @@ var awscnPartition = partition{ }: endpoint{}, }, }, + "airflow": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + }, + }, "api.ecr": service{ Endpoints: serviceEndpoints{ endpointKey{ @@ -28232,6 +35030,20 @@ var awscnPartition = partition{ }, }, }, + "api.pricing": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + CredentialScope: credentialScope{ + Service: "pricing", + }, + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + }, + }, "api.sagemaker": service{ Endpoints: serviceEndpoints{ endpointKey{ @@ -28339,6 +35151,16 @@ var awscnPartition = partition{ }: endpoint{}, }, }, + "arc-zonal-shift": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + }, + }, "athena": service{ Endpoints: serviceEndpoints{ endpointKey{ @@ -28401,6 +35223,16 @@ var awscnPartition = partition{ }: endpoint{}, }, }, + "backupstorage": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + }, + }, "batch": service{ Endpoints: serviceEndpoints{ endpointKey{ @@ -28590,7 +35422,10 @@ var awscnPartition = partition{ Endpoints: serviceEndpoints{ endpointKey{ Region: "cn-north-1", - }: endpoint{}, + }: endpoint{ + Hostname: "data.ats.iot.cn-north-1.amazonaws.com.cn", + Protocols: []string{"https"}, + }, endpointKey{ Region: "cn-northwest-1", }: endpoint{}, @@ -28626,6 +35461,31 @@ var awscnPartition = partition{ }: endpoint{}, }, }, + "datazone": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + DNSSuffix: "api.amazonwebservices.com.cn", + }, + defaultKey{ + Variant: fipsVariant, + }: endpoint{ + Hostname: "{service}-fips.{region}.{dnsSuffix}", + DNSSuffix: "api.amazonwebservices.com.cn", + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{ + Hostname: "datazone.cn-north-1.api.amazonwebservices.com.cn", + }, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{ + Hostname: "datazone.cn-northwest-1.api.amazonwebservices.com.cn", + }, + }, + }, "dax": service{ Endpoints: serviceEndpoints{ endpointKey{ @@ -28753,6 +35613,31 @@ var awscnPartition = partition{ }: endpoint{}, }, }, + "eks-auth": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + DNSSuffix: "api.amazonwebservices.com.cn", + }, + defaultKey{ + Variant: fipsVariant, + }: endpoint{ + Hostname: "{service}-fips.{region}.{dnsSuffix}", + DNSSuffix: "api.amazonwebservices.com.cn", + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{ + Hostname: "eks-auth.cn-north-1.api.amazonwebservices.com.cn", + }, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{ + Hostname: "eks-auth.cn-northwest-1.api.amazonwebservices.com.cn", + }, + }, + }, "elasticache": service{ Endpoints: serviceEndpoints{ endpointKey{ @@ -28838,9 +35723,21 @@ var awscnPartition = partition{ endpointKey{ Region: "cn-north-1", }: endpoint{}, + endpointKey{ + Region: "cn-north-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "elasticmapreduce.cn-north-1.api.amazonwebservices.com.cn", + }, endpointKey{ Region: "cn-northwest-1", }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "elasticmapreduce.cn-northwest-1.api.amazonwebservices.com.cn", + }, }, }, "emr-containers": service{ @@ -28853,14 +35750,36 @@ var awscnPartition = partition{ }: endpoint{}, }, }, + "emr-serverless": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + }, + }, "es": service{ Endpoints: serviceEndpoints{ endpointKey{ Region: "cn-north-1", }: endpoint{}, + endpointKey{ + Region: "cn-north-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "aos.cn-north-1.api.amazonwebservices.com.cn", + }, endpointKey{ Region: "cn-northwest-1", }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "aos.cn-northwest-1.api.amazonwebservices.com.cn", + }, }, }, "events": service{ @@ -29018,14 +35937,52 @@ var awscnPartition = partition{ }, }, }, - "iot": service{ + "identitystore": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + }, + }, + "inspector2": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + }, + }, + "internetmonitor": service{ Defaults: endpointDefaults{ defaultKey{}: endpoint{ - CredentialScope: credentialScope{ - Service: "execute-api", - }, + DNSSuffix: "api.amazonwebservices.com.cn", + }, + defaultKey{ + Variant: fipsVariant, + }: endpoint{ + Hostname: "{service}-fips.{region}.{dnsSuffix}", + DNSSuffix: "api.amazonwebservices.com.cn", + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{ + Hostname: "internetmonitor.cn-north-1.api.amazonwebservices.com.cn", + }, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{ + Hostname: "internetmonitor.cn-northwest-1.api.amazonwebservices.com.cn", }, }, + }, + "iot": service{ Endpoints: serviceEndpoints{ endpointKey{ Region: "cn-north-1", @@ -29078,6 +36035,29 @@ var awscnPartition = partition{ }: endpoint{}, }, }, + "iottwinmaker": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "api-cn-north-1", + }: endpoint{ + Hostname: "api.iottwinmaker.cn-north-1.amazonaws.com.cn", + CredentialScope: credentialScope{ + Region: "cn-north-1", + }, + }, + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "data-cn-north-1", + }: endpoint{ + Hostname: "data.iottwinmaker.cn-north-1.amazonaws.com.cn", + CredentialScope: credentialScope{ + Region: "cn-north-1", + }, + }, + }, + }, "kafka": service{ Endpoints: serviceEndpoints{ endpointKey{ @@ -29088,6 +36068,31 @@ var awscnPartition = partition{ }: endpoint{}, }, }, + "kendra-ranking": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + DNSSuffix: "api.amazonwebservices.com.cn", + }, + defaultKey{ + Variant: fipsVariant, + }: endpoint{ + Hostname: "{service}-fips.{region}.{dnsSuffix}", + DNSSuffix: "api.amazonwebservices.com.cn", + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{ + Hostname: "kendra-ranking.cn-north-1.api.amazonwebservices.com.cn", + }, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{ + Hostname: "kendra-ranking.cn-northwest-1.api.amazonwebservices.com.cn", + }, + }, + }, "kinesis": service{ Endpoints: serviceEndpoints{ endpointKey{ @@ -29108,6 +36113,13 @@ var awscnPartition = partition{ }: endpoint{}, }, }, + "kinesisvideo": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + }, + }, "kms": service{ Endpoints: serviceEndpoints{ endpointKey{ @@ -29160,6 +36172,16 @@ var awscnPartition = partition{ }: endpoint{}, }, }, + "license-manager-linux-subscriptions": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + }, + }, "logs": service{ Endpoints: serviceEndpoints{ endpointKey{ @@ -29247,6 +36269,46 @@ var awscnPartition = partition{ }, }, }, + "network-firewall": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + }, + }, + "oam": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + }, + }, + "oidc": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{ + Hostname: "oidc.cn-north-1.amazonaws.com.cn", + CredentialScope: credentialScope{ + Region: "cn-north-1", + }, + }, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{ + Hostname: "oidc.cn-northwest-1.amazonaws.com.cn", + CredentialScope: credentialScope{ + Region: "cn-northwest-1", + }, + }, + }, + }, "organizations": service{ PartitionEndpoint: "aws-cn-global", IsRegionalized: boxedFalse, @@ -29278,6 +36340,16 @@ var awscnPartition = partition{ }: endpoint{}, }, }, + "pipes": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + }, + }, "polly": service{ Endpoints: serviceEndpoints{ endpointKey{ @@ -29285,6 +36357,58 @@ var awscnPartition = partition{ }: endpoint{}, }, }, + "portal.sso": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{ + Hostname: "portal.sso.cn-north-1.amazonaws.com.cn", + CredentialScope: credentialScope{ + Region: "cn-north-1", + }, + }, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{ + Hostname: "portal.sso.cn-northwest-1.amazonaws.com.cn", + CredentialScope: credentialScope{ + Region: "cn-northwest-1", + }, + }, + }, + }, + "qbusiness": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + DNSSuffix: "api.amazonwebservices.com.cn", + }, + defaultKey{ + Variant: fipsVariant, + }: endpoint{ + Hostname: "{service}-fips.{region}.{dnsSuffix}", + DNSSuffix: "api.amazonwebservices.com.cn", + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{ + Hostname: "qbusiness.cn-north-1.api.amazonwebservices.com.cn", + }, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{ + Hostname: "qbusiness.cn-northwest-1.api.amazonwebservices.com.cn", + }, + }, + }, + "quicksight": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + }, + }, "ram": service{ Endpoints: serviceEndpoints{ endpointKey{ @@ -29325,32 +36449,24 @@ var awscnPartition = partition{ }: endpoint{}, }, }, - "resource-explorer-2": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - DNSSuffix: "api.amazonwebservices.com.cn", - }, - defaultKey{ - Variant: fipsVariant, - }: endpoint{ - Hostname: "{service}-fips.{region}.{dnsSuffix}", - DNSSuffix: "api.amazonwebservices.com.cn", - }, + "redshift-serverless": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, }, + }, + "resource-groups": service{ Endpoints: serviceEndpoints{ endpointKey{ Region: "cn-north-1", - }: endpoint{ - Hostname: "resource-explorer-2.cn-north-1.api.amazonwebservices.com.cn", - }, + }: endpoint{}, endpointKey{ Region: "cn-northwest-1", - }: endpoint{ - Hostname: "resource-explorer-2.cn-northwest-1.api.amazonwebservices.com.cn", - }, + }: endpoint{}, }, }, - "resource-groups": service{ + "rolesanywhere": service{ Endpoints: serviceEndpoints{ endpointKey{ Region: "cn-north-1", @@ -29491,14 +36607,53 @@ var awscnPartition = partition{ }, }, }, + "savingsplans": service{ + IsRegionalized: boxedTrue, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{ + Hostname: "savingsplans.cn-north-1.amazonaws.com.cn", + CredentialScope: credentialScope{ + Region: "cn-north-1", + }, + }, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{ + Hostname: "savingsplans.cn-northwest-1.amazonaws.com.cn", + CredentialScope: credentialScope{ + Region: "cn-northwest-1", + }, + }, + }, + }, + "schemas": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + }, + }, "secretsmanager": service{ Endpoints: serviceEndpoints{ endpointKey{ Region: "cn-north-1", }: endpoint{}, + endpointKey{ + Region: "cn-north-1", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "cn-northwest-1", }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + Variant: dualStackVariant, + }: endpoint{}, }, }, "securityhub": service{ @@ -29549,7 +36704,7 @@ var awscnPartition = partition{ Region: "cn-north-1", Variant: dualStackVariant, }: endpoint{ - Hostname: "servicediscovery.cn-north-1.amazonaws.com.cn", + Hostname: "servicediscovery.cn-north-1.api.amazonwebservices.com.cn", }, endpointKey{ Region: "cn-northwest-1", @@ -29558,11 +36713,26 @@ var awscnPartition = partition{ Region: "cn-northwest-1", Variant: dualStackVariant, }: endpoint{ - Hostname: "servicediscovery.cn-northwest-1.amazonaws.com.cn", + Hostname: "servicediscovery.cn-northwest-1.api.amazonwebservices.com.cn", }, }, }, - "sms": service{ + "servicequotas": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + Protocols: []string{"https"}, + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + }, + }, + "signer": service{ Endpoints: serviceEndpoints{ endpointKey{ Region: "cn-north-1", @@ -29570,6 +36740,29 @@ var awscnPartition = partition{ endpointKey{ Region: "cn-northwest-1", }: endpoint{}, + endpointKey{ + Region: "verification-cn-north-1", + }: endpoint{ + Hostname: "verification.signer.cn-north-1.amazonaws.com.cn", + CredentialScope: credentialScope{ + Region: "cn-north-1", + }, + }, + endpointKey{ + Region: "verification-cn-northwest-1", + }: endpoint{ + Hostname: "verification.signer.cn-northwest-1.amazonaws.com.cn", + CredentialScope: credentialScope{ + Region: "cn-northwest-1", + }, + }, + }, + }, + "sms": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, }, }, "snowball": service{ @@ -29653,14 +36846,36 @@ var awscnPartition = partition{ }: endpoint{}, }, }, + "sso": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + }, + }, "states": service{ Endpoints: serviceEndpoints{ endpointKey{ Region: "cn-north-1", }: endpoint{}, + endpointKey{ + Region: "cn-north-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "states.cn-north-1.api.amazonwebservices.com.cn", + }, endpointKey{ Region: "cn-northwest-1", }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "states.cn-northwest-1.api.amazonwebservices.com.cn", + }, }, }, "storagegateway": service{ @@ -29986,6 +37201,24 @@ var awsusgovPartition = partition{ Region: "us-gov-east-1", }, }, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "access-analyzer.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + }, + endpointKey{ + Region: "us-gov-east-1-fips", + }: endpoint{ + Hostname: "access-analyzer.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "us-gov-west-1", }: endpoint{ @@ -29994,6 +37227,24 @@ var awsusgovPartition = partition{ Region: "us-gov-west-1", }, }, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "access-analyzer.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, + endpointKey{ + Region: "us-gov-west-1-fips", + }: endpoint{ + Hostname: "access-analyzer.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + Deprecated: boxedTrue, + }, }, }, "acm": service{ @@ -30248,6 +37499,9 @@ var awsusgovPartition = partition{ }, }, Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, endpointKey{ Region: "us-gov-west-1", }: endpoint{}, @@ -30395,12 +37649,42 @@ var awsusgovPartition = partition{ }, "appconfigdata": service{ Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-gov-east-1", + }: endpoint{ + Hostname: "appconfigdata.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-gov-west-1", + }: endpoint{ + Hostname: "appconfigdata.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "us-gov-east-1", }: endpoint{}, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "appconfigdata.us-gov-east-1.amazonaws.com", + }, endpointKey{ Region: "us-gov-west-1", }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "appconfigdata.us-gov-west-1.amazonaws.com", + }, }, }, "application-autoscaling": service{ @@ -30417,13 +37701,45 @@ var awsusgovPartition = partition{ endpointKey{ Region: "us-gov-east-1", }: endpoint{ + Hostname: "application-autoscaling.us-gov-east-1.amazonaws.com", Protocols: []string{"http", "https"}, }, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "application-autoscaling.us-gov-east-1.amazonaws.com", + Protocols: []string{"http", "https"}, + }, + endpointKey{ + Region: "us-gov-east-1-fips", + }: endpoint{ + Hostname: "application-autoscaling.us-gov-east-1.amazonaws.com", + Protocols: []string{"http", "https"}, + + Deprecated: boxedTrue, + }, endpointKey{ Region: "us-gov-west-1", }: endpoint{ + Hostname: "application-autoscaling.us-gov-west-1.amazonaws.com", Protocols: []string{"http", "https"}, }, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "application-autoscaling.us-gov-west-1.amazonaws.com", + Protocols: []string{"http", "https"}, + }, + endpointKey{ + Region: "us-gov-west-1-fips", + }: endpoint{ + Hostname: "application-autoscaling.us-gov-west-1.amazonaws.com", + Protocols: []string{"http", "https"}, + + Deprecated: boxedTrue, + }, }, }, "applicationinsights": service{ @@ -30465,6 +37781,24 @@ var awsusgovPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "appstream2-fips.us-gov-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-gov-east-1-fips", + }: endpoint{ + Hostname: "appstream2-fips.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "us-gov-west-1", }: endpoint{}, @@ -30485,6 +37819,16 @@ var awsusgovPartition = partition{ }, }, }, + "arc-zonal-shift": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + }, + }, "athena": service{ Endpoints: serviceEndpoints{ endpointKey{ @@ -30520,6 +37864,12 @@ var awsusgovPartition = partition{ }: endpoint{ Hostname: "athena-fips.us-gov-east-1.amazonaws.com", }, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant | dualStackVariant, + }: endpoint{ + Hostname: "athena-fips.us-gov-east-1.api.aws", + }, endpointKey{ Region: "us-gov-west-1", }: endpoint{}, @@ -30535,6 +37885,12 @@ var awsusgovPartition = partition{ }: endpoint{ Hostname: "athena-fips.us-gov-west-1.amazonaws.com", }, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant | dualStackVariant, + }: endpoint{ + Hostname: "athena-fips.us-gov-west-1.api.aws", + }, }, }, "autoscaling": service{ @@ -30598,6 +37954,16 @@ var awsusgovPartition = partition{ }: endpoint{}, }, }, + "backupstorage": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + }, + }, "batch": service{ Defaults: endpointDefaults{ defaultKey{}: endpoint{}, @@ -30646,6 +38012,13 @@ var awsusgovPartition = partition{ }, }, }, + "bedrock": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + }, + }, "cassandra": service{ Endpoints: serviceEndpoints{ endpointKey{ @@ -30656,6 +38029,24 @@ var awsusgovPartition = partition{ Region: "us-gov-east-1", }, }, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "cassandra.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + }, + endpointKey{ + Region: "us-gov-east-1-fips", + }: endpoint{ + Hostname: "cassandra.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "us-gov-west-1", }: endpoint{ @@ -30664,6 +38055,24 @@ var awsusgovPartition = partition{ Region: "us-gov-west-1", }, }, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "cassandra.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, + endpointKey{ + Region: "us-gov-west-1-fips", + }: endpoint{ + Hostname: "cassandra.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + Deprecated: boxedTrue, + }, }, }, "cloudcontrolapi": service{ @@ -30711,6 +38120,21 @@ var awsusgovPartition = partition{ endpointKey{ Region: "us-gov-west-1", }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "clouddirectory.us-gov-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-gov-west-1-fips", + }: endpoint{ + Hostname: "clouddirectory.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + Deprecated: boxedTrue, + }, }, }, "cloudformation": service{ @@ -30723,6 +38147,24 @@ var awsusgovPartition = partition{ Region: "us-gov-east-1", }, }, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "cloudformation.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + }, + endpointKey{ + Region: "us-gov-east-1-fips", + }: endpoint{ + Hostname: "cloudformation.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "us-gov-west-1", }: endpoint{ @@ -30731,6 +38173,24 @@ var awsusgovPartition = partition{ Region: "us-gov-west-1", }, }, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "cloudformation.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, + endpointKey{ + Region: "us-gov-west-1-fips", + }: endpoint{ + Hostname: "cloudformation.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + Deprecated: boxedTrue, + }, }, }, "cloudhsm": service{ @@ -30936,6 +38396,15 @@ var awsusgovPartition = partition{ }, "codepipeline": service{ Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-gov-east-1", + }: endpoint{ + Hostname: "codepipeline-fips.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "fips-us-gov-west-1", }: endpoint{ @@ -30945,6 +38414,15 @@ var awsusgovPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "codepipeline-fips.us-gov-east-1.amazonaws.com", + }, endpointKey{ Region: "us-gov-west-1", }: endpoint{}, @@ -30956,6 +38434,13 @@ var awsusgovPartition = partition{ }, }, }, + "codestar-connections": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + }, + }, "cognito-identity": service{ Endpoints: serviceEndpoints{ endpointKey{ @@ -31049,6 +38534,26 @@ var awsusgovPartition = partition{ }, }, }, + "compute-optimizer": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{ + Hostname: "compute-optimizer-fips.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{ + Hostname: "compute-optimizer-fips.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, + }, + }, "config": service{ Defaults: endpointDefaults{ defaultKey{}: endpoint{}, @@ -31099,9 +38604,24 @@ var awsusgovPartition = partition{ }, "connect": service{ Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-gov-west-1", + }: endpoint{ + Hostname: "connect.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "us-gov-west-1", }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "connect.us-gov-west-1.amazonaws.com", + }, }, }, "controltower": service{ @@ -31204,9 +38724,24 @@ var awsusgovPartition = partition{ }, "databrew": service{ Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-gov-west-1", + }: endpoint{ + Hostname: "databrew.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "us-gov-west-1", }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "databrew.us-gov-west-1.amazonaws.com", + }, }, }, "datasync": service{ @@ -31249,6 +38784,31 @@ var awsusgovPartition = partition{ }, }, }, + "datazone": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + DNSSuffix: "api.aws", + }, + defaultKey{ + Variant: fipsVariant, + }: endpoint{ + Hostname: "{service}-fips.{region}.{dnsSuffix}", + DNSSuffix: "api.aws", + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{ + Hostname: "datazone.us-gov-east-1.api.aws", + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{ + Hostname: "datazone.us-gov-west-1.api.aws", + }, + }, + }, "directconnect": service{ Endpoints: serviceEndpoints{ endpointKey{ @@ -31274,9 +38834,39 @@ var awsusgovPartition = partition{ endpointKey{ Region: "us-gov-east-1", }: endpoint{}, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "dlm.us-gov-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-gov-east-1-fips", + }: endpoint{ + Hostname: "dlm.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "us-gov-west-1", }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "dlm.us-gov-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-gov-west-1-fips", + }: endpoint{ + Hostname: "dlm.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + Deprecated: boxedTrue, + }, }, }, "dms": service{ @@ -31366,6 +38956,46 @@ var awsusgovPartition = partition{ }, }, }, + "drs": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-gov-east-1", + }: endpoint{ + Hostname: "drs-fips.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-gov-west-1", + }: endpoint{ + Hostname: "drs-fips.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "drs-fips.us-gov-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "drs-fips.us-gov-west-1.amazonaws.com", + }, + }, + }, "ds": service{ Endpoints: serviceEndpoints{ endpointKey{ @@ -31601,6 +39231,31 @@ var awsusgovPartition = partition{ }, }, }, + "eks-auth": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + DNSSuffix: "api.aws", + }, + defaultKey{ + Variant: fipsVariant, + }: endpoint{ + Hostname: "{service}-fips.{region}.{dnsSuffix}", + DNSSuffix: "api.aws", + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{ + Hostname: "eks-auth.us-gov-east-1.api.aws", + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{ + Hostname: "eks-auth.us-gov-west-1.api.aws", + }, + }, + }, "elasticache": service{ Defaults: endpointDefaults{ defaultKey{}: endpoint{}, @@ -31653,6 +39308,24 @@ var awsusgovPartition = partition{ Region: "us-gov-east-1", }, }, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "elasticbeanstalk.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + }, + endpointKey{ + Region: "us-gov-east-1-fips", + }: endpoint{ + Hostname: "elasticbeanstalk.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "us-gov-west-1", }: endpoint{ @@ -31661,6 +39334,24 @@ var awsusgovPartition = partition{ Region: "us-gov-west-1", }, }, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "elasticbeanstalk.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, + endpointKey{ + Region: "us-gov-west-1-fips", + }: endpoint{ + Hostname: "elasticbeanstalk.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + Deprecated: boxedTrue, + }, }, }, "elasticfilesystem": service{ @@ -31785,6 +39476,12 @@ var awsusgovPartition = partition{ endpointKey{ Region: "us-gov-east-1", }: endpoint{}, + endpointKey{ + Region: "us-gov-east-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "elasticmapreduce.us-gov-east-1.api.aws", + }, endpointKey{ Region: "us-gov-east-1", Variant: fipsVariant, @@ -31796,6 +39493,13 @@ var awsusgovPartition = partition{ }: endpoint{ Protocols: []string{"https"}, }, + endpointKey{ + Region: "us-gov-west-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "elasticmapreduce.us-gov-west-1.api.aws", + Protocols: []string{"https"}, + }, endpointKey{ Region: "us-gov-west-1", Variant: fipsVariant, @@ -31827,6 +39531,26 @@ var awsusgovPartition = partition{ }, }, }, + "emr-containers": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + }, + }, + "emr-serverless": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + }, + }, "es": service{ Endpoints: serviceEndpoints{ endpointKey{ @@ -31841,6 +39565,12 @@ var awsusgovPartition = partition{ endpointKey{ Region: "us-gov-east-1", }: endpoint{}, + endpointKey{ + Region: "us-gov-east-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "aos.us-gov-east-1.api.aws", + }, endpointKey{ Region: "us-gov-east-1", Variant: fipsVariant, @@ -31859,6 +39589,12 @@ var awsusgovPartition = partition{ endpointKey{ Region: "us-gov-west-1", }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "aos.us-gov-west-1.api.aws", + }, endpointKey{ Region: "us-gov-west-1", Variant: fipsVariant, @@ -32095,24 +39831,68 @@ var awsusgovPartition = partition{ }, }, }, + "geo": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-gov-west-1", + }: endpoint{ + Hostname: "geo-fips.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "geo-fips.us-gov-west-1.amazonaws.com", + }, + }, + }, "glacier": service{ Endpoints: serviceEndpoints{ endpointKey{ - Region: "us-gov-east-1", + Region: "fips-us-gov-east-1", }: endpoint{ Hostname: "glacier.us-gov-east-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-east-1", }, + Deprecated: boxedTrue, }, endpointKey{ - Region: "us-gov-west-1", + Region: "fips-us-gov-west-1", }: endpoint{ - Hostname: "glacier.us-gov-west-1.amazonaws.com", - Protocols: []string{"http", "https"}, + Hostname: "glacier.us-gov-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-west-1", }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "glacier.us-gov-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{ + Protocols: []string{"http", "https"}, + }, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "glacier.us-gov-west-1.amazonaws.com", + Protocols: []string{"http", "https"}, }, }, }, @@ -32139,21 +39919,45 @@ var awsusgovPartition = partition{ endpointKey{ Region: "us-gov-east-1", }: endpoint{}, + endpointKey{ + Region: "us-gov-east-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "glue.us-gov-east-1.api.aws", + }, endpointKey{ Region: "us-gov-east-1", Variant: fipsVariant, }: endpoint{ Hostname: "glue-fips.us-gov-east-1.amazonaws.com", }, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant | dualStackVariant, + }: endpoint{ + Hostname: "glue-fips.us-gov-east-1.api.aws", + }, endpointKey{ Region: "us-gov-west-1", }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "glue.us-gov-west-1.api.aws", + }, endpointKey{ Region: "us-gov-west-1", Variant: fipsVariant, }: endpoint{ Hostname: "glue-fips.us-gov-west-1.amazonaws.com", }, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant | dualStackVariant, + }: endpoint{ + Hostname: "glue-fips.us-gov-west-1.api.aws", + }, }, }, "greengrass": service{ @@ -32183,36 +39987,38 @@ var awsusgovPartition = partition{ endpointKey{ Region: "fips-us-gov-east-1", }: endpoint{ - Hostname: "greengrass-fips.us-gov-east-1.amazonaws.com", + Hostname: "greengrass.us-gov-east-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-east-1", }, Deprecated: boxedTrue, }, endpointKey{ - Region: "us-gov-east-1", + Region: "fips-us-gov-west-1", }: endpoint{ - Hostname: "greengrass.us-gov-east-1.amazonaws.com", + Hostname: "greengrass.us-gov-west-1.amazonaws.com", CredentialScope: credentialScope{ - Region: "us-gov-east-1", + Region: "us-gov-west-1", }, + Deprecated: boxedTrue, }, + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, endpointKey{ Region: "us-gov-east-1", Variant: fipsVariant, }: endpoint{ - Hostname: "greengrass-fips.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, + Hostname: "greengrass.us-gov-east-1.amazonaws.com", }, endpointKey{ Region: "us-gov-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, }: endpoint{ Hostname: "greengrass.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, }, }, }, @@ -32269,7 +40075,21 @@ var awsusgovPartition = partition{ }, }, "health": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + SSLCommonName: "health.us-gov-west-1.amazonaws.com", + Protocols: []string{"https"}, + }, + }, Endpoints: serviceEndpoints{ + endpointKey{ + Region: "aws-us-gov-global", + }: endpoint{ + Hostname: "global.health.us-gov.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, endpointKey{ Region: "fips-us-gov-west-1", }: endpoint{ @@ -32411,6 +40231,21 @@ var awsusgovPartition = partition{ endpointKey{ Region: "us-gov-west-1", }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "ingest.timestream.us-gov-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-gov-west-1-fips", + }: endpoint{ + Hostname: "ingest.timestream.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + Deprecated: boxedTrue, + }, }, }, "inspector": service{ @@ -32453,31 +40288,85 @@ var awsusgovPartition = partition{ }, }, }, - "iot": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ + "inspector2": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-gov-east-1", + }: endpoint{ + Hostname: "inspector2-fips.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-gov-west-1", + }: endpoint{ + Hostname: "inspector2-fips.us-gov-west-1.amazonaws.com", CredentialScope: credentialScope{ - Service: "execute-api", + Region: "us-gov-west-1", }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "inspector2-fips.us-gov-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "inspector2-fips.us-gov-west-1.amazonaws.com", + }, + }, + }, + "internetmonitor": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + DNSSuffix: "api.aws", + }, + defaultKey{ + Variant: fipsVariant, + }: endpoint{ + Hostname: "{service}-fips.{region}.{dnsSuffix}", + DNSSuffix: "api.aws", }, }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{ + Hostname: "internetmonitor.us-gov-east-1.api.aws", + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{ + Hostname: "internetmonitor.us-gov-west-1.api.aws", + }, + }, + }, + "iot": service{ Endpoints: serviceEndpoints{ endpointKey{ Region: "fips-us-gov-east-1", }: endpoint{ Hostname: "iot-fips.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Service: "execute-api", - }, + Deprecated: boxedTrue, }, endpointKey{ Region: "fips-us-gov-west-1", }: endpoint{ Hostname: "iot-fips.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Service: "execute-api", - }, + Deprecated: boxedTrue, }, endpointKey{ @@ -32622,14 +40511,114 @@ var awsusgovPartition = partition{ }, }, }, + "iottwinmaker": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "api-us-gov-west-1", + }: endpoint{ + Hostname: "api.iottwinmaker.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, + endpointKey{ + Region: "data-us-gov-west-1", + }: endpoint{ + Hostname: "data.iottwinmaker.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, + endpointKey{ + Region: "fips-api-us-gov-west-1", + }: endpoint{ + Hostname: "api.iottwinmaker-fips.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, + endpointKey{ + Region: "fips-data-us-gov-west-1", + }: endpoint{ + Hostname: "data.iottwinmaker-fips.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, + endpointKey{ + Region: "fips-us-gov-west-1", + }: endpoint{ + Hostname: "iottwinmaker-fips.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "iottwinmaker-fips.us-gov-west-1.amazonaws.com", + }, + }, + }, "kafka": service{ Endpoints: serviceEndpoints{ endpointKey{ Region: "us-gov-east-1", - }: endpoint{}, + }: endpoint{ + Hostname: "kafka.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + }, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "kafka.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + }, + endpointKey{ + Region: "us-gov-east-1-fips", + }: endpoint{ + Hostname: "kafka.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "us-gov-west-1", - }: endpoint{}, + }: endpoint{ + Hostname: "kafka.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "kafka.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, + endpointKey{ + Region: "us-gov-west-1-fips", + }: endpoint{ + Hostname: "kafka.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + Deprecated: boxedTrue, + }, }, }, "kendra": service{ @@ -32654,8 +40643,51 @@ var awsusgovPartition = partition{ }, }, }, + "kendra-ranking": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + DNSSuffix: "api.aws", + }, + defaultKey{ + Variant: fipsVariant, + }: endpoint{ + Hostname: "{service}-fips.{region}.{dnsSuffix}", + DNSSuffix: "api.aws", + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{ + Hostname: "kendra-ranking.us-gov-east-1.api.aws", + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{ + Hostname: "kendra-ranking.us-gov-west-1.api.aws", + }, + }, + }, "kinesis": service{ Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-gov-east-1", + }: endpoint{ + Hostname: "kinesis.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-gov-west-1", + }: endpoint{ + Hostname: "kinesis.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "us-gov-east-1", }: endpoint{ @@ -32664,6 +40696,15 @@ var awsusgovPartition = partition{ Region: "us-gov-east-1", }, }, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "kinesis.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + }, endpointKey{ Region: "us-gov-west-1", }: endpoint{ @@ -32672,6 +40713,15 @@ var awsusgovPartition = partition{ Region: "us-gov-west-1", }, }, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "kinesis.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, }, }, "kinesisanalytics": service{ @@ -32756,21 +40806,45 @@ var awsusgovPartition = partition{ endpointKey{ Region: "us-gov-east-1", }: endpoint{}, + endpointKey{ + Region: "us-gov-east-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "lakeformation.us-gov-east-1.api.aws", + }, endpointKey{ Region: "us-gov-east-1", Variant: fipsVariant, }: endpoint{ Hostname: "lakeformation-fips.us-gov-east-1.amazonaws.com", }, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant | dualStackVariant, + }: endpoint{ + Hostname: "lakeformation-fips.us-gov-east-1.api.aws", + }, endpointKey{ Region: "us-gov-west-1", }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "lakeformation.us-gov-west-1.api.aws", + }, endpointKey{ Region: "us-gov-west-1", Variant: fipsVariant, }: endpoint{ Hostname: "lakeformation-fips.us-gov-west-1.amazonaws.com", }, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant | dualStackVariant, + }: endpoint{ + Hostname: "lakeformation-fips.us-gov-west-1.api.aws", + }, }, }, "lambda": service{ @@ -32865,6 +40939,16 @@ var awsusgovPartition = partition{ }, }, }, + "license-manager-linux-subscriptions": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + }, + }, "logs": service{ Endpoints: serviceEndpoints{ endpointKey{ @@ -32905,6 +40989,36 @@ var awsusgovPartition = partition{ }, }, }, + "m2": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-gov-east-1", + }: endpoint{ + + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-gov-west-1", + }: endpoint{ + + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{}, + }, + }, "managedblockchain": service{ Endpoints: serviceEndpoints{ endpointKey{ @@ -32915,12 +41029,22 @@ var awsusgovPartition = partition{ "mediaconvert": service{ Endpoints: serviceEndpoints{ endpointKey{ - Region: "us-gov-west-1", + Region: "fips-us-gov-west-1", }: endpoint{ Hostname: "mediaconvert.us-gov-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-west-1", }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "mediaconvert.us-gov-west-1.amazonaws.com", }, }, }, @@ -32991,6 +41115,46 @@ var awsusgovPartition = partition{ }: endpoint{}, }, }, + "mgn": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-gov-east-1", + }: endpoint{ + Hostname: "mgn-fips.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-gov-west-1", + }: endpoint{ + Hostname: "mgn-fips.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "mgn-fips.us-gov-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "mgn-fips.us-gov-west-1.amazonaws.com", + }, + }, + }, "models.lex": service{ Defaults: endpointDefaults{ defaultKey{}: endpoint{ @@ -33188,6 +41352,24 @@ var awsusgovPartition = partition{ Region: "us-gov-west-1", }, }, + endpointKey{ + Region: "aws-us-gov-global", + Variant: fipsVariant, + }: endpoint{ + Hostname: "networkmanager.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, + endpointKey{ + Region: "fips-aws-us-gov-global", + }: endpoint{ + Hostname: "networkmanager.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + Deprecated: boxedTrue, + }, }, }, "oidc": service{ @@ -33245,32 +41427,62 @@ var awsusgovPartition = partition{ "outposts": service{ Endpoints: serviceEndpoints{ endpointKey{ - Region: "us-gov-east-1", + Region: "fips-us-gov-east-1", }: endpoint{ Hostname: "outposts.us-gov-east-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-east-1", }, + Deprecated: boxedTrue, }, endpointKey{ - Region: "us-gov-west-1", + Region: "fips-us-gov-west-1", }: endpoint{ Hostname: "outposts.us-gov-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-west-1", }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "outposts.us-gov-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "outposts.us-gov-west-1.amazonaws.com", }, }, }, "participant.connect": service{ Endpoints: serviceEndpoints{ endpointKey{ - Region: "us-gov-west-1", + Region: "fips-us-gov-west-1", }: endpoint{ Hostname: "participant.connect.us-gov-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-west-1", }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "participant.connect.us-gov-west-1.amazonaws.com", }, }, }, @@ -33363,6 +41575,31 @@ var awsusgovPartition = partition{ }, }, }, + "qbusiness": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + DNSSuffix: "api.aws", + }, + defaultKey{ + Variant: fipsVariant, + }: endpoint{ + Hostname: "{service}-fips.{region}.{dnsSuffix}", + DNSSuffix: "api.aws", + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{ + Hostname: "qbusiness.us-gov-east-1.api.aws", + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{ + Hostname: "qbusiness.us-gov-west-1.api.aws", + }, + }, + }, "quicksight": service{ Endpoints: serviceEndpoints{ endpointKey{ @@ -33383,6 +41620,24 @@ var awsusgovPartition = partition{ Region: "us-gov-east-1", }, }, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "ram.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + }, + endpointKey{ + Region: "us-gov-east-1-fips", + }: endpoint{ + Hostname: "ram.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "us-gov-west-1", }: endpoint{ @@ -33391,6 +41646,24 @@ var awsusgovPartition = partition{ Region: "us-gov-west-1", }, }, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "ram.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, + endpointKey{ + Region: "us-gov-west-1-fips", + }: endpoint{ + Hostname: "ram.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + Deprecated: boxedTrue, + }, }, }, "rbin": service{ @@ -33568,28 +41841,43 @@ var awsusgovPartition = partition{ }, }, }, - "resource-explorer-2": service{ - Defaults: endpointDefaults{ - defaultKey{}: endpoint{ - DNSSuffix: "api.aws", + "resiliencehub": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-gov-east-1", + }: endpoint{ + Hostname: "resiliencehub-fips.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + Deprecated: boxedTrue, }, - defaultKey{ - Variant: fipsVariant, + endpointKey{ + Region: "fips-us-gov-west-1", }: endpoint{ - Hostname: "{service}-fips.{region}.{dnsSuffix}", - DNSSuffix: "api.aws", + Hostname: "resiliencehub-fips.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + Deprecated: boxedTrue, }, - }, - Endpoints: serviceEndpoints{ endpointKey{ Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, }: endpoint{ - Hostname: "resource-explorer-2.us-gov-east-1.api.aws", + Hostname: "resiliencehub-fips.us-gov-east-1.amazonaws.com", }, endpointKey{ Region: "us-gov-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, }: endpoint{ - Hostname: "resource-explorer-2.us-gov-west-1.api.aws", + Hostname: "resiliencehub-fips.us-gov-west-1.amazonaws.com", }, }, }, @@ -33648,6 +41936,46 @@ var awsusgovPartition = partition{ }: endpoint{}, }, }, + "rolesanywhere": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-gov-east-1", + }: endpoint{ + Hostname: "rolesanywhere-fips.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-gov-west-1", + }: endpoint{ + Hostname: "rolesanywhere-fips.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "rolesanywhere-fips.us-gov-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "rolesanywhere-fips.us-gov-west-1.amazonaws.com", + }, + }, + }, "route53": service{ PartitionEndpoint: "aws-us-gov-global", IsRegionalized: boxedFalse, @@ -33685,9 +42013,35 @@ var awsusgovPartition = partition{ endpointKey{ Region: "us-gov-east-1", }: endpoint{}, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "route53resolver.us-gov-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-gov-east-1-fips", + }: endpoint{ + Hostname: "route53resolver.us-gov-east-1.amazonaws.com", + + Deprecated: boxedTrue, + }, endpointKey{ Region: "us-gov-west-1", }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "route53resolver.us-gov-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-gov-west-1-fips", + }: endpoint{ + Hostname: "route53resolver.us-gov-west-1.amazonaws.com", + + Deprecated: boxedTrue, + }, }, }, "runtime.lex": service{ @@ -33737,6 +42091,9 @@ var awsusgovPartition = partition{ }, }, Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, endpointKey{ Region: "us-gov-west-1", }: endpoint{}, @@ -33979,17 +42336,33 @@ var awsusgovPartition = partition{ endpointKey{ Region: "us-gov-east-1", }: endpoint{}, + endpointKey{ + Region: "us-gov-east-1", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "us-gov-east-1", Variant: fipsVariant, }: endpoint{}, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant | dualStackVariant, + }: endpoint{}, endpointKey{ Region: "us-gov-west-1", }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "us-gov-west-1", Variant: fipsVariant, }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant | dualStackVariant, + }: endpoint{}, }, }, "secretsmanager": service{ @@ -33997,37 +42370,43 @@ var awsusgovPartition = partition{ endpointKey{ Region: "us-gov-east-1", }: endpoint{}, + endpointKey{ + Region: "us-gov-east-1", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "us-gov-east-1", Variant: fipsVariant, - }: endpoint{ - Hostname: "secretsmanager-fips.us-gov-east-1.amazonaws.com", - }, + }: endpoint{}, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant | dualStackVariant, + }: endpoint{}, endpointKey{ Region: "us-gov-east-1-fips", }: endpoint{ - Hostname: "secretsmanager-fips.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, + Deprecated: boxedTrue, }, endpointKey{ Region: "us-gov-west-1", }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: dualStackVariant, + }: endpoint{}, endpointKey{ Region: "us-gov-west-1", Variant: fipsVariant, - }: endpoint{ - Hostname: "secretsmanager-fips.us-gov-west-1.amazonaws.com", - }, + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant | dualStackVariant, + }: endpoint{}, endpointKey{ Region: "us-gov-west-1-fips", }: endpoint{ - Hostname: "secretsmanager-fips.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, + Deprecated: boxedTrue, }, }, @@ -34081,21 +42460,45 @@ var awsusgovPartition = partition{ Endpoints: serviceEndpoints{ endpointKey{ Region: "us-gov-east-1", + }: endpoint{ + Protocols: []string{"https"}, + }, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, }: endpoint{ Hostname: "serverlessrepo.us-gov-east-1.amazonaws.com", Protocols: []string{"https"}, + }, + endpointKey{ + Region: "us-gov-east-1-fips", + }: endpoint{ + Hostname: "serverlessrepo.us-gov-east-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-east-1", }, + Deprecated: boxedTrue, }, endpointKey{ Region: "us-gov-west-1", + }: endpoint{ + Protocols: []string{"https"}, + }, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, }: endpoint{ Hostname: "serverlessrepo.us-gov-west-1.amazonaws.com", Protocols: []string{"https"}, + }, + endpointKey{ + Region: "us-gov-west-1-fips", + }: endpoint{ + Hostname: "serverlessrepo.us-gov-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-west-1", }, + Deprecated: boxedTrue, }, }, }, @@ -34193,7 +42596,7 @@ var awsusgovPartition = partition{ Region: "us-gov-east-1", Variant: dualStackVariant, }: endpoint{ - Hostname: "servicediscovery.us-gov-east-1.amazonaws.com", + Hostname: "servicediscovery.us-gov-east-1.api.aws", }, endpointKey{ Region: "us-gov-east-1", @@ -34201,6 +42604,12 @@ var awsusgovPartition = partition{ }: endpoint{ Hostname: "servicediscovery-fips.us-gov-east-1.amazonaws.com", }, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant | dualStackVariant, + }: endpoint{ + Hostname: "servicediscovery-fips.us-gov-east-1.api.aws", + }, endpointKey{ Region: "us-gov-east-1-fips", }: endpoint{ @@ -34217,7 +42626,7 @@ var awsusgovPartition = partition{ Region: "us-gov-west-1", Variant: dualStackVariant, }: endpoint{ - Hostname: "servicediscovery.us-gov-west-1.amazonaws.com", + Hostname: "servicediscovery.us-gov-west-1.api.aws", }, endpointKey{ Region: "us-gov-west-1", @@ -34225,6 +42634,12 @@ var awsusgovPartition = partition{ }: endpoint{ Hostname: "servicediscovery-fips.us-gov-west-1.amazonaws.com", }, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant | dualStackVariant, + }: endpoint{ + Hostname: "servicediscovery-fips.us-gov-west-1.api.aws", + }, endpointKey{ Region: "us-gov-west-1-fips", }: endpoint{ @@ -34287,12 +42702,22 @@ var awsusgovPartition = partition{ }, }, }, - "sms": service{ + "signer": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + }, + }, + "simspaceweaver": service{ Endpoints: serviceEndpoints{ endpointKey{ Region: "fips-us-gov-east-1", }: endpoint{ - Hostname: "sms-fips.us-gov-east-1.amazonaws.com", + Hostname: "simspaceweaver.us-gov-east-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-east-1", }, @@ -34301,7 +42726,7 @@ var awsusgovPartition = partition{ endpointKey{ Region: "fips-us-gov-west-1", }: endpoint{ - Hostname: "sms-fips.us-gov-west-1.amazonaws.com", + Hostname: "simspaceweaver.us-gov-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-west-1", }, @@ -34314,7 +42739,29 @@ var awsusgovPartition = partition{ Region: "us-gov-east-1", Variant: fipsVariant, }: endpoint{ - Hostname: "sms-fips.us-gov-east-1.amazonaws.com", + Hostname: "simspaceweaver.us-gov-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "simspaceweaver.us-gov-west-1.amazonaws.com", + }, + }, + }, + "sms": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-gov-west-1", + }: endpoint{ + Hostname: "sms-fips.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + Deprecated: boxedTrue, }, endpointKey{ Region: "us-gov-west-1", @@ -34329,6 +42776,15 @@ var awsusgovPartition = partition{ }, "sms-voice": service{ Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-gov-east-1", + }: endpoint{ + Hostname: "sms-voice-fips.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "fips-us-gov-west-1", }: endpoint{ @@ -34338,6 +42794,15 @@ var awsusgovPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "sms-voice-fips.us-gov-east-1.amazonaws.com", + }, endpointKey{ Region: "us-gov-west-1", }: endpoint{}, @@ -34421,14 +42886,14 @@ var awsusgovPartition = partition{ endpointKey{ Region: "us-gov-west-1", }: endpoint{ - Protocols: []string{"http", "https"}, + Protocols: []string{"https"}, }, endpointKey{ Region: "us-gov-west-1", Variant: fipsVariant, }: endpoint{ Hostname: "sns.us-gov-west-1.amazonaws.com", - Protocols: []string{"http", "https"}, + Protocols: []string{"https"}, }, }, }, @@ -34520,6 +42985,24 @@ var awsusgovPartition = partition{ Region: "us-gov-east-1", }, }, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "sso.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + }, + endpointKey{ + Region: "us-gov-east-1-fips", + }: endpoint{ + Hostname: "sso.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "us-gov-west-1", }: endpoint{ @@ -34528,6 +43011,24 @@ var awsusgovPartition = partition{ Region: "us-gov-west-1", }, }, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "sso.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, + endpointKey{ + Region: "us-gov-west-1-fips", + }: endpoint{ + Hostname: "sso.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + Deprecated: boxedTrue, + }, }, }, "states": service{ @@ -34772,6 +43273,24 @@ var awsusgovPartition = partition{ Region: "us-gov-east-1", }, }, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "swf.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + }, + endpointKey{ + Region: "us-gov-east-1-fips", + }: endpoint{ + Hostname: "swf.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "us-gov-west-1", }: endpoint{ @@ -34780,6 +43299,24 @@ var awsusgovPartition = partition{ Region: "us-gov-west-1", }, }, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "swf.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, + endpointKey{ + Region: "us-gov-west-1-fips", + }: endpoint{ + Hostname: "swf.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + Deprecated: boxedTrue, + }, }, }, "synthetics": service{ @@ -35124,6 +43661,15 @@ var awsusgovPartition = partition{ }, "workspaces": service{ Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-gov-east-1", + }: endpoint{ + Hostname: "workspaces-fips.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "fips-us-gov-west-1", }: endpoint{ @@ -35133,6 +43679,15 @@ var awsusgovPartition = partition{ }, Deprecated: boxedTrue, }, + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "workspaces-fips.us-gov-east-1.amazonaws.com", + }, endpointKey{ Region: "us-gov-west-1", }: endpoint{}, @@ -35246,6 +43801,20 @@ var awsisoPartition = partition{ }, }, }, + "api.pricing": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + CredentialScope: credentialScope{ + Service: "pricing", + }, + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-iso-east-1", + }: endpoint{}, + }, + }, "api.sagemaker": service{ Endpoints: serviceEndpoints{ endpointKey{ @@ -35295,6 +43864,23 @@ var awsisoPartition = partition{ }: endpoint{}, }, }, + "arc-zonal-shift": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-iso-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-iso-west-1", + }: endpoint{}, + }, + }, + "athena": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-iso-east-1", + }: endpoint{}, + }, + }, "autoscaling": service{ Endpoints: serviceEndpoints{ endpointKey{ @@ -35307,6 +43893,16 @@ var awsisoPartition = partition{ }: endpoint{}, }, }, + "cloudcontrolapi": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-iso-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-iso-west-1", + }: endpoint{}, + }, + }, "cloudformation": service{ Endpoints: serviceEndpoints{ endpointKey{ @@ -35366,6 +43962,46 @@ var awsisoPartition = partition{ }: endpoint{}, }, }, + "datasync": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-iso-east-1", + }: endpoint{ + Hostname: "datasync-fips.us-iso-east-1.c2s.ic.gov", + CredentialScope: credentialScope{ + Region: "us-iso-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-iso-west-1", + }: endpoint{ + Hostname: "datasync-fips.us-iso-west-1.c2s.ic.gov", + CredentialScope: credentialScope{ + Region: "us-iso-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-iso-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-iso-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "datasync-fips.us-iso-east-1.c2s.ic.gov", + }, + endpointKey{ + Region: "us-iso-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-iso-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "datasync-fips.us-iso-west-1.c2s.ic.gov", + }, + }, + }, "directconnect": service{ Endpoints: serviceEndpoints{ endpointKey{ @@ -35376,6 +44012,16 @@ var awsisoPartition = partition{ }: endpoint{}, }, }, + "dlm": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-iso-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-iso-west-1", + }: endpoint{}, + }, + }, "dms": service{ Defaults: endpointDefaults{ defaultKey{}: endpoint{}, @@ -35478,6 +44124,9 @@ var awsisoPartition = partition{ endpointKey{ Region: "us-iso-east-1", }: endpoint{}, + endpointKey{ + Region: "us-iso-west-1", + }: endpoint{}, }, }, "ec2": service{ @@ -35510,6 +44159,9 @@ var awsisoPartition = partition{ endpointKey{ Region: "us-iso-east-1", }: endpoint{}, + endpointKey{ + Region: "us-iso-west-1", + }: endpoint{}, }, }, "elasticache": service{ @@ -35576,14 +44228,45 @@ var awsisoPartition = partition{ }, "elasticmapreduce": service{ Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-iso-east-1", + }: endpoint{ + Hostname: "elasticmapreduce.us-iso-east-1.c2s.ic.gov", + CredentialScope: credentialScope{ + Region: "us-iso-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-iso-west-1", + }: endpoint{ + Hostname: "elasticmapreduce.us-iso-west-1.c2s.ic.gov", + CredentialScope: credentialScope{ + Region: "us-iso-west-1", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "us-iso-east-1", }: endpoint{ Protocols: []string{"https"}, }, + endpointKey{ + Region: "us-iso-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "elasticmapreduce.us-iso-east-1.c2s.ic.gov", + Protocols: []string{"https"}, + }, endpointKey{ Region: "us-iso-west-1", }: endpoint{}, + endpointKey{ + Region: "us-iso-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "elasticmapreduce.us-iso-west-1.c2s.ic.gov", + }, }, }, "es": service{ @@ -35635,6 +44318,19 @@ var awsisoPartition = partition{ }: endpoint{}, }, }, + "guardduty": service{ + IsRegionalized: boxedTrue, + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + Protocols: []string{"https"}, + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-iso-east-1", + }: endpoint{}, + }, + }, "health": service{ Endpoints: serviceEndpoints{ endpointKey{ @@ -35730,6 +44426,9 @@ var awsisoPartition = partition{ endpointKey{ Region: "us-iso-east-1", }: endpoint{}, + endpointKey{ + Region: "us-iso-west-1", + }: endpoint{}, }, }, "logs": service{ @@ -35782,25 +44481,219 @@ var awsisoPartition = partition{ }, "ram": service{ Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-iso-east-1", + }: endpoint{ + Hostname: "ram-fips.us-iso-east-1.c2s.ic.gov", + CredentialScope: credentialScope{ + Region: "us-iso-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-iso-west-1", + }: endpoint{ + Hostname: "ram-fips.us-iso-west-1.c2s.ic.gov", + CredentialScope: credentialScope{ + Region: "us-iso-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-iso-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-iso-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "ram-fips.us-iso-east-1.c2s.ic.gov", + }, + endpointKey{ + Region: "us-iso-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-iso-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "ram-fips.us-iso-west-1.c2s.ic.gov", + }, + }, + }, + "rbin": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-iso-east-1", + }: endpoint{ + Hostname: "rbin-fips.us-iso-east-1.c2s.ic.gov", + CredentialScope: credentialScope{ + Region: "us-iso-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-iso-west-1", + }: endpoint{ + Hostname: "rbin-fips.us-iso-west-1.c2s.ic.gov", + CredentialScope: credentialScope{ + Region: "us-iso-west-1", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "us-iso-east-1", }: endpoint{}, + endpointKey{ + Region: "us-iso-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "rbin-fips.us-iso-east-1.c2s.ic.gov", + }, endpointKey{ Region: "us-iso-west-1", }: endpoint{}, + endpointKey{ + Region: "us-iso-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "rbin-fips.us-iso-west-1.c2s.ic.gov", + }, }, }, "rds": service{ Endpoints: serviceEndpoints{ + endpointKey{ + Region: "rds-fips.us-iso-east-1", + }: endpoint{ + Hostname: "rds-fips.us-iso-east-1.c2s.ic.gov", + CredentialScope: credentialScope{ + Region: "us-iso-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "rds-fips.us-iso-west-1", + }: endpoint{ + Hostname: "rds-fips.us-iso-west-1.c2s.ic.gov", + CredentialScope: credentialScope{ + Region: "us-iso-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "rds.us-iso-east-1", + }: endpoint{ + CredentialScope: credentialScope{ + Region: "us-iso-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "rds.us-iso-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "rds-fips.us-iso-east-1.c2s.ic.gov", + CredentialScope: credentialScope{ + Region: "us-iso-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "rds.us-iso-west-1", + }: endpoint{ + CredentialScope: credentialScope{ + Region: "us-iso-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "rds.us-iso-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "rds-fips.us-iso-west-1.c2s.ic.gov", + CredentialScope: credentialScope{ + Region: "us-iso-west-1", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "us-iso-east-1", }: endpoint{}, + endpointKey{ + Region: "us-iso-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "rds-fips.us-iso-east-1.c2s.ic.gov", + }, + endpointKey{ + Region: "us-iso-east-1-fips", + }: endpoint{ + Hostname: "rds-fips.us-iso-east-1.c2s.ic.gov", + CredentialScope: credentialScope{ + Region: "us-iso-east-1", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "us-iso-west-1", }: endpoint{}, + endpointKey{ + Region: "us-iso-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "rds-fips.us-iso-west-1.c2s.ic.gov", + }, + endpointKey{ + Region: "us-iso-west-1-fips", + }: endpoint{ + Hostname: "rds-fips.us-iso-west-1.c2s.ic.gov", + CredentialScope: credentialScope{ + Region: "us-iso-west-1", + }, + Deprecated: boxedTrue, + }, }, }, "redshift": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-iso-east-1", + }: endpoint{ + Hostname: "redshift-fips.us-iso-east-1.c2s.ic.gov", + CredentialScope: credentialScope{ + Region: "us-iso-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-iso-west-1", + }: endpoint{ + Hostname: "redshift-fips.us-iso-west-1.c2s.ic.gov", + CredentialScope: credentialScope{ + Region: "us-iso-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-iso-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-iso-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "redshift-fips.us-iso-east-1.c2s.ic.gov", + }, + endpointKey{ + Region: "us-iso-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-iso-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "redshift-fips.us-iso-west-1.c2s.ic.gov", + }, + }, + }, + "resource-groups": service{ Endpoints: serviceEndpoints{ endpointKey{ Region: "us-iso-east-1", @@ -35829,6 +44722,9 @@ var awsisoPartition = partition{ endpointKey{ Region: "us-iso-east-1", }: endpoint{}, + endpointKey{ + Region: "us-iso-west-1", + }: endpoint{}, }, }, "runtime.sagemaker": service{ @@ -35845,15 +44741,61 @@ var awsisoPartition = partition{ }, }, Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-iso-east-1", + }: endpoint{ + Hostname: "s3-fips.us-iso-east-1.c2s.ic.gov", + CredentialScope: credentialScope{ + Region: "us-iso-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-iso-west-1", + }: endpoint{ + Hostname: "s3-fips.us-iso-west-1.c2s.ic.gov", + CredentialScope: credentialScope{ + Region: "us-iso-west-1", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "us-iso-east-1", }: endpoint{ Protocols: []string{"http", "https"}, SignatureVersions: []string{"s3v4"}, }, + endpointKey{ + Region: "us-iso-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "s3-fips.us-iso-east-1.c2s.ic.gov", + Protocols: []string{"http", "https"}, + SignatureVersions: []string{"s3v4"}, + }, + endpointKey{ + Region: "us-iso-east-1", + Variant: fipsVariant | dualStackVariant, + }: endpoint{ + Hostname: "s3-fips.dualstack.us-iso-east-1.c2s.ic.gov", + Protocols: []string{"http", "https"}, + SignatureVersions: []string{"s3v4"}, + }, endpointKey{ Region: "us-iso-west-1", }: endpoint{}, + endpointKey{ + Region: "us-iso-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "s3-fips.us-iso-west-1.c2s.ic.gov", + }, + endpointKey{ + Region: "us-iso-west-1", + Variant: fipsVariant | dualStackVariant, + }: endpoint{ + Hostname: "s3-fips.dualstack.us-iso-west-1.c2s.ic.gov", + }, }, }, "secretsmanager": service{ @@ -35861,6 +44803,9 @@ var awsisoPartition = partition{ endpointKey{ Region: "us-iso-east-1", }: endpoint{}, + endpointKey{ + Region: "us-iso-west-1", + }: endpoint{}, }, }, "snowball": service{ @@ -35975,6 +44920,16 @@ var awsisoPartition = partition{ }, }, "tagging": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-iso-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-iso-west-1", + }: endpoint{}, + }, + }, + "textract": service{ Endpoints: serviceEndpoints{ endpointKey{ Region: "us-iso-east-1", @@ -36073,6 +45028,27 @@ var awsisobPartition = partition{ }, }, }, + "api.pricing": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + CredentialScope: credentialScope{ + Service: "pricing", + }, + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-isob-east-1", + }: endpoint{}, + }, + }, + "api.sagemaker": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-isob-east-1", + }: endpoint{}, + }, + }, "appconfig": service{ Endpoints: serviceEndpoints{ endpointKey{ @@ -36099,6 +45075,13 @@ var awsisobPartition = partition{ }: endpoint{}, }, }, + "arc-zonal-shift": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-isob-east-1", + }: endpoint{}, + }, + }, "autoscaling": service{ Defaults: endpointDefaults{ defaultKey{}: endpoint{ @@ -36111,6 +45094,13 @@ var awsisobPartition = partition{ }: endpoint{}, }, }, + "cloudcontrolapi": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-isob-east-1", + }: endpoint{}, + }, + }, "cloudformation": service{ Endpoints: serviceEndpoints{ endpointKey{ @@ -36146,6 +45136,13 @@ var awsisobPartition = partition{ }: endpoint{}, }, }, + "dlm": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-isob-east-1", + }: endpoint{}, + }, + }, "dms": service{ Defaults: endpointDefaults{ defaultKey{}: endpoint{}, @@ -36300,9 +45297,24 @@ var awsisobPartition = partition{ }, "elasticmapreduce": service{ Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-isob-east-1", + }: endpoint{ + Hostname: "elasticmapreduce.us-isob-east-1.sc2s.sgov.gov", + CredentialScope: credentialScope{ + Region: "us-isob-east-1", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "us-isob-east-1", }: endpoint{}, + endpointKey{ + Region: "us-isob-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "elasticmapreduce.us-isob-east-1.sc2s.sgov.gov", + }, }, }, "es": service{ @@ -36434,25 +45446,126 @@ var awsisobPartition = partition{ }: endpoint{}, }, }, + "outposts": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-isob-east-1", + }: endpoint{}, + }, + }, "ram": service{ Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-isob-east-1", + }: endpoint{ + Hostname: "ram-fips.us-isob-east-1.sc2s.sgov.gov", + CredentialScope: credentialScope{ + Region: "us-isob-east-1", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "us-isob-east-1", }: endpoint{}, + endpointKey{ + Region: "us-isob-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "ram-fips.us-isob-east-1.sc2s.sgov.gov", + }, + }, + }, + "rbin": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-isob-east-1", + }: endpoint{ + Hostname: "rbin-fips.us-isob-east-1.sc2s.sgov.gov", + CredentialScope: credentialScope{ + Region: "us-isob-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-isob-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-isob-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "rbin-fips.us-isob-east-1.sc2s.sgov.gov", + }, }, }, "rds": service{ Endpoints: serviceEndpoints{ + endpointKey{ + Region: "rds-fips.us-isob-east-1", + }: endpoint{ + Hostname: "rds-fips.us-isob-east-1.sc2s.sgov.gov", + CredentialScope: credentialScope{ + Region: "us-isob-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "rds.us-isob-east-1", + }: endpoint{ + CredentialScope: credentialScope{ + Region: "us-isob-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "rds.us-isob-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "rds-fips.us-isob-east-1.sc2s.sgov.gov", + CredentialScope: credentialScope{ + Region: "us-isob-east-1", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "us-isob-east-1", }: endpoint{}, + endpointKey{ + Region: "us-isob-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "rds-fips.us-isob-east-1.sc2s.sgov.gov", + }, + endpointKey{ + Region: "us-isob-east-1-fips", + }: endpoint{ + Hostname: "rds-fips.us-isob-east-1.sc2s.sgov.gov", + CredentialScope: credentialScope{ + Region: "us-isob-east-1", + }, + Deprecated: boxedTrue, + }, }, }, "redshift": service{ Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-isob-east-1", + }: endpoint{ + Hostname: "redshift-fips.us-isob-east-1.sc2s.sgov.gov", + CredentialScope: credentialScope{ + Region: "us-isob-east-1", + }, + Deprecated: boxedTrue, + }, endpointKey{ Region: "us-isob-east-1", }: endpoint{}, + endpointKey{ + Region: "us-isob-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "redshift-fips.us-isob-east-1.sc2s.sgov.gov", + }, }, }, "resource-groups": service{ @@ -36483,6 +45596,13 @@ var awsisobPartition = partition{ }: endpoint{}, }, }, + "runtime.sagemaker": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-isob-east-1", + }: endpoint{}, + }, + }, "s3": service{ Defaults: endpointDefaults{ defaultKey{}: endpoint{ @@ -36490,6 +45610,34 @@ var awsisobPartition = partition{ SignatureVersions: []string{"s3v4"}, }, }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-isob-east-1", + }: endpoint{ + Hostname: "s3-fips.us-isob-east-1.sc2s.sgov.gov", + CredentialScope: credentialScope{ + Region: "us-isob-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-isob-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-isob-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "s3-fips.us-isob-east-1.sc2s.sgov.gov", + }, + endpointKey{ + Region: "us-isob-east-1", + Variant: fipsVariant | dualStackVariant, + }: endpoint{ + Hostname: "s3-fips.dualstack.us-isob-east-1.sc2s.sgov.gov", + }, + }, + }, + "secretsmanager": service{ Endpoints: serviceEndpoints{ endpointKey{ Region: "us-isob-east-1", @@ -36542,6 +45690,37 @@ var awsisobPartition = partition{ }: endpoint{}, }, }, + "storagegateway": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips", + }: endpoint{ + Hostname: "storagegateway-fips.us-isob-east-1.sc2s.sgov.gov", + CredentialScope: credentialScope{ + Region: "us-isob-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-isob-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-isob-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "storagegateway-fips.us-isob-east-1.sc2s.sgov.gov", + }, + endpointKey{ + Region: "us-isob-east-1-fips", + }: endpoint{ + Hostname: "storagegateway-fips.us-isob-east-1.sc2s.sgov.gov", + CredentialScope: credentialScope{ + Region: "us-isob-east-1", + }, + Deprecated: boxedTrue, + }, + }, + }, "streams.dynamodb": service{ Defaults: endpointDefaults{ defaultKey{}: endpoint{ @@ -36607,3 +45786,71 @@ var awsisobPartition = partition{ }, }, } + +// AwsIsoEPartition returns the Resolver for AWS ISOE (Europe). +func AwsIsoEPartition() Partition { + return awsisoePartition.Partition() +} + +var awsisoePartition = partition{ + ID: "aws-iso-e", + Name: "AWS ISOE (Europe)", + DNSSuffix: "cloud.adc-e.uk", + RegionRegex: regionRegex{ + Regexp: func() *regexp.Regexp { + reg, _ := regexp.Compile("^eu\\-isoe\\-\\w+\\-\\d+$") + return reg + }(), + }, + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + Hostname: "{service}.{region}.{dnsSuffix}", + Protocols: []string{"https"}, + SignatureVersions: []string{"v4"}, + }, + defaultKey{ + Variant: fipsVariant, + }: endpoint{ + Hostname: "{service}-fips.{region}.{dnsSuffix}", + DNSSuffix: "cloud.adc-e.uk", + Protocols: []string{"https"}, + SignatureVersions: []string{"v4"}, + }, + }, + Regions: regions{}, + Services: services{}, +} + +// AwsIsoFPartition returns the Resolver for AWS ISOF. +func AwsIsoFPartition() Partition { + return awsisofPartition.Partition() +} + +var awsisofPartition = partition{ + ID: "aws-iso-f", + Name: "AWS ISOF", + DNSSuffix: "csp.hci.ic.gov", + RegionRegex: regionRegex{ + Regexp: func() *regexp.Regexp { + reg, _ := regexp.Compile("^us\\-isof\\-\\w+\\-\\d+$") + return reg + }(), + }, + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + Hostname: "{service}.{region}.{dnsSuffix}", + Protocols: []string{"https"}, + SignatureVersions: []string{"v4"}, + }, + defaultKey{ + Variant: fipsVariant, + }: endpoint{ + Hostname: "{service}-fips.{region}.{dnsSuffix}", + DNSSuffix: "csp.hci.ic.gov", + Protocols: []string{"https"}, + SignatureVersions: []string{"v4"}, + }, + }, + Regions: regions{}, + Services: services{}, +} diff --git a/ecs-agent/vendor/github.com/aws/aws-sdk-go/aws/session/credentials.go b/ecs-agent/vendor/github.com/aws/aws-sdk-go/aws/session/credentials.go index 1d3f4c3adc3..ea8e3537658 100644 --- a/ecs-agent/vendor/github.com/aws/aws-sdk-go/aws/session/credentials.go +++ b/ecs-agent/vendor/github.com/aws/aws-sdk-go/aws/session/credentials.go @@ -14,6 +14,7 @@ import ( "github.com/aws/aws-sdk-go/aws/defaults" "github.com/aws/aws-sdk-go/aws/request" "github.com/aws/aws-sdk-go/internal/shareddefaults" + "github.com/aws/aws-sdk-go/service/ssooidc" "github.com/aws/aws-sdk-go/service/sts" ) @@ -23,6 +24,10 @@ type CredentialsProviderOptions struct { // WebIdentityRoleProviderOptions configures a WebIdentityRoleProvider, // such as setting its ExpiryWindow. WebIdentityRoleProviderOptions func(*stscreds.WebIdentityRoleProvider) + + // ProcessProviderOptions configures a ProcessProvider, + // such as setting its Timeout. + ProcessProviderOptions func(*processcreds.ProcessProvider) } func resolveCredentials(cfg *aws.Config, @@ -33,7 +38,7 @@ func resolveCredentials(cfg *aws.Config, switch { case len(sessOpts.Profile) != 0: - // User explicitly provided an Profile in the session's configuration + // User explicitly provided a Profile in the session's configuration // so load that profile from shared config first. // Github(aws/aws-sdk-go#2727) return resolveCredsFromProfile(cfg, envCfg, sharedCfg, handlers, sessOpts) @@ -134,7 +139,11 @@ func resolveCredsFromProfile(cfg *aws.Config, case len(sharedCfg.CredentialProcess) != 0: // Get credentials from CredentialProcess - creds = processcreds.NewCredentials(sharedCfg.CredentialProcess) + var optFns []func(*processcreds.ProcessProvider) + if sessOpts.CredentialsProviderOptions != nil && sessOpts.CredentialsProviderOptions.ProcessProviderOptions != nil { + optFns = append(optFns, sessOpts.CredentialsProviderOptions.ProcessProviderOptions) + } + creds = processcreds.NewCredentials(sharedCfg.CredentialProcess, optFns...) default: // Fallback to default credentials provider, include mock errors for @@ -173,8 +182,28 @@ func resolveSSOCredentials(cfg *aws.Config, sharedCfg sharedConfig, handlers req return nil, err } + var optFns []func(provider *ssocreds.Provider) cfgCopy := cfg.Copy() - cfgCopy.Region = &sharedCfg.SSORegion + + if sharedCfg.SSOSession != nil { + cfgCopy.Region = &sharedCfg.SSOSession.SSORegion + cachedPath, err := ssocreds.StandardCachedTokenFilepath(sharedCfg.SSOSession.Name) + if err != nil { + return nil, err + } + // create oidcClient with AnonymousCredentials to avoid recursively resolving credentials + mySession := Must(NewSession(&aws.Config{ + Credentials: credentials.AnonymousCredentials, + })) + oidcClient := ssooidc.New(mySession, cfgCopy) + tokenProvider := ssocreds.NewSSOTokenProvider(oidcClient, cachedPath) + optFns = append(optFns, func(p *ssocreds.Provider) { + p.TokenProvider = tokenProvider + p.CachedTokenFilepath = cachedPath + }) + } else { + cfgCopy.Region = &sharedCfg.SSORegion + } return ssocreds.NewCredentials( &Session{ @@ -184,6 +213,7 @@ func resolveSSOCredentials(cfg *aws.Config, sharedCfg sharedConfig, handlers req sharedCfg.SSOAccountID, sharedCfg.SSORoleName, sharedCfg.SSOStartURL, + optFns..., ), nil } diff --git a/ecs-agent/vendor/github.com/aws/aws-sdk-go/aws/session/env_config.go b/ecs-agent/vendor/github.com/aws/aws-sdk-go/aws/session/env_config.go index d6fa24776cf..93bb5de6470 100644 --- a/ecs-agent/vendor/github.com/aws/aws-sdk-go/aws/session/env_config.go +++ b/ecs-agent/vendor/github.com/aws/aws-sdk-go/aws/session/env_config.go @@ -171,6 +171,12 @@ type envConfig struct { // AWS_EC2_METADATA_SERVICE_ENDPOINT_MODE=IPv6 EC2IMDSEndpointMode endpoints.EC2IMDSEndpointModeState + // Specifies that IMDS clients should not fallback to IMDSv1 if token + // requests fail. + // + // AWS_EC2_METADATA_V1_DISABLED=true + EC2IMDSv1Disabled *bool + // Specifies that SDK clients must resolve a dual-stack endpoint for // services. // @@ -251,6 +257,9 @@ var ( ec2IMDSEndpointModeEnvKey = []string{ "AWS_EC2_METADATA_SERVICE_ENDPOINT_MODE", } + ec2MetadataV1DisabledEnvKey = []string{ + "AWS_EC2_METADATA_V1_DISABLED", + } useCABundleKey = []string{ "AWS_CA_BUNDLE", } @@ -393,6 +402,7 @@ func envConfigLoad(enableSharedConfig bool) (envConfig, error) { if err := setEC2IMDSEndpointMode(&cfg.EC2IMDSEndpointMode, ec2IMDSEndpointModeEnvKey); err != nil { return envConfig{}, err } + setBoolPtrFromEnvVal(&cfg.EC2IMDSv1Disabled, ec2MetadataV1DisabledEnvKey) if err := setUseDualStackEndpointFromEnvVal(&cfg.UseDualStackEndpoint, awsUseDualStackEndpoint); err != nil { return cfg, err @@ -414,6 +424,24 @@ func setFromEnvVal(dst *string, keys []string) { } } +func setBoolPtrFromEnvVal(dst **bool, keys []string) { + for _, k := range keys { + value := os.Getenv(k) + if len(value) == 0 { + continue + } + + switch { + case strings.EqualFold(value, "false"): + *dst = new(bool) + **dst = false + case strings.EqualFold(value, "true"): + *dst = new(bool) + **dst = true + } + } +} + func setEC2IMDSEndpointMode(mode *endpoints.EC2IMDSEndpointModeState, keys []string) error { for _, k := range keys { value := os.Getenv(k) diff --git a/ecs-agent/vendor/github.com/aws/aws-sdk-go/aws/session/session.go b/ecs-agent/vendor/github.com/aws/aws-sdk-go/aws/session/session.go index 4293dbe10bd..3c88dee526d 100644 --- a/ecs-agent/vendor/github.com/aws/aws-sdk-go/aws/session/session.go +++ b/ecs-agent/vendor/github.com/aws/aws-sdk-go/aws/session/session.go @@ -37,7 +37,7 @@ const ( // ErrSharedConfigSourceCollision will be returned if a section contains both // source_profile and credential_source -var ErrSharedConfigSourceCollision = awserr.New(ErrCodeSharedConfig, "only one credential type may be specified per profile: source profile, credential source, credential process, web identity token, or sso", nil) +var ErrSharedConfigSourceCollision = awserr.New(ErrCodeSharedConfig, "only one credential type may be specified per profile: source profile, credential source, credential process, web identity token", nil) // ErrSharedConfigECSContainerEnvVarEmpty will be returned if the environment // variables are empty and Environment was set as the credential source @@ -174,7 +174,6 @@ const ( // Options provides the means to control how a Session is created and what // configuration values will be loaded. -// type Options struct { // Provides config values for the SDK to use when creating service clients // and making API requests to services. Any value set in with this field @@ -224,7 +223,7 @@ type Options struct { // from stdin for the MFA token code. // // This field is only used if the shared configuration is enabled, and - // the config enables assume role wit MFA via the mfa_serial field. + // the config enables assume role with MFA via the mfa_serial field. AssumeRoleTokenProvider func() (string, error) // When the SDK's shared config is configured to assume a role this option @@ -322,24 +321,24 @@ type Options struct { // credentials file. Enabling the Shared Config will also allow the Session // to be built with retrieving credentials with AssumeRole set in the config. // -// // Equivalent to session.New -// sess := session.Must(session.NewSessionWithOptions(session.Options{})) +// // Equivalent to session.New +// sess := session.Must(session.NewSessionWithOptions(session.Options{})) // -// // Specify profile to load for the session's config -// sess := session.Must(session.NewSessionWithOptions(session.Options{ -// Profile: "profile_name", -// })) +// // Specify profile to load for the session's config +// sess := session.Must(session.NewSessionWithOptions(session.Options{ +// Profile: "profile_name", +// })) // -// // Specify profile for config and region for requests -// sess := session.Must(session.NewSessionWithOptions(session.Options{ -// Config: aws.Config{Region: aws.String("us-east-1")}, -// Profile: "profile_name", -// })) +// // Specify profile for config and region for requests +// sess := session.Must(session.NewSessionWithOptions(session.Options{ +// Config: aws.Config{Region: aws.String("us-east-1")}, +// Profile: "profile_name", +// })) // -// // Force enable Shared Config support -// sess := session.Must(session.NewSessionWithOptions(session.Options{ -// SharedConfigState: session.SharedConfigEnable, -// })) +// // Force enable Shared Config support +// sess := session.Must(session.NewSessionWithOptions(session.Options{ +// SharedConfigState: session.SharedConfigEnable, +// })) func NewSessionWithOptions(opts Options) (*Session, error) { var envCfg envConfig var err error @@ -375,7 +374,7 @@ func NewSessionWithOptions(opts Options) (*Session, error) { // This helper is intended to be used in variable initialization to load the // Session and configuration at startup. Such as: // -// var sess = session.Must(session.NewSession()) +// var sess = session.Must(session.NewSession()) func Must(sess *Session, err error) *Session { if err != nil { panic(err) @@ -780,14 +779,12 @@ func mergeConfigSrcs(cfg, userCfg *aws.Config, cfg.EndpointResolver = wrapEC2IMDSEndpoint(cfg.EndpointResolver, ec2IMDSEndpoint, endpointMode) } - // Configure credentials if not already set by the user when creating the - // Session. - if cfg.Credentials == credentials.AnonymousCredentials && userCfg.Credentials == nil { - creds, err := resolveCredentials(cfg, envCfg, sharedCfg, handlers, sessOpts) - if err != nil { - return err - } - cfg.Credentials = creds + cfg.EC2MetadataEnableFallback = userCfg.EC2MetadataEnableFallback + if cfg.EC2MetadataEnableFallback == nil && envCfg.EC2IMDSv1Disabled != nil { + cfg.EC2MetadataEnableFallback = aws.Bool(!*envCfg.EC2IMDSv1Disabled) + } + if cfg.EC2MetadataEnableFallback == nil && sharedCfg.EC2IMDSv1Disabled != nil { + cfg.EC2MetadataEnableFallback = aws.Bool(!*sharedCfg.EC2IMDSv1Disabled) } cfg.S3UseARNRegion = userCfg.S3UseARNRegion @@ -812,6 +809,17 @@ func mergeConfigSrcs(cfg, userCfg *aws.Config, } } + // Configure credentials if not already set by the user when creating the Session. + // Credentials are resolved last such that all _resolved_ config values are propagated to credential providers. + // ticket: P83606045 + if cfg.Credentials == credentials.AnonymousCredentials && userCfg.Credentials == nil { + creds, err := resolveCredentials(cfg, envCfg, sharedCfg, handlers, sessOpts) + if err != nil { + return err + } + cfg.Credentials = creds + } + return nil } @@ -845,8 +853,8 @@ func initHandlers(s *Session) { // and handlers. If any additional configs are provided they will be merged // on top of the Session's copied config. // -// // Create a copy of the current Session, configured for the us-west-2 region. -// sess.Copy(&aws.Config{Region: aws.String("us-west-2")}) +// // Create a copy of the current Session, configured for the us-west-2 region. +// sess.Copy(&aws.Config{Region: aws.String("us-west-2")}) func (s *Session) Copy(cfgs ...*aws.Config) *Session { newSession := &Session{ Config: s.Config.Copy(cfgs...), diff --git a/ecs-agent/vendor/github.com/aws/aws-sdk-go/aws/session/shared_config.go b/ecs-agent/vendor/github.com/aws/aws-sdk-go/aws/session/shared_config.go index 424c82b4d34..f3ce8183dd9 100644 --- a/ecs-agent/vendor/github.com/aws/aws-sdk-go/aws/session/shared_config.go +++ b/ecs-agent/vendor/github.com/aws/aws-sdk-go/aws/session/shared_config.go @@ -26,6 +26,13 @@ const ( roleSessionNameKey = `role_session_name` // optional roleDurationSecondsKey = "duration_seconds" // optional + // Prefix to be used for SSO sections. These are supposed to only exist in + // the shared config file, not the credentials file. + ssoSectionPrefix = `sso-session ` + + // AWS Single Sign-On (AWS SSO) group + ssoSessionNameKey = "sso_session" + // AWS Single Sign-On (AWS SSO) group ssoAccountIDKey = "sso_account_id" ssoRegionKey = "sso_region" @@ -73,6 +80,9 @@ const ( // EC2 IMDS Endpoint ec2MetadataServiceEndpointKey = "ec2_metadata_service_endpoint" + // ECS IMDSv1 disable fallback + ec2MetadataV1DisabledKey = "ec2_metadata_v1_disabled" + // Use DualStack Endpoint Resolution useDualStackEndpoint = "use_dualstack_endpoint" @@ -99,6 +109,10 @@ type sharedConfig struct { CredentialProcess string WebIdentityTokenFile string + // SSO session options + SSOSessionName string + SSOSession *ssoSession + SSOAccountID string SSORegion string SSORoleName string @@ -168,6 +182,12 @@ type sharedConfig struct { // ec2_metadata_service_endpoint=http://fd00:ec2::254 EC2IMDSEndpoint string + // Specifies that IMDS clients should not fallback to IMDSv1 if token + // requests fail. + // + // ec2_metadata_v1_disabled=true + EC2IMDSv1Disabled *bool + // Specifies that SDK clients must resolve a dual-stack endpoint for // services. // @@ -186,6 +206,20 @@ type sharedConfigFile struct { IniData ini.Sections } +// SSOSession provides the shared configuration parameters of the sso-session +// section. +type ssoSession struct { + Name string + SSORegion string + SSOStartURL string +} + +func (s *ssoSession) setFromIniSection(section ini.Section) { + updateString(&s.Name, section, ssoSessionNameKey) + updateString(&s.SSORegion, section, ssoRegionKey) + updateString(&s.SSOStartURL, section, ssoStartURL) +} + // loadSharedConfig retrieves the configuration from the list of files using // the profile provided. The order the files are listed will determine // precedence. Values in subsequent files will overwrite values defined in @@ -266,13 +300,13 @@ func (cfg *sharedConfig) setFromIniFiles(profiles map[string]struct{}, profile s // profile only have credential provider options. cfg.clearAssumeRoleOptions() } else { - // First time a profile has been seen, It must either be a assume role - // credentials, or SSO. Assert if the credential type requires a role ARN, - // the ARN is also set, or validate that the SSO configuration is complete. + // First time a profile has been seen. Assert if the credential type + // requires a role ARN, the ARN is also set if err := cfg.validateCredentialsConfig(profile); err != nil { return err } } + profiles[profile] = struct{}{} if err := cfg.validateCredentialType(); err != nil { @@ -308,6 +342,30 @@ func (cfg *sharedConfig) setFromIniFiles(profiles map[string]struct{}, profile s cfg.SourceProfile = srcCfg } + // If the profile contains an SSO session parameter, the session MUST exist + // as a section in the config file. Load the SSO session using the name + // provided. If the session section is not found or incomplete an error + // will be returned. + if cfg.hasSSOTokenProviderConfiguration() { + skippedFiles = 0 + for _, f := range files { + section, ok := f.IniData.GetSection(fmt.Sprintf(ssoSectionPrefix + strings.TrimSpace(cfg.SSOSessionName))) + if ok { + var ssoSession ssoSession + ssoSession.setFromIniSection(section) + ssoSession.Name = cfg.SSOSessionName + cfg.SSOSession = &ssoSession + break + } + skippedFiles++ + } + if skippedFiles == len(files) { + // If all files were skipped because the sso session section is not found, return + // the sso section not found error. + return fmt.Errorf("failed to find SSO session section, %v", cfg.SSOSessionName) + } + } + return nil } @@ -340,8 +398,15 @@ func (cfg *sharedConfig) setFromIniFile(profile string, file sharedConfigFile, e updateString(&cfg.Region, section, regionKey) updateString(&cfg.CustomCABundle, section, customCABundleKey) + // we're retaining a behavioral quirk with this field that existed before + // the removal of literal parsing for (aws-sdk-go-v2/#2276): + // - if the key is missing, the config field will not be set + // - if the key is set to a non-numeric, the config field will be set to 0 if section.Has(roleDurationSecondsKey) { - d := time.Duration(section.Int(roleDurationSecondsKey)) * time.Second + var d time.Duration + if v, ok := section.Int(roleDurationSecondsKey); ok { + d = time.Duration(v) * time.Second + } cfg.AssumeRoleDuration = &d } @@ -363,6 +428,10 @@ func (cfg *sharedConfig) setFromIniFile(profile string, file sharedConfigFile, e cfg.S3UsEast1RegionalEndpoint = sre } + // AWS Single Sign-On (AWS SSO) + // SSO session options + updateString(&cfg.SSOSessionName, section, ssoSessionNameKey) + // AWS Single Sign-On (AWS SSO) updateString(&cfg.SSOAccountID, section, ssoAccountIDKey) updateString(&cfg.SSORegion, section, ssoRegionKey) @@ -374,6 +443,7 @@ func (cfg *sharedConfig) setFromIniFile(profile string, file sharedConfigFile, e ec2MetadataServiceEndpointModeKey, file.Filename, err) } updateString(&cfg.EC2IMDSEndpoint, section, ec2MetadataServiceEndpointKey) + updateBoolPtr(&cfg.EC2IMDSv1Disabled, section, ec2MetadataV1DisabledKey) updateUseDualStackEndpoint(&cfg.UseDualStackEndpoint, section, useDualStackEndpoint) @@ -461,32 +531,20 @@ func (cfg *sharedConfig) validateCredentialType() error { } func (cfg *sharedConfig) validateSSOConfiguration() error { - if !cfg.hasSSOConfiguration() { + if cfg.hasSSOTokenProviderConfiguration() { + err := cfg.validateSSOTokenProviderConfiguration() + if err != nil { + return err + } return nil } - var missing []string - if len(cfg.SSOAccountID) == 0 { - missing = append(missing, ssoAccountIDKey) - } - - if len(cfg.SSORegion) == 0 { - missing = append(missing, ssoRegionKey) - } - - if len(cfg.SSORoleName) == 0 { - missing = append(missing, ssoRoleNameKey) - } - - if len(cfg.SSOStartURL) == 0 { - missing = append(missing, ssoStartURL) - } - - if len(missing) > 0 { - return fmt.Errorf("profile %q is configured to use SSO but is missing required configuration: %s", - cfg.Profile, strings.Join(missing, ", ")) + if cfg.hasLegacySSOConfiguration() { + err := cfg.validateLegacySSOConfiguration() + if err != nil { + return err + } } - return nil } @@ -525,15 +583,76 @@ func (cfg *sharedConfig) clearAssumeRoleOptions() { } func (cfg *sharedConfig) hasSSOConfiguration() bool { - switch { - case len(cfg.SSOAccountID) != 0: - case len(cfg.SSORegion) != 0: - case len(cfg.SSORoleName) != 0: - case len(cfg.SSOStartURL) != 0: - default: - return false + return cfg.hasSSOTokenProviderConfiguration() || cfg.hasLegacySSOConfiguration() +} + +func (c *sharedConfig) hasSSOTokenProviderConfiguration() bool { + return len(c.SSOSessionName) > 0 +} + +func (c *sharedConfig) hasLegacySSOConfiguration() bool { + return len(c.SSORegion) > 0 || len(c.SSOAccountID) > 0 || len(c.SSOStartURL) > 0 || len(c.SSORoleName) > 0 +} + +func (c *sharedConfig) validateSSOTokenProviderConfiguration() error { + var missing []string + + if len(c.SSOSessionName) == 0 { + missing = append(missing, ssoSessionNameKey) } - return true + + if c.SSOSession == nil { + missing = append(missing, ssoSectionPrefix) + } else { + if len(c.SSOSession.SSORegion) == 0 { + missing = append(missing, ssoRegionKey) + } + + if len(c.SSOSession.SSOStartURL) == 0 { + missing = append(missing, ssoStartURL) + } + } + + if len(missing) > 0 { + return fmt.Errorf("profile %q is configured to use SSO but is missing required configuration: %s", + c.Profile, strings.Join(missing, ", ")) + } + + if len(c.SSORegion) > 0 && c.SSORegion != c.SSOSession.SSORegion { + return fmt.Errorf("%s in profile %q must match %s in %s", ssoRegionKey, c.Profile, ssoRegionKey, ssoSectionPrefix) + } + + if len(c.SSOStartURL) > 0 && c.SSOStartURL != c.SSOSession.SSOStartURL { + return fmt.Errorf("%s in profile %q must match %s in %s", ssoStartURL, c.Profile, ssoStartURL, ssoSectionPrefix) + } + + return nil +} + +func (c *sharedConfig) validateLegacySSOConfiguration() error { + var missing []string + + if len(c.SSORegion) == 0 { + missing = append(missing, ssoRegionKey) + } + + if len(c.SSOStartURL) == 0 { + missing = append(missing, ssoStartURL) + } + + if len(c.SSOAccountID) == 0 { + missing = append(missing, ssoAccountIDKey) + } + + if len(c.SSORoleName) == 0 { + missing = append(missing, ssoRoleNameKey) + } + + if len(missing) > 0 { + return fmt.Errorf("profile %q is configured to use SSO but is missing required configuration: %s", + c.Profile, strings.Join(missing, ", ")) + } + return nil } func oneOrNone(bs ...bool) bool { @@ -566,7 +685,10 @@ func updateBool(dst *bool, section ini.Section, key string) { if !section.Has(key) { return } - *dst = section.Bool(key) + + // retains pre-(aws-sdk-go-v2#2276) behavior where non-bool value would resolve to false + v, _ := section.Bool(key) + *dst = v } // updateBoolPtr will only update the dst with the value in the section key, @@ -575,8 +697,11 @@ func updateBoolPtr(dst **bool, section ini.Section, key string) { if !section.Has(key) { return } + + // retains pre-(aws-sdk-go-v2#2276) behavior where non-bool value would resolve to false + v, _ := section.Bool(key) *dst = new(bool) - **dst = section.Bool(key) + **dst = v } // SharedConfigLoadError is an error for the shared config file failed to load. @@ -703,7 +828,8 @@ func updateUseDualStackEndpoint(dst *endpoints.DualStackEndpointState, section i return } - if section.Bool(key) { + // retains pre-(aws-sdk-go-v2/#2276) behavior where non-bool value would resolve to false + if v, _ := section.Bool(key); v { *dst = endpoints.DualStackEndpointStateEnabled } else { *dst = endpoints.DualStackEndpointStateDisabled @@ -719,7 +845,8 @@ func updateUseFIPSEndpoint(dst *endpoints.FIPSEndpointState, section ini.Section return } - if section.Bool(key) { + // retains pre-(aws-sdk-go-v2/#2276) behavior where non-bool value would resolve to false + if v, _ := section.Bool(key); v { *dst = endpoints.FIPSEndpointStateEnabled } else { *dst = endpoints.FIPSEndpointStateDisabled diff --git a/ecs-agent/vendor/github.com/aws/aws-sdk-go/aws/signer/v4/v4.go b/ecs-agent/vendor/github.com/aws/aws-sdk-go/aws/signer/v4/v4.go index 4d78162c034..b542df93156 100644 --- a/ecs-agent/vendor/github.com/aws/aws-sdk-go/aws/signer/v4/v4.go +++ b/ecs-agent/vendor/github.com/aws/aws-sdk-go/aws/signer/v4/v4.go @@ -3,21 +3,21 @@ // Provides request signing for request that need to be signed with // AWS V4 Signatures. // -// Standalone Signer +// # Standalone Signer // // Generally using the signer outside of the SDK should not require any additional // logic when using Go v1.5 or higher. The signer does this by taking advantage // of the URL.EscapedPath method. If your request URI requires additional escaping -// you many need to use the URL.Opaque to define what the raw URI should be sent +// you may need to use the URL.Opaque to define what the raw URI should be sent // to the service as. // // The signer will first check the URL.Opaque field, and use its value if set. // The signer does require the URL.Opaque field to be set in the form of: // -// "///" +// "///" // -// // e.g. -// "//example.com/some/path" +// // e.g. +// "//example.com/some/path" // // The leading "//" and hostname are required or the URL.Opaque escaping will // not work correctly. @@ -125,6 +125,7 @@ var requiredSignedHeaders = rules{ "X-Amz-Copy-Source-Server-Side-Encryption-Customer-Algorithm": struct{}{}, "X-Amz-Copy-Source-Server-Side-Encryption-Customer-Key": struct{}{}, "X-Amz-Copy-Source-Server-Side-Encryption-Customer-Key-Md5": struct{}{}, + "X-Amz-Expected-Bucket-Owner": struct{}{}, "X-Amz-Grant-Full-control": struct{}{}, "X-Amz-Grant-Read": struct{}{}, "X-Amz-Grant-Read-Acp": struct{}{}, @@ -135,6 +136,7 @@ var requiredSignedHeaders = rules{ "X-Amz-Request-Payer": struct{}{}, "X-Amz-Server-Side-Encryption": struct{}{}, "X-Amz-Server-Side-Encryption-Aws-Kms-Key-Id": struct{}{}, + "X-Amz-Server-Side-Encryption-Context": struct{}{}, "X-Amz-Server-Side-Encryption-Customer-Algorithm": struct{}{}, "X-Amz-Server-Side-Encryption-Customer-Key": struct{}{}, "X-Amz-Server-Side-Encryption-Customer-Key-Md5": struct{}{}, @@ -695,7 +697,8 @@ func (ctx *signingCtx) buildBodyDigest() error { includeSHA256Header := ctx.unsignedPayload || ctx.ServiceName == "s3" || ctx.ServiceName == "s3-object-lambda" || - ctx.ServiceName == "glacier" + ctx.ServiceName == "glacier" || + ctx.ServiceName == "s3-outposts" s3Presign := ctx.isPresign && (ctx.ServiceName == "s3" || diff --git a/ecs-agent/vendor/github.com/aws/aws-sdk-go/aws/version.go b/ecs-agent/vendor/github.com/aws/aws-sdk-go/aws/version.go index a59400a2b03..28f1c9a02f1 100644 --- a/ecs-agent/vendor/github.com/aws/aws-sdk-go/aws/version.go +++ b/ecs-agent/vendor/github.com/aws/aws-sdk-go/aws/version.go @@ -5,4 +5,4 @@ package aws const SDKName = "aws-sdk-go" // SDKVersion is the version of this SDK -const SDKVersion = "1.44.173" +const SDKVersion = "1.51.3" diff --git a/ecs-agent/vendor/github.com/aws/aws-sdk-go/internal/ini/literal_tokens.go b/ecs-agent/vendor/github.com/aws/aws-sdk-go/internal/ini/literal_tokens.go index 34a481afbd4..b1b686086a9 100644 --- a/ecs-agent/vendor/github.com/aws/aws-sdk-go/internal/ini/literal_tokens.go +++ b/ecs-agent/vendor/github.com/aws/aws-sdk-go/internal/ini/literal_tokens.go @@ -154,11 +154,11 @@ func (v ValueType) String() string { // ValueType enums const ( NoneType = ValueType(iota) - DecimalType - IntegerType + DecimalType // deprecated + IntegerType // deprecated StringType QuotedStringType - BoolType + BoolType // deprecated ) // Value is a union container @@ -166,9 +166,9 @@ type Value struct { Type ValueType raw []rune - integer int64 - decimal float64 - boolean bool + integer int64 // deprecated + decimal float64 // deprecated + boolean bool // deprecated str string } @@ -253,24 +253,6 @@ func newLitToken(b []rune) (Token, int, error) { } token = newToken(TokenLit, b[:n], QuotedStringType) - } else if isNumberValue(b) { - var base int - base, n, err = getNumericalValue(b) - if err != nil { - return token, 0, err - } - - value := b[:n] - vType := IntegerType - if contains(value, '.') || hasExponent(value) { - vType = DecimalType - } - token = newToken(TokenLit, value, vType) - token.base = base - } else if isBoolValue(b) { - n, err = getBoolValue(b) - - token = newToken(TokenLit, b[:n], BoolType) } else { n, err = getValue(b) token = newToken(TokenLit, b[:n], StringType) @@ -280,18 +262,33 @@ func newLitToken(b []rune) (Token, int, error) { } // IntValue returns an integer value -func (v Value) IntValue() int64 { - return v.integer +func (v Value) IntValue() (int64, bool) { + i, err := strconv.ParseInt(string(v.raw), 0, 64) + if err != nil { + return 0, false + } + return i, true } // FloatValue returns a float value -func (v Value) FloatValue() float64 { - return v.decimal +func (v Value) FloatValue() (float64, bool) { + f, err := strconv.ParseFloat(string(v.raw), 64) + if err != nil { + return 0, false + } + return f, true } // BoolValue returns a bool value -func (v Value) BoolValue() bool { - return v.boolean +func (v Value) BoolValue() (bool, bool) { + // we don't use ParseBool as it recognizes more than what we've + // historically supported + if isCaselessLitValue(runesTrue, v.raw) { + return true, true + } else if isCaselessLitValue(runesFalse, v.raw) { + return false, true + } + return false, false } func isTrimmable(r rune) bool { diff --git a/ecs-agent/vendor/github.com/aws/aws-sdk-go/internal/ini/visitor.go b/ecs-agent/vendor/github.com/aws/aws-sdk-go/internal/ini/visitor.go index 081cf433424..1d08e138aba 100644 --- a/ecs-agent/vendor/github.com/aws/aws-sdk-go/internal/ini/visitor.go +++ b/ecs-agent/vendor/github.com/aws/aws-sdk-go/internal/ini/visitor.go @@ -145,17 +145,17 @@ func (t Section) ValueType(k string) (ValueType, bool) { } // Bool returns a bool value at k -func (t Section) Bool(k string) bool { +func (t Section) Bool(k string) (bool, bool) { return t.values[k].BoolValue() } // Int returns an integer value at k -func (t Section) Int(k string) int64 { +func (t Section) Int(k string) (int64, bool) { return t.values[k].IntValue() } // Float64 returns a float value at k -func (t Section) Float64(k string) float64 { +func (t Section) Float64(k string) (float64, bool) { return t.values[k].FloatValue() } diff --git a/ecs-agent/vendor/github.com/aws/aws-sdk-go/private/model/api/api.go b/ecs-agent/vendor/github.com/aws/aws-sdk-go/private/model/api/api.go index e888979cd1f..f2e30429406 100644 --- a/ecs-agent/vendor/github.com/aws/aws-sdk-go/private/model/api/api.go +++ b/ecs-agent/vendor/github.com/aws/aws-sdk-go/private/model/api/api.go @@ -95,11 +95,11 @@ type Metadata struct { EndpointsID string ServiceID string - NoResolveEndpoint bool + NoResolveEndpoint bool AWSQueryCompatible *awsQueryCompatible } -type awsQueryCompatible struct {} +type awsQueryCompatible struct{} // ProtocolSettings define how the SDK should handle requests in the context // of of a protocol. @@ -950,12 +950,100 @@ const ( {{- end }} `)) +// A tplAPIErrors is the top level template for the API +var tplAPIErrorsSQS = template.Must(template.New("api").Parse(` +const ( + {{- range $_, $s := $.ShapeListErrors }} + + // {{ $s.ErrorCodeName }} for service response error code + {{- if eq $s.ErrorCodeName "ErrCodeBatchEntryIdsNotDistinct" }} + // "AWS.SimpleQueueService.BatchEntryIdsNotDistinct". + {{- else if eq $s.ErrorCodeName "ErrCodeBatchRequestTooLong" }} + // "AWS.SimpleQueueService.BatchRequestTooLong". + {{- else if eq $s.ErrorCodeName "ErrCodeEmptyBatchRequest" }} + // "AWS.SimpleQueueService.EmptyBatchRequest". + {{- else if eq $s.ErrorCodeName "ErrCodeInvalidBatchEntryId" }} + // "AWS.SimpleQueueService.InvalidBatchEntryId". + {{- else if eq $s.ErrorCodeName "ErrCodeMessageNotInflight" }} + // "AWS.SimpleQueueService.MessageNotInflight". + {{- else if eq $s.ErrorCodeName "ErrCodePurgeQueueInProgress" }} + // "AWS.SimpleQueueService.PurgeQueueInProgress". + {{- else if eq $s.ErrorCodeName "ErrCodeQueueDeletedRecently" }} + // "AWS.SimpleQueueService.QueueDeletedRecently". + {{- else if eq $s.ErrorCodeName "ErrCodeQueueDoesNotExist" }} + // "AWS.SimpleQueueService.NonExistentQueue". + {{- else if eq $s.ErrorCodeName "ErrCodeTooManyEntriesInBatchRequest" }} + // "AWS.SimpleQueueService.TooManyEntriesInBatchRequest". + {{- else if eq $s.ErrorCodeName "ErrCodeUnsupportedOperation" }} + // "AWS.SimpleQueueService.UnsupportedOperation". + {{- else if eq $s.ErrorCodeName "ErrCodeQueueNameExists" }} + // "QueueAlreadyExists". + {{- else }} + // {{ printf "%q" $s.ErrorName }}. + {{- end }} + {{ if $s.Docstring -}} + // + {{ $s.Docstring }} + {{ end -}} + + + {{- if eq $s.ErrorCodeName "ErrCodeBatchEntryIdsNotDistinct" -}} + {{ $s.ErrorCodeName }} = "AWS.SimpleQueueService.BatchEntryIdsNotDistinct" + {{- else if eq $s.ErrorCodeName "ErrCodeBatchRequestTooLong" -}} + {{ $s.ErrorCodeName }} = "AWS.SimpleQueueService.BatchRequestTooLong" + {{- else if eq $s.ErrorCodeName "ErrCodeEmptyBatchRequest" -}} + {{ $s.ErrorCodeName }} = "AWS.SimpleQueueService.EmptyBatchRequest" + {{- else if eq $s.ErrorCodeName "ErrCodeInvalidBatchEntryId" -}} + {{ $s.ErrorCodeName }} = "AWS.SimpleQueueService.InvalidBatchEntryId" + {{- else if eq $s.ErrorCodeName "ErrCodeMessageNotInflight" -}} + {{ $s.ErrorCodeName }} = "AWS.SimpleQueueService.MessageNotInflight" + {{- else if eq $s.ErrorCodeName "ErrCodePurgeQueueInProgress" -}} + {{ $s.ErrorCodeName }} = "AWS.SimpleQueueService.PurgeQueueInProgress" + {{- else if eq $s.ErrorCodeName "ErrCodeQueueDeletedRecently" -}} + {{ $s.ErrorCodeName }} = "AWS.SimpleQueueService.QueueDeletedRecently" + {{- else if eq $s.ErrorCodeName "ErrCodeQueueDoesNotExist" -}} + {{ $s.ErrorCodeName }} = "AWS.SimpleQueueService.NonExistentQueue" + {{- else if eq $s.ErrorCodeName "ErrCodeTooManyEntriesInBatchRequest" -}} + {{ $s.ErrorCodeName }} = "AWS.SimpleQueueService.TooManyEntriesInBatchRequest" + {{- else if eq $s.ErrorCodeName "ErrCodeUnsupportedOperation" -}} + {{ $s.ErrorCodeName }} = "AWS.SimpleQueueService.UnsupportedOperation" + {{- else if eq $s.ErrorCodeName "ErrCodeQueueNameExists" -}} + {{ $s.ErrorCodeName }} = "QueueAlreadyExists" + {{- else -}} + {{ $s.ErrorCodeName }} = {{ printf "%q" $s.ErrorName }} + {{- end -}} + {{- end }} +) + +{{- if $.WithGeneratedTypedErrors }} + {{- $_ := $.AddSDKImport "private/protocol" }} + + var exceptionFromCode = map[string]func(protocol.ResponseMetadata)error { + {{- range $_, $s := $.ShapeListErrors }} + "{{ $s.ErrorName }}": newError{{ $s.ShapeName }}, + {{- end }} + } + {{- if .Metadata.AWSQueryCompatible }} + var queryExceptionFromCode = map[string]func(protocol.ResponseMetadata, string)error { + {{- range $_, $s := $.ShapeListErrors }} + "{{ $s.ErrorName }}": newQueryCompatibleError{{ $s.ShapeName }}, + {{- end }} + } + {{- end }} +{{- end }} +`)) + // APIErrorsGoCode returns the Go code for the errors.go file. func (a *API) APIErrorsGoCode() string { a.resetImports() var buf bytes.Buffer - err := tplAPIErrors.Execute(&buf, a) + var err error + if a.Metadata.ServiceID == "SQS" { + err = tplAPIErrorsSQS.Execute(&buf, a) + } else { + err = tplAPIErrors.Execute(&buf, a) + } if err != nil { panic(err) diff --git a/ecs-agent/vendor/github.com/aws/aws-sdk-go/private/model/api/eventstream_tmpl.go b/ecs-agent/vendor/github.com/aws/aws-sdk-go/private/model/api/eventstream_tmpl.go index 64846cfaaa8..fe3c19c4857 100644 --- a/ecs-agent/vendor/github.com/aws/aws-sdk-go/private/model/api/eventstream_tmpl.go +++ b/ecs-agent/vendor/github.com/aws/aws-sdk-go/private/model/api/eventstream_tmpl.go @@ -22,8 +22,14 @@ func renderEventStreamAPI(w io.Writer, op *Operation) error { op.API.AddSDKImport("private/protocol/eventstream") op.API.AddSDKImport("private/protocol/eventstream/eventstreamapi") + // usages of these imports are conditional - generate a compile-only + // reference to avoid potential unused imports: + // - awserr is only used for input streams or json protocols + // - time is only used for input streams or if an event payload has a + // timestamp field w.Write([]byte(` var _ awserr.Error +var _ time.Time `)) return eventStreamAPITmpl.Execute(w, op) diff --git a/ecs-agent/vendor/github.com/aws/aws-sdk-go/private/model/api/pagination.go b/ecs-agent/vendor/github.com/aws/aws-sdk-go/private/model/api/pagination.go index 4c338ab16d7..a31089ee344 100644 --- a/ecs-agent/vendor/github.com/aws/aws-sdk-go/private/model/api/pagination.go +++ b/ecs-agent/vendor/github.com/aws/aws-sdk-go/private/model/api/pagination.go @@ -58,6 +58,9 @@ func (p *paginationDefinitions) setup() error { if e.InputTokens == nil || e.OutputTokens == nil { continue } + if _, ok := p.Operations[n]; !ok { + continue + } paginator := e switch t := paginator.InputTokens.(type) { @@ -83,11 +86,7 @@ func (p *paginationDefinitions) setup() error { paginator.OutputTokens = toks } - if o, ok := p.Operations[n]; ok { - o.Paginator = &paginator - } else { - return fmt.Errorf("unknown operation for paginator, %s", n) - } + p.Operations[n].Paginator = &paginator } return nil diff --git a/ecs-agent/vendor/github.com/aws/aws-sdk-go/private/model/api/smoke.go b/ecs-agent/vendor/github.com/aws/aws-sdk-go/private/model/api/smoke.go index 5b8e79b1b37..b25b08dafac 100644 --- a/ecs-agent/vendor/github.com/aws/aws-sdk-go/private/model/api/smoke.go +++ b/ecs-agent/vendor/github.com/aws/aws-sdk-go/private/model/api/smoke.go @@ -173,6 +173,7 @@ func (a *API) APISmokeTestsGoCode() string { var smokeTestTmpl = template.Must(template.New(`smokeTestTmpl`).Parse(` {{- range $i, $testCase := $.TestCases }} {{- $op := index $.API.Operations $testCase.OpName }} + {{- if $op }} func TestInteg_{{ printf "%02d" $i }}_{{ $op.ExportedName }}(t *testing.T) { ctx, cancelFn := context.WithTimeout(context.Background(), 5 *time.Second) defer cancelFn() @@ -206,5 +207,6 @@ var smokeTestTmpl = template.Must(template.New(`smokeTestTmpl`).Parse(` } {{- end }} } + {{- end }} {{- end }} `)) diff --git a/ecs-agent/vendor/github.com/aws/aws-sdk-go/private/model/api/waiters.go b/ecs-agent/vendor/github.com/aws/aws-sdk-go/private/model/api/waiters.go index 33ccd8cec55..1da730837fc 100644 --- a/ecs-agent/vendor/github.com/aws/aws-sdk-go/private/model/api/waiters.go +++ b/ecs-agent/vendor/github.com/aws/aws-sdk-go/private/model/api/waiters.go @@ -98,8 +98,7 @@ func (p *waiterDefinitions) setup() error { e.OperationName = p.ExportableName(e.OperationName) e.Operation = p.API.Operations[e.OperationName] if e.Operation == nil { - return fmt.Errorf("unknown operation %s for waiter %s", - e.OperationName, n) + continue } p.API.Waiters = append(p.API.Waiters, e) } diff --git a/ecs-agent/vendor/github.com/aws/aws-sdk-go/private/protocol/jsonrpc/unmarshal_error.go b/ecs-agent/vendor/github.com/aws/aws-sdk-go/private/protocol/jsonrpc/unmarshal_error.go index 4f933f2a1c4..9c1ccde54ae 100644 --- a/ecs-agent/vendor/github.com/aws/aws-sdk-go/private/protocol/jsonrpc/unmarshal_error.go +++ b/ecs-agent/vendor/github.com/aws/aws-sdk-go/private/protocol/jsonrpc/unmarshal_error.go @@ -22,7 +22,7 @@ const ( // UnmarshalTypedError provides unmarshaling errors API response errors // for both typed and untyped errors. type UnmarshalTypedError struct { - exceptions map[string]func(protocol.ResponseMetadata) error + exceptions map[string]func(protocol.ResponseMetadata) error queryExceptions map[string]func(protocol.ResponseMetadata, string) error } @@ -30,11 +30,13 @@ type UnmarshalTypedError struct { // set of exception names to the error unmarshalers func NewUnmarshalTypedError(exceptions map[string]func(protocol.ResponseMetadata) error) *UnmarshalTypedError { return &UnmarshalTypedError{ - exceptions: exceptions, + exceptions: exceptions, queryExceptions: map[string]func(protocol.ResponseMetadata, string) error{}, } } +// NewUnmarshalTypedErrorWithOptions works similar to NewUnmarshalTypedError applying options to the UnmarshalTypedError +// before returning it func NewUnmarshalTypedErrorWithOptions(exceptions map[string]func(protocol.ResponseMetadata) error, optFns ...func(*UnmarshalTypedError)) *UnmarshalTypedError { unmarshaledError := NewUnmarshalTypedError(exceptions) for _, fn := range optFns { @@ -43,6 +45,11 @@ func NewUnmarshalTypedErrorWithOptions(exceptions map[string]func(protocol.Respo return unmarshaledError } +// WithQueryCompatibility is a helper function to construct a functional option for use with NewUnmarshalTypedErrorWithOptions. +// The queryExceptions given act as an override for unmarshalling errors when query compatible error codes are found. +// See also [awsQueryCompatible trait] +// +// [awsQueryCompatible trait]: https://smithy.io/2.0/aws/protocols/aws-query-protocol.html#aws-protocols-awsquerycompatible-trait func WithQueryCompatibility(queryExceptions map[string]func(protocol.ResponseMetadata, string) error) func(*UnmarshalTypedError) { return func(typedError *UnmarshalTypedError) { typedError.queryExceptions = queryExceptions diff --git a/ecs-agent/vendor/github.com/aws/aws-sdk-go/private/protocol/rest/build.go b/ecs-agent/vendor/github.com/aws/aws-sdk-go/private/protocol/rest/build.go index 1d273ff0ec6..ecc521f88f1 100644 --- a/ecs-agent/vendor/github.com/aws/aws-sdk-go/private/protocol/rest/build.go +++ b/ecs-agent/vendor/github.com/aws/aws-sdk-go/private/protocol/rest/build.go @@ -287,6 +287,10 @@ func convertType(v reflect.Value, tag reflect.StructTag) (str string, err error) if tag.Get("location") != "header" || tag.Get("enum") == "" { return "", fmt.Errorf("%T is only supported with location header and enum shapes", value) } + if len(value) == 0 { + return "", errValueNotSet + } + buff := &bytes.Buffer{} for i, sv := range value { if sv == nil || len(*sv) == 0 { diff --git a/ecs-agent/vendor/github.com/aws/aws-sdk-go/private/protocol/restjson/unmarshal_error.go b/ecs-agent/vendor/github.com/aws/aws-sdk-go/private/protocol/restjson/unmarshal_error.go index d756d8cc529..5366a646d9c 100644 --- a/ecs-agent/vendor/github.com/aws/aws-sdk-go/private/protocol/restjson/unmarshal_error.go +++ b/ecs-agent/vendor/github.com/aws/aws-sdk-go/private/protocol/restjson/unmarshal_error.go @@ -2,6 +2,7 @@ package restjson import ( "bytes" + "encoding/json" "io" "io/ioutil" "net/http" @@ -40,52 +41,30 @@ func (u *UnmarshalTypedError) UnmarshalError( resp *http.Response, respMeta protocol.ResponseMetadata, ) (error, error) { - - code := resp.Header.Get(errorTypeHeader) - msg := resp.Header.Get(errorMessageHeader) - - body := resp.Body - if len(code) == 0 { - // If unable to get code from HTTP headers have to parse JSON message - // to determine what kind of exception this will be. - var buf bytes.Buffer - var jsonErr jsonErrorResponse - teeReader := io.TeeReader(resp.Body, &buf) - err := jsonutil.UnmarshalJSONError(&jsonErr, teeReader) - if err != nil { - return nil, err - } - - body = ioutil.NopCloser(&buf) - code = jsonErr.Code - msg = jsonErr.Message + code, msg, err := unmarshalErrorInfo(resp) + if err != nil { + return nil, err } - // If code has colon separators remove them so can compare against modeled - // exception names. - code = strings.SplitN(code, ":", 2)[0] - - if fn, ok := u.exceptions[code]; ok { - // If exception code is know, use associated constructor to get a value - // for the exception that the JSON body can be unmarshaled into. - v := fn(respMeta) - if err := jsonutil.UnmarshalJSONCaseInsensitive(v, body); err != nil { - return nil, err - } + fn, ok := u.exceptions[code] + if !ok { + return awserr.NewRequestFailure( + awserr.New(code, msg, nil), + respMeta.StatusCode, + respMeta.RequestID, + ), nil + } - if err := rest.UnmarshalResponse(resp, v, true); err != nil { - return nil, err - } + v := fn(respMeta) + if err := jsonutil.UnmarshalJSONCaseInsensitive(v, resp.Body); err != nil { + return nil, err + } - return v, nil + if err := rest.UnmarshalResponse(resp, v, true); err != nil { + return nil, err } - // fallback to unmodeled generic exceptions - return awserr.NewRequestFailure( - awserr.New(code, msg, nil), - respMeta.StatusCode, - respMeta.RequestID, - ), nil + return v, nil } // UnmarshalErrorHandler is a named request handler for unmarshaling restjson @@ -99,36 +78,80 @@ var UnmarshalErrorHandler = request.NamedHandler{ func UnmarshalError(r *request.Request) { defer r.HTTPResponse.Body.Close() - var jsonErr jsonErrorResponse - err := jsonutil.UnmarshalJSONError(&jsonErr, r.HTTPResponse.Body) + code, msg, err := unmarshalErrorInfo(r.HTTPResponse) if err != nil { r.Error = awserr.NewRequestFailure( - awserr.New(request.ErrCodeSerialization, - "failed to unmarshal response error", err), + awserr.New(request.ErrCodeSerialization, "failed to unmarshal response error", err), r.HTTPResponse.StatusCode, r.RequestID, ) return } - code := r.HTTPResponse.Header.Get(errorTypeHeader) - if code == "" { - code = jsonErr.Code - } - msg := r.HTTPResponse.Header.Get(errorMessageHeader) - if msg == "" { - msg = jsonErr.Message - } - - code = strings.SplitN(code, ":", 2)[0] r.Error = awserr.NewRequestFailure( - awserr.New(code, jsonErr.Message, nil), + awserr.New(code, msg, nil), r.HTTPResponse.StatusCode, r.RequestID, ) } type jsonErrorResponse struct { + Type string `json:"__type"` Code string `json:"code"` Message string `json:"message"` } + +func (j *jsonErrorResponse) SanitizedCode() string { + code := j.Code + if len(j.Type) > 0 { + code = j.Type + } + return sanitizeCode(code) +} + +// Remove superfluous components from a restJson error code. +// - If a : character is present, then take only the contents before the +// first : character in the value. +// - If a # character is present, then take only the contents after the first +// # character in the value. +// +// All of the following error values resolve to FooError: +// - FooError +// - FooError:http://internal.amazon.com/coral/com.amazon.coral.validate/ +// - aws.protocoltests.restjson#FooError +// - aws.protocoltests.restjson#FooError:http://internal.amazon.com/coral/com.amazon.coral.validate/ +func sanitizeCode(code string) string { + noColon := strings.SplitN(code, ":", 2)[0] + hashSplit := strings.SplitN(noColon, "#", 2) + return hashSplit[len(hashSplit)-1] +} + +// attempt to garner error details from the response, preferring header values +// when present +func unmarshalErrorInfo(resp *http.Response) (code string, msg string, err error) { + code = sanitizeCode(resp.Header.Get(errorTypeHeader)) + msg = resp.Header.Get(errorMessageHeader) + if len(code) > 0 && len(msg) > 0 { + return + } + + // a modeled error will have to be re-deserialized later, so the body must + // be preserved + var buf bytes.Buffer + tee := io.TeeReader(resp.Body, &buf) + defer func() { resp.Body = ioutil.NopCloser(&buf) }() + + var jsonErr jsonErrorResponse + if decodeErr := json.NewDecoder(tee).Decode(&jsonErr); decodeErr != nil && decodeErr != io.EOF { + err = awserr.NewUnmarshalError(decodeErr, "failed to decode response body", buf.Bytes()) + return + } + + if len(code) == 0 { + code = jsonErr.SanitizedCode() + } + if len(msg) == 0 { + msg = jsonErr.Message + } + return +} diff --git a/ecs-agent/vendor/github.com/aws/aws-sdk-go/service/ec2/api.go b/ecs-agent/vendor/github.com/aws/aws-sdk-go/service/ec2/api.go index ec806017bab..dd8b128ffbd 100644 --- a/ecs-agent/vendor/github.com/aws/aws-sdk-go/service/ec2/api.go +++ b/ecs-agent/vendor/github.com/aws/aws-sdk-go/service/ec2/api.go @@ -429,8 +429,7 @@ func (c *EC2) AcceptVpcEndpointConnectionsRequest(input *AcceptVpcEndpointConnec // AcceptVpcEndpointConnections API operation for Amazon Elastic Compute Cloud. // -// Accepts one or more interface VPC endpoint connection requests to your VPC -// endpoint service. +// Accepts connection requests to your VPC endpoint service. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -684,15 +683,10 @@ func (c *EC2) AllocateAddressRequest(input *AllocateAddressInput) (req *request. // see Bring Your Own IP Addresses (BYOIP) (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-byoip.html) // in the Amazon Elastic Compute Cloud User Guide. // -// [EC2-VPC] If you release an Elastic IP address, you might be able to recover -// it. You cannot recover an Elastic IP address that you released after it is -// allocated to another Amazon Web Services account. You cannot recover an Elastic -// IP address for EC2-Classic. To attempt to recover an Elastic IP address that -// you released, specify it in this operation. -// -// An Elastic IP address is for use either in the EC2-Classic platform or in -// a VPC. By default, you can allocate 5 Elastic IP addresses for EC2-Classic -// per Region and 5 Elastic IP addresses for EC2-VPC per Region. +// If you release an Elastic IP address, you might be able to recover it. You +// cannot recover an Elastic IP address that you released after it is allocated +// to another Amazon Web Services account. To attempt to recover an Elastic +// IP address that you released, specify it in this operation. // // For more information, see Elastic IP Addresses (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/elastic-ip-addresses-eip.html) // in the Amazon Elastic Compute Cloud User Guide. @@ -701,10 +695,6 @@ func (c *EC2) AllocateAddressRequest(input *AllocateAddressInput) (req *request. // telecommunication carrier, to a network interface which resides in a subnet // in a Wavelength Zone (for example an EC2 instance). // -// We are retiring EC2-Classic. We recommend that you migrate from EC2-Classic -// to a VPC. For more information, see Migrate from EC2-Classic to a VPC (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-migrate.html) -// in the Amazon Elastic Compute Cloud User Guide. -// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -851,11 +841,17 @@ func (c *EC2) AllocateIpamPoolCidrRequest(input *AllocateIpamPoolCidrInput) (req // AllocateIpamPoolCidr API operation for Amazon Elastic Compute Cloud. // -// Allocate a CIDR from an IPAM pool. In IPAM, an allocation is a CIDR assignment -// from an IPAM pool to another resource or IPAM pool. For more information, -// see Allocate CIDRs (https://docs.aws.amazon.com/vpc/latest/ipam/allocate-cidrs-ipam.html) +// Allocate a CIDR from an IPAM pool. The Region you use should be the IPAM +// pool locale. The locale is the Amazon Web Services Region where this IPAM +// pool is available for allocations. +// +// In IPAM, an allocation is a CIDR assignment from an IPAM pool to another +// IPAM pool or to a resource. For more information, see Allocate CIDRs (https://docs.aws.amazon.com/vpc/latest/ipam/allocate-cidrs-ipam.html) // in the Amazon VPC IPAM User Guide. // +// This action creates an allocation with strong consistency. The returned CIDR +// will not overlap with any other allocations from the same pool. +// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -1146,6 +1142,81 @@ func (c *EC2) AssignPrivateIpAddressesWithContext(ctx aws.Context, input *Assign return out, req.Send() } +const opAssignPrivateNatGatewayAddress = "AssignPrivateNatGatewayAddress" + +// AssignPrivateNatGatewayAddressRequest generates a "aws/request.Request" representing the +// client's request for the AssignPrivateNatGatewayAddress operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See AssignPrivateNatGatewayAddress for more information on using the AssignPrivateNatGatewayAddress +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the AssignPrivateNatGatewayAddressRequest method. +// req, resp := client.AssignPrivateNatGatewayAddressRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/AssignPrivateNatGatewayAddress +func (c *EC2) AssignPrivateNatGatewayAddressRequest(input *AssignPrivateNatGatewayAddressInput) (req *request.Request, output *AssignPrivateNatGatewayAddressOutput) { + op := &request.Operation{ + Name: opAssignPrivateNatGatewayAddress, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &AssignPrivateNatGatewayAddressInput{} + } + + output = &AssignPrivateNatGatewayAddressOutput{} + req = c.newRequest(op, input, output) + return +} + +// AssignPrivateNatGatewayAddress API operation for Amazon Elastic Compute Cloud. +// +// Assigns one or more private IPv4 addresses to a private NAT gateway. For +// more information, see Work with NAT gateways (https://docs.aws.amazon.com/vpc/latest/userguide/vpc-nat-gateway.html#nat-gateway-working-with) +// in the Amazon VPC User Guide. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation AssignPrivateNatGatewayAddress for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/AssignPrivateNatGatewayAddress +func (c *EC2) AssignPrivateNatGatewayAddress(input *AssignPrivateNatGatewayAddressInput) (*AssignPrivateNatGatewayAddressOutput, error) { + req, out := c.AssignPrivateNatGatewayAddressRequest(input) + return out, req.Send() +} + +// AssignPrivateNatGatewayAddressWithContext is the same as AssignPrivateNatGatewayAddress with the addition of +// the ability to pass a context and additional request options. +// +// See AssignPrivateNatGatewayAddress for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) AssignPrivateNatGatewayAddressWithContext(ctx aws.Context, input *AssignPrivateNatGatewayAddressInput, opts ...request.Option) (*AssignPrivateNatGatewayAddressOutput, error) { + req, out := c.AssignPrivateNatGatewayAddressRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opAssociateAddress = "AssociateAddress" // AssociateAddressRequest generates a "aws/request.Request" representing the @@ -1193,23 +1264,11 @@ func (c *EC2) AssociateAddressRequest(input *AssociateAddressInput) (req *reques // are in subnets in Wavelength Zones) with an instance or a network interface. // Before you can use an Elastic IP address, you must allocate it to your account. // -// An Elastic IP address is for use in either the EC2-Classic platform or in -// a VPC. For more information, see Elastic IP Addresses (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/elastic-ip-addresses-eip.html) -// in the Amazon Elastic Compute Cloud User Guide. -// -// [EC2-Classic, VPC in an EC2-VPC-only account] If the Elastic IP address is -// already associated with a different instance, it is disassociated from that -// instance and associated with the specified instance. If you associate an -// Elastic IP address with an instance that has an existing Elastic IP address, -// the existing address is disassociated from the instance, but remains allocated -// to your account. -// -// [VPC in an EC2-Classic account] If you don't specify a private IP address, -// the Elastic IP address is associated with the primary IP address. If the -// Elastic IP address is already associated with a different instance or a network -// interface, you get an error unless you allow reassociation. You cannot associate -// an Elastic IP address with an instance or network interface that has an existing -// Elastic IP address. +// If the Elastic IP address is already associated with a different instance, +// it is disassociated from that instance and associated with the specified +// instance. If you associate an Elastic IP address with an instance that has +// an existing Elastic IP address, the existing address is disassociated from +// the instance, but remains allocated to your account. // // [Subnets in Wavelength Zones] You can associate an IP address from the telecommunication // carrier to the instance or network interface. @@ -1222,10 +1281,6 @@ func (c *EC2) AssociateAddressRequest(input *AssociateAddressInput) (req *reques // the Elastic IP address is remapped to the same instance. For more information, // see the Elastic IP Addresses section of Amazon EC2 Pricing (http://aws.amazon.com/ec2/pricing/). // -// We are retiring EC2-Classic. We recommend that you migrate from EC2-Classic -// to a VPC. For more information, see Migrate from EC2-Classic to a VPC (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-migrate.html) -// in the Amazon Elastic Compute Cloud User Guide. -// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -1392,7 +1447,7 @@ func (c *EC2) AssociateDhcpOptionsRequest(input *AssociateDhcpOptionsInput) (req // on the instance. // // For more information, see DHCP options sets (https://docs.aws.amazon.com/vpc/latest/userguide/VPC_DHCP_Options.html) -// in the Amazon Virtual Private Cloud User Guide. +// in the Amazon VPC User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -1665,6 +1720,251 @@ func (c *EC2) AssociateInstanceEventWindowWithContext(ctx aws.Context, input *As return out, req.Send() } +const opAssociateIpamByoasn = "AssociateIpamByoasn" + +// AssociateIpamByoasnRequest generates a "aws/request.Request" representing the +// client's request for the AssociateIpamByoasn operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See AssociateIpamByoasn for more information on using the AssociateIpamByoasn +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the AssociateIpamByoasnRequest method. +// req, resp := client.AssociateIpamByoasnRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/AssociateIpamByoasn +func (c *EC2) AssociateIpamByoasnRequest(input *AssociateIpamByoasnInput) (req *request.Request, output *AssociateIpamByoasnOutput) { + op := &request.Operation{ + Name: opAssociateIpamByoasn, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &AssociateIpamByoasnInput{} + } + + output = &AssociateIpamByoasnOutput{} + req = c.newRequest(op, input, output) + return +} + +// AssociateIpamByoasn API operation for Amazon Elastic Compute Cloud. +// +// Associates your Autonomous System Number (ASN) with a BYOIP CIDR that you +// own in the same Amazon Web Services Region. For more information, see Tutorial: +// Bring your ASN to IPAM (https://docs.aws.amazon.com/vpc/latest/ipam/tutorials-byoasn.html) +// in the Amazon VPC IPAM guide. +// +// After the association succeeds, the ASN is eligible for advertisement. You +// can view the association with DescribeByoipCidrs (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeByoipCidrs.html). +// You can advertise the CIDR with AdvertiseByoipCidr (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_AdvertiseByoipCidr.html). +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation AssociateIpamByoasn for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/AssociateIpamByoasn +func (c *EC2) AssociateIpamByoasn(input *AssociateIpamByoasnInput) (*AssociateIpamByoasnOutput, error) { + req, out := c.AssociateIpamByoasnRequest(input) + return out, req.Send() +} + +// AssociateIpamByoasnWithContext is the same as AssociateIpamByoasn with the addition of +// the ability to pass a context and additional request options. +// +// See AssociateIpamByoasn for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) AssociateIpamByoasnWithContext(ctx aws.Context, input *AssociateIpamByoasnInput, opts ...request.Option) (*AssociateIpamByoasnOutput, error) { + req, out := c.AssociateIpamByoasnRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opAssociateIpamResourceDiscovery = "AssociateIpamResourceDiscovery" + +// AssociateIpamResourceDiscoveryRequest generates a "aws/request.Request" representing the +// client's request for the AssociateIpamResourceDiscovery operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See AssociateIpamResourceDiscovery for more information on using the AssociateIpamResourceDiscovery +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the AssociateIpamResourceDiscoveryRequest method. +// req, resp := client.AssociateIpamResourceDiscoveryRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/AssociateIpamResourceDiscovery +func (c *EC2) AssociateIpamResourceDiscoveryRequest(input *AssociateIpamResourceDiscoveryInput) (req *request.Request, output *AssociateIpamResourceDiscoveryOutput) { + op := &request.Operation{ + Name: opAssociateIpamResourceDiscovery, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &AssociateIpamResourceDiscoveryInput{} + } + + output = &AssociateIpamResourceDiscoveryOutput{} + req = c.newRequest(op, input, output) + return +} + +// AssociateIpamResourceDiscovery API operation for Amazon Elastic Compute Cloud. +// +// Associates an IPAM resource discovery with an Amazon VPC IPAM. A resource +// discovery is an IPAM component that enables IPAM to manage and monitor resources +// that belong to the owning account. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation AssociateIpamResourceDiscovery for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/AssociateIpamResourceDiscovery +func (c *EC2) AssociateIpamResourceDiscovery(input *AssociateIpamResourceDiscoveryInput) (*AssociateIpamResourceDiscoveryOutput, error) { + req, out := c.AssociateIpamResourceDiscoveryRequest(input) + return out, req.Send() +} + +// AssociateIpamResourceDiscoveryWithContext is the same as AssociateIpamResourceDiscovery with the addition of +// the ability to pass a context and additional request options. +// +// See AssociateIpamResourceDiscovery for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) AssociateIpamResourceDiscoveryWithContext(ctx aws.Context, input *AssociateIpamResourceDiscoveryInput, opts ...request.Option) (*AssociateIpamResourceDiscoveryOutput, error) { + req, out := c.AssociateIpamResourceDiscoveryRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opAssociateNatGatewayAddress = "AssociateNatGatewayAddress" + +// AssociateNatGatewayAddressRequest generates a "aws/request.Request" representing the +// client's request for the AssociateNatGatewayAddress operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See AssociateNatGatewayAddress for more information on using the AssociateNatGatewayAddress +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the AssociateNatGatewayAddressRequest method. +// req, resp := client.AssociateNatGatewayAddressRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/AssociateNatGatewayAddress +func (c *EC2) AssociateNatGatewayAddressRequest(input *AssociateNatGatewayAddressInput) (req *request.Request, output *AssociateNatGatewayAddressOutput) { + op := &request.Operation{ + Name: opAssociateNatGatewayAddress, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &AssociateNatGatewayAddressInput{} + } + + output = &AssociateNatGatewayAddressOutput{} + req = c.newRequest(op, input, output) + return +} + +// AssociateNatGatewayAddress API operation for Amazon Elastic Compute Cloud. +// +// Associates Elastic IP addresses (EIPs) and private IPv4 addresses with a +// public NAT gateway. For more information, see Work with NAT gateways (https://docs.aws.amazon.com/vpc/latest/userguide/vpc-nat-gateway.html#nat-gateway-working-with) +// in the Amazon VPC User Guide. +// +// By default, you can associate up to 2 Elastic IP addresses per public NAT +// gateway. You can increase the limit by requesting a quota adjustment. For +// more information, see Elastic IP address quotas (https://docs.aws.amazon.com/vpc/latest/userguide/amazon-vpc-limits.html#vpc-limits-eips) +// in the Amazon VPC User Guide. +// +// When you associate an EIP or secondary EIPs with a public NAT gateway, the +// network border group of the EIPs must match the network border group of the +// Availability Zone (AZ) that the public NAT gateway is in. If it's not the +// same, the EIP will fail to associate. You can see the network border group +// for the subnet's AZ by viewing the details of the subnet. Similarly, you +// can view the network border group of an EIP by viewing the details of the +// EIP address. For more information about network border groups and EIPs, see +// Allocate an Elastic IP address (https://docs.aws.amazon.com/vpc/latest/userguide/vpc-eips.html#allocate-eip) +// in the Amazon VPC User Guide. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation AssociateNatGatewayAddress for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/AssociateNatGatewayAddress +func (c *EC2) AssociateNatGatewayAddress(input *AssociateNatGatewayAddressInput) (*AssociateNatGatewayAddressOutput, error) { + req, out := c.AssociateNatGatewayAddressRequest(input) + return out, req.Send() +} + +// AssociateNatGatewayAddressWithContext is the same as AssociateNatGatewayAddress with the addition of +// the ability to pass a context and additional request options. +// +// See AssociateNatGatewayAddress for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) AssociateNatGatewayAddressWithContext(ctx aws.Context, input *AssociateNatGatewayAddressInput, opts ...request.Option) (*AssociateNatGatewayAddressOutput, error) { + req, out := c.AssociateNatGatewayAddressRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opAssociateRouteTable = "AssociateRouteTable" // AssociateRouteTableRequest generates a "aws/request.Request" representing the @@ -1716,7 +2016,7 @@ func (c *EC2) AssociateRouteTableRequest(input *AssociateRouteTableInput) (req * // with multiple subnets. // // For more information, see Route tables (https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Route_Tables.html) -// in the Amazon Virtual Private Cloud User Guide. +// in the Amazon VPC User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -1790,8 +2090,7 @@ func (c *EC2) AssociateSubnetCidrBlockRequest(input *AssociateSubnetCidrBlockInp // AssociateSubnetCidrBlock API operation for Amazon Elastic Compute Cloud. // // Associates a CIDR block with your subnet. You can only associate a single -// IPv6 CIDR block with your subnet. An IPv6 CIDR block must have a prefix length -// of /64. +// IPv6 CIDR block with your subnet. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -2090,9 +2389,6 @@ func (c *EC2) AssociateTrunkInterfaceRequest(input *AssociateTrunkInterfaceInput // AssociateTrunkInterface API operation for Amazon Elastic Compute Cloud. // -// This API action is currently in limited preview only. If you are interested -// in using this feature, contact your account manager. -// // Associates a branch network interface with a trunk network interface. // // Before you create the association, run the create-network-interface (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateNetworkInterface.html) @@ -2175,14 +2471,13 @@ func (c *EC2) AssociateVpcCidrBlockRequest(input *AssociateVpcCidrBlockInput) (r // CIDR block, an Amazon-provided IPv6 CIDR block, or an IPv6 CIDR block from // an IPv6 address pool that you provisioned through bring your own IP addresses // (BYOIP (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-byoip.html)). -// The IPv6 CIDR block size is fixed at /56. // // You must specify one of the following in the request: an IPv4 CIDR block, // an IPv6 pool, or an Amazon-provided IPv6 CIDR block. // // For more information about associating CIDR blocks with your VPC and applicable -// restrictions, see VPC and subnet sizing (https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Subnets.html#VPC_Sizing) -// in the Amazon Virtual Private Cloud User Guide. +// restrictions, see IP addressing for your VPCs and subnets (https://docs.aws.amazon.com/vpc/latest/userguide/vpc-ip-addressing.html) +// in the Amazon VPC User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -2255,12 +2550,10 @@ func (c *EC2) AttachClassicLinkVpcRequest(input *AttachClassicLinkVpcInput) (req // AttachClassicLinkVpc API operation for Amazon Elastic Compute Cloud. // -// We are retiring EC2-Classic. We recommend that you migrate from EC2-Classic -// to a VPC. For more information, see Migrate from EC2-Classic to a VPC (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-migrate.html) -// in the Amazon Elastic Compute Cloud User Guide. +// This action is deprecated. // // Links an EC2-Classic instance to a ClassicLink-enabled VPC through one or -// more of the VPC's security groups. You cannot link an EC2-Classic instance +// more of the VPC security groups. You cannot link an EC2-Classic instance // to more than one VPC at a time. You can only link an instance that's in the // running state. An instance is automatically unlinked from a VPC when it's // stopped - you can link it to the VPC again when you restart it. @@ -2345,9 +2638,9 @@ func (c *EC2) AttachInternetGatewayRequest(input *AttachInternetGatewayInput) (r // AttachInternetGateway API operation for Amazon Elastic Compute Cloud. // // Attaches an internet gateway or a virtual private gateway to a VPC, enabling -// connectivity between the internet and the VPC. For more information about -// your VPC and internet gateway, see the Amazon Virtual Private Cloud User -// Guide (https://docs.aws.amazon.com/vpc/latest/userguide/). +// connectivity between the internet and the VPC. For more information, see +// Internet gateways (https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Internet_Gateway.html) +// in the Amazon VPC User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -2493,9 +2786,8 @@ func (c *EC2) AttachVerifiedAccessTrustProviderRequest(input *AttachVerifiedAcce // AttachVerifiedAccessTrustProvider API operation for Amazon Elastic Compute Cloud. // -// A trust provider is a third-party entity that creates, maintains, and manages -// identity information for users and devices. One or more trust providers can -// be attached to an Amazon Web Services Verified Access instance. +// Attaches the specified Amazon Web Services Verified Access trust provider +// to the specified Amazon Web Services Verified Access instance. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -2572,11 +2864,11 @@ func (c *EC2) AttachVolumeRequest(input *AttachVolumeInput) (req *request.Reques // the instance with the specified device name. // // Encrypted EBS volumes must be attached to instances that support Amazon EBS -// encryption. For more information, see Amazon EBS encryption (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html) -// in the Amazon Elastic Compute Cloud User Guide. +// encryption. For more information, see Amazon EBS encryption (https://docs.aws.amazon.com/ebs/latest/userguide/ebs-encryption.html) +// in the Amazon EBS User Guide. // // After you attach an EBS volume, you must make it available. For more information, -// see Make an EBS volume available for use (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-using-volumes.html). +// see Make an EBS volume available for use (https://docs.aws.amazon.com/ebs/latest/userguide/ebs-using-volumes.html). // // If a volume has an Amazon Web Services Marketplace product code: // @@ -2591,8 +2883,8 @@ func (c *EC2) AttachVolumeRequest(input *AttachVolumeInput) (req *request.Reques // the product. For example, you can't detach a volume from a Windows instance // and attach it to a Linux instance. // -// For more information, see Attach an Amazon EBS volume to an instance (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-attaching-volume.html) -// in the Amazon Elastic Compute Cloud User Guide. +// For more information, see Attach an Amazon EBS volume to an instance (https://docs.aws.amazon.com/ebs/latest/userguide/ebs-attaching-volume.html) +// in the Amazon EBS User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -2818,24 +3110,28 @@ func (c *EC2) AuthorizeSecurityGroupEgressRequest(input *AuthorizeSecurityGroupE // AuthorizeSecurityGroupEgress API operation for Amazon Elastic Compute Cloud. // -// [VPC only] Adds the specified outbound (egress) rules to a security group -// for use with a VPC. +// Adds the specified outbound (egress) rules to a security group. // // An outbound rule permits instances to send traffic to the specified IPv4 -// or IPv6 CIDR address ranges, or to the instances that are associated with -// the specified source security groups. When specifying an outbound rule for -// your security group in a VPC, the IpPermissions must include a destination -// for the traffic. +// or IPv6 address ranges, the IP address ranges specified by a prefix list, +// or the instances that are associated with a source security group. For more +// information, see Security group rules (https://docs.aws.amazon.com/vpc/latest/userguide/security-group-rules.html). +// +// You must specify exactly one of the following destinations: an IPv4 or IPv6 +// address range, a prefix list, or a security group. You must specify a protocol +// for each rule (for example, TCP). If the protocol is TCP or UDP, you must +// also specify a port or port range. If the protocol is ICMP or ICMPv6, you +// must also specify the ICMP type and code. // -// You specify a protocol for each rule (for example, TCP). For the TCP and -// UDP protocols, you must also specify the destination port or port range. -// For the ICMP protocol, you must also specify the ICMP type and code. You -// can use -1 for the type or code to mean all types or all codes. +// Rule changes are propagated to instances associated with the security group +// as quickly as possible. However, a small delay might occur. // -// Rule changes are propagated to affected instances as quickly as possible. -// However, a small delay might occur. +// For examples of rules that you can add to security groups for specific access +// scenarios, see Security group rules for different use cases (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-rules-reference.html) +// in the Amazon EC2 User Guide. // -// For information about VPC security group quotas, see Amazon VPC quotas (https://docs.aws.amazon.com/vpc/latest/userguide/amazon-vpc-limits.html). +// For information about security group quotas, see Amazon VPC quotas (https://docs.aws.amazon.com/vpc/latest/userguide/amazon-vpc-limits.html) +// in the Amazon VPC User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -2911,25 +3207,25 @@ func (c *EC2) AuthorizeSecurityGroupIngressRequest(input *AuthorizeSecurityGroup // Adds the specified inbound (ingress) rules to a security group. // // An inbound rule permits instances to receive traffic from the specified IPv4 -// or IPv6 CIDR address range, or from the instances that are associated with -// the specified destination security groups. When specifying an inbound rule -// for your security group in a VPC, the IpPermissions must include a source -// for the traffic. +// or IPv6 address range, the IP address ranges that are specified by a prefix +// list, or the instances that are associated with a destination security group. +// For more information, see Security group rules (https://docs.aws.amazon.com/vpc/latest/userguide/security-group-rules.html). // -// You specify a protocol for each rule (for example, TCP). For TCP and UDP, -// you must also specify the destination port or port range. For ICMP/ICMPv6, -// you must also specify the ICMP/ICMPv6 type and code. You can use -1 to mean -// all types or all codes. +// You must specify exactly one of the following sources: an IPv4 or IPv6 address +// range, a prefix list, or a security group. You must specify a protocol for +// each rule (for example, TCP). If the protocol is TCP or UDP, you must also +// specify a port or port range. If the protocol is ICMP or ICMPv6, you must +// also specify the ICMP/ICMPv6 type and code. // -// Rule changes are propagated to instances within the security group as quickly -// as possible. However, a small delay might occur. +// Rule changes are propagated to instances associated with the security group +// as quickly as possible. However, a small delay might occur. // -// For more information about VPC security group quotas, see Amazon VPC quotas -// (https://docs.aws.amazon.com/vpc/latest/userguide/amazon-vpc-limits.html). +// For examples of rules that you can add to security groups for specific access +// scenarios, see Security group rules for different use cases (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-rules-reference.html) +// in the Amazon EC2 User Guide. // -// We are retiring EC2-Classic. We recommend that you migrate from EC2-Classic -// to a VPC. For more information, see Migrate from EC2-Classic to a VPC (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-migrate.html) -// in the Amazon Elastic Compute Cloud User Guide. +// For more information about security group quotas, see Amazon VPC quotas (https://docs.aws.amazon.com/vpc/latest/userguide/amazon-vpc-limits.html) +// in the Amazon VPC User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -3476,8 +3772,8 @@ func (c *EC2) CancelImageLaunchPermissionRequest(input *CancelImageLaunchPermiss // // Removes your Amazon Web Services account from the launch permissions for // the specified AMI. For more information, see Cancel having an AMI shared -// with your Amazon Web Services account (https://docs.aws.amazon.com/) in the -// Amazon EC2 User Guide. +// with your Amazon Web Services account (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/cancel-sharing-an-AMI.html) +// in the Amazon EC2 User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -3702,9 +3998,10 @@ func (c *EC2) CancelSpotFleetRequestsRequest(input *CancelSpotFleetRequestsInput // // Cancels the specified Spot Fleet requests. // -// After you cancel a Spot Fleet request, the Spot Fleet launches no new Spot -// Instances. You must specify whether the Spot Fleet should also terminate -// its Spot Instances. If you terminate the instances, the Spot Fleet request +// After you cancel a Spot Fleet request, the Spot Fleet launches no new instances. +// +// You must also specify whether a canceled Spot Fleet request should terminate +// its instances. If you choose to terminate the instances, the Spot Fleet request // enters the cancelled_terminating state. Otherwise, the Spot Fleet request // enters the cancelled_running state and the instances continue to run until // they are interrupted or you terminate them manually. @@ -4022,8 +4319,8 @@ func (c *EC2) CopyImageRequest(input *CopyImageInput) (req *request.Request, out // by default using the default encryption key for the Region, or a different // key that you specify in the request using KmsKeyId. Outposts do not support // unencrypted snapshots. For more information, Amazon EBS local snapshots on -// Outposts (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/snapshots-outposts.html#ami) -// in the Amazon EC2 User Guide. +// Outposts (https://docs.aws.amazon.com/ebs/latest/userguide/snapshots-outposts.html#ami) +// in the Amazon EBS User Guide. // // For more information about the prerequisites and limits when copying an AMI, // see Copy an AMI (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/CopyingAMIs.html) @@ -4118,14 +4415,14 @@ func (c *EC2) CopySnapshotRequest(input *CopySnapshotInput) (req *request.Reques // Snapshots copied to an Outpost are encrypted by default using the default // encryption key for the Region, or a different key that you specify in the // request using KmsKeyId. Outposts do not support unencrypted snapshots. For -// more information, Amazon EBS local snapshots on Outposts (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/snapshots-outposts.html#ami) -// in the Amazon Elastic Compute Cloud User Guide. +// more information, Amazon EBS local snapshots on Outposts (https://docs.aws.amazon.com/ebs/latest/userguide/snapshots-outposts.html#ami) +// in the Amazon EBS User Guide. // // Snapshots created by copying another snapshot have an arbitrary volume ID // that should not be used for any purpose. // -// For more information, see Copy an Amazon EBS snapshot (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-copy-snapshot.html) -// in the Amazon Elastic Compute Cloud User Guide. +// For more information, see Copy an Amazon EBS snapshot (https://docs.aws.amazon.com/ebs/latest/userguide/ebs-copy-snapshot.html) +// in the Amazon EBS User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -4832,9 +5129,9 @@ func (c *EC2) CreateDefaultSubnetRequest(input *CreateDefaultSubnetInput) (req * // // Creates a default subnet with a size /20 IPv4 CIDR block in the specified // Availability Zone in your default VPC. You can have only one default subnet -// per Availability Zone. For more information, see Creating a default subnet +// per Availability Zone. For more information, see Create a default subnet // (https://docs.aws.amazon.com/vpc/latest/userguide/default-vpc.html#create-default-subnet) -// in the Amazon Virtual Private Cloud User Guide. +// in the Amazon VPC User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -4909,22 +5206,13 @@ func (c *EC2) CreateDefaultVpcRequest(input *CreateDefaultVpcInput) (req *reques // // Creates a default VPC with a size /16 IPv4 CIDR block and a default subnet // in each Availability Zone. For more information about the components of a -// default VPC, see Default VPC and default subnets (https://docs.aws.amazon.com/vpc/latest/userguide/default-vpc.html) -// in the Amazon Virtual Private Cloud User Guide. You cannot specify the components -// of the default VPC yourself. +// default VPC, see Default VPCs (https://docs.aws.amazon.com/vpc/latest/userguide/default-vpc.html) +// in the Amazon VPC User Guide. You cannot specify the components of the default +// VPC yourself. // // If you deleted your previous default VPC, you can create a default VPC. You // cannot have more than one default VPC per Region. // -// If your account supports EC2-Classic, you cannot use this action to create -// a default VPC in a Region that supports EC2-Classic. If you want a default -// VPC in a Region that supports EC2-Classic, see "I really want a default VPC -// for my existing EC2 account. Is that possible?" in the Default VPCs FAQ (http://aws.amazon.com/vpc/faqs/#Default_VPCs). -// -// We are retiring EC2-Classic. We recommend that you migrate from EC2-Classic -// to a VPC. For more information, see Migrate from EC2-Classic to a VPC (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-migrate.html) -// in the Amazon Elastic Compute Cloud User Guide. -// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -4996,45 +5284,48 @@ func (c *EC2) CreateDhcpOptionsRequest(input *CreateDhcpOptionsInput) (req *requ // CreateDhcpOptions API operation for Amazon Elastic Compute Cloud. // -// Creates a set of DHCP options for your VPC. After creating the set, you must -// associate it with the VPC, causing all existing and new instances that you -// launch in the VPC to use this set of DHCP options. The following are the -// individual DHCP options you can specify. For more information about the options, -// see RFC 2132 (http://www.ietf.org/rfc/rfc2132.txt). +// Creates a custom set of DHCP options. After you create a DHCP option set, +// you associate it with a VPC. After you associate a DHCP option set with a +// VPC, all existing and newly launched instances in the VPC use this set of +// DHCP options. // -// - domain-name-servers - The IP addresses of up to four domain name servers, -// or AmazonProvidedDNS. The default DHCP option set specifies AmazonProvidedDNS. -// If specifying more than one domain name server, specify the IP addresses -// in a single parameter, separated by commas. To have your instance receive -// a custom DNS hostname as specified in domain-name, you must set domain-name-servers -// to a custom DNS server. +// The following are the individual DHCP options you can specify. For more information, +// see DHCP options sets (https://docs.aws.amazon.com/vpc/latest/userguide/VPC_DHCP_Options.html) +// in the Amazon VPC User Guide. // // - domain-name - If you're using AmazonProvidedDNS in us-east-1, specify -// ec2.internal. If you're using AmazonProvidedDNS in another Region, specify -// region.compute.internal (for example, ap-northeast-1.compute.internal). -// Otherwise, specify a domain name (for example, ExampleCompany.com). This -// value is used to complete unqualified DNS hostnames. Important: Some Linux -// operating systems accept multiple domain names separated by spaces. However, -// Windows and other Linux operating systems treat the value as a single -// domain, which results in unexpected behavior. If your DHCP options set -// is associated with a VPC that has instances with multiple operating systems, -// specify only one domain name. -// -// - ntp-servers - The IP addresses of up to four Network Time Protocol (NTP) -// servers. +// ec2.internal. If you're using AmazonProvidedDNS in any other Region, specify +// region.compute.internal. Otherwise, specify a custom domain name. This +// value is used to complete unqualified DNS hostnames. Some Linux operating +// systems accept multiple domain names separated by spaces. However, Windows +// and other Linux operating systems treat the value as a single domain, +// which results in unexpected behavior. If your DHCP option set is associated +// with a VPC that has instances running operating systems that treat the +// value as a single domain, specify only one domain name. +// +// - domain-name-servers - The IP addresses of up to four DNS servers, or +// AmazonProvidedDNS. To specify multiple domain name servers in a single +// parameter, separate the IP addresses using commas. To have your instances +// receive custom DNS hostnames as specified in domain-name, you must specify +// a custom DNS server. +// +// - ntp-servers - The IP addresses of up to eight Network Time Protocol +// (NTP) servers (four IPv4 addresses and four IPv6 addresses). // // - netbios-name-servers - The IP addresses of up to four NetBIOS name servers. // // - netbios-node-type - The NetBIOS node type (1, 2, 4, or 8). We recommend -// that you specify 2 (broadcast and multicast are not currently supported). -// For more information about these node types, see RFC 2132 (http://www.ietf.org/rfc/rfc2132.txt). -// -// Your VPC automatically starts out with a set of DHCP options that includes -// only a DNS server that we provide (AmazonProvidedDNS). If you create a set -// of options, and if your VPC has an internet gateway, make sure to set the -// domain-name-servers option either to AmazonProvidedDNS or to a domain name -// server of your choice. For more information, see DHCP options sets (https://docs.aws.amazon.com/vpc/latest/userguide/VPC_DHCP_Options.html) -// in the Amazon Virtual Private Cloud User Guide. +// that you specify 2. Broadcast and multicast are not supported. For more +// information about NetBIOS node types, see RFC 2132 (http://www.ietf.org/rfc/rfc2132.txt). +// +// - ipv6-preferred-lease-time - A value (in seconds, minutes, hours, or +// years) for how frequently a running instance with an IPv6 assigned to +// it goes through DHCPv6 lease renewal. Acceptable values are between 140 +// and 2147483647 seconds (approximately 68 years). If no value is entered, +// the default lease time is 140 seconds. If you use long-term addressing +// for EC2 instances, you can increase the lease time and avoid frequent +// lease renewal requests. Lease renewal typically occurs when half of the +// lease time has elapsed. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -5183,10 +5474,12 @@ func (c *EC2) CreateFleetRequest(input *CreateFleetInput) (req *request.Request, // CreateFleet API operation for Amazon Elastic Compute Cloud. // -// Launches an EC2 Fleet. +// Creates an EC2 Fleet that contains the configuration information for On-Demand +// Instances and Spot Instances. Instances are launched immediately if there +// is available capacity. // -// You can create a single EC2 Fleet that includes multiple launch specifications -// that vary by instance type, AMI, Availability Zone, or subnet. +// A single EC2 Fleet can include multiple launch specifications that vary by +// instance type, AMI, Availability Zone, or subnet. // // For more information, see EC2 Fleet (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-fleet.html) // in the Amazon EC2 User Guide. @@ -5434,16 +5727,6 @@ func (c *EC2) CreateImageRequest(input *CreateImageInput) (req *request.Request, // Creates an Amazon EBS-backed AMI from an Amazon EBS-backed instance that // is either running or stopped. // -// By default, when Amazon EC2 creates the new AMI, it reboots the instance -// so that it can take snapshots of the attached volumes while data is at rest, -// in order to ensure a consistent state. You can set the NoReboot parameter -// to true in the API request, or use the --no-reboot option in the CLI to prevent -// Amazon EC2 from shutting down and rebooting the instance. -// -// If you choose to bypass the shutdown and reboot process by setting the NoReboot -// parameter to true in the API request, or by using the --no-reboot option -// in the CLI, we can't guarantee the file system integrity of the created image. -// // If you customized your instance with instance store volumes or Amazon EBS // volumes in addition to the root device volume, the new AMI contains block // device mapping information for those volumes. When you launch an instance @@ -5481,6 +5764,85 @@ func (c *EC2) CreateImageWithContext(ctx aws.Context, input *CreateImageInput, o return out, req.Send() } +const opCreateInstanceConnectEndpoint = "CreateInstanceConnectEndpoint" + +// CreateInstanceConnectEndpointRequest generates a "aws/request.Request" representing the +// client's request for the CreateInstanceConnectEndpoint operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See CreateInstanceConnectEndpoint for more information on using the CreateInstanceConnectEndpoint +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the CreateInstanceConnectEndpointRequest method. +// req, resp := client.CreateInstanceConnectEndpointRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/CreateInstanceConnectEndpoint +func (c *EC2) CreateInstanceConnectEndpointRequest(input *CreateInstanceConnectEndpointInput) (req *request.Request, output *CreateInstanceConnectEndpointOutput) { + op := &request.Operation{ + Name: opCreateInstanceConnectEndpoint, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &CreateInstanceConnectEndpointInput{} + } + + output = &CreateInstanceConnectEndpointOutput{} + req = c.newRequest(op, input, output) + return +} + +// CreateInstanceConnectEndpoint API operation for Amazon Elastic Compute Cloud. +// +// Creates an EC2 Instance Connect Endpoint. +// +// An EC2 Instance Connect Endpoint allows you to connect to an instance, without +// requiring the instance to have a public IPv4 address. For more information, +// see Connect to your instances without requiring a public IPv4 address using +// EC2 Instance Connect Endpoint (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Connect-using-EC2-Instance-Connect-Endpoint.html) +// in the Amazon EC2 User Guide. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation CreateInstanceConnectEndpoint for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/CreateInstanceConnectEndpoint +func (c *EC2) CreateInstanceConnectEndpoint(input *CreateInstanceConnectEndpointInput) (*CreateInstanceConnectEndpointOutput, error) { + req, out := c.CreateInstanceConnectEndpointRequest(input) + return out, req.Send() +} + +// CreateInstanceConnectEndpointWithContext is the same as CreateInstanceConnectEndpoint with the addition of +// the ability to pass a context and additional request options. +// +// See CreateInstanceConnectEndpoint for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) CreateInstanceConnectEndpointWithContext(ctx aws.Context, input *CreateInstanceConnectEndpointInput, opts ...request.Option) (*CreateInstanceConnectEndpointOutput, error) { + req, out := c.CreateInstanceConnectEndpointRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opCreateInstanceEventWindow = "CreateInstanceEventWindow" // CreateInstanceEventWindowRequest generates a "aws/request.Request" representing the @@ -5622,10 +5984,11 @@ func (c *EC2) CreateInstanceExportTaskRequest(input *CreateInstanceExportTaskInp // // Exports a running or stopped instance to an Amazon S3 bucket. // -// For information about the supported operating systems, image formats, and -// known limitations for the types of instances you can export, see Exporting -// an instance as a VM Using VM Import/Export (https://docs.aws.amazon.com/vm-import/latest/userguide/vmexport.html) -// in the VM Import/Export User Guide. +// For information about the prerequisites for your Amazon S3 bucket, supported +// operating systems, image formats, and known limitations for the types of +// instances you can export, see Exporting an instance as a VM Using VM Import/Export +// (https://docs.aws.amazon.com/vm-import/latest/userguide/vmexport.html) in +// the VM Import/Export User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -5701,8 +6064,8 @@ func (c *EC2) CreateInternetGatewayRequest(input *CreateInternetGatewayInput) (r // Creates an internet gateway for use with a VPC. After creating the internet // gateway, you attach it to a VPC using AttachInternetGateway. // -// For more information about your VPC and internet gateway, see the Amazon -// Virtual Private Cloud User Guide (https://docs.aws.amazon.com/vpc/latest/userguide/). +// For more information, see Internet gateways (https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Internet_Gateway.html) +// in the Amazon VPC User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -5891,6 +6254,81 @@ func (c *EC2) CreateIpamPoolWithContext(ctx aws.Context, input *CreateIpamPoolIn return out, req.Send() } +const opCreateIpamResourceDiscovery = "CreateIpamResourceDiscovery" + +// CreateIpamResourceDiscoveryRequest generates a "aws/request.Request" representing the +// client's request for the CreateIpamResourceDiscovery operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See CreateIpamResourceDiscovery for more information on using the CreateIpamResourceDiscovery +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the CreateIpamResourceDiscoveryRequest method. +// req, resp := client.CreateIpamResourceDiscoveryRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/CreateIpamResourceDiscovery +func (c *EC2) CreateIpamResourceDiscoveryRequest(input *CreateIpamResourceDiscoveryInput) (req *request.Request, output *CreateIpamResourceDiscoveryOutput) { + op := &request.Operation{ + Name: opCreateIpamResourceDiscovery, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &CreateIpamResourceDiscoveryInput{} + } + + output = &CreateIpamResourceDiscoveryOutput{} + req = c.newRequest(op, input, output) + return +} + +// CreateIpamResourceDiscovery API operation for Amazon Elastic Compute Cloud. +// +// Creates an IPAM resource discovery. A resource discovery is an IPAM component +// that enables IPAM to manage and monitor resources that belong to the owning +// account. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation CreateIpamResourceDiscovery for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/CreateIpamResourceDiscovery +func (c *EC2) CreateIpamResourceDiscovery(input *CreateIpamResourceDiscoveryInput) (*CreateIpamResourceDiscoveryOutput, error) { + req, out := c.CreateIpamResourceDiscoveryRequest(input) + return out, req.Send() +} + +// CreateIpamResourceDiscoveryWithContext is the same as CreateIpamResourceDiscovery with the addition of +// the ability to pass a context and additional request options. +// +// See CreateIpamResourceDiscovery for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) CreateIpamResourceDiscoveryWithContext(ctx aws.Context, input *CreateIpamResourceDiscoveryInput, opts ...request.Option) (*CreateIpamResourceDiscoveryOutput, error) { + req, out := c.CreateIpamResourceDiscoveryRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opCreateIpamScope = "CreateIpamScope" // CreateIpamScopeRequest generates a "aws/request.Request" representing the @@ -6659,7 +7097,17 @@ func (c *EC2) CreateNatGatewayRequest(input *CreateNatGatewayInput) (req *reques // overlapping networks. // // For more information, see NAT gateways (https://docs.aws.amazon.com/vpc/latest/userguide/vpc-nat-gateway.html) -// in the Amazon Virtual Private Cloud User Guide. +// in the Amazon VPC User Guide. +// +// When you create a public NAT gateway and assign it an EIP or secondary EIPs, +// the network border group of the EIPs must match the network border group +// of the Availability Zone (AZ) that the public NAT gateway is in. If it's +// not the same, the NAT gateway will fail to launch. You can see the network +// border group for the subnet's AZ by viewing the details of the subnet. Similarly, +// you can view the network border group of an EIP by viewing the details of +// the EIP address. For more information about network border groups and EIPs, +// see Allocate an Elastic IP address (https://docs.aws.amazon.com/vpc/latest/userguide/vpc-eips.html#allocate-eip) +// in the Amazon VPC User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -6735,8 +7183,8 @@ func (c *EC2) CreateNetworkAclRequest(input *CreateNetworkAclInput) (req *reques // Creates a network ACL in a VPC. Network ACLs provide an optional layer of // security (in addition to security groups) for the instances in your VPC. // -// For more information, see Network ACLs (https://docs.aws.amazon.com/vpc/latest/userguide/VPC_ACLs.html) -// in the Amazon Virtual Private Cloud User Guide. +// For more information, see Network ACLs (https://docs.aws.amazon.com/vpc/latest/userguide/vpc-network-acls.html) +// in the Amazon VPC User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -6825,8 +7273,8 @@ func (c *EC2) CreateNetworkAclEntryRequest(input *CreateNetworkAclEntryInput) (r // After you add an entry, you can't modify it; you must either replace it, // or create an entry and delete the old one. // -// For more information about network ACLs, see Network ACLs (https://docs.aws.amazon.com/vpc/latest/userguide/VPC_ACLs.html) -// in the Amazon Virtual Private Cloud User Guide. +// For more information about network ACLs, see Network ACLs (https://docs.aws.amazon.com/vpc/latest/userguide/vpc-network-acls.html) +// in the Amazon VPC User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -6981,7 +7429,7 @@ func (c *EC2) CreateNetworkInsightsPathRequest(input *CreateNetworkInsightsPathI // // Reachability Analyzer enables you to analyze and debug network reachability // between two resources in your virtual private cloud (VPC). For more information, -// see What is Reachability Analyzer (https://docs.aws.amazon.com/vpc/latest/reachability/). +// see the Reachability Analyzer Guide (https://docs.aws.amazon.com/vpc/latest/reachability/). // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -7647,7 +8095,7 @@ func (c *EC2) CreateRouteRequest(input *CreateRouteInput) (req *request.Request, // more specific, so we use that route to determine where to target the traffic. // // For more information about route tables, see Route tables (https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Route_Tables.html) -// in the Amazon Virtual Private Cloud User Guide. +// in the Amazon VPC User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -7724,7 +8172,7 @@ func (c *EC2) CreateRouteTableRequest(input *CreateRouteTableInput) (req *reques // you can add routes and associate the table with a subnet. // // For more information, see Route tables (https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Route_Tables.html) -// in the Amazon Virtual Private Cloud User Guide. +// in the Amazon VPC User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -7807,16 +8255,13 @@ func (c *EC2) CreateSecurityGroupRequest(input *CreateSecurityGroupInput) (req * // in the Amazon Virtual Private Cloud User Guide. // // When you create a security group, you specify a friendly name of your choice. -// You can have a security group for use in EC2-Classic with the same name as -// a security group for use in a VPC. However, you can't have two security groups -// for use in EC2-Classic with the same name or two security groups for use -// in a VPC with the same name. +// You can't have two security groups for the same VPC with the same name. // -// You have a default security group for use in EC2-Classic and a default security -// group for use in your VPC. If you don't specify a security group when you -// launch an instance, the instance is launched into the appropriate default -// security group. A default security group includes a default rule that grants -// instances unrestricted network access to each other. +// You have a default security group for use in your VPC. If you don't specify +// a security group when you launch an instance, the instance is launched into +// the appropriate default security group. A default security group includes +// a default rule that grants instances unrestricted network access to each +// other. // // You can add or remove rules from your security groups using AuthorizeSecurityGroupIngress, // AuthorizeSecurityGroupEgress, RevokeSecurityGroupIngress, and RevokeSecurityGroupEgress. @@ -7824,10 +8269,6 @@ func (c *EC2) CreateSecurityGroupRequest(input *CreateSecurityGroupInput) (req * // For more information about VPC security group limits, see Amazon VPC Limits // (https://docs.aws.amazon.com/vpc/latest/userguide/amazon-vpc-limits.html). // -// We are retiring EC2-Classic. We recommend that you migrate from EC2-Classic -// to a VPC. For more information, see Migrate from EC2-Classic to a VPC (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-migrate.html) -// in the Amazon Elastic Compute Cloud User Guide. -// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -7923,8 +8364,8 @@ func (c *EC2) CreateSnapshotRequest(input *CreateSnapshotInput) (req *request.Re // snapshot. You may remount and use your volume while the snapshot status is // pending. // -// To create a snapshot for Amazon EBS volumes that serve as root devices, you -// should stop the instance before taking the snapshot. +// When you create a snapshot for an EBS volume that serves as a root device, +// we recommend that you stop the instance before taking the snapshot. // // Snapshots that are taken from encrypted volumes are automatically encrypted. // Volumes that are created from encrypted snapshots are also automatically @@ -7935,9 +8376,9 @@ func (c *EC2) CreateSnapshotRequest(input *CreateSnapshotInput) (req *request.Re // your Amazon EC2 resources (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html) // in the Amazon Elastic Compute Cloud User Guide. // -// For more information, see Amazon Elastic Block Store (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/AmazonEBS.html) -// and Amazon EBS encryption (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html) -// in the Amazon Elastic Compute Cloud User Guide. +// For more information, see Amazon Elastic Block Store (https://docs.aws.amazon.com/ebs/latest/userguide/what-is-ebs.html) +// and Amazon EBS encryption (https://docs.aws.amazon.com/ebs/latest/userguide/ebs-encryption.html) +// in the Amazon EBS User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -8251,18 +8692,22 @@ func (c *EC2) CreateSubnetRequest(input *CreateSubnetInput) (req *request.Reques // CreateSubnet API operation for Amazon Elastic Compute Cloud. // -// Creates a subnet in a specified VPC. +// Creates a subnet in the specified VPC. For an IPv4 only subnet, specify an +// IPv4 CIDR block. If the VPC has an IPv6 CIDR block, you can create an IPv6 +// only subnet or a dual stack subnet instead. For an IPv6 only subnet, specify +// an IPv6 CIDR block. For a dual stack subnet, specify both an IPv4 CIDR block +// and an IPv6 CIDR block. // -// You must specify an IPv4 CIDR block for the subnet. After you create a subnet, -// you can't change its CIDR block. The allowed block size is between a /16 -// netmask (65,536 IP addresses) and /28 netmask (16 IP addresses). The CIDR -// block must not overlap with the CIDR block of an existing subnet in the VPC. +// A subnet CIDR block must not overlap the CIDR block of an existing subnet +// in the VPC. After you create a subnet, you can't change its CIDR block. // -// If you've associated an IPv6 CIDR block with your VPC, you can create a subnet -// with an IPv6 CIDR block that uses a /64 prefix length. +// The allowed size for an IPv4 subnet is between a /28 netmask (16 IP addresses) +// and a /16 netmask (65,536 IP addresses). Amazon Web Services reserves both +// the first four and the last IPv4 address in each subnet's CIDR block. They're +// not available for your use. // -// Amazon Web Services reserves both the first four and the last IPv4 address -// in each subnet's CIDR block. They're not available for use. +// If you've associated an IPv6 CIDR block with your VPC, you can associate +// an IPv6 CIDR block with a subnet when you create it. // // If you add more than one subnet to a VPC, they're set up in a star topology // with a logical router in the middle. @@ -8271,8 +8716,8 @@ func (c *EC2) CreateSubnetRequest(input *CreateSubnetInput) (req *request.Reques // It's therefore possible to have a subnet with no running instances (they're // all stopped), but no remaining IP addresses available. // -// For more information about subnets, see Your VPC and subnets (https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Subnets.html) -// in the Amazon Virtual Private Cloud User Guide. +// For more information, see Subnets (https://docs.aws.amazon.com/vpc/latest/userguide/configure-subnets.html) +// in the Amazon VPC User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -8345,9 +8790,11 @@ func (c *EC2) CreateSubnetCidrReservationRequest(input *CreateSubnetCidrReservat // CreateSubnetCidrReservation API operation for Amazon Elastic Compute Cloud. // -// Creates a subnet CIDR reservation. For information about subnet CIDR reservations, -// see Subnet CIDR reservations (https://docs.aws.amazon.com/vpc/latest/userguide/subnet-cidr-reservation.html) -// in the Amazon Virtual Private Cloud User Guide. +// Creates a subnet CIDR reservation. For more information, see Subnet CIDR +// reservations (https://docs.aws.amazon.com/vpc/latest/userguide/subnet-cidr-reservation.html) +// in the Amazon Virtual Private Cloud User Guide and Assign prefixes to network +// interfaces (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-prefix-eni.html) +// in the Amazon Elastic Compute Cloud User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -9757,10 +10204,9 @@ func (c *EC2) CreateVerifiedAccessGroupRequest(input *CreateVerifiedAccessGroupI // // An Amazon Web Services Verified Access group is a collection of Amazon Web // Services Verified Access endpoints who's associated applications have similar -// security requirements. Each instance within an Amazon Web Services Verified -// Access group shares an Amazon Web Services Verified Access policy. For example, -// you can group all Amazon Web Services Verified Access instances associated -// with “sales” applications together and use one common Amazon Web Services +// security requirements. Each instance within a Verified Access group shares +// an Verified Access policy. For example, you can group all Verified Access +// instances associated with "sales" applications together and use one common // Verified Access policy. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -9911,9 +10357,8 @@ func (c *EC2) CreateVerifiedAccessTrustProviderRequest(input *CreateVerifiedAcce // // A trust provider is a third-party entity that creates, maintains, and manages // identity information for users and devices. When an application request is -// made, the identity information sent by the trust provider will be evaluated -// by Amazon Web Services Verified Access, before allowing or denying the application -// request. +// made, the identity information sent by the trust provider is evaluated by +// Verified Access before allowing or denying the application request. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -9996,15 +10441,15 @@ func (c *EC2) CreateVolumeRequest(input *CreateVolumeInput) (req *request.Reques // You can create encrypted volumes. Encrypted volumes must be attached to instances // that support Amazon EBS encryption. Volumes that are created from encrypted // snapshots are also automatically encrypted. For more information, see Amazon -// EBS encryption (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html) -// in the Amazon Elastic Compute Cloud User Guide. +// EBS encryption (https://docs.aws.amazon.com/ebs/latest/userguide/ebs-encryption.html) +// in the Amazon EBS User Guide. // // You can tag your volumes during creation. For more information, see Tag your // Amazon EC2 resources (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html) // in the Amazon Elastic Compute Cloud User Guide. // -// For more information, see Create an Amazon EBS volume (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-creating-volume.html) -// in the Amazon Elastic Compute Cloud User Guide. +// For more information, see Create an Amazon EBS volume (https://docs.aws.amazon.com/ebs/latest/userguide/ebs-creating-volume.html) +// in the Amazon EBS User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -10077,26 +10522,24 @@ func (c *EC2) CreateVpcRequest(input *CreateVpcInput) (req *request.Request, out // CreateVpc API operation for Amazon Elastic Compute Cloud. // -// Creates a VPC with the specified IPv4 CIDR block. The smallest VPC you can -// create uses a /28 netmask (16 IPv4 addresses), and the largest uses a /16 -// netmask (65,536 IPv4 addresses). For more information about how large to -// make your VPC, see Your VPC and subnets (https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Subnets.html) -// in the Amazon Virtual Private Cloud User Guide. +// Creates a VPC with the specified CIDR blocks. For more information, see IP +// addressing for your VPCs and subnets (https://docs.aws.amazon.com/vpc/latest/userguide/vpc-ip-addressing.html) +// in the Amazon VPC User Guide. // // You can optionally request an IPv6 CIDR block for the VPC. You can request -// an Amazon-provided IPv6 CIDR block from Amazon's pool of IPv6 addresses, -// or an IPv6 CIDR block from an IPv6 address pool that you provisioned through +// an Amazon-provided IPv6 CIDR block from Amazon's pool of IPv6 addresses or +// an IPv6 CIDR block from an IPv6 address pool that you provisioned through // bring your own IP addresses (BYOIP (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-byoip.html)). // -// By default, each instance you launch in the VPC has the default DHCP options, -// which include only a default DNS server that we provide (AmazonProvidedDNS). -// For more information, see DHCP options sets (https://docs.aws.amazon.com/vpc/latest/userguide/VPC_DHCP_Options.html) -// in the Amazon Virtual Private Cloud User Guide. +// By default, each instance that you launch in the VPC has the default DHCP +// options, which include only a default DNS server that we provide (AmazonProvidedDNS). +// For more information, see DHCP option sets (https://docs.aws.amazon.com/vpc/latest/userguide/VPC_DHCP_Options.html) +// in the Amazon VPC User Guide. // // You can specify the instance tenancy value for the VPC when you create it. // You can't change this value for the VPC after you create it. For more information, // see Dedicated Instances (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/dedicated-instance.html) -// in the Amazon Elastic Compute Cloud User Guide. +// in the Amazon EC2 User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -10169,11 +10612,11 @@ func (c *EC2) CreateVpcEndpointRequest(input *CreateVpcEndpointInput) (req *requ // CreateVpcEndpoint API operation for Amazon Elastic Compute Cloud. // -// Creates a VPC endpoint for a specified service. An endpoint enables you to -// create a private connection between your VPC and the service. The service -// may be provided by Amazon Web Services, an Amazon Web Services Marketplace +// Creates a VPC endpoint. A VPC endpoint provides a private connection between +// the specified VPC and the specified endpoint service. You can use an endpoint +// service provided by Amazon Web Services, an Amazon Web Services Marketplace // Partner, or another Amazon Web Services account. For more information, see -// the Amazon Web Services PrivateLink Guide (https://docs.aws.amazon.com/vpc/latest/privatelink/). +// the Amazon Web Services PrivateLink User Guide (https://docs.aws.amazon.com/vpc/latest/privatelink/). // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -10326,7 +10769,7 @@ func (c *EC2) CreateVpcEndpointServiceConfigurationRequest(input *CreateVpcEndpo // CreateVpcEndpointServiceConfiguration API operation for Amazon Elastic Compute Cloud. // // Creates a VPC endpoint service to which service consumers (Amazon Web Services -// accounts, IAM users, and IAM roles) can connect. +// accounts, users, and IAM roles) can connect. // // Before you create an endpoint service, you must create one of the following // for your service: @@ -11350,11 +11793,11 @@ func (c *EC2) DeleteFleetsRequest(input *DeleteFleetsInput) (req *request.Reques // DeleteFleets API operation for Amazon Elastic Compute Cloud. // -// Deletes the specified EC2 Fleet. +// Deletes the specified EC2 Fleets. // // After you delete an EC2 Fleet, it launches no new instances. // -// You must specify whether a deleted EC2 Fleet should also terminate its instances. +// You must also specify whether a deleted EC2 Fleet should terminate its instances. // If you choose to terminate the instances, the EC2 Fleet enters the deleted_terminating // state. Otherwise, the EC2 Fleet enters the deleted_running state, and the // instances continue to run until they are interrupted or you terminate them @@ -11550,6 +11993,79 @@ func (c *EC2) DeleteFpgaImageWithContext(ctx aws.Context, input *DeleteFpgaImage return out, req.Send() } +const opDeleteInstanceConnectEndpoint = "DeleteInstanceConnectEndpoint" + +// DeleteInstanceConnectEndpointRequest generates a "aws/request.Request" representing the +// client's request for the DeleteInstanceConnectEndpoint operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DeleteInstanceConnectEndpoint for more information on using the DeleteInstanceConnectEndpoint +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the DeleteInstanceConnectEndpointRequest method. +// req, resp := client.DeleteInstanceConnectEndpointRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DeleteInstanceConnectEndpoint +func (c *EC2) DeleteInstanceConnectEndpointRequest(input *DeleteInstanceConnectEndpointInput) (req *request.Request, output *DeleteInstanceConnectEndpointOutput) { + op := &request.Operation{ + Name: opDeleteInstanceConnectEndpoint, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &DeleteInstanceConnectEndpointInput{} + } + + output = &DeleteInstanceConnectEndpointOutput{} + req = c.newRequest(op, input, output) + return +} + +// DeleteInstanceConnectEndpoint API operation for Amazon Elastic Compute Cloud. +// +// Deletes the specified EC2 Instance Connect Endpoint. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation DeleteInstanceConnectEndpoint for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DeleteInstanceConnectEndpoint +func (c *EC2) DeleteInstanceConnectEndpoint(input *DeleteInstanceConnectEndpointInput) (*DeleteInstanceConnectEndpointOutput, error) { + req, out := c.DeleteInstanceConnectEndpointRequest(input) + return out, req.Send() +} + +// DeleteInstanceConnectEndpointWithContext is the same as DeleteInstanceConnectEndpoint with the addition of +// the ability to pass a context and additional request options. +// +// See DeleteInstanceConnectEndpoint for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DeleteInstanceConnectEndpointWithContext(ctx aws.Context, input *DeleteInstanceConnectEndpointInput, opts ...request.Option) (*DeleteInstanceConnectEndpointOutput, error) { + req, out := c.DeleteInstanceConnectEndpointRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opDeleteInstanceEventWindow = "DeleteInstanceEventWindow" // DeleteInstanceEventWindowRequest generates a "aws/request.Request" representing the @@ -11858,6 +12374,81 @@ func (c *EC2) DeleteIpamPoolWithContext(ctx aws.Context, input *DeleteIpamPoolIn return out, req.Send() } +const opDeleteIpamResourceDiscovery = "DeleteIpamResourceDiscovery" + +// DeleteIpamResourceDiscoveryRequest generates a "aws/request.Request" representing the +// client's request for the DeleteIpamResourceDiscovery operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DeleteIpamResourceDiscovery for more information on using the DeleteIpamResourceDiscovery +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the DeleteIpamResourceDiscoveryRequest method. +// req, resp := client.DeleteIpamResourceDiscoveryRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DeleteIpamResourceDiscovery +func (c *EC2) DeleteIpamResourceDiscoveryRequest(input *DeleteIpamResourceDiscoveryInput) (req *request.Request, output *DeleteIpamResourceDiscoveryOutput) { + op := &request.Operation{ + Name: opDeleteIpamResourceDiscovery, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &DeleteIpamResourceDiscoveryInput{} + } + + output = &DeleteIpamResourceDiscoveryOutput{} + req = c.newRequest(op, input, output) + return +} + +// DeleteIpamResourceDiscovery API operation for Amazon Elastic Compute Cloud. +// +// Deletes an IPAM resource discovery. A resource discovery is an IPAM component +// that enables IPAM to manage and monitor resources that belong to the owning +// account. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation DeleteIpamResourceDiscovery for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DeleteIpamResourceDiscovery +func (c *EC2) DeleteIpamResourceDiscovery(input *DeleteIpamResourceDiscoveryInput) (*DeleteIpamResourceDiscoveryOutput, error) { + req, out := c.DeleteIpamResourceDiscoveryRequest(input) + return out, req.Send() +} + +// DeleteIpamResourceDiscoveryWithContext is the same as DeleteIpamResourceDiscovery with the addition of +// the ability to pass a context and additional request options. +// +// See DeleteIpamResourceDiscovery for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DeleteIpamResourceDiscoveryWithContext(ctx aws.Context, input *DeleteIpamResourceDiscoveryInput, opts ...request.Option) (*DeleteIpamResourceDiscoveryOutput, error) { + req, out := c.DeleteIpamResourceDiscoveryRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opDeleteIpamScope = "DeleteIpamScope" // DeleteIpamScopeRequest generates a "aws/request.Request" representing the @@ -11972,7 +12563,6 @@ func (c *EC2) DeleteKeyPairRequest(input *DeleteKeyPairInput) (req *request.Requ output = &DeleteKeyPairOutput{} req = c.newRequest(op, input, output) - req.Handlers.Unmarshal.Swap(ec2query.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) return } @@ -12125,10 +12715,19 @@ func (c *EC2) DeleteLaunchTemplateVersionsRequest(input *DeleteLaunchTemplateVer // DeleteLaunchTemplateVersions API operation for Amazon Elastic Compute Cloud. // -// Deletes one or more versions of a launch template. You cannot delete the -// default version of a launch template; you must first assign a different version -// as the default. If the default version is the only version for the launch -// template, you must delete the entire launch template using DeleteLaunchTemplate. +// Deletes one or more versions of a launch template. +// +// You can't delete the default version of a launch template; you must first +// assign a different version as the default. If the default version is the +// only version for the launch template, you must delete the entire launch template +// using DeleteLaunchTemplate. +// +// You can delete up to 200 launch template versions in a single request. To +// delete more than 200 versions in a single request, use DeleteLaunchTemplate, +// which deletes the launch template and all of its versions. +// +// For more information, see Delete a launch template version (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/manage-launch-template-versions.html#delete-launch-template-version) +// in the EC2 User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -13615,13 +14214,9 @@ func (c *EC2) DeleteSecurityGroupRequest(input *DeleteSecurityGroupInput) (req * // // Deletes a security group. // -// If you attempt to delete a security group that is associated with an instance, -// or is referenced by another security group, the operation fails with InvalidGroup.InUse -// in EC2-Classic or DependencyViolation in EC2-VPC. -// -// We are retiring EC2-Classic. We recommend that you migrate from EC2-Classic -// to a VPC. For more information, see Migrate from EC2-Classic to a VPC (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-migrate.html) -// in the Amazon Elastic Compute Cloud User Guide. +// If you attempt to delete a security group that is associated with an instance +// or network interface or is referenced by another security group, the operation +// fails with DependencyViolation. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -13708,8 +14303,8 @@ func (c *EC2) DeleteSnapshotRequest(input *DeleteSnapshotInput) (req *request.Re // a registered AMI. You must first de-register the AMI before you can delete // the snapshot. // -// For more information, see Delete an Amazon EBS snapshot (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-deleting-snapshot.html) -// in the Amazon Elastic Compute Cloud User Guide. +// For more information, see Delete an Amazon EBS snapshot (https://docs.aws.amazon.com/ebs/latest/userguide/ebs-deleting-snapshot.html) +// in the Amazon EBS User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -15485,8 +16080,8 @@ func (c *EC2) DeleteVolumeRequest(input *DeleteVolumeInput) (req *request.Reques // // The volume can remain in the deleting state for several minutes. // -// For more information, see Delete an Amazon EBS volume (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-deleting-volume.html) -// in the Amazon Elastic Compute Cloud User Guide. +// For more information, see Delete an Amazon EBS volume (https://docs.aws.amazon.com/ebs/latest/userguide/ebs-deleting-volume.html) +// in the Amazon EBS User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -15564,7 +16159,9 @@ func (c *EC2) DeleteVpcRequest(input *DeleteVpcInput) (req *request.Request, out // that are associated with the VPC before you can delete it. For example, you // must terminate all instances running in the VPC, delete all security groups // associated with the VPC (except the default one), delete all route tables -// associated with the VPC (except the default one), and so on. +// associated with the VPC (except the default one), and so on. When you delete +// the VPC, it deletes the VPC's default security group, network ACL, and route +// table. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -15637,7 +16234,7 @@ func (c *EC2) DeleteVpcEndpointConnectionNotificationsRequest(input *DeleteVpcEn // DeleteVpcEndpointConnectionNotifications API operation for Amazon Elastic Compute Cloud. // -// Deletes one or more VPC endpoint connection notifications. +// Deletes the specified VPC endpoint connection notifications. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -15710,10 +16307,10 @@ func (c *EC2) DeleteVpcEndpointServiceConfigurationsRequest(input *DeleteVpcEndp // DeleteVpcEndpointServiceConfigurations API operation for Amazon Elastic Compute Cloud. // -// Deletes one or more VPC endpoint service configurations in your account. -// Before you delete the endpoint service configuration, you must reject any -// Available or PendingAcceptance interface endpoint connections that are attached -// to the service. +// Deletes the specified VPC endpoint service configurations. Before you can +// delete an endpoint service configuration, you must reject any Available or +// PendingAcceptance interface endpoint connections that are attached to the +// service. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -15786,26 +16383,16 @@ func (c *EC2) DeleteVpcEndpointsRequest(input *DeleteVpcEndpointsInput) (req *re // DeleteVpcEndpoints API operation for Amazon Elastic Compute Cloud. // -// Deletes one or more specified VPC endpoints. You can delete any of the following -// types of VPC endpoints. -// -// - Gateway endpoint, -// -// - Gateway Load Balancer endpoint, -// -// - Interface endpoint +// Deletes the specified VPC endpoints. // -// The following rules apply when you delete a VPC endpoint: +// When you delete a gateway endpoint, we delete the endpoint routes in the +// route tables for the endpoint. // -// - When you delete a gateway endpoint, we delete the endpoint routes in -// the route tables that are associated with the endpoint. +// When you delete a Gateway Load Balancer endpoint, we delete its endpoint +// network interfaces. You can only delete Gateway Load Balancer endpoints when +// the routes that are associated with the endpoint are deleted. // -// - When you delete a Gateway Load Balancer endpoint, we delete the endpoint -// network interfaces. You can only delete Gateway Load Balancer endpoints -// when the routes that are associated with the endpoint are deleted. -// -// - When you delete an interface endpoint, we delete the endpoint network -// interfaces. +// When you delete an interface endpoint, we delete its endpoint network interfaces. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -15882,7 +16469,7 @@ func (c *EC2) DeleteVpcPeeringConnectionRequest(input *DeleteVpcPeeringConnectio // the owner of the accepter VPC can delete the VPC peering connection if it's // in the active state. The owner of the requester VPC can delete a VPC peering // connection in the pending-acceptance state. You cannot delete a VPC peering -// connection that's in the failed state. +// connection that's in the failed or rejected state. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -16232,6 +16819,84 @@ func (c *EC2) DeprovisionByoipCidrWithContext(ctx aws.Context, input *Deprovisio return out, req.Send() } +const opDeprovisionIpamByoasn = "DeprovisionIpamByoasn" + +// DeprovisionIpamByoasnRequest generates a "aws/request.Request" representing the +// client's request for the DeprovisionIpamByoasn operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DeprovisionIpamByoasn for more information on using the DeprovisionIpamByoasn +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the DeprovisionIpamByoasnRequest method. +// req, resp := client.DeprovisionIpamByoasnRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DeprovisionIpamByoasn +func (c *EC2) DeprovisionIpamByoasnRequest(input *DeprovisionIpamByoasnInput) (req *request.Request, output *DeprovisionIpamByoasnOutput) { + op := &request.Operation{ + Name: opDeprovisionIpamByoasn, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &DeprovisionIpamByoasnInput{} + } + + output = &DeprovisionIpamByoasnOutput{} + req = c.newRequest(op, input, output) + return +} + +// DeprovisionIpamByoasn API operation for Amazon Elastic Compute Cloud. +// +// Deprovisions your Autonomous System Number (ASN) from your Amazon Web Services +// account. This action can only be called after any BYOIP CIDR associations +// are removed from your Amazon Web Services account with DisassociateIpamByoasn +// (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DisassociateIpamByoasn.html). +// For more information, see Tutorial: Bring your ASN to IPAM (https://docs.aws.amazon.com/vpc/latest/ipam/tutorials-byoasn.html) +// in the Amazon VPC IPAM guide. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation DeprovisionIpamByoasn for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DeprovisionIpamByoasn +func (c *EC2) DeprovisionIpamByoasn(input *DeprovisionIpamByoasnInput) (*DeprovisionIpamByoasnOutput, error) { + req, out := c.DeprovisionIpamByoasnRequest(input) + return out, req.Send() +} + +// DeprovisionIpamByoasnWithContext is the same as DeprovisionIpamByoasn with the addition of +// the ability to pass a context and additional request options. +// +// See DeprovisionIpamByoasn for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DeprovisionIpamByoasnWithContext(ctx aws.Context, input *DeprovisionIpamByoasnInput, opts ...request.Option) (*DeprovisionIpamByoasnOutput, error) { + req, out := c.DeprovisionIpamByoasnRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opDeprovisionIpamPoolCidr = "DeprovisionIpamPoolCidr" // DeprovisionIpamPoolCidrRequest generates a "aws/request.Request" representing the @@ -16738,9 +17403,6 @@ func (c *EC2) DescribeAccountAttributesRequest(input *DescribeAccountAttributesI // Describes attributes of your Amazon Web Services account. The following are // the supported account attributes: // -// - supported-platforms: Indicates whether your account can launch instances -// into EC2-Classic and EC2-VPC, or only into EC2-VPC. -// // - default-vpc: The ID of the default VPC for your account, or none. // // - max-instances: This attribute is no longer supported. The returned value @@ -16748,19 +17410,20 @@ func (c *EC2) DescribeAccountAttributesRequest(input *DescribeAccountAttributesI // For more information, see On-Demand Instance Limits (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-on-demand-instances.html#ec2-on-demand-instances-limits) // in the Amazon Elastic Compute Cloud User Guide. // -// - vpc-max-security-groups-per-interface: The maximum number of security -// groups that you can assign to a network interface. -// // - max-elastic-ips: The maximum number of Elastic IP addresses that you -// can allocate for use with EC2-Classic. +// can allocate. +// +// - supported-platforms: This attribute is deprecated. // // - vpc-max-elastic-ips: The maximum number of Elastic IP addresses that -// you can allocate for use with EC2-VPC. +// you can allocate. // -// We are retiring EC2-Classic on August 15, 2022. We recommend that you migrate -// from EC2-Classic to a VPC. For more information, see Migrate from EC2-Classic -// to a VPC (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-migrate.html) -// in the Amazon EC2 User Guide. +// - vpc-max-security-groups-per-interface: The maximum number of security +// groups that you can assign to a network interface. +// +// The order of the elements in the response, including those within nested +// structures, might vary. Applications should not assume the elements appear +// in a particular order. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -16843,6 +17506,15 @@ func (c *EC2) DescribeAddressTransfersRequest(input *DescribeAddressTransfersInp // Elastic IP addresses (https://docs.aws.amazon.com/vpc/latest/userguide/vpc-eips.html#transfer-EIPs-intro) // in the Amazon Virtual Private Cloud User Guide. // +// When you transfer an Elastic IP address, there is a two-step handshake between +// the source and transfer Amazon Web Services accounts. When the source account +// starts the transfer, the transfer account has seven days to accept the Elastic +// IP address transfer. During those seven days, the source account can view +// the pending transfer by using this action. After seven days, the transfer +// expires and ownership of the Elastic IP address returns to the source account. +// Accepted transfers are visible to the source account for three days after +// the transfers have been accepted. +// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -16967,14 +17639,6 @@ func (c *EC2) DescribeAddressesRequest(input *DescribeAddressesInput) (req *requ // // Describes the specified Elastic IP addresses or all of your Elastic IP addresses. // -// An Elastic IP address is for use in either the EC2-Classic platform or in -// a VPC. For more information, see Elastic IP Addresses (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/elastic-ip-addresses-eip.html) -// in the Amazon Elastic Compute Cloud User Guide. -// -// We are retiring EC2-Classic. We recommend that you migrate from EC2-Classic -// to a VPC. For more information, see Migrate from EC2-Classic to a VPC (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-migrate.html) -// in the Amazon Elastic Compute Cloud User Guide. -// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -17272,6 +17936,10 @@ func (c *EC2) DescribeAvailabilityZonesRequest(input *DescribeAvailabilityZonesI // Zones, see Regions and zones (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-regions-availability-zones.html) // in the Amazon Elastic Compute Cloud User Guide. // +// The order of the elements in the response, including those within nested +// structures, might vary. Applications should not assume the elements appear +// in a particular order. +// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -17480,6 +18148,10 @@ func (c *EC2) DescribeBundleTasksRequest(input *DescribeBundleTasksInput) (req * // use RegisterImage with the Amazon S3 bucket name and image manifest name // you provided to the bundle task. // +// The order of the elements in the response, including those within nested +// structures, might vary. Applications should not assume the elements appear +// in a particular order. +// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -17641,6 +18313,138 @@ func (c *EC2) DescribeByoipCidrsPagesWithContext(ctx aws.Context, input *Describ return p.Err() } +const opDescribeCapacityBlockOfferings = "DescribeCapacityBlockOfferings" + +// DescribeCapacityBlockOfferingsRequest generates a "aws/request.Request" representing the +// client's request for the DescribeCapacityBlockOfferings operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DescribeCapacityBlockOfferings for more information on using the DescribeCapacityBlockOfferings +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the DescribeCapacityBlockOfferingsRequest method. +// req, resp := client.DescribeCapacityBlockOfferingsRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DescribeCapacityBlockOfferings +func (c *EC2) DescribeCapacityBlockOfferingsRequest(input *DescribeCapacityBlockOfferingsInput) (req *request.Request, output *DescribeCapacityBlockOfferingsOutput) { + op := &request.Operation{ + Name: opDescribeCapacityBlockOfferings, + HTTPMethod: "POST", + HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "MaxResults", + TruncationToken: "", + }, + } + + if input == nil { + input = &DescribeCapacityBlockOfferingsInput{} + } + + output = &DescribeCapacityBlockOfferingsOutput{} + req = c.newRequest(op, input, output) + return +} + +// DescribeCapacityBlockOfferings API operation for Amazon Elastic Compute Cloud. +// +// Describes Capacity Block offerings available for purchase in the Amazon Web +// Services Region that you're currently using. With Capacity Blocks, you purchase +// a specific instance type for a period of time. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation DescribeCapacityBlockOfferings for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DescribeCapacityBlockOfferings +func (c *EC2) DescribeCapacityBlockOfferings(input *DescribeCapacityBlockOfferingsInput) (*DescribeCapacityBlockOfferingsOutput, error) { + req, out := c.DescribeCapacityBlockOfferingsRequest(input) + return out, req.Send() +} + +// DescribeCapacityBlockOfferingsWithContext is the same as DescribeCapacityBlockOfferings with the addition of +// the ability to pass a context and additional request options. +// +// See DescribeCapacityBlockOfferings for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DescribeCapacityBlockOfferingsWithContext(ctx aws.Context, input *DescribeCapacityBlockOfferingsInput, opts ...request.Option) (*DescribeCapacityBlockOfferingsOutput, error) { + req, out := c.DescribeCapacityBlockOfferingsRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +// DescribeCapacityBlockOfferingsPages iterates over the pages of a DescribeCapacityBlockOfferings operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See DescribeCapacityBlockOfferings method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a DescribeCapacityBlockOfferings operation. +// pageNum := 0 +// err := client.DescribeCapacityBlockOfferingsPages(params, +// func(page *ec2.DescribeCapacityBlockOfferingsOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +func (c *EC2) DescribeCapacityBlockOfferingsPages(input *DescribeCapacityBlockOfferingsInput, fn func(*DescribeCapacityBlockOfferingsOutput, bool) bool) error { + return c.DescribeCapacityBlockOfferingsPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// DescribeCapacityBlockOfferingsPagesWithContext same as DescribeCapacityBlockOfferingsPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DescribeCapacityBlockOfferingsPagesWithContext(ctx aws.Context, input *DescribeCapacityBlockOfferingsInput, fn func(*DescribeCapacityBlockOfferingsOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *DescribeCapacityBlockOfferingsInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.DescribeCapacityBlockOfferingsRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*DescribeCapacityBlockOfferingsOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + const opDescribeCapacityReservationFleets = "DescribeCapacityReservationFleets" // DescribeCapacityReservationFleetsRequest generates a "aws/request.Request" representing the @@ -18082,15 +18886,13 @@ func (c *EC2) DescribeClassicLinkInstancesRequest(input *DescribeClassicLinkInst // DescribeClassicLinkInstances API operation for Amazon Elastic Compute Cloud. // +// This action is deprecated. +// // Describes one or more of your linked EC2-Classic instances. This request // only returns information about EC2-Classic instances linked to a VPC through // ClassicLink. You cannot use this request to return information about other // instances. // -// We are retiring EC2-Classic. We recommend that you migrate from EC2-Classic -// to a VPC. For more information, see Migrate from EC2-Classic to a VPC (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-migrate.html) -// in the Amazon Elastic Compute Cloud User Guide. -// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -19157,7 +19959,7 @@ func (c *EC2) DescribeDhcpOptionsRequest(input *DescribeDhcpOptionsInput) (req * // Describes one or more of your DHCP options sets. // // For more information, see DHCP options sets (https://docs.aws.amazon.com/vpc/latest/userguide/VPC_DHCP_Options.html) -// in the Amazon Virtual Private Cloud User Guide. +// in the Amazon VPC User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -19411,6 +20213,10 @@ func (c *EC2) DescribeElasticGpusRequest(input *DescribeElasticGpusInput) (req * // DescribeElasticGpus API operation for Amazon Elastic Compute Cloud. // +// Amazon Elastic Graphics reached end of life on January 8, 2024. For workloads +// that require graphics acceleration, we recommend that you use Amazon EC2 +// G4ad, G4dn, or G5 instances. +// // Describes the Elastic Graphics accelerator associated with your instances. // For more information about Elastic Graphics, see Amazon Elastic Graphics // (https://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/elastic-graphics.html). @@ -19696,7 +20502,7 @@ func (c *EC2) DescribeFastLaunchImagesRequest(input *DescribeFastLaunchImagesInp // DescribeFastLaunchImages API operation for Amazon Elastic Compute Cloud. // -// Describe details for Windows AMIs that are configured for faster launching. +// Describe details for Windows AMIs that are configured for Windows fast launch. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -20032,7 +20838,10 @@ func (c *EC2) DescribeFleetInstancesRequest(input *DescribeFleetInstancesInput) // // Describes the running instances for the specified EC2 Fleet. // -// For more information, see Monitor your EC2 Fleet (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/manage-ec2-fleet.html#monitor-ec2-fleet) +// Currently, DescribeFleetInstances does not support fleets of type instant. +// Instead, use DescribeFleets, specifying the instant fleet ID in the request. +// +// For more information, see Describe your EC2 Fleet (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/manage-ec2-fleet.html#monitor-ec2-fleet) // in the Amazon EC2 User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -20112,9 +20921,12 @@ func (c *EC2) DescribeFleetsRequest(input *DescribeFleetsInput) (req *request.Re // DescribeFleets API operation for Amazon Elastic Compute Cloud. // -// Describes the specified EC2 Fleets or all of your EC2 Fleets. +// Describes the specified EC2 Fleet or all of your EC2 Fleets. +// +// If a fleet is of type instant, you must specify the fleet ID in the request, +// otherwise the fleet does not appear in the response. // -// For more information, see Monitor your EC2 Fleet (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/manage-ec2-fleet.html#monitor-ec2-fleet) +// For more information, see Describe your EC2 Fleet (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/manage-ec2-fleet.html#monitor-ec2-fleet) // in the Amazon EC2 User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -21294,6 +22106,10 @@ func (c *EC2) DescribeImageAttributeRequest(input *DescribeImageAttributeInput) // Describes the specified attribute of the specified AMI. You can specify only // one attribute at a time. // +// The order of the elements in the response, including those within nested +// structures, might vary. Applications should not assume the elements appear +// in a particular order. +// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -21383,6 +22199,10 @@ func (c *EC2) DescribeImagesRequest(input *DescribeImagesInput) (req *request.Re // AMI are terminated, specifying the ID of the image will eventually return // an error indicating that the AMI ID cannot be found. // +// The order of the elements in the response, including those within nested +// structures, might vary. Applications should not assume the elements appear +// in a particular order. +// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -21800,6 +22620,137 @@ func (c *EC2) DescribeInstanceAttributeWithContext(ctx aws.Context, input *Descr return out, req.Send() } +const opDescribeInstanceConnectEndpoints = "DescribeInstanceConnectEndpoints" + +// DescribeInstanceConnectEndpointsRequest generates a "aws/request.Request" representing the +// client's request for the DescribeInstanceConnectEndpoints operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DescribeInstanceConnectEndpoints for more information on using the DescribeInstanceConnectEndpoints +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the DescribeInstanceConnectEndpointsRequest method. +// req, resp := client.DescribeInstanceConnectEndpointsRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DescribeInstanceConnectEndpoints +func (c *EC2) DescribeInstanceConnectEndpointsRequest(input *DescribeInstanceConnectEndpointsInput) (req *request.Request, output *DescribeInstanceConnectEndpointsOutput) { + op := &request.Operation{ + Name: opDescribeInstanceConnectEndpoints, + HTTPMethod: "POST", + HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "MaxResults", + TruncationToken: "", + }, + } + + if input == nil { + input = &DescribeInstanceConnectEndpointsInput{} + } + + output = &DescribeInstanceConnectEndpointsOutput{} + req = c.newRequest(op, input, output) + return +} + +// DescribeInstanceConnectEndpoints API operation for Amazon Elastic Compute Cloud. +// +// Describes the specified EC2 Instance Connect Endpoints or all EC2 Instance +// Connect Endpoints. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation DescribeInstanceConnectEndpoints for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DescribeInstanceConnectEndpoints +func (c *EC2) DescribeInstanceConnectEndpoints(input *DescribeInstanceConnectEndpointsInput) (*DescribeInstanceConnectEndpointsOutput, error) { + req, out := c.DescribeInstanceConnectEndpointsRequest(input) + return out, req.Send() +} + +// DescribeInstanceConnectEndpointsWithContext is the same as DescribeInstanceConnectEndpoints with the addition of +// the ability to pass a context and additional request options. +// +// See DescribeInstanceConnectEndpoints for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DescribeInstanceConnectEndpointsWithContext(ctx aws.Context, input *DescribeInstanceConnectEndpointsInput, opts ...request.Option) (*DescribeInstanceConnectEndpointsOutput, error) { + req, out := c.DescribeInstanceConnectEndpointsRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +// DescribeInstanceConnectEndpointsPages iterates over the pages of a DescribeInstanceConnectEndpoints operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See DescribeInstanceConnectEndpoints method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a DescribeInstanceConnectEndpoints operation. +// pageNum := 0 +// err := client.DescribeInstanceConnectEndpointsPages(params, +// func(page *ec2.DescribeInstanceConnectEndpointsOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +func (c *EC2) DescribeInstanceConnectEndpointsPages(input *DescribeInstanceConnectEndpointsInput, fn func(*DescribeInstanceConnectEndpointsOutput, bool) bool) error { + return c.DescribeInstanceConnectEndpointsPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// DescribeInstanceConnectEndpointsPagesWithContext same as DescribeInstanceConnectEndpointsPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DescribeInstanceConnectEndpointsPagesWithContext(ctx aws.Context, input *DescribeInstanceConnectEndpointsInput, fn func(*DescribeInstanceConnectEndpointsOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *DescribeInstanceConnectEndpointsInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.DescribeInstanceConnectEndpointsRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*DescribeInstanceConnectEndpointsOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + const opDescribeInstanceCreditSpecifications = "DescribeInstanceCreditSpecifications" // DescribeInstanceCreditSpecificationsRequest generates a "aws/request.Request" representing the @@ -22239,6 +23190,10 @@ func (c *EC2) DescribeInstanceStatusRequest(input *DescribeInstanceStatusInput) // (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-lifecycle.html) // in the Amazon EC2 User Guide. // +// The order of the elements in the response, including those within nested +// structures, might vary. Applications should not assume the elements appear +// in a particular order. +// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -22318,6 +23273,151 @@ func (c *EC2) DescribeInstanceStatusPagesWithContext(ctx aws.Context, input *Des return p.Err() } +const opDescribeInstanceTopology = "DescribeInstanceTopology" + +// DescribeInstanceTopologyRequest generates a "aws/request.Request" representing the +// client's request for the DescribeInstanceTopology operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DescribeInstanceTopology for more information on using the DescribeInstanceTopology +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the DescribeInstanceTopologyRequest method. +// req, resp := client.DescribeInstanceTopologyRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DescribeInstanceTopology +func (c *EC2) DescribeInstanceTopologyRequest(input *DescribeInstanceTopologyInput) (req *request.Request, output *DescribeInstanceTopologyOutput) { + op := &request.Operation{ + Name: opDescribeInstanceTopology, + HTTPMethod: "POST", + HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "MaxResults", + TruncationToken: "", + }, + } + + if input == nil { + input = &DescribeInstanceTopologyInput{} + } + + output = &DescribeInstanceTopologyOutput{} + req = c.newRequest(op, input, output) + return +} + +// DescribeInstanceTopology API operation for Amazon Elastic Compute Cloud. +// +// Describes a tree-based hierarchy that represents the physical host placement +// of your EC2 instances within an Availability Zone or Local Zone. You can +// use this information to determine the relative proximity of your EC2 instances +// within the Amazon Web Services network to support your tightly coupled workloads. +// +// Limitations +// +// - Supported zones Availability Zone Local Zone +// +// - Supported instance types hpc6a.48xlarge | hpc6id.32xlarge | hpc7a.12xlarge +// | hpc7a.24xlarge | hpc7a.48xlarge | hpc7a.96xlarge | hpc7g.4xlarge | hpc7g.8xlarge +// | hpc7g.16xlarge p3dn.24xlarge | p4d.24xlarge | p4de.24xlarge | p5.48xlarge +// trn1.2xlarge | trn1.32xlarge | trn1n.32xlarge +// +// For more information, see Amazon EC2 instance topology (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-topology.html) +// in the Amazon EC2 User Guide. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation DescribeInstanceTopology for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DescribeInstanceTopology +func (c *EC2) DescribeInstanceTopology(input *DescribeInstanceTopologyInput) (*DescribeInstanceTopologyOutput, error) { + req, out := c.DescribeInstanceTopologyRequest(input) + return out, req.Send() +} + +// DescribeInstanceTopologyWithContext is the same as DescribeInstanceTopology with the addition of +// the ability to pass a context and additional request options. +// +// See DescribeInstanceTopology for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DescribeInstanceTopologyWithContext(ctx aws.Context, input *DescribeInstanceTopologyInput, opts ...request.Option) (*DescribeInstanceTopologyOutput, error) { + req, out := c.DescribeInstanceTopologyRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +// DescribeInstanceTopologyPages iterates over the pages of a DescribeInstanceTopology operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See DescribeInstanceTopology method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a DescribeInstanceTopology operation. +// pageNum := 0 +// err := client.DescribeInstanceTopologyPages(params, +// func(page *ec2.DescribeInstanceTopologyOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +func (c *EC2) DescribeInstanceTopologyPages(input *DescribeInstanceTopologyInput, fn func(*DescribeInstanceTopologyOutput, bool) bool) error { + return c.DescribeInstanceTopologyPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// DescribeInstanceTopologyPagesWithContext same as DescribeInstanceTopologyPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DescribeInstanceTopologyPagesWithContext(ctx aws.Context, input *DescribeInstanceTopologyInput, fn func(*DescribeInstanceTopologyOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *DescribeInstanceTopologyInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.DescribeInstanceTopologyRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*DescribeInstanceTopologyOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + const opDescribeInstanceTypeOfferings = "DescribeInstanceTypeOfferings" // DescribeInstanceTypeOfferingsRequest generates a "aws/request.Request" representing the @@ -22651,6 +23751,10 @@ func (c *EC2) DescribeInstancesRequest(input *DescribeInstancesInput) (req *requ // If you describe instances and specify only instance IDs that are in an unaffected // zone, the call works normally. // +// The order of the elements in the response, including those within nested +// structures, might vary. Applications should not assume the elements appear +// in a particular order. +// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -22860,6 +23964,82 @@ func (c *EC2) DescribeInternetGatewaysPagesWithContext(ctx aws.Context, input *D return p.Err() } +const opDescribeIpamByoasn = "DescribeIpamByoasn" + +// DescribeIpamByoasnRequest generates a "aws/request.Request" representing the +// client's request for the DescribeIpamByoasn operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DescribeIpamByoasn for more information on using the DescribeIpamByoasn +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the DescribeIpamByoasnRequest method. +// req, resp := client.DescribeIpamByoasnRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DescribeIpamByoasn +func (c *EC2) DescribeIpamByoasnRequest(input *DescribeIpamByoasnInput) (req *request.Request, output *DescribeIpamByoasnOutput) { + op := &request.Operation{ + Name: opDescribeIpamByoasn, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &DescribeIpamByoasnInput{} + } + + output = &DescribeIpamByoasnOutput{} + req = c.newRequest(op, input, output) + return +} + +// DescribeIpamByoasn API operation for Amazon Elastic Compute Cloud. +// +// Describes your Autonomous System Numbers (ASNs), their provisioning statuses, +// and the BYOIP CIDRs with which they are associated. For more information, +// see Tutorial: Bring your ASN to IPAM (https://docs.aws.amazon.com/vpc/latest/ipam/tutorials-byoasn.html) +// in the Amazon VPC IPAM guide. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation DescribeIpamByoasn for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DescribeIpamByoasn +func (c *EC2) DescribeIpamByoasn(input *DescribeIpamByoasnInput) (*DescribeIpamByoasnOutput, error) { + req, out := c.DescribeIpamByoasnRequest(input) + return out, req.Send() +} + +// DescribeIpamByoasnWithContext is the same as DescribeIpamByoasn with the addition of +// the ability to pass a context and additional request options. +// +// See DescribeIpamByoasn for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DescribeIpamByoasnWithContext(ctx aws.Context, input *DescribeIpamByoasnInput, opts ...request.Option) (*DescribeIpamByoasnOutput, error) { + req, out := c.DescribeIpamByoasnRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opDescribeIpamPools = "DescribeIpamPools" // DescribeIpamPoolsRequest generates a "aws/request.Request" representing the @@ -22990,6 +24170,270 @@ func (c *EC2) DescribeIpamPoolsPagesWithContext(ctx aws.Context, input *Describe return p.Err() } +const opDescribeIpamResourceDiscoveries = "DescribeIpamResourceDiscoveries" + +// DescribeIpamResourceDiscoveriesRequest generates a "aws/request.Request" representing the +// client's request for the DescribeIpamResourceDiscoveries operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DescribeIpamResourceDiscoveries for more information on using the DescribeIpamResourceDiscoveries +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the DescribeIpamResourceDiscoveriesRequest method. +// req, resp := client.DescribeIpamResourceDiscoveriesRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DescribeIpamResourceDiscoveries +func (c *EC2) DescribeIpamResourceDiscoveriesRequest(input *DescribeIpamResourceDiscoveriesInput) (req *request.Request, output *DescribeIpamResourceDiscoveriesOutput) { + op := &request.Operation{ + Name: opDescribeIpamResourceDiscoveries, + HTTPMethod: "POST", + HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "MaxResults", + TruncationToken: "", + }, + } + + if input == nil { + input = &DescribeIpamResourceDiscoveriesInput{} + } + + output = &DescribeIpamResourceDiscoveriesOutput{} + req = c.newRequest(op, input, output) + return +} + +// DescribeIpamResourceDiscoveries API operation for Amazon Elastic Compute Cloud. +// +// Describes IPAM resource discoveries. A resource discovery is an IPAM component +// that enables IPAM to manage and monitor resources that belong to the owning +// account. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation DescribeIpamResourceDiscoveries for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DescribeIpamResourceDiscoveries +func (c *EC2) DescribeIpamResourceDiscoveries(input *DescribeIpamResourceDiscoveriesInput) (*DescribeIpamResourceDiscoveriesOutput, error) { + req, out := c.DescribeIpamResourceDiscoveriesRequest(input) + return out, req.Send() +} + +// DescribeIpamResourceDiscoveriesWithContext is the same as DescribeIpamResourceDiscoveries with the addition of +// the ability to pass a context and additional request options. +// +// See DescribeIpamResourceDiscoveries for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DescribeIpamResourceDiscoveriesWithContext(ctx aws.Context, input *DescribeIpamResourceDiscoveriesInput, opts ...request.Option) (*DescribeIpamResourceDiscoveriesOutput, error) { + req, out := c.DescribeIpamResourceDiscoveriesRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +// DescribeIpamResourceDiscoveriesPages iterates over the pages of a DescribeIpamResourceDiscoveries operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See DescribeIpamResourceDiscoveries method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a DescribeIpamResourceDiscoveries operation. +// pageNum := 0 +// err := client.DescribeIpamResourceDiscoveriesPages(params, +// func(page *ec2.DescribeIpamResourceDiscoveriesOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +func (c *EC2) DescribeIpamResourceDiscoveriesPages(input *DescribeIpamResourceDiscoveriesInput, fn func(*DescribeIpamResourceDiscoveriesOutput, bool) bool) error { + return c.DescribeIpamResourceDiscoveriesPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// DescribeIpamResourceDiscoveriesPagesWithContext same as DescribeIpamResourceDiscoveriesPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DescribeIpamResourceDiscoveriesPagesWithContext(ctx aws.Context, input *DescribeIpamResourceDiscoveriesInput, fn func(*DescribeIpamResourceDiscoveriesOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *DescribeIpamResourceDiscoveriesInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.DescribeIpamResourceDiscoveriesRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*DescribeIpamResourceDiscoveriesOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + +const opDescribeIpamResourceDiscoveryAssociations = "DescribeIpamResourceDiscoveryAssociations" + +// DescribeIpamResourceDiscoveryAssociationsRequest generates a "aws/request.Request" representing the +// client's request for the DescribeIpamResourceDiscoveryAssociations operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DescribeIpamResourceDiscoveryAssociations for more information on using the DescribeIpamResourceDiscoveryAssociations +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the DescribeIpamResourceDiscoveryAssociationsRequest method. +// req, resp := client.DescribeIpamResourceDiscoveryAssociationsRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DescribeIpamResourceDiscoveryAssociations +func (c *EC2) DescribeIpamResourceDiscoveryAssociationsRequest(input *DescribeIpamResourceDiscoveryAssociationsInput) (req *request.Request, output *DescribeIpamResourceDiscoveryAssociationsOutput) { + op := &request.Operation{ + Name: opDescribeIpamResourceDiscoveryAssociations, + HTTPMethod: "POST", + HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "MaxResults", + TruncationToken: "", + }, + } + + if input == nil { + input = &DescribeIpamResourceDiscoveryAssociationsInput{} + } + + output = &DescribeIpamResourceDiscoveryAssociationsOutput{} + req = c.newRequest(op, input, output) + return +} + +// DescribeIpamResourceDiscoveryAssociations API operation for Amazon Elastic Compute Cloud. +// +// Describes resource discovery association with an Amazon VPC IPAM. An associated +// resource discovery is a resource discovery that has been associated with +// an IPAM.. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation DescribeIpamResourceDiscoveryAssociations for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DescribeIpamResourceDiscoveryAssociations +func (c *EC2) DescribeIpamResourceDiscoveryAssociations(input *DescribeIpamResourceDiscoveryAssociationsInput) (*DescribeIpamResourceDiscoveryAssociationsOutput, error) { + req, out := c.DescribeIpamResourceDiscoveryAssociationsRequest(input) + return out, req.Send() +} + +// DescribeIpamResourceDiscoveryAssociationsWithContext is the same as DescribeIpamResourceDiscoveryAssociations with the addition of +// the ability to pass a context and additional request options. +// +// See DescribeIpamResourceDiscoveryAssociations for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DescribeIpamResourceDiscoveryAssociationsWithContext(ctx aws.Context, input *DescribeIpamResourceDiscoveryAssociationsInput, opts ...request.Option) (*DescribeIpamResourceDiscoveryAssociationsOutput, error) { + req, out := c.DescribeIpamResourceDiscoveryAssociationsRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +// DescribeIpamResourceDiscoveryAssociationsPages iterates over the pages of a DescribeIpamResourceDiscoveryAssociations operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See DescribeIpamResourceDiscoveryAssociations method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a DescribeIpamResourceDiscoveryAssociations operation. +// pageNum := 0 +// err := client.DescribeIpamResourceDiscoveryAssociationsPages(params, +// func(page *ec2.DescribeIpamResourceDiscoveryAssociationsOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +func (c *EC2) DescribeIpamResourceDiscoveryAssociationsPages(input *DescribeIpamResourceDiscoveryAssociationsInput, fn func(*DescribeIpamResourceDiscoveryAssociationsOutput, bool) bool) error { + return c.DescribeIpamResourceDiscoveryAssociationsPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// DescribeIpamResourceDiscoveryAssociationsPagesWithContext same as DescribeIpamResourceDiscoveryAssociationsPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DescribeIpamResourceDiscoveryAssociationsPagesWithContext(ctx aws.Context, input *DescribeIpamResourceDiscoveryAssociationsInput, fn func(*DescribeIpamResourceDiscoveryAssociationsOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *DescribeIpamResourceDiscoveryAssociationsInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.DescribeIpamResourceDiscoveryAssociationsRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*DescribeIpamResourceDiscoveryAssociationsOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + const opDescribeIpamScopes = "DescribeIpamScopes" // DescribeIpamScopesRequest generates a "aws/request.Request" representing the @@ -24506,6 +25950,210 @@ func (c *EC2) DescribeLocalGatewaysPagesWithContext(ctx aws.Context, input *Desc return p.Err() } +const opDescribeLockedSnapshots = "DescribeLockedSnapshots" + +// DescribeLockedSnapshotsRequest generates a "aws/request.Request" representing the +// client's request for the DescribeLockedSnapshots operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DescribeLockedSnapshots for more information on using the DescribeLockedSnapshots +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the DescribeLockedSnapshotsRequest method. +// req, resp := client.DescribeLockedSnapshotsRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DescribeLockedSnapshots +func (c *EC2) DescribeLockedSnapshotsRequest(input *DescribeLockedSnapshotsInput) (req *request.Request, output *DescribeLockedSnapshotsOutput) { + op := &request.Operation{ + Name: opDescribeLockedSnapshots, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &DescribeLockedSnapshotsInput{} + } + + output = &DescribeLockedSnapshotsOutput{} + req = c.newRequest(op, input, output) + return +} + +// DescribeLockedSnapshots API operation for Amazon Elastic Compute Cloud. +// +// Describes the lock status for a snapshot. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation DescribeLockedSnapshots for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DescribeLockedSnapshots +func (c *EC2) DescribeLockedSnapshots(input *DescribeLockedSnapshotsInput) (*DescribeLockedSnapshotsOutput, error) { + req, out := c.DescribeLockedSnapshotsRequest(input) + return out, req.Send() +} + +// DescribeLockedSnapshotsWithContext is the same as DescribeLockedSnapshots with the addition of +// the ability to pass a context and additional request options. +// +// See DescribeLockedSnapshots for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DescribeLockedSnapshotsWithContext(ctx aws.Context, input *DescribeLockedSnapshotsInput, opts ...request.Option) (*DescribeLockedSnapshotsOutput, error) { + req, out := c.DescribeLockedSnapshotsRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opDescribeMacHosts = "DescribeMacHosts" + +// DescribeMacHostsRequest generates a "aws/request.Request" representing the +// client's request for the DescribeMacHosts operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DescribeMacHosts for more information on using the DescribeMacHosts +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the DescribeMacHostsRequest method. +// req, resp := client.DescribeMacHostsRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DescribeMacHosts +func (c *EC2) DescribeMacHostsRequest(input *DescribeMacHostsInput) (req *request.Request, output *DescribeMacHostsOutput) { + op := &request.Operation{ + Name: opDescribeMacHosts, + HTTPMethod: "POST", + HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "MaxResults", + TruncationToken: "", + }, + } + + if input == nil { + input = &DescribeMacHostsInput{} + } + + output = &DescribeMacHostsOutput{} + req = c.newRequest(op, input, output) + return +} + +// DescribeMacHosts API operation for Amazon Elastic Compute Cloud. +// +// Describes the specified EC2 Mac Dedicated Host or all of your EC2 Mac Dedicated +// Hosts. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation DescribeMacHosts for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DescribeMacHosts +func (c *EC2) DescribeMacHosts(input *DescribeMacHostsInput) (*DescribeMacHostsOutput, error) { + req, out := c.DescribeMacHostsRequest(input) + return out, req.Send() +} + +// DescribeMacHostsWithContext is the same as DescribeMacHosts with the addition of +// the ability to pass a context and additional request options. +// +// See DescribeMacHosts for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DescribeMacHostsWithContext(ctx aws.Context, input *DescribeMacHostsInput, opts ...request.Option) (*DescribeMacHostsOutput, error) { + req, out := c.DescribeMacHostsRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +// DescribeMacHostsPages iterates over the pages of a DescribeMacHosts operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See DescribeMacHosts method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a DescribeMacHosts operation. +// pageNum := 0 +// err := client.DescribeMacHostsPages(params, +// func(page *ec2.DescribeMacHostsOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +func (c *EC2) DescribeMacHostsPages(input *DescribeMacHostsInput, fn func(*DescribeMacHostsOutput, bool) bool) error { + return c.DescribeMacHostsPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// DescribeMacHostsPagesWithContext same as DescribeMacHostsPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DescribeMacHostsPagesWithContext(ctx aws.Context, input *DescribeMacHostsInput, fn func(*DescribeMacHostsOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *DescribeMacHostsInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.DescribeMacHostsRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*DescribeMacHostsOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + const opDescribeManagedPrefixLists = "DescribeManagedPrefixLists" // DescribeManagedPrefixListsRequest generates a "aws/request.Request" representing the @@ -24688,9 +26336,11 @@ func (c *EC2) DescribeMovingAddressesRequest(input *DescribeMovingAddressesInput // DescribeMovingAddresses API operation for Amazon Elastic Compute Cloud. // -// Describes your Elastic IP addresses that are being moved to the EC2-VPC platform, -// or that are being restored to the EC2-Classic platform. This request does -// not return information about any other Elastic IP addresses in your account. +// This action is deprecated. +// +// Describes your Elastic IP addresses that are being moved from or being restored +// to the EC2-Classic platform. This request does not return information about +// any other Elastic IP addresses in your account. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -24952,8 +26602,8 @@ func (c *EC2) DescribeNetworkAclsRequest(input *DescribeNetworkAclsInput) (req * // // Describes one or more of your network ACLs. // -// For more information, see Network ACLs (https://docs.aws.amazon.com/vpc/latest/userguide/VPC_ACLs.html) -// in the Amazon Virtual Private Cloud User Guide. +// For more information, see Network ACLs (https://docs.aws.amazon.com/vpc/latest/userguide/vpc-network-acls.html) +// in the Amazon VPC User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -25809,6 +27459,10 @@ func (c *EC2) DescribeNetworkInterfacesRequest(input *DescribeNetworkInterfacesI // // Describes one or more of your network interfaces. // +// If you have a large number of network interfaces, the operation fails unless +// you use pagination or one of the following filters: group-id, mac-address, +// private-dns-name, private-ip-address, private-dns-name, subnet-id, or vpc-id. +// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -26423,6 +28077,10 @@ func (c *EC2) DescribeRegionsRequest(input *DescribeRegionsInput) (req *request. // Managing Amazon Web Services Regions (https://docs.aws.amazon.com/general/latest/gr/rande-manage.html) // in the Amazon Web Services General Reference. // +// The order of the elements in the response, including those within nested +// structures, might vary. Applications should not assume the elements appear +// in a particular order. +// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -26631,6 +28289,10 @@ func (c *EC2) DescribeReservedInstancesRequest(input *DescribeReservedInstancesI // For more information about Reserved Instances, see Reserved Instances (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/concepts-on-demand-reserved-instances.html) // in the Amazon EC2 User Guide. // +// The order of the elements in the response, including those within nested +// structures, might vary. Applications should not assume the elements appear +// in a particular order. +// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -26725,6 +28387,10 @@ func (c *EC2) DescribeReservedInstancesListingsRequest(input *DescribeReservedIn // For more information, see Reserved Instance Marketplace (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ri-market-general.html) // in the Amazon EC2 User Guide. // +// The order of the elements in the response, including those within nested +// structures, might vary. Applications should not assume the elements appear +// in a particular order. +// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -26810,6 +28476,10 @@ func (c *EC2) DescribeReservedInstancesModificationsRequest(input *DescribeReser // For more information, see Modifying Reserved Instances (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ri-modifying.html) // in the Amazon EC2 User Guide. // +// The order of the elements in the response, including those within nested +// structures, might vary. Applications should not assume the elements appear +// in a particular order. +// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -26951,6 +28621,10 @@ func (c *EC2) DescribeReservedInstancesOfferingsRequest(input *DescribeReservedI // For more information, see Reserved Instance Marketplace (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ri-market-general.html) // in the Amazon EC2 User Guide. // +// The order of the elements in the response, including those within nested +// structures, might vary. Applications should not assume the elements appear +// in a particular order. +// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -27087,7 +28761,7 @@ func (c *EC2) DescribeRouteTablesRequest(input *DescribeRouteTablesInput) (req * // implicit associations. // // For more information, see Route tables (https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Route_Tables.html) -// in the Amazon Virtual Private Cloud User Guide. +// in the Amazon VPC User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -27479,8 +29153,8 @@ func (c *EC2) DescribeSecurityGroupReferencesRequest(input *DescribeSecurityGrou // DescribeSecurityGroupReferences API operation for Amazon Elastic Compute Cloud. // -// [VPC only] Describes the VPCs on the other side of a VPC peering connection -// that are referencing the security groups you've specified in this request. +// Describes the VPCs on the other side of a VPC peering connection that are +// referencing the security groups you've specified in this request. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -27691,17 +29365,6 @@ func (c *EC2) DescribeSecurityGroupsRequest(input *DescribeSecurityGroupsInput) // // Describes the specified security groups or all of your security groups. // -// A security group is for use with instances either in the EC2-Classic platform -// or in a specific VPC. For more information, see Amazon EC2 security groups -// (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-network-security.html) -// in the Amazon Elastic Compute Cloud User Guide and Security groups for your -// VPC (https://docs.aws.amazon.com/AmazonVPC/latest/UserGuide/VPC_SecurityGroups.html) -// in the Amazon Virtual Private Cloud User Guide. -// -// We are retiring EC2-Classic. We recommend that you migrate from EC2-Classic -// to a VPC. For more information, see Migrate from EC2-Classic to a VPC (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-migrate.html) -// in the Amazon Elastic Compute Cloud User Guide. -// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -27827,8 +29490,8 @@ func (c *EC2) DescribeSnapshotAttributeRequest(input *DescribeSnapshotAttributeI // Describes the specified attribute of the specified snapshot. You can specify // only one attribute at a time. // -// For more information about EBS snapshots, see Amazon EBS snapshots (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSSnapshots.html) -// in the Amazon Elastic Compute Cloud User Guide. +// For more information about EBS snapshots, see Amazon EBS snapshots (https://docs.aws.amazon.com/ebs/latest/userguide/ebs-snapshots.html) +// in the Amazon EBS User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -28078,16 +29741,13 @@ func (c *EC2) DescribeSnapshotsRequest(input *DescribeSnapshotsInput) (req *requ // own or have explicit permissions, or all for public snapshots. // // If you are describing a long list of snapshots, we recommend that you paginate -// the output to make the list more manageable. The MaxResults parameter sets -// the maximum number of results returned in a single page. If the list of results -// exceeds your MaxResults value, then that number of results is returned along -// with a NextToken value that can be passed to a subsequent DescribeSnapshots -// request to retrieve the remaining results. +// the output to make the list more manageable. For more information, see Pagination +// (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination). // // To get the state of fast snapshot restores for a snapshot, use DescribeFastSnapshotRestores. // -// For more information about EBS snapshots, see Amazon EBS snapshots (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSSnapshots.html) -// in the Amazon Elastic Compute Cloud User Guide. +// For more information about EBS snapshots, see Amazon EBS snapshots (https://docs.aws.amazon.com/ebs/latest/userguide/ebs-snapshots.html) +// in the Amazon EBS User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -28588,11 +30248,11 @@ func (c *EC2) DescribeSpotInstanceRequestsRequest(input *DescribeSpotInstanceReq // with a filter to look for instances where the instance lifecycle is spot. // // We recommend that you set MaxResults to a value between 5 and 1000 to limit -// the number of results returned. This paginates the output, which makes the -// list more manageable and returns the results faster. If the list of results -// exceeds your MaxResults value, then that number of results is returned along -// with a NextToken value that can be passed to a subsequent DescribeSpotInstanceRequests -// request to retrieve the remaining results. +// the number of items returned. This paginates the output, which makes the +// list more manageable and returns the items faster. If the list of items exceeds +// your MaxResults value, then that number of items is returned along with a +// NextToken value that can be passed to a subsequent DescribeSpotInstanceRequests +// request to retrieve the remaining items. // // Spot Instance requests are deleted four hours after they are canceled and // their instances are terminated. @@ -28862,10 +30522,10 @@ func (c *EC2) DescribeStaleSecurityGroupsRequest(input *DescribeStaleSecurityGro // DescribeStaleSecurityGroups API operation for Amazon Elastic Compute Cloud. // -// [VPC only] Describes the stale security group rules for security groups in -// a specified VPC. Rules are stale when they reference a deleted security group -// in the same VPC or in a peer VPC, or if they reference a security group in -// a peer VPC for which the VPC peering connection has been deleted. +// Describes the stale security group rules for security groups in a specified +// VPC. Rules are stale when they reference a deleted security group in the +// same VPC or peered VPC. Rules can also be stale if they reference a security +// group in a peer VPC for which the VPC peering connection has been deleted. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -29143,8 +30803,8 @@ func (c *EC2) DescribeSubnetsRequest(input *DescribeSubnetsInput) (req *request. // // Describes one or more of your subnets. // -// For more information, see Your VPC and subnets (https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Subnets.html) -// in the Amazon Virtual Private Cloud User Guide. +// For more information, see Subnets (https://docs.aws.amazon.com/vpc/latest/userguide/configure-subnets.html) +// in the Amazon VPC User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -29279,6 +30939,10 @@ func (c *EC2) DescribeTagsRequest(input *DescribeTagsInput) (req *request.Reques // For more information about tags, see Tag your Amazon EC2 resources (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html) // in the Amazon Elastic Compute Cloud User Guide. // +// The order of the elements in the response, including those within nested +// structures, might vary. Applications should not assume the elements appear +// in a particular order. +// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -31104,9 +32768,6 @@ func (c *EC2) DescribeTrunkInterfaceAssociationsRequest(input *DescribeTrunkInte // DescribeTrunkInterfaceAssociations API operation for Amazon Elastic Compute Cloud. // -// This API action is currently in limited preview only. If you are interested -// in using this feature, contact your account manager. -// // Describes one or more network interface trunk associations. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -31237,7 +32898,7 @@ func (c *EC2) DescribeVerifiedAccessEndpointsRequest(input *DescribeVerifiedAcce // DescribeVerifiedAccessEndpoints API operation for Amazon Elastic Compute Cloud. // -// Describe Amazon Web Services Verified Access endpoints. +// Describes the specified Amazon Web Services Verified Access endpoints. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -31367,7 +33028,7 @@ func (c *EC2) DescribeVerifiedAccessGroupsRequest(input *DescribeVerifiedAccessG // DescribeVerifiedAccessGroups API operation for Amazon Elastic Compute Cloud. // -// Describe details of existing Verified Access groups. +// Describes the specified Verified Access groups. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -31497,8 +33158,7 @@ func (c *EC2) DescribeVerifiedAccessInstanceLoggingConfigurationsRequest(input * // DescribeVerifiedAccessInstanceLoggingConfigurations API operation for Amazon Elastic Compute Cloud. // -// Describes the current logging configuration for the Amazon Web Services Verified -// Access instances. +// Describes the specified Amazon Web Services Verified Access instances. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -31628,7 +33288,7 @@ func (c *EC2) DescribeVerifiedAccessInstancesRequest(input *DescribeVerifiedAcce // DescribeVerifiedAccessInstances API operation for Amazon Elastic Compute Cloud. // -// Describe Verified Access instances. +// Describes the specified Amazon Web Services Verified Access instances. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -31758,7 +33418,7 @@ func (c *EC2) DescribeVerifiedAccessTrustProvidersRequest(input *DescribeVerifie // DescribeVerifiedAccessTrustProviders API operation for Amazon Elastic Compute Cloud. // -// Describe details of existing Verified Access trust providers. +// Describes the specified Amazon Web Services Verified Access trust providers. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -31885,8 +33545,8 @@ func (c *EC2) DescribeVolumeAttributeRequest(input *DescribeVolumeAttributeInput // Describes the specified attribute of the specified volume. You can specify // only one attribute at a time. // -// For more information about EBS volumes, see Amazon EBS volumes (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumes.html) -// in the Amazon Elastic Compute Cloud User Guide. +// For more information about EBS volumes, see Amazon EBS volumes (https://docs.aws.amazon.com/ebs/latest/userguide/ebs-volumes.html) +// in the Amazon EBS User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -31983,8 +33643,8 @@ func (c *EC2) DescribeVolumeStatusRequest(input *DescribeVolumeStatusInput) (req // If the status is insufficient-data, then the checks might still be taking // place on your volume at the time. We recommend that you retry the request. // For more information about volume status, see Monitor the status of your -// volumes (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/monitoring-volume-status.html) -// in the Amazon Elastic Compute Cloud User Guide. +// volumes (https://docs.aws.amazon.com/ebs/latest/userguide/monitoring-volume-status.html) +// in the Amazon EBS User Guide. // // Events: Reflect the cause of a volume status and might require you to take // action. For example, if your volume returns an impaired status, then the @@ -32002,6 +33662,10 @@ func (c *EC2) DescribeVolumeStatusRequest(input *DescribeVolumeStatusInput) (req // the volume state. Therefore, volume status does not indicate volumes in the // error state (for example, when a volume is incapable of accepting I/O.) // +// The order of the elements in the response, including those within nested +// structures, might vary. Applications should not assume the elements appear +// in a particular order. +// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -32133,14 +33797,15 @@ func (c *EC2) DescribeVolumesRequest(input *DescribeVolumesInput) (req *request. // Describes the specified EBS volumes or all of your EBS volumes. // // If you are describing a long list of volumes, we recommend that you paginate -// the output to make the list more manageable. The MaxResults parameter sets -// the maximum number of results returned in a single page. If the list of results -// exceeds your MaxResults value, then that number of results is returned along -// with a NextToken value that can be passed to a subsequent DescribeVolumes -// request to retrieve the remaining results. +// the output to make the list more manageable. For more information, see Pagination +// (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination). // -// For more information about EBS volumes, see Amazon EBS volumes (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumes.html) -// in the Amazon Elastic Compute Cloud User Guide. +// For more information about EBS volumes, see Amazon EBS volumes (https://docs.aws.amazon.com/ebs/latest/userguide/ebs-volumes.html) +// in the Amazon EBS User Guide. +// +// The order of the elements in the response, including those within nested +// structures, might vary. Applications should not assume the elements appear +// in a particular order. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -32280,8 +33945,8 @@ func (c *EC2) DescribeVolumesModificationsRequest(input *DescribeVolumesModifica // You can also use CloudWatch Events to check the status of a modification // to an EBS volume. For information about CloudWatch Events, see the Amazon // CloudWatch Events User Guide (https://docs.aws.amazon.com/AmazonCloudWatch/latest/events/). -// For more information, see Monitor the progress of volume modifications (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/monitoring-volume-modifications.html) -// in the Amazon Elastic Compute Cloud User Guide. +// For more information, see Monitor the progress of volume modifications (https://docs.aws.amazon.com/ebs/latest/userguide/monitoring-volume-modifications.html) +// in the Amazon EBS User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -32479,11 +34144,9 @@ func (c *EC2) DescribeVpcClassicLinkRequest(input *DescribeVpcClassicLinkInput) // DescribeVpcClassicLink API operation for Amazon Elastic Compute Cloud. // -// Describes the ClassicLink status of one or more VPCs. +// This action is deprecated. // -// We are retiring EC2-Classic. We recommend that you migrate from EC2-Classic -// to a VPC. For more information, see Migrate from EC2-Classic to a VPC (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-migrate.html) -// in the Amazon Elastic Compute Cloud User Guide. +// Describes the ClassicLink status of the specified VPCs. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -32562,17 +34225,13 @@ func (c *EC2) DescribeVpcClassicLinkDnsSupportRequest(input *DescribeVpcClassicL // DescribeVpcClassicLinkDnsSupport API operation for Amazon Elastic Compute Cloud. // -// We are retiring EC2-Classic. We recommend that you migrate from EC2-Classic -// to a VPC. For more information, see Migrate from EC2-Classic to a VPC (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-migrate.html) -// in the Amazon Elastic Compute Cloud User Guide. +// This action is deprecated. // // Describes the ClassicLink DNS support status of one or more VPCs. If enabled, // the DNS hostname of a linked EC2-Classic instance resolves to its private // IP address when addressed from an instance in the VPC to which it's linked. // Similarly, the DNS hostname of an instance in a VPC resolves to its private -// IP address when addressed from a linked EC2-Classic instance. For more information, -// see ClassicLink (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-classiclink.html) -// in the Amazon Elastic Compute Cloud User Guide. +// IP address when addressed from a linked EC2-Classic instance. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -33305,7 +34964,7 @@ func (c *EC2) DescribeVpcEndpointsRequest(input *DescribeVpcEndpointsInput) (req // DescribeVpcEndpoints API operation for Amazon Elastic Compute Cloud. // -// Describes one or more of your VPC endpoints. +// Describes your VPC endpoints. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -33841,9 +35500,7 @@ func (c *EC2) DetachClassicLinkVpcRequest(input *DetachClassicLinkVpcInput) (req // DetachClassicLinkVpc API operation for Amazon Elastic Compute Cloud. // -// We are retiring EC2-Classic. We recommend that you migrate from EC2-Classic -// to a VPC. For more information, see Migrate from EC2-Classic to a VPC (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-migrate.html) -// in the Amazon Elastic Compute Cloud User Guide. +// This action is deprecated. // // Unlinks (detaches) a linked EC2-Classic instance from a VPC. After the instance // has been unlinked, the VPC security groups are no longer associated with @@ -34070,7 +35727,8 @@ func (c *EC2) DetachVerifiedAccessTrustProviderRequest(input *DetachVerifiedAcce // DetachVerifiedAccessTrustProvider API operation for Amazon Elastic Compute Cloud. // -// Detach a trust provider from an Amazon Web Services Verified Access instance. +// Detaches the specified Amazon Web Services Verified Access trust provider +// from the specified Amazon Web Services Verified Access instance. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -34155,8 +35813,12 @@ func (c *EC2) DetachVolumeRequest(input *DetachVolumeInput) (req *request.Reques // When a volume with an Amazon Web Services Marketplace product code is detached // from an instance, the product code is no longer associated with the instance. // -// For more information, see Detach an Amazon EBS volume (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-detaching-volume.html) -// in the Amazon Elastic Compute Cloud User Guide. +// You can't detach or force detach volumes that are attached to Amazon ECS +// or Fargate tasks. Attempting to do this results in the UnsupportedOperationException +// exception with the Unable to detach volume attached to ECS tasks error message. +// +// For more information, see Detach an Amazon EBS volume (https://docs.aws.amazon.com/ebs/latest/userguide/ebs-detaching-volume.html) +// in the Amazon EBS User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -34466,8 +36128,8 @@ func (c *EC2) DisableEbsEncryptionByDefaultRequest(input *DisableEbsEncryptionBy // Disabling encryption by default does not change the encryption status of // your existing volumes. // -// For more information, see Amazon EBS encryption (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html) -// in the Amazon Elastic Compute Cloud User Guide. +// For more information, see Amazon EBS encryption (https://docs.aws.amazon.com/ebs/latest/userguide/ebs-encryption.html) +// in the Amazon EBS User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -34540,12 +36202,13 @@ func (c *EC2) DisableFastLaunchRequest(input *DisableFastLaunchInput) (req *requ // DisableFastLaunch API operation for Amazon Elastic Compute Cloud. // -// Discontinue faster launching for a Windows AMI, and clean up existing pre-provisioned -// snapshots. When you disable faster launching, the AMI uses the standard launch -// process for each instance. All pre-provisioned snapshots must be removed -// before you can enable faster launching again. +// Discontinue Windows fast launch for a Windows AMI, and clean up existing +// pre-provisioned snapshots. After you disable Windows fast launch, the AMI +// uses the standard launch process for each new instance. Amazon EC2 must remove +// all pre-provisioned snapshots before you can enable Windows fast launch again. // -// To change these settings, you must own the AMI. +// You can only change these settings for Windows AMIs that you own or that +// have been shared with you. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -34649,6 +36312,178 @@ func (c *EC2) DisableFastSnapshotRestoresWithContext(ctx aws.Context, input *Dis return out, req.Send() } +const opDisableImage = "DisableImage" + +// DisableImageRequest generates a "aws/request.Request" representing the +// client's request for the DisableImage operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DisableImage for more information on using the DisableImage +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the DisableImageRequest method. +// req, resp := client.DisableImageRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DisableImage +func (c *EC2) DisableImageRequest(input *DisableImageInput) (req *request.Request, output *DisableImageOutput) { + op := &request.Operation{ + Name: opDisableImage, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &DisableImageInput{} + } + + output = &DisableImageOutput{} + req = c.newRequest(op, input, output) + return +} + +// DisableImage API operation for Amazon Elastic Compute Cloud. +// +// Sets the AMI state to disabled and removes all launch permissions from the +// AMI. A disabled AMI can't be used for instance launches. +// +// A disabled AMI can't be shared. If an AMI was public or previously shared, +// it is made private. If an AMI was shared with an Amazon Web Services account, +// organization, or Organizational Unit, they lose access to the disabled AMI. +// +// A disabled AMI does not appear in DescribeImages (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeImages.html) +// API calls by default. +// +// Only the AMI owner can disable an AMI. +// +// You can re-enable a disabled AMI using EnableImage (http://amazonaws.com/AWSEC2/latest/APIReference/API_EnableImage.html). +// +// For more information, see Disable an AMI (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/disable-an-ami.html) +// in the Amazon EC2 User Guide. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation DisableImage for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DisableImage +func (c *EC2) DisableImage(input *DisableImageInput) (*DisableImageOutput, error) { + req, out := c.DisableImageRequest(input) + return out, req.Send() +} + +// DisableImageWithContext is the same as DisableImage with the addition of +// the ability to pass a context and additional request options. +// +// See DisableImage for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DisableImageWithContext(ctx aws.Context, input *DisableImageInput, opts ...request.Option) (*DisableImageOutput, error) { + req, out := c.DisableImageRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opDisableImageBlockPublicAccess = "DisableImageBlockPublicAccess" + +// DisableImageBlockPublicAccessRequest generates a "aws/request.Request" representing the +// client's request for the DisableImageBlockPublicAccess operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DisableImageBlockPublicAccess for more information on using the DisableImageBlockPublicAccess +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the DisableImageBlockPublicAccessRequest method. +// req, resp := client.DisableImageBlockPublicAccessRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DisableImageBlockPublicAccess +func (c *EC2) DisableImageBlockPublicAccessRequest(input *DisableImageBlockPublicAccessInput) (req *request.Request, output *DisableImageBlockPublicAccessOutput) { + op := &request.Operation{ + Name: opDisableImageBlockPublicAccess, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &DisableImageBlockPublicAccessInput{} + } + + output = &DisableImageBlockPublicAccessOutput{} + req = c.newRequest(op, input, output) + return +} + +// DisableImageBlockPublicAccess API operation for Amazon Elastic Compute Cloud. +// +// Disables block public access for AMIs at the account level in the specified +// Amazon Web Services Region. This removes the block public access restriction +// from your account. With the restriction removed, you can publicly share your +// AMIs in the specified Amazon Web Services Region. +// +// The API can take up to 10 minutes to configure this setting. During this +// time, if you run GetImageBlockPublicAccessState (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetImageBlockPublicAccessState.html), +// the response will be block-new-sharing. When the API has completed the configuration, +// the response will be unblocked. +// +// For more information, see Block public access to your AMIs (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/sharingamis-intro.html#block-public-access-to-amis) +// in the Amazon EC2 User Guide. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation DisableImageBlockPublicAccess for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DisableImageBlockPublicAccess +func (c *EC2) DisableImageBlockPublicAccess(input *DisableImageBlockPublicAccessInput) (*DisableImageBlockPublicAccessOutput, error) { + req, out := c.DisableImageBlockPublicAccessRequest(input) + return out, req.Send() +} + +// DisableImageBlockPublicAccessWithContext is the same as DisableImageBlockPublicAccess with the addition of +// the ability to pass a context and additional request options. +// +// See DisableImageBlockPublicAccess for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DisableImageBlockPublicAccessWithContext(ctx aws.Context, input *DisableImageBlockPublicAccessInput, opts ...request.Option) (*DisableImageBlockPublicAccessOutput, error) { + req, out := c.DisableImageBlockPublicAccessRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opDisableImageDeprecation = "DisableImageDeprecation" // DisableImageDeprecationRequest generates a "aws/request.Request" representing the @@ -34877,6 +36712,89 @@ func (c *EC2) DisableSerialConsoleAccessWithContext(ctx aws.Context, input *Disa return out, req.Send() } +const opDisableSnapshotBlockPublicAccess = "DisableSnapshotBlockPublicAccess" + +// DisableSnapshotBlockPublicAccessRequest generates a "aws/request.Request" representing the +// client's request for the DisableSnapshotBlockPublicAccess operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DisableSnapshotBlockPublicAccess for more information on using the DisableSnapshotBlockPublicAccess +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the DisableSnapshotBlockPublicAccessRequest method. +// req, resp := client.DisableSnapshotBlockPublicAccessRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DisableSnapshotBlockPublicAccess +func (c *EC2) DisableSnapshotBlockPublicAccessRequest(input *DisableSnapshotBlockPublicAccessInput) (req *request.Request, output *DisableSnapshotBlockPublicAccessOutput) { + op := &request.Operation{ + Name: opDisableSnapshotBlockPublicAccess, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &DisableSnapshotBlockPublicAccessInput{} + } + + output = &DisableSnapshotBlockPublicAccessOutput{} + req = c.newRequest(op, input, output) + return +} + +// DisableSnapshotBlockPublicAccess API operation for Amazon Elastic Compute Cloud. +// +// Disables the block public access for snapshots setting at the account level +// for the specified Amazon Web Services Region. After you disable block public +// access for snapshots in a Region, users can publicly share snapshots in that +// Region. +// +// If block public access is enabled in block-all-sharing mode, and you disable +// block public access, all snapshots that were previously publicly shared are +// no longer treated as private and they become publicly accessible again. +// +// For more information, see Block public access for snapshots (https://docs.aws.amazon.com/ebs/latest/userguide/block-public-access-snapshots.html) +// in the Amazon EBS User Guide . +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation DisableSnapshotBlockPublicAccess for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DisableSnapshotBlockPublicAccess +func (c *EC2) DisableSnapshotBlockPublicAccess(input *DisableSnapshotBlockPublicAccessInput) (*DisableSnapshotBlockPublicAccessOutput, error) { + req, out := c.DisableSnapshotBlockPublicAccessRequest(input) + return out, req.Send() +} + +// DisableSnapshotBlockPublicAccessWithContext is the same as DisableSnapshotBlockPublicAccess with the addition of +// the ability to pass a context and additional request options. +// +// See DisableSnapshotBlockPublicAccess for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DisableSnapshotBlockPublicAccessWithContext(ctx aws.Context, input *DisableSnapshotBlockPublicAccessInput, opts ...request.Option) (*DisableSnapshotBlockPublicAccessOutput, error) { + req, out := c.DisableSnapshotBlockPublicAccessRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opDisableTransitGatewayRouteTablePropagation = "DisableTransitGatewayRouteTablePropagation" // DisableTransitGatewayRouteTablePropagationRequest generates a "aws/request.Request" representing the @@ -35069,13 +36987,11 @@ func (c *EC2) DisableVpcClassicLinkRequest(input *DisableVpcClassicLinkInput) (r // DisableVpcClassicLink API operation for Amazon Elastic Compute Cloud. // +// This action is deprecated. +// // Disables ClassicLink for a VPC. You cannot disable ClassicLink for a VPC // that has EC2-Classic instances linked to it. // -// We are retiring EC2-Classic. We recommend that you migrate from EC2-Classic -// to a VPC. For more information, see Migrate from EC2-Classic to a VPC (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-migrate.html) -// in the Amazon Elastic Compute Cloud User Guide. -// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -35147,18 +37063,14 @@ func (c *EC2) DisableVpcClassicLinkDnsSupportRequest(input *DisableVpcClassicLin // DisableVpcClassicLinkDnsSupport API operation for Amazon Elastic Compute Cloud. // +// This action is deprecated. +// // Disables ClassicLink DNS support for a VPC. If disabled, DNS hostnames resolve // to public IP addresses when addressed between a linked EC2-Classic instance -// and instances in the VPC to which it's linked. For more information, see -// ClassicLink (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-classiclink.html) -// in the Amazon Elastic Compute Cloud User Guide. +// and instances in the VPC to which it's linked. // // You must specify a VPC ID in the request. // -// We are retiring EC2-Classic. We recommend that you migrate from EC2-Classic -// to a VPC. For more information, see Migrate from EC2-Classic to a VPC (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-migrate.html) -// in the Amazon Elastic Compute Cloud User Guide. -// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -35234,14 +37146,6 @@ func (c *EC2) DisassociateAddressRequest(input *DisassociateAddressInput) (req * // Disassociates an Elastic IP address from the instance or network interface // it's associated with. // -// An Elastic IP address is for use in either the EC2-Classic platform or in -// a VPC. For more information, see Elastic IP Addresses (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/elastic-ip-addresses-eip.html) -// in the Amazon Elastic Compute Cloud User Guide. -// -// We are retiring EC2-Classic. We recommend that you migrate from EC2-Classic -// to a VPC. For more information, see Migrate from EC2-Classic to a VPC (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-migrate.html) -// in the Amazon Elastic Compute Cloud User Guide. -// // This is an idempotent operation. If you perform the operation more than once, // Amazon EC2 doesn't return an error. // @@ -35585,6 +37489,244 @@ func (c *EC2) DisassociateInstanceEventWindowWithContext(ctx aws.Context, input return out, req.Send() } +const opDisassociateIpamByoasn = "DisassociateIpamByoasn" + +// DisassociateIpamByoasnRequest generates a "aws/request.Request" representing the +// client's request for the DisassociateIpamByoasn operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DisassociateIpamByoasn for more information on using the DisassociateIpamByoasn +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the DisassociateIpamByoasnRequest method. +// req, resp := client.DisassociateIpamByoasnRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DisassociateIpamByoasn +func (c *EC2) DisassociateIpamByoasnRequest(input *DisassociateIpamByoasnInput) (req *request.Request, output *DisassociateIpamByoasnOutput) { + op := &request.Operation{ + Name: opDisassociateIpamByoasn, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &DisassociateIpamByoasnInput{} + } + + output = &DisassociateIpamByoasnOutput{} + req = c.newRequest(op, input, output) + return +} + +// DisassociateIpamByoasn API operation for Amazon Elastic Compute Cloud. +// +// Remove the association between your Autonomous System Number (ASN) and your +// BYOIP CIDR. You may want to use this action to disassociate an ASN from a +// CIDR or if you want to swap ASNs. For more information, see Tutorial: Bring +// your ASN to IPAM (https://docs.aws.amazon.com/vpc/latest/ipam/tutorials-byoasn.html) +// in the Amazon VPC IPAM guide. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation DisassociateIpamByoasn for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DisassociateIpamByoasn +func (c *EC2) DisassociateIpamByoasn(input *DisassociateIpamByoasnInput) (*DisassociateIpamByoasnOutput, error) { + req, out := c.DisassociateIpamByoasnRequest(input) + return out, req.Send() +} + +// DisassociateIpamByoasnWithContext is the same as DisassociateIpamByoasn with the addition of +// the ability to pass a context and additional request options. +// +// See DisassociateIpamByoasn for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DisassociateIpamByoasnWithContext(ctx aws.Context, input *DisassociateIpamByoasnInput, opts ...request.Option) (*DisassociateIpamByoasnOutput, error) { + req, out := c.DisassociateIpamByoasnRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opDisassociateIpamResourceDiscovery = "DisassociateIpamResourceDiscovery" + +// DisassociateIpamResourceDiscoveryRequest generates a "aws/request.Request" representing the +// client's request for the DisassociateIpamResourceDiscovery operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DisassociateIpamResourceDiscovery for more information on using the DisassociateIpamResourceDiscovery +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the DisassociateIpamResourceDiscoveryRequest method. +// req, resp := client.DisassociateIpamResourceDiscoveryRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DisassociateIpamResourceDiscovery +func (c *EC2) DisassociateIpamResourceDiscoveryRequest(input *DisassociateIpamResourceDiscoveryInput) (req *request.Request, output *DisassociateIpamResourceDiscoveryOutput) { + op := &request.Operation{ + Name: opDisassociateIpamResourceDiscovery, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &DisassociateIpamResourceDiscoveryInput{} + } + + output = &DisassociateIpamResourceDiscoveryOutput{} + req = c.newRequest(op, input, output) + return +} + +// DisassociateIpamResourceDiscovery API operation for Amazon Elastic Compute Cloud. +// +// Disassociates a resource discovery from an Amazon VPC IPAM. A resource discovery +// is an IPAM component that enables IPAM to manage and monitor resources that +// belong to the owning account. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation DisassociateIpamResourceDiscovery for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DisassociateIpamResourceDiscovery +func (c *EC2) DisassociateIpamResourceDiscovery(input *DisassociateIpamResourceDiscoveryInput) (*DisassociateIpamResourceDiscoveryOutput, error) { + req, out := c.DisassociateIpamResourceDiscoveryRequest(input) + return out, req.Send() +} + +// DisassociateIpamResourceDiscoveryWithContext is the same as DisassociateIpamResourceDiscovery with the addition of +// the ability to pass a context and additional request options. +// +// See DisassociateIpamResourceDiscovery for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DisassociateIpamResourceDiscoveryWithContext(ctx aws.Context, input *DisassociateIpamResourceDiscoveryInput, opts ...request.Option) (*DisassociateIpamResourceDiscoveryOutput, error) { + req, out := c.DisassociateIpamResourceDiscoveryRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opDisassociateNatGatewayAddress = "DisassociateNatGatewayAddress" + +// DisassociateNatGatewayAddressRequest generates a "aws/request.Request" representing the +// client's request for the DisassociateNatGatewayAddress operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See DisassociateNatGatewayAddress for more information on using the DisassociateNatGatewayAddress +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the DisassociateNatGatewayAddressRequest method. +// req, resp := client.DisassociateNatGatewayAddressRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DisassociateNatGatewayAddress +func (c *EC2) DisassociateNatGatewayAddressRequest(input *DisassociateNatGatewayAddressInput) (req *request.Request, output *DisassociateNatGatewayAddressOutput) { + op := &request.Operation{ + Name: opDisassociateNatGatewayAddress, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &DisassociateNatGatewayAddressInput{} + } + + output = &DisassociateNatGatewayAddressOutput{} + req = c.newRequest(op, input, output) + return +} + +// DisassociateNatGatewayAddress API operation for Amazon Elastic Compute Cloud. +// +// Disassociates secondary Elastic IP addresses (EIPs) from a public NAT gateway. +// You cannot disassociate your primary EIP. For more information, see Edit +// secondary IP address associations (https://docs.aws.amazon.com/vpc/latest/userguide/vpc-nat-gateway.html#nat-gateway-edit-secondary) +// in the Amazon VPC User Guide. +// +// While disassociating is in progress, you cannot associate/disassociate additional +// EIPs while the connections are being drained. You are, however, allowed to +// delete the NAT gateway. +// +// An EIP is released only at the end of MaxDrainDurationSeconds. It stays associated +// and supports the existing connections but does not support any new connections +// (new connections are distributed across the remaining associated EIPs). As +// the existing connections drain out, the EIPs (and the corresponding private +// IP addresses mapped to them) are released. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation DisassociateNatGatewayAddress for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/DisassociateNatGatewayAddress +func (c *EC2) DisassociateNatGatewayAddress(input *DisassociateNatGatewayAddressInput) (*DisassociateNatGatewayAddressOutput, error) { + req, out := c.DisassociateNatGatewayAddressRequest(input) + return out, req.Send() +} + +// DisassociateNatGatewayAddressWithContext is the same as DisassociateNatGatewayAddress with the addition of +// the ability to pass a context and additional request options. +// +// See DisassociateNatGatewayAddress for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) DisassociateNatGatewayAddressWithContext(ctx aws.Context, input *DisassociateNatGatewayAddressInput, opts ...request.Option) (*DisassociateNatGatewayAddressOutput, error) { + req, out := c.DisassociateNatGatewayAddressRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opDisassociateRouteTable = "DisassociateRouteTable" // DisassociateRouteTableRequest generates a "aws/request.Request" representing the @@ -35634,7 +37776,7 @@ func (c *EC2) DisassociateRouteTableRequest(input *DisassociateRouteTableInput) // After you perform this action, the subnet no longer uses the routes in the // route table. Instead, it uses the routes in the VPC's main route table. For // more information about route tables, see Route tables (https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Route_Tables.html) -// in the Amazon Virtual Private Cloud User Guide. +// in the Amazon VPC User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -36001,9 +38143,6 @@ func (c *EC2) DisassociateTrunkInterfaceRequest(input *DisassociateTrunkInterfac // DisassociateTrunkInterface API operation for Amazon Elastic Compute Cloud. // -// This API action is currently in limited preview only. If you are interested -// in using this feature, contact your account manager. -// // Removes an association between a branch network interface with a trunk network // interface. // @@ -36310,8 +38449,8 @@ func (c *EC2) EnableEbsEncryptionByDefaultRequest(input *EnableEbsEncryptionByDe // After you enable encryption by default, the EBS volumes that you create are // always encrypted, either using the default KMS key or the KMS key that you // specified when you created each volume. For more information, see Amazon -// EBS encryption (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html) -// in the Amazon Elastic Compute Cloud User Guide. +// EBS encryption (https://docs.aws.amazon.com/ebs/latest/userguide/ebs-encryption.html) +// in the Amazon EBS User Guide. // // You can specify the default KMS key for encryption by default using ModifyEbsDefaultKmsKeyId // or ResetEbsDefaultKmsKeyId. @@ -36321,7 +38460,7 @@ func (c *EC2) EnableEbsEncryptionByDefaultRequest(input *EnableEbsEncryptionByDe // // After you enable encryption by default, you can no longer launch instances // using instance types that do not support encryption. For more information, -// see Supported instance types (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html#EBSEncryption_supported_instances). +// see Supported instance types (https://docs.aws.amazon.com/ebs/latest/userguide/ebs-encryption-requirements.html#ebs-encryption_supported_instances). // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -36394,14 +38533,15 @@ func (c *EC2) EnableFastLaunchRequest(input *EnableFastLaunchInput) (req *reques // EnableFastLaunch API operation for Amazon Elastic Compute Cloud. // -// When you enable faster launching for a Windows AMI, images are pre-provisioned, +// When you enable Windows fast launch for a Windows AMI, images are pre-provisioned, // using snapshots to launch instances up to 65% faster. To create the optimized // Windows image, Amazon EC2 launches an instance and runs through Sysprep steps, // rebooting as required. Then it creates a set of reserved snapshots that are // used for subsequent launches. The reserved snapshots are automatically replenished // as they are used, depending on your settings for launch frequency. // -// To change these settings, you must own the AMI. +// You can only change these settings for Windows AMIs that you own or that +// have been shared with you. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -36481,8 +38621,8 @@ func (c *EC2) EnableFastSnapshotRestoresRequest(input *EnableFastSnapshotRestore // state. To get the current state of fast snapshot restores, use DescribeFastSnapshotRestores. // To disable fast snapshot restores, use DisableFastSnapshotRestores. // -// For more information, see Amazon EBS fast snapshot restore (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-fast-snapshot-restore.html) -// in the Amazon Elastic Compute Cloud User Guide. +// For more information, see Amazon EBS fast snapshot restore (https://docs.aws.amazon.com/ebs/latest/userguide/ebs-fast-snapshot-restore.html) +// in the Amazon EBS User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -36512,6 +38652,171 @@ func (c *EC2) EnableFastSnapshotRestoresWithContext(ctx aws.Context, input *Enab return out, req.Send() } +const opEnableImage = "EnableImage" + +// EnableImageRequest generates a "aws/request.Request" representing the +// client's request for the EnableImage operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See EnableImage for more information on using the EnableImage +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the EnableImageRequest method. +// req, resp := client.EnableImageRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/EnableImage +func (c *EC2) EnableImageRequest(input *EnableImageInput) (req *request.Request, output *EnableImageOutput) { + op := &request.Operation{ + Name: opEnableImage, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &EnableImageInput{} + } + + output = &EnableImageOutput{} + req = c.newRequest(op, input, output) + return +} + +// EnableImage API operation for Amazon Elastic Compute Cloud. +// +// Re-enables a disabled AMI. The re-enabled AMI is marked as available and +// can be used for instance launches, appears in describe operations, and can +// be shared. Amazon Web Services accounts, organizations, and Organizational +// Units that lost access to the AMI when it was disabled do not regain access +// automatically. Once the AMI is available, it can be shared with them again. +// +// Only the AMI owner can re-enable a disabled AMI. +// +// For more information, see Disable an AMI (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/disable-an-ami.html) +// in the Amazon EC2 User Guide. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation EnableImage for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/EnableImage +func (c *EC2) EnableImage(input *EnableImageInput) (*EnableImageOutput, error) { + req, out := c.EnableImageRequest(input) + return out, req.Send() +} + +// EnableImageWithContext is the same as EnableImage with the addition of +// the ability to pass a context and additional request options. +// +// See EnableImage for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) EnableImageWithContext(ctx aws.Context, input *EnableImageInput, opts ...request.Option) (*EnableImageOutput, error) { + req, out := c.EnableImageRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opEnableImageBlockPublicAccess = "EnableImageBlockPublicAccess" + +// EnableImageBlockPublicAccessRequest generates a "aws/request.Request" representing the +// client's request for the EnableImageBlockPublicAccess operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See EnableImageBlockPublicAccess for more information on using the EnableImageBlockPublicAccess +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the EnableImageBlockPublicAccessRequest method. +// req, resp := client.EnableImageBlockPublicAccessRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/EnableImageBlockPublicAccess +func (c *EC2) EnableImageBlockPublicAccessRequest(input *EnableImageBlockPublicAccessInput) (req *request.Request, output *EnableImageBlockPublicAccessOutput) { + op := &request.Operation{ + Name: opEnableImageBlockPublicAccess, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &EnableImageBlockPublicAccessInput{} + } + + output = &EnableImageBlockPublicAccessOutput{} + req = c.newRequest(op, input, output) + return +} + +// EnableImageBlockPublicAccess API operation for Amazon Elastic Compute Cloud. +// +// Enables block public access for AMIs at the account level in the specified +// Amazon Web Services Region. This prevents the public sharing of your AMIs. +// However, if you already have public AMIs, they will remain publicly available. +// +// The API can take up to 10 minutes to configure this setting. During this +// time, if you run GetImageBlockPublicAccessState (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetImageBlockPublicAccessState.html), +// the response will be unblocked. When the API has completed the configuration, +// the response will be block-new-sharing. +// +// For more information, see Block public access to your AMIs (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/sharingamis-intro.html#block-public-access-to-amis) +// in the Amazon EC2 User Guide. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation EnableImageBlockPublicAccess for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/EnableImageBlockPublicAccess +func (c *EC2) EnableImageBlockPublicAccess(input *EnableImageBlockPublicAccessInput) (*EnableImageBlockPublicAccessOutput, error) { + req, out := c.EnableImageBlockPublicAccessRequest(input) + return out, req.Send() +} + +// EnableImageBlockPublicAccessWithContext is the same as EnableImageBlockPublicAccess with the addition of +// the ability to pass a context and additional request options. +// +// See EnableImageBlockPublicAccess for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) EnableImageBlockPublicAccessWithContext(ctx aws.Context, input *EnableImageBlockPublicAccessInput, opts ...request.Option) (*EnableImageBlockPublicAccessOutput, error) { + req, out := c.EnableImageBlockPublicAccessRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opEnableImageDeprecation = "EnableImageDeprecation" // EnableImageDeprecationRequest generates a "aws/request.Request" representing the @@ -36819,6 +39124,92 @@ func (c *EC2) EnableSerialConsoleAccessWithContext(ctx aws.Context, input *Enabl return out, req.Send() } +const opEnableSnapshotBlockPublicAccess = "EnableSnapshotBlockPublicAccess" + +// EnableSnapshotBlockPublicAccessRequest generates a "aws/request.Request" representing the +// client's request for the EnableSnapshotBlockPublicAccess operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See EnableSnapshotBlockPublicAccess for more information on using the EnableSnapshotBlockPublicAccess +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the EnableSnapshotBlockPublicAccessRequest method. +// req, resp := client.EnableSnapshotBlockPublicAccessRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/EnableSnapshotBlockPublicAccess +func (c *EC2) EnableSnapshotBlockPublicAccessRequest(input *EnableSnapshotBlockPublicAccessInput) (req *request.Request, output *EnableSnapshotBlockPublicAccessOutput) { + op := &request.Operation{ + Name: opEnableSnapshotBlockPublicAccess, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &EnableSnapshotBlockPublicAccessInput{} + } + + output = &EnableSnapshotBlockPublicAccessOutput{} + req = c.newRequest(op, input, output) + return +} + +// EnableSnapshotBlockPublicAccess API operation for Amazon Elastic Compute Cloud. +// +// Enables or modifies the block public access for snapshots setting at the +// account level for the specified Amazon Web Services Region. After you enable +// block public access for snapshots in a Region, users can no longer request +// public sharing for snapshots in that Region. Snapshots that are already publicly +// shared are either treated as private or they remain publicly shared, depending +// on the State that you specify. +// +// If block public access is enabled in block-all-sharing mode, and you change +// the mode to block-new-sharing, all snapshots that were previously publicly +// shared are no longer treated as private and they become publicly accessible +// again. +// +// For more information, see Block public access for snapshots (https://docs.aws.amazon.com/ebs/latest/userguide/block-public-access-snapshots.html) +// in the Amazon EBS User Guide. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation EnableSnapshotBlockPublicAccess for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/EnableSnapshotBlockPublicAccess +func (c *EC2) EnableSnapshotBlockPublicAccess(input *EnableSnapshotBlockPublicAccessInput) (*EnableSnapshotBlockPublicAccessOutput, error) { + req, out := c.EnableSnapshotBlockPublicAccessRequest(input) + return out, req.Send() +} + +// EnableSnapshotBlockPublicAccessWithContext is the same as EnableSnapshotBlockPublicAccess with the addition of +// the ability to pass a context and additional request options. +// +// See EnableSnapshotBlockPublicAccess for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) EnableSnapshotBlockPublicAccessWithContext(ctx aws.Context, input *EnableSnapshotBlockPublicAccessInput, opts ...request.Option) (*EnableSnapshotBlockPublicAccessOutput, error) { + req, out := c.EnableSnapshotBlockPublicAccessRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opEnableTransitGatewayRouteTablePropagation = "EnableTransitGatewayRouteTablePropagation" // EnableTransitGatewayRouteTablePropagationRequest generates a "aws/request.Request" representing the @@ -37086,17 +39477,14 @@ func (c *EC2) EnableVpcClassicLinkRequest(input *EnableVpcClassicLinkInput) (req // EnableVpcClassicLink API operation for Amazon Elastic Compute Cloud. // -// We are retiring EC2-Classic. We recommend that you migrate from EC2-Classic -// to a VPC. For more information, see Migrate from EC2-Classic to a VPC (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-migrate.html) -// in the Amazon Elastic Compute Cloud User Guide. +// This action is deprecated. // // Enables a VPC for ClassicLink. You can then link EC2-Classic instances to // your ClassicLink-enabled VPC to allow communication over private IP addresses. // You cannot enable your VPC for ClassicLink if any of your VPC route tables // have existing routes for address ranges within the 10.0.0.0/8 IP address // range, excluding local routes for VPCs in the 10.0.0.0/16 and 10.1.0.0/16 -// IP address ranges. For more information, see ClassicLink (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-classiclink.html) -// in the Amazon Elastic Compute Cloud User Guide. +// IP address ranges. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -37169,17 +39557,13 @@ func (c *EC2) EnableVpcClassicLinkDnsSupportRequest(input *EnableVpcClassicLinkD // EnableVpcClassicLinkDnsSupport API operation for Amazon Elastic Compute Cloud. // -// We are retiring EC2-Classic. We recommend that you migrate from EC2-Classic -// to a VPC. For more information, see Migrate from EC2-Classic to a VPC (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-migrate.html) -// in the Amazon Elastic Compute Cloud User Guide. +// This action is deprecated. // // Enables a VPC to support DNS hostname resolution for ClassicLink. If enabled, // the DNS hostname of a linked EC2-Classic instance resolves to its private // IP address when addressed from an instance in the VPC to which it's linked. // Similarly, the DNS hostname of an instance in a VPC resolves to its private -// IP address when addressed from a linked EC2-Classic instance. For more information, -// see ClassicLink (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-classiclink.html) -// in the Amazon Elastic Compute Cloud User Guide. +// IP address when addressed from a linked EC2-Classic instance. // // You must specify a VPC ID in the request. // @@ -38291,8 +40675,8 @@ func (c *EC2) GetEbsDefaultKmsKeyIdRequest(input *GetEbsDefaultKmsKeyIdInput) (r // in this Region. You can change the default KMS key for encryption by default // using ModifyEbsDefaultKmsKeyId or ResetEbsDefaultKmsKeyId. // -// For more information, see Amazon EBS encryption (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html) -// in the Amazon Elastic Compute Cloud User Guide. +// For more information, see Amazon EBS encryption (https://docs.aws.amazon.com/ebs/latest/userguide/ebs-encryption.html) +// in the Amazon EBS User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -38368,8 +40752,8 @@ func (c *EC2) GetEbsEncryptionByDefaultRequest(input *GetEbsEncryptionByDefaultI // Describes whether EBS encryption by default is enabled for your account in // the current Region. // -// For more information, see Amazon EBS encryption (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html) -// in the Amazon Elastic Compute Cloud User Guide. +// For more information, see Amazon EBS encryption (https://docs.aws.amazon.com/ebs/latest/userguide/ebs-encryption.html) +// in the Amazon EBS User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -38457,6 +40841,9 @@ func (c *EC2) GetFlowLogsIntegrationTemplateRequest(input *GetFlowLogsIntegratio // - Create a set of named queries in Athena that you can use to get started // quickly // +// GetFlowLogsIntegrationTemplate does not support integration between Amazon +// Web Services Transit Gateway Flow Logs and Amazon Athena. +// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -38693,6 +41080,83 @@ func (c *EC2) GetHostReservationPurchasePreviewWithContext(ctx aws.Context, inpu return out, req.Send() } +const opGetImageBlockPublicAccessState = "GetImageBlockPublicAccessState" + +// GetImageBlockPublicAccessStateRequest generates a "aws/request.Request" representing the +// client's request for the GetImageBlockPublicAccessState operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See GetImageBlockPublicAccessState for more information on using the GetImageBlockPublicAccessState +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the GetImageBlockPublicAccessStateRequest method. +// req, resp := client.GetImageBlockPublicAccessStateRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/GetImageBlockPublicAccessState +func (c *EC2) GetImageBlockPublicAccessStateRequest(input *GetImageBlockPublicAccessStateInput) (req *request.Request, output *GetImageBlockPublicAccessStateOutput) { + op := &request.Operation{ + Name: opGetImageBlockPublicAccessState, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &GetImageBlockPublicAccessStateInput{} + } + + output = &GetImageBlockPublicAccessStateOutput{} + req = c.newRequest(op, input, output) + return +} + +// GetImageBlockPublicAccessState API operation for Amazon Elastic Compute Cloud. +// +// Gets the current state of block public access for AMIs at the account level +// in the specified Amazon Web Services Region. +// +// For more information, see Block public access to your AMIs (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/sharingamis-intro.html#block-public-access-to-amis) +// in the Amazon EC2 User Guide. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation GetImageBlockPublicAccessState for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/GetImageBlockPublicAccessState +func (c *EC2) GetImageBlockPublicAccessState(input *GetImageBlockPublicAccessStateInput) (*GetImageBlockPublicAccessStateOutput, error) { + req, out := c.GetImageBlockPublicAccessStateRequest(input) + return out, req.Send() +} + +// GetImageBlockPublicAccessStateWithContext is the same as GetImageBlockPublicAccessState with the addition of +// the ability to pass a context and additional request options. +// +// See GetImageBlockPublicAccessState for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) GetImageBlockPublicAccessStateWithContext(ctx aws.Context, input *GetImageBlockPublicAccessStateInput, opts ...request.Option) (*GetImageBlockPublicAccessStateOutput, error) { + req, out := c.GetImageBlockPublicAccessStateRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opGetInstanceTypesFromInstanceRequirements = "GetInstanceTypesFromInstanceRequirements" // GetInstanceTypesFromInstanceRequirementsRequest generates a "aws/request.Request" representing the @@ -39056,6 +41520,346 @@ func (c *EC2) GetIpamAddressHistoryPagesWithContext(ctx aws.Context, input *GetI return p.Err() } +const opGetIpamDiscoveredAccounts = "GetIpamDiscoveredAccounts" + +// GetIpamDiscoveredAccountsRequest generates a "aws/request.Request" representing the +// client's request for the GetIpamDiscoveredAccounts operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See GetIpamDiscoveredAccounts for more information on using the GetIpamDiscoveredAccounts +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the GetIpamDiscoveredAccountsRequest method. +// req, resp := client.GetIpamDiscoveredAccountsRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/GetIpamDiscoveredAccounts +func (c *EC2) GetIpamDiscoveredAccountsRequest(input *GetIpamDiscoveredAccountsInput) (req *request.Request, output *GetIpamDiscoveredAccountsOutput) { + op := &request.Operation{ + Name: opGetIpamDiscoveredAccounts, + HTTPMethod: "POST", + HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "MaxResults", + TruncationToken: "", + }, + } + + if input == nil { + input = &GetIpamDiscoveredAccountsInput{} + } + + output = &GetIpamDiscoveredAccountsOutput{} + req = c.newRequest(op, input, output) + return +} + +// GetIpamDiscoveredAccounts API operation for Amazon Elastic Compute Cloud. +// +// Gets IPAM discovered accounts. A discovered account is an Amazon Web Services +// account that is monitored under a resource discovery. If you have integrated +// IPAM with Amazon Web Services Organizations, all accounts in the organization +// are discovered accounts. Only the IPAM account can get all discovered accounts +// in the organization. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation GetIpamDiscoveredAccounts for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/GetIpamDiscoveredAccounts +func (c *EC2) GetIpamDiscoveredAccounts(input *GetIpamDiscoveredAccountsInput) (*GetIpamDiscoveredAccountsOutput, error) { + req, out := c.GetIpamDiscoveredAccountsRequest(input) + return out, req.Send() +} + +// GetIpamDiscoveredAccountsWithContext is the same as GetIpamDiscoveredAccounts with the addition of +// the ability to pass a context and additional request options. +// +// See GetIpamDiscoveredAccounts for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) GetIpamDiscoveredAccountsWithContext(ctx aws.Context, input *GetIpamDiscoveredAccountsInput, opts ...request.Option) (*GetIpamDiscoveredAccountsOutput, error) { + req, out := c.GetIpamDiscoveredAccountsRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +// GetIpamDiscoveredAccountsPages iterates over the pages of a GetIpamDiscoveredAccounts operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See GetIpamDiscoveredAccounts method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a GetIpamDiscoveredAccounts operation. +// pageNum := 0 +// err := client.GetIpamDiscoveredAccountsPages(params, +// func(page *ec2.GetIpamDiscoveredAccountsOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +func (c *EC2) GetIpamDiscoveredAccountsPages(input *GetIpamDiscoveredAccountsInput, fn func(*GetIpamDiscoveredAccountsOutput, bool) bool) error { + return c.GetIpamDiscoveredAccountsPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// GetIpamDiscoveredAccountsPagesWithContext same as GetIpamDiscoveredAccountsPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) GetIpamDiscoveredAccountsPagesWithContext(ctx aws.Context, input *GetIpamDiscoveredAccountsInput, fn func(*GetIpamDiscoveredAccountsOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *GetIpamDiscoveredAccountsInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.GetIpamDiscoveredAccountsRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*GetIpamDiscoveredAccountsOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + +const opGetIpamDiscoveredPublicAddresses = "GetIpamDiscoveredPublicAddresses" + +// GetIpamDiscoveredPublicAddressesRequest generates a "aws/request.Request" representing the +// client's request for the GetIpamDiscoveredPublicAddresses operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See GetIpamDiscoveredPublicAddresses for more information on using the GetIpamDiscoveredPublicAddresses +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the GetIpamDiscoveredPublicAddressesRequest method. +// req, resp := client.GetIpamDiscoveredPublicAddressesRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/GetIpamDiscoveredPublicAddresses +func (c *EC2) GetIpamDiscoveredPublicAddressesRequest(input *GetIpamDiscoveredPublicAddressesInput) (req *request.Request, output *GetIpamDiscoveredPublicAddressesOutput) { + op := &request.Operation{ + Name: opGetIpamDiscoveredPublicAddresses, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &GetIpamDiscoveredPublicAddressesInput{} + } + + output = &GetIpamDiscoveredPublicAddressesOutput{} + req = c.newRequest(op, input, output) + return +} + +// GetIpamDiscoveredPublicAddresses API operation for Amazon Elastic Compute Cloud. +// +// Gets the public IP addresses that have been discovered by IPAM. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation GetIpamDiscoveredPublicAddresses for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/GetIpamDiscoveredPublicAddresses +func (c *EC2) GetIpamDiscoveredPublicAddresses(input *GetIpamDiscoveredPublicAddressesInput) (*GetIpamDiscoveredPublicAddressesOutput, error) { + req, out := c.GetIpamDiscoveredPublicAddressesRequest(input) + return out, req.Send() +} + +// GetIpamDiscoveredPublicAddressesWithContext is the same as GetIpamDiscoveredPublicAddresses with the addition of +// the ability to pass a context and additional request options. +// +// See GetIpamDiscoveredPublicAddresses for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) GetIpamDiscoveredPublicAddressesWithContext(ctx aws.Context, input *GetIpamDiscoveredPublicAddressesInput, opts ...request.Option) (*GetIpamDiscoveredPublicAddressesOutput, error) { + req, out := c.GetIpamDiscoveredPublicAddressesRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opGetIpamDiscoveredResourceCidrs = "GetIpamDiscoveredResourceCidrs" + +// GetIpamDiscoveredResourceCidrsRequest generates a "aws/request.Request" representing the +// client's request for the GetIpamDiscoveredResourceCidrs operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See GetIpamDiscoveredResourceCidrs for more information on using the GetIpamDiscoveredResourceCidrs +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the GetIpamDiscoveredResourceCidrsRequest method. +// req, resp := client.GetIpamDiscoveredResourceCidrsRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/GetIpamDiscoveredResourceCidrs +func (c *EC2) GetIpamDiscoveredResourceCidrsRequest(input *GetIpamDiscoveredResourceCidrsInput) (req *request.Request, output *GetIpamDiscoveredResourceCidrsOutput) { + op := &request.Operation{ + Name: opGetIpamDiscoveredResourceCidrs, + HTTPMethod: "POST", + HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "MaxResults", + TruncationToken: "", + }, + } + + if input == nil { + input = &GetIpamDiscoveredResourceCidrsInput{} + } + + output = &GetIpamDiscoveredResourceCidrsOutput{} + req = c.newRequest(op, input, output) + return +} + +// GetIpamDiscoveredResourceCidrs API operation for Amazon Elastic Compute Cloud. +// +// Returns the resource CIDRs that are monitored as part of a resource discovery. +// A discovered resource is a resource CIDR monitored under a resource discovery. +// The following resources can be discovered: VPCs, Public IPv4 pools, VPC subnets, +// and Elastic IP addresses. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation GetIpamDiscoveredResourceCidrs for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/GetIpamDiscoveredResourceCidrs +func (c *EC2) GetIpamDiscoveredResourceCidrs(input *GetIpamDiscoveredResourceCidrsInput) (*GetIpamDiscoveredResourceCidrsOutput, error) { + req, out := c.GetIpamDiscoveredResourceCidrsRequest(input) + return out, req.Send() +} + +// GetIpamDiscoveredResourceCidrsWithContext is the same as GetIpamDiscoveredResourceCidrs with the addition of +// the ability to pass a context and additional request options. +// +// See GetIpamDiscoveredResourceCidrs for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) GetIpamDiscoveredResourceCidrsWithContext(ctx aws.Context, input *GetIpamDiscoveredResourceCidrsInput, opts ...request.Option) (*GetIpamDiscoveredResourceCidrsOutput, error) { + req, out := c.GetIpamDiscoveredResourceCidrsRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +// GetIpamDiscoveredResourceCidrsPages iterates over the pages of a GetIpamDiscoveredResourceCidrs operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See GetIpamDiscoveredResourceCidrs method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a GetIpamDiscoveredResourceCidrs operation. +// pageNum := 0 +// err := client.GetIpamDiscoveredResourceCidrsPages(params, +// func(page *ec2.GetIpamDiscoveredResourceCidrsOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +func (c *EC2) GetIpamDiscoveredResourceCidrsPages(input *GetIpamDiscoveredResourceCidrsInput, fn func(*GetIpamDiscoveredResourceCidrsOutput, bool) bool) error { + return c.GetIpamDiscoveredResourceCidrsPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// GetIpamDiscoveredResourceCidrsPagesWithContext same as GetIpamDiscoveredResourceCidrsPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) GetIpamDiscoveredResourceCidrsPagesWithContext(ctx aws.Context, input *GetIpamDiscoveredResourceCidrsInput, fn func(*GetIpamDiscoveredResourceCidrsOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *GetIpamDiscoveredResourceCidrsInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.GetIpamDiscoveredResourceCidrsRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*GetIpamDiscoveredResourceCidrsOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + const opGetIpamPoolAllocations = "GetIpamPoolAllocations" // GetIpamPoolAllocationsRequest generates a "aws/request.Request" representing the @@ -39105,7 +41909,14 @@ func (c *EC2) GetIpamPoolAllocationsRequest(input *GetIpamPoolAllocationsInput) // GetIpamPoolAllocations API operation for Amazon Elastic Compute Cloud. // -// Get a list of all the CIDR allocations in an IPAM pool. +// Get a list of all the CIDR allocations in an IPAM pool. The Region you use +// should be the IPAM pool locale. The locale is the Amazon Web Services Region +// where this IPAM pool is available for allocations. +// +// If you use this action after AllocateIpamPoolCidr (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_AllocateIpamPoolCidr.html) +// or ReleaseIpamPoolAllocation (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ReleaseIpamPoolAllocation.html), +// note that all EC2 API actions follow an eventual consistency (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/query-api-troubleshooting.html#eventual-consistency) +// model. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -39365,7 +42176,11 @@ func (c *EC2) GetIpamResourceCidrsRequest(input *GetIpamResourceCidrsInput) (req // GetIpamResourceCidrs API operation for Amazon Elastic Compute Cloud. // -// Get information about the resources in a scope. +// Returns resource CIDRs managed by IPAM in a given scope. If an IPAM is associated +// with more than one resource discovery, the resource CIDRs across all of the +// resource discoveries is returned. A resource discovery is an IPAM component +// that enables IPAM to manage and monitor resources that belong to the owning +// account. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -39495,8 +42310,8 @@ func (c *EC2) GetLaunchTemplateDataRequest(input *GetLaunchTemplateDataInput) (r // This action calls on other describe actions to get instance information. // Depending on your instance configuration, you may need to allow the following // actions in your IAM policy: DescribeSpotInstanceRequests, DescribeInstanceCreditSpecifications, -// DescribeVolumes, DescribeInstanceAttribute, and DescribeElasticGpus. Or, -// you can allow describe* depending on your instance requirements. +// DescribeVolumes, and DescribeInstanceAttribute. Or, you can allow describe* +// depending on your instance requirements. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -39817,6 +42632,12 @@ func (c *EC2) GetNetworkInsightsAccessScopeAnalysisFindingsRequest(input *GetNet Name: opGetNetworkInsightsAccessScopeAnalysisFindings, HTTPMethod: "POST", HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "MaxResults", + TruncationToken: "", + }, } if input == nil { @@ -39860,6 +42681,57 @@ func (c *EC2) GetNetworkInsightsAccessScopeAnalysisFindingsWithContext(ctx aws.C return out, req.Send() } +// GetNetworkInsightsAccessScopeAnalysisFindingsPages iterates over the pages of a GetNetworkInsightsAccessScopeAnalysisFindings operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See GetNetworkInsightsAccessScopeAnalysisFindings method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a GetNetworkInsightsAccessScopeAnalysisFindings operation. +// pageNum := 0 +// err := client.GetNetworkInsightsAccessScopeAnalysisFindingsPages(params, +// func(page *ec2.GetNetworkInsightsAccessScopeAnalysisFindingsOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +func (c *EC2) GetNetworkInsightsAccessScopeAnalysisFindingsPages(input *GetNetworkInsightsAccessScopeAnalysisFindingsInput, fn func(*GetNetworkInsightsAccessScopeAnalysisFindingsOutput, bool) bool) error { + return c.GetNetworkInsightsAccessScopeAnalysisFindingsPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// GetNetworkInsightsAccessScopeAnalysisFindingsPagesWithContext same as GetNetworkInsightsAccessScopeAnalysisFindingsPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) GetNetworkInsightsAccessScopeAnalysisFindingsPagesWithContext(ctx aws.Context, input *GetNetworkInsightsAccessScopeAnalysisFindingsInput, fn func(*GetNetworkInsightsAccessScopeAnalysisFindingsOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *GetNetworkInsightsAccessScopeAnalysisFindingsInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.GetNetworkInsightsAccessScopeAnalysisFindingsRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*GetNetworkInsightsAccessScopeAnalysisFindingsOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + const opGetNetworkInsightsAccessScopeContent = "GetNetworkInsightsAccessScopeContent" // GetNetworkInsightsAccessScopeContentRequest generates a "aws/request.Request" representing the @@ -40099,6 +42971,137 @@ func (c *EC2) GetReservedInstancesExchangeQuoteWithContext(ctx aws.Context, inpu return out, req.Send() } +const opGetSecurityGroupsForVpc = "GetSecurityGroupsForVpc" + +// GetSecurityGroupsForVpcRequest generates a "aws/request.Request" representing the +// client's request for the GetSecurityGroupsForVpc operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See GetSecurityGroupsForVpc for more information on using the GetSecurityGroupsForVpc +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the GetSecurityGroupsForVpcRequest method. +// req, resp := client.GetSecurityGroupsForVpcRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/GetSecurityGroupsForVpc +func (c *EC2) GetSecurityGroupsForVpcRequest(input *GetSecurityGroupsForVpcInput) (req *request.Request, output *GetSecurityGroupsForVpcOutput) { + op := &request.Operation{ + Name: opGetSecurityGroupsForVpc, + HTTPMethod: "POST", + HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"NextToken"}, + OutputTokens: []string{"NextToken"}, + LimitToken: "MaxResults", + TruncationToken: "", + }, + } + + if input == nil { + input = &GetSecurityGroupsForVpcInput{} + } + + output = &GetSecurityGroupsForVpcOutput{} + req = c.newRequest(op, input, output) + return +} + +// GetSecurityGroupsForVpc API operation for Amazon Elastic Compute Cloud. +// +// Gets security groups that can be associated by the Amazon Web Services account +// making the request with network interfaces in the specified VPC. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation GetSecurityGroupsForVpc for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/GetSecurityGroupsForVpc +func (c *EC2) GetSecurityGroupsForVpc(input *GetSecurityGroupsForVpcInput) (*GetSecurityGroupsForVpcOutput, error) { + req, out := c.GetSecurityGroupsForVpcRequest(input) + return out, req.Send() +} + +// GetSecurityGroupsForVpcWithContext is the same as GetSecurityGroupsForVpc with the addition of +// the ability to pass a context and additional request options. +// +// See GetSecurityGroupsForVpc for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) GetSecurityGroupsForVpcWithContext(ctx aws.Context, input *GetSecurityGroupsForVpcInput, opts ...request.Option) (*GetSecurityGroupsForVpcOutput, error) { + req, out := c.GetSecurityGroupsForVpcRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +// GetSecurityGroupsForVpcPages iterates over the pages of a GetSecurityGroupsForVpc operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See GetSecurityGroupsForVpc method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a GetSecurityGroupsForVpc operation. +// pageNum := 0 +// err := client.GetSecurityGroupsForVpcPages(params, +// func(page *ec2.GetSecurityGroupsForVpcOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +func (c *EC2) GetSecurityGroupsForVpcPages(input *GetSecurityGroupsForVpcInput, fn func(*GetSecurityGroupsForVpcOutput, bool) bool) error { + return c.GetSecurityGroupsForVpcPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// GetSecurityGroupsForVpcPagesWithContext same as GetSecurityGroupsForVpcPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) GetSecurityGroupsForVpcPagesWithContext(ctx aws.Context, input *GetSecurityGroupsForVpcInput, fn func(*GetSecurityGroupsForVpcOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *GetSecurityGroupsForVpcInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.GetSecurityGroupsForVpcRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*GetSecurityGroupsForVpcOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + const opGetSerialConsoleAccessStatus = "GetSerialConsoleAccessStatus" // GetSerialConsoleAccessStatusRequest generates a "aws/request.Request" representing the @@ -40176,6 +43179,83 @@ func (c *EC2) GetSerialConsoleAccessStatusWithContext(ctx aws.Context, input *Ge return out, req.Send() } +const opGetSnapshotBlockPublicAccessState = "GetSnapshotBlockPublicAccessState" + +// GetSnapshotBlockPublicAccessStateRequest generates a "aws/request.Request" representing the +// client's request for the GetSnapshotBlockPublicAccessState operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See GetSnapshotBlockPublicAccessState for more information on using the GetSnapshotBlockPublicAccessState +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the GetSnapshotBlockPublicAccessStateRequest method. +// req, resp := client.GetSnapshotBlockPublicAccessStateRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/GetSnapshotBlockPublicAccessState +func (c *EC2) GetSnapshotBlockPublicAccessStateRequest(input *GetSnapshotBlockPublicAccessStateInput) (req *request.Request, output *GetSnapshotBlockPublicAccessStateOutput) { + op := &request.Operation{ + Name: opGetSnapshotBlockPublicAccessState, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &GetSnapshotBlockPublicAccessStateInput{} + } + + output = &GetSnapshotBlockPublicAccessStateOutput{} + req = c.newRequest(op, input, output) + return +} + +// GetSnapshotBlockPublicAccessState API operation for Amazon Elastic Compute Cloud. +// +// Gets the current state of block public access for snapshots setting for the +// account and Region. +// +// For more information, see Block public access for snapshots (https://docs.aws.amazon.com/ebs/latest/userguide/block-public-access-snapshots.html) +// in the Amazon EBS User Guide. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation GetSnapshotBlockPublicAccessState for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/GetSnapshotBlockPublicAccessState +func (c *EC2) GetSnapshotBlockPublicAccessState(input *GetSnapshotBlockPublicAccessStateInput) (*GetSnapshotBlockPublicAccessStateOutput, error) { + req, out := c.GetSnapshotBlockPublicAccessStateRequest(input) + return out, req.Send() +} + +// GetSnapshotBlockPublicAccessStateWithContext is the same as GetSnapshotBlockPublicAccessState with the addition of +// the ability to pass a context and additional request options. +// +// See GetSnapshotBlockPublicAccessState for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) GetSnapshotBlockPublicAccessStateWithContext(ctx aws.Context, input *GetSnapshotBlockPublicAccessStateInput, opts ...request.Option) (*GetSnapshotBlockPublicAccessStateOutput, error) { + req, out := c.GetSnapshotBlockPublicAccessStateRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opGetSpotPlacementScores = "GetSpotPlacementScores" // GetSpotPlacementScoresRequest generates a "aws/request.Request" representing the @@ -41600,6 +44680,79 @@ func (c *EC2) GetVpnConnectionDeviceTypesPagesWithContext(ctx aws.Context, input return p.Err() } +const opGetVpnTunnelReplacementStatus = "GetVpnTunnelReplacementStatus" + +// GetVpnTunnelReplacementStatusRequest generates a "aws/request.Request" representing the +// client's request for the GetVpnTunnelReplacementStatus operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See GetVpnTunnelReplacementStatus for more information on using the GetVpnTunnelReplacementStatus +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the GetVpnTunnelReplacementStatusRequest method. +// req, resp := client.GetVpnTunnelReplacementStatusRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/GetVpnTunnelReplacementStatus +func (c *EC2) GetVpnTunnelReplacementStatusRequest(input *GetVpnTunnelReplacementStatusInput) (req *request.Request, output *GetVpnTunnelReplacementStatusOutput) { + op := &request.Operation{ + Name: opGetVpnTunnelReplacementStatus, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &GetVpnTunnelReplacementStatusInput{} + } + + output = &GetVpnTunnelReplacementStatusOutput{} + req = c.newRequest(op, input, output) + return +} + +// GetVpnTunnelReplacementStatus API operation for Amazon Elastic Compute Cloud. +// +// Get details of available tunnel endpoint maintenance. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation GetVpnTunnelReplacementStatus for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/GetVpnTunnelReplacementStatus +func (c *EC2) GetVpnTunnelReplacementStatus(input *GetVpnTunnelReplacementStatusInput) (*GetVpnTunnelReplacementStatusOutput, error) { + req, out := c.GetVpnTunnelReplacementStatusRequest(input) + return out, req.Send() +} + +// GetVpnTunnelReplacementStatusWithContext is the same as GetVpnTunnelReplacementStatus with the addition of +// the ability to pass a context and additional request options. +// +// See GetVpnTunnelReplacementStatus for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) GetVpnTunnelReplacementStatusWithContext(ctx aws.Context, input *GetVpnTunnelReplacementStatusInput, opts ...request.Option) (*GetVpnTunnelReplacementStatusOutput, error) { + req, out := c.GetVpnTunnelReplacementStatusRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opImportClientVpnClientCertificateRevocationList = "ImportClientVpnClientCertificateRevocationList" // ImportClientVpnClientCertificateRevocationListRequest generates a "aws/request.Request" representing the @@ -41720,6 +44873,11 @@ func (c *EC2) ImportImageRequest(input *ImportImageInput) (req *request.Request, // ImportImage API operation for Amazon Elastic Compute Cloud. // +// To import your virtual machines (VMs) with a console-based experience, you +// can use the Import virtual machine images to Amazon Web Services template +// in the Migration Hub Orchestrator console (https://console.aws.amazon.com/migrationhub/orchestrator). +// For more information, see the Migration Hub Orchestrator User Guide (https://docs.aws.amazon.com/migrationhub-orchestrator/latest/userguide/import-vm-images.html). +// // Import single or multi-volume disk images or EBS snapshots into an Amazon // Machine Image (AMI). // @@ -41803,16 +44961,21 @@ func (c *EC2) ImportInstanceRequest(input *ImportInstanceInput) (req *request.Re // ImportInstance API operation for Amazon Elastic Compute Cloud. // -// Creates an import instance task using metadata from the specified disk image. +// We recommend that you use the ImportImage (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ImportImage.html) +// API. For more information, see Importing a VM as an image using VM Import/Export +// (https://docs.aws.amazon.com/vm-import/latest/userguide/vmimport-image-import.html) +// in the VM Import/Export User Guide. // -// This API action supports only single-volume VMs. To import multi-volume VMs, -// use ImportImage instead. +// Creates an import instance task using metadata from the specified disk image. // // This API action is not supported by the Command Line Interface (CLI). For // information about using the Amazon EC2 CLI, which is deprecated, see Importing // a VM to Amazon EC2 (https://awsdocs.s3.amazonaws.com/EC2/ec2-clt.pdf#UsingVirtualMachinesinAmazonEC2) // in the Amazon EC2 CLI Reference PDF file. // +// This API action supports only single-volume VMs. To import multi-volume VMs, +// use ImportImage instead. +// // For information about the import manifest referenced by this API action, // see VM Import Manifest (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/manifest.html). // @@ -42349,6 +45512,96 @@ func (c *EC2) ListSnapshotsInRecycleBinPagesWithContext(ctx aws.Context, input * return p.Err() } +const opLockSnapshot = "LockSnapshot" + +// LockSnapshotRequest generates a "aws/request.Request" representing the +// client's request for the LockSnapshot operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See LockSnapshot for more information on using the LockSnapshot +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the LockSnapshotRequest method. +// req, resp := client.LockSnapshotRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/LockSnapshot +func (c *EC2) LockSnapshotRequest(input *LockSnapshotInput) (req *request.Request, output *LockSnapshotOutput) { + op := &request.Operation{ + Name: opLockSnapshot, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &LockSnapshotInput{} + } + + output = &LockSnapshotOutput{} + req = c.newRequest(op, input, output) + return +} + +// LockSnapshot API operation for Amazon Elastic Compute Cloud. +// +// Locks an Amazon EBS snapshot in either governance or compliance mode to protect +// it against accidental or malicious deletions for a specific duration. A locked +// snapshot can't be deleted. +// +// You can also use this action to modify the lock settings for a snapshot that +// is already locked. The allowed modifications depend on the lock mode and +// lock state: +// +// - If the snapshot is locked in governance mode, you can modify the lock +// mode and the lock duration or lock expiration date. +// +// - If the snapshot is locked in compliance mode and it is in the cooling-off +// period, you can modify the lock mode and the lock duration or lock expiration +// date. +// +// - If the snapshot is locked in compliance mode and the cooling-off period +// has lapsed, you can only increase the lock duration or extend the lock +// expiration date. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation LockSnapshot for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/LockSnapshot +func (c *EC2) LockSnapshot(input *LockSnapshotInput) (*LockSnapshotOutput, error) { + req, out := c.LockSnapshotRequest(input) + return out, req.Send() +} + +// LockSnapshotWithContext is the same as LockSnapshot with the addition of +// the ability to pass a context and additional request options. +// +// See LockSnapshot for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) LockSnapshotWithContext(ctx aws.Context, input *LockSnapshotInput, opts ...request.Option) (*LockSnapshotOutput, error) { + req, out := c.LockSnapshotRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opModifyAddressAttribute = "ModifyAddressAttribute" // ModifyAddressAttributeRequest generates a "aws/request.Request" representing the @@ -42875,8 +46128,8 @@ func (c *EC2) ModifyEbsDefaultKmsKeyIdRequest(input *ModifyEbsDefaultKmsKeyIdInp // If you delete or disable the customer managed KMS key that you specified // for use with encryption by default, your instances will fail to launch. // -// For more information, see Amazon EBS encryption (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html) -// in the Amazon Elastic Compute Cloud User Guide. +// For more information, see Amazon EBS encryption (https://docs.aws.amazon.com/ebs/latest/userguide/ebs-encryption.html) +// in the Amazon EBS User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -43402,8 +46655,10 @@ func (c *EC2) ModifyImageAttributeRequest(input *ModifyImageAttributeInput) (req // ModifyImageAttribute API operation for Amazon Elastic Compute Cloud. // // Modifies the specified attribute of the specified AMI. You can specify only -// one attribute at a time. You can use the Attribute parameter to specify the -// attribute or one of the following parameters: Description or LaunchPermission. +// one attribute at a time. +// +// To specify the attribute, you can use the Attribute parameter, or one of +// the following parameters: Description, ImdsSupport, or LaunchPermission. // // Images with an Amazon Web Services Marketplace product code cannot be made // public. @@ -43487,10 +46742,10 @@ func (c *EC2) ModifyInstanceAttributeRequest(input *ModifyInstanceAttributeInput // only one attribute at a time. // // Note: Using this action to change the security groups associated with an -// elastic network interface (ENI) attached to an instance in a VPC can result -// in an error if the instance has more than one ENI. To change the security -// groups associated with an ENI attached to an instance that has multiple ENIs, -// we recommend that you use the ModifyNetworkInterfaceAttribute action. +// elastic network interface (ENI) attached to an instance can result in an +// error if the instance has more than one ENI. To change the security groups +// associated with an ENI attached to an instance that has multiple ENIs, we +// recommend that you use the ModifyNetworkInterfaceAttribute action. // // To modify some attributes, the instance must be stopped. For more information, // see Modify a stopped instance (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_ChangingAttributesWhileInstanceStopped.html) @@ -44039,7 +47294,7 @@ func (c *EC2) ModifyInstancePlacementRequest(input *ModifyInstancePlacementInput // // - Modify the affinity between an instance and a Dedicated Host (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/dedicated-hosts-overview.html). // When affinity is set to host and the instance is not associated with a -// specific Dedicated Host, the next time the instance is launched, it is +// specific Dedicated Host, the next time the instance is started, it is // automatically associated with the host on which it lands. If the instance // is restarted or rebooted, this relationship persists. // @@ -44314,6 +47569,81 @@ func (c *EC2) ModifyIpamResourceCidrWithContext(ctx aws.Context, input *ModifyIp return out, req.Send() } +const opModifyIpamResourceDiscovery = "ModifyIpamResourceDiscovery" + +// ModifyIpamResourceDiscoveryRequest generates a "aws/request.Request" representing the +// client's request for the ModifyIpamResourceDiscovery operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See ModifyIpamResourceDiscovery for more information on using the ModifyIpamResourceDiscovery +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the ModifyIpamResourceDiscoveryRequest method. +// req, resp := client.ModifyIpamResourceDiscoveryRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ModifyIpamResourceDiscovery +func (c *EC2) ModifyIpamResourceDiscoveryRequest(input *ModifyIpamResourceDiscoveryInput) (req *request.Request, output *ModifyIpamResourceDiscoveryOutput) { + op := &request.Operation{ + Name: opModifyIpamResourceDiscovery, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &ModifyIpamResourceDiscoveryInput{} + } + + output = &ModifyIpamResourceDiscoveryOutput{} + req = c.newRequest(op, input, output) + return +} + +// ModifyIpamResourceDiscovery API operation for Amazon Elastic Compute Cloud. +// +// Modifies a resource discovery. A resource discovery is an IPAM component +// that enables IPAM to manage and monitor resources that belong to the owning +// account. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation ModifyIpamResourceDiscovery for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ModifyIpamResourceDiscovery +func (c *EC2) ModifyIpamResourceDiscovery(input *ModifyIpamResourceDiscoveryInput) (*ModifyIpamResourceDiscoveryOutput, error) { + req, out := c.ModifyIpamResourceDiscoveryRequest(input) + return out, req.Send() +} + +// ModifyIpamResourceDiscoveryWithContext is the same as ModifyIpamResourceDiscovery with the addition of +// the ability to pass a context and additional request options. +// +// See ModifyIpamResourceDiscovery for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) ModifyIpamResourceDiscoveryWithContext(ctx aws.Context, input *ModifyIpamResourceDiscoveryInput, opts ...request.Option) (*ModifyIpamResourceDiscoveryOutput, error) { + req, out := c.ModifyIpamResourceDiscoveryRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opModifyIpamScope = "ModifyIpamScope" // ModifyIpamScopeRequest generates a "aws/request.Request" representing the @@ -44814,10 +48144,6 @@ func (c *EC2) ModifyReservedInstancesRequest(input *ModifyReservedInstancesInput // For more information, see Modifying Reserved Instances (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ri-modifying.html) // in the Amazon EC2 User Guide. // -// We are retiring EC2-Classic. We recommend that you migrate from EC2-Classic -// to a VPC. For more information, see Migrate from EC2-Classic to a VPC (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-migrate.html) -// in the Amazon Elastic Compute Cloud User Guide. -// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -44975,8 +48301,8 @@ func (c *EC2) ModifySnapshotAttributeRequest(input *ModifySnapshotAttributeInput // cannot be shared with other accounts. // // For more information about modifying snapshot permissions, see Share a snapshot -// (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-modifying-snapshot-permissions.html) -// in the Amazon Elastic Compute Cloud User Guide. +// (https://docs.aws.amazon.com/ebs/latest/userguide/ebs-modifying-snapshot-permissions.html) +// in the Amazon EBS User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -45053,8 +48379,8 @@ func (c *EC2) ModifySnapshotTierRequest(input *ModifySnapshotTierInput) (req *re // to a full snapshot that includes all of the blocks of data that were written // to the volume at the time the snapshot was created, and moved from the standard // tier to the archive tier. For more information, see Archive Amazon EBS snapshots -// (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/snapshot-archive.html) -// in the Amazon Elastic Compute Cloud User Guide. +// (https://docs.aws.amazon.com/ebs/latest/userguide/snapshot-archive.html) +// in the Amazon EBS User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -45768,7 +49094,8 @@ func (c *EC2) ModifyVerifiedAccessEndpointRequest(input *ModifyVerifiedAccessEnd // ModifyVerifiedAccessEndpoint API operation for Amazon Elastic Compute Cloud. // -// Modifies the configuration of an Amazon Web Services Verified Access endpoint. +// Modifies the configuration of the specified Amazon Web Services Verified +// Access endpoint. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -45841,7 +49168,7 @@ func (c *EC2) ModifyVerifiedAccessEndpointPolicyRequest(input *ModifyVerifiedAcc // ModifyVerifiedAccessEndpointPolicy API operation for Amazon Elastic Compute Cloud. // -// Modifies the specified Verified Access endpoint policy. +// Modifies the specified Amazon Web Services Verified Access endpoint policy. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -45914,7 +49241,7 @@ func (c *EC2) ModifyVerifiedAccessGroupRequest(input *ModifyVerifiedAccessGroupI // ModifyVerifiedAccessGroup API operation for Amazon Elastic Compute Cloud. // -// Modifies the specified Verified Access group configuration. +// Modifies the specified Amazon Web Services Verified Access group configuration. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -45987,7 +49314,7 @@ func (c *EC2) ModifyVerifiedAccessGroupPolicyRequest(input *ModifyVerifiedAccess // ModifyVerifiedAccessGroupPolicy API operation for Amazon Elastic Compute Cloud. // -// Modifies the specified Verified Access group policy. +// Modifies the specified Amazon Web Services Verified Access group policy. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -46060,7 +49387,8 @@ func (c *EC2) ModifyVerifiedAccessInstanceRequest(input *ModifyVerifiedAccessIns // ModifyVerifiedAccessInstance API operation for Amazon Elastic Compute Cloud. // -// Modifies the configuration of the specified Verified Access instance. +// Modifies the configuration of the specified Amazon Web Services Verified +// Access instance. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -46285,21 +49613,19 @@ func (c *EC2) ModifyVolumeRequest(input *ModifyVolumeInput) (req *request.Reques // size, volume type, and IOPS capacity. If your EBS volume is attached to a // current-generation EC2 instance type, you might be able to apply these changes // without stopping the instance or detaching the volume from it. For more information -// about modifying EBS volumes, see Amazon EBS Elastic Volumes (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-modify-volume.html) -// (Linux instances) or Amazon EBS Elastic Volumes (https://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/ebs-modify-volume.html) -// (Windows instances). +// about modifying EBS volumes, see Amazon EBS Elastic Volumes (https://docs.aws.amazon.com/ebs/latest/userguide/ebs-modify-volume.html) +// in the Amazon EBS User Guide. // // When you complete a resize operation on your volume, you need to extend the // volume's file-system size to take advantage of the new storage capacity. -// For more information, see Extend a Linux file system (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-expand-volume.html#recognize-expanded-volume-linux) -// or Extend a Windows file system (https://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/ebs-expand-volume.html#recognize-expanded-volume-windows). +// For more information, see Extend the file system (https://docs.aws.amazon.com/ebs/latest/userguide/recognize-expanded-volume-linux.html). // // You can use CloudWatch Events to check the status of a modification to an // EBS volume. For information about CloudWatch Events, see the Amazon CloudWatch // Events User Guide (https://docs.aws.amazon.com/AmazonCloudWatch/latest/events/). // You can also track the status of a modification using DescribeVolumesModifications. // For information about tracking status changes using either method, see Monitor -// the progress of volume modifications (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/monitoring-volume-modifications.html). +// the progress of volume modifications (https://docs.aws.amazon.com/ebs/latest/userguide/monitoring-volume-modifications.html). // // With previous-generation instance types, resizing an EBS volume might require // detaching and reattaching the volume or stopping and restarting the instance. @@ -46840,8 +50166,8 @@ func (c *EC2) ModifyVpcEndpointServicePermissionsRequest(input *ModifyVpcEndpoin // ModifyVpcEndpointServicePermissions API operation for Amazon Elastic Compute Cloud. // // Modifies the permissions for your VPC endpoint service. You can add or remove -// permissions for service consumers (IAM users, IAM roles, and Amazon Web Services -// accounts) to connect to your endpoint service. +// permissions for service consumers (Amazon Web Services accounts, users, and +// IAM roles) to connect to your endpoint service. // // If you grant permissions to all principals, the service is public. Any users // who know the name of a public service can send a request to attach an endpoint. @@ -46919,34 +50245,20 @@ func (c *EC2) ModifyVpcPeeringConnectionOptionsRequest(input *ModifyVpcPeeringCo // ModifyVpcPeeringConnectionOptions API operation for Amazon Elastic Compute Cloud. // -// We are retiring EC2-Classic. We recommend that you migrate from EC2-Classic -// to a VPC. For more information, see Migrate from EC2-Classic to a VPC (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-migrate.html) -// in the Amazon Elastic Compute Cloud User Guide. -// // Modifies the VPC peering connection options on one side of a VPC peering -// connection. You can do the following: -// -// - Enable/disable communication over the peering connection between an -// EC2-Classic instance that's linked to your VPC (using ClassicLink) and -// instances in the peer VPC. -// -// - Enable/disable communication over the peering connection between instances -// in your VPC and an EC2-Classic instance that's linked to the peer VPC. -// -// - Enable/disable the ability to resolve public DNS hostnames to private -// IP addresses when queried from instances in the peer VPC. +// connection. // // If the peered VPCs are in the same Amazon Web Services account, you can enable // DNS resolution for queries from the local VPC. This ensures that queries // from the local VPC resolve to private IP addresses in the peer VPC. This -// option is not available if the peered VPCs are in different different Amazon -// Web Services accounts or different Regions. For peered VPCs in different -// Amazon Web Services accounts, each Amazon Web Services account owner must -// initiate a separate request to modify the peering connection options. For -// inter-region peering connections, you must use the Region for the requester -// VPC to modify the requester VPC peering options and the Region for the accepter -// VPC to modify the accepter VPC peering options. To verify which VPCs are -// the accepter and the requester for a VPC peering connection, use the DescribeVpcPeeringConnections +// option is not available if the peered VPCs are in different Amazon Web Services +// accounts or different Regions. For peered VPCs in different Amazon Web Services +// accounts, each Amazon Web Services account owner must initiate a separate +// request to modify the peering connection options. For inter-region peering +// connections, you must use the Region for the requester VPC to modify the +// requester VPC peering options and the Region for the accepter VPC to modify +// the accepter VPC peering options. To verify which VPCs are the accepter and +// the requester for a VPC peering connection, use the DescribeVpcPeeringConnections // command. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -47029,7 +50341,7 @@ func (c *EC2) ModifyVpcTenancyRequest(input *ModifyVpcTenancyInput) (req *reques // launch. The tenancy of any existing instances in the VPC is not affected. // // For more information, see Dedicated Instances (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/dedicated-instance.html) -// in the Amazon Elastic Compute Cloud User Guide. +// in the Amazon EC2 User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -47522,6 +50834,8 @@ func (c *EC2) MoveAddressToVpcRequest(input *MoveAddressToVpcInput) (req *reques // MoveAddressToVpc API operation for Amazon Elastic Compute Cloud. // +// This action is deprecated. +// // Moves an Elastic IP address from the EC2-Classic platform to the EC2-VPC // platform. The Elastic IP address must be allocated to your account for more // than 24 hours, and it must not be associated with an instance. After the @@ -47530,10 +50844,6 @@ func (c *EC2) MoveAddressToVpcRequest(input *MoveAddressToVpcInput) (req *reques // You cannot move an Elastic IP address that was originally allocated for use // in the EC2-VPC platform to the EC2-Classic platform. // -// We are retiring EC2-Classic. We recommend that you migrate from EC2-Classic -// to a VPC. For more information, see Migrate from EC2-Classic to a VPC (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-migrate.html) -// in the Amazon Elastic Compute Cloud User Guide. -// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -47605,13 +50915,12 @@ func (c *EC2) MoveByoipCidrToIpamRequest(input *MoveByoipCidrToIpamInput) (req * // MoveByoipCidrToIpam API operation for Amazon Elastic Compute Cloud. // -// Move an BYOIP IPv4 CIDR to IPAM from a public IPv4 pool. +// Move a BYOIPv4 CIDR to IPAM from a public IPv4 pool. // -// If you already have an IPv4 BYOIP CIDR with Amazon Web Services, you can -// move the CIDR to IPAM from a public IPv4 pool. You cannot move an IPv6 CIDR -// to IPAM. If you are bringing a new IP address to Amazon Web Services for -// the first time, complete the steps in Tutorial: BYOIP address CIDRs to IPAM -// (https://docs.aws.amazon.com/vpc/latest/ipam/tutorials-byoip-ipam.html). +// If you already have a BYOIPv4 CIDR with Amazon Web Services, you can move +// the CIDR to IPAM from a public IPv4 pool. You cannot move an IPv6 CIDR to +// IPAM. If you are bringing a new IP address to Amazon Web Services for the +// first time, complete the steps in Tutorial: BYOIP address CIDRs to IPAM (https://docs.aws.amazon.com/vpc/latest/ipam/tutorials-byoip-ipam.html). // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -47731,6 +51040,83 @@ func (c *EC2) ProvisionByoipCidrWithContext(ctx aws.Context, input *ProvisionByo return out, req.Send() } +const opProvisionIpamByoasn = "ProvisionIpamByoasn" + +// ProvisionIpamByoasnRequest generates a "aws/request.Request" representing the +// client's request for the ProvisionIpamByoasn operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See ProvisionIpamByoasn for more information on using the ProvisionIpamByoasn +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the ProvisionIpamByoasnRequest method. +// req, resp := client.ProvisionIpamByoasnRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ProvisionIpamByoasn +func (c *EC2) ProvisionIpamByoasnRequest(input *ProvisionIpamByoasnInput) (req *request.Request, output *ProvisionIpamByoasnOutput) { + op := &request.Operation{ + Name: opProvisionIpamByoasn, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &ProvisionIpamByoasnInput{} + } + + output = &ProvisionIpamByoasnOutput{} + req = c.newRequest(op, input, output) + return +} + +// ProvisionIpamByoasn API operation for Amazon Elastic Compute Cloud. +// +// Provisions your Autonomous System Number (ASN) for use in your Amazon Web +// Services account. This action requires authorization context for Amazon to +// bring the ASN to an Amazon Web Services account. For more information, see +// Tutorial: Bring your ASN to IPAM (https://docs.aws.amazon.com/vpc/latest/ipam/tutorials-byoasn.html) +// in the Amazon VPC IPAM guide. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation ProvisionIpamByoasn for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ProvisionIpamByoasn +func (c *EC2) ProvisionIpamByoasn(input *ProvisionIpamByoasnInput) (*ProvisionIpamByoasnOutput, error) { + req, out := c.ProvisionIpamByoasnRequest(input) + return out, req.Send() +} + +// ProvisionIpamByoasnWithContext is the same as ProvisionIpamByoasn with the addition of +// the ability to pass a context and additional request options. +// +// See ProvisionIpamByoasn for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) ProvisionIpamByoasnWithContext(ctx aws.Context, input *ProvisionIpamByoasnInput, opts ...request.Option) (*ProvisionIpamByoasnOutput, error) { + req, out := c.ProvisionIpamByoasnRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opProvisionIpamPoolCidr = "ProvisionIpamPoolCidr" // ProvisionIpamPoolCidrRequest generates a "aws/request.Request" representing the @@ -47885,6 +51271,81 @@ func (c *EC2) ProvisionPublicIpv4PoolCidrWithContext(ctx aws.Context, input *Pro return out, req.Send() } +const opPurchaseCapacityBlock = "PurchaseCapacityBlock" + +// PurchaseCapacityBlockRequest generates a "aws/request.Request" representing the +// client's request for the PurchaseCapacityBlock operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See PurchaseCapacityBlock for more information on using the PurchaseCapacityBlock +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the PurchaseCapacityBlockRequest method. +// req, resp := client.PurchaseCapacityBlockRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/PurchaseCapacityBlock +func (c *EC2) PurchaseCapacityBlockRequest(input *PurchaseCapacityBlockInput) (req *request.Request, output *PurchaseCapacityBlockOutput) { + op := &request.Operation{ + Name: opPurchaseCapacityBlock, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &PurchaseCapacityBlockInput{} + } + + output = &PurchaseCapacityBlockOutput{} + req = c.newRequest(op, input, output) + return +} + +// PurchaseCapacityBlock API operation for Amazon Elastic Compute Cloud. +// +// Purchase the Capacity Block for use with your account. With Capacity Blocks +// you ensure GPU capacity is available for machine learning (ML) workloads. +// You must specify the ID of the Capacity Block offering you are purchasing. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation PurchaseCapacityBlock for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/PurchaseCapacityBlock +func (c *EC2) PurchaseCapacityBlock(input *PurchaseCapacityBlockInput) (*PurchaseCapacityBlockOutput, error) { + req, out := c.PurchaseCapacityBlockRequest(input) + return out, req.Send() +} + +// PurchaseCapacityBlockWithContext is the same as PurchaseCapacityBlock with the addition of +// the ability to pass a context and additional request options. +// +// See PurchaseCapacityBlock for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) PurchaseCapacityBlockWithContext(ctx aws.Context, input *PurchaseCapacityBlockInput, opts ...request.Option) (*PurchaseCapacityBlockOutput, error) { + req, out := c.PurchaseCapacityBlockRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opPurchaseHostReservation = "PurchaseHostReservation" // PurchaseHostReservationRequest generates a "aws/request.Request" representing the @@ -48018,10 +51479,6 @@ func (c *EC2) PurchaseReservedInstancesOfferingRequest(input *PurchaseReservedIn // and Reserved Instance Marketplace (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ri-market-general.html) // in the Amazon EC2 User Guide. // -// We are retiring EC2-Classic. We recommend that you migrate from EC2-Classic -// to a VPC. For more information, see Migrate from EC2-Classic to a VPC (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-migrate.html) -// in the Amazon Elastic Compute Cloud User Guide. -// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -48261,9 +51718,9 @@ func (c *EC2) RegisterImageRequest(input *RegisterImageInput) (req *request.Requ // RegisterImage API operation for Amazon Elastic Compute Cloud. // -// Registers an AMI. When you're creating an AMI, this is the final step you -// must complete before you can launch an instance from the AMI. For more information -// about creating AMIs, see Create your own AMI (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/creating-an-ami.html) +// Registers an AMI. When you're creating an instance-store backed AMI, registering +// the AMI is the final step in the creation process. For more information about +// creating AMIs, see Create your own AMI (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/creating-an-ami.html) // in the Amazon Elastic Compute Cloud User Guide. // // For Amazon EBS-backed instances, CreateImage creates and registers the AMI @@ -48848,8 +52305,7 @@ func (c *EC2) RejectVpcEndpointConnectionsRequest(input *RejectVpcEndpointConnec // RejectVpcEndpointConnections API operation for Amazon Elastic Compute Cloud. // -// Rejects one or more VPC endpoint connection requests to your VPC endpoint -// service. +// Rejects VPC endpoint connection requests to your VPC endpoint service. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -49002,13 +52458,9 @@ func (c *EC2) ReleaseAddressRequest(input *ReleaseAddressInput) (req *request.Re // // Releases the specified Elastic IP address. // -// [EC2-Classic, default VPC] Releasing an Elastic IP address automatically -// disassociates it from any instance that it's associated with. To disassociate -// an Elastic IP address without releasing it, use DisassociateAddress. -// -// We are retiring EC2-Classic. We recommend that you migrate from EC2-Classic -// to a VPC. For more information, see Migrate from EC2-Classic to a VPC (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-migrate.html) -// in the Amazon Elastic Compute Cloud User Guide. +// [Default VPC] Releasing an Elastic IP address automatically disassociates +// it from any instance that it's associated with. To disassociate an Elastic +// IP address without releasing it, use DisassociateAddress. // // [Nondefault VPC] You must use DisassociateAddress to disassociate the Elastic // IP address before you can release it. Otherwise, Amazon EC2 returns an error @@ -49020,11 +52472,8 @@ func (c *EC2) ReleaseAddressRequest(input *ReleaseAddressInput) (req *request.Re // already released, you'll get an AuthFailure error if the address is already // allocated to another Amazon Web Services account. // -// [EC2-VPC] After you release an Elastic IP address for use in a VPC, you might -// be able to recover it. For more information, see AllocateAddress. -// -// For more information, see Elastic IP Addresses (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/elastic-ip-addresses-eip.html) -// in the Amazon Elastic Compute Cloud User Guide. +// After you release an Elastic IP address, you might be able to recover it. +// For more information, see AllocateAddress. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -49180,13 +52629,18 @@ func (c *EC2) ReleaseIpamPoolAllocationRequest(input *ReleaseIpamPoolAllocationI // ReleaseIpamPoolAllocation API operation for Amazon Elastic Compute Cloud. // -// Release an allocation within an IPAM pool. You can only use this action to -// release manual allocations. To remove an allocation for a resource without -// deleting the resource, set its monitored state to false using ModifyIpamResourceCidr +// Release an allocation within an IPAM pool. The Region you use should be the +// IPAM pool locale. The locale is the Amazon Web Services Region where this +// IPAM pool is available for allocations. You can only use this action to release +// manual allocations. To remove an allocation for a resource without deleting +// the resource, set its monitored state to false using ModifyIpamResourceCidr // (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyIpamResourceCidr.html). -// For more information, see Release an allocation (https://docs.aws.amazon.com/vpc/latest/ipam/release-pool-alloc-ipam.html) +// For more information, see Release an allocation (https://docs.aws.amazon.com/vpc/latest/ipam/release-alloc-ipam.html) // in the Amazon VPC IPAM User Guide. // +// All EC2 API actions follow an eventual consistency (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/query-api-troubleshooting.html#eventual-consistency) +// model. +// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -49338,8 +52792,8 @@ func (c *EC2) ReplaceNetworkAclAssociationRequest(input *ReplaceNetworkAclAssoci // // Changes which network ACL a subnet is associated with. By default when you // create a subnet, it's automatically associated with the default network ACL. -// For more information, see Network ACLs (https://docs.aws.amazon.com/vpc/latest/userguide/VPC_ACLs.html) -// in the Amazon Virtual Private Cloud User Guide. +// For more information, see Network ACLs (https://docs.aws.amazon.com/vpc/latest/userguide/vpc-network-acls.html) +// in the Amazon VPC User Guide. // // This is an idempotent operation. // @@ -49416,8 +52870,8 @@ func (c *EC2) ReplaceNetworkAclEntryRequest(input *ReplaceNetworkAclEntryInput) // ReplaceNetworkAclEntry API operation for Amazon Elastic Compute Cloud. // // Replaces an entry (rule) in a network ACL. For more information, see Network -// ACLs (https://docs.aws.amazon.com/vpc/latest/userguide/VPC_ACLs.html) in -// the Amazon Virtual Private Cloud User Guide. +// ACLs (https://docs.aws.amazon.com/vpc/latest/userguide/vpc-network-acls.html) +// in the Amazon VPC User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -49498,7 +52952,7 @@ func (c *EC2) ReplaceRouteRequest(input *ReplaceRouteInput) (req *request.Reques // reset the local route to its default target. // // For more information, see Route tables (https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Route_Tables.html) -// in the Amazon Virtual Private Cloud User Guide. +// in the Amazon VPC User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -49575,7 +53029,7 @@ func (c *EC2) ReplaceRouteTableAssociationRequest(input *ReplaceRouteTableAssoci // or virtual private gateway in a VPC. After the operation completes, the subnet // or gateway uses the routes in the new route table. For more information about // route tables, see Route tables (https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Route_Tables.html) -// in the Amazon Virtual Private Cloud User Guide. +// in the Amazon VPC User Guide. // // You can also use this operation to change which table is the main route table // in the VPC. Specify the main route table's association ID and the route table @@ -49682,6 +53136,79 @@ func (c *EC2) ReplaceTransitGatewayRouteWithContext(ctx aws.Context, input *Repl return out, req.Send() } +const opReplaceVpnTunnel = "ReplaceVpnTunnel" + +// ReplaceVpnTunnelRequest generates a "aws/request.Request" representing the +// client's request for the ReplaceVpnTunnel operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See ReplaceVpnTunnel for more information on using the ReplaceVpnTunnel +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the ReplaceVpnTunnelRequest method. +// req, resp := client.ReplaceVpnTunnelRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ReplaceVpnTunnel +func (c *EC2) ReplaceVpnTunnelRequest(input *ReplaceVpnTunnelInput) (req *request.Request, output *ReplaceVpnTunnelOutput) { + op := &request.Operation{ + Name: opReplaceVpnTunnel, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &ReplaceVpnTunnelInput{} + } + + output = &ReplaceVpnTunnelOutput{} + req = c.newRequest(op, input, output) + return +} + +// ReplaceVpnTunnel API operation for Amazon Elastic Compute Cloud. +// +// Trigger replacement of specified VPN tunnel. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation ReplaceVpnTunnel for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/ReplaceVpnTunnel +func (c *EC2) ReplaceVpnTunnel(input *ReplaceVpnTunnelInput) (*ReplaceVpnTunnelOutput, error) { + req, out := c.ReplaceVpnTunnelRequest(input) + return out, req.Send() +} + +// ReplaceVpnTunnelWithContext is the same as ReplaceVpnTunnel with the addition of +// the ability to pass a context and additional request options. +// +// See ReplaceVpnTunnel for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) ReplaceVpnTunnelWithContext(ctx aws.Context, input *ReplaceVpnTunnelInput, opts ...request.Option) (*ReplaceVpnTunnelOutput, error) { + req, out := c.ReplaceVpnTunnelRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opReportInstanceStatus = "ReportInstanceStatus" // ReportInstanceStatusRequest generates a "aws/request.Request" representing the @@ -49917,10 +53444,6 @@ func (c *EC2) RequestSpotInstancesRequest(input *RequestSpotInstancesInput) (req // see Which is the best Spot request method to use? (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-best-practices.html#which-spot-request-method-to-use) // in the Amazon EC2 User Guide for Linux Instances. // -// We are retiring EC2-Classic. We recommend that you migrate from EC2-Classic -// to a VPC. For more information, see Migrate from EC2-Classic to a VPC (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-migrate.html) -// in the Amazon EC2 User Guide for Linux Instances. -// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -50072,8 +53595,8 @@ func (c *EC2) ResetEbsDefaultKmsKeyIdRequest(input *ResetEbsDefaultKmsKeyIdInput // After resetting the default KMS key to the Amazon Web Services managed KMS // key, you can continue to encrypt by a customer managed KMS key by specifying // it when you create the volume. For more information, see Amazon EBS encryption -// (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html) -// in the Amazon Elastic Compute Cloud User Guide. +// (https://docs.aws.amazon.com/ebs/latest/userguide/ebs-encryption.html) in +// the Amazon EBS User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -50455,8 +53978,8 @@ func (c *EC2) ResetSnapshotAttributeRequest(input *ResetSnapshotAttributeInput) // Resets permission settings for the specified snapshot. // // For more information about modifying snapshot permissions, see Share a snapshot -// (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-modifying-snapshot-permissions.html) -// in the Amazon Elastic Compute Cloud User Guide. +// (https://docs.aws.amazon.com/ebs/latest/userguide/ebs-modifying-snapshot-permissions.html) +// in the Amazon EBS User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -50529,15 +54052,13 @@ func (c *EC2) RestoreAddressToClassicRequest(input *RestoreAddressToClassicInput // RestoreAddressToClassic API operation for Amazon Elastic Compute Cloud. // +// This action is deprecated. +// // Restores an Elastic IP address that was previously moved to the EC2-VPC platform // back to the EC2-Classic platform. You cannot move an Elastic IP address that // was originally allocated for use in EC2-VPC. The Elastic IP address must // not be associated with an instance or network interface. // -// We are retiring EC2-Classic. We recommend that you migrate from EC2-Classic -// to a VPC. For more information, see Migrate from EC2-Classic to a VPC (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-migrate.html) -// in the Amazon Elastic Compute Cloud User Guide. -// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -50759,8 +54280,8 @@ func (c *EC2) RestoreSnapshotFromRecycleBinRequest(input *RestoreSnapshotFromRec // RestoreSnapshotFromRecycleBin API operation for Amazon Elastic Compute Cloud. // // Restores a snapshot from the Recycle Bin. For more information, see Restore -// snapshots from the Recycle Bin (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/recycle-bin-working-with-snaps.html#recycle-bin-restore-snaps) -// in the Amazon Elastic Compute Cloud User Guide. +// snapshots from the Recycle Bin (https://docs.aws.amazon.com/ebs/latest/userguide/recycle-bin-working-with-snaps.html#recycle-bin-restore-snaps) +// in the Amazon EBS User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -50837,10 +54358,10 @@ func (c *EC2) RestoreSnapshotTierRequest(input *RestoreSnapshotTierInput) (req * // or modifies the restore period or restore type for a snapshot that was previously // temporarily restored. // -// For more information see Restore an archived snapshot (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/working-with-snapshot-archiving.html#restore-archived-snapshot) +// For more information see Restore an archived snapshot (https://docs.aws.amazon.com/ebs/latest/userguide/working-with-snapshot-archiving.html#restore-archived-snapshot) // and modify the restore period or restore type for a temporarily restored -// snapshot (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/working-with-snapshot-archiving.html#modify-temp-restore-period) -// in the Amazon Elastic Compute Cloud User Guide. +// snapshot (https://docs.aws.amazon.com/ebs/latest/userguide/working-with-snapshot-archiving.html#modify-temp-restore-period) +// in the Amazon EBS User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -50986,9 +54507,8 @@ func (c *EC2) RevokeSecurityGroupEgressRequest(input *RevokeSecurityGroupEgressI // RevokeSecurityGroupEgress API operation for Amazon Elastic Compute Cloud. // -// [VPC only] Removes the specified outbound (egress) rules from a security -// group for EC2-VPC. This action does not apply to security groups for use -// in EC2-Classic. +// Removes the specified outbound (egress) rules from the specified security +// group. // // You can specify rules using either rule IDs or security group rule properties. // If you use rule properties, the values that you specify (for example, ports) @@ -50999,7 +54519,7 @@ func (c *EC2) RevokeSecurityGroupEgressRequest(input *RevokeSecurityGroupEgressI // ICMP type and code. If the security group rule has a description, you do // not need to specify the description to revoke the rule. // -// [Default VPC] If the values you specify do not match the existing rule's +// For a default VPC, if the values you specify do not match the existing rule's // values, no error is returned, and the output describes the security group // rules that were not revoked. // @@ -51091,9 +54611,13 @@ func (c *EC2) RevokeSecurityGroupIngressRequest(input *RevokeSecurityGroupIngres // type and code. If the security group rule has a description, you do not need // to specify the description to revoke the rule. // -// [EC2-Classic, default VPC] If the values you specify do not match the existing -// rule's values, no error is returned, and the output describes the security -// group rules that were not revoked. +// For a default VPC, if the values you specify do not match the existing rule's +// values, no error is returned, and the output describes the security group +// rules that were not revoked. +// +// For a non-default VPC, if the values you specify do not match the existing +// rule's values, an InvalidPermission.NotFound client error is returned, and +// no rules are revoked. // // Amazon Web Services recommends that you describe the security group to verify // that the rules were removed. @@ -51101,10 +54625,6 @@ func (c *EC2) RevokeSecurityGroupIngressRequest(input *RevokeSecurityGroupIngres // Rule changes are propagated to instances within the security group as quickly // as possible. However, a small delay might occur. // -// We are retiring EC2-Classic. We recommend that you migrate from EC2-Classic -// to a VPC. For more information, see Migrate from EC2-Classic to a VPC (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-migrate.html) -// in the Amazon Elastic Compute Cloud User Guide. -// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -51182,20 +54702,13 @@ func (c *EC2) RunInstancesRequest(input *RunInstancesInput) (req *request.Reques // You can specify a number of options, or leave the default options. The following // rules apply: // -// - [EC2-VPC] If you don't specify a subnet ID, we choose a default subnet -// from your default VPC for you. If you don't have a default VPC, you must -// specify a subnet ID in the request. -// -// - [EC2-Classic] If don't specify an Availability Zone, we choose one for -// you. -// -// - Some instance types must be launched into a VPC. If you do not have -// a default VPC, or if you do not specify a subnet ID, the request fails. -// For more information, see Instance types available only in a VPC (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-vpc.html#vpc-only-instance-types). +// - If you don't specify a subnet ID, we choose a default subnet from your +// default VPC for you. If you don't have a default VPC, you must specify +// a subnet ID in the request. // -// - [EC2-VPC] All instances have a network interface with a primary private -// IPv4 address. If you don't specify this address, we choose one from the -// IPv4 range of your subnet. +// - All instances have a network interface with a primary private IPv4 address. +// If you don't specify this address, we choose one from the IPv4 range of +// your subnet. // // - Not all instance types support IPv6 addresses. For more information, // see Instance types (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html). @@ -51229,10 +54742,6 @@ func (c *EC2) RunInstancesRequest(input *RunInstancesInput) (req *request.Reques // (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_InstanceStraightToTerminated.html), // and Troubleshooting connecting to your instance (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/TroubleshootingInstancesConnecting.html). // -// We are retiring EC2-Classic. We recommend that you migrate from EC2-Classic -// to a VPC. For more information, see Migrate from EC2-Classic to a VPC (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-migrate.html) -// in the Amazon EC2 User Guide. -// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -51829,7 +55338,7 @@ func (c *EC2) StartInstancesRequest(input *StartInstancesInput) (req *request.Re // Performing this operation on an instance that uses an instance store as its // root device returns an error. // -// If you attempt to start a T3 instance with host tenancy and the unlimted +// If you attempt to start a T3 instance with host tenancy and the unlimited // CPU credit option, the request fails. The unlimited CPU credit option is // not supported on Dedicated Hosts. Before you start the instance, either change // its CPU credit option to standard, or change its tenancy to default or dedicated. @@ -52140,8 +55649,8 @@ func (c *EC2) StopInstancesRequest(input *StopInstancesInput) (req *request.Requ // in the Amazon EC2 User Guide. // // You can use the Stop action to hibernate an instance if the instance is enabled -// for hibernation (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html#enabling-hibernation) -// and it meets the hibernation prerequisites (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html#hibernating-prerequisites). +// for hibernation (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/enabling-hibernation.html) +// and it meets the hibernation prerequisites (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/hibernating-prerequisites.html). // For more information, see Hibernate your instance (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html) // in the Amazon EC2 User Guide. // @@ -52558,6 +56067,167 @@ func (c *EC2) UnassignPrivateIpAddressesWithContext(ctx aws.Context, input *Unas return out, req.Send() } +const opUnassignPrivateNatGatewayAddress = "UnassignPrivateNatGatewayAddress" + +// UnassignPrivateNatGatewayAddressRequest generates a "aws/request.Request" representing the +// client's request for the UnassignPrivateNatGatewayAddress operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See UnassignPrivateNatGatewayAddress for more information on using the UnassignPrivateNatGatewayAddress +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the UnassignPrivateNatGatewayAddressRequest method. +// req, resp := client.UnassignPrivateNatGatewayAddressRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/UnassignPrivateNatGatewayAddress +func (c *EC2) UnassignPrivateNatGatewayAddressRequest(input *UnassignPrivateNatGatewayAddressInput) (req *request.Request, output *UnassignPrivateNatGatewayAddressOutput) { + op := &request.Operation{ + Name: opUnassignPrivateNatGatewayAddress, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &UnassignPrivateNatGatewayAddressInput{} + } + + output = &UnassignPrivateNatGatewayAddressOutput{} + req = c.newRequest(op, input, output) + return +} + +// UnassignPrivateNatGatewayAddress API operation for Amazon Elastic Compute Cloud. +// +// Unassigns secondary private IPv4 addresses from a private NAT gateway. You +// cannot unassign your primary private IP. For more information, see Edit secondary +// IP address associations (https://docs.aws.amazon.com/vpc/latest/userguide/vpc-nat-gateway.html#nat-gateway-edit-secondary) +// in the Amazon VPC User Guide. +// +// While unassigning is in progress, you cannot assign/unassign additional IP +// addresses while the connections are being drained. You are, however, allowed +// to delete the NAT gateway. +// +// A private IP address will only be released at the end of MaxDrainDurationSeconds. +// The private IP addresses stay associated and support the existing connections, +// but do not support any new connections (new connections are distributed across +// the remaining assigned private IP address). After the existing connections +// drain out, the private IP addresses are released. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation UnassignPrivateNatGatewayAddress for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/UnassignPrivateNatGatewayAddress +func (c *EC2) UnassignPrivateNatGatewayAddress(input *UnassignPrivateNatGatewayAddressInput) (*UnassignPrivateNatGatewayAddressOutput, error) { + req, out := c.UnassignPrivateNatGatewayAddressRequest(input) + return out, req.Send() +} + +// UnassignPrivateNatGatewayAddressWithContext is the same as UnassignPrivateNatGatewayAddress with the addition of +// the ability to pass a context and additional request options. +// +// See UnassignPrivateNatGatewayAddress for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) UnassignPrivateNatGatewayAddressWithContext(ctx aws.Context, input *UnassignPrivateNatGatewayAddressInput, opts ...request.Option) (*UnassignPrivateNatGatewayAddressOutput, error) { + req, out := c.UnassignPrivateNatGatewayAddressRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opUnlockSnapshot = "UnlockSnapshot" + +// UnlockSnapshotRequest generates a "aws/request.Request" representing the +// client's request for the UnlockSnapshot operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See UnlockSnapshot for more information on using the UnlockSnapshot +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the UnlockSnapshotRequest method. +// req, resp := client.UnlockSnapshotRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/UnlockSnapshot +func (c *EC2) UnlockSnapshotRequest(input *UnlockSnapshotInput) (req *request.Request, output *UnlockSnapshotOutput) { + op := &request.Operation{ + Name: opUnlockSnapshot, + HTTPMethod: "POST", + HTTPPath: "/", + } + + if input == nil { + input = &UnlockSnapshotInput{} + } + + output = &UnlockSnapshotOutput{} + req = c.newRequest(op, input, output) + return +} + +// UnlockSnapshot API operation for Amazon Elastic Compute Cloud. +// +// Unlocks a snapshot that is locked in governance mode or that is locked in +// compliance mode but still in the cooling-off period. You can't unlock a snapshot +// that is locked in compliance mode after the cooling-off period has expired. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Elastic Compute Cloud's +// API operation UnlockSnapshot for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15/UnlockSnapshot +func (c *EC2) UnlockSnapshot(input *UnlockSnapshotInput) (*UnlockSnapshotOutput, error) { + req, out := c.UnlockSnapshotRequest(input) + return out, req.Send() +} + +// UnlockSnapshotWithContext is the same as UnlockSnapshot with the addition of +// the ability to pass a context and additional request options. +// +// See UnlockSnapshot for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) UnlockSnapshotWithContext(ctx aws.Context, input *UnlockSnapshotInput, opts ...request.Option) (*UnlockSnapshotOutput, error) { + req, out := c.UnlockSnapshotRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opUnmonitorInstances = "UnmonitorInstances" // UnmonitorInstancesRequest generates a "aws/request.Request" representing the @@ -52676,10 +56346,10 @@ func (c *EC2) UpdateSecurityGroupRuleDescriptionsEgressRequest(input *UpdateSecu // UpdateSecurityGroupRuleDescriptionsEgress API operation for Amazon Elastic Compute Cloud. // -// [VPC only] Updates the description of an egress (outbound) security group -// rule. You can replace an existing description, or add a description to a -// rule that did not have one previously. You can remove a description for a -// security group rule by omitting the description parameter in the request. +// Updates the description of an egress (outbound) security group rule. You +// can replace an existing description, or add a description to a rule that +// did not have one previously. You can remove a description for a security +// group rule by omitting the description parameter in the request. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -53537,7 +57207,7 @@ type AcceptVpcEndpointConnectionsInput struct { // ServiceId is a required field ServiceId *string `type:"string" required:"true"` - // The IDs of one or more interface VPC endpoints. + // The IDs of the interface VPC endpoints. // // VpcEndpointIds is a required field VpcEndpointIds []*string `locationName:"VpcEndpointId" locationNameList:"item" type:"list" required:"true"` @@ -53637,7 +57307,9 @@ type AcceptVpcPeeringConnectionInput struct { // The ID of the VPC peering connection. You must specify this parameter in // the request. - VpcPeeringConnectionId *string `locationName:"vpcPeeringConnectionId" type:"string"` + // + // VpcPeeringConnectionId is a required field + VpcPeeringConnectionId *string `locationName:"vpcPeeringConnectionId" type:"string" required:"true"` } // String returns the string representation. @@ -53658,6 +57330,19 @@ func (s AcceptVpcPeeringConnectionInput) GoString() string { return s.String() } +// Validate inspects the fields of the type to determine if they are valid. +func (s *AcceptVpcPeeringConnectionInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "AcceptVpcPeeringConnectionInput"} + if s.VpcPeeringConnectionId == nil { + invalidParams.Add(request.NewErrParamRequired("VpcPeeringConnectionId")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + // SetDryRun sets the DryRun field's value. func (s *AcceptVpcPeeringConnectionInput) SetDryRun(v bool) *AcceptVpcPeeringConnectionInput { s.DryRun = &v @@ -54149,15 +57834,34 @@ func (s *AddedPrincipal) SetServicePermissionId(v string) *AddedPrincipal { return s } -// Describes an additional detail for a path analysis. +// Describes an additional detail for a path analysis. For more information, +// see Reachability Analyzer additional detail codes (https://docs.aws.amazon.com/vpc/latest/reachability/additional-detail-codes.html). type AdditionalDetail struct { _ struct{} `type:"structure"` - // The information type. + // The additional detail code. AdditionalDetailType *string `locationName:"additionalDetailType" type:"string"` // The path component. Component *AnalysisComponent `locationName:"component" type:"structure"` + + // The load balancers. + LoadBalancers []*AnalysisComponent `locationName:"loadBalancerSet" locationNameList:"item" type:"list"` + + // The rule options. + RuleGroupRuleOptionsPairs []*RuleGroupRuleOptionsPair `locationName:"ruleGroupRuleOptionsPairSet" locationNameList:"item" type:"list"` + + // The rule group type. + RuleGroupTypePairs []*RuleGroupTypePair `locationName:"ruleGroupTypePairSet" locationNameList:"item" type:"list"` + + // The rule options. + RuleOptions []*RuleOption `locationName:"ruleOptionSet" locationNameList:"item" type:"list"` + + // The name of the VPC endpoint service. + ServiceName *string `locationName:"serviceName" type:"string"` + + // The VPC endpoint service. + VpcEndpointService *AnalysisComponent `locationName:"vpcEndpointService" type:"structure"` } // String returns the string representation. @@ -54190,15 +57894,50 @@ func (s *AdditionalDetail) SetComponent(v *AnalysisComponent) *AdditionalDetail return s } +// SetLoadBalancers sets the LoadBalancers field's value. +func (s *AdditionalDetail) SetLoadBalancers(v []*AnalysisComponent) *AdditionalDetail { + s.LoadBalancers = v + return s +} + +// SetRuleGroupRuleOptionsPairs sets the RuleGroupRuleOptionsPairs field's value. +func (s *AdditionalDetail) SetRuleGroupRuleOptionsPairs(v []*RuleGroupRuleOptionsPair) *AdditionalDetail { + s.RuleGroupRuleOptionsPairs = v + return s +} + +// SetRuleGroupTypePairs sets the RuleGroupTypePairs field's value. +func (s *AdditionalDetail) SetRuleGroupTypePairs(v []*RuleGroupTypePair) *AdditionalDetail { + s.RuleGroupTypePairs = v + return s +} + +// SetRuleOptions sets the RuleOptions field's value. +func (s *AdditionalDetail) SetRuleOptions(v []*RuleOption) *AdditionalDetail { + s.RuleOptions = v + return s +} + +// SetServiceName sets the ServiceName field's value. +func (s *AdditionalDetail) SetServiceName(v string) *AdditionalDetail { + s.ServiceName = &v + return s +} + +// SetVpcEndpointService sets the VpcEndpointService field's value. +func (s *AdditionalDetail) SetVpcEndpointService(v *AnalysisComponent) *AdditionalDetail { + s.VpcEndpointService = v + return s +} + // Describes an Elastic IP address, or a carrier IP address. type Address struct { _ struct{} `type:"structure"` - // The ID representing the allocation of the address for use with EC2-VPC. + // The ID representing the allocation of the address. AllocationId *string `locationName:"allocationId" type:"string"` - // The ID representing the association of the address with an instance in a - // VPC. + // The ID representing the association of the address with an instance. AssociationId *string `locationName:"associationId" type:"string"` // The carrier IP address associated. This option is only available for network @@ -54212,8 +57951,7 @@ type Address struct { // The ID of the customer-owned address pool. CustomerOwnedIpv4Pool *string `locationName:"customerOwnedIpv4Pool" type:"string"` - // Indicates whether this Elastic IP address is for use with instances in EC2-Classic - // (standard) or instances in a VPC (vpc). + // The network (vpc). Domain *string `locationName:"domain" type:"string" enum:"DomainType"` // The ID of the instance that the address is associated with (if any). @@ -54488,6 +58226,9 @@ func (s *AddressTransfer) SetTransferOfferExpirationTimestamp(v time.Time) *Addr type AdvertiseByoipCidrInput struct { _ struct{} `type:"structure"` + // The public 2-byte or 4-byte ASN that you want to advertise. + Asn *string `type:"string"` + // The address range, in CIDR notation. This must be the exact range that you // provisioned. You can't advertise only a portion of the provisioned range. // @@ -54499,6 +58240,25 @@ type AdvertiseByoipCidrInput struct { // the required permissions, the error response is DryRunOperation. Otherwise, // it is UnauthorizedOperation. DryRun *bool `type:"boolean"` + + // If you have Local Zones (https://docs.aws.amazon.com/local-zones/latest/ug/how-local-zones-work.html) + // enabled, you can choose a network border group for Local Zones when you provision + // and advertise a BYOIPv4 CIDR. Choose the network border group carefully as + // the EIP and the Amazon Web Services resource it is associated with must reside + // in the same network border group. + // + // You can provision BYOIP address ranges to and advertise them in the following + // Local Zone network border groups: + // + // * us-east-1-dfw-2 + // + // * us-west-2-lax-1 + // + // * us-west-2-phx-2 + // + // You cannot provision or advertise BYOIPv6 address ranges in Local Zones at + // this time. + NetworkBorderGroup *string `type:"string"` } // String returns the string representation. @@ -54532,6 +58292,12 @@ func (s *AdvertiseByoipCidrInput) Validate() error { return nil } +// SetAsn sets the Asn field's value. +func (s *AdvertiseByoipCidrInput) SetAsn(v string) *AdvertiseByoipCidrInput { + s.Asn = &v + return s +} + // SetCidr sets the Cidr field's value. func (s *AdvertiseByoipCidrInput) SetCidr(v string) *AdvertiseByoipCidrInput { s.Cidr = &v @@ -54544,6 +58310,12 @@ func (s *AdvertiseByoipCidrInput) SetDryRun(v bool) *AdvertiseByoipCidrInput { return s } +// SetNetworkBorderGroup sets the NetworkBorderGroup field's value. +func (s *AdvertiseByoipCidrInput) SetNetworkBorderGroup(v string) *AdvertiseByoipCidrInput { + s.NetworkBorderGroup = &v + return s +} + type AdvertiseByoipCidrOutput struct { _ struct{} `type:"structure"` @@ -54578,8 +58350,7 @@ func (s *AdvertiseByoipCidrOutput) SetByoipCidr(v *ByoipCidr) *AdvertiseByoipCid type AllocateAddressInput struct { _ struct{} `type:"structure"` - // [EC2-VPC] The Elastic IP address to recover or an IPv4 address from an address - // pool. + // The Elastic IP address to recover or an IPv4 address from an address pool. Address *string `type:"string"` // The ID of a customer-owned address pool. Use this parameter to let Amazon @@ -54587,11 +58358,7 @@ type AllocateAddressInput struct { // address from the address pool. CustomerOwnedIpv4Pool *string `type:"string"` - // Indicates whether the Elastic IP address is for use with instances in a VPC - // or instances in EC2-Classic. - // - // Default: If the Region supports EC2-Classic, the default is standard. Otherwise, - // the default is vpc. + // The network (vpc). Domain *string `type:"string" enum:"DomainType"` // Checks whether you have the required permissions for the action, without @@ -54607,9 +58374,6 @@ type AllocateAddressInput struct { // // Use DescribeAvailabilityZones (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeAvailabilityZones.html) // to view the network border groups. - // - // You cannot use a network border group with EC2 Classic. If you attempt this - // operation on EC2 Classic, you receive an InvalidParameterCombination error. NetworkBorderGroup *string `type:"string"` // The ID of an address pool that you own. Use this parameter to let Amazon @@ -54684,12 +58448,11 @@ func (s *AllocateAddressInput) SetTagSpecifications(v []*TagSpecification) *Allo type AllocateAddressOutput struct { _ struct{} `type:"structure"` - // [EC2-VPC] The ID that Amazon Web Services assigns to represent the allocation - // of the Elastic IP address for use with instances in a VPC. + // The ID that represents the allocation of the Elastic IP address. AllocationId *string `locationName:"allocationId" type:"string"` // The carrier IP address. This option is only available for network interfaces - // which reside in a subnet in a Wavelength Zone (for example an EC2 instance). + // that reside in a subnet in a Wavelength Zone. CarrierIp *string `locationName:"carrierIp" type:"string"` // The customer-owned IP address. @@ -54698,8 +58461,7 @@ type AllocateAddressOutput struct { // The ID of the customer-owned address pool. CustomerOwnedIpv4Pool *string `locationName:"customerOwnedIpv4Pool" type:"string"` - // Indicates whether the Elastic IP address is for use with instances in a VPC - // (vpc) or instances in EC2-Classic (standard). + // The network (vpc). Domain *string `locationName:"domain" type:"string" enum:"DomainType"` // The set of Availability Zones, Local Zones, or Wavelength Zones from which @@ -54782,6 +58544,19 @@ func (s *AllocateAddressOutput) SetPublicIpv4Pool(v string) *AllocateAddressOutp type AllocateHostsInput struct { _ struct{} `type:"structure"` + // The IDs of the Outpost hardware assets on which to allocate the Dedicated + // Hosts. Targeting specific hardware assets on an Outpost can help to minimize + // latency between your workloads. This parameter is supported only if you specify + // OutpostArn. If you are allocating the Dedicated Hosts in a Region, omit this + // parameter. + // + // * If you specify this parameter, you can omit Quantity. In this case, + // Amazon EC2 allocates a Dedicated Host on each specified hardware asset. + // + // * If you specify both AssetIds and Quantity, then the value for Quantity + // must be equal to the number of asset IDs specified. + AssetIds []*string `locationName:"AssetId" type:"list"` + // Indicates whether the host accepts any untargeted instance launches that // match its instance type configuration, or if it only accepts Host tenancy // instance launches that specify its unique host ID. For more information, @@ -54800,6 +58575,11 @@ type AllocateHostsInput struct { // of the request. For more information, see Ensuring Idempotency (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html). ClientToken *string `locationName:"clientToken" type:"string"` + // Indicates whether to enable or disable host maintenance for the Dedicated + // Host. For more information, see Host maintenance (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/dedicated-hosts-maintenance.html) + // in the Amazon EC2 User Guide. + HostMaintenance *string `type:"string" enum:"HostMaintenance"` + // Indicates whether to enable or disable host recovery for the Dedicated Host. // Host recovery is disabled by default. For more information, see Host recovery // (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/dedicated-hosts-recovery.html) @@ -54827,13 +58607,19 @@ type AllocateHostsInput struct { InstanceType *string `locationName:"instanceType" type:"string"` // The Amazon Resource Name (ARN) of the Amazon Web Services Outpost on which - // to allocate the Dedicated Host. + // to allocate the Dedicated Host. If you specify OutpostArn, you can optionally + // specify AssetIds. + // + // If you are allocating the Dedicated Host in a Region, omit this parameter. OutpostArn *string `type:"string"` // The number of Dedicated Hosts to allocate to your account with these parameters. - // - // Quantity is a required field - Quantity *int64 `locationName:"quantity" type:"integer" required:"true"` + // If you are allocating the Dedicated Hosts on an Outpost, and you specify + // AssetIds, you can omit this parameter. In this case, Amazon EC2 allocates + // a Dedicated Host on each specified hardware asset. If you specify both AssetIds + // and Quantity, then the value that you specify for Quantity must be equal + // to the number of asset IDs specified. + Quantity *int64 `locationName:"quantity" type:"integer"` // The tags to apply to the Dedicated Host during creation. TagSpecifications []*TagSpecification `locationName:"TagSpecification" locationNameList:"item" type:"list"` @@ -54863,9 +58649,6 @@ func (s *AllocateHostsInput) Validate() error { if s.AvailabilityZone == nil { invalidParams.Add(request.NewErrParamRequired("AvailabilityZone")) } - if s.Quantity == nil { - invalidParams.Add(request.NewErrParamRequired("Quantity")) - } if invalidParams.Len() > 0 { return invalidParams @@ -54873,6 +58656,12 @@ func (s *AllocateHostsInput) Validate() error { return nil } +// SetAssetIds sets the AssetIds field's value. +func (s *AllocateHostsInput) SetAssetIds(v []*string) *AllocateHostsInput { + s.AssetIds = v + return s +} + // SetAutoPlacement sets the AutoPlacement field's value. func (s *AllocateHostsInput) SetAutoPlacement(v string) *AllocateHostsInput { s.AutoPlacement = &v @@ -54891,6 +58680,12 @@ func (s *AllocateHostsInput) SetClientToken(v string) *AllocateHostsInput { return s } +// SetHostMaintenance sets the HostMaintenance field's value. +func (s *AllocateHostsInput) SetHostMaintenance(v string) *AllocateHostsInput { + s.HostMaintenance = &v + return s +} + // SetHostRecovery sets the HostRecovery field's value. func (s *AllocateHostsInput) SetHostRecovery(v string) *AllocateHostsInput { s.HostRecovery = &v @@ -54963,6 +58758,10 @@ func (s *AllocateHostsOutput) SetHostIds(v []*string) *AllocateHostsOutput { type AllocateIpamPoolCidrInput struct { _ struct{} `type:"structure"` + // Include a particular CIDR range that can be returned by the pool. Allowed + // CIDRs are only allowed if using netmask length for allocation. + AllowedCidrs []*string `locationName:"AllowedCidr" locationNameList:"item" type:"list"` + // The CIDR you would like to allocate from the IPAM pool. Note the following: // // * If there is no DefaultNetmaskLength allocation rule set on the pool, @@ -55046,6 +58845,12 @@ func (s *AllocateIpamPoolCidrInput) Validate() error { return nil } +// SetAllowedCidrs sets the AllowedCidrs field's value. +func (s *AllocateIpamPoolCidrInput) SetAllowedCidrs(v []*string) *AllocateIpamPoolCidrInput { + s.AllowedCidrs = v + return s +} + // SetCidr sets the Cidr field's value. func (s *AllocateIpamPoolCidrInput) SetCidr(v string) *AllocateIpamPoolCidrInput { s.Cidr = &v @@ -55535,6 +59340,12 @@ func (s *AnalysisPacketHeader) SetSourcePortRanges(v []*PortRange) *AnalysisPack type AnalysisRouteTableRoute struct { _ struct{} `type:"structure"` + // The ID of a carrier gateway. + CarrierGatewayId *string `locationName:"carrierGatewayId" type:"string"` + + // The Amazon Resource Name (ARN) of a core network. + CoreNetworkArn *string `locationName:"coreNetworkArn" min:"1" type:"string"` + // The destination IPv4 address, in CIDR notation. DestinationCidr *string `locationName:"destinationCidr" type:"string"` @@ -55550,6 +59361,9 @@ type AnalysisRouteTableRoute struct { // The ID of the instance, such as a NAT instance. InstanceId *string `locationName:"instanceId" type:"string"` + // The ID of a local gateway. + LocalGatewayId *string `locationName:"localGatewayId" type:"string"` + // The ID of a NAT gateway. NatGatewayId *string `locationName:"natGatewayId" type:"string"` @@ -55598,6 +59412,18 @@ func (s AnalysisRouteTableRoute) GoString() string { return s.String() } +// SetCarrierGatewayId sets the CarrierGatewayId field's value. +func (s *AnalysisRouteTableRoute) SetCarrierGatewayId(v string) *AnalysisRouteTableRoute { + s.CarrierGatewayId = &v + return s +} + +// SetCoreNetworkArn sets the CoreNetworkArn field's value. +func (s *AnalysisRouteTableRoute) SetCoreNetworkArn(v string) *AnalysisRouteTableRoute { + s.CoreNetworkArn = &v + return s +} + // SetDestinationCidr sets the DestinationCidr field's value. func (s *AnalysisRouteTableRoute) SetDestinationCidr(v string) *AnalysisRouteTableRoute { s.DestinationCidr = &v @@ -55628,6 +59454,12 @@ func (s *AnalysisRouteTableRoute) SetInstanceId(v string) *AnalysisRouteTableRou return s } +// SetLocalGatewayId sets the LocalGatewayId field's value. +func (s *AnalysisRouteTableRoute) SetLocalGatewayId(v string) *AnalysisRouteTableRoute { + s.LocalGatewayId = &v + return s +} + // SetNatGatewayId sets the NatGatewayId field's value. func (s *AnalysisRouteTableRoute) SetNatGatewayId(v string) *AnalysisRouteTableRoute { s.NatGatewayId = &v @@ -55863,6 +59695,130 @@ func (s *ApplySecurityGroupsToClientVpnTargetNetworkOutput) SetSecurityGroupIds( return s } +// An Autonomous System Number (ASN) and BYOIP CIDR association. +type AsnAssociation struct { + _ struct{} `type:"structure"` + + // The association's ASN. + Asn *string `locationName:"asn" type:"string"` + + // The association's CIDR. + Cidr *string `locationName:"cidr" type:"string"` + + // The association's state. + State *string `locationName:"state" type:"string" enum:"AsnAssociationState"` + + // The association's status message. + StatusMessage *string `locationName:"statusMessage" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s AsnAssociation) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s AsnAssociation) GoString() string { + return s.String() +} + +// SetAsn sets the Asn field's value. +func (s *AsnAssociation) SetAsn(v string) *AsnAssociation { + s.Asn = &v + return s +} + +// SetCidr sets the Cidr field's value. +func (s *AsnAssociation) SetCidr(v string) *AsnAssociation { + s.Cidr = &v + return s +} + +// SetState sets the State field's value. +func (s *AsnAssociation) SetState(v string) *AsnAssociation { + s.State = &v + return s +} + +// SetStatusMessage sets the StatusMessage field's value. +func (s *AsnAssociation) SetStatusMessage(v string) *AsnAssociation { + s.StatusMessage = &v + return s +} + +// Provides authorization for Amazon to bring an Autonomous System Number (ASN) +// to a specific Amazon Web Services account using bring your own ASN (BYOASN). +// For details on the format of the message and signature, see Tutorial: Bring +// your ASN to IPAM (https://docs.aws.amazon.com/vpc/latest/ipam/tutorials-byoasn.html) +// in the Amazon VPC IPAM guide. +type AsnAuthorizationContext struct { + _ struct{} `type:"structure"` + + // The authorization context's message. + // + // Message is a required field + Message *string `type:"string" required:"true"` + + // The authorization context's signature. + // + // Signature is a required field + Signature *string `type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s AsnAuthorizationContext) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s AsnAuthorizationContext) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *AsnAuthorizationContext) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "AsnAuthorizationContext"} + if s.Message == nil { + invalidParams.Add(request.NewErrParamRequired("Message")) + } + if s.Signature == nil { + invalidParams.Add(request.NewErrParamRequired("Signature")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetMessage sets the Message field's value. +func (s *AsnAuthorizationContext) SetMessage(v string) *AsnAuthorizationContext { + s.Message = &v + return s +} + +// SetSignature sets the Signature field's value. +func (s *AsnAuthorizationContext) SetSignature(v string) *AsnAuthorizationContext { + s.Signature = &v + return s +} + type AssignIpv6AddressesInput struct { _ struct{} `type:"structure"` @@ -56154,6 +60110,126 @@ func (s *AssignPrivateIpAddressesOutput) SetNetworkInterfaceId(v string) *Assign return s } +type AssignPrivateNatGatewayAddressInput struct { + _ struct{} `type:"structure"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The ID of the NAT gateway. + // + // NatGatewayId is a required field + NatGatewayId *string `type:"string" required:"true"` + + // The number of private IP addresses to assign to the NAT gateway. You can't + // specify this parameter when also specifying private IP addresses. + PrivateIpAddressCount *int64 `min:"1" type:"integer"` + + // The private IPv4 addresses you want to assign to the private NAT gateway. + PrivateIpAddresses []*string `locationName:"PrivateIpAddress" locationNameList:"item" type:"list"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s AssignPrivateNatGatewayAddressInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s AssignPrivateNatGatewayAddressInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *AssignPrivateNatGatewayAddressInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "AssignPrivateNatGatewayAddressInput"} + if s.NatGatewayId == nil { + invalidParams.Add(request.NewErrParamRequired("NatGatewayId")) + } + if s.PrivateIpAddressCount != nil && *s.PrivateIpAddressCount < 1 { + invalidParams.Add(request.NewErrParamMinValue("PrivateIpAddressCount", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDryRun sets the DryRun field's value. +func (s *AssignPrivateNatGatewayAddressInput) SetDryRun(v bool) *AssignPrivateNatGatewayAddressInput { + s.DryRun = &v + return s +} + +// SetNatGatewayId sets the NatGatewayId field's value. +func (s *AssignPrivateNatGatewayAddressInput) SetNatGatewayId(v string) *AssignPrivateNatGatewayAddressInput { + s.NatGatewayId = &v + return s +} + +// SetPrivateIpAddressCount sets the PrivateIpAddressCount field's value. +func (s *AssignPrivateNatGatewayAddressInput) SetPrivateIpAddressCount(v int64) *AssignPrivateNatGatewayAddressInput { + s.PrivateIpAddressCount = &v + return s +} + +// SetPrivateIpAddresses sets the PrivateIpAddresses field's value. +func (s *AssignPrivateNatGatewayAddressInput) SetPrivateIpAddresses(v []*string) *AssignPrivateNatGatewayAddressInput { + s.PrivateIpAddresses = v + return s +} + +type AssignPrivateNatGatewayAddressOutput struct { + _ struct{} `type:"structure"` + + // NAT gateway IP addresses. + NatGatewayAddresses []*NatGatewayAddress `locationName:"natGatewayAddressSet" locationNameList:"item" type:"list"` + + // The ID of the NAT gateway. + NatGatewayId *string `locationName:"natGatewayId" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s AssignPrivateNatGatewayAddressOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s AssignPrivateNatGatewayAddressOutput) GoString() string { + return s.String() +} + +// SetNatGatewayAddresses sets the NatGatewayAddresses field's value. +func (s *AssignPrivateNatGatewayAddressOutput) SetNatGatewayAddresses(v []*NatGatewayAddress) *AssignPrivateNatGatewayAddressOutput { + s.NatGatewayAddresses = v + return s +} + +// SetNatGatewayId sets the NatGatewayId field's value. +func (s *AssignPrivateNatGatewayAddressOutput) SetNatGatewayId(v string) *AssignPrivateNatGatewayAddressOutput { + s.NatGatewayId = &v + return s +} + // Describes the private IP addresses assigned to a network interface. type AssignedPrivateIpAddress struct { _ struct{} `type:"structure"` @@ -56189,15 +60265,11 @@ func (s *AssignedPrivateIpAddress) SetPrivateIpAddress(v string) *AssignedPrivat type AssociateAddressInput struct { _ struct{} `type:"structure"` - // [EC2-VPC] The allocation ID. This is required for EC2-VPC. + // The allocation ID. This is required. AllocationId *string `type:"string"` - // [EC2-VPC] For a VPC in an EC2-Classic account, specify true to allow an Elastic - // IP address that is already associated with an instance or network interface - // to be reassociated with the specified instance or network interface. Otherwise, - // the operation fails. In a VPC in an EC2-VPC-only account, reassociation is - // automatic, therefore you can specify false to ensure the operation fails - // if the Elastic IP address is already associated with another resource. + // Reassociation is automatic, but you can specify false to ensure the operation + // fails if the Elastic IP address is already associated with another resource. AllowReassociation *bool `locationName:"allowReassociation" type:"boolean"` // Checks whether you have the required permissions for the action, without @@ -56207,25 +60279,23 @@ type AssociateAddressInput struct { DryRun *bool `locationName:"dryRun" type:"boolean"` // The ID of the instance. The instance must have exactly one attached network - // interface. For EC2-VPC, you can specify either the instance ID or the network - // interface ID, but not both. For EC2-Classic, you must specify an instance - // ID and the instance must be in the running state. + // interface. You can specify either the instance ID or the network interface + // ID, but not both. InstanceId *string `type:"string"` - // [EC2-VPC] The ID of the network interface. If the instance has more than - // one network interface, you must specify a network interface ID. + // The ID of the network interface. If the instance has more than one network + // interface, you must specify a network interface ID. // - // For EC2-VPC, you can specify either the instance ID or the network interface - // ID, but not both. + // You can specify either the instance ID or the network interface ID, but not + // both. NetworkInterfaceId *string `locationName:"networkInterfaceId" type:"string"` - // [EC2-VPC] The primary or secondary private IP address to associate with the - // Elastic IP address. If no private IP address is specified, the Elastic IP - // address is associated with the primary private IP address. + // The primary or secondary private IP address to associate with the Elastic + // IP address. If no private IP address is specified, the Elastic IP address + // is associated with the primary private IP address. PrivateIpAddress *string `locationName:"privateIpAddress" type:"string"` - // [EC2-Classic] The Elastic IP address to associate with the instance. This - // is required for EC2-Classic. + // Deprecated. PublicIp *string `type:"string"` } @@ -56292,8 +60362,8 @@ func (s *AssociateAddressInput) SetPublicIp(v string) *AssociateAddressInput { type AssociateAddressOutput struct { _ struct{} `type:"structure"` - // [EC2-VPC] The ID that represents the association of the Elastic IP address - // with an instance. + // The ID that represents the association of the Elastic IP address with an + // instance. AssociationId *string `locationName:"associationId" type:"string"` } @@ -56542,7 +60612,9 @@ type AssociateEnclaveCertificateIamRoleInput struct { _ struct{} `type:"structure"` // The ARN of the ACM certificate with which to associate the IAM role. - CertificateArn *string `min:"1" type:"string"` + // + // CertificateArn is a required field + CertificateArn *string `type:"string" required:"true"` // Checks whether you have the required permissions for the action, without // actually making the request, and provides an error response. If you have @@ -56552,7 +60624,9 @@ type AssociateEnclaveCertificateIamRoleInput struct { // The ARN of the IAM role to associate with the ACM certificate. You can associate // up to 16 IAM roles with an ACM certificate. - RoleArn *string `min:"1" type:"string"` + // + // RoleArn is a required field + RoleArn *string `type:"string" required:"true"` } // String returns the string representation. @@ -56576,11 +60650,11 @@ func (s AssociateEnclaveCertificateIamRoleInput) GoString() string { // Validate inspects the fields of the type to determine if they are valid. func (s *AssociateEnclaveCertificateIamRoleInput) Validate() error { invalidParams := request.ErrInvalidParams{Context: "AssociateEnclaveCertificateIamRoleInput"} - if s.CertificateArn != nil && len(*s.CertificateArn) < 1 { - invalidParams.Add(request.NewErrParamMinLen("CertificateArn", 1)) + if s.CertificateArn == nil { + invalidParams.Add(request.NewErrParamRequired("CertificateArn")) } - if s.RoleArn != nil && len(*s.RoleArn) < 1 { - invalidParams.Add(request.NewErrParamMinLen("RoleArn", 1)) + if s.RoleArn == nil { + invalidParams.Add(request.NewErrParamRequired("RoleArn")) } if invalidParams.Len() > 0 { @@ -56851,6 +60925,352 @@ func (s *AssociateInstanceEventWindowOutput) SetInstanceEventWindow(v *InstanceE return s } +type AssociateIpamByoasnInput struct { + _ struct{} `type:"structure"` + + // A public 2-byte or 4-byte ASN. + // + // Asn is a required field + Asn *string `type:"string" required:"true"` + + // The BYOIP CIDR you want to associate with an ASN. + // + // Cidr is a required field + Cidr *string `type:"string" required:"true"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s AssociateIpamByoasnInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s AssociateIpamByoasnInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *AssociateIpamByoasnInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "AssociateIpamByoasnInput"} + if s.Asn == nil { + invalidParams.Add(request.NewErrParamRequired("Asn")) + } + if s.Cidr == nil { + invalidParams.Add(request.NewErrParamRequired("Cidr")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetAsn sets the Asn field's value. +func (s *AssociateIpamByoasnInput) SetAsn(v string) *AssociateIpamByoasnInput { + s.Asn = &v + return s +} + +// SetCidr sets the Cidr field's value. +func (s *AssociateIpamByoasnInput) SetCidr(v string) *AssociateIpamByoasnInput { + s.Cidr = &v + return s +} + +// SetDryRun sets the DryRun field's value. +func (s *AssociateIpamByoasnInput) SetDryRun(v bool) *AssociateIpamByoasnInput { + s.DryRun = &v + return s +} + +type AssociateIpamByoasnOutput struct { + _ struct{} `type:"structure"` + + // The ASN and BYOIP CIDR association. + AsnAssociation *AsnAssociation `locationName:"asnAssociation" type:"structure"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s AssociateIpamByoasnOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s AssociateIpamByoasnOutput) GoString() string { + return s.String() +} + +// SetAsnAssociation sets the AsnAssociation field's value. +func (s *AssociateIpamByoasnOutput) SetAsnAssociation(v *AsnAssociation) *AssociateIpamByoasnOutput { + s.AsnAssociation = v + return s +} + +type AssociateIpamResourceDiscoveryInput struct { + _ struct{} `type:"structure"` + + // A client token. + ClientToken *string `type:"string" idempotencyToken:"true"` + + // A check for whether you have the required permissions for the action without + // actually making the request and provides an error response. If you have the + // required permissions, the error response is DryRunOperation. Otherwise, it + // is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // An IPAM ID. + // + // IpamId is a required field + IpamId *string `type:"string" required:"true"` + + // A resource discovery ID. + // + // IpamResourceDiscoveryId is a required field + IpamResourceDiscoveryId *string `type:"string" required:"true"` + + // Tag specifications. + TagSpecifications []*TagSpecification `locationName:"TagSpecification" locationNameList:"item" type:"list"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s AssociateIpamResourceDiscoveryInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s AssociateIpamResourceDiscoveryInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *AssociateIpamResourceDiscoveryInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "AssociateIpamResourceDiscoveryInput"} + if s.IpamId == nil { + invalidParams.Add(request.NewErrParamRequired("IpamId")) + } + if s.IpamResourceDiscoveryId == nil { + invalidParams.Add(request.NewErrParamRequired("IpamResourceDiscoveryId")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetClientToken sets the ClientToken field's value. +func (s *AssociateIpamResourceDiscoveryInput) SetClientToken(v string) *AssociateIpamResourceDiscoveryInput { + s.ClientToken = &v + return s +} + +// SetDryRun sets the DryRun field's value. +func (s *AssociateIpamResourceDiscoveryInput) SetDryRun(v bool) *AssociateIpamResourceDiscoveryInput { + s.DryRun = &v + return s +} + +// SetIpamId sets the IpamId field's value. +func (s *AssociateIpamResourceDiscoveryInput) SetIpamId(v string) *AssociateIpamResourceDiscoveryInput { + s.IpamId = &v + return s +} + +// SetIpamResourceDiscoveryId sets the IpamResourceDiscoveryId field's value. +func (s *AssociateIpamResourceDiscoveryInput) SetIpamResourceDiscoveryId(v string) *AssociateIpamResourceDiscoveryInput { + s.IpamResourceDiscoveryId = &v + return s +} + +// SetTagSpecifications sets the TagSpecifications field's value. +func (s *AssociateIpamResourceDiscoveryInput) SetTagSpecifications(v []*TagSpecification) *AssociateIpamResourceDiscoveryInput { + s.TagSpecifications = v + return s +} + +type AssociateIpamResourceDiscoveryOutput struct { + _ struct{} `type:"structure"` + + // A resource discovery association. An associated resource discovery is a resource + // discovery that has been associated with an IPAM. + IpamResourceDiscoveryAssociation *IpamResourceDiscoveryAssociation `locationName:"ipamResourceDiscoveryAssociation" type:"structure"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s AssociateIpamResourceDiscoveryOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s AssociateIpamResourceDiscoveryOutput) GoString() string { + return s.String() +} + +// SetIpamResourceDiscoveryAssociation sets the IpamResourceDiscoveryAssociation field's value. +func (s *AssociateIpamResourceDiscoveryOutput) SetIpamResourceDiscoveryAssociation(v *IpamResourceDiscoveryAssociation) *AssociateIpamResourceDiscoveryOutput { + s.IpamResourceDiscoveryAssociation = v + return s +} + +type AssociateNatGatewayAddressInput struct { + _ struct{} `type:"structure"` + + // The allocation IDs of EIPs that you want to associate with your NAT gateway. + // + // AllocationIds is a required field + AllocationIds []*string `locationName:"AllocationId" locationNameList:"AllocationId" type:"list" required:"true"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The ID of the NAT gateway. + // + // NatGatewayId is a required field + NatGatewayId *string `type:"string" required:"true"` + + // The private IPv4 addresses that you want to assign to the NAT gateway. + PrivateIpAddresses []*string `locationName:"PrivateIpAddress" locationNameList:"item" type:"list"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s AssociateNatGatewayAddressInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s AssociateNatGatewayAddressInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *AssociateNatGatewayAddressInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "AssociateNatGatewayAddressInput"} + if s.AllocationIds == nil { + invalidParams.Add(request.NewErrParamRequired("AllocationIds")) + } + if s.NatGatewayId == nil { + invalidParams.Add(request.NewErrParamRequired("NatGatewayId")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetAllocationIds sets the AllocationIds field's value. +func (s *AssociateNatGatewayAddressInput) SetAllocationIds(v []*string) *AssociateNatGatewayAddressInput { + s.AllocationIds = v + return s +} + +// SetDryRun sets the DryRun field's value. +func (s *AssociateNatGatewayAddressInput) SetDryRun(v bool) *AssociateNatGatewayAddressInput { + s.DryRun = &v + return s +} + +// SetNatGatewayId sets the NatGatewayId field's value. +func (s *AssociateNatGatewayAddressInput) SetNatGatewayId(v string) *AssociateNatGatewayAddressInput { + s.NatGatewayId = &v + return s +} + +// SetPrivateIpAddresses sets the PrivateIpAddresses field's value. +func (s *AssociateNatGatewayAddressInput) SetPrivateIpAddresses(v []*string) *AssociateNatGatewayAddressInput { + s.PrivateIpAddresses = v + return s +} + +type AssociateNatGatewayAddressOutput struct { + _ struct{} `type:"structure"` + + // The IP addresses. + NatGatewayAddresses []*NatGatewayAddress `locationName:"natGatewayAddressSet" locationNameList:"item" type:"list"` + + // The ID of the NAT gateway. + NatGatewayId *string `locationName:"natGatewayId" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s AssociateNatGatewayAddressOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s AssociateNatGatewayAddressOutput) GoString() string { + return s.String() +} + +// SetNatGatewayAddresses sets the NatGatewayAddresses field's value. +func (s *AssociateNatGatewayAddressOutput) SetNatGatewayAddresses(v []*NatGatewayAddress) *AssociateNatGatewayAddressOutput { + s.NatGatewayAddresses = v + return s +} + +// SetNatGatewayId sets the NatGatewayId field's value. +func (s *AssociateNatGatewayAddressOutput) SetNatGatewayId(v string) *AssociateNatGatewayAddressOutput { + s.NatGatewayId = &v + return s +} + type AssociateRouteTableInput struct { _ struct{} `type:"structure"` @@ -56971,10 +61391,14 @@ func (s *AssociateRouteTableOutput) SetAssociationState(v *RouteTableAssociation type AssociateSubnetCidrBlockInput struct { _ struct{} `type:"structure"` - // The IPv6 CIDR block for your subnet. The subnet must have a /64 prefix length. - // - // Ipv6CidrBlock is a required field - Ipv6CidrBlock *string `locationName:"ipv6CidrBlock" type:"string" required:"true"` + // The IPv6 CIDR block for your subnet. + Ipv6CidrBlock *string `locationName:"ipv6CidrBlock" type:"string"` + + // An IPv6 IPAM pool ID. + Ipv6IpamPoolId *string `type:"string"` + + // An IPv6 netmask length. + Ipv6NetmaskLength *int64 `type:"integer"` // The ID of your subnet. // @@ -57003,9 +61427,6 @@ func (s AssociateSubnetCidrBlockInput) GoString() string { // Validate inspects the fields of the type to determine if they are valid. func (s *AssociateSubnetCidrBlockInput) Validate() error { invalidParams := request.ErrInvalidParams{Context: "AssociateSubnetCidrBlockInput"} - if s.Ipv6CidrBlock == nil { - invalidParams.Add(request.NewErrParamRequired("Ipv6CidrBlock")) - } if s.SubnetId == nil { invalidParams.Add(request.NewErrParamRequired("SubnetId")) } @@ -57022,6 +61443,18 @@ func (s *AssociateSubnetCidrBlockInput) SetIpv6CidrBlock(v string) *AssociateSub return s } +// SetIpv6IpamPoolId sets the Ipv6IpamPoolId field's value. +func (s *AssociateSubnetCidrBlockInput) SetIpv6IpamPoolId(v string) *AssociateSubnetCidrBlockInput { + s.Ipv6IpamPoolId = &v + return s +} + +// SetIpv6NetmaskLength sets the Ipv6NetmaskLength field's value. +func (s *AssociateSubnetCidrBlockInput) SetIpv6NetmaskLength(v int64) *AssociateSubnetCidrBlockInput { + s.Ipv6NetmaskLength = &v + return s +} + // SetSubnetId sets the SubnetId field's value. func (s *AssociateSubnetCidrBlockInput) SetSubnetId(v string) *AssociateSubnetCidrBlockInput { s.SubnetId = &v @@ -57078,14 +61511,20 @@ type AssociateTransitGatewayMulticastDomainInput struct { DryRun *bool `type:"boolean"` // The IDs of the subnets to associate with the transit gateway multicast domain. - SubnetIds []*string `locationNameList:"item" type:"list"` + // + // SubnetIds is a required field + SubnetIds []*string `locationNameList:"item" type:"list" required:"true"` // The ID of the transit gateway attachment to associate with the transit gateway // multicast domain. - TransitGatewayAttachmentId *string `type:"string"` + // + // TransitGatewayAttachmentId is a required field + TransitGatewayAttachmentId *string `type:"string" required:"true"` // The ID of the transit gateway multicast domain. - TransitGatewayMulticastDomainId *string `type:"string"` + // + // TransitGatewayMulticastDomainId is a required field + TransitGatewayMulticastDomainId *string `type:"string" required:"true"` } // String returns the string representation. @@ -57106,6 +61545,25 @@ func (s AssociateTransitGatewayMulticastDomainInput) GoString() string { return s.String() } +// Validate inspects the fields of the type to determine if they are valid. +func (s *AssociateTransitGatewayMulticastDomainInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "AssociateTransitGatewayMulticastDomainInput"} + if s.SubnetIds == nil { + invalidParams.Add(request.NewErrParamRequired("SubnetIds")) + } + if s.TransitGatewayAttachmentId == nil { + invalidParams.Add(request.NewErrParamRequired("TransitGatewayAttachmentId")) + } + if s.TransitGatewayMulticastDomainId == nil { + invalidParams.Add(request.NewErrParamRequired("TransitGatewayMulticastDomainId")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + // SetDryRun sets the DryRun field's value. func (s *AssociateTransitGatewayMulticastDomainInput) SetDryRun(v bool) *AssociateTransitGatewayMulticastDomainInput { s.DryRun = &v @@ -57515,7 +61973,7 @@ type AssociateVpcCidrBlockInput struct { _ struct{} `type:"structure"` // Requests an Amazon-provided IPv6 CIDR block with a /56 prefix length for - // the VPC. You cannot specify the range of IPv6 addresses, or the size of the + // the VPC. You cannot specify the range of IPv6 addresses or the size of the // CIDR block. AmazonProvidedIpv6CidrBlock *bool `locationName:"amazonProvidedIpv6CidrBlock" type:"boolean"` @@ -57939,18 +62397,18 @@ type AttachClassicLinkVpcInput struct { // it is UnauthorizedOperation. DryRun *bool `locationName:"dryRun" type:"boolean"` - // The ID of one or more of the VPC's security groups. You cannot specify security - // groups from a different VPC. + // The IDs of the security groups. You cannot specify security groups from a + // different VPC. // // Groups is a required field Groups []*string `locationName:"SecurityGroupId" locationNameList:"groupId" type:"list" required:"true"` - // The ID of an EC2-Classic instance to link to the ClassicLink-enabled VPC. + // The ID of the EC2-Classic instance. // // InstanceId is a required field InstanceId *string `locationName:"instanceId" type:"string" required:"true"` - // The ID of a ClassicLink-enabled VPC. + // The ID of the ClassicLink-enabled VPC. // // VpcId is a required field VpcId *string `locationName:"vpcId" type:"string" required:"true"` @@ -58305,12 +62763,12 @@ type AttachVerifiedAccessTrustProviderInput struct { // it is UnauthorizedOperation. DryRun *bool `type:"boolean"` - // The ID of the Amazon Web Services Verified Access instance. + // The ID of the Verified Access instance. // // VerifiedAccessInstanceId is a required field VerifiedAccessInstanceId *string `type:"string" required:"true"` - // The ID of the Amazon Web Services Verified Access trust provider. + // The ID of the Verified Access trust provider. // // VerifiedAccessTrustProviderId is a required field VerifiedAccessTrustProviderId *string `type:"string" required:"true"` @@ -58377,10 +62835,10 @@ func (s *AttachVerifiedAccessTrustProviderInput) SetVerifiedAccessTrustProviderI type AttachVerifiedAccessTrustProviderOutput struct { _ struct{} `type:"structure"` - // The ID of the Amazon Web Services Verified Access instance. + // Details about the Verified Access instance. VerifiedAccessInstance *VerifiedAccessInstance `locationName:"verifiedAccessInstance" type:"structure"` - // The ID of the Amazon Web Services Verified Access trust provider. + // Details about the Verified Access trust provider. VerifiedAccessTrustProvider *VerifiedAccessTrustProvider `locationName:"verifiedAccessTrustProvider" type:"structure"` } @@ -58606,16 +63064,25 @@ func (s *AttachVpnGatewayOutput) SetVpcAttachment(v *VpcAttachment) *AttachVpnGa return s } -// Describes the ENA Express configuration for the network interface that's -// attached to the instance. +// ENA Express uses Amazon Web Services Scalable Reliable Datagram (SRD) technology +// to increase the maximum bandwidth used per stream and minimize tail latency +// of network traffic between EC2 instances. With ENA Express, you can communicate +// between two EC2 instances in the same subnet within the same account, or +// in different accounts. Both sending and receiving instances must have ENA +// Express enabled. +// +// To improve the reliability of network packet delivery, ENA Express reorders +// network packets on the receiving end by default. However, some UDP-based +// applications are designed to handle network packets that are out of order +// to reduce the overhead for packet delivery at the network layer. When ENA +// Express is enabled, you can specify whether UDP network traffic uses it. type AttachmentEnaSrdSpecification struct { _ struct{} `type:"structure"` - // Indicates whether ENA Express is enabled for the network interface that's - // attached to the instance. + // Indicates whether ENA Express is enabled for the network interface. EnaSrdEnabled *bool `locationName:"enaSrdEnabled" type:"boolean"` - // ENA Express configuration for UDP network traffic. + // Configures ENA Express for UDP network traffic. EnaSrdUdpSpecification *AttachmentEnaSrdUdpSpecification `locationName:"enaSrdUdpSpecification" type:"structure"` } @@ -58649,8 +63116,12 @@ func (s *AttachmentEnaSrdSpecification) SetEnaSrdUdpSpecification(v *AttachmentE return s } -// Describes the ENA Express configuration for UDP traffic on the network interface -// that's attached to the instance. +// ENA Express is compatible with both TCP and UDP transport protocols. When +// it's enabled, TCP traffic automatically uses it. However, some UDP-based +// applications are designed to handle network packets that are out of order, +// without a need for retransmission, such as live video broadcasting or other +// near-real-time applications. For UDP traffic, you can specify whether to +// use ENA Express, based on your application environment needs. type AttachmentEnaSrdUdpSpecification struct { _ struct{} `type:"structure"` @@ -58974,7 +63445,7 @@ func (s *AuthorizeClientVpnIngressOutput) SetStatus(v *ClientVpnAuthorizationRul type AuthorizeSecurityGroupEgressInput struct { _ struct{} `type:"structure"` - // Not supported. Use a set of IP permissions to specify the CIDR. + // Not supported. Use IP permissions instead. CidrIp *string `locationName:"cidrIp" type:"string"` // Checks whether you have the required permissions for the action, without @@ -58983,7 +63454,7 @@ type AuthorizeSecurityGroupEgressInput struct { // it is UnauthorizedOperation. DryRun *bool `locationName:"dryRun" type:"boolean"` - // Not supported. Use a set of IP permissions to specify the port. + // Not supported. Use IP permissions instead. FromPort *int64 `locationName:"fromPort" type:"integer"` // The ID of the security group. @@ -58991,26 +63462,22 @@ type AuthorizeSecurityGroupEgressInput struct { // GroupId is a required field GroupId *string `locationName:"groupId" type:"string" required:"true"` - // The sets of IP permissions. You can't specify a destination security group - // and a CIDR IP address range in the same set of permissions. + // The permissions for the security group rules. IpPermissions []*IpPermission `locationName:"ipPermissions" locationNameList:"item" type:"list"` - // Not supported. Use a set of IP permissions to specify the protocol name or - // number. + // Not supported. Use IP permissions instead. IpProtocol *string `locationName:"ipProtocol" type:"string"` - // Not supported. Use a set of IP permissions to specify a destination security - // group. + // Not supported. Use IP permissions instead. SourceSecurityGroupName *string `locationName:"sourceSecurityGroupName" type:"string"` - // Not supported. Use a set of IP permissions to specify a destination security - // group. + // Not supported. Use IP permissions instead. SourceSecurityGroupOwnerId *string `locationName:"sourceSecurityGroupOwnerId" type:"string"` // The tags applied to the security group rule. TagSpecifications []*TagSpecification `locationName:"TagSpecification" locationNameList:"item" type:"list"` - // Not supported. Use a set of IP permissions to specify the port. + // Not supported. Use IP permissions instead. ToPort *int64 `locationName:"toPort" type:"integer"` } @@ -59148,12 +63615,12 @@ func (s *AuthorizeSecurityGroupEgressOutput) SetSecurityGroupRules(v []*Security type AuthorizeSecurityGroupIngressInput struct { _ struct{} `type:"structure"` - // The IPv4 address range, in CIDR format. You can't specify this parameter - // when specifying a source security group. To specify an IPv6 address range, - // use a set of IP permissions. + // The IPv4 address range, in CIDR format. + // + // To specify an IPv6 address range, use IP permissions instead. // - // Alternatively, use a set of IP permissions to specify multiple rules and - // a description for the rule. + // To specify multiple rules and descriptions for the rules, use IP permissions + // instead. CidrIp *string `type:"string"` // Checks whether you have the required permissions for the action, without @@ -59162,66 +63629,59 @@ type AuthorizeSecurityGroupIngressInput struct { // it is UnauthorizedOperation. DryRun *bool `locationName:"dryRun" type:"boolean"` - // The start of port range for the TCP and UDP protocols, or an ICMP type number. - // For the ICMP type number, use -1 to specify all types. If you specify all - // ICMP types, you must specify all codes. + // If the protocol is TCP or UDP, this is the start of the port range. If the + // protocol is ICMP, this is the ICMP type or -1 (all ICMP types). // - // Alternatively, use a set of IP permissions to specify multiple rules and - // a description for the rule. + // To specify multiple rules and descriptions for the rules, use IP permissions + // instead. FromPort *int64 `type:"integer"` - // The ID of the security group. You must specify either the security group - // ID or the security group name in the request. For security groups in a nondefault - // VPC, you must specify the security group ID. + // The ID of the security group. GroupId *string `type:"string"` - // [EC2-Classic, default VPC] The name of the security group. You must specify - // either the security group ID or the security group name in the request. For - // security groups in a nondefault VPC, you must specify the security group - // ID. + // [Default VPC] The name of the security group. For security groups for a default + // VPC you can specify either the ID or the name of the security group. For + // security groups for a nondefault VPC, you must specify the ID of the security + // group. GroupName *string `type:"string"` - // The sets of IP permissions. + // The permissions for the security group rules. IpPermissions []*IpPermission `locationNameList:"item" type:"list"` // The IP protocol name (tcp, udp, icmp) or number (see Protocol Numbers (http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml)). - // To specify icmpv6, use a set of IP permissions. + // To specify all protocols, use -1. // - // [VPC only] Use -1 to specify all protocols. If you specify -1 or a protocol - // other than tcp, udp, or icmp, traffic on all ports is allowed, regardless - // of any ports you specify. + // To specify icmpv6, use IP permissions instead. // - // Alternatively, use a set of IP permissions to specify multiple rules and - // a description for the rule. + // If you specify a protocol other than one of the supported values, traffic + // is allowed on all ports, regardless of any ports that you specify. + // + // To specify multiple rules and descriptions for the rules, use IP permissions + // instead. IpProtocol *string `type:"string"` - // [EC2-Classic, default VPC] The name of the source security group. You can't - // specify this parameter in combination with the following parameters: the - // CIDR IP address range, the start of the port range, the IP protocol, and - // the end of the port range. Creates rules that grant full ICMP, UDP, and TCP - // access. To create a rule with a specific IP protocol and port range, use - // a set of IP permissions instead. For EC2-VPC, the source security group must - // be in the same VPC. + // [Default VPC] The name of the source security group. + // + // The rule grants full ICMP, UDP, and TCP access. To create a rule with a specific + // protocol and port range, specify a set of IP permissions instead. SourceSecurityGroupName *string `type:"string"` - // [nondefault VPC] The Amazon Web Services account ID for the source security - // group, if the source security group is in a different account. You can't - // specify this parameter in combination with the following parameters: the - // CIDR IP address range, the IP protocol, the start of the port range, and - // the end of the port range. Creates rules that grant full ICMP, UDP, and TCP - // access. To create a rule with a specific IP protocol and port range, use - // a set of IP permissions instead. + // The Amazon Web Services account ID for the source security group, if the + // source security group is in a different account. + // + // The rule grants full ICMP, UDP, and TCP access. To create a rule with a specific + // protocol and port range, use IP permissions instead. SourceSecurityGroupOwnerId *string `type:"string"` - // [VPC Only] The tags applied to the security group rule. + // The tags applied to the security group rule. TagSpecifications []*TagSpecification `locationName:"TagSpecification" locationNameList:"item" type:"list"` - // The end of port range for the TCP and UDP protocols, or an ICMP code number. - // For the ICMP code number, use -1 to specify all codes. If you specify all - // ICMP types, you must specify all codes. + // If the protocol is TCP or UDP, this is the end of the port range. If the + // protocol is ICMP, this is the ICMP code or -1 (all ICMP codes). If the start + // port is -1 (all ICMP types), then the end port must be -1 (all ICMP codes). // - // Alternatively, use a set of IP permissions to specify multiple rules and - // a description for the rule. + // To specify multiple rules and descriptions for the rules, use IP permissions + // instead. ToPort *int64 `type:"integer"` } @@ -59769,12 +64229,8 @@ type BundleInstanceInput struct { // The ID of the instance to bundle. // - // Type: String - // // Default: None // - // Required: Yes - // // InstanceId is a required field InstanceId *string `type:"string" required:"true"` @@ -60006,17 +64462,98 @@ func (s *BundleTaskError) SetMessage(v string) *BundleTaskError { return s } +// The Autonomous System Number (ASN) and BYOIP CIDR association. +type Byoasn struct { + _ struct{} `type:"structure"` + + // A public 2-byte or 4-byte ASN. + Asn *string `locationName:"asn" type:"string"` + + // An IPAM ID. + IpamId *string `locationName:"ipamId" type:"string"` + + // The provisioning state of the BYOASN. + State *string `locationName:"state" type:"string" enum:"AsnState"` + + // The status message. + StatusMessage *string `locationName:"statusMessage" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s Byoasn) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s Byoasn) GoString() string { + return s.String() +} + +// SetAsn sets the Asn field's value. +func (s *Byoasn) SetAsn(v string) *Byoasn { + s.Asn = &v + return s +} + +// SetIpamId sets the IpamId field's value. +func (s *Byoasn) SetIpamId(v string) *Byoasn { + s.IpamId = &v + return s +} + +// SetState sets the State field's value. +func (s *Byoasn) SetState(v string) *Byoasn { + s.State = &v + return s +} + +// SetStatusMessage sets the StatusMessage field's value. +func (s *Byoasn) SetStatusMessage(v string) *Byoasn { + s.StatusMessage = &v + return s +} + // Information about an address range that is provisioned for use with your // Amazon Web Services resources through bring your own IP addresses (BYOIP). type ByoipCidr struct { _ struct{} `type:"structure"` + // The BYOIP CIDR associations with ASNs. + AsnAssociations []*AsnAssociation `locationName:"asnAssociationSet" locationNameList:"item" type:"list"` + // The address range, in CIDR notation. Cidr *string `locationName:"cidr" type:"string"` // The description of the address range. Description *string `locationName:"description" type:"string"` + // If you have Local Zones (https://docs.aws.amazon.com/local-zones/latest/ug/how-local-zones-work.html) + // enabled, you can choose a network border group for Local Zones when you provision + // and advertise a BYOIPv4 CIDR. Choose the network border group carefully as + // the EIP and the Amazon Web Services resource it is associated with must reside + // in the same network border group. + // + // You can provision BYOIP address ranges to and advertise them in the following + // Local Zone network border groups: + // + // * us-east-1-dfw-2 + // + // * us-west-2-lax-1 + // + // * us-west-2-phx-2 + // + // You cannot provision or advertise BYOIPv6 address ranges in Local Zones at + // this time. + NetworkBorderGroup *string `locationName:"networkBorderGroup" type:"string"` + // The state of the address pool. State *string `locationName:"state" type:"string" enum:"ByoipCidrState"` @@ -60043,6 +64580,12 @@ func (s ByoipCidr) GoString() string { return s.String() } +// SetAsnAssociations sets the AsnAssociations field's value. +func (s *ByoipCidr) SetAsnAssociations(v []*AsnAssociation) *ByoipCidr { + s.AsnAssociations = v + return s +} + // SetCidr sets the Cidr field's value. func (s *ByoipCidr) SetCidr(v string) *ByoipCidr { s.Cidr = &v @@ -60055,6 +64598,12 @@ func (s *ByoipCidr) SetDescription(v string) *ByoipCidr { return s } +// SetNetworkBorderGroup sets the NetworkBorderGroup field's value. +func (s *ByoipCidr) SetNetworkBorderGroup(v string) *ByoipCidr { + s.NetworkBorderGroup = &v + return s +} + // SetState sets the State field's value. func (s *ByoipCidr) SetState(v string) *ByoipCidr { s.State = &v @@ -60479,7 +65028,8 @@ func (s CancelConversionTaskOutput) GoString() string { type CancelExportTaskInput struct { _ struct{} `type:"structure"` - // The ID of the export task. This is the ID returned by CreateInstanceExportTask. + // The ID of the export task. This is the ID returned by the CreateInstanceExportTask + // and ExportImage operations. // // ExportTaskId is a required field ExportTaskId *string `locationName:"exportTaskId" type:"string" required:"true"` @@ -60910,8 +65460,11 @@ type CancelSpotFleetRequestsInput struct { // SpotFleetRequestIds is a required field SpotFleetRequestIds []*string `locationName:"spotFleetRequestId" locationNameList:"item" type:"list" required:"true"` - // Indicates whether to terminate instances for a Spot Fleet request if it is - // canceled successfully. + // Indicates whether to terminate the associated instances when the Spot Fleet + // request is canceled. The default is to terminate the instances. + // + // To let the instances continue to run after the Spot Fleet request is canceled, + // specify no-terminate-instances. // // TerminateInstances is a required field TerminateInstances *bool `locationName:"terminateInstances" type:"boolean" required:"true"` @@ -61070,7 +65623,7 @@ type CancelSpotInstanceRequestsInput struct { // it is UnauthorizedOperation. DryRun *bool `locationName:"dryRun" type:"boolean"` - // One or more Spot Instance request IDs. + // The IDs of the Spot Instance requests. // // SpotInstanceRequestIds is a required field SpotInstanceRequestIds []*string `locationName:"SpotInstanceRequestId" locationNameList:"SpotInstanceRequestId" type:"list" required:"true"` @@ -61123,7 +65676,7 @@ func (s *CancelSpotInstanceRequestsInput) SetSpotInstanceRequestIds(v []*string) type CancelSpotInstanceRequestsOutput struct { _ struct{} `type:"structure"` - // One or more Spot Instance requests. + // The Spot Instance requests. CancelledSpotInstanceRequests []*CancelledSpotInstanceRequest `locationName:"spotInstanceRequestSet" locationNameList:"item" type:"list"` } @@ -61236,6 +65789,119 @@ func (s *CapacityAllocation) SetCount(v int64) *CapacityAllocation { return s } +// The recommended Capacity Block that fits your search requirements. +type CapacityBlockOffering struct { + _ struct{} `type:"structure"` + + // The Availability Zone of the Capacity Block offering. + AvailabilityZone *string `locationName:"availabilityZone" type:"string"` + + // The amount of time of the Capacity Block reservation in hours. + CapacityBlockDurationHours *int64 `locationName:"capacityBlockDurationHours" type:"integer"` + + // The ID of the Capacity Block offering. + CapacityBlockOfferingId *string `locationName:"capacityBlockOfferingId" type:"string"` + + // The currency of the payment for the Capacity Block. + CurrencyCode *string `locationName:"currencyCode" type:"string"` + + // The end date of the Capacity Block offering. + EndDate *time.Time `locationName:"endDate" type:"timestamp"` + + // The number of instances in the Capacity Block offering. + InstanceCount *int64 `locationName:"instanceCount" type:"integer"` + + // The instance type of the Capacity Block offering. + InstanceType *string `locationName:"instanceType" type:"string"` + + // The start date of the Capacity Block offering. + StartDate *time.Time `locationName:"startDate" type:"timestamp"` + + // The tenancy of the Capacity Block. + Tenancy *string `locationName:"tenancy" type:"string" enum:"CapacityReservationTenancy"` + + // The total price to be paid up front. + UpfrontFee *string `locationName:"upfrontFee" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CapacityBlockOffering) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CapacityBlockOffering) GoString() string { + return s.String() +} + +// SetAvailabilityZone sets the AvailabilityZone field's value. +func (s *CapacityBlockOffering) SetAvailabilityZone(v string) *CapacityBlockOffering { + s.AvailabilityZone = &v + return s +} + +// SetCapacityBlockDurationHours sets the CapacityBlockDurationHours field's value. +func (s *CapacityBlockOffering) SetCapacityBlockDurationHours(v int64) *CapacityBlockOffering { + s.CapacityBlockDurationHours = &v + return s +} + +// SetCapacityBlockOfferingId sets the CapacityBlockOfferingId field's value. +func (s *CapacityBlockOffering) SetCapacityBlockOfferingId(v string) *CapacityBlockOffering { + s.CapacityBlockOfferingId = &v + return s +} + +// SetCurrencyCode sets the CurrencyCode field's value. +func (s *CapacityBlockOffering) SetCurrencyCode(v string) *CapacityBlockOffering { + s.CurrencyCode = &v + return s +} + +// SetEndDate sets the EndDate field's value. +func (s *CapacityBlockOffering) SetEndDate(v time.Time) *CapacityBlockOffering { + s.EndDate = &v + return s +} + +// SetInstanceCount sets the InstanceCount field's value. +func (s *CapacityBlockOffering) SetInstanceCount(v int64) *CapacityBlockOffering { + s.InstanceCount = &v + return s +} + +// SetInstanceType sets the InstanceType field's value. +func (s *CapacityBlockOffering) SetInstanceType(v string) *CapacityBlockOffering { + s.InstanceType = &v + return s +} + +// SetStartDate sets the StartDate field's value. +func (s *CapacityBlockOffering) SetStartDate(v time.Time) *CapacityBlockOffering { + s.StartDate = &v + return s +} + +// SetTenancy sets the Tenancy field's value. +func (s *CapacityBlockOffering) SetTenancy(v string) *CapacityBlockOffering { + s.Tenancy = &v + return s +} + +// SetUpfrontFee sets the UpfrontFee field's value. +func (s *CapacityBlockOffering) SetUpfrontFee(v string) *CapacityBlockOffering { + s.UpfrontFee = &v + return s +} + // Describes a Capacity Reservation. type CapacityReservation struct { _ struct{} `type:"structure"` @@ -61327,6 +65993,9 @@ type CapacityReservation struct { // in the Amazon EC2 User Guide. PlacementGroupArn *string `locationName:"placementGroupArn" type:"string"` + // The type of Capacity Reservation. + ReservationType *string `locationName:"reservationType" type:"string" enum:"CapacityReservationType"` + // The date and time at which the Capacity Reservation was started. StartDate *time.Time `locationName:"startDate" type:"timestamp"` @@ -61495,6 +66164,12 @@ func (s *CapacityReservation) SetPlacementGroupArn(v string) *CapacityReservatio return s } +// SetReservationType sets the ReservationType field's value. +func (s *CapacityReservation) SetReservationType(v string) *CapacityReservation { + s.ReservationType = &v + return s +} + // SetStartDate sets the StartDate field's value. func (s *CapacityReservation) SetStartDate(v time.Time) *CapacityReservation { s.StartDate = &v @@ -62328,6 +67003,8 @@ func (s *CidrBlock) SetCidrBlock(v string) *CidrBlock { return s } +// Deprecated. +// // Describes the ClassicLink DNS support status of a VPC. type ClassicLinkDnsSupport struct { _ struct{} `type:"structure"` @@ -62369,15 +67046,13 @@ func (s *ClassicLinkDnsSupport) SetVpcId(v string) *ClassicLinkDnsSupport { return s } -// We are retiring EC2-Classic. We recommend that you migrate from EC2-Classic -// to a VPC. For more information, see Migrate from EC2-Classic to a VPC (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-migrate.html) -// in the Amazon Elastic Compute Cloud User Guide. +// Deprecated. // // Describes a linked EC2-Classic instance. type ClassicLinkInstance struct { _ struct{} `type:"structure"` - // A list of security groups. + // The security groups. Groups []*GroupIdentifier `locationName:"groupSet" locationNameList:"item" type:"list"` // The ID of the instance. @@ -64220,6 +68895,242 @@ func (s *ConnectionNotification) SetVpcEndpointId(v string) *ConnectionNotificat return s } +// A security group connection tracking configuration that enables you to set +// the idle timeout for connection tracking on an Elastic network interface. +// For more information, see Connection tracking timeouts (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-connection-tracking.html#connection-tracking-timeouts) +// in the Amazon Elastic Compute Cloud User Guide. +type ConnectionTrackingConfiguration struct { + _ struct{} `type:"structure"` + + // Timeout (in seconds) for idle TCP connections in an established state. Min: + // 60 seconds. Max: 432000 seconds (5 days). Default: 432000 seconds. Recommended: + // Less than 432000 seconds. + TcpEstablishedTimeout *int64 `locationName:"tcpEstablishedTimeout" type:"integer"` + + // Timeout (in seconds) for idle UDP flows classified as streams which have + // seen more than one request-response transaction. Min: 60 seconds. Max: 180 + // seconds (3 minutes). Default: 180 seconds. + UdpStreamTimeout *int64 `locationName:"udpStreamTimeout" type:"integer"` + + // Timeout (in seconds) for idle UDP flows that have seen traffic only in a + // single direction or a single request-response transaction. Min: 30 seconds. + // Max: 60 seconds. Default: 30 seconds. + UdpTimeout *int64 `locationName:"udpTimeout" type:"integer"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ConnectionTrackingConfiguration) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ConnectionTrackingConfiguration) GoString() string { + return s.String() +} + +// SetTcpEstablishedTimeout sets the TcpEstablishedTimeout field's value. +func (s *ConnectionTrackingConfiguration) SetTcpEstablishedTimeout(v int64) *ConnectionTrackingConfiguration { + s.TcpEstablishedTimeout = &v + return s +} + +// SetUdpStreamTimeout sets the UdpStreamTimeout field's value. +func (s *ConnectionTrackingConfiguration) SetUdpStreamTimeout(v int64) *ConnectionTrackingConfiguration { + s.UdpStreamTimeout = &v + return s +} + +// SetUdpTimeout sets the UdpTimeout field's value. +func (s *ConnectionTrackingConfiguration) SetUdpTimeout(v int64) *ConnectionTrackingConfiguration { + s.UdpTimeout = &v + return s +} + +// A security group connection tracking specification that enables you to set +// the idle timeout for connection tracking on an Elastic network interface. +// For more information, see Connection tracking timeouts (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-connection-tracking.html#connection-tracking-timeouts) +// in the Amazon Elastic Compute Cloud User Guide. +type ConnectionTrackingSpecification struct { + _ struct{} `type:"structure"` + + // Timeout (in seconds) for idle TCP connections in an established state. Min: + // 60 seconds. Max: 432000 seconds (5 days). Default: 432000 seconds. Recommended: + // Less than 432000 seconds. + TcpEstablishedTimeout *int64 `locationName:"tcpEstablishedTimeout" type:"integer"` + + // Timeout (in seconds) for idle UDP flows classified as streams which have + // seen more than one request-response transaction. Min: 60 seconds. Max: 180 + // seconds (3 minutes). Default: 180 seconds. + UdpStreamTimeout *int64 `locationName:"udpStreamTimeout" type:"integer"` + + // Timeout (in seconds) for idle UDP flows that have seen traffic only in a + // single direction or a single request-response transaction. Min: 30 seconds. + // Max: 60 seconds. Default: 30 seconds. + UdpTimeout *int64 `locationName:"udpTimeout" type:"integer"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ConnectionTrackingSpecification) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ConnectionTrackingSpecification) GoString() string { + return s.String() +} + +// SetTcpEstablishedTimeout sets the TcpEstablishedTimeout field's value. +func (s *ConnectionTrackingSpecification) SetTcpEstablishedTimeout(v int64) *ConnectionTrackingSpecification { + s.TcpEstablishedTimeout = &v + return s +} + +// SetUdpStreamTimeout sets the UdpStreamTimeout field's value. +func (s *ConnectionTrackingSpecification) SetUdpStreamTimeout(v int64) *ConnectionTrackingSpecification { + s.UdpStreamTimeout = &v + return s +} + +// SetUdpTimeout sets the UdpTimeout field's value. +func (s *ConnectionTrackingSpecification) SetUdpTimeout(v int64) *ConnectionTrackingSpecification { + s.UdpTimeout = &v + return s +} + +// A security group connection tracking specification request that enables you +// to set the idle timeout for connection tracking on an Elastic network interface. +// For more information, see Connection tracking timeouts (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-connection-tracking.html#connection-tracking-timeouts) +// in the Amazon Elastic Compute Cloud User Guide. +type ConnectionTrackingSpecificationRequest struct { + _ struct{} `type:"structure"` + + // Timeout (in seconds) for idle TCP connections in an established state. Min: + // 60 seconds. Max: 432000 seconds (5 days). Default: 432000 seconds. Recommended: + // Less than 432000 seconds. + TcpEstablishedTimeout *int64 `type:"integer"` + + // Timeout (in seconds) for idle UDP flows classified as streams which have + // seen more than one request-response transaction. Min: 60 seconds. Max: 180 + // seconds (3 minutes). Default: 180 seconds. + UdpStreamTimeout *int64 `type:"integer"` + + // Timeout (in seconds) for idle UDP flows that have seen traffic only in a + // single direction or a single request-response transaction. Min: 30 seconds. + // Max: 60 seconds. Default: 30 seconds. + UdpTimeout *int64 `type:"integer"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ConnectionTrackingSpecificationRequest) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ConnectionTrackingSpecificationRequest) GoString() string { + return s.String() +} + +// SetTcpEstablishedTimeout sets the TcpEstablishedTimeout field's value. +func (s *ConnectionTrackingSpecificationRequest) SetTcpEstablishedTimeout(v int64) *ConnectionTrackingSpecificationRequest { + s.TcpEstablishedTimeout = &v + return s +} + +// SetUdpStreamTimeout sets the UdpStreamTimeout field's value. +func (s *ConnectionTrackingSpecificationRequest) SetUdpStreamTimeout(v int64) *ConnectionTrackingSpecificationRequest { + s.UdpStreamTimeout = &v + return s +} + +// SetUdpTimeout sets the UdpTimeout field's value. +func (s *ConnectionTrackingSpecificationRequest) SetUdpTimeout(v int64) *ConnectionTrackingSpecificationRequest { + s.UdpTimeout = &v + return s +} + +// A security group connection tracking specification response that enables +// you to set the idle timeout for connection tracking on an Elastic network +// interface. For more information, see Connection tracking timeouts (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-connection-tracking.html#connection-tracking-timeouts) +// in the Amazon Elastic Compute Cloud User Guide. +type ConnectionTrackingSpecificationResponse struct { + _ struct{} `type:"structure"` + + // Timeout (in seconds) for idle TCP connections in an established state. Min: + // 60 seconds. Max: 432000 seconds (5 days). Default: 432000 seconds. Recommended: + // Less than 432000 seconds. + TcpEstablishedTimeout *int64 `locationName:"tcpEstablishedTimeout" type:"integer"` + + // Timeout (in seconds) for idle UDP flows classified as streams which have + // seen more than one request-response transaction. Min: 60 seconds. Max: 180 + // seconds (3 minutes). Default: 180 seconds. + UdpStreamTimeout *int64 `locationName:"udpStreamTimeout" type:"integer"` + + // Timeout (in seconds) for idle UDP flows that have seen traffic only in a + // single direction or a single request-response transaction. Min: 30 seconds. + // Max: 60 seconds. Default: 30 seconds. + UdpTimeout *int64 `locationName:"udpTimeout" type:"integer"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ConnectionTrackingSpecificationResponse) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ConnectionTrackingSpecificationResponse) GoString() string { + return s.String() +} + +// SetTcpEstablishedTimeout sets the TcpEstablishedTimeout field's value. +func (s *ConnectionTrackingSpecificationResponse) SetTcpEstablishedTimeout(v int64) *ConnectionTrackingSpecificationResponse { + s.TcpEstablishedTimeout = &v + return s +} + +// SetUdpStreamTimeout sets the UdpStreamTimeout field's value. +func (s *ConnectionTrackingSpecificationResponse) SetUdpStreamTimeout(v int64) *ConnectionTrackingSpecificationResponse { + s.UdpStreamTimeout = &v + return s +} + +// SetUdpTimeout sets the UdpTimeout field's value. +func (s *ConnectionTrackingSpecificationResponse) SetUdpTimeout(v int64) *ConnectionTrackingSpecificationResponse { + s.UdpTimeout = &v + return s +} + // Describes a conversion task. type ConversionTask struct { _ struct{} `type:"structure"` @@ -64472,8 +69383,8 @@ type CopyImageInput struct { // or within the same Outpost. // // For more information, see Copy AMIs from an Amazon Web Services Region to - // an Outpost (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/snapshots-outposts.html#copy-amis) - // in the Amazon EC2 User Guide. + // an Outpost (https://docs.aws.amazon.com/ebs/latest/userguide/snapshots-outposts.html#copy-amis) + // in the Amazon EBS User Guide. DestinationOutpostArn *string `type:"string"` // Checks whether you have the required permissions for the action, without @@ -64487,8 +69398,8 @@ type CopyImageInput struct { // create an unencrypted copy of an encrypted snapshot. The default KMS key // for Amazon EBS is used unless you specify a non-default Key Management Service // (KMS) KMS key using KmsKeyId. For more information, see Amazon EBS encryption - // (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html) - // in the Amazon EC2 User Guide. + // (https://docs.aws.amazon.com/ebs/latest/userguide/ebs-encryption.html) in + // the Amazon EBS User Guide. Encrypted *bool `locationName:"encrypted" type:"boolean"` // The identifier of the symmetric Key Management Service (KMS) KMS key to use @@ -64529,6 +69440,19 @@ type CopyImageInput struct { // // SourceRegion is a required field SourceRegion *string `type:"string" required:"true"` + + // The tags to apply to the new AMI and new snapshots. You can tag the AMI, + // the snapshots, or both. + // + // * To tag the new AMI, the value for ResourceType must be image. + // + // * To tag the new snapshots, the value for ResourceType must be snapshot. + // The same tag is applied to all the new snapshots. + // + // If you specify other values for ResourceType, the request fails. + // + // To tag an AMI or snapshot after it has been created, see CreateTags (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateTags.html). + TagSpecifications []*TagSpecification `locationName:"TagSpecification" locationNameList:"item" type:"list"` } // String returns the string representation. @@ -64628,6 +69552,12 @@ func (s *CopyImageInput) SetSourceRegion(v string) *CopyImageInput { return s } +// SetTagSpecifications sets the TagSpecifications field's value. +func (s *CopyImageInput) SetTagSpecifications(v []*TagSpecification) *CopyImageInput { + s.TagSpecifications = v + return s +} + // Contains the output of CopyImage. type CopyImageOutput struct { _ struct{} `type:"structure"` @@ -64673,8 +69603,8 @@ type CopySnapshotInput struct { // Outpost to another, or within the same Outpost. // // For more information, see Copy snapshots from an Amazon Web Services Region - // to an Outpost (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/snapshots-outposts.html#copy-snapshots) - // in the Amazon Elastic Compute Cloud User Guide. + // to an Outpost (https://docs.aws.amazon.com/ebs/latest/userguide/snapshots-outposts.html#copy-snapshots) + // in the Amazon EBS User Guide. DestinationOutpostArn *string `type:"string"` // The destination Region to use in the PresignedUrl parameter of a snapshot @@ -64697,8 +69627,8 @@ type CopySnapshotInput struct { // not enabled, enable encryption using this parameter. Otherwise, omit this // parameter. Encrypted snapshots are encrypted, even if you omit this parameter // and encryption by default is not enabled. You cannot set this parameter to - // false. For more information, see Amazon EBS encryption (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html) - // in the Amazon Elastic Compute Cloud User Guide. + // false. For more information, see Amazon EBS encryption (https://docs.aws.amazon.com/ebs/latest/userguide/ebs-encryption.html) + // in the Amazon EBS User Guide. Encrypted *bool `locationName:"encrypted" type:"boolean"` // The identifier of the Key Management Service (KMS) KMS key to use for Amazon @@ -64734,7 +69664,11 @@ type CopySnapshotInput struct { // in the Amazon Simple Storage Service API Reference. An invalid or improperly // signed PresignedUrl will cause the copy operation to fail asynchronously, // and the snapshot will move to an error state. - PresignedUrl *string `locationName:"presignedUrl" type:"string"` + // + // PresignedUrl is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by CopySnapshotInput's + // String and GoString methods. + PresignedUrl *string `locationName:"presignedUrl" type:"string" sensitive:"true"` // The ID of the Region that contains the snapshot to be copied. // @@ -64888,6 +69822,10 @@ func (s *CopySnapshotOutput) SetTags(v []*Tag) *CopySnapshotOutput { type CpuOptions struct { _ struct{} `type:"structure"` + // Indicates whether the instance is enabled for AMD SEV-SNP. For more information, + // see AMD SEV-SNP (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/sev-snp.html). + AmdSevSnp *string `locationName:"amdSevSnp" type:"string" enum:"AmdSevSnpSpecification"` + // The number of CPU cores for the instance. CoreCount *int64 `locationName:"coreCount" type:"integer"` @@ -64913,6 +69851,12 @@ func (s CpuOptions) GoString() string { return s.String() } +// SetAmdSevSnp sets the AmdSevSnp field's value. +func (s *CpuOptions) SetAmdSevSnp(v string) *CpuOptions { + s.AmdSevSnp = &v + return s +} + // SetCoreCount sets the CoreCount field's value. func (s *CpuOptions) SetCoreCount(v int64) *CpuOptions { s.CoreCount = &v @@ -64930,6 +69874,11 @@ func (s *CpuOptions) SetThreadsPerCore(v int64) *CpuOptions { type CpuOptionsRequest struct { _ struct{} `type:"structure"` + // Indicates whether to enable the instance for AMD SEV-SNP. AMD SEV-SNP is + // supported with M6a, R6a, and C6a instance types only. For more information, + // see AMD SEV-SNP (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/sev-snp.html). + AmdSevSnp *string `type:"string" enum:"AmdSevSnpSpecification"` + // The number of CPU cores for the instance. CoreCount *int64 `type:"integer"` @@ -64956,6 +69905,12 @@ func (s CpuOptionsRequest) GoString() string { return s.String() } +// SetAmdSevSnp sets the AmdSevSnp field's value. +func (s *CpuOptionsRequest) SetAmdSevSnp(v string) *CpuOptionsRequest { + s.AmdSevSnp = &v + return s +} + // SetCoreCount sets the CoreCount field's value. func (s *CpuOptionsRequest) SetCoreCount(v int64) *CpuOptionsRequest { s.CoreCount = &v @@ -65659,7 +70614,8 @@ type CreateClientVpnEndpointInput struct { // addresses. The address range cannot overlap with the local CIDR of the VPC // in which the associated subnet is located, or the routes that you add manually. // The address range cannot be changed after the Client VPN endpoint has been - // created. The CIDR block should be /22 or greater. + // created. Client CIDR range must have a size of at least /22 and must not + // be greater than /12. // // ClientCidrBlock is a required field ClientCidrBlock *string `type:"string" required:"true"` @@ -66310,9 +71266,7 @@ type CreateCustomerGatewayInput struct { // For devices that support BGP, the customer gateway's BGP ASN. // // Default: 65000 - // - // BgpAsn is a required field - BgpAsn *int64 `type:"integer" required:"true"` + BgpAsn *int64 `type:"integer"` // The Amazon Resource Name (ARN) for the customer gateway certificate. CertificateArn *string `type:"string"` @@ -66366,9 +71320,6 @@ func (s CreateCustomerGatewayInput) GoString() string { // Validate inspects the fields of the type to determine if they are valid. func (s *CreateCustomerGatewayInput) Validate() error { invalidParams := request.ErrInvalidParams{Context: "CreateCustomerGatewayInput"} - if s.BgpAsn == nil { - invalidParams.Add(request.NewErrParamRequired("BgpAsn")) - } if s.Type == nil { invalidParams.Add(request.NewErrParamRequired("Type")) } @@ -66726,7 +71677,7 @@ type CreateEgressOnlyInternetGatewayInput struct { _ struct{} `type:"structure"` // Unique, case-sensitive identifier that you provide to ensure the idempotency - // of the request. For more information, see How to ensure idempotency (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Run_Instance_Idempotency.html). + // of the request. For more information, see Ensuring idempotency (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Run_Instance_Idempotency.html). ClientToken *string `type:"string"` // Checks whether you have the required permissions for the action, without @@ -66923,6 +71874,8 @@ type CreateFleetInput struct { // Indicates whether running instances should be terminated if the total target // capacity of the EC2 Fleet is decreased below the current size of the EC2 // Fleet. + // + // Supported only for fleets of type maintain. ExcessCapacityTerminationPolicy *string `type:"string" enum:"FleetExcessCapacityTerminationPolicy"` // The configuration for the EC2 Fleet. @@ -66943,7 +71896,7 @@ type CreateFleetInput struct { SpotOptions *SpotOptionsRequest `type:"structure"` // The key-value pair for tagging the EC2 Fleet request on creation. For more - // information, see Tagging your resources (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html#tag-resources). + // information, see Tag your resources (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html#tag-resources). // // If the fleet type is instant, specify a resource type of fleet to tag the // fleet or instance to tag the instances at launch. @@ -67257,11 +72210,12 @@ type CreateFlowLogsInput struct { // accounts. DeliverCrossAccountRole *string `type:"string"` - // The ARN of the IAM role that allows Amazon EC2 to publish flow logs to a - // CloudWatch Logs log group in your account. + // The ARN of the IAM role that allows Amazon EC2 to publish flow logs to the + // log destination. // - // This parameter is required if the destination type is cloud-watch-logs and - // unsupported otherwise. + // This parameter is required if the destination type is cloud-watch-logs, or + // if the destination type is kinesis-data-firehose and the delivery stream + // and the resources to monitor are in different accounts. DeliverLogsPermissionArn *string `type:"string"` // The destination options. @@ -67301,9 +72255,7 @@ type CreateFlowLogsInput struct { // in the Amazon VPC User Guide or Transit Gateway Flow Log records (https://docs.aws.amazon.com/vpc/latest/tgw/tgw-flow-logs.html#flow-log-records) // in the Amazon Web Services Transit Gateway Guide. // - // Specify the fields using the ${field-id} format, separated by spaces. For - // the CLI, surround this parameter value with single quotes on Linux or double - // quotes on Windows. + // Specify the fields using the ${field-id} format, separated by spaces. LogFormat *string `type:"string"` // The name of a new or existing CloudWatch Logs log group where Amazon EC2 @@ -67663,9 +72615,22 @@ func (s *CreateFpgaImageOutput) SetFpgaImageId(v string) *CreateFpgaImageOutput type CreateImageInput struct { _ struct{} `type:"structure"` - // The block device mappings. This parameter cannot be used to modify the encryption - // status of existing volumes or snapshots. To create an AMI with encrypted - // snapshots, use the CopyImage action. + // The block device mappings. + // + // When using the CreateImage action: + // + // * You can't change the volume size using the VolumeSize parameter. If + // you want a different volume size, you must first change the volume size + // of the source instance. + // + // * You can't modify the encryption status of existing volumes or snapshots. + // To create an AMI with volumes or snapshots that have a different encryption + // status (for example, where the source volume and snapshots are unencrypted, + // and you want to create an AMI with encrypted volumes or snapshots), use + // the CopyImage action. + // + // * The only option that can be changed for existing mappings or snapshots + // is DeleteOnTermination. BlockDeviceMappings []*BlockDeviceMapping `locationName:"blockDeviceMapping" locationNameList:"BlockDeviceMapping" type:"list"` // A description for the new image. @@ -67691,17 +72656,20 @@ type CreateImageInput struct { // Name is a required field Name *string `locationName:"name" type:"string" required:"true"` - // By default, when Amazon EC2 creates the new AMI, it reboots the instance - // so that it can take snapshots of the attached volumes while data is at rest, - // in order to ensure a consistent state. You can set the NoReboot parameter - // to true in the API request, or use the --no-reboot option in the CLI to prevent - // Amazon EC2 from shutting down and rebooting the instance. + // Indicates whether or not the instance should be automatically rebooted before + // creating the image. Specify one of the following values: + // + // * true - The instance is not rebooted before creating the image. This + // creates crash-consistent snapshots that include only the data that has + // been written to the volumes at the time the snapshots are created. Buffered + // data and data in memory that has not yet been written to the volumes is + // not included in the snapshots. // - // If you choose to bypass the shutdown and reboot process by setting the NoReboot - // parameter to true in the API request, or by using the --no-reboot option - // in the CLI, we can't guarantee the file system integrity of the created image. + // * false - The instance is rebooted before creating the image. This ensures + // that all buffered data and data in memory is written to the volumes before + // the snapshots are created. // - // Default: false (follow standard reboot process) + // Default: false NoReboot *bool `locationName:"noReboot" type:"boolean"` // The tags to apply to the AMI and snapshots on creation. You can tag the AMI, @@ -67827,6 +72795,152 @@ func (s *CreateImageOutput) SetImageId(v string) *CreateImageOutput { return s } +type CreateInstanceConnectEndpointInput struct { + _ struct{} `type:"structure"` + + // Unique, case-sensitive identifier that you provide to ensure the idempotency + // of the request. + ClientToken *string `type:"string" idempotencyToken:"true"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // Indicates whether your client's IP address is preserved as the source. The + // value is true or false. + // + // * If true, your client's IP address is used when you connect to a resource. + // + // * If false, the elastic network interface IP address is used when you + // connect to a resource. + // + // Default: true + PreserveClientIp *bool `type:"boolean"` + + // One or more security groups to associate with the endpoint. If you don't + // specify a security group, the default security group for your VPC will be + // associated with the endpoint. + SecurityGroupIds []*string `locationName:"SecurityGroupId" locationNameList:"SecurityGroupId" type:"list"` + + // The ID of the subnet in which to create the EC2 Instance Connect Endpoint. + // + // SubnetId is a required field + SubnetId *string `type:"string" required:"true"` + + // The tags to apply to the EC2 Instance Connect Endpoint during creation. + TagSpecifications []*TagSpecification `locationName:"TagSpecification" locationNameList:"item" type:"list"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CreateInstanceConnectEndpointInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CreateInstanceConnectEndpointInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *CreateInstanceConnectEndpointInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "CreateInstanceConnectEndpointInput"} + if s.SubnetId == nil { + invalidParams.Add(request.NewErrParamRequired("SubnetId")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetClientToken sets the ClientToken field's value. +func (s *CreateInstanceConnectEndpointInput) SetClientToken(v string) *CreateInstanceConnectEndpointInput { + s.ClientToken = &v + return s +} + +// SetDryRun sets the DryRun field's value. +func (s *CreateInstanceConnectEndpointInput) SetDryRun(v bool) *CreateInstanceConnectEndpointInput { + s.DryRun = &v + return s +} + +// SetPreserveClientIp sets the PreserveClientIp field's value. +func (s *CreateInstanceConnectEndpointInput) SetPreserveClientIp(v bool) *CreateInstanceConnectEndpointInput { + s.PreserveClientIp = &v + return s +} + +// SetSecurityGroupIds sets the SecurityGroupIds field's value. +func (s *CreateInstanceConnectEndpointInput) SetSecurityGroupIds(v []*string) *CreateInstanceConnectEndpointInput { + s.SecurityGroupIds = v + return s +} + +// SetSubnetId sets the SubnetId field's value. +func (s *CreateInstanceConnectEndpointInput) SetSubnetId(v string) *CreateInstanceConnectEndpointInput { + s.SubnetId = &v + return s +} + +// SetTagSpecifications sets the TagSpecifications field's value. +func (s *CreateInstanceConnectEndpointInput) SetTagSpecifications(v []*TagSpecification) *CreateInstanceConnectEndpointInput { + s.TagSpecifications = v + return s +} + +type CreateInstanceConnectEndpointOutput struct { + _ struct{} `type:"structure"` + + // Unique, case-sensitive idempotency token provided by the client in the the + // request. + ClientToken *string `locationName:"clientToken" type:"string"` + + // Information about the EC2 Instance Connect Endpoint. + InstanceConnectEndpoint *Ec2InstanceConnectEndpoint `locationName:"instanceConnectEndpoint" type:"structure"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CreateInstanceConnectEndpointOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CreateInstanceConnectEndpointOutput) GoString() string { + return s.String() +} + +// SetClientToken sets the ClientToken field's value. +func (s *CreateInstanceConnectEndpointOutput) SetClientToken(v string) *CreateInstanceConnectEndpointOutput { + s.ClientToken = &v + return s +} + +// SetInstanceConnectEndpoint sets the InstanceConnectEndpoint field's value. +func (s *CreateInstanceConnectEndpointOutput) SetInstanceConnectEndpoint(v *Ec2InstanceConnectEndpoint) *CreateInstanceConnectEndpointOutput { + s.InstanceConnectEndpoint = v + return s +} + type CreateInstanceEventWindowInput struct { _ struct{} `type:"structure"` @@ -68178,6 +73292,11 @@ type CreateIpamInput struct { // to find all resources that have a tag with the key Owner and the value TeamA, // specify tag:Owner for the filter name and TeamA for the filter value. TagSpecifications []*TagSpecification `locationName:"TagSpecification" locationNameList:"item" type:"list"` + + // IPAM is offered in a Free Tier and an Advanced Tier. For more information + // about the features available in each tier and the costs associated with the + // tiers, see Amazon VPC pricing > IPAM tab (http://aws.amazon.com/vpc/pricing/). + Tier *string `type:"string" enum:"IpamTier"` } // String returns the string representation. @@ -68228,6 +73347,12 @@ func (s *CreateIpamInput) SetTagSpecifications(v []*TagSpecification) *CreateIpa return s } +// SetTier sets the Tier field's value. +func (s *CreateIpamInput) SetTier(v string) *CreateIpamInput { + s.Tier = &v + return s +} + type CreateIpamOutput struct { _ struct{} `type:"structure"` @@ -68339,6 +73464,15 @@ type CreateIpamPoolInput struct { // Possible values: Any Amazon Web Services Region, such as us-east-1. Locale *string `type:"string"` + // The IP address source for pools in the public scope. Only used for provisioning + // IP address CIDRs to pools in the public scope. Default is byoip. For more + // information, see Create IPv6 pools (https://docs.aws.amazon.com/vpc/latest/ipam/intro-create-ipv6-pools.html) + // in the Amazon VPC IPAM User Guide. By default, you can add only one Amazon-provided + // IPv6 CIDR block to a top-level IPv6 pool if PublicIpSource is amazon. For + // information on increasing the default limit, see Quotas for your IPAM (https://docs.aws.amazon.com/vpc/latest/ipam/quotas-ipam.html) + // in the Amazon VPC IPAM User Guide. + PublicIpSource *string `type:"string" enum:"IpamPoolPublicIpSource"` + // Determines if the pool is publicly advertisable. This option is not available // for pools with AddressFamily set to ipv4. PubliclyAdvertisable *bool `type:"boolean"` @@ -68348,6 +73482,9 @@ type CreateIpamPoolInput struct { // pool must be available in the source pool's CIDR range. SourceIpamPoolId *string `type:"string"` + // The resource used to provision CIDRs to a resource planning pool. + SourceResource *IpamPoolSourceResourceRequest `type:"structure"` + // The key/value combination of a tag assigned to the resource. Use the tag // key in the filter name and the tag value as the filter value. For example, // to find all resources that have a tag with the key Owner and the value TeamA, @@ -68461,6 +73598,12 @@ func (s *CreateIpamPoolInput) SetLocale(v string) *CreateIpamPoolInput { return s } +// SetPublicIpSource sets the PublicIpSource field's value. +func (s *CreateIpamPoolInput) SetPublicIpSource(v string) *CreateIpamPoolInput { + s.PublicIpSource = &v + return s +} + // SetPubliclyAdvertisable sets the PubliclyAdvertisable field's value. func (s *CreateIpamPoolInput) SetPubliclyAdvertisable(v bool) *CreateIpamPoolInput { s.PubliclyAdvertisable = &v @@ -68473,6 +73616,12 @@ func (s *CreateIpamPoolInput) SetSourceIpamPoolId(v string) *CreateIpamPoolInput return s } +// SetSourceResource sets the SourceResource field's value. +func (s *CreateIpamPoolInput) SetSourceResource(v *IpamPoolSourceResourceRequest) *CreateIpamPoolInput { + s.SourceResource = v + return s +} + // SetTagSpecifications sets the TagSpecifications field's value. func (s *CreateIpamPoolInput) SetTagSpecifications(v []*TagSpecification) *CreateIpamPoolInput { s.TagSpecifications = v @@ -68510,6 +73659,110 @@ func (s *CreateIpamPoolOutput) SetIpamPool(v *IpamPool) *CreateIpamPoolOutput { return s } +type CreateIpamResourceDiscoveryInput struct { + _ struct{} `type:"structure"` + + // A client token for the IPAM resource discovery. + ClientToken *string `type:"string" idempotencyToken:"true"` + + // A description for the IPAM resource discovery. + Description *string `type:"string"` + + // A check for whether you have the required permissions for the action without + // actually making the request and provides an error response. If you have the + // required permissions, the error response is DryRunOperation. Otherwise, it + // is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // Operating Regions for the IPAM resource discovery. Operating Regions are + // Amazon Web Services Regions where the IPAM is allowed to manage IP address + // CIDRs. IPAM only discovers and monitors resources in the Amazon Web Services + // Regions you select as operating Regions. + OperatingRegions []*AddIpamOperatingRegion `locationName:"OperatingRegion" type:"list"` + + // Tag specifications for the IPAM resource discovery. + TagSpecifications []*TagSpecification `locationName:"TagSpecification" locationNameList:"item" type:"list"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CreateIpamResourceDiscoveryInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CreateIpamResourceDiscoveryInput) GoString() string { + return s.String() +} + +// SetClientToken sets the ClientToken field's value. +func (s *CreateIpamResourceDiscoveryInput) SetClientToken(v string) *CreateIpamResourceDiscoveryInput { + s.ClientToken = &v + return s +} + +// SetDescription sets the Description field's value. +func (s *CreateIpamResourceDiscoveryInput) SetDescription(v string) *CreateIpamResourceDiscoveryInput { + s.Description = &v + return s +} + +// SetDryRun sets the DryRun field's value. +func (s *CreateIpamResourceDiscoveryInput) SetDryRun(v bool) *CreateIpamResourceDiscoveryInput { + s.DryRun = &v + return s +} + +// SetOperatingRegions sets the OperatingRegions field's value. +func (s *CreateIpamResourceDiscoveryInput) SetOperatingRegions(v []*AddIpamOperatingRegion) *CreateIpamResourceDiscoveryInput { + s.OperatingRegions = v + return s +} + +// SetTagSpecifications sets the TagSpecifications field's value. +func (s *CreateIpamResourceDiscoveryInput) SetTagSpecifications(v []*TagSpecification) *CreateIpamResourceDiscoveryInput { + s.TagSpecifications = v + return s +} + +type CreateIpamResourceDiscoveryOutput struct { + _ struct{} `type:"structure"` + + // An IPAM resource discovery. + IpamResourceDiscovery *IpamResourceDiscovery `locationName:"ipamResourceDiscovery" type:"structure"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CreateIpamResourceDiscoveryOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CreateIpamResourceDiscoveryOutput) GoString() string { + return s.String() +} + +// SetIpamResourceDiscovery sets the IpamResourceDiscovery field's value. +func (s *CreateIpamResourceDiscoveryOutput) SetIpamResourceDiscovery(v *IpamResourceDiscovery) *CreateIpamResourceDiscoveryOutput { + s.IpamResourceDiscovery = v + return s +} + type CreateIpamScopeInput struct { _ struct{} `type:"structure"` @@ -68815,12 +74068,8 @@ type CreateLaunchTemplateInput struct { // The information for the launch template. // - // LaunchTemplateData is a sensitive parameter and its value will be - // replaced with "sensitive" in string returned by CreateLaunchTemplateInput's - // String and GoString methods. - // // LaunchTemplateData is a required field - LaunchTemplateData *RequestLaunchTemplateData `type:"structure" required:"true" sensitive:"true"` + LaunchTemplateData *RequestLaunchTemplateData `type:"structure" required:"true"` // A name for the launch template. // @@ -68977,12 +74226,8 @@ type CreateLaunchTemplateVersionInput struct { // The information for the launch template. // - // LaunchTemplateData is a sensitive parameter and its value will be - // replaced with "sensitive" in string returned by CreateLaunchTemplateVersionInput's - // String and GoString methods. - // // LaunchTemplateData is a required field - LaunchTemplateData *RequestLaunchTemplateData `type:"structure" required:"true" sensitive:"true"` + LaunchTemplateData *RequestLaunchTemplateData `type:"structure" required:"true"` // The ID of the launch template. // @@ -68996,6 +74241,14 @@ type CreateLaunchTemplateVersionInput struct { // both. LaunchTemplateName *string `min:"3" type:"string"` + // If true, and if a Systems Manager parameter is specified for ImageId, the + // AMI ID is displayed in the response for imageID. For more information, see + // Use a Systems Manager parameter instead of an AMI ID (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-launch-templates.html#use-an-ssm-parameter-instead-of-an-ami-id) + // in the Amazon Elastic Compute Cloud User Guide. + // + // Default: false + ResolveAlias *bool `type:"boolean"` + // The version number of the launch template version on which to base the new // version. The new version inherits the same launch parameters as the source // version, except for parameters that you specify in LaunchTemplateData. Snapshots @@ -69076,6 +74329,12 @@ func (s *CreateLaunchTemplateVersionInput) SetLaunchTemplateName(v string) *Crea return s } +// SetResolveAlias sets the ResolveAlias field's value. +func (s *CreateLaunchTemplateVersionInput) SetResolveAlias(v bool) *CreateLaunchTemplateVersionInput { + s.ResolveAlias = &v + return s +} + // SetSourceVersion sets the SourceVersion field's value. func (s *CreateLaunchTemplateVersionInput) SetSourceVersion(v string) *CreateLaunchTemplateVersionInput { s.SourceVersion = &v @@ -69135,9 +74394,12 @@ type CreateLocalGatewayRouteInput struct { // The CIDR range used for destination matches. Routing decisions are based // on the most specific match. - // - // DestinationCidrBlock is a required field - DestinationCidrBlock *string `type:"string" required:"true"` + DestinationCidrBlock *string `type:"string"` + + // The ID of the prefix list. Use a prefix list in place of DestinationCidrBlock. + // You cannot use DestinationPrefixListId and DestinationCidrBlock in the same + // request. + DestinationPrefixListId *string `type:"string"` // Checks whether you have the required permissions for the action, without // actually making the request, and provides an error response. If you have @@ -69178,9 +74440,6 @@ func (s CreateLocalGatewayRouteInput) GoString() string { // Validate inspects the fields of the type to determine if they are valid. func (s *CreateLocalGatewayRouteInput) Validate() error { invalidParams := request.ErrInvalidParams{Context: "CreateLocalGatewayRouteInput"} - if s.DestinationCidrBlock == nil { - invalidParams.Add(request.NewErrParamRequired("DestinationCidrBlock")) - } if s.LocalGatewayRouteTableId == nil { invalidParams.Add(request.NewErrParamRequired("LocalGatewayRouteTableId")) } @@ -69197,6 +74456,12 @@ func (s *CreateLocalGatewayRouteInput) SetDestinationCidrBlock(v string) *Create return s } +// SetDestinationPrefixListId sets the DestinationPrefixListId field's value. +func (s *CreateLocalGatewayRouteInput) SetDestinationPrefixListId(v string) *CreateLocalGatewayRouteInput { + s.DestinationPrefixListId = &v + return s +} + // SetDryRun sets the DryRun field's value. func (s *CreateLocalGatewayRouteInput) SetDryRun(v bool) *CreateLocalGatewayRouteInput { s.DryRun = &v @@ -69755,7 +75020,7 @@ type CreateNatGatewayInput struct { AllocationId *string `type:"string"` // Unique, case-sensitive identifier that you provide to ensure the idempotency - // of the request. For more information, see How to ensure idempotency (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html). + // of the request. For more information, see Ensuring idempotency (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html). // // Constraint: Maximum 64 ASCII characters. ClientToken *string `type:"string" idempotencyToken:"true"` @@ -69774,7 +75039,23 @@ type CreateNatGatewayInput struct { // an address, a private IPv4 address will be automatically assigned. PrivateIpAddress *string `type:"string"` - // The subnet in which to create the NAT gateway. + // Secondary EIP allocation IDs. For more information, see Create a NAT gateway + // (https://docs.aws.amazon.com/vpc/latest/userguide/vpc-nat-gateway.html#nat-gateway-creating) + // in the Amazon VPC User Guide. + SecondaryAllocationIds []*string `locationName:"SecondaryAllocationId" locationNameList:"AllocationId" type:"list"` + + // [Private NAT gateway only] The number of secondary private IPv4 addresses + // you want to assign to the NAT gateway. For more information about secondary + // addresses, see Create a NAT gateway (https://docs.aws.amazon.com/vpc/latest/userguide/vpc-nat-gateway.html#nat-gateway-creating) + // in the Amazon VPC User Guide. + SecondaryPrivateIpAddressCount *int64 `min:"1" type:"integer"` + + // Secondary private IPv4 addresses. For more information about secondary addresses, + // see Create a NAT gateway (https://docs.aws.amazon.com/vpc/latest/userguide/vpc-nat-gateway.html#nat-gateway-creating) + // in the Amazon VPC User Guide. + SecondaryPrivateIpAddresses []*string `locationName:"SecondaryPrivateIpAddress" locationNameList:"item" type:"list"` + + // The ID of the subnet in which to create the NAT gateway. // // SubnetId is a required field SubnetId *string `type:"string" required:"true"` @@ -69804,6 +75085,9 @@ func (s CreateNatGatewayInput) GoString() string { // Validate inspects the fields of the type to determine if they are valid. func (s *CreateNatGatewayInput) Validate() error { invalidParams := request.ErrInvalidParams{Context: "CreateNatGatewayInput"} + if s.SecondaryPrivateIpAddressCount != nil && *s.SecondaryPrivateIpAddressCount < 1 { + invalidParams.Add(request.NewErrParamMinValue("SecondaryPrivateIpAddressCount", 1)) + } if s.SubnetId == nil { invalidParams.Add(request.NewErrParamRequired("SubnetId")) } @@ -69844,6 +75128,24 @@ func (s *CreateNatGatewayInput) SetPrivateIpAddress(v string) *CreateNatGatewayI return s } +// SetSecondaryAllocationIds sets the SecondaryAllocationIds field's value. +func (s *CreateNatGatewayInput) SetSecondaryAllocationIds(v []*string) *CreateNatGatewayInput { + s.SecondaryAllocationIds = v + return s +} + +// SetSecondaryPrivateIpAddressCount sets the SecondaryPrivateIpAddressCount field's value. +func (s *CreateNatGatewayInput) SetSecondaryPrivateIpAddressCount(v int64) *CreateNatGatewayInput { + s.SecondaryPrivateIpAddressCount = &v + return s +} + +// SetSecondaryPrivateIpAddresses sets the SecondaryPrivateIpAddresses field's value. +func (s *CreateNatGatewayInput) SetSecondaryPrivateIpAddresses(v []*string) *CreateNatGatewayInput { + s.SecondaryPrivateIpAddresses = v + return s +} + // SetSubnetId sets the SubnetId field's value. func (s *CreateNatGatewayInput) SetSubnetId(v string) *CreateNatGatewayInput { s.SubnetId = &v @@ -70087,6 +75389,10 @@ func (s CreateNetworkAclEntryOutput) GoString() string { type CreateNetworkAclInput struct { _ struct{} `type:"structure"` + // Unique, case-sensitive identifier that you provide to ensure the idempotency + // of the request. For more information, see Ensuring idempotency (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Run_Instance_Idempotency.html). + ClientToken *string `type:"string" idempotencyToken:"true"` + // Checks whether you have the required permissions for the action, without // actually making the request, and provides an error response. If you have // the required permissions, the error response is DryRunOperation. Otherwise, @@ -70133,6 +75439,12 @@ func (s *CreateNetworkAclInput) Validate() error { return nil } +// SetClientToken sets the ClientToken field's value. +func (s *CreateNetworkAclInput) SetClientToken(v string) *CreateNetworkAclInput { + s.ClientToken = &v + return s +} + // SetDryRun sets the DryRun field's value. func (s *CreateNetworkAclInput) SetDryRun(v bool) *CreateNetworkAclInput { s.DryRun = &v @@ -70154,6 +75466,10 @@ func (s *CreateNetworkAclInput) SetVpcId(v string) *CreateNetworkAclInput { type CreateNetworkAclOutput struct { _ struct{} `type:"structure"` + // Unique, case-sensitive identifier to ensure the idempotency of the request. + // Only returned if a client token was provided in the request. + ClientToken *string `locationName:"clientToken" type:"string"` + // Information about the network ACL. NetworkAcl *NetworkAcl `locationName:"networkAcl" type:"structure"` } @@ -70176,6 +75492,12 @@ func (s CreateNetworkAclOutput) GoString() string { return s.String() } +// SetClientToken sets the ClientToken field's value. +func (s *CreateNetworkAclOutput) SetClientToken(v string) *CreateNetworkAclOutput { + s.ClientToken = &v + return s +} + // SetNetworkAcl sets the NetworkAcl field's value. func (s *CreateNetworkAclOutput) SetNetworkAcl(v *NetworkAcl) *CreateNetworkAclOutput { s.NetworkAcl = v @@ -70300,13 +75622,11 @@ type CreateNetworkInsightsPathInput struct { // of the request. For more information, see How to ensure idempotency (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html). ClientToken *string `type:"string" idempotencyToken:"true"` - // The Amazon Web Services resource that is the destination of the path. - // - // Destination is a required field - Destination *string `type:"string" required:"true"` + // The ID or ARN of the destination. If the resource is in another account, + // you must specify an ARN. + Destination *string `type:"string"` - // The IP address of the Amazon Web Services resource that is the destination - // of the path. + // The IP address of the destination. DestinationIp *string `type:"string"` // The destination port. @@ -70318,18 +75638,28 @@ type CreateNetworkInsightsPathInput struct { // it is UnauthorizedOperation. DryRun *bool `type:"boolean"` + // Scopes the analysis to network paths that match specific filters at the destination. + // If you specify this parameter, you can't specify the parameter for the destination + // IP address. + FilterAtDestination *PathRequestFilter `type:"structure"` + + // Scopes the analysis to network paths that match specific filters at the source. + // If you specify this parameter, you can't specify the parameters for the source + // IP address or the destination port. + FilterAtSource *PathRequestFilter `type:"structure"` + // The protocol. // // Protocol is a required field Protocol *string `type:"string" required:"true" enum:"Protocol"` - // The Amazon Web Services resource that is the source of the path. + // The ID or ARN of the source. If the resource is in another account, you must + // specify an ARN. // // Source is a required field Source *string `type:"string" required:"true"` - // The IP address of the Amazon Web Services resource that is the source of - // the path. + // The IP address of the source. SourceIp *string `type:"string"` // The tags to add to the path. @@ -70357,9 +75687,6 @@ func (s CreateNetworkInsightsPathInput) GoString() string { // Validate inspects the fields of the type to determine if they are valid. func (s *CreateNetworkInsightsPathInput) Validate() error { invalidParams := request.ErrInvalidParams{Context: "CreateNetworkInsightsPathInput"} - if s.Destination == nil { - invalidParams.Add(request.NewErrParamRequired("Destination")) - } if s.Protocol == nil { invalidParams.Add(request.NewErrParamRequired("Protocol")) } @@ -70403,6 +75730,18 @@ func (s *CreateNetworkInsightsPathInput) SetDryRun(v bool) *CreateNetworkInsight return s } +// SetFilterAtDestination sets the FilterAtDestination field's value. +func (s *CreateNetworkInsightsPathInput) SetFilterAtDestination(v *PathRequestFilter) *CreateNetworkInsightsPathInput { + s.FilterAtDestination = v + return s +} + +// SetFilterAtSource sets the FilterAtSource field's value. +func (s *CreateNetworkInsightsPathInput) SetFilterAtSource(v *PathRequestFilter) *CreateNetworkInsightsPathInput { + s.FilterAtSource = v + return s +} + // SetProtocol sets the Protocol field's value. func (s *CreateNetworkInsightsPathInput) SetProtocol(v string) *CreateNetworkInsightsPathInput { s.Protocol = &v @@ -70465,6 +75804,9 @@ type CreateNetworkInterfaceInput struct { // of the request. For more information, see Ensuring Idempotency (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html). ClientToken *string `type:"string" idempotencyToken:"true"` + // A connection tracking specification for the network interface. + ConnectionTrackingSpecification *ConnectionTrackingSpecificationRequest `type:"structure"` + // A description for the network interface. Description *string `locationName:"description" type:"string"` @@ -70474,12 +75816,27 @@ type CreateNetworkInterfaceInput struct { // it is UnauthorizedOperation. DryRun *bool `locationName:"dryRun" type:"boolean"` + // If you’re creating a network interface in a dual-stack or IPv6-only subnet, + // you have the option to assign a primary IPv6 IP address. A primary IPv6 address + // is an IPv6 GUA address associated with an ENI that you have enabled to use + // a primary IPv6 address. Use this option if the instance that this ENI will + // be attached to relies on its IPv6 address not changing. Amazon Web Services + // will automatically assign an IPv6 address associated with the ENI attached + // to your instance to be the primary IPv6 address. Once you enable an IPv6 + // GUA address to be a primary IPv6, you cannot disable it. When you enable + // an IPv6 GUA address to be a primary IPv6, the first IPv6 GUA will be made + // the primary IPv6 address until the instance is terminated or the network + // interface is detached. If you have multiple IPv6 addresses associated with + // an ENI attached to your instance and you enable a primary IPv6 address, the + // first IPv6 GUA address associated with the ENI becomes the primary IPv6 address. + EnablePrimaryIpv6 *bool `type:"boolean"` + // The IDs of one or more security groups. Groups []*string `locationName:"SecurityGroupId" locationNameList:"SecurityGroupId" type:"list"` // The type of network interface. The default is interface. // - // The only supported values are efa and trunk. + // The only supported values are interface, efa, and trunk. InterfaceType *string `type:"string" enum:"NetworkInterfaceCreationType"` // The number of IPv4 prefixes that Amazon Web Services automatically assigns @@ -70599,6 +75956,12 @@ func (s *CreateNetworkInterfaceInput) SetClientToken(v string) *CreateNetworkInt return s } +// SetConnectionTrackingSpecification sets the ConnectionTrackingSpecification field's value. +func (s *CreateNetworkInterfaceInput) SetConnectionTrackingSpecification(v *ConnectionTrackingSpecificationRequest) *CreateNetworkInterfaceInput { + s.ConnectionTrackingSpecification = v + return s +} + // SetDescription sets the Description field's value. func (s *CreateNetworkInterfaceInput) SetDescription(v string) *CreateNetworkInterfaceInput { s.Description = &v @@ -70611,6 +75974,12 @@ func (s *CreateNetworkInterfaceInput) SetDryRun(v bool) *CreateNetworkInterfaceI return s } +// SetEnablePrimaryIpv6 sets the EnablePrimaryIpv6 field's value. +func (s *CreateNetworkInterfaceInput) SetEnablePrimaryIpv6(v bool) *CreateNetworkInterfaceInput { + s.EnablePrimaryIpv6 = &v + return s +} + // SetGroups sets the Groups field's value. func (s *CreateNetworkInterfaceInput) SetGroups(v []*string) *CreateNetworkInterfaceInput { s.Groups = v @@ -71681,6 +77050,10 @@ func (s *CreateRouteOutput) SetReturn(v bool) *CreateRouteOutput { type CreateRouteTableInput struct { _ struct{} `type:"structure"` + // Unique, case-sensitive identifier that you provide to ensure the idempotency + // of the request. For more information, see Ensuring idempotency (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Run_Instance_Idempotency.html). + ClientToken *string `type:"string" idempotencyToken:"true"` + // Checks whether you have the required permissions for the action, without // actually making the request, and provides an error response. If you have // the required permissions, the error response is DryRunOperation. Otherwise, @@ -71727,6 +77100,12 @@ func (s *CreateRouteTableInput) Validate() error { return nil } +// SetClientToken sets the ClientToken field's value. +func (s *CreateRouteTableInput) SetClientToken(v string) *CreateRouteTableInput { + s.ClientToken = &v + return s +} + // SetDryRun sets the DryRun field's value. func (s *CreateRouteTableInput) SetDryRun(v bool) *CreateRouteTableInput { s.DryRun = &v @@ -71748,6 +77127,10 @@ func (s *CreateRouteTableInput) SetVpcId(v string) *CreateRouteTableInput { type CreateRouteTableOutput struct { _ struct{} `type:"structure"` + // Unique, case-sensitive identifier to ensure the idempotency of the request. + // Only returned if a client token was provided in the request. + ClientToken *string `locationName:"clientToken" type:"string"` + // Information about the route table. RouteTable *RouteTable `locationName:"routeTable" type:"structure"` } @@ -71770,6 +77153,12 @@ func (s CreateRouteTableOutput) GoString() string { return s.String() } +// SetClientToken sets the ClientToken field's value. +func (s *CreateRouteTableOutput) SetClientToken(v string) *CreateRouteTableOutput { + s.ClientToken = &v + return s +} + // SetRouteTable sets the RouteTable field's value. func (s *CreateRouteTableOutput) SetRouteTable(v *RouteTable) *CreateRouteTableOutput { s.RouteTable = v @@ -71779,13 +77168,11 @@ func (s *CreateRouteTableOutput) SetRouteTable(v *RouteTable) *CreateRouteTableO type CreateSecurityGroupInput struct { _ struct{} `type:"structure"` - // A description for the security group. This is informational only. + // A description for the security group. // // Constraints: Up to 255 characters in length // - // Constraints for EC2-Classic: ASCII characters - // - // Constraints for EC2-VPC: a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=&;{}!$* + // Valid characters: a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=&;{}!$* // // Description is a required field Description *string `locationName:"GroupDescription" type:"string" required:"true"` @@ -71800,9 +77187,7 @@ type CreateSecurityGroupInput struct { // // Constraints: Up to 255 characters in length. Cannot start with sg-. // - // Constraints for EC2-Classic: ASCII characters - // - // Constraints for EC2-VPC: a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=&;{}!$* + // Valid characters: a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=&;{}!$* // // GroupName is a required field GroupName *string `type:"string" required:"true"` @@ -71810,7 +77195,7 @@ type CreateSecurityGroupInput struct { // The tags to assign to the security group. TagSpecifications []*TagSpecification `locationName:"TagSpecification" locationNameList:"item" type:"list"` - // [EC2-VPC] The ID of the VPC. Required for EC2-VPC. + // The ID of the VPC. Required for a nondefault VPC. VpcId *string `type:"string"` } @@ -71945,8 +77330,8 @@ type CreateSnapshotInput struct { // must be created on the same Outpost as the volume. // // For more information, see Create local snapshots from volumes on an Outpost - // (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/snapshots-outposts.html#create-snapshot) - // in the Amazon Elastic Compute Cloud User Guide. + // (https://docs.aws.amazon.com/ebs/latest/userguide/snapshots-outposts.html#create-snapshot) + // in the Amazon EBS User Guide. OutpostArn *string `type:"string"` // The tags to apply to the snapshot during creation. @@ -72054,8 +77439,8 @@ type CreateSnapshotsInput struct { // must be created on the same Outpost as the instance. // // For more information, see Create multi-volume local snapshots from instances - // on an Outpost (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/snapshots-outposts.html#create-multivol-snapshot) - // in the Amazon Elastic Compute Cloud User Guide. + // on an Outpost (https://docs.aws.amazon.com/ebs/latest/userguide/snapshots-outposts.html#create-multivol-snapshot) + // in the Amazon EBS User Guide. OutpostArn *string `type:"string"` // Tags to apply to every snapshot specified by the instance. @@ -72086,6 +77471,11 @@ func (s *CreateSnapshotsInput) Validate() error { if s.InstanceSpecification == nil { invalidParams.Add(request.NewErrParamRequired("InstanceSpecification")) } + if s.InstanceSpecification != nil { + if err := s.InstanceSpecification.Validate(); err != nil { + invalidParams.AddNested("InstanceSpecification", err.(request.ErrInvalidParams)) + } + } if invalidParams.Len() > 0 { return invalidParams @@ -72395,18 +77785,13 @@ type CreateSubnetCidrReservationInput struct { // it is UnauthorizedOperation. DryRun *bool `type:"boolean"` - // The type of reservation. - // - // The following are valid values: + // The type of reservation. The reservation type determines how the reserved + // IP addresses are assigned to resources. // - // * prefix: The Amazon EC2 Prefix Delegation feature assigns the IP addresses - // to network interfaces that are associated with an instance. For information - // about Prefix Delegation, see Prefix Delegation for Amazon EC2 network - // interfaces (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-prefix-delegation.html) - // in the Amazon Elastic Compute Cloud User Guide. + // * prefix - Amazon Web Services assigns the reserved IP addresses to network + // interfaces. // - // * explicit: You manually assign the IP addresses to resources that reside - // in your subnet. + // * explicit - You assign the reserved IP addresses to network interfaces. // // ReservationType is a required field ReservationType *string `type:"string" required:"true" enum:"SubnetCidrReservationType"` @@ -72535,8 +77920,7 @@ type CreateSubnetInput struct { // // To create a subnet in a Local Zone, set this value to the Local Zone ID, // for example us-west-2-lax-1a. For information about the Regions that support - // Local Zones, see Available Regions (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-regions-availability-zones.html#concepts-available-regions) - // in the Amazon Elastic Compute Cloud User Guide. + // Local Zones, see Local Zones locations (http://aws.amazon.com/about-aws/global-infrastructure/localzones/locations/). // // To create a subnet in an Outpost, set this value to the Availability Zone // for the Outpost and specify the Outpost ARN. @@ -72558,15 +77942,25 @@ type CreateSubnetInput struct { // it is UnauthorizedOperation. DryRun *bool `locationName:"dryRun" type:"boolean"` - // The IPv6 network range for the subnet, in CIDR notation. The subnet size - // must use a /64 prefix length. - // - // This parameter is required for an IPv6 only subnet. + // An IPv4 IPAM pool ID for the subnet. + Ipv4IpamPoolId *string `type:"string"` + + // An IPv4 netmask length for the subnet. + Ipv4NetmaskLength *int64 `type:"integer"` + + // The IPv6 network range for the subnet, in CIDR notation. This parameter is + // required for an IPv6 only subnet. Ipv6CidrBlock *string `type:"string"` + // An IPv6 IPAM pool ID for the subnet. + Ipv6IpamPoolId *string `type:"string"` + // Indicates whether to create an IPv6 only subnet. Ipv6Native *bool `type:"boolean"` + // An IPv6 netmask length for the subnet. + Ipv6NetmaskLength *int64 `type:"integer"` + // The Amazon Resource Name (ARN) of the Outpost. If you specify an Outpost // ARN, you must also specify the Availability Zone of the Outpost subnet. OutpostArn *string `type:"string"` @@ -72635,18 +78029,42 @@ func (s *CreateSubnetInput) SetDryRun(v bool) *CreateSubnetInput { return s } +// SetIpv4IpamPoolId sets the Ipv4IpamPoolId field's value. +func (s *CreateSubnetInput) SetIpv4IpamPoolId(v string) *CreateSubnetInput { + s.Ipv4IpamPoolId = &v + return s +} + +// SetIpv4NetmaskLength sets the Ipv4NetmaskLength field's value. +func (s *CreateSubnetInput) SetIpv4NetmaskLength(v int64) *CreateSubnetInput { + s.Ipv4NetmaskLength = &v + return s +} + // SetIpv6CidrBlock sets the Ipv6CidrBlock field's value. func (s *CreateSubnetInput) SetIpv6CidrBlock(v string) *CreateSubnetInput { s.Ipv6CidrBlock = &v return s } +// SetIpv6IpamPoolId sets the Ipv6IpamPoolId field's value. +func (s *CreateSubnetInput) SetIpv6IpamPoolId(v string) *CreateSubnetInput { + s.Ipv6IpamPoolId = &v + return s +} + // SetIpv6Native sets the Ipv6Native field's value. func (s *CreateSubnetInput) SetIpv6Native(v bool) *CreateSubnetInput { s.Ipv6Native = &v return s } +// SetIpv6NetmaskLength sets the Ipv6NetmaskLength field's value. +func (s *CreateSubnetInput) SetIpv6NetmaskLength(v int64) *CreateSubnetInput { + s.Ipv6NetmaskLength = &v + return s +} + // SetOutpostArn sets the OutpostArn field's value. func (s *CreateSubnetInput) SetOutpostArn(v string) *CreateSubnetInput { s.OutpostArn = &v @@ -73147,6 +78565,10 @@ type CreateTrafficMirrorSessionInput struct { // // If you do not want to mirror the entire packet, use the PacketLength parameter // to specify the number of bytes in each packet to mirror. + // + // For sessions with Network Load Balancer (NLB) Traffic Mirror targets the + // default PacketLength will be set to 8500. Valid values are 1-8500. Setting + // a PacketLength greater than 8500 will result in an error response. PacketLength *int64 `type:"integer"` // The session number determines the order in which sessions are evaluated when @@ -74905,6 +80327,22 @@ type CreateTransitGatewayVpcAttachmentRequestOptions struct { // Enable or disable IPv6 support. The default is disable. Ipv6Support *string `type:"string" enum:"Ipv6SupportValue"` + + // + // This parameter is in preview and may not be available for your account. + // + // Enables you to reference a security group across VPCs attached to a transit + // gateway. Use this option to simplify security group management and control + // of instance-to-instance traffic across VPCs that are connected by transit + // gateway. You can also use this option to migrate from VPC peering (which + // was the only option that supported security group referencing) to transit + // gateways (which now also support security group referencing). This option + // is disabled by default and there are no additional costs to use this feature. + // + // If you don't enable or disable SecurityGroupReferencingSupport in the request, + // the attachment will inherit the security group referencing support setting + // on the transit gateway. + SecurityGroupReferencingSupport *string `type:"string" enum:"SecurityGroupReferencingSupportValue"` } // String returns the string representation. @@ -74943,7 +80381,14 @@ func (s *CreateTransitGatewayVpcAttachmentRequestOptions) SetIpv6Support(v strin return s } -// Options for a network interface-type endpoint. +// SetSecurityGroupReferencingSupport sets the SecurityGroupReferencingSupport field's value. +func (s *CreateTransitGatewayVpcAttachmentRequestOptions) SetSecurityGroupReferencingSupport(v string) *CreateTransitGatewayVpcAttachmentRequestOptions { + s.SecurityGroupReferencingSupport = &v + return s +} + +// Describes the network interface options when creating an Amazon Web Services +// Verified Access endpoint using the network-interface type. type CreateVerifiedAccessEndpointEniOptions struct { _ struct{} `type:"structure"` @@ -75014,7 +80459,7 @@ type CreateVerifiedAccessEndpointInput struct { // ApplicationDomain is a required field ApplicationDomain *string `type:"string" required:"true"` - // The Amazon Web Services network component Verified Access attaches to. + // The type of attachment. // // AttachmentType is a required field AttachmentType *string `type:"string" required:"true" enum:"VerifiedAccessEndpointAttachmentType"` @@ -75024,7 +80469,7 @@ type CreateVerifiedAccessEndpointInput struct { // (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html). ClientToken *string `type:"string" idempotencyToken:"true"` - // A description for the Amazon Web Services Verified Access endpoint. + // A description for the Verified Access endpoint. Description *string `type:"string"` // The ARN of the public TLS/SSL certificate in Amazon Web Services Certificate @@ -75040,33 +80485,36 @@ type CreateVerifiedAccessEndpointInput struct { // it is UnauthorizedOperation. DryRun *bool `type:"boolean"` - // A custom identifier that gets prepended to a DNS name that is generated for + // A custom identifier that is prepended to the DNS name that is generated for // the endpoint. // // EndpointDomainPrefix is a required field EndpointDomainPrefix *string `type:"string" required:"true"` - // The type of Amazon Web Services Verified Access endpoint to create. + // The type of Verified Access endpoint to create. // // EndpointType is a required field EndpointType *string `type:"string" required:"true" enum:"VerifiedAccessEndpointType"` - // The load balancer details if creating the Amazon Web Services Verified Access - // endpoint as load-balancertype. + // The load balancer details. This parameter is required if the endpoint type + // is load-balancer. LoadBalancerOptions *CreateVerifiedAccessEndpointLoadBalancerOptions `type:"structure"` - // The network interface details if creating the Amazon Web Services Verified - // Access endpoint as network-interfacetype. + // The network interface details. This parameter is required if the endpoint + // type is network-interface. NetworkInterfaceOptions *CreateVerifiedAccessEndpointEniOptions `type:"structure"` - // The Amazon Web Services Verified Access policy document. + // The Verified Access policy document. PolicyDocument *string `type:"string"` - // The Amazon EC2 security groups to associate with the Amazon Web Services - // Verified Access endpoint. + // The IDs of the security groups to associate with the Verified Access endpoint. + // Required if AttachmentType is set to vpc. SecurityGroupIds []*string `locationName:"SecurityGroupId" locationNameList:"item" type:"list"` - // The tags to assign to the Amazon Web Services Verified Access endpoint. + // The options for server side encryption. + SseSpecification *VerifiedAccessSseSpecificationRequest `type:"structure"` + + // The tags to assign to the Verified Access endpoint. TagSpecifications []*TagSpecification `locationName:"TagSpecification" locationNameList:"item" type:"list"` // The ID of the Verified Access group to associate the endpoint with. @@ -75203,6 +80651,12 @@ func (s *CreateVerifiedAccessEndpointInput) SetSecurityGroupIds(v []*string) *Cr return s } +// SetSseSpecification sets the SseSpecification field's value. +func (s *CreateVerifiedAccessEndpointInput) SetSseSpecification(v *VerifiedAccessSseSpecificationRequest) *CreateVerifiedAccessEndpointInput { + s.SseSpecification = v + return s +} + // SetTagSpecifications sets the TagSpecifications field's value. func (s *CreateVerifiedAccessEndpointInput) SetTagSpecifications(v []*TagSpecification) *CreateVerifiedAccessEndpointInput { s.TagSpecifications = v @@ -75215,8 +80669,8 @@ func (s *CreateVerifiedAccessEndpointInput) SetVerifiedAccessGroupId(v string) * return s } -// Describes a load balancer when creating an Amazon Web Services Verified Access -// endpoint using the load-balancer type. +// Describes the load balancer options when creating an Amazon Web Services +// Verified Access endpoint using the load-balancer type. type CreateVerifiedAccessEndpointLoadBalancerOptions struct { _ struct{} `type:"structure"` @@ -75291,7 +80745,7 @@ func (s *CreateVerifiedAccessEndpointLoadBalancerOptions) SetSubnetIds(v []*stri type CreateVerifiedAccessEndpointOutput struct { _ struct{} `type:"structure"` - // The ID of the Amazon Web Services Verified Access endpoint. + // Details about the Verified Access endpoint. VerifiedAccessEndpoint *VerifiedAccessEndpoint `locationName:"verifiedAccessEndpoint" type:"structure"` } @@ -75327,7 +80781,7 @@ type CreateVerifiedAccessGroupInput struct { // (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html). ClientToken *string `type:"string" idempotencyToken:"true"` - // A description for the Amazon Web Services Verified Access group. + // A description for the Verified Access group. Description *string `type:"string"` // Checks whether you have the required permissions for the action, without @@ -75336,13 +80790,16 @@ type CreateVerifiedAccessGroupInput struct { // it is UnauthorizedOperation. DryRun *bool `type:"boolean"` - // The Amazon Web Services Verified Access policy document. + // The Verified Access policy document. PolicyDocument *string `type:"string"` - // The tags to assign to the Amazon Web Services Verified Access group. + // The options for server side encryption. + SseSpecification *VerifiedAccessSseSpecificationRequest `type:"structure"` + + // The tags to assign to the Verified Access group. TagSpecifications []*TagSpecification `locationName:"TagSpecification" locationNameList:"item" type:"list"` - // The ID of the Amazon Web Services Verified Access instance. + // The ID of the Verified Access instance. // // VerifiedAccessInstanceId is a required field VerifiedAccessInstanceId *string `type:"string" required:"true"` @@ -75403,6 +80860,12 @@ func (s *CreateVerifiedAccessGroupInput) SetPolicyDocument(v string) *CreateVeri return s } +// SetSseSpecification sets the SseSpecification field's value. +func (s *CreateVerifiedAccessGroupInput) SetSseSpecification(v *VerifiedAccessSseSpecificationRequest) *CreateVerifiedAccessGroupInput { + s.SseSpecification = v + return s +} + // SetTagSpecifications sets the TagSpecifications field's value. func (s *CreateVerifiedAccessGroupInput) SetTagSpecifications(v []*TagSpecification) *CreateVerifiedAccessGroupInput { s.TagSpecifications = v @@ -75418,7 +80881,7 @@ func (s *CreateVerifiedAccessGroupInput) SetVerifiedAccessInstanceId(v string) * type CreateVerifiedAccessGroupOutput struct { _ struct{} `type:"structure"` - // The ID of the Verified Access group. + // Details about the Verified Access group. VerifiedAccessGroup *VerifiedAccessGroup `locationName:"verifiedAccessGroup" type:"structure"` } @@ -75454,7 +80917,7 @@ type CreateVerifiedAccessInstanceInput struct { // (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html). ClientToken *string `type:"string" idempotencyToken:"true"` - // A description for the Amazon Web Services Verified Access instance. + // A description for the Verified Access instance. Description *string `type:"string"` // Checks whether you have the required permissions for the action, without @@ -75463,7 +80926,11 @@ type CreateVerifiedAccessInstanceInput struct { // it is UnauthorizedOperation. DryRun *bool `type:"boolean"` - // The tags to assign to the Amazon Web Services Verified Access instance. + // Enable or disable support for Federal Information Processing Standards (FIPS) + // on the instance. + FIPSEnabled *bool `type:"boolean"` + + // The tags to assign to the Verified Access instance. TagSpecifications []*TagSpecification `locationName:"TagSpecification" locationNameList:"item" type:"list"` } @@ -75503,6 +80970,12 @@ func (s *CreateVerifiedAccessInstanceInput) SetDryRun(v bool) *CreateVerifiedAcc return s } +// SetFIPSEnabled sets the FIPSEnabled field's value. +func (s *CreateVerifiedAccessInstanceInput) SetFIPSEnabled(v bool) *CreateVerifiedAccessInstanceInput { + s.FIPSEnabled = &v + return s +} + // SetTagSpecifications sets the TagSpecifications field's value. func (s *CreateVerifiedAccessInstanceInput) SetTagSpecifications(v []*TagSpecification) *CreateVerifiedAccessInstanceInput { s.TagSpecifications = v @@ -75512,7 +80985,7 @@ func (s *CreateVerifiedAccessInstanceInput) SetTagSpecifications(v []*TagSpecifi type CreateVerifiedAccessInstanceOutput struct { _ struct{} `type:"structure"` - // The ID of the Amazon Web Services Verified Access instance. + // Details about the Verified Access instance. VerifiedAccessInstance *VerifiedAccessInstance `locationName:"verifiedAccessInstance" type:"structure"` } @@ -75540,10 +81013,15 @@ func (s *CreateVerifiedAccessInstanceOutput) SetVerifiedAccessInstance(v *Verifi return s } -// Options for a device-identity type trust provider. +// Describes the options when creating an Amazon Web Services Verified Access +// trust provider using the device type. type CreateVerifiedAccessTrustProviderDeviceOptions struct { _ struct{} `type:"structure"` + // The URL Amazon Web Services Verified Access will use to verify the authenticity + // of the device tokens. + PublicSigningKeyUrl *string `type:"string"` + // The ID of the tenant application with the device-identity provider. TenantId *string `type:"string"` } @@ -75566,6 +81044,12 @@ func (s CreateVerifiedAccessTrustProviderDeviceOptions) GoString() string { return s.String() } +// SetPublicSigningKeyUrl sets the PublicSigningKeyUrl field's value. +func (s *CreateVerifiedAccessTrustProviderDeviceOptions) SetPublicSigningKeyUrl(v string) *CreateVerifiedAccessTrustProviderDeviceOptions { + s.PublicSigningKeyUrl = &v + return s +} + // SetTenantId sets the TenantId field's value. func (s *CreateVerifiedAccessTrustProviderDeviceOptions) SetTenantId(v string) *CreateVerifiedAccessTrustProviderDeviceOptions { s.TenantId = &v @@ -75580,13 +81064,15 @@ type CreateVerifiedAccessTrustProviderInput struct { // (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html). ClientToken *string `type:"string" idempotencyToken:"true"` - // A description for the Amazon Web Services Verified Access trust provider. + // A description for the Verified Access trust provider. Description *string `type:"string"` - // The options for device identity based trust providers. + // The options for a device-based trust provider. This parameter is required + // when the provider type is device. DeviceOptions *CreateVerifiedAccessTrustProviderDeviceOptions `type:"structure"` - // The type of device-based trust provider. + // The type of device-based trust provider. This parameter is required when + // the provider type is device. DeviceTrustProviderType *string `type:"string" enum:"DeviceTrustProviderType"` // Checks whether you have the required permissions for the action, without @@ -75595,7 +81081,8 @@ type CreateVerifiedAccessTrustProviderInput struct { // it is UnauthorizedOperation. DryRun *bool `type:"boolean"` - // The OpenID Connect details for an oidc-type, user-identity based trust provider. + // The options for a OpenID Connect-compatible user-identity trust provider. + // This parameter is required when the provider type is user. OidcOptions *CreateVerifiedAccessTrustProviderOidcOptions `type:"structure"` // The identifier to be used when working with policy rules. @@ -75603,15 +81090,19 @@ type CreateVerifiedAccessTrustProviderInput struct { // PolicyReferenceName is a required field PolicyReferenceName *string `type:"string" required:"true"` - // The tags to assign to the Amazon Web Services Verified Access trust provider. + // The options for server side encryption. + SseSpecification *VerifiedAccessSseSpecificationRequest `type:"structure"` + + // The tags to assign to the Verified Access trust provider. TagSpecifications []*TagSpecification `locationName:"TagSpecification" locationNameList:"item" type:"list"` - // The type of trust provider can be either user or device-based. + // The type of trust provider. // // TrustProviderType is a required field TrustProviderType *string `type:"string" required:"true" enum:"TrustProviderType"` - // The type of user-based trust provider. + // The type of user-based trust provider. This parameter is required when the + // provider type is user. UserTrustProviderType *string `type:"string" enum:"UserTrustProviderType"` } @@ -75691,6 +81182,12 @@ func (s *CreateVerifiedAccessTrustProviderInput) SetPolicyReferenceName(v string return s } +// SetSseSpecification sets the SseSpecification field's value. +func (s *CreateVerifiedAccessTrustProviderInput) SetSseSpecification(v *VerifiedAccessSseSpecificationRequest) *CreateVerifiedAccessTrustProviderInput { + s.SseSpecification = v + return s +} + // SetTagSpecifications sets the TagSpecifications field's value. func (s *CreateVerifiedAccessTrustProviderInput) SetTagSpecifications(v []*TagSpecification) *CreateVerifiedAccessTrustProviderInput { s.TagSpecifications = v @@ -75709,7 +81206,8 @@ func (s *CreateVerifiedAccessTrustProviderInput) SetUserTrustProviderType(v stri return s } -// Options for an OIDC-based, user-identity type trust provider. +// Describes the options when creating an Amazon Web Services Verified Access +// trust provider using the user type. type CreateVerifiedAccessTrustProviderOidcOptions struct { _ struct{} `type:"structure"` @@ -75720,7 +81218,11 @@ type CreateVerifiedAccessTrustProviderOidcOptions struct { ClientId *string `type:"string"` // The client secret. - ClientSecret *string `type:"string"` + // + // ClientSecret is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by CreateVerifiedAccessTrustProviderOidcOptions's + // String and GoString methods. + ClientSecret *string `type:"string" sensitive:"true"` // The OIDC issuer. Issuer *string `type:"string"` @@ -75800,7 +81302,7 @@ func (s *CreateVerifiedAccessTrustProviderOidcOptions) SetUserInfoEndpoint(v str type CreateVerifiedAccessTrustProviderOutput struct { _ struct{} `type:"structure"` - // The ID of the Amazon Web Services Verified Access trust provider. + // Details about the Verified Access trust provider. VerifiedAccessTrustProvider *VerifiedAccessTrustProvider `locationName:"verifiedAccessTrustProvider" type:"structure"` } @@ -75831,7 +81333,8 @@ func (s *CreateVerifiedAccessTrustProviderOutput) SetVerifiedAccessTrustProvider type CreateVolumeInput struct { _ struct{} `type:"structure"` - // The Availability Zone in which to create the volume. + // The ID of the Availability Zone in which to create the volume. For example, + // us-east-1a. // // AvailabilityZone is a required field AvailabilityZone *string `type:"string" required:"true"` @@ -75849,11 +81352,11 @@ type CreateVolumeInput struct { // Indicates whether the volume should be encrypted. The effect of setting the // encryption state to true depends on the volume origin (new or from a snapshot), // starting encryption state, ownership, and whether encryption by default is - // enabled. For more information, see Encryption by default (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html#encryption-by-default) - // in the Amazon Elastic Compute Cloud User Guide. + // enabled. For more information, see Encryption by default (https://docs.aws.amazon.com/ebs/latest/userguide/work-with-ebs-encr.html#encryption-by-default) + // in the Amazon EBS User Guide. // // Encrypted Amazon EBS volumes must be attached to instances that support Amazon - // EBS encryption. For more information, see Supported instance types (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html#EBSEncryption_supported_instances). + // EBS encryption. For more information, see Supported instance types (https://docs.aws.amazon.com/ebs/latest/userguide/ebs-encryption-requirements.html#ebs-encryption_supported_instances). Encrypted *bool `locationName:"encrypted" type:"boolean"` // The number of I/O operations per second (IOPS). For gp3, io1, and io2 volumes, @@ -75863,15 +81366,15 @@ type CreateVolumeInput struct { // // The following are the supported values for each volume type: // - // * gp3: 3,000-16,000 IOPS + // * gp3: 3,000 - 16,000 IOPS // - // * io1: 100-64,000 IOPS + // * io1: 100 - 64,000 IOPS // - // * io2: 100-64,000 IOPS + // * io2: 100 - 256,000 IOPS // - // io1 and io2 volumes support up to 64,000 IOPS only on Instances built on + // For io2 volumes, you can achieve up to 256,000 IOPS on instances built on // the Nitro System (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html#ec2-nitro-instances). - // Other instance families support performance up to 32,000 IOPS. + // On other instances, you can achieve performance up to 32,000 IOPS. // // This parameter is required for io1 and io2 volumes. The default for gp3 volumes // is 3,000 IOPS. This parameter is not supported for gp2, st1, sc1, or standard @@ -75901,8 +81404,8 @@ type CreateVolumeInput struct { // you can attach the volume to up to 16 Instances built on the Nitro System // (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html#ec2-nitro-instances) // in the same Availability Zone. This parameter is supported with io1 and io2 - // volumes only. For more information, see Amazon EBS Multi-Attach (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-volumes-multi.html) - // in the Amazon Elastic Compute Cloud User Guide. + // volumes only. For more information, see Amazon EBS Multi-Attach (https://docs.aws.amazon.com/ebs/latest/userguide/ebs-volumes-multi.html) + // in the Amazon EBS User Guide. MultiAttachEnabled *bool `type:"boolean"` // The Amazon Resource Name (ARN) of the Outpost. @@ -75915,13 +81418,15 @@ type CreateVolumeInput struct { // // The following are the supported volumes sizes for each volume type: // - // * gp2 and gp3: 1-16,384 + // * gp2 and gp3: 1 - 16,384 GiB // - // * io1 and io2: 4-16,384 + // * io1: 4 - 16,384 GiB // - // * st1 and sc1: 125-16,384 + // * io2: 4 - 65,536 GiB // - // * standard: 1-1,024 + // * st1 and sc1: 125 - 16,384 GiB + // + // * standard: 1 - 1024 GiB Size *int64 `type:"integer"` // The snapshot from which to create the volume. You must specify either a snapshot @@ -75950,8 +81455,11 @@ type CreateVolumeInput struct { // // * Magnetic: standard // - // For more information, see Amazon EBS volume types (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html) - // in the Amazon Elastic Compute Cloud User Guide. + // Throughput Optimized HDD (st1) and Cold HDD (sc1) volumes can't be used as + // boot volumes. + // + // For more information, see Amazon EBS volume types (https://docs.aws.amazon.com/ebs/latest/userguide/ebs-volume-types.html) + // in the Amazon EBS User Guide. // // Default: gp2 VolumeType *string `type:"string" enum:"VolumeType"` @@ -76156,8 +81664,8 @@ type CreateVpcEndpointConnectionNotificationInput struct { // of the request. For more information, see How to ensure idempotency (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html). ClientToken *string `type:"string"` - // One or more endpoint events for which to receive notifications. Valid values - // are Accept, Connect, Delete, and Reject. + // The endpoint events for which to receive notifications. Valid values are + // Accept, Connect, Delete, and Reject. // // ConnectionEvents is a required field ConnectionEvents []*string `locationNameList:"item" type:"list" required:"true"` @@ -76291,7 +81799,6 @@ func (s *CreateVpcEndpointConnectionNotificationOutput) SetConnectionNotificatio return s } -// Contains the parameters for CreateVpcEndpoint. type CreateVpcEndpointInput struct { _ struct{} `type:"structure"` @@ -76332,22 +81839,25 @@ type CreateVpcEndpointInput struct { // Default: true PrivateDnsEnabled *bool `type:"boolean"` - // (Gateway endpoint) One or more route table IDs. + // (Gateway endpoint) The route table IDs. RouteTableIds []*string `locationName:"RouteTableId" locationNameList:"item" type:"list"` - // (Interface endpoint) The ID of one or more security groups to associate with - // the endpoint network interface. + // (Interface endpoint) The IDs of the security groups to associate with the + // endpoint network interfaces. If this parameter is not specified, we use the + // default security group for the VPC. SecurityGroupIds []*string `locationName:"SecurityGroupId" locationNameList:"item" type:"list"` - // The service name. To get a list of available services, use the DescribeVpcEndpointServices - // request, or get the name from the service provider. + // The name of the endpoint service. // // ServiceName is a required field ServiceName *string `type:"string" required:"true"` - // (Interface and Gateway Load Balancer endpoints) The ID of one or more subnets - // in which to create an endpoint network interface. For a Gateway Load Balancer - // endpoint, you can specify one subnet only. + // The subnet configurations for the endpoint. + SubnetConfigurations []*SubnetConfiguration `locationName:"SubnetConfiguration" locationNameList:"item" type:"list"` + + // (Interface and Gateway Load Balancer endpoints) The IDs of the subnets in + // which to create endpoint network interfaces. For a Gateway Load Balancer + // endpoint, you can specify only one subnet. SubnetIds []*string `locationName:"SubnetId" locationNameList:"item" type:"list"` // The tags to associate with the endpoint. @@ -76358,7 +81868,7 @@ type CreateVpcEndpointInput struct { // Default: Gateway VpcEndpointType *string `type:"string" enum:"VpcEndpointType"` - // The ID of the VPC in which the endpoint will be used. + // The ID of the VPC. // // VpcId is a required field VpcId *string `type:"string" required:"true"` @@ -76452,6 +81962,12 @@ func (s *CreateVpcEndpointInput) SetServiceName(v string) *CreateVpcEndpointInpu return s } +// SetSubnetConfigurations sets the SubnetConfigurations field's value. +func (s *CreateVpcEndpointInput) SetSubnetConfigurations(v []*SubnetConfiguration) *CreateVpcEndpointInput { + s.SubnetConfigurations = v + return s +} + // SetSubnetIds sets the SubnetIds field's value. func (s *CreateVpcEndpointInput) SetSubnetIds(v []*string) *CreateVpcEndpointInput { s.SubnetIds = v @@ -76476,7 +81992,6 @@ func (s *CreateVpcEndpointInput) SetVpcId(v string) *CreateVpcEndpointInput { return s } -// Contains the output of CreateVpcEndpoint. type CreateVpcEndpointOutput struct { _ struct{} `type:"structure"` @@ -76535,11 +82050,10 @@ type CreateVpcEndpointServiceConfigurationInput struct { // it is UnauthorizedOperation. DryRun *bool `type:"boolean"` - // The Amazon Resource Names (ARNs) of one or more Gateway Load Balancers. + // The Amazon Resource Names (ARNs) of the Gateway Load Balancers. GatewayLoadBalancerArns []*string `locationName:"GatewayLoadBalancerArn" locationNameList:"item" type:"list"` - // The Amazon Resource Names (ARNs) of one or more Network Load Balancers for - // your service. + // The Amazon Resource Names (ARNs) of the Network Load Balancers. NetworkLoadBalancerArns []*string `locationName:"NetworkLoadBalancerArn" locationNameList:"item" type:"list"` // (Interface endpoint configuration) The private DNS name to assign to the @@ -76885,7 +82399,9 @@ type CreateVpcPeeringConnectionInput struct { TagSpecifications []*TagSpecification `locationName:"TagSpecification" locationNameList:"item" type:"list"` // The ID of the requester VPC. You must specify this parameter in the request. - VpcId *string `locationName:"vpcId" type:"string"` + // + // VpcId is a required field + VpcId *string `locationName:"vpcId" type:"string" required:"true"` } // String returns the string representation. @@ -76906,6 +82422,19 @@ func (s CreateVpcPeeringConnectionInput) GoString() string { return s.String() } +// Validate inspects the fields of the type to determine if they are valid. +func (s *CreateVpcPeeringConnectionInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "CreateVpcPeeringConnectionInput"} + if s.VpcId == nil { + invalidParams.Add(request.NewErrParamRequired("VpcId")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + // SetDryRun sets the DryRun field's value. func (s *CreateVpcPeeringConnectionInput) SetDryRun(v bool) *CreateVpcPeeringConnectionInput { s.DryRun = &v @@ -77514,8 +83043,8 @@ type DataQuery struct { // query, the dataResponse identifies the query as MyQuery01. Id *string `type:"string"` - // The aggregation metric used for the data query. Currently only aggregation-latency - // is supported, indicating network latency. + // The metric, aggregation-latency, indicating that network latency is aggregated + // for the query. This is the only supported metric. Metric *string `type:"string" enum:"MetricType"` // The aggregation period used for the data query. @@ -77525,12 +83054,10 @@ type DataQuery struct { // example, us-east-1. Source *string `type:"string"` - // Metric data aggregations over specified periods of time. The following are - // the supported Infrastructure Performance statistics: - // - // * p50 - The median value of the metric aggregated over a specified start - // and end time. For example, a metric of five_minutes is the median of all - // the data points gathered within those five minutes. + // The metric data aggregation period, p50, between the specified startDate + // and endDate. For example, a metric of five_minutes is the median of all the + // data points gathered within those five minutes. p50 is the only supported + // metric. Statistic *string `type:"string" enum:"StatisticType"` } @@ -77599,8 +83126,8 @@ type DataResponse struct { // The ID passed in the DataQuery. Id *string `locationName:"id" type:"string"` - // The metric used for the network performance request. Currently only aggregate-latency - // is supported, showing network latency during a specified period. + // The metric used for the network performance request. Only aggregate-latency + // is supported, which shows network latency during a specified period. Metric *string `locationName:"metric" type:"string" enum:"MetricType"` // A list of MetricPoint objects. @@ -78555,11 +84082,11 @@ type DeleteFleetsInput struct { // FleetIds is a required field FleetIds []*string `locationName:"FleetId" type:"list" required:"true"` - // Indicates whether to terminate the instances when the EC2 Fleet is deleted. - // The default is to terminate the instances. + // Indicates whether to terminate the associated instances when the EC2 Fleet + // is deleted. The default is to terminate the instances. // // To let the instances continue to run after the EC2 Fleet is deleted, specify - // NoTerminateInstances. Supported only for fleets of type maintain and request. + // no-terminate-instances. Supported only for fleets of type maintain and request. // // For instant fleets, you cannot specify NoTerminateInstances. A deleted instant // fleet with running instances is not supported. @@ -78840,6 +84367,95 @@ func (s *DeleteFpgaImageOutput) SetReturn(v bool) *DeleteFpgaImageOutput { return s } +type DeleteInstanceConnectEndpointInput struct { + _ struct{} `type:"structure"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The ID of the EC2 Instance Connect Endpoint to delete. + // + // InstanceConnectEndpointId is a required field + InstanceConnectEndpointId *string `type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DeleteInstanceConnectEndpointInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DeleteInstanceConnectEndpointInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DeleteInstanceConnectEndpointInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DeleteInstanceConnectEndpointInput"} + if s.InstanceConnectEndpointId == nil { + invalidParams.Add(request.NewErrParamRequired("InstanceConnectEndpointId")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDryRun sets the DryRun field's value. +func (s *DeleteInstanceConnectEndpointInput) SetDryRun(v bool) *DeleteInstanceConnectEndpointInput { + s.DryRun = &v + return s +} + +// SetInstanceConnectEndpointId sets the InstanceConnectEndpointId field's value. +func (s *DeleteInstanceConnectEndpointInput) SetInstanceConnectEndpointId(v string) *DeleteInstanceConnectEndpointInput { + s.InstanceConnectEndpointId = &v + return s +} + +type DeleteInstanceConnectEndpointOutput struct { + _ struct{} `type:"structure"` + + // Information about the EC2 Instance Connect Endpoint. + InstanceConnectEndpoint *Ec2InstanceConnectEndpoint `locationName:"instanceConnectEndpoint" type:"structure"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DeleteInstanceConnectEndpointOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DeleteInstanceConnectEndpointOutput) GoString() string { + return s.String() +} + +// SetInstanceConnectEndpoint sets the InstanceConnectEndpoint field's value. +func (s *DeleteInstanceConnectEndpointOutput) SetInstanceConnectEndpoint(v *Ec2InstanceConnectEndpoint) *DeleteInstanceConnectEndpointOutput { + s.InstanceConnectEndpoint = v + return s +} + type DeleteInstanceEventWindowInput struct { _ struct{} `type:"structure"` @@ -79136,6 +84752,14 @@ func (s *DeleteIpamOutput) SetIpam(v *Ipam) *DeleteIpamOutput { type DeleteIpamPoolInput struct { _ struct{} `type:"structure"` + // Enables you to quickly delete an IPAM pool and all resources within that + // pool, including provisioned CIDRs, allocations, and other pools. + // + // You can only use this option to delete pools in the private scope or pools + // in the public scope with a source resource. A source resource is a resource + // used to provision CIDRs to a resource planning pool. + Cascade *bool `type:"boolean"` + // A check for whether you have the required permissions for the action without // actually making the request and provides an error response. If you have the // required permissions, the error response is DryRunOperation. Otherwise, it @@ -79179,6 +84803,12 @@ func (s *DeleteIpamPoolInput) Validate() error { return nil } +// SetCascade sets the Cascade field's value. +func (s *DeleteIpamPoolInput) SetCascade(v bool) *DeleteIpamPoolInput { + s.Cascade = &v + return s +} + // SetDryRun sets the DryRun field's value. func (s *DeleteIpamPoolInput) SetDryRun(v bool) *DeleteIpamPoolInput { s.DryRun = &v @@ -79222,6 +84852,95 @@ func (s *DeleteIpamPoolOutput) SetIpamPool(v *IpamPool) *DeleteIpamPoolOutput { return s } +type DeleteIpamResourceDiscoveryInput struct { + _ struct{} `type:"structure"` + + // A check for whether you have the required permissions for the action without + // actually making the request and provides an error response. If you have the + // required permissions, the error response is DryRunOperation. Otherwise, it + // is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The IPAM resource discovery ID. + // + // IpamResourceDiscoveryId is a required field + IpamResourceDiscoveryId *string `type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DeleteIpamResourceDiscoveryInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DeleteIpamResourceDiscoveryInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DeleteIpamResourceDiscoveryInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DeleteIpamResourceDiscoveryInput"} + if s.IpamResourceDiscoveryId == nil { + invalidParams.Add(request.NewErrParamRequired("IpamResourceDiscoveryId")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDryRun sets the DryRun field's value. +func (s *DeleteIpamResourceDiscoveryInput) SetDryRun(v bool) *DeleteIpamResourceDiscoveryInput { + s.DryRun = &v + return s +} + +// SetIpamResourceDiscoveryId sets the IpamResourceDiscoveryId field's value. +func (s *DeleteIpamResourceDiscoveryInput) SetIpamResourceDiscoveryId(v string) *DeleteIpamResourceDiscoveryInput { + s.IpamResourceDiscoveryId = &v + return s +} + +type DeleteIpamResourceDiscoveryOutput struct { + _ struct{} `type:"structure"` + + // The IPAM resource discovery. + IpamResourceDiscovery *IpamResourceDiscovery `locationName:"ipamResourceDiscovery" type:"structure"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DeleteIpamResourceDiscoveryOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DeleteIpamResourceDiscoveryOutput) GoString() string { + return s.String() +} + +// SetIpamResourceDiscovery sets the IpamResourceDiscovery field's value. +func (s *DeleteIpamResourceDiscoveryOutput) SetIpamResourceDiscovery(v *IpamResourceDiscovery) *DeleteIpamResourceDiscoveryOutput { + s.IpamResourceDiscovery = v + return s +} + type DeleteIpamScopeInput struct { _ struct{} `type:"structure"` @@ -79365,6 +85084,12 @@ func (s *DeleteKeyPairInput) SetKeyPairId(v string) *DeleteKeyPairInput { type DeleteKeyPairOutput struct { _ struct{} `type:"structure"` + + // The ID of the key pair. + KeyPairId *string `locationName:"keyPairId" type:"string"` + + // Is true if the request succeeds, and an error otherwise. + Return *bool `locationName:"return" type:"boolean"` } // String returns the string representation. @@ -79385,6 +85110,18 @@ func (s DeleteKeyPairOutput) GoString() string { return s.String() } +// SetKeyPairId sets the KeyPairId field's value. +func (s *DeleteKeyPairOutput) SetKeyPairId(v string) *DeleteKeyPairOutput { + s.KeyPairId = &v + return s +} + +// SetReturn sets the Return field's value. +func (s *DeleteKeyPairOutput) SetReturn(v bool) *DeleteKeyPairOutput { + s.Return = &v + return s +} + type DeleteLaunchTemplateInput struct { _ struct{} `type:"structure"` @@ -79508,7 +85245,8 @@ type DeleteLaunchTemplateVersionsInput struct { // not both. LaunchTemplateName *string `min:"3" type:"string"` - // The version numbers of one or more launch template versions to delete. + // The version numbers of one or more launch template versions to delete. You + // can specify up to 200 launch template version numbers. // // Versions is a required field Versions []*string `locationName:"LaunchTemplateVersion" locationNameList:"item" type:"list" required:"true"` @@ -79725,9 +85463,11 @@ type DeleteLocalGatewayRouteInput struct { _ struct{} `type:"structure"` // The CIDR range for the route. This must match the CIDR for the route exactly. - // - // DestinationCidrBlock is a required field - DestinationCidrBlock *string `type:"string" required:"true"` + DestinationCidrBlock *string `type:"string"` + + // Use a prefix list in place of DestinationCidrBlock. You cannot use DestinationPrefixListId + // and DestinationCidrBlock in the same request. + DestinationPrefixListId *string `type:"string"` // Checks whether you have the required permissions for the action, without // actually making the request, and provides an error response. If you have @@ -79762,9 +85502,6 @@ func (s DeleteLocalGatewayRouteInput) GoString() string { // Validate inspects the fields of the type to determine if they are valid. func (s *DeleteLocalGatewayRouteInput) Validate() error { invalidParams := request.ErrInvalidParams{Context: "DeleteLocalGatewayRouteInput"} - if s.DestinationCidrBlock == nil { - invalidParams.Add(request.NewErrParamRequired("DestinationCidrBlock")) - } if s.LocalGatewayRouteTableId == nil { invalidParams.Add(request.NewErrParamRequired("LocalGatewayRouteTableId")) } @@ -79781,6 +85518,12 @@ func (s *DeleteLocalGatewayRouteInput) SetDestinationCidrBlock(v string) *Delete return s } +// SetDestinationPrefixListId sets the DestinationPrefixListId field's value. +func (s *DeleteLocalGatewayRouteInput) SetDestinationPrefixListId(v string) *DeleteLocalGatewayRouteInput { + s.DestinationPrefixListId = &v + return s +} + // SetDryRun sets the DryRun field's value. func (s *DeleteLocalGatewayRouteInput) SetDryRun(v bool) *DeleteLocalGatewayRouteInput { s.DryRun = &v @@ -81505,12 +87248,12 @@ type DeleteSecurityGroupInput struct { // it is UnauthorizedOperation. DryRun *bool `locationName:"dryRun" type:"boolean"` - // The ID of the security group. Required for a nondefault VPC. + // The ID of the security group. GroupId *string `type:"string"` - // [EC2-Classic, default VPC] The name of the security group. You can specify - // either the security group name or the security group ID. For security groups - // in a nondefault VPC, you must specify the security group ID. + // [Default VPC] The name of the security group. You can specify either the + // security group name or the security group ID. For security groups in a nondefault + // VPC, you must specify the security group ID. GroupName *string `type:"string"` } @@ -83357,7 +89100,7 @@ type DeleteVerifiedAccessEndpointInput struct { // it is UnauthorizedOperation. DryRun *bool `type:"boolean"` - // The ID of the Amazon Web Services Verified Access endpoint. + // The ID of the Verified Access endpoint. // // VerifiedAccessEndpointId is a required field VerifiedAccessEndpointId *string `type:"string" required:"true"` @@ -83415,7 +89158,7 @@ func (s *DeleteVerifiedAccessEndpointInput) SetVerifiedAccessEndpointId(v string type DeleteVerifiedAccessEndpointOutput struct { _ struct{} `type:"structure"` - // The ID of the Amazon Web Services Verified Access endpoint. + // Details about the Verified Access endpoint. VerifiedAccessEndpoint *VerifiedAccessEndpoint `locationName:"verifiedAccessEndpoint" type:"structure"` } @@ -83457,7 +89200,7 @@ type DeleteVerifiedAccessGroupInput struct { // it is UnauthorizedOperation. DryRun *bool `type:"boolean"` - // The ID of the Amazon Web Services Verified Access group. + // The ID of the Verified Access group. // // VerifiedAccessGroupId is a required field VerifiedAccessGroupId *string `type:"string" required:"true"` @@ -83515,7 +89258,7 @@ func (s *DeleteVerifiedAccessGroupInput) SetVerifiedAccessGroupId(v string) *Del type DeleteVerifiedAccessGroupOutput struct { _ struct{} `type:"structure"` - // The ID of the Amazon Web Services Verified Access group. + // Details about the Verified Access group. VerifiedAccessGroup *VerifiedAccessGroup `locationName:"verifiedAccessGroup" type:"structure"` } @@ -83557,7 +89300,7 @@ type DeleteVerifiedAccessInstanceInput struct { // it is UnauthorizedOperation. DryRun *bool `type:"boolean"` - // The ID of the Amazon Web Services Verified Access instance. + // The ID of the Verified Access instance. // // VerifiedAccessInstanceId is a required field VerifiedAccessInstanceId *string `type:"string" required:"true"` @@ -83615,7 +89358,7 @@ func (s *DeleteVerifiedAccessInstanceInput) SetVerifiedAccessInstanceId(v string type DeleteVerifiedAccessInstanceOutput struct { _ struct{} `type:"structure"` - // The ID of the Amazon Web Services Verified Access instance. + // Details about the Verified Access instance. VerifiedAccessInstance *VerifiedAccessInstance `locationName:"verifiedAccessInstance" type:"structure"` } @@ -83657,7 +89400,7 @@ type DeleteVerifiedAccessTrustProviderInput struct { // it is UnauthorizedOperation. DryRun *bool `type:"boolean"` - // The ID of the Amazon Web Services Verified Access trust provider. + // The ID of the Verified Access trust provider. // // VerifiedAccessTrustProviderId is a required field VerifiedAccessTrustProviderId *string `type:"string" required:"true"` @@ -83715,7 +89458,7 @@ func (s *DeleteVerifiedAccessTrustProviderInput) SetVerifiedAccessTrustProviderI type DeleteVerifiedAccessTrustProviderOutput struct { _ struct{} `type:"structure"` - // The ID of the Amazon Web Services Verified Access trust provider. + // Details about the Verified Access trust provider. VerifiedAccessTrustProvider *VerifiedAccessTrustProvider `locationName:"verifiedAccessTrustProvider" type:"structure"` } @@ -83826,7 +89569,7 @@ func (s DeleteVolumeOutput) GoString() string { type DeleteVpcEndpointConnectionNotificationsInput struct { _ struct{} `type:"structure"` - // One or more notification IDs. + // The IDs of the notifications. // // ConnectionNotificationIds is a required field ConnectionNotificationIds []*string `locationName:"ConnectionNotificationId" locationNameList:"item" type:"list" required:"true"` @@ -83921,7 +89664,7 @@ type DeleteVpcEndpointServiceConfigurationsInput struct { // it is UnauthorizedOperation. DryRun *bool `type:"boolean"` - // The IDs of one or more services. + // The IDs of the services. // // ServiceIds is a required field ServiceIds []*string `locationName:"ServiceId" locationNameList:"item" type:"list" required:"true"` @@ -84001,7 +89744,6 @@ func (s *DeleteVpcEndpointServiceConfigurationsOutput) SetUnsuccessful(v []*Unsu return s } -// Contains the parameters for DeleteVpcEndpoints. type DeleteVpcEndpointsInput struct { _ struct{} `type:"structure"` @@ -84011,7 +89753,7 @@ type DeleteVpcEndpointsInput struct { // it is UnauthorizedOperation. DryRun *bool `type:"boolean"` - // One or more VPC endpoint IDs. + // The IDs of the VPC endpoints. // // VpcEndpointIds is a required field VpcEndpointIds []*string `locationName:"VpcEndpointId" locationNameList:"item" type:"list" required:"true"` @@ -84060,7 +89802,6 @@ func (s *DeleteVpcEndpointsInput) SetVpcEndpointIds(v []*string) *DeleteVpcEndpo return s } -// Contains the output of DeleteVpcEndpoints. type DeleteVpcEndpointsOutput struct { _ struct{} `type:"structure"` @@ -84596,6 +90337,109 @@ func (s *DeprovisionByoipCidrOutput) SetByoipCidr(v *ByoipCidr) *DeprovisionByoi return s } +type DeprovisionIpamByoasnInput struct { + _ struct{} `type:"structure"` + + // An ASN. + // + // Asn is a required field + Asn *string `type:"string" required:"true"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The IPAM ID. + // + // IpamId is a required field + IpamId *string `type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DeprovisionIpamByoasnInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DeprovisionIpamByoasnInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DeprovisionIpamByoasnInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DeprovisionIpamByoasnInput"} + if s.Asn == nil { + invalidParams.Add(request.NewErrParamRequired("Asn")) + } + if s.IpamId == nil { + invalidParams.Add(request.NewErrParamRequired("IpamId")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetAsn sets the Asn field's value. +func (s *DeprovisionIpamByoasnInput) SetAsn(v string) *DeprovisionIpamByoasnInput { + s.Asn = &v + return s +} + +// SetDryRun sets the DryRun field's value. +func (s *DeprovisionIpamByoasnInput) SetDryRun(v bool) *DeprovisionIpamByoasnInput { + s.DryRun = &v + return s +} + +// SetIpamId sets the IpamId field's value. +func (s *DeprovisionIpamByoasnInput) SetIpamId(v string) *DeprovisionIpamByoasnInput { + s.IpamId = &v + return s +} + +type DeprovisionIpamByoasnOutput struct { + _ struct{} `type:"structure"` + + // An ASN and BYOIP CIDR association. + Byoasn *Byoasn `locationName:"byoasn" type:"structure"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DeprovisionIpamByoasnOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DeprovisionIpamByoasnOutput) GoString() string { + return s.String() +} + +// SetByoasn sets the Byoasn field's value. +func (s *DeprovisionIpamByoasnOutput) SetByoasn(v *Byoasn) *DeprovisionIpamByoasnOutput { + s.Byoasn = v + return s +} + type DeprovisionIpamPoolCidrInput struct { _ struct{} `type:"structure"` @@ -84697,7 +90541,10 @@ func (s *DeprovisionIpamPoolCidrOutput) SetIpamPoolCidr(v *IpamPoolCidr) *Deprov type DeprovisionPublicIpv4PoolCidrInput struct { _ struct{} `type:"structure"` - // The CIDR you want to deprovision from the pool. + // The CIDR you want to deprovision from the pool. Enter the CIDR you want to + // deprovision with a netmask of /32. You must rerun this command for each IP + // address in the CIDR range. If your CIDR is a /24, you will have to run this + // command to deprovision each of the 256 IP addresses in the /24 CIDR. // // Cidr is a required field Cidr *string `type:"string" required:"true"` @@ -84897,7 +90744,9 @@ type DeregisterInstanceEventNotificationAttributesInput struct { DryRun *bool `type:"boolean"` // Information about the tag keys to deregister. - InstanceTagAttribute *DeregisterInstanceTagAttributeRequest `type:"structure"` + // + // InstanceTagAttribute is a required field + InstanceTagAttribute *DeregisterInstanceTagAttributeRequest `type:"structure" required:"true"` } // String returns the string representation. @@ -84918,6 +90767,19 @@ func (s DeregisterInstanceEventNotificationAttributesInput) GoString() string { return s.String() } +// Validate inspects the fields of the type to determine if they are valid. +func (s *DeregisterInstanceEventNotificationAttributesInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DeregisterInstanceEventNotificationAttributesInput"} + if s.InstanceTagAttribute == nil { + invalidParams.Add(request.NewErrParamRequired("InstanceTagAttribute")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + // SetDryRun sets the DryRun field's value. func (s *DeregisterInstanceEventNotificationAttributesInput) SetDryRun(v bool) *DeregisterInstanceEventNotificationAttributesInput { s.DryRun = &v @@ -85508,7 +91370,7 @@ func (s *DescribeAddressesAttributeOutput) SetNextToken(v string) *DescribeAddre type DescribeAddressesInput struct { _ struct{} `type:"structure"` - // [EC2-VPC] Information about the allocation IDs. + // Information about the allocation IDs. AllocationIds []*string `locationName:"AllocationId" locationNameList:"AllocationId" type:"list"` // Checks whether you have the required permissions for the action, without @@ -85519,12 +91381,9 @@ type DescribeAddressesInput struct { // One or more filters. Filter names and values are case-sensitive. // - // * allocation-id - [EC2-VPC] The allocation ID for the address. - // - // * association-id - [EC2-VPC] The association ID for the address. + // * allocation-id - The allocation ID for the address. // - // * domain - Indicates whether the address is for use in EC2-Classic (standard) - // or in a VPC (vpc). + // * association-id - The association ID for the address. // // * instance-id - The ID of the instance the address is associated with, // if any. @@ -85532,14 +91391,14 @@ type DescribeAddressesInput struct { // * network-border-group - A unique set of Availability Zones, Local Zones, // or Wavelength Zones from where Amazon Web Services advertises IP addresses. // - // * network-interface-id - [EC2-VPC] The ID of the network interface that - // the address is associated with, if any. + // * network-interface-id - The ID of the network interface that the address + // is associated with, if any. // // * network-interface-owner-id - The Amazon Web Services account ID of the // owner. // - // * private-ip-address - [EC2-VPC] The private IP address associated with - // the Elastic IP address. + // * private-ip-address - The private IP address associated with the Elastic + // IP address. // // * public-ip - The Elastic IP address, or the carrier IP address. // @@ -85730,16 +91589,16 @@ type DescribeAvailabilityZonesInput struct { // * group-name - For Availability Zones, use the Region name. For Local // Zones, use the name of the group associated with the Local Zone (for example, // us-west-2-lax-1) For Wavelength Zones, use the name of the group associated - // with the Wavelength Zone (for example, us-east-1-wl1-bos-wlz-1). + // with the Wavelength Zone (for example, us-east-1-wl1). // // * message - The Zone message. // - // * opt-in-status - The opt-in status (opted-in, and not-opted-in | opt-in-not-required). + // * opt-in-status - The opt-in status (opted-in | not-opted-in | opt-in-not-required). // - // * parent-zoneID - The ID of the zone that handles some of the Local Zone + // * parent-zone-id - The ID of the zone that handles some of the Local Zone // and Wavelength Zone control plane operations, such as API calls. // - // * parent-zoneName - The ID of the zone that handles some of the Local + // * parent-zone-name - The ID of the zone that handles some of the Local // Zone and Wavelength Zone control plane operations, such as API calls. // // * region-name - The name of the Region for the Zone (for example, us-east-1). @@ -85751,13 +91610,11 @@ type DescribeAvailabilityZonesInput struct { // Local Zone (for example, usw2-lax1-az1), or the Wavelength Zone (for example, // us-east-1-wl1-bos-wlz-1). // - // * zone-type - The type of zone, for example, local-zone. - // // * zone-name - The name of the Availability Zone (for example, us-east-1a), // the Local Zone (for example, us-west-2-lax-1a), or the Wavelength Zone // (for example, us-east-1-wl1-bos-wlz-1). // - // * zone-type - The type of zone, for example, local-zone. + // * zone-type - The type of zone (availability-zone | local-zone | wavelength-zone). Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` // The IDs of the Availability Zones, Local Zones, and Wavelength Zones. @@ -86168,6 +92025,174 @@ func (s *DescribeByoipCidrsOutput) SetNextToken(v string) *DescribeByoipCidrsOut return s } +type DescribeCapacityBlockOfferingsInput struct { + _ struct{} `type:"structure"` + + // The number of hours for which to reserve Capacity Block. + // + // CapacityDurationHours is a required field + CapacityDurationHours *int64 `type:"integer" required:"true"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The latest end date for the Capacity Block offering. + EndDateRange *time.Time `type:"timestamp"` + + // The number of instances for which to reserve capacity. + // + // InstanceCount is a required field + InstanceCount *int64 `type:"integer" required:"true"` + + // The type of instance for which the Capacity Block offering reserves capacity. + // + // InstanceType is a required field + InstanceType *string `type:"string" required:"true"` + + // The maximum number of items to return for this request. To get the next page + // of items, make another request with the token returned in the output. For + // more information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination). + MaxResults *int64 `min:"1" type:"integer"` + + // The token to use to retrieve the next page of results. + NextToken *string `type:"string"` + + // The earliest start date for the Capacity Block offering. + StartDateRange *time.Time `type:"timestamp"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DescribeCapacityBlockOfferingsInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DescribeCapacityBlockOfferingsInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DescribeCapacityBlockOfferingsInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DescribeCapacityBlockOfferingsInput"} + if s.CapacityDurationHours == nil { + invalidParams.Add(request.NewErrParamRequired("CapacityDurationHours")) + } + if s.InstanceCount == nil { + invalidParams.Add(request.NewErrParamRequired("InstanceCount")) + } + if s.InstanceType == nil { + invalidParams.Add(request.NewErrParamRequired("InstanceType")) + } + if s.MaxResults != nil && *s.MaxResults < 1 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetCapacityDurationHours sets the CapacityDurationHours field's value. +func (s *DescribeCapacityBlockOfferingsInput) SetCapacityDurationHours(v int64) *DescribeCapacityBlockOfferingsInput { + s.CapacityDurationHours = &v + return s +} + +// SetDryRun sets the DryRun field's value. +func (s *DescribeCapacityBlockOfferingsInput) SetDryRun(v bool) *DescribeCapacityBlockOfferingsInput { + s.DryRun = &v + return s +} + +// SetEndDateRange sets the EndDateRange field's value. +func (s *DescribeCapacityBlockOfferingsInput) SetEndDateRange(v time.Time) *DescribeCapacityBlockOfferingsInput { + s.EndDateRange = &v + return s +} + +// SetInstanceCount sets the InstanceCount field's value. +func (s *DescribeCapacityBlockOfferingsInput) SetInstanceCount(v int64) *DescribeCapacityBlockOfferingsInput { + s.InstanceCount = &v + return s +} + +// SetInstanceType sets the InstanceType field's value. +func (s *DescribeCapacityBlockOfferingsInput) SetInstanceType(v string) *DescribeCapacityBlockOfferingsInput { + s.InstanceType = &v + return s +} + +// SetMaxResults sets the MaxResults field's value. +func (s *DescribeCapacityBlockOfferingsInput) SetMaxResults(v int64) *DescribeCapacityBlockOfferingsInput { + s.MaxResults = &v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeCapacityBlockOfferingsInput) SetNextToken(v string) *DescribeCapacityBlockOfferingsInput { + s.NextToken = &v + return s +} + +// SetStartDateRange sets the StartDateRange field's value. +func (s *DescribeCapacityBlockOfferingsInput) SetStartDateRange(v time.Time) *DescribeCapacityBlockOfferingsInput { + s.StartDateRange = &v + return s +} + +type DescribeCapacityBlockOfferingsOutput struct { + _ struct{} `type:"structure"` + + // The recommended Capacity Block offering for the dates specified. + CapacityBlockOfferings []*CapacityBlockOffering `locationName:"capacityBlockOfferingSet" locationNameList:"item" type:"list"` + + // The token to use to retrieve the next page of results. This value is null + // when there are no more results to return. + NextToken *string `locationName:"nextToken" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DescribeCapacityBlockOfferingsOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DescribeCapacityBlockOfferingsOutput) GoString() string { + return s.String() +} + +// SetCapacityBlockOfferings sets the CapacityBlockOfferings field's value. +func (s *DescribeCapacityBlockOfferingsOutput) SetCapacityBlockOfferings(v []*CapacityBlockOffering) *DescribeCapacityBlockOfferingsOutput { + s.CapacityBlockOfferings = v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeCapacityBlockOfferingsOutput) SetNextToken(v string) *DescribeCapacityBlockOfferingsOutput { + s.NextToken = &v + return s +} + type DescribeCapacityReservationFleetsInput struct { _ struct{} `type:"structure"` @@ -86194,10 +92219,9 @@ type DescribeCapacityReservationFleetsInput struct { // prioritized is supported. Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` - // The maximum number of results to return for the request in a single page. - // The remaining results can be seen by sending another request with the returned - // nextToken value. This value can be between 5 and 500. If maxResults is given - // a larger value than 500, you receive an error. + // The maximum number of items to return for this request. To get the next page + // of items, make another request with the token returned in the output. For + // more information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination). MaxResults *int64 `min:"1" type:"integer"` // The token to use to retrieve the next page of results. @@ -86381,10 +92405,9 @@ type DescribeCapacityReservationsInput struct { // the Capacity Reservation was created. Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` - // The maximum number of results to return for the request in a single page. - // The remaining results can be seen by sending another request with the returned - // nextToken value. This value can be between 5 and 500. If maxResults is given - // a larger value than 500, you receive an error. + // The maximum number of items to return for this request. To get the next page + // of items, make another request with the token returned in the output. For + // more information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination). MaxResults *int64 `min:"1" type:"integer"` // The token to use to retrieve the next page of results. @@ -86647,7 +92670,7 @@ type DescribeClassicLinkInstancesInput struct { // it is UnauthorizedOperation. DryRun *bool `locationName:"dryRun" type:"boolean"` - // One or more filters. + // The filters. // // * group-id - The ID of a VPC security group that's associated with the // instance. @@ -86664,20 +92687,21 @@ type DescribeClassicLinkInstancesInput struct { // to find all resources assigned a tag with a specific key, regardless of // the tag value. // - // * vpc-id - The ID of the VPC to which the instance is linked. vpc-id - - // The ID of the VPC that the instance is linked to. + // * vpc-id - The ID of the VPC to which the instance is linked. Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` - // One or more instance IDs. Must be instances linked to a VPC through ClassicLink. + // The instance IDs. Must be instances linked to a VPC through ClassicLink. InstanceIds []*string `locationName:"InstanceId" locationNameList:"InstanceId" type:"list"` - // The maximum number of results to return with a single call. To retrieve the - // remaining results, make another call with the returned nextToken value. + // The maximum number of items to return for this request. To get the next page + // of items, make another request with the token returned in the output. For + // more information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination). // // Constraint: If the value is greater than 1000, we return only 1000 items. MaxResults *int64 `locationName:"maxResults" min:"5" type:"integer"` - // The token for the next page of results. + // The token returned from a previous paginated request. Pagination continues + // from the end of the items returned by the previous request. NextToken *string `locationName:"nextToken" type:"string"` } @@ -86748,8 +92772,8 @@ type DescribeClassicLinkInstancesOutput struct { // Information about one or more linked EC2-Classic instances. Instances []*ClassicLinkInstance `locationName:"instancesSet" locationNameList:"item" type:"list"` - // The token to use to retrieve the next page of results. This value is null - // when there are no more results to return. + // The token to include in another request to get the next page of items. This + // value is null when there are no more items to return. NextToken *string `locationName:"nextToken" type:"string"` } @@ -87801,7 +93825,7 @@ type DescribeDhcpOptionsInput struct { // it is UnauthorizedOperation. DryRun *bool `locationName:"dryRun" type:"boolean"` - // One or more filters. + // The filters. // // * dhcp-options-id - The ID of a DHCP options set. // @@ -87823,11 +93847,13 @@ type DescribeDhcpOptionsInput struct { // the tag value. Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` - // The maximum number of results to return with a single call. To retrieve the - // remaining results, make another call with the returned nextToken value. + // The maximum number of items to return for this request. To get the next page + // of items, make another request with the token returned in the output. For + // more information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination). MaxResults *int64 `min:"5" type:"integer"` - // The token for the next page of results. + // The token returned from a previous paginated request. Pagination continues + // from the end of the items returned by the previous request. NextToken *string `type:"string"` } @@ -87898,8 +93924,8 @@ type DescribeDhcpOptionsOutput struct { // Information about one or more DHCP options sets. DhcpOptions []*DhcpOptions `locationName:"dhcpOptionsSet" locationNameList:"item" type:"list"` - // The token to use to retrieve the next page of results. This value is null - // when there are no more results to return. + // The token to include in another request to get the next page of items. This + // value is null when there are no more items to return. NextToken *string `locationName:"nextToken" type:"string"` } @@ -87942,10 +93968,10 @@ type DescribeEgressOnlyInternetGatewaysInput struct { // it is UnauthorizedOperation. DryRun *bool `type:"boolean"` - // One or more egress-only internet gateway IDs. + // The IDs of the egress-only internet gateways. EgressOnlyInternetGatewayIds []*string `locationName:"EgressOnlyInternetGatewayId" locationNameList:"item" type:"list"` - // One or more filters. + // The filters. // // * tag: - The key/value combination of a tag assigned to the resource. // Use the tag key in the filter name and the tag value as the filter value. @@ -87958,11 +93984,13 @@ type DescribeEgressOnlyInternetGatewaysInput struct { // the tag value. Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` - // The maximum number of results to return with a single call. To retrieve the - // remaining results, make another call with the returned nextToken value. + // The maximum number of items to return for this request. To get the next page + // of items, make another request with the token returned in the output. For + // more information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination). MaxResults *int64 `min:"5" type:"integer"` - // The token for the next page of results. + // The token returned from a previous paginated request. Pagination continues + // from the end of the items returned by the previous request. NextToken *string `type:"string"` } @@ -88033,8 +94061,8 @@ type DescribeEgressOnlyInternetGatewaysOutput struct { // Information about the egress-only internet gateways. EgressOnlyInternetGateways []*EgressOnlyInternetGateway `locationName:"egressOnlyInternetGatewaySet" locationNameList:"item" type:"list"` - // The token to use to retrieve the next page of results. This value is null - // when there are no more results to return. + // The token to include in another request to get the next page of items. This + // value is null when there are no more items to return. NextToken *string `locationName:"nextToken" type:"string"` } @@ -88428,23 +94456,21 @@ type DescribeFastLaunchImagesInput struct { // // * resource-type - The resource type for pre-provisioning. // - // * launch-template - The launch template that is associated with the pre-provisioned - // Windows AMI. - // // * owner-id - The owner ID for the pre-provisioning resource. // // * state - The current state of fast launching for the Windows AMI. Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` - // Details for one or more Windows AMI image IDs. + // Specify one or more Windows AMI image IDs for the request. ImageIds []*string `locationName:"ImageId" locationNameList:"ImageId" type:"list"` - // The maximum number of results to return in a single call. To retrieve the - // remaining results, make another request with the returned NextToken value. - // If this parameter is not specified, then all results are returned. + // The maximum number of items to return for this request. To get the next page + // of items, make another request with the token returned in the output. For + // more information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination). MaxResults *int64 `type:"integer"` - // The token for the next set of results. + // The token returned from a previous paginated request. Pagination continues + // from the end of the items returned by the previous request. NextToken *string `type:"string"` } @@ -88503,8 +94529,8 @@ type DescribeFastLaunchImagesOutput struct { // meet the requested criteria. FastLaunchImages []*DescribeFastLaunchImagesSuccessItem `locationName:"fastLaunchImageSet" locationNameList:"item" type:"list"` - // The token to use for the next set of results. This value is null when there - // are no more results to return. + // The token to include in another request to get the next page of items. This + // value is null when there are no more items to return. NextToken *string `locationName:"nextToken" type:"string"` } @@ -88538,42 +94564,41 @@ func (s *DescribeFastLaunchImagesOutput) SetNextToken(v string) *DescribeFastLau return s } -// Describe details about a fast-launch enabled Windows image that meets the -// requested criteria. Criteria are defined by the DescribeFastLaunchImages +// Describe details about a Windows image with Windows fast launch enabled that +// meets the requested criteria. Criteria are defined by the DescribeFastLaunchImages // action filters. type DescribeFastLaunchImagesSuccessItem struct { _ struct{} `type:"structure"` - // The image ID that identifies the fast-launch enabled Windows image. + // The image ID that identifies the Windows fast launch enabled image. ImageId *string `locationName:"imageId" type:"string"` - // The launch template that the fast-launch enabled Windows AMI uses when it + // The launch template that the Windows fast launch enabled AMI uses when it // launches Windows instances from pre-provisioned snapshots. LaunchTemplate *FastLaunchLaunchTemplateSpecificationResponse `locationName:"launchTemplate" type:"structure"` - // The maximum number of parallel instances that are launched for creating resources. + // The maximum number of instances that Amazon EC2 can launch at the same time + // to create pre-provisioned snapshots for Windows fast launch. MaxParallelLaunches *int64 `locationName:"maxParallelLaunches" type:"integer"` - // The owner ID for the fast-launch enabled Windows AMI. + // The owner ID for the Windows fast launch enabled AMI. OwnerId *string `locationName:"ownerId" type:"string"` - // The resource type that is used for pre-provisioning the Windows AMI. Supported - // values include: snapshot. + // The resource type that Amazon EC2 uses for pre-provisioning the Windows AMI. + // Supported values include: snapshot. ResourceType *string `locationName:"resourceType" type:"string" enum:"FastLaunchResourceType"` // A group of parameters that are used for pre-provisioning the associated Windows // AMI using snapshots. SnapshotConfiguration *FastLaunchSnapshotConfigurationResponse `locationName:"snapshotConfiguration" type:"structure"` - // The current state of faster launching for the specified Windows AMI. + // The current state of Windows fast launch for the specified Windows AMI. State *string `locationName:"state" type:"string" enum:"FastLaunchStateCode"` - // The reason that faster launching for the Windows AMI changed to the current - // state. + // The reason that Windows fast launch for the AMI changed to the current state. StateTransitionReason *string `locationName:"stateTransitionReason" type:"string"` - // The time that faster launching for the Windows AMI changed to the current - // state. + // The time that Windows fast launch for the AMI changed to the current state. StateTransitionTime *time.Time `locationName:"stateTransitionTime" type:"timestamp"` } @@ -88801,11 +94826,13 @@ type DescribeFastSnapshotRestoresInput struct { // | optimizing | enabled | disabling | disabled). Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` - // The maximum number of results to return with a single call. To retrieve the - // remaining results, make another call with the returned nextToken value. + // The maximum number of items to return for this request. To get the next page + // of items, make another request with the token returned in the output. For + // more information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination). MaxResults *int64 `type:"integer"` - // The token for the next page of results. + // The token returned from a previous paginated request. Pagination continues + // from the end of the items returned by the previous request. NextToken *string `type:"string"` } @@ -88857,8 +94884,8 @@ type DescribeFastSnapshotRestoresOutput struct { // Information about the state of fast snapshot restores. FastSnapshotRestores []*DescribeFastSnapshotRestoreSuccessItem `locationName:"fastSnapshotRestoreSet" locationNameList:"item" type:"list"` - // The token to use to retrieve the next page of results. This value is null - // when there are no more results to return. + // The token to include in another request to get the next page of items. This + // value is null when there are no more items to return. NextToken *string `locationName:"nextToken" type:"string"` } @@ -88973,12 +95000,13 @@ type DescribeFleetHistoryInput struct { // FleetId is a required field FleetId *string `type:"string" required:"true"` - // The maximum number of results to return in a single call. Specify a value - // between 1 and 1000. The default value is 1000. To retrieve the remaining - // results, make another call with the returned NextToken value. + // The maximum number of items to return for this request. To get the next page + // of items, make another request with the token returned in the output. For + // more information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination). MaxResults *int64 `type:"integer"` - // The token for the next set of results. + // The token returned from a previous paginated request. Pagination continues + // from the end of the items returned by the previous request. NextToken *string `type:"string"` // The start date and time for the events, in UTC format (for example, YYYY-MM-DDTHH:MM:SSZ). @@ -89069,10 +95097,11 @@ type DescribeFleetHistoryOutput struct { // The last date and time for the events, in UTC format (for example, YYYY-MM-DDTHH:MM:SSZ). // All records up to this time were retrieved. // - // If nextToken indicates that there are more results, this value is not present. + // If nextToken indicates that there are more items, this value is not present. LastEvaluatedTime *time.Time `locationName:"lastEvaluatedTime" type:"timestamp"` - // The token for the next set of results. + // The token to include in another request to get the next page of items. This + // value is null when there are no more items to return. NextToken *string `locationName:"nextToken" type:"string"` // The start date and time for the events, in UTC format (for example, YYYY-MM-DDTHH:MM:SSZ). @@ -89146,12 +95175,13 @@ type DescribeFleetInstancesInput struct { // FleetId is a required field FleetId *string `type:"string" required:"true"` - // The maximum number of results to return in a single call. Specify a value - // between 1 and 1000. The default value is 1000. To retrieve the remaining - // results, make another call with the returned NextToken value. + // The maximum number of items to return for this request. To get the next page + // of items, make another request with the token returned in the output. For + // more information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination). MaxResults *int64 `type:"integer"` - // The token for the next set of results. + // The token returned from a previous paginated request. Pagination continues + // from the end of the items returned by the previous request. NextToken *string `type:"string"` } @@ -89226,7 +95256,8 @@ type DescribeFleetInstancesOutput struct { // The ID of the EC2 Fleet. FleetId *string `locationName:"fleetId" type:"string"` - // The token for the next set of results. + // The token to include in another request to get the next page of items. This + // value is null when there are no more items to return. NextToken *string `locationName:"nextToken" type:"string"` } @@ -89299,12 +95330,13 @@ type DescribeFleetsInput struct { // does not appear in the response. FleetIds []*string `locationName:"FleetId" type:"list"` - // The maximum number of results to return in a single call. Specify a value - // between 1 and 1000. The default value is 1000. To retrieve the remaining - // results, make another call with the returned NextToken value. + // The maximum number of items to return for this request. To get the next page + // of items, make another request with the token returned in the output. For + // more information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination). MaxResults *int64 `type:"integer"` - // The token for the next set of results. + // The token returned from a previous paginated request. Pagination continues + // from the end of the items returned by the previous request. NextToken *string `type:"string"` } @@ -89433,7 +95465,8 @@ type DescribeFleetsOutput struct { // Information about the EC2 Fleets. Fleets []*FleetData `locationName:"fleetSet" locationNameList:"item" type:"list"` - // The token for the next set of results. + // The token to include in another request to get the next page of items. This + // value is null when there are no more items to return. NextToken *string `locationName:"nextToken" type:"string"` } @@ -89507,11 +95540,13 @@ type DescribeFlowLogsInput struct { // Constraint: Maximum of 1000 flow log IDs. FlowLogIds []*string `locationName:"FlowLogId" locationNameList:"item" type:"list"` - // The maximum number of results to return with a single call. To retrieve the - // remaining results, make another call with the returned nextToken value. + // The maximum number of items to return for this request. To get the next page + // of items, make another request with the token returned in the output. For + // more information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination). MaxResults *int64 `type:"integer"` - // The token for the next page of results. + // The token to request the next page of items. Pagination continues from the + // end of the items returned by the previous request. NextToken *string `type:"string"` } @@ -89569,8 +95604,8 @@ type DescribeFlowLogsOutput struct { // Information about the flow logs. FlowLogs []*FlowLog `locationName:"flowLogSet" locationNameList:"item" type:"list"` - // The token to use to retrieve the next page of results. This value is null - // when there are no more results to return. + // The token to request the next page of items. This value is null when there + // are no more items to return. NextToken *string `locationName:"nextToken" type:"string"` } @@ -90274,11 +96309,13 @@ type DescribeIamInstanceProfileAssociationsInput struct { // * state - The state of the association (associating | associated | disassociating). Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` - // The maximum number of results to return in a single call. To retrieve the - // remaining results, make another call with the returned NextToken value. + // The maximum number of items to return for this request. To get the next page + // of items, make another request with the token returned in the output. For + // more information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination). MaxResults *int64 `min:"5" type:"integer"` - // The token to request the next page of results. + // The token returned from a previous paginated request. Pagination continues + // from the end of the items returned by the previous request. NextToken *string `type:"string"` } @@ -90343,8 +96380,8 @@ type DescribeIamInstanceProfileAssociationsOutput struct { // Information about the IAM instance profile associations. IamInstanceProfileAssociations []*IamInstanceProfileAssociation `locationName:"iamInstanceProfileAssociationSet" locationNameList:"item" type:"list"` - // The token to use to retrieve the next page of results. This value is null - // when there are no more results to return. + // The token to include in another request to get the next page of items. This + // value is null when there are no more items to return. NextToken *string `locationName:"nextToken" type:"string"` } @@ -90798,7 +96835,8 @@ type DescribeImagesInput struct { // The filters. // - // * architecture - The image architecture (i386 | x86_64 | arm64). + // * architecture - The image architecture (i386 | x86_64 | arm64 | x86_64_mac + // | arm64_mac). // // * block-device-mapping.delete-on-termination - A Boolean value that indicates // whether the Amazon EBS volume is deleted on instance termination. @@ -90863,6 +96901,10 @@ type DescribeImagesInput struct { // // * root-device-type - The type of the root device volume (ebs | instance-store). // + // * source-instance-id - The ID of the instance that the AMI was created + // from if the AMI was created using CreateImage. This filter is applicable + // only if the AMI was created using CreateImage (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateImage.html). + // // * state - The state of the image (available | pending | failed). // // * state-reason-code - The reason code for the state change. @@ -90898,11 +96940,18 @@ type DescribeImagesInput struct { // of what you specify for this parameter. IncludeDeprecated *bool `type:"boolean"` - // The maximum number of results to return with a single call. To retrieve the - // remaining results, make another call with the returned nextToken value. + // Specifies whether to include disabled AMIs. + // + // Default: No disabled AMIs are included in the response. + IncludeDisabled *bool `type:"boolean"` + + // The maximum number of items to return for this request. To get the next page + // of items, make another request with the token returned in the output. For + // more information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination). MaxResults *int64 `type:"integer"` - // The token for the next page of results. + // The token returned from a previous paginated request. Pagination continues + // from the end of the items returned by the previous request. NextToken *string `type:"string"` // Scopes the results to images with the specified owners. You can specify a @@ -90960,6 +97009,12 @@ func (s *DescribeImagesInput) SetIncludeDeprecated(v bool) *DescribeImagesInput return s } +// SetIncludeDisabled sets the IncludeDisabled field's value. +func (s *DescribeImagesInput) SetIncludeDisabled(v bool) *DescribeImagesInput { + s.IncludeDisabled = &v + return s +} + // SetMaxResults sets the MaxResults field's value. func (s *DescribeImagesInput) SetMaxResults(v int64) *DescribeImagesInput { s.MaxResults = &v @@ -90984,8 +97039,8 @@ type DescribeImagesOutput struct { // Information about the images. Images []*Image `locationName:"imagesSet" locationNameList:"item" type:"list"` - // The token to use to retrieve the next page of results. This value is null - // when there are no more results to return. + // The token to include in another request to get the next page of items. This + // value is null when there are no more items to return. NextToken *string `locationName:"nextToken" type:"string"` } @@ -91505,6 +97560,159 @@ func (s *DescribeInstanceAttributeOutput) SetUserData(v *AttributeValue) *Descri return s } +type DescribeInstanceConnectEndpointsInput struct { + _ struct{} `type:"structure"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // One or more filters. + // + // * instance-connect-endpoint-id - The ID of the EC2 Instance Connect Endpoint. + // + // * state - The state of the EC2 Instance Connect Endpoint (create-in-progress + // | create-complete | create-failed | delete-in-progress | delete-complete + // | delete-failed). + // + // * subnet-id - The ID of the subnet in which the EC2 Instance Connect Endpoint + // was created. + // + // * tag: - The key/value combination of a tag assigned to the resource. + // Use the tag key in the filter name and the tag value as the filter value. + // For example, to find all resources that have a tag with the key Owner + // and the value TeamA, specify tag:Owner for the filter name and TeamA for + // the filter value. + // + // * tag-key - The key of a tag assigned to the resource. Use this filter + // to find all resources assigned a tag with a specific key, regardless of + // the tag value. + // + // * tag-value - The value of a tag assigned to the resource. Use this filter + // to find all resources that have a tag with a specific value, regardless + // of tag key. + // + // * vpc-id - The ID of the VPC in which the EC2 Instance Connect Endpoint + // was created. + Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` + + // One or more EC2 Instance Connect Endpoint IDs. + InstanceConnectEndpointIds []*string `locationName:"InstanceConnectEndpointId" locationNameList:"item" type:"list"` + + // The maximum number of items to return for this request. To get the next page + // of items, make another request with the token returned in the output. For + // more information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination). + MaxResults *int64 `min:"1" type:"integer"` + + // The token returned from a previous paginated request. Pagination continues + // from the end of the items returned by the previous request. + NextToken *string `type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DescribeInstanceConnectEndpointsInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DescribeInstanceConnectEndpointsInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DescribeInstanceConnectEndpointsInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DescribeInstanceConnectEndpointsInput"} + if s.MaxResults != nil && *s.MaxResults < 1 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDryRun sets the DryRun field's value. +func (s *DescribeInstanceConnectEndpointsInput) SetDryRun(v bool) *DescribeInstanceConnectEndpointsInput { + s.DryRun = &v + return s +} + +// SetFilters sets the Filters field's value. +func (s *DescribeInstanceConnectEndpointsInput) SetFilters(v []*Filter) *DescribeInstanceConnectEndpointsInput { + s.Filters = v + return s +} + +// SetInstanceConnectEndpointIds sets the InstanceConnectEndpointIds field's value. +func (s *DescribeInstanceConnectEndpointsInput) SetInstanceConnectEndpointIds(v []*string) *DescribeInstanceConnectEndpointsInput { + s.InstanceConnectEndpointIds = v + return s +} + +// SetMaxResults sets the MaxResults field's value. +func (s *DescribeInstanceConnectEndpointsInput) SetMaxResults(v int64) *DescribeInstanceConnectEndpointsInput { + s.MaxResults = &v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeInstanceConnectEndpointsInput) SetNextToken(v string) *DescribeInstanceConnectEndpointsInput { + s.NextToken = &v + return s +} + +type DescribeInstanceConnectEndpointsOutput struct { + _ struct{} `type:"structure"` + + // Information about the EC2 Instance Connect Endpoints. + InstanceConnectEndpoints []*Ec2InstanceConnectEndpoint `locationName:"instanceConnectEndpointSet" locationNameList:"item" type:"list"` + + // The token to include in another request to get the next page of items. This + // value is null when there are no more items to return. + NextToken *string `locationName:"nextToken" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DescribeInstanceConnectEndpointsOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DescribeInstanceConnectEndpointsOutput) GoString() string { + return s.String() +} + +// SetInstanceConnectEndpoints sets the InstanceConnectEndpoints field's value. +func (s *DescribeInstanceConnectEndpointsOutput) SetInstanceConnectEndpoints(v []*Ec2InstanceConnectEndpoint) *DescribeInstanceConnectEndpointsOutput { + s.InstanceConnectEndpoints = v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeInstanceConnectEndpointsOutput) SetNextToken(v string) *DescribeInstanceConnectEndpointsOutput { + s.NextToken = &v + return s +} + type DescribeInstanceCreditSpecificationsInput struct { _ struct{} `type:"structure"` @@ -91526,13 +97734,16 @@ type DescribeInstanceCreditSpecificationsInput struct { // Constraints: Maximum 1000 explicitly specified instance IDs. InstanceIds []*string `locationName:"InstanceId" locationNameList:"InstanceId" type:"list"` - // The maximum number of results to return in a single call. To retrieve the - // remaining results, make another call with the returned NextToken value. This - // value can be between 5 and 1000. You cannot specify this parameter and the - // instance IDs parameter in the same call. + // The maximum number of items to return for this request. To get the next page + // of items, make another request with the token returned in the output. For + // more information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination). + // + // You cannot specify this parameter and the instance IDs parameter in the same + // call. MaxResults *int64 `min:"5" type:"integer"` - // The token to retrieve the next page of results. + // The token returned from a previous paginated request. Pagination continues + // from the end of the items returned by the previous request. NextToken *string `type:"string"` } @@ -91603,8 +97814,8 @@ type DescribeInstanceCreditSpecificationsOutput struct { // Information about the credit option for CPU usage of an instance. InstanceCreditSpecifications []*InstanceCreditSpecification `locationName:"instanceCreditSpecificationSet" locationNameList:"item" type:"list"` - // The token to use to retrieve the next page of results. This value is null - // when there are no more results to return. + // The token to include in another request to get the next page of items. This + // value is null when there are no more items to return. NextToken *string `locationName:"nextToken" type:"string"` } @@ -91928,13 +98139,16 @@ type DescribeInstanceStatusInput struct { // Constraints: Maximum 100 explicitly specified instance IDs. InstanceIds []*string `locationName:"InstanceId" locationNameList:"InstanceId" type:"list"` - // The maximum number of results to return in a single call. To retrieve the - // remaining results, make another call with the returned NextToken value. This - // value can be between 5 and 1000. You cannot specify this parameter and the - // instance IDs parameter in the same call. + // The maximum number of items to return for this request. To get the next page + // of items, make another request with the token returned in the output. For + // more information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination). + // + // You cannot specify this parameter and the instance IDs parameter in the same + // request. MaxResults *int64 `type:"integer"` - // The token to retrieve the next page of results. + // The token returned from a previous paginated request. Pagination continues + // from the end of the items returned by the previous request. NextToken *string `type:"string"` } @@ -91998,8 +98212,8 @@ type DescribeInstanceStatusOutput struct { // Information about the status of the instances. InstanceStatuses []*InstanceStatus `locationName:"instanceStatusSet" locationNameList:"item" type:"list"` - // The token to use to retrieve the next page of results. This value is null - // when there are no more results to return. + // The token to include in another request to get the next page of items. This + // value is null when there are no more items to return. NextToken *string `locationName:"nextToken" type:"string"` } @@ -92033,6 +98247,164 @@ func (s *DescribeInstanceStatusOutput) SetNextToken(v string) *DescribeInstanceS return s } +type DescribeInstanceTopologyInput struct { + _ struct{} `type:"structure"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The filters. + // + // * availability-zone - The name of the Availability Zone (for example, + // us-west-2a) or Local Zone (for example, us-west-2-lax-1b) that the instance + // is in. + // + // * instance-type - The instance type (for example, p4d.24xlarge) or instance + // family (for example, p4d*). You can use the * wildcard to match zero or + // more characters, or the ? wildcard to match zero or one character. + // + // * zone-id - The ID of the Availability Zone (for example, usw2-az2) or + // Local Zone (for example, usw2-lax1-az1) that the instance is in. + Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` + + // The name of the placement group that each instance is in. + // + // Constraints: Maximum 100 explicitly specified placement group names. + GroupNames []*string `locationName:"GroupName" type:"list"` + + // The instance IDs. + // + // Default: Describes all your instances. + // + // Constraints: Maximum 100 explicitly specified instance IDs. + InstanceIds []*string `locationName:"InstanceId" type:"list"` + + // The maximum number of items to return for this request. To get the next page + // of items, make another request with the token returned in the output. For + // more information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination). + // + // You can't specify this parameter and the instance IDs parameter in the same + // request. + // + // Default: 20 + MaxResults *int64 `min:"1" type:"integer"` + + // The token returned from a previous paginated request. Pagination continues + // from the end of the items returned by the previous request. + NextToken *string `type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DescribeInstanceTopologyInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DescribeInstanceTopologyInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DescribeInstanceTopologyInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DescribeInstanceTopologyInput"} + if s.MaxResults != nil && *s.MaxResults < 1 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDryRun sets the DryRun field's value. +func (s *DescribeInstanceTopologyInput) SetDryRun(v bool) *DescribeInstanceTopologyInput { + s.DryRun = &v + return s +} + +// SetFilters sets the Filters field's value. +func (s *DescribeInstanceTopologyInput) SetFilters(v []*Filter) *DescribeInstanceTopologyInput { + s.Filters = v + return s +} + +// SetGroupNames sets the GroupNames field's value. +func (s *DescribeInstanceTopologyInput) SetGroupNames(v []*string) *DescribeInstanceTopologyInput { + s.GroupNames = v + return s +} + +// SetInstanceIds sets the InstanceIds field's value. +func (s *DescribeInstanceTopologyInput) SetInstanceIds(v []*string) *DescribeInstanceTopologyInput { + s.InstanceIds = v + return s +} + +// SetMaxResults sets the MaxResults field's value. +func (s *DescribeInstanceTopologyInput) SetMaxResults(v int64) *DescribeInstanceTopologyInput { + s.MaxResults = &v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeInstanceTopologyInput) SetNextToken(v string) *DescribeInstanceTopologyInput { + s.NextToken = &v + return s +} + +type DescribeInstanceTopologyOutput struct { + _ struct{} `type:"structure"` + + // Information about the topology of each instance. + Instances []*InstanceTopology `locationName:"instanceSet" locationNameList:"item" type:"list"` + + // The token to include in another request to get the next page of items. This + // value is null when there are no more items to return. + NextToken *string `locationName:"nextToken" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DescribeInstanceTopologyOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DescribeInstanceTopologyOutput) GoString() string { + return s.String() +} + +// SetInstances sets the Instances field's value. +func (s *DescribeInstanceTopologyOutput) SetInstances(v []*InstanceTopology) *DescribeInstanceTopologyOutput { + s.Instances = v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeInstanceTopologyOutput) SetNextToken(v string) *DescribeInstanceTopologyOutput { + s.NextToken = &v + return s +} + type DescribeInstanceTypeOfferingsInput struct { _ struct{} `type:"structure"` @@ -92054,12 +98426,13 @@ type DescribeInstanceTypeOfferingsInput struct { // The location type. LocationType *string `type:"string" enum:"LocationType"` - // The maximum number of results to return for the request in a single page. - // The remaining results can be seen by sending another request with the next - // token value. + // The maximum number of items to return for this request. To get the next page + // of items, make another request with the token returned in the output. For + // more information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination). MaxResults *int64 `min:"5" type:"integer"` - // The token to retrieve the next page of results. + // The token returned from a previous paginated request. Pagination continues + // from the end of the items returned by the previous request. NextToken *string `type:"string"` } @@ -92130,8 +98503,8 @@ type DescribeInstanceTypeOfferingsOutput struct { // The instance types offered. InstanceTypeOfferings []*InstanceTypeOffering `locationName:"instanceTypeOfferingSet" locationNameList:"item" type:"list"` - // The token to use to retrieve the next page of results. This value is null - // when there are no more results to return. + // The token to include in another request to get the next page of items. This + // value is null when there are no more items to return. NextToken *string `locationName:"nextToken" type:"string"` } @@ -92176,14 +98549,14 @@ type DescribeInstanceTypesInput struct { // One or more filters. Filter names and values are case-sensitive. // - // * auto-recovery-supported - Indicates whether auto recovery is supported - // (true | false). + // * auto-recovery-supported - Indicates whether Amazon CloudWatch action + // based recovery is supported (true | false). // // * bare-metal - Indicates whether it is a bare metal instance type (true // | false). // - // * burstable-performance-supported - Indicates whether it is a burstable - // performance instance type (true | false). + // * burstable-performance-supported - Indicates whether the instance type + // is a burstable performance T instance type (true | false). // // * current-generation - Indicates whether this instance type is the latest // generation instance type of an instance family (true | false). @@ -92279,12 +98652,22 @@ type DescribeInstanceTypesInput struct { // * network-info.network-performance - The network performance (for example, // "25 Gigabit"). // + // * nitro-enclaves-support - Indicates whether Nitro Enclaves is supported + // (supported | unsupported). + // + // * nitro-tpm-support - Indicates whether NitroTPM is supported (supported + // | unsupported). + // + // * nitro-tpm-info.supported-versions - The supported NitroTPM version (2.0). + // // * processor-info.supported-architecture - The CPU architecture (arm64 // | i386 | x86_64). // // * processor-info.sustained-clock-speed-in-ghz - The CPU clock speed, in // GHz. // + // * processor-info.supported-features - The supported CPU features (amd-sev-snp). + // // * supported-boot-mode - The boot mode (legacy-bios | uefi). // // * supported-root-device-type - The root device type (ebs | instance-store). @@ -92313,12 +98696,13 @@ type DescribeInstanceTypesInput struct { // in the Amazon EC2 User Guide. InstanceTypes []*string `locationName:"InstanceType" type:"list" enum:"InstanceType"` - // The maximum number of results to return for the request in a single page. - // The remaining results can be seen by sending another request with the next - // token value. + // The maximum number of items to return for this request. To get the next page + // of items, make another request with the token returned in the output. For + // more information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination). MaxResults *int64 `min:"5" type:"integer"` - // The token to retrieve the next page of results. + // The token returned from a previous paginated request. Pagination continues + // from the end of the items returned by the previous request. NextToken *string `type:"string"` } @@ -92390,8 +98774,8 @@ type DescribeInstanceTypesOutput struct { // in the Amazon EC2 User Guide. InstanceTypes []*InstanceTypeInfo `locationName:"instanceTypeSet" locationNameList:"item" type:"list"` - // The token to use to retrieve the next page of results. This value is null - // when there are no more results to return. + // The token to include in another request to get the next page of items. This + // value is null when there are no more items to return. NextToken *string `locationName:"nextToken" type:"string"` } @@ -92444,7 +98828,7 @@ type DescribeInstancesInput struct { // * availability-zone - The Availability Zone of the instance. // // * block-device-mapping.attach-time - The attach time for an EBS volume - // mapped to the instance, for example, 2010-09-15T17:15:20.000Z. + // mapped to the instance, for example, 2022-09-15T17:15:20.000Z. // // * block-device-mapping.delete-on-termination - A Boolean that indicates // whether the EBS volume is deleted on instance termination. @@ -92457,19 +98841,37 @@ type DescribeInstancesInput struct { // // * block-device-mapping.volume-id - The volume ID of the EBS volume. // + // * boot-mode - The boot mode that was specified by the AMI (legacy-bios + // | uefi | uefi-preferred). + // // * capacity-reservation-id - The ID of the Capacity Reservation into which // the instance was launched. // + // * capacity-reservation-specification.capacity-reservation-preference - + // The instance's Capacity Reservation preference (open | none). + // + // * capacity-reservation-specification.capacity-reservation-target.capacity-reservation-id + // - The ID of the targeted Capacity Reservation. + // + // * capacity-reservation-specification.capacity-reservation-target.capacity-reservation-resource-group-arn + // - The ARN of the targeted Capacity Reservation group. + // // * client-token - The idempotency token you provided when you launched // the instance. // + // * current-instance-boot-mode - The boot mode that is used to launch the + // instance at launch or start (legacy-bios | uefi). + // // * dns-name - The public DNS name of the instance. // - // * group-id - The ID of the security group for the instance. EC2-Classic - // only. + // * ebs-optimized - A Boolean that indicates whether the instance is optimized + // for Amazon EBS I/O. + // + // * ena-support - A Boolean that indicates whether the instance is enabled + // for enhanced networking with ENA. // - // * group-name - The name of the security group for the instance. EC2-Classic - // only. + // * enclave-options.enabled - A Boolean that indicates whether the instance + // is enabled for Amazon Web Services Nitro Enclaves. // // * hibernation-options.configured - A Boolean that indicates whether the // instance is enabled for hibernation. A value of true means that the instance @@ -92484,12 +98886,18 @@ type DescribeInstancesInput struct { // * iam-instance-profile.arn - The instance profile associated with the // instance. Specified as an ARN. // + // * iam-instance-profile.id - The instance profile associated with the instance. + // Specified as an ID. + // + // * iam-instance-profile.name - The instance profile associated with the + // instance. Specified as an name. + // // * image-id - The ID of the image used to launch the instance. // // * instance-id - The ID of the instance. // - // * instance-lifecycle - Indicates whether this is a Spot Instance or a - // Scheduled Instance (spot | scheduled). + // * instance-lifecycle - Indicates whether this is a Spot Instance, a Scheduled + // Instance, or a Capacity Block (spot | scheduled | capacity-block). // // * instance-state-code - The state of the instance, as a 16-bit unsigned // integer. The high byte is used for internal purposes and should be ignored. @@ -92508,6 +98916,8 @@ type DescribeInstancesInput struct { // // * ip-address - The public IPv4 address of the instance. // + // * ipv6-address - The IPv6 address of the instance. + // // * kernel-id - The kernel ID. // // * key-name - The name of the key pair used when the instance was launched. @@ -92520,35 +98930,61 @@ type DescribeInstancesInput struct { // You can use a wildcard (*), for example, 2021-09-29T*, which matches an // entire day. // + // * maintenance-options.auto-recovery - The current automatic recovery behavior + // of the instance (disabled | default). + // + // * metadata-options.http-endpoint - The status of access to the HTTP metadata + // endpoint on your instance (enabled | disabled) + // + // * metadata-options.http-protocol-ipv4 - Indicates whether the IPv4 endpoint + // is enabled (disabled | enabled). + // + // * metadata-options.http-protocol-ipv6 - Indicates whether the IPv6 endpoint + // is enabled (disabled | enabled). + // + // * metadata-options.http-put-response-hop-limit - The HTTP metadata request + // put response hop limit (integer, possible values 1 to 64) + // // * metadata-options.http-tokens - The metadata request authorization state // (optional | required) // - // * metadata-options.http-put-response-hop-limit - The http metadata request - // put response hop limit (integer, possible values 1 to 64) + // * metadata-options.instance-metadata-tags - The status of access to instance + // tags from the instance metadata (enabled | disabled) // - // * metadata-options.http-endpoint - Enable or disable metadata access on - // http endpoint (enabled | disabled) + // * metadata-options.state - The state of the metadata option changes (pending + // | applied). // // * monitoring-state - Indicates whether detailed monitoring is enabled // (disabled | enabled). // - // * network-interface.addresses.private-ip-address - The private IPv4 address - // associated with the network interface. + // * network-interface.addresses.association.allocation-id - The allocation + // ID. // - // * network-interface.addresses.primary - Specifies whether the IPv4 address - // of the network interface is the primary private IPv4 address. + // * network-interface.addresses.association.association-id - The association + // ID. // - // * network-interface.addresses.association.public-ip - The ID of the association - // of an Elastic IP address (IPv4) with a network interface. + // * network-interface.addresses.association.carrier-ip - The carrier IP + // address. + // + // * network-interface.addresses.association.customer-owned-ip - The customer-owned + // IP address. // // * network-interface.addresses.association.ip-owner-id - The owner ID of // the private IPv4 address associated with the network interface. // - // * network-interface.association.public-ip - The address of the Elastic - // IP address (IPv4) bound to the network interface. + // * network-interface.addresses.association.public-dns-name - The public + // DNS name. // - // * network-interface.association.ip-owner-id - The owner of the Elastic - // IP address (IPv4) associated with the network interface. + // * network-interface.addresses.association.public-ip - The ID of the association + // of an Elastic IP address (IPv4) with a network interface. + // + // * network-interface.addresses.primary - Specifies whether the IPv4 address + // of the network interface is the primary private IPv4 address. + // + // * network-interface.addresses.private-dns-name - The private DNS name. + // + // * network-interface.addresses.private-ip-address - The private IPv4 address + // associated with the network interface. // // * network-interface.association.allocation-id - The allocation ID returned // when you allocated the Elastic IP address (IPv4) for your network interface. @@ -92556,30 +98992,50 @@ type DescribeInstancesInput struct { // * network-interface.association.association-id - The association ID returned // when the network interface was associated with an IPv4 address. // + // * network-interface.association.carrier-ip - The customer-owned IP address. + // + // * network-interface.association.customer-owned-ip - The customer-owned + // IP address. + // + // * network-interface.association.ip-owner-id - The owner of the Elastic + // IP address (IPv4) associated with the network interface. + // + // * network-interface.association.public-dns-name - The public DNS name. + // + // * network-interface.association.public-ip - The address of the Elastic + // IP address (IPv4) bound to the network interface. + // + // * network-interface.attachment.attach-time - The time that the network + // interface was attached to an instance. + // // * network-interface.attachment.attachment-id - The ID of the interface // attachment. // + // * network-interface.attachment.delete-on-termination - Specifies whether + // the attachment is deleted when an instance is terminated. + // + // * network-interface.attachment.device-index - The device index to which + // the network interface is attached. + // // * network-interface.attachment.instance-id - The ID of the instance to // which the network interface is attached. // // * network-interface.attachment.instance-owner-id - The owner ID of the // instance to which the network interface is attached. // - // * network-interface.attachment.device-index - The device index to which - // the network interface is attached. + // * network-interface.attachment.network-card-index - The index of the network + // card. // // * network-interface.attachment.status - The status of the attachment (attaching // | attached | detaching | detached). // - // * network-interface.attachment.attach-time - The time that the network - // interface was attached to an instance. - // - // * network-interface.attachment.delete-on-termination - Specifies whether - // the attachment is deleted when an instance is terminated. - // // * network-interface.availability-zone - The Availability Zone for the // network interface. // + // * network-interface.deny-all-igw-traffic - A Boolean that indicates whether + // a network interface with an IPv6 address is unreachable from the public + // internet. + // // * network-interface.description - The description of the network interface. // // * network-interface.group-id - The ID of a security group associated with @@ -92588,18 +99044,39 @@ type DescribeInstancesInput struct { // * network-interface.group-name - The name of a security group associated // with the network interface. // + // * network-interface.ipv4-prefixes.ipv4-prefix - The IPv4 prefixes that + // are assigned to the network interface. + // + // * network-interface.ipv6-address - The IPv6 address associated with the + // network interface. + // // * network-interface.ipv6-addresses.ipv6-address - The IPv6 address associated // with the network interface. // + // * network-interface.ipv6-addresses.is-primary-ipv6 - A Boolean that indicates + // whether this is the primary IPv6 address. + // + // * network-interface.ipv6-native - A Boolean that indicates whether this + // is an IPv6 only network interface. + // + // * network-interface.ipv6-prefixes.ipv6-prefix - The IPv6 prefix assigned + // to the network interface. + // // * network-interface.mac-address - The MAC address of the network interface. // // * network-interface.network-interface-id - The ID of the network interface. // + // * network-interface.outpost-arn - The ARN of the Outpost. + // // * network-interface.owner-id - The ID of the owner of the network interface. // // * network-interface.private-dns-name - The private DNS name of the network // interface. // + // * network-interface.private-ip-address - The private IPv4 address. + // + // * network-interface.public-dns-name - The public DNS name. + // // * network-interface.requester-id - The requester ID for the network interface. // // * network-interface.requester-managed - Indicates whether the network @@ -92616,6 +99093,12 @@ type DescribeInstancesInput struct { // // * network-interface.subnet-id - The ID of the subnet for the network interface. // + // * network-interface.tag-key - The key of a tag assigned to the network + // interface. + // + // * network-interface.tag-value - The value of a tag assigned to the network + // interface. + // // * network-interface.vpc-id - The ID of the VPC for the network interface. // // * outpost-arn - The Amazon Resource Name (ARN) of the Outpost. @@ -92629,8 +99112,29 @@ type DescribeInstancesInput struct { // // * platform - The platform. To list only Windows instances, use windows. // + // * platform-details - The platform (Linux/UNIX | Red Hat BYOL Linux | Red + // Hat Enterprise Linux | Red Hat Enterprise Linux with HA | Red Hat Enterprise + // Linux with SQL Server Standard and HA | Red Hat Enterprise Linux with + // SQL Server Enterprise and HA | Red Hat Enterprise Linux with SQL Server + // Standard | Red Hat Enterprise Linux with SQL Server Web | Red Hat Enterprise + // Linux with SQL Server Enterprise | SQL Server Enterprise | SQL Server + // Standard | SQL Server Web | SUSE Linux | Ubuntu Pro | Windows | Windows + // BYOL | Windows with SQL Server Enterprise | Windows with SQL Server Standard + // | Windows with SQL Server Web). + // // * private-dns-name - The private IPv4 DNS name of the instance. // + // * private-dns-name-options.enable-resource-name-dns-a-record - A Boolean + // that indicates whether to respond to DNS queries for instance hostnames + // with DNS A records. + // + // * private-dns-name-options.enable-resource-name-dns-aaaa-record - A Boolean + // that indicates whether to respond to DNS queries for instance hostnames + // with DNS AAAA records. + // + // * private-dns-name-options.hostname-type - The type of hostname (ip-name + // | resource-name). + // // * private-ip-address - The private IPv4 address of the instance. // // * product-code - The product code associated with the AMI used to launch @@ -92686,6 +99190,19 @@ type DescribeInstancesInput struct { // // * tenancy - The tenancy of an instance (dedicated | default | host). // + // * tpm-support - Indicates if the instance is configured for NitroTPM support + // (v2.0). + // + // * usage-operation - The usage operation value for the instance (RunInstances + // | RunInstances:00g0 | RunInstances:0010 | RunInstances:1010 | RunInstances:1014 + // | RunInstances:1110 | RunInstances:0014 | RunInstances:0210 | RunInstances:0110 + // | RunInstances:0100 | RunInstances:0004 | RunInstances:0200 | RunInstances:000g + // | RunInstances:0g00 | RunInstances:0002 | RunInstances:0800 | RunInstances:0102 + // | RunInstances:0006 | RunInstances:0202). + // + // * usage-operation-update-time - The time that the usage operation was + // last updated, for example, 2022-09-15T17:15:20.000Z. + // // * virtualization-type - The virtualization type of the instance (paravirtual // | hvm). // @@ -92697,13 +99214,16 @@ type DescribeInstancesInput struct { // Default: Describes all your instances. InstanceIds []*string `locationName:"InstanceId" locationNameList:"InstanceId" type:"list"` - // The maximum number of results to return in a single call. To retrieve the - // remaining results, make another call with the returned NextToken value. This - // value can be between 5 and 1000. You cannot specify this parameter and the - // instance IDs parameter in the same call. + // The maximum number of items to return for this request. To get the next page + // of items, make another request with the token returned in the output. For + // more information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination). + // + // You cannot specify this parameter and the instance IDs parameter in the same + // request. MaxResults *int64 `locationName:"maxResults" type:"integer"` - // The token to request the next page of results. + // The token returned from a previous paginated request. Pagination continues + // from the end of the items returned by the previous request. NextToken *string `locationName:"nextToken" type:"string"` } @@ -92758,8 +99278,8 @@ func (s *DescribeInstancesInput) SetNextToken(v string) *DescribeInstancesInput type DescribeInstancesOutput struct { _ struct{} `type:"structure"` - // The token to use to retrieve the next page of results. This value is null - // when there are no more results to return. + // The token to include in another request to get the next page of items. This + // value is null when there are no more items to return. NextToken *string `locationName:"nextToken" type:"string"` // Information about the reservations. @@ -92805,7 +99325,7 @@ type DescribeInternetGatewaysInput struct { // it is UnauthorizedOperation. DryRun *bool `locationName:"dryRun" type:"boolean"` - // One or more filters. + // The filters. // // * attachment.state - The current state of the attachment between the gateway // and the VPC (available). Present only if a VPC is attached. @@ -92828,16 +99348,18 @@ type DescribeInternetGatewaysInput struct { // the tag value. Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` - // One or more internet gateway IDs. + // The IDs of the internet gateways. // // Default: Describes all your internet gateways. InternetGatewayIds []*string `locationName:"internetGatewayId" locationNameList:"item" type:"list"` - // The maximum number of results to return with a single call. To retrieve the - // remaining results, make another call with the returned nextToken value. + // The maximum number of items to return for this request. To get the next page + // of items, make another request with the token returned in the output. For + // more information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination). MaxResults *int64 `min:"5" type:"integer"` - // The token for the next page of results. + // The token returned from a previous paginated request. Pagination continues + // from the end of the items returned by the previous request. NextToken *string `type:"string"` } @@ -92908,8 +99430,8 @@ type DescribeInternetGatewaysOutput struct { // Information about one or more internet gateways. InternetGateways []*InternetGateway `locationName:"internetGatewaySet" locationNameList:"item" type:"list"` - // The token to use to retrieve the next page of results. This value is null - // when there are no more results to return. + // The token to include in another request to get the next page of items. This + // value is null when there are no more items to return. NextToken *string `locationName:"nextToken" type:"string"` } @@ -92943,6 +99465,113 @@ func (s *DescribeInternetGatewaysOutput) SetNextToken(v string) *DescribeInterne return s } +type DescribeIpamByoasnInput struct { + _ struct{} `type:"structure"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The maximum number of results to return with a single call. To retrieve the + // remaining results, make another call with the returned nextToken value. + MaxResults *int64 `min:"1" type:"integer"` + + // The token for the next page of results. + NextToken *string `type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DescribeIpamByoasnInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DescribeIpamByoasnInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DescribeIpamByoasnInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DescribeIpamByoasnInput"} + if s.MaxResults != nil && *s.MaxResults < 1 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDryRun sets the DryRun field's value. +func (s *DescribeIpamByoasnInput) SetDryRun(v bool) *DescribeIpamByoasnInput { + s.DryRun = &v + return s +} + +// SetMaxResults sets the MaxResults field's value. +func (s *DescribeIpamByoasnInput) SetMaxResults(v int64) *DescribeIpamByoasnInput { + s.MaxResults = &v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeIpamByoasnInput) SetNextToken(v string) *DescribeIpamByoasnInput { + s.NextToken = &v + return s +} + +type DescribeIpamByoasnOutput struct { + _ struct{} `type:"structure"` + + // ASN and BYOIP CIDR associations. + Byoasns []*Byoasn `locationName:"byoasnSet" locationNameList:"item" type:"list"` + + // The token to use to retrieve the next page of results. This value is null + // when there are no more results to return. + NextToken *string `locationName:"nextToken" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DescribeIpamByoasnOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DescribeIpamByoasnOutput) GoString() string { + return s.String() +} + +// SetByoasns sets the Byoasns field's value. +func (s *DescribeIpamByoasnOutput) SetByoasns(v []*Byoasn) *DescribeIpamByoasnOutput { + s.Byoasns = v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeIpamByoasnOutput) SetNextToken(v string) *DescribeIpamByoasnOutput { + s.NextToken = &v + return s +} + type DescribeIpamPoolsInput struct { _ struct{} `type:"structure"` @@ -93068,6 +99697,257 @@ func (s *DescribeIpamPoolsOutput) SetNextToken(v string) *DescribeIpamPoolsOutpu return s } +type DescribeIpamResourceDiscoveriesInput struct { + _ struct{} `type:"structure"` + + // A check for whether you have the required permissions for the action without + // actually making the request and provides an error response. If you have the + // required permissions, the error response is DryRunOperation. Otherwise, it + // is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The resource discovery filters. + Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` + + // The IPAM resource discovery IDs. + IpamResourceDiscoveryIds []*string `locationName:"IpamResourceDiscoveryId" locationNameList:"item" type:"list"` + + // The maximum number of resource discoveries to return in one page of results. + MaxResults *int64 `min:"5" type:"integer"` + + // Specify the pagination token from a previous request to retrieve the next + // page of results. + NextToken *string `type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DescribeIpamResourceDiscoveriesInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DescribeIpamResourceDiscoveriesInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DescribeIpamResourceDiscoveriesInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DescribeIpamResourceDiscoveriesInput"} + if s.MaxResults != nil && *s.MaxResults < 5 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 5)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDryRun sets the DryRun field's value. +func (s *DescribeIpamResourceDiscoveriesInput) SetDryRun(v bool) *DescribeIpamResourceDiscoveriesInput { + s.DryRun = &v + return s +} + +// SetFilters sets the Filters field's value. +func (s *DescribeIpamResourceDiscoveriesInput) SetFilters(v []*Filter) *DescribeIpamResourceDiscoveriesInput { + s.Filters = v + return s +} + +// SetIpamResourceDiscoveryIds sets the IpamResourceDiscoveryIds field's value. +func (s *DescribeIpamResourceDiscoveriesInput) SetIpamResourceDiscoveryIds(v []*string) *DescribeIpamResourceDiscoveriesInput { + s.IpamResourceDiscoveryIds = v + return s +} + +// SetMaxResults sets the MaxResults field's value. +func (s *DescribeIpamResourceDiscoveriesInput) SetMaxResults(v int64) *DescribeIpamResourceDiscoveriesInput { + s.MaxResults = &v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeIpamResourceDiscoveriesInput) SetNextToken(v string) *DescribeIpamResourceDiscoveriesInput { + s.NextToken = &v + return s +} + +type DescribeIpamResourceDiscoveriesOutput struct { + _ struct{} `type:"structure"` + + // The resource discoveries. + IpamResourceDiscoveries []*IpamResourceDiscovery `locationName:"ipamResourceDiscoverySet" locationNameList:"item" type:"list"` + + // Specify the pagination token from a previous request to retrieve the next + // page of results. + NextToken *string `locationName:"nextToken" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DescribeIpamResourceDiscoveriesOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DescribeIpamResourceDiscoveriesOutput) GoString() string { + return s.String() +} + +// SetIpamResourceDiscoveries sets the IpamResourceDiscoveries field's value. +func (s *DescribeIpamResourceDiscoveriesOutput) SetIpamResourceDiscoveries(v []*IpamResourceDiscovery) *DescribeIpamResourceDiscoveriesOutput { + s.IpamResourceDiscoveries = v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeIpamResourceDiscoveriesOutput) SetNextToken(v string) *DescribeIpamResourceDiscoveriesOutput { + s.NextToken = &v + return s +} + +type DescribeIpamResourceDiscoveryAssociationsInput struct { + _ struct{} `type:"structure"` + + // A check for whether you have the required permissions for the action without + // actually making the request and provides an error response. If you have the + // required permissions, the error response is DryRunOperation. Otherwise, it + // is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The resource discovery association filters. + Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` + + // The resource discovery association IDs. + IpamResourceDiscoveryAssociationIds []*string `locationName:"IpamResourceDiscoveryAssociationId" locationNameList:"item" type:"list"` + + // The maximum number of resource discovery associations to return in one page + // of results. + MaxResults *int64 `min:"5" type:"integer"` + + // Specify the pagination token from a previous request to retrieve the next + // page of results. + NextToken *string `type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DescribeIpamResourceDiscoveryAssociationsInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DescribeIpamResourceDiscoveryAssociationsInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DescribeIpamResourceDiscoveryAssociationsInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DescribeIpamResourceDiscoveryAssociationsInput"} + if s.MaxResults != nil && *s.MaxResults < 5 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 5)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDryRun sets the DryRun field's value. +func (s *DescribeIpamResourceDiscoveryAssociationsInput) SetDryRun(v bool) *DescribeIpamResourceDiscoveryAssociationsInput { + s.DryRun = &v + return s +} + +// SetFilters sets the Filters field's value. +func (s *DescribeIpamResourceDiscoveryAssociationsInput) SetFilters(v []*Filter) *DescribeIpamResourceDiscoveryAssociationsInput { + s.Filters = v + return s +} + +// SetIpamResourceDiscoveryAssociationIds sets the IpamResourceDiscoveryAssociationIds field's value. +func (s *DescribeIpamResourceDiscoveryAssociationsInput) SetIpamResourceDiscoveryAssociationIds(v []*string) *DescribeIpamResourceDiscoveryAssociationsInput { + s.IpamResourceDiscoveryAssociationIds = v + return s +} + +// SetMaxResults sets the MaxResults field's value. +func (s *DescribeIpamResourceDiscoveryAssociationsInput) SetMaxResults(v int64) *DescribeIpamResourceDiscoveryAssociationsInput { + s.MaxResults = &v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeIpamResourceDiscoveryAssociationsInput) SetNextToken(v string) *DescribeIpamResourceDiscoveryAssociationsInput { + s.NextToken = &v + return s +} + +type DescribeIpamResourceDiscoveryAssociationsOutput struct { + _ struct{} `type:"structure"` + + // The resource discovery associations. + IpamResourceDiscoveryAssociations []*IpamResourceDiscoveryAssociation `locationName:"ipamResourceDiscoveryAssociationSet" locationNameList:"item" type:"list"` + + // Specify the pagination token from a previous request to retrieve the next + // page of results. + NextToken *string `locationName:"nextToken" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DescribeIpamResourceDiscoveryAssociationsOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DescribeIpamResourceDiscoveryAssociationsOutput) GoString() string { + return s.String() +} + +// SetIpamResourceDiscoveryAssociations sets the IpamResourceDiscoveryAssociations field's value. +func (s *DescribeIpamResourceDiscoveryAssociationsOutput) SetIpamResourceDiscoveryAssociations(v []*IpamResourceDiscoveryAssociation) *DescribeIpamResourceDiscoveryAssociationsOutput { + s.IpamResourceDiscoveryAssociations = v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeIpamResourceDiscoveryAssociationsOutput) SetNextToken(v string) *DescribeIpamResourceDiscoveryAssociationsOutput { + s.NextToken = &v + return s +} + type DescribeIpamScopesInput struct { _ struct{} `type:"structure"` @@ -93652,6 +100532,19 @@ type DescribeLaunchTemplateVersionsInput struct { // The token to request the next page of results. NextToken *string `type:"string"` + // If true, and if a Systems Manager parameter is specified for ImageId, the + // AMI ID is displayed in the response for imageId. + // + // If false, and if a Systems Manager parameter is specified for ImageId, the + // parameter is displayed in the response for imageId. + // + // For more information, see Use a Systems Manager parameter instead of an AMI + // ID (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-launch-templates.html#use-an-ssm-parameter-instead-of-an-ami-id) + // in the Amazon Elastic Compute Cloud User Guide. + // + // Default: false + ResolveAlias *bool `type:"boolean"` + // One or more versions of the launch template. Valid values depend on whether // you are describing a specified launch template (by ID or name) or all launch // templates in your account. @@ -93746,6 +100639,12 @@ func (s *DescribeLaunchTemplateVersionsInput) SetNextToken(v string) *DescribeLa return s } +// SetResolveAlias sets the ResolveAlias field's value. +func (s *DescribeLaunchTemplateVersionsInput) SetResolveAlias(v bool) *DescribeLaunchTemplateVersionsInput { + s.ResolveAlias = &v + return s +} + // SetVersions sets the Versions field's value. func (s *DescribeLaunchTemplateVersionsInput) SetVersions(v []*string) *DescribeLaunchTemplateVersionsInput { s.Versions = v @@ -94777,6 +101676,255 @@ func (s *DescribeLocalGatewaysOutput) SetNextToken(v string) *DescribeLocalGatew return s } +type DescribeLockedSnapshotsInput struct { + _ struct{} `type:"structure"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The filters. + // + // * lock-state - The state of the snapshot lock (compliance-cooloff | governance + // | compliance | expired). + Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` + + // The maximum number of items to return for this request. To get the next page + // of items, make another request with the token returned in the output. For + // more information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination). + MaxResults *int64 `min:"5" type:"integer"` + + // The token returned from a previous paginated request. Pagination continues + // from the end of the items returned by the previous request. + NextToken *string `type:"string"` + + // The IDs of the snapshots for which to view the lock status. + SnapshotIds []*string `locationName:"SnapshotId" locationNameList:"SnapshotId" type:"list"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DescribeLockedSnapshotsInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DescribeLockedSnapshotsInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DescribeLockedSnapshotsInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DescribeLockedSnapshotsInput"} + if s.MaxResults != nil && *s.MaxResults < 5 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 5)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDryRun sets the DryRun field's value. +func (s *DescribeLockedSnapshotsInput) SetDryRun(v bool) *DescribeLockedSnapshotsInput { + s.DryRun = &v + return s +} + +// SetFilters sets the Filters field's value. +func (s *DescribeLockedSnapshotsInput) SetFilters(v []*Filter) *DescribeLockedSnapshotsInput { + s.Filters = v + return s +} + +// SetMaxResults sets the MaxResults field's value. +func (s *DescribeLockedSnapshotsInput) SetMaxResults(v int64) *DescribeLockedSnapshotsInput { + s.MaxResults = &v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeLockedSnapshotsInput) SetNextToken(v string) *DescribeLockedSnapshotsInput { + s.NextToken = &v + return s +} + +// SetSnapshotIds sets the SnapshotIds field's value. +func (s *DescribeLockedSnapshotsInput) SetSnapshotIds(v []*string) *DescribeLockedSnapshotsInput { + s.SnapshotIds = v + return s +} + +type DescribeLockedSnapshotsOutput struct { + _ struct{} `type:"structure"` + + // The token to include in another request to get the next page of items. This + // value is null when there are no more items to return. + NextToken *string `locationName:"nextToken" type:"string"` + + // Information about the snapshots. + Snapshots []*LockedSnapshotsInfo `locationName:"snapshotSet" locationNameList:"item" type:"list"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DescribeLockedSnapshotsOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DescribeLockedSnapshotsOutput) GoString() string { + return s.String() +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeLockedSnapshotsOutput) SetNextToken(v string) *DescribeLockedSnapshotsOutput { + s.NextToken = &v + return s +} + +// SetSnapshots sets the Snapshots field's value. +func (s *DescribeLockedSnapshotsOutput) SetSnapshots(v []*LockedSnapshotsInfo) *DescribeLockedSnapshotsOutput { + s.Snapshots = v + return s +} + +type DescribeMacHostsInput struct { + _ struct{} `type:"structure"` + + // The filters. + // + // * availability-zone - The Availability Zone of the EC2 Mac Dedicated Host. + // + // * instance-type - The instance type size that the EC2 Mac Dedicated Host + // is configured to support. + Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` + + // The IDs of the EC2 Mac Dedicated Hosts. + HostIds []*string `locationName:"HostId" locationNameList:"item" type:"list"` + + // The maximum number of results to return for the request in a single page. + // The remaining results can be seen by sending another request with the returned + // nextToken value. This value can be between 5 and 500. If maxResults is given + // a larger value than 500, you receive an error. + MaxResults *int64 `min:"5" type:"integer"` + + // The token to use to retrieve the next page of results. + NextToken *string `type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DescribeMacHostsInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DescribeMacHostsInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DescribeMacHostsInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DescribeMacHostsInput"} + if s.MaxResults != nil && *s.MaxResults < 5 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 5)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetFilters sets the Filters field's value. +func (s *DescribeMacHostsInput) SetFilters(v []*Filter) *DescribeMacHostsInput { + s.Filters = v + return s +} + +// SetHostIds sets the HostIds field's value. +func (s *DescribeMacHostsInput) SetHostIds(v []*string) *DescribeMacHostsInput { + s.HostIds = v + return s +} + +// SetMaxResults sets the MaxResults field's value. +func (s *DescribeMacHostsInput) SetMaxResults(v int64) *DescribeMacHostsInput { + s.MaxResults = &v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeMacHostsInput) SetNextToken(v string) *DescribeMacHostsInput { + s.NextToken = &v + return s +} + +type DescribeMacHostsOutput struct { + _ struct{} `type:"structure"` + + // Information about the EC2 Mac Dedicated Hosts. + MacHosts []*MacHost `locationName:"macHostSet" locationNameList:"item" type:"list"` + + // The token to use to retrieve the next page of results. + NextToken *string `locationName:"nextToken" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DescribeMacHostsOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DescribeMacHostsOutput) GoString() string { + return s.String() +} + +// SetMacHosts sets the MacHosts field's value. +func (s *DescribeMacHostsOutput) SetMacHosts(v []*MacHost) *DescribeMacHostsOutput { + s.MacHosts = v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *DescribeMacHostsOutput) SetNextToken(v string) *DescribeMacHostsOutput { + s.NextToken = &v + return s +} + type DescribeManagedPrefixListsInput struct { _ struct{} `type:"structure"` @@ -95049,7 +102197,7 @@ type DescribeNatGatewaysInput struct { // it is UnauthorizedOperation. DryRun *bool `type:"boolean"` - // One or more filters. + // The filters. // // * nat-gateway-id - The ID of the NAT gateway. // @@ -95071,14 +102219,16 @@ type DescribeNatGatewaysInput struct { // * vpc-id - The ID of the VPC in which the NAT gateway resides. Filter []*Filter `locationNameList:"Filter" type:"list"` - // The maximum number of results to return with a single call. To retrieve the - // remaining results, make another call with the returned nextToken value. + // The maximum number of items to return for this request. To get the next page + // of items, make another request with the token returned in the output. For + // more information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination). MaxResults *int64 `min:"5" type:"integer"` - // One or more NAT gateway IDs. + // The IDs of the NAT gateways. NatGatewayIds []*string `locationName:"NatGatewayId" locationNameList:"item" type:"list"` - // The token for the next page of results. + // The token returned from a previous paginated request. Pagination continues + // from the end of the items returned by the previous request. NextToken *string `type:"string"` } @@ -95149,8 +102299,8 @@ type DescribeNatGatewaysOutput struct { // Information about the NAT gateways. NatGateways []*NatGateway `locationName:"natGatewaySet" locationNameList:"item" type:"list"` - // The token to use to retrieve the next page of results. This value is null - // when there are no more results to return. + // The token to include in another request to get the next page of items. This + // value is null when there are no more items to return. NextToken *string `locationName:"nextToken" type:"string"` } @@ -95193,7 +102343,7 @@ type DescribeNetworkAclsInput struct { // it is UnauthorizedOperation. DryRun *bool `locationName:"dryRun" type:"boolean"` - // One or more filters. + // The filters. // // * association.association-id - The ID of an association ID for the ACL. // @@ -95247,16 +102397,18 @@ type DescribeNetworkAclsInput struct { // * vpc-id - The ID of the VPC for the network ACL. Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` - // The maximum number of results to return with a single call. To retrieve the - // remaining results, make another call with the returned nextToken value. + // The maximum number of items to return for this request. To get the next page + // of items, make another request with the token returned in the output. For + // more information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination). MaxResults *int64 `min:"5" type:"integer"` - // One or more network ACL IDs. + // The IDs of the network ACLs. // // Default: Describes all your network ACLs. NetworkAclIds []*string `locationName:"NetworkAclId" locationNameList:"item" type:"list"` - // The token for the next page of results. + // The token returned from a previous paginated request. Pagination continues + // from the end of the items returned by the previous request. NextToken *string `type:"string"` } @@ -95327,8 +102479,8 @@ type DescribeNetworkAclsOutput struct { // Information about one or more network ACLs. NetworkAcls []*NetworkAcl `locationName:"networkAclSet" locationNameList:"item" type:"list"` - // The token to use to retrieve the next page of results. This value is null - // when there are no more results to return. + // The token to include in another request to get the next page of items. This + // value is null when there are no more items to return. NextToken *string `locationName:"nextToken" type:"string"` } @@ -95812,7 +102964,27 @@ type DescribeNetworkInsightsPathsInput struct { // // * destination - The ID of the resource. // - // * destination-port - The destination port. + // * filter-at-source.source-address - The source IPv4 address at the source. + // + // * filter-at-source.source-port-range - The source port range at the source. + // + // * filter-at-source.destination-address - The destination IPv4 address + // at the source. + // + // * filter-at-source.destination-port-range - The destination port range + // at the source. + // + // * filter-at-destination.source-address - The source IPv4 address at the + // destination. + // + // * filter-at-destination.source-port-range - The source port range at the + // destination. + // + // * filter-at-destination.destination-address - The destination IPv4 address + // at the destination. + // + // * filter-at-destination.destination-port-range - The destination port + // range at the destination. // // * protocol - The protocol. // @@ -96089,15 +103261,17 @@ type DescribeNetworkInterfacePermissionsInput struct { // | EIP-ASSOCIATE). Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` - // The maximum number of results to return in a single call. To retrieve the - // remaining results, make another call with the returned NextToken value. If + // The maximum number of items to return for this request. To get the next page + // of items, make another request with the token returned in the output. If // this parameter is not specified, up to 50 results are returned by default. + // For more information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination). MaxResults *int64 `min:"5" type:"integer"` // The network interface permission IDs. NetworkInterfacePermissionIds []*string `locationName:"NetworkInterfacePermissionId" type:"list"` - // The token to request the next page of results. + // The token returned from a previous paginated request. Pagination continues + // from the end of the items returned by the previous request. NextToken *string `type:"string"` } @@ -96163,7 +103337,8 @@ type DescribeNetworkInterfacePermissionsOutput struct { // The network interface permissions. NetworkInterfacePermissions []*NetworkInterfacePermission `locationName:"networkInterfacePermissions" locationNameList:"item" type:"list"` - // The token to use to retrieve the next page of results. + // The token to include in another request to get the next page of items. This + // value is null when there are no more items to return. NextToken *string `locationName:"nextToken" type:"string"` } @@ -96209,23 +103384,23 @@ type DescribeNetworkInterfacesInput struct { // One or more filters. // - // * addresses.private-ip-address - The private IPv4 addresses associated - // with the network interface. - // - // * addresses.primary - Whether the private IPv4 address is the primary - // IP address associated with the network interface. + // * association.allocation-id - The allocation ID returned when you allocated + // the Elastic IP address (IPv4) for your network interface. // - // * addresses.association.public-ip - The association ID returned when the - // network interface was associated with the Elastic IP address (IPv4). + // * association.association-id - The association ID returned when the network + // interface was associated with an IPv4 address. // // * addresses.association.owner-id - The owner ID of the addresses associated // with the network interface. // - // * association.association-id - The association ID returned when the network - // interface was associated with an IPv4 address. + // * addresses.association.public-ip - The association ID returned when the + // network interface was associated with the Elastic IP address (IPv4). // - // * association.allocation-id - The allocation ID returned when you allocated - // the Elastic IP address (IPv4) for your network interface. + // * addresses.primary - Whether the private IPv4 address is the primary + // IP address associated with the network interface. + // + // * addresses.private-ip-address - The private IPv4 addresses associated + // with the network interface. // // * association.ip-owner-id - The owner of the Elastic IP address (IPv4) // associated with the network interface. @@ -96236,11 +103411,11 @@ type DescribeNetworkInterfacesInput struct { // * association.public-dns-name - The public DNS name for the network interface // (IPv4). // - // * attachment.attachment-id - The ID of the interface attachment. - // // * attachment.attach-time - The time that the network interface was attached // to an instance. // + // * attachment.attachment-id - The ID of the interface attachment. + // // * attachment.delete-on-termination - Indicates whether the attachment // is deleted when an instance is terminated. // @@ -96262,17 +103437,15 @@ type DescribeNetworkInterfacesInput struct { // // * group-id - The ID of a security group associated with the network interface. // - // * group-name - The name of a security group associated with the network - // interface. - // // * ipv6-addresses.ipv6-address - An IPv6 address associated with the network // interface. // // * interface-type - The type of network interface (api_gateway_managed - // | aws_codestar_connections_managed | branch | efa | gateway_load_balancer - // | gateway_load_balancer_endpoint | global_accelerator_managed | interface - // | iot_rules_managed | lambda | load_balancer | nat_gateway | network_load_balancer - // | quicksight | transit_gateway | trunk | vpc_endpoint). + // | aws_codestar_connections_managed | branch | ec2_instance_connect_endpoint + // | efa | efs | gateway_load_balancer | gateway_load_balancer_endpoint | + // global_accelerator_managed | interface | iot_rules_managed | lambda | + // load_balancer | nat_gateway | network_load_balancer | quicksight | transit_gateway + // | trunk | vpc_endpoint). // // * mac-address - The MAC address of the network interface. // @@ -96281,11 +103454,11 @@ type DescribeNetworkInterfacesInput struct { // * owner-id - The Amazon Web Services account ID of the network interface // owner. // + // * private-dns-name - The private DNS name of the network interface (IPv4). + // // * private-ip-address - The private IPv4 address or addresses of the network // interface. // - // * private-dns-name - The private DNS name of the network interface (IPv4). - // // * requester-id - The alias or Amazon Web Services account ID of the principal // or service that created the network interface. // @@ -96318,10 +103491,10 @@ type DescribeNetworkInterfacesInput struct { // * vpc-id - The ID of the VPC for the network interface. Filters []*Filter `locationName:"filter" locationNameList:"Filter" type:"list"` - // The maximum number of items to return for this request. The request returns - // a token that you can specify in a subsequent call to get the next set of - // results. You cannot specify this parameter and the network interface IDs - // parameter in the same request. + // The maximum number of items to return for this request. To get the next page + // of items, make another request with the token returned in the output. You + // cannot specify this parameter and the network interface IDs parameter in + // the same request. For more information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination). MaxResults *int64 `min:"5" type:"integer"` // The network interface IDs. @@ -96329,7 +103502,8 @@ type DescribeNetworkInterfacesInput struct { // Default: Describes all your network interfaces. NetworkInterfaceIds []*string `locationName:"NetworkInterfaceId" locationNameList:"item" type:"list"` - // The token to retrieve the next page of results. + // The token returned from a previous paginated request. Pagination continues + // from the end of the items returned by the previous request. NextToken *string `type:"string"` } @@ -96394,15 +103568,14 @@ func (s *DescribeNetworkInterfacesInput) SetNextToken(v string) *DescribeNetwork return s } -// Contains the output of DescribeNetworkInterfaces. type DescribeNetworkInterfacesOutput struct { _ struct{} `type:"structure"` // Information about one or more network interfaces. NetworkInterfaces []*NetworkInterface `locationName:"networkInterfaceSet" locationNameList:"item" type:"list"` - // The token to use to retrieve the next page of results. This value is null - // when there are no more results to return. + // The token to include in another request to get the next page of items. This + // value is null when there are no more items to return. NextToken *string `locationName:"nextToken" type:"string"` } @@ -97028,11 +104201,13 @@ type DescribeReplaceRootVolumeTasksInput struct { // task was created. Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` - // The maximum number of results to return with a single call. To retrieve the - // remaining results, make another call with the returned nextToken value. + // The maximum number of items to return for this request. To get the next page + // of items, make another request with the token returned in the output. For + // more information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination). MaxResults *int64 `min:"1" type:"integer"` - // The token for the next page of results. + // The token returned from a previous paginated request. Pagination continues + // from the end of the items returned by the previous request. NextToken *string `type:"string"` // The ID of the root volume replacement task to view. @@ -97103,8 +104278,8 @@ func (s *DescribeReplaceRootVolumeTasksInput) SetReplaceRootVolumeTaskIds(v []*s type DescribeReplaceRootVolumeTasksOutput struct { _ struct{} `type:"structure"` - // The token to use to retrieve the next page of results. This value is null - // when there are no more results to return. + // The token to include in another request to get the next page of items. This + // value is null when there are no more items to return. NextToken *string `locationName:"nextToken" type:"string"` // Information about the root volume replacement task. @@ -97168,16 +104343,11 @@ type DescribeReservedInstancesInput struct { // // * scope - The scope of the Reserved Instance (Region or Availability Zone). // - // * product-description - The Reserved Instance product platform description. - // Instances that include (Amazon VPC) in the product platform description - // will only be displayed to EC2-Classic account holders and are for use - // with Amazon VPC (Linux/UNIX | Linux/UNIX (Amazon VPC) | SUSE Linux | SUSE - // Linux (Amazon VPC) | Red Hat Enterprise Linux | Red Hat Enterprise Linux - // (Amazon VPC) | Red Hat Enterprise Linux with HA (Amazon VPC) | Windows - // | Windows (Amazon VPC) | Windows with SQL Server Standard | Windows with - // SQL Server Standard (Amazon VPC) | Windows with SQL Server Web | Windows - // with SQL Server Web (Amazon VPC) | Windows with SQL Server Enterprise - // | Windows with SQL Server Enterprise (Amazon VPC)). + // * product-description - The Reserved Instance product platform description + // (Linux/UNIX | Linux with SQL Server Standard | Linux with SQL Server Web + // | Linux with SQL Server Enterprise | SUSE Linux | Red Hat Enterprise Linux + // | Red Hat Enterprise Linux with HA | Windows | Windows with SQL Server + // Standard | Windows with SQL Server Web | Windows with SQL Server Enterprise). // // * reserved-instances-id - The ID of the Reserved Instance. // @@ -97379,9 +104549,6 @@ type DescribeReservedInstancesModificationsInput struct { // * modification-result.target-configuration.instance-type - The instance // type of the new Reserved Instances. // - // * modification-result.target-configuration.platform - The network platform - // of the new Reserved Instances (EC2-Classic | EC2-VPC). - // // * reserved-instances-id - The ID of the Reserved Instances modified. // // * reserved-instances-modification-id - The ID of the modification request. @@ -97510,16 +104677,11 @@ type DescribeReservedInstancesOfferingsInput struct { // all offerings from both Amazon Web Services and the Reserved Instance // Marketplace are listed. // - // * product-description - The Reserved Instance product platform description. - // Instances that include (Amazon VPC) in the product platform description - // will only be displayed to EC2-Classic account holders and are for use - // with Amazon VPC. (Linux/UNIX | Linux/UNIX (Amazon VPC) | SUSE Linux | - // SUSE Linux (Amazon VPC) | Red Hat Enterprise Linux | Red Hat Enterprise - // Linux (Amazon VPC) | Red Hat Enterprise Linux with HA (Amazon VPC) | Windows - // | Windows (Amazon VPC) | Windows with SQL Server Standard | Windows with - // SQL Server Standard (Amazon VPC) | Windows with SQL Server Web | Windows - // with SQL Server Web (Amazon VPC) | Windows with SQL Server Enterprise - // | Windows with SQL Server Enterprise (Amazon VPC)) + // * product-description - The Reserved Instance product platform description + // (Linux/UNIX | Linux with SQL Server Standard | Linux with SQL Server Web + // | Linux with SQL Server Enterprise | SUSE Linux | Red Hat Enterprise Linux + // | Red Hat Enterprise Linux with HA | Windows | Windows with SQL Server + // Standard | Windows with SQL Server Web | Windows with SQL Server Enterprise). // // * reserved-instances-offering-id - The Reserved Instances offering ID. // @@ -97779,7 +104941,9 @@ type DescribeRouteTablesInput struct { // it is UnauthorizedOperation. DryRun *bool `locationName:"dryRun" type:"boolean"` - // One or more filters. + // The filters. + // + // * association.gateway-id - The ID of the gateway involved in the association. // // * association.route-table-association-id - The ID of an association ID // for the route table. @@ -97846,14 +105010,16 @@ type DescribeRouteTablesInput struct { // * vpc-id - The ID of the VPC for the route table. Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` - // The maximum number of results to return with a single call. To retrieve the - // remaining results, make another call with the returned nextToken value. + // The maximum number of items to return for this request. To get the next page + // of items, make another request with the token returned in the output. For + // more information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination). MaxResults *int64 `min:"5" type:"integer"` - // The token for the next page of results. + // The token returned from a previous paginated request. Pagination continues + // from the end of the items returned by the previous request. NextToken *string `type:"string"` - // One or more route table IDs. + // The IDs of the route tables. // // Default: Describes all your route tables. RouteTableIds []*string `locationName:"RouteTableId" locationNameList:"item" type:"list"` @@ -97924,8 +105090,8 @@ func (s *DescribeRouteTablesInput) SetRouteTableIds(v []*string) *DescribeRouteT type DescribeRouteTablesOutput struct { _ struct{} `type:"structure"` - // The token to use to retrieve the next page of results. This value is null - // when there are no more results to return. + // The token to include in another request to get the next page of items. This + // value is null when there are no more items to return. NextToken *string `locationName:"nextToken" type:"string"` // Information about one or more route tables. @@ -97978,8 +105144,6 @@ type DescribeScheduledInstanceAvailabilityInput struct { // // * instance-type - The instance type (for example, c4.large). // - // * network-platform - The network platform (EC2-Classic or EC2-VPC). - // // * platform - The platform (Linux/UNIX or Windows). Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` @@ -98160,8 +105324,6 @@ type DescribeScheduledInstancesInput struct { // // * instance-type - The instance type (for example, c4.large). // - // * network-platform - The network platform (EC2-Classic or EC2-VPC). - // // * platform - The platform (Linux/UNIX or Windows). Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` @@ -98387,13 +105549,14 @@ type DescribeSecurityGroupRulesInput struct { // the filter value. Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` - // The maximum number of results to return in a single call. To retrieve the - // remaining results, make another request with the returned NextToken value. - // This value can be between 5 and 1000. If this parameter is not specified, - // then all results are returned. + // The maximum number of items to return for this request. To get the next page + // of items, make another request with the token returned in the output. This + // value can be between 5 and 1000. If this parameter is not specified, then + // all items are returned. For more information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination). MaxResults *int64 `min:"5" type:"integer"` - // The token for the next page of results. + // The token returned from a previous paginated request. Pagination continues + // from the end of the items returned by the previous request. NextToken *string `type:"string"` // The IDs of the security group rules. @@ -98464,8 +105627,8 @@ func (s *DescribeSecurityGroupRulesInput) SetSecurityGroupRuleIds(v []*string) * type DescribeSecurityGroupRulesOutput struct { _ struct{} `type:"structure"` - // The token to use to retrieve the next page of results. This value is null - // when there are no more results to return. + // The token to include in another request to get the next page of items. This + // value is null when there are no more items to return. NextToken *string `locationName:"nextToken" type:"string"` // Information about security group rules. @@ -98597,21 +105760,20 @@ type DescribeSecurityGroupsInput struct { // Default: Describes all of your security groups. GroupIds []*string `locationName:"GroupId" locationNameList:"groupId" type:"list"` - // [EC2-Classic and default VPC only] The names of the security groups. You - // can specify either the security group name or the security group ID. For - // security groups in a nondefault VPC, use the group-name filter to describe - // security groups by name. + // [Default VPC] The names of the security groups. You can specify either the + // security group name or the security group ID. // // Default: Describes all of your security groups. GroupNames []*string `locationName:"GroupName" locationNameList:"GroupName" type:"list"` - // The maximum number of results to return in a single call. To retrieve the - // remaining results, make another request with the returned NextToken value. - // This value can be between 5 and 1000. If this parameter is not specified, - // then all results are returned. + // The maximum number of items to return for this request. To get the next page + // of items, make another request with the token returned in the output. This + // value can be between 5 and 1000. If this parameter is not specified, then + // all items are returned. For more information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination). MaxResults *int64 `min:"5" type:"integer"` - // The token to request the next page of results. + // The token returned from a previous paginated request. Pagination continues + // from the end of the items returned by the previous request. NextToken *string `type:"string"` } @@ -98685,8 +105847,8 @@ func (s *DescribeSecurityGroupsInput) SetNextToken(v string) *DescribeSecurityGr type DescribeSecurityGroupsOutput struct { _ struct{} `type:"structure"` - // The token to use to retrieve the next page of results. This value is null - // when there are no more results to return. + // The token to include in another request to get the next page of items. This + // value is null when there are no more items to return. NextToken *string `locationName:"nextToken" type:"string"` // Information about the security groups. @@ -98866,11 +106028,13 @@ type DescribeSnapshotTierStatusInput struct { // | temporary-restore-completed | temporary-restore-failed) Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` - // The maximum number of results to return with a single call. To retrieve the - // remaining results, make another call with the returned nextToken value. + // The maximum number of items to return for this request. To get the next page + // of items, make another request with the token returned in the output. For + // more information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination). MaxResults *int64 `type:"integer"` - // The token for the next page of results. + // The token returned from a previous paginated request. Pagination continues + // from the end of the items returned by the previous request. NextToken *string `type:"string"` } @@ -98919,8 +106083,8 @@ func (s *DescribeSnapshotTierStatusInput) SetNextToken(v string) *DescribeSnapsh type DescribeSnapshotTierStatusOutput struct { _ struct{} `type:"structure"` - // The token to use to retrieve the next page of results. This value is null - // when there are no more results to return. + // The token to include in another request to get the next page of items. This + // value is null when there are no more items to return. NextToken *string `locationName:"nextToken" type:"string"` // Information about the snapshot's storage tier. @@ -99006,22 +106170,15 @@ type DescribeSnapshotsInput struct { // * volume-size - The size of the volume, in GiB. Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` - // The maximum number of snapshot results returned by DescribeSnapshots in paginated - // output. When this parameter is used, DescribeSnapshots only returns MaxResults - // results in a single page along with a NextToken response element. The remaining - // results of the initial request can be seen by sending another DescribeSnapshots - // request with the returned NextToken value. This value can be between 5 and - // 1,000; if MaxResults is given a value larger than 1,000, only 1,000 results - // are returned. If this parameter is not used, then DescribeSnapshots returns - // all results. You cannot specify this parameter and the snapshot IDs parameter - // in the same request. + // The maximum number of snapshots to return for this request. This value can + // be between 5 and 1,000; if this value is larger than 1,000, only 1,000 results + // are returned. If this parameter is not used, then the request returns all + // snapshots. You cannot specify this parameter and the snapshot IDs parameter + // in the same request. For more information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination). MaxResults *int64 `type:"integer"` - // The NextToken value returned from a previous paginated DescribeSnapshots - // request where MaxResults was used and the results exceeded the value of that - // parameter. Pagination continues from the end of the previous results that - // returned the NextToken value. This value is null when there are no more results - // to return. + // The token returned from a previous paginated request. Pagination continues + // from the end of the items returned by the previous request. NextToken *string `type:"string"` // Scopes the results to snapshots with the specified owners. You can specify @@ -99101,10 +106258,8 @@ func (s *DescribeSnapshotsInput) SetSnapshotIds(v []*string) *DescribeSnapshotsI type DescribeSnapshotsOutput struct { _ struct{} `type:"structure"` - // The NextToken value to include in a future DescribeSnapshots request. When - // the results of a DescribeSnapshots request exceed MaxResults, this value - // can be used to retrieve the next page of results. This value is null when - // there are no more results to return. + // The token to include in another request to return the next page of snapshots. + // This value is null when there are no more snapshots to return. NextToken *string `locationName:"nextToken" type:"string"` // Information about the snapshots. @@ -99218,12 +106373,13 @@ type DescribeSpotFleetInstancesInput struct { // it is UnauthorizedOperation. DryRun *bool `locationName:"dryRun" type:"boolean"` - // The maximum number of results to return in a single call. Specify a value - // between 1 and 1000. The default value is 1000. To retrieve the remaining - // results, make another call with the returned NextToken value. + // The maximum number of items to return for this request. To get the next page + // of items, make another request with the token returned in the output. For + // more information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination). MaxResults *int64 `locationName:"maxResults" min:"1" type:"integer"` - // The token for the next set of results. + // The token to include in another request to get the next page of items. This + // value is null when there are no more items to return. NextToken *string `locationName:"nextToken" type:"string"` // The ID of the Spot Fleet request. @@ -99298,8 +106454,8 @@ type DescribeSpotFleetInstancesOutput struct { // of date. ActiveInstances []*ActiveInstance `locationName:"activeInstanceSet" locationNameList:"item" type:"list"` - // The token required to retrieve the next set of results. This value is null - // when there are no more results to return. + // The token to include in another request to get the next page of items. This + // value is null when there are no more items to return. NextToken *string `locationName:"nextToken" type:"string"` // The ID of the Spot Fleet request. @@ -99355,12 +106511,13 @@ type DescribeSpotFleetRequestHistoryInput struct { // The type of events to describe. By default, all events are described. EventType *string `locationName:"eventType" type:"string" enum:"EventType"` - // The maximum number of results to return in a single call. Specify a value - // between 1 and 1000. The default value is 1000. To retrieve the remaining - // results, make another call with the returned NextToken value. + // The maximum number of items to return for this request. To get the next page + // of items, make another request with the token returned in the output. For + // more information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination). MaxResults *int64 `locationName:"maxResults" min:"1" type:"integer"` - // The token for the next set of results. + // The token to include in another request to get the next page of items. This + // value is null when there are no more items to return. NextToken *string `locationName:"nextToken" type:"string"` // The ID of the Spot Fleet request. @@ -99457,11 +106614,11 @@ type DescribeSpotFleetRequestHistoryOutput struct { // The last date and time for the events, in UTC format (for example, YYYY-MM-DDTHH:MM:SSZ). // All records up to this time were retrieved. // - // If nextToken indicates that there are more results, this value is not present. + // If nextToken indicates that there are more items, this value is not present. LastEvaluatedTime *time.Time `locationName:"lastEvaluatedTime" type:"timestamp"` - // The token required to retrieve the next set of results. This value is null - // when there are no more results to return. + // The token to include in another request to get the next page of items. This + // value is null when there are no more items to return. NextToken *string `locationName:"nextToken" type:"string"` // The ID of the Spot Fleet request. @@ -99529,12 +106686,13 @@ type DescribeSpotFleetRequestsInput struct { // it is UnauthorizedOperation. DryRun *bool `locationName:"dryRun" type:"boolean"` - // The maximum number of results to return in a single call. Specify a value - // between 1 and 1000. The default value is 1000. To retrieve the remaining - // results, make another call with the returned NextToken value. + // The maximum number of items to return for this request. To get the next page + // of items, make another request with the token returned in the output. For + // more information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination). MaxResults *int64 `locationName:"maxResults" type:"integer"` - // The token for the next set of results. + // The token to include in another request to get the next page of items. This + // value is null when there are no more items to return. NextToken *string `locationName:"nextToken" type:"string"` // The IDs of the Spot Fleet requests. @@ -99587,8 +106745,8 @@ func (s *DescribeSpotFleetRequestsInput) SetSpotFleetRequestIds(v []*string) *De type DescribeSpotFleetRequestsOutput struct { _ struct{} `type:"structure"` - // The token required to retrieve the next set of results. This value is null - // when there are no more results to return. + // The token to include in another request to get the next page of items. This + // value is null when there are no more items to return. NextToken *string `locationName:"nextToken" type:"string"` // Information about the configuration of your Spot Fleet. @@ -99635,7 +106793,7 @@ type DescribeSpotInstanceRequestsInput struct { // it is UnauthorizedOperation. DryRun *bool `locationName:"dryRun" type:"boolean"` - // One or more filters. + // The filters. // // * availability-zone-group - The Availability Zone group. // @@ -99662,8 +106820,8 @@ type DescribeSpotInstanceRequestsInput struct { // in GiB. // // * launch.block-device-mapping.volume-type - The type of EBS volume: gp2 - // for General Purpose SSD, io1 or io2 for Provisioned IOPS SSD, st1 for - // Throughput Optimized HDD, sc1for Cold HDD, or standard for Magnetic. + // or gp3 for General Purpose SSD, io1 or io2 for Provisioned IOPS SSD, st1 + // for Throughput Optimized HDD, sc1 for Cold HDD, or standard for Magnetic. // // * launch.group-id - The ID of the security group for the instance. // @@ -99743,16 +106901,16 @@ type DescribeSpotInstanceRequestsInput struct { // * valid-until - The end date of the request. Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` - // The maximum number of results to return in a single call. Specify a value - // between 5 and 1000. To retrieve the remaining results, make another call - // with the returned NextToken value. + // The maximum number of items to return for this request. To get the next page + // of items, make another request with the token returned in the output. For + // more information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination). MaxResults *int64 `type:"integer"` - // The token to request the next set of results. This value is null when there - // are no more results to return. + // The token returned from a previous paginated request. Pagination continues + // from the end of the items returned by the previous request. NextToken *string `type:"string"` - // One or more Spot Instance request IDs. + // The IDs of the Spot Instance requests. SpotInstanceRequestIds []*string `locationName:"SpotInstanceRequestId" locationNameList:"SpotInstanceRequestId" type:"list"` } @@ -99808,11 +106966,11 @@ func (s *DescribeSpotInstanceRequestsInput) SetSpotInstanceRequestIds(v []*strin type DescribeSpotInstanceRequestsOutput struct { _ struct{} `type:"structure"` - // The token to use to retrieve the next set of results. This value is null - // when there are no more results to return. + // The token to include in another request to get the next page of items. This + // value is null when there are no more items to return. NextToken *string `locationName:"nextToken" type:"string"` - // One or more Spot Instance requests. + // The Spot Instance requests. SpotInstanceRequests []*SpotInstanceRequest `locationName:"spotInstanceRequestSet" locationNameList:"item" type:"list"` } @@ -99863,7 +107021,7 @@ type DescribeSpotPriceHistoryInput struct { // the price history data, in UTC format (for example, YYYY-MM-DDTHH:MM:SSZ). EndTime *time.Time `locationName:"endTime" type:"timestamp"` - // One or more filters. + // The filters. // // * availability-zone - The Availability Zone for which prices should be // returned. @@ -99879,19 +107037,20 @@ type DescribeSpotPriceHistoryInput struct { // greater than or less than comparison is not supported). // // * timestamp - The time stamp of the Spot price history, in UTC format - // (for example, YYYY-MM-DDTHH:MM:SSZ). You can use wildcards (* and ?). - // Greater than or less than comparison is not supported. + // (for example, ddd MMM dd HH:mm:ss UTC YYYY). You can use wildcards (* + // and ?). Greater than or less than comparison is not supported. Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` // Filters the results by the specified instance types. InstanceTypes []*string `locationName:"InstanceType" type:"list" enum:"InstanceType"` - // The maximum number of results to return in a single call. Specify a value - // between 1 and 1000. The default value is 1000. To retrieve the remaining - // results, make another call with the returned NextToken value. + // The maximum number of items to return for this request. To get the next page + // of items, make another request with the token returned in the output. For + // more information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination). MaxResults *int64 `locationName:"maxResults" type:"integer"` - // The token for the next set of results. + // The token returned from a previous paginated request. Pagination continues + // from the end of the items returned by the previous request. NextToken *string `locationName:"nextToken" type:"string"` // Filters the results by the specified basic product descriptions. @@ -99978,8 +107137,8 @@ func (s *DescribeSpotPriceHistoryInput) SetStartTime(v time.Time) *DescribeSpotP type DescribeSpotPriceHistoryOutput struct { _ struct{} `type:"structure"` - // The token required to retrieve the next set of results. This value is null - // or an empty string when there are no more results to return. + // The token to include in another request to get the next page of items. This + // value is an empty string ("") or null when there are no more items to return. NextToken *string `locationName:"nextToken" type:"string"` // The historical Spot prices. @@ -100025,13 +107184,13 @@ type DescribeStaleSecurityGroupsInput struct { // it is UnauthorizedOperation. DryRun *bool `type:"boolean"` - // The maximum number of items to return for this request. The request returns - // a token that you can specify in a subsequent call to get the next set of - // results. + // The maximum number of items to return for this request. To get the next page + // of items, make another request with the token returned in the output. For + // more information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination). MaxResults *int64 `min:"5" type:"integer"` - // The token for the next set of items to return. (You received this token from - // a prior call.) + // The token returned from a previous paginated request. Pagination continues + // from the end of the items returned by the previous request. NextToken *string `min:"1" type:"string"` // The ID of the VPC. @@ -100104,8 +107263,8 @@ func (s *DescribeStaleSecurityGroupsInput) SetVpcId(v string) *DescribeStaleSecu type DescribeStaleSecurityGroupsOutput struct { _ struct{} `type:"structure"` - // The token to use when requesting the next set of items. If there are no additional - // items to return, the string is empty. + // The token to include in another request to get the next page of items. If + // there are no additional items to return, the string is empty. NextToken *string `locationName:"nextToken" type:"string"` // Information about the stale security groups. @@ -100158,19 +107317,25 @@ type DescribeStoreImageTasksInput struct { // // * bucket - Returns task information for tasks that targeted a specific // bucket. For the filter value, specify the bucket name. + // + // When you specify the ImageIds parameter, any filters that you specify are + // ignored. To use the filters, you must remove the ImageIds parameter. Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` // The AMI IDs for which to show progress. Up to 20 AMI IDs can be included // in a request. ImageIds []*string `locationName:"ImageId" locationNameList:"item" type:"list"` - // The maximum number of results to return in a single call. To retrieve the - // remaining results, make another call with the returned NextToken value. This - // value can be between 1 and 200. You cannot specify this parameter and the - // ImageIDs parameter in the same call. + // The maximum number of items to return for this request. To get the next page + // of items, make another request with the token returned in the output. For + // more information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination). + // + // You cannot specify this parameter and the ImageIds parameter in the same + // call. MaxResults *int64 `min:"1" type:"integer"` - // The token for the next page of results. + // The token returned from a previous paginated request. Pagination continues + // from the end of the items returned by the previous request. NextToken *string `type:"string"` } @@ -100238,8 +107403,8 @@ func (s *DescribeStoreImageTasksInput) SetNextToken(v string) *DescribeStoreImag type DescribeStoreImageTasksOutput struct { _ struct{} `type:"structure"` - // The token to use to retrieve the next page of results. This value is null - // when there are no more results to return. + // The token to include in another request to get the next page of items. This + // value is null when there are no more items to return. NextToken *string `locationName:"nextToken" type:"string"` // The information about the AMI store tasks. @@ -100285,7 +107450,7 @@ type DescribeSubnetsInput struct { // it is UnauthorizedOperation. DryRun *bool `locationName:"dryRun" type:"boolean"` - // One or more filters. + // The filters. // // * availability-zone - The Availability Zone for the subnet. You can also // use availabilityZone as the filter name. @@ -100371,14 +107536,16 @@ type DescribeSubnetsInput struct { // * vpc-id - The ID of the VPC for the subnet. Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` - // The maximum number of results to return with a single call. To retrieve the - // remaining results, make another call with the returned nextToken value. + // The maximum number of items to return for this request. To get the next page + // of items, make another request with the token returned in the output. For + // more information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination). MaxResults *int64 `min:"5" type:"integer"` - // The token for the next page of results. + // The token returned from a previous paginated request. Pagination continues + // from the end of the items returned by the previous request. NextToken *string `type:"string"` - // One or more subnet IDs. + // The IDs of the subnets. // // Default: Describes all your subnets. SubnetIds []*string `locationName:"SubnetId" locationNameList:"SubnetId" type:"list"` @@ -100448,8 +107615,8 @@ func (s *DescribeSubnetsInput) SetSubnetIds(v []*string) *DescribeSubnetsInput { type DescribeSubnetsOutput struct { _ struct{} `type:"structure"` - // The token to use to retrieve the next page of results. This value is null - // when there are no more results to return. + // The token to include in another request to get the next page of items. This + // value is null when there are no more items to return. NextToken *string `locationName:"nextToken" type:"string"` // Information about one or more subnets. @@ -100516,12 +107683,13 @@ type DescribeTagsInput struct { // * value - The tag value. Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` - // The maximum number of results to return in a single call. This value can - // be between 5 and 1000. To retrieve the remaining results, make another call - // with the returned NextToken value. + // The maximum number of items to return for this request. This value can be + // between 5 and 1000. To get the next page of items, make another request with + // the token returned in the output. For more information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination). MaxResults *int64 `locationName:"maxResults" type:"integer"` - // The token to retrieve the next page of results. + // The token returned from a previous paginated request. Pagination continues + // from the end of the items returned by the previous request. NextToken *string `locationName:"nextToken" type:"string"` } @@ -100570,8 +107738,8 @@ func (s *DescribeTagsInput) SetNextToken(v string) *DescribeTagsInput { type DescribeTagsOutput struct { _ struct{} `type:"structure"` - // The token to use to retrieve the next page of results. This value is null - // when there are no more results to return. + // The token to include in another request to get the next page of items. This + // value is null when there are no more items to return. NextToken *string `locationName:"nextToken" type:"string"` // The tags. @@ -102548,13 +109716,13 @@ type DescribeVerifiedAccessEndpointsInput struct { // The token for the next page of results. NextToken *string `type:"string"` - // The ID of the Amazon Web Services Verified Access endpoint. + // The ID of the Verified Access endpoint. VerifiedAccessEndpointIds []*string `locationName:"VerifiedAccessEndpointId" locationNameList:"item" type:"list"` - // The ID of the Amazon Web Services Verified Access group. + // The ID of the Verified Access group. VerifiedAccessGroupId *string `type:"string"` - // The ID of the Amazon Web Services Verified Access instance. + // The ID of the Verified Access instance. VerifiedAccessInstanceId *string `type:"string"` } @@ -102638,7 +109806,7 @@ type DescribeVerifiedAccessEndpointsOutput struct { // when there are no more results to return. NextToken *string `locationName:"nextToken" type:"string"` - // The ID of the Amazon Web Services Verified Access endpoint. + // Details about the Verified Access endpoints. VerifiedAccessEndpoints []*VerifiedAccessEndpoint `locationName:"verifiedAccessEndpointSet" locationNameList:"item" type:"list"` } @@ -102691,10 +109859,10 @@ type DescribeVerifiedAccessGroupsInput struct { // The token for the next page of results. NextToken *string `type:"string"` - // The ID of the Amazon Web Services Verified Access groups. + // The ID of the Verified Access groups. VerifiedAccessGroupIds []*string `locationName:"VerifiedAccessGroupId" locationNameList:"item" type:"list"` - // The ID of the Amazon Web Services Verified Access instance. + // The ID of the Verified Access instance. VerifiedAccessInstanceId *string `type:"string"` } @@ -102772,7 +109940,7 @@ type DescribeVerifiedAccessGroupsOutput struct { // when there are no more results to return. NextToken *string `locationName:"nextToken" type:"string"` - // The ID of the Verified Access group. + // Details about the Verified Access groups. VerifiedAccessGroups []*VerifiedAccessGroup `locationName:"verifiedAccessGroupSet" locationNameList:"item" type:"list"` } @@ -102825,7 +109993,7 @@ type DescribeVerifiedAccessInstanceLoggingConfigurationsInput struct { // The token for the next page of results. NextToken *string `type:"string"` - // The IDs of the Amazon Web Services Verified Access instances. + // The IDs of the Verified Access instances. VerifiedAccessInstanceIds []*string `locationName:"VerifiedAccessInstanceId" locationNameList:"item" type:"list"` } @@ -102893,8 +110061,7 @@ func (s *DescribeVerifiedAccessInstanceLoggingConfigurationsInput) SetVerifiedAc type DescribeVerifiedAccessInstanceLoggingConfigurationsOutput struct { _ struct{} `type:"structure"` - // The current logging configuration for the Amazon Web Services Verified Access - // instances. + // The logging configuration for the Verified Access instances. LoggingConfigurations []*VerifiedAccessInstanceLoggingConfiguration `locationName:"loggingConfigurationSet" locationNameList:"item" type:"list"` // The token to use to retrieve the next page of results. This value is null @@ -102951,7 +110118,7 @@ type DescribeVerifiedAccessInstancesInput struct { // The token for the next page of results. NextToken *string `type:"string"` - // The IDs of the Amazon Web Services Verified Access instances. + // The IDs of the Verified Access instances. VerifiedAccessInstanceIds []*string `locationName:"VerifiedAccessInstanceId" locationNameList:"item" type:"list"` } @@ -103023,7 +110190,7 @@ type DescribeVerifiedAccessInstancesOutput struct { // when there are no more results to return. NextToken *string `locationName:"nextToken" type:"string"` - // The IDs of the Amazon Web Services Verified Access instances. + // Details about the Verified Access instances. VerifiedAccessInstances []*VerifiedAccessInstance `locationName:"verifiedAccessInstanceSet" locationNameList:"item" type:"list"` } @@ -103076,7 +110243,7 @@ type DescribeVerifiedAccessTrustProvidersInput struct { // The token for the next page of results. NextToken *string `type:"string"` - // The IDs of the Amazon Web Services Verified Access trust providers. + // The IDs of the Verified Access trust providers. VerifiedAccessTrustProviderIds []*string `locationName:"VerifiedAccessTrustProviderId" locationNameList:"item" type:"list"` } @@ -103148,7 +110315,7 @@ type DescribeVerifiedAccessTrustProvidersOutput struct { // when there are no more results to return. NextToken *string `locationName:"nextToken" type:"string"` - // The IDs of the Amazon Web Services Verified Access trust providers. + // Details about the Verified Access trust providers. VerifiedAccessTrustProviders []*VerifiedAccessTrustProvider `locationName:"verifiedAccessTrustProviderSet" locationNameList:"item" type:"list"` } @@ -103345,20 +110512,16 @@ type DescribeVolumeStatusInput struct { // | insufficient-data). Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` - // The maximum number of volume results returned by DescribeVolumeStatus in - // paginated output. When this parameter is used, the request only returns MaxResults - // results in a single page along with a NextToken response element. The remaining - // results of the initial request can be seen by sending another request with - // the returned NextToken value. This value can be between 5 and 1,000; if MaxResults - // is given a value larger than 1,000, only 1,000 results are returned. If this - // parameter is not used, then DescribeVolumeStatus returns all results. You - // cannot specify this parameter and the volume IDs parameter in the same request. + // The maximum number of items to return for this request. To get the next page + // of items, make another request with the token returned in the output. This + // value can be between 5 and 1,000; if the value is larger than 1,000, only + // 1,000 results are returned. If this parameter is not used, then all items + // are returned. You cannot specify this parameter and the volume IDs parameter + // in the same request. For more information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination). MaxResults *int64 `type:"integer"` - // The NextToken value to include in a future DescribeVolumeStatus request. - // When the results of the request exceed MaxResults, this value can be used - // to retrieve the next page of results. This value is null when there are no - // more results to return. + // The token returned from a previous paginated request. Pagination continues + // from the end of the items returned by the previous request. NextToken *string `type:"string"` // The IDs of the volumes. @@ -103418,8 +110581,8 @@ func (s *DescribeVolumeStatusInput) SetVolumeIds(v []*string) *DescribeVolumeSta type DescribeVolumeStatusOutput struct { _ struct{} `type:"structure"` - // The token to use to retrieve the next page of results. This value is null - // when there are no more results to return. + // The token to include in another request to get the next page of items. This + // value is null when there are no more items to return. NextToken *string `locationName:"nextToken" type:"string"` // Information about the status of the volumes. @@ -103515,21 +110678,15 @@ type DescribeVolumesInput struct { // | sc1| standard) Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` - // The maximum number of volume results returned by DescribeVolumes in paginated - // output. When this parameter is used, DescribeVolumes only returns MaxResults - // results in a single page along with a NextToken response element. The remaining - // results of the initial request can be seen by sending another DescribeVolumes - // request with the returned NextToken value. This value can be between 5 and - // 500; if MaxResults is given a value larger than 500, only 500 results are - // returned. If this parameter is not used, then DescribeVolumes returns all - // results. You cannot specify this parameter and the volume IDs parameter in - // the same request. + // The maximum number of volumes to return for this request. This value can + // be between 5 and 500; if you specify a value larger than 500, only 500 items + // are returned. If this parameter is not used, then all items are returned. + // You cannot specify this parameter and the volume IDs parameter in the same + // request. For more information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination). MaxResults *int64 `locationName:"maxResults" type:"integer"` - // The NextToken value returned from a previous paginated DescribeVolumes request - // where MaxResults was used and the results exceeded the value of that parameter. - // Pagination continues from the end of the previous results that returned the - // NextToken value. This value is null when there are no more results to return. + // The token returned from a previous paginated request. Pagination continues + // from the end of the items returned from the previous request. NextToken *string `locationName:"nextToken" type:"string"` // The volume IDs. @@ -103624,10 +110781,11 @@ type DescribeVolumesModificationsInput struct { Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` // The maximum number of results (up to a limit of 500) to be returned in a - // paginated request. + // paginated request. For more information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination). MaxResults *int64 `type:"integer"` - // The nextToken value returned by a previous paginated request. + // The token returned by a previous paginated request. Pagination continues + // from the end of the items returned by the previous request. NextToken *string `type:"string"` // The IDs of the volumes. @@ -103685,7 +110843,8 @@ func (s *DescribeVolumesModificationsInput) SetVolumeIds(v []*string) *DescribeV type DescribeVolumesModificationsOutput struct { _ struct{} `type:"structure"` - // Token for pagination, null if there are no more results + // The token to include in another request to get the next page of items. This + // value is null if there are no more items to return. NextToken *string `locationName:"nextToken" type:"string"` // Information about the volume modifications. @@ -103725,10 +110884,8 @@ func (s *DescribeVolumesModificationsOutput) SetVolumesModifications(v []*Volume type DescribeVolumesOutput struct { _ struct{} `type:"structure"` - // The NextToken value to include in a future DescribeVolumes request. When - // the results of a DescribeVolumes request exceed MaxResults, this value can - // be used to retrieve the next page of results. This value is null when there - // are no more results to return. + // The token to include in another request to get the next page of items. This + // value is null when there are no more items to return. NextToken *string `locationName:"nextToken" type:"string"` // Information about the volumes. @@ -103902,14 +111059,16 @@ func (s *DescribeVpcAttributeOutput) SetVpcId(v string) *DescribeVpcAttributeOut type DescribeVpcClassicLinkDnsSupportInput struct { _ struct{} `type:"structure"` - // The maximum number of results to return with a single call. To retrieve the - // remaining results, make another call with the returned nextToken value. + // The maximum number of items to return for this request. To get the next page + // of items, make another request with the token returned in the output. For + // more information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination). MaxResults *int64 `locationName:"maxResults" min:"5" type:"integer"` - // The token for the next page of results. + // The token returned from a previous paginated request. Pagination continues + // from the end of the items returned by the previous request. NextToken *string `locationName:"nextToken" min:"1" type:"string"` - // One or more VPC IDs. + // The IDs of the VPCs. VpcIds []*string `locationNameList:"VpcId" type:"list"` } @@ -103968,8 +111127,8 @@ func (s *DescribeVpcClassicLinkDnsSupportInput) SetVpcIds(v []*string) *Describe type DescribeVpcClassicLinkDnsSupportOutput struct { _ struct{} `type:"structure"` - // The token to use to retrieve the next page of results. This value is null - // when there are no more results to return. + // The token to include in another request to get the next page of items. This + // value is null when there are no more items to return. NextToken *string `locationName:"nextToken" min:"1" type:"string"` // Information about the ClassicLink DNS support status of the VPCs. @@ -104015,7 +111174,7 @@ type DescribeVpcClassicLinkInput struct { // it is UnauthorizedOperation. DryRun *bool `locationName:"dryRun" type:"boolean"` - // One or more filters. + // The filters. // // * is-classic-link-enabled - Whether the VPC is enabled for ClassicLink // (true | false). @@ -104031,7 +111190,7 @@ type DescribeVpcClassicLinkInput struct { // the tag value. Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` - // One or more VPCs for which you want to describe the ClassicLink status. + // The VPCs for which you want to describe the ClassicLink status. VpcIds []*string `locationName:"VpcId" locationNameList:"VpcId" type:"list"` } @@ -104074,7 +111233,7 @@ func (s *DescribeVpcClassicLinkInput) SetVpcIds(v []*string) *DescribeVpcClassic type DescribeVpcClassicLinkOutput struct { _ struct{} `type:"structure"` - // The ClassicLink status of one or more VPCs. + // The ClassicLink status of the VPCs. Vpcs []*VpcClassicLink `locationName:"vpcSet" locationNameList:"item" type:"list"` } @@ -104114,7 +111273,7 @@ type DescribeVpcEndpointConnectionNotificationsInput struct { // it is UnauthorizedOperation. DryRun *bool `type:"boolean"` - // One or more filters. + // The filters. // // * connection-notification-arn - The ARN of the SNS topic for the notification. // @@ -104189,7 +111348,7 @@ func (s *DescribeVpcEndpointConnectionNotificationsInput) SetNextToken(v string) type DescribeVpcEndpointConnectionNotificationsOutput struct { _ struct{} `type:"structure"` - // One or more notifications. + // The notifications. ConnectionNotificationSet []*ConnectionNotification `locationName:"connectionNotificationSet" locationNameList:"item" type:"list"` // The token to use to retrieve the next page of results. This value is null @@ -104236,7 +111395,7 @@ type DescribeVpcEndpointConnectionsInput struct { // it is UnauthorizedOperation. DryRun *bool `type:"boolean"` - // One or more filters. + // The filters. // // * ip-address-type - The IP address type (ipv4 | ipv6). // @@ -104311,7 +111470,7 @@ type DescribeVpcEndpointConnectionsOutput struct { // when there are no more results to return. NextToken *string `locationName:"nextToken" type:"string"` - // Information about one or more VPC endpoint connections. + // Information about the VPC endpoint connections. VpcEndpointConnections []*VpcEndpointConnection `locationName:"vpcEndpointConnectionSet" locationNameList:"item" type:"list"` } @@ -104354,7 +111513,7 @@ type DescribeVpcEndpointServiceConfigurationsInput struct { // it is UnauthorizedOperation. DryRun *bool `type:"boolean"` - // One or more filters. + // The filters. // // * service-name - The name of the service. // @@ -104386,7 +111545,7 @@ type DescribeVpcEndpointServiceConfigurationsInput struct { // The token to retrieve the next page of results. NextToken *string `type:"string"` - // The IDs of one or more services. + // The IDs of the endpoint services. ServiceIds []*string `locationName:"ServiceId" locationNameList:"item" type:"list"` } @@ -104445,7 +111604,7 @@ type DescribeVpcEndpointServiceConfigurationsOutput struct { // when there are no more results to return. NextToken *string `locationName:"nextToken" type:"string"` - // Information about one or more services. + // Information about the services. ServiceConfigurations []*ServiceConfiguration `locationName:"serviceConfigurationSet" locationNameList:"item" type:"list"` } @@ -104488,7 +111647,7 @@ type DescribeVpcEndpointServicePermissionsInput struct { // it is UnauthorizedOperation. DryRun *bool `type:"boolean"` - // One or more filters. + // The filters. // // * principal - The ARN of the principal. // @@ -104576,7 +111735,7 @@ func (s *DescribeVpcEndpointServicePermissionsInput) SetServiceId(v string) *Des type DescribeVpcEndpointServicePermissionsOutput struct { _ struct{} `type:"structure"` - // Information about one or more allowed principals. + // Information about the allowed principals. AllowedPrincipals []*AllowedPrincipal `locationName:"allowedPrincipals" locationNameList:"item" type:"list"` // The token to use to retrieve the next page of results. This value is null @@ -104614,7 +111773,6 @@ func (s *DescribeVpcEndpointServicePermissionsOutput) SetNextToken(v string) *De return s } -// Contains the parameters for DescribeVpcEndpointServices. type DescribeVpcEndpointServicesInput struct { _ struct{} `type:"structure"` @@ -104624,7 +111782,7 @@ type DescribeVpcEndpointServicesInput struct { // it is UnauthorizedOperation. DryRun *bool `type:"boolean"` - // One or more filters. + // The filters. // // * owner - The ID or alias of the Amazon Web Services account that owns // the service. @@ -104657,7 +111815,7 @@ type DescribeVpcEndpointServicesInput struct { // a prior call.) NextToken *string `type:"string"` - // One or more service names. + // The service names. ServiceNames []*string `locationName:"ServiceName" locationNameList:"item" type:"list"` } @@ -104709,7 +111867,6 @@ func (s *DescribeVpcEndpointServicesInput) SetServiceNames(v []*string) *Describ return s } -// Contains the output of DescribeVpcEndpointServices. type DescribeVpcEndpointServicesOutput struct { _ struct{} `type:"structure"` @@ -104720,7 +111877,7 @@ type DescribeVpcEndpointServicesOutput struct { // Information about the service. ServiceDetails []*ServiceDetail `locationName:"serviceDetailSet" locationNameList:"item" type:"list"` - // A list of supported services. + // The supported services. ServiceNames []*string `locationName:"serviceNameSet" locationNameList:"item" type:"list"` } @@ -104760,7 +111917,6 @@ func (s *DescribeVpcEndpointServicesOutput) SetServiceNames(v []*string) *Descri return s } -// Contains the parameters for DescribeVpcEndpoints. type DescribeVpcEndpointsInput struct { _ struct{} `type:"structure"` @@ -104770,7 +111926,7 @@ type DescribeVpcEndpointsInput struct { // it is UnauthorizedOperation. DryRun *bool `type:"boolean"` - // One or more filters. + // The filters. // // * ip-address-type - The IP address type (ipv4 | ipv6). // @@ -104808,7 +111964,7 @@ type DescribeVpcEndpointsInput struct { // a prior call.) NextToken *string `type:"string"` - // One or more endpoint IDs. + // The IDs of the VPC endpoints. VpcEndpointIds []*string `locationName:"VpcEndpointId" locationNameList:"item" type:"list"` } @@ -104860,7 +112016,6 @@ func (s *DescribeVpcEndpointsInput) SetVpcEndpointIds(v []*string) *DescribeVpcE return s } -// Contains the output of DescribeVpcEndpoints. type DescribeVpcEndpointsOutput struct { _ struct{} `type:"structure"` @@ -104911,7 +112066,7 @@ type DescribeVpcPeeringConnectionsInput struct { // it is UnauthorizedOperation. DryRun *bool `locationName:"dryRun" type:"boolean"` - // One or more filters. + // The filters. // // * accepter-vpc-info.cidr-block - The IPv4 CIDR block of the accepter VPC. // @@ -104949,14 +112104,16 @@ type DescribeVpcPeeringConnectionsInput struct { // * vpc-peering-connection-id - The ID of the VPC peering connection. Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` - // The maximum number of results to return with a single call. To retrieve the - // remaining results, make another call with the returned nextToken value. + // The maximum number of items to return for this request. To get the next page + // of items, make another request with the token returned in the output. For + // more information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination). MaxResults *int64 `min:"5" type:"integer"` - // The token for the next page of results. + // The token returned from a previous paginated request. Pagination continues + // from the end of the items returned by the previous request. NextToken *string `type:"string"` - // One or more VPC peering connection IDs. + // The IDs of the VPC peering connections. // // Default: Describes all your VPC peering connections. VpcPeeringConnectionIds []*string `locationName:"VpcPeeringConnectionId" locationNameList:"item" type:"list"` @@ -105026,8 +112183,8 @@ func (s *DescribeVpcPeeringConnectionsInput) SetVpcPeeringConnectionIds(v []*str type DescribeVpcPeeringConnectionsOutput struct { _ struct{} `type:"structure"` - // The token to use to retrieve the next page of results. This value is null - // when there are no more results to return. + // The token to include in another request to get the next page of items. This + // value is null when there are no more items to return. NextToken *string `locationName:"nextToken" type:"string"` // Information about the VPC peering connections. @@ -105073,7 +112230,7 @@ type DescribeVpcsInput struct { // it is UnauthorizedOperation. DryRun *bool `locationName:"dryRun" type:"boolean"` - // One or more filters. + // The filters. // // * cidr - The primary IPv4 CIDR block of the VPC. The CIDR block you specify // must exactly match the VPC's CIDR block for information to be returned @@ -105122,14 +112279,16 @@ type DescribeVpcsInput struct { // * vpc-id - The ID of the VPC. Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` - // The maximum number of results to return with a single call. To retrieve the - // remaining results, make another call with the returned nextToken value. + // The maximum number of items to return for this request. To get the next page + // of items, make another request with the token returned in the output. For + // more information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination). MaxResults *int64 `min:"5" type:"integer"` - // The token for the next page of results. + // The token returned from a previous paginated request. Pagination continues + // from the end of the items returned by the previous request. NextToken *string `type:"string"` - // One or more VPC IDs. + // The IDs of the VPCs. // // Default: Describes all your VPCs. VpcIds []*string `locationName:"VpcId" locationNameList:"VpcId" type:"list"` @@ -105199,8 +112358,8 @@ func (s *DescribeVpcsInput) SetVpcIds(v []*string) *DescribeVpcsInput { type DescribeVpcsOutput struct { _ struct{} `type:"structure"` - // The token to use to retrieve the next page of results. This value is null - // when there are no more results to return. + // The token to include in another request to get the next page of items. This + // value is null when there are no more items to return. NextToken *string `locationName:"nextToken" type:"string"` // Information about one or more VPCs. @@ -105897,12 +113056,12 @@ type DetachVerifiedAccessTrustProviderInput struct { // it is UnauthorizedOperation. DryRun *bool `type:"boolean"` - // The ID of the Amazon Web Services Verified Access instance. + // The ID of the Verified Access instance. // // VerifiedAccessInstanceId is a required field VerifiedAccessInstanceId *string `type:"string" required:"true"` - // The ID of the Amazon Web Services Verified Access trust provider. + // The ID of the Verified Access trust provider. // // VerifiedAccessTrustProviderId is a required field VerifiedAccessTrustProviderId *string `type:"string" required:"true"` @@ -105969,10 +113128,10 @@ func (s *DetachVerifiedAccessTrustProviderInput) SetVerifiedAccessTrustProviderI type DetachVerifiedAccessTrustProviderOutput struct { _ struct{} `type:"structure"` - // The ID of the Amazon Web Services Verified Access instance. + // Details about the Verified Access instance. VerifiedAccessInstance *VerifiedAccessInstance `locationName:"verifiedAccessInstance" type:"structure"` - // The ID of the Amazon Web Services Verified Access trust provider. + // Details about the Verified Access trust provider. VerifiedAccessTrustProvider *VerifiedAccessTrustProvider `locationName:"verifiedAccessTrustProvider" type:"structure"` } @@ -106193,11 +113352,15 @@ func (s DetachVpnGatewayOutput) GoString() string { return s.String() } -// Options for an Amazon Web Services Verified Access device-identity based -// trust provider. +// Describes the options for an Amazon Web Services Verified Access device-identity +// based trust provider. type DeviceOptions struct { _ struct{} `type:"structure"` + // The URL Amazon Web Services Verified Access will use to verify the authenticity + // of the device tokens. + PublicSigningKeyUrl *string `locationName:"publicSigningKeyUrl" type:"string"` + // The ID of the tenant application with the device-identity provider. TenantId *string `locationName:"tenantId" type:"string"` } @@ -106220,6 +113383,12 @@ func (s DeviceOptions) GoString() string { return s.String() } +// SetPublicSigningKeyUrl sets the PublicSigningKeyUrl field's value. +func (s *DeviceOptions) SetPublicSigningKeyUrl(v string) *DeviceOptions { + s.PublicSigningKeyUrl = &v + return s +} + // SetTenantId sets the TenantId field's value. func (s *DeviceOptions) SetTenantId(v string) *DeviceOptions { s.TenantId = &v @@ -106233,7 +113402,7 @@ type DhcpConfiguration struct { // The name of a DHCP option. Key *string `locationName:"key" type:"string"` - // One or more values for the DHCP option. + // The values for the DHCP option. Values []*AttributeValue `locationName:"valueSet" locationNameList:"item" type:"list"` } @@ -106267,11 +113436,11 @@ func (s *DhcpConfiguration) SetValues(v []*AttributeValue) *DhcpConfiguration { return s } -// Describes a set of DHCP options. +// The set of DHCP options. type DhcpOptions struct { _ struct{} `type:"structure"` - // One or more DHCP options in the set. + // The DHCP options in the set. DhcpConfigurations []*DhcpConfiguration `locationName:"dhcpConfigurationSet" locationNameList:"item" type:"list"` // The ID of the set of DHCP options. @@ -106656,13 +113825,12 @@ type DisableFastLaunchInput struct { // it is UnauthorizedOperation. DryRun *bool `type:"boolean"` - // Forces the image settings to turn off faster launching for your Windows AMI. - // This parameter overrides any errors that are encountered while cleaning up - // resources in your account. + // Forces the image settings to turn off Windows fast launch for your Windows + // AMI. This parameter overrides any errors that are encountered while cleaning + // up resources in your account. Force *bool `type:"boolean"` - // The ID of the image for which you’re turning off faster launching, and - // removing pre-provisioned snapshots. + // Specify the ID of the image for which to disable Windows fast launch. // // ImageId is a required field ImageId *string `type:"string" required:"true"` @@ -106720,34 +113888,36 @@ func (s *DisableFastLaunchInput) SetImageId(v string) *DisableFastLaunchInput { type DisableFastLaunchOutput struct { _ struct{} `type:"structure"` - // The ID of the image for which faster-launching has been turned off. + // The ID of the image for which Windows fast launch was disabled. ImageId *string `locationName:"imageId" type:"string"` // The launch template that was used to launch Windows instances from pre-provisioned // snapshots. LaunchTemplate *FastLaunchLaunchTemplateSpecificationResponse `locationName:"launchTemplate" type:"structure"` - // The maximum number of parallel instances to launch for creating resources. + // The maximum number of instances that Amazon EC2 can launch at the same time + // to create pre-provisioned snapshots for Windows fast launch. MaxParallelLaunches *int64 `locationName:"maxParallelLaunches" type:"integer"` - // The owner of the Windows AMI for which faster launching was turned off. + // The owner of the Windows AMI for which Windows fast launch was disabled. OwnerId *string `locationName:"ownerId" type:"string"` // The pre-provisioning resource type that must be cleaned after turning off - // faster launching for the Windows AMI. Supported values include: snapshot. + // Windows fast launch for the Windows AMI. Supported values include: snapshot. ResourceType *string `locationName:"resourceType" type:"string" enum:"FastLaunchResourceType"` - // Parameters that were used for faster launching for the Windows AMI before - // faster launching was turned off. This informs the clean-up process. + // Parameters that were used for Windows fast launch for the Windows AMI before + // Windows fast launch was disabled. This informs the clean-up process. SnapshotConfiguration *FastLaunchSnapshotConfigurationResponse `locationName:"snapshotConfiguration" type:"structure"` - // The current state of faster launching for the specified Windows AMI. + // The current state of Windows fast launch for the specified Windows AMI. State *string `locationName:"state" type:"string" enum:"FastLaunchStateCode"` - // The reason that the state changed for faster launching for the Windows AMI. + // The reason that the state changed for Windows fast launch for the Windows + // AMI. StateTransitionReason *string `locationName:"stateTransitionReason" type:"string"` - // The time that the state changed for faster launching for the Windows AMI. + // The time that the state changed for Windows fast launch for the Windows AMI. StateTransitionTime *time.Time `locationName:"stateTransitionTime" type:"timestamp"` } @@ -107192,6 +114362,71 @@ func (s *DisableFastSnapshotRestoresOutput) SetUnsuccessful(v []*DisableFastSnap return s } +type DisableImageBlockPublicAccessInput struct { + _ struct{} `type:"structure"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DisableImageBlockPublicAccessInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DisableImageBlockPublicAccessInput) GoString() string { + return s.String() +} + +// SetDryRun sets the DryRun field's value. +func (s *DisableImageBlockPublicAccessInput) SetDryRun(v bool) *DisableImageBlockPublicAccessInput { + s.DryRun = &v + return s +} + +type DisableImageBlockPublicAccessOutput struct { + _ struct{} `type:"structure"` + + // Returns unblocked if the request succeeds; otherwise, it returns an error. + ImageBlockPublicAccessState *string `locationName:"imageBlockPublicAccessState" type:"string" enum:"ImageBlockPublicAccessDisabledState"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DisableImageBlockPublicAccessOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DisableImageBlockPublicAccessOutput) GoString() string { + return s.String() +} + +// SetImageBlockPublicAccessState sets the ImageBlockPublicAccessState field's value. +func (s *DisableImageBlockPublicAccessOutput) SetImageBlockPublicAccessState(v string) *DisableImageBlockPublicAccessOutput { + s.ImageBlockPublicAccessState = &v + return s +} + type DisableImageDeprecationInput struct { _ struct{} `type:"structure"` @@ -107281,6 +114516,95 @@ func (s *DisableImageDeprecationOutput) SetReturn(v bool) *DisableImageDeprecati return s } +type DisableImageInput struct { + _ struct{} `type:"structure"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The ID of the AMI. + // + // ImageId is a required field + ImageId *string `type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DisableImageInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DisableImageInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DisableImageInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DisableImageInput"} + if s.ImageId == nil { + invalidParams.Add(request.NewErrParamRequired("ImageId")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDryRun sets the DryRun field's value. +func (s *DisableImageInput) SetDryRun(v bool) *DisableImageInput { + s.DryRun = &v + return s +} + +// SetImageId sets the ImageId field's value. +func (s *DisableImageInput) SetImageId(v string) *DisableImageInput { + s.ImageId = &v + return s +} + +type DisableImageOutput struct { + _ struct{} `type:"structure"` + + // Returns true if the request succeeds; otherwise, it returns an error. + Return *bool `locationName:"return" type:"boolean"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DisableImageOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DisableImageOutput) GoString() string { + return s.String() +} + +// SetReturn sets the Return field's value. +func (s *DisableImageOutput) SetReturn(v bool) *DisableImageOutput { + s.Return = &v + return s +} + type DisableIpamOrganizationAdminAccountInput struct { _ struct{} `type:"structure"` @@ -107437,6 +114761,71 @@ func (s *DisableSerialConsoleAccessOutput) SetSerialConsoleAccessEnabled(v bool) return s } +type DisableSnapshotBlockPublicAccessInput struct { + _ struct{} `type:"structure"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DisableSnapshotBlockPublicAccessInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DisableSnapshotBlockPublicAccessInput) GoString() string { + return s.String() +} + +// SetDryRun sets the DryRun field's value. +func (s *DisableSnapshotBlockPublicAccessInput) SetDryRun(v bool) *DisableSnapshotBlockPublicAccessInput { + s.DryRun = &v + return s +} + +type DisableSnapshotBlockPublicAccessOutput struct { + _ struct{} `type:"structure"` + + // Returns unblocked if the request succeeds. + State *string `locationName:"state" type:"string" enum:"SnapshotBlockPublicAccessState"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DisableSnapshotBlockPublicAccessOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DisableSnapshotBlockPublicAccessOutput) GoString() string { + return s.String() +} + +// SetState sets the State field's value. +func (s *DisableSnapshotBlockPublicAccessOutput) SetState(v string) *DisableSnapshotBlockPublicAccessOutput { + s.State = &v + return s +} + type DisableTransitGatewayRouteTablePropagationInput struct { _ struct{} `type:"structure"` @@ -107793,7 +115182,7 @@ func (s *DisableVpcClassicLinkOutput) SetReturn(v bool) *DisableVpcClassicLinkOu type DisassociateAddressInput struct { _ struct{} `type:"structure"` - // [EC2-VPC] The association ID. Required for EC2-VPC. + // The association ID. This parameter is required. AssociationId *string `type:"string"` // Checks whether you have the required permissions for the action, without @@ -107802,7 +115191,7 @@ type DisassociateAddressInput struct { // it is UnauthorizedOperation. DryRun *bool `locationName:"dryRun" type:"boolean"` - // [EC2-Classic] The Elastic IP address. Required for EC2-Classic. + // Deprecated. PublicIp *string `type:"string"` } @@ -107980,7 +115369,9 @@ type DisassociateEnclaveCertificateIamRoleInput struct { _ struct{} `type:"structure"` // The ARN of the ACM certificate from which to disassociate the IAM role. - CertificateArn *string `min:"1" type:"string"` + // + // CertificateArn is a required field + CertificateArn *string `type:"string" required:"true"` // Checks whether you have the required permissions for the action, without // actually making the request, and provides an error response. If you have @@ -107989,7 +115380,9 @@ type DisassociateEnclaveCertificateIamRoleInput struct { DryRun *bool `type:"boolean"` // The ARN of the IAM role to disassociate. - RoleArn *string `min:"1" type:"string"` + // + // RoleArn is a required field + RoleArn *string `type:"string" required:"true"` } // String returns the string representation. @@ -108013,11 +115406,11 @@ func (s DisassociateEnclaveCertificateIamRoleInput) GoString() string { // Validate inspects the fields of the type to determine if they are valid. func (s *DisassociateEnclaveCertificateIamRoleInput) Validate() error { invalidParams := request.ErrInvalidParams{Context: "DisassociateEnclaveCertificateIamRoleInput"} - if s.CertificateArn != nil && len(*s.CertificateArn) < 1 { - invalidParams.Add(request.NewErrParamMinLen("CertificateArn", 1)) + if s.CertificateArn == nil { + invalidParams.Add(request.NewErrParamRequired("CertificateArn")) } - if s.RoleArn != nil && len(*s.RoleArn) < 1 { - invalidParams.Add(request.NewErrParamMinLen("RoleArn", 1)) + if s.RoleArn == nil { + invalidParams.Add(request.NewErrParamRequired("RoleArn")) } if invalidParams.Len() > 0 { @@ -108255,6 +115648,324 @@ func (s *DisassociateInstanceEventWindowOutput) SetInstanceEventWindow(v *Instan return s } +type DisassociateIpamByoasnInput struct { + _ struct{} `type:"structure"` + + // A public 2-byte or 4-byte ASN. + // + // Asn is a required field + Asn *string `type:"string" required:"true"` + + // A BYOIP CIDR. + // + // Cidr is a required field + Cidr *string `type:"string" required:"true"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DisassociateIpamByoasnInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DisassociateIpamByoasnInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DisassociateIpamByoasnInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DisassociateIpamByoasnInput"} + if s.Asn == nil { + invalidParams.Add(request.NewErrParamRequired("Asn")) + } + if s.Cidr == nil { + invalidParams.Add(request.NewErrParamRequired("Cidr")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetAsn sets the Asn field's value. +func (s *DisassociateIpamByoasnInput) SetAsn(v string) *DisassociateIpamByoasnInput { + s.Asn = &v + return s +} + +// SetCidr sets the Cidr field's value. +func (s *DisassociateIpamByoasnInput) SetCidr(v string) *DisassociateIpamByoasnInput { + s.Cidr = &v + return s +} + +// SetDryRun sets the DryRun field's value. +func (s *DisassociateIpamByoasnInput) SetDryRun(v bool) *DisassociateIpamByoasnInput { + s.DryRun = &v + return s +} + +type DisassociateIpamByoasnOutput struct { + _ struct{} `type:"structure"` + + // An ASN and BYOIP CIDR association. + AsnAssociation *AsnAssociation `locationName:"asnAssociation" type:"structure"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DisassociateIpamByoasnOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DisassociateIpamByoasnOutput) GoString() string { + return s.String() +} + +// SetAsnAssociation sets the AsnAssociation field's value. +func (s *DisassociateIpamByoasnOutput) SetAsnAssociation(v *AsnAssociation) *DisassociateIpamByoasnOutput { + s.AsnAssociation = v + return s +} + +type DisassociateIpamResourceDiscoveryInput struct { + _ struct{} `type:"structure"` + + // A check for whether you have the required permissions for the action without + // actually making the request and provides an error response. If you have the + // required permissions, the error response is DryRunOperation. Otherwise, it + // is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // A resource discovery association ID. + // + // IpamResourceDiscoveryAssociationId is a required field + IpamResourceDiscoveryAssociationId *string `type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DisassociateIpamResourceDiscoveryInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DisassociateIpamResourceDiscoveryInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DisassociateIpamResourceDiscoveryInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DisassociateIpamResourceDiscoveryInput"} + if s.IpamResourceDiscoveryAssociationId == nil { + invalidParams.Add(request.NewErrParamRequired("IpamResourceDiscoveryAssociationId")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDryRun sets the DryRun field's value. +func (s *DisassociateIpamResourceDiscoveryInput) SetDryRun(v bool) *DisassociateIpamResourceDiscoveryInput { + s.DryRun = &v + return s +} + +// SetIpamResourceDiscoveryAssociationId sets the IpamResourceDiscoveryAssociationId field's value. +func (s *DisassociateIpamResourceDiscoveryInput) SetIpamResourceDiscoveryAssociationId(v string) *DisassociateIpamResourceDiscoveryInput { + s.IpamResourceDiscoveryAssociationId = &v + return s +} + +type DisassociateIpamResourceDiscoveryOutput struct { + _ struct{} `type:"structure"` + + // A resource discovery association. + IpamResourceDiscoveryAssociation *IpamResourceDiscoveryAssociation `locationName:"ipamResourceDiscoveryAssociation" type:"structure"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DisassociateIpamResourceDiscoveryOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DisassociateIpamResourceDiscoveryOutput) GoString() string { + return s.String() +} + +// SetIpamResourceDiscoveryAssociation sets the IpamResourceDiscoveryAssociation field's value. +func (s *DisassociateIpamResourceDiscoveryOutput) SetIpamResourceDiscoveryAssociation(v *IpamResourceDiscoveryAssociation) *DisassociateIpamResourceDiscoveryOutput { + s.IpamResourceDiscoveryAssociation = v + return s +} + +type DisassociateNatGatewayAddressInput struct { + _ struct{} `type:"structure"` + + // The association IDs of EIPs that have been associated with the NAT gateway. + // + // AssociationIds is a required field + AssociationIds []*string `locationName:"AssociationId" locationNameList:"item" type:"list" required:"true"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The maximum amount of time to wait (in seconds) before forcibly releasing + // the IP addresses if connections are still in progress. Default value is 350 + // seconds. + MaxDrainDurationSeconds *int64 `min:"1" type:"integer"` + + // The ID of the NAT gateway. + // + // NatGatewayId is a required field + NatGatewayId *string `type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DisassociateNatGatewayAddressInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DisassociateNatGatewayAddressInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *DisassociateNatGatewayAddressInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DisassociateNatGatewayAddressInput"} + if s.AssociationIds == nil { + invalidParams.Add(request.NewErrParamRequired("AssociationIds")) + } + if s.MaxDrainDurationSeconds != nil && *s.MaxDrainDurationSeconds < 1 { + invalidParams.Add(request.NewErrParamMinValue("MaxDrainDurationSeconds", 1)) + } + if s.NatGatewayId == nil { + invalidParams.Add(request.NewErrParamRequired("NatGatewayId")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetAssociationIds sets the AssociationIds field's value. +func (s *DisassociateNatGatewayAddressInput) SetAssociationIds(v []*string) *DisassociateNatGatewayAddressInput { + s.AssociationIds = v + return s +} + +// SetDryRun sets the DryRun field's value. +func (s *DisassociateNatGatewayAddressInput) SetDryRun(v bool) *DisassociateNatGatewayAddressInput { + s.DryRun = &v + return s +} + +// SetMaxDrainDurationSeconds sets the MaxDrainDurationSeconds field's value. +func (s *DisassociateNatGatewayAddressInput) SetMaxDrainDurationSeconds(v int64) *DisassociateNatGatewayAddressInput { + s.MaxDrainDurationSeconds = &v + return s +} + +// SetNatGatewayId sets the NatGatewayId field's value. +func (s *DisassociateNatGatewayAddressInput) SetNatGatewayId(v string) *DisassociateNatGatewayAddressInput { + s.NatGatewayId = &v + return s +} + +type DisassociateNatGatewayAddressOutput struct { + _ struct{} `type:"structure"` + + // Information about the NAT gateway IP addresses. + NatGatewayAddresses []*NatGatewayAddress `locationName:"natGatewayAddressSet" locationNameList:"item" type:"list"` + + // The ID of the NAT gateway. + NatGatewayId *string `locationName:"natGatewayId" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DisassociateNatGatewayAddressOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s DisassociateNatGatewayAddressOutput) GoString() string { + return s.String() +} + +// SetNatGatewayAddresses sets the NatGatewayAddresses field's value. +func (s *DisassociateNatGatewayAddressOutput) SetNatGatewayAddresses(v []*NatGatewayAddress) *DisassociateNatGatewayAddressOutput { + s.NatGatewayAddresses = v + return s +} + +// SetNatGatewayId sets the NatGatewayId field's value. +func (s *DisassociateNatGatewayAddressOutput) SetNatGatewayId(v string) *DisassociateNatGatewayAddressOutput { + s.NatGatewayId = &v + return s +} + type DisassociateRouteTableInput struct { _ struct{} `type:"structure"` @@ -108432,13 +116143,19 @@ type DisassociateTransitGatewayMulticastDomainInput struct { DryRun *bool `type:"boolean"` // The IDs of the subnets; - SubnetIds []*string `locationNameList:"item" type:"list"` + // + // SubnetIds is a required field + SubnetIds []*string `locationNameList:"item" type:"list" required:"true"` // The ID of the attachment. - TransitGatewayAttachmentId *string `type:"string"` + // + // TransitGatewayAttachmentId is a required field + TransitGatewayAttachmentId *string `type:"string" required:"true"` // The ID of the transit gateway multicast domain. - TransitGatewayMulticastDomainId *string `type:"string"` + // + // TransitGatewayMulticastDomainId is a required field + TransitGatewayMulticastDomainId *string `type:"string" required:"true"` } // String returns the string representation. @@ -108459,6 +116176,25 @@ func (s DisassociateTransitGatewayMulticastDomainInput) GoString() string { return s.String() } +// Validate inspects the fields of the type to determine if they are valid. +func (s *DisassociateTransitGatewayMulticastDomainInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "DisassociateTransitGatewayMulticastDomainInput"} + if s.SubnetIds == nil { + invalidParams.Add(request.NewErrParamRequired("SubnetIds")) + } + if s.TransitGatewayAttachmentId == nil { + invalidParams.Add(request.NewErrParamRequired("TransitGatewayAttachmentId")) + } + if s.TransitGatewayMulticastDomainId == nil { + invalidParams.Add(request.NewErrParamRequired("TransitGatewayMulticastDomainId")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + // SetDryRun sets the DryRun field's value. func (s *DisassociateTransitGatewayMulticastDomainInput) SetDryRun(v bool) *DisassociateTransitGatewayMulticastDomainInput { s.DryRun = &v @@ -109013,7 +116749,11 @@ type DiskImageDescription struct { // // For information about the import manifest referenced by this API action, // see VM Import Manifest (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/manifest.html). - ImportManifestUrl *string `locationName:"importManifestUrl" type:"string"` + // + // ImportManifestUrl is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by DiskImageDescription's + // String and GoString methods. + ImportManifestUrl *string `locationName:"importManifestUrl" type:"string" sensitive:"true"` // The size of the disk image, in GiB. Size *int64 `locationName:"size" type:"long"` @@ -109084,8 +116824,12 @@ type DiskImageDetail struct { // For information about the import manifest referenced by this API action, // see VM Import Manifest (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/manifest.html). // + // ImportManifestUrl is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by DiskImageDetail's + // String and GoString methods. + // // ImportManifestUrl is a required field - ImportManifestUrl *string `locationName:"importManifestUrl" type:"string" required:"true"` + ImportManifestUrl *string `locationName:"importManifestUrl" type:"string" required:"true" sensitive:"true"` } // String returns the string representation. @@ -109281,6 +117025,9 @@ type DnsOptions struct { // The DNS records created for the endpoint. DnsRecordIpType *string `locationName:"dnsRecordIpType" type:"string" enum:"DnsRecordIpType"` + + // Indicates whether to enable private DNS only for inbound endpoints. + PrivateDnsOnlyForInboundResolverEndpoint *bool `locationName:"privateDnsOnlyForInboundResolverEndpoint" type:"boolean"` } // String returns the string representation. @@ -109307,12 +117054,24 @@ func (s *DnsOptions) SetDnsRecordIpType(v string) *DnsOptions { return s } +// SetPrivateDnsOnlyForInboundResolverEndpoint sets the PrivateDnsOnlyForInboundResolverEndpoint field's value. +func (s *DnsOptions) SetPrivateDnsOnlyForInboundResolverEndpoint(v bool) *DnsOptions { + s.PrivateDnsOnlyForInboundResolverEndpoint = &v + return s +} + // Describes the DNS options for an endpoint. type DnsOptionsSpecification struct { _ struct{} `type:"structure"` // The DNS records created for the endpoint. DnsRecordIpType *string `type:"string" enum:"DnsRecordIpType"` + + // Indicates whether to enable private DNS only for inbound endpoints. This + // option is available only for services that support both gateway and interface + // endpoints. It routes traffic that originates from the VPC to the gateway + // endpoint and traffic that originates from on-premises to the interface endpoint. + PrivateDnsOnlyForInboundResolverEndpoint *bool `type:"boolean"` } // String returns the string representation. @@ -109339,6 +117098,12 @@ func (s *DnsOptionsSpecification) SetDnsRecordIpType(v string) *DnsOptionsSpecif return s } +// SetPrivateDnsOnlyForInboundResolverEndpoint sets the PrivateDnsOnlyForInboundResolverEndpoint field's value. +func (s *DnsOptionsSpecification) SetPrivateDnsOnlyForInboundResolverEndpoint(v bool) *DnsOptionsSpecification { + s.PrivateDnsOnlyForInboundResolverEndpoint = &v + return s +} + // Information about the DNS server to be used. type DnsServersOptionsModifyStructure struct { _ struct{} `type:"structure"` @@ -109397,15 +117162,40 @@ type EbsBlockDevice struct { // being restored from a backing snapshot. The effect of setting the encryption // state to true depends on the volume origin (new or from a snapshot), starting // encryption state, ownership, and whether encryption by default is enabled. - // For more information, see Amazon EBS encryption (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html#encryption-parameters) - // in the Amazon EC2 User Guide. + // For more information, see Amazon EBS encryption (https://docs.aws.amazon.com/ebs/latest/userguide/ebs-encryption.html#encryption-parameters) + // in the Amazon EBS User Guide. // // In no case can you remove encryption from an encrypted volume. // // Encrypted volumes can only be attached to instances that support Amazon EBS - // encryption. For more information, see Supported instance types (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html#EBSEncryption_supported_instances). - // - // This parameter is not returned by DescribeImageAttribute (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeImageAttribute.html). + // encryption. For more information, see Supported instance types (https://docs.aws.amazon.com/ebs/latest/userguide/ebs-encryption-requirements.html#ebs-encryption_supported_instances). + // + // This parameter is not returned by DescribeImageAttribute. + // + // For CreateImage and RegisterImage, whether you can include this parameter, + // and the allowed values differ depending on the type of block device mapping + // you are creating. + // + // * If you are creating a block device mapping for a new (empty) volume, + // you can include this parameter, and specify either true for an encrypted + // volume, or false for an unencrypted volume. If you omit this parameter, + // it defaults to false (unencrypted). + // + // * If you are creating a block device mapping from an existing encrypted + // or unencrypted snapshot, you must omit this parameter. If you include + // this parameter, the request will fail, regardless of the value that you + // specify. + // + // * If you are creating a block device mapping from an existing unencrypted + // volume, you can include this parameter, but you must specify false. If + // you specify true, the request will fail. In this case, we recommend that + // you omit the parameter. + // + // * If you are creating a block device mapping from an existing encrypted + // volume, you can include this parameter, and specify either true or false. + // However, if you specify false, the parameter is ignored and the block + // device mapping is always encrypted. In this case, we recommend that you + // omit the parameter. Encrypted *bool `locationName:"encrypted" type:"boolean"` // The number of I/O operations per second (IOPS). For gp3, io1, and io2 volumes, @@ -109415,19 +117205,18 @@ type EbsBlockDevice struct { // // The following are the supported values for each volume type: // - // * gp3: 3,000-16,000 IOPS + // * gp3: 3,000 - 16,000 IOPS // - // * io1: 100-64,000 IOPS + // * io1: 100 - 64,000 IOPS // - // * io2: 100-64,000 IOPS + // * io2: 100 - 256,000 IOPS // - // For io1 and io2 volumes, we guarantee 64,000 IOPS only for Instances built - // on the Nitro System (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html#ec2-nitro-instances). - // Other instance families guarantee performance up to 32,000 IOPS. + // For io2 volumes, you can achieve up to 256,000 IOPS on instances built on + // the Nitro System (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html#ec2-nitro-instances). + // On other instances, you can achieve performance up to 32,000 IOPS. // // This parameter is required for io1 and io2 volumes. The default for gp3 volumes - // is 3,000 IOPS. This parameter is not supported for gp2, st1, sc1, or standard - // volumes. + // is 3,000 IOPS. Iops *int64 `locationName:"iops" type:"integer"` // Identifier (key ID, key alias, ID ARN, or alias ARN) for a customer managed @@ -109441,8 +117230,7 @@ type EbsBlockDevice struct { // The ARN of the Outpost on which the snapshot is stored. // - // This parameter is only supported on BlockDeviceMapping objects called by - // CreateImage (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateImage.html). + // This parameter is not supported when using CreateImage (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateImage.html). OutpostArn *string `locationName:"outpostArn" type:"string"` // The ID of the snapshot. @@ -109460,20 +117248,21 @@ type EbsBlockDevice struct { // You can specify a volume size that is equal to or larger than the snapshot // size. // - // The following are the supported volumes sizes for each volume type: + // The following are the supported sizes for each volume type: + // + // * gp2 and gp3: 1 - 16,384 GiB // - // * gp2 and gp3:1-16,384 + // * io1: 4 - 16,384 GiB // - // * io1 and io2: 4-16,384 + // * io2: 4 - 65,536 GiB // - // * st1 and sc1: 125-16,384 + // * st1 and sc1: 125 - 16,384 GiB // - // * standard: 1-1,024 + // * standard: 1 - 1024 GiB VolumeSize *int64 `locationName:"volumeSize" type:"integer"` - // The volume type. For more information, see Amazon EBS volume types (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html) - // in the Amazon EC2 User Guide. If the volume type is io1 or io2, you must - // specify the IOPS that the volume supports. + // The volume type. For more information, see Amazon EBS volume types (https://docs.aws.amazon.com/ebs/latest/userguide/ebs-volume-types.html) + // in the Amazon EBS User Guide. VolumeType *string `locationName:"volumeType" type:"string" enum:"VolumeType"` } @@ -109614,6 +117403,9 @@ func (s *EbsInfo) SetNvmeSupport(v string) *EbsInfo { type EbsInstanceBlockDevice struct { _ struct{} `type:"structure"` + // The ARN of the Amazon ECS or Fargate task to which the volume is attached. + AssociatedResource *string `locationName:"associatedResource" type:"string"` + // The time stamp when the attachment initiated. AttachTime *time.Time `locationName:"attachTime" type:"timestamp"` @@ -109625,6 +117417,12 @@ type EbsInstanceBlockDevice struct { // The ID of the EBS volume. VolumeId *string `locationName:"volumeId" type:"string"` + + // The ID of the Amazon Web Services account that owns the volume. + // + // This parameter is returned only for volumes that are attached to Fargate + // tasks. + VolumeOwnerId *string `locationName:"volumeOwnerId" type:"string"` } // String returns the string representation. @@ -109645,6 +117443,12 @@ func (s EbsInstanceBlockDevice) GoString() string { return s.String() } +// SetAssociatedResource sets the AssociatedResource field's value. +func (s *EbsInstanceBlockDevice) SetAssociatedResource(v string) *EbsInstanceBlockDevice { + s.AssociatedResource = &v + return s +} + // SetAttachTime sets the AttachTime field's value. func (s *EbsInstanceBlockDevice) SetAttachTime(v time.Time) *EbsInstanceBlockDevice { s.AttachTime = &v @@ -109669,6 +117473,12 @@ func (s *EbsInstanceBlockDevice) SetVolumeId(v string) *EbsInstanceBlockDevice { return s } +// SetVolumeOwnerId sets the VolumeOwnerId field's value. +func (s *EbsInstanceBlockDevice) SetVolumeOwnerId(v string) *EbsInstanceBlockDevice { + s.VolumeOwnerId = &v + return s +} + // Describes information used to set up an EBS volume specified in a block device // mapping. type EbsInstanceBlockDeviceSpecification struct { @@ -109794,6 +117604,176 @@ func (s *EbsOptimizedInfo) SetMaximumThroughputInMBps(v float64) *EbsOptimizedIn return s } +// The EC2 Instance Connect Endpoint. +type Ec2InstanceConnectEndpoint struct { + _ struct{} `type:"structure"` + + // The Availability Zone of the EC2 Instance Connect Endpoint. + AvailabilityZone *string `locationName:"availabilityZone" type:"string"` + + // The date and time that the EC2 Instance Connect Endpoint was created. + CreatedAt *time.Time `locationName:"createdAt" type:"timestamp"` + + // The DNS name of the EC2 Instance Connect Endpoint. + DnsName *string `locationName:"dnsName" type:"string"` + + FipsDnsName *string `locationName:"fipsDnsName" type:"string"` + + // The Amazon Resource Name (ARN) of the EC2 Instance Connect Endpoint. + InstanceConnectEndpointArn *string `locationName:"instanceConnectEndpointArn" min:"1" type:"string"` + + // The ID of the EC2 Instance Connect Endpoint. + InstanceConnectEndpointId *string `locationName:"instanceConnectEndpointId" type:"string"` + + // The ID of the elastic network interface that Amazon EC2 automatically created + // when creating the EC2 Instance Connect Endpoint. + NetworkInterfaceIds []*string `locationName:"networkInterfaceIdSet" locationNameList:"item" type:"list"` + + // The ID of the Amazon Web Services account that created the EC2 Instance Connect + // Endpoint. + OwnerId *string `locationName:"ownerId" type:"string"` + + // Indicates whether your client's IP address is preserved as the source. The + // value is true or false. + // + // * If true, your client's IP address is used when you connect to a resource. + // + // * If false, the elastic network interface IP address is used when you + // connect to a resource. + // + // Default: true + PreserveClientIp *bool `locationName:"preserveClientIp" type:"boolean"` + + // The security groups associated with the endpoint. If you didn't specify a + // security group, the default security group for your VPC is associated with + // the endpoint. + SecurityGroupIds []*string `locationName:"securityGroupIdSet" locationNameList:"item" type:"list"` + + // The current state of the EC2 Instance Connect Endpoint. + State *string `locationName:"state" type:"string" enum:"Ec2InstanceConnectEndpointState"` + + // The message for the current state of the EC2 Instance Connect Endpoint. Can + // include a failure message. + StateMessage *string `locationName:"stateMessage" type:"string"` + + // The ID of the subnet in which the EC2 Instance Connect Endpoint was created. + SubnetId *string `locationName:"subnetId" type:"string"` + + // The tags assigned to the EC2 Instance Connect Endpoint. + Tags []*Tag `locationName:"tagSet" locationNameList:"item" type:"list"` + + // The ID of the VPC in which the EC2 Instance Connect Endpoint was created. + VpcId *string `locationName:"vpcId" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s Ec2InstanceConnectEndpoint) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s Ec2InstanceConnectEndpoint) GoString() string { + return s.String() +} + +// SetAvailabilityZone sets the AvailabilityZone field's value. +func (s *Ec2InstanceConnectEndpoint) SetAvailabilityZone(v string) *Ec2InstanceConnectEndpoint { + s.AvailabilityZone = &v + return s +} + +// SetCreatedAt sets the CreatedAt field's value. +func (s *Ec2InstanceConnectEndpoint) SetCreatedAt(v time.Time) *Ec2InstanceConnectEndpoint { + s.CreatedAt = &v + return s +} + +// SetDnsName sets the DnsName field's value. +func (s *Ec2InstanceConnectEndpoint) SetDnsName(v string) *Ec2InstanceConnectEndpoint { + s.DnsName = &v + return s +} + +// SetFipsDnsName sets the FipsDnsName field's value. +func (s *Ec2InstanceConnectEndpoint) SetFipsDnsName(v string) *Ec2InstanceConnectEndpoint { + s.FipsDnsName = &v + return s +} + +// SetInstanceConnectEndpointArn sets the InstanceConnectEndpointArn field's value. +func (s *Ec2InstanceConnectEndpoint) SetInstanceConnectEndpointArn(v string) *Ec2InstanceConnectEndpoint { + s.InstanceConnectEndpointArn = &v + return s +} + +// SetInstanceConnectEndpointId sets the InstanceConnectEndpointId field's value. +func (s *Ec2InstanceConnectEndpoint) SetInstanceConnectEndpointId(v string) *Ec2InstanceConnectEndpoint { + s.InstanceConnectEndpointId = &v + return s +} + +// SetNetworkInterfaceIds sets the NetworkInterfaceIds field's value. +func (s *Ec2InstanceConnectEndpoint) SetNetworkInterfaceIds(v []*string) *Ec2InstanceConnectEndpoint { + s.NetworkInterfaceIds = v + return s +} + +// SetOwnerId sets the OwnerId field's value. +func (s *Ec2InstanceConnectEndpoint) SetOwnerId(v string) *Ec2InstanceConnectEndpoint { + s.OwnerId = &v + return s +} + +// SetPreserveClientIp sets the PreserveClientIp field's value. +func (s *Ec2InstanceConnectEndpoint) SetPreserveClientIp(v bool) *Ec2InstanceConnectEndpoint { + s.PreserveClientIp = &v + return s +} + +// SetSecurityGroupIds sets the SecurityGroupIds field's value. +func (s *Ec2InstanceConnectEndpoint) SetSecurityGroupIds(v []*string) *Ec2InstanceConnectEndpoint { + s.SecurityGroupIds = v + return s +} + +// SetState sets the State field's value. +func (s *Ec2InstanceConnectEndpoint) SetState(v string) *Ec2InstanceConnectEndpoint { + s.State = &v + return s +} + +// SetStateMessage sets the StateMessage field's value. +func (s *Ec2InstanceConnectEndpoint) SetStateMessage(v string) *Ec2InstanceConnectEndpoint { + s.StateMessage = &v + return s +} + +// SetSubnetId sets the SubnetId field's value. +func (s *Ec2InstanceConnectEndpoint) SetSubnetId(v string) *Ec2InstanceConnectEndpoint { + s.SubnetId = &v + return s +} + +// SetTags sets the Tags field's value. +func (s *Ec2InstanceConnectEndpoint) SetTags(v []*Tag) *Ec2InstanceConnectEndpoint { + s.Tags = v + return s +} + +// SetVpcId sets the VpcId field's value. +func (s *Ec2InstanceConnectEndpoint) SetVpcId(v string) *Ec2InstanceConnectEndpoint { + s.VpcId = &v + return s +} + // Describes the Elastic Fabric Adapters for the instance type. type EfaInfo struct { _ struct{} `type:"structure"` @@ -109876,6 +117856,10 @@ func (s *EgressOnlyInternetGateway) SetTags(v []*Tag) *EgressOnlyInternetGateway return s } +// Amazon Elastic Graphics reached end of life on January 8, 2024. For workloads +// that require graphics acceleration, we recommend that you use Amazon EC2 +// G4ad, G4dn, or G5 instances. +// // Describes the association between an instance and an Elastic Graphics accelerator. type ElasticGpuAssociation struct { _ struct{} `type:"structure"` @@ -109936,6 +117920,10 @@ func (s *ElasticGpuAssociation) SetElasticGpuId(v string) *ElasticGpuAssociation return s } +// Amazon Elastic Graphics reached end of life on January 8, 2024. For workloads +// that require graphics acceleration, we recommend that you use Amazon EC2 +// G4ad, G4dn, or G5 instances. +// // Describes the status of an Elastic Graphics accelerator. type ElasticGpuHealth struct { _ struct{} `type:"structure"` @@ -109968,6 +117956,10 @@ func (s *ElasticGpuHealth) SetStatus(v string) *ElasticGpuHealth { return s } +// Amazon Elastic Graphics reached end of life on January 8, 2024. For workloads +// that require graphics acceleration, we recommend that you use Amazon EC2 +// G4ad, G4dn, or G5 instances. +// // A specification for an Elastic Graphics accelerator. type ElasticGpuSpecification struct { _ struct{} `type:"structure"` @@ -110018,11 +118010,19 @@ func (s *ElasticGpuSpecification) SetType(v string) *ElasticGpuSpecification { return s } -// Describes an elastic GPU. +// Deprecated. +// +// Amazon Elastic Graphics reached end of life on January 8, 2024. For workloads +// that require graphics acceleration, we recommend that you use Amazon EC2 +// G4ad, G4dn, or G5 instances. type ElasticGpuSpecificationResponse struct { _ struct{} `type:"structure"` - // The elastic GPU type. + // Deprecated. + // + // Amazon Elastic Graphics reached end of life on January 8, 2024. For workloads + // that require graphics acceleration, we recommend that you use Amazon EC2 + // G4ad, G4dn, or G5 instances. Type *string `locationName:"type" type:"string"` } @@ -110050,6 +118050,10 @@ func (s *ElasticGpuSpecificationResponse) SetType(v string) *ElasticGpuSpecifica return s } +// Amazon Elastic Graphics reached end of life on January 8, 2024. For workloads +// that require graphics acceleration, we recommend that you use Amazon EC2 +// G4ad, G4dn, or G5 instances. +// // Describes an Elastic Graphics accelerator. type ElasticGpus struct { _ struct{} `type:"structure"` @@ -110310,8 +118314,50 @@ func (s *EnaSrdSpecification) SetEnaSrdUdpSpecification(v *EnaSrdUdpSpecificatio return s } +// Launch instances with ENA Express settings configured from your launch template. +type EnaSrdSpecificationRequest struct { + _ struct{} `type:"structure"` + + // Specifies whether ENA Express is enabled for the network interface when you + // launch an instance from your launch template. + EnaSrdEnabled *bool `type:"boolean"` + + // Contains ENA Express settings for UDP network traffic in your launch template. + EnaSrdUdpSpecification *EnaSrdUdpSpecificationRequest `type:"structure"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s EnaSrdSpecificationRequest) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s EnaSrdSpecificationRequest) GoString() string { + return s.String() +} + +// SetEnaSrdEnabled sets the EnaSrdEnabled field's value. +func (s *EnaSrdSpecificationRequest) SetEnaSrdEnabled(v bool) *EnaSrdSpecificationRequest { + s.EnaSrdEnabled = &v + return s +} + +// SetEnaSrdUdpSpecification sets the EnaSrdUdpSpecification field's value. +func (s *EnaSrdSpecificationRequest) SetEnaSrdUdpSpecification(v *EnaSrdUdpSpecificationRequest) *EnaSrdSpecificationRequest { + s.EnaSrdUdpSpecification = v + return s +} + // ENA Express is compatible with both TCP and UDP transport protocols. When -// it’s enabled, TCP traffic automatically uses it. However, some UDP-based +// it's enabled, TCP traffic automatically uses it. However, some UDP-based // applications are designed to handle network packets that are out of order, // without a need for retransmission, such as live video broadcasting or other // near-real-time applications. For UDP traffic, you can specify whether to @@ -110319,8 +118365,8 @@ func (s *EnaSrdSpecification) SetEnaSrdUdpSpecification(v *EnaSrdUdpSpecificatio type EnaSrdUdpSpecification struct { _ struct{} `type:"structure"` - // Indicates whether UDP traffic uses ENA Express. To specify this setting, - // you must first enable ENA Express. + // Indicates whether UDP traffic to and from the instance uses ENA Express. + // To specify this setting, you must first enable ENA Express. EnaSrdUdpEnabled *bool `type:"boolean"` } @@ -110348,6 +118394,41 @@ func (s *EnaSrdUdpSpecification) SetEnaSrdUdpEnabled(v bool) *EnaSrdUdpSpecifica return s } +// Configures ENA Express for UDP network traffic from your launch template. +type EnaSrdUdpSpecificationRequest struct { + _ struct{} `type:"structure"` + + // Indicates whether UDP traffic uses ENA Express for your instance. To ensure + // that UDP traffic can use ENA Express when you launch an instance, you must + // also set EnaSrdEnabled in the EnaSrdSpecificationRequest to true in your + // launch template. + EnaSrdUdpEnabled *bool `type:"boolean"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s EnaSrdUdpSpecificationRequest) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s EnaSrdUdpSpecificationRequest) GoString() string { + return s.String() +} + +// SetEnaSrdUdpEnabled sets the EnaSrdUdpEnabled field's value. +func (s *EnaSrdUdpSpecificationRequest) SetEnaSrdUdpEnabled(v bool) *EnaSrdUdpSpecificationRequest { + s.EnaSrdUdpEnabled = &v + return s +} + type EnableAddressTransferInput struct { _ struct{} `type:"structure"` @@ -110454,8 +118535,9 @@ func (s *EnableAddressTransferOutput) SetAddressTransfer(v *AddressTransfer) *En type EnableAwsNetworkPerformanceMetricSubscriptionInput struct { _ struct{} `type:"structure"` - // The target Region or Availability Zone that the metric subscription is enabled - // for. For example, eu-west-1. + // The target Region (like us-east-2) or Availability Zone ID (like use2-az2) + // that the metric subscription is enabled for. If you use Availability Zone + // IDs, the Source and Destination Availability Zones must be in the same Region. Destination *string `type:"string"` // Checks whether you have the required permissions for the action, without @@ -110467,8 +118549,9 @@ type EnableAwsNetworkPerformanceMetricSubscriptionInput struct { // The metric used for the enabled subscription. Metric *string `type:"string" enum:"MetricType"` - // The source Region or Availability Zone that the metric subscription is enabled - // for. For example, us-east-1. + // The source Region (like us-east-1) or Availability Zone ID (like use1-az1) + // that the metric subscription is enabled for. If you use Availability Zone + // IDs, the Source and Destination Availability Zones must be in the same Region. Source *string `type:"string"` // The statistic used for the enabled subscription. @@ -110628,7 +118711,7 @@ type EnableFastLaunchInput struct { // it is UnauthorizedOperation. DryRun *bool `type:"boolean"` - // The ID of the image for which you’re enabling faster launching. + // Specify the ID of the image for which to enable Windows fast launch. // // ImageId is a required field ImageId *string `type:"string" required:"true"` @@ -110638,17 +118721,18 @@ type EnableFastLaunchInput struct { // the launch template, but not both. LaunchTemplate *FastLaunchLaunchTemplateSpecificationRequest `type:"structure"` - // The maximum number of parallel instances to launch for creating resources. - // Value must be 6 or greater. + // The maximum number of instances that Amazon EC2 can launch at the same time + // to create pre-provisioned snapshots for Windows fast launch. Value must be + // 6 or greater. MaxParallelLaunches *int64 `type:"integer"` - // The type of resource to use for pre-provisioning the Windows AMI for faster - // launching. Supported values include: snapshot, which is the default value. + // The type of resource to use for pre-provisioning the AMI for Windows fast + // launch. Supported values include: snapshot, which is the default value. ResourceType *string `type:"string"` // Configuration settings for creating and managing the snapshots that are used - // for pre-provisioning the Windows AMI for faster launching. The associated - // ResourceType must be snapshot. + // for pre-provisioning the AMI for Windows fast launch. The associated ResourceType + // must be snapshot. SnapshotConfiguration *FastLaunchSnapshotConfigurationRequest `type:"structure"` } @@ -110727,36 +118811,36 @@ func (s *EnableFastLaunchInput) SetSnapshotConfiguration(v *FastLaunchSnapshotCo type EnableFastLaunchOutput struct { _ struct{} `type:"structure"` - // The image ID that identifies the Windows AMI for which faster launching was - // enabled. + // The image ID that identifies the AMI for which Windows fast launch was enabled. ImageId *string `locationName:"imageId" type:"string"` // The launch template that is used when launching Windows instances from pre-provisioned // snapshots. LaunchTemplate *FastLaunchLaunchTemplateSpecificationResponse `locationName:"launchTemplate" type:"structure"` - // The maximum number of parallel instances to launch for creating resources. + // The maximum number of instances that Amazon EC2 can launch at the same time + // to create pre-provisioned snapshots for Windows fast launch. MaxParallelLaunches *int64 `locationName:"maxParallelLaunches" type:"integer"` - // The owner ID for the Windows AMI for which faster launching was enabled. + // The owner ID for the AMI for which Windows fast launch was enabled. OwnerId *string `locationName:"ownerId" type:"string"` - // The type of resource that was defined for pre-provisioning the Windows AMI - // for faster launching. + // The type of resource that was defined for pre-provisioning the AMI for Windows + // fast launch. ResourceType *string `locationName:"resourceType" type:"string" enum:"FastLaunchResourceType"` - // The configuration settings that were defined for creating and managing the - // pre-provisioned snapshots for faster launching of the Windows AMI. This property - // is returned when the associated resourceType is snapshot. + // Settings to create and manage the pre-provisioned snapshots that Amazon EC2 + // uses for faster launches from the Windows AMI. This property is returned + // when the associated resourceType is snapshot. SnapshotConfiguration *FastLaunchSnapshotConfigurationResponse `locationName:"snapshotConfiguration" type:"structure"` - // The current state of faster launching for the specified Windows AMI. + // The current state of Windows fast launch for the specified AMI. State *string `locationName:"state" type:"string" enum:"FastLaunchStateCode"` - // The reason that the state changed for faster launching for the Windows AMI. + // The reason that the state changed for Windows fast launch for the AMI. StateTransitionReason *string `locationName:"stateTransitionReason" type:"string"` - // The time that the state changed for faster launching for the Windows AMI. + // The time that the state changed for Windows fast launch for the AMI. StateTransitionTime *time.Time `locationName:"stateTransitionTime" type:"timestamp"` } @@ -111203,6 +119287,98 @@ func (s *EnableFastSnapshotRestoresOutput) SetUnsuccessful(v []*EnableFastSnapsh return s } +type EnableImageBlockPublicAccessInput struct { + _ struct{} `type:"structure"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // Specify block-new-sharing to enable block public access for AMIs at the account + // level in the specified Region. This will block any attempt to publicly share + // your AMIs in the specified Region. + // + // ImageBlockPublicAccessState is a required field + ImageBlockPublicAccessState *string `type:"string" required:"true" enum:"ImageBlockPublicAccessEnabledState"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s EnableImageBlockPublicAccessInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s EnableImageBlockPublicAccessInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *EnableImageBlockPublicAccessInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "EnableImageBlockPublicAccessInput"} + if s.ImageBlockPublicAccessState == nil { + invalidParams.Add(request.NewErrParamRequired("ImageBlockPublicAccessState")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDryRun sets the DryRun field's value. +func (s *EnableImageBlockPublicAccessInput) SetDryRun(v bool) *EnableImageBlockPublicAccessInput { + s.DryRun = &v + return s +} + +// SetImageBlockPublicAccessState sets the ImageBlockPublicAccessState field's value. +func (s *EnableImageBlockPublicAccessInput) SetImageBlockPublicAccessState(v string) *EnableImageBlockPublicAccessInput { + s.ImageBlockPublicAccessState = &v + return s +} + +type EnableImageBlockPublicAccessOutput struct { + _ struct{} `type:"structure"` + + // Returns block-new-sharing if the request succeeds; otherwise, it returns + // an error. + ImageBlockPublicAccessState *string `locationName:"imageBlockPublicAccessState" type:"string" enum:"ImageBlockPublicAccessEnabledState"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s EnableImageBlockPublicAccessOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s EnableImageBlockPublicAccessOutput) GoString() string { + return s.String() +} + +// SetImageBlockPublicAccessState sets the ImageBlockPublicAccessState field's value. +func (s *EnableImageBlockPublicAccessOutput) SetImageBlockPublicAccessState(v string) *EnableImageBlockPublicAccessOutput { + s.ImageBlockPublicAccessState = &v + return s +} + type EnableImageDeprecationInput struct { _ struct{} `type:"structure"` @@ -111312,6 +119488,95 @@ func (s *EnableImageDeprecationOutput) SetReturn(v bool) *EnableImageDeprecation return s } +type EnableImageInput struct { + _ struct{} `type:"structure"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The ID of the AMI. + // + // ImageId is a required field + ImageId *string `type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s EnableImageInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s EnableImageInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *EnableImageInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "EnableImageInput"} + if s.ImageId == nil { + invalidParams.Add(request.NewErrParamRequired("ImageId")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDryRun sets the DryRun field's value. +func (s *EnableImageInput) SetDryRun(v bool) *EnableImageInput { + s.DryRun = &v + return s +} + +// SetImageId sets the ImageId field's value. +func (s *EnableImageInput) SetImageId(v string) *EnableImageInput { + s.ImageId = &v + return s +} + +type EnableImageOutput struct { + _ struct{} `type:"structure"` + + // Returns true if the request succeeds; otherwise, it returns an error. + Return *bool `locationName:"return" type:"boolean"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s EnableImageOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s EnableImageOutput) GoString() string { + return s.String() +} + +// SetReturn sets the Return field's value. +func (s *EnableImageOutput) SetReturn(v bool) *EnableImageOutput { + s.Return = &v + return s +} + type EnableIpamOrganizationAdminAccountInput struct { _ struct{} `type:"structure"` @@ -111533,6 +119798,114 @@ func (s *EnableSerialConsoleAccessOutput) SetSerialConsoleAccessEnabled(v bool) return s } +type EnableSnapshotBlockPublicAccessInput struct { + _ struct{} `type:"structure"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The mode in which to enable block public access for snapshots for the Region. + // Specify one of the following values: + // + // * block-all-sharing - Prevents all public sharing of snapshots in the + // Region. Users in the account will no longer be able to request new public + // sharing. Additionally, snapshots that are already publicly shared are + // treated as private and they are no longer publicly available. If you enable + // block public access for snapshots in block-all-sharing mode, it does not + // change the permissions for snapshots that are already publicly shared. + // Instead, it prevents these snapshots from be publicly visible and publicly + // accessible. Therefore, the attributes for these snapshots still indicate + // that they are publicly shared, even though they are not publicly available. + // + // * block-new-sharing - Prevents only new public sharing of snapshots in + // the Region. Users in the account will no longer be able to request new + // public sharing. However, snapshots that are already publicly shared, remain + // publicly available. + // + // unblocked is not a valid value for EnableSnapshotBlockPublicAccess. + // + // State is a required field + State *string `type:"string" required:"true" enum:"SnapshotBlockPublicAccessState"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s EnableSnapshotBlockPublicAccessInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s EnableSnapshotBlockPublicAccessInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *EnableSnapshotBlockPublicAccessInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "EnableSnapshotBlockPublicAccessInput"} + if s.State == nil { + invalidParams.Add(request.NewErrParamRequired("State")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDryRun sets the DryRun field's value. +func (s *EnableSnapshotBlockPublicAccessInput) SetDryRun(v bool) *EnableSnapshotBlockPublicAccessInput { + s.DryRun = &v + return s +} + +// SetState sets the State field's value. +func (s *EnableSnapshotBlockPublicAccessInput) SetState(v string) *EnableSnapshotBlockPublicAccessInput { + s.State = &v + return s +} + +type EnableSnapshotBlockPublicAccessOutput struct { + _ struct{} `type:"structure"` + + // The state of block public access for snapshots for the account and Region. + // Returns either block-all-sharing or block-new-sharing if the request succeeds. + State *string `locationName:"state" type:"string" enum:"SnapshotBlockPublicAccessState"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s EnableSnapshotBlockPublicAccessOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s EnableSnapshotBlockPublicAccessOutput) GoString() string { + return s.String() +} + +// SetState sets the State field's value. +func (s *EnableSnapshotBlockPublicAccessOutput) SetState(v string) *EnableSnapshotBlockPublicAccessOutput { + s.State = &v + return s +} + type EnableTransitGatewayRouteTablePropagationInput struct { _ struct{} `type:"structure"` @@ -112229,6 +120602,12 @@ type Explanation struct { // The explanation code. ExplanationCode *string `locationName:"explanationCode" type:"string"` + // The Network Firewall stateful rule. + FirewallStatefulRule *FirewallStatefulRule `locationName:"firewallStatefulRule" type:"structure"` + + // The Network Firewall stateless rule. + FirewallStatelessRule *FirewallStatelessRule `locationName:"firewallStatelessRule" type:"structure"` + // The route table. IngressRouteTable *AnalysisComponent `locationName:"ingressRouteTable" type:"structure"` @@ -112452,6 +120831,18 @@ func (s *Explanation) SetExplanationCode(v string) *Explanation { return s } +// SetFirewallStatefulRule sets the FirewallStatefulRule field's value. +func (s *Explanation) SetFirewallStatefulRule(v *FirewallStatefulRule) *Explanation { + s.FirewallStatefulRule = v + return s +} + +// SetFirewallStatelessRule sets the FirewallStatelessRule field's value. +func (s *Explanation) SetFirewallStatelessRule(v *FirewallStatelessRule) *Explanation { + s.FirewallStatelessRule = v + return s +} + // SetIngressRouteTable sets the IngressRouteTable field's value. func (s *Explanation) SetIngressRouteTable(v *AnalysisComponent) *Explanation { s.IngressRouteTable = v @@ -113713,22 +122104,23 @@ func (s *FailedQueuedPurchaseDeletion) SetReservedInstancesId(v string) *FailedQ return s } -// Request to create a launch template for a fast-launch enabled Windows AMI. +// Request to create a launch template for a Windows fast launch enabled AMI. // // Note - You can specify either the LaunchTemplateName or the LaunchTemplateId, // but not both. type FastLaunchLaunchTemplateSpecificationRequest struct { _ struct{} `type:"structure"` - // The ID of the launch template to use for faster launching for a Windows AMI. + // Specify the ID of the launch template that the AMI should use for Windows + // fast launch. LaunchTemplateId *string `type:"string"` - // The name of the launch template to use for faster launching for a Windows - // AMI. + // Specify the name of the launch template that the AMI should use for Windows + // fast launch. LaunchTemplateName *string `type:"string"` - // The version of the launch template to use for faster launching for a Windows - // AMI. + // Specify the version of the launch template that the AMI should use for Windows + // fast launch. // // Version is a required field Version *string `type:"string" required:"true"` @@ -113783,21 +122175,17 @@ func (s *FastLaunchLaunchTemplateSpecificationRequest) SetVersion(v string) *Fas return s } -// Identifies the launch template to use for faster launching of the Windows -// AMI. +// Identifies the launch template that the AMI uses for Windows fast launch. type FastLaunchLaunchTemplateSpecificationResponse struct { _ struct{} `type:"structure"` - // The ID of the launch template for faster launching of the associated Windows - // AMI. + // The ID of the launch template that the AMI uses for Windows fast launch. LaunchTemplateId *string `locationName:"launchTemplateId" type:"string"` - // The name of the launch template for faster launching of the associated Windows - // AMI. + // The name of the launch template that the AMI uses for Windows fast launch. LaunchTemplateName *string `locationName:"launchTemplateName" type:"string"` - // The version of the launch template for faster launching of the associated - // Windows AMI. + // The version of the launch template that the AMI uses for Windows fast launch. Version *string `locationName:"version" type:"string"` } @@ -113838,12 +122226,12 @@ func (s *FastLaunchLaunchTemplateSpecificationResponse) SetVersion(v string) *Fa } // Configuration settings for creating and managing pre-provisioned snapshots -// for a fast-launch enabled Windows AMI. +// for a Windows fast launch enabled AMI. type FastLaunchSnapshotConfigurationRequest struct { _ struct{} `type:"structure"` - // The number of pre-provisioned snapshots to keep on hand for a fast-launch - // enabled Windows AMI. + // The number of pre-provisioned snapshots to keep on hand for a Windows fast + // launch enabled AMI. TargetResourceCount *int64 `type:"integer"` } @@ -113872,12 +122260,12 @@ func (s *FastLaunchSnapshotConfigurationRequest) SetTargetResourceCount(v int64) } // Configuration settings for creating and managing pre-provisioned snapshots -// for a fast-launch enabled Windows AMI. +// for a Windows fast launch enabled Windows AMI. type FastLaunchSnapshotConfigurationResponse struct { _ struct{} `type:"structure"` - // The number of pre-provisioned snapshots requested to keep on hand for a fast-launch - // enabled Windows AMI. + // The number of pre-provisioned snapshots requested to keep on hand for a Windows + // fast launch enabled AMI. TargetResourceCount *int64 `locationName:"targetResourceCount" type:"integer"` } @@ -114037,6 +122425,237 @@ func (s *Filter) SetValues(v []*string) *Filter { return s } +// Describes a port range. +type FilterPortRange struct { + _ struct{} `type:"structure"` + + // The first port in the range. + FromPort *int64 `locationName:"fromPort" type:"integer"` + + // The last port in the range. + ToPort *int64 `locationName:"toPort" type:"integer"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s FilterPortRange) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s FilterPortRange) GoString() string { + return s.String() +} + +// SetFromPort sets the FromPort field's value. +func (s *FilterPortRange) SetFromPort(v int64) *FilterPortRange { + s.FromPort = &v + return s +} + +// SetToPort sets the ToPort field's value. +func (s *FilterPortRange) SetToPort(v int64) *FilterPortRange { + s.ToPort = &v + return s +} + +// Describes a stateful rule. +type FirewallStatefulRule struct { + _ struct{} `type:"structure"` + + // The destination ports. + DestinationPorts []*PortRange `locationName:"destinationPortSet" locationNameList:"item" type:"list"` + + // The destination IP addresses, in CIDR notation. + Destinations []*string `locationName:"destinationSet" locationNameList:"item" type:"list"` + + // The direction. The possible values are FORWARD and ANY. + Direction *string `locationName:"direction" type:"string"` + + // The protocol. + Protocol *string `locationName:"protocol" type:"string"` + + // The rule action. The possible values are pass, drop, and alert. + RuleAction *string `locationName:"ruleAction" type:"string"` + + // The ARN of the stateful rule group. + RuleGroupArn *string `locationName:"ruleGroupArn" min:"1" type:"string"` + + // The source ports. + SourcePorts []*PortRange `locationName:"sourcePortSet" locationNameList:"item" type:"list"` + + // The source IP addresses, in CIDR notation. + Sources []*string `locationName:"sourceSet" locationNameList:"item" type:"list"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s FirewallStatefulRule) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s FirewallStatefulRule) GoString() string { + return s.String() +} + +// SetDestinationPorts sets the DestinationPorts field's value. +func (s *FirewallStatefulRule) SetDestinationPorts(v []*PortRange) *FirewallStatefulRule { + s.DestinationPorts = v + return s +} + +// SetDestinations sets the Destinations field's value. +func (s *FirewallStatefulRule) SetDestinations(v []*string) *FirewallStatefulRule { + s.Destinations = v + return s +} + +// SetDirection sets the Direction field's value. +func (s *FirewallStatefulRule) SetDirection(v string) *FirewallStatefulRule { + s.Direction = &v + return s +} + +// SetProtocol sets the Protocol field's value. +func (s *FirewallStatefulRule) SetProtocol(v string) *FirewallStatefulRule { + s.Protocol = &v + return s +} + +// SetRuleAction sets the RuleAction field's value. +func (s *FirewallStatefulRule) SetRuleAction(v string) *FirewallStatefulRule { + s.RuleAction = &v + return s +} + +// SetRuleGroupArn sets the RuleGroupArn field's value. +func (s *FirewallStatefulRule) SetRuleGroupArn(v string) *FirewallStatefulRule { + s.RuleGroupArn = &v + return s +} + +// SetSourcePorts sets the SourcePorts field's value. +func (s *FirewallStatefulRule) SetSourcePorts(v []*PortRange) *FirewallStatefulRule { + s.SourcePorts = v + return s +} + +// SetSources sets the Sources field's value. +func (s *FirewallStatefulRule) SetSources(v []*string) *FirewallStatefulRule { + s.Sources = v + return s +} + +// Describes a stateless rule. +type FirewallStatelessRule struct { + _ struct{} `type:"structure"` + + // The destination ports. + DestinationPorts []*PortRange `locationName:"destinationPortSet" locationNameList:"item" type:"list"` + + // The destination IP addresses, in CIDR notation. + Destinations []*string `locationName:"destinationSet" locationNameList:"item" type:"list"` + + // The rule priority. + Priority *int64 `locationName:"priority" type:"integer"` + + // The protocols. + Protocols []*int64 `locationName:"protocolSet" locationNameList:"item" type:"list"` + + // The rule action. The possible values are pass, drop, and forward_to_site. + RuleAction *string `locationName:"ruleAction" type:"string"` + + // The ARN of the stateless rule group. + RuleGroupArn *string `locationName:"ruleGroupArn" min:"1" type:"string"` + + // The source ports. + SourcePorts []*PortRange `locationName:"sourcePortSet" locationNameList:"item" type:"list"` + + // The source IP addresses, in CIDR notation. + Sources []*string `locationName:"sourceSet" locationNameList:"item" type:"list"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s FirewallStatelessRule) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s FirewallStatelessRule) GoString() string { + return s.String() +} + +// SetDestinationPorts sets the DestinationPorts field's value. +func (s *FirewallStatelessRule) SetDestinationPorts(v []*PortRange) *FirewallStatelessRule { + s.DestinationPorts = v + return s +} + +// SetDestinations sets the Destinations field's value. +func (s *FirewallStatelessRule) SetDestinations(v []*string) *FirewallStatelessRule { + s.Destinations = v + return s +} + +// SetPriority sets the Priority field's value. +func (s *FirewallStatelessRule) SetPriority(v int64) *FirewallStatelessRule { + s.Priority = &v + return s +} + +// SetProtocols sets the Protocols field's value. +func (s *FirewallStatelessRule) SetProtocols(v []*int64) *FirewallStatelessRule { + s.Protocols = v + return s +} + +// SetRuleAction sets the RuleAction field's value. +func (s *FirewallStatelessRule) SetRuleAction(v string) *FirewallStatelessRule { + s.RuleAction = &v + return s +} + +// SetRuleGroupArn sets the RuleGroupArn field's value. +func (s *FirewallStatelessRule) SetRuleGroupArn(v string) *FirewallStatelessRule { + s.RuleGroupArn = &v + return s +} + +// SetSourcePorts sets the SourcePorts field's value. +func (s *FirewallStatelessRule) SetSourcePorts(v []*PortRange) *FirewallStatelessRule { + s.SourcePorts = v + return s +} + +// SetSources sets the Sources field's value. +func (s *FirewallStatelessRule) SetSources(v []*string) *FirewallStatelessRule { + s.Sources = v + return s +} + // Information about a Capacity Reservation in a Capacity Reservation Fleet. type FleetCapacityReservation struct { _ struct{} `type:"structure"` @@ -114198,6 +122817,8 @@ type FleetData struct { // Indicates whether running instances should be terminated if the target capacity // of the EC2 Fleet is decreased below the current size of the EC2 Fleet. + // + // Supported only for fleets of type maintain. ExcessCapacityTerminationPolicy *string `locationName:"excessCapacityTerminationPolicy" type:"string" enum:"FleetExcessCapacityTerminationPolicy"` // The ID of the EC2 Fleet. @@ -114531,8 +123152,9 @@ type FleetLaunchTemplateOverrides struct { // The Availability Zone in which to launch the instances. AvailabilityZone *string `locationName:"availabilityZone" type:"string"` - // The ID of the AMI. An AMI is required to launch an instance. The AMI ID must - // be specified here or in the launch template. + // The ID of the AMI. An AMI is required to launch an instance. This parameter + // is only available for fleets of type instant. For fleets of type maintain + // and request, you must specify the AMI ID in the launch template. ImageId *string `locationName:"imageId" type:"string"` // The attributes for the instance types. When you specify instance attributes, @@ -114543,6 +123165,8 @@ type FleetLaunchTemplateOverrides struct { // The instance type. // + // mac1.metal is not supported as a launch template override. + // // If you specify InstanceType, you can't specify InstanceRequirements. InstanceType *string `locationName:"instanceType" type:"string" enum:"InstanceType"` @@ -114579,6 +123203,12 @@ type FleetLaunchTemplateOverrides struct { SubnetId *string `locationName:"subnetId" type:"string"` // The number of units provided by the specified instance type. + // + // When specifying weights, the price used in the lowest-price and price-capacity-optimized + // allocation strategies is per unit hour (where the instance price is divided + // by the specified weight). However, if all the specified weights are above + // the requested TargetCapacity, resulting in only 1 instance being launched, + // the price used is per instance hour. WeightedCapacity *float64 `locationName:"weightedCapacity" type:"double"` } @@ -114661,8 +123291,9 @@ type FleetLaunchTemplateOverridesRequest struct { // The Availability Zone in which to launch the instances. AvailabilityZone *string `type:"string"` - // The ID of the AMI. An AMI is required to launch an instance. The AMI ID must - // be specified here or in the launch template. + // The ID of the AMI. An AMI is required to launch an instance. This parameter + // is only available for fleets of type instant. For fleets of type maintain + // and request, you must specify the AMI ID in the launch template. ImageId *string `type:"string"` // The attributes for the instance types. When you specify instance attributes, @@ -114673,6 +123304,8 @@ type FleetLaunchTemplateOverridesRequest struct { // The instance type. // + // mac1.metal is not supported as a launch template override. + // // If you specify InstanceType, you can't specify InstanceRequirements. InstanceType *string `type:"string" enum:"InstanceType"` @@ -114711,6 +123344,12 @@ type FleetLaunchTemplateOverridesRequest struct { SubnetId *string `type:"string"` // The number of units provided by the specified instance type. + // + // When specifying weights, the price used in the lowest-price and price-capacity-optimized + // allocation strategies is per unit hour (where the instance price is divided + // by the specified weight). However, if all the specified weights are above + // the requested TargetCapacity, resulting in only 1 instance being launched, + // the price used is per instance hour. WeightedCapacity *float64 `type:"double"` } @@ -115446,6 +124085,7 @@ type FpgaImage struct { // The FPGA image identifier (AFI ID). FpgaImageId *string `locationName:"fpgaImageId" type:"string"` + // The instance types supported by the AFI. InstanceTypes []*string `locationName:"instanceTypes" locationNameList:"item" type:"list"` // The name of the AFI. @@ -115758,7 +124398,9 @@ type GetAssociatedEnclaveCertificateIamRolesInput struct { // The ARN of the ACM certificate for which to view the associated IAM roles, // encryption keys, and Amazon S3 object information. - CertificateArn *string `min:"1" type:"string"` + // + // CertificateArn is a required field + CertificateArn *string `type:"string" required:"true"` // Checks whether you have the required permissions for the action, without // actually making the request, and provides an error response. If you have @@ -115788,8 +124430,8 @@ func (s GetAssociatedEnclaveCertificateIamRolesInput) GoString() string { // Validate inspects the fields of the type to determine if they are valid. func (s *GetAssociatedEnclaveCertificateIamRolesInput) Validate() error { invalidParams := request.ErrInvalidParams{Context: "GetAssociatedEnclaveCertificateIamRolesInput"} - if s.CertificateArn != nil && len(*s.CertificateArn) < 1 { - invalidParams.Add(request.NewErrParamMinLen("CertificateArn", 1)) + if s.CertificateArn == nil { + invalidParams.Add(request.NewErrParamRequired("CertificateArn")) } if invalidParams.Len() > 0 { @@ -116099,12 +124741,9 @@ type GetCapacityReservationUsageInput struct { // it is UnauthorizedOperation. DryRun *bool `type:"boolean"` - // The maximum number of results to return for the request in a single page. - // The remaining results can be seen by sending another request with the returned - // nextToken value. This value can be between 5 and 500. If maxResults is given - // a larger value than 500, you receive an error. - // - // Valid range: Minimum value of 1. Maximum value of 1000. + // The maximum number of items to return for this request. To get the next page + // of items, make another request with the token returned in the output. For + // more information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination). MaxResults *int64 `min:"1" type:"integer"` // The token to use to retrieve the next page of results. @@ -116384,6 +125023,10 @@ type GetCoipPoolUsageOutput struct { // The ID of the local gateway route table. LocalGatewayRouteTableId *string `locationName:"localGatewayRouteTableId" type:"string"` + + // The token to use to retrieve the next page of results. This value is null + // when there are no more results to return. + NextToken *string `locationName:"nextToken" type:"string"` } // String returns the string representation. @@ -116422,6 +125065,12 @@ func (s *GetCoipPoolUsageOutput) SetLocalGatewayRouteTableId(v string) *GetCoipP return s } +// SetNextToken sets the NextToken field's value. +func (s *GetCoipPoolUsageOutput) SetNextToken(v string) *GetCoipPoolUsageOutput { + s.NextToken = &v + return s +} + type GetConsoleOutputInput struct { _ struct{} `type:"structure"` @@ -116842,6 +125491,9 @@ type GetEbsEncryptionByDefaultOutput struct { // Indicates whether encryption by default is enabled. EbsEncryptionByDefault *bool `locationName:"ebsEncryptionByDefault" type:"boolean"` + + // Reserved for future use. + SseType *string `locationName:"sseType" type:"string" enum:"SSEType"` } // String returns the string representation. @@ -116868,6 +125520,12 @@ func (s *GetEbsEncryptionByDefaultOutput) SetEbsEncryptionByDefault(v bool) *Get return s } +// SetSseType sets the SseType field's value. +func (s *GetEbsEncryptionByDefaultOutput) SetSseType(v string) *GetEbsEncryptionByDefaultOutput { + s.SseType = &v + return s +} + type GetFlowLogsIntegrationTemplateInput struct { _ struct{} `type:"structure"` @@ -116994,7 +125652,9 @@ func (s *GetFlowLogsIntegrationTemplateOutput) SetResult(v string) *GetFlowLogsI type GetGroupsForCapacityReservationInput struct { _ struct{} `type:"structure"` - // The ID of the Capacity Reservation. + // The ID of the Capacity Reservation. If you specify a Capacity Reservation + // that is shared with you, the operation returns only Capacity Reservation + // groups that you own. // // CapacityReservationId is a required field CapacityReservationId *string `type:"string" required:"true"` @@ -117005,10 +125665,9 @@ type GetGroupsForCapacityReservationInput struct { // it is UnauthorizedOperation. DryRun *bool `type:"boolean"` - // The maximum number of results to return for the request in a single page. - // The remaining results can be seen by sending another request with the returned - // nextToken value. This value can be between 5 and 500. If maxResults is given - // a larger value than 500, you receive an error. + // The maximum number of items to return for this request. To get the next page + // of items, make another request with the token returned in the output. For + // more information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination). MaxResults *int64 `min:"1" type:"integer"` // The token to use to retrieve the next page of results. @@ -117235,6 +125894,79 @@ func (s *GetHostReservationPurchasePreviewOutput) SetTotalUpfrontPrice(v string) return s } +type GetImageBlockPublicAccessStateInput struct { + _ struct{} `type:"structure"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GetImageBlockPublicAccessStateInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GetImageBlockPublicAccessStateInput) GoString() string { + return s.String() +} + +// SetDryRun sets the DryRun field's value. +func (s *GetImageBlockPublicAccessStateInput) SetDryRun(v bool) *GetImageBlockPublicAccessStateInput { + s.DryRun = &v + return s +} + +type GetImageBlockPublicAccessStateOutput struct { + _ struct{} `type:"structure"` + + // The current state of block public access for AMIs at the account level in + // the specified Amazon Web Services Region. + // + // Possible values: + // + // * block-new-sharing - Any attempt to publicly share your AMIs in the specified + // Region is blocked. + // + // * unblocked - Your AMIs in the specified Region can be publicly shared. + ImageBlockPublicAccessState *string `locationName:"imageBlockPublicAccessState" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GetImageBlockPublicAccessStateOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GetImageBlockPublicAccessStateOutput) GoString() string { + return s.String() +} + +// SetImageBlockPublicAccessState sets the ImageBlockPublicAccessState field's value. +func (s *GetImageBlockPublicAccessStateOutput) SetImageBlockPublicAccessState(v string) *GetImageBlockPublicAccessStateOutput { + s.ImageBlockPublicAccessState = &v + return s +} + type GetInstanceTypesFromInstanceRequirementsInput struct { _ struct{} `type:"structure"` @@ -117254,12 +125986,13 @@ type GetInstanceTypesFromInstanceRequirementsInput struct { // InstanceRequirements is a required field InstanceRequirements *InstanceRequirementsRequest `type:"structure" required:"true"` - // The maximum number of results to return in a single call. Specify a value - // between 1 and 1000. The default value is 1000. To retrieve the remaining - // results, make another call with the returned NextToken value. + // The maximum number of items to return for this request. To get the next page + // of items, make another request with the token returned in the output. For + // more information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination). MaxResults *int64 `type:"integer"` - // The token for the next set of results. + // The token returned from a previous paginated request. Pagination continues + // from the end of the items returned by the previous request. NextToken *string `type:"string"` // The virtualization type. @@ -117352,7 +126085,8 @@ type GetInstanceTypesFromInstanceRequirementsOutput struct { // The instance types with the specified instance attributes. InstanceTypes []*InstanceTypeInfoFromInstanceRequirements `locationName:"instanceTypeSet" locationNameList:"item" type:"list"` - // The token for the next set of results. + // The token to include in another request to get the next page of items. This + // value is null when there are no more items to return. NextToken *string `locationName:"nextToken" type:"string"` } @@ -117652,6 +126386,448 @@ func (s *GetIpamAddressHistoryOutput) SetNextToken(v string) *GetIpamAddressHist return s } +type GetIpamDiscoveredAccountsInput struct { + _ struct{} `type:"structure"` + + // The Amazon Web Services Region that the account information is returned from. + // + // DiscoveryRegion is a required field + DiscoveryRegion *string `type:"string" required:"true"` + + // A check for whether you have the required permissions for the action without + // actually making the request and provides an error response. If you have the + // required permissions, the error response is DryRunOperation. Otherwise, it + // is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // Discovered account filters. + Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` + + // A resource discovery ID. + // + // IpamResourceDiscoveryId is a required field + IpamResourceDiscoveryId *string `type:"string" required:"true"` + + // The maximum number of discovered accounts to return in one page of results. + MaxResults *int64 `min:"5" type:"integer"` + + // Specify the pagination token from a previous request to retrieve the next + // page of results. + NextToken *string `type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GetIpamDiscoveredAccountsInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GetIpamDiscoveredAccountsInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *GetIpamDiscoveredAccountsInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "GetIpamDiscoveredAccountsInput"} + if s.DiscoveryRegion == nil { + invalidParams.Add(request.NewErrParamRequired("DiscoveryRegion")) + } + if s.IpamResourceDiscoveryId == nil { + invalidParams.Add(request.NewErrParamRequired("IpamResourceDiscoveryId")) + } + if s.MaxResults != nil && *s.MaxResults < 5 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 5)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDiscoveryRegion sets the DiscoveryRegion field's value. +func (s *GetIpamDiscoveredAccountsInput) SetDiscoveryRegion(v string) *GetIpamDiscoveredAccountsInput { + s.DiscoveryRegion = &v + return s +} + +// SetDryRun sets the DryRun field's value. +func (s *GetIpamDiscoveredAccountsInput) SetDryRun(v bool) *GetIpamDiscoveredAccountsInput { + s.DryRun = &v + return s +} + +// SetFilters sets the Filters field's value. +func (s *GetIpamDiscoveredAccountsInput) SetFilters(v []*Filter) *GetIpamDiscoveredAccountsInput { + s.Filters = v + return s +} + +// SetIpamResourceDiscoveryId sets the IpamResourceDiscoveryId field's value. +func (s *GetIpamDiscoveredAccountsInput) SetIpamResourceDiscoveryId(v string) *GetIpamDiscoveredAccountsInput { + s.IpamResourceDiscoveryId = &v + return s +} + +// SetMaxResults sets the MaxResults field's value. +func (s *GetIpamDiscoveredAccountsInput) SetMaxResults(v int64) *GetIpamDiscoveredAccountsInput { + s.MaxResults = &v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *GetIpamDiscoveredAccountsInput) SetNextToken(v string) *GetIpamDiscoveredAccountsInput { + s.NextToken = &v + return s +} + +type GetIpamDiscoveredAccountsOutput struct { + _ struct{} `type:"structure"` + + // Discovered accounts. + IpamDiscoveredAccounts []*IpamDiscoveredAccount `locationName:"ipamDiscoveredAccountSet" locationNameList:"item" type:"list"` + + // Specify the pagination token from a previous request to retrieve the next + // page of results. + NextToken *string `locationName:"nextToken" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GetIpamDiscoveredAccountsOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GetIpamDiscoveredAccountsOutput) GoString() string { + return s.String() +} + +// SetIpamDiscoveredAccounts sets the IpamDiscoveredAccounts field's value. +func (s *GetIpamDiscoveredAccountsOutput) SetIpamDiscoveredAccounts(v []*IpamDiscoveredAccount) *GetIpamDiscoveredAccountsOutput { + s.IpamDiscoveredAccounts = v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *GetIpamDiscoveredAccountsOutput) SetNextToken(v string) *GetIpamDiscoveredAccountsOutput { + s.NextToken = &v + return s +} + +type GetIpamDiscoveredPublicAddressesInput struct { + _ struct{} `type:"structure"` + + // The Amazon Web Services Region for the IP address. + // + // AddressRegion is a required field + AddressRegion *string `type:"string" required:"true"` + + // A check for whether you have the required permissions for the action without + // actually making the request and provides an error response. If you have the + // required permissions, the error response is DryRunOperation. Otherwise, it + // is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // Filters. + Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` + + // An IPAM resource discovery ID. + // + // IpamResourceDiscoveryId is a required field + IpamResourceDiscoveryId *string `type:"string" required:"true"` + + // The maximum number of IPAM discovered public addresses to return in one page + // of results. + MaxResults *int64 `min:"5" type:"integer"` + + // The token for the next page of results. + NextToken *string `type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GetIpamDiscoveredPublicAddressesInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GetIpamDiscoveredPublicAddressesInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *GetIpamDiscoveredPublicAddressesInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "GetIpamDiscoveredPublicAddressesInput"} + if s.AddressRegion == nil { + invalidParams.Add(request.NewErrParamRequired("AddressRegion")) + } + if s.IpamResourceDiscoveryId == nil { + invalidParams.Add(request.NewErrParamRequired("IpamResourceDiscoveryId")) + } + if s.MaxResults != nil && *s.MaxResults < 5 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 5)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetAddressRegion sets the AddressRegion field's value. +func (s *GetIpamDiscoveredPublicAddressesInput) SetAddressRegion(v string) *GetIpamDiscoveredPublicAddressesInput { + s.AddressRegion = &v + return s +} + +// SetDryRun sets the DryRun field's value. +func (s *GetIpamDiscoveredPublicAddressesInput) SetDryRun(v bool) *GetIpamDiscoveredPublicAddressesInput { + s.DryRun = &v + return s +} + +// SetFilters sets the Filters field's value. +func (s *GetIpamDiscoveredPublicAddressesInput) SetFilters(v []*Filter) *GetIpamDiscoveredPublicAddressesInput { + s.Filters = v + return s +} + +// SetIpamResourceDiscoveryId sets the IpamResourceDiscoveryId field's value. +func (s *GetIpamDiscoveredPublicAddressesInput) SetIpamResourceDiscoveryId(v string) *GetIpamDiscoveredPublicAddressesInput { + s.IpamResourceDiscoveryId = &v + return s +} + +// SetMaxResults sets the MaxResults field's value. +func (s *GetIpamDiscoveredPublicAddressesInput) SetMaxResults(v int64) *GetIpamDiscoveredPublicAddressesInput { + s.MaxResults = &v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *GetIpamDiscoveredPublicAddressesInput) SetNextToken(v string) *GetIpamDiscoveredPublicAddressesInput { + s.NextToken = &v + return s +} + +type GetIpamDiscoveredPublicAddressesOutput struct { + _ struct{} `type:"structure"` + + // IPAM discovered public addresses. + IpamDiscoveredPublicAddresses []*IpamDiscoveredPublicAddress `locationName:"ipamDiscoveredPublicAddressSet" locationNameList:"item" type:"list"` + + // The token to use to retrieve the next page of results. This value is null + // when there are no more results to return. + NextToken *string `locationName:"nextToken" type:"string"` + + // The oldest successful resource discovery time. + OldestSampleTime *time.Time `locationName:"oldestSampleTime" type:"timestamp"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GetIpamDiscoveredPublicAddressesOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GetIpamDiscoveredPublicAddressesOutput) GoString() string { + return s.String() +} + +// SetIpamDiscoveredPublicAddresses sets the IpamDiscoveredPublicAddresses field's value. +func (s *GetIpamDiscoveredPublicAddressesOutput) SetIpamDiscoveredPublicAddresses(v []*IpamDiscoveredPublicAddress) *GetIpamDiscoveredPublicAddressesOutput { + s.IpamDiscoveredPublicAddresses = v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *GetIpamDiscoveredPublicAddressesOutput) SetNextToken(v string) *GetIpamDiscoveredPublicAddressesOutput { + s.NextToken = &v + return s +} + +// SetOldestSampleTime sets the OldestSampleTime field's value. +func (s *GetIpamDiscoveredPublicAddressesOutput) SetOldestSampleTime(v time.Time) *GetIpamDiscoveredPublicAddressesOutput { + s.OldestSampleTime = &v + return s +} + +type GetIpamDiscoveredResourceCidrsInput struct { + _ struct{} `type:"structure"` + + // A check for whether you have the required permissions for the action without + // actually making the request and provides an error response. If you have the + // required permissions, the error response is DryRunOperation. Otherwise, it + // is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // Filters. + Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` + + // A resource discovery ID. + // + // IpamResourceDiscoveryId is a required field + IpamResourceDiscoveryId *string `type:"string" required:"true"` + + // The maximum number of discovered resource CIDRs to return in one page of + // results. + MaxResults *int64 `min:"5" type:"integer"` + + // Specify the pagination token from a previous request to retrieve the next + // page of results. + NextToken *string `type:"string"` + + // A resource Region. + // + // ResourceRegion is a required field + ResourceRegion *string `type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GetIpamDiscoveredResourceCidrsInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GetIpamDiscoveredResourceCidrsInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *GetIpamDiscoveredResourceCidrsInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "GetIpamDiscoveredResourceCidrsInput"} + if s.IpamResourceDiscoveryId == nil { + invalidParams.Add(request.NewErrParamRequired("IpamResourceDiscoveryId")) + } + if s.MaxResults != nil && *s.MaxResults < 5 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 5)) + } + if s.ResourceRegion == nil { + invalidParams.Add(request.NewErrParamRequired("ResourceRegion")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDryRun sets the DryRun field's value. +func (s *GetIpamDiscoveredResourceCidrsInput) SetDryRun(v bool) *GetIpamDiscoveredResourceCidrsInput { + s.DryRun = &v + return s +} + +// SetFilters sets the Filters field's value. +func (s *GetIpamDiscoveredResourceCidrsInput) SetFilters(v []*Filter) *GetIpamDiscoveredResourceCidrsInput { + s.Filters = v + return s +} + +// SetIpamResourceDiscoveryId sets the IpamResourceDiscoveryId field's value. +func (s *GetIpamDiscoveredResourceCidrsInput) SetIpamResourceDiscoveryId(v string) *GetIpamDiscoveredResourceCidrsInput { + s.IpamResourceDiscoveryId = &v + return s +} + +// SetMaxResults sets the MaxResults field's value. +func (s *GetIpamDiscoveredResourceCidrsInput) SetMaxResults(v int64) *GetIpamDiscoveredResourceCidrsInput { + s.MaxResults = &v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *GetIpamDiscoveredResourceCidrsInput) SetNextToken(v string) *GetIpamDiscoveredResourceCidrsInput { + s.NextToken = &v + return s +} + +// SetResourceRegion sets the ResourceRegion field's value. +func (s *GetIpamDiscoveredResourceCidrsInput) SetResourceRegion(v string) *GetIpamDiscoveredResourceCidrsInput { + s.ResourceRegion = &v + return s +} + +type GetIpamDiscoveredResourceCidrsOutput struct { + _ struct{} `type:"structure"` + + // Discovered resource CIDRs. + IpamDiscoveredResourceCidrs []*IpamDiscoveredResourceCidr `locationName:"ipamDiscoveredResourceCidrSet" locationNameList:"item" type:"list"` + + // Specify the pagination token from a previous request to retrieve the next + // page of results. + NextToken *string `locationName:"nextToken" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GetIpamDiscoveredResourceCidrsOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GetIpamDiscoveredResourceCidrsOutput) GoString() string { + return s.String() +} + +// SetIpamDiscoveredResourceCidrs sets the IpamDiscoveredResourceCidrs field's value. +func (s *GetIpamDiscoveredResourceCidrsOutput) SetIpamDiscoveredResourceCidrs(v []*IpamDiscoveredResourceCidr) *GetIpamDiscoveredResourceCidrsOutput { + s.IpamDiscoveredResourceCidrs = v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *GetIpamDiscoveredResourceCidrsOutput) SetNextToken(v string) *GetIpamDiscoveredResourceCidrsOutput { + s.NextToken = &v + return s +} + type GetIpamPoolAllocationsInput struct { _ struct{} `type:"structure"` @@ -118731,7 +127907,11 @@ type GetPasswordDataOutput struct { // The password of the instance. Returns an empty string if the password is // not available. - PasswordData *string `locationName:"passwordData" type:"string"` + // + // PasswordData is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by GetPasswordDataOutput's + // String and GoString methods. + PasswordData *string `locationName:"passwordData" type:"string" sensitive:"true"` // The time the data was last updated. Timestamp *time.Time `locationName:"timestamp" type:"timestamp"` @@ -118956,6 +128136,149 @@ func (s *GetReservedInstancesExchangeQuoteOutput) SetValidationFailureReason(v s return s } +type GetSecurityGroupsForVpcInput struct { + _ struct{} `type:"structure"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The filters. If using multiple filters, the results include security groups + // which match all filters. + // + // * group-id: The security group ID. + // + // * description: The security group's description. + // + // * group-name: The security group name. + // + // * owner-id: The security group owner ID. + // + // * primary-vpc-id: The VPC ID in which the security group was created. + Filters []*Filter `locationName:"Filter" locationNameList:"Filter" type:"list"` + + // The maximum number of items to return for this request. To get the next page + // of items, make another request with the token returned in the output. For + // more information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination). + MaxResults *int64 `min:"5" type:"integer"` + + // The token returned from a previous paginated request. Pagination continues + // from the end of the items returned by the previous request. + NextToken *string `type:"string"` + + // The VPC ID where the security group can be used. + // + // VpcId is a required field + VpcId *string `type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GetSecurityGroupsForVpcInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GetSecurityGroupsForVpcInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *GetSecurityGroupsForVpcInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "GetSecurityGroupsForVpcInput"} + if s.MaxResults != nil && *s.MaxResults < 5 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 5)) + } + if s.VpcId == nil { + invalidParams.Add(request.NewErrParamRequired("VpcId")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDryRun sets the DryRun field's value. +func (s *GetSecurityGroupsForVpcInput) SetDryRun(v bool) *GetSecurityGroupsForVpcInput { + s.DryRun = &v + return s +} + +// SetFilters sets the Filters field's value. +func (s *GetSecurityGroupsForVpcInput) SetFilters(v []*Filter) *GetSecurityGroupsForVpcInput { + s.Filters = v + return s +} + +// SetMaxResults sets the MaxResults field's value. +func (s *GetSecurityGroupsForVpcInput) SetMaxResults(v int64) *GetSecurityGroupsForVpcInput { + s.MaxResults = &v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *GetSecurityGroupsForVpcInput) SetNextToken(v string) *GetSecurityGroupsForVpcInput { + s.NextToken = &v + return s +} + +// SetVpcId sets the VpcId field's value. +func (s *GetSecurityGroupsForVpcInput) SetVpcId(v string) *GetSecurityGroupsForVpcInput { + s.VpcId = &v + return s +} + +type GetSecurityGroupsForVpcOutput struct { + _ struct{} `type:"structure"` + + // The token to include in another request to get the next page of items. This + // value is null when there are no more items to return. + NextToken *string `locationName:"nextToken" type:"string"` + + // The security group that can be used by interfaces in the VPC. + SecurityGroupForVpcs []*SecurityGroupForVpc `locationName:"securityGroupForVpcSet" locationNameList:"item" type:"list"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GetSecurityGroupsForVpcOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GetSecurityGroupsForVpcOutput) GoString() string { + return s.String() +} + +// SetNextToken sets the NextToken field's value. +func (s *GetSecurityGroupsForVpcOutput) SetNextToken(v string) *GetSecurityGroupsForVpcOutput { + s.NextToken = &v + return s +} + +// SetSecurityGroupForVpcs sets the SecurityGroupForVpcs field's value. +func (s *GetSecurityGroupsForVpcOutput) SetSecurityGroupForVpcs(v []*SecurityGroupForVpc) *GetSecurityGroupsForVpcOutput { + s.SecurityGroupForVpcs = v + return s +} + type GetSerialConsoleAccessStatusInput struct { _ struct{} `type:"structure"` @@ -119023,6 +128346,83 @@ func (s *GetSerialConsoleAccessStatusOutput) SetSerialConsoleAccessEnabled(v boo return s } +type GetSnapshotBlockPublicAccessStateInput struct { + _ struct{} `type:"structure"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GetSnapshotBlockPublicAccessStateInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GetSnapshotBlockPublicAccessStateInput) GoString() string { + return s.String() +} + +// SetDryRun sets the DryRun field's value. +func (s *GetSnapshotBlockPublicAccessStateInput) SetDryRun(v bool) *GetSnapshotBlockPublicAccessStateInput { + s.DryRun = &v + return s +} + +type GetSnapshotBlockPublicAccessStateOutput struct { + _ struct{} `type:"structure"` + + // The current state of block public access for snapshots. Possible values include: + // + // * block-all-sharing - All public sharing of snapshots is blocked. Users + // in the account can't request new public sharing. Additionally, snapshots + // that were already publicly shared are treated as private and are not publicly + // available. + // + // * block-new-sharing - Only new public sharing of snapshots is blocked. + // Users in the account can't request new public sharing. However, snapshots + // that were already publicly shared, remain publicly available. + // + // * unblocked - Public sharing is not blocked. Users can publicly share + // snapshots. + State *string `locationName:"state" type:"string" enum:"SnapshotBlockPublicAccessState"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GetSnapshotBlockPublicAccessStateOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GetSnapshotBlockPublicAccessStateOutput) GoString() string { + return s.String() +} + +// SetState sets the State field's value. +func (s *GetSnapshotBlockPublicAccessStateOutput) SetState(v string) *GetSnapshotBlockPublicAccessStateOutput { + s.State = &v + return s +} + type GetSpotPlacementScoresInput struct { _ struct{} `type:"structure"` @@ -119046,12 +128446,13 @@ type GetSpotPlacementScoresInput struct { // If you specify InstanceTypes, you can't specify InstanceRequirementsWithMetadata. InstanceTypes []*string `locationName:"InstanceType" type:"list"` - // The maximum number of results to return in a single call. Specify a value - // between 1 and 1000. The default value is 1000. To retrieve the remaining - // results, make another call with the returned NextToken value. + // The maximum number of items to return for this request. To get the next page + // of items, make another request with the token returned in the output. For + // more information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination). MaxResults *int64 `min:"10" type:"integer"` - // The token for the next set of results. + // The token returned from a previous paginated request. Pagination continues + // from the end of the items returned by the previous request. NextToken *string `type:"string"` // The Regions used to narrow down the list of Regions to be scored. Enter the @@ -119071,8 +128472,6 @@ type GetSpotPlacementScoresInput struct { TargetCapacity *int64 `min:"1" type:"integer" required:"true"` // The unit for the target capacity. - // - // Default: units (translates to number of instances) TargetCapacityUnitType *string `type:"string" enum:"TargetCapacityUnitType"` } @@ -119175,7 +128574,8 @@ func (s *GetSpotPlacementScoresInput) SetTargetCapacityUnitType(v string) *GetSp type GetSpotPlacementScoresOutput struct { _ struct{} `type:"structure"` - // The token for the next set of results. + // The token to include in another request to get the next page of items. This + // value is null when there are no more items to return. NextToken *string `locationName:"nextToken" type:"string"` // The Spot placement score for the top 10 Regions or Availability Zones, scored @@ -119546,7 +128946,9 @@ type GetTransitGatewayMulticastDomainAssociationsInput struct { NextToken *string `type:"string"` // The ID of the transit gateway multicast domain. - TransitGatewayMulticastDomainId *string `type:"string"` + // + // TransitGatewayMulticastDomainId is a required field + TransitGatewayMulticastDomainId *string `type:"string" required:"true"` } // String returns the string representation. @@ -119573,6 +128975,9 @@ func (s *GetTransitGatewayMulticastDomainAssociationsInput) Validate() error { if s.MaxResults != nil && *s.MaxResults < 5 { invalidParams.Add(request.NewErrParamMinValue("MaxResults", 5)) } + if s.TransitGatewayMulticastDomainId == nil { + invalidParams.Add(request.NewErrParamRequired("TransitGatewayMulticastDomainId")) + } if invalidParams.Len() > 0 { return invalidParams @@ -120330,7 +129735,7 @@ type GetVerifiedAccessEndpointPolicyInput struct { // it is UnauthorizedOperation. DryRun *bool `type:"boolean"` - // The ID of the Amazon Web Services Verified Access endpoint. + // The ID of the Verified Access endpoint. // // VerifiedAccessEndpointId is a required field VerifiedAccessEndpointId *string `type:"string" required:"true"` @@ -120382,7 +129787,7 @@ func (s *GetVerifiedAccessEndpointPolicyInput) SetVerifiedAccessEndpointId(v str type GetVerifiedAccessEndpointPolicyOutput struct { _ struct{} `type:"structure"` - // The Amazon Web Services Verified Access policy document. + // The Verified Access policy document. PolicyDocument *string `locationName:"policyDocument" type:"string"` // The status of the Verified Access policy. @@ -120428,7 +129833,7 @@ type GetVerifiedAccessGroupPolicyInput struct { // it is UnauthorizedOperation. DryRun *bool `type:"boolean"` - // The ID of the Amazon Web Services Verified Access group. + // The ID of the Verified Access group. // // VerifiedAccessGroupId is a required field VerifiedAccessGroupId *string `type:"string" required:"true"` @@ -120480,7 +129885,7 @@ func (s *GetVerifiedAccessGroupPolicyInput) SetVerifiedAccessGroupId(v string) * type GetVerifiedAccessGroupPolicyOutput struct { _ struct{} `type:"structure"` - // The Amazon Web Services Verified Access policy document. + // The Verified Access policy document. PolicyDocument *string `locationName:"policyDocument" type:"string"` // The status of the Verified Access policy. @@ -120754,6 +130159,154 @@ func (s *GetVpnConnectionDeviceTypesOutput) SetVpnConnectionDeviceTypes(v []*Vpn return s } +type GetVpnTunnelReplacementStatusInput struct { + _ struct{} `type:"structure"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The ID of the Site-to-Site VPN connection. + // + // VpnConnectionId is a required field + VpnConnectionId *string `type:"string" required:"true"` + + // The external IP address of the VPN tunnel. + // + // VpnTunnelOutsideIpAddress is a required field + VpnTunnelOutsideIpAddress *string `type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GetVpnTunnelReplacementStatusInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GetVpnTunnelReplacementStatusInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *GetVpnTunnelReplacementStatusInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "GetVpnTunnelReplacementStatusInput"} + if s.VpnConnectionId == nil { + invalidParams.Add(request.NewErrParamRequired("VpnConnectionId")) + } + if s.VpnTunnelOutsideIpAddress == nil { + invalidParams.Add(request.NewErrParamRequired("VpnTunnelOutsideIpAddress")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDryRun sets the DryRun field's value. +func (s *GetVpnTunnelReplacementStatusInput) SetDryRun(v bool) *GetVpnTunnelReplacementStatusInput { + s.DryRun = &v + return s +} + +// SetVpnConnectionId sets the VpnConnectionId field's value. +func (s *GetVpnTunnelReplacementStatusInput) SetVpnConnectionId(v string) *GetVpnTunnelReplacementStatusInput { + s.VpnConnectionId = &v + return s +} + +// SetVpnTunnelOutsideIpAddress sets the VpnTunnelOutsideIpAddress field's value. +func (s *GetVpnTunnelReplacementStatusInput) SetVpnTunnelOutsideIpAddress(v string) *GetVpnTunnelReplacementStatusInput { + s.VpnTunnelOutsideIpAddress = &v + return s +} + +type GetVpnTunnelReplacementStatusOutput struct { + _ struct{} `type:"structure"` + + // The ID of the customer gateway. + CustomerGatewayId *string `locationName:"customerGatewayId" type:"string"` + + // Get details of pending tunnel endpoint maintenance. + MaintenanceDetails *MaintenanceDetails `locationName:"maintenanceDetails" type:"structure"` + + // The ID of the transit gateway associated with the VPN connection. + TransitGatewayId *string `locationName:"transitGatewayId" type:"string"` + + // The ID of the Site-to-Site VPN connection. + VpnConnectionId *string `locationName:"vpnConnectionId" type:"string"` + + // The ID of the virtual private gateway. + VpnGatewayId *string `locationName:"vpnGatewayId" type:"string"` + + // The external IP address of the VPN tunnel. + VpnTunnelOutsideIpAddress *string `locationName:"vpnTunnelOutsideIpAddress" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GetVpnTunnelReplacementStatusOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GetVpnTunnelReplacementStatusOutput) GoString() string { + return s.String() +} + +// SetCustomerGatewayId sets the CustomerGatewayId field's value. +func (s *GetVpnTunnelReplacementStatusOutput) SetCustomerGatewayId(v string) *GetVpnTunnelReplacementStatusOutput { + s.CustomerGatewayId = &v + return s +} + +// SetMaintenanceDetails sets the MaintenanceDetails field's value. +func (s *GetVpnTunnelReplacementStatusOutput) SetMaintenanceDetails(v *MaintenanceDetails) *GetVpnTunnelReplacementStatusOutput { + s.MaintenanceDetails = v + return s +} + +// SetTransitGatewayId sets the TransitGatewayId field's value. +func (s *GetVpnTunnelReplacementStatusOutput) SetTransitGatewayId(v string) *GetVpnTunnelReplacementStatusOutput { + s.TransitGatewayId = &v + return s +} + +// SetVpnConnectionId sets the VpnConnectionId field's value. +func (s *GetVpnTunnelReplacementStatusOutput) SetVpnConnectionId(v string) *GetVpnTunnelReplacementStatusOutput { + s.VpnConnectionId = &v + return s +} + +// SetVpnGatewayId sets the VpnGatewayId field's value. +func (s *GetVpnTunnelReplacementStatusOutput) SetVpnGatewayId(v string) *GetVpnTunnelReplacementStatusOutput { + s.VpnGatewayId = &v + return s +} + +// SetVpnTunnelOutsideIpAddress sets the VpnTunnelOutsideIpAddress field's value. +func (s *GetVpnTunnelReplacementStatusOutput) SetVpnTunnelOutsideIpAddress(v string) *GetVpnTunnelReplacementStatusOutput { + s.VpnTunnelOutsideIpAddress = &v + return s +} + // Describes the GPU accelerators for the instance type. type GpuDeviceInfo struct { _ struct{} `type:"structure"` @@ -120929,14 +130482,14 @@ func (s *GroupIdentifier) SetGroupName(v string) *GroupIdentifier { } // Indicates whether your instance is configured for hibernation. This parameter -// is valid only if the instance meets the hibernation prerequisites (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html#hibernating-prerequisites). +// is valid only if the instance meets the hibernation prerequisites (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/hibernating-prerequisites.html). // For more information, see Hibernate your instance (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html) // in the Amazon EC2 User Guide. type HibernationOptions struct { _ struct{} `type:"structure"` - // If this parameter is set to true, your instance is enabled for hibernation; - // otherwise, it is not enabled for hibernation. + // If true, your instance is enabled for hibernation; otherwise, it is not enabled + // for hibernation. Configured *bool `locationName:"configured" type:"boolean"` } @@ -120965,13 +130518,22 @@ func (s *HibernationOptions) SetConfigured(v bool) *HibernationOptions { } // Indicates whether your instance is configured for hibernation. This parameter -// is valid only if the instance meets the hibernation prerequisites (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html#hibernating-prerequisites). +// is valid only if the instance meets the hibernation prerequisites (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/hibernating-prerequisites.html). // For more information, see Hibernate your instance (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html) // in the Amazon EC2 User Guide. type HibernationOptionsRequest struct { _ struct{} `type:"structure"` - // If you set this parameter to true, your instance is enabled for hibernation. + // Set to true to enable your instance for hibernation. + // + // For Spot Instances, if you set Configured to true, either omit the InstanceInterruptionBehavior + // parameter (for SpotMarketOptions (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_SpotMarketOptions.html)), + // or set it to hibernate. When Configured is true: + // + // * If you omit InstanceInterruptionBehavior, it defaults to hibernate. + // + // * If you set InstanceInterruptionBehavior to a value other than hibernate, + // you'll get an error. // // Default: false Configured *bool `type:"boolean"` @@ -121123,6 +130685,9 @@ type Host struct { // Dedicated Host supports a single instance type only. AllowsMultipleInstanceTypes *string `locationName:"allowsMultipleInstanceTypes" type:"string" enum:"AllowsMultipleInstanceTypes"` + // The ID of the Outpost hardware asset on which the Dedicated Host is allocated. + AssetId *string `locationName:"assetId" type:"string"` + // Whether auto-placement is on or off. AutoPlacement *string `locationName:"autoPlacement" type:"string" enum:"AutoPlacement"` @@ -121142,6 +130707,10 @@ type Host struct { // The ID of the Dedicated Host. HostId *string `locationName:"hostId" type:"string"` + // Indicates whether host maintenance is enabled or disabled for the Dedicated + // Host. + HostMaintenance *string `locationName:"hostMaintenance" type:"string" enum:"HostMaintenance"` + // The hardware specifications of the Dedicated Host. HostProperties *HostProperties `locationName:"hostProperties" type:"structure"` @@ -121207,6 +130776,12 @@ func (s *Host) SetAllowsMultipleInstanceTypes(v string) *Host { return s } +// SetAssetId sets the AssetId field's value. +func (s *Host) SetAssetId(v string) *Host { + s.AssetId = &v + return s +} + // SetAutoPlacement sets the AutoPlacement field's value. func (s *Host) SetAutoPlacement(v string) *Host { s.AutoPlacement = &v @@ -121243,6 +130818,12 @@ func (s *Host) SetHostId(v string) *Host { return s } +// SetHostMaintenance sets the HostMaintenance field's value. +func (s *Host) SetHostMaintenance(v string) *Host { + s.HostMaintenance = &v + return s +} + // SetHostProperties sets the HostProperties field's value. func (s *Host) SetHostProperties(v *HostProperties) *Host { s.HostProperties = v @@ -121997,7 +131578,7 @@ type Image struct { // Specifies whether enhanced networking with ENA is enabled. EnaSupport *bool `locationName:"enaSupport" type:"boolean"` - // The hypervisor type of the image. + // The hypervisor type of the image. Only xen is supported. ovm is not supported. Hypervisor *string `locationName:"hypervisor" type:"string" enum:"HypervisorType"` // The ID of the AMI. @@ -122058,6 +131639,11 @@ type Image struct { // or an instance store volume. RootDeviceType *string `locationName:"rootDeviceType" type:"string" enum:"DeviceType"` + // The ID of the instance that the AMI was created from if the AMI was created + // using CreateImage (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateImage.html). + // This field only appears if the AMI was created using CreateImage. + SourceInstanceId *string `locationName:"sourceInstanceId" type:"string"` + // Specifies whether enhanced networking with the Intel 82599 Virtual Function // interface is enabled. SriovNetSupport *string `locationName:"sriovNetSupport" type:"string"` @@ -122247,6 +131833,12 @@ func (s *Image) SetRootDeviceType(v string) *Image { return s } +// SetSourceInstanceId sets the SourceInstanceId field's value. +func (s *Image) SetSourceInstanceId(v string) *Image { + s.SourceInstanceId = &v + return s +} + // SetSriovNetSupport sets the SriovNetSupport field's value. func (s *Image) SetSriovNetSupport(v string) *Image { s.SriovNetSupport = &v @@ -122309,7 +131901,11 @@ type ImageDiskContainer struct { // The URL to the Amazon S3-based disk image being imported. The URL can either // be a https URL (https://..) or an Amazon S3 URL (s3://..) - Url *string `type:"string"` + // + // Url is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by ImageDiskContainer's + // String and GoString methods. + Url *string `type:"string" sensitive:"true"` // The S3 bucket for the disk image. UserBucket *UserBucket `type:"structure"` @@ -122553,6 +132149,10 @@ type ImportImageInput struct { Architecture *string `type:"string"` // The boot mode of the virtual machine. + // + // The uefi-preferred boot mode isn't supported for importing images. For more + // information, see Boot modes (https://docs.aws.amazon.com/vm-import/latest/userguide/prerequisites.html#vmimport-boot-modes) + // in the VM Import/Export User Guide. BootMode *string `type:"string" enum:"BootModeValues"` // The client-specific data. @@ -122593,9 +132193,7 @@ type ImportImageInput struct { // // * Key ID // - // * Key alias. The alias ARN contains the arn:aws:kms namespace, followed - // by the Region of the key, the Amazon Web Services account ID of the key - // owner, the alias namespace, and then the key alias. For example, arn:aws:kms:us-east-1:012345678910:alias/ExampleAlias. + // * Key alias // // * ARN using key ID. The ID ARN contains the arn:aws:kms namespace, followed // by the Region of the key, the Amazon Web Services account ID of the key @@ -122633,7 +132231,9 @@ type ImportImageInput struct { // in the VM Import/Export User Guide. LicenseType *string `type:"string"` - // The operating system of the virtual machine. + // The operating system of the virtual machine. If you import a VM that is compatible + // with Unified Extensible Firmware Interface (UEFI) using an EBS snapshot, + // you must specify a value for the platform. // // Valid values: Windows | Linux Platform *string `type:"string"` @@ -123756,9 +133356,7 @@ type ImportSnapshotInput struct { // // * Key ID // - // * Key alias. The alias ARN contains the arn:aws:kms namespace, followed - // by the Region of the key, the Amazon Web Services account ID of the key - // owner, the alias namespace, and then the key alias. For example, arn:aws:kms:us-east-1:012345678910:alias/ExampleAlias. + // * Key alias // // * ARN using key ID. The ID ARN contains the arn:aws:kms namespace, followed // by the Region of the key, the Amazon Web Services account ID of the key @@ -124185,6 +133783,10 @@ type InferenceAcceleratorInfo struct { // Describes the Inference accelerators for the instance type. Accelerators []*InferenceDeviceInfo `locationName:"accelerators" type:"list"` + + // The total size of the memory for the inference accelerators for the instance + // type, in MiB. + TotalInferenceMemoryInMiB *int64 `locationName:"totalInferenceMemoryInMiB" type:"integer"` } // String returns the string representation. @@ -124211,6 +133813,12 @@ func (s *InferenceAcceleratorInfo) SetAccelerators(v []*InferenceDeviceInfo) *In return s } +// SetTotalInferenceMemoryInMiB sets the TotalInferenceMemoryInMiB field's value. +func (s *InferenceAcceleratorInfo) SetTotalInferenceMemoryInMiB(v int64) *InferenceAcceleratorInfo { + s.TotalInferenceMemoryInMiB = &v + return s +} + // Describes the Inference accelerators for the instance type. type InferenceDeviceInfo struct { _ struct{} `type:"structure"` @@ -124221,6 +133829,9 @@ type InferenceDeviceInfo struct { // The manufacturer of the Inference accelerator. Manufacturer *string `locationName:"manufacturer" type:"string"` + // Describes the memory available to the inference accelerator. + MemoryInfo *InferenceDeviceMemoryInfo `locationName:"memoryInfo" type:"structure"` + // The name of the Inference accelerator. Name *string `locationName:"name" type:"string"` } @@ -124255,12 +133866,50 @@ func (s *InferenceDeviceInfo) SetManufacturer(v string) *InferenceDeviceInfo { return s } +// SetMemoryInfo sets the MemoryInfo field's value. +func (s *InferenceDeviceInfo) SetMemoryInfo(v *InferenceDeviceMemoryInfo) *InferenceDeviceInfo { + s.MemoryInfo = v + return s +} + // SetName sets the Name field's value. func (s *InferenceDeviceInfo) SetName(v string) *InferenceDeviceInfo { s.Name = &v return s } +// Describes the memory available to the inference accelerator. +type InferenceDeviceMemoryInfo struct { + _ struct{} `type:"structure"` + + // The size of the memory available to the inference accelerator, in MiB. + SizeInMiB *int64 `locationName:"sizeInMiB" type:"integer"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s InferenceDeviceMemoryInfo) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s InferenceDeviceMemoryInfo) GoString() string { + return s.String() +} + +// SetSizeInMiB sets the SizeInMiB field's value. +func (s *InferenceDeviceMemoryInfo) SetSizeInMiB(v int64) *InferenceDeviceMemoryInfo { + s.SizeInMiB = &v + return s +} + // Describes an instance. type Instance struct { _ struct{} `type:"structure"` @@ -124275,7 +133924,14 @@ type Instance struct { // Any block device mapping entries for the instance. BlockDeviceMappings []*InstanceBlockDeviceMapping `locationName:"blockDeviceMapping" locationNameList:"item" type:"list"` - // The boot mode of the instance. For more information, see Boot modes (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ami-boot.html) + // The boot mode that was specified by the AMI. If the value is uefi-preferred, + // the AMI supports both UEFI and Legacy BIOS. The currentInstanceBootMode parameter + // is the boot mode that is used to boot the instance at launch or start. + // + // The operating system contained in the AMI must be configured to support the + // specified boot mode. + // + // For more information, see Boot modes (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ami-boot.html) // in the Amazon EC2 User Guide. BootMode *string `locationName:"bootMode" type:"string" enum:"BootModeValues"` @@ -124291,6 +133947,11 @@ type Instance struct { // The CPU options for the instance. CpuOptions *CpuOptions `locationName:"cpuOptions" type:"structure"` + // The boot mode that is used to boot the instance at launch or start. For more + // information, see Boot modes (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ami-boot.html) + // in the Amazon EC2 User Guide. + CurrentInstanceBootMode *string `locationName:"currentInstanceBootMode" type:"string" enum:"InstanceBootModeValues"` + // Indicates whether the instance is optimized for Amazon EBS I/O. This optimization // provides dedicated throughput to Amazon EBS and an optimized configuration // stack to provide optimal I/O performance. This optimization isn't available @@ -124298,7 +133959,11 @@ type Instance struct { // Optimized instance. EbsOptimized *bool `locationName:"ebsOptimized" type:"boolean"` - // The Elastic GPU associated with the instance. + // Deprecated. + // + // Amazon Elastic Graphics reached end of life on January 8, 2024. For workloads + // that require graphics acceleration, we recommend that you use Amazon EC2 + // G4ad, G4dn, or G5 instances. ElasticGpuAssociations []*ElasticGpuAssociation `locationName:"elasticGpuAssociationSet" locationNameList:"item" type:"list"` // The elastic inference accelerator associated with the instance. @@ -124357,7 +134022,7 @@ type Instance struct { // The monitoring for the instance. Monitoring *Monitoring `locationName:"monitoring" type:"structure"` - // [EC2-VPC] The network interfaces for the instance. + // The network interfaces for the instance. NetworkInterfaces []*InstanceNetworkInterface `locationName:"networkInterfaceSet" locationNameList:"item" type:"list"` // The Amazon Resource Name (ARN) of the Outpost. @@ -124366,7 +134031,8 @@ type Instance struct { // The location where the instance launched, if applicable. Placement *Placement `locationName:"placement" type:"structure"` - // The value is Windows for Windows instances; otherwise blank. + // The platform. This value is windows for Windows instances; otherwise, it + // is empty. Platform *string `locationName:"platform" type:"string" enum:"PlatformValues"` // The platform details value for the instance. For more information, see AMI @@ -124374,14 +134040,14 @@ type Instance struct { // in the Amazon EC2 User Guide. PlatformDetails *string `locationName:"platformDetails" type:"string"` - // (IPv4 only) The private DNS hostname name assigned to the instance. This + // [IPv4 only] The private DNS hostname name assigned to the instance. This // DNS hostname can only be used inside the Amazon EC2 network. This name is // not available until the instance enters the running state. // - // [EC2-VPC] The Amazon-provided DNS server resolves Amazon-provided private - // DNS hostnames if you've enabled DNS resolution and DNS hostnames in your - // VPC. If you are not using the Amazon-provided DNS server in your VPC, your - // custom domain name servers must resolve the hostname as appropriate. + // The Amazon-provided DNS server resolves Amazon-provided private DNS hostnames + // if you've enabled DNS resolution and DNS hostnames in your VPC. If you are + // not using the Amazon-provided DNS server in your VPC, your custom domain + // name servers must resolve the hostname as appropriate. PrivateDnsName *string `locationName:"privateDnsName" type:"string"` // The options for the instance hostname. @@ -124393,9 +134059,9 @@ type Instance struct { // The product codes attached to this instance, if applicable. ProductCodes []*ProductCode `locationName:"productCodes" locationNameList:"item" type:"list"` - // (IPv4 only) The public DNS name assigned to the instance. This name is not - // available until the instance enters the running state. For EC2-VPC, this - // name is only available if you've enabled DNS hostnames for your VPC. + // [IPv4 only] The public DNS name assigned to the instance. This name is not + // available until the instance enters the running state. This name is only + // available if you've enabled DNS hostnames for your VPC. PublicDnsName *string `locationName:"dnsName" type:"string"` // The public IPv4 address, or the Carrier IP address assigned to the instance, @@ -124437,7 +134103,7 @@ type Instance struct { // The reason for the most recent state transition. This might be an empty string. StateTransitionReason *string `locationName:"reason" type:"string"` - // [EC2-VPC] The ID of the subnet in which the instance is running. + // The ID of the subnet in which the instance is running. SubnetId *string `locationName:"subnetId" type:"string"` // Any tags assigned to the instance. @@ -124459,7 +134125,7 @@ type Instance struct { // The virtualization type of the instance. VirtualizationType *string `locationName:"virtualizationType" type:"string" enum:"VirtualizationType"` - // [EC2-VPC] The ID of the VPC in which the instance is running. + // The ID of the VPC in which the instance is running. VpcId *string `locationName:"vpcId" type:"string"` } @@ -124529,6 +134195,12 @@ func (s *Instance) SetCpuOptions(v *CpuOptions) *Instance { return s } +// SetCurrentInstanceBootMode sets the CurrentInstanceBootMode field's value. +func (s *Instance) SetCurrentInstanceBootMode(v string) *Instance { + s.CurrentInstanceBootMode = &v + return s +} + // SetEbsOptimized sets the EbsOptimized field's value. func (s *Instance) SetEbsOptimized(v bool) *Instance { s.EbsOptimized = &v @@ -124817,6 +134489,96 @@ func (s *Instance) SetVpcId(v string) *Instance { return s } +// ENA Express uses Amazon Web Services Scalable Reliable Datagram (SRD) technology +// to increase the maximum bandwidth used per stream and minimize tail latency +// of network traffic between EC2 instances. With ENA Express, you can communicate +// between two EC2 instances in the same subnet within the same account, or +// in different accounts. Both sending and receiving instances must have ENA +// Express enabled. +// +// To improve the reliability of network packet delivery, ENA Express reorders +// network packets on the receiving end by default. However, some UDP-based +// applications are designed to handle network packets that are out of order +// to reduce the overhead for packet delivery at the network layer. When ENA +// Express is enabled, you can specify whether UDP network traffic uses it. +type InstanceAttachmentEnaSrdSpecification struct { + _ struct{} `type:"structure"` + + // Indicates whether ENA Express is enabled for the network interface. + EnaSrdEnabled *bool `locationName:"enaSrdEnabled" type:"boolean"` + + // Configures ENA Express for UDP network traffic. + EnaSrdUdpSpecification *InstanceAttachmentEnaSrdUdpSpecification `locationName:"enaSrdUdpSpecification" type:"structure"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s InstanceAttachmentEnaSrdSpecification) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s InstanceAttachmentEnaSrdSpecification) GoString() string { + return s.String() +} + +// SetEnaSrdEnabled sets the EnaSrdEnabled field's value. +func (s *InstanceAttachmentEnaSrdSpecification) SetEnaSrdEnabled(v bool) *InstanceAttachmentEnaSrdSpecification { + s.EnaSrdEnabled = &v + return s +} + +// SetEnaSrdUdpSpecification sets the EnaSrdUdpSpecification field's value. +func (s *InstanceAttachmentEnaSrdSpecification) SetEnaSrdUdpSpecification(v *InstanceAttachmentEnaSrdUdpSpecification) *InstanceAttachmentEnaSrdSpecification { + s.EnaSrdUdpSpecification = v + return s +} + +// ENA Express is compatible with both TCP and UDP transport protocols. When +// it's enabled, TCP traffic automatically uses it. However, some UDP-based +// applications are designed to handle network packets that are out of order, +// without a need for retransmission, such as live video broadcasting or other +// near-real-time applications. For UDP traffic, you can specify whether to +// use ENA Express, based on your application environment needs. +type InstanceAttachmentEnaSrdUdpSpecification struct { + _ struct{} `type:"structure"` + + // Indicates whether UDP traffic to and from the instance uses ENA Express. + // To specify this setting, you must first enable ENA Express. + EnaSrdUdpEnabled *bool `locationName:"enaSrdUdpEnabled" type:"boolean"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s InstanceAttachmentEnaSrdUdpSpecification) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s InstanceAttachmentEnaSrdUdpSpecification) GoString() string { + return s.String() +} + +// SetEnaSrdUdpEnabled sets the EnaSrdUdpEnabled field's value. +func (s *InstanceAttachmentEnaSrdUdpSpecification) SetEnaSrdUdpEnabled(v bool) *InstanceAttachmentEnaSrdUdpSpecification { + s.EnaSrdUdpEnabled = &v + return s +} + // Describes a block device mapping. type InstanceBlockDeviceMapping struct { _ struct{} `type:"structure"` @@ -125068,7 +134830,9 @@ type InstanceCreditSpecificationRequest struct { CpuCredits *string `type:"string"` // The ID of the instance. - InstanceId *string `type:"string"` + // + // InstanceId is a required field + InstanceId *string `type:"string" required:"true"` } // String returns the string representation. @@ -125089,6 +134853,19 @@ func (s InstanceCreditSpecificationRequest) GoString() string { return s.String() } +// Validate inspects the fields of the type to determine if they are valid. +func (s *InstanceCreditSpecificationRequest) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "InstanceCreditSpecificationRequest"} + if s.InstanceId == nil { + invalidParams.Add(request.NewErrParamRequired("InstanceId")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + // SetCpuCredits sets the CpuCredits field's value. func (s *InstanceCreditSpecificationRequest) SetCpuCredits(v string) *InstanceCreditSpecificationRequest { s.CpuCredits = &v @@ -125625,6 +135402,13 @@ type InstanceIpv6Address struct { // The IPv6 address. Ipv6Address *string `locationName:"ipv6Address" type:"string"` + + // Determines if an IPv6 address associated with a network interface is the + // primary IPv6 address. When you enable an IPv6 GUA address to be a primary + // IPv6, the first IPv6 GUA will be made the primary IPv6 address until the + // instance is terminated or the network interface is detached. For more information, + // see RunInstances (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RunInstances.html). + IsPrimaryIpv6 *bool `locationName:"isPrimaryIpv6" type:"boolean"` } // String returns the string representation. @@ -125651,6 +135435,12 @@ func (s *InstanceIpv6Address) SetIpv6Address(v string) *InstanceIpv6Address { return s } +// SetIsPrimaryIpv6 sets the IsPrimaryIpv6 field's value. +func (s *InstanceIpv6Address) SetIsPrimaryIpv6(v bool) *InstanceIpv6Address { + s.IsPrimaryIpv6 = &v + return s +} + // Describes an IPv6 address. type InstanceIpv6AddressRequest struct { _ struct{} `type:"structure"` @@ -125833,6 +135623,8 @@ type InstanceMetadataOptionsRequest struct { HttpEndpoint *string `type:"string" enum:"InstanceMetadataEndpointState"` // Enables or disables the IPv6 endpoint for the instance metadata service. + // + // Default: disabled HttpProtocolIpv6 *string `type:"string" enum:"InstanceMetadataProtocolState"` // The desired HTTP PUT response hop limit for instance metadata requests. The @@ -125843,20 +135635,21 @@ type InstanceMetadataOptionsRequest struct { // Possible values: Integers from 1 to 64 HttpPutResponseHopLimit *int64 `type:"integer"` - // The state of token usage for your instance metadata requests. + // Indicates whether IMDSv2 is required. // - // If the state is optional, you can choose to retrieve instance metadata with - // or without a session token on your request. If you retrieve the IAM role - // credentials without a token, the version 1.0 role credentials are returned. - // If you retrieve the IAM role credentials using a valid session token, the - // version 2.0 role credentials are returned. + // * optional - IMDSv2 is optional. You can choose whether to send a session + // token in your instance metadata retrieval requests. If you retrieve IAM + // role credentials without a session token, you receive the IMDSv1 role + // credentials. If you retrieve IAM role credentials using a valid session + // token, you receive the IMDSv2 role credentials. // - // If the state is required, you must send a session token with any instance - // metadata retrieval requests. In this state, retrieving the IAM role credentials - // always returns the version 2.0 credentials; the version 1.0 credentials are - // not available. + // * required - IMDSv2 is required. You must send a session token in your + // instance metadata retrieval requests. With this option, retrieving the + // IAM role credentials always returns IMDSv2 credentials; IMDSv1 credentials + // are not available. // - // Default: optional + // Default: If the value of ImdsSupport for the Amazon Machine Image (AMI) for + // your instance is v2.0, the default is required. HttpTokens *string `type:"string" enum:"HttpTokensState"` // Set to enabled to allow access to instance tags from the instance metadata. @@ -125928,6 +135721,8 @@ type InstanceMetadataOptionsResponse struct { // Indicates whether the IPv6 endpoint for the instance metadata service is // enabled or disabled. + // + // Default: disabled HttpProtocolIpv6 *string `locationName:"httpProtocolIpv6" type:"string" enum:"InstanceMetadataProtocolState"` // The desired HTTP PUT response hop limit for instance metadata requests. The @@ -125938,20 +135733,18 @@ type InstanceMetadataOptionsResponse struct { // Possible values: Integers from 1 to 64 HttpPutResponseHopLimit *int64 `locationName:"httpPutResponseHopLimit" type:"integer"` - // The state of token usage for your instance metadata requests. - // - // If the state is optional, you can choose to retrieve instance metadata with - // or without a session token on your request. If you retrieve the IAM role - // credentials without a token, the version 1.0 role credentials are returned. - // If you retrieve the IAM role credentials using a valid session token, the - // version 2.0 role credentials are returned. + // Indicates whether IMDSv2 is required. // - // If the state is required, you must send a session token with any instance - // metadata retrieval requests. In this state, retrieving the IAM role credentials - // always returns the version 2.0 credentials; the version 1.0 credentials are - // not available. + // * optional - IMDSv2 is optional. You can choose whether to send a session + // token in your instance metadata retrieval requests. If you retrieve IAM + // role credentials without a session token, you receive the IMDSv1 role + // credentials. If you retrieve IAM role credentials using a valid session + // token, you receive the IMDSv2 role credentials. // - // Default: optional + // * required - IMDSv2 is required. You must send a session token in your + // instance metadata retrieval requests. With this option, retrieving the + // IAM role credentials always returns IMDSv2 credentials; IMDSv1 credentials + // are not available. HttpTokens *string `locationName:"httpTokens" type:"string" enum:"HttpTokensState"` // Indicates whether access to instance tags from the instance metadata is enabled @@ -126074,6 +135867,12 @@ type InstanceNetworkInterface struct { // The network interface attachment. Attachment *InstanceNetworkInterfaceAttachment `locationName:"attachment" type:"structure"` + // A security group connection tracking configuration that enables you to set + // the timeout for connection tracking on an Elastic network interface. For + // more information, see Connection tracking timeouts (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-connection-tracking.html#connection-tracking-timeouts) + // in the Amazon Elastic Compute Cloud User Guide. + ConnectionTrackingConfiguration *ConnectionTrackingSpecificationResponse `locationName:"connectionTrackingConfiguration" type:"structure"` + // The description. Description *string `locationName:"description" type:"string"` @@ -126155,6 +135954,12 @@ func (s *InstanceNetworkInterface) SetAttachment(v *InstanceNetworkInterfaceAtta return s } +// SetConnectionTrackingConfiguration sets the ConnectionTrackingConfiguration field's value. +func (s *InstanceNetworkInterface) SetConnectionTrackingConfiguration(v *ConnectionTrackingSpecificationResponse) *InstanceNetworkInterface { + s.ConnectionTrackingConfiguration = v + return s +} + // SetDescription sets the Description field's value. func (s *InstanceNetworkInterface) SetDescription(v string) *InstanceNetworkInterface { s.Description = &v @@ -126335,6 +136140,10 @@ type InstanceNetworkInterfaceAttachment struct { // The index of the device on the instance for the network interface attachment. DeviceIndex *int64 `locationName:"deviceIndex" type:"integer"` + // Contains the ENA Express settings for the network interface that's attached + // to the instance. + EnaSrdSpecification *InstanceAttachmentEnaSrdSpecification `locationName:"enaSrdSpecification" type:"structure"` + // The index of the network card. NetworkCardIndex *int64 `locationName:"networkCardIndex" type:"integer"` @@ -126384,6 +136193,12 @@ func (s *InstanceNetworkInterfaceAttachment) SetDeviceIndex(v int64) *InstanceNe return s } +// SetEnaSrdSpecification sets the EnaSrdSpecification field's value. +func (s *InstanceNetworkInterfaceAttachment) SetEnaSrdSpecification(v *InstanceAttachmentEnaSrdSpecification) *InstanceNetworkInterfaceAttachment { + s.EnaSrdSpecification = v + return s +} + // SetNetworkCardIndex sets the NetworkCardIndex field's value. func (s *InstanceNetworkInterfaceAttachment) SetNetworkCardIndex(v int64) *InstanceNetworkInterfaceAttachment { s.NetworkCardIndex = &v @@ -126413,8 +136228,19 @@ type InstanceNetworkInterfaceSpecification struct { // for eth0, and can only be assigned to a new network interface, not an existing // one. You cannot specify more than one network interface in the request. If // launching into a default subnet, the default value is true. + // + // Amazon Web Services charges for all public IPv4 addresses, including public + // IPv4 addresses associated with running instances and Elastic IP addresses. + // For more information, see the Public IPv4 Address tab on the Amazon VPC pricing + // page (http://aws.amazon.com/vpc/pricing/). AssociatePublicIpAddress *bool `locationName:"associatePublicIpAddress" type:"boolean"` + // A security group connection tracking specification that enables you to set + // the timeout for connection tracking on an Elastic network interface. For + // more information, see Connection tracking timeouts (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-connection-tracking.html#connection-tracking-timeouts) + // in the Amazon Elastic Compute Cloud User Guide. + ConnectionTrackingSpecification *ConnectionTrackingSpecificationRequest `type:"structure"` + // If set to true, the interface is deleted when the instance is terminated. // You can specify true only if creating a new network interface when launching // an instance. @@ -126431,6 +136257,10 @@ type InstanceNetworkInterfaceSpecification struct { // the device index. DeviceIndex *int64 `locationName:"deviceIndex" type:"integer"` + // Specifies the ENA Express settings for the network interface that's attached + // to the instance. + EnaSrdSpecification *EnaSrdSpecificationRequest `type:"structure"` + // The IDs of the security groups for the network interface. Applies only if // creating a network interface when launching an instance. Groups []*string `locationName:"SecurityGroupId" locationNameList:"SecurityGroupId" type:"list"` @@ -126485,6 +136315,13 @@ type InstanceNetworkInterfaceSpecification struct { // specify a network interface ID in a launch specification. NetworkInterfaceId *string `locationName:"networkInterfaceId" type:"string"` + // The primary IPv6 address of the network interface. When you enable an IPv6 + // GUA address to be a primary IPv6, the first IPv6 GUA will be made the primary + // IPv6 address until the instance is terminated or the network interface is + // detached. For more information about primary IPv6 addresses, see RunInstances + // (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RunInstances.html). + PrimaryIpv6 *bool `type:"boolean"` + // The private IPv4 address of the network interface. Applies only if creating // a network interface when launching an instance. You cannot specify this option // if you're launching more than one instance in a RunInstances (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RunInstances.html) @@ -126539,6 +136376,12 @@ func (s *InstanceNetworkInterfaceSpecification) SetAssociatePublicIpAddress(v bo return s } +// SetConnectionTrackingSpecification sets the ConnectionTrackingSpecification field's value. +func (s *InstanceNetworkInterfaceSpecification) SetConnectionTrackingSpecification(v *ConnectionTrackingSpecificationRequest) *InstanceNetworkInterfaceSpecification { + s.ConnectionTrackingSpecification = v + return s +} + // SetDeleteOnTermination sets the DeleteOnTermination field's value. func (s *InstanceNetworkInterfaceSpecification) SetDeleteOnTermination(v bool) *InstanceNetworkInterfaceSpecification { s.DeleteOnTermination = &v @@ -126557,6 +136400,12 @@ func (s *InstanceNetworkInterfaceSpecification) SetDeviceIndex(v int64) *Instanc return s } +// SetEnaSrdSpecification sets the EnaSrdSpecification field's value. +func (s *InstanceNetworkInterfaceSpecification) SetEnaSrdSpecification(v *EnaSrdSpecificationRequest) *InstanceNetworkInterfaceSpecification { + s.EnaSrdSpecification = v + return s +} + // SetGroups sets the Groups field's value. func (s *InstanceNetworkInterfaceSpecification) SetGroups(v []*string) *InstanceNetworkInterfaceSpecification { s.Groups = v @@ -126617,6 +136466,12 @@ func (s *InstanceNetworkInterfaceSpecification) SetNetworkInterfaceId(v string) return s } +// SetPrimaryIpv6 sets the PrimaryIpv6 field's value. +func (s *InstanceNetworkInterfaceSpecification) SetPrimaryIpv6(v bool) *InstanceNetworkInterfaceSpecification { + s.PrimaryIpv6 = &v + return s +} + // SetPrivateIpAddress sets the PrivateIpAddress field's value. func (s *InstanceNetworkInterfaceSpecification) SetPrivateIpAddress(v string) *InstanceNetworkInterfaceSpecification { s.PrivateIpAddress = &v @@ -126704,6 +136559,9 @@ func (s *InstancePrivateIpAddress) SetPrivateIpAddress(v string) *InstancePrivat // The attributes for the instance types. When you specify instance attributes, // Amazon EC2 will identify instance types with these attributes. // +// You must specify VCpuCount and MemoryMiB. All other attributes are optional. +// Any unspecified optional attribute is set to its default. +// // When you specify multiple attributes, you get instance types that satisfy // all of the specified attributes. If you specify multiple values for an attribute, // you get instance types that satisfy any of the specified values. @@ -126718,11 +136576,18 @@ func (s *InstancePrivateIpAddress) SetPrivateIpAddress(v string) *InstancePrivat // - ExcludedInstanceTypes - The instance types to exclude from the list, // even if they match your specified attributes. // -// You must specify VCpuCount and MemoryMiB. All other attributes are optional. -// Any unspecified optional attribute is set to its default. +// If you specify InstanceRequirements, you can't specify InstanceType. // -// For more information, see Attribute-based instance type selection for EC2 -// Fleet (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-fleet-attribute-based-instance-type-selection.html), +// Attribute-based instance type selection is only supported when using Auto +// Scaling groups, EC2 Fleet, and Spot Fleet to launch instances. If you plan +// to use the launch template in the launch instance wizard (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-launch-instance-wizard.html) +// or with the RunInstances API (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RunInstances.html), +// you can't specify InstanceRequirements. +// +// For more information, see Create a mixed instances group using attribute-based +// instance type selection (https://docs.aws.amazon.com/autoscaling/ec2/userguide/create-mixed-instances-group-attribute-based-instance-type-selection.html) +// in the Amazon EC2 Auto Scaling User Guide, and also Attribute-based instance +// type selection for EC2 Fleet (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-fleet-attribute-based-instance-type-selection.html), // Attribute-based instance type selection for Spot Fleet (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-fleet-attribute-based-instance-type-selection.html), // and Spot placement score (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-placement-score.html) // in the Amazon EC2 User Guide. @@ -126739,11 +136604,13 @@ type InstanceRequirements struct { // Indicates whether instance types must have accelerators by specific manufacturers. // - // * For instance types with NVIDIA devices, specify nvidia. + // * For instance types with Amazon Web Services devices, specify amazon-web-services. // // * For instance types with AMD devices, specify amd. // - // * For instance types with Amazon Web Services devices, specify amazon-web-services. + // * For instance types with Habana devices, specify habana. + // + // * For instance types with NVIDIA devices, specify nvidia. // // * For instance types with Xilinx devices, specify xilinx. // @@ -126752,24 +136619,30 @@ type InstanceRequirements struct { // The accelerators that must be on the instance type. // + // * For instance types with NVIDIA A10G GPUs, specify a10g. + // // * For instance types with NVIDIA A100 GPUs, specify a100. // - // * For instance types with NVIDIA V100 GPUs, specify v100. + // * For instance types with NVIDIA H100 GPUs, specify h100. // - // * For instance types with NVIDIA K80 GPUs, specify k80. + // * For instance types with Amazon Web Services Inferentia chips, specify + // inferentia. // - // * For instance types with NVIDIA T4 GPUs, specify t4. + // * For instance types with NVIDIA GRID K520 GPUs, specify k520. + // + // * For instance types with NVIDIA K80 GPUs, specify k80. // // * For instance types with NVIDIA M60 GPUs, specify m60. // // * For instance types with AMD Radeon Pro V520 GPUs, specify radeon-pro-v520. // - // * For instance types with Xilinx VU9P FPGAs, specify vu9p. + // * For instance types with NVIDIA T4 GPUs, specify t4. // - // * For instance types with Amazon Web Services Inferentia chips, specify - // inferentia. + // * For instance types with NVIDIA T4G GPUs, specify t4g. // - // * For instance types with NVIDIA GRID K520 GPUs, specify k520. + // * For instance types with Xilinx VU9P FPGAs, specify vu9p. + // + // * For instance types with NVIDIA V100 GPUs, specify v100. // // Default: Any accelerator AcceleratorNames []*string `locationName:"acceleratorNameSet" locationNameList:"item" type:"list" enum:"AcceleratorName"` @@ -126905,6 +136778,30 @@ type InstanceRequirements struct { // Default: hdd and ssd LocalStorageTypes []*string `locationName:"localStorageTypeSet" locationNameList:"item" type:"list" enum:"LocalStorageType"` + // [Price protection] The price protection threshold for Spot Instances, as + // a percentage of an identified On-Demand price. The identified On-Demand price + // is the price of the lowest priced current generation C, M, or R instance + // type with your specified attributes. If no current generation C, M, or R + // instance type matches your attributes, then the identified price is from + // the lowest priced current generation instance types, and failing that, from + // the lowest priced previous generation instance types that match your attributes. + // When Amazon EC2 selects instance types with your attributes, it will exclude + // instance types whose price exceeds your specified threshold. + // + // The parameter accepts an integer, which Amazon EC2 interprets as a percentage. + // + // If you set DesiredCapacityType to vcpu or memory-mib, the price protection + // threshold is based on the per vCPU or per memory price instead of the per + // instance price. + // + // Only one of SpotMaxPricePercentageOverLowestPrice or MaxSpotPriceAsPercentageOfOptimalOnDemandPrice + // can be specified. If you don't specify either, Amazon EC2 will automatically + // apply optimal price protection to consistently select from a wide range of + // instance types. To indicate no price protection threshold for Spot Instances, + // meaning you want to consider all instance types that match your attributes, + // include one of these parameters and specify a high value, such as 999999. + MaxSpotPriceAsPercentageOfOptimalOnDemandPrice *int64 `locationName:"maxSpotPriceAsPercentageOfOptimalOnDemandPrice" type:"integer"` + // The minimum and maximum amount of memory per vCPU, in GiB. // // Default: No minimum or maximum limits @@ -126924,11 +136821,12 @@ type InstanceRequirements struct { // Default: No minimum or maximum limits NetworkInterfaceCount *NetworkInterfaceCount `locationName:"networkInterfaceCount" type:"structure"` - // The price protection threshold for On-Demand Instances. This is the maximum - // you’ll pay for an On-Demand Instance, expressed as a percentage above the - // least expensive current generation M, C, or R instance type with your specified - // attributes. When Amazon EC2 selects instance types with your attributes, - // it excludes instance types priced above your threshold. + // [Price protection] The price protection threshold for On-Demand Instances, + // as a percentage higher than an identified On-Demand price. The identified + // On-Demand price is the price of the lowest priced current generation C, M, + // or R instance type with your specified attributes. When Amazon EC2 selects + // instance types with your attributes, it will exclude instance types whose + // price exceeds your specified threshold. // // The parameter accepts an integer, which Amazon EC2 interprets as a percentage. // @@ -126951,22 +136849,31 @@ type InstanceRequirements struct { // Default: false RequireHibernateSupport *bool `locationName:"requireHibernateSupport" type:"boolean"` - // The price protection threshold for Spot Instances. This is the maximum you’ll - // pay for a Spot Instance, expressed as a percentage above the least expensive - // current generation M, C, or R instance type with your specified attributes. - // When Amazon EC2 selects instance types with your attributes, it excludes - // instance types priced above your threshold. + // [Price protection] The price protection threshold for Spot Instances, as + // a percentage higher than an identified Spot price. The identified Spot price + // is the Spot price of the lowest priced current generation C, M, or R instance + // type with your specified attributes. If no current generation C, M, or R + // instance type matches your attributes, then the identified Spot price is + // from the lowest priced current generation instance types, and failing that, + // from the lowest priced previous generation instance types that match your + // attributes. When Amazon EC2 selects instance types with your attributes, + // it will exclude instance types whose Spot price exceeds your specified threshold. // // The parameter accepts an integer, which Amazon EC2 interprets as a percentage. // - // To turn off price protection, specify a high value, such as 999999. + // If you set TargetCapacityUnitType to vcpu or memory-mib, the price protection + // threshold is applied based on the per-vCPU or per-memory price instead of + // the per-instance price. // // This parameter is not supported for GetSpotPlacementScores (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetSpotPlacementScores.html) // and GetInstanceTypesFromInstanceRequirements (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetInstanceTypesFromInstanceRequirements.html). // - // If you set TargetCapacityUnitType to vcpu or memory-mib, the price protection - // threshold is applied based on the per-vCPU or per-memory price instead of - // the per-instance price. + // Only one of SpotMaxPricePercentageOverLowestPrice or MaxSpotPriceAsPercentageOfOptimalOnDemandPrice + // can be specified. If you don't specify either, Amazon EC2 will automatically + // apply optimal price protection to consistently select from a wide range of + // instance types. To indicate no price protection threshold for Spot Instances, + // meaning you want to consider all instance types that match your attributes, + // include one of these parameters and specify a high value, such as 999999. // // Default: 100 SpotMaxPricePercentageOverLowestPrice *int64 `locationName:"spotMaxPricePercentageOverLowestPrice" type:"integer"` @@ -127082,6 +136989,12 @@ func (s *InstanceRequirements) SetLocalStorageTypes(v []*string) *InstanceRequir return s } +// SetMaxSpotPriceAsPercentageOfOptimalOnDemandPrice sets the MaxSpotPriceAsPercentageOfOptimalOnDemandPrice field's value. +func (s *InstanceRequirements) SetMaxSpotPriceAsPercentageOfOptimalOnDemandPrice(v int64) *InstanceRequirements { + s.MaxSpotPriceAsPercentageOfOptimalOnDemandPrice = &v + return s +} + // SetMemoryGiBPerVCpu sets the MemoryGiBPerVCpu field's value. func (s *InstanceRequirements) SetMemoryGiBPerVCpu(v *MemoryGiBPerVCpu) *InstanceRequirements { s.MemoryGiBPerVCpu = v @@ -127139,6 +137052,9 @@ func (s *InstanceRequirements) SetVCpuCount(v *VCpuCountRange) *InstanceRequirem // The attributes for the instance types. When you specify instance attributes, // Amazon EC2 will identify instance types with these attributes. // +// You must specify VCpuCount and MemoryMiB. All other attributes are optional. +// Any unspecified optional attribute is set to its default. +// // When you specify multiple attributes, you get instance types that satisfy // all of the specified attributes. If you specify multiple values for an attribute, // you get instance types that satisfy any of the specified values. @@ -127153,8 +137069,14 @@ func (s *InstanceRequirements) SetVCpuCount(v *VCpuCountRange) *InstanceRequirem // - ExcludedInstanceTypes - The instance types to exclude from the list, // even if they match your specified attributes. // -// You must specify VCpuCount and MemoryMiB. All other attributes are optional. -// Any unspecified optional attribute is set to its default. +// If you specify InstanceRequirements, you can't specify InstanceType. +// +// Attribute-based instance type selection is only supported when using Auto +// Scaling groups, EC2 Fleet, and Spot Fleet to launch instances. If you plan +// to use the launch template in the launch instance wizard (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-launch-instance-wizard.html), +// or with the RunInstances (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RunInstances.html) +// API or AWS::EC2::Instance (https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-instance.html) +// Amazon Web Services CloudFormation resource, you can't specify InstanceRequirements. // // For more information, see Attribute-based instance type selection for EC2 // Fleet (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-fleet-attribute-based-instance-type-selection.html), @@ -127174,11 +137096,13 @@ type InstanceRequirementsRequest struct { // Indicates whether instance types must have accelerators by specific manufacturers. // - // * For instance types with NVIDIA devices, specify nvidia. + // * For instance types with Amazon Web Services devices, specify amazon-web-services. // // * For instance types with AMD devices, specify amd. // - // * For instance types with Amazon Web Services devices, specify amazon-web-services. + // * For instance types with Habana devices, specify habana. + // + // * For instance types with NVIDIA devices, specify nvidia. // // * For instance types with Xilinx devices, specify xilinx. // @@ -127187,24 +137111,30 @@ type InstanceRequirementsRequest struct { // The accelerators that must be on the instance type. // + // * For instance types with NVIDIA A10G GPUs, specify a10g. + // // * For instance types with NVIDIA A100 GPUs, specify a100. // - // * For instance types with NVIDIA V100 GPUs, specify v100. + // * For instance types with NVIDIA H100 GPUs, specify h100. // - // * For instance types with NVIDIA K80 GPUs, specify k80. + // * For instance types with Amazon Web Services Inferentia chips, specify + // inferentia. // - // * For instance types with NVIDIA T4 GPUs, specify t4. + // * For instance types with NVIDIA GRID K520 GPUs, specify k520. + // + // * For instance types with NVIDIA K80 GPUs, specify k80. // // * For instance types with NVIDIA M60 GPUs, specify m60. // // * For instance types with AMD Radeon Pro V520 GPUs, specify radeon-pro-v520. // - // * For instance types with Xilinx VU9P FPGAs, specify vu9p. + // * For instance types with NVIDIA T4 GPUs, specify t4. // - // * For instance types with Amazon Web Services Inferentia chips, specify - // inferentia. + // * For instance types with NVIDIA T4G GPUs, specify t4g. // - // * For instance types with NVIDIA GRID K520 GPUs, specify k520. + // * For instance types with Xilinx VU9P FPGAs, specify vu9p. + // + // * For instance types with NVIDIA V100 GPUs, specify v100. // // Default: Any accelerator AcceleratorNames []*string `locationName:"AcceleratorName" locationNameList:"item" type:"list" enum:"AcceleratorName"` @@ -127340,6 +137270,30 @@ type InstanceRequirementsRequest struct { // Default: hdd and ssd LocalStorageTypes []*string `locationName:"LocalStorageType" locationNameList:"item" type:"list" enum:"LocalStorageType"` + // [Price protection] The price protection threshold for Spot Instances, as + // a percentage of an identified On-Demand price. The identified On-Demand price + // is the price of the lowest priced current generation C, M, or R instance + // type with your specified attributes. If no current generation C, M, or R + // instance type matches your attributes, then the identified price is from + // the lowest priced current generation instance types, and failing that, from + // the lowest priced previous generation instance types that match your attributes. + // When Amazon EC2 selects instance types with your attributes, it will exclude + // instance types whose price exceeds your specified threshold. + // + // The parameter accepts an integer, which Amazon EC2 interprets as a percentage. + // + // If you set DesiredCapacityType to vcpu or memory-mib, the price protection + // threshold is based on the per vCPU or per memory price instead of the per + // instance price. + // + // Only one of SpotMaxPricePercentageOverLowestPrice or MaxSpotPriceAsPercentageOfOptimalOnDemandPrice + // can be specified. If you don't specify either, Amazon EC2 will automatically + // apply optimal price protection to consistently select from a wide range of + // instance types. To indicate no price protection threshold for Spot Instances, + // meaning you want to consider all instance types that match your attributes, + // include one of these parameters and specify a high value, such as 999999. + MaxSpotPriceAsPercentageOfOptimalOnDemandPrice *int64 `type:"integer"` + // The minimum and maximum amount of memory per vCPU, in GiB. // // Default: No minimum or maximum limits @@ -127350,8 +137304,10 @@ type InstanceRequirementsRequest struct { // MemoryMiB is a required field MemoryMiB *MemoryMiBRequest `type:"structure" required:"true"` - // The minimum and maximum amount of network bandwidth, in gigabits per second - // (Gbps). + // The minimum and maximum amount of baseline network bandwidth, in gigabits + // per second (Gbps). For more information, see Amazon EC2 instance network + // bandwidth (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-network-bandwidth.html) + // in the Amazon EC2 User Guide. // // Default: No minimum or maximum limits NetworkBandwidthGbps *NetworkBandwidthGbpsRequest `type:"structure"` @@ -127361,15 +137317,17 @@ type InstanceRequirementsRequest struct { // Default: No minimum or maximum limits NetworkInterfaceCount *NetworkInterfaceCountRequest `type:"structure"` - // The price protection threshold for On-Demand Instances. This is the maximum - // you’ll pay for an On-Demand Instance, expressed as a percentage above the - // least expensive current generation M, C, or R instance type with your specified - // attributes. When Amazon EC2 selects instance types with your attributes, - // it excludes instance types priced above your threshold. + // [Price protection] The price protection threshold for On-Demand Instances, + // as a percentage higher than an identified On-Demand price. The identified + // On-Demand price is the price of the lowest priced current generation C, M, + // or R instance type with your specified attributes. When Amazon EC2 selects + // instance types with your attributes, it will exclude instance types whose + // price exceeds your specified threshold. // // The parameter accepts an integer, which Amazon EC2 interprets as a percentage. // - // To turn off price protection, specify a high value, such as 999999. + // To indicate no price protection threshold, specify a high value, such as + // 999999. // // This parameter is not supported for GetSpotPlacementScores (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetSpotPlacementScores.html) // and GetInstanceTypesFromInstanceRequirements (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetInstanceTypesFromInstanceRequirements.html). @@ -127388,22 +137346,31 @@ type InstanceRequirementsRequest struct { // Default: false RequireHibernateSupport *bool `type:"boolean"` - // The price protection threshold for Spot Instance. This is the maximum you’ll - // pay for an Spot Instance, expressed as a percentage above the least expensive - // current generation M, C, or R instance type with your specified attributes. - // When Amazon EC2 selects instance types with your attributes, it excludes - // instance types priced above your threshold. + // [Price protection] The price protection threshold for Spot Instances, as + // a percentage higher than an identified Spot price. The identified Spot price + // is the Spot price of the lowest priced current generation C, M, or R instance + // type with your specified attributes. If no current generation C, M, or R + // instance type matches your attributes, then the identified Spot price is + // from the lowest priced current generation instance types, and failing that, + // from the lowest priced previous generation instance types that match your + // attributes. When Amazon EC2 selects instance types with your attributes, + // it will exclude instance types whose Spot price exceeds your specified threshold. // // The parameter accepts an integer, which Amazon EC2 interprets as a percentage. // - // To turn off price protection, specify a high value, such as 999999. + // If you set TargetCapacityUnitType to vcpu or memory-mib, the price protection + // threshold is applied based on the per-vCPU or per-memory price instead of + // the per-instance price. // // This parameter is not supported for GetSpotPlacementScores (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetSpotPlacementScores.html) // and GetInstanceTypesFromInstanceRequirements (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetInstanceTypesFromInstanceRequirements.html). // - // If you set TargetCapacityUnitType to vcpu or memory-mib, the price protection - // threshold is applied based on the per-vCPU or per-memory price instead of - // the per-instance price. + // Only one of SpotMaxPricePercentageOverLowestPrice or MaxSpotPriceAsPercentageOfOptimalOnDemandPrice + // can be specified. If you don't specify either, Amazon EC2 will automatically + // apply optimal price protection to consistently select from a wide range of + // instance types. To indicate no price protection threshold for Spot Instances, + // meaning you want to consider all instance types that match your attributes, + // include one of these parameters and specify a high value, such as 999999. // // Default: 100 SpotMaxPricePercentageOverLowestPrice *int64 `type:"integer"` @@ -127547,6 +137514,12 @@ func (s *InstanceRequirementsRequest) SetLocalStorageTypes(v []*string) *Instanc return s } +// SetMaxSpotPriceAsPercentageOfOptimalOnDemandPrice sets the MaxSpotPriceAsPercentageOfOptimalOnDemandPrice field's value. +func (s *InstanceRequirementsRequest) SetMaxSpotPriceAsPercentageOfOptimalOnDemandPrice(v int64) *InstanceRequirementsRequest { + s.MaxSpotPriceAsPercentageOfOptimalOnDemandPrice = &v + return s +} + // SetMemoryGiBPerVCpu sets the MemoryGiBPerVCpu field's value. func (s *InstanceRequirementsRequest) SetMemoryGiBPerVCpu(v *MemoryGiBPerVCpuRequest) *InstanceRequirementsRequest { s.MemoryGiBPerVCpu = v @@ -127687,7 +137660,9 @@ type InstanceSpecification struct { ExcludeDataVolumeIds []*string `locationName:"ExcludeDataVolumeId" locationNameList:"VolumeId" type:"list"` // The instance to specify which volumes should be snapshotted. - InstanceId *string `type:"string"` + // + // InstanceId is a required field + InstanceId *string `type:"string" required:"true"` } // String returns the string representation. @@ -127708,6 +137683,19 @@ func (s InstanceSpecification) GoString() string { return s.String() } +// Validate inspects the fields of the type to determine if they are valid. +func (s *InstanceSpecification) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "InstanceSpecification"} + if s.InstanceId == nil { + invalidParams.Add(request.NewErrParamRequired("InstanceId")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + // SetExcludeBootVolume sets the ExcludeBootVolume field's value. func (s *InstanceSpecification) SetExcludeBootVolume(v bool) *InstanceSpecification { s.ExcludeBootVolume = &v @@ -128208,17 +138196,97 @@ func (s *InstanceTagNotificationAttribute) SetInstanceTagKeys(v []*string) *Inst return s } +// Information about the instance topology. +type InstanceTopology struct { + _ struct{} `type:"structure"` + + // The name of the Availability Zone or Local Zone that the instance is in. + AvailabilityZone *string `locationName:"availabilityZone" type:"string"` + + // The name of the placement group that the instance is in. + GroupName *string `locationName:"groupName" type:"string"` + + // The instance ID. + InstanceId *string `locationName:"instanceId" type:"string"` + + // The instance type. + InstanceType *string `locationName:"instanceType" type:"string"` + + // The network nodes. The nodes are hashed based on your account. Instances + // from different accounts running under the same server will return a different + // hashed list of strings. + NetworkNodes []*string `locationName:"networkNodeSet" locationNameList:"item" type:"list"` + + // The ID of the Availability Zone or Local Zone that the instance is in. + ZoneId *string `locationName:"zoneId" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s InstanceTopology) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s InstanceTopology) GoString() string { + return s.String() +} + +// SetAvailabilityZone sets the AvailabilityZone field's value. +func (s *InstanceTopology) SetAvailabilityZone(v string) *InstanceTopology { + s.AvailabilityZone = &v + return s +} + +// SetGroupName sets the GroupName field's value. +func (s *InstanceTopology) SetGroupName(v string) *InstanceTopology { + s.GroupName = &v + return s +} + +// SetInstanceId sets the InstanceId field's value. +func (s *InstanceTopology) SetInstanceId(v string) *InstanceTopology { + s.InstanceId = &v + return s +} + +// SetInstanceType sets the InstanceType field's value. +func (s *InstanceTopology) SetInstanceType(v string) *InstanceTopology { + s.InstanceType = &v + return s +} + +// SetNetworkNodes sets the NetworkNodes field's value. +func (s *InstanceTopology) SetNetworkNodes(v []*string) *InstanceTopology { + s.NetworkNodes = v + return s +} + +// SetZoneId sets the ZoneId field's value. +func (s *InstanceTopology) SetZoneId(v string) *InstanceTopology { + s.ZoneId = &v + return s +} + // Describes the instance type. type InstanceTypeInfo struct { _ struct{} `type:"structure"` - // Indicates whether auto recovery is supported. + // Indicates whether Amazon CloudWatch action based recovery is supported. AutoRecoverySupported *bool `locationName:"autoRecoverySupported" type:"boolean"` // Indicates whether the instance is a bare metal instance type. BareMetal *bool `locationName:"bareMetal" type:"boolean"` - // Indicates whether the instance type is a burstable performance instance type. + // Indicates whether the instance type is a burstable performance T instance + // type. For more information, see Burstable performance instances (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances.html). BurstablePerformanceSupported *bool `locationName:"burstablePerformanceSupported" type:"boolean"` // Indicates whether the instance type is current generation. @@ -128258,12 +138326,27 @@ type InstanceTypeInfo struct { // in the Amazon EC2 User Guide. InstanceType *string `locationName:"instanceType" type:"string" enum:"InstanceType"` + // Describes the media accelerator settings for the instance type. + MediaAcceleratorInfo *MediaAcceleratorInfo `locationName:"mediaAcceleratorInfo" type:"structure"` + // Describes the memory for the instance type. MemoryInfo *MemoryInfo `locationName:"memoryInfo" type:"structure"` // Describes the network settings for the instance type. NetworkInfo *NetworkInfo `locationName:"networkInfo" type:"structure"` + // Describes the Neuron accelerator settings for the instance type. + NeuronInfo *NeuronInfo `locationName:"neuronInfo" type:"structure"` + + // Indicates whether Nitro Enclaves is supported. + NitroEnclavesSupport *string `locationName:"nitroEnclavesSupport" type:"string" enum:"NitroEnclavesSupport"` + + // Describes the supported NitroTPM versions for the instance type. + NitroTpmInfo *NitroTpmInfo `locationName:"nitroTpmInfo" type:"structure"` + + // Indicates whether NitroTPM is supported. + NitroTpmSupport *string `locationName:"nitroTpmSupport" type:"string" enum:"NitroTpmSupport"` + // Describes the placement group settings for the instance type. PlacementGroupInfo *PlacementGroupInfo `locationName:"placementGroupInfo" type:"structure"` @@ -128395,6 +138478,12 @@ func (s *InstanceTypeInfo) SetInstanceType(v string) *InstanceTypeInfo { return s } +// SetMediaAcceleratorInfo sets the MediaAcceleratorInfo field's value. +func (s *InstanceTypeInfo) SetMediaAcceleratorInfo(v *MediaAcceleratorInfo) *InstanceTypeInfo { + s.MediaAcceleratorInfo = v + return s +} + // SetMemoryInfo sets the MemoryInfo field's value. func (s *InstanceTypeInfo) SetMemoryInfo(v *MemoryInfo) *InstanceTypeInfo { s.MemoryInfo = v @@ -128407,6 +138496,30 @@ func (s *InstanceTypeInfo) SetNetworkInfo(v *NetworkInfo) *InstanceTypeInfo { return s } +// SetNeuronInfo sets the NeuronInfo field's value. +func (s *InstanceTypeInfo) SetNeuronInfo(v *NeuronInfo) *InstanceTypeInfo { + s.NeuronInfo = v + return s +} + +// SetNitroEnclavesSupport sets the NitroEnclavesSupport field's value. +func (s *InstanceTypeInfo) SetNitroEnclavesSupport(v string) *InstanceTypeInfo { + s.NitroEnclavesSupport = &v + return s +} + +// SetNitroTpmInfo sets the NitroTpmInfo field's value. +func (s *InstanceTypeInfo) SetNitroTpmInfo(v *NitroTpmInfo) *InstanceTypeInfo { + s.NitroTpmInfo = v + return s +} + +// SetNitroTpmSupport sets the NitroTpmSupport field's value. +func (s *InstanceTypeInfo) SetNitroTpmSupport(v string) *InstanceTypeInfo { + s.NitroTpmSupport = &v + return s +} + // SetPlacementGroupInfo sets the PlacementGroupInfo field's value. func (s *InstanceTypeInfo) SetPlacementGroupInfo(v *PlacementGroupInfo) *InstanceTypeInfo { s.PlacementGroupInfo = v @@ -128734,38 +138847,37 @@ func (s *InternetGatewayAttachment) SetVpcId(v string) *InternetGatewayAttachmen return s } -// Describes a set of permissions for a security group rule. +// Describes the permissions for a security group rule. type IpPermission struct { _ struct{} `type:"structure"` - // The start of port range for the TCP and UDP protocols, or an ICMP/ICMPv6 - // type number. A value of -1 indicates all ICMP/ICMPv6 types. If you specify - // all ICMP/ICMPv6 types, you must specify all codes. + // If the protocol is TCP or UDP, this is the start of the port range. If the + // protocol is ICMP or ICMPv6, this is the ICMP type or -1 (all ICMP types). FromPort *int64 `locationName:"fromPort" type:"integer"` // The IP protocol name (tcp, udp, icmp, icmpv6) or number (see Protocol Numbers // (http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml)). // - // [VPC only] Use -1 to specify all protocols. When authorizing security group - // rules, specifying -1 or a protocol number other than tcp, udp, icmp, or icmpv6 - // allows traffic on all ports, regardless of any port range you specify. For - // tcp, udp, and icmp, you must specify a port range. For icmpv6, the port range - // is optional; if you omit the port range, traffic for all types and codes - // is allowed. + // Use -1 to specify all protocols. When authorizing security group rules, specifying + // -1 or a protocol number other than tcp, udp, icmp, or icmpv6 allows traffic + // on all ports, regardless of any port range you specify. For tcp, udp, and + // icmp, you must specify a port range. For icmpv6, the port range is optional; + // if you omit the port range, traffic for all types and codes is allowed. IpProtocol *string `locationName:"ipProtocol" type:"string"` - // The IPv4 ranges. + // The IPv4 address ranges. IpRanges []*IpRange `locationName:"ipRanges" locationNameList:"item" type:"list"` - // [VPC only] The IPv6 ranges. + // The IPv6 address ranges. Ipv6Ranges []*Ipv6Range `locationName:"ipv6Ranges" locationNameList:"item" type:"list"` - // [VPC only] The prefix list IDs. + // The prefix list IDs. PrefixListIds []*PrefixListId `locationName:"prefixListIds" locationNameList:"item" type:"list"` - // The end of port range for the TCP and UDP protocols, or an ICMP/ICMPv6 code. - // A value of -1 indicates all ICMP/ICMPv6 codes. If you specify all ICMP/ICMPv6 - // types, you must specify all codes. + // If the protocol is TCP or UDP, this is the end of the port range. If the + // protocol is ICMP or ICMPv6, this is the ICMP code or -1 (all ICMP codes). + // If the start port is -1 (all ICMP types), then the end port must be -1 (all + // ICMP codes). ToPort *int64 `locationName:"toPort" type:"integer"` // The security group and Amazon Web Services account ID pairs. @@ -128832,11 +138944,11 @@ func (s *IpPermission) SetUserIdGroupPairs(v []*UserIdGroupPair) *IpPermission { return s } -// Describes an IPv4 range. +// Describes an IPv4 address range. type IpRange struct { _ struct{} `type:"structure"` - // The IPv4 CIDR range. You can either specify a CIDR range or a source security + // The IPv4 address range. You can either specify a CIDR block or a source security // group, not both. To specify a single IPv4 address, use the /32 prefix length. CidrIp *string `locationName:"cidrIp" type:"string"` @@ -128887,10 +138999,16 @@ func (s *IpRange) SetDescription(v string) *IpRange { type Ipam struct { _ struct{} `type:"structure"` + // The IPAM's default resource discovery association ID. + DefaultResourceDiscoveryAssociationId *string `locationName:"defaultResourceDiscoveryAssociationId" type:"string"` + + // The IPAM's default resource discovery ID. + DefaultResourceDiscoveryId *string `locationName:"defaultResourceDiscoveryId" type:"string"` + // The description for the IPAM. Description *string `locationName:"description" type:"string"` - // The ARN of the IPAM. + // The Amazon Resource Name (ARN) of the IPAM. IpamArn *string `locationName:"ipamArn" min:"1" type:"string"` // The ID of the IPAM. @@ -128917,6 +139035,9 @@ type Ipam struct { // The ID of the IPAM's default public scope. PublicDefaultScopeId *string `locationName:"publicDefaultScopeId" type:"string"` + // The IPAM's resource discovery association count. + ResourceDiscoveryAssociationCount *int64 `locationName:"resourceDiscoveryAssociationCount" type:"integer"` + // The number of scopes in the IPAM. The scope quota is 5. For more information // on quotas, see Quotas in IPAM (https://docs.aws.amazon.com/vpc/latest/ipam/quotas-ipam.html) // in the Amazon VPC IPAM User Guide. @@ -128925,11 +139046,19 @@ type Ipam struct { // The state of the IPAM. State *string `locationName:"state" type:"string" enum:"IpamState"` + // The state message. + StateMessage *string `locationName:"stateMessage" type:"string"` + // The key/value combination of a tag assigned to the resource. Use the tag // key in the filter name and the tag value as the filter value. For example, // to find all resources that have a tag with the key Owner and the value TeamA, // specify tag:Owner for the filter name and TeamA for the filter value. Tags []*Tag `locationName:"tagSet" locationNameList:"item" type:"list"` + + // IPAM is offered in a Free Tier and an Advanced Tier. For more information + // about the features available in each tier and the costs associated with the + // tiers, see Amazon VPC pricing > IPAM tab (http://aws.amazon.com/vpc/pricing/). + Tier *string `locationName:"tier" type:"string" enum:"IpamTier"` } // String returns the string representation. @@ -128950,6 +139079,18 @@ func (s Ipam) GoString() string { return s.String() } +// SetDefaultResourceDiscoveryAssociationId sets the DefaultResourceDiscoveryAssociationId field's value. +func (s *Ipam) SetDefaultResourceDiscoveryAssociationId(v string) *Ipam { + s.DefaultResourceDiscoveryAssociationId = &v + return s +} + +// SetDefaultResourceDiscoveryId sets the DefaultResourceDiscoveryId field's value. +func (s *Ipam) SetDefaultResourceDiscoveryId(v string) *Ipam { + s.DefaultResourceDiscoveryId = &v + return s +} + // SetDescription sets the Description field's value. func (s *Ipam) SetDescription(v string) *Ipam { s.Description = &v @@ -128998,6 +139139,12 @@ func (s *Ipam) SetPublicDefaultScopeId(v string) *Ipam { return s } +// SetResourceDiscoveryAssociationCount sets the ResourceDiscoveryAssociationCount field's value. +func (s *Ipam) SetResourceDiscoveryAssociationCount(v int64) *Ipam { + s.ResourceDiscoveryAssociationCount = &v + return s +} + // SetScopeCount sets the ScopeCount field's value. func (s *Ipam) SetScopeCount(v int64) *Ipam { s.ScopeCount = &v @@ -129010,12 +139157,24 @@ func (s *Ipam) SetState(v string) *Ipam { return s } +// SetStateMessage sets the StateMessage field's value. +func (s *Ipam) SetStateMessage(v string) *Ipam { + s.StateMessage = &v + return s +} + // SetTags sets the Tags field's value. func (s *Ipam) SetTags(v []*Tag) *Ipam { s.Tags = v return s } +// SetTier sets the Tier field's value. +func (s *Ipam) SetTier(v string) *Ipam { + s.Tier = &v + return s +} + // The historical record of a CIDR within an IPAM scope. For more information, // see View the history of IP addresses (https://docs.aws.amazon.com/vpc/latest/ipam/view-history-cidr-ipam.html) // in the Amazon VPC IPAM User Guide. @@ -129191,6 +139350,462 @@ func (s *IpamCidrAuthorizationContext) SetSignature(v string) *IpamCidrAuthoriza return s } +// An IPAM discovered account. A discovered account is an Amazon Web Services +// account that is monitored under a resource discovery. If you have integrated +// IPAM with Amazon Web Services Organizations, all accounts in the organization +// are discovered accounts. +type IpamDiscoveredAccount struct { + _ struct{} `type:"structure"` + + // The account ID. + AccountId *string `locationName:"accountId" type:"string"` + + // The Amazon Web Services Region that the account information is returned from. + // An account can be discovered in multiple regions and will have a separate + // discovered account for each Region. + DiscoveryRegion *string `locationName:"discoveryRegion" type:"string"` + + // The resource discovery failure reason. + FailureReason *IpamDiscoveryFailureReason `locationName:"failureReason" type:"structure"` + + // The last attempted resource discovery time. + LastAttemptedDiscoveryTime *time.Time `locationName:"lastAttemptedDiscoveryTime" type:"timestamp"` + + // The last successful resource discovery time. + LastSuccessfulDiscoveryTime *time.Time `locationName:"lastSuccessfulDiscoveryTime" type:"timestamp"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s IpamDiscoveredAccount) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s IpamDiscoveredAccount) GoString() string { + return s.String() +} + +// SetAccountId sets the AccountId field's value. +func (s *IpamDiscoveredAccount) SetAccountId(v string) *IpamDiscoveredAccount { + s.AccountId = &v + return s +} + +// SetDiscoveryRegion sets the DiscoveryRegion field's value. +func (s *IpamDiscoveredAccount) SetDiscoveryRegion(v string) *IpamDiscoveredAccount { + s.DiscoveryRegion = &v + return s +} + +// SetFailureReason sets the FailureReason field's value. +func (s *IpamDiscoveredAccount) SetFailureReason(v *IpamDiscoveryFailureReason) *IpamDiscoveredAccount { + s.FailureReason = v + return s +} + +// SetLastAttemptedDiscoveryTime sets the LastAttemptedDiscoveryTime field's value. +func (s *IpamDiscoveredAccount) SetLastAttemptedDiscoveryTime(v time.Time) *IpamDiscoveredAccount { + s.LastAttemptedDiscoveryTime = &v + return s +} + +// SetLastSuccessfulDiscoveryTime sets the LastSuccessfulDiscoveryTime field's value. +func (s *IpamDiscoveredAccount) SetLastSuccessfulDiscoveryTime(v time.Time) *IpamDiscoveredAccount { + s.LastSuccessfulDiscoveryTime = &v + return s +} + +// A public IP Address discovered by IPAM. +type IpamDiscoveredPublicAddress struct { + _ struct{} `type:"structure"` + + // The IP address. + Address *string `locationName:"address" type:"string"` + + // The allocation ID of the resource the IP address is assigned to. + AddressAllocationId *string `locationName:"addressAllocationId" type:"string"` + + // The ID of the owner of the resource the IP address is assigned to. + AddressOwnerId *string `locationName:"addressOwnerId" type:"string"` + + // The Region of the resource the IP address is assigned to. + AddressRegion *string `locationName:"addressRegion" type:"string"` + + // The IP address type. + AddressType *string `locationName:"addressType" type:"string" enum:"IpamPublicAddressType"` + + // The association status. + AssociationStatus *string `locationName:"associationStatus" type:"string" enum:"IpamPublicAddressAssociationStatus"` + + // The instance ID of the instance the assigned IP address is assigned to. + InstanceId *string `locationName:"instanceId" type:"string"` + + // The resource discovery ID. + IpamResourceDiscoveryId *string `locationName:"ipamResourceDiscoveryId" type:"string"` + + // The network border group that the resource that the IP address is assigned + // to is in. + NetworkBorderGroup *string `locationName:"networkBorderGroup" type:"string"` + + // The description of the network interface that IP address is assigned to. + NetworkInterfaceDescription *string `locationName:"networkInterfaceDescription" type:"string"` + + // The network interface ID of the resource with the assigned IP address. + NetworkInterfaceId *string `locationName:"networkInterfaceId" type:"string"` + + // The ID of the public IPv4 pool that the resource with the assigned IP address + // is from. + PublicIpv4PoolId *string `locationName:"publicIpv4PoolId" type:"string"` + + // The last successful resource discovery time. + SampleTime *time.Time `locationName:"sampleTime" type:"timestamp"` + + // Security groups associated with the resource that the IP address is assigned + // to. + SecurityGroups []*IpamPublicAddressSecurityGroup `locationName:"securityGroupSet" locationNameList:"item" type:"list"` + + // The Amazon Web Services service associated with the IP address. + Service *string `locationName:"service" type:"string" enum:"IpamPublicAddressAwsService"` + + // The resource ARN or ID. + ServiceResource *string `locationName:"serviceResource" type:"string"` + + // The ID of the subnet that the resource with the assigned IP address is in. + SubnetId *string `locationName:"subnetId" type:"string"` + + // Tags associated with the IP address. + Tags *IpamPublicAddressTags `locationName:"tags" type:"structure"` + + // The ID of the VPC that the resource with the assigned IP address is in. + VpcId *string `locationName:"vpcId" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s IpamDiscoveredPublicAddress) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s IpamDiscoveredPublicAddress) GoString() string { + return s.String() +} + +// SetAddress sets the Address field's value. +func (s *IpamDiscoveredPublicAddress) SetAddress(v string) *IpamDiscoveredPublicAddress { + s.Address = &v + return s +} + +// SetAddressAllocationId sets the AddressAllocationId field's value. +func (s *IpamDiscoveredPublicAddress) SetAddressAllocationId(v string) *IpamDiscoveredPublicAddress { + s.AddressAllocationId = &v + return s +} + +// SetAddressOwnerId sets the AddressOwnerId field's value. +func (s *IpamDiscoveredPublicAddress) SetAddressOwnerId(v string) *IpamDiscoveredPublicAddress { + s.AddressOwnerId = &v + return s +} + +// SetAddressRegion sets the AddressRegion field's value. +func (s *IpamDiscoveredPublicAddress) SetAddressRegion(v string) *IpamDiscoveredPublicAddress { + s.AddressRegion = &v + return s +} + +// SetAddressType sets the AddressType field's value. +func (s *IpamDiscoveredPublicAddress) SetAddressType(v string) *IpamDiscoveredPublicAddress { + s.AddressType = &v + return s +} + +// SetAssociationStatus sets the AssociationStatus field's value. +func (s *IpamDiscoveredPublicAddress) SetAssociationStatus(v string) *IpamDiscoveredPublicAddress { + s.AssociationStatus = &v + return s +} + +// SetInstanceId sets the InstanceId field's value. +func (s *IpamDiscoveredPublicAddress) SetInstanceId(v string) *IpamDiscoveredPublicAddress { + s.InstanceId = &v + return s +} + +// SetIpamResourceDiscoveryId sets the IpamResourceDiscoveryId field's value. +func (s *IpamDiscoveredPublicAddress) SetIpamResourceDiscoveryId(v string) *IpamDiscoveredPublicAddress { + s.IpamResourceDiscoveryId = &v + return s +} + +// SetNetworkBorderGroup sets the NetworkBorderGroup field's value. +func (s *IpamDiscoveredPublicAddress) SetNetworkBorderGroup(v string) *IpamDiscoveredPublicAddress { + s.NetworkBorderGroup = &v + return s +} + +// SetNetworkInterfaceDescription sets the NetworkInterfaceDescription field's value. +func (s *IpamDiscoveredPublicAddress) SetNetworkInterfaceDescription(v string) *IpamDiscoveredPublicAddress { + s.NetworkInterfaceDescription = &v + return s +} + +// SetNetworkInterfaceId sets the NetworkInterfaceId field's value. +func (s *IpamDiscoveredPublicAddress) SetNetworkInterfaceId(v string) *IpamDiscoveredPublicAddress { + s.NetworkInterfaceId = &v + return s +} + +// SetPublicIpv4PoolId sets the PublicIpv4PoolId field's value. +func (s *IpamDiscoveredPublicAddress) SetPublicIpv4PoolId(v string) *IpamDiscoveredPublicAddress { + s.PublicIpv4PoolId = &v + return s +} + +// SetSampleTime sets the SampleTime field's value. +func (s *IpamDiscoveredPublicAddress) SetSampleTime(v time.Time) *IpamDiscoveredPublicAddress { + s.SampleTime = &v + return s +} + +// SetSecurityGroups sets the SecurityGroups field's value. +func (s *IpamDiscoveredPublicAddress) SetSecurityGroups(v []*IpamPublicAddressSecurityGroup) *IpamDiscoveredPublicAddress { + s.SecurityGroups = v + return s +} + +// SetService sets the Service field's value. +func (s *IpamDiscoveredPublicAddress) SetService(v string) *IpamDiscoveredPublicAddress { + s.Service = &v + return s +} + +// SetServiceResource sets the ServiceResource field's value. +func (s *IpamDiscoveredPublicAddress) SetServiceResource(v string) *IpamDiscoveredPublicAddress { + s.ServiceResource = &v + return s +} + +// SetSubnetId sets the SubnetId field's value. +func (s *IpamDiscoveredPublicAddress) SetSubnetId(v string) *IpamDiscoveredPublicAddress { + s.SubnetId = &v + return s +} + +// SetTags sets the Tags field's value. +func (s *IpamDiscoveredPublicAddress) SetTags(v *IpamPublicAddressTags) *IpamDiscoveredPublicAddress { + s.Tags = v + return s +} + +// SetVpcId sets the VpcId field's value. +func (s *IpamDiscoveredPublicAddress) SetVpcId(v string) *IpamDiscoveredPublicAddress { + s.VpcId = &v + return s +} + +// An IPAM discovered resource CIDR. A discovered resource is a resource CIDR +// monitored under a resource discovery. The following resources can be discovered: +// VPCs, Public IPv4 pools, VPC subnets, and Elastic IP addresses. The discovered +// resource CIDR is the IP address range in CIDR notation that is associated +// with the resource. +type IpamDiscoveredResourceCidr struct { + _ struct{} `type:"structure"` + + // The percentage of IP address space in use. To convert the decimal to a percentage, + // multiply the decimal by 100. Note the following: + // + // * For resources that are VPCs, this is the percentage of IP address space + // in the VPC that's taken up by subnet CIDRs. + // + // * For resources that are subnets, if the subnet has an IPv4 CIDR provisioned + // to it, this is the percentage of IPv4 address space in the subnet that's + // in use. If the subnet has an IPv6 CIDR provisioned to it, the percentage + // of IPv6 address space in use is not represented. The percentage of IPv6 + // address space in use cannot currently be calculated. + // + // * For resources that are public IPv4 pools, this is the percentage of + // IP address space in the pool that's been allocated to Elastic IP addresses + // (EIPs). + IpUsage *float64 `locationName:"ipUsage" type:"double"` + + // The resource discovery ID. + IpamResourceDiscoveryId *string `locationName:"ipamResourceDiscoveryId" type:"string"` + + // The resource CIDR. + ResourceCidr *string `locationName:"resourceCidr" type:"string"` + + // The resource ID. + ResourceId *string `locationName:"resourceId" type:"string"` + + // The resource owner ID. + ResourceOwnerId *string `locationName:"resourceOwnerId" type:"string"` + + // The resource Region. + ResourceRegion *string `locationName:"resourceRegion" type:"string"` + + // The resource tags. + ResourceTags []*IpamResourceTag `locationName:"resourceTagSet" locationNameList:"item" type:"list"` + + // The resource type. + ResourceType *string `locationName:"resourceType" type:"string" enum:"IpamResourceType"` + + // The last successful resource discovery time. + SampleTime *time.Time `locationName:"sampleTime" type:"timestamp"` + + // The VPC ID. + VpcId *string `locationName:"vpcId" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s IpamDiscoveredResourceCidr) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s IpamDiscoveredResourceCidr) GoString() string { + return s.String() +} + +// SetIpUsage sets the IpUsage field's value. +func (s *IpamDiscoveredResourceCidr) SetIpUsage(v float64) *IpamDiscoveredResourceCidr { + s.IpUsage = &v + return s +} + +// SetIpamResourceDiscoveryId sets the IpamResourceDiscoveryId field's value. +func (s *IpamDiscoveredResourceCidr) SetIpamResourceDiscoveryId(v string) *IpamDiscoveredResourceCidr { + s.IpamResourceDiscoveryId = &v + return s +} + +// SetResourceCidr sets the ResourceCidr field's value. +func (s *IpamDiscoveredResourceCidr) SetResourceCidr(v string) *IpamDiscoveredResourceCidr { + s.ResourceCidr = &v + return s +} + +// SetResourceId sets the ResourceId field's value. +func (s *IpamDiscoveredResourceCidr) SetResourceId(v string) *IpamDiscoveredResourceCidr { + s.ResourceId = &v + return s +} + +// SetResourceOwnerId sets the ResourceOwnerId field's value. +func (s *IpamDiscoveredResourceCidr) SetResourceOwnerId(v string) *IpamDiscoveredResourceCidr { + s.ResourceOwnerId = &v + return s +} + +// SetResourceRegion sets the ResourceRegion field's value. +func (s *IpamDiscoveredResourceCidr) SetResourceRegion(v string) *IpamDiscoveredResourceCidr { + s.ResourceRegion = &v + return s +} + +// SetResourceTags sets the ResourceTags field's value. +func (s *IpamDiscoveredResourceCidr) SetResourceTags(v []*IpamResourceTag) *IpamDiscoveredResourceCidr { + s.ResourceTags = v + return s +} + +// SetResourceType sets the ResourceType field's value. +func (s *IpamDiscoveredResourceCidr) SetResourceType(v string) *IpamDiscoveredResourceCidr { + s.ResourceType = &v + return s +} + +// SetSampleTime sets the SampleTime field's value. +func (s *IpamDiscoveredResourceCidr) SetSampleTime(v time.Time) *IpamDiscoveredResourceCidr { + s.SampleTime = &v + return s +} + +// SetVpcId sets the VpcId field's value. +func (s *IpamDiscoveredResourceCidr) SetVpcId(v string) *IpamDiscoveredResourceCidr { + s.VpcId = &v + return s +} + +// The discovery failure reason. +type IpamDiscoveryFailureReason struct { + _ struct{} `type:"structure"` + + // The discovery failure code. + // + // * assume-role-failure - IPAM could not assume the Amazon Web Services + // IAM service-linked role. This could be because of any of the following: + // SLR has not been created yet and IPAM is still creating it. You have opted-out + // of the IPAM home Region. Account you are using as your IPAM account has + // been suspended. + // + // * throttling-failure - IPAM account is already using the allotted transactions + // per second and IPAM is receiving a throttling error when assuming the + // Amazon Web Services IAM SLR. + // + // * unauthorized-failure - Amazon Web Services account making the request + // is not authorized. For more information, see AuthFailure (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/errors-overview.html) + // in the Amazon Elastic Compute Cloud API Reference. + Code *string `locationName:"code" type:"string" enum:"IpamDiscoveryFailureCode"` + + // The discovery failure message. + Message *string `locationName:"message" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s IpamDiscoveryFailureReason) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s IpamDiscoveryFailureReason) GoString() string { + return s.String() +} + +// SetCode sets the Code field's value. +func (s *IpamDiscoveryFailureReason) SetCode(v string) *IpamDiscoveryFailureReason { + s.Code = &v + return s +} + +// SetMessage sets the Message field's value. +func (s *IpamDiscoveryFailureReason) SetMessage(v string) *IpamDiscoveryFailureReason { + s.Message = &v + return s +} + // The operating Regions for an IPAM. Operating Regions are Amazon Web Services // Regions where the IPAM is allowed to manage IP address CIDRs. IPAM only discovers // and monitors resources in the Amazon Web Services Regions you select as operating @@ -129287,7 +139902,7 @@ type IpamPool struct { // The ARN of the IPAM. IpamArn *string `locationName:"ipamArn" min:"1" type:"string"` - // The ARN of the IPAM pool. + // The Amazon Resource Name (ARN) of the IPAM pool. IpamPoolArn *string `locationName:"ipamPoolArn" min:"1" type:"string"` // The ID of the IPAM pool. @@ -129325,6 +139940,15 @@ type IpamPool struct { // in the Amazon VPC IPAM User Guide. PoolDepth *int64 `locationName:"poolDepth" type:"integer"` + // The IP address source for pools in the public scope. Only used for provisioning + // IP address CIDRs to pools in the public scope. Default is BYOIP. For more + // information, see Create IPv6 pools (https://docs.aws.amazon.com/vpc/latest/ipam/intro-create-ipv6-pools.html) + // in the Amazon VPC IPAM User Guide. By default, you can add only one Amazon-provided + // IPv6 CIDR block to a top-level IPv6 pool. For information on increasing the + // default limit, see Quotas for your IPAM (https://docs.aws.amazon.com/vpc/latest/ipam/quotas-ipam.html) + // in the Amazon VPC IPAM User Guide. + PublicIpSource *string `locationName:"publicIpSource" type:"string" enum:"IpamPoolPublicIpSource"` + // Determines if a pool is publicly advertisable. This option is not available // for pools with AddressFamily set to ipv4. PubliclyAdvertisable *bool `locationName:"publiclyAdvertisable" type:"boolean"` @@ -129333,10 +139957,13 @@ type IpamPool struct { // pool within an existing source pool. SourceIpamPoolId *string `locationName:"sourceIpamPoolId" type:"string"` + // The resource used to provision CIDRs to a resource planning pool. + SourceResource *IpamPoolSourceResource `locationName:"sourceResource" type:"structure"` + // The state of the IPAM pool. State *string `locationName:"state" type:"string" enum:"IpamPoolState"` - // A message related to the failed creation of an IPAM pool. + // The state message. StateMessage *string `locationName:"stateMessage" type:"string"` // The key/value combination of a tag assigned to the resource. Use the tag @@ -129466,6 +140093,12 @@ func (s *IpamPool) SetPoolDepth(v int64) *IpamPool { return s } +// SetPublicIpSource sets the PublicIpSource field's value. +func (s *IpamPool) SetPublicIpSource(v string) *IpamPool { + s.PublicIpSource = &v + return s +} + // SetPubliclyAdvertisable sets the PubliclyAdvertisable field's value. func (s *IpamPool) SetPubliclyAdvertisable(v bool) *IpamPool { s.PubliclyAdvertisable = &v @@ -129478,6 +140111,12 @@ func (s *IpamPool) SetSourceIpamPoolId(v string) *IpamPool { return s } +// SetSourceResource sets the SourceResource field's value. +func (s *IpamPool) SetSourceResource(v *IpamPoolSourceResource) *IpamPool { + s.SourceResource = v + return s +} + // SetState sets the State field's value. func (s *IpamPool) SetState(v string) *IpamPool { s.State = &v @@ -129497,7 +140136,7 @@ func (s *IpamPool) SetTags(v []*Tag) *IpamPool { } // In IPAM, an allocation is a CIDR assignment from an IPAM pool to another -// resource or IPAM pool. +// IPAM pool or to a resource. type IpamPoolAllocation struct { _ struct{} `type:"structure"` @@ -129599,6 +140238,15 @@ type IpamPoolCidr struct { // Details related to why an IPAM pool CIDR failed to be provisioned. FailureReason *IpamPoolCidrFailureReason `locationName:"failureReason" type:"structure"` + // The IPAM pool CIDR ID. + IpamPoolCidrId *string `locationName:"ipamPoolCidrId" type:"string"` + + // The netmask length of the CIDR you'd like to provision to a pool. Can be + // used for provisioning Amazon-provided IPv6 CIDRs to top-level pools and for + // provisioning CIDRs to pools with source pools. Cannot be used to provision + // BYOIP CIDRs to top-level pools. "NetmaskLength" or "Cidr" is required. + NetmaskLength *int64 `locationName:"netmaskLength" type:"integer"` + // The state of the CIDR. State *string `locationName:"state" type:"string" enum:"IpamPoolCidrState"` } @@ -129633,6 +140281,18 @@ func (s *IpamPoolCidr) SetFailureReason(v *IpamPoolCidrFailureReason) *IpamPoolC return s } +// SetIpamPoolCidrId sets the IpamPoolCidrId field's value. +func (s *IpamPoolCidr) SetIpamPoolCidrId(v string) *IpamPoolCidr { + s.IpamPoolCidrId = &v + return s +} + +// SetNetmaskLength sets the NetmaskLength field's value. +func (s *IpamPoolCidr) SetNetmaskLength(v int64) *IpamPoolCidr { + s.NetmaskLength = &v + return s +} + // SetState sets the State field's value. func (s *IpamPoolCidr) SetState(v string) *IpamPoolCidr { s.State = &v @@ -129680,6 +140340,238 @@ func (s *IpamPoolCidrFailureReason) SetMessage(v string) *IpamPoolCidrFailureRea return s } +// The resource used to provision CIDRs to a resource planning pool. +type IpamPoolSourceResource struct { + _ struct{} `type:"structure"` + + // The source resource ID. + ResourceId *string `locationName:"resourceId" type:"string"` + + // The source resource owner. + ResourceOwner *string `locationName:"resourceOwner" type:"string"` + + // The source resource Region. + ResourceRegion *string `locationName:"resourceRegion" type:"string"` + + // The source resource type. + ResourceType *string `locationName:"resourceType" type:"string" enum:"IpamPoolSourceResourceType"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s IpamPoolSourceResource) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s IpamPoolSourceResource) GoString() string { + return s.String() +} + +// SetResourceId sets the ResourceId field's value. +func (s *IpamPoolSourceResource) SetResourceId(v string) *IpamPoolSourceResource { + s.ResourceId = &v + return s +} + +// SetResourceOwner sets the ResourceOwner field's value. +func (s *IpamPoolSourceResource) SetResourceOwner(v string) *IpamPoolSourceResource { + s.ResourceOwner = &v + return s +} + +// SetResourceRegion sets the ResourceRegion field's value. +func (s *IpamPoolSourceResource) SetResourceRegion(v string) *IpamPoolSourceResource { + s.ResourceRegion = &v + return s +} + +// SetResourceType sets the ResourceType field's value. +func (s *IpamPoolSourceResource) SetResourceType(v string) *IpamPoolSourceResource { + s.ResourceType = &v + return s +} + +// The resource used to provision CIDRs to a resource planning pool. +type IpamPoolSourceResourceRequest struct { + _ struct{} `type:"structure"` + + // The source resource ID. + ResourceId *string `type:"string"` + + // The source resource owner. + ResourceOwner *string `type:"string"` + + // The source resource Region. + ResourceRegion *string `type:"string"` + + // The source resource type. + ResourceType *string `type:"string" enum:"IpamPoolSourceResourceType"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s IpamPoolSourceResourceRequest) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s IpamPoolSourceResourceRequest) GoString() string { + return s.String() +} + +// SetResourceId sets the ResourceId field's value. +func (s *IpamPoolSourceResourceRequest) SetResourceId(v string) *IpamPoolSourceResourceRequest { + s.ResourceId = &v + return s +} + +// SetResourceOwner sets the ResourceOwner field's value. +func (s *IpamPoolSourceResourceRequest) SetResourceOwner(v string) *IpamPoolSourceResourceRequest { + s.ResourceOwner = &v + return s +} + +// SetResourceRegion sets the ResourceRegion field's value. +func (s *IpamPoolSourceResourceRequest) SetResourceRegion(v string) *IpamPoolSourceResourceRequest { + s.ResourceRegion = &v + return s +} + +// SetResourceType sets the ResourceType field's value. +func (s *IpamPoolSourceResourceRequest) SetResourceType(v string) *IpamPoolSourceResourceRequest { + s.ResourceType = &v + return s +} + +// The security group that the resource with the public IP address is in. +type IpamPublicAddressSecurityGroup struct { + _ struct{} `type:"structure"` + + // The security group's ID. + GroupId *string `locationName:"groupId" type:"string"` + + // The security group's name. + GroupName *string `locationName:"groupName" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s IpamPublicAddressSecurityGroup) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s IpamPublicAddressSecurityGroup) GoString() string { + return s.String() +} + +// SetGroupId sets the GroupId field's value. +func (s *IpamPublicAddressSecurityGroup) SetGroupId(v string) *IpamPublicAddressSecurityGroup { + s.GroupId = &v + return s +} + +// SetGroupName sets the GroupName field's value. +func (s *IpamPublicAddressSecurityGroup) SetGroupName(v string) *IpamPublicAddressSecurityGroup { + s.GroupName = &v + return s +} + +// A tag for a public IP address discovered by IPAM. +type IpamPublicAddressTag struct { + _ struct{} `type:"structure"` + + // The tag's key. + Key *string `locationName:"key" type:"string"` + + // The tag's value. + Value *string `locationName:"value" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s IpamPublicAddressTag) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s IpamPublicAddressTag) GoString() string { + return s.String() +} + +// SetKey sets the Key field's value. +func (s *IpamPublicAddressTag) SetKey(v string) *IpamPublicAddressTag { + s.Key = &v + return s +} + +// SetValue sets the Value field's value. +func (s *IpamPublicAddressTag) SetValue(v string) *IpamPublicAddressTag { + s.Value = &v + return s +} + +// Tags for a public IP address discovered by IPAM. +type IpamPublicAddressTags struct { + _ struct{} `type:"structure"` + + // Tags for an Elastic IP address. + EipTags []*IpamPublicAddressTag `locationName:"eipTagSet" locationNameList:"item" type:"list"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s IpamPublicAddressTags) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s IpamPublicAddressTags) GoString() string { + return s.String() +} + +// SetEipTags sets the EipTags field's value. +func (s *IpamPublicAddressTags) SetEipTags(v []*IpamPublicAddressTag) *IpamPublicAddressTags { + s.EipTags = v + return s +} + // The CIDR for an IPAM resource. type IpamResourceCidr struct { _ struct{} `type:"structure"` @@ -129692,8 +140584,8 @@ type IpamResourceCidr struct { // The percentage of IP address space in use. To convert the decimal to a percentage, // multiply the decimal by 100. Note the following: // - // * For a resources that are VPCs, this is the percentage of IP address - // space in the VPC that's taken up by subnet CIDRs. + // * For resources that are VPCs, this is the percentage of IP address space + // in the VPC that's taken up by subnet CIDRs. // // * For resources that are subnets, if the subnet has an IPv4 CIDR provisioned // to it, this is the percentage of IPv4 address space in the subnet that's @@ -129859,6 +140751,301 @@ func (s *IpamResourceCidr) SetVpcId(v string) *IpamResourceCidr { return s } +// A resource discovery is an IPAM component that enables IPAM to manage and +// monitor resources that belong to the owning account. +type IpamResourceDiscovery struct { + _ struct{} `type:"structure"` + + // The resource discovery description. + Description *string `locationName:"description" type:"string"` + + // The resource discovery Amazon Resource Name (ARN). + IpamResourceDiscoveryArn *string `locationName:"ipamResourceDiscoveryArn" type:"string"` + + // The resource discovery ID. + IpamResourceDiscoveryId *string `locationName:"ipamResourceDiscoveryId" type:"string"` + + // The resource discovery Region. + IpamResourceDiscoveryRegion *string `locationName:"ipamResourceDiscoveryRegion" type:"string"` + + // Defines if the resource discovery is the default. The default resource discovery + // is the resource discovery automatically created when you create an IPAM. + IsDefault *bool `locationName:"isDefault" type:"boolean"` + + // The operating Regions for the resource discovery. Operating Regions are Amazon + // Web Services Regions where the IPAM is allowed to manage IP address CIDRs. + // IPAM only discovers and monitors resources in the Amazon Web Services Regions + // you select as operating Regions. + OperatingRegions []*IpamOperatingRegion `locationName:"operatingRegionSet" locationNameList:"item" type:"list"` + + // The ID of the owner. + OwnerId *string `locationName:"ownerId" type:"string"` + + // The lifecycle state of the resource discovery. + // + // * create-in-progress - Resource discovery is being created. + // + // * create-complete - Resource discovery creation is complete. + // + // * create-failed - Resource discovery creation has failed. + // + // * modify-in-progress - Resource discovery is being modified. + // + // * modify-complete - Resource discovery modification is complete. + // + // * modify-failed - Resource discovery modification has failed. + // + // * delete-in-progress - Resource discovery is being deleted. + // + // * delete-complete - Resource discovery deletion is complete. + // + // * delete-failed - Resource discovery deletion has failed. + // + // * isolate-in-progress - Amazon Web Services account that created the resource + // discovery has been removed and the resource discovery is being isolated. + // + // * isolate-complete - Resource discovery isolation is complete. + // + // * restore-in-progress - Amazon Web Services account that created the resource + // discovery and was isolated has been restored. + State *string `locationName:"state" type:"string" enum:"IpamResourceDiscoveryState"` + + // A tag is a label that you assign to an Amazon Web Services resource. Each + // tag consists of a key and an optional value. You can use tags to search and + // filter your resources or track your Amazon Web Services costs. + Tags []*Tag `locationName:"tagSet" locationNameList:"item" type:"list"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s IpamResourceDiscovery) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s IpamResourceDiscovery) GoString() string { + return s.String() +} + +// SetDescription sets the Description field's value. +func (s *IpamResourceDiscovery) SetDescription(v string) *IpamResourceDiscovery { + s.Description = &v + return s +} + +// SetIpamResourceDiscoveryArn sets the IpamResourceDiscoveryArn field's value. +func (s *IpamResourceDiscovery) SetIpamResourceDiscoveryArn(v string) *IpamResourceDiscovery { + s.IpamResourceDiscoveryArn = &v + return s +} + +// SetIpamResourceDiscoveryId sets the IpamResourceDiscoveryId field's value. +func (s *IpamResourceDiscovery) SetIpamResourceDiscoveryId(v string) *IpamResourceDiscovery { + s.IpamResourceDiscoveryId = &v + return s +} + +// SetIpamResourceDiscoveryRegion sets the IpamResourceDiscoveryRegion field's value. +func (s *IpamResourceDiscovery) SetIpamResourceDiscoveryRegion(v string) *IpamResourceDiscovery { + s.IpamResourceDiscoveryRegion = &v + return s +} + +// SetIsDefault sets the IsDefault field's value. +func (s *IpamResourceDiscovery) SetIsDefault(v bool) *IpamResourceDiscovery { + s.IsDefault = &v + return s +} + +// SetOperatingRegions sets the OperatingRegions field's value. +func (s *IpamResourceDiscovery) SetOperatingRegions(v []*IpamOperatingRegion) *IpamResourceDiscovery { + s.OperatingRegions = v + return s +} + +// SetOwnerId sets the OwnerId field's value. +func (s *IpamResourceDiscovery) SetOwnerId(v string) *IpamResourceDiscovery { + s.OwnerId = &v + return s +} + +// SetState sets the State field's value. +func (s *IpamResourceDiscovery) SetState(v string) *IpamResourceDiscovery { + s.State = &v + return s +} + +// SetTags sets the Tags field's value. +func (s *IpamResourceDiscovery) SetTags(v []*Tag) *IpamResourceDiscovery { + s.Tags = v + return s +} + +// An IPAM resource discovery association. An associated resource discovery +// is a resource discovery that has been associated with an IPAM. IPAM aggregates +// the resource CIDRs discovered by the associated resource discovery. +type IpamResourceDiscoveryAssociation struct { + _ struct{} `type:"structure"` + + // The IPAM ARN. + IpamArn *string `locationName:"ipamArn" min:"1" type:"string"` + + // The IPAM ID. + IpamId *string `locationName:"ipamId" type:"string"` + + // The IPAM home Region. + IpamRegion *string `locationName:"ipamRegion" type:"string"` + + // The resource discovery association Amazon Resource Name (ARN). + IpamResourceDiscoveryAssociationArn *string `locationName:"ipamResourceDiscoveryAssociationArn" type:"string"` + + // The resource discovery association ID. + IpamResourceDiscoveryAssociationId *string `locationName:"ipamResourceDiscoveryAssociationId" type:"string"` + + // The resource discovery ID. + IpamResourceDiscoveryId *string `locationName:"ipamResourceDiscoveryId" type:"string"` + + // Defines if the resource discovery is the default. When you create an IPAM, + // a default resource discovery is created for your IPAM and it's associated + // with your IPAM. + IsDefault *bool `locationName:"isDefault" type:"boolean"` + + // The Amazon Web Services account ID of the resource discovery owner. + OwnerId *string `locationName:"ownerId" type:"string"` + + // The resource discovery status. + // + // * active - Connection or permissions required to read the results of the + // resource discovery are intact. + // + // * not-found - Connection or permissions required to read the results of + // the resource discovery are broken. This may happen if the owner of the + // resource discovery stopped sharing it or deleted the resource discovery. + // Verify the resource discovery still exists and the Amazon Web Services + // RAM resource share is still intact. + ResourceDiscoveryStatus *string `locationName:"resourceDiscoveryStatus" type:"string" enum:"IpamAssociatedResourceDiscoveryStatus"` + + // The lifecycle state of the association when you associate or disassociate + // a resource discovery. + // + // * associate-in-progress - Resource discovery is being associated. + // + // * associate-complete - Resource discovery association is complete. + // + // * associate-failed - Resource discovery association has failed. + // + // * disassociate-in-progress - Resource discovery is being disassociated. + // + // * disassociate-complete - Resource discovery disassociation is complete. + // + // * disassociate-failed - Resource discovery disassociation has failed. + // + // * isolate-in-progress - Amazon Web Services account that created the resource + // discovery association has been removed and the resource discovery associatation + // is being isolated. + // + // * isolate-complete - Resource discovery isolation is complete.. + // + // * restore-in-progress - Resource discovery is being restored. + State *string `locationName:"state" type:"string" enum:"IpamResourceDiscoveryAssociationState"` + + // A tag is a label that you assign to an Amazon Web Services resource. Each + // tag consists of a key and an optional value. You can use tags to search and + // filter your resources or track your Amazon Web Services costs. + Tags []*Tag `locationName:"tagSet" locationNameList:"item" type:"list"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s IpamResourceDiscoveryAssociation) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s IpamResourceDiscoveryAssociation) GoString() string { + return s.String() +} + +// SetIpamArn sets the IpamArn field's value. +func (s *IpamResourceDiscoveryAssociation) SetIpamArn(v string) *IpamResourceDiscoveryAssociation { + s.IpamArn = &v + return s +} + +// SetIpamId sets the IpamId field's value. +func (s *IpamResourceDiscoveryAssociation) SetIpamId(v string) *IpamResourceDiscoveryAssociation { + s.IpamId = &v + return s +} + +// SetIpamRegion sets the IpamRegion field's value. +func (s *IpamResourceDiscoveryAssociation) SetIpamRegion(v string) *IpamResourceDiscoveryAssociation { + s.IpamRegion = &v + return s +} + +// SetIpamResourceDiscoveryAssociationArn sets the IpamResourceDiscoveryAssociationArn field's value. +func (s *IpamResourceDiscoveryAssociation) SetIpamResourceDiscoveryAssociationArn(v string) *IpamResourceDiscoveryAssociation { + s.IpamResourceDiscoveryAssociationArn = &v + return s +} + +// SetIpamResourceDiscoveryAssociationId sets the IpamResourceDiscoveryAssociationId field's value. +func (s *IpamResourceDiscoveryAssociation) SetIpamResourceDiscoveryAssociationId(v string) *IpamResourceDiscoveryAssociation { + s.IpamResourceDiscoveryAssociationId = &v + return s +} + +// SetIpamResourceDiscoveryId sets the IpamResourceDiscoveryId field's value. +func (s *IpamResourceDiscoveryAssociation) SetIpamResourceDiscoveryId(v string) *IpamResourceDiscoveryAssociation { + s.IpamResourceDiscoveryId = &v + return s +} + +// SetIsDefault sets the IsDefault field's value. +func (s *IpamResourceDiscoveryAssociation) SetIsDefault(v bool) *IpamResourceDiscoveryAssociation { + s.IsDefault = &v + return s +} + +// SetOwnerId sets the OwnerId field's value. +func (s *IpamResourceDiscoveryAssociation) SetOwnerId(v string) *IpamResourceDiscoveryAssociation { + s.OwnerId = &v + return s +} + +// SetResourceDiscoveryStatus sets the ResourceDiscoveryStatus field's value. +func (s *IpamResourceDiscoveryAssociation) SetResourceDiscoveryStatus(v string) *IpamResourceDiscoveryAssociation { + s.ResourceDiscoveryStatus = &v + return s +} + +// SetState sets the State field's value. +func (s *IpamResourceDiscoveryAssociation) SetState(v string) *IpamResourceDiscoveryAssociation { + s.State = &v + return s +} + +// SetTags sets the Tags field's value. +func (s *IpamResourceDiscoveryAssociation) SetTags(v []*Tag) *IpamResourceDiscoveryAssociation { + s.Tags = v + return s +} + // The key/value combination of a tag assigned to the resource. Use the tag // key in the filter name and the tag value as the filter value. For example, // to find all resources that have a tag with the key Owner and the value TeamA, @@ -129925,7 +141112,7 @@ type IpamScope struct { // The Amazon Web Services Region of the IPAM scope. IpamRegion *string `locationName:"ipamRegion" type:"string"` - // The ARN of the scope. + // The Amazon Resource Name (ARN) of the scope. IpamScopeArn *string `locationName:"ipamScopeArn" min:"1" type:"string"` // The ID of the scope. @@ -130365,11 +141552,11 @@ func (s *Ipv6PrefixSpecificationResponse) SetIpv6Prefix(v string) *Ipv6PrefixSpe return s } -// [EC2-VPC only] Describes an IPv6 range. +// Describes an IPv6 address range. type Ipv6Range struct { _ struct{} `type:"structure"` - // The IPv6 CIDR range. You can either specify a CIDR range or a source security + // The IPv6 address range. You can either specify a CIDR block or a source security // group, not both. To specify a single IPv6 address, use the /128 prefix length. CidrIpv6 *string `locationName:"cidrIpv6" type:"string"` @@ -130669,7 +141856,7 @@ type LaunchSpecification struct { // Deprecated. AddressingType *string `locationName:"addressingType" type:"string"` - // One or more block device mapping entries. + // The block device mapping entries. BlockDeviceMappings []*BlockDeviceMapping `locationName:"blockDeviceMapping" locationNameList:"item" type:"list"` // Indicates whether the instance is optimized for EBS I/O. This optimization @@ -130699,8 +141886,8 @@ type LaunchSpecification struct { // Describes the monitoring of an instance. Monitoring *RunInstancesMonitoringEnabled `locationName:"monitoring" type:"structure"` - // One or more network interfaces. If you specify a network interface, you must - // specify subnet IDs and security group IDs using the network interface. + // The network interfaces. If you specify a network interface, you must specify + // subnet IDs and security group IDs using the network interface. NetworkInterfaces []*InstanceNetworkInterfaceSpecification `locationName:"networkInterfaceSet" locationNameList:"item" type:"list"` // The placement information for the instance. @@ -130709,16 +141896,19 @@ type LaunchSpecification struct { // The ID of the RAM disk. RamdiskId *string `locationName:"ramdiskId" type:"string"` - // One or more security groups. When requesting instances in a VPC, you must - // specify the IDs of the security groups. When requesting instances in EC2-Classic, - // you can specify the names or the IDs of the security groups. + // The IDs of the security groups. SecurityGroups []*GroupIdentifier `locationName:"groupSet" locationNameList:"item" type:"list"` // The ID of the subnet in which to launch the instance. SubnetId *string `locationName:"subnetId" type:"string"` - // The Base64-encoded user data for the instance. - UserData *string `locationName:"userData" type:"string"` + // The base64-encoded user data that instances use when starting up. User data + // is limited to 16 KB. + // + // UserData is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by LaunchSpecification's + // String and GoString methods. + UserData *string `locationName:"userData" type:"string" sensitive:"true"` } // String returns the string representation. @@ -131187,7 +142377,9 @@ func (s *LaunchTemplateCapacityReservationSpecificationResponse) SetCapacityRese type LaunchTemplateConfig struct { _ struct{} `type:"structure"` - // The launch template. + // The launch template to use. Make sure that the launch template does not contain + // the NetworkInterfaceId parameter because you can't specify a network interface + // ID in a Spot Fleet. LaunchTemplateSpecification *FleetLaunchTemplateSpecification `locationName:"launchTemplateSpecification" type:"structure"` // Any parameters that you specify override the same parameters in the launch @@ -131244,6 +142436,10 @@ func (s *LaunchTemplateConfig) SetOverrides(v []*LaunchTemplateOverrides) *Launc type LaunchTemplateCpuOptions struct { _ struct{} `type:"structure"` + // Indicates whether the instance is enabled for AMD SEV-SNP. For more information, + // see AMD SEV-SNP (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/sev-snp.html). + AmdSevSnp *string `locationName:"amdSevSnp" type:"string" enum:"AmdSevSnpSpecification"` + // The number of CPU cores for the instance. CoreCount *int64 `locationName:"coreCount" type:"integer"` @@ -131269,6 +142465,12 @@ func (s LaunchTemplateCpuOptions) GoString() string { return s.String() } +// SetAmdSevSnp sets the AmdSevSnp field's value. +func (s *LaunchTemplateCpuOptions) SetAmdSevSnp(v string) *LaunchTemplateCpuOptions { + s.AmdSevSnp = &v + return s +} + // SetCoreCount sets the CoreCount field's value. func (s *LaunchTemplateCpuOptions) SetCoreCount(v int64) *LaunchTemplateCpuOptions { s.CoreCount = &v @@ -131286,6 +142488,11 @@ func (s *LaunchTemplateCpuOptions) SetThreadsPerCore(v int64) *LaunchTemplateCpu type LaunchTemplateCpuOptionsRequest struct { _ struct{} `type:"structure"` + // Indicates whether to enable the instance for AMD SEV-SNP. AMD SEV-SNP is + // supported with M6a, R6a, and C6a instance types only. For more information, + // see AMD SEV-SNP (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/sev-snp.html). + AmdSevSnp *string `type:"string" enum:"AmdSevSnpSpecification"` + // The number of CPU cores for the instance. CoreCount *int64 `type:"integer"` @@ -131312,6 +142519,12 @@ func (s LaunchTemplateCpuOptionsRequest) GoString() string { return s.String() } +// SetAmdSevSnp sets the AmdSevSnp field's value. +func (s *LaunchTemplateCpuOptionsRequest) SetAmdSevSnp(v string) *LaunchTemplateCpuOptionsRequest { + s.AmdSevSnp = &v + return s +} + // SetCoreCount sets the CoreCount field's value. func (s *LaunchTemplateCpuOptionsRequest) SetCoreCount(v int64) *LaunchTemplateCpuOptionsRequest { s.CoreCount = &v @@ -131438,18 +142651,17 @@ type LaunchTemplateEbsBlockDeviceRequest struct { // // The following are the supported values for each volume type: // - // * gp3: 3,000-16,000 IOPS + // * gp3: 3,000 - 16,000 IOPS // - // * io1: 100-64,000 IOPS + // * io1: 100 - 64,000 IOPS // - // * io2: 100-64,000 IOPS + // * io2: 100 - 256,000 IOPS // - // For io1 and io2 volumes, we guarantee 64,000 IOPS only for Instances built - // on the Nitro System (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html#ec2-nitro-instances). - // Other instance families guarantee performance up to 32,000 IOPS. + // For io2 volumes, you can achieve up to 256,000 IOPS on instances built on + // the Nitro System (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html#ec2-nitro-instances). + // On other instances, you can achieve performance up to 32,000 IOPS. // - // This parameter is supported for io1, io2, and gp3 volumes only. This parameter - // is not supported for gp2, st1, sc1, or standard volumes. + // This parameter is supported for io1, io2, and gp3 volumes only. Iops *int64 `type:"integer"` // The ARN of the symmetric Key Management Service (KMS) CMK used for encryption. @@ -131467,17 +142679,19 @@ type LaunchTemplateEbsBlockDeviceRequest struct { // a volume size. The following are the supported volumes sizes for each volume // type: // - // * gp2 and gp3: 1-16,384 + // * gp2 and gp3: 1 - 16,384 GiB + // + // * io1: 4 - 16,384 GiB // - // * io1 and io2: 4-16,384 + // * io2: 4 - 65,536 GiB // - // * st1 and sc1: 125-16,384 + // * st1 and sc1: 125 - 16,384 GiB // - // * standard: 1-1,024 + // * standard: 1 - 1024 GiB VolumeSize *int64 `type:"integer"` - // The volume type. For more information, see Amazon EBS volume types (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html) - // in the Amazon Elastic Compute Cloud User Guide. + // The volume type. For more information, see Amazon EBS volume types (https://docs.aws.amazon.com/ebs/latest/userguide/ebs-volume-types.html) + // in the Amazon EBS User Guide. VolumeType *string `type:"string" enum:"VolumeType"` } @@ -131653,6 +142867,96 @@ func (s *LaunchTemplateElasticInferenceAcceleratorResponse) SetType(v string) *L return s } +// ENA Express uses Amazon Web Services Scalable Reliable Datagram (SRD) technology +// to increase the maximum bandwidth used per stream and minimize tail latency +// of network traffic between EC2 instances. With ENA Express, you can communicate +// between two EC2 instances in the same subnet within the same account, or +// in different accounts. Both sending and receiving instances must have ENA +// Express enabled. +// +// To improve the reliability of network packet delivery, ENA Express reorders +// network packets on the receiving end by default. However, some UDP-based +// applications are designed to handle network packets that are out of order +// to reduce the overhead for packet delivery at the network layer. When ENA +// Express is enabled, you can specify whether UDP network traffic uses it. +type LaunchTemplateEnaSrdSpecification struct { + _ struct{} `type:"structure"` + + // Indicates whether ENA Express is enabled for the network interface. + EnaSrdEnabled *bool `locationName:"enaSrdEnabled" type:"boolean"` + + // Configures ENA Express for UDP network traffic. + EnaSrdUdpSpecification *LaunchTemplateEnaSrdUdpSpecification `locationName:"enaSrdUdpSpecification" type:"structure"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s LaunchTemplateEnaSrdSpecification) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s LaunchTemplateEnaSrdSpecification) GoString() string { + return s.String() +} + +// SetEnaSrdEnabled sets the EnaSrdEnabled field's value. +func (s *LaunchTemplateEnaSrdSpecification) SetEnaSrdEnabled(v bool) *LaunchTemplateEnaSrdSpecification { + s.EnaSrdEnabled = &v + return s +} + +// SetEnaSrdUdpSpecification sets the EnaSrdUdpSpecification field's value. +func (s *LaunchTemplateEnaSrdSpecification) SetEnaSrdUdpSpecification(v *LaunchTemplateEnaSrdUdpSpecification) *LaunchTemplateEnaSrdSpecification { + s.EnaSrdUdpSpecification = v + return s +} + +// ENA Express is compatible with both TCP and UDP transport protocols. When +// it's enabled, TCP traffic automatically uses it. However, some UDP-based +// applications are designed to handle network packets that are out of order, +// without a need for retransmission, such as live video broadcasting or other +// near-real-time applications. For UDP traffic, you can specify whether to +// use ENA Express, based on your application environment needs. +type LaunchTemplateEnaSrdUdpSpecification struct { + _ struct{} `type:"structure"` + + // Indicates whether UDP traffic to and from the instance uses ENA Express. + // To specify this setting, you must first enable ENA Express. + EnaSrdUdpEnabled *bool `locationName:"enaSrdUdpEnabled" type:"boolean"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s LaunchTemplateEnaSrdUdpSpecification) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s LaunchTemplateEnaSrdUdpSpecification) GoString() string { + return s.String() +} + +// SetEnaSrdUdpEnabled sets the EnaSrdUdpEnabled field's value. +func (s *LaunchTemplateEnaSrdUdpSpecification) SetEnaSrdUdpEnabled(v bool) *LaunchTemplateEnaSrdUdpSpecification { + s.EnaSrdUdpEnabled = &v + return s +} + // Indicates whether the instance is enabled for Amazon Web Services Nitro Enclaves. type LaunchTemplateEnclaveOptions struct { _ struct{} `type:"structure"` @@ -132045,19 +143349,18 @@ type LaunchTemplateInstanceMetadataOptions struct { // Possible values: Integers from 1 to 64 HttpPutResponseHopLimit *int64 `locationName:"httpPutResponseHopLimit" type:"integer"` - // The state of token usage for your instance metadata requests. If the parameter - // is not specified in the request, the default state is optional. + // Indicates whether IMDSv2 is required. // - // If the state is optional, you can choose to retrieve instance metadata with - // or without a signed token header on your request. If you retrieve the IAM - // role credentials without a token, the version 1.0 role credentials are returned. - // If you retrieve the IAM role credentials using a valid signed token, the - // version 2.0 role credentials are returned. + // * optional - IMDSv2 is optional. You can choose whether to send a session + // token in your instance metadata retrieval requests. If you retrieve IAM + // role credentials without a session token, you receive the IMDSv1 role + // credentials. If you retrieve IAM role credentials using a valid session + // token, you receive the IMDSv2 role credentials. // - // If the state is required, you must send a signed token header with any instance - // metadata retrieval requests. In this state, retrieving the IAM role credentials - // always returns the version 2.0 credentials; the version 1.0 credentials are - // not available. + // * required - IMDSv2 is required. You must send a session token in your + // instance metadata retrieval requests. With this option, retrieving the + // IAM role credentials always returns IMDSv2 credentials; IMDSv1 credentials + // are not available. HttpTokens *string `locationName:"httpTokens" type:"string" enum:"LaunchTemplateHttpTokensState"` // Set to enabled to allow access to instance tags from the instance metadata. @@ -132157,19 +143460,21 @@ type LaunchTemplateInstanceMetadataOptionsRequest struct { // Possible values: Integers from 1 to 64 HttpPutResponseHopLimit *int64 `type:"integer"` - // The state of token usage for your instance metadata requests. If the parameter - // is not specified in the request, the default state is optional. + // Indicates whether IMDSv2 is required. // - // If the state is optional, you can choose to retrieve instance metadata with - // or without a signed token header on your request. If you retrieve the IAM - // role credentials without a token, the version 1.0 role credentials are returned. - // If you retrieve the IAM role credentials using a valid signed token, the - // version 2.0 role credentials are returned. + // * optional - IMDSv2 is optional. You can choose whether to send a session + // token in your instance metadata retrieval requests. If you retrieve IAM + // role credentials without a session token, you receive the IMDSv1 role + // credentials. If you retrieve IAM role credentials using a valid session + // token, you receive the IMDSv2 role credentials. // - // If the state is required, you must send a signed token header with any instance - // metadata retrieval requests. In this state, retrieving the IAM role credentials - // always returns the version 2.0 credentials; the version 1.0 credentials are - // not available. + // * required - IMDSv2 is required. You must send a session token in your + // instance metadata retrieval requests. With this option, retrieving the + // IAM role credentials always returns IMDSv2 credentials; IMDSv1 credentials + // are not available. + // + // Default: If the value of ImdsSupport for the Amazon Machine Image (AMI) for + // your instance is v2.0, the default is required. HttpTokens *string `type:"string" enum:"LaunchTemplateHttpTokensState"` // Set to enabled to allow access to instance tags from the instance metadata. @@ -132244,8 +143549,19 @@ type LaunchTemplateInstanceNetworkInterfaceSpecification struct { // Indicates whether to associate a public IPv4 address with eth0 for a new // network interface. + // + // Amazon Web Services charges for all public IPv4 addresses, including public + // IPv4 addresses associated with running instances and Elastic IP addresses. + // For more information, see the Public IPv4 Address tab on the Amazon VPC pricing + // page (http://aws.amazon.com/vpc/pricing/). AssociatePublicIpAddress *bool `locationName:"associatePublicIpAddress" type:"boolean"` + // A security group connection tracking specification that enables you to set + // the timeout for connection tracking on an Elastic network interface. For + // more information, see Connection tracking timeouts (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-connection-tracking.html#connection-tracking-timeouts) + // in the Amazon Elastic Compute Cloud User Guide. + ConnectionTrackingSpecification *ConnectionTrackingSpecification `locationName:"connectionTrackingSpecification" type:"structure"` + // Indicates whether the network interface is deleted when the instance is terminated. DeleteOnTermination *bool `locationName:"deleteOnTermination" type:"boolean"` @@ -132255,6 +143571,10 @@ type LaunchTemplateInstanceNetworkInterfaceSpecification struct { // The device index for the network interface attachment. DeviceIndex *int64 `locationName:"deviceIndex" type:"integer"` + // Contains the ENA Express settings for instances launched from your launch + // template. + EnaSrdSpecification *LaunchTemplateEnaSrdSpecification `locationName:"enaSrdSpecification" type:"structure"` + // The IDs of one or more security groups. Groups []*string `locationName:"groupSet" locationNameList:"groupId" type:"list"` @@ -132287,6 +143607,13 @@ type LaunchTemplateInstanceNetworkInterfaceSpecification struct { // The ID of the network interface. NetworkInterfaceId *string `locationName:"networkInterfaceId" type:"string"` + // The primary IPv6 address of the network interface. When you enable an IPv6 + // GUA address to be a primary IPv6, the first IPv6 GUA will be made the primary + // IPv6 address until the instance is terminated or the network interface is + // detached. For more information about primary IPv6 addresses, see RunInstances + // (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RunInstances.html). + PrimaryIpv6 *bool `locationName:"primaryIpv6" type:"boolean"` + // The primary private IPv4 address of the network interface. PrivateIpAddress *string `locationName:"privateIpAddress" type:"string"` @@ -132330,6 +143657,12 @@ func (s *LaunchTemplateInstanceNetworkInterfaceSpecification) SetAssociatePublic return s } +// SetConnectionTrackingSpecification sets the ConnectionTrackingSpecification field's value. +func (s *LaunchTemplateInstanceNetworkInterfaceSpecification) SetConnectionTrackingSpecification(v *ConnectionTrackingSpecification) *LaunchTemplateInstanceNetworkInterfaceSpecification { + s.ConnectionTrackingSpecification = v + return s +} + // SetDeleteOnTermination sets the DeleteOnTermination field's value. func (s *LaunchTemplateInstanceNetworkInterfaceSpecification) SetDeleteOnTermination(v bool) *LaunchTemplateInstanceNetworkInterfaceSpecification { s.DeleteOnTermination = &v @@ -132348,6 +143681,12 @@ func (s *LaunchTemplateInstanceNetworkInterfaceSpecification) SetDeviceIndex(v i return s } +// SetEnaSrdSpecification sets the EnaSrdSpecification field's value. +func (s *LaunchTemplateInstanceNetworkInterfaceSpecification) SetEnaSrdSpecification(v *LaunchTemplateEnaSrdSpecification) *LaunchTemplateInstanceNetworkInterfaceSpecification { + s.EnaSrdSpecification = v + return s +} + // SetGroups sets the Groups field's value. func (s *LaunchTemplateInstanceNetworkInterfaceSpecification) SetGroups(v []*string) *LaunchTemplateInstanceNetworkInterfaceSpecification { s.Groups = v @@ -132408,6 +143747,12 @@ func (s *LaunchTemplateInstanceNetworkInterfaceSpecification) SetNetworkInterfac return s } +// SetPrimaryIpv6 sets the PrimaryIpv6 field's value. +func (s *LaunchTemplateInstanceNetworkInterfaceSpecification) SetPrimaryIpv6(v bool) *LaunchTemplateInstanceNetworkInterfaceSpecification { + s.PrimaryIpv6 = &v + return s +} + // SetPrivateIpAddress sets the PrivateIpAddress field's value. func (s *LaunchTemplateInstanceNetworkInterfaceSpecification) SetPrivateIpAddress(v string) *LaunchTemplateInstanceNetworkInterfaceSpecification { s.PrivateIpAddress = &v @@ -132445,8 +143790,19 @@ type LaunchTemplateInstanceNetworkInterfaceSpecificationRequest struct { AssociateCarrierIpAddress *bool `type:"boolean"` // Associates a public IPv4 address with eth0 for a new network interface. + // + // Amazon Web Services charges for all public IPv4 addresses, including public + // IPv4 addresses associated with running instances and Elastic IP addresses. + // For more information, see the Public IPv4 Address tab on the Amazon VPC pricing + // page (http://aws.amazon.com/vpc/pricing/). AssociatePublicIpAddress *bool `type:"boolean"` + // A security group connection tracking specification that enables you to set + // the timeout for connection tracking on an Elastic network interface. For + // more information, see Connection tracking timeouts (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-connection-tracking.html#connection-tracking-timeouts) + // in the Amazon Elastic Compute Cloud User Guide. + ConnectionTrackingSpecification *ConnectionTrackingSpecificationRequest `type:"structure"` + // Indicates whether the network interface is deleted when the instance is terminated. DeleteOnTermination *bool `type:"boolean"` @@ -132456,6 +143812,9 @@ type LaunchTemplateInstanceNetworkInterfaceSpecificationRequest struct { // The device index for the network interface attachment. DeviceIndex *int64 `type:"integer"` + // Configure ENA Express settings for your launch template. + EnaSrdSpecification *EnaSrdSpecificationRequest `type:"structure"` + // The IDs of one or more security groups. Groups []*string `locationName:"SecurityGroupId" locationNameList:"SecurityGroupId" type:"list"` @@ -132501,6 +143860,13 @@ type LaunchTemplateInstanceNetworkInterfaceSpecificationRequest struct { // The ID of the network interface. NetworkInterfaceId *string `type:"string"` + // The primary IPv6 address of the network interface. When you enable an IPv6 + // GUA address to be a primary IPv6, the first IPv6 GUA will be made the primary + // IPv6 address until the instance is terminated or the network interface is + // detached. For more information about primary IPv6 addresses, see RunInstances + // (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RunInstances.html). + PrimaryIpv6 *bool `type:"boolean"` + // The primary private IPv4 address of the network interface. PrivateIpAddress *string `type:"string"` @@ -132544,6 +143910,12 @@ func (s *LaunchTemplateInstanceNetworkInterfaceSpecificationRequest) SetAssociat return s } +// SetConnectionTrackingSpecification sets the ConnectionTrackingSpecification field's value. +func (s *LaunchTemplateInstanceNetworkInterfaceSpecificationRequest) SetConnectionTrackingSpecification(v *ConnectionTrackingSpecificationRequest) *LaunchTemplateInstanceNetworkInterfaceSpecificationRequest { + s.ConnectionTrackingSpecification = v + return s +} + // SetDeleteOnTermination sets the DeleteOnTermination field's value. func (s *LaunchTemplateInstanceNetworkInterfaceSpecificationRequest) SetDeleteOnTermination(v bool) *LaunchTemplateInstanceNetworkInterfaceSpecificationRequest { s.DeleteOnTermination = &v @@ -132562,6 +143934,12 @@ func (s *LaunchTemplateInstanceNetworkInterfaceSpecificationRequest) SetDeviceIn return s } +// SetEnaSrdSpecification sets the EnaSrdSpecification field's value. +func (s *LaunchTemplateInstanceNetworkInterfaceSpecificationRequest) SetEnaSrdSpecification(v *EnaSrdSpecificationRequest) *LaunchTemplateInstanceNetworkInterfaceSpecificationRequest { + s.EnaSrdSpecification = v + return s +} + // SetGroups sets the Groups field's value. func (s *LaunchTemplateInstanceNetworkInterfaceSpecificationRequest) SetGroups(v []*string) *LaunchTemplateInstanceNetworkInterfaceSpecificationRequest { s.Groups = v @@ -132622,6 +144000,12 @@ func (s *LaunchTemplateInstanceNetworkInterfaceSpecificationRequest) SetNetworkI return s } +// SetPrimaryIpv6 sets the PrimaryIpv6 field's value. +func (s *LaunchTemplateInstanceNetworkInterfaceSpecificationRequest) SetPrimaryIpv6(v bool) *LaunchTemplateInstanceNetworkInterfaceSpecificationRequest { + s.PrimaryIpv6 = &v + return s +} + // SetPrivateIpAddress sets the PrivateIpAddress field's value. func (s *LaunchTemplateInstanceNetworkInterfaceSpecificationRequest) SetPrivateIpAddress(v string) *LaunchTemplateInstanceNetworkInterfaceSpecificationRequest { s.PrivateIpAddress = &v @@ -132758,6 +144142,12 @@ type LaunchTemplateOverrides struct { SubnetId *string `locationName:"subnetId" type:"string"` // The number of units provided by the specified instance type. + // + // When specifying weights, the price used in the lowest-price and price-capacity-optimized + // allocation strategies is per unit hour (where the instance price is divided + // by the specified weight). However, if all the specified weights are above + // the requested TargetCapacity, resulting in only 1 instance being launched, + // the price used is per instance hour. WeightedCapacity *float64 `locationName:"weightedCapacity" type:"double"` } @@ -132851,8 +144241,8 @@ type LaunchTemplatePlacement struct { // Reserved for future use. SpreadDomain *string `locationName:"spreadDomain" type:"string"` - // The tenancy of the instance (if the instance is running in a VPC). An instance - // with a tenancy of dedicated runs on single-tenant hardware. + // The tenancy of the instance. An instance with a tenancy of dedicated runs + // on single-tenant hardware. Tenancy *string `locationName:"tenancy" type:"string" enum:"Tenancy"` } @@ -132960,8 +144350,8 @@ type LaunchTemplatePlacementRequest struct { // Reserved for future use. SpreadDomain *string `type:"string"` - // The tenancy of the instance (if the instance is running in a VPC). An instance - // with a tenancy of dedicated runs on single-tenant hardware. + // The tenancy of the instance. An instance with a tenancy of dedicated runs + // on single-tenant hardware. Tenancy *string `type:"string" enum:"Tenancy"` } @@ -133419,9 +144809,11 @@ type LaunchTemplateTagSpecificationRequest struct { // The type of resource to tag. // - // The Valid Values are all the resource types that can be tagged. However, - // when creating a launch template, you can specify tags for the following resource - // types only: instance | volume | elastic-gpu | network-interface | spot-instances-request + // Valid Values lists all resource types for Amazon EC2 that can be tagged. + // When you create a launch template, you can specify tags for the following + // resource types only: instance | volume | network-interface | spot-instances-request. + // If the instance does not include the resource type that you specify, the + // instance launch fails. For example, not all instance types include a volume. // // To tag a resource after it has been created, see CreateTags (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateTags.html). ResourceType *string `type:"string" enum:"ResourceType"` @@ -133698,14 +145090,13 @@ type ListImagesInRecycleBinInput struct { // that are in the Recycle Bin. You can specify up to 20 IDs in a single request. ImageIds []*string `locationName:"ImageId" locationNameList:"ImageId" type:"list"` - // The maximum number of results to return with a single call. To retrieve the - // remaining results, make another call with the returned nextToken value. - // - // If you do not specify a value for MaxResults, the request returns 1,000 items - // per page by default. For more information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination). + // The maximum number of items to return for this request. To get the next page + // of items, make another request with the token returned in the output. For + // more information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination). MaxResults *int64 `min:"1" type:"integer"` - // The token for the next page of results. + // The token returned from a previous paginated request. Pagination continues + // from the end of the items returned by the previous request. NextToken *string `type:"string"` } @@ -133770,8 +145161,8 @@ type ListImagesInRecycleBinOutput struct { // Information about the AMIs. Images []*ImageRecycleBinInfo `locationName:"imageSet" locationNameList:"item" type:"list"` - // The token to use to retrieve the next page of results. This value is null - // when there are no more results to return. + // The token to include in another request to get the next page of items. This + // value is null when there are no more items to return. NextToken *string `locationName:"nextToken" type:"string"` } @@ -133814,11 +145205,13 @@ type ListSnapshotsInRecycleBinInput struct { // it is UnauthorizedOperation. DryRun *bool `type:"boolean"` - // The maximum number of results to return with a single call. To retrieve the - // remaining results, make another call with the returned nextToken value. + // The maximum number of items to return for this request. To get the next page + // of items, make another request with the token returned in the output. For + // more information, see Pagination (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Query-Requests.html#api-pagination). MaxResults *int64 `min:"5" type:"integer"` - // The token for the next page of results. + // The token returned from a previous paginated request. Pagination continues + // from the end of the items returned by the previous request. NextToken *string `type:"string"` // The IDs of the snapshots to list. Omit this parameter to list all of the @@ -133884,8 +145277,8 @@ func (s *ListSnapshotsInRecycleBinInput) SetSnapshotIds(v []*string) *ListSnapsh type ListSnapshotsInRecycleBinOutput struct { _ struct{} `type:"structure"` - // The token to use to retrieve the next page of results. This value is null - // when there are no more results to return. + // The token to include in another request to get the next page of items. This + // value is null when there are no more items to return. NextToken *string `locationName:"nextToken" type:"string"` // Information about the snapshots. @@ -134185,6 +145578,9 @@ type LocalGatewayRoute struct { // The CIDR block used for destination matches. DestinationCidrBlock *string `locationName:"destinationCidrBlock" type:"string"` + // The ID of the prefix list. + DestinationPrefixListId *string `locationName:"destinationPrefixListId" type:"string"` + // The Amazon Resource Name (ARN) of the local gateway route table. LocalGatewayRouteTableArn *string `locationName:"localGatewayRouteTableArn" min:"1" type:"string"` @@ -134240,6 +145636,12 @@ func (s *LocalGatewayRoute) SetDestinationCidrBlock(v string) *LocalGatewayRoute return s } +// SetDestinationPrefixListId sets the DestinationPrefixListId field's value. +func (s *LocalGatewayRoute) SetDestinationPrefixListId(v string) *LocalGatewayRoute { + s.DestinationPrefixListId = &v + return s +} + // SetLocalGatewayRouteTableArn sets the LocalGatewayRouteTableArn field's value. func (s *LocalGatewayRoute) SetLocalGatewayRouteTableArn(v string) *LocalGatewayRoute { s.LocalGatewayRouteTableArn = &v @@ -134762,6 +146164,481 @@ func (s *LocalGatewayVirtualInterfaceGroup) SetTags(v []*Tag) *LocalGatewayVirtu return s } +type LockSnapshotInput struct { + _ struct{} `type:"structure"` + + // The cooling-off period during which you can unlock the snapshot or modify + // the lock settings after locking the snapshot in compliance mode, in hours. + // After the cooling-off period expires, you can't unlock or delete the snapshot, + // decrease the lock duration, or change the lock mode. You can increase the + // lock duration after the cooling-off period expires. + // + // The cooling-off period is optional when locking a snapshot in compliance + // mode. If you are locking the snapshot in governance mode, omit this parameter. + // + // To lock the snapshot in compliance mode immediately without a cooling-off + // period, omit this parameter. + // + // If you are extending the lock duration for a snapshot that is locked in compliance + // mode after the cooling-off period has expired, omit this parameter. If you + // specify a cooling-period in a such a request, the request fails. + // + // Allowed values: Min 1, max 72. + CoolOffPeriod *int64 `min:"1" type:"integer"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The date and time at which the snapshot lock is to automatically expire, + // in the UTC time zone (YYYY-MM-DDThh:mm:ss.sssZ). + // + // You must specify either this parameter or LockDuration, but not both. + ExpirationDate *time.Time `type:"timestamp"` + + // The period of time for which to lock the snapshot, in days. The snapshot + // lock will automatically expire after this period lapses. + // + // You must specify either this parameter or ExpirationDate, but not both. + // + // Allowed values: Min: 1, max 36500 + LockDuration *int64 `min:"1" type:"integer"` + + // The mode in which to lock the snapshot. Specify one of the following: + // + // * governance - Locks the snapshot in governance mode. Snapshots locked + // in governance mode can't be deleted until one of the following conditions + // are met: The lock duration expires. The snapshot is unlocked by a user + // with the appropriate permissions. Users with the appropriate IAM permissions + // can unlock the snapshot, increase or decrease the lock duration, and change + // the lock mode to compliance at any time. If you lock a snapshot in governance + // mode, omit CoolOffPeriod. + // + // * compliance - Locks the snapshot in compliance mode. Snapshots locked + // in compliance mode can't be unlocked by any user. They can be deleted + // only after the lock duration expires. Users can't decrease the lock duration + // or change the lock mode to governance. However, users with appropriate + // IAM permissions can increase the lock duration at any time. If you lock + // a snapshot in compliance mode, you can optionally specify CoolOffPeriod. + // + // LockMode is a required field + LockMode *string `type:"string" required:"true" enum:"LockMode"` + + // The ID of the snapshot to lock. + // + // SnapshotId is a required field + SnapshotId *string `type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s LockSnapshotInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s LockSnapshotInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *LockSnapshotInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "LockSnapshotInput"} + if s.CoolOffPeriod != nil && *s.CoolOffPeriod < 1 { + invalidParams.Add(request.NewErrParamMinValue("CoolOffPeriod", 1)) + } + if s.LockDuration != nil && *s.LockDuration < 1 { + invalidParams.Add(request.NewErrParamMinValue("LockDuration", 1)) + } + if s.LockMode == nil { + invalidParams.Add(request.NewErrParamRequired("LockMode")) + } + if s.SnapshotId == nil { + invalidParams.Add(request.NewErrParamRequired("SnapshotId")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetCoolOffPeriod sets the CoolOffPeriod field's value. +func (s *LockSnapshotInput) SetCoolOffPeriod(v int64) *LockSnapshotInput { + s.CoolOffPeriod = &v + return s +} + +// SetDryRun sets the DryRun field's value. +func (s *LockSnapshotInput) SetDryRun(v bool) *LockSnapshotInput { + s.DryRun = &v + return s +} + +// SetExpirationDate sets the ExpirationDate field's value. +func (s *LockSnapshotInput) SetExpirationDate(v time.Time) *LockSnapshotInput { + s.ExpirationDate = &v + return s +} + +// SetLockDuration sets the LockDuration field's value. +func (s *LockSnapshotInput) SetLockDuration(v int64) *LockSnapshotInput { + s.LockDuration = &v + return s +} + +// SetLockMode sets the LockMode field's value. +func (s *LockSnapshotInput) SetLockMode(v string) *LockSnapshotInput { + s.LockMode = &v + return s +} + +// SetSnapshotId sets the SnapshotId field's value. +func (s *LockSnapshotInput) SetSnapshotId(v string) *LockSnapshotInput { + s.SnapshotId = &v + return s +} + +type LockSnapshotOutput struct { + _ struct{} `type:"structure"` + + // The compliance mode cooling-off period, in hours. + CoolOffPeriod *int64 `locationName:"coolOffPeriod" type:"integer"` + + // The date and time at which the compliance mode cooling-off period expires, + // in the UTC time zone (YYYY-MM-DDThh:mm:ss.sssZ). + CoolOffPeriodExpiresOn *time.Time `locationName:"coolOffPeriodExpiresOn" type:"timestamp"` + + // The date and time at which the snapshot was locked, in the UTC time zone + // (YYYY-MM-DDThh:mm:ss.sssZ). + LockCreatedOn *time.Time `locationName:"lockCreatedOn" type:"timestamp"` + + // The period of time for which the snapshot is locked, in days. + LockDuration *int64 `locationName:"lockDuration" type:"integer"` + + // The date and time at which the lock duration started, in the UTC time zone + // (YYYY-MM-DDThh:mm:ss.sssZ). + LockDurationStartTime *time.Time `locationName:"lockDurationStartTime" type:"timestamp"` + + // The date and time at which the lock will expire, in the UTC time zone (YYYY-MM-DDThh:mm:ss.sssZ). + LockExpiresOn *time.Time `locationName:"lockExpiresOn" type:"timestamp"` + + // The state of the snapshot lock. Valid states include: + // + // * compliance-cooloff - The snapshot has been locked in compliance mode + // but it is still within the cooling-off period. The snapshot can't be deleted, + // but it can be unlocked and the lock settings can be modified by users + // with appropriate permissions. + // + // * governance - The snapshot is locked in governance mode. The snapshot + // can't be deleted, but it can be unlocked and the lock settings can be + // modified by users with appropriate permissions. + // + // * compliance - The snapshot is locked in compliance mode and the cooling-off + // period has expired. The snapshot can't be unlocked or deleted. The lock + // duration can only be increased by users with appropriate permissions. + // + // * expired - The snapshot was locked in compliance or governance mode but + // the lock duration has expired. The snapshot is not locked and can be deleted. + LockState *string `locationName:"lockState" type:"string" enum:"LockState"` + + // The ID of the snapshot + SnapshotId *string `locationName:"snapshotId" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s LockSnapshotOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s LockSnapshotOutput) GoString() string { + return s.String() +} + +// SetCoolOffPeriod sets the CoolOffPeriod field's value. +func (s *LockSnapshotOutput) SetCoolOffPeriod(v int64) *LockSnapshotOutput { + s.CoolOffPeriod = &v + return s +} + +// SetCoolOffPeriodExpiresOn sets the CoolOffPeriodExpiresOn field's value. +func (s *LockSnapshotOutput) SetCoolOffPeriodExpiresOn(v time.Time) *LockSnapshotOutput { + s.CoolOffPeriodExpiresOn = &v + return s +} + +// SetLockCreatedOn sets the LockCreatedOn field's value. +func (s *LockSnapshotOutput) SetLockCreatedOn(v time.Time) *LockSnapshotOutput { + s.LockCreatedOn = &v + return s +} + +// SetLockDuration sets the LockDuration field's value. +func (s *LockSnapshotOutput) SetLockDuration(v int64) *LockSnapshotOutput { + s.LockDuration = &v + return s +} + +// SetLockDurationStartTime sets the LockDurationStartTime field's value. +func (s *LockSnapshotOutput) SetLockDurationStartTime(v time.Time) *LockSnapshotOutput { + s.LockDurationStartTime = &v + return s +} + +// SetLockExpiresOn sets the LockExpiresOn field's value. +func (s *LockSnapshotOutput) SetLockExpiresOn(v time.Time) *LockSnapshotOutput { + s.LockExpiresOn = &v + return s +} + +// SetLockState sets the LockState field's value. +func (s *LockSnapshotOutput) SetLockState(v string) *LockSnapshotOutput { + s.LockState = &v + return s +} + +// SetSnapshotId sets the SnapshotId field's value. +func (s *LockSnapshotOutput) SetSnapshotId(v string) *LockSnapshotOutput { + s.SnapshotId = &v + return s +} + +// Information about a locked snapshot. +type LockedSnapshotsInfo struct { + _ struct{} `type:"structure"` + + // The compliance mode cooling-off period, in hours. + CoolOffPeriod *int64 `locationName:"coolOffPeriod" type:"integer"` + + // The date and time at which the compliance mode cooling-off period expires, + // in the UTC time zone (YYYY-MM-DDThh:mm:ss.sssZ). + CoolOffPeriodExpiresOn *time.Time `locationName:"coolOffPeriodExpiresOn" type:"timestamp"` + + // The date and time at which the snapshot was locked, in the UTC time zone + // (YYYY-MM-DDThh:mm:ss.sssZ). + LockCreatedOn *time.Time `locationName:"lockCreatedOn" type:"timestamp"` + + // The period of time for which the snapshot is locked, in days. + LockDuration *int64 `locationName:"lockDuration" type:"integer"` + + // The date and time at which the lock duration started, in the UTC time zone + // (YYYY-MM-DDThh:mm:ss.sssZ). + // + // If you lock a snapshot that is in the pending state, the lock duration starts + // only once the snapshot enters the completed state. + LockDurationStartTime *time.Time `locationName:"lockDurationStartTime" type:"timestamp"` + + // The date and time at which the lock will expire, in the UTC time zone (YYYY-MM-DDThh:mm:ss.sssZ). + LockExpiresOn *time.Time `locationName:"lockExpiresOn" type:"timestamp"` + + // The state of the snapshot lock. Valid states include: + // + // * compliance-cooloff - The snapshot has been locked in compliance mode + // but it is still within the cooling-off period. The snapshot can't be deleted, + // but it can be unlocked and the lock settings can be modified by users + // with appropriate permissions. + // + // * governance - The snapshot is locked in governance mode. The snapshot + // can't be deleted, but it can be unlocked and the lock settings can be + // modified by users with appropriate permissions. + // + // * compliance - The snapshot is locked in compliance mode and the cooling-off + // period has expired. The snapshot can't be unlocked or deleted. The lock + // duration can only be increased by users with appropriate permissions. + // + // * expired - The snapshot was locked in compliance or governance mode but + // the lock duration has expired. The snapshot is not locked and can be deleted. + LockState *string `locationName:"lockState" type:"string" enum:"LockState"` + + // The account ID of the Amazon Web Services account that owns the snapshot. + OwnerId *string `locationName:"ownerId" type:"string"` + + // The ID of the snapshot. + SnapshotId *string `locationName:"snapshotId" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s LockedSnapshotsInfo) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s LockedSnapshotsInfo) GoString() string { + return s.String() +} + +// SetCoolOffPeriod sets the CoolOffPeriod field's value. +func (s *LockedSnapshotsInfo) SetCoolOffPeriod(v int64) *LockedSnapshotsInfo { + s.CoolOffPeriod = &v + return s +} + +// SetCoolOffPeriodExpiresOn sets the CoolOffPeriodExpiresOn field's value. +func (s *LockedSnapshotsInfo) SetCoolOffPeriodExpiresOn(v time.Time) *LockedSnapshotsInfo { + s.CoolOffPeriodExpiresOn = &v + return s +} + +// SetLockCreatedOn sets the LockCreatedOn field's value. +func (s *LockedSnapshotsInfo) SetLockCreatedOn(v time.Time) *LockedSnapshotsInfo { + s.LockCreatedOn = &v + return s +} + +// SetLockDuration sets the LockDuration field's value. +func (s *LockedSnapshotsInfo) SetLockDuration(v int64) *LockedSnapshotsInfo { + s.LockDuration = &v + return s +} + +// SetLockDurationStartTime sets the LockDurationStartTime field's value. +func (s *LockedSnapshotsInfo) SetLockDurationStartTime(v time.Time) *LockedSnapshotsInfo { + s.LockDurationStartTime = &v + return s +} + +// SetLockExpiresOn sets the LockExpiresOn field's value. +func (s *LockedSnapshotsInfo) SetLockExpiresOn(v time.Time) *LockedSnapshotsInfo { + s.LockExpiresOn = &v + return s +} + +// SetLockState sets the LockState field's value. +func (s *LockedSnapshotsInfo) SetLockState(v string) *LockedSnapshotsInfo { + s.LockState = &v + return s +} + +// SetOwnerId sets the OwnerId field's value. +func (s *LockedSnapshotsInfo) SetOwnerId(v string) *LockedSnapshotsInfo { + s.OwnerId = &v + return s +} + +// SetSnapshotId sets the SnapshotId field's value. +func (s *LockedSnapshotsInfo) SetSnapshotId(v string) *LockedSnapshotsInfo { + s.SnapshotId = &v + return s +} + +// Information about the EC2 Mac Dedicated Host. +type MacHost struct { + _ struct{} `type:"structure"` + + // The EC2 Mac Dedicated Host ID. + HostId *string `locationName:"hostId" type:"string"` + + // The latest macOS versions that the EC2 Mac Dedicated Host can launch without + // being upgraded. + MacOSLatestSupportedVersions []*string `locationName:"macOSLatestSupportedVersionSet" locationNameList:"item" type:"list"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s MacHost) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s MacHost) GoString() string { + return s.String() +} + +// SetHostId sets the HostId field's value. +func (s *MacHost) SetHostId(v string) *MacHost { + s.HostId = &v + return s +} + +// SetMacOSLatestSupportedVersions sets the MacOSLatestSupportedVersions field's value. +func (s *MacHost) SetMacOSLatestSupportedVersions(v []*string) *MacHost { + s.MacOSLatestSupportedVersions = v + return s +} + +// Details for Site-to-Site VPN tunnel endpoint maintenance events. +type MaintenanceDetails struct { + _ struct{} `type:"structure"` + + // Timestamp of last applied maintenance. + LastMaintenanceApplied *time.Time `locationName:"lastMaintenanceApplied" type:"timestamp"` + + // The timestamp after which Amazon Web Services will automatically apply maintenance. + MaintenanceAutoAppliedAfter *time.Time `locationName:"maintenanceAutoAppliedAfter" type:"timestamp"` + + // Verify existence of a pending maintenance. + PendingMaintenance *string `locationName:"pendingMaintenance" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s MaintenanceDetails) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s MaintenanceDetails) GoString() string { + return s.String() +} + +// SetLastMaintenanceApplied sets the LastMaintenanceApplied field's value. +func (s *MaintenanceDetails) SetLastMaintenanceApplied(v time.Time) *MaintenanceDetails { + s.LastMaintenanceApplied = &v + return s +} + +// SetMaintenanceAutoAppliedAfter sets the MaintenanceAutoAppliedAfter field's value. +func (s *MaintenanceDetails) SetMaintenanceAutoAppliedAfter(v time.Time) *MaintenanceDetails { + s.MaintenanceAutoAppliedAfter = &v + return s +} + +// SetPendingMaintenance sets the PendingMaintenance field's value. +func (s *MaintenanceDetails) SetPendingMaintenance(v string) *MaintenanceDetails { + s.PendingMaintenance = &v + return s +} + // Describes a managed prefix list. type ManagedPrefixList struct { _ struct{} `type:"structure"` @@ -134875,6 +146752,139 @@ func (s *ManagedPrefixList) SetVersion(v int64) *ManagedPrefixList { return s } +// Describes the media accelerators for the instance type. +type MediaAcceleratorInfo struct { + _ struct{} `type:"structure"` + + // Describes the media accelerators for the instance type. + Accelerators []*MediaDeviceInfo `locationName:"accelerators" locationNameList:"item" type:"list"` + + // The total size of the memory for the media accelerators for the instance + // type, in MiB. + TotalMediaMemoryInMiB *int64 `locationName:"totalMediaMemoryInMiB" type:"integer"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s MediaAcceleratorInfo) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s MediaAcceleratorInfo) GoString() string { + return s.String() +} + +// SetAccelerators sets the Accelerators field's value. +func (s *MediaAcceleratorInfo) SetAccelerators(v []*MediaDeviceInfo) *MediaAcceleratorInfo { + s.Accelerators = v + return s +} + +// SetTotalMediaMemoryInMiB sets the TotalMediaMemoryInMiB field's value. +func (s *MediaAcceleratorInfo) SetTotalMediaMemoryInMiB(v int64) *MediaAcceleratorInfo { + s.TotalMediaMemoryInMiB = &v + return s +} + +// Describes the media accelerators for the instance type. +type MediaDeviceInfo struct { + _ struct{} `type:"structure"` + + // The number of media accelerators for the instance type. + Count *int64 `locationName:"count" type:"integer"` + + // The manufacturer of the media accelerator. + Manufacturer *string `locationName:"manufacturer" type:"string"` + + // Describes the memory available to the media accelerator. + MemoryInfo *MediaDeviceMemoryInfo `locationName:"memoryInfo" type:"structure"` + + // The name of the media accelerator. + Name *string `locationName:"name" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s MediaDeviceInfo) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s MediaDeviceInfo) GoString() string { + return s.String() +} + +// SetCount sets the Count field's value. +func (s *MediaDeviceInfo) SetCount(v int64) *MediaDeviceInfo { + s.Count = &v + return s +} + +// SetManufacturer sets the Manufacturer field's value. +func (s *MediaDeviceInfo) SetManufacturer(v string) *MediaDeviceInfo { + s.Manufacturer = &v + return s +} + +// SetMemoryInfo sets the MemoryInfo field's value. +func (s *MediaDeviceInfo) SetMemoryInfo(v *MediaDeviceMemoryInfo) *MediaDeviceInfo { + s.MemoryInfo = v + return s +} + +// SetName sets the Name field's value. +func (s *MediaDeviceInfo) SetName(v string) *MediaDeviceInfo { + s.Name = &v + return s +} + +// Describes the memory available to the media accelerator. +type MediaDeviceMemoryInfo struct { + _ struct{} `type:"structure"` + + // The size of the memory available to each media accelerator, in MiB. + SizeInMiB *int64 `locationName:"sizeInMiB" type:"integer"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s MediaDeviceMemoryInfo) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s MediaDeviceMemoryInfo) GoString() string { + return s.String() +} + +// SetSizeInMiB sets the SizeInMiB field's value. +func (s *MediaDeviceMemoryInfo) SetSizeInMiB(v int64) *MediaDeviceMemoryInfo { + s.SizeInMiB = &v + return s +} + // The minimum and maximum amount of memory per vCPU, in GiB. type MemoryGiBPerVCpu struct { _ struct{} `type:"structure"` @@ -135094,7 +147104,7 @@ func (s *MemoryMiBRequest) SetMin(v int64) *MemoryMiBRequest { return s } -// Indicates whether the network was healthy or unhealthy at a particular point. +// Indicates whether the network was healthy or degraded at a particular point. // The value is aggregated from the startDate to the endDate. Currently only // five_minutes is supported. type MetricPoint struct { @@ -136099,6 +148109,8 @@ type ModifyFleetInput struct { // Indicates whether running instances should be terminated if the total target // capacity of the EC2 Fleet is decreased below the current size of the EC2 // Fleet. + // + // Supported only for fleets of type maintain. ExcessCapacityTerminationPolicy *string `type:"string" enum:"FleetExcessCapacityTerminationPolicy"` // The ID of the EC2 Fleet. @@ -136402,6 +148414,11 @@ type ModifyHostsInput struct { // HostIds is a required field HostIds []*string `locationName:"hostId" locationNameList:"item" type:"list" required:"true"` + // Indicates whether to enable or disable host maintenance for the Dedicated + // Host. For more information, see Host maintenance (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/dedicated-hosts-maintenance.html) + // in the Amazon EC2 User Guide. + HostMaintenance *string `type:"string" enum:"HostMaintenance"` + // Indicates whether to enable or disable host recovery for the Dedicated Host. // For more information, see Host recovery (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/dedicated-hosts-recovery.html) // in the Amazon EC2 User Guide. @@ -136469,6 +148486,12 @@ func (s *ModifyHostsInput) SetHostIds(v []*string) *ModifyHostsInput { return s } +// SetHostMaintenance sets the HostMaintenance field's value. +func (s *ModifyHostsInput) SetHostMaintenance(v string) *ModifyHostsInput { + s.HostMaintenance = &v + return s +} + // SetHostRecovery sets the HostRecovery field's value. func (s *ModifyHostsInput) SetHostRecovery(v string) *ModifyHostsInput { s.HostRecovery = &v @@ -136732,7 +148755,7 @@ type ModifyImageAttributeInput struct { // The name of the attribute to modify. // - // Valid values: description | launchPermission + // Valid values: description | imdsSupport | launchPermission Attribute *string `type:"string"` // A new description for the AMI. @@ -136749,6 +148772,18 @@ type ModifyImageAttributeInput struct { // ImageId is a required field ImageId *string `type:"string" required:"true"` + // Set to v2.0 to indicate that IMDSv2 is specified in the AMI. Instances launched + // from this AMI will have HttpTokens automatically set to required so that, + // by default, the instance requires that IMDSv2 is used when requesting instance + // metadata. In addition, HttpPutResponseHopLimit is set to 2. For more information, + // see Configure the AMI (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/configuring-IMDS-new-instances.html#configure-IMDS-new-instances-ami-configuration) + // in the Amazon EC2 User Guide. + // + // Do not use this parameter unless your AMI software supports IMDSv2. After + // you set the value to v2.0, you can't undo it. The only way to “reset” + // your AMI is to create a new AMI from the underlying snapshot. + ImdsSupport *AttributeValue `type:"structure"` + // A new launch permission for the AMI. LaunchPermission *LaunchPermissionModifications `type:"structure"` @@ -136776,7 +148811,7 @@ type ModifyImageAttributeInput struct { UserIds []*string `locationName:"UserId" locationNameList:"UserId" type:"list"` // The value of the attribute being modified. This parameter can be used only - // when the Attribute parameter is description. + // when the Attribute parameter is description or imdsSupport. Value *string `type:"string"` } @@ -136835,6 +148870,12 @@ func (s *ModifyImageAttributeInput) SetImageId(v string) *ModifyImageAttributeIn return s } +// SetImdsSupport sets the ImdsSupport field's value. +func (s *ModifyImageAttributeInput) SetImdsSupport(v *AttributeValue) *ModifyImageAttributeInput { + s.ImdsSupport = v + return s +} + // SetLaunchPermission sets the LaunchPermission field's value. func (s *ModifyImageAttributeInput) SetLaunchPermission(v *LaunchPermissionModifications) *ModifyImageAttributeInput { s.LaunchPermission = v @@ -136919,7 +148960,8 @@ type ModifyInstanceAttributeInput struct { // Modifies the DeleteOnTermination attribute for volumes that are currently // attached. The volume must be owned by the caller. If no value is specified // for DeleteOnTermination, the default is true and the volume is deleted when - // the instance is terminated. + // the instance is terminated. You can't modify the DeleteOnTermination attribute + // for volumes that are attached to Fargate tasks. // // To add instance store volumes to an Amazon EBS-backed instance, you must // add them when you launch the instance. For more information, see Update the @@ -136955,10 +148997,9 @@ type ModifyInstanceAttributeInput struct { // a PV instance can make it unreachable. EnaSupport *AttributeBooleanValue `locationName:"enaSupport" type:"structure"` - // [EC2-VPC] Replaces the security groups of the instance with the specified - // security groups. You must specify at least one security group, even if it's - // just the default security group for the VPC. You must specify the security - // group ID, not the security group name. + // Replaces the security groups of the instance with the specified security + // groups. You must specify the ID of at least one security group, even if it's + // just the default security group for the VPC. Groups []*string `locationName:"GroupId" locationNameList:"groupId" type:"list"` // The ID of the instance. @@ -137317,6 +149358,16 @@ func (s *ModifyInstanceCreditSpecificationInput) Validate() error { if s.InstanceCreditSpecifications == nil { invalidParams.Add(request.NewErrParamRequired("InstanceCreditSpecifications")) } + if s.InstanceCreditSpecifications != nil { + for i, v := range s.InstanceCreditSpecifications { + if v == nil { + continue + } + if err := v.Validate(); err != nil { + invalidParams.AddNested(fmt.Sprintf("%s[%v]", "InstanceCreditSpecifications", i), err.(request.ErrInvalidParams)) + } + } + } if invalidParams.Len() > 0 { return invalidParams @@ -137760,7 +149811,7 @@ type ModifyInstanceMetadataOptionsInput struct { HttpEndpoint *string `type:"string" enum:"InstanceMetadataEndpointState"` // Enables or disables the IPv6 endpoint for the instance metadata service. - // This setting applies only if you have enabled the HTTP metadata endpoint. + // Applies only if you enabled the HTTP metadata endpoint. HttpProtocolIpv6 *string `type:"string" enum:"InstanceMetadataProtocolState"` // The desired HTTP PUT response hop limit for instance metadata requests. The @@ -137770,19 +149821,21 @@ type ModifyInstanceMetadataOptionsInput struct { // Possible values: Integers from 1 to 64 HttpPutResponseHopLimit *int64 `type:"integer"` - // The state of token usage for your instance metadata requests. If the parameter - // is not specified in the request, the default state is optional. + // Indicates whether IMDSv2 is required. // - // If the state is optional, you can choose to retrieve instance metadata with - // or without a session token on your request. If you retrieve the IAM role - // credentials without a token, the version 1.0 role credentials are returned. - // If you retrieve the IAM role credentials using a valid session token, the - // version 2.0 role credentials are returned. + // * optional - IMDSv2 is optional. You can choose whether to send a session + // token in your instance metadata retrieval requests. If you retrieve IAM + // role credentials without a session token, you receive the IMDSv1 role + // credentials. If you retrieve IAM role credentials using a valid session + // token, you receive the IMDSv2 role credentials. // - // If the state is required, you must send a session token with any instance - // metadata retrieval requests. In this state, retrieving the IAM role credentials - // always returns the version 2.0 credentials; the version 1.0 credentials are - // not available. + // * required - IMDSv2 is required. You must send a session token in your + // instance metadata retrieval requests. With this option, retrieving the + // IAM role credentials always returns IMDSv2 credentials; IMDSv1 credentials + // are not available. + // + // Default: If the value of ImdsSupport for the Amazon Machine Image (AMI) for + // your instance is v2.0, the default is required. HttpTokens *string `type:"string" enum:"HttpTokensState"` // The ID of the instance. @@ -137794,8 +149847,6 @@ type ModifyInstanceMetadataOptionsInput struct { // Set to disabled to turn off access to instance tags from the instance metadata. // For more information, see Work with instance tags using the instance metadata // (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html#work-with-tags-in-IMDS). - // - // Default: disabled InstanceMetadataTags *string `type:"string" enum:"InstanceMetadataTagsState"` } @@ -137915,7 +149966,9 @@ func (s *ModifyInstanceMetadataOptionsOutput) SetInstanceMetadataOptions(v *Inst type ModifyInstancePlacementInput struct { _ struct{} `type:"structure"` - // The affinity setting for the instance. + // The affinity setting for the instance. For more information, see Host affinity + // (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/how-dedicated-hosts-work.html#dedicated-hosts-affinity) + // in the Amazon EC2 User Guide. Affinity *string `locationName:"affinity" type:"string" enum:"Affinity"` // The Group Id of a placement group. You must specify the Placement Group Group @@ -137933,7 +149986,8 @@ type ModifyInstancePlacementInput struct { // The ID of the Dedicated Host with which to associate the instance. HostId *string `locationName:"hostId" type:"string"` - // The ARN of the host resource group in which to place the instance. + // The ARN of the host resource group in which to place the instance. The instance + // must have a tenancy of host to specify this parameter. HostResourceGroupArn *string `type:"string"` // The ID of the instance that you are modifying. @@ -137947,9 +150001,10 @@ type ModifyInstancePlacementInput struct { // The tenancy for the instance. // - // For T3 instances, you can't change the tenancy from dedicated to host, or - // from host to dedicated. Attempting to make one of these unsupported tenancy - // changes results in the InvalidTenancy error code. + // For T3 instances, you must launch the instance on a Dedicated Host to use + // a tenancy of host. You can't change the tenancy from host to dedicated or + // default. Attempting to make one of these unsupported tenancy changes results + // in an InvalidRequest error code. Tenancy *string `locationName:"tenancy" type:"string" enum:"HostTenancy"` } @@ -138091,6 +150146,11 @@ type ModifyIpamInput struct { // The operating Regions to remove. RemoveOperatingRegions []*RemoveIpamOperatingRegion `locationName:"RemoveOperatingRegion" type:"list"` + + // IPAM is offered in a Free Tier and an Advanced Tier. For more information + // about the features available in each tier and the costs associated with the + // tiers, see Amazon VPC pricing > IPAM tab (http://aws.amazon.com/vpc/pricing/). + Tier *string `type:"string" enum:"IpamTier"` } // String returns the string representation. @@ -138154,6 +150214,12 @@ func (s *ModifyIpamInput) SetRemoveOperatingRegions(v []*RemoveIpamOperatingRegi return s } +// SetTier sets the Tier field's value. +func (s *ModifyIpamInput) SetTier(v string) *ModifyIpamInput { + s.Tier = &v + return s +} + type ModifyIpamOutput struct { _ struct{} `type:"structure"` @@ -138522,6 +150588,125 @@ func (s *ModifyIpamResourceCidrOutput) SetIpamResourceCidr(v *IpamResourceCidr) return s } +type ModifyIpamResourceDiscoveryInput struct { + _ struct{} `type:"structure"` + + // Add operating Regions to the resource discovery. Operating Regions are Amazon + // Web Services Regions where the IPAM is allowed to manage IP address CIDRs. + // IPAM only discovers and monitors resources in the Amazon Web Services Regions + // you select as operating Regions. + AddOperatingRegions []*AddIpamOperatingRegion `locationName:"AddOperatingRegion" type:"list"` + + // A resource discovery description. + Description *string `type:"string"` + + // A check for whether you have the required permissions for the action without + // actually making the request and provides an error response. If you have the + // required permissions, the error response is DryRunOperation. Otherwise, it + // is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // A resource discovery ID. + // + // IpamResourceDiscoveryId is a required field + IpamResourceDiscoveryId *string `type:"string" required:"true"` + + // Remove operating Regions. + RemoveOperatingRegions []*RemoveIpamOperatingRegion `locationName:"RemoveOperatingRegion" type:"list"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ModifyIpamResourceDiscoveryInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ModifyIpamResourceDiscoveryInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *ModifyIpamResourceDiscoveryInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "ModifyIpamResourceDiscoveryInput"} + if s.IpamResourceDiscoveryId == nil { + invalidParams.Add(request.NewErrParamRequired("IpamResourceDiscoveryId")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetAddOperatingRegions sets the AddOperatingRegions field's value. +func (s *ModifyIpamResourceDiscoveryInput) SetAddOperatingRegions(v []*AddIpamOperatingRegion) *ModifyIpamResourceDiscoveryInput { + s.AddOperatingRegions = v + return s +} + +// SetDescription sets the Description field's value. +func (s *ModifyIpamResourceDiscoveryInput) SetDescription(v string) *ModifyIpamResourceDiscoveryInput { + s.Description = &v + return s +} + +// SetDryRun sets the DryRun field's value. +func (s *ModifyIpamResourceDiscoveryInput) SetDryRun(v bool) *ModifyIpamResourceDiscoveryInput { + s.DryRun = &v + return s +} + +// SetIpamResourceDiscoveryId sets the IpamResourceDiscoveryId field's value. +func (s *ModifyIpamResourceDiscoveryInput) SetIpamResourceDiscoveryId(v string) *ModifyIpamResourceDiscoveryInput { + s.IpamResourceDiscoveryId = &v + return s +} + +// SetRemoveOperatingRegions sets the RemoveOperatingRegions field's value. +func (s *ModifyIpamResourceDiscoveryInput) SetRemoveOperatingRegions(v []*RemoveIpamOperatingRegion) *ModifyIpamResourceDiscoveryInput { + s.RemoveOperatingRegions = v + return s +} + +type ModifyIpamResourceDiscoveryOutput struct { + _ struct{} `type:"structure"` + + // A resource discovery. + IpamResourceDiscovery *IpamResourceDiscovery `locationName:"ipamResourceDiscovery" type:"structure"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ModifyIpamResourceDiscoveryOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ModifyIpamResourceDiscoveryOutput) GoString() string { + return s.String() +} + +// SetIpamResourceDiscovery sets the IpamResourceDiscovery field's value. +func (s *ModifyIpamResourceDiscoveryOutput) SetIpamResourceDiscovery(v *IpamResourceDiscovery) *ModifyIpamResourceDiscoveryOutput { + s.IpamResourceDiscovery = v + return s +} + type ModifyIpamScopeInput struct { _ struct{} `type:"structure"` @@ -138748,9 +150933,12 @@ type ModifyLocalGatewayRouteInput struct { // The CIDR block used for destination matches. The value that you provide must // match the CIDR of an existing route in the table. - // - // DestinationCidrBlock is a required field - DestinationCidrBlock *string `type:"string" required:"true"` + DestinationCidrBlock *string `type:"string"` + + // The ID of the prefix list. Use a prefix list in place of DestinationCidrBlock. + // You cannot use DestinationPrefixListId and DestinationCidrBlock in the same + // request. + DestinationPrefixListId *string `type:"string"` // Checks whether you have the required permissions for the action, without // actually making the request, and provides an error response. If you have @@ -138791,9 +150979,6 @@ func (s ModifyLocalGatewayRouteInput) GoString() string { // Validate inspects the fields of the type to determine if they are valid. func (s *ModifyLocalGatewayRouteInput) Validate() error { invalidParams := request.ErrInvalidParams{Context: "ModifyLocalGatewayRouteInput"} - if s.DestinationCidrBlock == nil { - invalidParams.Add(request.NewErrParamRequired("DestinationCidrBlock")) - } if s.LocalGatewayRouteTableId == nil { invalidParams.Add(request.NewErrParamRequired("LocalGatewayRouteTableId")) } @@ -138810,6 +150995,12 @@ func (s *ModifyLocalGatewayRouteInput) SetDestinationCidrBlock(v string) *Modify return s } +// SetDestinationPrefixListId sets the DestinationPrefixListId field's value. +func (s *ModifyLocalGatewayRouteInput) SetDestinationPrefixListId(v string) *ModifyLocalGatewayRouteInput { + s.DestinationPrefixListId = &v + return s +} + // SetDryRun sets the DryRun field's value. func (s *ModifyLocalGatewayRouteInput) SetDryRun(v bool) *ModifyLocalGatewayRouteInput { s.DryRun = &v @@ -139033,6 +151224,9 @@ type ModifyNetworkInterfaceAttributeInput struct { // attribute, you must specify the ID of the interface attachment. Attachment *NetworkInterfaceAttachmentChanges `locationName:"attachment" type:"structure"` + // A connection tracking specification. + ConnectionTrackingSpecification *ConnectionTrackingSpecificationRequest `type:"structure"` + // A description for the network interface. Description *AttributeValue `locationName:"description" type:"structure"` @@ -139046,6 +151240,21 @@ type ModifyNetworkInterfaceAttributeInput struct { // attached to the instance. EnaSrdSpecification *EnaSrdSpecification `type:"structure"` + // If you’re modifying a network interface in a dual-stack or IPv6-only subnet, + // you have the option to assign a primary IPv6 IP address. A primary IPv6 address + // is an IPv6 GUA address associated with an ENI that you have enabled to use + // a primary IPv6 address. Use this option if the instance that this ENI will + // be attached to relies on its IPv6 address not changing. Amazon Web Services + // will automatically assign an IPv6 address associated with the ENI attached + // to your instance to be the primary IPv6 address. Once you enable an IPv6 + // GUA address to be a primary IPv6, you cannot disable it. When you enable + // an IPv6 GUA address to be a primary IPv6, the first IPv6 GUA will be made + // the primary IPv6 address until the instance is terminated or the network + // interface is detached. If you have multiple IPv6 addresses associated with + // an ENI attached to your instance and you enable a primary IPv6 address, the + // first IPv6 GUA address associated with the ENI becomes the primary IPv6 address. + EnablePrimaryIpv6 *bool `type:"boolean"` + // Changes the security groups for the network interface. The new set of groups // you specify replaces the current set. You must specify at least one group, // even if it's just the default security group in the VPC. You must specify @@ -139103,6 +151312,12 @@ func (s *ModifyNetworkInterfaceAttributeInput) SetAttachment(v *NetworkInterface return s } +// SetConnectionTrackingSpecification sets the ConnectionTrackingSpecification field's value. +func (s *ModifyNetworkInterfaceAttributeInput) SetConnectionTrackingSpecification(v *ConnectionTrackingSpecificationRequest) *ModifyNetworkInterfaceAttributeInput { + s.ConnectionTrackingSpecification = v + return s +} + // SetDescription sets the Description field's value. func (s *ModifyNetworkInterfaceAttributeInput) SetDescription(v *AttributeValue) *ModifyNetworkInterfaceAttributeInput { s.Description = v @@ -139121,6 +151336,12 @@ func (s *ModifyNetworkInterfaceAttributeInput) SetEnaSrdSpecification(v *EnaSrdS return s } +// SetEnablePrimaryIpv6 sets the EnablePrimaryIpv6 field's value. +func (s *ModifyNetworkInterfaceAttributeInput) SetEnablePrimaryIpv6(v bool) *ModifyNetworkInterfaceAttributeInput { + s.EnablePrimaryIpv6 = &v + return s +} + // SetGroups sets the Groups field's value. func (s *ModifyNetworkInterfaceAttributeInput) SetGroups(v []*string) *ModifyNetworkInterfaceAttributeInput { s.Groups = v @@ -139179,7 +151400,9 @@ type ModifyPrivateDnsNameOptionsInput struct { EnableResourceNameDnsARecord *bool `type:"boolean"` // The ID of the instance. - InstanceId *string `type:"string"` + // + // InstanceId is a required field + InstanceId *string `type:"string" required:"true"` // The type of hostname for EC2 instances. For IPv4 only subnets, an instance // DNS name must be based on the instance IPv4 address. For IPv6 only subnets, @@ -139207,6 +151430,19 @@ func (s ModifyPrivateDnsNameOptionsInput) GoString() string { return s.String() } +// Validate inspects the fields of the type to determine if they are valid. +func (s *ModifyPrivateDnsNameOptionsInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "ModifyPrivateDnsNameOptionsInput"} + if s.InstanceId == nil { + invalidParams.Add(request.NewErrParamRequired("InstanceId")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + // SetDryRun sets the DryRun field's value. func (s *ModifyPrivateDnsNameOptionsInput) SetDryRun(v bool) *ModifyPrivateDnsNameOptionsInput { s.DryRun = &v @@ -139418,6 +151654,16 @@ func (s *ModifySecurityGroupRulesInput) Validate() error { if s.SecurityGroupRules == nil { invalidParams.Add(request.NewErrParamRequired("SecurityGroupRules")) } + if s.SecurityGroupRules != nil { + for i, v := range s.SecurityGroupRules { + if v == nil { + continue + } + if err := v.Validate(); err != nil { + invalidParams.AddNested(fmt.Sprintf("%s[%v]", "SecurityGroupRules", i), err.(request.ErrInvalidParams)) + } + } + } if invalidParams.Len() > 0 { return invalidParams @@ -139714,9 +151960,11 @@ type ModifySpotFleetRequestInput struct { // Reserved. Context *string `type:"string"` - // Indicates whether running Spot Instances should be terminated if the target - // capacity of the Spot Fleet request is decreased below the current size of - // the Spot Fleet. + // Indicates whether running instances should be terminated if the target capacity + // of the Spot Fleet request is decreased below the current size of the Spot + // Fleet. + // + // Supported only for fleets of type maintain. ExcessCapacityTerminationPolicy *string `locationName:"excessCapacityTerminationPolicy" type:"string" enum:"ExcessCapacityTerminationPolicy"` // The launch template and overrides. You can only use this parameter if you @@ -139896,6 +152144,11 @@ type ModifySubnetAttributeInput struct { // Specify true to indicate that network interfaces attached to instances created // in the specified subnet should be assigned a public IPv4 address. + // + // Amazon Web Services charges for all public IPv4 addresses, including public + // IPv4 addresses associated with running instances and Elastic IP addresses. + // For more information, see the Public IPv4 Address tab on the Amazon VPC pricing + // page (http://aws.amazon.com/vpc/pricing/). MapPublicIpOnLaunch *AttributeBooleanValue `type:"structure"` // The type of hostname to assign to instances in the subnet at launch. For @@ -140338,6 +152591,10 @@ type ModifyTrafficMirrorSessionInput struct { // For example, if you set this value to 100, then the first 100 bytes that // meet the filter criteria are copied to the target. Do not specify this parameter // when you want to mirror the entire packet. + // + // For sessions with Network Load Balancer (NLB) traffic mirror targets, the + // default PacketLength will be set to 8500. Valid values are 1-8500. Setting + // a PacketLength greater than 8500 will result in an error response. PacketLength *int64 `type:"integer"` // The properties that you want to remove from the Traffic Mirror session. @@ -140601,6 +152858,18 @@ type ModifyTransitGatewayOptions struct { // Removes CIDR blocks for the transit gateway. RemoveTransitGatewayCidrBlocks []*string `locationNameList:"item" type:"list"` + // + // This parameter is in preview and may not be available for your account. + // + // Enables you to reference a security group across VPCs attached to a transit + // gateway. Use this option to simplify security group management and control + // of instance-to-instance traffic across VPCs that are connected by transit + // gateway. You can also use this option to migrate from VPC peering (which + // was the only option that supported security group referencing) to transit + // gateways (which now also support security group referencing). This option + // is disabled by default and there are no additional costs to use this feature. + SecurityGroupReferencingSupport *string `type:"string" enum:"SecurityGroupReferencingSupportValue"` + // Enable or disable Equal Cost Multipath Protocol support. VpnEcmpSupport *string `type:"string" enum:"VpnEcmpSupportValue"` } @@ -140677,6 +152946,12 @@ func (s *ModifyTransitGatewayOptions) SetRemoveTransitGatewayCidrBlocks(v []*str return s } +// SetSecurityGroupReferencingSupport sets the SecurityGroupReferencingSupport field's value. +func (s *ModifyTransitGatewayOptions) SetSecurityGroupReferencingSupport(v string) *ModifyTransitGatewayOptions { + s.SecurityGroupReferencingSupport = &v + return s +} + // SetVpnEcmpSupport sets the VpnEcmpSupport field's value. func (s *ModifyTransitGatewayOptions) SetVpnEcmpSupport(v string) *ModifyTransitGatewayOptions { s.VpnEcmpSupport = &v @@ -140966,6 +153241,18 @@ type ModifyTransitGatewayVpcAttachmentRequestOptions struct { // Enable or disable IPv6 support. The default is enable. Ipv6Support *string `type:"string" enum:"Ipv6SupportValue"` + + // + // This parameter is in preview and may not be available for your account. + // + // Enables you to reference a security group across VPCs attached to a transit + // gateway. Use this option to simplify security group management and control + // of instance-to-instance traffic across VPCs that are connected by transit + // gateway. You can also use this option to migrate from VPC peering (which + // was the only option that supported security group referencing) to transit + // gateways (which now also support security group referencing). This option + // is disabled by default and there are no additional costs to use this feature. + SecurityGroupReferencingSupport *string `type:"string" enum:"SecurityGroupReferencingSupportValue"` } // String returns the string representation. @@ -141004,7 +153291,14 @@ func (s *ModifyTransitGatewayVpcAttachmentRequestOptions) SetIpv6Support(v strin return s } -// Options for a network-interface type Verified Access endpoint. +// SetSecurityGroupReferencingSupport sets the SecurityGroupReferencingSupport field's value. +func (s *ModifyTransitGatewayVpcAttachmentRequestOptions) SetSecurityGroupReferencingSupport(v string) *ModifyTransitGatewayVpcAttachmentRequestOptions { + s.SecurityGroupReferencingSupport = &v + return s +} + +// Describes the options when modifying a Verified Access endpoint with the +// network-interface type. type ModifyVerifiedAccessEndpointEniOptions struct { _ struct{} `type:"structure"` @@ -141066,7 +153360,7 @@ type ModifyVerifiedAccessEndpointInput struct { // (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html). ClientToken *string `type:"string" idempotencyToken:"true"` - // A description for the Amazon Web Services Verified Access endpoint. + // A description for the Verified Access endpoint. Description *string `type:"string"` // Checks whether you have the required permissions for the action, without @@ -141075,19 +153369,18 @@ type ModifyVerifiedAccessEndpointInput struct { // it is UnauthorizedOperation. DryRun *bool `type:"boolean"` - // The load balancer details if creating the Amazon Web Services Verified Access - // endpoint as load-balancertype. + // The load balancer details if creating the Verified Access endpoint as load-balancertype. LoadBalancerOptions *ModifyVerifiedAccessEndpointLoadBalancerOptions `type:"structure"` // The network interface options. NetworkInterfaceOptions *ModifyVerifiedAccessEndpointEniOptions `type:"structure"` - // The ID of the Amazon Web Services Verified Access endpoint. + // The ID of the Verified Access endpoint. // // VerifiedAccessEndpointId is a required field VerifiedAccessEndpointId *string `type:"string" required:"true"` - // The ID of the Amazon Web Services Verified Access group. + // The ID of the Verified Access group. VerifiedAccessGroupId *string `type:"string"` } @@ -141241,7 +153534,7 @@ func (s *ModifyVerifiedAccessEndpointLoadBalancerOptions) SetSubnetIds(v []*stri type ModifyVerifiedAccessEndpointOutput struct { _ struct{} `type:"structure"` - // The Amazon Web Services Verified Access endpoint details. + // Details about the Verified Access endpoint. VerifiedAccessEndpoint *VerifiedAccessEndpoint `locationName:"verifiedAccessEndpoint" type:"structure"` } @@ -141283,15 +153576,16 @@ type ModifyVerifiedAccessEndpointPolicyInput struct { // it is UnauthorizedOperation. DryRun *bool `type:"boolean"` - // The Amazon Web Services Verified Access policy document. + // The Verified Access policy document. PolicyDocument *string `type:"string"` // The status of the Verified Access policy. - // - // PolicyEnabled is a required field - PolicyEnabled *bool `type:"boolean" required:"true"` + PolicyEnabled *bool `type:"boolean"` - // The ID of the Amazon Web Services Verified Access endpoint. + // The options for server side encryption. + SseSpecification *VerifiedAccessSseSpecificationRequest `type:"structure"` + + // The ID of the Verified Access endpoint. // // VerifiedAccessEndpointId is a required field VerifiedAccessEndpointId *string `type:"string" required:"true"` @@ -141318,9 +153612,6 @@ func (s ModifyVerifiedAccessEndpointPolicyInput) GoString() string { // Validate inspects the fields of the type to determine if they are valid. func (s *ModifyVerifiedAccessEndpointPolicyInput) Validate() error { invalidParams := request.ErrInvalidParams{Context: "ModifyVerifiedAccessEndpointPolicyInput"} - if s.PolicyEnabled == nil { - invalidParams.Add(request.NewErrParamRequired("PolicyEnabled")) - } if s.VerifiedAccessEndpointId == nil { invalidParams.Add(request.NewErrParamRequired("VerifiedAccessEndpointId")) } @@ -141355,6 +153646,12 @@ func (s *ModifyVerifiedAccessEndpointPolicyInput) SetPolicyEnabled(v bool) *Modi return s } +// SetSseSpecification sets the SseSpecification field's value. +func (s *ModifyVerifiedAccessEndpointPolicyInput) SetSseSpecification(v *VerifiedAccessSseSpecificationRequest) *ModifyVerifiedAccessEndpointPolicyInput { + s.SseSpecification = v + return s +} + // SetVerifiedAccessEndpointId sets the VerifiedAccessEndpointId field's value. func (s *ModifyVerifiedAccessEndpointPolicyInput) SetVerifiedAccessEndpointId(v string) *ModifyVerifiedAccessEndpointPolicyInput { s.VerifiedAccessEndpointId = &v @@ -141364,11 +153661,14 @@ func (s *ModifyVerifiedAccessEndpointPolicyInput) SetVerifiedAccessEndpointId(v type ModifyVerifiedAccessEndpointPolicyOutput struct { _ struct{} `type:"structure"` - // The Amazon Web Services Verified Access policy document. + // The Verified Access policy document. PolicyDocument *string `locationName:"policyDocument" type:"string"` // The status of the Verified Access policy. PolicyEnabled *bool `locationName:"policyEnabled" type:"boolean"` + + // The options in use for server side encryption. + SseSpecification *VerifiedAccessSseSpecificationResponse `locationName:"sseSpecification" type:"structure"` } // String returns the string representation. @@ -141401,6 +153701,12 @@ func (s *ModifyVerifiedAccessEndpointPolicyOutput) SetPolicyEnabled(v bool) *Mod return s } +// SetSseSpecification sets the SseSpecification field's value. +func (s *ModifyVerifiedAccessEndpointPolicyOutput) SetSseSpecification(v *VerifiedAccessSseSpecificationResponse) *ModifyVerifiedAccessEndpointPolicyOutput { + s.SseSpecification = v + return s +} + type ModifyVerifiedAccessGroupInput struct { _ struct{} `type:"structure"` @@ -141409,7 +153715,7 @@ type ModifyVerifiedAccessGroupInput struct { // (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html). ClientToken *string `type:"string" idempotencyToken:"true"` - // A description for the Amazon Web Services Verified Access group. + // A description for the Verified Access group. Description *string `type:"string"` // Checks whether you have the required permissions for the action, without @@ -141418,12 +153724,12 @@ type ModifyVerifiedAccessGroupInput struct { // it is UnauthorizedOperation. DryRun *bool `type:"boolean"` - // The ID of the Amazon Web Services Verified Access group. + // The ID of the Verified Access group. // // VerifiedAccessGroupId is a required field VerifiedAccessGroupId *string `type:"string" required:"true"` - // The ID of the Amazon Web Services Verified Access instance. + // The ID of the Verified Access instance. VerifiedAccessInstanceId *string `type:"string"` } @@ -141491,7 +153797,7 @@ func (s *ModifyVerifiedAccessGroupInput) SetVerifiedAccessInstanceId(v string) * type ModifyVerifiedAccessGroupOutput struct { _ struct{} `type:"structure"` - // Details of Amazon Web Services Verified Access group. + // Details about the Verified Access group. VerifiedAccessGroup *VerifiedAccessGroup `locationName:"verifiedAccessGroup" type:"structure"` } @@ -141533,15 +153839,16 @@ type ModifyVerifiedAccessGroupPolicyInput struct { // it is UnauthorizedOperation. DryRun *bool `type:"boolean"` - // The Amazon Web Services Verified Access policy document. + // The Verified Access policy document. PolicyDocument *string `type:"string"` // The status of the Verified Access policy. - // - // PolicyEnabled is a required field - PolicyEnabled *bool `type:"boolean" required:"true"` + PolicyEnabled *bool `type:"boolean"` - // The ID of the Amazon Web Services Verified Access group. + // The options for server side encryption. + SseSpecification *VerifiedAccessSseSpecificationRequest `type:"structure"` + + // The ID of the Verified Access group. // // VerifiedAccessGroupId is a required field VerifiedAccessGroupId *string `type:"string" required:"true"` @@ -141568,9 +153875,6 @@ func (s ModifyVerifiedAccessGroupPolicyInput) GoString() string { // Validate inspects the fields of the type to determine if they are valid. func (s *ModifyVerifiedAccessGroupPolicyInput) Validate() error { invalidParams := request.ErrInvalidParams{Context: "ModifyVerifiedAccessGroupPolicyInput"} - if s.PolicyEnabled == nil { - invalidParams.Add(request.NewErrParamRequired("PolicyEnabled")) - } if s.VerifiedAccessGroupId == nil { invalidParams.Add(request.NewErrParamRequired("VerifiedAccessGroupId")) } @@ -141605,6 +153909,12 @@ func (s *ModifyVerifiedAccessGroupPolicyInput) SetPolicyEnabled(v bool) *ModifyV return s } +// SetSseSpecification sets the SseSpecification field's value. +func (s *ModifyVerifiedAccessGroupPolicyInput) SetSseSpecification(v *VerifiedAccessSseSpecificationRequest) *ModifyVerifiedAccessGroupPolicyInput { + s.SseSpecification = v + return s +} + // SetVerifiedAccessGroupId sets the VerifiedAccessGroupId field's value. func (s *ModifyVerifiedAccessGroupPolicyInput) SetVerifiedAccessGroupId(v string) *ModifyVerifiedAccessGroupPolicyInput { s.VerifiedAccessGroupId = &v @@ -141614,11 +153924,14 @@ func (s *ModifyVerifiedAccessGroupPolicyInput) SetVerifiedAccessGroupId(v string type ModifyVerifiedAccessGroupPolicyOutput struct { _ struct{} `type:"structure"` - // The Amazon Web Services Verified Access policy document. + // The Verified Access policy document. PolicyDocument *string `locationName:"policyDocument" type:"string"` // The status of the Verified Access policy. PolicyEnabled *bool `locationName:"policyEnabled" type:"boolean"` + + // The options in use for server side encryption. + SseSpecification *VerifiedAccessSseSpecificationResponse `locationName:"sseSpecification" type:"structure"` } // String returns the string representation. @@ -141651,6 +153964,12 @@ func (s *ModifyVerifiedAccessGroupPolicyOutput) SetPolicyEnabled(v bool) *Modify return s } +// SetSseSpecification sets the SseSpecification field's value. +func (s *ModifyVerifiedAccessGroupPolicyOutput) SetSseSpecification(v *VerifiedAccessSseSpecificationResponse) *ModifyVerifiedAccessGroupPolicyOutput { + s.SseSpecification = v + return s +} + type ModifyVerifiedAccessInstanceInput struct { _ struct{} `type:"structure"` @@ -141659,7 +153978,7 @@ type ModifyVerifiedAccessInstanceInput struct { // (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html). ClientToken *string `type:"string" idempotencyToken:"true"` - // A description for the Amazon Web Services Verified Access instance. + // A description for the Verified Access instance. Description *string `type:"string"` // Checks whether you have the required permissions for the action, without @@ -141668,7 +153987,7 @@ type ModifyVerifiedAccessInstanceInput struct { // it is UnauthorizedOperation. DryRun *bool `type:"boolean"` - // The ID of the Amazon Web Services Verified Access instance. + // The ID of the Verified Access instance. // // VerifiedAccessInstanceId is a required field VerifiedAccessInstanceId *string `type:"string" required:"true"` @@ -141732,7 +154051,7 @@ func (s *ModifyVerifiedAccessInstanceInput) SetVerifiedAccessInstanceId(v string type ModifyVerifiedAccessInstanceLoggingConfigurationInput struct { _ struct{} `type:"structure"` - // The configuration options for Amazon Web Services Verified Access instances. + // The configuration options for Verified Access instances. // // AccessLogs is a required field AccessLogs *VerifiedAccessLogOptions `type:"structure" required:"true"` @@ -141748,7 +154067,7 @@ type ModifyVerifiedAccessInstanceLoggingConfigurationInput struct { // it is UnauthorizedOperation. DryRun *bool `type:"boolean"` - // The ID of the Amazon Web Services Verified Access instance. + // The ID of the Verified Access instance. // // VerifiedAccessInstanceId is a required field VerifiedAccessInstanceId *string `type:"string" required:"true"` @@ -141820,7 +154139,7 @@ func (s *ModifyVerifiedAccessInstanceLoggingConfigurationInput) SetVerifiedAcces type ModifyVerifiedAccessInstanceLoggingConfigurationOutput struct { _ struct{} `type:"structure"` - // The logging configuration for Amazon Web Services Verified Access instance. + // The logging configuration for the Verified Access instance. LoggingConfiguration *VerifiedAccessInstanceLoggingConfiguration `locationName:"loggingConfiguration" type:"structure"` } @@ -141851,7 +154170,7 @@ func (s *ModifyVerifiedAccessInstanceLoggingConfigurationOutput) SetLoggingConfi type ModifyVerifiedAccessInstanceOutput struct { _ struct{} `type:"structure"` - // The ID of the Amazon Web Services Verified Access instance. + // Details about the Verified Access instance. VerifiedAccessInstance *VerifiedAccessInstance `locationName:"verifiedAccessInstance" type:"structure"` } @@ -141879,6 +154198,40 @@ func (s *ModifyVerifiedAccessInstanceOutput) SetVerifiedAccessInstance(v *Verifi return s } +// Modifies the configuration of the specified device-based Amazon Web Services +// Verified Access trust provider. +type ModifyVerifiedAccessTrustProviderDeviceOptions struct { + _ struct{} `type:"structure"` + + // The URL Amazon Web Services Verified Access will use to verify the authenticity + // of the device tokens. + PublicSigningKeyUrl *string `type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ModifyVerifiedAccessTrustProviderDeviceOptions) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ModifyVerifiedAccessTrustProviderDeviceOptions) GoString() string { + return s.String() +} + +// SetPublicSigningKeyUrl sets the PublicSigningKeyUrl field's value. +func (s *ModifyVerifiedAccessTrustProviderDeviceOptions) SetPublicSigningKeyUrl(v string) *ModifyVerifiedAccessTrustProviderDeviceOptions { + s.PublicSigningKeyUrl = &v + return s +} + type ModifyVerifiedAccessTrustProviderInput struct { _ struct{} `type:"structure"` @@ -141887,19 +154240,26 @@ type ModifyVerifiedAccessTrustProviderInput struct { // (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html). ClientToken *string `type:"string" idempotencyToken:"true"` - // A description for the Amazon Web Services Verified Access trust provider. + // A description for the Verified Access trust provider. Description *string `type:"string"` + // The options for a device-based trust provider. This parameter is required + // when the provider type is device. + DeviceOptions *ModifyVerifiedAccessTrustProviderDeviceOptions `type:"structure"` + // Checks whether you have the required permissions for the action, without // actually making the request, and provides an error response. If you have // the required permissions, the error response is DryRunOperation. Otherwise, // it is UnauthorizedOperation. DryRun *bool `type:"boolean"` - // The OpenID Connect details for an oidc-type, user-identity based trust provider. + // The options for an OpenID Connect-compatible user-identity trust provider. OidcOptions *ModifyVerifiedAccessTrustProviderOidcOptions `type:"structure"` - // The ID of the Amazon Web Services Verified Access trust provider. + // The options for server side encryption. + SseSpecification *VerifiedAccessSseSpecificationRequest `type:"structure"` + + // The ID of the Verified Access trust provider. // // VerifiedAccessTrustProviderId is a required field VerifiedAccessTrustProviderId *string `type:"string" required:"true"` @@ -141948,6 +154308,12 @@ func (s *ModifyVerifiedAccessTrustProviderInput) SetDescription(v string) *Modif return s } +// SetDeviceOptions sets the DeviceOptions field's value. +func (s *ModifyVerifiedAccessTrustProviderInput) SetDeviceOptions(v *ModifyVerifiedAccessTrustProviderDeviceOptions) *ModifyVerifiedAccessTrustProviderInput { + s.DeviceOptions = v + return s +} + // SetDryRun sets the DryRun field's value. func (s *ModifyVerifiedAccessTrustProviderInput) SetDryRun(v bool) *ModifyVerifiedAccessTrustProviderInput { s.DryRun = &v @@ -141960,20 +154326,48 @@ func (s *ModifyVerifiedAccessTrustProviderInput) SetOidcOptions(v *ModifyVerifie return s } +// SetSseSpecification sets the SseSpecification field's value. +func (s *ModifyVerifiedAccessTrustProviderInput) SetSseSpecification(v *VerifiedAccessSseSpecificationRequest) *ModifyVerifiedAccessTrustProviderInput { + s.SseSpecification = v + return s +} + // SetVerifiedAccessTrustProviderId sets the VerifiedAccessTrustProviderId field's value. func (s *ModifyVerifiedAccessTrustProviderInput) SetVerifiedAccessTrustProviderId(v string) *ModifyVerifiedAccessTrustProviderInput { s.VerifiedAccessTrustProviderId = &v return s } -// OpenID Connect options for an oidc-type, user-identity based trust provider. +// Options for an OpenID Connect-compatible user-identity trust provider. type ModifyVerifiedAccessTrustProviderOidcOptions struct { _ struct{} `type:"structure"` + // The OIDC authorization endpoint. + AuthorizationEndpoint *string `type:"string"` + + // The client identifier. + ClientId *string `type:"string"` + + // The client secret. + // + // ClientSecret is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by ModifyVerifiedAccessTrustProviderOidcOptions's + // String and GoString methods. + ClientSecret *string `type:"string" sensitive:"true"` + + // The OIDC issuer. + Issuer *string `type:"string"` + // OpenID Connect (OIDC) scopes are used by an application during authentication // to authorize access to a user's details. Each scope returns a specific set // of user attributes. Scope *string `type:"string"` + + // The OIDC token endpoint. + TokenEndpoint *string `type:"string"` + + // The OIDC user info endpoint. + UserInfoEndpoint *string `type:"string"` } // String returns the string representation. @@ -141994,16 +154388,52 @@ func (s ModifyVerifiedAccessTrustProviderOidcOptions) GoString() string { return s.String() } +// SetAuthorizationEndpoint sets the AuthorizationEndpoint field's value. +func (s *ModifyVerifiedAccessTrustProviderOidcOptions) SetAuthorizationEndpoint(v string) *ModifyVerifiedAccessTrustProviderOidcOptions { + s.AuthorizationEndpoint = &v + return s +} + +// SetClientId sets the ClientId field's value. +func (s *ModifyVerifiedAccessTrustProviderOidcOptions) SetClientId(v string) *ModifyVerifiedAccessTrustProviderOidcOptions { + s.ClientId = &v + return s +} + +// SetClientSecret sets the ClientSecret field's value. +func (s *ModifyVerifiedAccessTrustProviderOidcOptions) SetClientSecret(v string) *ModifyVerifiedAccessTrustProviderOidcOptions { + s.ClientSecret = &v + return s +} + +// SetIssuer sets the Issuer field's value. +func (s *ModifyVerifiedAccessTrustProviderOidcOptions) SetIssuer(v string) *ModifyVerifiedAccessTrustProviderOidcOptions { + s.Issuer = &v + return s +} + // SetScope sets the Scope field's value. func (s *ModifyVerifiedAccessTrustProviderOidcOptions) SetScope(v string) *ModifyVerifiedAccessTrustProviderOidcOptions { s.Scope = &v return s } +// SetTokenEndpoint sets the TokenEndpoint field's value. +func (s *ModifyVerifiedAccessTrustProviderOidcOptions) SetTokenEndpoint(v string) *ModifyVerifiedAccessTrustProviderOidcOptions { + s.TokenEndpoint = &v + return s +} + +// SetUserInfoEndpoint sets the UserInfoEndpoint field's value. +func (s *ModifyVerifiedAccessTrustProviderOidcOptions) SetUserInfoEndpoint(v string) *ModifyVerifiedAccessTrustProviderOidcOptions { + s.UserInfoEndpoint = &v + return s +} + type ModifyVerifiedAccessTrustProviderOutput struct { _ struct{} `type:"structure"` - // The ID of the Amazon Web Services Verified Access trust provider. + // Details about the Verified Access trust provider. VerifiedAccessTrustProvider *VerifiedAccessTrustProvider `locationName:"verifiedAccessTrustProvider" type:"structure"` } @@ -142134,11 +154564,15 @@ type ModifyVolumeInput struct { // // The following are the supported values for each volume type: // - // * gp3: 3,000-16,000 IOPS + // * gp3: 3,000 - 16,000 IOPS // - // * io1: 100-64,000 IOPS + // * io1: 100 - 64,000 IOPS // - // * io2: 100-64,000 IOPS + // * io2: 100 - 256,000 IOPS + // + // For io2 volumes, you can achieve up to 256,000 IOPS on instances built on + // the Nitro System (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html#ec2-nitro-instances). + // On other instances, you can achieve performance up to 32,000 IOPS. // // Default: The existing value is retained if you keep the same volume type. // If you change the volume type to io1, io2, or gp3, the default is 3,000. @@ -142147,8 +154581,8 @@ type ModifyVolumeInput struct { // Specifies whether to enable Amazon EBS Multi-Attach. If you enable Multi-Attach, // you can attach the volume to up to 16 Nitro-based instances (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html#ec2-nitro-instances) // in the same Availability Zone. This parameter is supported with io1 and io2 - // volumes only. For more information, see Amazon EBS Multi-Attach (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-volumes-multi.html) - // in the Amazon Elastic Compute Cloud User Guide. + // volumes only. For more information, see Amazon EBS Multi-Attach (https://docs.aws.amazon.com/ebs/latest/userguide/ebs-volumes-multi.html) + // in the Amazon EBS User Guide. MultiAttachEnabled *bool `type:"boolean"` // The target size of the volume, in GiB. The target volume size must be greater @@ -142156,13 +154590,15 @@ type ModifyVolumeInput struct { // // The following are the supported volumes sizes for each volume type: // - // * gp2 and gp3: 1-16,384 + // * gp2 and gp3: 1 - 16,384 GiB + // + // * io1: 4 - 16,384 GiB // - // * io1 and io2: 4-16,384 + // * io2: 4 - 65,536 GiB // - // * st1 and sc1: 125-16,384 + // * st1 and sc1: 125 - 16,384 GiB // - // * standard: 1-1,024 + // * standard: 1 - 1024 GiB // // Default: The existing size is retained. Size *int64 `type:"integer"` @@ -142182,8 +154618,8 @@ type ModifyVolumeInput struct { VolumeId *string `type:"string" required:"true"` // The target EBS volume type of the volume. For more information, see Amazon - // EBS volume types (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html) - // in the Amazon Elastic Compute Cloud User Guide. + // EBS volume types (https://docs.aws.amazon.com/ebs/latest/userguide/ebs-volume-types.html) + // in the Amazon EBS User Guide. // // Default: The existing type is retained. VolumeType *string `type:"string" enum:"VolumeType"` @@ -142403,8 +154839,8 @@ func (s ModifyVpcAttributeOutput) GoString() string { type ModifyVpcEndpointConnectionNotificationInput struct { _ struct{} `type:"structure"` - // One or more events for the endpoint. Valid values are Accept, Connect, Delete, - // and Reject. + // The events for the endpoint. Valid values are Accept, Connect, Delete, and + // Reject. ConnectionEvents []*string `locationNameList:"item" type:"list"` // The ARN for the SNS topic for the notification. @@ -142508,18 +154944,17 @@ func (s *ModifyVpcEndpointConnectionNotificationOutput) SetReturnValue(v bool) * return s } -// Contains the parameters for ModifyVpcEndpoint. type ModifyVpcEndpointInput struct { _ struct{} `type:"structure"` - // (Gateway endpoint) One or more route tables IDs to associate with the endpoint. + // (Gateway endpoint) The IDs of the route tables to associate with the endpoint. AddRouteTableIds []*string `locationName:"AddRouteTableId" locationNameList:"item" type:"list"` - // (Interface endpoint) One or more security group IDs to associate with the - // network interface. + // (Interface endpoint) The IDs of the security groups to associate with the + // endpoint network interfaces. AddSecurityGroupIds []*string `locationName:"AddSecurityGroupId" locationNameList:"item" type:"list"` - // (Interface and Gateway Load Balancer endpoints) One or more subnet IDs in + // (Interface and Gateway Load Balancer endpoints) The IDs of the subnets in // which to serve the endpoint. For a Gateway Load Balancer endpoint, you can // specify only one subnet. AddSubnetIds []*string `locationName:"AddSubnetId" locationNameList:"item" type:"list"` @@ -142544,20 +154979,23 @@ type ModifyVpcEndpointInput struct { // with the VPC. PrivateDnsEnabled *bool `type:"boolean"` - // (Gateway endpoint) One or more route table IDs to disassociate from the endpoint. + // (Gateway endpoint) The IDs of the route tables to disassociate from the endpoint. RemoveRouteTableIds []*string `locationName:"RemoveRouteTableId" locationNameList:"item" type:"list"` - // (Interface endpoint) One or more security group IDs to disassociate from - // the network interface. + // (Interface endpoint) The IDs of the security groups to disassociate from + // the endpoint network interfaces. RemoveSecurityGroupIds []*string `locationName:"RemoveSecurityGroupId" locationNameList:"item" type:"list"` - // (Interface endpoint) One or more subnets IDs in which to remove the endpoint. + // (Interface endpoint) The IDs of the subnets from which to remove the endpoint. RemoveSubnetIds []*string `locationName:"RemoveSubnetId" locationNameList:"item" type:"list"` // (Gateway endpoint) Specify true to reset the policy document to the default // policy. The default policy allows full access to the service. ResetPolicy *bool `type:"boolean"` + // The subnet configurations for the endpoint. + SubnetConfigurations []*SubnetConfiguration `locationName:"SubnetConfiguration" locationNameList:"item" type:"list"` + // The ID of the endpoint. // // VpcEndpointId is a required field @@ -142667,6 +155105,12 @@ func (s *ModifyVpcEndpointInput) SetResetPolicy(v bool) *ModifyVpcEndpointInput return s } +// SetSubnetConfigurations sets the SubnetConfigurations field's value. +func (s *ModifyVpcEndpointInput) SetSubnetConfigurations(v []*SubnetConfiguration) *ModifyVpcEndpointInput { + s.SubnetConfigurations = v + return s +} + // SetVpcEndpointId sets the VpcEndpointId field's value. func (s *ModifyVpcEndpointInput) SetVpcEndpointId(v string) *ModifyVpcEndpointInput { s.VpcEndpointId = &v @@ -142989,9 +155433,9 @@ func (s *ModifyVpcEndpointServicePayerResponsibilityOutput) SetReturnValue(v boo type ModifyVpcEndpointServicePermissionsInput struct { _ struct{} `type:"structure"` - // The Amazon Resource Names (ARN) of one or more principals. Permissions are - // granted to the principals in this list. To grant permissions to all principals, - // specify an asterisk (*). + // The Amazon Resource Names (ARN) of the principals. Permissions are granted + // to the principals in this list. To grant permissions to all principals, specify + // an asterisk (*). AddAllowedPrincipals []*string `locationNameList:"item" type:"list"` // Checks whether you have the required permissions for the action, without @@ -143000,8 +155444,8 @@ type ModifyVpcEndpointServicePermissionsInput struct { // it is UnauthorizedOperation. DryRun *bool `type:"boolean"` - // The Amazon Resource Names (ARN) of one or more principals. Permissions are - // revoked for principals in this list. + // The Amazon Resource Names (ARN) of the principals. Permissions are revoked + // for principals in this list. RemoveAllowedPrincipals []*string `locationNameList:"item" type:"list"` // The ID of the service. @@ -143686,10 +156130,20 @@ type ModifyVpnTunnelOptionsInput struct { // it is UnauthorizedOperation. DryRun *bool `type:"boolean"` + // Choose whether or not to trigger immediate tunnel replacement. This is only + // applicable when turning on or off EnableTunnelLifecycleControl. + // + // Valid values: True | False + SkipTunnelReplacement *bool `type:"boolean"` + // The tunnel options to modify. // + // TunnelOptions is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by ModifyVpnTunnelOptionsInput's + // String and GoString methods. + // // TunnelOptions is a required field - TunnelOptions *ModifyVpnTunnelOptionsSpecification `type:"structure" required:"true"` + TunnelOptions *ModifyVpnTunnelOptionsSpecification `type:"structure" required:"true" sensitive:"true"` // The ID of the Amazon Web Services Site-to-Site VPN connection. // @@ -143745,6 +156199,12 @@ func (s *ModifyVpnTunnelOptionsInput) SetDryRun(v bool) *ModifyVpnTunnelOptionsI return s } +// SetSkipTunnelReplacement sets the SkipTunnelReplacement field's value. +func (s *ModifyVpnTunnelOptionsInput) SetSkipTunnelReplacement(v bool) *ModifyVpnTunnelOptionsInput { + s.SkipTunnelReplacement = &v + return s +} + // SetTunnelOptions sets the TunnelOptions field's value. func (s *ModifyVpnTunnelOptionsInput) SetTunnelOptions(v *ModifyVpnTunnelOptionsSpecification) *ModifyVpnTunnelOptionsInput { s.TunnelOptions = v @@ -143796,7 +156256,7 @@ func (s *ModifyVpnTunnelOptionsOutput) SetVpnConnection(v *VpnConnection) *Modif // The Amazon Web Services Site-to-Site VPN tunnel options to modify. type ModifyVpnTunnelOptionsSpecification struct { - _ struct{} `type:"structure"` + _ struct{} `type:"structure" sensitive:"true"` // The action to take after DPD timeout occurs. Specify restart to restart the // IKE initiation. Specify clear to end the IKE session. @@ -143806,13 +156266,18 @@ type ModifyVpnTunnelOptionsSpecification struct { // Default: clear DPDTimeoutAction *string `type:"string"` - // The number of seconds after which a DPD timeout occurs. + // The number of seconds after which a DPD timeout occurs. A DPD timeout of + // 40 seconds means that the VPN endpoint will consider the peer dead 30 seconds + // after the first failed keep-alive. // // Constraints: A value greater than or equal to 30. // - // Default: 30 + // Default: 40 DPDTimeoutSeconds *int64 `type:"integer"` + // Turn on or off tunnel endpoint lifecycle control feature. + EnableTunnelLifecycleControl *bool `type:"boolean"` + // The IKE versions that are permitted for the VPN tunnel. // // Valid values: ikev1 | ikev2 @@ -143878,7 +156343,11 @@ type ModifyVpnTunnelOptionsSpecification struct { // Constraints: Allowed characters are alphanumeric characters, periods (.), // and underscores (_). Must be between 8 and 64 characters in length and cannot // start with zero (0). - PreSharedKey *string `type:"string"` + // + // PreSharedKey is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by ModifyVpnTunnelOptionsSpecification's + // String and GoString methods. + PreSharedKey *string `type:"string" sensitive:"true"` // The percentage of the rekey window (determined by RekeyMarginTimeSeconds) // during which the rekey time is randomly selected. @@ -143895,7 +156364,7 @@ type ModifyVpnTunnelOptionsSpecification struct { // // Constraints: A value between 60 and half of Phase2LifetimeSeconds. // - // Default: 540 + // Default: 270 RekeyMarginTimeSeconds *int64 `type:"integer"` // The number of packets in an IKE replay window. @@ -143974,6 +156443,12 @@ func (s *ModifyVpnTunnelOptionsSpecification) SetDPDTimeoutSeconds(v int64) *Mod return s } +// SetEnableTunnelLifecycleControl sets the EnableTunnelLifecycleControl field's value. +func (s *ModifyVpnTunnelOptionsSpecification) SetEnableTunnelLifecycleControl(v bool) *ModifyVpnTunnelOptionsSpecification { + s.EnableTunnelLifecycleControl = &v + return s +} + // SetIKEVersions sets the IKEVersions field's value. func (s *ModifyVpnTunnelOptionsSpecification) SetIKEVersions(v []*IKEVersionsRequestListValue) *ModifyVpnTunnelOptionsSpecification { s.IKEVersions = v @@ -144413,16 +156888,13 @@ func (s *MoveByoipCidrToIpamOutput) SetByoipCidr(v *ByoipCidr) *MoveByoipCidrToI return s } -// Describes the status of a moving Elastic IP address. +// This action is deprecated. // -// We are retiring EC2-Classic. We recommend that you migrate from EC2-Classic -// to a VPC. For more information, see Migrate from EC2-Classic to a VPC (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-migrate.html) -// in the Amazon Elastic Compute Cloud User Guide. +// Describes the status of a moving Elastic IP address. type MovingAddressStatus struct { _ struct{} `type:"structure"` - // The status of the Elastic IP address that's being moved to the EC2-VPC platform, - // or restored to the EC2-Classic platform. + // The status of the Elastic IP address that's being moved or restored. MoveStatus *string `locationName:"moveStatus" type:"string" enum:"MoveStatus"` // The Elastic IP address. @@ -144638,6 +157110,16 @@ type NatGatewayAddress struct { // associated with the NAT gateway. AllocationId *string `locationName:"allocationId" type:"string"` + // [Public NAT gateway only] The association ID of the Elastic IP address that's + // associated with the NAT gateway. + AssociationId *string `locationName:"associationId" type:"string"` + + // The address failure message. + FailureMessage *string `locationName:"failureMessage" type:"string"` + + // Defines if the IP address is the primary address. + IsPrimary *bool `locationName:"isPrimary" type:"boolean"` + // The ID of the network interface associated with the NAT gateway. NetworkInterfaceId *string `locationName:"networkInterfaceId" type:"string"` @@ -144647,6 +157129,9 @@ type NatGatewayAddress struct { // [Public NAT gateway only] The Elastic IP address associated with the NAT // gateway. PublicIp *string `locationName:"publicIp" type:"string"` + + // The address status. + Status *string `locationName:"status" type:"string" enum:"NatGatewayAddressStatus"` } // String returns the string representation. @@ -144673,6 +157158,24 @@ func (s *NatGatewayAddress) SetAllocationId(v string) *NatGatewayAddress { return s } +// SetAssociationId sets the AssociationId field's value. +func (s *NatGatewayAddress) SetAssociationId(v string) *NatGatewayAddress { + s.AssociationId = &v + return s +} + +// SetFailureMessage sets the FailureMessage field's value. +func (s *NatGatewayAddress) SetFailureMessage(v string) *NatGatewayAddress { + s.FailureMessage = &v + return s +} + +// SetIsPrimary sets the IsPrimary field's value. +func (s *NatGatewayAddress) SetIsPrimary(v bool) *NatGatewayAddress { + s.IsPrimary = &v + return s +} + // SetNetworkInterfaceId sets the NetworkInterfaceId field's value. func (s *NatGatewayAddress) SetNetworkInterfaceId(v string) *NatGatewayAddress { s.NetworkInterfaceId = &v @@ -144691,6 +157194,12 @@ func (s *NatGatewayAddress) SetPublicIp(v string) *NatGatewayAddress { return s } +// SetStatus sets the Status field's value. +func (s *NatGatewayAddress) SetStatus(v string) *NatGatewayAddress { + s.Status = &v + return s +} + // Describes a network ACL. type NetworkAcl struct { _ struct{} `type:"structure"` @@ -144698,7 +157207,7 @@ type NetworkAcl struct { // Any associations between the network ACL and one or more subnets Associations []*NetworkAclAssociation `locationName:"associationSet" locationNameList:"item" type:"list"` - // One or more entries (rules) in the network ACL. + // The entries (rules) in the network ACL. Entries []*NetworkAclEntry `locationName:"entrySet" locationNameList:"item" type:"list"` // Indicates whether this is the default network ACL for the VPC. @@ -145030,6 +157539,9 @@ func (s *NetworkBandwidthGbpsRequest) SetMin(v float64) *NetworkBandwidthGbpsReq type NetworkCardInfo struct { _ struct{} `type:"structure"` + // The baseline network performance of the network card, in Gbps. + BaselineBandwidthInGbps *float64 `locationName:"baselineBandwidthInGbps" type:"double"` + // The maximum number of network interfaces for the network card. MaximumNetworkInterfaces *int64 `locationName:"maximumNetworkInterfaces" type:"integer"` @@ -145038,6 +157550,9 @@ type NetworkCardInfo struct { // The network performance of the network card. NetworkPerformance *string `locationName:"networkPerformance" type:"string"` + + // The peak (burst) network performance of the network card, in Gbps. + PeakBandwidthInGbps *float64 `locationName:"peakBandwidthInGbps" type:"double"` } // String returns the string representation. @@ -145058,6 +157573,12 @@ func (s NetworkCardInfo) GoString() string { return s.String() } +// SetBaselineBandwidthInGbps sets the BaselineBandwidthInGbps field's value. +func (s *NetworkCardInfo) SetBaselineBandwidthInGbps(v float64) *NetworkCardInfo { + s.BaselineBandwidthInGbps = &v + return s +} + // SetMaximumNetworkInterfaces sets the MaximumNetworkInterfaces field's value. func (s *NetworkCardInfo) SetMaximumNetworkInterfaces(v int64) *NetworkCardInfo { s.MaximumNetworkInterfaces = &v @@ -145076,6 +157597,12 @@ func (s *NetworkCardInfo) SetNetworkPerformance(v string) *NetworkCardInfo { return s } +// SetPeakBandwidthInGbps sets the PeakBandwidthInGbps field's value. +func (s *NetworkCardInfo) SetPeakBandwidthInGbps(v float64) *NetworkCardInfo { + s.PeakBandwidthInGbps = &v + return s +} + // Describes the networking features of the instance type. type NetworkInfo struct { _ struct{} `type:"structure"` @@ -145475,8 +158002,7 @@ type NetworkInsightsAnalysis struct { // codes (https://docs.aws.amazon.com/vpc/latest/reachability/explanation-codes.html). Explanations []*Explanation `locationName:"explanationSet" locationNameList:"item" type:"list"` - // The Amazon Resource Names (ARN) of the Amazon Web Services resources that - // the path must traverse. + // The Amazon Resource Names (ARN) of the resources that the path must traverse. FilterInArns []*string `locationName:"filterInArnSet" locationNameList:"item" type:"list"` // The components in the path from source to destination. @@ -145637,19 +158163,24 @@ type NetworkInsightsPath struct { // The time stamp when the path was created. CreatedDate *time.Time `locationName:"createdDate" type:"timestamp"` - // The Amazon Web Services resource that is the destination of the path. + // The ID of the destination. Destination *string `locationName:"destination" type:"string"` // The Amazon Resource Name (ARN) of the destination. DestinationArn *string `locationName:"destinationArn" min:"1" type:"string"` - // The IP address of the Amazon Web Services resource that is the destination - // of the path. + // The IP address of the destination. DestinationIp *string `locationName:"destinationIp" type:"string"` // The destination port. DestinationPort *int64 `locationName:"destinationPort" type:"integer"` + // Scopes the analysis to network paths that match specific filters at the destination. + FilterAtDestination *PathFilter `locationName:"filterAtDestination" type:"structure"` + + // Scopes the analysis to network paths that match specific filters at the source. + FilterAtSource *PathFilter `locationName:"filterAtSource" type:"structure"` + // The Amazon Resource Name (ARN) of the path. NetworkInsightsPathArn *string `locationName:"networkInsightsPathArn" min:"1" type:"string"` @@ -145659,14 +158190,13 @@ type NetworkInsightsPath struct { // The protocol. Protocol *string `locationName:"protocol" type:"string" enum:"Protocol"` - // The Amazon Web Services resource that is the source of the path. + // The ID of the source. Source *string `locationName:"source" type:"string"` // The Amazon Resource Name (ARN) of the source. SourceArn *string `locationName:"sourceArn" min:"1" type:"string"` - // The IP address of the Amazon Web Services resource that is the source of - // the path. + // The IP address of the source. SourceIp *string `locationName:"sourceIp" type:"string"` // The tags associated with the path. @@ -145721,6 +158251,18 @@ func (s *NetworkInsightsPath) SetDestinationPort(v int64) *NetworkInsightsPath { return s } +// SetFilterAtDestination sets the FilterAtDestination field's value. +func (s *NetworkInsightsPath) SetFilterAtDestination(v *PathFilter) *NetworkInsightsPath { + s.FilterAtDestination = v + return s +} + +// SetFilterAtSource sets the FilterAtSource field's value. +func (s *NetworkInsightsPath) SetFilterAtSource(v *PathFilter) *NetworkInsightsPath { + s.FilterAtSource = v + return s +} + // SetNetworkInsightsPathArn sets the NetworkInsightsPathArn field's value. func (s *NetworkInsightsPath) SetNetworkInsightsPathArn(v string) *NetworkInsightsPath { s.NetworkInsightsPathArn = &v @@ -145777,6 +158319,12 @@ type NetworkInterface struct { // The Availability Zone. AvailabilityZone *string `locationName:"availabilityZone" type:"string"` + // A security group connection tracking configuration that enables you to set + // the timeout for connection tracking on an Elastic network interface. For + // more information, see Connection tracking timeouts (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-connection-tracking.html#connection-tracking-timeouts) + // in the Amazon Elastic Compute Cloud User Guide. + ConnectionTrackingConfiguration *ConnectionTrackingConfiguration `locationName:"connectionTrackingConfiguration" type:"structure"` + // Indicates whether a network interface with an IPv6 address is unreachable // from the public internet. If the value is true, inbound traffic from the // internet is dropped and you cannot assign an elastic IP address to the network @@ -145888,6 +158436,12 @@ func (s *NetworkInterface) SetAvailabilityZone(v string) *NetworkInterface { return s } +// SetConnectionTrackingConfiguration sets the ConnectionTrackingConfiguration field's value. +func (s *NetworkInterface) SetConnectionTrackingConfiguration(v *ConnectionTrackingConfiguration) *NetworkInterface { + s.ConnectionTrackingConfiguration = v + return s +} + // SetDenyAllIgwTraffic sets the DenyAllIgwTraffic field's value. func (s *NetworkInterface) SetDenyAllIgwTraffic(v bool) *NetworkInterface { s.DenyAllIgwTraffic = &v @@ -146355,6 +158909,13 @@ type NetworkInterfaceIpv6Address struct { // The IPv6 address. Ipv6Address *string `locationName:"ipv6Address" type:"string"` + + // Determines if an IPv6 address associated with a network interface is the + // primary IPv6 address. When you enable an IPv6 GUA address to be a primary + // IPv6, the first IPv6 GUA will be made the primary IPv6 address until the + // instance is terminated or the network interface is detached. For more information, + // see ModifyNetworkInterfaceAttribute (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyNetworkInterfaceAttribute.html). + IsPrimaryIpv6 *bool `locationName:"isPrimaryIpv6" type:"boolean"` } // String returns the string representation. @@ -146381,6 +158942,12 @@ func (s *NetworkInterfaceIpv6Address) SetIpv6Address(v string) *NetworkInterface return s } +// SetIsPrimaryIpv6 sets the IsPrimaryIpv6 field's value. +func (s *NetworkInterfaceIpv6Address) SetIsPrimaryIpv6(v bool) *NetworkInterfaceIpv6Address { + s.IsPrimaryIpv6 = &v + return s +} + // Describes a permission for a network interface. type NetworkInterfacePermission struct { _ struct{} `type:"structure"` @@ -146560,6 +159127,180 @@ func (s *NetworkInterfacePrivateIpAddress) SetPrivateIpAddress(v string) *Networ return s } +// Describes the cores available to the neuron accelerator. +type NeuronDeviceCoreInfo struct { + _ struct{} `type:"structure"` + + // The number of cores available to the neuron accelerator. + Count *int64 `locationName:"count" type:"integer"` + + // The version of the neuron accelerator. + Version *int64 `locationName:"version" type:"integer"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s NeuronDeviceCoreInfo) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s NeuronDeviceCoreInfo) GoString() string { + return s.String() +} + +// SetCount sets the Count field's value. +func (s *NeuronDeviceCoreInfo) SetCount(v int64) *NeuronDeviceCoreInfo { + s.Count = &v + return s +} + +// SetVersion sets the Version field's value. +func (s *NeuronDeviceCoreInfo) SetVersion(v int64) *NeuronDeviceCoreInfo { + s.Version = &v + return s +} + +// Describes the neuron accelerators for the instance type. +type NeuronDeviceInfo struct { + _ struct{} `type:"structure"` + + // Describes the cores available to each neuron accelerator. + CoreInfo *NeuronDeviceCoreInfo `locationName:"coreInfo" type:"structure"` + + // The number of neuron accelerators for the instance type. + Count *int64 `locationName:"count" type:"integer"` + + // Describes the memory available to each neuron accelerator. + MemoryInfo *NeuronDeviceMemoryInfo `locationName:"memoryInfo" type:"structure"` + + // The name of the neuron accelerator. + Name *string `locationName:"name" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s NeuronDeviceInfo) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s NeuronDeviceInfo) GoString() string { + return s.String() +} + +// SetCoreInfo sets the CoreInfo field's value. +func (s *NeuronDeviceInfo) SetCoreInfo(v *NeuronDeviceCoreInfo) *NeuronDeviceInfo { + s.CoreInfo = v + return s +} + +// SetCount sets the Count field's value. +func (s *NeuronDeviceInfo) SetCount(v int64) *NeuronDeviceInfo { + s.Count = &v + return s +} + +// SetMemoryInfo sets the MemoryInfo field's value. +func (s *NeuronDeviceInfo) SetMemoryInfo(v *NeuronDeviceMemoryInfo) *NeuronDeviceInfo { + s.MemoryInfo = v + return s +} + +// SetName sets the Name field's value. +func (s *NeuronDeviceInfo) SetName(v string) *NeuronDeviceInfo { + s.Name = &v + return s +} + +// Describes the memory available to the neuron accelerator. +type NeuronDeviceMemoryInfo struct { + _ struct{} `type:"structure"` + + // The size of the memory available to the neuron accelerator, in MiB. + SizeInMiB *int64 `locationName:"sizeInMiB" type:"integer"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s NeuronDeviceMemoryInfo) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s NeuronDeviceMemoryInfo) GoString() string { + return s.String() +} + +// SetSizeInMiB sets the SizeInMiB field's value. +func (s *NeuronDeviceMemoryInfo) SetSizeInMiB(v int64) *NeuronDeviceMemoryInfo { + s.SizeInMiB = &v + return s +} + +// Describes the neuron accelerators for the instance type. +type NeuronInfo struct { + _ struct{} `type:"structure"` + + // Describes the neuron accelerators for the instance type. + NeuronDevices []*NeuronDeviceInfo `locationName:"neuronDevices" locationNameList:"item" type:"list"` + + // The total size of the memory for the neuron accelerators for the instance + // type, in MiB. + TotalNeuronDeviceMemoryInMiB *int64 `locationName:"totalNeuronDeviceMemoryInMiB" type:"integer"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s NeuronInfo) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s NeuronInfo) GoString() string { + return s.String() +} + +// SetNeuronDevices sets the NeuronDevices field's value. +func (s *NeuronInfo) SetNeuronDevices(v []*NeuronDeviceInfo) *NeuronInfo { + s.NeuronDevices = v + return s +} + +// SetTotalNeuronDeviceMemoryInMiB sets the TotalNeuronDeviceMemoryInMiB field's value. +func (s *NeuronInfo) SetTotalNeuronDeviceMemoryInMiB(v int64) *NeuronInfo { + s.TotalNeuronDeviceMemoryInMiB = &v + return s +} + type NewDhcpConfiguration struct { _ struct{} `type:"structure"` @@ -146598,7 +159339,40 @@ func (s *NewDhcpConfiguration) SetValues(v []*string) *NewDhcpConfiguration { return s } -// Options for OIDC-based, user-identity type trust provider. +// Describes the supported NitroTPM versions for the instance type. +type NitroTpmInfo struct { + _ struct{} `type:"structure"` + + // Indicates the supported NitroTPM versions. + SupportedVersions []*string `locationName:"supportedVersions" locationNameList:"item" type:"list"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s NitroTpmInfo) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s NitroTpmInfo) GoString() string { + return s.String() +} + +// SetSupportedVersions sets the SupportedVersions field's value. +func (s *NitroTpmInfo) SetSupportedVersions(v []*string) *NitroTpmInfo { + s.SupportedVersions = v + return s +} + +// Describes the options for an OpenID Connect-compatible user-identity trust +// provider. type OidcOptions struct { _ struct{} `type:"structure"` @@ -146609,7 +159383,11 @@ type OidcOptions struct { ClientId *string `locationName:"clientId" type:"string"` // The client secret. - ClientSecret *string `locationName:"clientSecret" type:"string"` + // + // ClientSecret is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by OidcOptions's + // String and GoString methods. + ClientSecret *string `locationName:"clientSecret" type:"string" sensitive:"true"` // The OIDC issuer. Issuer *string `locationName:"issuer" type:"string"` @@ -146708,6 +159486,14 @@ type OnDemandOptions struct { // The maximum amount per hour for On-Demand Instances that you're willing to // pay. + // + // If your fleet includes T instances that are configured as unlimited, and + // if their average CPU usage exceeds the baseline utilization, you will incur + // a charge for surplus credits. The maxTotalPrice does not account for surplus + // credits, and, if you use surplus credits, your final cost might be higher + // than what you specified for maxTotalPrice. For more information, see Surplus + // credits can incur charges (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances-unlimited-mode-concepts.html#unlimited-mode-surplus-credits) + // in the EC2 User Guide. MaxTotalPrice *string `locationName:"maxTotalPrice" type:"string"` // The minimum target capacity for On-Demand Instances in the fleet. If the @@ -146810,6 +159596,14 @@ type OnDemandOptionsRequest struct { // The maximum amount per hour for On-Demand Instances that you're willing to // pay. + // + // If your fleet includes T instances that are configured as unlimited, and + // if their average CPU usage exceeds the baseline utilization, you will incur + // a charge for surplus credits. The MaxTotalPrice does not account for surplus + // credits, and, if you use surplus credits, your final cost might be higher + // than what you specified for MaxTotalPrice. For more information, see Surplus + // credits can incur charges (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances-unlimited-mode-concepts.html#unlimited-mode-surplus-credits) + // in the EC2 User Guide. MaxTotalPrice *string `type:"string"` // The minimum target capacity for On-Demand Instances in the fleet. If the @@ -147085,6 +159879,12 @@ type PathComponent struct { // The explanation codes. Explanations []*Explanation `locationName:"explanationSet" locationNameList:"item" type:"list"` + // The Network Firewall stateful rule. + FirewallStatefulRule *FirewallStatefulRule `locationName:"firewallStatefulRule" type:"structure"` + + // The Network Firewall stateless rule. + FirewallStatelessRule *FirewallStatelessRule `locationName:"firewallStatelessRule" type:"structure"` + // The inbound header. InboundHeader *AnalysisPacketHeader `locationName:"inboundHeader" type:"structure"` @@ -147100,6 +159900,9 @@ type PathComponent struct { // The sequence number. SequenceNumber *int64 `locationName:"sequenceNumber" type:"integer"` + // The name of the VPC endpoint service. + ServiceName *string `locationName:"serviceName" type:"string"` + // The source VPC. SourceVpc *AnalysisComponent `locationName:"sourceVpc" type:"structure"` @@ -147176,6 +159979,18 @@ func (s *PathComponent) SetExplanations(v []*Explanation) *PathComponent { return s } +// SetFirewallStatefulRule sets the FirewallStatefulRule field's value. +func (s *PathComponent) SetFirewallStatefulRule(v *FirewallStatefulRule) *PathComponent { + s.FirewallStatefulRule = v + return s +} + +// SetFirewallStatelessRule sets the FirewallStatelessRule field's value. +func (s *PathComponent) SetFirewallStatelessRule(v *FirewallStatelessRule) *PathComponent { + s.FirewallStatelessRule = v + return s +} + // SetInboundHeader sets the InboundHeader field's value. func (s *PathComponent) SetInboundHeader(v *AnalysisPacketHeader) *PathComponent { s.InboundHeader = v @@ -147206,6 +160021,12 @@ func (s *PathComponent) SetSequenceNumber(v int64) *PathComponent { return s } +// SetServiceName sets the ServiceName field's value. +func (s *PathComponent) SetServiceName(v string) *PathComponent { + s.ServiceName = &v + return s +} + // SetSourceVpc sets the SourceVpc field's value. func (s *PathComponent) SetSourceVpc(v *AnalysisComponent) *PathComponent { s.SourceVpc = v @@ -147236,6 +160057,126 @@ func (s *PathComponent) SetVpc(v *AnalysisComponent) *PathComponent { return s } +// Describes a set of filters for a path analysis. Use path filters to scope +// the analysis when there can be multiple resulting paths. +type PathFilter struct { + _ struct{} `type:"structure"` + + // The destination IPv4 address. + DestinationAddress *string `locationName:"destinationAddress" type:"string"` + + // The destination port range. + DestinationPortRange *FilterPortRange `locationName:"destinationPortRange" type:"structure"` + + // The source IPv4 address. + SourceAddress *string `locationName:"sourceAddress" type:"string"` + + // The source port range. + SourcePortRange *FilterPortRange `locationName:"sourcePortRange" type:"structure"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s PathFilter) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s PathFilter) GoString() string { + return s.String() +} + +// SetDestinationAddress sets the DestinationAddress field's value. +func (s *PathFilter) SetDestinationAddress(v string) *PathFilter { + s.DestinationAddress = &v + return s +} + +// SetDestinationPortRange sets the DestinationPortRange field's value. +func (s *PathFilter) SetDestinationPortRange(v *FilterPortRange) *PathFilter { + s.DestinationPortRange = v + return s +} + +// SetSourceAddress sets the SourceAddress field's value. +func (s *PathFilter) SetSourceAddress(v string) *PathFilter { + s.SourceAddress = &v + return s +} + +// SetSourcePortRange sets the SourcePortRange field's value. +func (s *PathFilter) SetSourcePortRange(v *FilterPortRange) *PathFilter { + s.SourcePortRange = v + return s +} + +// Describes a set of filters for a path analysis. Use path filters to scope +// the analysis when there can be multiple resulting paths. +type PathRequestFilter struct { + _ struct{} `type:"structure"` + + // The destination IPv4 address. + DestinationAddress *string `type:"string"` + + // The destination port range. + DestinationPortRange *RequestFilterPortRange `type:"structure"` + + // The source IPv4 address. + SourceAddress *string `type:"string"` + + // The source port range. + SourcePortRange *RequestFilterPortRange `type:"structure"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s PathRequestFilter) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s PathRequestFilter) GoString() string { + return s.String() +} + +// SetDestinationAddress sets the DestinationAddress field's value. +func (s *PathRequestFilter) SetDestinationAddress(v string) *PathRequestFilter { + s.DestinationAddress = &v + return s +} + +// SetDestinationPortRange sets the DestinationPortRange field's value. +func (s *PathRequestFilter) SetDestinationPortRange(v *RequestFilterPortRange) *PathRequestFilter { + s.DestinationPortRange = v + return s +} + +// SetSourceAddress sets the SourceAddress field's value. +func (s *PathRequestFilter) SetSourceAddress(v string) *PathRequestFilter { + s.SourceAddress = &v + return s +} + +// SetSourcePortRange sets the SourcePortRange field's value. +func (s *PathRequestFilter) SetSourcePortRange(v *RequestFilterPortRange) *PathRequestFilter { + s.SourcePortRange = v + return s +} + // Describes a path statement. type PathStatement struct { _ struct{} `type:"structure"` @@ -147419,10 +160360,6 @@ func (s *PeeringAttachmentStatus) SetMessage(v string) *PeeringAttachmentStatus return s } -// We are retiring EC2-Classic. We recommend that you migrate from EC2-Classic -// to a VPC. For more information, see Migrate from EC2-Classic to a VPC (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-migrate.html) -// in the Amazon Elastic Compute Cloud User Guide. -// // Describes the VPC peering connection options. type PeeringConnectionOptions struct { _ struct{} `type:"structure"` @@ -147431,12 +160368,10 @@ type PeeringConnectionOptions struct { // to private IP addresses when queried from instances in the peer VPC. AllowDnsResolutionFromRemoteVpc *bool `locationName:"allowDnsResolutionFromRemoteVpc" type:"boolean"` - // If true, enables outbound communication from an EC2-Classic instance that's - // linked to a local VPC using ClassicLink to instances in a peer VPC. + // Deprecated. AllowEgressFromLocalClassicLinkToRemoteVpc *bool `locationName:"allowEgressFromLocalClassicLinkToRemoteVpc" type:"boolean"` - // If true, enables outbound communication from instances in a local VPC to - // an EC2-Classic instance that's linked to a peer VPC using ClassicLink. + // Deprecated. AllowEgressFromLocalVpcToRemoteClassicLink *bool `locationName:"allowEgressFromLocalVpcToRemoteClassicLink" type:"boolean"` } @@ -147476,10 +160411,6 @@ func (s *PeeringConnectionOptions) SetAllowEgressFromLocalVpcToRemoteClassicLink return s } -// We are retiring EC2-Classic. We recommend that you migrate from EC2-Classic -// to a VPC. For more information, see Migrate from EC2-Classic to a VPC (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-migrate.html) -// in the Amazon Elastic Compute Cloud User Guide. -// // The VPC peering connection options. type PeeringConnectionOptionsRequest struct { _ struct{} `type:"structure"` @@ -147488,12 +160419,10 @@ type PeeringConnectionOptionsRequest struct { // addresses when queried from instances in the peer VPC. AllowDnsResolutionFromRemoteVpc *bool `type:"boolean"` - // If true, enables outbound communication from an EC2-Classic instance that's - // linked to a local VPC using ClassicLink to instances in a peer VPC. + // Deprecated. AllowEgressFromLocalClassicLinkToRemoteVpc *bool `type:"boolean"` - // If true, enables outbound communication from instances in a local VPC to - // an EC2-Classic instance that's linked to a peer VPC using ClassicLink. + // Deprecated. AllowEgressFromLocalVpcToRemoteClassicLink *bool `type:"boolean"` } @@ -148027,8 +160956,8 @@ type Placement struct { // Reserved for future use. SpreadDomain *string `locationName:"spreadDomain" type:"string"` - // The tenancy of the instance (if the instance is running in a VPC). An instance - // with a tenancy of dedicated runs on single-tenant hardware. + // The tenancy of the instance. An instance with a tenancy of dedicated runs + // on single-tenant hardware. // // This parameter is not supported for CreateFleet (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateFleet). // The host tenancy is not supported for ImportInstance (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ImportInstance.html) @@ -149028,9 +161957,17 @@ func (s *PrivateIpAddressSpecification) SetPrivateIpAddress(v string) *PrivateIp type ProcessorInfo struct { _ struct{} `type:"structure"` + // The manufacturer of the processor. + Manufacturer *string `locationName:"manufacturer" type:"string"` + // The architectures supported by the instance type. SupportedArchitectures []*string `locationName:"supportedArchitectures" locationNameList:"item" type:"list" enum:"ArchitectureType"` + // Indicates whether the instance type supports AMD SEV-SNP. If the request + // returns amd-sev-snp, AMD SEV-SNP is supported. Otherwise, it is not supported. + // For more information, see AMD SEV-SNP (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/sev-snp.html). + SupportedFeatures []*string `locationName:"supportedFeatures" locationNameList:"item" type:"list" enum:"SupportedAdditionalProcessorFeature"` + // The speed of the processor, in GHz. SustainedClockSpeedInGhz *float64 `locationName:"sustainedClockSpeedInGhz" type:"double"` } @@ -149053,12 +161990,24 @@ func (s ProcessorInfo) GoString() string { return s.String() } +// SetManufacturer sets the Manufacturer field's value. +func (s *ProcessorInfo) SetManufacturer(v string) *ProcessorInfo { + s.Manufacturer = &v + return s +} + // SetSupportedArchitectures sets the SupportedArchitectures field's value. func (s *ProcessorInfo) SetSupportedArchitectures(v []*string) *ProcessorInfo { s.SupportedArchitectures = v return s } +// SetSupportedFeatures sets the SupportedFeatures field's value. +func (s *ProcessorInfo) SetSupportedFeatures(v []*string) *ProcessorInfo { + s.SupportedFeatures = v + return s +} + // SetSustainedClockSpeedInGhz sets the SustainedClockSpeedInGhz field's value. func (s *ProcessorInfo) SetSustainedClockSpeedInGhz(v float64) *ProcessorInfo { s.SustainedClockSpeedInGhz = &v @@ -149142,9 +162091,10 @@ type ProvisionByoipCidrInput struct { _ struct{} `type:"structure"` // The public IPv4 or IPv6 address range, in CIDR notation. The most specific - // IPv4 prefix that you can specify is /24. The most specific IPv6 prefix you - // can specify is /56. The address range cannot overlap with another address - // range that you've brought to this or another Region. + // IPv4 prefix that you can specify is /24. The most specific IPv6 address range + // that you can bring is /48 for CIDRs that are publicly advertisable and /56 + // for CIDRs that are not publicly advertisable. The address range cannot overlap + // with another address range that you've brought to this or another Region. // // Cidr is a required field Cidr *string `type:"string" required:"true"` @@ -149165,6 +162115,25 @@ type ProvisionByoipCidrInput struct { // Reserved. MultiRegion *bool `type:"boolean"` + // If you have Local Zones (https://docs.aws.amazon.com/local-zones/latest/ug/how-local-zones-work.html) + // enabled, you can choose a network border group for Local Zones when you provision + // and advertise a BYOIPv4 CIDR. Choose the network border group carefully as + // the EIP and the Amazon Web Services resource it is associated with must reside + // in the same network border group. + // + // You can provision BYOIP address ranges to and advertise them in the following + // Local Zone network border groups: + // + // * us-east-1-dfw-2 + // + // * us-west-2-lax-1 + // + // * us-west-2-phx-2 + // + // You cannot provision or advertise BYOIPv6 address ranges in Local Zones at + // this time. + NetworkBorderGroup *string `type:"string"` + // The tags to apply to the address pool. PoolTagSpecifications []*TagSpecification `locationName:"PoolTagSpecification" locationNameList:"item" type:"list"` @@ -149241,6 +162210,12 @@ func (s *ProvisionByoipCidrInput) SetMultiRegion(v bool) *ProvisionByoipCidrInpu return s } +// SetNetworkBorderGroup sets the NetworkBorderGroup field's value. +func (s *ProvisionByoipCidrInput) SetNetworkBorderGroup(v string) *ProvisionByoipCidrInput { + s.NetworkBorderGroup = &v + return s +} + // SetPoolTagSpecifications sets the PoolTagSpecifications field's value. func (s *ProvisionByoipCidrInput) SetPoolTagSpecifications(v []*TagSpecification) *ProvisionByoipCidrInput { s.PoolTagSpecifications = v @@ -149284,10 +162259,134 @@ func (s *ProvisionByoipCidrOutput) SetByoipCidr(v *ByoipCidr) *ProvisionByoipCid return s } +type ProvisionIpamByoasnInput struct { + _ struct{} `type:"structure"` + + // A public 2-byte or 4-byte ASN. + // + // Asn is a required field + Asn *string `type:"string" required:"true"` + + // An ASN authorization context. + // + // AsnAuthorizationContext is a required field + AsnAuthorizationContext *AsnAuthorizationContext `type:"structure" required:"true"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // An IPAM ID. + // + // IpamId is a required field + IpamId *string `type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ProvisionIpamByoasnInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ProvisionIpamByoasnInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *ProvisionIpamByoasnInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "ProvisionIpamByoasnInput"} + if s.Asn == nil { + invalidParams.Add(request.NewErrParamRequired("Asn")) + } + if s.AsnAuthorizationContext == nil { + invalidParams.Add(request.NewErrParamRequired("AsnAuthorizationContext")) + } + if s.IpamId == nil { + invalidParams.Add(request.NewErrParamRequired("IpamId")) + } + if s.AsnAuthorizationContext != nil { + if err := s.AsnAuthorizationContext.Validate(); err != nil { + invalidParams.AddNested("AsnAuthorizationContext", err.(request.ErrInvalidParams)) + } + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetAsn sets the Asn field's value. +func (s *ProvisionIpamByoasnInput) SetAsn(v string) *ProvisionIpamByoasnInput { + s.Asn = &v + return s +} + +// SetAsnAuthorizationContext sets the AsnAuthorizationContext field's value. +func (s *ProvisionIpamByoasnInput) SetAsnAuthorizationContext(v *AsnAuthorizationContext) *ProvisionIpamByoasnInput { + s.AsnAuthorizationContext = v + return s +} + +// SetDryRun sets the DryRun field's value. +func (s *ProvisionIpamByoasnInput) SetDryRun(v bool) *ProvisionIpamByoasnInput { + s.DryRun = &v + return s +} + +// SetIpamId sets the IpamId field's value. +func (s *ProvisionIpamByoasnInput) SetIpamId(v string) *ProvisionIpamByoasnInput { + s.IpamId = &v + return s +} + +type ProvisionIpamByoasnOutput struct { + _ struct{} `type:"structure"` + + // An ASN and BYOIP CIDR association. + Byoasn *Byoasn `locationName:"byoasn" type:"structure"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ProvisionIpamByoasnOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ProvisionIpamByoasnOutput) GoString() string { + return s.String() +} + +// SetByoasn sets the Byoasn field's value. +func (s *ProvisionIpamByoasnOutput) SetByoasn(v *Byoasn) *ProvisionIpamByoasnOutput { + s.Byoasn = v + return s +} + type ProvisionIpamPoolCidrInput struct { _ struct{} `type:"structure"` - // The CIDR you want to assign to the IPAM pool. + // The CIDR you want to assign to the IPAM pool. Either "NetmaskLength" or "Cidr" + // is required. This value will be null if you specify "NetmaskLength" and will + // be filled in during the provisioning process. Cidr *string `type:"string"` // A signed document that proves that you are authorized to bring a specified @@ -149295,6 +162394,10 @@ type ProvisionIpamPoolCidrInput struct { // only. CidrAuthorizationContext *IpamCidrAuthorizationContext `type:"structure"` + // A unique, case-sensitive identifier that you provide to ensure the idempotency + // of the request. For more information, see Ensuring Idempotency (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/Run_Instance_Idempotency.html). + ClientToken *string `type:"string" idempotencyToken:"true"` + // A check for whether you have the required permissions for the action without // actually making the request and provides an error response. If you have the // required permissions, the error response is DryRunOperation. Otherwise, it @@ -149305,6 +162408,12 @@ type ProvisionIpamPoolCidrInput struct { // // IpamPoolId is a required field IpamPoolId *string `type:"string" required:"true"` + + // The netmask length of the CIDR you'd like to provision to a pool. Can be + // used for provisioning Amazon-provided IPv6 CIDRs to top-level pools and for + // provisioning CIDRs to pools with source pools. Cannot be used to provision + // BYOIP CIDRs to top-level pools. Either "NetmaskLength" or "Cidr" is required. + NetmaskLength *int64 `type:"integer"` } // String returns the string representation. @@ -149350,6 +162459,12 @@ func (s *ProvisionIpamPoolCidrInput) SetCidrAuthorizationContext(v *IpamCidrAuth return s } +// SetClientToken sets the ClientToken field's value. +func (s *ProvisionIpamPoolCidrInput) SetClientToken(v string) *ProvisionIpamPoolCidrInput { + s.ClientToken = &v + return s +} + // SetDryRun sets the DryRun field's value. func (s *ProvisionIpamPoolCidrInput) SetDryRun(v bool) *ProvisionIpamPoolCidrInput { s.DryRun = &v @@ -149362,6 +162477,12 @@ func (s *ProvisionIpamPoolCidrInput) SetIpamPoolId(v string) *ProvisionIpamPoolC return s } +// SetNetmaskLength sets the NetmaskLength field's value. +func (s *ProvisionIpamPoolCidrInput) SetNetmaskLength(v int64) *ProvisionIpamPoolCidrInput { + s.NetmaskLength = &v + return s +} + type ProvisionIpamPoolCidrOutput struct { _ struct{} `type:"structure"` @@ -149894,6 +163015,118 @@ func (s *Purchase) SetUpfrontPrice(v string) *Purchase { return s } +type PurchaseCapacityBlockInput struct { + _ struct{} `type:"structure"` + + // The ID of the Capacity Block offering. + // + // CapacityBlockOfferingId is a required field + CapacityBlockOfferingId *string `type:"string" required:"true"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The type of operating system for which to reserve capacity. + // + // InstancePlatform is a required field + InstancePlatform *string `type:"string" required:"true" enum:"CapacityReservationInstancePlatform"` + + // The tags to apply to the Capacity Block during launch. + TagSpecifications []*TagSpecification `locationName:"TagSpecification" locationNameList:"item" type:"list"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s PurchaseCapacityBlockInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s PurchaseCapacityBlockInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *PurchaseCapacityBlockInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "PurchaseCapacityBlockInput"} + if s.CapacityBlockOfferingId == nil { + invalidParams.Add(request.NewErrParamRequired("CapacityBlockOfferingId")) + } + if s.InstancePlatform == nil { + invalidParams.Add(request.NewErrParamRequired("InstancePlatform")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetCapacityBlockOfferingId sets the CapacityBlockOfferingId field's value. +func (s *PurchaseCapacityBlockInput) SetCapacityBlockOfferingId(v string) *PurchaseCapacityBlockInput { + s.CapacityBlockOfferingId = &v + return s +} + +// SetDryRun sets the DryRun field's value. +func (s *PurchaseCapacityBlockInput) SetDryRun(v bool) *PurchaseCapacityBlockInput { + s.DryRun = &v + return s +} + +// SetInstancePlatform sets the InstancePlatform field's value. +func (s *PurchaseCapacityBlockInput) SetInstancePlatform(v string) *PurchaseCapacityBlockInput { + s.InstancePlatform = &v + return s +} + +// SetTagSpecifications sets the TagSpecifications field's value. +func (s *PurchaseCapacityBlockInput) SetTagSpecifications(v []*TagSpecification) *PurchaseCapacityBlockInput { + s.TagSpecifications = v + return s +} + +type PurchaseCapacityBlockOutput struct { + _ struct{} `type:"structure"` + + // The Capacity Reservation. + CapacityReservation *CapacityReservation `locationName:"capacityReservation" type:"structure"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s PurchaseCapacityBlockOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s PurchaseCapacityBlockOutput) GoString() string { + return s.String() +} + +// SetCapacityReservation sets the CapacityReservation field's value. +func (s *PurchaseCapacityBlockOutput) SetCapacityReservation(v *CapacityReservation) *PurchaseCapacityBlockOutput { + s.CapacityReservation = v + return s +} + type PurchaseHostReservationInput struct { _ struct{} `type:"structure"` @@ -150507,7 +163740,7 @@ type ReferencedSecurityGroup struct { // The ID of the VPC. VpcId *string `locationName:"vpcId" type:"string"` - // The ID of the VPC peering connection. + // The ID of the VPC peering connection (if applicable). VpcPeeringConnectionId *string `locationName:"vpcPeeringConnectionId" type:"string"` } @@ -150640,11 +163873,17 @@ type RegisterImageInput struct { // If you create an AMI on an Outpost, then all backing snapshots must be on // the same Outpost or in the Region of that Outpost. AMIs on an Outpost that // include local snapshots can be used to launch instances on the same Outpost - // only. For more information, Amazon EBS local snapshots on Outposts (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/snapshots-outposts.html#ami) - // in the Amazon EC2 User Guide. + // only. For more information, Amazon EBS local snapshots on Outposts (https://docs.aws.amazon.com/ebs/latest/userguide/snapshots-outposts.html#ami) + // in the Amazon EBS User Guide. BlockDeviceMappings []*BlockDeviceMapping `locationName:"BlockDeviceMapping" locationNameList:"BlockDeviceMapping" type:"list"` - // The boot mode of the AMI. For more information, see Boot modes (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ami-boot.html) + // The boot mode of the AMI. A value of uefi-preferred indicates that the AMI + // supports both UEFI and Legacy BIOS. + // + // The operating system contained in the AMI must be configured to support the + // specified boot mode. + // + // For more information, see Boot modes (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ami-boot.html) // in the Amazon EC2 User Guide. BootMode *string `type:"string" enum:"BootModeValues"` @@ -150709,6 +163948,14 @@ type RegisterImageInput struct { // PV AMI can make instances launched from the AMI unreachable. SriovNetSupport *string `locationName:"sriovNetSupport" type:"string"` + // The tags to apply to the AMI. + // + // To tag the AMI, the value for ResourceType must be image. If you specify + // another value for ResourceType, the request fails. + // + // To tag an AMI after it has been registered, see CreateTags (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateTags.html). + TagSpecifications []*TagSpecification `locationName:"TagSpecification" locationNameList:"item" type:"list"` + // Set to v2.0 to enable Trusted Platform Module (TPM) support. For more information, // see NitroTPM (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/nitrotpm.html) // in the Amazon EC2 User Guide. @@ -150843,6 +164090,12 @@ func (s *RegisterImageInput) SetSriovNetSupport(v string) *RegisterImageInput { return s } +// SetTagSpecifications sets the TagSpecifications field's value. +func (s *RegisterImageInput) SetTagSpecifications(v []*TagSpecification) *RegisterImageInput { + s.TagSpecifications = v + return s +} + // SetTpmSupport sets the TpmSupport field's value. func (s *RegisterImageInput) SetTpmSupport(v string) *RegisterImageInput { s.TpmSupport = &v @@ -150903,7 +164156,9 @@ type RegisterInstanceEventNotificationAttributesInput struct { DryRun *bool `type:"boolean"` // Information about the tag keys to register. - InstanceTagAttribute *RegisterInstanceTagAttributeRequest `type:"structure"` + // + // InstanceTagAttribute is a required field + InstanceTagAttribute *RegisterInstanceTagAttributeRequest `type:"structure" required:"true"` } // String returns the string representation. @@ -150924,6 +164179,19 @@ func (s RegisterInstanceEventNotificationAttributesInput) GoString() string { return s.String() } +// Validate inspects the fields of the type to determine if they are valid. +func (s *RegisterInstanceEventNotificationAttributesInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "RegisterInstanceEventNotificationAttributesInput"} + if s.InstanceTagAttribute == nil { + invalidParams.Add(request.NewErrParamRequired("InstanceTagAttribute")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + // SetDryRun sets the DryRun field's value. func (s *RegisterInstanceEventNotificationAttributesInput) SetDryRun(v bool) *RegisterInstanceEventNotificationAttributesInput { s.DryRun = &v @@ -151026,10 +164294,14 @@ type RegisterTransitGatewayMulticastGroupMembersInput struct { // The group members' network interface IDs to register with the transit gateway // multicast group. - NetworkInterfaceIds []*string `locationNameList:"item" type:"list"` + // + // NetworkInterfaceIds is a required field + NetworkInterfaceIds []*string `locationNameList:"item" type:"list" required:"true"` // The ID of the transit gateway multicast domain. - TransitGatewayMulticastDomainId *string `type:"string"` + // + // TransitGatewayMulticastDomainId is a required field + TransitGatewayMulticastDomainId *string `type:"string" required:"true"` } // String returns the string representation. @@ -151050,6 +164322,22 @@ func (s RegisterTransitGatewayMulticastGroupMembersInput) GoString() string { return s.String() } +// Validate inspects the fields of the type to determine if they are valid. +func (s *RegisterTransitGatewayMulticastGroupMembersInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "RegisterTransitGatewayMulticastGroupMembersInput"} + if s.NetworkInterfaceIds == nil { + invalidParams.Add(request.NewErrParamRequired("NetworkInterfaceIds")) + } + if s.TransitGatewayMulticastDomainId == nil { + invalidParams.Add(request.NewErrParamRequired("TransitGatewayMulticastDomainId")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + // SetDryRun sets the DryRun field's value. func (s *RegisterTransitGatewayMulticastGroupMembersInput) SetDryRun(v bool) *RegisterTransitGatewayMulticastGroupMembersInput { s.DryRun = &v @@ -151119,10 +164407,14 @@ type RegisterTransitGatewayMulticastGroupSourcesInput struct { // The group sources' network interface IDs to register with the transit gateway // multicast group. - NetworkInterfaceIds []*string `locationNameList:"item" type:"list"` + // + // NetworkInterfaceIds is a required field + NetworkInterfaceIds []*string `locationNameList:"item" type:"list" required:"true"` // The ID of the transit gateway multicast domain. - TransitGatewayMulticastDomainId *string `type:"string"` + // + // TransitGatewayMulticastDomainId is a required field + TransitGatewayMulticastDomainId *string `type:"string" required:"true"` } // String returns the string representation. @@ -151143,6 +164435,22 @@ func (s RegisterTransitGatewayMulticastGroupSourcesInput) GoString() string { return s.String() } +// Validate inspects the fields of the type to determine if they are valid. +func (s *RegisterTransitGatewayMulticastGroupSourcesInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "RegisterTransitGatewayMulticastGroupSourcesInput"} + if s.NetworkInterfaceIds == nil { + invalidParams.Add(request.NewErrParamRequired("NetworkInterfaceIds")) + } + if s.TransitGatewayMulticastDomainId == nil { + invalidParams.Add(request.NewErrParamRequired("TransitGatewayMulticastDomainId")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + // SetDryRun sets the DryRun field's value. func (s *RegisterTransitGatewayMulticastGroupSourcesInput) SetDryRun(v bool) *RegisterTransitGatewayMulticastGroupSourcesInput { s.DryRun = &v @@ -151482,7 +164790,7 @@ type RejectVpcEndpointConnectionsInput struct { // ServiceId is a required field ServiceId *string `type:"string" required:"true"` - // The IDs of one or more VPC endpoints. + // The IDs of the VPC endpoints. // // VpcEndpointIds is a required field VpcEndpointIds []*string `locationName:"VpcEndpointId" locationNameList:"item" type:"list" required:"true"` @@ -151663,7 +164971,7 @@ func (s *RejectVpcPeeringConnectionOutput) SetReturn(v bool) *RejectVpcPeeringCo type ReleaseAddressInput struct { _ struct{} `type:"structure"` - // [EC2-VPC] The allocation ID. Required for EC2-VPC. + // The allocation ID. This parameter is required. AllocationId *string `type:"string"` // Checks whether you have the required permissions for the action, without @@ -151677,12 +164985,9 @@ type ReleaseAddressInput struct { // // If you provide an incorrect network border group, you receive an InvalidAddress.NotFound // error. - // - // You cannot use a network border group with EC2 Classic. If you attempt this - // operation on EC2 classic, you receive an InvalidParameterCombination error. NetworkBorderGroup *string `type:"string"` - // [EC2-Classic] The Elastic IP address. Required for EC2-Classic. + // Deprecated. PublicIp *string `type:"string"` } @@ -152991,6 +166296,118 @@ func (s *ReplaceTransitGatewayRouteOutput) SetRoute(v *TransitGatewayRoute) *Rep return s } +type ReplaceVpnTunnelInput struct { + _ struct{} `type:"structure"` + + // Trigger pending tunnel endpoint maintenance. + ApplyPendingMaintenance *bool `type:"boolean"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The ID of the Site-to-Site VPN connection. + // + // VpnConnectionId is a required field + VpnConnectionId *string `type:"string" required:"true"` + + // The external IP address of the VPN tunnel. + // + // VpnTunnelOutsideIpAddress is a required field + VpnTunnelOutsideIpAddress *string `type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ReplaceVpnTunnelInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ReplaceVpnTunnelInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *ReplaceVpnTunnelInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "ReplaceVpnTunnelInput"} + if s.VpnConnectionId == nil { + invalidParams.Add(request.NewErrParamRequired("VpnConnectionId")) + } + if s.VpnTunnelOutsideIpAddress == nil { + invalidParams.Add(request.NewErrParamRequired("VpnTunnelOutsideIpAddress")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetApplyPendingMaintenance sets the ApplyPendingMaintenance field's value. +func (s *ReplaceVpnTunnelInput) SetApplyPendingMaintenance(v bool) *ReplaceVpnTunnelInput { + s.ApplyPendingMaintenance = &v + return s +} + +// SetDryRun sets the DryRun field's value. +func (s *ReplaceVpnTunnelInput) SetDryRun(v bool) *ReplaceVpnTunnelInput { + s.DryRun = &v + return s +} + +// SetVpnConnectionId sets the VpnConnectionId field's value. +func (s *ReplaceVpnTunnelInput) SetVpnConnectionId(v string) *ReplaceVpnTunnelInput { + s.VpnConnectionId = &v + return s +} + +// SetVpnTunnelOutsideIpAddress sets the VpnTunnelOutsideIpAddress field's value. +func (s *ReplaceVpnTunnelInput) SetVpnTunnelOutsideIpAddress(v string) *ReplaceVpnTunnelInput { + s.VpnTunnelOutsideIpAddress = &v + return s +} + +type ReplaceVpnTunnelOutput struct { + _ struct{} `type:"structure"` + + // Confirmation of replace tunnel operation. + Return *bool `locationName:"return" type:"boolean"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ReplaceVpnTunnelOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ReplaceVpnTunnelOutput) GoString() string { + return s.String() +} + +// SetReturn sets the Return field's value. +func (s *ReplaceVpnTunnelOutput) SetReturn(v bool) *ReplaceVpnTunnelOutput { + s.Return = &v + return s +} + type ReportInstanceStatusInput struct { _ struct{} `type:"structure"` @@ -153147,6 +166564,47 @@ func (s ReportInstanceStatusOutput) GoString() string { return s.String() } +// Describes a port range. +type RequestFilterPortRange struct { + _ struct{} `type:"structure"` + + // The first port in the range. + FromPort *int64 `type:"integer"` + + // The last port in the range. + ToPort *int64 `type:"integer"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s RequestFilterPortRange) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s RequestFilterPortRange) GoString() string { + return s.String() +} + +// SetFromPort sets the FromPort field's value. +func (s *RequestFilterPortRange) SetFromPort(v int64) *RequestFilterPortRange { + s.FromPort = &v + return s +} + +// SetToPort sets the ToPort field's value. +func (s *RequestFilterPortRange) SetToPort(v int64) *RequestFilterPortRange { + s.ToPort = &v + return s +} + // A tag on an IPAM resource. type RequestIpamResourceTag struct { _ struct{} `type:"structure"` @@ -153193,7 +166651,7 @@ func (s *RequestIpamResourceTag) SetValue(v string) *RequestIpamResourceTag { // // You must specify at least one parameter for the launch template data. type RequestLaunchTemplateData struct { - _ struct{} `type:"structure" sensitive:"true"` + _ struct{} `type:"structure"` // The block device mapping. BlockDeviceMappings []*LaunchTemplateBlockDeviceMappingRequest `locationName:"BlockDeviceMapping" locationNameList:"BlockDeviceMapping" type:"list"` @@ -153213,7 +166671,8 @@ type RequestLaunchTemplateData struct { CreditSpecification *CreditSpecificationRequest `type:"structure"` // Indicates whether to enable the instance for stop protection. For more information, - // see Stop Protection (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Stop_Start.html#Using_StopProtection). + // see Stop protection (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Stop_Start.html#Using_StopProtection) + // in the Amazon Elastic Compute Cloud User Guide. DisableApiStop *bool `type:"boolean"` // If you set this parameter to true, you can't terminate the instance using @@ -153230,10 +166689,26 @@ type RequestLaunchTemplateData struct { // an EBS-optimized instance. EbsOptimized *bool `type:"boolean"` - // An elastic GPU to associate with the instance. + // Deprecated. + // + // Amazon Elastic Graphics reached end of life on January 8, 2024. For workloads + // that require graphics acceleration, we recommend that you use Amazon EC2 + // G4ad, G4dn, or G5 instances. ElasticGpuSpecifications []*ElasticGpuSpecification `locationName:"ElasticGpuSpecification" locationNameList:"ElasticGpuSpecification" type:"list"` - // The elastic inference accelerator for the instance. + // An elastic inference accelerator to associate with the instance. Elastic + // inference accelerators are a resource you can attach to your Amazon EC2 instances + // to accelerate your Deep Learning (DL) inference workloads. + // + // You cannot specify accelerators from different generations in the same request. + // + // Starting April 15, 2023, Amazon Web Services will not onboard new customers + // to Amazon Elastic Inference (EI), and will help current customers migrate + // their workloads to options that offer better price and performance. After + // April 15, 2023, new customers will not be able to launch instances with Amazon + // EI accelerators in Amazon SageMaker, Amazon ECS, or Amazon EC2. However, + // customers who have used Amazon EI at least once during the past 30-day period + // are considered current customers and will be able to continue using the service. ElasticInferenceAccelerators []*LaunchTemplateElasticInferenceAccelerator `locationName:"ElasticInferenceAccelerator" locationNameList:"item" type:"list"` // Indicates whether the instance is enabled for Amazon Web Services Nitro Enclaves. @@ -153253,7 +166728,28 @@ type RequestLaunchTemplateData struct { // The name or Amazon Resource Name (ARN) of an IAM instance profile. IamInstanceProfile *LaunchTemplateIamInstanceProfileSpecificationRequest `type:"structure"` - // The ID of the AMI. + // The ID of the AMI. Alternatively, you can specify a Systems Manager parameter, + // which will resolve to an AMI ID on launch. + // + // Valid formats: + // + // * ami-17characters00000 + // + // * resolve:ssm:parameter-name + // + // * resolve:ssm:parameter-name:version-number + // + // * resolve:ssm:parameter-name:label + // + // * resolve:ssm:public-parameter + // + // Currently, EC2 Fleet and Spot Fleet do not support specifying a Systems Manager + // parameter. If the launch template will be used by an EC2 Fleet or Spot Fleet, + // you must specify the AMI ID. + // + // For more information, see Use a Systems Manager parameter instead of an AMI + // ID (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/create-launch-template.html#use-an-ssm-parameter-instead-of-an-ami-id) + // in the Amazon Elastic Compute Cloud User Guide. ImageId *string `type:"string"` // Indicates whether an instance stops or terminates when you initiate shutdown @@ -153268,7 +166764,37 @@ type RequestLaunchTemplateData struct { // The attributes for the instance types. When you specify instance attributes, // Amazon EC2 will identify instance types with these attributes. // + // You must specify VCpuCount and MemoryMiB. All other attributes are optional. + // Any unspecified optional attribute is set to its default. + // + // When you specify multiple attributes, you get instance types that satisfy + // all of the specified attributes. If you specify multiple values for an attribute, + // you get instance types that satisfy any of the specified values. + // + // To limit the list of instance types from which Amazon EC2 can identify matching + // instance types, you can use one of the following parameters, but not both + // in the same request: + // + // * AllowedInstanceTypes - The instance types to include in the list. All + // other instance types are ignored, even if they match your specified attributes. + // + // * ExcludedInstanceTypes - The instance types to exclude from the list, + // even if they match your specified attributes. + // // If you specify InstanceRequirements, you can't specify InstanceType. + // + // Attribute-based instance type selection is only supported when using Auto + // Scaling groups, EC2 Fleet, and Spot Fleet to launch instances. If you plan + // to use the launch template in the launch instance wizard (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-launch-instance-wizard.html), + // or with the RunInstances (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RunInstances.html) + // API or AWS::EC2::Instance (https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-instance.html) + // Amazon Web Services CloudFormation resource, you can't specify InstanceRequirements. + // + // For more information, see Attribute-based instance type selection for EC2 + // Fleet (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-fleet-attribute-based-instance-type-selection.html), + // Attribute-based instance type selection for Spot Fleet (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-fleet-attribute-based-instance-type-selection.html), + // and Spot placement score (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-placement-score.html) + // in the Amazon EC2 User Guide. InstanceRequirements *InstanceRequirementsRequest `type:"structure"` // The instance type. For more information, see Instance types (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html) @@ -153325,33 +166851,14 @@ type RequestLaunchTemplateData struct { // One or more security group IDs. You can create a security group using CreateSecurityGroup // (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateSecurityGroup.html). - // You cannot specify both a security group ID and security name in the same - // request. SecurityGroupIds []*string `locationName:"SecurityGroupId" locationNameList:"SecurityGroupId" type:"list"` // One or more security group names. For a nondefault VPC, you must use security - // group IDs instead. You cannot specify both a security group ID and security - // name in the same request. + // group IDs instead. SecurityGroups []*string `locationName:"SecurityGroup" locationNameList:"SecurityGroup" type:"list"` // The tags to apply to the resources that are created during instance launch. - // - // You can specify tags for the following resources only: - // - // * Instances - // - // * Volumes - // - // * Elastic graphics - // - // * Spot Instance requests - // - // * Network interfaces - // - // To tag a resource after it has been created, see CreateTags (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateTags.html). - // - // To tag the launch template itself, you must use the TagSpecification (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateLaunchTemplate.html) - // parameter. + // These tags are not applied to the launch template. TagSpecifications []*LaunchTemplateTagSpecificationRequest `locationName:"TagSpecification" locationNameList:"LaunchTemplateTagSpecificationRequest" type:"list"` // The user data to make available to the instance. You must provide base64-encoded @@ -153364,7 +166871,11 @@ type RequestLaunchTemplateData struct { // must be provided in the MIME multi-part archive format (https://cloudinit.readthedocs.io/en/latest/topics/format.html#mime-multi-part-archive). // For more information, see Amazon EC2 user data in launch templates (https://docs.aws.amazon.com/batch/latest/userguide/launch-templates.html) // in the Batch User Guide. - UserData *string `type:"string"` + // + // UserData is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by RequestLaunchTemplateData's + // String and GoString methods. + UserData *string `type:"string" sensitive:"true"` } // String returns the string representation. @@ -153922,7 +167433,7 @@ func (s *RequestSpotInstancesInput) SetValidUntil(v time.Time) *RequestSpotInsta type RequestSpotInstancesOutput struct { _ struct{} `type:"structure"` - // One or more Spot Instance requests. + // The Spot Instance requests. SpotInstanceRequests []*SpotInstanceRequest `locationName:"spotInstanceRequestSet" locationNameList:"item" type:"list"` } @@ -153957,8 +167468,8 @@ type RequestSpotLaunchSpecification struct { // Deprecated. AddressingType *string `locationName:"addressingType" type:"string"` - // One or more block device mapping entries. You can't specify both a snapshot - // ID and an encryption value. This is because only blank volumes can be encrypted + // The block device mapping entries. You can't specify both a snapshot ID and + // an encryption value. This is because only blank volumes can be encrypted // on creation. If a snapshot is the basis for a volume, it is not blank and // its encryption status is used for the volume encryption status. BlockDeviceMappings []*BlockDeviceMapping `locationName:"blockDeviceMapping" locationNameList:"item" type:"list"` @@ -153992,8 +167503,8 @@ type RequestSpotLaunchSpecification struct { // Default: Disabled Monitoring *RunInstancesMonitoringEnabled `locationName:"monitoring" type:"structure"` - // One or more network interfaces. If you specify a network interface, you must - // specify subnet IDs and security group IDs using the network interface. + // The network interfaces. If you specify a network interface, you must specify + // subnet IDs and security group IDs using the network interface. NetworkInterfaces []*InstanceNetworkInterfaceSpecification `locationName:"NetworkInterface" locationNameList:"item" type:"list"` // The placement information for the instance. @@ -154002,20 +167513,22 @@ type RequestSpotLaunchSpecification struct { // The ID of the RAM disk. RamdiskId *string `locationName:"ramdiskId" type:"string"` - // One or more security group IDs. + // The IDs of the security groups. SecurityGroupIds []*string `locationName:"SecurityGroupId" locationNameList:"item" type:"list"` - // One or more security groups. When requesting instances in a VPC, you must - // specify the IDs of the security groups. When requesting instances in EC2-Classic, - // you can specify the names or the IDs of the security groups. + // Not supported. SecurityGroups []*string `locationName:"SecurityGroup" locationNameList:"item" type:"list"` // The ID of the subnet in which to launch the instance. SubnetId *string `locationName:"subnetId" type:"string"` - // The Base64-encoded user data for the instance. User data is limited to 16 - // KB. - UserData *string `locationName:"userData" type:"string"` + // The base64-encoded user data that instances use when starting up. User data + // is limited to 16 KB. + // + // UserData is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by RequestSpotLaunchSpecification's + // String and GoString methods. + UserData *string `locationName:"userData" type:"string" sensitive:"true"` } // String returns the string representation. @@ -154153,7 +167666,7 @@ func (s *RequestSpotLaunchSpecification) SetUserData(v string) *RequestSpotLaunc type Reservation struct { _ struct{} `type:"structure"` - // [EC2-Classic only] The security groups. + // Not supported. Groups []*GroupIdentifier `locationName:"groupSet" locationNameList:"item" type:"list"` // The instances. @@ -154673,8 +168186,7 @@ type ReservedInstancesConfiguration struct { // The instance type for the modified Reserved Instances. InstanceType *string `locationName:"instanceType" type:"string" enum:"InstanceType"` - // The network platform of the modified Reserved Instances, which is either - // EC2-Classic or EC2-VPC. + // The network platform of the modified Reserved Instances. Platform *string `locationName:"platform" type:"string"` // Whether the Reserved Instance is applied to instances in a Region or instances @@ -155979,7 +169491,8 @@ type ResponseLaunchTemplateData struct { CreditSpecification *CreditSpecification `locationName:"creditSpecification" type:"structure"` // Indicates whether the instance is enabled for stop protection. For more information, - // see Stop Protection (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Stop_Start.html#Using_StopProtection). + // see Stop protection (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Stop_Start.html#Using_StopProtection) + // in the Amazon Elastic Compute Cloud User Guide. DisableApiStop *bool `locationName:"disableApiStop" type:"boolean"` // If set to true, indicates that the instance cannot be terminated using the @@ -155989,10 +169502,26 @@ type ResponseLaunchTemplateData struct { // Indicates whether the instance is optimized for Amazon EBS I/O. EbsOptimized *bool `locationName:"ebsOptimized" type:"boolean"` - // The elastic GPU specification. + // Deprecated. + // + // Amazon Elastic Graphics reached end of life on January 8, 2024. For workloads + // that require graphics acceleration, we recommend that you use Amazon EC2 + // G4ad, G4dn, or G5 instances. ElasticGpuSpecifications []*ElasticGpuSpecificationResponse `locationName:"elasticGpuSpecificationSet" locationNameList:"item" type:"list"` - // The elastic inference accelerator for the instance. + // An elastic inference accelerator to associate with the instance. Elastic + // inference accelerators are a resource you can attach to your Amazon EC2 instances + // to accelerate your Deep Learning (DL) inference workloads. + // + // You cannot specify accelerators from different generations in the same request. + // + // Starting April 15, 2023, Amazon Web Services will not onboard new customers + // to Amazon Elastic Inference (EI), and will help current customers migrate + // their workloads to options that offer better price and performance. After + // April 15, 2023, new customers will not be able to launch instances with Amazon + // EI accelerators in Amazon SageMaker, Amazon ECS, or Amazon EC2. However, + // customers who have used Amazon EI at least once during the past 30-day period + // are considered current customers and will be able to continue using the service. ElasticInferenceAccelerators []*LaunchTemplateElasticInferenceAcceleratorResponse `locationName:"elasticInferenceAcceleratorSet" locationNameList:"item" type:"list"` // Indicates whether the instance is enabled for Amazon Web Services Nitro Enclaves. @@ -156006,7 +169535,24 @@ type ResponseLaunchTemplateData struct { // The IAM instance profile. IamInstanceProfile *LaunchTemplateIamInstanceProfileSpecification `locationName:"iamInstanceProfile" type:"structure"` - // The ID of the AMI that was used to launch the instance. + // The ID of the AMI or a Systems Manager parameter. The Systems Manager parameter + // will resolve to the ID of the AMI at instance launch. + // + // The value depends on what you specified in the request. The possible values + // are: + // + // * If an AMI ID was specified in the request, then this is the AMI ID. + // + // * If a Systems Manager parameter was specified in the request, and ResolveAlias + // was configured as true, then this is the AMI ID that the parameter is + // mapped to in the Parameter Store. + // + // * If a Systems Manager parameter was specified in the request, and ResolveAlias + // was configured as false, then this is the parameter value. + // + // For more information, see Use a Systems Manager parameter instead of an AMI + // ID (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-launch-templates.html#use-an-ssm-parameter-instead-of-an-ami-id) + // in the Amazon Elastic Compute Cloud User Guide. ImageId *string `locationName:"imageId" type:"string"` // Indicates whether an instance stops or terminates when you initiate shutdown @@ -156068,7 +169614,11 @@ type ResponseLaunchTemplateData struct { TagSpecifications []*LaunchTemplateTagSpecification `locationName:"tagSpecificationSet" locationNameList:"item" type:"list"` // The user data for the instance. - UserData *string `locationName:"userData" type:"string"` + // + // UserData is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by ResponseLaunchTemplateData's + // String and GoString methods. + UserData *string `locationName:"userData" type:"string" sensitive:"true"` } // String returns the string representation. @@ -156647,8 +170197,8 @@ type RestoreSnapshotFromRecycleBinOutput struct { Encrypted *bool `locationName:"encrypted" type:"boolean"` // The ARN of the Outpost on which the snapshot is stored. For more information, - // see Amazon EBS local snapshots on Outposts (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/snapshots-outposts.html) - // in the Amazon Elastic Compute Cloud User Guide. + // see Amazon EBS local snapshots on Outposts (https://docs.aws.amazon.com/ebs/latest/userguide/snapshots-outposts.html) + // in the Amazon EBS User Guide. OutpostArn *string `locationName:"outpostArn" type:"string"` // The ID of the Amazon Web Services account that owns the EBS snapshot. @@ -156660,6 +170210,9 @@ type RestoreSnapshotFromRecycleBinOutput struct { // The ID of the snapshot. SnapshotId *string `locationName:"snapshotId" type:"string"` + // Reserved for future use. + SseType *string `locationName:"sseType" type:"string" enum:"SSEType"` + // The time stamp when the snapshot was initiated. StartTime *time.Time `locationName:"startTime" type:"timestamp"` @@ -156727,6 +170280,12 @@ func (s *RestoreSnapshotFromRecycleBinOutput) SetSnapshotId(v string) *RestoreSn return s } +// SetSseType sets the SseType field's value. +func (s *RestoreSnapshotFromRecycleBinOutput) SetSseType(v string) *RestoreSnapshotFromRecycleBinOutput { + s.SseType = &v + return s +} + // SetStartTime sets the StartTime field's value. func (s *RestoreSnapshotFromRecycleBinOutput) SetStartTime(v time.Time) *RestoreSnapshotFromRecycleBinOutput { s.StartTime = &v @@ -157204,19 +170763,16 @@ type RevokeSecurityGroupIngressInput struct { // it is UnauthorizedOperation. DryRun *bool `locationName:"dryRun" type:"boolean"` - // The start of port range for the TCP and UDP protocols, or an ICMP type number. - // For the ICMP type number, use -1 to specify all ICMP types. + // If the protocol is TCP or UDP, this is the start of the port range. If the + // protocol is ICMP, this is the ICMP type or -1 (all ICMP types). FromPort *int64 `type:"integer"` - // The ID of the security group. You must specify either the security group - // ID or the security group name in the request. For security groups in a nondefault - // VPC, you must specify the security group ID. + // The ID of the security group. GroupId *string `type:"string"` - // [EC2-Classic, default VPC] The name of the security group. You must specify - // either the security group ID or the security group name in the request. For - // security groups in a nondefault VPC, you must specify the security group - // ID. + // [Default VPC] The name of the security group. You must specify either the + // security group ID or the security group name in the request. For security + // groups in a nondefault VPC, you must specify the security group ID. GroupName *string `type:"string"` // The sets of IP permissions. You can't specify a source security group and @@ -157230,24 +170786,18 @@ type RevokeSecurityGroupIngressInput struct { // The IDs of the security group rules. SecurityGroupRuleIds []*string `locationName:"SecurityGroupRuleId" locationNameList:"item" type:"list"` - // [EC2-Classic, default VPC] The name of the source security group. You can't - // specify this parameter in combination with the following parameters: the - // CIDR IP address range, the start of the port range, the IP protocol, and - // the end of the port range. For EC2-VPC, the source security group must be - // in the same VPC. To revoke a specific rule for an IP protocol and port range, - // use a set of IP permissions instead. + // [Default VPC] The name of the source security group. You can't specify this + // parameter in combination with the following parameters: the CIDR IP address + // range, the start of the port range, the IP protocol, and the end of the port + // range. The source security group must be in the same VPC. To revoke a specific + // rule for an IP protocol and port range, use a set of IP permissions instead. SourceSecurityGroupName *string `type:"string"` - // [EC2-Classic] The Amazon Web Services account ID of the source security group, - // if the source security group is in a different account. You can't specify - // this parameter in combination with the following parameters: the CIDR IP - // address range, the IP protocol, the start of the port range, and the end - // of the port range. To revoke a specific rule for an IP protocol and port - // range, use a set of IP permissions instead. + // Not supported. SourceSecurityGroupOwnerId *string `type:"string"` - // The end of port range for the TCP and UDP protocols, or an ICMP code number. - // For the ICMP code number, use -1 to specify all ICMP codes for the ICMP type. + // If the protocol is TCP or UDP, this is the end of the port range. If the + // protocol is ICMP, this is the ICMP code or -1 (all ICMP codes). ToPort *int64 `type:"integer"` } @@ -157757,6 +171307,129 @@ func (s *RouteTableAssociationState) SetStatusMessage(v string) *RouteTableAssoc return s } +// Describes the rule options for a stateful rule group. +type RuleGroupRuleOptionsPair struct { + _ struct{} `type:"structure"` + + // The ARN of the rule group. + RuleGroupArn *string `locationName:"ruleGroupArn" min:"1" type:"string"` + + // The rule options. + RuleOptions []*RuleOption `locationName:"ruleOptionSet" locationNameList:"item" type:"list"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s RuleGroupRuleOptionsPair) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s RuleGroupRuleOptionsPair) GoString() string { + return s.String() +} + +// SetRuleGroupArn sets the RuleGroupArn field's value. +func (s *RuleGroupRuleOptionsPair) SetRuleGroupArn(v string) *RuleGroupRuleOptionsPair { + s.RuleGroupArn = &v + return s +} + +// SetRuleOptions sets the RuleOptions field's value. +func (s *RuleGroupRuleOptionsPair) SetRuleOptions(v []*RuleOption) *RuleGroupRuleOptionsPair { + s.RuleOptions = v + return s +} + +// Describes the type of a stateful rule group. +type RuleGroupTypePair struct { + _ struct{} `type:"structure"` + + // The ARN of the rule group. + RuleGroupArn *string `locationName:"ruleGroupArn" min:"1" type:"string"` + + // The rule group type. The possible values are Domain List and Suricata. + RuleGroupType *string `locationName:"ruleGroupType" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s RuleGroupTypePair) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s RuleGroupTypePair) GoString() string { + return s.String() +} + +// SetRuleGroupArn sets the RuleGroupArn field's value. +func (s *RuleGroupTypePair) SetRuleGroupArn(v string) *RuleGroupTypePair { + s.RuleGroupArn = &v + return s +} + +// SetRuleGroupType sets the RuleGroupType field's value. +func (s *RuleGroupTypePair) SetRuleGroupType(v string) *RuleGroupTypePair { + s.RuleGroupType = &v + return s +} + +// Describes additional settings for a stateful rule. +type RuleOption struct { + _ struct{} `type:"structure"` + + // The Suricata keyword. + Keyword *string `locationName:"keyword" type:"string"` + + // The settings for the keyword. + Settings []*string `locationName:"settingSet" locationNameList:"item" type:"list"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s RuleOption) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s RuleOption) GoString() string { + return s.String() +} + +// SetKeyword sets the Keyword field's value. +func (s *RuleOption) SetKeyword(v string) *RuleOption { + s.Keyword = &v + return s +} + +// SetSettings sets the Settings field's value. +func (s *RuleOption) SetSettings(v []*string) *RuleOption { + s.Settings = v + return s +} + type RunInstancesInput struct { _ struct{} `type:"structure"` @@ -157828,10 +171501,11 @@ type RunInstancesInput struct { // Default: false EbsOptimized *bool `locationName:"ebsOptimized" type:"boolean"` - // An elastic GPU to associate with the instance. An Elastic GPU is a GPU resource - // that you can attach to your Windows instance to accelerate the graphics performance - // of your applications. For more information, see Amazon EC2 Elastic GPUs (https://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/elastic-graphics.html) - // in the Amazon EC2 User Guide. + // Deprecated. + // + // Amazon Elastic Graphics reached end of life on January 8, 2024. For workloads + // that require graphics acceleration, we recommend that you use Amazon EC2 + // G4ad, G4dn, or G5 instances. ElasticGpuSpecification []*ElasticGpuSpecification `locationNameList:"item" type:"list"` // An elastic inference accelerator to associate with the instance. Elastic @@ -157839,8 +171513,31 @@ type RunInstancesInput struct { // to accelerate your Deep Learning (DL) inference workloads. // // You cannot specify accelerators from different generations in the same request. + // + // Starting April 15, 2023, Amazon Web Services will not onboard new customers + // to Amazon Elastic Inference (EI), and will help current customers migrate + // their workloads to options that offer better price and performance. After + // April 15, 2023, new customers will not be able to launch instances with Amazon + // EI accelerators in Amazon SageMaker, Amazon ECS, or Amazon EC2. However, + // customers who have used Amazon EI at least once during the past 30-day period + // are considered current customers and will be able to continue using the service. ElasticInferenceAccelerators []*ElasticInferenceAccelerator `locationName:"ElasticInferenceAccelerator" locationNameList:"item" type:"list"` + // If you’re launching an instance into a dual-stack or IPv6-only subnet, + // you can enable assigning a primary IPv6 address. A primary IPv6 address is + // an IPv6 GUA address associated with an ENI that you have enabled to use a + // primary IPv6 address. Use this option if an instance relies on its IPv6 address + // not changing. When you launch the instance, Amazon Web Services will automatically + // assign an IPv6 address associated with the ENI attached to your instance + // to be the primary IPv6 address. Once you enable an IPv6 GUA address to be + // a primary IPv6, you cannot disable it. When you enable an IPv6 GUA address + // to be a primary IPv6, the first IPv6 GUA will be made the primary IPv6 address + // until the instance is terminated or the network interface is detached. If + // you have multiple IPv6 addresses associated with an ENI attached to your + // instance and you enable a primary IPv6 address, the first IPv6 GUA address + // associated with the ENI becomes the primary IPv6 address. + EnablePrimaryIpv6 *bool `type:"boolean"` + // Indicates whether the instance is enabled for Amazon Web Services Nitro Enclaves. // For more information, see What is Amazon Web Services Nitro Enclaves? (https://docs.aws.amazon.com/enclaves/latest/user/nitro-enclave.html) // in the Amazon Web Services Nitro Enclaves User Guide. @@ -157849,8 +171546,9 @@ type RunInstancesInput struct { // same instance. EnclaveOptions *EnclaveOptionsRequest `type:"structure"` - // Indicates whether an instance is enabled for hibernation. For more information, - // see Hibernate your instance (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html) + // Indicates whether an instance is enabled for hibernation. This parameter + // is valid only if the instance meets the hibernation prerequisites (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/hibernating-prerequisites.html). + // For more information, see Hibernate your instance (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html) // in the Amazon EC2 User Guide. // // You can't enable hibernation and Amazon Web Services Nitro Enclaves on the @@ -157878,13 +171576,11 @@ type RunInstancesInput struct { // The instance type. For more information, see Instance types (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html) // in the Amazon EC2 User Guide. - // - // Default: m1.small InstanceType *string `type:"string" enum:"InstanceType"` - // [EC2-VPC] The number of IPv6 addresses to associate with the primary network - // interface. Amazon EC2 chooses the IPv6 addresses from the range of your subnet. - // You cannot specify this option and the option to assign specific IPv6 addresses + // The number of IPv6 addresses to associate with the primary network interface. + // Amazon EC2 chooses the IPv6 addresses from the range of your subnet. You + // cannot specify this option and the option to assign specific IPv6 addresses // in the same request. You can specify this option if you've specified a minimum // number of instances to launch. // @@ -157892,10 +171588,10 @@ type RunInstancesInput struct { // request. Ipv6AddressCount *int64 `type:"integer"` - // [EC2-VPC] The IPv6 addresses from the range of the subnet to associate with - // the primary network interface. You cannot specify this option and the option - // to assign a number of IPv6 addresses in the same request. You cannot specify - // this option if you've specified a minimum number of instances to launch. + // The IPv6 addresses from the range of the subnet to associate with the primary + // network interface. You cannot specify this option and the option to assign + // a number of IPv6 addresses in the same request. You cannot specify this option + // if you've specified a minimum number of instances to launch. // // You cannot specify this option and the network interfaces option in the same // request. @@ -157966,11 +171662,12 @@ type RunInstancesInput struct { Placement *Placement `type:"structure"` // The options for the instance hostname. The default values are inherited from - // the subnet. + // the subnet. Applies only if creating a network interface, not attaching an + // existing one. PrivateDnsNameOptions *PrivateDnsNameOptionsRequest `type:"structure"` - // [EC2-VPC] The primary IPv4 address. You must specify a value from the IPv4 - // address range of the subnet. + // The primary IPv4 address. You must specify a value from the IPv4 address + // range of the subnet. // // Only one private IP address can be designated as primary. You can't specify // this option if you've specified the option to designate a private IP address @@ -157998,8 +171695,7 @@ type RunInstancesInput struct { // as part of the network interface. SecurityGroupIds []*string `locationName:"SecurityGroupId" locationNameList:"SecurityGroupId" type:"list"` - // [EC2-Classic, default VPC] The names of the security groups. For a nondefault - // VPC, you must use security group IDs instead. + // [Default VPC] The names of the security groups. // // If you specify a network interface, you must specify any security groups // as part of the network interface. @@ -158007,7 +171703,7 @@ type RunInstancesInput struct { // Default: Amazon EC2 uses the default security group. SecurityGroups []*string `locationName:"SecurityGroup" locationNameList:"SecurityGroup" type:"list"` - // [EC2-VPC] The ID of the subnet to launch the instance into. + // The ID of the subnet to launch the instance into. // // If you specify a network interface, you must specify any subnets as part // of the network interface. @@ -158021,8 +171717,6 @@ type RunInstancesInput struct { // // * Volumes // - // * Elastic graphics - // // * Spot Instance requests // // * Network interfaces @@ -158179,6 +171873,12 @@ func (s *RunInstancesInput) SetElasticInferenceAccelerators(v []*ElasticInferenc return s } +// SetEnablePrimaryIpv6 sets the EnablePrimaryIpv6 field's value. +func (s *RunInstancesInput) SetEnablePrimaryIpv6(v bool) *RunInstancesInput { + s.EnablePrimaryIpv6 = &v + return s +} + // SetEnclaveOptions sets the EnclaveOptions field's value. func (s *RunInstancesInput) SetEnclaveOptions(v *EnclaveOptionsRequest) *RunInstancesInput { s.EnclaveOptions = v @@ -158417,8 +172117,12 @@ type RunScheduledInstancesInput struct { // The launch specification. You must match the instance type, Availability // Zone, network, and platform of the schedule that you purchased. // + // LaunchSpecification is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by RunScheduledInstancesInput's + // String and GoString methods. + // // LaunchSpecification is a required field - LaunchSpecification *ScheduledInstancesLaunchSpecification `type:"structure" required:"true"` + LaunchSpecification *ScheduledInstancesLaunchSpecification `type:"structure" required:"true" sensitive:"true"` // The Scheduled Instance ID. // @@ -158582,8 +172286,9 @@ type S3Storage struct { _ struct{} `type:"structure"` // The access key ID of the owner of the bucket. Before you specify a value - // for your access key ID, review and follow the guidance in Best practices - // for managing Amazon Web Services access keys (https://docs.aws.amazon.com/general/latest/gr/aws-access-keys-best-practices.html). + // for your access key ID, review and follow the guidance in Best Practices + // for Amazon Web Services accounts (https://docs.aws.amazon.com/accounts/latest/reference/best-practices.html) + // in the Account ManagementReference Guide. AWSAccessKeyId *string `type:"string"` // The bucket in which to store the AMI. You can specify a bucket that you already @@ -158600,7 +172305,11 @@ type S3Storage struct { UploadPolicy []byte `locationName:"uploadPolicy" type:"blob"` // The signature of the JSON document. - UploadPolicySignature *string `locationName:"uploadPolicySignature" type:"string"` + // + // UploadPolicySignature is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by S3Storage's + // String and GoString methods. + UploadPolicySignature *string `locationName:"uploadPolicySignature" type:"string" sensitive:"true"` } // String returns the string representation. @@ -158670,7 +172379,7 @@ type ScheduledInstance struct { // The instance type. InstanceType *string `locationName:"instanceType" type:"string"` - // The network platform (EC2-Classic or EC2-VPC). + // The network platform. NetworkPlatform *string `locationName:"networkPlatform" type:"string"` // The time for the next schedule to start. @@ -158835,7 +172544,7 @@ type ScheduledInstanceAvailability struct { // The minimum term. The only possible value is 365 days. MinTermDurationInDays *int64 `locationName:"minTermDurationInDays" type:"integer"` - // The network platform (EC2-Classic or EC2-VPC). + // The network platform. NetworkPlatform *string `locationName:"networkPlatform" type:"string"` // The platform (Linux/UNIX or Windows). @@ -159177,16 +172886,8 @@ type ScheduledInstancesEbs struct { // only to instances that support them. Encrypted *bool `type:"boolean"` - // The number of I/O operations per second (IOPS) to provision for an io1 or - // io2 volume, with a maximum ratio of 50 IOPS/GiB for io1, and 500 IOPS/GiB - // for io2. Range is 100 to 64,000 IOPS for volumes in most Regions. Maximum - // IOPS of 64,000 is guaranteed only on instances built on the Nitro System - // (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html#ec2-nitro-instances). - // Other instance families guarantee performance up to 32,000 IOPS. For more - // information, see Amazon EBS volume types (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html) - // in the Amazon EC2 User Guide. - // - // This parameter is valid only for Provisioned IOPS SSD (io1 and io2) volumes. + // The number of I/O operations per second (IOPS) to provision for a gp3, io1, + // or io2 volume. Iops *int64 `type:"integer"` // The ID of the snapshot. @@ -159198,9 +172899,7 @@ type ScheduledInstancesEbs struct { // a volume size, the default is the snapshot size. VolumeSize *int64 `type:"integer"` - // The volume type. gp2 for General Purpose SSD, io1 or io2 for Provisioned - // IOPS SSD, Throughput Optimized HDD for st1, Cold HDD for sc1, or standard - // for Magnetic. + // The volume type. // // Default: gp2 VolumeType *string `type:"string"` @@ -159339,7 +173038,7 @@ func (s *ScheduledInstancesIpv6Address) SetIpv6Address(v string) *ScheduledInsta // the ID of the subnet. You can specify the subnet using either SubnetId or // NetworkInterface. type ScheduledInstancesLaunchSpecification struct { - _ struct{} `type:"structure"` + _ struct{} `type:"structure" sensitive:"true"` // The block device mapping entries. BlockDeviceMappings []*ScheduledInstancesBlockDeviceMapping `locationName:"BlockDeviceMapping" locationNameList:"BlockDeviceMapping" type:"list"` @@ -159548,6 +173247,11 @@ type ScheduledInstancesNetworkInterface struct { // for eth0, and can only be assigned to a new network interface, not an existing // one. You cannot specify more than one network interface in the request. If // launching into a default subnet, the default value is true. + // + // Amazon Web Services charges for all public IPv4 addresses, including public + // IPv4 addresses associated with running instances and Elastic IP addresses. + // For more information, see the Public IPv4 Address tab on the Amazon VPC pricing + // page (http://aws.amazon.com/vpc/pricing/). AssociatePublicIpAddress *bool `type:"boolean"` // Indicates whether to delete the interface when the instance is terminated. @@ -159769,6 +173473,8 @@ type SearchLocalGatewayRoutesInput struct { // One or more filters. // + // * prefix-list-id - The ID of the prefix list. + // // * route-search.exact-match - The exact match of the specified filter. // // * route-search.longest-prefix-match - The longest prefix that matches @@ -159943,7 +173649,9 @@ type SearchTransitGatewayMulticastGroupsInput struct { NextToken *string `type:"string"` // The ID of the transit gateway multicast domain. - TransitGatewayMulticastDomainId *string `type:"string"` + // + // TransitGatewayMulticastDomainId is a required field + TransitGatewayMulticastDomainId *string `type:"string" required:"true"` } // String returns the string representation. @@ -159970,6 +173678,9 @@ func (s *SearchTransitGatewayMulticastGroupsInput) Validate() error { if s.MaxResults != nil && *s.MaxResults < 5 { invalidParams.Add(request.NewErrParamMinValue("MaxResults", 5)) } + if s.TransitGatewayMulticastDomainId == nil { + invalidParams.Add(request.NewErrParamRequired("TransitGatewayMulticastDomainId")) + } if invalidParams.Len() > 0 { return invalidParams @@ -160215,7 +173926,7 @@ type SecurityGroup struct { // The inbound rules associated with the security group. IpPermissions []*IpPermission `locationName:"ipPermissions" locationNameList:"item" type:"list"` - // [VPC only] The outbound rules associated with the security group. + // The outbound rules associated with the security group. IpPermissionsEgress []*IpPermission `locationName:"ipPermissionsEgress" locationNameList:"item" type:"list"` // The Amazon Web Services account ID of the owner of the security group. @@ -160224,7 +173935,7 @@ type SecurityGroup struct { // Any tags assigned to the security group. Tags []*Tag `locationName:"tagSet" locationNameList:"item" type:"list"` - // [VPC only] The ID of the VPC for the security group. + // The ID of the VPC for the security group. VpcId *string `locationName:"vpcId" type:"string"` } @@ -160294,6 +174005,83 @@ func (s *SecurityGroup) SetVpcId(v string) *SecurityGroup { return s } +// A security group that can be used by interfaces in the VPC. +type SecurityGroupForVpc struct { + _ struct{} `type:"structure"` + + // The security group's description. + Description *string `locationName:"description" type:"string"` + + // The security group ID. + GroupId *string `locationName:"groupId" type:"string"` + + // The security group name. + GroupName *string `locationName:"groupName" type:"string"` + + // The security group owner ID. + OwnerId *string `locationName:"ownerId" type:"string"` + + // The VPC ID in which the security group was created. + PrimaryVpcId *string `locationName:"primaryVpcId" type:"string"` + + // The security group tags. + Tags []*Tag `locationName:"tagSet" locationNameList:"item" type:"list"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s SecurityGroupForVpc) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s SecurityGroupForVpc) GoString() string { + return s.String() +} + +// SetDescription sets the Description field's value. +func (s *SecurityGroupForVpc) SetDescription(v string) *SecurityGroupForVpc { + s.Description = &v + return s +} + +// SetGroupId sets the GroupId field's value. +func (s *SecurityGroupForVpc) SetGroupId(v string) *SecurityGroupForVpc { + s.GroupId = &v + return s +} + +// SetGroupName sets the GroupName field's value. +func (s *SecurityGroupForVpc) SetGroupName(v string) *SecurityGroupForVpc { + s.GroupName = &v + return s +} + +// SetOwnerId sets the OwnerId field's value. +func (s *SecurityGroupForVpc) SetOwnerId(v string) *SecurityGroupForVpc { + s.OwnerId = &v + return s +} + +// SetPrimaryVpcId sets the PrimaryVpcId field's value. +func (s *SecurityGroupForVpc) SetPrimaryVpcId(v string) *SecurityGroupForVpc { + s.PrimaryVpcId = &v + return s +} + +// SetTags sets the Tags field's value. +func (s *SecurityGroupForVpc) SetTags(v []*Tag) *SecurityGroupForVpc { + s.Tags = v + return s +} + // Describes a security group. type SecurityGroupIdentifier struct { _ struct{} `type:"structure"` @@ -160345,7 +174133,16 @@ type SecurityGroupReference struct { // The ID of the VPC with the referencing security group. ReferencingVpcId *string `locationName:"referencingVpcId" type:"string"` - // The ID of the VPC peering connection. + // + // This parameter is in preview and may not be available for your account. + // + // The ID of the transit gateway (if applicable). + TransitGatewayId *string `locationName:"transitGatewayId" type:"string"` + + // The ID of the VPC peering connection (if applicable). For more information + // about security group referencing for peering connections, see Update your + // security groups to reference peer security groups (https://docs.aws.amazon.com/vpc/latest/peering/vpc-peering-security-groups.html) + // in the VPC Peering Guide. VpcPeeringConnectionId *string `locationName:"vpcPeeringConnectionId" type:"string"` } @@ -160379,6 +174176,12 @@ func (s *SecurityGroupReference) SetReferencingVpcId(v string) *SecurityGroupRef return s } +// SetTransitGatewayId sets the TransitGatewayId field's value. +func (s *SecurityGroupReference) SetTransitGatewayId(v string) *SecurityGroupReference { + s.TransitGatewayId = &v + return s +} + // SetVpcPeeringConnectionId sets the VpcPeeringConnectionId field's value. func (s *SecurityGroupReference) SetVpcPeeringConnectionId(v string) *SecurityGroupReference { s.VpcPeeringConnectionId = &v @@ -160398,9 +174201,8 @@ type SecurityGroupRule struct { // The security group rule description. Description *string `locationName:"description" type:"string"` - // The start of port range for the TCP and UDP protocols, or an ICMP/ICMPv6 - // type. A value of -1 indicates all ICMP/ICMPv6 types. If you specify all ICMP/ICMPv6 - // types, you must specify all codes. + // If the protocol is TCP or UDP, this is the start of the port range. If the + // protocol is ICMP or ICMPv6, this is the ICMP type or -1 (all ICMP types). FromPort *int64 `locationName:"fromPort" type:"integer"` // The ID of the security group. @@ -160430,9 +174232,10 @@ type SecurityGroupRule struct { // The tags applied to the security group rule. Tags []*Tag `locationName:"tagSet" locationNameList:"item" type:"list"` - // The end of port range for the TCP and UDP protocols, or an ICMP/ICMPv6 code. - // A value of -1 indicates all ICMP/ICMPv6 codes. If you specify all ICMP/ICMPv6 - // types, you must specify all codes. + // If the protocol is TCP or UDP, this is the end of the port range. If the + // protocol is ICMP or ICMPv6, this is the ICMP code or -1 (all ICMP codes). + // If the start port is -1 (all ICMP types), then the end port must be -1 (all + // ICMP codes). ToPort *int64 `locationName:"toPort" type:"integer"` } @@ -160606,9 +174409,8 @@ type SecurityGroupRuleRequest struct { // The description of the security group rule. Description *string `type:"string"` - // The start of port range for the TCP and UDP protocols, or an ICMP/ICMPv6 - // type. A value of -1 indicates all ICMP/ICMPv6 types. If you specify all ICMP/ICMPv6 - // types, you must specify all codes. + // If the protocol is TCP or UDP, this is the start of the port range. If the + // protocol is ICMP or ICMPv6, this is the ICMP type or -1 (all ICMP types). FromPort *int64 `type:"integer"` // The IP protocol name (tcp, udp, icmp, icmpv6) or number (see Protocol Numbers @@ -160623,9 +174425,10 @@ type SecurityGroupRuleRequest struct { // The ID of the security group that is referenced in the security group rule. ReferencedGroupId *string `type:"string"` - // The end of port range for the TCP and UDP protocols, or an ICMP/ICMPv6 code. - // A value of -1 indicates all ICMP/ICMPv6 codes. If you specify all ICMP/ICMPv6 - // types, you must specify all codes. + // If the protocol is TCP or UDP, this is the end of the port range. If the + // protocol is ICMP or ICMPv6, this is the ICMP code or -1 (all ICMP codes). + // If the start port is -1 (all ICMP types), then the end port must be -1 (all + // ICMP codes). ToPort *int64 `type:"integer"` } @@ -160703,7 +174506,9 @@ type SecurityGroupRuleUpdate struct { SecurityGroupRule *SecurityGroupRuleRequest `type:"structure"` // The ID of the security group rule. - SecurityGroupRuleId *string `type:"string"` + // + // SecurityGroupRuleId is a required field + SecurityGroupRuleId *string `type:"string" required:"true"` } // String returns the string representation. @@ -160724,6 +174529,19 @@ func (s SecurityGroupRuleUpdate) GoString() string { return s.String() } +// Validate inspects the fields of the type to determine if they are valid. +func (s *SecurityGroupRuleUpdate) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "SecurityGroupRuleUpdate"} + if s.SecurityGroupRuleId == nil { + invalidParams.Add(request.NewErrParamRequired("SecurityGroupRuleId")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + // SetSecurityGroupRule sets the SecurityGroupRule field's value. func (s *SecurityGroupRuleUpdate) SetSecurityGroupRule(v *SecurityGroupRuleRequest) *SecurityGroupRuleUpdate { s.SecurityGroupRule = v @@ -160864,7 +174682,7 @@ type ServiceConfiguration struct { // The supported IP address types. SupportedIpAddressTypes []*string `locationName:"supportedIpAddressTypeSet" locationNameList:"item" type:"list" enum:"ServiceConnectivityType"` - // Any tags assigned to the service. + // The tags assigned to the service. Tags []*Tag `locationName:"tagSet" locationNameList:"item" type:"list"` } @@ -161024,7 +174842,7 @@ type ServiceDetail struct { // The supported IP address types. SupportedIpAddressTypes []*string `locationName:"supportedIpAddressTypeSet" locationNameList:"item" type:"list" enum:"ServiceConnectivityType"` - // Any tags assigned to the service. + // The tags assigned to the service. Tags []*Tag `locationName:"tagSet" locationNameList:"item" type:"list"` // Indicates whether the service supports endpoint policies. @@ -161299,8 +175117,8 @@ type Snapshot struct { KmsKeyId *string `locationName:"kmsKeyId" type:"string"` // The ARN of the Outpost on which the snapshot is stored. For more information, - // see Amazon EBS local snapshots on Outposts (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/snapshots-outposts.html) - // in the Amazon Elastic Compute Cloud User Guide. + // see Amazon EBS local snapshots on Outposts (https://docs.aws.amazon.com/ebs/latest/userguide/snapshots-outposts.html) + // in the Amazon EBS User Guide. OutpostArn *string `locationName:"outpostArn" type:"string"` // The Amazon Web Services owner alias, from an Amazon-maintained list (amazon). @@ -161323,6 +175141,9 @@ type Snapshot struct { // is created. SnapshotId *string `locationName:"snapshotId" type:"string"` + // Reserved for future use. + SseType *string `locationName:"sseType" type:"string" enum:"SSEType"` + // The time stamp when the snapshot was initiated. StartTime *time.Time `locationName:"startTime" type:"timestamp"` @@ -161432,6 +175253,12 @@ func (s *Snapshot) SetSnapshotId(v string) *Snapshot { return s } +// SetSseType sets the SseType field's value. +func (s *Snapshot) SetSseType(v string) *Snapshot { + s.SseType = &v + return s +} + // SetStartTime sets the StartTime field's value. func (s *Snapshot) SetStartTime(v time.Time) *Snapshot { s.StartTime = &v @@ -161503,7 +175330,11 @@ type SnapshotDetail struct { StatusMessage *string `locationName:"statusMessage" type:"string"` // The URL used to access the disk image. - Url *string `locationName:"url" type:"string"` + // + // Url is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by SnapshotDetail's + // String and GoString methods. + Url *string `locationName:"url" type:"string" sensitive:"true"` // The Amazon S3 bucket for the disk image. UserBucket *UserBucketDetails `locationName:"userBucket" type:"structure"` @@ -161601,7 +175432,11 @@ type SnapshotDiskContainer struct { // The URL to the Amazon S3-based disk image being imported. It can either be // a https URL (https://..) or an Amazon S3 URL (s3://..). - Url *string `type:"string"` + // + // Url is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by SnapshotDiskContainer's + // String and GoString methods. + Url *string `type:"string" sensitive:"true"` // The Amazon S3 bucket for the disk image. UserBucket *UserBucket `type:"structure"` @@ -161661,8 +175496,8 @@ type SnapshotInfo struct { Encrypted *bool `locationName:"encrypted" type:"boolean"` // The ARN of the Outpost on which the snapshot is stored. For more information, - // see Amazon EBS local snapshots on Outposts (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/snapshots-outposts.html) - // in the Amazon Elastic Compute Cloud User Guide. + // see Amazon EBS local snapshots on Outposts (https://docs.aws.amazon.com/ebs/latest/userguide/snapshots-outposts.html) + // in the Amazon EBS User Guide. OutpostArn *string `locationName:"outpostArn" type:"string"` // Account id used when creating this snapshot. @@ -161674,6 +175509,9 @@ type SnapshotInfo struct { // Snapshot id that can be used to describe this snapshot. SnapshotId *string `locationName:"snapshotId" type:"string"` + // Reserved for future use. + SseType *string `locationName:"sseType" type:"string" enum:"SSEType"` + // Time this snapshot was started. This is the same for all snapshots initiated // by the same request. StartTime *time.Time `locationName:"startTime" type:"timestamp"` @@ -161745,6 +175583,12 @@ func (s *SnapshotInfo) SetSnapshotId(v string) *SnapshotInfo { return s } +// SetSseType sets the SseType field's value. +func (s *SnapshotInfo) SetSseType(v string) *SnapshotInfo { + s.SseType = &v + return s +} + // SetStartTime sets the StartTime field's value. func (s *SnapshotInfo) SetStartTime(v time.Time) *SnapshotInfo { s.StartTime = &v @@ -161876,7 +175720,11 @@ type SnapshotTaskDetail struct { StatusMessage *string `locationName:"statusMessage" type:"string"` // The URL of the disk image from which the snapshot is created. - Url *string `locationName:"url" type:"string"` + // + // Url is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by SnapshotTaskDetail's + // String and GoString methods. + Url *string `locationName:"url" type:"string" sensitive:"true"` // The Amazon S3 bucket for the disk image. UserBucket *UserBucketDetails `locationName:"userBucket" type:"structure"` @@ -162298,9 +176146,7 @@ type SpotFleetLaunchSpecification struct { // Resource Center and search for the kernel ID. RamdiskId *string `locationName:"ramdiskId" type:"string"` - // One or more security groups. When requesting instances in a VPC, you must - // specify the IDs of the security groups. When requesting instances in EC2-Classic, - // you can specify the names or the IDs of the security groups. + // The security groups. SecurityGroups []*GroupIdentifier `locationName:"groupSet" locationNameList:"item" type:"list"` // The maximum price per unit hour that you are willing to pay for a Spot Instance. @@ -162320,8 +176166,13 @@ type SpotFleetLaunchSpecification struct { // The tags to apply during creation. TagSpecifications []*SpotFleetTagSpecification `locationName:"tagSpecificationSet" locationNameList:"item" type:"list"` - // The Base64-encoded user data that instances use when starting up. - UserData *string `locationName:"userData" type:"string"` + // The base64-encoded user data that instances use when starting up. User data + // is limited to 16 KB. + // + // UserData is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by SpotFleetLaunchSpecification's + // String and GoString methods. + UserData *string `locationName:"userData" type:"string" sensitive:"true"` // The number of units provided by the specified instance type. These are the // same units that you chose to set the target capacity in terms of instances, @@ -162639,9 +176490,11 @@ type SpotFleetRequestConfigData struct { // Reserved. Context *string `locationName:"context" type:"string"` - // Indicates whether running Spot Instances should be terminated if you decrease + // Indicates whether running instances should be terminated if you decrease // the target capacity of the Spot Fleet request below the current size of the // Spot Fleet. + // + // Supported only for fleets of type maintain. ExcessCapacityTerminationPolicy *string `locationName:"excessCapacityTerminationPolicy" type:"string" enum:"ExcessCapacityTerminationPolicy"` // The number of units fulfilled by this request compared to the set target @@ -162681,6 +176534,10 @@ type SpotFleetRequestConfigData struct { // The launch specifications for the Spot Fleet request. If you specify LaunchSpecifications, // you can't specify LaunchTemplateConfigs. If you include On-Demand capacity // in your request, you must use LaunchTemplateConfigs. + // + // If an AMI specified in a launch specification is deregistered or disabled, + // no new instances can be launched from the AMI. For fleets of type maintain, + // the target capacity will not be maintained. LaunchSpecifications []*SpotFleetLaunchSpecification `locationName:"launchSpecifications" locationNameList:"item" type:"list"` // The launch template and overrides. If you specify LaunchTemplateConfigs, @@ -162717,6 +176574,14 @@ type SpotFleetRequestConfigData struct { // it reaches the maximum amount you're willing to pay. When the maximum amount // you're willing to pay is reached, the fleet stops launching instances even // if it hasn’t met the target capacity. + // + // If your fleet includes T instances that are configured as unlimited, and + // if their average CPU usage exceeds the baseline utilization, you will incur + // a charge for surplus credits. The onDemandMaxTotalPrice does not account + // for surplus credits, and, if you use surplus credits, your final cost might + // be higher than what you specified for onDemandMaxTotalPrice. For more information, + // see Surplus credits can incur charges (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances-unlimited-mode-concepts.html#unlimited-mode-surplus-credits) + // in the EC2 User Guide. OnDemandMaxTotalPrice *string `locationName:"onDemandMaxTotalPrice" type:"string"` // The number of On-Demand units to request. You can choose to set the target @@ -162734,13 +176599,21 @@ type SpotFleetRequestConfigData struct { SpotMaintenanceStrategies *SpotMaintenanceStrategies `locationName:"spotMaintenanceStrategies" type:"structure"` // The maximum amount per hour for Spot Instances that you're willing to pay. - // You can use the spotdMaxTotalPrice parameter, the onDemandMaxTotalPrice parameter, + // You can use the spotMaxTotalPrice parameter, the onDemandMaxTotalPrice parameter, // or both parameters to ensure that your fleet cost does not exceed your budget. // If you set a maximum price per hour for the On-Demand Instances and Spot // Instances in your request, Spot Fleet will launch instances until it reaches // the maximum amount you're willing to pay. When the maximum amount you're // willing to pay is reached, the fleet stops launching instances even if it // hasn’t met the target capacity. + // + // If your fleet includes T instances that are configured as unlimited, and + // if their average CPU usage exceeds the baseline utilization, you will incur + // a charge for surplus credits. The spotMaxTotalPrice does not account for + // surplus credits, and, if you use surplus credits, your final cost might be + // higher than what you specified for spotMaxTotalPrice. For more information, + // see Surplus credits can incur charges (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances-unlimited-mode-concepts.html#unlimited-mode-surplus-credits) + // in the EC2 User Guide. SpotMaxTotalPrice *string `locationName:"spotMaxTotalPrice" type:"string"` // The maximum price per unit hour that you are willing to pay for a Spot Instance. @@ -162759,7 +176632,7 @@ type SpotFleetRequestConfigData struct { // (valid only if you use LaunchTemplateConfigs) or in the SpotFleetTagSpecification // (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_SpotFleetTagSpecification.html) // (valid only if you use LaunchSpecifications). For information about tagging - // after launch, see Tagging Your Resources (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html#tag-resources). + // after launch, see Tag your resources (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html#tag-resources). TagSpecifications []*TagSpecification `locationName:"TagSpecification" locationNameList:"item" type:"list"` // The number of units to request for the Spot Fleet. You can choose to set @@ -162771,9 +176644,10 @@ type SpotFleetRequestConfigData struct { // TargetCapacity is a required field TargetCapacity *int64 `locationName:"targetCapacity" type:"integer" required:"true"` - // The unit for the target capacity. + // The unit for the target capacity. You can specify this parameter only when + // using attribute-based instance type selection. // - // Default: units (translates to number of instances) + // Default: units (the number of instances) TargetCapacityUnitType *string `locationName:"targetCapacityUnitType" type:"string" enum:"TargetCapacityUnitType"` // Indicates whether running Spot Instances are terminated when the Spot Fleet @@ -163404,7 +177278,18 @@ type SpotMarketOptions struct { // Deprecated. BlockDurationMinutes *int64 `type:"integer"` - // The behavior when a Spot Instance is interrupted. The default is terminate. + // The behavior when a Spot Instance is interrupted. + // + // If Configured (for HibernationOptions (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_HibernationOptionsRequest.html)) + // is set to true, the InstanceInterruptionBehavior parameter is automatically + // set to hibernate. If you set it to stop or terminate, you'll get an error. + // + // If Configured (for HibernationOptions (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_HibernationOptionsRequest.html)) + // is set to false or null, the InstanceInterruptionBehavior parameter is automatically + // set to terminate. You can also set it to stop or hibernate. + // + // For more information, see Interruption behavior (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/interruption-behavior.html) + // in the Amazon EC2 User Guide. InstanceInterruptionBehavior *string `type:"string" enum:"InstanceInterruptionBehavior"` // The maximum hourly price that you're willing to pay for a Spot Instance. @@ -163563,6 +177448,14 @@ type SpotOptions struct { // // If you specify a maximum price, your Spot Instances will be interrupted more // frequently than if you do not specify this parameter. + // + // If your fleet includes T instances that are configured as unlimited, and + // if their average CPU usage exceeds the baseline utilization, you will incur + // a charge for surplus credits. The maxTotalPrice does not account for surplus + // credits, and, if you use surplus credits, your final cost might be higher + // than what you specified for maxTotalPrice. For more information, see Surplus + // credits can incur charges (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances-unlimited-mode-concepts.html#unlimited-mode-surplus-credits) + // in the EC2 User Guide. MaxTotalPrice *string `locationName:"maxTotalPrice" type:"string"` // The minimum target capacity for Spot Instances in the fleet. If the minimum @@ -163735,6 +177628,14 @@ type SpotOptionsRequest struct { // // If you specify a maximum price, your Spot Instances will be interrupted more // frequently than if you do not specify this parameter. + // + // If your fleet includes T instances that are configured as unlimited, and + // if their average CPU usage exceeds the baseline utilization, you will incur + // a charge for surplus credits. The MaxTotalPrice does not account for surplus + // credits, and, if you use surplus credits, your final cost might be higher + // than what you specified for MaxTotalPrice. For more information, see Surplus + // credits can incur charges (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances-unlimited-mode-concepts.html#unlimited-mode-surplus-credits) + // in the EC2 User Guide. MaxTotalPrice *string `type:"string"` // The minimum target capacity for Spot Instances in the fleet. If the minimum @@ -164019,11 +177920,11 @@ func (s *SpotPrice) SetTimestamp(v time.Time) *SpotPrice { type StaleIpPermission struct { _ struct{} `type:"structure"` - // The start of the port range for the TCP and UDP protocols, or an ICMP type - // number. A value of -1 indicates all ICMP types. + // If the protocol is TCP or UDP, this is the start of the port range. If the + // protocol is ICMP or ICMPv6, this is the ICMP type or -1 (all ICMP types). FromPort *int64 `locationName:"fromPort" type:"integer"` - // The IP protocol name (for tcp, udp, and icmp) or number (see Protocol Numbers) + // The IP protocol name (tcp, udp, icmp, icmpv6) or number (see Protocol Numbers) // (http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml). IpProtocol *string `locationName:"ipProtocol" type:"string"` @@ -164033,8 +177934,8 @@ type StaleIpPermission struct { // The prefix list IDs. Not applicable for stale security group rules. PrefixListIds []*string `locationName:"prefixListIds" locationNameList:"item" type:"list"` - // The end of the port range for the TCP and UDP protocols, or an ICMP type - // number. A value of -1 indicates all ICMP types. + // If the protocol is TCP or UDP, this is the end of the port range. If the + // protocol is ICMP or ICMPv6, this is the ICMP code or -1 (all ICMP codes). ToPort *int64 `locationName:"toPort" type:"integer"` // The security group pairs. Returns the ID of the referenced security group @@ -164621,8 +178522,8 @@ type StateReason struct { // the Spot price exceeded available capacity or because of an increase in // the Spot price. // - // * Client.InstanceInitiatedShutdown: The instance was shut down using the - // shutdown -h command from the instance. + // * Client.InstanceInitiatedShutdown: The instance was shut down from the + // operating system of the instance. // // * Client.InstanceTerminated: The instance was terminated or rebooted during // AMI creation. @@ -164999,6 +178900,11 @@ type Subnet struct { // Indicates whether instances launched in this subnet receive a public IPv4 // address. + // + // Amazon Web Services charges for all public IPv4 addresses, including public + // IPv4 addresses associated with running instances and Elastic IP addresses. + // For more information, see the Public IPv4 Address tab on the Amazon VPC pricing + // page (http://aws.amazon.com/vpc/pricing/). MapPublicIpOnLaunch *bool `locationName:"mapPublicIpOnLaunch" type:"boolean"` // The Amazon Resource Name (ARN) of the Outpost. @@ -165339,6 +179245,68 @@ func (s *SubnetCidrReservation) SetTags(v []*Tag) *SubnetCidrReservation { return s } +// Describes the configuration of a subnet for a VPC endpoint. +type SubnetConfiguration struct { + _ struct{} `type:"structure"` + + // The IPv4 address to assign to the endpoint network interface in the subnet. + // You must provide an IPv4 address if the VPC endpoint supports IPv4. + // + // If you specify an IPv4 address when modifying a VPC endpoint, we replace + // the existing endpoint network interface with a new endpoint network interface + // with this IP address. This process temporarily disconnects the subnet and + // the VPC endpoint. + Ipv4 *string `type:"string"` + + // The IPv6 address to assign to the endpoint network interface in the subnet. + // You must provide an IPv6 address if the VPC endpoint supports IPv6. + // + // If you specify an IPv6 address when modifying a VPC endpoint, we replace + // the existing endpoint network interface with a new endpoint network interface + // with this IP address. This process temporarily disconnects the subnet and + // the VPC endpoint. + Ipv6 *string `type:"string"` + + // The ID of the subnet. + SubnetId *string `type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s SubnetConfiguration) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s SubnetConfiguration) GoString() string { + return s.String() +} + +// SetIpv4 sets the Ipv4 field's value. +func (s *SubnetConfiguration) SetIpv4(v string) *SubnetConfiguration { + s.Ipv4 = &v + return s +} + +// SetIpv6 sets the Ipv6 field's value. +func (s *SubnetConfiguration) SetIpv6(v string) *SubnetConfiguration { + s.Ipv6 = &v + return s +} + +// SetSubnetId sets the SubnetId field's value. +func (s *SubnetConfiguration) SetSubnetId(v string) *SubnetConfiguration { + s.SubnetId = &v + return s +} + // Describes an association between a subnet and an IPv6 CIDR block. type SubnetIpv6CidrBlockAssociation struct { _ struct{} `type:"structure"` @@ -165630,7 +179598,9 @@ func (s *TagDescription) SetValue(v string) *TagDescription { return s } -// The tags to apply to a resource when the resource is being created. +// The tags to apply to a resource when the resource is being created. When +// you specify a tag, you must specify the resource type to tag, otherwise the +// request will fail. // // The Valid Values lists all the resource types that can be tagged. However, // the action you're using might not support tagging all of these resource types. @@ -165694,7 +179664,7 @@ func (s *TagSpecification) SetTags(v []*Tag) *TagSpecification { type TargetCapacitySpecification struct { _ struct{} `type:"structure"` - // The default TotalTargetCapacity, which is either Spot or On-Demand. + // The default target capacity type. DefaultTargetCapacityType *string `locationName:"defaultTargetCapacityType" type:"string" enum:"DefaultTargetCapacityType"` // The number of On-Demand units to request. If you specify a target capacity @@ -165706,11 +179676,9 @@ type TargetCapacitySpecification struct { SpotTargetCapacity *int64 `locationName:"spotTargetCapacity" type:"integer"` // The unit for the target capacity. - // - // Default: units (translates to number of instances) TargetCapacityUnitType *string `locationName:"targetCapacityUnitType" type:"string" enum:"TargetCapacityUnitType"` - // The number of units to request, filled using DefaultTargetCapacityType. + // The number of units to request, filled the default target capacity type. TotalTargetCapacity *int64 `locationName:"totalTargetCapacity" type:"integer"` } @@ -165774,13 +179742,13 @@ func (s *TargetCapacitySpecification) SetTotalTargetCapacity(v int64) *TargetCap // On-Demand Instances and Spot Instances in your request, EC2 Fleet will launch // instances until it reaches the maximum amount that you're willing to pay. // When the maximum amount you're willing to pay is reached, the fleet stops -// launching instances even if it hasn’t met the target capacity. The MaxTotalPrice +// launching instances even if it hasn't met the target capacity. The MaxTotalPrice // parameters are located in OnDemandOptionsRequest (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_OnDemandOptionsRequest) // and SpotOptionsRequest (https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_SpotOptionsRequest). type TargetCapacitySpecificationRequest struct { _ struct{} `type:"structure"` - // The default TotalTargetCapacity, which is either Spot or On-Demand. + // The default target capacity type. DefaultTargetCapacityType *string `type:"string" enum:"DefaultTargetCapacityType"` // The number of On-Demand units to request. @@ -165789,12 +179757,14 @@ type TargetCapacitySpecificationRequest struct { // The number of Spot units to request. SpotTargetCapacity *int64 `type:"integer"` - // The unit for the target capacity. + // The unit for the target capacity. You can specify this parameter only when + // using attributed-based instance type selection. // - // Default: units (translates to number of instances) + // Default: units (the number of instances) TargetCapacityUnitType *string `type:"string" enum:"TargetCapacityUnitType"` - // The number of units to request, filled using DefaultTargetCapacityType. + // The number of units to request, filled using the default target capacity + // type. // // TotalTargetCapacity is a required field TotalTargetCapacity *int64 `type:"integer" required:"true"` @@ -168454,6 +182424,18 @@ type TransitGatewayOptions struct { // The ID of the default propagation route table. PropagationDefaultRouteTableId *string `locationName:"propagationDefaultRouteTableId" type:"string"` + // + // This parameter is in preview and may not be available for your account. + // + // Enables you to reference a security group across VPCs attached to a transit + // gateway. Use this option to simplify security group management and control + // of instance-to-instance traffic across VPCs that are connected by transit + // gateway. You can also use this option to migrate from VPC peering (which + // was the only option that supported security group referencing) to transit + // gateways (which now also support security group referencing). This option + // is disabled by default and there are no additional costs to use this feature. + SecurityGroupReferencingSupport *string `locationName:"securityGroupReferencingSupport" type:"string" enum:"SecurityGroupReferencingSupportValue"` + // The transit gateway CIDR blocks. TransitGatewayCidrBlocks []*string `locationName:"transitGatewayCidrBlocks" locationNameList:"item" type:"list"` @@ -168527,6 +182509,12 @@ func (s *TransitGatewayOptions) SetPropagationDefaultRouteTableId(v string) *Tra return s } +// SetSecurityGroupReferencingSupport sets the SecurityGroupReferencingSupport field's value. +func (s *TransitGatewayOptions) SetSecurityGroupReferencingSupport(v string) *TransitGatewayOptions { + s.SecurityGroupReferencingSupport = &v + return s +} + // SetTransitGatewayCidrBlocks sets the TransitGatewayCidrBlocks field's value. func (s *TransitGatewayOptions) SetTransitGatewayCidrBlocks(v []*string) *TransitGatewayOptions { s.TransitGatewayCidrBlocks = v @@ -169214,6 +183202,18 @@ type TransitGatewayRequestOptions struct { // Indicates whether multicast is enabled on the transit gateway MulticastSupport *string `type:"string" enum:"MulticastSupportValue"` + // + // This parameter is in preview and may not be available for your account. + // + // Enables you to reference a security group across VPCs attached to a transit + // gateway. Use this option to simplify security group management and control + // of instance-to-instance traffic across VPCs that are connected by transit + // gateway. You can also use this option to migrate from VPC peering (which + // was the only option that supported security group referencing) to transit + // gateways (which now also support security group referencing). This option + // is disabled by default and there are no additional costs to use this feature. + SecurityGroupReferencingSupport *string `type:"string" enum:"SecurityGroupReferencingSupportValue"` + // One or more IPv4 or IPv6 CIDR blocks for the transit gateway. Must be a size // /24 CIDR block or larger for IPv4, or a size /64 CIDR block or larger for // IPv6. @@ -169277,6 +183277,12 @@ func (s *TransitGatewayRequestOptions) SetMulticastSupport(v string) *TransitGat return s } +// SetSecurityGroupReferencingSupport sets the SecurityGroupReferencingSupport field's value. +func (s *TransitGatewayRequestOptions) SetSecurityGroupReferencingSupport(v string) *TransitGatewayRequestOptions { + s.SecurityGroupReferencingSupport = &v + return s +} + // SetTransitGatewayCidrBlocks sets the TransitGatewayCidrBlocks field's value. func (s *TransitGatewayRequestOptions) SetTransitGatewayCidrBlocks(v []*string) *TransitGatewayRequestOptions { s.TransitGatewayCidrBlocks = v @@ -169960,6 +183966,18 @@ type TransitGatewayVpcAttachmentOptions struct { // Indicates whether IPv6 support is disabled. Ipv6Support *string `locationName:"ipv6Support" type:"string" enum:"Ipv6SupportValue"` + + // + // This parameter is in preview and may not be available for your account. + // + // Enables you to reference a security group across VPCs attached to a transit + // gateway. Use this option to simplify security group management and control + // of instance-to-instance traffic across VPCs that are connected by transit + // gateway. You can also use this option to migrate from VPC peering (which + // was the only option that supported security group referencing) to transit + // gateways (which now also support security group referencing). This option + // is disabled by default and there are no additional costs to use this feature. + SecurityGroupReferencingSupport *string `locationName:"securityGroupReferencingSupport" type:"string" enum:"SecurityGroupReferencingSupportValue"` } // String returns the string representation. @@ -169998,9 +184016,12 @@ func (s *TransitGatewayVpcAttachmentOptions) SetIpv6Support(v string) *TransitGa return s } -// Currently available in limited preview only. If you are interested in using -// this feature, contact your account manager. -// +// SetSecurityGroupReferencingSupport sets the SecurityGroupReferencingSupport field's value. +func (s *TransitGatewayVpcAttachmentOptions) SetSecurityGroupReferencingSupport(v string) *TransitGatewayVpcAttachmentOptions { + s.SecurityGroupReferencingSupport = &v + return s +} + // Information about an association between a branch network interface with // a trunk network interface. type TrunkInterfaceAssociation struct { @@ -170098,6 +184119,9 @@ type TunnelOption struct { // The number of seconds after which a DPD timeout occurs. DpdTimeoutSeconds *int64 `locationName:"dpdTimeoutSeconds" type:"integer"` + // Status of tunnel endpoint lifecycle control feature. + EnableTunnelLifecycleControl *bool `locationName:"enableTunnelLifecycleControl" type:"boolean"` + // The IKE versions that are permitted for the VPN tunnel. IkeVersions []*IKEVersionsListValue `locationName:"ikeVersionSet" locationNameList:"item" type:"list"` @@ -170135,7 +184159,11 @@ type TunnelOption struct { // The pre-shared key (PSK) to establish initial authentication between the // virtual private gateway and the customer gateway. - PreSharedKey *string `locationName:"preSharedKey" type:"string"` + // + // PreSharedKey is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by TunnelOption's + // String and GoString methods. + PreSharedKey *string `locationName:"preSharedKey" type:"string" sensitive:"true"` // The percentage of the rekey window determined by RekeyMarginTimeSeconds during // which the rekey time is randomly selected. @@ -170189,6 +184217,12 @@ func (s *TunnelOption) SetDpdTimeoutSeconds(v int64) *TunnelOption { return s } +// SetEnableTunnelLifecycleControl sets the EnableTunnelLifecycleControl field's value. +func (s *TunnelOption) SetEnableTunnelLifecycleControl(v bool) *TunnelOption { + s.EnableTunnelLifecycleControl = &v + return s +} + // SetIkeVersions sets the IkeVersions field's value. func (s *TunnelOption) SetIkeVersions(v []*IKEVersionsListValue) *TunnelOption { s.IkeVersions = v @@ -170498,6 +184532,221 @@ func (s UnassignPrivateIpAddressesOutput) GoString() string { return s.String() } +type UnassignPrivateNatGatewayAddressInput struct { + _ struct{} `type:"structure"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The maximum amount of time to wait (in seconds) before forcibly releasing + // the IP addresses if connections are still in progress. Default value is 350 + // seconds. + MaxDrainDurationSeconds *int64 `min:"1" type:"integer"` + + // The ID of the NAT gateway. + // + // NatGatewayId is a required field + NatGatewayId *string `type:"string" required:"true"` + + // The private IPv4 addresses you want to unassign. + // + // PrivateIpAddresses is a required field + PrivateIpAddresses []*string `locationName:"PrivateIpAddress" locationNameList:"item" type:"list" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s UnassignPrivateNatGatewayAddressInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s UnassignPrivateNatGatewayAddressInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *UnassignPrivateNatGatewayAddressInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "UnassignPrivateNatGatewayAddressInput"} + if s.MaxDrainDurationSeconds != nil && *s.MaxDrainDurationSeconds < 1 { + invalidParams.Add(request.NewErrParamMinValue("MaxDrainDurationSeconds", 1)) + } + if s.NatGatewayId == nil { + invalidParams.Add(request.NewErrParamRequired("NatGatewayId")) + } + if s.PrivateIpAddresses == nil { + invalidParams.Add(request.NewErrParamRequired("PrivateIpAddresses")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDryRun sets the DryRun field's value. +func (s *UnassignPrivateNatGatewayAddressInput) SetDryRun(v bool) *UnassignPrivateNatGatewayAddressInput { + s.DryRun = &v + return s +} + +// SetMaxDrainDurationSeconds sets the MaxDrainDurationSeconds field's value. +func (s *UnassignPrivateNatGatewayAddressInput) SetMaxDrainDurationSeconds(v int64) *UnassignPrivateNatGatewayAddressInput { + s.MaxDrainDurationSeconds = &v + return s +} + +// SetNatGatewayId sets the NatGatewayId field's value. +func (s *UnassignPrivateNatGatewayAddressInput) SetNatGatewayId(v string) *UnassignPrivateNatGatewayAddressInput { + s.NatGatewayId = &v + return s +} + +// SetPrivateIpAddresses sets the PrivateIpAddresses field's value. +func (s *UnassignPrivateNatGatewayAddressInput) SetPrivateIpAddresses(v []*string) *UnassignPrivateNatGatewayAddressInput { + s.PrivateIpAddresses = v + return s +} + +type UnassignPrivateNatGatewayAddressOutput struct { + _ struct{} `type:"structure"` + + // Information about the NAT gateway IP addresses. + NatGatewayAddresses []*NatGatewayAddress `locationName:"natGatewayAddressSet" locationNameList:"item" type:"list"` + + // The ID of the NAT gateway. + NatGatewayId *string `locationName:"natGatewayId" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s UnassignPrivateNatGatewayAddressOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s UnassignPrivateNatGatewayAddressOutput) GoString() string { + return s.String() +} + +// SetNatGatewayAddresses sets the NatGatewayAddresses field's value. +func (s *UnassignPrivateNatGatewayAddressOutput) SetNatGatewayAddresses(v []*NatGatewayAddress) *UnassignPrivateNatGatewayAddressOutput { + s.NatGatewayAddresses = v + return s +} + +// SetNatGatewayId sets the NatGatewayId field's value. +func (s *UnassignPrivateNatGatewayAddressOutput) SetNatGatewayId(v string) *UnassignPrivateNatGatewayAddressOutput { + s.NatGatewayId = &v + return s +} + +type UnlockSnapshotInput struct { + _ struct{} `type:"structure"` + + // Checks whether you have the required permissions for the action, without + // actually making the request, and provides an error response. If you have + // the required permissions, the error response is DryRunOperation. Otherwise, + // it is UnauthorizedOperation. + DryRun *bool `type:"boolean"` + + // The ID of the snapshot to unlock. + // + // SnapshotId is a required field + SnapshotId *string `type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s UnlockSnapshotInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s UnlockSnapshotInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *UnlockSnapshotInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "UnlockSnapshotInput"} + if s.SnapshotId == nil { + invalidParams.Add(request.NewErrParamRequired("SnapshotId")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetDryRun sets the DryRun field's value. +func (s *UnlockSnapshotInput) SetDryRun(v bool) *UnlockSnapshotInput { + s.DryRun = &v + return s +} + +// SetSnapshotId sets the SnapshotId field's value. +func (s *UnlockSnapshotInput) SetSnapshotId(v string) *UnlockSnapshotInput { + s.SnapshotId = &v + return s +} + +type UnlockSnapshotOutput struct { + _ struct{} `type:"structure"` + + // The ID of the snapshot. + SnapshotId *string `locationName:"snapshotId" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s UnlockSnapshotOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s UnlockSnapshotOutput) GoString() string { + return s.String() +} + +// SetSnapshotId sets the SnapshotId field's value. +func (s *UnlockSnapshotOutput) SetSnapshotId(v string) *UnlockSnapshotOutput { + s.SnapshotId = &v + return s +} + type UnmonitorInstancesInput struct { _ struct{} `type:"structure"` @@ -170770,7 +185019,7 @@ type UpdateSecurityGroupRuleDescriptionsEgressInput struct { GroupId *string `type:"string"` // [Default VPC] The name of the security group. You must specify either the - // security group ID or the security group name in the request. + // security group ID or the security group name. GroupName *string `type:"string"` // The IP permissions for the security group rule. You must specify either the @@ -170875,18 +185124,17 @@ type UpdateSecurityGroupRuleDescriptionsIngressInput struct { // VPC, you must specify the security group ID. GroupId *string `type:"string"` - // [EC2-Classic, default VPC] The name of the security group. You must specify - // either the security group ID or the security group name in the request. For - // security groups in a nondefault VPC, you must specify the security group - // ID. + // [Default VPC] The name of the security group. You must specify either the + // security group ID or the security group name. For security groups in a nondefault + // VPC, you must specify the security group ID. GroupName *string `type:"string"` // The IP permissions for the security group rule. You must specify either IP // permissions or a description. IpPermissions []*IpPermission `locationNameList:"item" type:"list"` - // [VPC only] The description for the ingress security group rules. You must - // specify either a description or IP permissions. + // The description for the ingress security group rules. You must specify either + // a description or IP permissions. SecurityGroupRuleDescriptions []*SecurityGroupRuleDescription `locationName:"SecurityGroupRuleDescription" locationNameList:"item" type:"list"` } @@ -171086,10 +185334,6 @@ func (s *UserData) SetData(v string) *UserData { } // Describes a security group and Amazon Web Services account ID pair. -// -// We are retiring EC2-Classic. We recommend that you migrate from EC2-Classic -// to a VPC. For more information, see Migrate from EC2-Classic to a VPC (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-migrate.html) -// in the Amazon Elastic Compute Cloud User Guide. type UserIdGroupPair struct { _ struct{} `type:"structure"` @@ -171103,8 +185347,7 @@ type UserIdGroupPair struct { // The ID of the security group. GroupId *string `locationName:"groupId" type:"string"` - // The name of the security group. In a request, use this parameter for a security - // group in EC2-Classic or a default VPC only. For a security group in a nondefault + // [Default VPC] The name of the security group. For a security group in a nondefault // VPC, use the security group ID. // // For a referenced security group in another VPC, this value is not returned @@ -171119,9 +185362,6 @@ type UserIdGroupPair struct { // For a referenced security group in another VPC, the account ID of the referenced // security group is returned in the response. If the referenced security group // is deleted, this value is not returned. - // - // [EC2-Classic] Required when adding or removing rules that reference a security - // group in another Amazon Web Services account. UserId *string `locationName:"userId" type:"string"` // The ID of the VPC for the referenced security group, if applicable. @@ -171489,6 +185729,9 @@ type VerifiedAccessEndpoint struct { // The IDs of the security groups for the endpoint. SecurityGroupIds []*string `locationName:"securityGroupIdSet" locationNameList:"item" type:"list"` + // The options in use for server side encryption. + SseSpecification *VerifiedAccessSseSpecificationResponse `locationName:"sseSpecification" type:"structure"` + // The endpoint status. Status *VerifiedAccessEndpointStatus `locationName:"status" type:"structure"` @@ -171601,6 +185844,12 @@ func (s *VerifiedAccessEndpoint) SetSecurityGroupIds(v []*string) *VerifiedAcces return s } +// SetSseSpecification sets the SseSpecification field's value. +func (s *VerifiedAccessEndpoint) SetSseSpecification(v *VerifiedAccessSseSpecificationResponse) *VerifiedAccessEndpoint { + s.SseSpecification = v + return s +} + // SetStatus sets the Status field's value. func (s *VerifiedAccessEndpoint) SetStatus(v *VerifiedAccessEndpointStatus) *VerifiedAccessEndpoint { s.Status = v @@ -171801,6 +186050,9 @@ type VerifiedAccessGroup struct { // The Amazon Web Services account number that owns the group. Owner *string `locationName:"owner" type:"string"` + // The options in use for server side encryption. + SseSpecification *VerifiedAccessSseSpecificationResponse `locationName:"sseSpecification" type:"structure"` + // The tags. Tags []*Tag `locationName:"tagSet" locationNameList:"item" type:"list"` @@ -171862,6 +186114,12 @@ func (s *VerifiedAccessGroup) SetOwner(v string) *VerifiedAccessGroup { return s } +// SetSseSpecification sets the SseSpecification field's value. +func (s *VerifiedAccessGroup) SetSseSpecification(v *VerifiedAccessSseSpecificationResponse) *VerifiedAccessGroup { + s.SseSpecification = v + return s +} + // SetTags sets the Tags field's value. func (s *VerifiedAccessGroup) SetTags(v []*Tag) *VerifiedAccessGroup { s.Tags = v @@ -171896,6 +186154,10 @@ type VerifiedAccessInstance struct { // A description for the Amazon Web Services Verified Access instance. Description *string `locationName:"description" type:"string"` + // Indicates whether support for Federal Information Processing Standards (FIPS) + // is enabled on the instance. + FipsEnabled *bool `locationName:"fipsEnabled" type:"boolean"` + // The last updated time. LastUpdatedTime *string `locationName:"lastUpdatedTime" type:"string"` @@ -171939,6 +186201,12 @@ func (s *VerifiedAccessInstance) SetDescription(v string) *VerifiedAccessInstanc return s } +// SetFipsEnabled sets the FipsEnabled field's value. +func (s *VerifiedAccessInstance) SetFipsEnabled(v bool) *VerifiedAccessInstance { + s.FipsEnabled = &v + return s +} + // SetLastUpdatedTime sets the LastUpdatedTime field's value. func (s *VerifiedAccessInstance) SetLastUpdatedTime(v string) *VerifiedAccessInstance { s.LastUpdatedTime = &v @@ -172257,16 +186525,24 @@ func (s *VerifiedAccessLogKinesisDataFirehoseDestinationOptions) SetEnabled(v bo return s } -// Describes the destinations for Verified Access logs. +// Options for Verified Access logs. type VerifiedAccessLogOptions struct { _ struct{} `type:"structure"` // Sends Verified Access logs to CloudWatch Logs. CloudWatchLogs *VerifiedAccessLogCloudWatchLogsDestinationOptions `type:"structure"` + // Indicates whether to include trust data sent by trust providers in the logs. + IncludeTrustContext *bool `type:"boolean"` + // Sends Verified Access logs to Kinesis. KinesisDataFirehose *VerifiedAccessLogKinesisDataFirehoseDestinationOptions `type:"structure"` + // The logging version. + // + // Valid values: ocsf-0.1 | ocsf-1.0.0-rc.2 + LogVersion *string `type:"string"` + // Sends Verified Access logs to Amazon S3. S3 *VerifiedAccessLogS3DestinationOptions `type:"structure"` } @@ -172320,12 +186596,24 @@ func (s *VerifiedAccessLogOptions) SetCloudWatchLogs(v *VerifiedAccessLogCloudWa return s } +// SetIncludeTrustContext sets the IncludeTrustContext field's value. +func (s *VerifiedAccessLogOptions) SetIncludeTrustContext(v bool) *VerifiedAccessLogOptions { + s.IncludeTrustContext = &v + return s +} + // SetKinesisDataFirehose sets the KinesisDataFirehose field's value. func (s *VerifiedAccessLogOptions) SetKinesisDataFirehose(v *VerifiedAccessLogKinesisDataFirehoseDestinationOptions) *VerifiedAccessLogOptions { s.KinesisDataFirehose = v return s } +// SetLogVersion sets the LogVersion field's value. +func (s *VerifiedAccessLogOptions) SetLogVersion(v string) *VerifiedAccessLogOptions { + s.LogVersion = &v + return s +} + // SetS3 sets the S3 field's value. func (s *VerifiedAccessLogOptions) SetS3(v *VerifiedAccessLogS3DestinationOptions) *VerifiedAccessLogOptions { s.S3 = v @@ -172474,16 +186762,22 @@ func (s *VerifiedAccessLogS3DestinationOptions) SetPrefix(v string) *VerifiedAcc return s } -// Describes the destinations for Verified Access logs. +// Describes the options for Verified Access logs. type VerifiedAccessLogs struct { _ struct{} `type:"structure"` // CloudWatch Logs logging destination. CloudWatchLogs *VerifiedAccessLogCloudWatchLogsDestination `locationName:"cloudWatchLogs" type:"structure"` + // Indicates whether trust data is included in the logs. + IncludeTrustContext *bool `locationName:"includeTrustContext" type:"boolean"` + // Kinesis logging destination. KinesisDataFirehose *VerifiedAccessLogKinesisDataFirehoseDestination `locationName:"kinesisDataFirehose" type:"structure"` + // The log version. + LogVersion *string `locationName:"logVersion" type:"string"` + // Amazon S3 logging options. S3 *VerifiedAccessLogS3Destination `locationName:"s3" type:"structure"` } @@ -172512,18 +186806,118 @@ func (s *VerifiedAccessLogs) SetCloudWatchLogs(v *VerifiedAccessLogCloudWatchLog return s } +// SetIncludeTrustContext sets the IncludeTrustContext field's value. +func (s *VerifiedAccessLogs) SetIncludeTrustContext(v bool) *VerifiedAccessLogs { + s.IncludeTrustContext = &v + return s +} + // SetKinesisDataFirehose sets the KinesisDataFirehose field's value. func (s *VerifiedAccessLogs) SetKinesisDataFirehose(v *VerifiedAccessLogKinesisDataFirehoseDestination) *VerifiedAccessLogs { s.KinesisDataFirehose = v return s } +// SetLogVersion sets the LogVersion field's value. +func (s *VerifiedAccessLogs) SetLogVersion(v string) *VerifiedAccessLogs { + s.LogVersion = &v + return s +} + // SetS3 sets the S3 field's value. func (s *VerifiedAccessLogs) SetS3(v *VerifiedAccessLogS3Destination) *VerifiedAccessLogs { s.S3 = v return s } +// Verified Access provides server side encryption by default to data at rest +// using Amazon Web Services-owned KMS keys. You also have the option of using +// customer managed KMS keys, which can be specified using the options below. +type VerifiedAccessSseSpecificationRequest struct { + _ struct{} `type:"structure"` + + // Enable or disable the use of customer managed KMS keys for server side encryption. + // + // Valid values: True | False + CustomerManagedKeyEnabled *bool `type:"boolean"` + + // The ARN of the KMS key. + KmsKeyArn *string `type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s VerifiedAccessSseSpecificationRequest) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s VerifiedAccessSseSpecificationRequest) GoString() string { + return s.String() +} + +// SetCustomerManagedKeyEnabled sets the CustomerManagedKeyEnabled field's value. +func (s *VerifiedAccessSseSpecificationRequest) SetCustomerManagedKeyEnabled(v bool) *VerifiedAccessSseSpecificationRequest { + s.CustomerManagedKeyEnabled = &v + return s +} + +// SetKmsKeyArn sets the KmsKeyArn field's value. +func (s *VerifiedAccessSseSpecificationRequest) SetKmsKeyArn(v string) *VerifiedAccessSseSpecificationRequest { + s.KmsKeyArn = &v + return s +} + +// The options in use for server side encryption. +type VerifiedAccessSseSpecificationResponse struct { + _ struct{} `type:"structure"` + + // Indicates whether customer managed KMS keys are in use for server side encryption. + // + // Valid values: True | False + CustomerManagedKeyEnabled *bool `locationName:"customerManagedKeyEnabled" type:"boolean"` + + // The ARN of the KMS key. + KmsKeyArn *string `locationName:"kmsKeyArn" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s VerifiedAccessSseSpecificationResponse) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s VerifiedAccessSseSpecificationResponse) GoString() string { + return s.String() +} + +// SetCustomerManagedKeyEnabled sets the CustomerManagedKeyEnabled field's value. +func (s *VerifiedAccessSseSpecificationResponse) SetCustomerManagedKeyEnabled(v bool) *VerifiedAccessSseSpecificationResponse { + s.CustomerManagedKeyEnabled = &v + return s +} + +// SetKmsKeyArn sets the KmsKeyArn field's value. +func (s *VerifiedAccessSseSpecificationResponse) SetKmsKeyArn(v string) *VerifiedAccessSseSpecificationResponse { + s.KmsKeyArn = &v + return s +} + // Describes a Verified Access trust provider. type VerifiedAccessTrustProvider struct { _ struct{} `type:"structure"` @@ -172534,7 +186928,7 @@ type VerifiedAccessTrustProvider struct { // A description for the Amazon Web Services Verified Access trust provider. Description *string `locationName:"description" type:"string"` - // The options for device-identity type trust provider. + // The options for device-identity trust provider. DeviceOptions *DeviceOptions `locationName:"deviceOptions" type:"structure"` // The type of device-based trust provider. @@ -172543,12 +186937,15 @@ type VerifiedAccessTrustProvider struct { // The last updated time. LastUpdatedTime *string `locationName:"lastUpdatedTime" type:"string"` - // The OpenID Connect details for an oidc-type, user-identity based trust provider. + // The options for an OpenID Connect-compatible user-identity trust provider. OidcOptions *OidcOptions `locationName:"oidcOptions" type:"structure"` // The identifier to be used when working with policy rules. PolicyReferenceName *string `locationName:"policyReferenceName" type:"string"` + // The options in use for server side encryption. + SseSpecification *VerifiedAccessSseSpecificationResponse `locationName:"sseSpecification" type:"structure"` + // The tags. Tags []*Tag `locationName:"tagSet" locationNameList:"item" type:"list"` @@ -172622,6 +187019,12 @@ func (s *VerifiedAccessTrustProvider) SetPolicyReferenceName(v string) *Verified return s } +// SetSseSpecification sets the SseSpecification field's value. +func (s *VerifiedAccessTrustProvider) SetSseSpecification(v *VerifiedAccessSseSpecificationResponse) *VerifiedAccessTrustProvider { + s.SseSpecification = v + return s +} + // SetTags sets the Tags field's value. func (s *VerifiedAccessTrustProvider) SetTags(v []*Tag) *VerifiedAccessTrustProvider { s.Tags = v @@ -172724,7 +187127,8 @@ type VgwTelemetry struct { // The Amazon Resource Name (ARN) of the VPN tunnel endpoint certificate. CertificateArn *string `locationName:"certificateArn" type:"string"` - // The date and time of the last change in status. + // The date and time of the last change in status. This field is updated when + // changes in IKE (Phase 1), IPSec (Phase 2), or BGP status are detected. LastStatusChange *time.Time `locationName:"lastStatusChange" type:"timestamp"` // The Internet-routable IP address of the virtual private gateway's outside @@ -172833,6 +187237,9 @@ type Volume struct { // The snapshot from which the volume was created, if applicable. SnapshotId *string `locationName:"snapshotId" type:"string"` + // Reserved for future use. + SseType *string `locationName:"sseType" type:"string" enum:"SSEType"` + // The volume state. State *string `locationName:"status" type:"string" enum:"VolumeState"` @@ -172933,6 +187340,12 @@ func (s *Volume) SetSnapshotId(v string) *Volume { return s } +// SetSseType sets the SseType field's value. +func (s *Volume) SetSseType(v string) *Volume { + s.SseType = &v + return s +} + // SetState sets the State field's value. func (s *Volume) SetState(v string) *Volume { s.State = &v @@ -172967,6 +187380,9 @@ func (s *Volume) SetVolumeType(v string) *Volume { type VolumeAttachment struct { _ struct{} `type:"structure"` + // The ARN of the Amazon ECS or Fargate task to which the volume is attached. + AssociatedResource *string `locationName:"associatedResource" type:"string"` + // The time stamp when the attachment initiated. AttachTime *time.Time `locationName:"attachTime" type:"timestamp"` @@ -172974,11 +187390,22 @@ type VolumeAttachment struct { DeleteOnTermination *bool `locationName:"deleteOnTermination" type:"boolean"` // The device name. + // + // If the volume is attached to a Fargate task, this parameter returns null. Device *string `locationName:"device" type:"string"` // The ID of the instance. + // + // If the volume is attached to a Fargate task, this parameter returns null. InstanceId *string `locationName:"instanceId" type:"string"` + // The service principal of Amazon Web Services service that owns the underlying + // instance to which the volume is attached. + // + // This parameter is returned only for volumes that are attached to Fargate + // tasks. + InstanceOwningService *string `locationName:"instanceOwningService" type:"string"` + // The attachment state of the volume. State *string `locationName:"status" type:"string" enum:"VolumeAttachmentState"` @@ -173004,6 +187431,12 @@ func (s VolumeAttachment) GoString() string { return s.String() } +// SetAssociatedResource sets the AssociatedResource field's value. +func (s *VolumeAttachment) SetAssociatedResource(v string) *VolumeAttachment { + s.AssociatedResource = &v + return s +} + // SetAttachTime sets the AttachTime field's value. func (s *VolumeAttachment) SetAttachTime(v time.Time) *VolumeAttachment { s.AttachTime = &v @@ -173028,6 +187461,12 @@ func (s *VolumeAttachment) SetInstanceId(v string) *VolumeAttachment { return s } +// SetInstanceOwningService sets the InstanceOwningService field's value. +func (s *VolumeAttachment) SetInstanceOwningService(v string) *VolumeAttachment { + s.InstanceOwningService = &v + return s +} + // SetState sets the State field's value. func (s *VolumeAttachment) SetState(v string) *VolumeAttachment { s.State = &v @@ -173847,9 +188286,7 @@ func (s *VpcCidrBlockState) SetStatusMessage(v string) *VpcCidrBlockState { return s } -// We are retiring EC2-Classic. We recommend that you migrate from EC2-Classic -// to a VPC. For more information, see Migrate from EC2-Classic to a VPC (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-migrate.html) -// in the Amazon Elastic Compute Cloud User Guide. +// Deprecated. // // Describes whether a VPC is enabled for ClassicLink. type VpcClassicLink struct { @@ -173924,7 +188361,7 @@ type VpcEndpoint struct { // The last error that occurred for endpoint. LastError *LastError `locationName:"lastError" type:"structure"` - // (Interface endpoint) One or more network interfaces for the endpoint. + // (Interface endpoint) The network interfaces for the endpoint. NetworkInterfaceIds []*string `locationName:"networkInterfaceIdSet" locationNameList:"item" type:"list"` // The ID of the Amazon Web Services account that owns the endpoint. @@ -173940,7 +188377,7 @@ type VpcEndpoint struct { // Indicates whether the endpoint is being managed by its service. RequesterManaged *bool `locationName:"requesterManaged" type:"boolean"` - // (Gateway endpoint) One or more route tables associated with the endpoint. + // (Gateway endpoint) The IDs of the route tables associated with the endpoint. RouteTableIds []*string `locationName:"routeTableIdSet" locationNameList:"item" type:"list"` // The name of the service to which the endpoint is associated. @@ -173952,7 +188389,7 @@ type VpcEndpoint struct { // (Interface endpoint) The subnets for the endpoint. SubnetIds []*string `locationName:"subnetIdSet" locationNameList:"item" type:"list"` - // Any tags assigned to the endpoint. + // The tags assigned to the endpoint. Tags []*Tag `locationName:"tagSet" locationNameList:"item" type:"list"` // The ID of the endpoint. @@ -174368,10 +188805,6 @@ func (s *VpcPeeringConnection) SetVpcPeeringConnectionId(v string) *VpcPeeringCo return s } -// We are retiring EC2-Classic. We recommend that you migrate from EC2-Classic -// to a VPC. For more information, see Migrate from EC2-Classic to a VPC (https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/vpc-migrate.html) -// in the Amazon Elastic Compute Cloud User Guide. -// // Describes the VPC peering connection options. type VpcPeeringConnectionOptionsDescription struct { _ struct{} `type:"structure"` @@ -174380,12 +188813,10 @@ type VpcPeeringConnectionOptionsDescription struct { // IP addresses when queried from instances in a peer VPC. AllowDnsResolutionFromRemoteVpc *bool `locationName:"allowDnsResolutionFromRemoteVpc" type:"boolean"` - // Indicates whether a local ClassicLink connection can communicate with the - // peer VPC over the VPC peering connection. + // Deprecated. AllowEgressFromLocalClassicLinkToRemoteVpc *bool `locationName:"allowEgressFromLocalClassicLinkToRemoteVpc" type:"boolean"` - // Indicates whether a local VPC can communicate with a ClassicLink connection - // in the peer VPC over the VPC peering connection. + // Deprecated. AllowEgressFromLocalVpcToRemoteClassicLink *bool `locationName:"allowEgressFromLocalVpcToRemoteClassicLink" type:"boolean"` } @@ -174572,7 +189003,11 @@ type VpnConnection struct { // the native XML format). This element is always present in the CreateVpnConnection // response; however, it's present in the DescribeVpnConnections response only // if the VPN connection is in the pending or available state. - CustomerGatewayConfiguration *string `locationName:"customerGatewayConfiguration" type:"string"` + // + // CustomerGatewayConfiguration is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by VpnConnection's + // String and GoString methods. + CustomerGatewayConfiguration *string `locationName:"customerGatewayConfiguration" type:"string" sensitive:"true"` // The ID of the customer gateway at your end of the VPN connection. CustomerGatewayId *string `locationName:"customerGatewayId" type:"string"` @@ -175254,6 +189689,9 @@ type VpnTunnelOptionsSpecification struct { // Default: 30 DPDTimeoutSeconds *int64 `type:"integer"` + // Turn on or off tunnel endpoint lifecycle control feature. + EnableTunnelLifecycleControl *bool `type:"boolean"` + // The IKE versions that are permitted for the VPN tunnel. // // Valid values: ikev1 | ikev2 @@ -175319,7 +189757,11 @@ type VpnTunnelOptionsSpecification struct { // Constraints: Allowed characters are alphanumeric characters, periods (.), // and underscores (_). Must be between 8 and 64 characters in length and cannot // start with zero (0). - PreSharedKey *string `type:"string"` + // + // PreSharedKey is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by VpnTunnelOptionsSpecification's + // String and GoString methods. + PreSharedKey *string `type:"string" sensitive:"true"` // The percentage of the rekey window (determined by RekeyMarginTimeSeconds) // during which the rekey time is randomly selected. @@ -175336,7 +189778,7 @@ type VpnTunnelOptionsSpecification struct { // // Constraints: A value between 60 and half of Phase2LifetimeSeconds. // - // Default: 540 + // Default: 270 RekeyMarginTimeSeconds *int64 `type:"integer"` // The number of packets in an IKE replay window. @@ -175415,6 +189857,12 @@ func (s *VpnTunnelOptionsSpecification) SetDPDTimeoutSeconds(v int64) *VpnTunnel return s } +// SetEnableTunnelLifecycleControl sets the EnableTunnelLifecycleControl field's value. +func (s *VpnTunnelOptionsSpecification) SetEnableTunnelLifecycleControl(v bool) *VpnTunnelOptionsSpecification { + s.EnableTunnelLifecycleControl = &v + return s +} + // SetIKEVersions sets the IKEVersions field's value. func (s *VpnTunnelOptionsSpecification) SetIKEVersions(v []*IKEVersionsRequestListValue) *VpnTunnelOptionsSpecification { s.IKEVersions = v @@ -175607,26 +190055,30 @@ func (s *WithdrawByoipCidrOutput) SetByoipCidr(v *ByoipCidr) *WithdrawByoipCidrO } const ( - // AcceleratorManufacturerNvidia is a AcceleratorManufacturer enum value - AcceleratorManufacturerNvidia = "nvidia" + // AcceleratorManufacturerAmazonWebServices is a AcceleratorManufacturer enum value + AcceleratorManufacturerAmazonWebServices = "amazon-web-services" // AcceleratorManufacturerAmd is a AcceleratorManufacturer enum value AcceleratorManufacturerAmd = "amd" - // AcceleratorManufacturerAmazonWebServices is a AcceleratorManufacturer enum value - AcceleratorManufacturerAmazonWebServices = "amazon-web-services" + // AcceleratorManufacturerNvidia is a AcceleratorManufacturer enum value + AcceleratorManufacturerNvidia = "nvidia" // AcceleratorManufacturerXilinx is a AcceleratorManufacturer enum value AcceleratorManufacturerXilinx = "xilinx" + + // AcceleratorManufacturerHabana is a AcceleratorManufacturer enum value + AcceleratorManufacturerHabana = "habana" ) // AcceleratorManufacturer_Values returns all elements of the AcceleratorManufacturer enum func AcceleratorManufacturer_Values() []string { return []string{ - AcceleratorManufacturerNvidia, - AcceleratorManufacturerAmd, AcceleratorManufacturerAmazonWebServices, + AcceleratorManufacturerAmd, + AcceleratorManufacturerNvidia, AcceleratorManufacturerXilinx, + AcceleratorManufacturerHabana, } } @@ -175634,43 +190086,55 @@ const ( // AcceleratorNameA100 is a AcceleratorName enum value AcceleratorNameA100 = "a100" - // AcceleratorNameV100 is a AcceleratorName enum value - AcceleratorNameV100 = "v100" + // AcceleratorNameInferentia is a AcceleratorName enum value + AcceleratorNameInferentia = "inferentia" + + // AcceleratorNameK520 is a AcceleratorName enum value + AcceleratorNameK520 = "k520" // AcceleratorNameK80 is a AcceleratorName enum value AcceleratorNameK80 = "k80" - // AcceleratorNameT4 is a AcceleratorName enum value - AcceleratorNameT4 = "t4" - // AcceleratorNameM60 is a AcceleratorName enum value AcceleratorNameM60 = "m60" // AcceleratorNameRadeonProV520 is a AcceleratorName enum value AcceleratorNameRadeonProV520 = "radeon-pro-v520" + // AcceleratorNameT4 is a AcceleratorName enum value + AcceleratorNameT4 = "t4" + // AcceleratorNameVu9p is a AcceleratorName enum value AcceleratorNameVu9p = "vu9p" - // AcceleratorNameInferentia is a AcceleratorName enum value - AcceleratorNameInferentia = "inferentia" + // AcceleratorNameV100 is a AcceleratorName enum value + AcceleratorNameV100 = "v100" - // AcceleratorNameK520 is a AcceleratorName enum value - AcceleratorNameK520 = "k520" + // AcceleratorNameA10g is a AcceleratorName enum value + AcceleratorNameA10g = "a10g" + + // AcceleratorNameH100 is a AcceleratorName enum value + AcceleratorNameH100 = "h100" + + // AcceleratorNameT4g is a AcceleratorName enum value + AcceleratorNameT4g = "t4g" ) // AcceleratorName_Values returns all elements of the AcceleratorName enum func AcceleratorName_Values() []string { return []string{ AcceleratorNameA100, - AcceleratorNameV100, + AcceleratorNameInferentia, + AcceleratorNameK520, AcceleratorNameK80, - AcceleratorNameT4, AcceleratorNameM60, AcceleratorNameRadeonProV520, + AcceleratorNameT4, AcceleratorNameVu9p, - AcceleratorNameInferentia, - AcceleratorNameK520, + AcceleratorNameV100, + AcceleratorNameA10g, + AcceleratorNameH100, + AcceleratorNameT4g, } } @@ -175886,6 +190350,22 @@ func AllowsMultipleInstanceTypes_Values() []string { } } +const ( + // AmdSevSnpSpecificationEnabled is a AmdSevSnpSpecification enum value + AmdSevSnpSpecificationEnabled = "enabled" + + // AmdSevSnpSpecificationDisabled is a AmdSevSnpSpecification enum value + AmdSevSnpSpecificationDisabled = "disabled" +) + +// AmdSevSnpSpecification_Values returns all elements of the AmdSevSnpSpecification enum +func AmdSevSnpSpecification_Values() []string { + return []string{ + AmdSevSnpSpecificationEnabled, + AmdSevSnpSpecificationDisabled, + } +} + const ( // AnalysisStatusRunning is a AnalysisStatus enum value AnalysisStatusRunning = "running" @@ -175978,6 +190458,70 @@ func ArchitectureValues_Values() []string { } } +const ( + // AsnAssociationStateDisassociated is a AsnAssociationState enum value + AsnAssociationStateDisassociated = "disassociated" + + // AsnAssociationStateFailedDisassociation is a AsnAssociationState enum value + AsnAssociationStateFailedDisassociation = "failed-disassociation" + + // AsnAssociationStateFailedAssociation is a AsnAssociationState enum value + AsnAssociationStateFailedAssociation = "failed-association" + + // AsnAssociationStatePendingDisassociation is a AsnAssociationState enum value + AsnAssociationStatePendingDisassociation = "pending-disassociation" + + // AsnAssociationStatePendingAssociation is a AsnAssociationState enum value + AsnAssociationStatePendingAssociation = "pending-association" + + // AsnAssociationStateAssociated is a AsnAssociationState enum value + AsnAssociationStateAssociated = "associated" +) + +// AsnAssociationState_Values returns all elements of the AsnAssociationState enum +func AsnAssociationState_Values() []string { + return []string{ + AsnAssociationStateDisassociated, + AsnAssociationStateFailedDisassociation, + AsnAssociationStateFailedAssociation, + AsnAssociationStatePendingDisassociation, + AsnAssociationStatePendingAssociation, + AsnAssociationStateAssociated, + } +} + +const ( + // AsnStateDeprovisioned is a AsnState enum value + AsnStateDeprovisioned = "deprovisioned" + + // AsnStateFailedDeprovision is a AsnState enum value + AsnStateFailedDeprovision = "failed-deprovision" + + // AsnStateFailedProvision is a AsnState enum value + AsnStateFailedProvision = "failed-provision" + + // AsnStatePendingDeprovision is a AsnState enum value + AsnStatePendingDeprovision = "pending-deprovision" + + // AsnStatePendingProvision is a AsnState enum value + AsnStatePendingProvision = "pending-provision" + + // AsnStateProvisioned is a AsnState enum value + AsnStateProvisioned = "provisioned" +) + +// AsnState_Values returns all elements of the AsnState enum +func AsnState_Values() []string { + return []string{ + AsnStateDeprovisioned, + AsnStateFailedDeprovision, + AsnStateFailedProvision, + AsnStatePendingDeprovision, + AsnStatePendingProvision, + AsnStateProvisioned, + } +} + const ( // AssociatedNetworkTypeVpc is a AssociatedNetworkType enum value AssociatedNetworkTypeVpc = "vpc" @@ -176122,6 +190666,9 @@ const ( // AvailabilityZoneStateUnavailable is a AvailabilityZoneState enum value AvailabilityZoneStateUnavailable = "unavailable" + + // AvailabilityZoneStateConstrained is a AvailabilityZoneState enum value + AvailabilityZoneStateConstrained = "constrained" ) // AvailabilityZoneState_Values returns all elements of the AvailabilityZoneState enum @@ -176131,6 +190678,7 @@ func AvailabilityZoneState_Values() []string { AvailabilityZoneStateInformation, AvailabilityZoneStateImpaired, AvailabilityZoneStateUnavailable, + AvailabilityZoneStateConstrained, } } @@ -176228,6 +190776,9 @@ const ( // BootModeValuesUefi is a BootModeValues enum value BootModeValuesUefi = "uefi" + + // BootModeValuesUefiPreferred is a BootModeValues enum value + BootModeValuesUefiPreferred = "uefi-preferred" ) // BootModeValues_Values returns all elements of the BootModeValues enum @@ -176235,6 +190786,7 @@ func BootModeValues_Values() []string { return []string{ BootModeValuesLegacyBios, BootModeValuesUefi, + BootModeValuesUefiPreferred, } } @@ -176481,6 +191033,9 @@ const ( // CapacityReservationInstancePlatformRhelwithHaandSqlserverEnterprise is a CapacityReservationInstancePlatform enum value CapacityReservationInstancePlatformRhelwithHaandSqlserverEnterprise = "RHEL with HA and SQL Server Enterprise" + + // CapacityReservationInstancePlatformUbuntuPro is a CapacityReservationInstancePlatform enum value + CapacityReservationInstancePlatformUbuntuPro = "Ubuntu Pro" ) // CapacityReservationInstancePlatform_Values returns all elements of the CapacityReservationInstancePlatform enum @@ -176503,6 +191058,7 @@ func CapacityReservationInstancePlatform_Values() []string { CapacityReservationInstancePlatformRhelwithHa, CapacityReservationInstancePlatformRhelwithHaandSqlserverStandard, CapacityReservationInstancePlatformRhelwithHaandSqlserverEnterprise, + CapacityReservationInstancePlatformUbuntuPro, } } @@ -176537,6 +191093,15 @@ const ( // CapacityReservationStateFailed is a CapacityReservationState enum value CapacityReservationStateFailed = "failed" + + // CapacityReservationStateScheduled is a CapacityReservationState enum value + CapacityReservationStateScheduled = "scheduled" + + // CapacityReservationStatePaymentPending is a CapacityReservationState enum value + CapacityReservationStatePaymentPending = "payment-pending" + + // CapacityReservationStatePaymentFailed is a CapacityReservationState enum value + CapacityReservationStatePaymentFailed = "payment-failed" ) // CapacityReservationState_Values returns all elements of the CapacityReservationState enum @@ -176547,6 +191112,9 @@ func CapacityReservationState_Values() []string { CapacityReservationStateCancelled, CapacityReservationStatePending, CapacityReservationStateFailed, + CapacityReservationStateScheduled, + CapacityReservationStatePaymentPending, + CapacityReservationStatePaymentFailed, } } @@ -176566,6 +191134,22 @@ func CapacityReservationTenancy_Values() []string { } } +const ( + // CapacityReservationTypeDefault is a CapacityReservationType enum value + CapacityReservationTypeDefault = "default" + + // CapacityReservationTypeCapacityBlock is a CapacityReservationType enum value + CapacityReservationTypeCapacityBlock = "capacity-block" +) + +// CapacityReservationType_Values returns all elements of the CapacityReservationType enum +func CapacityReservationType_Values() []string { + return []string{ + CapacityReservationTypeDefault, + CapacityReservationTypeCapacityBlock, + } +} + const ( // CarrierGatewayStatePending is a CarrierGatewayState enum value CarrierGatewayStatePending = "pending" @@ -176916,6 +191500,9 @@ const ( // DefaultTargetCapacityTypeOnDemand is a DefaultTargetCapacityType enum value DefaultTargetCapacityTypeOnDemand = "on-demand" + + // DefaultTargetCapacityTypeCapacityBlock is a DefaultTargetCapacityType enum value + DefaultTargetCapacityTypeCapacityBlock = "capacity-block" ) // DefaultTargetCapacityType_Values returns all elements of the DefaultTargetCapacityType enum @@ -176923,6 +191510,7 @@ func DefaultTargetCapacityType_Values() []string { return []string{ DefaultTargetCapacityTypeSpot, DefaultTargetCapacityTypeOnDemand, + DefaultTargetCapacityTypeCapacityBlock, } } @@ -176992,6 +191580,9 @@ const ( // DeviceTrustProviderTypeCrowdstrike is a DeviceTrustProviderType enum value DeviceTrustProviderTypeCrowdstrike = "crowdstrike" + + // DeviceTrustProviderTypeJumpcloud is a DeviceTrustProviderType enum value + DeviceTrustProviderTypeJumpcloud = "jumpcloud" ) // DeviceTrustProviderType_Values returns all elements of the DeviceTrustProviderType enum @@ -176999,6 +191590,7 @@ func DeviceTrustProviderType_Values() []string { return []string{ DeviceTrustProviderTypeJamf, DeviceTrustProviderTypeCrowdstrike, + DeviceTrustProviderTypeJumpcloud, } } @@ -177202,6 +191794,38 @@ func EbsOptimizedSupport_Values() []string { } } +const ( + // Ec2InstanceConnectEndpointStateCreateInProgress is a Ec2InstanceConnectEndpointState enum value + Ec2InstanceConnectEndpointStateCreateInProgress = "create-in-progress" + + // Ec2InstanceConnectEndpointStateCreateComplete is a Ec2InstanceConnectEndpointState enum value + Ec2InstanceConnectEndpointStateCreateComplete = "create-complete" + + // Ec2InstanceConnectEndpointStateCreateFailed is a Ec2InstanceConnectEndpointState enum value + Ec2InstanceConnectEndpointStateCreateFailed = "create-failed" + + // Ec2InstanceConnectEndpointStateDeleteInProgress is a Ec2InstanceConnectEndpointState enum value + Ec2InstanceConnectEndpointStateDeleteInProgress = "delete-in-progress" + + // Ec2InstanceConnectEndpointStateDeleteComplete is a Ec2InstanceConnectEndpointState enum value + Ec2InstanceConnectEndpointStateDeleteComplete = "delete-complete" + + // Ec2InstanceConnectEndpointStateDeleteFailed is a Ec2InstanceConnectEndpointState enum value + Ec2InstanceConnectEndpointStateDeleteFailed = "delete-failed" +) + +// Ec2InstanceConnectEndpointState_Values returns all elements of the Ec2InstanceConnectEndpointState enum +func Ec2InstanceConnectEndpointState_Values() []string { + return []string{ + Ec2InstanceConnectEndpointStateCreateInProgress, + Ec2InstanceConnectEndpointStateCreateComplete, + Ec2InstanceConnectEndpointStateCreateFailed, + Ec2InstanceConnectEndpointStateDeleteInProgress, + Ec2InstanceConnectEndpointStateDeleteComplete, + Ec2InstanceConnectEndpointStateDeleteFailed, + } +} + const ( // ElasticGpuStateAttached is a ElasticGpuState enum value ElasticGpuStateAttached = "ATTACHED" @@ -177786,6 +192410,22 @@ func GatewayType_Values() []string { } } +const ( + // HostMaintenanceOn is a HostMaintenance enum value + HostMaintenanceOn = "on" + + // HostMaintenanceOff is a HostMaintenance enum value + HostMaintenanceOff = "off" +) + +// HostMaintenance_Values returns all elements of the HostMaintenance enum +func HostMaintenance_Values() []string { + return []string{ + HostMaintenanceOn, + HostMaintenanceOff, + } +} + const ( // HostRecoveryOn is a HostRecovery enum value HostRecoveryOn = "on" @@ -177962,6 +192602,30 @@ func ImageAttributeName_Values() []string { } } +const ( + // ImageBlockPublicAccessDisabledStateUnblocked is a ImageBlockPublicAccessDisabledState enum value + ImageBlockPublicAccessDisabledStateUnblocked = "unblocked" +) + +// ImageBlockPublicAccessDisabledState_Values returns all elements of the ImageBlockPublicAccessDisabledState enum +func ImageBlockPublicAccessDisabledState_Values() []string { + return []string{ + ImageBlockPublicAccessDisabledStateUnblocked, + } +} + +const ( + // ImageBlockPublicAccessEnabledStateBlockNewSharing is a ImageBlockPublicAccessEnabledState enum value + ImageBlockPublicAccessEnabledStateBlockNewSharing = "block-new-sharing" +) + +// ImageBlockPublicAccessEnabledState_Values returns all elements of the ImageBlockPublicAccessEnabledState enum +func ImageBlockPublicAccessEnabledState_Values() []string { + return []string{ + ImageBlockPublicAccessEnabledStateBlockNewSharing, + } +} + const ( // ImageStatePending is a ImageState enum value ImageStatePending = "pending" @@ -177983,6 +192647,9 @@ const ( // ImageStateError is a ImageState enum value ImageStateError = "error" + + // ImageStateDisabled is a ImageState enum value + ImageStateDisabled = "disabled" ) // ImageState_Values returns all elements of the ImageState enum @@ -177995,6 +192662,7 @@ func ImageState_Values() []string { ImageStateTransient, ImageStateFailed, ImageStateError, + ImageStateDisabled, } } @@ -178118,6 +192786,22 @@ func InstanceAutoRecoveryState_Values() []string { } } +const ( + // InstanceBootModeValuesLegacyBios is a InstanceBootModeValues enum value + InstanceBootModeValuesLegacyBios = "legacy-bios" + + // InstanceBootModeValuesUefi is a InstanceBootModeValues enum value + InstanceBootModeValuesUefi = "uefi" +) + +// InstanceBootModeValues_Values returns all elements of the InstanceBootModeValues enum +func InstanceBootModeValues_Values() []string { + return []string{ + InstanceBootModeValuesLegacyBios, + InstanceBootModeValuesUefi, + } +} + const ( // InstanceEventWindowStateCreating is a InstanceEventWindowState enum value InstanceEventWindowStateCreating = "creating" @@ -178216,6 +192900,9 @@ const ( // InstanceLifecycleTypeScheduled is a InstanceLifecycleType enum value InstanceLifecycleTypeScheduled = "scheduled" + + // InstanceLifecycleTypeCapacityBlock is a InstanceLifecycleType enum value + InstanceLifecycleTypeCapacityBlock = "capacity-block" ) // InstanceLifecycleType_Values returns all elements of the InstanceLifecycleType enum @@ -178223,6 +192910,7 @@ func InstanceLifecycleType_Values() []string { return []string{ InstanceLifecycleTypeSpot, InstanceLifecycleTypeScheduled, + InstanceLifecycleTypeCapacityBlock, } } @@ -180076,6 +194764,633 @@ const ( // InstanceTypeHpc6id32xlarge is a InstanceType enum value InstanceTypeHpc6id32xlarge = "hpc6id.32xlarge" + + // InstanceTypeC6inLarge is a InstanceType enum value + InstanceTypeC6inLarge = "c6in.large" + + // InstanceTypeC6inXlarge is a InstanceType enum value + InstanceTypeC6inXlarge = "c6in.xlarge" + + // InstanceTypeC6in2xlarge is a InstanceType enum value + InstanceTypeC6in2xlarge = "c6in.2xlarge" + + // InstanceTypeC6in4xlarge is a InstanceType enum value + InstanceTypeC6in4xlarge = "c6in.4xlarge" + + // InstanceTypeC6in8xlarge is a InstanceType enum value + InstanceTypeC6in8xlarge = "c6in.8xlarge" + + // InstanceTypeC6in12xlarge is a InstanceType enum value + InstanceTypeC6in12xlarge = "c6in.12xlarge" + + // InstanceTypeC6in16xlarge is a InstanceType enum value + InstanceTypeC6in16xlarge = "c6in.16xlarge" + + // InstanceTypeC6in24xlarge is a InstanceType enum value + InstanceTypeC6in24xlarge = "c6in.24xlarge" + + // InstanceTypeC6in32xlarge is a InstanceType enum value + InstanceTypeC6in32xlarge = "c6in.32xlarge" + + // InstanceTypeM6inLarge is a InstanceType enum value + InstanceTypeM6inLarge = "m6in.large" + + // InstanceTypeM6inXlarge is a InstanceType enum value + InstanceTypeM6inXlarge = "m6in.xlarge" + + // InstanceTypeM6in2xlarge is a InstanceType enum value + InstanceTypeM6in2xlarge = "m6in.2xlarge" + + // InstanceTypeM6in4xlarge is a InstanceType enum value + InstanceTypeM6in4xlarge = "m6in.4xlarge" + + // InstanceTypeM6in8xlarge is a InstanceType enum value + InstanceTypeM6in8xlarge = "m6in.8xlarge" + + // InstanceTypeM6in12xlarge is a InstanceType enum value + InstanceTypeM6in12xlarge = "m6in.12xlarge" + + // InstanceTypeM6in16xlarge is a InstanceType enum value + InstanceTypeM6in16xlarge = "m6in.16xlarge" + + // InstanceTypeM6in24xlarge is a InstanceType enum value + InstanceTypeM6in24xlarge = "m6in.24xlarge" + + // InstanceTypeM6in32xlarge is a InstanceType enum value + InstanceTypeM6in32xlarge = "m6in.32xlarge" + + // InstanceTypeM6idnLarge is a InstanceType enum value + InstanceTypeM6idnLarge = "m6idn.large" + + // InstanceTypeM6idnXlarge is a InstanceType enum value + InstanceTypeM6idnXlarge = "m6idn.xlarge" + + // InstanceTypeM6idn2xlarge is a InstanceType enum value + InstanceTypeM6idn2xlarge = "m6idn.2xlarge" + + // InstanceTypeM6idn4xlarge is a InstanceType enum value + InstanceTypeM6idn4xlarge = "m6idn.4xlarge" + + // InstanceTypeM6idn8xlarge is a InstanceType enum value + InstanceTypeM6idn8xlarge = "m6idn.8xlarge" + + // InstanceTypeM6idn12xlarge is a InstanceType enum value + InstanceTypeM6idn12xlarge = "m6idn.12xlarge" + + // InstanceTypeM6idn16xlarge is a InstanceType enum value + InstanceTypeM6idn16xlarge = "m6idn.16xlarge" + + // InstanceTypeM6idn24xlarge is a InstanceType enum value + InstanceTypeM6idn24xlarge = "m6idn.24xlarge" + + // InstanceTypeM6idn32xlarge is a InstanceType enum value + InstanceTypeM6idn32xlarge = "m6idn.32xlarge" + + // InstanceTypeR6inLarge is a InstanceType enum value + InstanceTypeR6inLarge = "r6in.large" + + // InstanceTypeR6inXlarge is a InstanceType enum value + InstanceTypeR6inXlarge = "r6in.xlarge" + + // InstanceTypeR6in2xlarge is a InstanceType enum value + InstanceTypeR6in2xlarge = "r6in.2xlarge" + + // InstanceTypeR6in4xlarge is a InstanceType enum value + InstanceTypeR6in4xlarge = "r6in.4xlarge" + + // InstanceTypeR6in8xlarge is a InstanceType enum value + InstanceTypeR6in8xlarge = "r6in.8xlarge" + + // InstanceTypeR6in12xlarge is a InstanceType enum value + InstanceTypeR6in12xlarge = "r6in.12xlarge" + + // InstanceTypeR6in16xlarge is a InstanceType enum value + InstanceTypeR6in16xlarge = "r6in.16xlarge" + + // InstanceTypeR6in24xlarge is a InstanceType enum value + InstanceTypeR6in24xlarge = "r6in.24xlarge" + + // InstanceTypeR6in32xlarge is a InstanceType enum value + InstanceTypeR6in32xlarge = "r6in.32xlarge" + + // InstanceTypeR6idnLarge is a InstanceType enum value + InstanceTypeR6idnLarge = "r6idn.large" + + // InstanceTypeR6idnXlarge is a InstanceType enum value + InstanceTypeR6idnXlarge = "r6idn.xlarge" + + // InstanceTypeR6idn2xlarge is a InstanceType enum value + InstanceTypeR6idn2xlarge = "r6idn.2xlarge" + + // InstanceTypeR6idn4xlarge is a InstanceType enum value + InstanceTypeR6idn4xlarge = "r6idn.4xlarge" + + // InstanceTypeR6idn8xlarge is a InstanceType enum value + InstanceTypeR6idn8xlarge = "r6idn.8xlarge" + + // InstanceTypeR6idn12xlarge is a InstanceType enum value + InstanceTypeR6idn12xlarge = "r6idn.12xlarge" + + // InstanceTypeR6idn16xlarge is a InstanceType enum value + InstanceTypeR6idn16xlarge = "r6idn.16xlarge" + + // InstanceTypeR6idn24xlarge is a InstanceType enum value + InstanceTypeR6idn24xlarge = "r6idn.24xlarge" + + // InstanceTypeR6idn32xlarge is a InstanceType enum value + InstanceTypeR6idn32xlarge = "r6idn.32xlarge" + + // InstanceTypeC7gMetal is a InstanceType enum value + InstanceTypeC7gMetal = "c7g.metal" + + // InstanceTypeM7gMedium is a InstanceType enum value + InstanceTypeM7gMedium = "m7g.medium" + + // InstanceTypeM7gLarge is a InstanceType enum value + InstanceTypeM7gLarge = "m7g.large" + + // InstanceTypeM7gXlarge is a InstanceType enum value + InstanceTypeM7gXlarge = "m7g.xlarge" + + // InstanceTypeM7g2xlarge is a InstanceType enum value + InstanceTypeM7g2xlarge = "m7g.2xlarge" + + // InstanceTypeM7g4xlarge is a InstanceType enum value + InstanceTypeM7g4xlarge = "m7g.4xlarge" + + // InstanceTypeM7g8xlarge is a InstanceType enum value + InstanceTypeM7g8xlarge = "m7g.8xlarge" + + // InstanceTypeM7g12xlarge is a InstanceType enum value + InstanceTypeM7g12xlarge = "m7g.12xlarge" + + // InstanceTypeM7g16xlarge is a InstanceType enum value + InstanceTypeM7g16xlarge = "m7g.16xlarge" + + // InstanceTypeM7gMetal is a InstanceType enum value + InstanceTypeM7gMetal = "m7g.metal" + + // InstanceTypeR7gMedium is a InstanceType enum value + InstanceTypeR7gMedium = "r7g.medium" + + // InstanceTypeR7gLarge is a InstanceType enum value + InstanceTypeR7gLarge = "r7g.large" + + // InstanceTypeR7gXlarge is a InstanceType enum value + InstanceTypeR7gXlarge = "r7g.xlarge" + + // InstanceTypeR7g2xlarge is a InstanceType enum value + InstanceTypeR7g2xlarge = "r7g.2xlarge" + + // InstanceTypeR7g4xlarge is a InstanceType enum value + InstanceTypeR7g4xlarge = "r7g.4xlarge" + + // InstanceTypeR7g8xlarge is a InstanceType enum value + InstanceTypeR7g8xlarge = "r7g.8xlarge" + + // InstanceTypeR7g12xlarge is a InstanceType enum value + InstanceTypeR7g12xlarge = "r7g.12xlarge" + + // InstanceTypeR7g16xlarge is a InstanceType enum value + InstanceTypeR7g16xlarge = "r7g.16xlarge" + + // InstanceTypeR7gMetal is a InstanceType enum value + InstanceTypeR7gMetal = "r7g.metal" + + // InstanceTypeC6inMetal is a InstanceType enum value + InstanceTypeC6inMetal = "c6in.metal" + + // InstanceTypeM6inMetal is a InstanceType enum value + InstanceTypeM6inMetal = "m6in.metal" + + // InstanceTypeM6idnMetal is a InstanceType enum value + InstanceTypeM6idnMetal = "m6idn.metal" + + // InstanceTypeR6inMetal is a InstanceType enum value + InstanceTypeR6inMetal = "r6in.metal" + + // InstanceTypeR6idnMetal is a InstanceType enum value + InstanceTypeR6idnMetal = "r6idn.metal" + + // InstanceTypeInf2Xlarge is a InstanceType enum value + InstanceTypeInf2Xlarge = "inf2.xlarge" + + // InstanceTypeInf28xlarge is a InstanceType enum value + InstanceTypeInf28xlarge = "inf2.8xlarge" + + // InstanceTypeInf224xlarge is a InstanceType enum value + InstanceTypeInf224xlarge = "inf2.24xlarge" + + // InstanceTypeInf248xlarge is a InstanceType enum value + InstanceTypeInf248xlarge = "inf2.48xlarge" + + // InstanceTypeTrn1n32xlarge is a InstanceType enum value + InstanceTypeTrn1n32xlarge = "trn1n.32xlarge" + + // InstanceTypeI4gLarge is a InstanceType enum value + InstanceTypeI4gLarge = "i4g.large" + + // InstanceTypeI4gXlarge is a InstanceType enum value + InstanceTypeI4gXlarge = "i4g.xlarge" + + // InstanceTypeI4g2xlarge is a InstanceType enum value + InstanceTypeI4g2xlarge = "i4g.2xlarge" + + // InstanceTypeI4g4xlarge is a InstanceType enum value + InstanceTypeI4g4xlarge = "i4g.4xlarge" + + // InstanceTypeI4g8xlarge is a InstanceType enum value + InstanceTypeI4g8xlarge = "i4g.8xlarge" + + // InstanceTypeI4g16xlarge is a InstanceType enum value + InstanceTypeI4g16xlarge = "i4g.16xlarge" + + // InstanceTypeHpc7g4xlarge is a InstanceType enum value + InstanceTypeHpc7g4xlarge = "hpc7g.4xlarge" + + // InstanceTypeHpc7g8xlarge is a InstanceType enum value + InstanceTypeHpc7g8xlarge = "hpc7g.8xlarge" + + // InstanceTypeHpc7g16xlarge is a InstanceType enum value + InstanceTypeHpc7g16xlarge = "hpc7g.16xlarge" + + // InstanceTypeC7gnMedium is a InstanceType enum value + InstanceTypeC7gnMedium = "c7gn.medium" + + // InstanceTypeC7gnLarge is a InstanceType enum value + InstanceTypeC7gnLarge = "c7gn.large" + + // InstanceTypeC7gnXlarge is a InstanceType enum value + InstanceTypeC7gnXlarge = "c7gn.xlarge" + + // InstanceTypeC7gn2xlarge is a InstanceType enum value + InstanceTypeC7gn2xlarge = "c7gn.2xlarge" + + // InstanceTypeC7gn4xlarge is a InstanceType enum value + InstanceTypeC7gn4xlarge = "c7gn.4xlarge" + + // InstanceTypeC7gn8xlarge is a InstanceType enum value + InstanceTypeC7gn8xlarge = "c7gn.8xlarge" + + // InstanceTypeC7gn12xlarge is a InstanceType enum value + InstanceTypeC7gn12xlarge = "c7gn.12xlarge" + + // InstanceTypeC7gn16xlarge is a InstanceType enum value + InstanceTypeC7gn16xlarge = "c7gn.16xlarge" + + // InstanceTypeP548xlarge is a InstanceType enum value + InstanceTypeP548xlarge = "p5.48xlarge" + + // InstanceTypeM7iLarge is a InstanceType enum value + InstanceTypeM7iLarge = "m7i.large" + + // InstanceTypeM7iXlarge is a InstanceType enum value + InstanceTypeM7iXlarge = "m7i.xlarge" + + // InstanceTypeM7i2xlarge is a InstanceType enum value + InstanceTypeM7i2xlarge = "m7i.2xlarge" + + // InstanceTypeM7i4xlarge is a InstanceType enum value + InstanceTypeM7i4xlarge = "m7i.4xlarge" + + // InstanceTypeM7i8xlarge is a InstanceType enum value + InstanceTypeM7i8xlarge = "m7i.8xlarge" + + // InstanceTypeM7i12xlarge is a InstanceType enum value + InstanceTypeM7i12xlarge = "m7i.12xlarge" + + // InstanceTypeM7i16xlarge is a InstanceType enum value + InstanceTypeM7i16xlarge = "m7i.16xlarge" + + // InstanceTypeM7i24xlarge is a InstanceType enum value + InstanceTypeM7i24xlarge = "m7i.24xlarge" + + // InstanceTypeM7i48xlarge is a InstanceType enum value + InstanceTypeM7i48xlarge = "m7i.48xlarge" + + // InstanceTypeM7iFlexLarge is a InstanceType enum value + InstanceTypeM7iFlexLarge = "m7i-flex.large" + + // InstanceTypeM7iFlexXlarge is a InstanceType enum value + InstanceTypeM7iFlexXlarge = "m7i-flex.xlarge" + + // InstanceTypeM7iFlex2xlarge is a InstanceType enum value + InstanceTypeM7iFlex2xlarge = "m7i-flex.2xlarge" + + // InstanceTypeM7iFlex4xlarge is a InstanceType enum value + InstanceTypeM7iFlex4xlarge = "m7i-flex.4xlarge" + + // InstanceTypeM7iFlex8xlarge is a InstanceType enum value + InstanceTypeM7iFlex8xlarge = "m7i-flex.8xlarge" + + // InstanceTypeM7aMedium is a InstanceType enum value + InstanceTypeM7aMedium = "m7a.medium" + + // InstanceTypeM7aLarge is a InstanceType enum value + InstanceTypeM7aLarge = "m7a.large" + + // InstanceTypeM7aXlarge is a InstanceType enum value + InstanceTypeM7aXlarge = "m7a.xlarge" + + // InstanceTypeM7a2xlarge is a InstanceType enum value + InstanceTypeM7a2xlarge = "m7a.2xlarge" + + // InstanceTypeM7a4xlarge is a InstanceType enum value + InstanceTypeM7a4xlarge = "m7a.4xlarge" + + // InstanceTypeM7a8xlarge is a InstanceType enum value + InstanceTypeM7a8xlarge = "m7a.8xlarge" + + // InstanceTypeM7a12xlarge is a InstanceType enum value + InstanceTypeM7a12xlarge = "m7a.12xlarge" + + // InstanceTypeM7a16xlarge is a InstanceType enum value + InstanceTypeM7a16xlarge = "m7a.16xlarge" + + // InstanceTypeM7a24xlarge is a InstanceType enum value + InstanceTypeM7a24xlarge = "m7a.24xlarge" + + // InstanceTypeM7a32xlarge is a InstanceType enum value + InstanceTypeM7a32xlarge = "m7a.32xlarge" + + // InstanceTypeM7a48xlarge is a InstanceType enum value + InstanceTypeM7a48xlarge = "m7a.48xlarge" + + // InstanceTypeM7aMetal48xl is a InstanceType enum value + InstanceTypeM7aMetal48xl = "m7a.metal-48xl" + + // InstanceTypeHpc7a12xlarge is a InstanceType enum value + InstanceTypeHpc7a12xlarge = "hpc7a.12xlarge" + + // InstanceTypeHpc7a24xlarge is a InstanceType enum value + InstanceTypeHpc7a24xlarge = "hpc7a.24xlarge" + + // InstanceTypeHpc7a48xlarge is a InstanceType enum value + InstanceTypeHpc7a48xlarge = "hpc7a.48xlarge" + + // InstanceTypeHpc7a96xlarge is a InstanceType enum value + InstanceTypeHpc7a96xlarge = "hpc7a.96xlarge" + + // InstanceTypeC7gdMedium is a InstanceType enum value + InstanceTypeC7gdMedium = "c7gd.medium" + + // InstanceTypeC7gdLarge is a InstanceType enum value + InstanceTypeC7gdLarge = "c7gd.large" + + // InstanceTypeC7gdXlarge is a InstanceType enum value + InstanceTypeC7gdXlarge = "c7gd.xlarge" + + // InstanceTypeC7gd2xlarge is a InstanceType enum value + InstanceTypeC7gd2xlarge = "c7gd.2xlarge" + + // InstanceTypeC7gd4xlarge is a InstanceType enum value + InstanceTypeC7gd4xlarge = "c7gd.4xlarge" + + // InstanceTypeC7gd8xlarge is a InstanceType enum value + InstanceTypeC7gd8xlarge = "c7gd.8xlarge" + + // InstanceTypeC7gd12xlarge is a InstanceType enum value + InstanceTypeC7gd12xlarge = "c7gd.12xlarge" + + // InstanceTypeC7gd16xlarge is a InstanceType enum value + InstanceTypeC7gd16xlarge = "c7gd.16xlarge" + + // InstanceTypeM7gdMedium is a InstanceType enum value + InstanceTypeM7gdMedium = "m7gd.medium" + + // InstanceTypeM7gdLarge is a InstanceType enum value + InstanceTypeM7gdLarge = "m7gd.large" + + // InstanceTypeM7gdXlarge is a InstanceType enum value + InstanceTypeM7gdXlarge = "m7gd.xlarge" + + // InstanceTypeM7gd2xlarge is a InstanceType enum value + InstanceTypeM7gd2xlarge = "m7gd.2xlarge" + + // InstanceTypeM7gd4xlarge is a InstanceType enum value + InstanceTypeM7gd4xlarge = "m7gd.4xlarge" + + // InstanceTypeM7gd8xlarge is a InstanceType enum value + InstanceTypeM7gd8xlarge = "m7gd.8xlarge" + + // InstanceTypeM7gd12xlarge is a InstanceType enum value + InstanceTypeM7gd12xlarge = "m7gd.12xlarge" + + // InstanceTypeM7gd16xlarge is a InstanceType enum value + InstanceTypeM7gd16xlarge = "m7gd.16xlarge" + + // InstanceTypeR7gdMedium is a InstanceType enum value + InstanceTypeR7gdMedium = "r7gd.medium" + + // InstanceTypeR7gdLarge is a InstanceType enum value + InstanceTypeR7gdLarge = "r7gd.large" + + // InstanceTypeR7gdXlarge is a InstanceType enum value + InstanceTypeR7gdXlarge = "r7gd.xlarge" + + // InstanceTypeR7gd2xlarge is a InstanceType enum value + InstanceTypeR7gd2xlarge = "r7gd.2xlarge" + + // InstanceTypeR7gd4xlarge is a InstanceType enum value + InstanceTypeR7gd4xlarge = "r7gd.4xlarge" + + // InstanceTypeR7gd8xlarge is a InstanceType enum value + InstanceTypeR7gd8xlarge = "r7gd.8xlarge" + + // InstanceTypeR7gd12xlarge is a InstanceType enum value + InstanceTypeR7gd12xlarge = "r7gd.12xlarge" + + // InstanceTypeR7gd16xlarge is a InstanceType enum value + InstanceTypeR7gd16xlarge = "r7gd.16xlarge" + + // InstanceTypeR7aMedium is a InstanceType enum value + InstanceTypeR7aMedium = "r7a.medium" + + // InstanceTypeR7aLarge is a InstanceType enum value + InstanceTypeR7aLarge = "r7a.large" + + // InstanceTypeR7aXlarge is a InstanceType enum value + InstanceTypeR7aXlarge = "r7a.xlarge" + + // InstanceTypeR7a2xlarge is a InstanceType enum value + InstanceTypeR7a2xlarge = "r7a.2xlarge" + + // InstanceTypeR7a4xlarge is a InstanceType enum value + InstanceTypeR7a4xlarge = "r7a.4xlarge" + + // InstanceTypeR7a8xlarge is a InstanceType enum value + InstanceTypeR7a8xlarge = "r7a.8xlarge" + + // InstanceTypeR7a12xlarge is a InstanceType enum value + InstanceTypeR7a12xlarge = "r7a.12xlarge" + + // InstanceTypeR7a16xlarge is a InstanceType enum value + InstanceTypeR7a16xlarge = "r7a.16xlarge" + + // InstanceTypeR7a24xlarge is a InstanceType enum value + InstanceTypeR7a24xlarge = "r7a.24xlarge" + + // InstanceTypeR7a32xlarge is a InstanceType enum value + InstanceTypeR7a32xlarge = "r7a.32xlarge" + + // InstanceTypeR7a48xlarge is a InstanceType enum value + InstanceTypeR7a48xlarge = "r7a.48xlarge" + + // InstanceTypeC7iLarge is a InstanceType enum value + InstanceTypeC7iLarge = "c7i.large" + + // InstanceTypeC7iXlarge is a InstanceType enum value + InstanceTypeC7iXlarge = "c7i.xlarge" + + // InstanceTypeC7i2xlarge is a InstanceType enum value + InstanceTypeC7i2xlarge = "c7i.2xlarge" + + // InstanceTypeC7i4xlarge is a InstanceType enum value + InstanceTypeC7i4xlarge = "c7i.4xlarge" + + // InstanceTypeC7i8xlarge is a InstanceType enum value + InstanceTypeC7i8xlarge = "c7i.8xlarge" + + // InstanceTypeC7i12xlarge is a InstanceType enum value + InstanceTypeC7i12xlarge = "c7i.12xlarge" + + // InstanceTypeC7i16xlarge is a InstanceType enum value + InstanceTypeC7i16xlarge = "c7i.16xlarge" + + // InstanceTypeC7i24xlarge is a InstanceType enum value + InstanceTypeC7i24xlarge = "c7i.24xlarge" + + // InstanceTypeC7i48xlarge is a InstanceType enum value + InstanceTypeC7i48xlarge = "c7i.48xlarge" + + // InstanceTypeMac2M2proMetal is a InstanceType enum value + InstanceTypeMac2M2proMetal = "mac2-m2pro.metal" + + // InstanceTypeR7izLarge is a InstanceType enum value + InstanceTypeR7izLarge = "r7iz.large" + + // InstanceTypeR7izXlarge is a InstanceType enum value + InstanceTypeR7izXlarge = "r7iz.xlarge" + + // InstanceTypeR7iz2xlarge is a InstanceType enum value + InstanceTypeR7iz2xlarge = "r7iz.2xlarge" + + // InstanceTypeR7iz4xlarge is a InstanceType enum value + InstanceTypeR7iz4xlarge = "r7iz.4xlarge" + + // InstanceTypeR7iz8xlarge is a InstanceType enum value + InstanceTypeR7iz8xlarge = "r7iz.8xlarge" + + // InstanceTypeR7iz12xlarge is a InstanceType enum value + InstanceTypeR7iz12xlarge = "r7iz.12xlarge" + + // InstanceTypeR7iz16xlarge is a InstanceType enum value + InstanceTypeR7iz16xlarge = "r7iz.16xlarge" + + // InstanceTypeR7iz32xlarge is a InstanceType enum value + InstanceTypeR7iz32xlarge = "r7iz.32xlarge" + + // InstanceTypeC7aMedium is a InstanceType enum value + InstanceTypeC7aMedium = "c7a.medium" + + // InstanceTypeC7aLarge is a InstanceType enum value + InstanceTypeC7aLarge = "c7a.large" + + // InstanceTypeC7aXlarge is a InstanceType enum value + InstanceTypeC7aXlarge = "c7a.xlarge" + + // InstanceTypeC7a2xlarge is a InstanceType enum value + InstanceTypeC7a2xlarge = "c7a.2xlarge" + + // InstanceTypeC7a4xlarge is a InstanceType enum value + InstanceTypeC7a4xlarge = "c7a.4xlarge" + + // InstanceTypeC7a8xlarge is a InstanceType enum value + InstanceTypeC7a8xlarge = "c7a.8xlarge" + + // InstanceTypeC7a12xlarge is a InstanceType enum value + InstanceTypeC7a12xlarge = "c7a.12xlarge" + + // InstanceTypeC7a16xlarge is a InstanceType enum value + InstanceTypeC7a16xlarge = "c7a.16xlarge" + + // InstanceTypeC7a24xlarge is a InstanceType enum value + InstanceTypeC7a24xlarge = "c7a.24xlarge" + + // InstanceTypeC7a32xlarge is a InstanceType enum value + InstanceTypeC7a32xlarge = "c7a.32xlarge" + + // InstanceTypeC7a48xlarge is a InstanceType enum value + InstanceTypeC7a48xlarge = "c7a.48xlarge" + + // InstanceTypeC7aMetal48xl is a InstanceType enum value + InstanceTypeC7aMetal48xl = "c7a.metal-48xl" + + // InstanceTypeR7aMetal48xl is a InstanceType enum value + InstanceTypeR7aMetal48xl = "r7a.metal-48xl" + + // InstanceTypeR7iLarge is a InstanceType enum value + InstanceTypeR7iLarge = "r7i.large" + + // InstanceTypeR7iXlarge is a InstanceType enum value + InstanceTypeR7iXlarge = "r7i.xlarge" + + // InstanceTypeR7i2xlarge is a InstanceType enum value + InstanceTypeR7i2xlarge = "r7i.2xlarge" + + // InstanceTypeR7i4xlarge is a InstanceType enum value + InstanceTypeR7i4xlarge = "r7i.4xlarge" + + // InstanceTypeR7i8xlarge is a InstanceType enum value + InstanceTypeR7i8xlarge = "r7i.8xlarge" + + // InstanceTypeR7i12xlarge is a InstanceType enum value + InstanceTypeR7i12xlarge = "r7i.12xlarge" + + // InstanceTypeR7i16xlarge is a InstanceType enum value + InstanceTypeR7i16xlarge = "r7i.16xlarge" + + // InstanceTypeR7i24xlarge is a InstanceType enum value + InstanceTypeR7i24xlarge = "r7i.24xlarge" + + // InstanceTypeR7i48xlarge is a InstanceType enum value + InstanceTypeR7i48xlarge = "r7i.48xlarge" + + // InstanceTypeDl2q24xlarge is a InstanceType enum value + InstanceTypeDl2q24xlarge = "dl2q.24xlarge" + + // InstanceTypeMac2M2Metal is a InstanceType enum value + InstanceTypeMac2M2Metal = "mac2-m2.metal" + + // InstanceTypeI4i12xlarge is a InstanceType enum value + InstanceTypeI4i12xlarge = "i4i.12xlarge" + + // InstanceTypeI4i24xlarge is a InstanceType enum value + InstanceTypeI4i24xlarge = "i4i.24xlarge" + + // InstanceTypeC7iMetal24xl is a InstanceType enum value + InstanceTypeC7iMetal24xl = "c7i.metal-24xl" + + // InstanceTypeC7iMetal48xl is a InstanceType enum value + InstanceTypeC7iMetal48xl = "c7i.metal-48xl" + + // InstanceTypeM7iMetal24xl is a InstanceType enum value + InstanceTypeM7iMetal24xl = "m7i.metal-24xl" + + // InstanceTypeM7iMetal48xl is a InstanceType enum value + InstanceTypeM7iMetal48xl = "m7i.metal-48xl" + + // InstanceTypeR7iMetal24xl is a InstanceType enum value + InstanceTypeR7iMetal24xl = "r7i.metal-24xl" + + // InstanceTypeR7iMetal48xl is a InstanceType enum value + InstanceTypeR7iMetal48xl = "r7i.metal-48xl" + + // InstanceTypeR7izMetal16xl is a InstanceType enum value + InstanceTypeR7izMetal16xl = "r7iz.metal-16xl" + + // InstanceTypeR7izMetal32xl is a InstanceType enum value + InstanceTypeR7izMetal32xl = "r7iz.metal-32xl" ) // InstanceType_Values returns all elements of the InstanceType enum @@ -180655,6 +195970,215 @@ func InstanceType_Values() []string { InstanceTypeTrn12xlarge, InstanceTypeTrn132xlarge, InstanceTypeHpc6id32xlarge, + InstanceTypeC6inLarge, + InstanceTypeC6inXlarge, + InstanceTypeC6in2xlarge, + InstanceTypeC6in4xlarge, + InstanceTypeC6in8xlarge, + InstanceTypeC6in12xlarge, + InstanceTypeC6in16xlarge, + InstanceTypeC6in24xlarge, + InstanceTypeC6in32xlarge, + InstanceTypeM6inLarge, + InstanceTypeM6inXlarge, + InstanceTypeM6in2xlarge, + InstanceTypeM6in4xlarge, + InstanceTypeM6in8xlarge, + InstanceTypeM6in12xlarge, + InstanceTypeM6in16xlarge, + InstanceTypeM6in24xlarge, + InstanceTypeM6in32xlarge, + InstanceTypeM6idnLarge, + InstanceTypeM6idnXlarge, + InstanceTypeM6idn2xlarge, + InstanceTypeM6idn4xlarge, + InstanceTypeM6idn8xlarge, + InstanceTypeM6idn12xlarge, + InstanceTypeM6idn16xlarge, + InstanceTypeM6idn24xlarge, + InstanceTypeM6idn32xlarge, + InstanceTypeR6inLarge, + InstanceTypeR6inXlarge, + InstanceTypeR6in2xlarge, + InstanceTypeR6in4xlarge, + InstanceTypeR6in8xlarge, + InstanceTypeR6in12xlarge, + InstanceTypeR6in16xlarge, + InstanceTypeR6in24xlarge, + InstanceTypeR6in32xlarge, + InstanceTypeR6idnLarge, + InstanceTypeR6idnXlarge, + InstanceTypeR6idn2xlarge, + InstanceTypeR6idn4xlarge, + InstanceTypeR6idn8xlarge, + InstanceTypeR6idn12xlarge, + InstanceTypeR6idn16xlarge, + InstanceTypeR6idn24xlarge, + InstanceTypeR6idn32xlarge, + InstanceTypeC7gMetal, + InstanceTypeM7gMedium, + InstanceTypeM7gLarge, + InstanceTypeM7gXlarge, + InstanceTypeM7g2xlarge, + InstanceTypeM7g4xlarge, + InstanceTypeM7g8xlarge, + InstanceTypeM7g12xlarge, + InstanceTypeM7g16xlarge, + InstanceTypeM7gMetal, + InstanceTypeR7gMedium, + InstanceTypeR7gLarge, + InstanceTypeR7gXlarge, + InstanceTypeR7g2xlarge, + InstanceTypeR7g4xlarge, + InstanceTypeR7g8xlarge, + InstanceTypeR7g12xlarge, + InstanceTypeR7g16xlarge, + InstanceTypeR7gMetal, + InstanceTypeC6inMetal, + InstanceTypeM6inMetal, + InstanceTypeM6idnMetal, + InstanceTypeR6inMetal, + InstanceTypeR6idnMetal, + InstanceTypeInf2Xlarge, + InstanceTypeInf28xlarge, + InstanceTypeInf224xlarge, + InstanceTypeInf248xlarge, + InstanceTypeTrn1n32xlarge, + InstanceTypeI4gLarge, + InstanceTypeI4gXlarge, + InstanceTypeI4g2xlarge, + InstanceTypeI4g4xlarge, + InstanceTypeI4g8xlarge, + InstanceTypeI4g16xlarge, + InstanceTypeHpc7g4xlarge, + InstanceTypeHpc7g8xlarge, + InstanceTypeHpc7g16xlarge, + InstanceTypeC7gnMedium, + InstanceTypeC7gnLarge, + InstanceTypeC7gnXlarge, + InstanceTypeC7gn2xlarge, + InstanceTypeC7gn4xlarge, + InstanceTypeC7gn8xlarge, + InstanceTypeC7gn12xlarge, + InstanceTypeC7gn16xlarge, + InstanceTypeP548xlarge, + InstanceTypeM7iLarge, + InstanceTypeM7iXlarge, + InstanceTypeM7i2xlarge, + InstanceTypeM7i4xlarge, + InstanceTypeM7i8xlarge, + InstanceTypeM7i12xlarge, + InstanceTypeM7i16xlarge, + InstanceTypeM7i24xlarge, + InstanceTypeM7i48xlarge, + InstanceTypeM7iFlexLarge, + InstanceTypeM7iFlexXlarge, + InstanceTypeM7iFlex2xlarge, + InstanceTypeM7iFlex4xlarge, + InstanceTypeM7iFlex8xlarge, + InstanceTypeM7aMedium, + InstanceTypeM7aLarge, + InstanceTypeM7aXlarge, + InstanceTypeM7a2xlarge, + InstanceTypeM7a4xlarge, + InstanceTypeM7a8xlarge, + InstanceTypeM7a12xlarge, + InstanceTypeM7a16xlarge, + InstanceTypeM7a24xlarge, + InstanceTypeM7a32xlarge, + InstanceTypeM7a48xlarge, + InstanceTypeM7aMetal48xl, + InstanceTypeHpc7a12xlarge, + InstanceTypeHpc7a24xlarge, + InstanceTypeHpc7a48xlarge, + InstanceTypeHpc7a96xlarge, + InstanceTypeC7gdMedium, + InstanceTypeC7gdLarge, + InstanceTypeC7gdXlarge, + InstanceTypeC7gd2xlarge, + InstanceTypeC7gd4xlarge, + InstanceTypeC7gd8xlarge, + InstanceTypeC7gd12xlarge, + InstanceTypeC7gd16xlarge, + InstanceTypeM7gdMedium, + InstanceTypeM7gdLarge, + InstanceTypeM7gdXlarge, + InstanceTypeM7gd2xlarge, + InstanceTypeM7gd4xlarge, + InstanceTypeM7gd8xlarge, + InstanceTypeM7gd12xlarge, + InstanceTypeM7gd16xlarge, + InstanceTypeR7gdMedium, + InstanceTypeR7gdLarge, + InstanceTypeR7gdXlarge, + InstanceTypeR7gd2xlarge, + InstanceTypeR7gd4xlarge, + InstanceTypeR7gd8xlarge, + InstanceTypeR7gd12xlarge, + InstanceTypeR7gd16xlarge, + InstanceTypeR7aMedium, + InstanceTypeR7aLarge, + InstanceTypeR7aXlarge, + InstanceTypeR7a2xlarge, + InstanceTypeR7a4xlarge, + InstanceTypeR7a8xlarge, + InstanceTypeR7a12xlarge, + InstanceTypeR7a16xlarge, + InstanceTypeR7a24xlarge, + InstanceTypeR7a32xlarge, + InstanceTypeR7a48xlarge, + InstanceTypeC7iLarge, + InstanceTypeC7iXlarge, + InstanceTypeC7i2xlarge, + InstanceTypeC7i4xlarge, + InstanceTypeC7i8xlarge, + InstanceTypeC7i12xlarge, + InstanceTypeC7i16xlarge, + InstanceTypeC7i24xlarge, + InstanceTypeC7i48xlarge, + InstanceTypeMac2M2proMetal, + InstanceTypeR7izLarge, + InstanceTypeR7izXlarge, + InstanceTypeR7iz2xlarge, + InstanceTypeR7iz4xlarge, + InstanceTypeR7iz8xlarge, + InstanceTypeR7iz12xlarge, + InstanceTypeR7iz16xlarge, + InstanceTypeR7iz32xlarge, + InstanceTypeC7aMedium, + InstanceTypeC7aLarge, + InstanceTypeC7aXlarge, + InstanceTypeC7a2xlarge, + InstanceTypeC7a4xlarge, + InstanceTypeC7a8xlarge, + InstanceTypeC7a12xlarge, + InstanceTypeC7a16xlarge, + InstanceTypeC7a24xlarge, + InstanceTypeC7a32xlarge, + InstanceTypeC7a48xlarge, + InstanceTypeC7aMetal48xl, + InstanceTypeR7aMetal48xl, + InstanceTypeR7iLarge, + InstanceTypeR7iXlarge, + InstanceTypeR7i2xlarge, + InstanceTypeR7i4xlarge, + InstanceTypeR7i8xlarge, + InstanceTypeR7i12xlarge, + InstanceTypeR7i16xlarge, + InstanceTypeR7i24xlarge, + InstanceTypeR7i48xlarge, + InstanceTypeDl2q24xlarge, + InstanceTypeMac2M2Metal, + InstanceTypeI4i12xlarge, + InstanceTypeI4i24xlarge, + InstanceTypeC7iMetal24xl, + InstanceTypeC7iMetal48xl, + InstanceTypeM7iMetal24xl, + InstanceTypeM7iMetal48xl, + InstanceTypeR7iMetal24xl, + InstanceTypeR7iMetal48xl, + InstanceTypeR7izMetal16xl, + InstanceTypeR7izMetal32xl, } } @@ -180754,6 +196278,22 @@ func IpamAddressHistoryResourceType_Values() []string { } } +const ( + // IpamAssociatedResourceDiscoveryStatusActive is a IpamAssociatedResourceDiscoveryStatus enum value + IpamAssociatedResourceDiscoveryStatusActive = "active" + + // IpamAssociatedResourceDiscoveryStatusNotFound is a IpamAssociatedResourceDiscoveryStatus enum value + IpamAssociatedResourceDiscoveryStatusNotFound = "not-found" +) + +// IpamAssociatedResourceDiscoveryStatus_Values returns all elements of the IpamAssociatedResourceDiscoveryStatus enum +func IpamAssociatedResourceDiscoveryStatus_Values() []string { + return []string{ + IpamAssociatedResourceDiscoveryStatusActive, + IpamAssociatedResourceDiscoveryStatusNotFound, + } +} + const ( // IpamComplianceStatusCompliant is a IpamComplianceStatus enum value IpamComplianceStatusCompliant = "compliant" @@ -180778,6 +196318,26 @@ func IpamComplianceStatus_Values() []string { } } +const ( + // IpamDiscoveryFailureCodeAssumeRoleFailure is a IpamDiscoveryFailureCode enum value + IpamDiscoveryFailureCodeAssumeRoleFailure = "assume-role-failure" + + // IpamDiscoveryFailureCodeThrottlingFailure is a IpamDiscoveryFailureCode enum value + IpamDiscoveryFailureCodeThrottlingFailure = "throttling-failure" + + // IpamDiscoveryFailureCodeUnauthorizedFailure is a IpamDiscoveryFailureCode enum value + IpamDiscoveryFailureCodeUnauthorizedFailure = "unauthorized-failure" +) + +// IpamDiscoveryFailureCode_Values returns all elements of the IpamDiscoveryFailureCode enum +func IpamDiscoveryFailureCode_Values() []string { + return []string{ + IpamDiscoveryFailureCodeAssumeRoleFailure, + IpamDiscoveryFailureCodeThrottlingFailure, + IpamDiscoveryFailureCodeUnauthorizedFailure, + } +} + const ( // IpamManagementStateManaged is a IpamManagementState enum value IpamManagementStateManaged = "managed" @@ -180830,6 +196390,9 @@ const ( // IpamPoolAllocationResourceTypeCustom is a IpamPoolAllocationResourceType enum value IpamPoolAllocationResourceTypeCustom = "custom" + + // IpamPoolAllocationResourceTypeSubnet is a IpamPoolAllocationResourceType enum value + IpamPoolAllocationResourceTypeSubnet = "subnet" ) // IpamPoolAllocationResourceType_Values returns all elements of the IpamPoolAllocationResourceType enum @@ -180839,6 +196402,7 @@ func IpamPoolAllocationResourceType_Values() []string { IpamPoolAllocationResourceTypeVpc, IpamPoolAllocationResourceTypeEc2PublicIpv4Pool, IpamPoolAllocationResourceTypeCustom, + IpamPoolAllocationResourceTypeSubnet, } } @@ -180857,12 +196421,16 @@ func IpamPoolAwsService_Values() []string { const ( // IpamPoolCidrFailureCodeCidrNotAvailable is a IpamPoolCidrFailureCode enum value IpamPoolCidrFailureCodeCidrNotAvailable = "cidr-not-available" + + // IpamPoolCidrFailureCodeLimitExceeded is a IpamPoolCidrFailureCode enum value + IpamPoolCidrFailureCodeLimitExceeded = "limit-exceeded" ) // IpamPoolCidrFailureCode_Values returns all elements of the IpamPoolCidrFailureCode enum func IpamPoolCidrFailureCode_Values() []string { return []string{ IpamPoolCidrFailureCodeCidrNotAvailable, + IpamPoolCidrFailureCodeLimitExceeded, } } @@ -180906,6 +196474,34 @@ func IpamPoolCidrState_Values() []string { } } +const ( + // IpamPoolPublicIpSourceAmazon is a IpamPoolPublicIpSource enum value + IpamPoolPublicIpSourceAmazon = "amazon" + + // IpamPoolPublicIpSourceByoip is a IpamPoolPublicIpSource enum value + IpamPoolPublicIpSourceByoip = "byoip" +) + +// IpamPoolPublicIpSource_Values returns all elements of the IpamPoolPublicIpSource enum +func IpamPoolPublicIpSource_Values() []string { + return []string{ + IpamPoolPublicIpSourceAmazon, + IpamPoolPublicIpSourceByoip, + } +} + +const ( + // IpamPoolSourceResourceTypeVpc is a IpamPoolSourceResourceType enum value + IpamPoolSourceResourceTypeVpc = "vpc" +) + +// IpamPoolSourceResourceType_Values returns all elements of the IpamPoolSourceResourceType enum +func IpamPoolSourceResourceType_Values() []string { + return []string{ + IpamPoolSourceResourceTypeVpc, + } +} + const ( // IpamPoolStateCreateInProgress is a IpamPoolState enum value IpamPoolStateCreateInProgress = "create-in-progress" @@ -180962,6 +196558,194 @@ func IpamPoolState_Values() []string { } } +const ( + // IpamPublicAddressAssociationStatusAssociated is a IpamPublicAddressAssociationStatus enum value + IpamPublicAddressAssociationStatusAssociated = "associated" + + // IpamPublicAddressAssociationStatusDisassociated is a IpamPublicAddressAssociationStatus enum value + IpamPublicAddressAssociationStatusDisassociated = "disassociated" +) + +// IpamPublicAddressAssociationStatus_Values returns all elements of the IpamPublicAddressAssociationStatus enum +func IpamPublicAddressAssociationStatus_Values() []string { + return []string{ + IpamPublicAddressAssociationStatusAssociated, + IpamPublicAddressAssociationStatusDisassociated, + } +} + +const ( + // IpamPublicAddressAwsServiceNatGateway is a IpamPublicAddressAwsService enum value + IpamPublicAddressAwsServiceNatGateway = "nat-gateway" + + // IpamPublicAddressAwsServiceDatabaseMigrationService is a IpamPublicAddressAwsService enum value + IpamPublicAddressAwsServiceDatabaseMigrationService = "database-migration-service" + + // IpamPublicAddressAwsServiceRedshift is a IpamPublicAddressAwsService enum value + IpamPublicAddressAwsServiceRedshift = "redshift" + + // IpamPublicAddressAwsServiceElasticContainerService is a IpamPublicAddressAwsService enum value + IpamPublicAddressAwsServiceElasticContainerService = "elastic-container-service" + + // IpamPublicAddressAwsServiceRelationalDatabaseService is a IpamPublicAddressAwsService enum value + IpamPublicAddressAwsServiceRelationalDatabaseService = "relational-database-service" + + // IpamPublicAddressAwsServiceSiteToSiteVpn is a IpamPublicAddressAwsService enum value + IpamPublicAddressAwsServiceSiteToSiteVpn = "site-to-site-vpn" + + // IpamPublicAddressAwsServiceLoadBalancer is a IpamPublicAddressAwsService enum value + IpamPublicAddressAwsServiceLoadBalancer = "load-balancer" + + // IpamPublicAddressAwsServiceGlobalAccelerator is a IpamPublicAddressAwsService enum value + IpamPublicAddressAwsServiceGlobalAccelerator = "global-accelerator" + + // IpamPublicAddressAwsServiceOther is a IpamPublicAddressAwsService enum value + IpamPublicAddressAwsServiceOther = "other" +) + +// IpamPublicAddressAwsService_Values returns all elements of the IpamPublicAddressAwsService enum +func IpamPublicAddressAwsService_Values() []string { + return []string{ + IpamPublicAddressAwsServiceNatGateway, + IpamPublicAddressAwsServiceDatabaseMigrationService, + IpamPublicAddressAwsServiceRedshift, + IpamPublicAddressAwsServiceElasticContainerService, + IpamPublicAddressAwsServiceRelationalDatabaseService, + IpamPublicAddressAwsServiceSiteToSiteVpn, + IpamPublicAddressAwsServiceLoadBalancer, + IpamPublicAddressAwsServiceGlobalAccelerator, + IpamPublicAddressAwsServiceOther, + } +} + +const ( + // IpamPublicAddressTypeServiceManagedIp is a IpamPublicAddressType enum value + IpamPublicAddressTypeServiceManagedIp = "service-managed-ip" + + // IpamPublicAddressTypeServiceManagedByoip is a IpamPublicAddressType enum value + IpamPublicAddressTypeServiceManagedByoip = "service-managed-byoip" + + // IpamPublicAddressTypeAmazonOwnedEip is a IpamPublicAddressType enum value + IpamPublicAddressTypeAmazonOwnedEip = "amazon-owned-eip" + + // IpamPublicAddressTypeByoip is a IpamPublicAddressType enum value + IpamPublicAddressTypeByoip = "byoip" + + // IpamPublicAddressTypeEc2PublicIp is a IpamPublicAddressType enum value + IpamPublicAddressTypeEc2PublicIp = "ec2-public-ip" +) + +// IpamPublicAddressType_Values returns all elements of the IpamPublicAddressType enum +func IpamPublicAddressType_Values() []string { + return []string{ + IpamPublicAddressTypeServiceManagedIp, + IpamPublicAddressTypeServiceManagedByoip, + IpamPublicAddressTypeAmazonOwnedEip, + IpamPublicAddressTypeByoip, + IpamPublicAddressTypeEc2PublicIp, + } +} + +const ( + // IpamResourceDiscoveryAssociationStateAssociateInProgress is a IpamResourceDiscoveryAssociationState enum value + IpamResourceDiscoveryAssociationStateAssociateInProgress = "associate-in-progress" + + // IpamResourceDiscoveryAssociationStateAssociateComplete is a IpamResourceDiscoveryAssociationState enum value + IpamResourceDiscoveryAssociationStateAssociateComplete = "associate-complete" + + // IpamResourceDiscoveryAssociationStateAssociateFailed is a IpamResourceDiscoveryAssociationState enum value + IpamResourceDiscoveryAssociationStateAssociateFailed = "associate-failed" + + // IpamResourceDiscoveryAssociationStateDisassociateInProgress is a IpamResourceDiscoveryAssociationState enum value + IpamResourceDiscoveryAssociationStateDisassociateInProgress = "disassociate-in-progress" + + // IpamResourceDiscoveryAssociationStateDisassociateComplete is a IpamResourceDiscoveryAssociationState enum value + IpamResourceDiscoveryAssociationStateDisassociateComplete = "disassociate-complete" + + // IpamResourceDiscoveryAssociationStateDisassociateFailed is a IpamResourceDiscoveryAssociationState enum value + IpamResourceDiscoveryAssociationStateDisassociateFailed = "disassociate-failed" + + // IpamResourceDiscoveryAssociationStateIsolateInProgress is a IpamResourceDiscoveryAssociationState enum value + IpamResourceDiscoveryAssociationStateIsolateInProgress = "isolate-in-progress" + + // IpamResourceDiscoveryAssociationStateIsolateComplete is a IpamResourceDiscoveryAssociationState enum value + IpamResourceDiscoveryAssociationStateIsolateComplete = "isolate-complete" + + // IpamResourceDiscoveryAssociationStateRestoreInProgress is a IpamResourceDiscoveryAssociationState enum value + IpamResourceDiscoveryAssociationStateRestoreInProgress = "restore-in-progress" +) + +// IpamResourceDiscoveryAssociationState_Values returns all elements of the IpamResourceDiscoveryAssociationState enum +func IpamResourceDiscoveryAssociationState_Values() []string { + return []string{ + IpamResourceDiscoveryAssociationStateAssociateInProgress, + IpamResourceDiscoveryAssociationStateAssociateComplete, + IpamResourceDiscoveryAssociationStateAssociateFailed, + IpamResourceDiscoveryAssociationStateDisassociateInProgress, + IpamResourceDiscoveryAssociationStateDisassociateComplete, + IpamResourceDiscoveryAssociationStateDisassociateFailed, + IpamResourceDiscoveryAssociationStateIsolateInProgress, + IpamResourceDiscoveryAssociationStateIsolateComplete, + IpamResourceDiscoveryAssociationStateRestoreInProgress, + } +} + +const ( + // IpamResourceDiscoveryStateCreateInProgress is a IpamResourceDiscoveryState enum value + IpamResourceDiscoveryStateCreateInProgress = "create-in-progress" + + // IpamResourceDiscoveryStateCreateComplete is a IpamResourceDiscoveryState enum value + IpamResourceDiscoveryStateCreateComplete = "create-complete" + + // IpamResourceDiscoveryStateCreateFailed is a IpamResourceDiscoveryState enum value + IpamResourceDiscoveryStateCreateFailed = "create-failed" + + // IpamResourceDiscoveryStateModifyInProgress is a IpamResourceDiscoveryState enum value + IpamResourceDiscoveryStateModifyInProgress = "modify-in-progress" + + // IpamResourceDiscoveryStateModifyComplete is a IpamResourceDiscoveryState enum value + IpamResourceDiscoveryStateModifyComplete = "modify-complete" + + // IpamResourceDiscoveryStateModifyFailed is a IpamResourceDiscoveryState enum value + IpamResourceDiscoveryStateModifyFailed = "modify-failed" + + // IpamResourceDiscoveryStateDeleteInProgress is a IpamResourceDiscoveryState enum value + IpamResourceDiscoveryStateDeleteInProgress = "delete-in-progress" + + // IpamResourceDiscoveryStateDeleteComplete is a IpamResourceDiscoveryState enum value + IpamResourceDiscoveryStateDeleteComplete = "delete-complete" + + // IpamResourceDiscoveryStateDeleteFailed is a IpamResourceDiscoveryState enum value + IpamResourceDiscoveryStateDeleteFailed = "delete-failed" + + // IpamResourceDiscoveryStateIsolateInProgress is a IpamResourceDiscoveryState enum value + IpamResourceDiscoveryStateIsolateInProgress = "isolate-in-progress" + + // IpamResourceDiscoveryStateIsolateComplete is a IpamResourceDiscoveryState enum value + IpamResourceDiscoveryStateIsolateComplete = "isolate-complete" + + // IpamResourceDiscoveryStateRestoreInProgress is a IpamResourceDiscoveryState enum value + IpamResourceDiscoveryStateRestoreInProgress = "restore-in-progress" +) + +// IpamResourceDiscoveryState_Values returns all elements of the IpamResourceDiscoveryState enum +func IpamResourceDiscoveryState_Values() []string { + return []string{ + IpamResourceDiscoveryStateCreateInProgress, + IpamResourceDiscoveryStateCreateComplete, + IpamResourceDiscoveryStateCreateFailed, + IpamResourceDiscoveryStateModifyInProgress, + IpamResourceDiscoveryStateModifyComplete, + IpamResourceDiscoveryStateModifyFailed, + IpamResourceDiscoveryStateDeleteInProgress, + IpamResourceDiscoveryStateDeleteComplete, + IpamResourceDiscoveryStateDeleteFailed, + IpamResourceDiscoveryStateIsolateInProgress, + IpamResourceDiscoveryStateIsolateComplete, + IpamResourceDiscoveryStateRestoreInProgress, + } +} + const ( // IpamResourceTypeVpc is a IpamResourceType enum value IpamResourceTypeVpc = "vpc" @@ -180977,6 +196761,9 @@ const ( // IpamResourceTypeIpv6Pool is a IpamResourceType enum value IpamResourceTypeIpv6Pool = "ipv6-pool" + + // IpamResourceTypeEni is a IpamResourceType enum value + IpamResourceTypeEni = "eni" ) // IpamResourceType_Values returns all elements of the IpamResourceType enum @@ -180987,6 +196774,7 @@ func IpamResourceType_Values() []string { IpamResourceTypeEip, IpamResourceTypePublicIpv4Pool, IpamResourceTypeIpv6Pool, + IpamResourceTypeEni, } } @@ -181118,6 +196906,22 @@ func IpamState_Values() []string { } } +const ( + // IpamTierFree is a IpamTier enum value + IpamTierFree = "free" + + // IpamTierAdvanced is a IpamTier enum value + IpamTierAdvanced = "advanced" +) + +// IpamTier_Values returns all elements of the IpamTier enum +func IpamTier_Values() []string { + return []string{ + IpamTierFree, + IpamTierAdvanced, + } +} + const ( // Ipv6SupportValueEnable is a Ipv6SupportValue enum value Ipv6SupportValueEnable = "enable" @@ -181447,6 +197251,9 @@ const ( // LocationTypeAvailabilityZoneId is a LocationType enum value LocationTypeAvailabilityZoneId = "availability-zone-id" + + // LocationTypeOutpost is a LocationType enum value + LocationTypeOutpost = "outpost" ) // LocationType_Values returns all elements of the LocationType enum @@ -181455,6 +197262,47 @@ func LocationType_Values() []string { LocationTypeRegion, LocationTypeAvailabilityZone, LocationTypeAvailabilityZoneId, + LocationTypeOutpost, + } +} + +const ( + // LockModeCompliance is a LockMode enum value + LockModeCompliance = "compliance" + + // LockModeGovernance is a LockMode enum value + LockModeGovernance = "governance" +) + +// LockMode_Values returns all elements of the LockMode enum +func LockMode_Values() []string { + return []string{ + LockModeCompliance, + LockModeGovernance, + } +} + +const ( + // LockStateCompliance is a LockState enum value + LockStateCompliance = "compliance" + + // LockStateGovernance is a LockState enum value + LockStateGovernance = "governance" + + // LockStateComplianceCooloff is a LockState enum value + LockStateComplianceCooloff = "compliance-cooloff" + + // LockStateExpired is a LockState enum value + LockStateExpired = "expired" +) + +// LockState_Values returns all elements of the LockState enum +func LockState_Values() []string { + return []string{ + LockStateCompliance, + LockStateGovernance, + LockStateComplianceCooloff, + LockStateExpired, } } @@ -181481,12 +197329,16 @@ func LogDestinationType_Values() []string { const ( // MarketTypeSpot is a MarketType enum value MarketTypeSpot = "spot" + + // MarketTypeCapacityBlock is a MarketType enum value + MarketTypeCapacityBlock = "capacity-block" ) // MarketType_Values returns all elements of the MarketType enum func MarketType_Values() []string { return []string{ MarketTypeSpot, + MarketTypeCapacityBlock, } } @@ -181590,6 +197442,38 @@ func MulticastSupportValue_Values() []string { } } +const ( + // NatGatewayAddressStatusAssigning is a NatGatewayAddressStatus enum value + NatGatewayAddressStatusAssigning = "assigning" + + // NatGatewayAddressStatusUnassigning is a NatGatewayAddressStatus enum value + NatGatewayAddressStatusUnassigning = "unassigning" + + // NatGatewayAddressStatusAssociating is a NatGatewayAddressStatus enum value + NatGatewayAddressStatusAssociating = "associating" + + // NatGatewayAddressStatusDisassociating is a NatGatewayAddressStatus enum value + NatGatewayAddressStatusDisassociating = "disassociating" + + // NatGatewayAddressStatusSucceeded is a NatGatewayAddressStatus enum value + NatGatewayAddressStatusSucceeded = "succeeded" + + // NatGatewayAddressStatusFailed is a NatGatewayAddressStatus enum value + NatGatewayAddressStatusFailed = "failed" +) + +// NatGatewayAddressStatus_Values returns all elements of the NatGatewayAddressStatus enum +func NatGatewayAddressStatus_Values() []string { + return []string{ + NatGatewayAddressStatusAssigning, + NatGatewayAddressStatusUnassigning, + NatGatewayAddressStatusAssociating, + NatGatewayAddressStatusDisassociating, + NatGatewayAddressStatusSucceeded, + NatGatewayAddressStatusFailed, + } +} + const ( // NatGatewayStatePending is a NatGatewayState enum value NatGatewayStatePending = "pending" @@ -181790,6 +197674,38 @@ func NetworkInterfaceType_Values() []string { } } +const ( + // NitroEnclavesSupportUnsupported is a NitroEnclavesSupport enum value + NitroEnclavesSupportUnsupported = "unsupported" + + // NitroEnclavesSupportSupported is a NitroEnclavesSupport enum value + NitroEnclavesSupportSupported = "supported" +) + +// NitroEnclavesSupport_Values returns all elements of the NitroEnclavesSupport enum +func NitroEnclavesSupport_Values() []string { + return []string{ + NitroEnclavesSupportUnsupported, + NitroEnclavesSupportSupported, + } +} + +const ( + // NitroTpmSupportUnsupported is a NitroTpmSupport enum value + NitroTpmSupportUnsupported = "unsupported" + + // NitroTpmSupportSupported is a NitroTpmSupport enum value + NitroTpmSupportSupported = "supported" +) + +// NitroTpmSupport_Values returns all elements of the NitroTpmSupport enum +func NitroTpmSupport_Values() []string { + return []string{ + NitroTpmSupportUnsupported, + NitroTpmSupportSupported, + } +} + const ( // OfferingClassTypeStandard is a OfferingClassType enum value OfferingClassTypeStandard = "standard" @@ -182651,6 +198567,15 @@ const ( // ResourceTypeVpcBlockPublicAccessExclusion is a ResourceType enum value ResourceTypeVpcBlockPublicAccessExclusion = "vpc-block-public-access-exclusion" + + // ResourceTypeIpamResourceDiscovery is a ResourceType enum value + ResourceTypeIpamResourceDiscovery = "ipam-resource-discovery" + + // ResourceTypeIpamResourceDiscoveryAssociation is a ResourceType enum value + ResourceTypeIpamResourceDiscoveryAssociation = "ipam-resource-discovery-association" + + // ResourceTypeInstanceConnectEndpoint is a ResourceType enum value + ResourceTypeInstanceConnectEndpoint = "instance-connect-endpoint" ) // ResourceType_Values returns all elements of the ResourceType enum @@ -182739,6 +198664,9 @@ func ResourceType_Values() []string { ResourceTypeVerifiedAccessTrustProvider, ResourceTypeVpnConnectionDeviceType, ResourceTypeVpcBlockPublicAccessExclusion, + ResourceTypeIpamResourceDiscovery, + ResourceTypeIpamResourceDiscoveryAssociation, + ResourceTypeInstanceConnectEndpoint, } } @@ -182838,6 +198766,26 @@ func RuleAction_Values() []string { } } +const ( + // SSETypeSseEbs is a SSEType enum value + SSETypeSseEbs = "sse-ebs" + + // SSETypeSseKms is a SSEType enum value + SSETypeSseKms = "sse-kms" + + // SSETypeNone is a SSEType enum value + SSETypeNone = "none" +) + +// SSEType_Values returns all elements of the SSEType enum +func SSEType_Values() []string { + return []string{ + SSETypeSseEbs, + SSETypeSseKms, + SSETypeNone, + } +} + const ( // ScopeAvailabilityZone is a Scope enum value ScopeAvailabilityZone = "Availability Zone" @@ -182854,6 +198802,22 @@ func Scope_Values() []string { } } +const ( + // SecurityGroupReferencingSupportValueEnable is a SecurityGroupReferencingSupportValue enum value + SecurityGroupReferencingSupportValueEnable = "enable" + + // SecurityGroupReferencingSupportValueDisable is a SecurityGroupReferencingSupportValue enum value + SecurityGroupReferencingSupportValueDisable = "disable" +) + +// SecurityGroupReferencingSupportValue_Values returns all elements of the SecurityGroupReferencingSupportValue enum +func SecurityGroupReferencingSupportValue_Values() []string { + return []string{ + SecurityGroupReferencingSupportValueEnable, + SecurityGroupReferencingSupportValueDisable, + } +} + const ( // SelfServicePortalEnabled is a SelfServicePortal enum value SelfServicePortalEnabled = "enabled" @@ -182966,6 +198930,26 @@ func SnapshotAttributeName_Values() []string { } } +const ( + // SnapshotBlockPublicAccessStateBlockAllSharing is a SnapshotBlockPublicAccessState enum value + SnapshotBlockPublicAccessStateBlockAllSharing = "block-all-sharing" + + // SnapshotBlockPublicAccessStateBlockNewSharing is a SnapshotBlockPublicAccessState enum value + SnapshotBlockPublicAccessStateBlockNewSharing = "block-new-sharing" + + // SnapshotBlockPublicAccessStateUnblocked is a SnapshotBlockPublicAccessState enum value + SnapshotBlockPublicAccessStateUnblocked = "unblocked" +) + +// SnapshotBlockPublicAccessState_Values returns all elements of the SnapshotBlockPublicAccessState enum +func SnapshotBlockPublicAccessState_Values() []string { + return []string{ + SnapshotBlockPublicAccessStateBlockAllSharing, + SnapshotBlockPublicAccessStateBlockNewSharing, + SnapshotBlockPublicAccessStateUnblocked, + } +} + const ( // SnapshotStatePending is a SnapshotState enum value SnapshotStatePending = "pending" @@ -183057,6 +199041,9 @@ const ( // SpotInstanceStateFailed is a SpotInstanceState enum value SpotInstanceStateFailed = "failed" + + // SpotInstanceStateDisabled is a SpotInstanceState enum value + SpotInstanceStateDisabled = "disabled" ) // SpotInstanceState_Values returns all elements of the SpotInstanceState enum @@ -183067,6 +199054,7 @@ func SpotInstanceState_Values() []string { SpotInstanceStateClosed, SpotInstanceStateCancelled, SpotInstanceStateFailed, + SpotInstanceStateDisabled, } } @@ -183296,6 +199284,9 @@ const ( // SubnetStateAvailable is a SubnetState enum value SubnetStateAvailable = "available" + + // SubnetStateUnavailable is a SubnetState enum value + SubnetStateUnavailable = "unavailable" ) // SubnetState_Values returns all elements of the SubnetState enum @@ -183303,6 +199294,7 @@ func SubnetState_Values() []string { return []string{ SubnetStatePending, SubnetStateAvailable, + SubnetStateUnavailable, } } @@ -183334,6 +199326,18 @@ func SummaryStatus_Values() []string { } } +const ( + // SupportedAdditionalProcessorFeatureAmdSevSnp is a SupportedAdditionalProcessorFeature enum value + SupportedAdditionalProcessorFeatureAmdSevSnp = "amd-sev-snp" +) + +// SupportedAdditionalProcessorFeature_Values returns all elements of the SupportedAdditionalProcessorFeature enum +func SupportedAdditionalProcessorFeature_Values() []string { + return []string{ + SupportedAdditionalProcessorFeatureAmdSevSnp, + } +} + const ( // TargetCapacityUnitTypeVcpu is a TargetCapacityUnitType enum value TargetCapacityUnitTypeVcpu = "vcpu" @@ -184104,6 +200108,9 @@ const ( // UsageClassTypeOnDemand is a UsageClassType enum value UsageClassTypeOnDemand = "on-demand" + + // UsageClassTypeCapacityBlock is a UsageClassType enum value + UsageClassTypeCapacityBlock = "capacity-block" ) // UsageClassType_Values returns all elements of the UsageClassType enum @@ -184111,6 +200118,7 @@ func UsageClassType_Values() []string { return []string{ UsageClassTypeSpot, UsageClassTypeOnDemand, + UsageClassTypeCapacityBlock, } } diff --git a/ecs-agent/vendor/github.com/aws/aws-sdk-go/service/ec2/customizations.go b/ecs-agent/vendor/github.com/aws/aws-sdk-go/service/ec2/customizations.go index 5b5395356fa..621712d29f0 100644 --- a/ecs-agent/vendor/github.com/aws/aws-sdk-go/service/ec2/customizations.go +++ b/ecs-agent/vendor/github.com/aws/aws-sdk-go/service/ec2/customizations.go @@ -11,6 +11,9 @@ import ( ) const ( + // ec2CopySnapshotPresignedUrlCustomization handler name + ec2CopySnapshotPresignedUrlCustomization = "ec2CopySnapshotPresignedUrl" + // customRetryerMinRetryDelay sets min retry delay customRetryerMinRetryDelay = 1 * time.Second @@ -21,7 +24,10 @@ const ( func init() { initRequest = func(r *request.Request) { if r.Operation.Name == opCopySnapshot { // fill the PresignedURL parameter - r.Handlers.Build.PushFront(fillPresignedURL) + r.Handlers.Build.PushFrontNamed(request.NamedHandler{ + Name: ec2CopySnapshotPresignedUrlCustomization, + Fn: fillPresignedURL, + }) } // only set the retryer on request if config doesn't have a retryer @@ -48,13 +54,15 @@ func fillPresignedURL(r *request.Request) { origParams := r.Params.(*CopySnapshotInput) - // Stop if PresignedURL/DestinationRegion is set - if origParams.PresignedUrl != nil || origParams.DestinationRegion != nil { + // Stop if PresignedURL is set + if origParams.PresignedUrl != nil { return } + // Always use config region as destination region for SDKs origParams.DestinationRegion = r.Config.Region - newParams := awsutil.CopyOf(r.Params).(*CopySnapshotInput) + + newParams := awsutil.CopyOf(origParams).(*CopySnapshotInput) // Create a new request based on the existing request. We will use this to // presign the CopySnapshot request against the source region. @@ -82,8 +90,12 @@ func fillPresignedURL(r *request.Request) { clientInfo.Endpoint = resolved.URL clientInfo.SigningRegion = resolved.SigningRegion + // Copy handlers without Presigned URL customization to avoid an infinite loop + handlersWithoutPresignCustomization := r.Handlers.Copy() + handlersWithoutPresignCustomization.Build.RemoveByName(ec2CopySnapshotPresignedUrlCustomization) + // Presign a CopySnapshot request with modified params - req := request.New(*cfg, clientInfo, r.Handlers, r.Retryer, r.Operation, newParams, r.Data) + req := request.New(*cfg, clientInfo, handlersWithoutPresignCustomization, r.Retryer, r.Operation, newParams, r.Data) url, err := req.Presign(5 * time.Minute) // 5 minutes should be enough. if err != nil { // bubble error back up to original request r.Error = err diff --git a/ecs-agent/vendor/github.com/aws/aws-sdk-go/service/ec2/doc.go b/ecs-agent/vendor/github.com/aws/aws-sdk-go/service/ec2/doc.go index d563a9fb230..7cd3917611c 100644 --- a/ecs-agent/vendor/github.com/aws/aws-sdk-go/service/ec2/doc.go +++ b/ecs-agent/vendor/github.com/aws/aws-sdk-go/service/ec2/doc.go @@ -3,30 +3,9 @@ // Package ec2 provides the client and types for making API // requests to Amazon Elastic Compute Cloud. // -// Amazon Elastic Compute Cloud (Amazon EC2) provides secure and resizable computing -// capacity in the Amazon Web Services Cloud. Using Amazon EC2 eliminates the -// need to invest in hardware up front, so you can develop and deploy applications -// faster. Amazon Virtual Private Cloud (Amazon VPC) enables you to provision -// a logically isolated section of the Amazon Web Services Cloud where you can -// launch Amazon Web Services resources in a virtual network that you've defined. -// Amazon Elastic Block Store (Amazon EBS) provides block level storage volumes -// for use with EC2 instances. EBS volumes are highly available and reliable -// storage volumes that can be attached to any running instance and used like -// a hard drive. -// -// To learn more, see the following resources: -// -// - Amazon EC2: AmazonEC2 product page (http://aws.amazon.com/ec2), Amazon -// EC2 documentation (http://aws.amazon.com/documentation/ec2) -// -// - Amazon EBS: Amazon EBS product page (http://aws.amazon.com/ebs), Amazon -// EBS documentation (http://aws.amazon.com/documentation/ebs) -// -// - Amazon VPC: Amazon VPC product page (http://aws.amazon.com/vpc), Amazon -// VPC documentation (http://aws.amazon.com/documentation/vpc) -// -// - Amazon Web Services VPN: Amazon Web Services VPN product page (http://aws.amazon.com/vpn), -// Amazon Web Services VPN documentation (http://aws.amazon.com/documentation/vpn) +// You can access the features of Amazon Elastic Compute Cloud (Amazon EC2) +// programmatically. For more information, see the Amazon EC2 Developer Guide +// (https://docs.aws.amazon.com/ec2/latest/devguide). // // See https://docs.aws.amazon.com/goto/WebAPI/ec2-2016-11-15 for more information on this service. // diff --git a/ecs-agent/vendor/github.com/aws/aws-sdk-go/service/ec2/waiters.go b/ecs-agent/vendor/github.com/aws/aws-sdk-go/service/ec2/waiters.go index a10de4f3f13..6dc68faf7a8 100644 --- a/ecs-agent/vendor/github.com/aws/aws-sdk-go/service/ec2/waiters.go +++ b/ecs-agent/vendor/github.com/aws/aws-sdk-go/service/ec2/waiters.go @@ -1156,6 +1156,57 @@ func (c *EC2) WaitUntilSnapshotCompletedWithContext(ctx aws.Context, input *Desc return w.WaitWithContext(ctx) } +// WaitUntilSnapshotImported uses the Amazon EC2 API operation +// DescribeImportSnapshotTasks to wait for a condition to be met before returning. +// If the condition is not met within the max attempt window, an error will +// be returned. +func (c *EC2) WaitUntilSnapshotImported(input *DescribeImportSnapshotTasksInput) error { + return c.WaitUntilSnapshotImportedWithContext(aws.BackgroundContext(), input) +} + +// WaitUntilSnapshotImportedWithContext is an extended version of WaitUntilSnapshotImported. +// With the support for passing in a context and options to configure the +// Waiter and the underlying request options. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) WaitUntilSnapshotImportedWithContext(ctx aws.Context, input *DescribeImportSnapshotTasksInput, opts ...request.WaiterOption) error { + w := request.Waiter{ + Name: "WaitUntilSnapshotImported", + MaxAttempts: 40, + Delay: request.ConstantWaiterDelay(15 * time.Second), + Acceptors: []request.WaiterAcceptor{ + { + State: request.SuccessWaiterState, + Matcher: request.PathAllWaiterMatch, Argument: "ImportSnapshotTasks[].SnapshotTaskDetail.Status", + Expected: "completed", + }, + { + State: request.FailureWaiterState, + Matcher: request.PathAnyWaiterMatch, Argument: "ImportSnapshotTasks[].SnapshotTaskDetail.Status", + Expected: "error", + }, + }, + Logger: c.Config.Logger, + NewRequest: func(opts []request.Option) (*request.Request, error) { + var inCpy *DescribeImportSnapshotTasksInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.DescribeImportSnapshotTasksRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + w.ApplyOptions(opts...) + + return w.WaitWithContext(ctx) +} + // WaitUntilSpotInstanceRequestFulfilled uses the Amazon EC2 API operation // DescribeSpotInstanceRequests to wait for a condition to be met before returning. // If the condition is not met within the max attempt window, an error will @@ -1232,6 +1283,62 @@ func (c *EC2) WaitUntilSpotInstanceRequestFulfilledWithContext(ctx aws.Context, return w.WaitWithContext(ctx) } +// WaitUntilStoreImageTaskComplete uses the Amazon EC2 API operation +// DescribeStoreImageTasks to wait for a condition to be met before returning. +// If the condition is not met within the max attempt window, an error will +// be returned. +func (c *EC2) WaitUntilStoreImageTaskComplete(input *DescribeStoreImageTasksInput) error { + return c.WaitUntilStoreImageTaskCompleteWithContext(aws.BackgroundContext(), input) +} + +// WaitUntilStoreImageTaskCompleteWithContext is an extended version of WaitUntilStoreImageTaskComplete. +// With the support for passing in a context and options to configure the +// Waiter and the underlying request options. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *EC2) WaitUntilStoreImageTaskCompleteWithContext(ctx aws.Context, input *DescribeStoreImageTasksInput, opts ...request.WaiterOption) error { + w := request.Waiter{ + Name: "WaitUntilStoreImageTaskComplete", + MaxAttempts: 40, + Delay: request.ConstantWaiterDelay(5 * time.Second), + Acceptors: []request.WaiterAcceptor{ + { + State: request.SuccessWaiterState, + Matcher: request.PathAllWaiterMatch, Argument: "StoreImageTaskResults[].StoreTaskState", + Expected: "Completed", + }, + { + State: request.FailureWaiterState, + Matcher: request.PathAnyWaiterMatch, Argument: "StoreImageTaskResults[].StoreTaskState", + Expected: "Failed", + }, + { + State: request.RetryWaiterState, + Matcher: request.PathAnyWaiterMatch, Argument: "StoreImageTaskResults[].StoreTaskState", + Expected: "InProgress", + }, + }, + Logger: c.Config.Logger, + NewRequest: func(opts []request.Option) (*request.Request, error) { + var inCpy *DescribeStoreImageTasksInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.DescribeStoreImageTasksRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + w.ApplyOptions(opts...) + + return w.WaitWithContext(ctx) +} + // WaitUntilSubnetAvailable uses the Amazon EC2 API operation // DescribeSubnets to wait for a condition to be met before returning. // If the condition is not met within the max attempt window, an error will diff --git a/ecs-agent/vendor/github.com/aws/aws-sdk-go/service/ssooidc/api.go b/ecs-agent/vendor/github.com/aws/aws-sdk-go/service/ssooidc/api.go new file mode 100644 index 00000000000..04f6c811b63 --- /dev/null +++ b/ecs-agent/vendor/github.com/aws/aws-sdk-go/service/ssooidc/api.go @@ -0,0 +1,2252 @@ +// Code generated by private/model/cli/gen-api/main.go. DO NOT EDIT. + +package ssooidc + +import ( + "fmt" + + "github.com/aws/aws-sdk-go/aws" + "github.com/aws/aws-sdk-go/aws/awsutil" + "github.com/aws/aws-sdk-go/aws/credentials" + "github.com/aws/aws-sdk-go/aws/request" + "github.com/aws/aws-sdk-go/private/protocol" +) + +const opCreateToken = "CreateToken" + +// CreateTokenRequest generates a "aws/request.Request" representing the +// client's request for the CreateToken operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See CreateToken for more information on using the CreateToken +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the CreateTokenRequest method. +// req, resp := client.CreateTokenRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/sso-oidc-2019-06-10/CreateToken +func (c *SSOOIDC) CreateTokenRequest(input *CreateTokenInput) (req *request.Request, output *CreateTokenOutput) { + op := &request.Operation{ + Name: opCreateToken, + HTTPMethod: "POST", + HTTPPath: "/token", + } + + if input == nil { + input = &CreateTokenInput{} + } + + output = &CreateTokenOutput{} + req = c.newRequest(op, input, output) + req.Config.Credentials = credentials.AnonymousCredentials + return +} + +// CreateToken API operation for AWS SSO OIDC. +// +// Creates and returns access and refresh tokens for clients that are authenticated +// using client secrets. The access token can be used to fetch short-term credentials +// for the assigned AWS accounts or to access application APIs using bearer +// authentication. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for AWS SSO OIDC's +// API operation CreateToken for usage and error information. +// +// Returned Error Types: +// +// - InvalidRequestException +// Indicates that something is wrong with the input to the request. For example, +// a required parameter might be missing or out of range. +// +// - InvalidClientException +// Indicates that the clientId or clientSecret in the request is invalid. For +// example, this can occur when a client sends an incorrect clientId or an expired +// clientSecret. +// +// - InvalidGrantException +// Indicates that a request contains an invalid grant. This can occur if a client +// makes a CreateToken request with an invalid grant type. +// +// - UnauthorizedClientException +// Indicates that the client is not currently authorized to make the request. +// This can happen when a clientId is not issued for a public client. +// +// - UnsupportedGrantTypeException +// Indicates that the grant type in the request is not supported by the service. +// +// - InvalidScopeException +// Indicates that the scope provided in the request is invalid. +// +// - AuthorizationPendingException +// Indicates that a request to authorize a client with an access user session +// token is pending. +// +// - SlowDownException +// Indicates that the client is making the request too frequently and is more +// than the service can handle. +// +// - AccessDeniedException +// You do not have sufficient access to perform this action. +// +// - ExpiredTokenException +// Indicates that the token issued by the service is expired and is no longer +// valid. +// +// - InternalServerException +// Indicates that an error from the service occurred while trying to process +// a request. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/sso-oidc-2019-06-10/CreateToken +func (c *SSOOIDC) CreateToken(input *CreateTokenInput) (*CreateTokenOutput, error) { + req, out := c.CreateTokenRequest(input) + return out, req.Send() +} + +// CreateTokenWithContext is the same as CreateToken with the addition of +// the ability to pass a context and additional request options. +// +// See CreateToken for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *SSOOIDC) CreateTokenWithContext(ctx aws.Context, input *CreateTokenInput, opts ...request.Option) (*CreateTokenOutput, error) { + req, out := c.CreateTokenRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opCreateTokenWithIAM = "CreateTokenWithIAM" + +// CreateTokenWithIAMRequest generates a "aws/request.Request" representing the +// client's request for the CreateTokenWithIAM operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See CreateTokenWithIAM for more information on using the CreateTokenWithIAM +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the CreateTokenWithIAMRequest method. +// req, resp := client.CreateTokenWithIAMRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/sso-oidc-2019-06-10/CreateTokenWithIAM +func (c *SSOOIDC) CreateTokenWithIAMRequest(input *CreateTokenWithIAMInput) (req *request.Request, output *CreateTokenWithIAMOutput) { + op := &request.Operation{ + Name: opCreateTokenWithIAM, + HTTPMethod: "POST", + HTTPPath: "/token?aws_iam=t", + } + + if input == nil { + input = &CreateTokenWithIAMInput{} + } + + output = &CreateTokenWithIAMOutput{} + req = c.newRequest(op, input, output) + return +} + +// CreateTokenWithIAM API operation for AWS SSO OIDC. +// +// Creates and returns access and refresh tokens for clients and applications +// that are authenticated using IAM entities. The access token can be used to +// fetch short-term credentials for the assigned AWS accounts or to access application +// APIs using bearer authentication. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for AWS SSO OIDC's +// API operation CreateTokenWithIAM for usage and error information. +// +// Returned Error Types: +// +// - InvalidRequestException +// Indicates that something is wrong with the input to the request. For example, +// a required parameter might be missing or out of range. +// +// - InvalidClientException +// Indicates that the clientId or clientSecret in the request is invalid. For +// example, this can occur when a client sends an incorrect clientId or an expired +// clientSecret. +// +// - InvalidGrantException +// Indicates that a request contains an invalid grant. This can occur if a client +// makes a CreateToken request with an invalid grant type. +// +// - UnauthorizedClientException +// Indicates that the client is not currently authorized to make the request. +// This can happen when a clientId is not issued for a public client. +// +// - UnsupportedGrantTypeException +// Indicates that the grant type in the request is not supported by the service. +// +// - InvalidScopeException +// Indicates that the scope provided in the request is invalid. +// +// - AuthorizationPendingException +// Indicates that a request to authorize a client with an access user session +// token is pending. +// +// - SlowDownException +// Indicates that the client is making the request too frequently and is more +// than the service can handle. +// +// - AccessDeniedException +// You do not have sufficient access to perform this action. +// +// - ExpiredTokenException +// Indicates that the token issued by the service is expired and is no longer +// valid. +// +// - InternalServerException +// Indicates that an error from the service occurred while trying to process +// a request. +// +// - InvalidRequestRegionException +// Indicates that a token provided as input to the request was issued by and +// is only usable by calling IAM Identity Center endpoints in another region. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/sso-oidc-2019-06-10/CreateTokenWithIAM +func (c *SSOOIDC) CreateTokenWithIAM(input *CreateTokenWithIAMInput) (*CreateTokenWithIAMOutput, error) { + req, out := c.CreateTokenWithIAMRequest(input) + return out, req.Send() +} + +// CreateTokenWithIAMWithContext is the same as CreateTokenWithIAM with the addition of +// the ability to pass a context and additional request options. +// +// See CreateTokenWithIAM for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *SSOOIDC) CreateTokenWithIAMWithContext(ctx aws.Context, input *CreateTokenWithIAMInput, opts ...request.Option) (*CreateTokenWithIAMOutput, error) { + req, out := c.CreateTokenWithIAMRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opRegisterClient = "RegisterClient" + +// RegisterClientRequest generates a "aws/request.Request" representing the +// client's request for the RegisterClient operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See RegisterClient for more information on using the RegisterClient +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the RegisterClientRequest method. +// req, resp := client.RegisterClientRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/sso-oidc-2019-06-10/RegisterClient +func (c *SSOOIDC) RegisterClientRequest(input *RegisterClientInput) (req *request.Request, output *RegisterClientOutput) { + op := &request.Operation{ + Name: opRegisterClient, + HTTPMethod: "POST", + HTTPPath: "/client/register", + } + + if input == nil { + input = &RegisterClientInput{} + } + + output = &RegisterClientOutput{} + req = c.newRequest(op, input, output) + req.Config.Credentials = credentials.AnonymousCredentials + return +} + +// RegisterClient API operation for AWS SSO OIDC. +// +// Registers a client with IAM Identity Center. This allows clients to initiate +// device authorization. The output should be persisted for reuse through many +// authentication requests. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for AWS SSO OIDC's +// API operation RegisterClient for usage and error information. +// +// Returned Error Types: +// +// - InvalidRequestException +// Indicates that something is wrong with the input to the request. For example, +// a required parameter might be missing or out of range. +// +// - InvalidScopeException +// Indicates that the scope provided in the request is invalid. +// +// - InvalidClientMetadataException +// Indicates that the client information sent in the request during registration +// is invalid. +// +// - InternalServerException +// Indicates that an error from the service occurred while trying to process +// a request. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/sso-oidc-2019-06-10/RegisterClient +func (c *SSOOIDC) RegisterClient(input *RegisterClientInput) (*RegisterClientOutput, error) { + req, out := c.RegisterClientRequest(input) + return out, req.Send() +} + +// RegisterClientWithContext is the same as RegisterClient with the addition of +// the ability to pass a context and additional request options. +// +// See RegisterClient for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *SSOOIDC) RegisterClientWithContext(ctx aws.Context, input *RegisterClientInput, opts ...request.Option) (*RegisterClientOutput, error) { + req, out := c.RegisterClientRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opStartDeviceAuthorization = "StartDeviceAuthorization" + +// StartDeviceAuthorizationRequest generates a "aws/request.Request" representing the +// client's request for the StartDeviceAuthorization operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See StartDeviceAuthorization for more information on using the StartDeviceAuthorization +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the StartDeviceAuthorizationRequest method. +// req, resp := client.StartDeviceAuthorizationRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/sso-oidc-2019-06-10/StartDeviceAuthorization +func (c *SSOOIDC) StartDeviceAuthorizationRequest(input *StartDeviceAuthorizationInput) (req *request.Request, output *StartDeviceAuthorizationOutput) { + op := &request.Operation{ + Name: opStartDeviceAuthorization, + HTTPMethod: "POST", + HTTPPath: "/device_authorization", + } + + if input == nil { + input = &StartDeviceAuthorizationInput{} + } + + output = &StartDeviceAuthorizationOutput{} + req = c.newRequest(op, input, output) + req.Config.Credentials = credentials.AnonymousCredentials + return +} + +// StartDeviceAuthorization API operation for AWS SSO OIDC. +// +// Initiates device authorization by requesting a pair of verification codes +// from the authorization service. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for AWS SSO OIDC's +// API operation StartDeviceAuthorization for usage and error information. +// +// Returned Error Types: +// +// - InvalidRequestException +// Indicates that something is wrong with the input to the request. For example, +// a required parameter might be missing or out of range. +// +// - InvalidClientException +// Indicates that the clientId or clientSecret in the request is invalid. For +// example, this can occur when a client sends an incorrect clientId or an expired +// clientSecret. +// +// - UnauthorizedClientException +// Indicates that the client is not currently authorized to make the request. +// This can happen when a clientId is not issued for a public client. +// +// - SlowDownException +// Indicates that the client is making the request too frequently and is more +// than the service can handle. +// +// - InternalServerException +// Indicates that an error from the service occurred while trying to process +// a request. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/sso-oidc-2019-06-10/StartDeviceAuthorization +func (c *SSOOIDC) StartDeviceAuthorization(input *StartDeviceAuthorizationInput) (*StartDeviceAuthorizationOutput, error) { + req, out := c.StartDeviceAuthorizationRequest(input) + return out, req.Send() +} + +// StartDeviceAuthorizationWithContext is the same as StartDeviceAuthorization with the addition of +// the ability to pass a context and additional request options. +// +// See StartDeviceAuthorization for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *SSOOIDC) StartDeviceAuthorizationWithContext(ctx aws.Context, input *StartDeviceAuthorizationInput, opts ...request.Option) (*StartDeviceAuthorizationOutput, error) { + req, out := c.StartDeviceAuthorizationRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +// You do not have sufficient access to perform this action. +type AccessDeniedException struct { + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` + + // Single error code. For this exception the value will be access_denied. + Error_ *string `locationName:"error" type:"string"` + + // Human-readable text providing additional information, used to assist the + // client developer in understanding the error that occurred. + Error_description *string `locationName:"error_description" type:"string"` + + Message_ *string `locationName:"message" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s AccessDeniedException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s AccessDeniedException) GoString() string { + return s.String() +} + +func newErrorAccessDeniedException(v protocol.ResponseMetadata) error { + return &AccessDeniedException{ + RespMetadata: v, + } +} + +// Code returns the exception type name. +func (s *AccessDeniedException) Code() string { + return "AccessDeniedException" +} + +// Message returns the exception's message. +func (s *AccessDeniedException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s *AccessDeniedException) OrigErr() error { + return nil +} + +func (s *AccessDeniedException) Error() string { + return fmt.Sprintf("%s: %s\n%s", s.Code(), s.Message(), s.String()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s *AccessDeniedException) StatusCode() int { + return s.RespMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s *AccessDeniedException) RequestID() string { + return s.RespMetadata.RequestID +} + +// Indicates that a request to authorize a client with an access user session +// token is pending. +type AuthorizationPendingException struct { + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` + + // Single error code. For this exception the value will be authorization_pending. + Error_ *string `locationName:"error" type:"string"` + + // Human-readable text providing additional information, used to assist the + // client developer in understanding the error that occurred. + Error_description *string `locationName:"error_description" type:"string"` + + Message_ *string `locationName:"message" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s AuthorizationPendingException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s AuthorizationPendingException) GoString() string { + return s.String() +} + +func newErrorAuthorizationPendingException(v protocol.ResponseMetadata) error { + return &AuthorizationPendingException{ + RespMetadata: v, + } +} + +// Code returns the exception type name. +func (s *AuthorizationPendingException) Code() string { + return "AuthorizationPendingException" +} + +// Message returns the exception's message. +func (s *AuthorizationPendingException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s *AuthorizationPendingException) OrigErr() error { + return nil +} + +func (s *AuthorizationPendingException) Error() string { + return fmt.Sprintf("%s: %s\n%s", s.Code(), s.Message(), s.String()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s *AuthorizationPendingException) StatusCode() int { + return s.RespMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s *AuthorizationPendingException) RequestID() string { + return s.RespMetadata.RequestID +} + +type CreateTokenInput struct { + _ struct{} `type:"structure"` + + // The unique identifier string for the client or application. This value comes + // from the result of the RegisterClient API. + // + // ClientId is a required field + ClientId *string `locationName:"clientId" type:"string" required:"true"` + + // A secret string generated for the client. This value should come from the + // persisted result of the RegisterClient API. + // + // ClientSecret is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by CreateTokenInput's + // String and GoString methods. + // + // ClientSecret is a required field + ClientSecret *string `locationName:"clientSecret" type:"string" required:"true" sensitive:"true"` + + // Used only when calling this API for the Authorization Code grant type. The + // short-term code is used to identify this authorization request. This grant + // type is currently unsupported for the CreateToken API. + Code *string `locationName:"code" type:"string"` + + // Used only when calling this API for the Device Code grant type. This short-term + // code is used to identify this authorization request. This comes from the + // result of the StartDeviceAuthorization API. + DeviceCode *string `locationName:"deviceCode" type:"string"` + + // Supports the following OAuth grant types: Device Code and Refresh Token. + // Specify either of the following values, depending on the grant type that + // you want: + // + // * Device Code - urn:ietf:params:oauth:grant-type:device_code + // + // * Refresh Token - refresh_token + // + // For information about how to obtain the device code, see the StartDeviceAuthorization + // topic. + // + // GrantType is a required field + GrantType *string `locationName:"grantType" type:"string" required:"true"` + + // Used only when calling this API for the Authorization Code grant type. This + // value specifies the location of the client or application that has registered + // to receive the authorization code. + RedirectUri *string `locationName:"redirectUri" type:"string"` + + // Used only when calling this API for the Refresh Token grant type. This token + // is used to refresh short-term tokens, such as the access token, that might + // expire. + // + // For more information about the features and limitations of the current IAM + // Identity Center OIDC implementation, see Considerations for Using this Guide + // in the IAM Identity Center OIDC API Reference (https://docs.aws.amazon.com/singlesignon/latest/OIDCAPIReference/Welcome.html). + // + // RefreshToken is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by CreateTokenInput's + // String and GoString methods. + RefreshToken *string `locationName:"refreshToken" type:"string" sensitive:"true"` + + // The list of scopes for which authorization is requested. The access token + // that is issued is limited to the scopes that are granted. If this value is + // not specified, IAM Identity Center authorizes all scopes that are configured + // for the client during the call to RegisterClient. + Scope []*string `locationName:"scope" type:"list"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CreateTokenInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CreateTokenInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *CreateTokenInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "CreateTokenInput"} + if s.ClientId == nil { + invalidParams.Add(request.NewErrParamRequired("ClientId")) + } + if s.ClientSecret == nil { + invalidParams.Add(request.NewErrParamRequired("ClientSecret")) + } + if s.GrantType == nil { + invalidParams.Add(request.NewErrParamRequired("GrantType")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetClientId sets the ClientId field's value. +func (s *CreateTokenInput) SetClientId(v string) *CreateTokenInput { + s.ClientId = &v + return s +} + +// SetClientSecret sets the ClientSecret field's value. +func (s *CreateTokenInput) SetClientSecret(v string) *CreateTokenInput { + s.ClientSecret = &v + return s +} + +// SetCode sets the Code field's value. +func (s *CreateTokenInput) SetCode(v string) *CreateTokenInput { + s.Code = &v + return s +} + +// SetDeviceCode sets the DeviceCode field's value. +func (s *CreateTokenInput) SetDeviceCode(v string) *CreateTokenInput { + s.DeviceCode = &v + return s +} + +// SetGrantType sets the GrantType field's value. +func (s *CreateTokenInput) SetGrantType(v string) *CreateTokenInput { + s.GrantType = &v + return s +} + +// SetRedirectUri sets the RedirectUri field's value. +func (s *CreateTokenInput) SetRedirectUri(v string) *CreateTokenInput { + s.RedirectUri = &v + return s +} + +// SetRefreshToken sets the RefreshToken field's value. +func (s *CreateTokenInput) SetRefreshToken(v string) *CreateTokenInput { + s.RefreshToken = &v + return s +} + +// SetScope sets the Scope field's value. +func (s *CreateTokenInput) SetScope(v []*string) *CreateTokenInput { + s.Scope = v + return s +} + +type CreateTokenOutput struct { + _ struct{} `type:"structure"` + + // A bearer token to access AWS accounts and applications assigned to a user. + // + // AccessToken is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by CreateTokenOutput's + // String and GoString methods. + AccessToken *string `locationName:"accessToken" type:"string" sensitive:"true"` + + // Indicates the time in seconds when an access token will expire. + ExpiresIn *int64 `locationName:"expiresIn" type:"integer"` + + // The idToken is not implemented or supported. For more information about the + // features and limitations of the current IAM Identity Center OIDC implementation, + // see Considerations for Using this Guide in the IAM Identity Center OIDC API + // Reference (https://docs.aws.amazon.com/singlesignon/latest/OIDCAPIReference/Welcome.html). + // + // A JSON Web Token (JWT) that identifies who is associated with the issued + // access token. + // + // IdToken is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by CreateTokenOutput's + // String and GoString methods. + IdToken *string `locationName:"idToken" type:"string" sensitive:"true"` + + // A token that, if present, can be used to refresh a previously issued access + // token that might have expired. + // + // For more information about the features and limitations of the current IAM + // Identity Center OIDC implementation, see Considerations for Using this Guide + // in the IAM Identity Center OIDC API Reference (https://docs.aws.amazon.com/singlesignon/latest/OIDCAPIReference/Welcome.html). + // + // RefreshToken is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by CreateTokenOutput's + // String and GoString methods. + RefreshToken *string `locationName:"refreshToken" type:"string" sensitive:"true"` + + // Used to notify the client that the returned token is an access token. The + // supported token type is Bearer. + TokenType *string `locationName:"tokenType" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CreateTokenOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CreateTokenOutput) GoString() string { + return s.String() +} + +// SetAccessToken sets the AccessToken field's value. +func (s *CreateTokenOutput) SetAccessToken(v string) *CreateTokenOutput { + s.AccessToken = &v + return s +} + +// SetExpiresIn sets the ExpiresIn field's value. +func (s *CreateTokenOutput) SetExpiresIn(v int64) *CreateTokenOutput { + s.ExpiresIn = &v + return s +} + +// SetIdToken sets the IdToken field's value. +func (s *CreateTokenOutput) SetIdToken(v string) *CreateTokenOutput { + s.IdToken = &v + return s +} + +// SetRefreshToken sets the RefreshToken field's value. +func (s *CreateTokenOutput) SetRefreshToken(v string) *CreateTokenOutput { + s.RefreshToken = &v + return s +} + +// SetTokenType sets the TokenType field's value. +func (s *CreateTokenOutput) SetTokenType(v string) *CreateTokenOutput { + s.TokenType = &v + return s +} + +type CreateTokenWithIAMInput struct { + _ struct{} `type:"structure"` + + // Used only when calling this API for the JWT Bearer grant type. This value + // specifies the JSON Web Token (JWT) issued by a trusted token issuer. To authorize + // a trusted token issuer, configure the JWT Bearer GrantOptions for the application. + // + // Assertion is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by CreateTokenWithIAMInput's + // String and GoString methods. + Assertion *string `locationName:"assertion" type:"string" sensitive:"true"` + + // The unique identifier string for the client or application. This value is + // an application ARN that has OAuth grants configured. + // + // ClientId is a required field + ClientId *string `locationName:"clientId" type:"string" required:"true"` + + // Used only when calling this API for the Authorization Code grant type. This + // short-term code is used to identify this authorization request. The code + // is obtained through a redirect from IAM Identity Center to a redirect URI + // persisted in the Authorization Code GrantOptions for the application. + Code *string `locationName:"code" type:"string"` + + // Supports the following OAuth grant types: Authorization Code, Refresh Token, + // JWT Bearer, and Token Exchange. Specify one of the following values, depending + // on the grant type that you want: + // + // * Authorization Code - authorization_code + // + // * Refresh Token - refresh_token + // + // * JWT Bearer - urn:ietf:params:oauth:grant-type:jwt-bearer + // + // * Token Exchange - urn:ietf:params:oauth:grant-type:token-exchange + // + // GrantType is a required field + GrantType *string `locationName:"grantType" type:"string" required:"true"` + + // Used only when calling this API for the Authorization Code grant type. This + // value specifies the location of the client or application that has registered + // to receive the authorization code. + RedirectUri *string `locationName:"redirectUri" type:"string"` + + // Used only when calling this API for the Refresh Token grant type. This token + // is used to refresh short-term tokens, such as the access token, that might + // expire. + // + // For more information about the features and limitations of the current IAM + // Identity Center OIDC implementation, see Considerations for Using this Guide + // in the IAM Identity Center OIDC API Reference (https://docs.aws.amazon.com/singlesignon/latest/OIDCAPIReference/Welcome.html). + // + // RefreshToken is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by CreateTokenWithIAMInput's + // String and GoString methods. + RefreshToken *string `locationName:"refreshToken" type:"string" sensitive:"true"` + + // Used only when calling this API for the Token Exchange grant type. This value + // specifies the type of token that the requester can receive. The following + // values are supported: + // + // * Access Token - urn:ietf:params:oauth:token-type:access_token + // + // * Refresh Token - urn:ietf:params:oauth:token-type:refresh_token + RequestedTokenType *string `locationName:"requestedTokenType" type:"string"` + + // The list of scopes for which authorization is requested. The access token + // that is issued is limited to the scopes that are granted. If the value is + // not specified, IAM Identity Center authorizes all scopes configured for the + // application, including the following default scopes: openid, aws, sts:identity_context. + Scope []*string `locationName:"scope" type:"list"` + + // Used only when calling this API for the Token Exchange grant type. This value + // specifies the subject of the exchange. The value of the subject token must + // be an access token issued by IAM Identity Center to a different client or + // application. The access token must have authorized scopes that indicate the + // requested application as a target audience. + // + // SubjectToken is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by CreateTokenWithIAMInput's + // String and GoString methods. + SubjectToken *string `locationName:"subjectToken" type:"string" sensitive:"true"` + + // Used only when calling this API for the Token Exchange grant type. This value + // specifies the type of token that is passed as the subject of the exchange. + // The following value is supported: + // + // * Access Token - urn:ietf:params:oauth:token-type:access_token + SubjectTokenType *string `locationName:"subjectTokenType" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CreateTokenWithIAMInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CreateTokenWithIAMInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *CreateTokenWithIAMInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "CreateTokenWithIAMInput"} + if s.ClientId == nil { + invalidParams.Add(request.NewErrParamRequired("ClientId")) + } + if s.GrantType == nil { + invalidParams.Add(request.NewErrParamRequired("GrantType")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetAssertion sets the Assertion field's value. +func (s *CreateTokenWithIAMInput) SetAssertion(v string) *CreateTokenWithIAMInput { + s.Assertion = &v + return s +} + +// SetClientId sets the ClientId field's value. +func (s *CreateTokenWithIAMInput) SetClientId(v string) *CreateTokenWithIAMInput { + s.ClientId = &v + return s +} + +// SetCode sets the Code field's value. +func (s *CreateTokenWithIAMInput) SetCode(v string) *CreateTokenWithIAMInput { + s.Code = &v + return s +} + +// SetGrantType sets the GrantType field's value. +func (s *CreateTokenWithIAMInput) SetGrantType(v string) *CreateTokenWithIAMInput { + s.GrantType = &v + return s +} + +// SetRedirectUri sets the RedirectUri field's value. +func (s *CreateTokenWithIAMInput) SetRedirectUri(v string) *CreateTokenWithIAMInput { + s.RedirectUri = &v + return s +} + +// SetRefreshToken sets the RefreshToken field's value. +func (s *CreateTokenWithIAMInput) SetRefreshToken(v string) *CreateTokenWithIAMInput { + s.RefreshToken = &v + return s +} + +// SetRequestedTokenType sets the RequestedTokenType field's value. +func (s *CreateTokenWithIAMInput) SetRequestedTokenType(v string) *CreateTokenWithIAMInput { + s.RequestedTokenType = &v + return s +} + +// SetScope sets the Scope field's value. +func (s *CreateTokenWithIAMInput) SetScope(v []*string) *CreateTokenWithIAMInput { + s.Scope = v + return s +} + +// SetSubjectToken sets the SubjectToken field's value. +func (s *CreateTokenWithIAMInput) SetSubjectToken(v string) *CreateTokenWithIAMInput { + s.SubjectToken = &v + return s +} + +// SetSubjectTokenType sets the SubjectTokenType field's value. +func (s *CreateTokenWithIAMInput) SetSubjectTokenType(v string) *CreateTokenWithIAMInput { + s.SubjectTokenType = &v + return s +} + +type CreateTokenWithIAMOutput struct { + _ struct{} `type:"structure"` + + // A bearer token to access AWS accounts and applications assigned to a user. + // + // AccessToken is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by CreateTokenWithIAMOutput's + // String and GoString methods. + AccessToken *string `locationName:"accessToken" type:"string" sensitive:"true"` + + // Indicates the time in seconds when an access token will expire. + ExpiresIn *int64 `locationName:"expiresIn" type:"integer"` + + // A JSON Web Token (JWT) that identifies the user associated with the issued + // access token. + // + // IdToken is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by CreateTokenWithIAMOutput's + // String and GoString methods. + IdToken *string `locationName:"idToken" type:"string" sensitive:"true"` + + // Indicates the type of tokens that are issued by IAM Identity Center. The + // following values are supported: + // + // * Access Token - urn:ietf:params:oauth:token-type:access_token + // + // * Refresh Token - urn:ietf:params:oauth:token-type:refresh_token + IssuedTokenType *string `locationName:"issuedTokenType" type:"string"` + + // A token that, if present, can be used to refresh a previously issued access + // token that might have expired. + // + // For more information about the features and limitations of the current IAM + // Identity Center OIDC implementation, see Considerations for Using this Guide + // in the IAM Identity Center OIDC API Reference (https://docs.aws.amazon.com/singlesignon/latest/OIDCAPIReference/Welcome.html). + // + // RefreshToken is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by CreateTokenWithIAMOutput's + // String and GoString methods. + RefreshToken *string `locationName:"refreshToken" type:"string" sensitive:"true"` + + // The list of scopes for which authorization is granted. The access token that + // is issued is limited to the scopes that are granted. + Scope []*string `locationName:"scope" type:"list"` + + // Used to notify the requester that the returned token is an access token. + // The supported token type is Bearer. + TokenType *string `locationName:"tokenType" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CreateTokenWithIAMOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CreateTokenWithIAMOutput) GoString() string { + return s.String() +} + +// SetAccessToken sets the AccessToken field's value. +func (s *CreateTokenWithIAMOutput) SetAccessToken(v string) *CreateTokenWithIAMOutput { + s.AccessToken = &v + return s +} + +// SetExpiresIn sets the ExpiresIn field's value. +func (s *CreateTokenWithIAMOutput) SetExpiresIn(v int64) *CreateTokenWithIAMOutput { + s.ExpiresIn = &v + return s +} + +// SetIdToken sets the IdToken field's value. +func (s *CreateTokenWithIAMOutput) SetIdToken(v string) *CreateTokenWithIAMOutput { + s.IdToken = &v + return s +} + +// SetIssuedTokenType sets the IssuedTokenType field's value. +func (s *CreateTokenWithIAMOutput) SetIssuedTokenType(v string) *CreateTokenWithIAMOutput { + s.IssuedTokenType = &v + return s +} + +// SetRefreshToken sets the RefreshToken field's value. +func (s *CreateTokenWithIAMOutput) SetRefreshToken(v string) *CreateTokenWithIAMOutput { + s.RefreshToken = &v + return s +} + +// SetScope sets the Scope field's value. +func (s *CreateTokenWithIAMOutput) SetScope(v []*string) *CreateTokenWithIAMOutput { + s.Scope = v + return s +} + +// SetTokenType sets the TokenType field's value. +func (s *CreateTokenWithIAMOutput) SetTokenType(v string) *CreateTokenWithIAMOutput { + s.TokenType = &v + return s +} + +// Indicates that the token issued by the service is expired and is no longer +// valid. +type ExpiredTokenException struct { + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` + + // Single error code. For this exception the value will be expired_token. + Error_ *string `locationName:"error" type:"string"` + + // Human-readable text providing additional information, used to assist the + // client developer in understanding the error that occurred. + Error_description *string `locationName:"error_description" type:"string"` + + Message_ *string `locationName:"message" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ExpiredTokenException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ExpiredTokenException) GoString() string { + return s.String() +} + +func newErrorExpiredTokenException(v protocol.ResponseMetadata) error { + return &ExpiredTokenException{ + RespMetadata: v, + } +} + +// Code returns the exception type name. +func (s *ExpiredTokenException) Code() string { + return "ExpiredTokenException" +} + +// Message returns the exception's message. +func (s *ExpiredTokenException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s *ExpiredTokenException) OrigErr() error { + return nil +} + +func (s *ExpiredTokenException) Error() string { + return fmt.Sprintf("%s: %s\n%s", s.Code(), s.Message(), s.String()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s *ExpiredTokenException) StatusCode() int { + return s.RespMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s *ExpiredTokenException) RequestID() string { + return s.RespMetadata.RequestID +} + +// Indicates that an error from the service occurred while trying to process +// a request. +type InternalServerException struct { + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` + + // Single error code. For this exception the value will be server_error. + Error_ *string `locationName:"error" type:"string"` + + // Human-readable text providing additional information, used to assist the + // client developer in understanding the error that occurred. + Error_description *string `locationName:"error_description" type:"string"` + + Message_ *string `locationName:"message" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s InternalServerException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s InternalServerException) GoString() string { + return s.String() +} + +func newErrorInternalServerException(v protocol.ResponseMetadata) error { + return &InternalServerException{ + RespMetadata: v, + } +} + +// Code returns the exception type name. +func (s *InternalServerException) Code() string { + return "InternalServerException" +} + +// Message returns the exception's message. +func (s *InternalServerException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s *InternalServerException) OrigErr() error { + return nil +} + +func (s *InternalServerException) Error() string { + return fmt.Sprintf("%s: %s\n%s", s.Code(), s.Message(), s.String()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s *InternalServerException) StatusCode() int { + return s.RespMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s *InternalServerException) RequestID() string { + return s.RespMetadata.RequestID +} + +// Indicates that the clientId or clientSecret in the request is invalid. For +// example, this can occur when a client sends an incorrect clientId or an expired +// clientSecret. +type InvalidClientException struct { + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` + + // Single error code. For this exception the value will be invalid_client. + Error_ *string `locationName:"error" type:"string"` + + // Human-readable text providing additional information, used to assist the + // client developer in understanding the error that occurred. + Error_description *string `locationName:"error_description" type:"string"` + + Message_ *string `locationName:"message" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s InvalidClientException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s InvalidClientException) GoString() string { + return s.String() +} + +func newErrorInvalidClientException(v protocol.ResponseMetadata) error { + return &InvalidClientException{ + RespMetadata: v, + } +} + +// Code returns the exception type name. +func (s *InvalidClientException) Code() string { + return "InvalidClientException" +} + +// Message returns the exception's message. +func (s *InvalidClientException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s *InvalidClientException) OrigErr() error { + return nil +} + +func (s *InvalidClientException) Error() string { + return fmt.Sprintf("%s: %s\n%s", s.Code(), s.Message(), s.String()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s *InvalidClientException) StatusCode() int { + return s.RespMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s *InvalidClientException) RequestID() string { + return s.RespMetadata.RequestID +} + +// Indicates that the client information sent in the request during registration +// is invalid. +type InvalidClientMetadataException struct { + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` + + // Single error code. For this exception the value will be invalid_client_metadata. + Error_ *string `locationName:"error" type:"string"` + + // Human-readable text providing additional information, used to assist the + // client developer in understanding the error that occurred. + Error_description *string `locationName:"error_description" type:"string"` + + Message_ *string `locationName:"message" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s InvalidClientMetadataException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s InvalidClientMetadataException) GoString() string { + return s.String() +} + +func newErrorInvalidClientMetadataException(v protocol.ResponseMetadata) error { + return &InvalidClientMetadataException{ + RespMetadata: v, + } +} + +// Code returns the exception type name. +func (s *InvalidClientMetadataException) Code() string { + return "InvalidClientMetadataException" +} + +// Message returns the exception's message. +func (s *InvalidClientMetadataException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s *InvalidClientMetadataException) OrigErr() error { + return nil +} + +func (s *InvalidClientMetadataException) Error() string { + return fmt.Sprintf("%s: %s\n%s", s.Code(), s.Message(), s.String()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s *InvalidClientMetadataException) StatusCode() int { + return s.RespMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s *InvalidClientMetadataException) RequestID() string { + return s.RespMetadata.RequestID +} + +// Indicates that a request contains an invalid grant. This can occur if a client +// makes a CreateToken request with an invalid grant type. +type InvalidGrantException struct { + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` + + // Single error code. For this exception the value will be invalid_grant. + Error_ *string `locationName:"error" type:"string"` + + // Human-readable text providing additional information, used to assist the + // client developer in understanding the error that occurred. + Error_description *string `locationName:"error_description" type:"string"` + + Message_ *string `locationName:"message" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s InvalidGrantException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s InvalidGrantException) GoString() string { + return s.String() +} + +func newErrorInvalidGrantException(v protocol.ResponseMetadata) error { + return &InvalidGrantException{ + RespMetadata: v, + } +} + +// Code returns the exception type name. +func (s *InvalidGrantException) Code() string { + return "InvalidGrantException" +} + +// Message returns the exception's message. +func (s *InvalidGrantException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s *InvalidGrantException) OrigErr() error { + return nil +} + +func (s *InvalidGrantException) Error() string { + return fmt.Sprintf("%s: %s\n%s", s.Code(), s.Message(), s.String()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s *InvalidGrantException) StatusCode() int { + return s.RespMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s *InvalidGrantException) RequestID() string { + return s.RespMetadata.RequestID +} + +// Indicates that something is wrong with the input to the request. For example, +// a required parameter might be missing or out of range. +type InvalidRequestException struct { + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` + + // Single error code. For this exception the value will be invalid_request. + Error_ *string `locationName:"error" type:"string"` + + // Human-readable text providing additional information, used to assist the + // client developer in understanding the error that occurred. + Error_description *string `locationName:"error_description" type:"string"` + + Message_ *string `locationName:"message" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s InvalidRequestException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s InvalidRequestException) GoString() string { + return s.String() +} + +func newErrorInvalidRequestException(v protocol.ResponseMetadata) error { + return &InvalidRequestException{ + RespMetadata: v, + } +} + +// Code returns the exception type name. +func (s *InvalidRequestException) Code() string { + return "InvalidRequestException" +} + +// Message returns the exception's message. +func (s *InvalidRequestException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s *InvalidRequestException) OrigErr() error { + return nil +} + +func (s *InvalidRequestException) Error() string { + return fmt.Sprintf("%s: %s\n%s", s.Code(), s.Message(), s.String()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s *InvalidRequestException) StatusCode() int { + return s.RespMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s *InvalidRequestException) RequestID() string { + return s.RespMetadata.RequestID +} + +// Indicates that a token provided as input to the request was issued by and +// is only usable by calling IAM Identity Center endpoints in another region. +type InvalidRequestRegionException struct { + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` + + // Indicates the IAM Identity Center endpoint which the requester may call with + // this token. + Endpoint *string `locationName:"endpoint" type:"string"` + + // Single error code. For this exception the value will be invalid_request. + Error_ *string `locationName:"error" type:"string"` + + // Human-readable text providing additional information, used to assist the + // client developer in understanding the error that occurred. + Error_description *string `locationName:"error_description" type:"string"` + + Message_ *string `locationName:"message" type:"string"` + + // Indicates the region which the requester may call with this token. + Region *string `locationName:"region" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s InvalidRequestRegionException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s InvalidRequestRegionException) GoString() string { + return s.String() +} + +func newErrorInvalidRequestRegionException(v protocol.ResponseMetadata) error { + return &InvalidRequestRegionException{ + RespMetadata: v, + } +} + +// Code returns the exception type name. +func (s *InvalidRequestRegionException) Code() string { + return "InvalidRequestRegionException" +} + +// Message returns the exception's message. +func (s *InvalidRequestRegionException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s *InvalidRequestRegionException) OrigErr() error { + return nil +} + +func (s *InvalidRequestRegionException) Error() string { + return fmt.Sprintf("%s: %s\n%s", s.Code(), s.Message(), s.String()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s *InvalidRequestRegionException) StatusCode() int { + return s.RespMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s *InvalidRequestRegionException) RequestID() string { + return s.RespMetadata.RequestID +} + +// Indicates that the scope provided in the request is invalid. +type InvalidScopeException struct { + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` + + // Single error code. For this exception the value will be invalid_scope. + Error_ *string `locationName:"error" type:"string"` + + // Human-readable text providing additional information, used to assist the + // client developer in understanding the error that occurred. + Error_description *string `locationName:"error_description" type:"string"` + + Message_ *string `locationName:"message" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s InvalidScopeException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s InvalidScopeException) GoString() string { + return s.String() +} + +func newErrorInvalidScopeException(v protocol.ResponseMetadata) error { + return &InvalidScopeException{ + RespMetadata: v, + } +} + +// Code returns the exception type name. +func (s *InvalidScopeException) Code() string { + return "InvalidScopeException" +} + +// Message returns the exception's message. +func (s *InvalidScopeException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s *InvalidScopeException) OrigErr() error { + return nil +} + +func (s *InvalidScopeException) Error() string { + return fmt.Sprintf("%s: %s\n%s", s.Code(), s.Message(), s.String()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s *InvalidScopeException) StatusCode() int { + return s.RespMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s *InvalidScopeException) RequestID() string { + return s.RespMetadata.RequestID +} + +type RegisterClientInput struct { + _ struct{} `type:"structure"` + + // The friendly name of the client. + // + // ClientName is a required field + ClientName *string `locationName:"clientName" type:"string" required:"true"` + + // The type of client. The service supports only public as a client type. Anything + // other than public will be rejected by the service. + // + // ClientType is a required field + ClientType *string `locationName:"clientType" type:"string" required:"true"` + + // The list of scopes that are defined by the client. Upon authorization, this + // list is used to restrict permissions when granting an access token. + Scopes []*string `locationName:"scopes" type:"list"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s RegisterClientInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s RegisterClientInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *RegisterClientInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "RegisterClientInput"} + if s.ClientName == nil { + invalidParams.Add(request.NewErrParamRequired("ClientName")) + } + if s.ClientType == nil { + invalidParams.Add(request.NewErrParamRequired("ClientType")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetClientName sets the ClientName field's value. +func (s *RegisterClientInput) SetClientName(v string) *RegisterClientInput { + s.ClientName = &v + return s +} + +// SetClientType sets the ClientType field's value. +func (s *RegisterClientInput) SetClientType(v string) *RegisterClientInput { + s.ClientType = &v + return s +} + +// SetScopes sets the Scopes field's value. +func (s *RegisterClientInput) SetScopes(v []*string) *RegisterClientInput { + s.Scopes = v + return s +} + +type RegisterClientOutput struct { + _ struct{} `type:"structure"` + + // An endpoint that the client can use to request authorization. + AuthorizationEndpoint *string `locationName:"authorizationEndpoint" type:"string"` + + // The unique identifier string for each client. This client uses this identifier + // to get authenticated by the service in subsequent calls. + ClientId *string `locationName:"clientId" type:"string"` + + // Indicates the time at which the clientId and clientSecret were issued. + ClientIdIssuedAt *int64 `locationName:"clientIdIssuedAt" type:"long"` + + // A secret string generated for the client. The client will use this string + // to get authenticated by the service in subsequent calls. + // + // ClientSecret is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by RegisterClientOutput's + // String and GoString methods. + ClientSecret *string `locationName:"clientSecret" type:"string" sensitive:"true"` + + // Indicates the time at which the clientId and clientSecret will become invalid. + ClientSecretExpiresAt *int64 `locationName:"clientSecretExpiresAt" type:"long"` + + // An endpoint that the client can use to create tokens. + TokenEndpoint *string `locationName:"tokenEndpoint" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s RegisterClientOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s RegisterClientOutput) GoString() string { + return s.String() +} + +// SetAuthorizationEndpoint sets the AuthorizationEndpoint field's value. +func (s *RegisterClientOutput) SetAuthorizationEndpoint(v string) *RegisterClientOutput { + s.AuthorizationEndpoint = &v + return s +} + +// SetClientId sets the ClientId field's value. +func (s *RegisterClientOutput) SetClientId(v string) *RegisterClientOutput { + s.ClientId = &v + return s +} + +// SetClientIdIssuedAt sets the ClientIdIssuedAt field's value. +func (s *RegisterClientOutput) SetClientIdIssuedAt(v int64) *RegisterClientOutput { + s.ClientIdIssuedAt = &v + return s +} + +// SetClientSecret sets the ClientSecret field's value. +func (s *RegisterClientOutput) SetClientSecret(v string) *RegisterClientOutput { + s.ClientSecret = &v + return s +} + +// SetClientSecretExpiresAt sets the ClientSecretExpiresAt field's value. +func (s *RegisterClientOutput) SetClientSecretExpiresAt(v int64) *RegisterClientOutput { + s.ClientSecretExpiresAt = &v + return s +} + +// SetTokenEndpoint sets the TokenEndpoint field's value. +func (s *RegisterClientOutput) SetTokenEndpoint(v string) *RegisterClientOutput { + s.TokenEndpoint = &v + return s +} + +// Indicates that the client is making the request too frequently and is more +// than the service can handle. +type SlowDownException struct { + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` + + // Single error code. For this exception the value will be slow_down. + Error_ *string `locationName:"error" type:"string"` + + // Human-readable text providing additional information, used to assist the + // client developer in understanding the error that occurred. + Error_description *string `locationName:"error_description" type:"string"` + + Message_ *string `locationName:"message" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s SlowDownException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s SlowDownException) GoString() string { + return s.String() +} + +func newErrorSlowDownException(v protocol.ResponseMetadata) error { + return &SlowDownException{ + RespMetadata: v, + } +} + +// Code returns the exception type name. +func (s *SlowDownException) Code() string { + return "SlowDownException" +} + +// Message returns the exception's message. +func (s *SlowDownException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s *SlowDownException) OrigErr() error { + return nil +} + +func (s *SlowDownException) Error() string { + return fmt.Sprintf("%s: %s\n%s", s.Code(), s.Message(), s.String()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s *SlowDownException) StatusCode() int { + return s.RespMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s *SlowDownException) RequestID() string { + return s.RespMetadata.RequestID +} + +type StartDeviceAuthorizationInput struct { + _ struct{} `type:"structure"` + + // The unique identifier string for the client that is registered with IAM Identity + // Center. This value should come from the persisted result of the RegisterClient + // API operation. + // + // ClientId is a required field + ClientId *string `locationName:"clientId" type:"string" required:"true"` + + // A secret string that is generated for the client. This value should come + // from the persisted result of the RegisterClient API operation. + // + // ClientSecret is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by StartDeviceAuthorizationInput's + // String and GoString methods. + // + // ClientSecret is a required field + ClientSecret *string `locationName:"clientSecret" type:"string" required:"true" sensitive:"true"` + + // The URL for the Amazon Web Services access portal. For more information, + // see Using the Amazon Web Services access portal (https://docs.aws.amazon.com/singlesignon/latest/userguide/using-the-portal.html) + // in the IAM Identity Center User Guide. + // + // StartUrl is a required field + StartUrl *string `locationName:"startUrl" type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s StartDeviceAuthorizationInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s StartDeviceAuthorizationInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *StartDeviceAuthorizationInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "StartDeviceAuthorizationInput"} + if s.ClientId == nil { + invalidParams.Add(request.NewErrParamRequired("ClientId")) + } + if s.ClientSecret == nil { + invalidParams.Add(request.NewErrParamRequired("ClientSecret")) + } + if s.StartUrl == nil { + invalidParams.Add(request.NewErrParamRequired("StartUrl")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetClientId sets the ClientId field's value. +func (s *StartDeviceAuthorizationInput) SetClientId(v string) *StartDeviceAuthorizationInput { + s.ClientId = &v + return s +} + +// SetClientSecret sets the ClientSecret field's value. +func (s *StartDeviceAuthorizationInput) SetClientSecret(v string) *StartDeviceAuthorizationInput { + s.ClientSecret = &v + return s +} + +// SetStartUrl sets the StartUrl field's value. +func (s *StartDeviceAuthorizationInput) SetStartUrl(v string) *StartDeviceAuthorizationInput { + s.StartUrl = &v + return s +} + +type StartDeviceAuthorizationOutput struct { + _ struct{} `type:"structure"` + + // The short-lived code that is used by the device when polling for a session + // token. + DeviceCode *string `locationName:"deviceCode" type:"string"` + + // Indicates the number of seconds in which the verification code will become + // invalid. + ExpiresIn *int64 `locationName:"expiresIn" type:"integer"` + + // Indicates the number of seconds the client must wait between attempts when + // polling for a session. + Interval *int64 `locationName:"interval" type:"integer"` + + // A one-time user verification code. This is needed to authorize an in-use + // device. + UserCode *string `locationName:"userCode" type:"string"` + + // The URI of the verification page that takes the userCode to authorize the + // device. + VerificationUri *string `locationName:"verificationUri" type:"string"` + + // An alternate URL that the client can use to automatically launch a browser. + // This process skips the manual step in which the user visits the verification + // page and enters their code. + VerificationUriComplete *string `locationName:"verificationUriComplete" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s StartDeviceAuthorizationOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s StartDeviceAuthorizationOutput) GoString() string { + return s.String() +} + +// SetDeviceCode sets the DeviceCode field's value. +func (s *StartDeviceAuthorizationOutput) SetDeviceCode(v string) *StartDeviceAuthorizationOutput { + s.DeviceCode = &v + return s +} + +// SetExpiresIn sets the ExpiresIn field's value. +func (s *StartDeviceAuthorizationOutput) SetExpiresIn(v int64) *StartDeviceAuthorizationOutput { + s.ExpiresIn = &v + return s +} + +// SetInterval sets the Interval field's value. +func (s *StartDeviceAuthorizationOutput) SetInterval(v int64) *StartDeviceAuthorizationOutput { + s.Interval = &v + return s +} + +// SetUserCode sets the UserCode field's value. +func (s *StartDeviceAuthorizationOutput) SetUserCode(v string) *StartDeviceAuthorizationOutput { + s.UserCode = &v + return s +} + +// SetVerificationUri sets the VerificationUri field's value. +func (s *StartDeviceAuthorizationOutput) SetVerificationUri(v string) *StartDeviceAuthorizationOutput { + s.VerificationUri = &v + return s +} + +// SetVerificationUriComplete sets the VerificationUriComplete field's value. +func (s *StartDeviceAuthorizationOutput) SetVerificationUriComplete(v string) *StartDeviceAuthorizationOutput { + s.VerificationUriComplete = &v + return s +} + +// Indicates that the client is not currently authorized to make the request. +// This can happen when a clientId is not issued for a public client. +type UnauthorizedClientException struct { + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` + + // Single error code. For this exception the value will be unauthorized_client. + Error_ *string `locationName:"error" type:"string"` + + // Human-readable text providing additional information, used to assist the + // client developer in understanding the error that occurred. + Error_description *string `locationName:"error_description" type:"string"` + + Message_ *string `locationName:"message" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s UnauthorizedClientException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s UnauthorizedClientException) GoString() string { + return s.String() +} + +func newErrorUnauthorizedClientException(v protocol.ResponseMetadata) error { + return &UnauthorizedClientException{ + RespMetadata: v, + } +} + +// Code returns the exception type name. +func (s *UnauthorizedClientException) Code() string { + return "UnauthorizedClientException" +} + +// Message returns the exception's message. +func (s *UnauthorizedClientException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s *UnauthorizedClientException) OrigErr() error { + return nil +} + +func (s *UnauthorizedClientException) Error() string { + return fmt.Sprintf("%s: %s\n%s", s.Code(), s.Message(), s.String()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s *UnauthorizedClientException) StatusCode() int { + return s.RespMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s *UnauthorizedClientException) RequestID() string { + return s.RespMetadata.RequestID +} + +// Indicates that the grant type in the request is not supported by the service. +type UnsupportedGrantTypeException struct { + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` + + // Single error code. For this exception the value will be unsupported_grant_type. + Error_ *string `locationName:"error" type:"string"` + + // Human-readable text providing additional information, used to assist the + // client developer in understanding the error that occurred. + Error_description *string `locationName:"error_description" type:"string"` + + Message_ *string `locationName:"message" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s UnsupportedGrantTypeException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s UnsupportedGrantTypeException) GoString() string { + return s.String() +} + +func newErrorUnsupportedGrantTypeException(v protocol.ResponseMetadata) error { + return &UnsupportedGrantTypeException{ + RespMetadata: v, + } +} + +// Code returns the exception type name. +func (s *UnsupportedGrantTypeException) Code() string { + return "UnsupportedGrantTypeException" +} + +// Message returns the exception's message. +func (s *UnsupportedGrantTypeException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s *UnsupportedGrantTypeException) OrigErr() error { + return nil +} + +func (s *UnsupportedGrantTypeException) Error() string { + return fmt.Sprintf("%s: %s\n%s", s.Code(), s.Message(), s.String()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s *UnsupportedGrantTypeException) StatusCode() int { + return s.RespMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s *UnsupportedGrantTypeException) RequestID() string { + return s.RespMetadata.RequestID +} diff --git a/ecs-agent/vendor/github.com/aws/aws-sdk-go/service/ssooidc/doc.go b/ecs-agent/vendor/github.com/aws/aws-sdk-go/service/ssooidc/doc.go new file mode 100644 index 00000000000..083568c616f --- /dev/null +++ b/ecs-agent/vendor/github.com/aws/aws-sdk-go/service/ssooidc/doc.go @@ -0,0 +1,67 @@ +// Code generated by private/model/cli/gen-api/main.go. DO NOT EDIT. + +// Package ssooidc provides the client and types for making API +// requests to AWS SSO OIDC. +// +// IAM Identity Center OpenID Connect (OIDC) is a web service that enables a +// client (such as CLI or a native application) to register with IAM Identity +// Center. The service also enables the client to fetch the user’s access +// token upon successful authentication and authorization with IAM Identity +// Center. +// +// IAM Identity Center uses the sso and identitystore API namespaces. +// +// # Considerations for Using This Guide +// +// Before you begin using this guide, we recommend that you first review the +// following important information about how the IAM Identity Center OIDC service +// works. +// +// - The IAM Identity Center OIDC service currently implements only the portions +// of the OAuth 2.0 Device Authorization Grant standard (https://tools.ietf.org/html/rfc8628 +// (https://tools.ietf.org/html/rfc8628)) that are necessary to enable single +// sign-on authentication with the CLI. +// +// - With older versions of the CLI, the service only emits OIDC access tokens, +// so to obtain a new token, users must explicitly re-authenticate. To access +// the OIDC flow that supports token refresh and doesn’t require re-authentication, +// update to the latest CLI version (1.27.10 for CLI V1 and 2.9.0 for CLI +// V2) with support for OIDC token refresh and configurable IAM Identity +// Center session durations. For more information, see Configure Amazon Web +// Services access portal session duration (https://docs.aws.amazon.com/singlesignon/latest/userguide/configure-user-session.html). +// +// - The access tokens provided by this service grant access to all Amazon +// Web Services account entitlements assigned to an IAM Identity Center user, +// not just a particular application. +// +// - The documentation in this guide does not describe the mechanism to convert +// the access token into Amazon Web Services Auth (“sigv4”) credentials +// for use with IAM-protected Amazon Web Services service endpoints. For +// more information, see GetRoleCredentials (https://docs.aws.amazon.com/singlesignon/latest/PortalAPIReference/API_GetRoleCredentials.html) +// in the IAM Identity Center Portal API Reference Guide. +// +// For general information about IAM Identity Center, see What is IAM Identity +// Center? (https://docs.aws.amazon.com/singlesignon/latest/userguide/what-is.html) +// in the IAM Identity Center User Guide. +// +// See https://docs.aws.amazon.com/goto/WebAPI/sso-oidc-2019-06-10 for more information on this service. +// +// See ssooidc package documentation for more information. +// https://docs.aws.amazon.com/sdk-for-go/api/service/ssooidc/ +// +// # Using the Client +// +// To contact AWS SSO OIDC with the SDK use the New function to create +// a new service client. With that client you can make API requests to the service. +// These clients are safe to use concurrently. +// +// See the SDK's documentation for more information on how to use the SDK. +// https://docs.aws.amazon.com/sdk-for-go/api/ +// +// See aws.Config documentation for more information on configuring SDK clients. +// https://docs.aws.amazon.com/sdk-for-go/api/aws/#Config +// +// See the AWS SSO OIDC client SSOOIDC for more +// information on creating client for this service. +// https://docs.aws.amazon.com/sdk-for-go/api/service/ssooidc/#New +package ssooidc diff --git a/ecs-agent/vendor/github.com/aws/aws-sdk-go/service/ssooidc/errors.go b/ecs-agent/vendor/github.com/aws/aws-sdk-go/service/ssooidc/errors.go new file mode 100644 index 00000000000..e6242e4928d --- /dev/null +++ b/ecs-agent/vendor/github.com/aws/aws-sdk-go/service/ssooidc/errors.go @@ -0,0 +1,115 @@ +// Code generated by private/model/cli/gen-api/main.go. DO NOT EDIT. + +package ssooidc + +import ( + "github.com/aws/aws-sdk-go/private/protocol" +) + +const ( + + // ErrCodeAccessDeniedException for service response error code + // "AccessDeniedException". + // + // You do not have sufficient access to perform this action. + ErrCodeAccessDeniedException = "AccessDeniedException" + + // ErrCodeAuthorizationPendingException for service response error code + // "AuthorizationPendingException". + // + // Indicates that a request to authorize a client with an access user session + // token is pending. + ErrCodeAuthorizationPendingException = "AuthorizationPendingException" + + // ErrCodeExpiredTokenException for service response error code + // "ExpiredTokenException". + // + // Indicates that the token issued by the service is expired and is no longer + // valid. + ErrCodeExpiredTokenException = "ExpiredTokenException" + + // ErrCodeInternalServerException for service response error code + // "InternalServerException". + // + // Indicates that an error from the service occurred while trying to process + // a request. + ErrCodeInternalServerException = "InternalServerException" + + // ErrCodeInvalidClientException for service response error code + // "InvalidClientException". + // + // Indicates that the clientId or clientSecret in the request is invalid. For + // example, this can occur when a client sends an incorrect clientId or an expired + // clientSecret. + ErrCodeInvalidClientException = "InvalidClientException" + + // ErrCodeInvalidClientMetadataException for service response error code + // "InvalidClientMetadataException". + // + // Indicates that the client information sent in the request during registration + // is invalid. + ErrCodeInvalidClientMetadataException = "InvalidClientMetadataException" + + // ErrCodeInvalidGrantException for service response error code + // "InvalidGrantException". + // + // Indicates that a request contains an invalid grant. This can occur if a client + // makes a CreateToken request with an invalid grant type. + ErrCodeInvalidGrantException = "InvalidGrantException" + + // ErrCodeInvalidRequestException for service response error code + // "InvalidRequestException". + // + // Indicates that something is wrong with the input to the request. For example, + // a required parameter might be missing or out of range. + ErrCodeInvalidRequestException = "InvalidRequestException" + + // ErrCodeInvalidRequestRegionException for service response error code + // "InvalidRequestRegionException". + // + // Indicates that a token provided as input to the request was issued by and + // is only usable by calling IAM Identity Center endpoints in another region. + ErrCodeInvalidRequestRegionException = "InvalidRequestRegionException" + + // ErrCodeInvalidScopeException for service response error code + // "InvalidScopeException". + // + // Indicates that the scope provided in the request is invalid. + ErrCodeInvalidScopeException = "InvalidScopeException" + + // ErrCodeSlowDownException for service response error code + // "SlowDownException". + // + // Indicates that the client is making the request too frequently and is more + // than the service can handle. + ErrCodeSlowDownException = "SlowDownException" + + // ErrCodeUnauthorizedClientException for service response error code + // "UnauthorizedClientException". + // + // Indicates that the client is not currently authorized to make the request. + // This can happen when a clientId is not issued for a public client. + ErrCodeUnauthorizedClientException = "UnauthorizedClientException" + + // ErrCodeUnsupportedGrantTypeException for service response error code + // "UnsupportedGrantTypeException". + // + // Indicates that the grant type in the request is not supported by the service. + ErrCodeUnsupportedGrantTypeException = "UnsupportedGrantTypeException" +) + +var exceptionFromCode = map[string]func(protocol.ResponseMetadata) error{ + "AccessDeniedException": newErrorAccessDeniedException, + "AuthorizationPendingException": newErrorAuthorizationPendingException, + "ExpiredTokenException": newErrorExpiredTokenException, + "InternalServerException": newErrorInternalServerException, + "InvalidClientException": newErrorInvalidClientException, + "InvalidClientMetadataException": newErrorInvalidClientMetadataException, + "InvalidGrantException": newErrorInvalidGrantException, + "InvalidRequestException": newErrorInvalidRequestException, + "InvalidRequestRegionException": newErrorInvalidRequestRegionException, + "InvalidScopeException": newErrorInvalidScopeException, + "SlowDownException": newErrorSlowDownException, + "UnauthorizedClientException": newErrorUnauthorizedClientException, + "UnsupportedGrantTypeException": newErrorUnsupportedGrantTypeException, +} diff --git a/ecs-agent/vendor/github.com/aws/aws-sdk-go/service/ssooidc/service.go b/ecs-agent/vendor/github.com/aws/aws-sdk-go/service/ssooidc/service.go new file mode 100644 index 00000000000..782bae3692d --- /dev/null +++ b/ecs-agent/vendor/github.com/aws/aws-sdk-go/service/ssooidc/service.go @@ -0,0 +1,106 @@ +// Code generated by private/model/cli/gen-api/main.go. DO NOT EDIT. + +package ssooidc + +import ( + "github.com/aws/aws-sdk-go/aws" + "github.com/aws/aws-sdk-go/aws/client" + "github.com/aws/aws-sdk-go/aws/client/metadata" + "github.com/aws/aws-sdk-go/aws/request" + "github.com/aws/aws-sdk-go/aws/signer/v4" + "github.com/aws/aws-sdk-go/private/protocol" + "github.com/aws/aws-sdk-go/private/protocol/restjson" +) + +// SSOOIDC provides the API operation methods for making requests to +// AWS SSO OIDC. See this package's package overview docs +// for details on the service. +// +// SSOOIDC methods are safe to use concurrently. It is not safe to +// modify mutate any of the struct's properties though. +type SSOOIDC struct { + *client.Client +} + +// Used for custom client initialization logic +var initClient func(*client.Client) + +// Used for custom request initialization logic +var initRequest func(*request.Request) + +// Service information constants +const ( + ServiceName = "SSO OIDC" // Name of service. + EndpointsID = "oidc" // ID to lookup a service endpoint with. + ServiceID = "SSO OIDC" // ServiceID is a unique identifier of a specific service. +) + +// New creates a new instance of the SSOOIDC client with a session. +// If additional configuration is needed for the client instance use the optional +// aws.Config parameter to add your extra config. +// +// Example: +// +// mySession := session.Must(session.NewSession()) +// +// // Create a SSOOIDC client from just a session. +// svc := ssooidc.New(mySession) +// +// // Create a SSOOIDC client with additional configuration +// svc := ssooidc.New(mySession, aws.NewConfig().WithRegion("us-west-2")) +func New(p client.ConfigProvider, cfgs ...*aws.Config) *SSOOIDC { + c := p.ClientConfig(EndpointsID, cfgs...) + if c.SigningNameDerived || len(c.SigningName) == 0 { + c.SigningName = "sso-oauth" + } + return newClient(*c.Config, c.Handlers, c.PartitionID, c.Endpoint, c.SigningRegion, c.SigningName, c.ResolvedRegion) +} + +// newClient creates, initializes and returns a new service client instance. +func newClient(cfg aws.Config, handlers request.Handlers, partitionID, endpoint, signingRegion, signingName, resolvedRegion string) *SSOOIDC { + svc := &SSOOIDC{ + Client: client.New( + cfg, + metadata.ClientInfo{ + ServiceName: ServiceName, + ServiceID: ServiceID, + SigningName: signingName, + SigningRegion: signingRegion, + PartitionID: partitionID, + Endpoint: endpoint, + APIVersion: "2019-06-10", + ResolvedRegion: resolvedRegion, + }, + handlers, + ), + } + + // Handlers + svc.Handlers.Sign.PushBackNamed(v4.SignRequestHandler) + svc.Handlers.Build.PushBackNamed(restjson.BuildHandler) + svc.Handlers.Unmarshal.PushBackNamed(restjson.UnmarshalHandler) + svc.Handlers.UnmarshalMeta.PushBackNamed(restjson.UnmarshalMetaHandler) + svc.Handlers.UnmarshalError.PushBackNamed( + protocol.NewUnmarshalErrorHandler(restjson.NewUnmarshalTypedError(exceptionFromCode)).NamedHandler(), + ) + + // Run custom client initialization if present + if initClient != nil { + initClient(svc.Client) + } + + return svc +} + +// newRequest creates a new request for a SSOOIDC operation and runs any +// custom request initialization. +func (c *SSOOIDC) newRequest(op *request.Operation, params, data interface{}) *request.Request { + req := c.NewRequest(op, params, data) + + // Run custom request initialization if present + if initRequest != nil { + initRequest(req) + } + + return req +} diff --git a/ecs-agent/vendor/github.com/aws/aws-sdk-go/service/sts/api.go b/ecs-agent/vendor/github.com/aws/aws-sdk-go/service/sts/api.go index c0706bec93d..2c395f5f673 100644 --- a/ecs-agent/vendor/github.com/aws/aws-sdk-go/service/sts/api.go +++ b/ecs-agent/vendor/github.com/aws/aws-sdk-go/service/sts/api.go @@ -56,12 +56,11 @@ func (c *STS) AssumeRoleRequest(input *AssumeRoleInput) (req *request.Request, o // AssumeRole API operation for AWS Security Token Service. // // Returns a set of temporary security credentials that you can use to access -// Amazon Web Services resources that you might not normally have access to. -// These temporary credentials consist of an access key ID, a secret access -// key, and a security token. Typically, you use AssumeRole within your account -// or for cross-account access. For a comparison of AssumeRole with other API -// operations that produce temporary credentials, see Requesting Temporary Security -// Credentials (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html) +// Amazon Web Services resources. These temporary credentials consist of an +// access key ID, a secret access key, and a security token. Typically, you +// use AssumeRole within your account or for cross-account access. For a comparison +// of AssumeRole with other API operations that produce temporary credentials, +// see Requesting Temporary Security Credentials (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html) // and Comparing the Amazon Web Services STS API operations (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#stsapi_comparison) // in the IAM User Guide. // @@ -86,9 +85,9 @@ func (c *STS) AssumeRoleRequest(input *AssumeRoleInput) (req *request.Request, o // assumed. For more information, see Session Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session) // in the IAM User Guide. // -// When you create a role, you create two policies: A role trust policy that -// specifies who can assume the role and a permissions policy that specifies -// what can be done with the role. You specify the trusted principal who is +// When you create a role, you create two policies: a role trust policy that +// specifies who can assume the role, and a permissions policy that specifies +// what can be done with the role. You specify the trusted principal that is // allowed to assume the role in the role trust policy. // // To assume a role from a different account, your Amazon Web Services account @@ -97,9 +96,9 @@ func (c *STS) AssumeRoleRequest(input *AssumeRoleInput) (req *request.Request, o // are allowed to delegate that access to users in the account. // // A user who wants to access a role in a different account must also have permissions -// that are delegated from the user account administrator. The administrator -// must attach a policy that allows the user to call AssumeRole for the ARN -// of the role in the other account. +// that are delegated from the account administrator. The administrator must +// attach a policy that allows the user to call AssumeRole for the ARN of the +// role in the other account. // // To allow a user to assume a role in the same account, you can do either of // the following: @@ -518,10 +517,8 @@ func (c *STS) AssumeRoleWithWebIdentityRequest(input *AssumeRoleWithWebIdentityI // a user. You can also supply the user with a consistent identity throughout // the lifetime of an application. // -// To learn more about Amazon Cognito, see Amazon Cognito Overview (https://docs.aws.amazon.com/mobile/sdkforandroid/developerguide/cognito-auth.html#d0e840) -// in Amazon Web Services SDK for Android Developer Guide and Amazon Cognito -// Overview (https://docs.aws.amazon.com/mobile/sdkforios/developerguide/cognito-auth.html#d0e664) -// in the Amazon Web Services SDK for iOS Developer Guide. +// To learn more about Amazon Cognito, see Amazon Cognito identity pools (https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-identity.html) +// in Amazon Cognito Developer Guide. // // Calling AssumeRoleWithWebIdentity does not require the use of Amazon Web // Services security credentials. Therefore, you can distribute an application @@ -985,11 +982,11 @@ func (c *STS) GetCallerIdentityRequest(input *GetCallerIdentityInput) (req *requ // call the operation. // // No permissions are required to perform this operation. If an administrator -// adds a policy to your IAM user or role that explicitly denies access to the -// sts:GetCallerIdentity action, you can still perform this operation. Permissions -// are not required because the same information is returned when an IAM user -// or role is denied access. To view an example response, see I Am Not Authorized -// to Perform: iam:DeleteVirtualMFADevice (https://docs.aws.amazon.com/IAM/latest/UserGuide/troubleshoot_general.html#troubleshoot_general_access-denied-delete-mfa) +// attaches a policy to your identity that explicitly denies access to the sts:GetCallerIdentity +// action, you can still perform this operation. Permissions are not required +// because the same information is returned when access is denied. To view an +// example response, see I Am Not Authorized to Perform: iam:DeleteVirtualMFADevice +// (https://docs.aws.amazon.com/IAM/latest/UserGuide/troubleshoot_general.html#troubleshoot_general_access-denied-delete-mfa) // in the IAM User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -1064,18 +1061,26 @@ func (c *STS) GetFederationTokenRequest(input *GetFederationTokenInput) (req *re // GetFederationToken API operation for AWS Security Token Service. // // Returns a set of temporary security credentials (consisting of an access -// key ID, a secret access key, and a security token) for a federated user. -// A typical use is in a proxy application that gets temporary security credentials -// on behalf of distributed applications inside a corporate network. You must -// call the GetFederationToken operation using the long-term security credentials -// of an IAM user. As a result, this call is appropriate in contexts where those -// credentials can be safely stored, usually in a server-based application. +// key ID, a secret access key, and a security token) for a user. A typical +// use is in a proxy application that gets temporary security credentials on +// behalf of distributed applications inside a corporate network. +// +// You must call the GetFederationToken operation using the long-term security +// credentials of an IAM user. As a result, this call is appropriate in contexts +// where those credentials can be safeguarded, usually in a server-based application. // For a comparison of GetFederationToken with the other API operations that // produce temporary credentials, see Requesting Temporary Security Credentials // (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html) // and Comparing the Amazon Web Services STS API operations (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#stsapi_comparison) // in the IAM User Guide. // +// Although it is possible to call GetFederationToken using the security credentials +// of an Amazon Web Services account root user rather than an IAM user that +// you create for the purpose of a proxy application, we do not recommend it. +// For more information, see Safeguard your root user credentials and don't +// use them for everyday tasks (https://docs.aws.amazon.com/IAM/latest/UserGuide/best-practices.html#lock-away-credentials) +// in the IAM User Guide. +// // You can create a mobile-based or browser-based app that can authenticate // users using a web identity provider like Login with Amazon, Facebook, Google, // or an OpenID Connect-compatible identity provider. In this case, we recommend @@ -1084,32 +1089,26 @@ func (c *STS) GetFederationTokenRequest(input *GetFederationTokenInput) (req *re // (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#api_assumerolewithwebidentity) // in the IAM User Guide. // -// You can also call GetFederationToken using the security credentials of an -// Amazon Web Services account root user, but we do not recommend it. Instead, -// we recommend that you create an IAM user for the purpose of the proxy application. -// Then attach a policy to the IAM user that limits federated users to only -// the actions and resources that they need to access. For more information, -// see IAM Best Practices (https://docs.aws.amazon.com/IAM/latest/UserGuide/best-practices.html) -// in the IAM User Guide. -// // # Session duration // // The temporary credentials are valid for the specified duration, from 900 // seconds (15 minutes) up to a maximum of 129,600 seconds (36 hours). The default // session duration is 43,200 seconds (12 hours). Temporary credentials obtained -// by using the Amazon Web Services account root user credentials have a maximum -// duration of 3,600 seconds (1 hour). +// by using the root user credentials have a maximum duration of 3,600 seconds +// (1 hour). // // # Permissions // // You can use the temporary credentials created by GetFederationToken in any -// Amazon Web Services service except the following: +// Amazon Web Services service with the following exceptions: // // - You cannot call any IAM operations using the CLI or the Amazon Web Services -// API. +// API. This limitation does not apply to console sessions. // // - You cannot call any STS operations except GetCallerIdentity. // +// You can use temporary credentials for single sign-on (SSO) to the console. +// // You must pass an inline or managed session policy (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session) // to this operation. You can pass a single JSON policy document to use as an // inline session policy. You can also specify up to 10 managed policy Amazon @@ -1266,12 +1265,13 @@ func (c *STS) GetSessionTokenRequest(input *GetSessionTokenInput) (req *request. // or IAM user. The credentials consist of an access key ID, a secret access // key, and a security token. Typically, you use GetSessionToken if you want // to use MFA to protect programmatic calls to specific Amazon Web Services -// API operations like Amazon EC2 StopInstances. MFA-enabled IAM users would -// need to call GetSessionToken and submit an MFA code that is associated with -// their MFA device. Using the temporary security credentials that are returned -// from the call, IAM users can then make programmatic calls to API operations -// that require MFA authentication. If you do not supply a correct MFA code, -// then the API returns an access denied error. For a comparison of GetSessionToken +// API operations like Amazon EC2 StopInstances. +// +// MFA-enabled IAM users must call GetSessionToken and submit an MFA code that +// is associated with their MFA device. Using the temporary security credentials +// that the call returns, IAM users can then make programmatic calls to API +// operations that require MFA authentication. An incorrect MFA code causes +// the API to return an access denied error. For a comparison of GetSessionToken // with the other API operations that produce temporary credentials, see Requesting // Temporary Security Credentials (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html) // and Comparing the Amazon Web Services STS API operations (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#stsapi_comparison) @@ -1286,13 +1286,12 @@ func (c *STS) GetSessionTokenRequest(input *GetSessionTokenInput) (req *request. // # Session Duration // // The GetSessionToken operation must be called by using the long-term Amazon -// Web Services security credentials of the Amazon Web Services account root -// user or an IAM user. Credentials that are created by IAM users are valid -// for the duration that you specify. This duration can range from 900 seconds -// (15 minutes) up to a maximum of 129,600 seconds (36 hours), with a default -// of 43,200 seconds (12 hours). Credentials based on account credentials can -// range from 900 seconds (15 minutes) up to 3,600 seconds (1 hour), with a -// default of 1 hour. +// Web Services security credentials of an IAM user. Credentials that are created +// by IAM users are valid for the duration that you specify. This duration can +// range from 900 seconds (15 minutes) up to a maximum of 129,600 seconds (36 +// hours), with a default of 43,200 seconds (12 hours). Credentials based on +// account credentials can range from 900 seconds (15 minutes) up to 3,600 seconds +// (1 hour), with a default of 1 hour. // // # Permissions // @@ -1304,20 +1303,20 @@ func (c *STS) GetSessionTokenRequest(input *GetSessionTokenInput) (req *request. // // - You cannot call any STS API except AssumeRole or GetCallerIdentity. // -// We recommend that you do not call GetSessionToken with Amazon Web Services -// account root user credentials. Instead, follow our best practices (https://docs.aws.amazon.com/IAM/latest/UserGuide/best-practices.html#create-iam-users) -// by creating one or more IAM users, giving them the necessary permissions, -// and using IAM users for everyday interaction with Amazon Web Services. +// The credentials that GetSessionToken returns are based on permissions associated +// with the IAM user whose credentials were used to call the operation. The +// temporary credentials have the same permissions as the IAM user. // -// The credentials that are returned by GetSessionToken are based on permissions -// associated with the user whose credentials were used to call the operation. -// If GetSessionToken is called using Amazon Web Services account root user -// credentials, the temporary credentials have root user permissions. Similarly, -// if GetSessionToken is called using the credentials of an IAM user, the temporary -// credentials have the same permissions as the IAM user. +// Although it is possible to call GetSessionToken using the security credentials +// of an Amazon Web Services account root user rather than an IAM user, we do +// not recommend it. If GetSessionToken is called using root user credentials, +// the temporary credentials have root user permissions. For more information, +// see Safeguard your root user credentials and don't use them for everyday +// tasks (https://docs.aws.amazon.com/IAM/latest/UserGuide/best-practices.html#lock-away-credentials) +// in the IAM User Guide // // For more information about using GetSessionToken to create temporary credentials, -// go to Temporary Credentials for Users in Untrusted Environments (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#api_getsessiontoken) +// see Temporary Credentials for Users in Untrusted Environments (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#api_getsessiontoken) // in the IAM User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -1461,6 +1460,17 @@ type AssumeRoleInput struct { // in the IAM User Guide. PolicyArns []*PolicyDescriptorType `type:"list"` + // A list of previously acquired trusted context assertions in the format of + // a JSON array. The trusted context assertion is signed and encrypted by Amazon + // Web Services STS. + // + // The following is an example of a ProvidedContext value that includes a single + // trusted context assertion and the ARN of the context provider from which + // the trusted context assertion was generated. + // + // [{"ProviderArn":"arn:aws:iam::aws:contextProvider/IdentityCenter","ContextAssertion":"trusted-context-assertion"}] + ProvidedContexts []*ProvidedContext `type:"list"` + // The Amazon Resource Name (ARN) of the role to assume. // // RoleArn is a required field @@ -1634,6 +1644,16 @@ func (s *AssumeRoleInput) Validate() error { } } } + if s.ProvidedContexts != nil { + for i, v := range s.ProvidedContexts { + if v == nil { + continue + } + if err := v.Validate(); err != nil { + invalidParams.AddNested(fmt.Sprintf("%s[%v]", "ProvidedContexts", i), err.(request.ErrInvalidParams)) + } + } + } if s.Tags != nil { for i, v := range s.Tags { if v == nil { @@ -1675,6 +1695,12 @@ func (s *AssumeRoleInput) SetPolicyArns(v []*PolicyDescriptorType) *AssumeRoleIn return s } +// SetProvidedContexts sets the ProvidedContexts field's value. +func (s *AssumeRoleInput) SetProvidedContexts(v []*ProvidedContext) *AssumeRoleInput { + s.ProvidedContexts = v + return s +} + // SetRoleArn sets the RoleArn field's value. func (s *AssumeRoleInput) SetRoleArn(v string) *AssumeRoleInput { s.RoleArn = &v @@ -1899,8 +1925,12 @@ type AssumeRoleWithSAMLInput struct { // For more information, see Configuring a Relying Party and Adding Claims (https://docs.aws.amazon.com/IAM/latest/UserGuide/create-role-saml-IdP-tasks.html) // in the IAM User Guide. // + // SAMLAssertion is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by AssumeRoleWithSAMLInput's + // String and GoString methods. + // // SAMLAssertion is a required field - SAMLAssertion *string `min:"4" type:"string" required:"true"` + SAMLAssertion *string `min:"4" type:"string" required:"true" sensitive:"true"` } // String returns the string representation. @@ -2035,7 +2065,7 @@ type AssumeRoleWithSAMLOutput struct { // IAM. // // The combination of NameQualifier and Subject can be used to uniquely identify - // a federated user. + // a user. // // The following pseudocode shows how the hash value is calculated: // @@ -2263,10 +2293,15 @@ type AssumeRoleWithWebIdentityInput struct { // The OAuth 2.0 access token or OpenID Connect ID token that is provided by // the identity provider. Your application must get this token by authenticating // the user who is using your application with a web identity provider before - // the application makes an AssumeRoleWithWebIdentity call. + // the application makes an AssumeRoleWithWebIdentity call. Only tokens with + // RSA algorithms (RS256) are supported. + // + // WebIdentityToken is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by AssumeRoleWithWebIdentityInput's + // String and GoString methods. // // WebIdentityToken is a required field - WebIdentityToken *string `min:"4" type:"string" required:"true"` + WebIdentityToken *string `min:"4" type:"string" required:"true" sensitive:"true"` } // String returns the string representation. @@ -2572,8 +2607,12 @@ type Credentials struct { // The secret access key that can be used to sign requests. // + // SecretAccessKey is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by Credentials's + // String and GoString methods. + // // SecretAccessKey is a required field - SecretAccessKey *string `type:"string" required:"true"` + SecretAccessKey *string `type:"string" required:"true" sensitive:"true"` // The token that users must pass to the service API to use the temporary credentials. // @@ -2921,10 +2960,9 @@ type GetFederationTokenInput struct { // The duration, in seconds, that the session should last. Acceptable durations // for federation sessions range from 900 seconds (15 minutes) to 129,600 seconds // (36 hours), with 43,200 seconds (12 hours) as the default. Sessions obtained - // using Amazon Web Services account root user credentials are restricted to - // a maximum of 3,600 seconds (one hour). If the specified duration is longer - // than one hour, the session obtained by using root user credentials defaults - // to one hour. + // using root user credentials are restricted to a maximum of 3,600 seconds + // (one hour). If the specified duration is longer than one hour, the session + // obtained by using root user credentials defaults to one hour. DurationSeconds *int64 `min:"900" type:"integer"` // The name of the federated user. The name is used as an identifier for the @@ -3375,6 +3413,67 @@ func (s *PolicyDescriptorType) SetArn(v string) *PolicyDescriptorType { return s } +// Contains information about the provided context. This includes the signed +// and encrypted trusted context assertion and the context provider ARN from +// which the trusted context assertion was generated. +type ProvidedContext struct { + _ struct{} `type:"structure"` + + // The signed and encrypted trusted context assertion generated by the context + // provider. The trusted context assertion is signed and encrypted by Amazon + // Web Services STS. + ContextAssertion *string `min:"4" type:"string"` + + // The context provider ARN from which the trusted context assertion was generated. + ProviderArn *string `min:"20" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ProvidedContext) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ProvidedContext) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *ProvidedContext) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "ProvidedContext"} + if s.ContextAssertion != nil && len(*s.ContextAssertion) < 4 { + invalidParams.Add(request.NewErrParamMinLen("ContextAssertion", 4)) + } + if s.ProviderArn != nil && len(*s.ProviderArn) < 20 { + invalidParams.Add(request.NewErrParamMinLen("ProviderArn", 20)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetContextAssertion sets the ContextAssertion field's value. +func (s *ProvidedContext) SetContextAssertion(v string) *ProvidedContext { + s.ContextAssertion = &v + return s +} + +// SetProviderArn sets the ProviderArn field's value. +func (s *ProvidedContext) SetProviderArn(v string) *ProvidedContext { + s.ProviderArn = &v + return s +} + // You can pass custom key-value pair attributes when you assume a role or federate // a user. These are called session tags. You can then use the session tags // to control access to resources. For more information, see Tagging Amazon diff --git a/ecs-agent/vendor/github.com/aws/aws-sdk-go/service/sts/doc.go b/ecs-agent/vendor/github.com/aws/aws-sdk-go/service/sts/doc.go index c40f5a2a52b..ea1d9eb0ccf 100644 --- a/ecs-agent/vendor/github.com/aws/aws-sdk-go/service/sts/doc.go +++ b/ecs-agent/vendor/github.com/aws/aws-sdk-go/service/sts/doc.go @@ -4,10 +4,9 @@ // requests to AWS Security Token Service. // // Security Token Service (STS) enables you to request temporary, limited-privilege -// credentials for Identity and Access Management (IAM) users or for users that -// you authenticate (federated users). This guide provides descriptions of the -// STS API. For more information about using this service, see Temporary Security -// Credentials (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp.html). +// credentials for users. This guide provides descriptions of the STS API. For +// more information about using this service, see Temporary Security Credentials +// (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp.html). // // See https://docs.aws.amazon.com/goto/WebAPI/sts-2011-06-15 for more information on this service. // diff --git a/ecs-agent/vendor/modules.txt b/ecs-agent/vendor/modules.txt index 47e42a29d38..ab20af02e90 100644 --- a/ecs-agent/vendor/modules.txt +++ b/ecs-agent/vendor/modules.txt @@ -27,10 +27,11 @@ github.com/Microsoft/hcsshim/internal/timeout github.com/Microsoft/hcsshim/internal/vmcompute github.com/Microsoft/hcsshim/internal/winapi github.com/Microsoft/hcsshim/osversion -# github.com/aws/aws-sdk-go v1.44.173 -## explicit; go 1.11 +# github.com/aws/aws-sdk-go v1.51.3 +## explicit; go 1.19 github.com/aws/aws-sdk-go/aws github.com/aws/aws-sdk-go/aws/arn +github.com/aws/aws-sdk-go/aws/auth/bearer github.com/aws/aws-sdk-go/aws/awserr github.com/aws/aws-sdk-go/aws/awsutil github.com/aws/aws-sdk-go/aws/client @@ -72,6 +73,7 @@ github.com/aws/aws-sdk-go/private/util github.com/aws/aws-sdk-go/service/ec2 github.com/aws/aws-sdk-go/service/sso github.com/aws/aws-sdk-go/service/sso/ssoiface +github.com/aws/aws-sdk-go/service/ssooidc github.com/aws/aws-sdk-go/service/sts github.com/aws/aws-sdk-go/service/sts/stsiface # github.com/cihub/seelog v0.0.0-20170130134532-f561c5e57575 diff --git a/ecs-init/go.mod b/ecs-init/go.mod index 73900945dc5..8227d946650 100644 --- a/ecs-init/go.mod +++ b/ecs-init/go.mod @@ -4,7 +4,7 @@ go 1.19 require ( github.com/NVIDIA/gpu-monitoring-tools v0.0.0-20180829222009-86f2a9fac6c5 - github.com/aws/aws-sdk-go v1.36.0 + github.com/aws/aws-sdk-go v1.51.3 github.com/cihub/seelog v0.0.0-20170130134532-f561c5e57575 github.com/containerd/containerd v1.6.26 github.com/docker/docker v23.0.8+incompatible diff --git a/ecs-init/go.sum b/ecs-init/go.sum index c21c7d67957..5b5076312e7 100644 --- a/ecs-init/go.sum +++ b/ecs-init/go.sum @@ -5,8 +5,8 @@ github.com/Microsoft/go-winio v0.5.2/go.mod h1:WpS1mjBmmwHBEWmogvA2mj8546UReBk4v github.com/Microsoft/hcsshim v0.9.10 h1:TxXGNmcbQxBKVWvjvTocNb6jrPyeHlk5EiDhhgHgggs= github.com/NVIDIA/gpu-monitoring-tools v0.0.0-20180829222009-86f2a9fac6c5 h1:WLyvLAM0QfjAarRzRTG9EgT5McqGWNZMvqqSUSoyUUY= github.com/NVIDIA/gpu-monitoring-tools v0.0.0-20180829222009-86f2a9fac6c5/go.mod h1:nMOvShGpWaf0bXwXmeu4k+O4uziuaEI8pWzIj3BUrOA= -github.com/aws/aws-sdk-go v1.36.0 h1:CscTrS+szX5iu34zk2bZrChnGO/GMtUYgMK1Xzs2hYo= -github.com/aws/aws-sdk-go v1.36.0/go.mod h1:hcU610XS61/+aQV88ixoOzUoG7v3b31pl2zKMmprdro= +github.com/aws/aws-sdk-go v1.51.3 h1:OqSyEXcJwf/XhZNVpMRgKlLA9nmbo5X8dwbll4RWxq8= +github.com/aws/aws-sdk-go v1.51.3/go.mod h1:LF8svs817+Nz+DmiMQKTO3ubZ/6IaTpq3TjupRn3Eqk= github.com/cihub/seelog v0.0.0-20170130134532-f561c5e57575 h1:kHaBemcxl8o/pQ5VM1c8PVE1PubbNx3mjUr09OqWGCs= github.com/cihub/seelog v0.0.0-20170130134532-f561c5e57575/go.mod h1:9d6lWj8KzO/fd/NrVaLscBKmPigpZpn5YawRPw+e3Yo= github.com/containerd/containerd v1.6.26 h1:VVfrE6ZpyisvB1fzoY8Vkiq4sy+i5oF4uk7zu03RaHs= @@ -92,7 +92,6 @@ golang.org/x/net v0.0.0-20190404232315-eb5bcb51f2a3/go.mod h1:t9HGtf8HONx5eT2rtn golang.org/x/net v0.0.0-20190620200207-3b0461eec859/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s= golang.org/x/net v0.0.0-20201021035429-f5854403a974/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= -golang.org/x/net v0.0.0-20201110031124-69a78807bb2b/go.mod h1:sp8m0HH+o8qH0wwXwYZr8TS3Oi6o0r6Gce1SSxlDquU= golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96bSt6lcn1PtDYWL6XObtHCRCNQM= golang.org/x/net v0.17.0 h1:pVaXccu2ozPjCXewfr1S7xza/zcXTity9cCdXQYSjIM= golang.org/x/net v0.17.0/go.mod h1:NxSsAGuq816PNPmqtQdLE42eU2Fs7NoRIZrHJAlaCOE= diff --git a/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/auth/bearer/token.go b/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/auth/bearer/token.go new file mode 100644 index 00000000000..dd950a286fb --- /dev/null +++ b/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/auth/bearer/token.go @@ -0,0 +1,50 @@ +package bearer + +import ( + "github.com/aws/aws-sdk-go/aws" + "time" +) + +// Token provides a type wrapping a bearer token and expiration metadata. +type Token struct { + Value string + + CanExpire bool + Expires time.Time +} + +// Expired returns if the token's Expires time is before or equal to the time +// provided. If CanExpire is false, Expired will always return false. +func (t Token) Expired(now time.Time) bool { + if !t.CanExpire { + return false + } + now = now.Round(0) + return now.Equal(t.Expires) || now.After(t.Expires) +} + +// TokenProvider provides interface for retrieving bearer tokens. +type TokenProvider interface { + RetrieveBearerToken(aws.Context) (Token, error) +} + +// TokenProviderFunc provides a helper utility to wrap a function as a type +// that implements the TokenProvider interface. +type TokenProviderFunc func(aws.Context) (Token, error) + +// RetrieveBearerToken calls the wrapped function, returning the Token or +// error. +func (fn TokenProviderFunc) RetrieveBearerToken(ctx aws.Context) (Token, error) { + return fn(ctx) +} + +// StaticTokenProvider provides a utility for wrapping a static bearer token +// value within an implementation of a token provider. +type StaticTokenProvider struct { + Token Token +} + +// RetrieveBearerToken returns the static token specified. +func (s StaticTokenProvider) RetrieveBearerToken(aws.Context) (Token, error) { + return s.Token, nil +} diff --git a/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/awsutil/prettify.go b/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/awsutil/prettify.go index 710eb432f85..11d4240d614 100644 --- a/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/awsutil/prettify.go +++ b/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/awsutil/prettify.go @@ -50,9 +50,19 @@ func prettify(v reflect.Value, indent int, buf *bytes.Buffer) { for i, n := range names { val := v.FieldByName(n) + ft, ok := v.Type().FieldByName(n) + if !ok { + panic(fmt.Sprintf("expected to find field %v on type %v, but was not found", n, v.Type())) + } + buf.WriteString(strings.Repeat(" ", indent+2)) buf.WriteString(n + ": ") - prettify(val, indent+2, buf) + + if tag := ft.Tag.Get("sensitive"); tag == "true" { + buf.WriteString("") + } else { + prettify(val, indent+2, buf) + } if i < len(names)-1 { buf.WriteString(",\n") diff --git a/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/awsutil/string_value.go b/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/awsutil/string_value.go index 645df2450fc..3f7cffd9579 100644 --- a/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/awsutil/string_value.go +++ b/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/awsutil/string_value.go @@ -8,6 +8,8 @@ import ( ) // StringValue returns the string representation of a value. +// +// Deprecated: Use Prettify instead. func StringValue(i interface{}) string { var buf bytes.Buffer stringValue(reflect.ValueOf(i), 0, &buf) diff --git a/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/client/client.go b/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/client/client.go index 03334d69207..b147f103ce1 100644 --- a/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/client/client.go +++ b/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/client/client.go @@ -10,12 +10,13 @@ import ( // A Config provides configuration to a service client instance. type Config struct { - Config *aws.Config - Handlers request.Handlers - PartitionID string - Endpoint string - SigningRegion string - SigningName string + Config *aws.Config + Handlers request.Handlers + PartitionID string + Endpoint string + SigningRegion string + SigningName string + ResolvedRegion string // States that the signing name did not come from a modeled source but // was derived based on other data. Used by service client constructors @@ -88,10 +89,6 @@ func (c *Client) NewRequest(operation *request.Operation, params interface{}, da // AddDebugHandlers injects debug logging handlers into the service to log request // debug information. func (c *Client) AddDebugHandlers() { - if !c.Config.LogLevel.AtLeast(aws.LogDebug) { - return - } - c.Handlers.Send.PushFrontNamed(LogHTTPRequestHandler) c.Handlers.Send.PushBackNamed(LogHTTPResponseHandler) } diff --git a/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/client/logger.go b/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/client/logger.go index 8958c32d4e9..5ac5c24a1b7 100644 --- a/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/client/logger.go +++ b/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/client/logger.go @@ -53,6 +53,10 @@ var LogHTTPRequestHandler = request.NamedHandler{ } func logRequest(r *request.Request) { + if !r.Config.LogLevel.AtLeast(aws.LogDebug) || r.Config.Logger == nil { + return + } + logBody := r.Config.LogLevel.Matches(aws.LogDebugWithHTTPBody) bodySeekable := aws.IsReaderSeekable(r.Body) @@ -90,6 +94,10 @@ var LogHTTPRequestHeaderHandler = request.NamedHandler{ } func logRequestHeader(r *request.Request) { + if !r.Config.LogLevel.AtLeast(aws.LogDebug) || r.Config.Logger == nil { + return + } + b, err := httputil.DumpRequestOut(r.HTTPRequest, false) if err != nil { r.Config.Logger.Log(fmt.Sprintf(logReqErrMsg, @@ -120,6 +128,10 @@ var LogHTTPResponseHandler = request.NamedHandler{ } func logResponse(r *request.Request) { + if !r.Config.LogLevel.AtLeast(aws.LogDebug) || r.Config.Logger == nil { + return + } + lw := &logWriter{r.Config.Logger, bytes.NewBuffer(nil)} if r.HTTPResponse == nil { @@ -178,7 +190,7 @@ var LogHTTPResponseHeaderHandler = request.NamedHandler{ } func logResponseHeader(r *request.Request) { - if r.Config.Logger == nil { + if !r.Config.LogLevel.AtLeast(aws.LogDebug) || r.Config.Logger == nil { return } diff --git a/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/client/metadata/client_info.go b/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/client/metadata/client_info.go index 0c48f72e08e..a7530ebb389 100644 --- a/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/client/metadata/client_info.go +++ b/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/client/metadata/client_info.go @@ -2,13 +2,14 @@ package metadata // ClientInfo wraps immutable data from the client.Client structure. type ClientInfo struct { - ServiceName string - ServiceID string - APIVersion string - PartitionID string - Endpoint string - SigningName string - SigningRegion string - JSONVersion string - TargetPrefix string + ServiceName string + ServiceID string + APIVersion string + PartitionID string + Endpoint string + SigningName string + SigningRegion string + JSONVersion string + TargetPrefix string + ResolvedRegion string } diff --git a/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/config.go b/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/config.go index 3b809e8478c..c483e0cb8e6 100644 --- a/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/config.go +++ b/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/config.go @@ -20,16 +20,16 @@ type RequestRetryer interface{} // A Config provides service configuration for service clients. By default, // all clients will use the defaults.DefaultConfig structure. // -// // Create Session with MaxRetries configuration to be shared by multiple -// // service clients. -// sess := session.Must(session.NewSession(&aws.Config{ -// MaxRetries: aws.Int(3), -// })) +// // Create Session with MaxRetries configuration to be shared by multiple +// // service clients. +// sess := session.Must(session.NewSession(&aws.Config{ +// MaxRetries: aws.Int(3), +// })) // -// // Create S3 service client with a specific Region. -// svc := s3.New(sess, &aws.Config{ -// Region: aws.String("us-west-2"), -// }) +// // Create S3 service client with a specific Region. +// svc := s3.New(sess, &aws.Config{ +// Region: aws.String("us-west-2"), +// }) type Config struct { // Enables verbose error printing of all credential chain errors. // Should be used when wanting to see all errors while attempting to @@ -170,6 +170,9 @@ type Config struct { // // For example S3's X-Amz-Meta prefixed header will be unmarshaled to lower case // Metadata member's map keys. The value of the header in the map is unaffected. + // + // The AWS SDK for Go v2, uses lower case header maps by default. The v1 + // SDK provides this opt-in for this option, for backwards compatibility. LowerCaseHeaderMaps *bool // Set this to `true` to disable the EC2Metadata client from overriding the @@ -189,6 +192,23 @@ type Config struct { // EC2MetadataDisableTimeoutOverride *bool + // Set this to `false` to disable EC2Metadata client from falling back to IMDSv1. + // By default, EC2 role credentials will fall back to IMDSv1 as needed for backwards compatibility. + // You can disable this behavior by explicitly setting this flag to `false`. When false, the EC2Metadata + // client will return any errors encountered from attempting to fetch a token instead of silently + // using the insecure data flow of IMDSv1. + // + // Example: + // sess := session.Must(session.NewSession(aws.NewConfig() + // .WithEC2MetadataEnableFallback(false))) + // + // svc := s3.New(sess) + // + // See [configuring IMDS] for more information. + // + // [configuring IMDS]: https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/configuring-instance-metadata-service.html + EC2MetadataEnableFallback *bool + // Instructs the endpoint to be generated for a service client to // be the dual stack endpoint. The dual stack endpoint will support // both IPv4 and IPv6 addressing. @@ -208,8 +228,19 @@ type Config struct { // svc := s3.New(sess, &aws.Config{ // UseDualStack: aws.Bool(true), // }) + // + // Deprecated: This option will continue to function for S3 and S3 Control for backwards compatibility. + // UseDualStackEndpoint should be used to enable usage of a service's dual-stack endpoint for all service clients + // moving forward. For S3 and S3 Control, when UseDualStackEndpoint is set to a non-zero value it takes higher + // precedence then this option. UseDualStack *bool + // Sets the resolver to resolve a dual-stack endpoint for the service. + UseDualStackEndpoint endpoints.DualStackEndpointState + + // UseFIPSEndpoint specifies the resolver must resolve a FIPS endpoint. + UseFIPSEndpoint endpoints.FIPSEndpointState + // SleepDelay is an override for the func the SDK will call when sleeping // during the lifecycle of a request. Specifically this will be used for // request delays. This value should only be used for testing. To adjust @@ -269,16 +300,16 @@ type Config struct { // NewConfig returns a new Config pointer that can be chained with builder // methods to set multiple configuration values inline without using pointers. // -// // Create Session with MaxRetries configuration to be shared by multiple -// // service clients. -// sess := session.Must(session.NewSession(aws.NewConfig(). -// WithMaxRetries(3), -// )) +// // Create Session with MaxRetries configuration to be shared by multiple +// // service clients. +// sess := session.Must(session.NewSession(aws.NewConfig(). +// WithMaxRetries(3), +// )) // -// // Create S3 service client with a specific Region. -// svc := s3.New(sess, aws.NewConfig(). -// WithRegion("us-west-2"), -// ) +// // Create S3 service client with a specific Region. +// svc := s3.New(sess, aws.NewConfig(). +// WithRegion("us-west-2"), +// ) func NewConfig() *Config { return &Config{} } @@ -411,6 +442,17 @@ func (c *Config) WithUseDualStack(enable bool) *Config { return c } +// WithUseFIPSEndpoint sets a config UseFIPSEndpoint value returning a Config +// pointer for chaining. +func (c *Config) WithUseFIPSEndpoint(enable bool) *Config { + if enable { + c.UseFIPSEndpoint = endpoints.FIPSEndpointStateEnabled + } else { + c.UseFIPSEndpoint = endpoints.FIPSEndpointStateDisabled + } + return c +} + // WithEC2MetadataDisableTimeoutOverride sets a config EC2MetadataDisableTimeoutOverride value // returning a Config pointer for chaining. func (c *Config) WithEC2MetadataDisableTimeoutOverride(enable bool) *Config { @@ -418,6 +460,13 @@ func (c *Config) WithEC2MetadataDisableTimeoutOverride(enable bool) *Config { return c } +// WithEC2MetadataEnableFallback sets a config EC2MetadataEnableFallback value +// returning a Config pointer for chaining. +func (c *Config) WithEC2MetadataEnableFallback(v bool) *Config { + c.EC2MetadataEnableFallback = &v + return c +} + // WithSleepDelay overrides the function used to sleep while waiting for the // next retry. Defaults to time.Sleep. func (c *Config) WithSleepDelay(fn func(time.Duration)) *Config { @@ -438,13 +487,6 @@ func (c *Config) WithDisableEndpointHostPrefix(t bool) *Config { return c } -// MergeIn merges the passed in configs into the existing config object. -func (c *Config) MergeIn(cfgs ...*Config) { - for _, other := range cfgs { - mergeInConfig(c, other) - } -} - // WithSTSRegionalEndpoint will set whether or not to use regional endpoint flag // when resolving the endpoint for a service func (c *Config) WithSTSRegionalEndpoint(sre endpoints.STSRegionalEndpoint) *Config { @@ -459,6 +501,27 @@ func (c *Config) WithS3UsEast1RegionalEndpoint(sre endpoints.S3UsEast1RegionalEn return c } +// WithLowerCaseHeaderMaps sets a config LowerCaseHeaderMaps value +// returning a Config pointer for chaining. +func (c *Config) WithLowerCaseHeaderMaps(t bool) *Config { + c.LowerCaseHeaderMaps = &t + return c +} + +// WithDisableRestProtocolURICleaning sets a config DisableRestProtocolURICleaning value +// returning a Config pointer for chaining. +func (c *Config) WithDisableRestProtocolURICleaning(t bool) *Config { + c.DisableRestProtocolURICleaning = &t + return c +} + +// MergeIn merges the passed in configs into the existing config object. +func (c *Config) MergeIn(cfgs ...*Config) { + for _, other := range cfgs { + mergeInConfig(c, other) + } +} + func mergeInConfig(dst *Config, other *Config) { if other == nil { return @@ -540,10 +603,18 @@ func mergeInConfig(dst *Config, other *Config) { dst.UseDualStack = other.UseDualStack } + if other.UseDualStackEndpoint != endpoints.DualStackEndpointStateUnset { + dst.UseDualStackEndpoint = other.UseDualStackEndpoint + } + if other.EC2MetadataDisableTimeoutOverride != nil { dst.EC2MetadataDisableTimeoutOverride = other.EC2MetadataDisableTimeoutOverride } + if other.EC2MetadataEnableFallback != nil { + dst.EC2MetadataEnableFallback = other.EC2MetadataEnableFallback + } + if other.SleepDelay != nil { dst.SleepDelay = other.SleepDelay } @@ -571,6 +642,18 @@ func mergeInConfig(dst *Config, other *Config) { if other.S3UsEast1RegionalEndpoint != endpoints.UnsetS3UsEast1Endpoint { dst.S3UsEast1RegionalEndpoint = other.S3UsEast1RegionalEndpoint } + + if other.LowerCaseHeaderMaps != nil { + dst.LowerCaseHeaderMaps = other.LowerCaseHeaderMaps + } + + if other.UseDualStackEndpoint != endpoints.DualStackEndpointStateUnset { + dst.UseDualStackEndpoint = other.UseDualStackEndpoint + } + + if other.UseFIPSEndpoint != endpoints.FIPSEndpointStateUnset { + dst.UseFIPSEndpoint = other.UseFIPSEndpoint + } } // Copy will return a shallow copy of the Config object. If any additional diff --git a/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/context_1_5.go b/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/context_1_5.go index 2866f9a7fb9..89aad2c6771 100644 --- a/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/context_1_5.go +++ b/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/context_1_5.go @@ -1,3 +1,4 @@ +//go:build !go1.9 // +build !go1.9 package aws diff --git a/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/context_1_9.go b/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/context_1_9.go index 3718b26e101..6ee9ddd18bb 100644 --- a/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/context_1_9.go +++ b/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/context_1_9.go @@ -1,3 +1,4 @@ +//go:build go1.9 // +build go1.9 package aws diff --git a/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/context_background_1_5.go b/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/context_background_1_5.go index 2f9446333a6..31321819048 100644 --- a/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/context_background_1_5.go +++ b/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/context_background_1_5.go @@ -1,3 +1,4 @@ +//go:build !go1.7 // +build !go1.7 package aws diff --git a/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/context_background_1_7.go b/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/context_background_1_7.go index 9c29f29af17..9975d561bb2 100644 --- a/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/context_background_1_7.go +++ b/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/context_background_1_7.go @@ -1,3 +1,4 @@ +//go:build go1.7 // +build go1.7 package aws diff --git a/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/corehandlers/awsinternal.go b/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/corehandlers/awsinternal.go new file mode 100644 index 00000000000..140242dd1b8 --- /dev/null +++ b/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/corehandlers/awsinternal.go @@ -0,0 +1,4 @@ +// DO NOT EDIT +package corehandlers + +const isAwsInternal = "" \ No newline at end of file diff --git a/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/corehandlers/handlers.go b/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/corehandlers/handlers.go index d95a5eb5408..36a915efea8 100644 --- a/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/corehandlers/handlers.go +++ b/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/corehandlers/handlers.go @@ -178,7 +178,7 @@ func handleSendError(r *request.Request, err error) { var ValidateResponseHandler = request.NamedHandler{Name: "core.ValidateResponseHandler", Fn: func(r *request.Request) { if r.HTTPResponse.StatusCode == 0 || r.HTTPResponse.StatusCode >= 300 { // this may be replaced by an UnmarshalError handler - r.Error = awserr.New("UnknownError", "unknown error", nil) + r.Error = awserr.New("UnknownError", "unknown error", r.Error) } }} diff --git a/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/corehandlers/user_agent.go b/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/corehandlers/user_agent.go index ab69c7a6f38..ac842c55d89 100644 --- a/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/corehandlers/user_agent.go +++ b/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/corehandlers/user_agent.go @@ -35,3 +35,13 @@ var AddHostExecEnvUserAgentHander = request.NamedHandler{ request.AddToUserAgent(r, execEnvUAKey+"/"+v) }, } + +var AddAwsInternal = request.NamedHandler{ + Name: "core.AddAwsInternal", + Fn: func(r *request.Request) { + if len(isAwsInternal) == 0 { + return + } + request.AddToUserAgent(r, isAwsInternal) + }, +} diff --git a/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/credentials/context_background_go1.5.go b/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/credentials/context_background_go1.5.go index 5852b264870..6e3406b1f76 100644 --- a/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/credentials/context_background_go1.5.go +++ b/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/credentials/context_background_go1.5.go @@ -1,3 +1,4 @@ +//go:build !go1.7 // +build !go1.7 package credentials diff --git a/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/credentials/context_background_go1.7.go b/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/credentials/context_background_go1.7.go index 388b2154182..a68df0ee73f 100644 --- a/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/credentials/context_background_go1.7.go +++ b/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/credentials/context_background_go1.7.go @@ -1,3 +1,4 @@ +//go:build go1.7 // +build go1.7 package credentials diff --git a/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/credentials/context_go1.5.go b/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/credentials/context_go1.5.go index 8152a864add..0345fab2d97 100644 --- a/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/credentials/context_go1.5.go +++ b/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/credentials/context_go1.5.go @@ -1,3 +1,4 @@ +//go:build !go1.9 // +build !go1.9 package credentials diff --git a/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/credentials/context_go1.9.go b/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/credentials/context_go1.9.go index 4356edb3d5d..79018aba738 100644 --- a/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/credentials/context_go1.9.go +++ b/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/credentials/context_go1.9.go @@ -1,3 +1,4 @@ +//go:build go1.9 // +build go1.9 package credentials diff --git a/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/credentials/endpointcreds/provider.go b/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/credentials/endpointcreds/provider.go index 785f30d8e6c..329f788a38a 100644 --- a/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/credentials/endpointcreds/provider.go +++ b/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/credentials/endpointcreds/provider.go @@ -31,6 +31,8 @@ package endpointcreds import ( "encoding/json" + "fmt" + "strings" "time" "github.com/aws/aws-sdk-go/aws" @@ -69,7 +71,37 @@ type Provider struct { // Optional authorization token value if set will be used as the value of // the Authorization header of the endpoint credential request. + // + // When constructed from environment, the provider will use the value of + // AWS_CONTAINER_AUTHORIZATION_TOKEN environment variable as the token + // + // Will be overridden if AuthorizationTokenProvider is configured AuthorizationToken string + + // Optional auth provider func to dynamically load the auth token from a file + // everytime a credential is retrieved + // + // When constructed from environment, the provider will read and use the content + // of the file pointed to by AWS_CONTAINER_AUTHORIZATION_TOKEN_FILE environment variable + // as the auth token everytime credentials are retrieved + // + // Will override AuthorizationToken if configured + AuthorizationTokenProvider AuthTokenProvider +} + +// AuthTokenProvider defines an interface to dynamically load a value to be passed +// for the Authorization header of a credentials request. +type AuthTokenProvider interface { + GetToken() (string, error) +} + +// TokenProviderFunc is a func type implementing AuthTokenProvider interface +// and enables customizing token provider behavior +type TokenProviderFunc func() (string, error) + +// GetToken func retrieves auth token according to TokenProviderFunc implementation +func (p TokenProviderFunc) GetToken() (string, error) { + return p() } // NewProviderClient returns a credentials Provider for retrieving AWS credentials @@ -164,7 +196,20 @@ func (p *Provider) getCredentials(ctx aws.Context) (*getCredentialsOutput, error req := p.Client.NewRequest(op, nil, out) req.SetContext(ctx) req.HTTPRequest.Header.Set("Accept", "application/json") - if authToken := p.AuthorizationToken; len(authToken) != 0 { + + authToken := p.AuthorizationToken + var err error + if p.AuthorizationTokenProvider != nil { + authToken, err = p.AuthorizationTokenProvider.GetToken() + if err != nil { + return nil, fmt.Errorf("get authorization token: %v", err) + } + } + + if strings.ContainsAny(authToken, "\r\n") { + return nil, fmt.Errorf("authorization token contains invalid newline sequence") + } + if len(authToken) != 0 { req.HTTPRequest.Header.Set("Authorization", authToken) } diff --git a/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/credentials/processcreds/provider.go b/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/credentials/processcreds/provider.go index e6248360029..18694f07f7f 100644 --- a/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/credentials/processcreds/provider.go +++ b/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/credentials/processcreds/provider.go @@ -226,12 +226,24 @@ func NewCredentialsCommand(command *exec.Cmd, options ...func(*ProcessProvider)) return credentials.NewCredentials(p) } -type credentialProcessResponse struct { - Version int - AccessKeyID string `json:"AccessKeyId"` +// A CredentialProcessResponse is the AWS credentials format that must be +// returned when executing an external credential_process. +type CredentialProcessResponse struct { + // As of this writing, the Version key must be set to 1. This might + // increment over time as the structure evolves. + Version int + + // The access key ID that identifies the temporary security credentials. + AccessKeyID string `json:"AccessKeyId"` + + // The secret access key that can be used to sign requests. SecretAccessKey string - SessionToken string - Expiration *time.Time + + // The token that users must pass to the service API to use the temporary credentials. + SessionToken string + + // The date on which the current credentials expire. + Expiration *time.Time } // Retrieve executes the 'credential_process' and returns the credentials. @@ -242,7 +254,7 @@ func (p *ProcessProvider) Retrieve() (credentials.Value, error) { } // Serialize and validate response - resp := &credentialProcessResponse{} + resp := &CredentialProcessResponse{} if err = json.Unmarshal(out, resp); err != nil { return credentials.Value{ProviderName: ProviderName}, awserr.New( ErrCodeProcessProviderParse, diff --git a/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/credentials/ssocreds/doc.go b/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/credentials/ssocreds/doc.go new file mode 100644 index 00000000000..18c940ab3c3 --- /dev/null +++ b/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/credentials/ssocreds/doc.go @@ -0,0 +1,60 @@ +// Package ssocreds provides a credential provider for retrieving temporary AWS credentials using an SSO access token. +// +// IMPORTANT: The provider in this package does not initiate or perform the AWS SSO login flow. The SDK provider +// expects that you have already performed the SSO login flow using AWS CLI using the "aws sso login" command, or by +// some other mechanism. The provider must find a valid non-expired access token for the AWS SSO user portal URL in +// ~/.aws/sso/cache. If a cached token is not found, it is expired, or the file is malformed an error will be returned. +// +// Loading AWS SSO credentials with the AWS shared configuration file +// +// You can use configure AWS SSO credentials from the AWS shared configuration file by +// providing the specifying the required keys in the profile: +// +// sso_account_id +// sso_region +// sso_role_name +// sso_start_url +// +// For example, the following defines a profile "devsso" and specifies the AWS SSO parameters that defines the target +// account, role, sign-on portal, and the region where the user portal is located. Note: all SSO arguments must be +// provided, or an error will be returned. +// +// [profile devsso] +// sso_start_url = https://my-sso-portal.awsapps.com/start +// sso_role_name = SSOReadOnlyRole +// sso_region = us-east-1 +// sso_account_id = 123456789012 +// +// Using the config module, you can load the AWS SDK shared configuration, and specify that this profile be used to +// retrieve credentials. For example: +// +// sess, err := session.NewSessionWithOptions(session.Options{ +// SharedConfigState: session.SharedConfigEnable, +// Profile: "devsso", +// }) +// if err != nil { +// return err +// } +// +// Programmatically loading AWS SSO credentials directly +// +// You can programmatically construct the AWS SSO Provider in your application, and provide the necessary information +// to load and retrieve temporary credentials using an access token from ~/.aws/sso/cache. +// +// svc := sso.New(sess, &aws.Config{ +// Region: aws.String("us-west-2"), // Client Region must correspond to the AWS SSO user portal region +// }) +// +// provider := ssocreds.NewCredentialsWithClient(svc, "123456789012", "SSOReadOnlyRole", "https://my-sso-portal.awsapps.com/start") +// +// credentials, err := provider.Get() +// if err != nil { +// return err +// } +// +// Additional Resources +// +// Configuring the AWS CLI to use AWS Single Sign-On: https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-sso.html +// +// AWS Single Sign-On User Guide: https://docs.aws.amazon.com/singlesignon/latest/userguide/what-is.html +package ssocreds diff --git a/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/credentials/ssocreds/os.go b/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/credentials/ssocreds/os.go new file mode 100644 index 00000000000..d4df39a7a22 --- /dev/null +++ b/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/credentials/ssocreds/os.go @@ -0,0 +1,10 @@ +//go:build !windows +// +build !windows + +package ssocreds + +import "os" + +func getHomeDirectory() string { + return os.Getenv("HOME") +} diff --git a/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/credentials/ssocreds/os_windows.go b/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/credentials/ssocreds/os_windows.go new file mode 100644 index 00000000000..eb48f61e5bc --- /dev/null +++ b/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/credentials/ssocreds/os_windows.go @@ -0,0 +1,7 @@ +package ssocreds + +import "os" + +func getHomeDirectory() string { + return os.Getenv("USERPROFILE") +} diff --git a/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/credentials/ssocreds/provider.go b/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/credentials/ssocreds/provider.go new file mode 100644 index 00000000000..4138e725dde --- /dev/null +++ b/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/credentials/ssocreds/provider.go @@ -0,0 +1,187 @@ +package ssocreds + +import ( + "crypto/sha1" + "encoding/hex" + "encoding/json" + "io/ioutil" + "path/filepath" + "strings" + "time" + + "github.com/aws/aws-sdk-go/aws" + "github.com/aws/aws-sdk-go/aws/auth/bearer" + "github.com/aws/aws-sdk-go/aws/awserr" + "github.com/aws/aws-sdk-go/aws/client" + "github.com/aws/aws-sdk-go/aws/credentials" + "github.com/aws/aws-sdk-go/service/sso" + "github.com/aws/aws-sdk-go/service/sso/ssoiface" +) + +// ErrCodeSSOProviderInvalidToken is the code type that is returned if loaded token has expired or is otherwise invalid. +// To refresh the SSO session run aws sso login with the corresponding profile. +const ErrCodeSSOProviderInvalidToken = "SSOProviderInvalidToken" + +const invalidTokenMessage = "the SSO session has expired or is invalid" + +func init() { + nowTime = time.Now + defaultCacheLocation = defaultCacheLocationImpl +} + +var nowTime func() time.Time + +// ProviderName is the name of the provider used to specify the source of credentials. +const ProviderName = "SSOProvider" + +var defaultCacheLocation func() string + +func defaultCacheLocationImpl() string { + return filepath.Join(getHomeDirectory(), ".aws", "sso", "cache") +} + +// Provider is an AWS credential provider that retrieves temporary AWS credentials by exchanging an SSO login token. +type Provider struct { + credentials.Expiry + + // The Client which is configured for the AWS Region where the AWS SSO user portal is located. + Client ssoiface.SSOAPI + + // The AWS account that is assigned to the user. + AccountID string + + // The role name that is assigned to the user. + RoleName string + + // The URL that points to the organization's AWS Single Sign-On (AWS SSO) user portal. + StartURL string + + // The filepath the cached token will be retrieved from. If unset Provider will + // use the startURL to determine the filepath at. + // + // ~/.aws/sso/cache/.json + // + // If custom cached token filepath is used, the Provider's startUrl + // parameter will be ignored. + CachedTokenFilepath string + + // Used by the SSOCredentialProvider if a token configuration + // profile is used in the shared config + TokenProvider bearer.TokenProvider +} + +// NewCredentials returns a new AWS Single Sign-On (AWS SSO) credential provider. The ConfigProvider is expected to be configured +// for the AWS Region where the AWS SSO user portal is located. +func NewCredentials(configProvider client.ConfigProvider, accountID, roleName, startURL string, optFns ...func(provider *Provider)) *credentials.Credentials { + return NewCredentialsWithClient(sso.New(configProvider), accountID, roleName, startURL, optFns...) +} + +// NewCredentialsWithClient returns a new AWS Single Sign-On (AWS SSO) credential provider. The provided client is expected to be configured +// for the AWS Region where the AWS SSO user portal is located. +func NewCredentialsWithClient(client ssoiface.SSOAPI, accountID, roleName, startURL string, optFns ...func(provider *Provider)) *credentials.Credentials { + p := &Provider{ + Client: client, + AccountID: accountID, + RoleName: roleName, + StartURL: startURL, + } + + for _, fn := range optFns { + fn(p) + } + + return credentials.NewCredentials(p) +} + +// Retrieve retrieves temporary AWS credentials from the configured Amazon Single Sign-On (AWS SSO) user portal +// by exchanging the accessToken present in ~/.aws/sso/cache. +func (p *Provider) Retrieve() (credentials.Value, error) { + return p.RetrieveWithContext(aws.BackgroundContext()) +} + +// RetrieveWithContext retrieves temporary AWS credentials from the configured Amazon Single Sign-On (AWS SSO) user portal +// by exchanging the accessToken present in ~/.aws/sso/cache. +func (p *Provider) RetrieveWithContext(ctx credentials.Context) (credentials.Value, error) { + var accessToken *string + if p.TokenProvider != nil { + token, err := p.TokenProvider.RetrieveBearerToken(ctx) + if err != nil { + return credentials.Value{}, err + } + accessToken = &token.Value + } else { + if p.CachedTokenFilepath == "" { + cachedTokenFilePath, err := getCachedFilePath(p.StartURL) + if err != nil { + return credentials.Value{}, err + } + p.CachedTokenFilepath = cachedTokenFilePath + } + + tokenFile, err := loadTokenFile(p.CachedTokenFilepath) + if err != nil { + return credentials.Value{}, err + } + accessToken = &tokenFile.AccessToken + } + + output, err := p.Client.GetRoleCredentialsWithContext(ctx, &sso.GetRoleCredentialsInput{ + AccessToken: accessToken, + AccountId: &p.AccountID, + RoleName: &p.RoleName, + }) + if err != nil { + return credentials.Value{}, err + } + + expireTime := time.Unix(0, aws.Int64Value(output.RoleCredentials.Expiration)*int64(time.Millisecond)).UTC() + p.SetExpiration(expireTime, 0) + + return credentials.Value{ + AccessKeyID: aws.StringValue(output.RoleCredentials.AccessKeyId), + SecretAccessKey: aws.StringValue(output.RoleCredentials.SecretAccessKey), + SessionToken: aws.StringValue(output.RoleCredentials.SessionToken), + ProviderName: ProviderName, + }, nil +} + +func getCachedFilePath(startUrl string) (string, error) { + hash := sha1.New() + _, err := hash.Write([]byte(startUrl)) + if err != nil { + return "", err + } + return filepath.Join(defaultCacheLocation(), strings.ToLower(hex.EncodeToString(hash.Sum(nil)))+".json"), nil +} + +type token struct { + AccessToken string `json:"accessToken"` + ExpiresAt rfc3339 `json:"expiresAt"` + Region string `json:"region,omitempty"` + StartURL string `json:"startUrl,omitempty"` +} + +func (t token) Expired() bool { + return nowTime().Round(0).After(time.Time(t.ExpiresAt)) +} + +func loadTokenFile(cachedTokenPath string) (t token, err error) { + fileBytes, err := ioutil.ReadFile(cachedTokenPath) + if err != nil { + return token{}, awserr.New(ErrCodeSSOProviderInvalidToken, invalidTokenMessage, err) + } + + if err := json.Unmarshal(fileBytes, &t); err != nil { + return token{}, awserr.New(ErrCodeSSOProviderInvalidToken, invalidTokenMessage, err) + } + + if len(t.AccessToken) == 0 { + return token{}, awserr.New(ErrCodeSSOProviderInvalidToken, invalidTokenMessage, nil) + } + + if t.Expired() { + return token{}, awserr.New(ErrCodeSSOProviderInvalidToken, invalidTokenMessage, nil) + } + + return t, nil +} diff --git a/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/credentials/ssocreds/sso_cached_token.go b/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/credentials/ssocreds/sso_cached_token.go new file mode 100644 index 00000000000..f6fa88451af --- /dev/null +++ b/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/credentials/ssocreds/sso_cached_token.go @@ -0,0 +1,237 @@ +package ssocreds + +import ( + "crypto/sha1" + "encoding/hex" + "encoding/json" + "fmt" + "github.com/aws/aws-sdk-go/internal/shareddefaults" + "io/ioutil" + "os" + "path/filepath" + "strconv" + "strings" + "time" +) + +var resolvedOsUserHomeDir = shareddefaults.UserHomeDir + +// StandardCachedTokenFilepath returns the filepath for the cached SSO token file, or +// error if unable get derive the path. Key that will be used to compute a SHA1 +// value that is hex encoded. +// +// Derives the filepath using the Key as: +// +// ~/.aws/sso/cache/.json +func StandardCachedTokenFilepath(key string) (string, error) { + homeDir := resolvedOsUserHomeDir() + if len(homeDir) == 0 { + return "", fmt.Errorf("unable to get USER's home directory for cached token") + } + hash := sha1.New() + if _, err := hash.Write([]byte(key)); err != nil { + return "", fmt.Errorf("unable to compute cached token filepath key SHA1 hash, %v", err) + } + + cacheFilename := strings.ToLower(hex.EncodeToString(hash.Sum(nil))) + ".json" + + return filepath.Join(homeDir, ".aws", "sso", "cache", cacheFilename), nil +} + +type tokenKnownFields struct { + AccessToken string `json:"accessToken,omitempty"` + ExpiresAt *rfc3339 `json:"expiresAt,omitempty"` + + RefreshToken string `json:"refreshToken,omitempty"` + ClientID string `json:"clientId,omitempty"` + ClientSecret string `json:"clientSecret,omitempty"` +} + +type cachedToken struct { + tokenKnownFields + UnknownFields map[string]interface{} `json:"-"` +} + +// MarshalJSON provides custom marshalling because the standard library Go marshaller ignores unknown/unspecified fields +// when marshalling from a struct: https://pkg.go.dev/encoding/json#Marshal +// This function adds some extra validation to the known fields and captures unknown fields. +func (t cachedToken) MarshalJSON() ([]byte, error) { + fields := map[string]interface{}{} + + setTokenFieldString(fields, "accessToken", t.AccessToken) + setTokenFieldRFC3339(fields, "expiresAt", t.ExpiresAt) + + setTokenFieldString(fields, "refreshToken", t.RefreshToken) + setTokenFieldString(fields, "clientId", t.ClientID) + setTokenFieldString(fields, "clientSecret", t.ClientSecret) + + for k, v := range t.UnknownFields { + if _, ok := fields[k]; ok { + return nil, fmt.Errorf("unknown token field %v, duplicates known field", k) + } + fields[k] = v + } + + return json.Marshal(fields) +} + +func setTokenFieldString(fields map[string]interface{}, key, value string) { + if value == "" { + return + } + fields[key] = value +} +func setTokenFieldRFC3339(fields map[string]interface{}, key string, value *rfc3339) { + if value == nil { + return + } + fields[key] = value +} + +// UnmarshalJSON provides custom unmarshalling because the standard library Go unmarshaller ignores unknown/unspecified +// fields when unmarshalling from a struct: https://pkg.go.dev/encoding/json#Unmarshal +// This function adds some extra validation to the known fields and captures unknown fields. +func (t *cachedToken) UnmarshalJSON(b []byte) error { + var fields map[string]interface{} + if err := json.Unmarshal(b, &fields); err != nil { + return nil + } + + t.UnknownFields = map[string]interface{}{} + + for k, v := range fields { + var err error + switch k { + case "accessToken": + err = getTokenFieldString(v, &t.AccessToken) + case "expiresAt": + err = getTokenFieldRFC3339(v, &t.ExpiresAt) + case "refreshToken": + err = getTokenFieldString(v, &t.RefreshToken) + case "clientId": + err = getTokenFieldString(v, &t.ClientID) + case "clientSecret": + err = getTokenFieldString(v, &t.ClientSecret) + default: + t.UnknownFields[k] = v + } + + if err != nil { + return fmt.Errorf("field %q, %v", k, err) + } + } + + return nil +} + +func getTokenFieldString(v interface{}, value *string) error { + var ok bool + *value, ok = v.(string) + if !ok { + return fmt.Errorf("expect value to be string, got %T", v) + } + return nil +} + +func getTokenFieldRFC3339(v interface{}, value **rfc3339) error { + var stringValue string + if err := getTokenFieldString(v, &stringValue); err != nil { + return err + } + + timeValue, err := parseRFC3339(stringValue) + if err != nil { + return err + } + + *value = &timeValue + return nil +} + +func loadCachedToken(filename string) (cachedToken, error) { + fileBytes, err := ioutil.ReadFile(filename) + if err != nil { + return cachedToken{}, fmt.Errorf("failed to read cached SSO token file, %v", err) + } + + var t cachedToken + if err := json.Unmarshal(fileBytes, &t); err != nil { + return cachedToken{}, fmt.Errorf("failed to parse cached SSO token file, %v", err) + } + + if len(t.AccessToken) == 0 || t.ExpiresAt == nil || time.Time(*t.ExpiresAt).IsZero() { + return cachedToken{}, fmt.Errorf( + "cached SSO token must contain accessToken and expiresAt fields") + } + + return t, nil +} + +func storeCachedToken(filename string, t cachedToken, fileMode os.FileMode) (err error) { + tmpFilename := filename + ".tmp-" + strconv.FormatInt(nowTime().UnixNano(), 10) + if err := writeCacheFile(tmpFilename, fileMode, t); err != nil { + return err + } + + if err := os.Rename(tmpFilename, filename); err != nil { + return fmt.Errorf("failed to replace old cached SSO token file, %v", err) + } + + return nil +} + +func writeCacheFile(filename string, fileMode os.FileMode, t cachedToken) (err error) { + var f *os.File + f, err = os.OpenFile(filename, os.O_CREATE|os.O_TRUNC|os.O_RDWR, fileMode) + if err != nil { + return fmt.Errorf("failed to create cached SSO token file %v", err) + } + + defer func() { + closeErr := f.Close() + if err == nil && closeErr != nil { + err = fmt.Errorf("failed to close cached SSO token file, %v", closeErr) + } + }() + + encoder := json.NewEncoder(f) + + if err = encoder.Encode(t); err != nil { + return fmt.Errorf("failed to serialize cached SSO token, %v", err) + } + + return nil +} + +type rfc3339 time.Time + +// UnmarshalJSON decode rfc3339 from JSON format +func (r *rfc3339) UnmarshalJSON(bytes []byte) error { + var value string + var err error + + if err = json.Unmarshal(bytes, &value); err != nil { + return err + } + + *r, err = parseRFC3339(value) + return err +} + +func parseRFC3339(v string) (rfc3339, error) { + parsed, err := time.Parse(time.RFC3339, v) + if err != nil { + return rfc3339{}, fmt.Errorf("expected RFC3339 timestamp: %v", err) + } + + return rfc3339(parsed), nil +} + +// MarshalJSON encode rfc3339 to JSON format time +func (r *rfc3339) MarshalJSON() ([]byte, error) { + value := time.Time(*r).Format(time.RFC3339) + + // Use JSON unmarshal to unescape the quoted value making use of JSON's + // quoting rules. + return json.Marshal(value) +} diff --git a/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/credentials/ssocreds/token_provider.go b/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/credentials/ssocreds/token_provider.go new file mode 100644 index 00000000000..3388b78b4f4 --- /dev/null +++ b/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/credentials/ssocreds/token_provider.go @@ -0,0 +1,148 @@ +package ssocreds + +import ( + "fmt" + "os" + "time" + + "github.com/aws/aws-sdk-go/aws" + "github.com/aws/aws-sdk-go/aws/auth/bearer" + "github.com/aws/aws-sdk-go/service/ssooidc" +) + +// CreateTokenAPIClient provides the interface for the SSOTokenProvider's API +// client for calling CreateToken operation to refresh the SSO token. +type CreateTokenAPIClient interface { + CreateToken(input *ssooidc.CreateTokenInput) (*ssooidc.CreateTokenOutput, error) +} + +// SSOTokenProviderOptions provides the options for configuring the +// SSOTokenProvider. +type SSOTokenProviderOptions struct { + // Client that can be overridden + Client CreateTokenAPIClient + + // The path the file containing the cached SSO token will be read from. + // Initialized the NewSSOTokenProvider's cachedTokenFilepath parameter. + CachedTokenFilepath string +} + +// SSOTokenProvider provides a utility for refreshing SSO AccessTokens for +// Bearer Authentication. The SSOTokenProvider can only be used to refresh +// already cached SSO Tokens. This utility cannot perform the initial SSO +// create token. +// +// The initial SSO create token should be preformed with the AWS CLI before the +// Go application using the SSOTokenProvider will need to retrieve the SSO +// token. If the AWS CLI has not created the token cache file, this provider +// will return an error when attempting to retrieve the cached token. +// +// This provider will attempt to refresh the cached SSO token periodically if +// needed when RetrieveBearerToken is called. +// +// A utility such as the AWS CLI must be used to initially create the SSO +// session and cached token file. +// https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-sso.html +type SSOTokenProvider struct { + options SSOTokenProviderOptions +} + +// NewSSOTokenProvider returns an initialized SSOTokenProvider that will +// periodically refresh the SSO token cached stored in the cachedTokenFilepath. +// The cachedTokenFilepath file's content will be rewritten by the token +// provider when the token is refreshed. +// +// The client must be configured for the AWS region the SSO token was created for. +func NewSSOTokenProvider(client CreateTokenAPIClient, cachedTokenFilepath string, optFns ...func(o *SSOTokenProviderOptions)) *SSOTokenProvider { + options := SSOTokenProviderOptions{ + Client: client, + CachedTokenFilepath: cachedTokenFilepath, + } + for _, fn := range optFns { + fn(&options) + } + + provider := &SSOTokenProvider{ + options: options, + } + + return provider +} + +// RetrieveBearerToken returns the SSO token stored in the cachedTokenFilepath +// the SSOTokenProvider was created with. If the token has expired +// RetrieveBearerToken will attempt to refresh it. If the token cannot be +// refreshed or is not present an error will be returned. +// +// A utility such as the AWS CLI must be used to initially create the SSO +// session and cached token file. https://docs.aws.amazon.com/cli/latest/userguide/cli-configure-sso.html +func (p *SSOTokenProvider) RetrieveBearerToken(ctx aws.Context) (bearer.Token, error) { + cachedToken, err := loadCachedToken(p.options.CachedTokenFilepath) + if err != nil { + return bearer.Token{}, err + } + + if cachedToken.ExpiresAt != nil && nowTime().After(time.Time(*cachedToken.ExpiresAt)) { + cachedToken, err = p.refreshToken(cachedToken) + if err != nil { + return bearer.Token{}, fmt.Errorf("refresh cached SSO token failed, %v", err) + } + } + + expiresAt := toTime((*time.Time)(cachedToken.ExpiresAt)) + return bearer.Token{ + Value: cachedToken.AccessToken, + CanExpire: !expiresAt.IsZero(), + Expires: expiresAt, + }, nil +} + +func (p *SSOTokenProvider) refreshToken(token cachedToken) (cachedToken, error) { + if token.ClientSecret == "" || token.ClientID == "" || token.RefreshToken == "" { + return cachedToken{}, fmt.Errorf("cached SSO token is expired, or not present, and cannot be refreshed") + } + + createResult, err := p.options.Client.CreateToken(&ssooidc.CreateTokenInput{ + ClientId: &token.ClientID, + ClientSecret: &token.ClientSecret, + RefreshToken: &token.RefreshToken, + GrantType: aws.String("refresh_token"), + }) + if err != nil { + return cachedToken{}, fmt.Errorf("unable to refresh SSO token, %v", err) + } + if createResult.ExpiresIn == nil { + return cachedToken{}, fmt.Errorf("missing required field ExpiresIn") + } + if createResult.AccessToken == nil { + return cachedToken{}, fmt.Errorf("missing required field AccessToken") + } + if createResult.RefreshToken == nil { + return cachedToken{}, fmt.Errorf("missing required field RefreshToken") + } + + expiresAt := nowTime().Add(time.Duration(*createResult.ExpiresIn) * time.Second) + + token.AccessToken = *createResult.AccessToken + token.ExpiresAt = (*rfc3339)(&expiresAt) + token.RefreshToken = *createResult.RefreshToken + + fileInfo, err := os.Stat(p.options.CachedTokenFilepath) + if err != nil { + return cachedToken{}, fmt.Errorf("failed to stat cached SSO token file %v", err) + } + + if err = storeCachedToken(p.options.CachedTokenFilepath, token, fileInfo.Mode()); err != nil { + return cachedToken{}, fmt.Errorf("unable to cache refreshed SSO token, %v", err) + } + + return token, nil +} + +func toTime(p *time.Time) (v time.Time) { + if p == nil { + return v + } + + return *p +} diff --git a/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/credentials/stscreds/assume_role_provider.go b/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/credentials/stscreds/assume_role_provider.go index 6846ef6f808..86db488defa 100644 --- a/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/credentials/stscreds/assume_role_provider.go +++ b/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/credentials/stscreds/assume_role_provider.go @@ -9,7 +9,7 @@ to refresh the credentials will be synchronized. But, the SDK is unable to ensure synchronous usage of the AssumeRoleProvider if the value is shared between multiple Credentials, Sessions or service clients. -Assume Role +# Assume Role To assume an IAM role using STS with the SDK you can create a new Credentials with the SDKs's stscreds package. @@ -27,7 +27,7 @@ with the SDKs's stscreds package. // from assumed role. svc := s3.New(sess, &aws.Config{Credentials: creds}) -Assume Role with static MFA Token +# Assume Role with static MFA Token To assume an IAM role with a MFA token you can either specify a MFA token code directly or provide a function to prompt the user each time the credentials @@ -49,7 +49,7 @@ credentials. // from assumed role. svc := s3.New(sess, &aws.Config{Credentials: creds}) -Assume Role with MFA Token Provider +# Assume Role with MFA Token Provider To assume an IAM role with MFA for longer running tasks where the credentials may need to be refreshed setting the TokenProvider field of AssumeRoleProvider @@ -74,7 +74,6 @@ single Credentials with an AssumeRoleProvider can be shared safely. // Create service client value configured for credentials // from assumed role. svc := s3.New(sess, &aws.Config{Credentials: creds}) - */ package stscreds @@ -95,7 +94,7 @@ import ( // StdinTokenProvider will prompt on stderr and read from stdin for a string value. // An error is returned if reading from stdin fails. // -// Use this function go read MFA tokens from stdin. The function makes no attempt +// Use this function to read MFA tokens from stdin. The function makes no attempt // to make atomic prompts from stdin across multiple gorouties. // // Using StdinTokenProvider with multiple AssumeRoleProviders, or Credentials will @@ -199,6 +198,10 @@ type AssumeRoleProvider struct { // or an Amazon Resource Name (ARN) for a virtual device (such as arn:aws:iam::123456789012:mfa/user). SerialNumber *string + // The SourceIdentity which is used to identity a persistent identity through the whole session. + // For more details see https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_control-access_monitor.html + SourceIdentity *string + // The value provided by the MFA device, if the trust policy of the role being // assumed requires MFA (that is, if the policy includes a condition that tests // for MFA). If the role being assumed requires MFA and if the TokenCode value @@ -244,9 +247,11 @@ type AssumeRoleProvider struct { MaxJitterFrac float64 } -// NewCredentials returns a pointer to a new Credentials object wrapping the +// NewCredentials returns a pointer to a new Credentials value wrapping the // AssumeRoleProvider. The credentials will expire every 15 minutes and the -// role will be named after a nanosecond timestamp of this operation. +// role will be named after a nanosecond timestamp of this operation. The +// Credentials value will attempt to refresh the credentials using the provider +// when Credentials.Get is called, if the cached credentials are expiring. // // Takes a Config provider to create the STS client. The ConfigProvider is // satisfied by the session.Session type. @@ -268,9 +273,11 @@ func NewCredentials(c client.ConfigProvider, roleARN string, options ...func(*As return credentials.NewCredentials(p) } -// NewCredentialsWithClient returns a pointer to a new Credentials object wrapping the +// NewCredentialsWithClient returns a pointer to a new Credentials value wrapping the // AssumeRoleProvider. The credentials will expire every 15 minutes and the -// role will be named after a nanosecond timestamp of this operation. +// role will be named after a nanosecond timestamp of this operation. The +// Credentials value will attempt to refresh the credentials using the provider +// when Credentials.Get is called, if the cached credentials are expiring. // // Takes an AssumeRoler which can be satisfied by the STS client. // @@ -316,6 +323,7 @@ func (p *AssumeRoleProvider) RetrieveWithContext(ctx credentials.Context) (crede Tags: p.Tags, PolicyArns: p.PolicyArns, TransitiveTagKeys: p.TransitiveTagKeys, + SourceIdentity: p.SourceIdentity, } if p.Policy != nil { input.Policy = p.Policy diff --git a/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/credentials/stscreds/web_identity_provider.go b/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/credentials/stscreds/web_identity_provider.go index cefe2a76d4d..19ad619aa3d 100644 --- a/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/credentials/stscreds/web_identity_provider.go +++ b/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/credentials/stscreds/web_identity_provider.go @@ -28,7 +28,7 @@ const ( // compare test values. var now = time.Now -// TokenFetcher shuold return WebIdentity token bytes or an error +// TokenFetcher should return WebIdentity token bytes or an error type TokenFetcher interface { FetchToken(credentials.Context) ([]byte, error) } @@ -50,6 +50,8 @@ func (f FetchTokenPath) FetchToken(ctx credentials.Context) ([]byte, error) { // an OIDC token. type WebIdentityRoleProvider struct { credentials.Expiry + + // The policy ARNs to use with the web identity assumed role. PolicyArns []*sts.PolicyDescriptorType // Duration the STS credentials will be valid for. Truncated to seconds. @@ -74,6 +76,9 @@ type WebIdentityRoleProvider struct { // NewWebIdentityCredentials will return a new set of credentials with a given // configuration, role arn, and token file path. +// +// Deprecated: Use NewWebIdentityRoleProviderWithOptions for flexible +// functional options, and wrap with credentials.NewCredentials helper. func NewWebIdentityCredentials(c client.ConfigProvider, roleARN, roleSessionName, path string) *credentials.Credentials { svc := sts.New(c) p := NewWebIdentityRoleProvider(svc, roleARN, roleSessionName, path) @@ -82,19 +87,42 @@ func NewWebIdentityCredentials(c client.ConfigProvider, roleARN, roleSessionName // NewWebIdentityRoleProvider will return a new WebIdentityRoleProvider with the // provided stsiface.STSAPI +// +// Deprecated: Use NewWebIdentityRoleProviderWithOptions for flexible +// functional options. func NewWebIdentityRoleProvider(svc stsiface.STSAPI, roleARN, roleSessionName, path string) *WebIdentityRoleProvider { - return NewWebIdentityRoleProviderWithToken(svc, roleARN, roleSessionName, FetchTokenPath(path)) + return NewWebIdentityRoleProviderWithOptions(svc, roleARN, roleSessionName, FetchTokenPath(path)) } // NewWebIdentityRoleProviderWithToken will return a new WebIdentityRoleProvider with the // provided stsiface.STSAPI and a TokenFetcher +// +// Deprecated: Use NewWebIdentityRoleProviderWithOptions for flexible +// functional options. func NewWebIdentityRoleProviderWithToken(svc stsiface.STSAPI, roleARN, roleSessionName string, tokenFetcher TokenFetcher) *WebIdentityRoleProvider { - return &WebIdentityRoleProvider{ + return NewWebIdentityRoleProviderWithOptions(svc, roleARN, roleSessionName, tokenFetcher) +} + +// NewWebIdentityRoleProviderWithOptions will return an initialize +// WebIdentityRoleProvider with the provided stsiface.STSAPI, role ARN, and a +// TokenFetcher. Additional options can be provided as functional options. +// +// TokenFetcher is the implementation that will retrieve the JWT token from to +// assume the role with. Use the provided FetchTokenPath implementation to +// retrieve the JWT token using a file system path. +func NewWebIdentityRoleProviderWithOptions(svc stsiface.STSAPI, roleARN, roleSessionName string, tokenFetcher TokenFetcher, optFns ...func(*WebIdentityRoleProvider)) *WebIdentityRoleProvider { + p := WebIdentityRoleProvider{ client: svc, tokenFetcher: tokenFetcher, roleARN: roleARN, roleSessionName: roleSessionName, } + + for _, fn := range optFns { + fn(&p) + } + + return &p } // Retrieve will attempt to assume a role from a token which is located at @@ -104,9 +132,9 @@ func (p *WebIdentityRoleProvider) Retrieve() (credentials.Value, error) { return p.RetrieveWithContext(aws.BackgroundContext()) } -// RetrieveWithContext will attempt to assume a role from a token which is located at -// 'WebIdentityTokenFilePath' specified destination and if that is empty an -// error will be returned. +// RetrieveWithContext will attempt to assume a role from a token which is +// located at 'WebIdentityTokenFilePath' specified destination and if that is +// empty an error will be returned. func (p *WebIdentityRoleProvider) RetrieveWithContext(ctx credentials.Context) (credentials.Value, error) { b, err := p.tokenFetcher.FetchToken(ctx) if err != nil { diff --git a/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/defaults/defaults.go b/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/defaults/defaults.go index 23bb639e018..1ba80b57609 100644 --- a/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/defaults/defaults.go +++ b/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/defaults/defaults.go @@ -9,6 +9,7 @@ package defaults import ( "fmt" + "io/ioutil" "net" "net/http" "net/url" @@ -74,6 +75,7 @@ func Handlers() request.Handlers { handlers.Validate.PushBackNamed(corehandlers.ValidateEndpointHandler) handlers.Validate.AfterEachFn = request.HandlerListStopOnError handlers.Build.PushBackNamed(corehandlers.SDKVersionUserAgentHandler) + handlers.Build.PushBackNamed(corehandlers.AddAwsInternal) handlers.Build.PushBackNamed(corehandlers.AddHostExecEnvUserAgentHander) handlers.Build.AfterEachFn = request.HandlerListStopOnError handlers.Sign.PushBackNamed(corehandlers.BuildContentLengthHandler) @@ -114,9 +116,31 @@ func CredProviders(cfg *aws.Config, handlers request.Handlers) []credentials.Pro const ( httpProviderAuthorizationEnvVar = "AWS_CONTAINER_AUTHORIZATION_TOKEN" + httpProviderAuthFileEnvVar = "AWS_CONTAINER_AUTHORIZATION_TOKEN_FILE" httpProviderEnvVar = "AWS_CONTAINER_CREDENTIALS_FULL_URI" ) +// direct representation of the IPv4 address for the ECS container +// "169.254.170.2" +var ecsContainerIPv4 net.IP = []byte{ + 169, 254, 170, 2, +} + +// direct representation of the IPv4 address for the EKS container +// "169.254.170.23" +var eksContainerIPv4 net.IP = []byte{ + 169, 254, 170, 23, +} + +// direct representation of the IPv6 address for the EKS container +// "fd00:ec2::23" +var eksContainerIPv6 net.IP = []byte{ + 0xFD, 0, 0xE, 0xC2, + 0, 0, 0, 0, + 0, 0, 0, 0, + 0, 0, 0, 0x23, +} + // RemoteCredProvider returns a credentials provider for the default remote // endpoints such as EC2 or ECS Roles. func RemoteCredProvider(cfg aws.Config, handlers request.Handlers) credentials.Provider { @@ -134,19 +158,22 @@ func RemoteCredProvider(cfg aws.Config, handlers request.Handlers) credentials.P var lookupHostFn = net.LookupHost -func isLoopbackHost(host string) (bool, error) { - ip := net.ParseIP(host) - if ip != nil { - return ip.IsLoopback(), nil +// isAllowedHost allows host to be loopback or known ECS/EKS container IPs +// +// host can either be an IP address OR an unresolved hostname - resolution will +// be automatically performed in the latter case +func isAllowedHost(host string) (bool, error) { + if ip := net.ParseIP(host); ip != nil { + return isIPAllowed(ip), nil } - // Host is not an ip, perform lookup addrs, err := lookupHostFn(host) if err != nil { return false, err } + for _, addr := range addrs { - if !net.ParseIP(addr).IsLoopback() { + if ip := net.ParseIP(addr); ip == nil || !isIPAllowed(ip) { return false, nil } } @@ -154,6 +181,13 @@ func isLoopbackHost(host string) (bool, error) { return true, nil } +func isIPAllowed(ip net.IP) bool { + return ip.IsLoopback() || + ip.Equal(ecsContainerIPv4) || + ip.Equal(eksContainerIPv4) || + ip.Equal(eksContainerIPv6) +} + func localHTTPCredProvider(cfg aws.Config, handlers request.Handlers, u string) credentials.Provider { var errMsg string @@ -164,10 +198,12 @@ func localHTTPCredProvider(cfg aws.Config, handlers request.Handlers, u string) host := aws.URLHostname(parsed) if len(host) == 0 { errMsg = "unable to parse host from local HTTP cred provider URL" - } else if isLoopback, loopbackErr := isLoopbackHost(host); loopbackErr != nil { - errMsg = fmt.Sprintf("failed to resolve host %q, %v", host, loopbackErr) - } else if !isLoopback { - errMsg = fmt.Sprintf("invalid endpoint host, %q, only loopback hosts are allowed.", host) + } else if parsed.Scheme == "http" { + if isAllowedHost, allowHostErr := isAllowedHost(host); allowHostErr != nil { + errMsg = fmt.Sprintf("failed to resolve host %q, %v", host, allowHostErr) + } else if !isAllowedHost { + errMsg = fmt.Sprintf("invalid endpoint host, %q, only loopback/ecs/eks hosts are allowed.", host) + } } } @@ -189,6 +225,15 @@ func httpCredProvider(cfg aws.Config, handlers request.Handlers, u string) crede func(p *endpointcreds.Provider) { p.ExpiryWindow = 5 * time.Minute p.AuthorizationToken = os.Getenv(httpProviderAuthorizationEnvVar) + if authFilePath := os.Getenv(httpProviderAuthFileEnvVar); authFilePath != "" { + p.AuthorizationTokenProvider = endpointcreds.TokenProviderFunc(func() (string, error) { + if contents, err := ioutil.ReadFile(authFilePath); err != nil { + return "", fmt.Errorf("failed to read authorization token from %v: %v", authFilePath, err) + } else { + return string(contents), nil + } + }) + } }, ) } diff --git a/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/ec2metadata/service.go b/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/ec2metadata/service.go index 8f35b3464ba..f4cc8751d04 100644 --- a/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/ec2metadata/service.go +++ b/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/ec2metadata/service.go @@ -13,7 +13,6 @@ package ec2metadata import ( "bytes" - "errors" "io" "net/http" "net/url" @@ -58,13 +57,13 @@ type EC2Metadata struct { // New creates a new instance of the EC2Metadata client with a session. // This client is safe to use across multiple goroutines. // -// // Example: -// // Create a EC2Metadata client from just a session. -// svc := ec2metadata.New(mySession) // -// // Create a EC2Metadata client with additional configuration -// svc := ec2metadata.New(mySession, aws.NewConfig().WithLogLevel(aws.LogDebugHTTPBody)) +// // Create a EC2Metadata client from just a session. +// svc := ec2metadata.New(mySession) +// +// // Create a EC2Metadata client with additional configuration +// svc := ec2metadata.New(mySession, aws.NewConfig().WithLogLevel(aws.LogDebugHTTPBody)) func New(p client.ConfigProvider, cfgs ...*aws.Config) *EC2Metadata { c := p.ClientConfig(ServiceName, cfgs...) return NewClient(*c.Config, c.Handlers, c.Endpoint, c.SigningRegion) @@ -234,7 +233,8 @@ func unmarshalError(r *request.Request) { // Response body format is not consistent between metadata endpoints. // Grab the error message as a string and include that as the source error - r.Error = awserr.NewRequestFailure(awserr.New("EC2MetadataError", "failed to make EC2Metadata request", errors.New(b.String())), + r.Error = awserr.NewRequestFailure( + awserr.New("EC2MetadataError", "failed to make EC2Metadata request\n"+b.String(), nil), r.HTTPResponse.StatusCode, r.RequestID) } diff --git a/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/ec2metadata/token_provider.go b/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/ec2metadata/token_provider.go index 4b29f190bf9..f1f9ba4ec58 100644 --- a/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/ec2metadata/token_provider.go +++ b/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/ec2metadata/token_provider.go @@ -1,6 +1,8 @@ package ec2metadata import ( + "fmt" + "github.com/aws/aws-sdk-go/aws" "net/http" "sync/atomic" "time" @@ -33,11 +35,15 @@ func newTokenProvider(c *EC2Metadata, duration time.Duration) *tokenProvider { return &tokenProvider{client: c, configuredTTL: duration} } +// check if fallback is enabled +func (t *tokenProvider) fallbackEnabled() bool { + return t.client.Config.EC2MetadataEnableFallback == nil || *t.client.Config.EC2MetadataEnableFallback +} + // fetchTokenHandler fetches token for EC2Metadata service client by default. func (t *tokenProvider) fetchTokenHandler(r *request.Request) { - // short-circuits to insecure data flow if tokenProvider is disabled. - if v := atomic.LoadUint32(&t.disabled); v == 1 { + if v := atomic.LoadUint32(&t.disabled); v == 1 && t.fallbackEnabled() { return } @@ -49,23 +55,23 @@ func (t *tokenProvider) fetchTokenHandler(r *request.Request) { output, err := t.client.getToken(r.Context(), t.configuredTTL) if err != nil { + // only attempt fallback to insecure data flow if IMDSv1 is enabled + if !t.fallbackEnabled() { + r.Error = awserr.New("EC2MetadataError", "failed to get IMDSv2 token and fallback to IMDSv1 is disabled", err) + return + } - // change the disabled flag on token provider to true, - // when error is request timeout error. + // change the disabled flag on token provider to true and fallback if requestFailureError, ok := err.(awserr.RequestFailure); ok { switch requestFailureError.StatusCode() { case http.StatusForbidden, http.StatusNotFound, http.StatusMethodNotAllowed: atomic.StoreUint32(&t.disabled, 1) + if t.client.Config.LogLevel.Matches(aws.LogDebugWithDeprecated) { + t.client.Config.Logger.Log(fmt.Sprintf("WARN: failed to get session token, falling back to IMDSv1: %v", requestFailureError)) + } case http.StatusBadRequest: r.Error = requestFailureError } - - // Check if request timed out while waiting for response - if e, ok := requestFailureError.OrigErr().(awserr.Error); ok { - if e.Code() == request.ErrCodeRequestError { - atomic.StoreUint32(&t.disabled, 1) - } - } } return } diff --git a/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/endpoints/decode.go b/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/endpoints/decode.go index 654fb1ad52d..cad3b9a4883 100644 --- a/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/endpoints/decode.go +++ b/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/endpoints/decode.go @@ -31,12 +31,12 @@ func (d *DecodeModelOptions) Set(optFns ...func(*DecodeModelOptions)) { // allow you to get a list of the partitions in the order the endpoints // will be resolved in. // -// resolver, err := endpoints.DecodeModel(reader) +// resolver, err := endpoints.DecodeModel(reader) // -// partitions := resolver.(endpoints.EnumPartitions).Partitions() -// for _, p := range partitions { -// // ... inspect partitions -// } +// partitions := resolver.(endpoints.EnumPartitions).Partitions() +// for _, p := range partitions { +// // ... inspect partitions +// } func DecodeModel(r io.Reader, optFns ...func(*DecodeModelOptions)) (Resolver, error) { var opts DecodeModelOptions opts.Set(optFns...) @@ -81,8 +81,6 @@ func decodeV3Endpoints(modelDef modelDefinition, opts DecodeModelOptions) (Resol // Customization for i := 0; i < len(ps); i++ { p := &ps[i] - custAddEC2Metadata(p) - custAddS3DualStack(p) custRegionalS3(p) custRmIotDataService(p) custFixAppAutoscalingChina(p) @@ -92,15 +90,6 @@ func decodeV3Endpoints(modelDef modelDefinition, opts DecodeModelOptions) (Resol return ps, nil } -func custAddS3DualStack(p *partition) { - if !(p.ID == "aws" || p.ID == "aws-cn" || p.ID == "aws-us-gov") { - return - } - - custAddDualstack(p, "s3") - custAddDualstack(p, "s3-control") -} - func custRegionalS3(p *partition) { if p.ID != "aws" { return @@ -111,48 +100,28 @@ func custRegionalS3(p *partition) { return } + const awsGlobal = "aws-global" + const usEast1 = "us-east-1" + // If global endpoint already exists no customization needed. - if _, ok := service.Endpoints["aws-global"]; ok { + if _, ok := service.Endpoints[endpointKey{Region: awsGlobal}]; ok { return } - service.PartitionEndpoint = "aws-global" - service.Endpoints["us-east-1"] = endpoint{} - service.Endpoints["aws-global"] = endpoint{ + service.PartitionEndpoint = awsGlobal + if _, ok := service.Endpoints[endpointKey{Region: usEast1}]; !ok { + service.Endpoints[endpointKey{Region: usEast1}] = endpoint{} + } + service.Endpoints[endpointKey{Region: awsGlobal}] = endpoint{ Hostname: "s3.amazonaws.com", CredentialScope: credentialScope{ - Region: "us-east-1", + Region: usEast1, }, } p.Services["s3"] = service } -func custAddDualstack(p *partition, svcName string) { - s, ok := p.Services[svcName] - if !ok { - return - } - - s.Defaults.HasDualStack = boxedTrue - s.Defaults.DualStackHostname = "{service}.dualstack.{region}.{dnsSuffix}" - - p.Services[svcName] = s -} - -func custAddEC2Metadata(p *partition) { - p.Services["ec2metadata"] = service{ - IsRegionalized: boxedFalse, - PartitionEndpoint: "aws-global", - Endpoints: endpoints{ - "aws-global": endpoint{ - Hostname: "169.254.169.254/latest", - Protocols: []string{"http"}, - }, - }, - } -} - func custRmIotDataService(p *partition) { delete(p.Services, "data.iot") } @@ -169,12 +138,13 @@ func custFixAppAutoscalingChina(p *partition) { } const expectHostname = `autoscaling.{region}.amazonaws.com` - if e, a := s.Defaults.Hostname, expectHostname; e != a { + serviceDefault := s.Defaults[defaultKey{}] + if e, a := expectHostname, serviceDefault.Hostname; e != a { fmt.Printf("custFixAppAutoscalingChina: ignoring customization, expected %s, got %s\n", e, a) return } - - s.Defaults.Hostname = expectHostname + ".cn" + serviceDefault.Hostname = expectHostname + ".cn" + s.Defaults[defaultKey{}] = serviceDefault p.Services[serviceName] = s } @@ -189,18 +159,25 @@ func custFixAppAutoscalingUsGov(p *partition) { return } - if a := s.Defaults.CredentialScope.Service; a != "" { + serviceDefault := s.Defaults[defaultKey{}] + if a := serviceDefault.CredentialScope.Service; a != "" { fmt.Printf("custFixAppAutoscalingUsGov: ignoring customization, expected empty credential scope service, got %s\n", a) return } - if a := s.Defaults.Hostname; a != "" { + if a := serviceDefault.Hostname; a != "" { fmt.Printf("custFixAppAutoscalingUsGov: ignoring customization, expected empty hostname, got %s\n", a) return } - s.Defaults.CredentialScope.Service = "application-autoscaling" - s.Defaults.Hostname = "autoscaling.{region}.amazonaws.com" + serviceDefault.CredentialScope.Service = "application-autoscaling" + serviceDefault.Hostname = "autoscaling.{region}.amazonaws.com" + + if s.Defaults == nil { + s.Defaults = make(endpointDefaults) + } + + s.Defaults[defaultKey{}] = serviceDefault p.Services[serviceName] = s } diff --git a/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/endpoints/defaults.go b/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/endpoints/defaults.go index fc8c1f92921..1047722cacd 100644 --- a/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/endpoints/defaults.go +++ b/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/endpoints/defaults.go @@ -13,6 +13,8 @@ const ( AwsUsGovPartitionID = "aws-us-gov" // AWS GovCloud (US) partition. AwsIsoPartitionID = "aws-iso" // AWS ISO (US) partition. AwsIsoBPartitionID = "aws-iso-b" // AWS ISOB (US) partition. + AwsIsoEPartitionID = "aws-iso-e" // AWS ISOE (Europe) partition. + AwsIsoFPartitionID = "aws-iso-f" // AWS ISOF partition. ) // AWS Standard partition's regions. @@ -21,16 +23,25 @@ const ( ApEast1RegionID = "ap-east-1" // Asia Pacific (Hong Kong). ApNortheast1RegionID = "ap-northeast-1" // Asia Pacific (Tokyo). ApNortheast2RegionID = "ap-northeast-2" // Asia Pacific (Seoul). + ApNortheast3RegionID = "ap-northeast-3" // Asia Pacific (Osaka). ApSouth1RegionID = "ap-south-1" // Asia Pacific (Mumbai). + ApSouth2RegionID = "ap-south-2" // Asia Pacific (Hyderabad). ApSoutheast1RegionID = "ap-southeast-1" // Asia Pacific (Singapore). ApSoutheast2RegionID = "ap-southeast-2" // Asia Pacific (Sydney). + ApSoutheast3RegionID = "ap-southeast-3" // Asia Pacific (Jakarta). + ApSoutheast4RegionID = "ap-southeast-4" // Asia Pacific (Melbourne). CaCentral1RegionID = "ca-central-1" // Canada (Central). + CaWest1RegionID = "ca-west-1" // Canada West (Calgary). EuCentral1RegionID = "eu-central-1" // Europe (Frankfurt). + EuCentral2RegionID = "eu-central-2" // Europe (Zurich). EuNorth1RegionID = "eu-north-1" // Europe (Stockholm). EuSouth1RegionID = "eu-south-1" // Europe (Milan). + EuSouth2RegionID = "eu-south-2" // Europe (Spain). EuWest1RegionID = "eu-west-1" // Europe (Ireland). EuWest2RegionID = "eu-west-2" // Europe (London). EuWest3RegionID = "eu-west-3" // Europe (Paris). + IlCentral1RegionID = "il-central-1" // Israel (Tel Aviv). + MeCentral1RegionID = "me-central-1" // Middle East (UAE). MeSouth1RegionID = "me-south-1" // Middle East (Bahrain). SaEast1RegionID = "sa-east-1" // South America (Sao Paulo). UsEast1RegionID = "us-east-1" // US East (N. Virginia). @@ -54,6 +65,7 @@ const ( // AWS ISO (US) partition's regions. const ( UsIsoEast1RegionID = "us-iso-east-1" // US ISO East. + UsIsoWest1RegionID = "us-iso-west-1" // US ISO WEST. ) // AWS ISOB (US) partition's regions. @@ -61,8 +73,14 @@ const ( UsIsobEast1RegionID = "us-isob-east-1" // US ISOB East (Ohio). ) +// AWS ISOE (Europe) partition's regions. +const () + +// AWS ISOF partition's regions. +const () + // DefaultResolver returns an Endpoint resolver that will be able -// to resolve endpoints for: AWS Standard, AWS China, AWS GovCloud (US), AWS ISO (US), and AWS ISOB (US). +// to resolve endpoints for: AWS Standard, AWS China, AWS GovCloud (US), AWS ISO (US), AWS ISOB (US), AWS ISOE (Europe), and AWS ISOF. // // Use DefaultPartitions() to get the list of the default partitions. func DefaultResolver() Resolver { @@ -70,7 +88,7 @@ func DefaultResolver() Resolver { } // DefaultPartitions returns a list of the partitions the SDK is bundled -// with. The available partitions are: AWS Standard, AWS China, AWS GovCloud (US), AWS ISO (US), and AWS ISOB (US). +// with. The available partitions are: AWS Standard, AWS China, AWS GovCloud (US), AWS ISO (US), AWS ISOB (US), AWS ISOE (Europe), and AWS ISOF. // // partitions := endpoints.DefaultPartitions // for _, p := range partitions { @@ -86,6 +104,8 @@ var defaultPartitions = partitions{ awsusgovPartition, awsisoPartition, awsisobPartition, + awsisoePartition, + awsisofPartition, } // AwsPartition returns the Resolver for AWS Standard. @@ -99,14 +119,40 @@ var awsPartition = partition{ DNSSuffix: "amazonaws.com", RegionRegex: regionRegex{ Regexp: func() *regexp.Regexp { - reg, _ := regexp.Compile("^(us|eu|ap|sa|ca|me|af)\\-\\w+\\-\\d+$") + reg, _ := regexp.Compile("^(us|eu|ap|sa|ca|me|af|il)\\-\\w+\\-\\d+$") return reg }(), }, - Defaults: endpoint{ - Hostname: "{service}.{region}.{dnsSuffix}", - Protocols: []string{"https"}, - SignatureVersions: []string{"v4"}, + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + Hostname: "{service}.{region}.{dnsSuffix}", + Protocols: []string{"https"}, + SignatureVersions: []string{"v4"}, + }, + defaultKey{ + Variant: dualStackVariant, + }: endpoint{ + Hostname: "{service}.{region}.{dnsSuffix}", + DNSSuffix: "api.aws", + Protocols: []string{"https"}, + SignatureVersions: []string{"v4"}, + }, + defaultKey{ + Variant: fipsVariant, + }: endpoint{ + Hostname: "{service}-fips.{region}.{dnsSuffix}", + DNSSuffix: "amazonaws.com", + Protocols: []string{"https"}, + SignatureVersions: []string{"v4"}, + }, + defaultKey{ + Variant: fipsVariant | dualStackVariant, + }: endpoint{ + Hostname: "{service}-fips.{region}.{dnsSuffix}", + DNSSuffix: "api.aws", + Protocols: []string{"https"}, + SignatureVersions: []string{"v4"}, + }, }, Regions: regions{ "af-south-1": region{ @@ -121,27 +167,48 @@ var awsPartition = partition{ "ap-northeast-2": region{ Description: "Asia Pacific (Seoul)", }, + "ap-northeast-3": region{ + Description: "Asia Pacific (Osaka)", + }, "ap-south-1": region{ Description: "Asia Pacific (Mumbai)", }, + "ap-south-2": region{ + Description: "Asia Pacific (Hyderabad)", + }, "ap-southeast-1": region{ Description: "Asia Pacific (Singapore)", }, "ap-southeast-2": region{ Description: "Asia Pacific (Sydney)", }, + "ap-southeast-3": region{ + Description: "Asia Pacific (Jakarta)", + }, + "ap-southeast-4": region{ + Description: "Asia Pacific (Melbourne)", + }, "ca-central-1": region{ Description: "Canada (Central)", }, + "ca-west-1": region{ + Description: "Canada West (Calgary)", + }, "eu-central-1": region{ Description: "Europe (Frankfurt)", }, + "eu-central-2": region{ + Description: "Europe (Zurich)", + }, "eu-north-1": region{ Description: "Europe (Stockholm)", }, "eu-south-1": region{ Description: "Europe (Milan)", }, + "eu-south-2": region{ + Description: "Europe (Spain)", + }, "eu-west-1": region{ Description: "Europe (Ireland)", }, @@ -151,6 +218,12 @@ var awsPartition = partition{ "eu-west-3": region{ Description: "Europe (Paris)", }, + "il-central-1": region{ + Description: "Israel (Tel Aviv)", + }, + "me-central-1": region{ + Description: "Middle East (UAE)", + }, "me-south-1": region{ Description: "Middle East (Bahrain)", }, @@ -172,8963 +245,42679 @@ var awsPartition = partition{ }, Services: services{ "a4b": service{ - - Endpoints: endpoints{ - "us-east-1": endpoint{}, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-east-1", + }: endpoint{}, }, }, "access-analyzer": service{ - - Endpoints: endpoints{ - "af-south-1": endpoint{}, - "ap-east-1": endpoint{}, - "ap-northeast-1": endpoint{}, - "ap-northeast-2": endpoint{}, - "ap-south-1": endpoint{}, - "ap-southeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "ca-central-1": endpoint{}, - "eu-central-1": endpoint{}, - "eu-north-1": endpoint{}, - "eu-south-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "eu-west-3": endpoint{}, - "fips-ca-central-1": endpoint{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "access-analyzer-fips.ca-central-1.amazonaws.com", + }, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "fips-ca-central-1", + }: endpoint{ Hostname: "access-analyzer-fips.ca-central-1.amazonaws.com", CredentialScope: credentialScope{ Region: "ca-central-1", }, + Deprecated: boxedTrue, }, - "fips-us-east-1": endpoint{ + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ Hostname: "access-analyzer-fips.us-east-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-east-1", }, + Deprecated: boxedTrue, }, - "fips-us-east-2": endpoint{ + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ Hostname: "access-analyzer-fips.us-east-2.amazonaws.com", CredentialScope: credentialScope{ Region: "us-east-2", }, + Deprecated: boxedTrue, }, - "fips-us-west-1": endpoint{ + endpointKey{ + Region: "fips-us-west-1", + }: endpoint{ Hostname: "access-analyzer-fips.us-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-west-1", }, + Deprecated: boxedTrue, }, - "fips-us-west-2": endpoint{ + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ Hostname: "access-analyzer-fips.us-west-2.amazonaws.com", CredentialScope: credentialScope{ Region: "us-west-2", }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "access-analyzer-fips.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "access-analyzer-fips.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "access-analyzer-fips.us-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "access-analyzer-fips.us-west-2.amazonaws.com", + }, + }, + }, + "account": service{ + PartitionEndpoint: "aws-global", + IsRegionalized: boxedFalse, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "aws-global", + }: endpoint{ + Hostname: "account.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, }, - "me-south-1": endpoint{}, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, }, }, "acm": service{ - - Endpoints: endpoints{ - "af-south-1": endpoint{}, - "ap-east-1": endpoint{}, - "ap-northeast-1": endpoint{}, - "ap-northeast-2": endpoint{}, - "ap-south-1": endpoint{}, - "ap-southeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "ca-central-1": endpoint{}, - "ca-central-1-fips": endpoint{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "acm-fips.ca-central-1.amazonaws.com", + }, + endpointKey{ + Region: "ca-central-1-fips", + }: endpoint{ Hostname: "acm-fips.ca-central-1.amazonaws.com", CredentialScope: credentialScope{ Region: "ca-central-1", }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "acm-fips.ca-west-1.amazonaws.com", + }, + endpointKey{ + Region: "ca-west-1-fips", + }: endpoint{ + Hostname: "acm-fips.ca-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "acm-fips.us-east-1.amazonaws.com", }, - "eu-central-1": endpoint{}, - "eu-north-1": endpoint{}, - "eu-south-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "eu-west-3": endpoint{}, - "me-south-1": endpoint{}, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-1-fips": endpoint{ + endpointKey{ + Region: "us-east-1-fips", + }: endpoint{ Hostname: "acm-fips.us-east-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-east-1", }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "acm-fips.us-east-2.amazonaws.com", }, - "us-east-2": endpoint{}, - "us-east-2-fips": endpoint{ + endpointKey{ + Region: "us-east-2-fips", + }: endpoint{ Hostname: "acm-fips.us-east-2.amazonaws.com", CredentialScope: credentialScope{ Region: "us-east-2", }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "acm-fips.us-west-1.amazonaws.com", }, - "us-west-1": endpoint{}, - "us-west-1-fips": endpoint{ + endpointKey{ + Region: "us-west-1-fips", + }: endpoint{ Hostname: "acm-fips.us-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-west-1", }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "acm-fips.us-west-2.amazonaws.com", }, - "us-west-2": endpoint{}, - "us-west-2-fips": endpoint{ + endpointKey{ + Region: "us-west-2-fips", + }: endpoint{ Hostname: "acm-fips.us-west-2.amazonaws.com", CredentialScope: credentialScope{ Region: "us-west-2", }, + Deprecated: boxedTrue, }, }, }, "acm-pca": service{ - Defaults: endpoint{ - Protocols: []string{"https"}, - }, - Endpoints: endpoints{ - "af-south-1": endpoint{}, - "ap-east-1": endpoint{}, - "ap-northeast-1": endpoint{}, - "ap-northeast-2": endpoint{}, - "ap-south-1": endpoint{}, - "ap-southeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "ca-central-1": endpoint{}, - "eu-central-1": endpoint{}, - "eu-north-1": endpoint{}, - "eu-south-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "eu-west-3": endpoint{}, - "fips-ca-central-1": endpoint{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + Protocols: []string{"https"}, + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "acm-pca-fips.ca-central-1.amazonaws.com", + }, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "acm-pca-fips.ca-west-1.amazonaws.com", + }, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "fips-ca-central-1", + }: endpoint{ Hostname: "acm-pca-fips.ca-central-1.amazonaws.com", CredentialScope: credentialScope{ Region: "ca-central-1", }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-ca-west-1", + }: endpoint{ + Hostname: "acm-pca-fips.ca-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-west-1", + }, + Deprecated: boxedTrue, }, - "fips-us-east-1": endpoint{ + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ Hostname: "acm-pca-fips.us-east-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-east-1", }, + Deprecated: boxedTrue, }, - "fips-us-east-2": endpoint{ + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ Hostname: "acm-pca-fips.us-east-2.amazonaws.com", CredentialScope: credentialScope{ Region: "us-east-2", }, + Deprecated: boxedTrue, }, - "fips-us-west-1": endpoint{ + endpointKey{ + Region: "fips-us-west-1", + }: endpoint{ Hostname: "acm-pca-fips.us-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-west-1", }, + Deprecated: boxedTrue, }, - "fips-us-west-2": endpoint{ + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ Hostname: "acm-pca-fips.us-west-2.amazonaws.com", CredentialScope: credentialScope{ Region: "us-west-2", }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "acm-pca-fips.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "acm-pca-fips.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "acm-pca-fips.us-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "acm-pca-fips.us-west-2.amazonaws.com", }, - "me-south-1": endpoint{}, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, + }, + }, + "agreement-marketplace": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-east-1", + }: endpoint{}, }, }, "airflow": service{ - - Endpoints: endpoints{ - "ap-northeast-1": endpoint{}, - "ap-southeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "eu-central-1": endpoint{}, - "eu-north-1": endpoint{}, - "eu-west-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-2": endpoint{}, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + }, + }, + "amplify": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + }, + }, + "amplifybackend": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + }, + }, + "amplifyuibuilder": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + }, + }, + "aoss": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, }, }, "api.detective": service{ - Defaults: endpoint{ - Protocols: []string{"https"}, - }, - Endpoints: endpoints{ - "af-south-1": endpoint{}, - "ap-east-1": endpoint{}, - "ap-northeast-1": endpoint{}, - "ap-northeast-2": endpoint{}, - "ap-south-1": endpoint{}, - "ap-southeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "ca-central-1": endpoint{}, - "eu-central-1": endpoint{}, - "eu-north-1": endpoint{}, - "eu-south-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "eu-west-3": endpoint{}, - "me-south-1": endpoint{}, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + Protocols: []string{"https"}, + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "api.detective-fips.ca-central-1.amazonaws.com", + }, + endpointKey{ + Region: "ca-central-1-fips", + }: endpoint{ + Hostname: "api.detective-fips.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "api.detective-fips.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-1-fips", + }: endpoint{ + Hostname: "api.detective-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "api.detective-fips.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-east-2-fips", + }: endpoint{ + Hostname: "api.detective-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "api.detective-fips.us-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-west-1-fips", + }: endpoint{ + Hostname: "api.detective-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "api.detective-fips.us-west-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2-fips", + }: endpoint{ + Hostname: "api.detective-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, }, }, "api.ecr": service{ - - Endpoints: endpoints{ - "af-south-1": endpoint{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{}, + defaultKey{ + Variant: fipsVariant, + }: endpoint{ + Hostname: "ecr-fips.{region}.{dnsSuffix}", + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{ Hostname: "api.ecr.af-south-1.amazonaws.com", CredentialScope: credentialScope{ Region: "af-south-1", }, }, - "ap-east-1": endpoint{ + endpointKey{ + Region: "ap-east-1", + }: endpoint{ Hostname: "api.ecr.ap-east-1.amazonaws.com", CredentialScope: credentialScope{ Region: "ap-east-1", }, }, - "ap-northeast-1": endpoint{ + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{ Hostname: "api.ecr.ap-northeast-1.amazonaws.com", CredentialScope: credentialScope{ Region: "ap-northeast-1", }, }, - "ap-northeast-2": endpoint{ + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{ Hostname: "api.ecr.ap-northeast-2.amazonaws.com", CredentialScope: credentialScope{ Region: "ap-northeast-2", }, }, - "ap-south-1": endpoint{ + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{ + Hostname: "api.ecr.ap-northeast-3.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-northeast-3", + }, + }, + endpointKey{ + Region: "ap-south-1", + }: endpoint{ Hostname: "api.ecr.ap-south-1.amazonaws.com", CredentialScope: credentialScope{ Region: "ap-south-1", }, }, - "ap-southeast-1": endpoint{ + endpointKey{ + Region: "ap-south-2", + }: endpoint{ + Hostname: "api.ecr.ap-south-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-south-2", + }, + }, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{ Hostname: "api.ecr.ap-southeast-1.amazonaws.com", CredentialScope: credentialScope{ Region: "ap-southeast-1", }, }, - "ap-southeast-2": endpoint{ + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{ Hostname: "api.ecr.ap-southeast-2.amazonaws.com", CredentialScope: credentialScope{ Region: "ap-southeast-2", }, }, - "ca-central-1": endpoint{ + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{ + Hostname: "api.ecr.ap-southeast-3.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-southeast-3", + }, + }, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{ + Hostname: "api.ecr.ap-southeast-4.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-southeast-4", + }, + }, + endpointKey{ + Region: "ca-central-1", + }: endpoint{ Hostname: "api.ecr.ca-central-1.amazonaws.com", CredentialScope: credentialScope{ Region: "ca-central-1", }, }, - "eu-central-1": endpoint{ + endpointKey{ + Region: "ca-west-1", + }: endpoint{ + Hostname: "api.ecr.ca-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-west-1", + }, + }, + endpointKey{ + Region: "dkr-us-east-1", + }: endpoint{ + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "dkr-us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "ecr-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "dkr-us-east-2", + }: endpoint{ + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "dkr-us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "ecr-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "dkr-us-west-1", + }: endpoint{ + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "dkr-us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "ecr-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "dkr-us-west-2", + }: endpoint{ + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "dkr-us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "ecr-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "eu-central-1", + }: endpoint{ Hostname: "api.ecr.eu-central-1.amazonaws.com", CredentialScope: credentialScope{ Region: "eu-central-1", }, }, - "eu-north-1": endpoint{ + endpointKey{ + Region: "eu-central-2", + }: endpoint{ + Hostname: "api.ecr.eu-central-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-central-2", + }, + }, + endpointKey{ + Region: "eu-north-1", + }: endpoint{ Hostname: "api.ecr.eu-north-1.amazonaws.com", CredentialScope: credentialScope{ Region: "eu-north-1", }, }, - "eu-south-1": endpoint{ + endpointKey{ + Region: "eu-south-1", + }: endpoint{ Hostname: "api.ecr.eu-south-1.amazonaws.com", CredentialScope: credentialScope{ Region: "eu-south-1", }, }, - "eu-west-1": endpoint{ + endpointKey{ + Region: "eu-south-2", + }: endpoint{ + Hostname: "api.ecr.eu-south-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-south-2", + }, + }, + endpointKey{ + Region: "eu-west-1", + }: endpoint{ Hostname: "api.ecr.eu-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "eu-west-1", }, }, - "eu-west-2": endpoint{ + endpointKey{ + Region: "eu-west-2", + }: endpoint{ Hostname: "api.ecr.eu-west-2.amazonaws.com", CredentialScope: credentialScope{ Region: "eu-west-2", }, }, - "eu-west-3": endpoint{ + endpointKey{ + Region: "eu-west-3", + }: endpoint{ Hostname: "api.ecr.eu-west-3.amazonaws.com", CredentialScope: credentialScope{ Region: "eu-west-3", }, }, - "fips-dkr-us-east-1": endpoint{ + endpointKey{ + Region: "fips-dkr-us-east-1", + }: endpoint{ Hostname: "ecr-fips.us-east-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-east-1", }, + Deprecated: boxedTrue, }, - "fips-dkr-us-east-2": endpoint{ + endpointKey{ + Region: "fips-dkr-us-east-2", + }: endpoint{ Hostname: "ecr-fips.us-east-2.amazonaws.com", CredentialScope: credentialScope{ Region: "us-east-2", }, + Deprecated: boxedTrue, }, - "fips-dkr-us-west-1": endpoint{ + endpointKey{ + Region: "fips-dkr-us-west-1", + }: endpoint{ Hostname: "ecr-fips.us-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-west-1", }, + Deprecated: boxedTrue, }, - "fips-dkr-us-west-2": endpoint{ + endpointKey{ + Region: "fips-dkr-us-west-2", + }: endpoint{ Hostname: "ecr-fips.us-west-2.amazonaws.com", CredentialScope: credentialScope{ Region: "us-west-2", }, + Deprecated: boxedTrue, }, - "fips-us-east-1": endpoint{ + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ Hostname: "ecr-fips.us-east-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-east-1", }, + Deprecated: boxedTrue, }, - "fips-us-east-2": endpoint{ + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ Hostname: "ecr-fips.us-east-2.amazonaws.com", CredentialScope: credentialScope{ Region: "us-east-2", }, + Deprecated: boxedTrue, }, - "fips-us-west-1": endpoint{ + endpointKey{ + Region: "fips-us-west-1", + }: endpoint{ Hostname: "ecr-fips.us-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-west-1", }, + Deprecated: boxedTrue, }, - "fips-us-west-2": endpoint{ + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ Hostname: "ecr-fips.us-west-2.amazonaws.com", CredentialScope: credentialScope{ Region: "us-west-2", }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "il-central-1", + }: endpoint{ + Hostname: "api.ecr.il-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "il-central-1", + }, + }, + endpointKey{ + Region: "me-central-1", + }: endpoint{ + Hostname: "api.ecr.me-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "me-central-1", + }, }, - "me-south-1": endpoint{ + endpointKey{ + Region: "me-south-1", + }: endpoint{ Hostname: "api.ecr.me-south-1.amazonaws.com", CredentialScope: credentialScope{ Region: "me-south-1", }, }, - "sa-east-1": endpoint{ + endpointKey{ + Region: "sa-east-1", + }: endpoint{ Hostname: "api.ecr.sa-east-1.amazonaws.com", CredentialScope: credentialScope{ Region: "sa-east-1", }, }, - "us-east-1": endpoint{ + endpointKey{ + Region: "us-east-1", + }: endpoint{ Hostname: "api.ecr.us-east-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-east-1", }, }, - "us-east-2": endpoint{ + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "ecr-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{ Hostname: "api.ecr.us-east-2.amazonaws.com", CredentialScope: credentialScope{ Region: "us-east-2", }, }, - "us-west-1": endpoint{ + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "ecr-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + }, + endpointKey{ + Region: "us-west-1", + }: endpoint{ Hostname: "api.ecr.us-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-west-1", }, }, - "us-west-2": endpoint{ + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "ecr-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{ Hostname: "api.ecr.us-west-2.amazonaws.com", CredentialScope: credentialScope{ Region: "us-west-2", }, }, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "ecr-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, + }, + }, + "api.ecr-public": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-east-1", + }: endpoint{ + Hostname: "api.ecr-public.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{ + Hostname: "api.ecr-public.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, }, }, "api.elastic-inference": service{ - - Endpoints: endpoints{ - "ap-northeast-1": endpoint{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{ Hostname: "api.elastic-inference.ap-northeast-1.amazonaws.com", }, - "ap-northeast-2": endpoint{ + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{ Hostname: "api.elastic-inference.ap-northeast-2.amazonaws.com", }, - "eu-west-1": endpoint{ + endpointKey{ + Region: "eu-west-1", + }: endpoint{ Hostname: "api.elastic-inference.eu-west-1.amazonaws.com", }, - "us-east-1": endpoint{ + endpointKey{ + Region: "us-east-1", + }: endpoint{ Hostname: "api.elastic-inference.us-east-1.amazonaws.com", }, - "us-east-2": endpoint{ + endpointKey{ + Region: "us-east-2", + }: endpoint{ Hostname: "api.elastic-inference.us-east-2.amazonaws.com", }, - "us-west-2": endpoint{ + endpointKey{ + Region: "us-west-2", + }: endpoint{ Hostname: "api.elastic-inference.us-west-2.amazonaws.com", }, }, }, + "api.fleethub.iot": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "api.fleethub.iot-fips.ca-central-1.amazonaws.com", + }, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "fips-ca-central-1", + }: endpoint{ + Hostname: "api.fleethub.iot-fips.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "api.fleethub.iot-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ + Hostname: "api.fleethub.iot-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "api.fleethub.iot-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "api.fleethub.iot-fips.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "api.fleethub.iot-fips.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "api.fleethub.iot-fips.us-west-2.amazonaws.com", + }, + }, + }, + "api.iotdeviceadvisor": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{ + Hostname: "api.iotdeviceadvisor.ap-northeast-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-northeast-1", + }, + }, + endpointKey{ + Region: "eu-west-1", + }: endpoint{ + Hostname: "api.iotdeviceadvisor.eu-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-west-1", + }, + }, + endpointKey{ + Region: "us-east-1", + }: endpoint{ + Hostname: "api.iotdeviceadvisor.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{ + Hostname: "api.iotdeviceadvisor.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, + }, + }, + "api.iotwireless": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{ + Hostname: "api.iotwireless.ap-northeast-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-northeast-1", + }, + }, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{ + Hostname: "api.iotwireless.ap-southeast-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-southeast-2", + }, + }, + endpointKey{ + Region: "eu-central-1", + }: endpoint{ + Hostname: "api.iotwireless.eu-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-central-1", + }, + }, + endpointKey{ + Region: "eu-west-1", + }: endpoint{ + Hostname: "api.iotwireless.eu-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-west-1", + }, + }, + endpointKey{ + Region: "sa-east-1", + }: endpoint{ + Hostname: "api.iotwireless.sa-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "sa-east-1", + }, + }, + endpointKey{ + Region: "us-east-1", + }: endpoint{ + Hostname: "api.iotwireless.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{ + Hostname: "api.iotwireless.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, + }, + }, "api.mediatailor": service{ - - Endpoints: endpoints{ - "ap-northeast-1": endpoint{}, - "ap-southeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "eu-central-1": endpoint{}, - "eu-west-1": endpoint{}, - "us-east-1": endpoint{}, - "us-west-2": endpoint{}, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, }, }, "api.pricing": service{ - Defaults: endpoint{ - CredentialScope: credentialScope{ - Service: "pricing", + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + CredentialScope: credentialScope{ + Service: "pricing", + }, }, }, - Endpoints: endpoints{ - "ap-south-1": endpoint{}, - "us-east-1": endpoint{}, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, }, }, "api.sagemaker": service{ - - Endpoints: endpoints{ - "af-south-1": endpoint{}, - "ap-east-1": endpoint{}, - "ap-northeast-1": endpoint{}, - "ap-northeast-2": endpoint{}, - "ap-south-1": endpoint{}, - "ap-southeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "ca-central-1": endpoint{}, - "eu-central-1": endpoint{}, - "eu-north-1": endpoint{}, - "eu-south-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "eu-west-3": endpoint{}, - "me-south-1": endpoint{}, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-1-fips": endpoint{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{}, + defaultKey{ + Variant: fipsVariant, + }: endpoint{ + Hostname: "api-fips.sagemaker.{region}.{dnsSuffix}", + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "api-fips.sagemaker.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-1-fips", + }: endpoint{ Hostname: "api-fips.sagemaker.us-east-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-east-1", }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "api-fips.sagemaker.us-east-2.amazonaws.com", }, - "us-east-2": endpoint{}, - "us-east-2-fips": endpoint{ + endpointKey{ + Region: "us-east-2-fips", + }: endpoint{ Hostname: "api-fips.sagemaker.us-east-2.amazonaws.com", CredentialScope: credentialScope{ Region: "us-east-2", }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "api-fips.sagemaker.us-west-1.amazonaws.com", }, - "us-west-1": endpoint{}, - "us-west-1-fips": endpoint{ + endpointKey{ + Region: "us-west-1-fips", + }: endpoint{ Hostname: "api-fips.sagemaker.us-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-west-1", }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "api-fips.sagemaker.us-west-2.amazonaws.com", }, - "us-west-2": endpoint{}, - "us-west-2-fips": endpoint{ + endpointKey{ + Region: "us-west-2-fips", + }: endpoint{ Hostname: "api-fips.sagemaker.us-west-2.amazonaws.com", CredentialScope: credentialScope{ Region: "us-west-2", }, - }, - }, - }, - "apigateway": service{ - - Endpoints: endpoints{ - "af-south-1": endpoint{}, - "ap-east-1": endpoint{}, - "ap-northeast-1": endpoint{}, - "ap-northeast-2": endpoint{}, - "ap-south-1": endpoint{}, - "ap-southeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "ca-central-1": endpoint{}, - "eu-central-1": endpoint{}, - "eu-north-1": endpoint{}, - "eu-south-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "eu-west-3": endpoint{}, - "me-south-1": endpoint{}, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, - }, - }, - "app-integrations": service{ - - Endpoints: endpoints{ - "ap-northeast-1": endpoint{}, - "ap-southeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "eu-central-1": endpoint{}, - "eu-west-2": endpoint{}, - "us-east-1": endpoint{}, - "us-west-2": endpoint{}, - }, - }, - "appflow": service{ - - Endpoints: endpoints{ - "ap-northeast-1": endpoint{}, - "ap-northeast-2": endpoint{}, - "ap-south-1": endpoint{}, - "ap-southeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "ca-central-1": endpoint{}, - "eu-central-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "eu-west-3": endpoint{}, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, - }, - }, - "application-autoscaling": service{ - Defaults: endpoint{ - Protocols: []string{"http", "https"}, - }, - Endpoints: endpoints{ - "af-south-1": endpoint{}, - "ap-east-1": endpoint{}, - "ap-northeast-1": endpoint{}, - "ap-northeast-2": endpoint{}, - "ap-south-1": endpoint{}, - "ap-southeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "ca-central-1": endpoint{}, - "eu-central-1": endpoint{}, - "eu-north-1": endpoint{}, - "eu-south-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "eu-west-3": endpoint{}, - "me-south-1": endpoint{}, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, - }, - }, - "appmesh": service{ - - Endpoints: endpoints{ - "ap-east-1": endpoint{}, - "ap-northeast-1": endpoint{}, - "ap-northeast-2": endpoint{}, - "ap-south-1": endpoint{}, - "ap-southeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "ca-central-1": endpoint{}, - "eu-central-1": endpoint{}, - "eu-north-1": endpoint{}, - "eu-south-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "eu-west-3": endpoint{}, - "me-south-1": endpoint{}, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, - }, - }, - "appstream2": service{ - Defaults: endpoint{ - Protocols: []string{"https"}, - CredentialScope: credentialScope{ - Service: "appstream", - }, - }, - Endpoints: endpoints{ - "ap-northeast-1": endpoint{}, - "ap-northeast-2": endpoint{}, - "ap-south-1": endpoint{}, - "ap-southeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "eu-central-1": endpoint{}, - "eu-west-1": endpoint{}, - "fips": endpoint{ - Hostname: "appstream2-fips.us-west-2.amazonaws.com", + Deprecated: boxedTrue, + }, + }, + }, + "api.tunneling.iot": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{}, + defaultKey{ + Variant: fipsVariant, + }: endpoint{ + Hostname: "api.tunneling.iot-fips.{region}.{dnsSuffix}", + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "api.tunneling.iot-fips.ca-central-1.amazonaws.com", + }, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "fips-ca-central-1", + }: endpoint{ + Hostname: "api.tunneling.iot-fips.ca-central-1.amazonaws.com", CredentialScope: credentialScope{ - Region: "us-west-2", + Region: "ca-central-1", }, + Deprecated: boxedTrue, }, - "us-east-1": endpoint{}, - "us-west-2": endpoint{}, - }, - }, - "appsync": service{ - - Endpoints: endpoints{ - "ap-east-1": endpoint{}, - "ap-northeast-1": endpoint{}, - "ap-northeast-2": endpoint{}, - "ap-south-1": endpoint{}, - "ap-southeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "ca-central-1": endpoint{}, - "eu-central-1": endpoint{}, - "eu-north-1": endpoint{}, - "eu-south-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "eu-west-3": endpoint{}, - "me-south-1": endpoint{}, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, - }, - }, - "athena": service{ - - Endpoints: endpoints{ - "af-south-1": endpoint{}, - "ap-east-1": endpoint{}, - "ap-northeast-1": endpoint{}, - "ap-northeast-2": endpoint{}, - "ap-south-1": endpoint{}, - "ap-southeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "ca-central-1": endpoint{}, - "eu-central-1": endpoint{}, - "eu-north-1": endpoint{}, - "eu-south-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "eu-west-3": endpoint{}, - "me-south-1": endpoint{}, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, - }, - }, - "autoscaling": service{ - Defaults: endpoint{ - Protocols: []string{"http", "https"}, - }, - Endpoints: endpoints{ - "af-south-1": endpoint{}, - "ap-east-1": endpoint{}, - "ap-northeast-1": endpoint{}, - "ap-northeast-2": endpoint{}, - "ap-south-1": endpoint{}, - "ap-southeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "ca-central-1": endpoint{}, - "eu-central-1": endpoint{}, - "eu-north-1": endpoint{}, - "eu-south-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "eu-west-3": endpoint{}, - "me-south-1": endpoint{}, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, - }, - }, - "autoscaling-plans": service{ - Defaults: endpoint{ - Protocols: []string{"http", "https"}, - }, - Endpoints: endpoints{ - "af-south-1": endpoint{}, - "ap-east-1": endpoint{}, - "ap-northeast-1": endpoint{}, - "ap-northeast-2": endpoint{}, - "ap-south-1": endpoint{}, - "ap-southeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "ca-central-1": endpoint{}, - "eu-central-1": endpoint{}, - "eu-north-1": endpoint{}, - "eu-south-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "eu-west-3": endpoint{}, - "me-south-1": endpoint{}, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, - }, - }, - "backup": service{ - - Endpoints: endpoints{ - "af-south-1": endpoint{}, - "ap-east-1": endpoint{}, - "ap-northeast-1": endpoint{}, - "ap-northeast-2": endpoint{}, - "ap-south-1": endpoint{}, - "ap-southeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "ca-central-1": endpoint{}, - "eu-central-1": endpoint{}, - "eu-north-1": endpoint{}, - "eu-south-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "eu-west-3": endpoint{}, - "me-south-1": endpoint{}, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, - }, - }, - "batch": service{ - - Endpoints: endpoints{ - "ap-east-1": endpoint{}, - "ap-northeast-1": endpoint{}, - "ap-northeast-2": endpoint{}, - "ap-south-1": endpoint{}, - "ap-southeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "ca-central-1": endpoint{}, - "eu-central-1": endpoint{}, - "eu-north-1": endpoint{}, - "eu-south-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "eu-west-3": endpoint{}, - "fips-us-east-1": endpoint{ - Hostname: "fips.batch.us-east-1.amazonaws.com", + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "api.tunneling.iot-fips.us-east-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-east-1", }, + Deprecated: boxedTrue, }, - "fips-us-east-2": endpoint{ - Hostname: "fips.batch.us-east-2.amazonaws.com", + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ + Hostname: "api.tunneling.iot-fips.us-east-2.amazonaws.com", CredentialScope: credentialScope{ Region: "us-east-2", }, + Deprecated: boxedTrue, }, - "fips-us-west-1": endpoint{ - Hostname: "fips.batch.us-west-1.amazonaws.com", + endpointKey{ + Region: "fips-us-west-1", + }: endpoint{ + Hostname: "api.tunneling.iot-fips.us-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-west-1", }, + Deprecated: boxedTrue, }, - "fips-us-west-2": endpoint{ - Hostname: "fips.batch.us-west-2.amazonaws.com", + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "api.tunneling.iot-fips.us-west-2.amazonaws.com", CredentialScope: credentialScope{ Region: "us-west-2", }, - }, - "me-south-1": endpoint{}, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, - }, - }, - "budgets": service{ - PartitionEndpoint: "aws-global", - IsRegionalized: boxedFalse, - - Endpoints: endpoints{ - "aws-global": endpoint{ - Hostname: "budgets.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "api.tunneling.iot-fips.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "api.tunneling.iot-fips.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "api.tunneling.iot-fips.us-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "api.tunneling.iot-fips.us-west-2.amazonaws.com", }, }, }, - "ce": service{ - PartitionEndpoint: "aws-global", - IsRegionalized: boxedFalse, - - Endpoints: endpoints{ - "aws-global": endpoint{ - Hostname: "ce.us-east-1.amazonaws.com", + "apigateway": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "apigateway-fips.ca-central-1.amazonaws.com", + }, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "apigateway-fips.ca-west-1.amazonaws.com", + }, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "fips-ca-central-1", + }: endpoint{ + Hostname: "apigateway-fips.ca-central-1.amazonaws.com", CredentialScope: credentialScope{ - Region: "us-east-1", + Region: "ca-central-1", }, + Deprecated: boxedTrue, }, - }, - }, - "chime": service{ - PartitionEndpoint: "aws-global", - IsRegionalized: boxedFalse, - Defaults: endpoint{ - Protocols: []string{"https"}, - }, - Endpoints: endpoints{ - "aws-global": endpoint{ - Hostname: "chime.us-east-1.amazonaws.com", - Protocols: []string{"https"}, + endpointKey{ + Region: "fips-ca-west-1", + }: endpoint{ + Hostname: "apigateway-fips.ca-west-1.amazonaws.com", CredentialScope: credentialScope{ - Region: "us-east-1", + Region: "ca-west-1", }, + Deprecated: boxedTrue, }, - }, - }, - "cloud9": service{ - - Endpoints: endpoints{ - "ap-east-1": endpoint{}, - "ap-northeast-1": endpoint{}, - "ap-northeast-2": endpoint{}, - "ap-south-1": endpoint{}, - "ap-southeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "ca-central-1": endpoint{}, - "eu-central-1": endpoint{}, - "eu-north-1": endpoint{}, - "eu-south-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "eu-west-3": endpoint{}, - "me-south-1": endpoint{}, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, - }, - }, - "clouddirectory": service{ - - Endpoints: endpoints{ - "ap-southeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "ca-central-1": endpoint{}, - "eu-central-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-2": endpoint{}, - }, - }, - "cloudformation": service{ - - Endpoints: endpoints{ - "af-south-1": endpoint{}, - "ap-east-1": endpoint{}, - "ap-northeast-1": endpoint{}, - "ap-northeast-2": endpoint{}, - "ap-south-1": endpoint{}, - "ap-southeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "ca-central-1": endpoint{}, - "eu-central-1": endpoint{}, - "eu-north-1": endpoint{}, - "eu-south-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "eu-west-3": endpoint{}, - "me-south-1": endpoint{}, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-1-fips": endpoint{ - Hostname: "cloudformation-fips.us-east-1.amazonaws.com", + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "apigateway-fips.us-east-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-east-1", }, + Deprecated: boxedTrue, }, - "us-east-2": endpoint{}, - "us-east-2-fips": endpoint{ - Hostname: "cloudformation-fips.us-east-2.amazonaws.com", + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ + Hostname: "apigateway-fips.us-east-2.amazonaws.com", CredentialScope: credentialScope{ Region: "us-east-2", }, + Deprecated: boxedTrue, }, - "us-west-1": endpoint{}, - "us-west-1-fips": endpoint{ - Hostname: "cloudformation-fips.us-west-1.amazonaws.com", + endpointKey{ + Region: "fips-us-west-1", + }: endpoint{ + Hostname: "apigateway-fips.us-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-west-1", }, + Deprecated: boxedTrue, }, - "us-west-2": endpoint{}, - "us-west-2-fips": endpoint{ - Hostname: "cloudformation-fips.us-west-2.amazonaws.com", + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "apigateway-fips.us-west-2.amazonaws.com", CredentialScope: credentialScope{ Region: "us-west-2", }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "apigateway-fips.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "apigateway-fips.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "apigateway-fips.us-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "apigateway-fips.us-west-2.amazonaws.com", }, }, }, - "cloudfront": service{ - PartitionEndpoint: "aws-global", - IsRegionalized: boxedFalse, - - Endpoints: endpoints{ - "aws-global": endpoint{ - Hostname: "cloudfront.amazonaws.com", - Protocols: []string{"http", "https"}, - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - }, - }, - }, - "cloudhsm": service{ - - Endpoints: endpoints{ - "ap-northeast-1": endpoint{}, - "ap-southeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "ca-central-1": endpoint{}, - "eu-central-1": endpoint{}, - "eu-west-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, - }, - }, - "cloudhsmv2": service{ - Defaults: endpoint{ - CredentialScope: credentialScope{ - Service: "cloudhsm", - }, - }, - Endpoints: endpoints{ - "af-south-1": endpoint{}, - "ap-east-1": endpoint{}, - "ap-northeast-1": endpoint{}, - "ap-northeast-2": endpoint{}, - "ap-south-1": endpoint{}, - "ap-southeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "ca-central-1": endpoint{}, - "eu-central-1": endpoint{}, - "eu-north-1": endpoint{}, - "eu-south-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "eu-west-3": endpoint{}, - "me-south-1": endpoint{}, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, - }, - }, - "cloudsearch": service{ - - Endpoints: endpoints{ - "ap-northeast-1": endpoint{}, - "ap-northeast-2": endpoint{}, - "ap-southeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "eu-central-1": endpoint{}, - "eu-west-1": endpoint{}, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, + "app-integrations": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + }, + }, + "appconfig": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + }, + }, + "appconfigdata": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, }, }, - "cloudtrail": service{ - - Endpoints: endpoints{ - "af-south-1": endpoint{}, - "ap-east-1": endpoint{}, - "ap-northeast-1": endpoint{}, - "ap-northeast-2": endpoint{}, - "ap-south-1": endpoint{}, - "ap-southeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "ca-central-1": endpoint{}, - "eu-central-1": endpoint{}, - "eu-north-1": endpoint{}, - "eu-south-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "eu-west-3": endpoint{}, - "fips-us-east-1": endpoint{ - Hostname: "cloudtrail-fips.us-east-1.amazonaws.com", + "appflow": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "appflow-fips.us-east-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-east-1", }, + Deprecated: boxedTrue, }, - "fips-us-east-2": endpoint{ - Hostname: "cloudtrail-fips.us-east-2.amazonaws.com", + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ + Hostname: "appflow-fips.us-east-2.amazonaws.com", CredentialScope: credentialScope{ Region: "us-east-2", }, + Deprecated: boxedTrue, }, - "fips-us-west-1": endpoint{ - Hostname: "cloudtrail-fips.us-west-1.amazonaws.com", + endpointKey{ + Region: "fips-us-west-1", + }: endpoint{ + Hostname: "appflow-fips.us-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-west-1", }, + Deprecated: boxedTrue, }, - "fips-us-west-2": endpoint{ - Hostname: "cloudtrail-fips.us-west-2.amazonaws.com", + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "appflow-fips.us-west-2.amazonaws.com", CredentialScope: credentialScope{ Region: "us-west-2", }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "appflow-fips.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "appflow-fips.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "appflow-fips.us-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "appflow-fips.us-west-2.amazonaws.com", }, - "me-south-1": endpoint{}, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, }, }, - "codeartifact": service{ - - Endpoints: endpoints{ - "ap-northeast-1": endpoint{}, - "ap-south-1": endpoint{}, - "ap-southeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "eu-central-1": endpoint{}, - "eu-north-1": endpoint{}, - "eu-west-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-2": endpoint{}, + "application-autoscaling": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + Protocols: []string{"http", "https"}, + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + }, + }, + "applicationinsights": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, }, }, - "codebuild": service{ - - Endpoints: endpoints{ - "ap-east-1": endpoint{}, - "ap-northeast-1": endpoint{}, - "ap-northeast-2": endpoint{}, - "ap-south-1": endpoint{}, - "ap-southeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "ca-central-1": endpoint{}, - "eu-central-1": endpoint{}, - "eu-north-1": endpoint{}, - "eu-south-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "eu-west-3": endpoint{}, - "me-south-1": endpoint{}, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-1-fips": endpoint{ - Hostname: "codebuild-fips.us-east-1.amazonaws.com", + "appmesh": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "af-south-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "appmesh.af-south-1.api.aws", + }, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "appmesh.ap-east-1.api.aws", + }, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "appmesh.ap-northeast-1.api.aws", + }, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "appmesh.ap-northeast-2.api.aws", + }, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "appmesh.ap-northeast-3.api.aws", + }, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "appmesh.ap-south-1.api.aws", + }, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "appmesh.ap-southeast-1.api.aws", + }, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "appmesh.ap-southeast-2.api.aws", + }, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "appmesh.ap-southeast-3.api.aws", + }, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "appmesh.ca-central-1.api.aws", + }, + endpointKey{ + Region: "ca-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "appmesh-fips.ca-central-1.amazonaws.com", + }, + endpointKey{ + Region: "ca-central-1", + Variant: fipsVariant | dualStackVariant, + }: endpoint{ + Hostname: "appmesh-fips.ca-central-1.api.aws", + }, + endpointKey{ + Region: "ca-central-1-fips", + }: endpoint{ + Hostname: "appmesh-fips.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "appmesh.eu-central-1.api.aws", + }, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "appmesh.eu-north-1.api.aws", + }, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "appmesh.eu-south-1.api.aws", + }, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "appmesh.eu-west-1.api.aws", + }, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "appmesh.eu-west-2.api.aws", + }, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "appmesh.eu-west-3.api.aws", + }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "il-central-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "appmesh.il-central-1.api.aws", + }, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "appmesh.me-south-1.api.aws", + }, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "appmesh.sa-east-1.api.aws", + }, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "appmesh.us-east-1.api.aws", + }, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "appmesh-fips.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant | dualStackVariant, + }: endpoint{ + Hostname: "appmesh-fips.us-east-1.api.aws", + }, + endpointKey{ + Region: "us-east-1-fips", + }: endpoint{ + Hostname: "appmesh-fips.us-east-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-east-1", }, - }, - "us-east-2": endpoint{}, - "us-east-2-fips": endpoint{ - Hostname: "codebuild-fips.us-east-2.amazonaws.com", + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "appmesh.us-east-2.api.aws", + }, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "appmesh-fips.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant | dualStackVariant, + }: endpoint{ + Hostname: "appmesh-fips.us-east-2.api.aws", + }, + endpointKey{ + Region: "us-east-2-fips", + }: endpoint{ + Hostname: "appmesh-fips.us-east-2.amazonaws.com", CredentialScope: credentialScope{ Region: "us-east-2", }, - }, - "us-west-1": endpoint{}, - "us-west-1-fips": endpoint{ - Hostname: "codebuild-fips.us-west-1.amazonaws.com", + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "appmesh.us-west-1.api.aws", + }, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "appmesh-fips.us-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant | dualStackVariant, + }: endpoint{ + Hostname: "appmesh-fips.us-west-1.api.aws", + }, + endpointKey{ + Region: "us-west-1-fips", + }: endpoint{ + Hostname: "appmesh-fips.us-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-west-1", }, - }, - "us-west-2": endpoint{}, - "us-west-2-fips": endpoint{ - Hostname: "codebuild-fips.us-west-2.amazonaws.com", + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "appmesh.us-west-2.api.aws", + }, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "appmesh-fips.us-west-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant | dualStackVariant, + }: endpoint{ + Hostname: "appmesh-fips.us-west-2.api.aws", + }, + endpointKey{ + Region: "us-west-2-fips", + }: endpoint{ + Hostname: "appmesh-fips.us-west-2.amazonaws.com", CredentialScope: credentialScope{ Region: "us-west-2", }, - }, - }, - }, - "codecommit": service{ - - Endpoints: endpoints{ - "ap-east-1": endpoint{}, - "ap-northeast-1": endpoint{}, - "ap-northeast-2": endpoint{}, - "ap-south-1": endpoint{}, - "ap-southeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "ca-central-1": endpoint{}, - "eu-central-1": endpoint{}, - "eu-north-1": endpoint{}, - "eu-south-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "eu-west-3": endpoint{}, - "fips": endpoint{ - Hostname: "codecommit-fips.ca-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, - }, - "me-south-1": endpoint{}, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, - }, - }, - "codedeploy": service{ - - Endpoints: endpoints{ - "af-south-1": endpoint{}, - "ap-east-1": endpoint{}, - "ap-northeast-1": endpoint{}, - "ap-northeast-2": endpoint{}, - "ap-south-1": endpoint{}, - "ap-southeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "ca-central-1": endpoint{}, - "eu-central-1": endpoint{}, - "eu-north-1": endpoint{}, - "eu-south-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "eu-west-3": endpoint{}, - "me-south-1": endpoint{}, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-1-fips": endpoint{ - Hostname: "codedeploy-fips.us-east-1.amazonaws.com", + Deprecated: boxedTrue, + }, + }, + }, + "apprunner": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "apprunner-fips.us-east-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-east-1", }, + Deprecated: boxedTrue, }, - "us-east-2": endpoint{}, - "us-east-2-fips": endpoint{ - Hostname: "codedeploy-fips.us-east-2.amazonaws.com", + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ + Hostname: "apprunner-fips.us-east-2.amazonaws.com", CredentialScope: credentialScope{ Region: "us-east-2", }, + Deprecated: boxedTrue, }, - "us-west-1": endpoint{}, - "us-west-1-fips": endpoint{ - Hostname: "codedeploy-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - }, - "us-west-2": endpoint{}, - "us-west-2-fips": endpoint{ - Hostname: "codedeploy-fips.us-west-2.amazonaws.com", + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "apprunner-fips.us-west-2.amazonaws.com", CredentialScope: credentialScope{ Region: "us-west-2", }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "apprunner-fips.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "apprunner-fips.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "apprunner-fips.us-west-2.amazonaws.com", }, }, }, - "codepipeline": service{ - - Endpoints: endpoints{ - "ap-northeast-1": endpoint{}, - "ap-northeast-2": endpoint{}, - "ap-south-1": endpoint{}, - "ap-southeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "ca-central-1": endpoint{}, - "eu-central-1": endpoint{}, - "eu-north-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "eu-west-3": endpoint{}, - "fips-ca-central-1": endpoint{ - Hostname: "codepipeline-fips.ca-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, - }, - "fips-us-east-1": endpoint{ - Hostname: "codepipeline-fips.us-east-1.amazonaws.com", + "appstream2": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + Protocols: []string{"https"}, CredentialScope: credentialScope{ - Region: "us-east-1", - }, - }, - "fips-us-east-2": endpoint{ - Hostname: "codepipeline-fips.us-east-2.amazonaws.com", + Service: "appstream", + }, + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "fips", + }: endpoint{ + Hostname: "appstream2-fips.us-west-2.amazonaws.com", CredentialScope: credentialScope{ - Region: "us-east-2", + Region: "us-west-2", }, - }, - "fips-us-west-1": endpoint{ - Hostname: "codepipeline-fips.us-west-1.amazonaws.com", + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "appstream2-fips.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-1-fips", + }: endpoint{ + Hostname: "appstream2-fips.us-east-1.amazonaws.com", CredentialScope: credentialScope{ - Region: "us-west-1", + Region: "us-east-1", }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "appstream2-fips.us-west-2.amazonaws.com", }, - "fips-us-west-2": endpoint{ - Hostname: "codepipeline-fips.us-west-2.amazonaws.com", + endpointKey{ + Region: "us-west-2-fips", + }: endpoint{ + Hostname: "appstream2-fips.us-west-2.amazonaws.com", CredentialScope: credentialScope{ Region: "us-west-2", }, + Deprecated: boxedTrue, }, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, }, }, - "codestar": service{ - - Endpoints: endpoints{ - "ap-northeast-1": endpoint{}, - "ap-northeast-2": endpoint{}, - "ap-southeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "ca-central-1": endpoint{}, - "eu-central-1": endpoint{}, - "eu-north-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, + "appsync": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + }, + }, + "aps": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + Protocols: []string{"https"}, + }, }, - }, - "codestar-connections": service{ - - Endpoints: endpoints{ - "ap-northeast-1": endpoint{}, - "ap-northeast-2": endpoint{}, - "ap-south-1": endpoint{}, - "ap-southeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "ca-central-1": endpoint{}, - "eu-central-1": endpoint{}, - "eu-north-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "eu-west-3": endpoint{}, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + }, + }, + "arc-zonal-shift": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, }, }, - "cognito-identity": service{ - - Endpoints: endpoints{ - "ap-northeast-1": endpoint{}, - "ap-northeast-2": endpoint{}, - "ap-south-1": endpoint{}, - "ap-southeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "ca-central-1": endpoint{}, - "eu-central-1": endpoint{}, - "eu-north-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "eu-west-3": endpoint{}, - "fips-us-east-1": endpoint{ - Hostname: "cognito-identity-fips.us-east-1.amazonaws.com", + "athena": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "af-south-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "athena.af-south-1.api.aws", + }, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "athena.ap-east-1.api.aws", + }, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "athena.ap-northeast-1.api.aws", + }, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "athena.ap-northeast-2.api.aws", + }, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "athena.ap-northeast-3.api.aws", + }, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "athena.ap-south-1.api.aws", + }, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "athena.ap-south-2.api.aws", + }, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "athena.ap-southeast-1.api.aws", + }, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "athena.ap-southeast-2.api.aws", + }, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "athena.ap-southeast-3.api.aws", + }, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "athena.ap-southeast-4.api.aws", + }, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "athena.ca-central-1.api.aws", + }, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "athena.ca-west-1.api.aws", + }, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "athena.eu-central-1.api.aws", + }, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "athena.eu-central-2.api.aws", + }, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "athena.eu-north-1.api.aws", + }, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "athena.eu-south-1.api.aws", + }, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "athena.eu-south-2.api.aws", + }, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "athena.eu-west-1.api.aws", + }, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "athena.eu-west-2.api.aws", + }, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "athena.eu-west-3.api.aws", + }, + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "athena-fips.us-east-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-east-1", }, + Deprecated: boxedTrue, }, - "fips-us-east-2": endpoint{ - Hostname: "cognito-identity-fips.us-east-2.amazonaws.com", + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ + Hostname: "athena-fips.us-east-2.amazonaws.com", CredentialScope: credentialScope{ Region: "us-east-2", }, + Deprecated: boxedTrue, }, - "fips-us-west-2": endpoint{ - Hostname: "cognito-identity-fips.us-west-2.amazonaws.com", + endpointKey{ + Region: "fips-us-west-1", + }: endpoint{ + Hostname: "athena-fips.us-west-1.amazonaws.com", CredentialScope: credentialScope{ - Region: "us-west-2", + Region: "us-west-1", }, + Deprecated: boxedTrue, }, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, - }, - }, - "cognito-idp": service{ - - Endpoints: endpoints{ - "ap-northeast-1": endpoint{}, - "ap-northeast-2": endpoint{}, - "ap-south-1": endpoint{}, - "ap-southeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "ca-central-1": endpoint{}, - "eu-central-1": endpoint{}, - "eu-north-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "eu-west-3": endpoint{}, - "fips-us-east-1": endpoint{ - Hostname: "cognito-idp-fips.us-east-1.amazonaws.com", + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "athena-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "il-central-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "athena.il-central-1.api.aws", + }, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "athena.me-central-1.api.aws", + }, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "athena.me-south-1.api.aws", + }, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "athena.sa-east-1.api.aws", + }, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "athena.us-east-1.api.aws", + }, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "athena-fips.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant | dualStackVariant, + }: endpoint{ + Hostname: "athena-fips.us-east-1.api.aws", + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "athena.us-east-2.api.aws", + }, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "athena-fips.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant | dualStackVariant, + }: endpoint{ + Hostname: "athena-fips.us-east-2.api.aws", + }, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "athena.us-west-1.api.aws", + }, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "athena-fips.us-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant | dualStackVariant, + }: endpoint{ + Hostname: "athena-fips.us-west-1.api.aws", + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "athena.us-west-2.api.aws", + }, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "athena-fips.us-west-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant | dualStackVariant, + }: endpoint{ + Hostname: "athena-fips.us-west-2.api.aws", + }, + }, + }, + "auditmanager": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "auditmanager-fips.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-1-fips", + }: endpoint{ + Hostname: "auditmanager-fips.us-east-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-east-1", }, + Deprecated: boxedTrue, }, - "fips-us-east-2": endpoint{ - Hostname: "cognito-idp-fips.us-east-2.amazonaws.com", + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "auditmanager-fips.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-east-2-fips", + }: endpoint{ + Hostname: "auditmanager-fips.us-east-2.amazonaws.com", CredentialScope: credentialScope{ Region: "us-east-2", }, + Deprecated: boxedTrue, }, - "fips-us-west-2": endpoint{ - Hostname: "cognito-idp-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "auditmanager-fips.us-west-1.amazonaws.com", }, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, - }, - }, - "cognito-sync": service{ - - Endpoints: endpoints{ - "ap-northeast-1": endpoint{}, - "ap-northeast-2": endpoint{}, - "ap-south-1": endpoint{}, - "ap-southeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "eu-central-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-2": endpoint{}, - }, - }, - "comprehend": service{ - Defaults: endpoint{ - Protocols: []string{"https"}, - }, - Endpoints: endpoints{ - "ap-northeast-1": endpoint{}, - "ap-northeast-2": endpoint{}, - "ap-south-1": endpoint{}, - "ap-southeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "ca-central-1": endpoint{}, - "eu-central-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "fips-us-east-1": endpoint{ - Hostname: "comprehend-fips.us-east-1.amazonaws.com", + endpointKey{ + Region: "us-west-1-fips", + }: endpoint{ + Hostname: "auditmanager-fips.us-west-1.amazonaws.com", CredentialScope: credentialScope{ - Region: "us-east-1", + Region: "us-west-1", }, + Deprecated: boxedTrue, }, - "fips-us-east-2": endpoint{ - Hostname: "comprehend-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "auditmanager-fips.us-west-2.amazonaws.com", }, - "fips-us-west-2": endpoint{ - Hostname: "comprehend-fips.us-west-2.amazonaws.com", + endpointKey{ + Region: "us-west-2-fips", + }: endpoint{ + Hostname: "auditmanager-fips.us-west-2.amazonaws.com", CredentialScope: credentialScope{ Region: "us-west-2", }, + Deprecated: boxedTrue, }, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-2": endpoint{}, }, }, - "comprehendmedical": service{ - - Endpoints: endpoints{ - "ap-southeast-2": endpoint{}, - "ca-central-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "fips-us-east-1": endpoint{ - Hostname: "comprehendmedical-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, + "autoscaling": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + Protocols: []string{"http", "https"}, }, - "fips-us-east-2": endpoint{ - Hostname: "comprehendmedical-fips.us-east-2.amazonaws.com", + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "autoscaling-fips.ca-central-1.amazonaws.com", + }, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "autoscaling-fips.ca-west-1.amazonaws.com", + }, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "fips-ca-central-1", + }: endpoint{ + Hostname: "autoscaling-fips.ca-central-1.amazonaws.com", CredentialScope: credentialScope{ - Region: "us-east-2", + Region: "ca-central-1", }, + Deprecated: boxedTrue, }, - "fips-us-west-2": endpoint{ - Hostname: "comprehendmedical-fips.us-west-2.amazonaws.com", + endpointKey{ + Region: "fips-ca-west-1", + }: endpoint{ + Hostname: "autoscaling-fips.ca-west-1.amazonaws.com", CredentialScope: credentialScope{ - Region: "us-west-2", + Region: "ca-west-1", }, + Deprecated: boxedTrue, }, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-2": endpoint{}, - }, - }, - "config": service{ - - Endpoints: endpoints{ - "af-south-1": endpoint{}, - "ap-east-1": endpoint{}, - "ap-northeast-1": endpoint{}, - "ap-northeast-2": endpoint{}, - "ap-south-1": endpoint{}, - "ap-southeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "ca-central-1": endpoint{}, - "eu-central-1": endpoint{}, - "eu-north-1": endpoint{}, - "eu-south-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "eu-west-3": endpoint{}, - "fips-us-east-1": endpoint{ - Hostname: "config-fips.us-east-1.amazonaws.com", + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "autoscaling-fips.us-east-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-east-1", }, + Deprecated: boxedTrue, }, - "fips-us-east-2": endpoint{ - Hostname: "config-fips.us-east-2.amazonaws.com", + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ + Hostname: "autoscaling-fips.us-east-2.amazonaws.com", CredentialScope: credentialScope{ Region: "us-east-2", }, + Deprecated: boxedTrue, }, - "fips-us-west-1": endpoint{ - Hostname: "config-fips.us-west-1.amazonaws.com", + endpointKey{ + Region: "fips-us-west-1", + }: endpoint{ + Hostname: "autoscaling-fips.us-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-west-1", }, + Deprecated: boxedTrue, }, - "fips-us-west-2": endpoint{ - Hostname: "config-fips.us-west-2.amazonaws.com", + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "autoscaling-fips.us-west-2.amazonaws.com", CredentialScope: credentialScope{ Region: "us-west-2", }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "autoscaling-fips.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "autoscaling-fips.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "autoscaling-fips.us-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "autoscaling-fips.us-west-2.amazonaws.com", }, - "me-south-1": endpoint{}, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, }, }, - "connect": service{ - - Endpoints: endpoints{ - "ap-northeast-1": endpoint{}, - "ap-southeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "eu-central-1": endpoint{}, - "eu-west-2": endpoint{}, - "us-east-1": endpoint{}, - "us-west-2": endpoint{}, - }, - }, - "contact-lens": service{ - - Endpoints: endpoints{ - "ap-southeast-2": endpoint{}, - "us-east-1": endpoint{}, - "us-west-2": endpoint{}, - }, - }, - "cur": service{ - - Endpoints: endpoints{ - "us-east-1": endpoint{}, - }, - }, - "data.mediastore": service{ - - Endpoints: endpoints{ - "ap-northeast-1": endpoint{}, - "ap-northeast-2": endpoint{}, - "ap-southeast-2": endpoint{}, - "eu-central-1": endpoint{}, - "eu-north-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "us-east-1": endpoint{}, - "us-west-2": endpoint{}, + "autoscaling-plans": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + Protocols: []string{"http", "https"}, + }, }, - }, - "dataexchange": service{ - - Endpoints: endpoints{ - "ap-northeast-1": endpoint{}, - "ap-northeast-2": endpoint{}, - "ap-southeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "eu-central-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, }, }, - "datapipeline": service{ - - Endpoints: endpoints{ - "ap-northeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "eu-west-1": endpoint{}, - "us-east-1": endpoint{}, - "us-west-2": endpoint{}, + "backup": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + }, + }, + "backup-gateway": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + }, + }, + "backupstorage": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, }, }, - "datasync": service{ - - Endpoints: endpoints{ - "af-south-1": endpoint{}, - "ap-east-1": endpoint{}, - "ap-northeast-1": endpoint{}, - "ap-northeast-2": endpoint{}, - "ap-south-1": endpoint{}, - "ap-southeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "ca-central-1": endpoint{}, - "eu-central-1": endpoint{}, - "eu-north-1": endpoint{}, - "eu-south-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "eu-west-3": endpoint{}, - "fips-ca-central-1": endpoint{ - Hostname: "datasync-fips.ca-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, - }, - "fips-us-east-1": endpoint{ - Hostname: "datasync-fips.us-east-1.amazonaws.com", + "batch": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{}, + defaultKey{ + Variant: fipsVariant, + }: endpoint{ + Hostname: "fips.batch.{region}.{dnsSuffix}", + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "fips.batch.us-east-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-east-1", }, + Deprecated: boxedTrue, }, - "fips-us-east-2": endpoint{ - Hostname: "datasync-fips.us-east-2.amazonaws.com", + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ + Hostname: "fips.batch.us-east-2.amazonaws.com", CredentialScope: credentialScope{ Region: "us-east-2", }, + Deprecated: boxedTrue, }, - "fips-us-west-1": endpoint{ - Hostname: "datasync-fips.us-west-1.amazonaws.com", + endpointKey{ + Region: "fips-us-west-1", + }: endpoint{ + Hostname: "fips.batch.us-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-west-1", }, + Deprecated: boxedTrue, }, - "fips-us-west-2": endpoint{ - Hostname: "datasync-fips.us-west-2.amazonaws.com", + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "fips.batch.us-west-2.amazonaws.com", CredentialScope: credentialScope{ Region: "us-west-2", }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "fips.batch.us-east-1.amazonaws.com", }, - "me-south-1": endpoint{}, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, - }, - }, - "dax": service{ - - Endpoints: endpoints{ - "ap-northeast-1": endpoint{}, - "ap-south-1": endpoint{}, - "ap-southeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "eu-central-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "eu-west-3": endpoint{}, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, - }, - }, - "devicefarm": service{ - - Endpoints: endpoints{ - "us-west-2": endpoint{}, - }, - }, - "directconnect": service{ - - Endpoints: endpoints{ - "af-south-1": endpoint{}, - "ap-east-1": endpoint{}, - "ap-northeast-1": endpoint{}, - "ap-northeast-2": endpoint{}, - "ap-south-1": endpoint{}, - "ap-southeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "ca-central-1": endpoint{}, - "eu-central-1": endpoint{}, - "eu-north-1": endpoint{}, - "eu-south-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "eu-west-3": endpoint{}, - "fips-us-east-1": endpoint{ - Hostname: "directconnect-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - }, - "fips-us-east-2": endpoint{ - Hostname: "directconnect-fips.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "fips.batch.us-east-2.amazonaws.com", }, - "fips-us-west-1": endpoint{ - Hostname: "directconnect-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "fips.batch.us-west-1.amazonaws.com", }, - "fips-us-west-2": endpoint{ - Hostname: "directconnect-fips.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "fips.batch.us-west-2.amazonaws.com", }, - "me-south-1": endpoint{}, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, }, }, - "discovery": service{ - - Endpoints: endpoints{ - "ap-northeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "eu-central-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "us-east-1": endpoint{}, - "us-west-2": endpoint{}, - }, - }, - "dms": service{ - - Endpoints: endpoints{ - "af-south-1": endpoint{}, - "ap-east-1": endpoint{}, - "ap-northeast-1": endpoint{}, - "ap-northeast-2": endpoint{}, - "ap-south-1": endpoint{}, - "ap-southeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "ca-central-1": endpoint{}, - "dms-fips": endpoint{ - Hostname: "dms-fips.us-west-1.amazonaws.com", + "bedrock": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "bedrock-ap-northeast-1", + }: endpoint{ + Hostname: "bedrock.ap-northeast-1.amazonaws.com", CredentialScope: credentialScope{ - Region: "us-west-1", + Region: "ap-northeast-1", }, }, - "eu-central-1": endpoint{}, - "eu-north-1": endpoint{}, - "eu-south-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "eu-west-3": endpoint{}, - "me-south-1": endpoint{}, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, - }, - }, - "docdb": service{ - - Endpoints: endpoints{ - "ap-northeast-1": endpoint{ - Hostname: "rds.ap-northeast-1.amazonaws.com", + endpointKey{ + Region: "bedrock-ap-southeast-1", + }: endpoint{ + Hostname: "bedrock.ap-southeast-1.amazonaws.com", CredentialScope: credentialScope{ - Region: "ap-northeast-1", + Region: "ap-southeast-1", }, }, - "ap-northeast-2": endpoint{ - Hostname: "rds.ap-northeast-2.amazonaws.com", + endpointKey{ + Region: "bedrock-eu-central-1", + }: endpoint{ + Hostname: "bedrock.eu-central-1.amazonaws.com", CredentialScope: credentialScope{ - Region: "ap-northeast-2", + Region: "eu-central-1", }, }, - "ap-south-1": endpoint{ - Hostname: "rds.ap-south-1.amazonaws.com", + endpointKey{ + Region: "bedrock-fips-us-east-1", + }: endpoint{ + Hostname: "bedrock-fips.us-east-1.amazonaws.com", CredentialScope: credentialScope{ - Region: "ap-south-1", + Region: "us-east-1", }, }, - "ap-southeast-1": endpoint{ - Hostname: "rds.ap-southeast-1.amazonaws.com", + endpointKey{ + Region: "bedrock-fips-us-west-2", + }: endpoint{ + Hostname: "bedrock-fips.us-west-2.amazonaws.com", CredentialScope: credentialScope{ - Region: "ap-southeast-1", + Region: "us-west-2", }, }, - "ap-southeast-2": endpoint{ - Hostname: "rds.ap-southeast-2.amazonaws.com", + endpointKey{ + Region: "bedrock-runtime-ap-northeast-1", + }: endpoint{ + Hostname: "bedrock-runtime.ap-northeast-1.amazonaws.com", CredentialScope: credentialScope{ - Region: "ap-southeast-2", + Region: "ap-northeast-1", }, }, - "ca-central-1": endpoint{ - Hostname: "rds.ca-central-1.amazonaws.com", + endpointKey{ + Region: "bedrock-runtime-ap-southeast-1", + }: endpoint{ + Hostname: "bedrock-runtime.ap-southeast-1.amazonaws.com", CredentialScope: credentialScope{ - Region: "ca-central-1", + Region: "ap-southeast-1", }, }, - "eu-central-1": endpoint{ - Hostname: "rds.eu-central-1.amazonaws.com", + endpointKey{ + Region: "bedrock-runtime-eu-central-1", + }: endpoint{ + Hostname: "bedrock-runtime.eu-central-1.amazonaws.com", CredentialScope: credentialScope{ Region: "eu-central-1", }, }, - "eu-west-1": endpoint{ - Hostname: "rds.eu-west-1.amazonaws.com", + endpointKey{ + Region: "bedrock-runtime-fips-us-east-1", + }: endpoint{ + Hostname: "bedrock-runtime-fips.us-east-1.amazonaws.com", CredentialScope: credentialScope{ - Region: "eu-west-1", + Region: "us-east-1", }, }, - "eu-west-2": endpoint{ - Hostname: "rds.eu-west-2.amazonaws.com", + endpointKey{ + Region: "bedrock-runtime-fips-us-west-2", + }: endpoint{ + Hostname: "bedrock-runtime-fips.us-west-2.amazonaws.com", CredentialScope: credentialScope{ - Region: "eu-west-2", + Region: "us-west-2", }, }, - "eu-west-3": endpoint{ - Hostname: "rds.eu-west-3.amazonaws.com", + endpointKey{ + Region: "bedrock-runtime-us-east-1", + }: endpoint{ + Hostname: "bedrock-runtime.us-east-1.amazonaws.com", CredentialScope: credentialScope{ - Region: "eu-west-3", + Region: "us-east-1", }, }, - "sa-east-1": endpoint{ - Hostname: "rds.sa-east-1.amazonaws.com", + endpointKey{ + Region: "bedrock-runtime-us-west-2", + }: endpoint{ + Hostname: "bedrock-runtime.us-west-2.amazonaws.com", CredentialScope: credentialScope{ - Region: "sa-east-1", + Region: "us-west-2", }, }, - "us-east-1": endpoint{ - Hostname: "rds.us-east-1.amazonaws.com", + endpointKey{ + Region: "bedrock-us-east-1", + }: endpoint{ + Hostname: "bedrock.us-east-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-east-1", }, }, - "us-east-2": endpoint{ - Hostname: "rds.us-east-2.amazonaws.com", + endpointKey{ + Region: "bedrock-us-west-2", + }: endpoint{ + Hostname: "bedrock.us-west-2.amazonaws.com", CredentialScope: credentialScope{ - Region: "us-east-2", + Region: "us-west-2", }, }, - "us-west-2": endpoint{ - Hostname: "rds.us-west-2.amazonaws.com", + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + }, + }, + "billingconductor": service{ + PartitionEndpoint: "aws-global", + IsRegionalized: boxedFalse, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "aws-global", + }: endpoint{ + Hostname: "billingconductor.us-east-1.amazonaws.com", CredentialScope: credentialScope{ - Region: "us-west-2", + Region: "us-east-1", }, }, }, }, - "ds": service{ - - Endpoints: endpoints{ - "af-south-1": endpoint{}, - "ap-east-1": endpoint{}, - "ap-northeast-1": endpoint{}, - "ap-northeast-2": endpoint{}, - "ap-south-1": endpoint{}, - "ap-southeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "ca-central-1": endpoint{}, - "eu-central-1": endpoint{}, - "eu-north-1": endpoint{}, - "eu-south-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "eu-west-3": endpoint{}, - "fips-ca-central-1": endpoint{ - Hostname: "ds-fips.ca-central-1.amazonaws.com", + "braket": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + }, + }, + "budgets": service{ + PartitionEndpoint: "aws-global", + IsRegionalized: boxedFalse, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "aws-global", + }: endpoint{ + Hostname: "budgets.amazonaws.com", CredentialScope: credentialScope{ - Region: "ca-central-1", + Region: "us-east-1", }, }, - "fips-us-east-1": endpoint{ - Hostname: "ds-fips.us-east-1.amazonaws.com", + }, + }, + "cases": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{}, + }, + }, + "cassandra": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "cassandra-fips.us-east-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-east-1", }, + Deprecated: boxedTrue, }, - "fips-us-east-2": endpoint{ - Hostname: "ds-fips.us-east-2.amazonaws.com", + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "cassandra-fips.us-west-2.amazonaws.com", CredentialScope: credentialScope{ - Region: "us-east-2", + Region: "us-west-2", }, - }, - "fips-us-west-1": endpoint{ - Hostname: "ds-fips.us-west-1.amazonaws.com", + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "cassandra-fips.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "cassandra-fips.us-west-2.amazonaws.com", + }, + }, + }, + "catalog.marketplace": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + }, + }, + "ce": service{ + PartitionEndpoint: "aws-global", + IsRegionalized: boxedFalse, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "aws-global", + }: endpoint{ + Hostname: "ce.us-east-1.amazonaws.com", CredentialScope: credentialScope{ - Region: "us-west-1", + Region: "us-east-1", }, }, - "fips-us-west-2": endpoint{ - Hostname: "ds-fips.us-west-2.amazonaws.com", + }, + }, + "chime": service{ + PartitionEndpoint: "aws-global", + IsRegionalized: boxedFalse, + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + Protocols: []string{"https"}, + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "aws-global", + }: endpoint{ + Hostname: "chime.us-east-1.amazonaws.com", + Protocols: []string{"https"}, CredentialScope: credentialScope{ - Region: "us-west-2", + Region: "us-east-1", }, }, - "me-south-1": endpoint{}, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, }, }, - "dynamodb": service{ - Defaults: endpoint{ - Protocols: []string{"http", "https"}, - }, - Endpoints: endpoints{ - "af-south-1": endpoint{}, - "ap-east-1": endpoint{}, - "ap-northeast-1": endpoint{}, - "ap-northeast-2": endpoint{}, - "ap-south-1": endpoint{}, - "ap-southeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "ca-central-1": endpoint{}, - "ca-central-1-fips": endpoint{ - Hostname: "dynamodb-fips.ca-central-1.amazonaws.com", + "cleanrooms": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + }, + }, + "cloud9": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + }, + }, + "cloudcontrolapi": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "cloudcontrolapi-fips.ca-central-1.amazonaws.com", + }, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "cloudcontrolapi-fips.ca-west-1.amazonaws.com", + }, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "fips-ca-central-1", + }: endpoint{ + Hostname: "cloudcontrolapi-fips.ca-central-1.amazonaws.com", CredentialScope: credentialScope{ Region: "ca-central-1", }, + Deprecated: boxedTrue, }, - "eu-central-1": endpoint{}, - "eu-north-1": endpoint{}, - "eu-south-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "eu-west-3": endpoint{}, - "local": endpoint{ - Hostname: "localhost:8000", - Protocols: []string{"http"}, + endpointKey{ + Region: "fips-ca-west-1", + }: endpoint{ + Hostname: "cloudcontrolapi-fips.ca-west-1.amazonaws.com", CredentialScope: credentialScope{ - Region: "us-east-1", + Region: "ca-west-1", }, + Deprecated: boxedTrue, }, - "me-south-1": endpoint{}, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-1-fips": endpoint{ - Hostname: "dynamodb-fips.us-east-1.amazonaws.com", + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "cloudcontrolapi-fips.us-east-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-east-1", }, + Deprecated: boxedTrue, }, - "us-east-2": endpoint{}, - "us-east-2-fips": endpoint{ - Hostname: "dynamodb-fips.us-east-2.amazonaws.com", + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ + Hostname: "cloudcontrolapi-fips.us-east-2.amazonaws.com", CredentialScope: credentialScope{ Region: "us-east-2", }, + Deprecated: boxedTrue, }, - "us-west-1": endpoint{}, - "us-west-1-fips": endpoint{ - Hostname: "dynamodb-fips.us-west-1.amazonaws.com", + endpointKey{ + Region: "fips-us-west-1", + }: endpoint{ + Hostname: "cloudcontrolapi-fips.us-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-west-1", }, + Deprecated: boxedTrue, }, - "us-west-2": endpoint{}, - "us-west-2-fips": endpoint{ - Hostname: "dynamodb-fips.us-west-2.amazonaws.com", + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "cloudcontrolapi-fips.us-west-2.amazonaws.com", CredentialScope: credentialScope{ Region: "us-west-2", }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "cloudcontrolapi-fips.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "cloudcontrolapi-fips.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "cloudcontrolapi-fips.us-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "cloudcontrolapi-fips.us-west-2.amazonaws.com", }, }, }, - "ebs": service{ - - Endpoints: endpoints{ - "af-south-1": endpoint{}, - "ap-east-1": endpoint{}, - "ap-northeast-1": endpoint{}, - "ap-northeast-2": endpoint{}, - "ap-south-1": endpoint{}, - "ap-southeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "ca-central-1": endpoint{}, - "eu-central-1": endpoint{}, - "eu-north-1": endpoint{}, - "eu-south-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "eu-west-3": endpoint{}, - "fips-ca-central-1": endpoint{ - Hostname: "ebs-fips.ca-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, + "clouddirectory": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + }, + }, + "cloudformation": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "cloudformation-fips.us-east-1.amazonaws.com", }, - "fips-us-east-1": endpoint{ - Hostname: "ebs-fips.us-east-1.amazonaws.com", + endpointKey{ + Region: "us-east-1-fips", + }: endpoint{ + Hostname: "cloudformation-fips.us-east-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-east-1", }, + Deprecated: boxedTrue, }, - "fips-us-east-2": endpoint{ - Hostname: "ebs-fips.us-east-2.amazonaws.com", + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "cloudformation-fips.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-east-2-fips", + }: endpoint{ + Hostname: "cloudformation-fips.us-east-2.amazonaws.com", CredentialScope: credentialScope{ Region: "us-east-2", }, + Deprecated: boxedTrue, }, - "fips-us-west-1": endpoint{ - Hostname: "ebs-fips.us-west-1.amazonaws.com", + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "cloudformation-fips.us-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-west-1-fips", + }: endpoint{ + Hostname: "cloudformation-fips.us-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-west-1", }, + Deprecated: boxedTrue, }, - "fips-us-west-2": endpoint{ - Hostname: "ebs-fips.us-west-2.amazonaws.com", + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "cloudformation-fips.us-west-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2-fips", + }: endpoint{ + Hostname: "cloudformation-fips.us-west-2.amazonaws.com", CredentialScope: credentialScope{ Region: "us-west-2", }, + Deprecated: boxedTrue, }, - "me-south-1": endpoint{}, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, }, }, - "ec2": service{ - Defaults: endpoint{ - Protocols: []string{"http", "https"}, - }, - Endpoints: endpoints{ - "af-south-1": endpoint{}, - "ap-east-1": endpoint{}, - "ap-northeast-1": endpoint{}, - "ap-northeast-2": endpoint{}, - "ap-south-1": endpoint{}, - "ap-southeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "ca-central-1": endpoint{}, - "eu-central-1": endpoint{}, - "eu-north-1": endpoint{}, - "eu-south-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "eu-west-3": endpoint{}, - "fips-ca-central-1": endpoint{ - Hostname: "ec2-fips.ca-central-1.amazonaws.com", + "cloudfront": service{ + PartitionEndpoint: "aws-global", + IsRegionalized: boxedFalse, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "aws-global", + }: endpoint{ + Hostname: "cloudfront.amazonaws.com", + Protocols: []string{"http", "https"}, CredentialScope: credentialScope{ - Region: "ca-central-1", + Region: "us-east-1", }, }, - "fips-us-east-1": endpoint{ - Hostname: "ec2-fips.us-east-1.amazonaws.com", + }, + }, + "cloudhsm": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + }, + }, + "cloudhsmv2": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + CredentialScope: credentialScope{ + Service: "cloudhsm", + }, + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + }, + }, + "cloudsearch": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + }, + }, + "cloudtrail": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "cloudtrail-fips.us-east-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-east-1", }, + Deprecated: boxedTrue, }, - "fips-us-east-2": endpoint{ - Hostname: "ec2-fips.us-east-2.amazonaws.com", + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ + Hostname: "cloudtrail-fips.us-east-2.amazonaws.com", CredentialScope: credentialScope{ Region: "us-east-2", }, + Deprecated: boxedTrue, }, - "fips-us-west-1": endpoint{ - Hostname: "ec2-fips.us-west-1.amazonaws.com", + endpointKey{ + Region: "fips-us-west-1", + }: endpoint{ + Hostname: "cloudtrail-fips.us-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-west-1", }, + Deprecated: boxedTrue, }, - "fips-us-west-2": endpoint{ - Hostname: "ec2-fips.us-west-2.amazonaws.com", + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "cloudtrail-fips.us-west-2.amazonaws.com", CredentialScope: credentialScope{ Region: "us-west-2", }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "cloudtrail-fips.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "cloudtrail-fips.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "cloudtrail-fips.us-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "cloudtrail-fips.us-west-2.amazonaws.com", }, - "me-south-1": endpoint{}, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, }, }, - "ec2metadata": service{ - PartitionEndpoint: "aws-global", - IsRegionalized: boxedFalse, - - Endpoints: endpoints{ - "aws-global": endpoint{ - Hostname: "169.254.169.254/latest", - Protocols: []string{"http"}, - }, + "cloudtrail-data": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, }, }, - "ecs": service{ - - Endpoints: endpoints{ - "af-south-1": endpoint{}, - "ap-east-1": endpoint{}, - "ap-northeast-1": endpoint{}, - "ap-northeast-2": endpoint{}, - "ap-south-1": endpoint{}, - "ap-southeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "ca-central-1": endpoint{}, - "eu-central-1": endpoint{}, - "eu-north-1": endpoint{}, - "eu-south-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "eu-west-3": endpoint{}, - "fips-us-east-1": endpoint{ - Hostname: "ecs-fips.us-east-1.amazonaws.com", + "codeartifact": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + }, + }, + "codebuild": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "codebuild-fips.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-1-fips", + }: endpoint{ + Hostname: "codebuild-fips.us-east-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-east-1", }, + Deprecated: boxedTrue, }, - "fips-us-east-2": endpoint{ - Hostname: "ecs-fips.us-east-2.amazonaws.com", + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "codebuild-fips.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-east-2-fips", + }: endpoint{ + Hostname: "codebuild-fips.us-east-2.amazonaws.com", CredentialScope: credentialScope{ Region: "us-east-2", }, + Deprecated: boxedTrue, }, - "fips-us-west-1": endpoint{ - Hostname: "ecs-fips.us-west-1.amazonaws.com", + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "codebuild-fips.us-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-west-1-fips", + }: endpoint{ + Hostname: "codebuild-fips.us-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-west-1", }, + Deprecated: boxedTrue, }, - "fips-us-west-2": endpoint{ - Hostname: "ecs-fips.us-west-2.amazonaws.com", + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "codebuild-fips.us-west-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2-fips", + }: endpoint{ + Hostname: "codebuild-fips.us-west-2.amazonaws.com", CredentialScope: credentialScope{ Region: "us-west-2", }, + Deprecated: boxedTrue, }, - "me-south-1": endpoint{}, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, }, }, - "eks": service{ - Defaults: endpoint{ - Protocols: []string{"http", "https"}, - }, - Endpoints: endpoints{ - "af-south-1": endpoint{}, - "ap-east-1": endpoint{}, - "ap-northeast-1": endpoint{}, - "ap-northeast-2": endpoint{}, - "ap-south-1": endpoint{}, - "ap-southeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "ca-central-1": endpoint{}, - "eu-central-1": endpoint{}, - "eu-north-1": endpoint{}, - "eu-south-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "eu-west-3": endpoint{}, - "fips-us-east-1": endpoint{ - Hostname: "fips.eks.us-east-1.amazonaws.com", + "codecatalyst": service{ + PartitionEndpoint: "aws-global", + IsRegionalized: boxedFalse, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "aws-global", + }: endpoint{ + Hostname: "codecatalyst.global.api.aws", + }, + }, + }, + "codecommit": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "codecommit-fips.ca-central-1.amazonaws.com", + }, + endpointKey{ + Region: "ca-central-1-fips", + }: endpoint{ + Hostname: "codecommit-fips.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "fips", + }: endpoint{ + Hostname: "codecommit-fips.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "codecommit-fips.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-1-fips", + }: endpoint{ + Hostname: "codecommit-fips.us-east-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-east-1", }, + Deprecated: boxedTrue, }, - "fips-us-east-2": endpoint{ - Hostname: "fips.eks.us-east-2.amazonaws.com", + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "codecommit-fips.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-east-2-fips", + }: endpoint{ + Hostname: "codecommit-fips.us-east-2.amazonaws.com", CredentialScope: credentialScope{ Region: "us-east-2", }, + Deprecated: boxedTrue, }, - "fips-us-west-1": endpoint{ - Hostname: "fips.eks.us-west-1.amazonaws.com", + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "codecommit-fips.us-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-west-1-fips", + }: endpoint{ + Hostname: "codecommit-fips.us-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-west-1", }, + Deprecated: boxedTrue, }, - "fips-us-west-2": endpoint{ - Hostname: "fips.eks.us-west-2.amazonaws.com", + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "codecommit-fips.us-west-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2-fips", + }: endpoint{ + Hostname: "codecommit-fips.us-west-2.amazonaws.com", CredentialScope: credentialScope{ Region: "us-west-2", }, + Deprecated: boxedTrue, }, - "me-south-1": endpoint{}, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, }, }, - "elasticache": service{ - - Endpoints: endpoints{ - "af-south-1": endpoint{}, - "ap-east-1": endpoint{}, - "ap-northeast-1": endpoint{}, - "ap-northeast-2": endpoint{}, - "ap-south-1": endpoint{}, - "ap-southeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "ca-central-1": endpoint{}, - "eu-central-1": endpoint{}, - "eu-north-1": endpoint{}, - "eu-south-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "eu-west-3": endpoint{}, - "fips": endpoint{ - Hostname: "elasticache-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, + "codedeploy": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "codedeploy-fips.us-east-1.amazonaws.com", }, - "me-south-1": endpoint{}, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, - }, - }, - "elasticbeanstalk": service{ - - Endpoints: endpoints{ - "af-south-1": endpoint{}, - "ap-east-1": endpoint{}, - "ap-northeast-1": endpoint{}, - "ap-northeast-2": endpoint{}, - "ap-south-1": endpoint{}, - "ap-southeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "ca-central-1": endpoint{}, - "eu-central-1": endpoint{}, - "eu-north-1": endpoint{}, - "eu-south-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "eu-west-3": endpoint{}, - "fips-us-east-1": endpoint{ - Hostname: "elasticbeanstalk-fips.us-east-1.amazonaws.com", + endpointKey{ + Region: "us-east-1-fips", + }: endpoint{ + Hostname: "codedeploy-fips.us-east-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-east-1", }, + Deprecated: boxedTrue, }, - "fips-us-east-2": endpoint{ - Hostname: "elasticbeanstalk-fips.us-east-2.amazonaws.com", + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "codedeploy-fips.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-east-2-fips", + }: endpoint{ + Hostname: "codedeploy-fips.us-east-2.amazonaws.com", CredentialScope: credentialScope{ Region: "us-east-2", }, + Deprecated: boxedTrue, }, - "fips-us-west-1": endpoint{ - Hostname: "elasticbeanstalk-fips.us-west-1.amazonaws.com", + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "codedeploy-fips.us-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-west-1-fips", + }: endpoint{ + Hostname: "codedeploy-fips.us-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-west-1", }, + Deprecated: boxedTrue, }, - "fips-us-west-2": endpoint{ - Hostname: "elasticbeanstalk-fips.us-west-2.amazonaws.com", + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "codedeploy-fips.us-west-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2-fips", + }: endpoint{ + Hostname: "codedeploy-fips.us-west-2.amazonaws.com", CredentialScope: credentialScope{ Region: "us-west-2", }, - }, - "me-south-1": endpoint{}, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, + Deprecated: boxedTrue, + }, + }, + }, + "codeguru-reviewer": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, }, }, - "elasticfilesystem": service{ - - Endpoints: endpoints{ - "af-south-1": endpoint{}, - "ap-east-1": endpoint{}, - "ap-northeast-1": endpoint{}, - "ap-northeast-2": endpoint{}, - "ap-south-1": endpoint{}, - "ap-southeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "ca-central-1": endpoint{}, - "eu-central-1": endpoint{}, - "eu-north-1": endpoint{}, - "eu-south-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "eu-west-3": endpoint{}, - "fips-af-south-1": endpoint{ - Hostname: "elasticfilesystem-fips.af-south-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "af-south-1", - }, - }, - "fips-ap-east-1": endpoint{ - Hostname: "elasticfilesystem-fips.ap-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-east-1", - }, + "codepipeline": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "codepipeline-fips.ca-central-1.amazonaws.com", }, - "fips-ap-northeast-1": endpoint{ - Hostname: "elasticfilesystem-fips.ap-northeast-1.amazonaws.com", + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "fips-ca-central-1", + }: endpoint{ + Hostname: "codepipeline-fips.ca-central-1.amazonaws.com", CredentialScope: credentialScope{ - Region: "ap-northeast-1", + Region: "ca-central-1", }, + Deprecated: boxedTrue, }, - "fips-ap-northeast-2": endpoint{ - Hostname: "elasticfilesystem-fips.ap-northeast-2.amazonaws.com", + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "codepipeline-fips.us-east-1.amazonaws.com", CredentialScope: credentialScope{ - Region: "ap-northeast-2", + Region: "us-east-1", }, + Deprecated: boxedTrue, }, - "fips-ap-south-1": endpoint{ - Hostname: "elasticfilesystem-fips.ap-south-1.amazonaws.com", + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ + Hostname: "codepipeline-fips.us-east-2.amazonaws.com", CredentialScope: credentialScope{ - Region: "ap-south-1", + Region: "us-east-2", }, + Deprecated: boxedTrue, }, - "fips-ap-southeast-1": endpoint{ - Hostname: "elasticfilesystem-fips.ap-southeast-1.amazonaws.com", + endpointKey{ + Region: "fips-us-west-1", + }: endpoint{ + Hostname: "codepipeline-fips.us-west-1.amazonaws.com", CredentialScope: credentialScope{ - Region: "ap-southeast-1", + Region: "us-west-1", }, + Deprecated: boxedTrue, }, - "fips-ap-southeast-2": endpoint{ - Hostname: "elasticfilesystem-fips.ap-southeast-2.amazonaws.com", + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "codepipeline-fips.us-west-2.amazonaws.com", CredentialScope: credentialScope{ - Region: "ap-southeast-2", + Region: "us-west-2", }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "codepipeline-fips.us-east-1.amazonaws.com", }, - "fips-ca-central-1": endpoint{ - Hostname: "elasticfilesystem-fips.ca-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "codepipeline-fips.us-east-2.amazonaws.com", }, - "fips-eu-central-1": endpoint{ - Hostname: "elasticfilesystem-fips.eu-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-central-1", - }, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "codepipeline-fips.us-west-1.amazonaws.com", }, - "fips-eu-north-1": endpoint{ - Hostname: "elasticfilesystem-fips.eu-north-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-north-1", - }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "codepipeline-fips.us-west-2.amazonaws.com", }, - "fips-eu-south-1": endpoint{ - Hostname: "elasticfilesystem-fips.eu-south-1.amazonaws.com", + }, + }, + "codestar": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + }, + }, + "codestar-connections": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + }, + }, + "codestar-notifications": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + }, + }, + "cognito-identity": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "cognito-identity-fips.us-east-1.amazonaws.com", CredentialScope: credentialScope{ - Region: "eu-south-1", + Region: "us-east-1", }, + Deprecated: boxedTrue, }, - "fips-eu-west-1": endpoint{ - Hostname: "elasticfilesystem-fips.eu-west-1.amazonaws.com", + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ + Hostname: "cognito-identity-fips.us-east-2.amazonaws.com", CredentialScope: credentialScope{ - Region: "eu-west-1", + Region: "us-east-2", }, + Deprecated: boxedTrue, }, - "fips-eu-west-2": endpoint{ - Hostname: "elasticfilesystem-fips.eu-west-2.amazonaws.com", + endpointKey{ + Region: "fips-us-west-1", + }: endpoint{ + Hostname: "cognito-identity-fips.us-west-1.amazonaws.com", CredentialScope: credentialScope{ - Region: "eu-west-2", + Region: "us-west-1", }, + Deprecated: boxedTrue, }, - "fips-eu-west-3": endpoint{ - Hostname: "elasticfilesystem-fips.eu-west-3.amazonaws.com", + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "cognito-identity-fips.us-west-2.amazonaws.com", CredentialScope: credentialScope{ - Region: "eu-west-3", + Region: "us-west-2", }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "cognito-identity-fips.us-east-1.amazonaws.com", }, - "fips-me-south-1": endpoint{ - Hostname: "elasticfilesystem-fips.me-south-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "me-south-1", - }, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "cognito-identity-fips.us-east-2.amazonaws.com", }, - "fips-sa-east-1": endpoint{ - Hostname: "elasticfilesystem-fips.sa-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "sa-east-1", - }, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "cognito-identity-fips.us-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "cognito-identity-fips.us-west-2.amazonaws.com", }, - "fips-us-east-1": endpoint{ - Hostname: "elasticfilesystem-fips.us-east-1.amazonaws.com", + }, + }, + "cognito-idp": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "cognito-idp-fips.us-east-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-east-1", }, + Deprecated: boxedTrue, }, - "fips-us-east-2": endpoint{ - Hostname: "elasticfilesystem-fips.us-east-2.amazonaws.com", + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ + Hostname: "cognito-idp-fips.us-east-2.amazonaws.com", CredentialScope: credentialScope{ Region: "us-east-2", }, + Deprecated: boxedTrue, }, - "fips-us-west-1": endpoint{ - Hostname: "elasticfilesystem-fips.us-west-1.amazonaws.com", + endpointKey{ + Region: "fips-us-west-1", + }: endpoint{ + Hostname: "cognito-idp-fips.us-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-west-1", }, + Deprecated: boxedTrue, }, - "fips-us-west-2": endpoint{ - Hostname: "elasticfilesystem-fips.us-west-2.amazonaws.com", + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "cognito-idp-fips.us-west-2.amazonaws.com", CredentialScope: credentialScope{ Region: "us-west-2", }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "cognito-idp-fips.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "cognito-idp-fips.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "cognito-idp-fips.us-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "cognito-idp-fips.us-west-2.amazonaws.com", }, - "me-south-1": endpoint{}, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, }, }, - "elasticloadbalancing": service{ - Defaults: endpoint{ - Protocols: []string{"https"}, - }, - Endpoints: endpoints{ - "af-south-1": endpoint{}, - "ap-east-1": endpoint{}, - "ap-northeast-1": endpoint{}, - "ap-northeast-2": endpoint{}, - "ap-south-1": endpoint{}, - "ap-southeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "ca-central-1": endpoint{}, - "eu-central-1": endpoint{}, - "eu-north-1": endpoint{}, - "eu-south-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "eu-west-3": endpoint{}, - "fips-us-east-1": endpoint{ - Hostname: "elasticloadbalancing-fips.us-east-1.amazonaws.com", + "cognito-sync": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + }, + }, + "comprehend": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + Protocols: []string{"https"}, + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "comprehend-fips.us-east-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-east-1", }, + Deprecated: boxedTrue, }, - "fips-us-east-2": endpoint{ - Hostname: "elasticloadbalancing-fips.us-east-2.amazonaws.com", + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ + Hostname: "comprehend-fips.us-east-2.amazonaws.com", CredentialScope: credentialScope{ Region: "us-east-2", }, + Deprecated: boxedTrue, }, - "fips-us-west-1": endpoint{ - Hostname: "elasticloadbalancing-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - }, - "fips-us-west-2": endpoint{ - Hostname: "elasticloadbalancing-fips.us-west-2.amazonaws.com", + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "comprehend-fips.us-west-2.amazonaws.com", CredentialScope: credentialScope{ Region: "us-west-2", }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "comprehend-fips.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "comprehend-fips.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "comprehend-fips.us-west-2.amazonaws.com", }, - "me-south-1": endpoint{}, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, }, }, - "elasticmapreduce": service{ - Defaults: endpoint{ - SSLCommonName: "{region}.{service}.{dnsSuffix}", - Protocols: []string{"https"}, - }, - Endpoints: endpoints{ - "af-south-1": endpoint{}, - "ap-east-1": endpoint{}, - "ap-northeast-1": endpoint{}, - "ap-northeast-2": endpoint{}, - "ap-south-1": endpoint{}, - "ap-southeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "ca-central-1": endpoint{}, - "eu-central-1": endpoint{ - SSLCommonName: "{service}.{region}.{dnsSuffix}", - }, - "eu-north-1": endpoint{}, - "eu-south-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "eu-west-3": endpoint{}, - "fips-ca-central-1": endpoint{ - Hostname: "elasticmapreduce-fips.ca-central-1.amazonaws.com", + "comprehendmedical": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "comprehendmedical-fips.ca-central-1.amazonaws.com", + }, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "fips-ca-central-1", + }: endpoint{ + Hostname: "comprehendmedical-fips.ca-central-1.amazonaws.com", CredentialScope: credentialScope{ Region: "ca-central-1", }, + Deprecated: boxedTrue, }, - "fips-us-east-1": endpoint{ - Hostname: "elasticmapreduce-fips.us-east-1.amazonaws.com", + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "comprehendmedical-fips.us-east-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-east-1", }, + Deprecated: boxedTrue, }, - "fips-us-east-2": endpoint{ - Hostname: "elasticmapreduce-fips.us-east-2.amazonaws.com", + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ + Hostname: "comprehendmedical-fips.us-east-2.amazonaws.com", CredentialScope: credentialScope{ Region: "us-east-2", }, + Deprecated: boxedTrue, }, - "fips-us-west-1": endpoint{ - Hostname: "elasticmapreduce-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - }, - "fips-us-west-2": endpoint{ - Hostname: "elasticmapreduce-fips.us-west-2.amazonaws.com", + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "comprehendmedical-fips.us-west-2.amazonaws.com", CredentialScope: credentialScope{ Region: "us-west-2", }, + Deprecated: boxedTrue, }, - "me-south-1": endpoint{}, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{ - SSLCommonName: "{service}.{region}.{dnsSuffix}", + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "comprehendmedical-fips.us-east-1.amazonaws.com", }, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, - }, - }, - "elastictranscoder": service{ - - Endpoints: endpoints{ - "ap-northeast-1": endpoint{}, - "ap-south-1": endpoint{}, - "ap-southeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "eu-west-1": endpoint{}, - "us-east-1": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, - }, - }, - "email": service{ - - Endpoints: endpoints{ - "ap-south-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "eu-central-1": endpoint{}, - "eu-west-1": endpoint{}, - "us-east-1": endpoint{}, - "us-west-2": endpoint{}, - }, - }, - "entitlement.marketplace": service{ - Defaults: endpoint{ - CredentialScope: credentialScope{ - Service: "aws-marketplace", + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "comprehendmedical-fips.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "comprehendmedical-fips.us-west-2.amazonaws.com", }, - }, - Endpoints: endpoints{ - "us-east-1": endpoint{}, }, }, - "es": service{ - - Endpoints: endpoints{ - "af-south-1": endpoint{}, - "ap-east-1": endpoint{}, - "ap-northeast-1": endpoint{}, - "ap-northeast-2": endpoint{}, - "ap-south-1": endpoint{}, - "ap-southeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "ca-central-1": endpoint{}, - "eu-central-1": endpoint{}, - "eu-north-1": endpoint{}, - "eu-south-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "eu-west-3": endpoint{}, - "fips": endpoint{ - Hostname: "es-fips.us-west-1.amazonaws.com", + "compute-optimizer": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{ + Hostname: "compute-optimizer.af-south-1.amazonaws.com", CredentialScope: credentialScope{ - Region: "us-west-1", + Region: "af-south-1", }, }, - "me-south-1": endpoint{}, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, - }, - }, - "events": service{ - - Endpoints: endpoints{ - "af-south-1": endpoint{}, - "ap-east-1": endpoint{}, - "ap-northeast-1": endpoint{}, - "ap-northeast-2": endpoint{}, - "ap-south-1": endpoint{}, - "ap-southeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "ca-central-1": endpoint{}, - "eu-central-1": endpoint{}, - "eu-north-1": endpoint{}, - "eu-south-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "eu-west-3": endpoint{}, - "fips-us-east-1": endpoint{ - Hostname: "events-fips.us-east-1.amazonaws.com", + endpointKey{ + Region: "ap-east-1", + }: endpoint{ + Hostname: "compute-optimizer.ap-east-1.amazonaws.com", CredentialScope: credentialScope{ - Region: "us-east-1", + Region: "ap-east-1", }, }, - "fips-us-east-2": endpoint{ - Hostname: "events-fips.us-east-2.amazonaws.com", + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{ + Hostname: "compute-optimizer.ap-northeast-1.amazonaws.com", CredentialScope: credentialScope{ - Region: "us-east-2", + Region: "ap-northeast-1", }, }, - "fips-us-west-1": endpoint{ - Hostname: "events-fips.us-west-1.amazonaws.com", + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{ + Hostname: "compute-optimizer.ap-northeast-2.amazonaws.com", CredentialScope: credentialScope{ - Region: "us-west-1", + Region: "ap-northeast-2", }, }, - "fips-us-west-2": endpoint{ - Hostname: "events-fips.us-west-2.amazonaws.com", + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{ + Hostname: "compute-optimizer.ap-northeast-3.amazonaws.com", CredentialScope: credentialScope{ - Region: "us-west-2", + Region: "ap-northeast-3", }, }, - "me-south-1": endpoint{}, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, - }, - }, - "firehose": service{ - - Endpoints: endpoints{ - "af-south-1": endpoint{}, - "ap-east-1": endpoint{}, - "ap-northeast-1": endpoint{}, - "ap-northeast-2": endpoint{}, - "ap-south-1": endpoint{}, - "ap-southeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "ca-central-1": endpoint{}, - "eu-central-1": endpoint{}, - "eu-north-1": endpoint{}, - "eu-south-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "eu-west-3": endpoint{}, - "fips-us-east-1": endpoint{ - Hostname: "firehose-fips.us-east-1.amazonaws.com", + endpointKey{ + Region: "ap-south-1", + }: endpoint{ + Hostname: "compute-optimizer.ap-south-1.amazonaws.com", CredentialScope: credentialScope{ - Region: "us-east-1", + Region: "ap-south-1", }, }, - "fips-us-east-2": endpoint{ - Hostname: "firehose-fips.us-east-2.amazonaws.com", + endpointKey{ + Region: "ap-south-2", + }: endpoint{ + Hostname: "compute-optimizer.ap-south-2.amazonaws.com", CredentialScope: credentialScope{ - Region: "us-east-2", + Region: "ap-south-2", }, }, - "fips-us-west-1": endpoint{ - Hostname: "firehose-fips.us-west-1.amazonaws.com", + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{ + Hostname: "compute-optimizer.ap-southeast-1.amazonaws.com", CredentialScope: credentialScope{ - Region: "us-west-1", + Region: "ap-southeast-1", }, }, - "fips-us-west-2": endpoint{ - Hostname: "firehose-fips.us-west-2.amazonaws.com", + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{ + Hostname: "compute-optimizer.ap-southeast-2.amazonaws.com", CredentialScope: credentialScope{ - Region: "us-west-2", + Region: "ap-southeast-2", }, }, - "me-south-1": endpoint{}, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, - }, - }, - "fms": service{ - Defaults: endpoint{ - Protocols: []string{"https"}, - }, - Endpoints: endpoints{ - "af-south-1": endpoint{}, - "ap-east-1": endpoint{}, - "ap-northeast-1": endpoint{}, - "ap-northeast-2": endpoint{}, - "ap-south-1": endpoint{}, - "ap-southeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "ca-central-1": endpoint{}, - "eu-central-1": endpoint{}, - "eu-north-1": endpoint{}, - "eu-south-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "eu-west-3": endpoint{}, - "fips-ap-northeast-1": endpoint{ - Hostname: "fms-fips.ap-northeast-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-northeast-1", - }, - }, - "fips-ap-northeast-2": endpoint{ - Hostname: "fms-fips.ap-northeast-2.amazonaws.com", + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{ + Hostname: "compute-optimizer.ap-southeast-3.amazonaws.com", CredentialScope: credentialScope{ - Region: "ap-northeast-2", + Region: "ap-southeast-3", }, }, - "fips-ap-south-1": endpoint{ - Hostname: "fms-fips.ap-south-1.amazonaws.com", + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{ + Hostname: "compute-optimizer.ap-southeast-4.amazonaws.com", CredentialScope: credentialScope{ - Region: "ap-south-1", + Region: "ap-southeast-4", }, }, - "fips-ap-southeast-1": endpoint{ - Hostname: "fms-fips.ap-southeast-1.amazonaws.com", + endpointKey{ + Region: "ca-central-1", + }: endpoint{ + Hostname: "compute-optimizer.ca-central-1.amazonaws.com", CredentialScope: credentialScope{ - Region: "ap-southeast-1", + Region: "ca-central-1", }, }, - "fips-ap-southeast-2": endpoint{ - Hostname: "fms-fips.ap-southeast-2.amazonaws.com", + endpointKey{ + Region: "eu-central-1", + }: endpoint{ + Hostname: "compute-optimizer.eu-central-1.amazonaws.com", CredentialScope: credentialScope{ - Region: "ap-southeast-2", + Region: "eu-central-1", }, }, - "fips-ca-central-1": endpoint{ - Hostname: "fms-fips.ca-central-1.amazonaws.com", + endpointKey{ + Region: "eu-central-2", + }: endpoint{ + Hostname: "compute-optimizer.eu-central-2.amazonaws.com", CredentialScope: credentialScope{ - Region: "ca-central-1", + Region: "eu-central-2", }, }, - "fips-eu-central-1": endpoint{ - Hostname: "fms-fips.eu-central-1.amazonaws.com", + endpointKey{ + Region: "eu-north-1", + }: endpoint{ + Hostname: "compute-optimizer.eu-north-1.amazonaws.com", CredentialScope: credentialScope{ - Region: "eu-central-1", + Region: "eu-north-1", }, }, - "fips-eu-west-1": endpoint{ - Hostname: "fms-fips.eu-west-1.amazonaws.com", + endpointKey{ + Region: "eu-south-1", + }: endpoint{ + Hostname: "compute-optimizer.eu-south-1.amazonaws.com", CredentialScope: credentialScope{ - Region: "eu-west-1", + Region: "eu-south-1", }, }, - "fips-eu-west-2": endpoint{ - Hostname: "fms-fips.eu-west-2.amazonaws.com", + endpointKey{ + Region: "eu-south-2", + }: endpoint{ + Hostname: "compute-optimizer.eu-south-2.amazonaws.com", CredentialScope: credentialScope{ - Region: "eu-west-2", + Region: "eu-south-2", }, }, - "fips-eu-west-3": endpoint{ - Hostname: "fms-fips.eu-west-3.amazonaws.com", + endpointKey{ + Region: "eu-west-1", + }: endpoint{ + Hostname: "compute-optimizer.eu-west-1.amazonaws.com", CredentialScope: credentialScope{ - Region: "eu-west-3", + Region: "eu-west-1", }, }, - "fips-sa-east-1": endpoint{ - Hostname: "fms-fips.sa-east-1.amazonaws.com", + endpointKey{ + Region: "eu-west-2", + }: endpoint{ + Hostname: "compute-optimizer.eu-west-2.amazonaws.com", CredentialScope: credentialScope{ - Region: "sa-east-1", + Region: "eu-west-2", }, }, - "fips-us-east-1": endpoint{ - Hostname: "fms-fips.us-east-1.amazonaws.com", + endpointKey{ + Region: "eu-west-3", + }: endpoint{ + Hostname: "compute-optimizer.eu-west-3.amazonaws.com", CredentialScope: credentialScope{ - Region: "us-east-1", + Region: "eu-west-3", }, }, - "fips-us-east-2": endpoint{ - Hostname: "fms-fips.us-east-2.amazonaws.com", + endpointKey{ + Region: "il-central-1", + }: endpoint{ + Hostname: "compute-optimizer.il-central-1.amazonaws.com", CredentialScope: credentialScope{ - Region: "us-east-2", + Region: "il-central-1", }, }, - "fips-us-west-1": endpoint{ - Hostname: "fms-fips.us-west-1.amazonaws.com", + endpointKey{ + Region: "me-central-1", + }: endpoint{ + Hostname: "compute-optimizer.me-central-1.amazonaws.com", CredentialScope: credentialScope{ - Region: "us-west-1", + Region: "me-central-1", }, }, - "fips-us-west-2": endpoint{ - Hostname: "fms-fips.us-west-2.amazonaws.com", + endpointKey{ + Region: "me-south-1", + }: endpoint{ + Hostname: "compute-optimizer.me-south-1.amazonaws.com", CredentialScope: credentialScope{ - Region: "us-west-2", + Region: "me-south-1", }, }, - "me-south-1": endpoint{}, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, - }, - }, - "forecast": service{ - - Endpoints: endpoints{ - "ap-northeast-1": endpoint{}, - "ap-northeast-2": endpoint{}, - "ap-south-1": endpoint{}, - "ap-southeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "eu-central-1": endpoint{}, - "eu-west-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-2": endpoint{}, - }, - }, - "forecastquery": service{ - - Endpoints: endpoints{ - "ap-northeast-1": endpoint{}, - "ap-northeast-2": endpoint{}, - "ap-south-1": endpoint{}, - "ap-southeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "eu-central-1": endpoint{}, - "eu-west-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-2": endpoint{}, - }, - }, - "fsx": service{ - - Endpoints: endpoints{ - "ap-east-1": endpoint{}, - "ap-northeast-1": endpoint{}, - "ap-northeast-2": endpoint{}, - "ap-south-1": endpoint{}, - "ap-southeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "ca-central-1": endpoint{}, - "eu-central-1": endpoint{}, - "eu-north-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "eu-west-3": endpoint{}, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, - }, - }, - "gamelift": service{ - - Endpoints: endpoints{ - "ap-northeast-1": endpoint{}, - "ap-northeast-2": endpoint{}, - "ap-south-1": endpoint{}, - "ap-southeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "ca-central-1": endpoint{}, - "eu-central-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, - }, - }, - "glacier": service{ - Defaults: endpoint{ - Protocols: []string{"http", "https"}, - }, - Endpoints: endpoints{ - "af-south-1": endpoint{}, - "ap-east-1": endpoint{}, - "ap-northeast-1": endpoint{}, - "ap-northeast-2": endpoint{}, - "ap-south-1": endpoint{}, - "ap-southeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "ca-central-1": endpoint{}, - "eu-central-1": endpoint{}, - "eu-north-1": endpoint{}, - "eu-south-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "eu-west-3": endpoint{}, - "fips-ca-central-1": endpoint{ - Hostname: "glacier-fips.ca-central-1.amazonaws.com", + endpointKey{ + Region: "sa-east-1", + }: endpoint{ + Hostname: "compute-optimizer.sa-east-1.amazonaws.com", CredentialScope: credentialScope{ - Region: "ca-central-1", + Region: "sa-east-1", }, }, - "fips-us-east-1": endpoint{ - Hostname: "glacier-fips.us-east-1.amazonaws.com", + endpointKey{ + Region: "us-east-1", + }: endpoint{ + Hostname: "compute-optimizer.us-east-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-east-1", }, }, - "fips-us-east-2": endpoint{ - Hostname: "glacier-fips.us-east-2.amazonaws.com", + endpointKey{ + Region: "us-east-2", + }: endpoint{ + Hostname: "compute-optimizer.us-east-2.amazonaws.com", CredentialScope: credentialScope{ Region: "us-east-2", }, }, - "fips-us-west-1": endpoint{ - Hostname: "glacier-fips.us-west-1.amazonaws.com", + endpointKey{ + Region: "us-west-1", + }: endpoint{ + Hostname: "compute-optimizer.us-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-west-1", }, }, - "fips-us-west-2": endpoint{ - Hostname: "glacier-fips.us-west-2.amazonaws.com", + endpointKey{ + Region: "us-west-2", + }: endpoint{ + Hostname: "compute-optimizer.us-west-2.amazonaws.com", CredentialScope: credentialScope{ Region: "us-west-2", }, }, - "me-south-1": endpoint{}, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, }, }, - "glue": service{ - - Endpoints: endpoints{ - "af-south-1": endpoint{}, - "ap-east-1": endpoint{}, - "ap-northeast-1": endpoint{}, - "ap-northeast-2": endpoint{}, - "ap-south-1": endpoint{}, - "ap-southeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "ca-central-1": endpoint{}, - "eu-central-1": endpoint{}, - "eu-north-1": endpoint{}, - "eu-south-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "eu-west-3": endpoint{}, - "fips-us-east-1": endpoint{ - Hostname: "glue-fips.us-east-1.amazonaws.com", + "config": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "config-fips.us-east-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-east-1", }, + Deprecated: boxedTrue, }, - "fips-us-east-2": endpoint{ - Hostname: "glue-fips.us-east-2.amazonaws.com", + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ + Hostname: "config-fips.us-east-2.amazonaws.com", CredentialScope: credentialScope{ Region: "us-east-2", }, + Deprecated: boxedTrue, }, - "fips-us-west-1": endpoint{ - Hostname: "glue-fips.us-west-1.amazonaws.com", + endpointKey{ + Region: "fips-us-west-1", + }: endpoint{ + Hostname: "config-fips.us-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-west-1", }, + Deprecated: boxedTrue, }, - "fips-us-west-2": endpoint{ - Hostname: "glue-fips.us-west-2.amazonaws.com", + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "config-fips.us-west-2.amazonaws.com", CredentialScope: credentialScope{ Region: "us-west-2", }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "config-fips.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "config-fips.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "config-fips.us-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "config-fips.us-west-2.amazonaws.com", }, - "me-south-1": endpoint{}, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, - }, - }, - "greengrass": service{ - IsRegionalized: boxedTrue, - Defaults: endpoint{ - Protocols: []string{"https"}, - }, - Endpoints: endpoints{ - "ap-northeast-1": endpoint{}, - "ap-northeast-2": endpoint{}, - "ap-south-1": endpoint{}, - "ap-southeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "eu-central-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-2": endpoint{}, }, }, - "groundstation": service{ - - Endpoints: endpoints{ - "af-south-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "eu-north-1": endpoint{}, - "eu-west-1": endpoint{}, - "fips-us-east-2": endpoint{ - Hostname: "groundstation-fips.us-east-2.amazonaws.com", + "connect": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "connect-fips.us-east-1.amazonaws.com", CredentialScope: credentialScope{ - Region: "us-east-2", + Region: "us-east-1", }, + Deprecated: boxedTrue, }, - "fips-us-west-2": endpoint{ - Hostname: "groundstation-fips.us-west-2.amazonaws.com", + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "connect-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "connect-fips.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "connect-fips.us-west-2.amazonaws.com", + }, + }, + }, + "connect-campaigns": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "connect-campaigns-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "connect-campaigns-fips.us-west-2.amazonaws.com", CredentialScope: credentialScope{ Region: "us-west-2", }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "connect-campaigns-fips.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "connect-campaigns-fips.us-west-2.amazonaws.com", }, - "me-south-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-2": endpoint{}, }, }, - "guardduty": service{ - IsRegionalized: boxedTrue, - Defaults: endpoint{ - Protocols: []string{"https"}, - }, - Endpoints: endpoints{ - "af-south-1": endpoint{}, - "ap-east-1": endpoint{}, - "ap-northeast-1": endpoint{}, - "ap-northeast-2": endpoint{}, - "ap-south-1": endpoint{}, - "ap-southeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "ca-central-1": endpoint{}, - "eu-central-1": endpoint{}, - "eu-north-1": endpoint{}, - "eu-south-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "eu-west-3": endpoint{}, - "me-south-1": endpoint{}, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-1-fips": endpoint{ - Hostname: "guardduty-fips.us-east-1.amazonaws.com", + "contact-lens": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + }, + }, + "controltower": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "controltower-fips.ca-central-1.amazonaws.com", + }, + endpointKey{ + Region: "ca-central-1-fips", + }: endpoint{ + Hostname: "controltower-fips.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "controltower-fips.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-1-fips", + }: endpoint{ + Hostname: "controltower-fips.us-east-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-east-1", }, + Deprecated: boxedTrue, }, - "us-east-2": endpoint{}, - "us-east-2-fips": endpoint{ - Hostname: "guardduty-fips.us-east-2.amazonaws.com", + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "controltower-fips.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-east-2-fips", + }: endpoint{ + Hostname: "controltower-fips.us-east-2.amazonaws.com", CredentialScope: credentialScope{ Region: "us-east-2", }, + Deprecated: boxedTrue, }, - "us-west-1": endpoint{}, - "us-west-1-fips": endpoint{ - Hostname: "guardduty-fips.us-west-1.amazonaws.com", + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "controltower-fips.us-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-west-1-fips", + }: endpoint{ + Hostname: "controltower-fips.us-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-west-1", }, + Deprecated: boxedTrue, }, - "us-west-2": endpoint{}, - "us-west-2-fips": endpoint{ - Hostname: "guardduty-fips.us-west-2.amazonaws.com", + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "controltower-fips.us-west-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2-fips", + }: endpoint{ + Hostname: "controltower-fips.us-west-2.amazonaws.com", CredentialScope: credentialScope{ Region: "us-west-2", }, + Deprecated: boxedTrue, }, }, }, - "health": service{ - - Endpoints: endpoints{ - "fips-us-east-2": endpoint{ - Hostname: "health-fips.us-east-2.amazonaws.com", + "cost-optimization-hub": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-east-1", + }: endpoint{ + Hostname: "cost-optimization-hub.us-east-1.amazonaws.com", CredentialScope: credentialScope{ - Region: "us-east-2", + Region: "us-east-1", }, }, }, }, - "honeycode": service{ - - Endpoints: endpoints{ - "us-west-2": endpoint{}, + "cur": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-east-1", + }: endpoint{}, }, }, - "iam": service{ - PartitionEndpoint: "aws-global", - IsRegionalized: boxedFalse, - - Endpoints: endpoints{ - "aws-global": endpoint{ - Hostname: "iam.amazonaws.com", + "data-ats.iot": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + Protocols: []string{"https"}, CredentialScope: credentialScope{ - Region: "us-east-1", + Service: "iotdata", + }, + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "data.iot-fips.ca-central-1.amazonaws.com", + }, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "fips-ca-central-1", + }: endpoint{ + Hostname: "data.iot-fips.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Service: "iotdata", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "data.iot-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Service: "iotdata", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ + Hostname: "data.iot-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Service: "iotdata", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-1", + }: endpoint{ + Hostname: "data.iot-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Service: "iotdata", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "data.iot-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Service: "iotdata", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "data.iot-fips.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "data.iot-fips.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "data.iot-fips.us-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "data.iot-fips.us-west-2.amazonaws.com", + }, + }, + }, + "data.jobs.iot": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "data.jobs.iot-fips.ca-central-1.amazonaws.com", + }, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "fips-ca-central-1", + }: endpoint{ + Hostname: "data.jobs.iot-fips.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", }, + Deprecated: boxedTrue, }, - "iam-fips": endpoint{ - Hostname: "iam-fips.amazonaws.com", + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "data.jobs.iot-fips.us-east-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-east-1", }, + Deprecated: boxedTrue, }, - }, - }, - "identitystore": service{ - - Endpoints: endpoints{ - "ap-northeast-1": endpoint{}, - "ap-northeast-2": endpoint{}, - "ap-south-1": endpoint{}, - "ap-southeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "ca-central-1": endpoint{}, - "eu-central-1": endpoint{}, - "eu-north-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-2": endpoint{}, - }, - }, - "importexport": service{ - PartitionEndpoint: "aws-global", - IsRegionalized: boxedFalse, - - Endpoints: endpoints{ - "aws-global": endpoint{ - Hostname: "importexport.amazonaws.com", - SignatureVersions: []string{"v2", "v4"}, + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ + Hostname: "data.jobs.iot-fips.us-east-2.amazonaws.com", CredentialScope: credentialScope{ - Region: "us-east-1", - Service: "IngestionService", + Region: "us-east-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-1", + }: endpoint{ + Hostname: "data.jobs.iot-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "data.jobs.iot-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "data.jobs.iot-fips.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "data.jobs.iot-fips.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "data.jobs.iot-fips.us-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "data.jobs.iot-fips.us-west-2.amazonaws.com", }, }, }, - "inspector": service{ - - Endpoints: endpoints{ - "ap-northeast-1": endpoint{}, - "ap-northeast-2": endpoint{}, - "ap-south-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "eu-central-1": endpoint{}, - "eu-north-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "fips-us-east-1": endpoint{ - Hostname: "inspector-fips.us-east-1.amazonaws.com", + "data.mediastore": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + }, + }, + "databrew": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "databrew-fips.us-east-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-east-1", }, + Deprecated: boxedTrue, }, - "fips-us-east-2": endpoint{ - Hostname: "inspector-fips.us-east-2.amazonaws.com", + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ + Hostname: "databrew-fips.us-east-2.amazonaws.com", CredentialScope: credentialScope{ Region: "us-east-2", }, + Deprecated: boxedTrue, }, - "fips-us-west-1": endpoint{ - Hostname: "inspector-fips.us-west-1.amazonaws.com", + endpointKey{ + Region: "fips-us-west-1", + }: endpoint{ + Hostname: "databrew-fips.us-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-west-1", }, + Deprecated: boxedTrue, }, - "fips-us-west-2": endpoint{ - Hostname: "inspector-fips.us-west-2.amazonaws.com", + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "databrew-fips.us-west-2.amazonaws.com", CredentialScope: credentialScope{ Region: "us-west-2", }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "databrew-fips.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "databrew-fips.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "databrew-fips.us-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "databrew-fips.us-west-2.amazonaws.com", }, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, }, }, - "iot": service{ - Defaults: endpoint{ - CredentialScope: credentialScope{ - Service: "execute-api", - }, - }, - Endpoints: endpoints{ - "ap-east-1": endpoint{}, - "ap-northeast-1": endpoint{}, - "ap-northeast-2": endpoint{}, - "ap-south-1": endpoint{}, - "ap-southeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "ca-central-1": endpoint{}, - "eu-central-1": endpoint{}, - "eu-north-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "eu-west-3": endpoint{}, - "me-south-1": endpoint{}, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, - }, - }, - "iotanalytics": service{ - - Endpoints: endpoints{ - "ap-northeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "eu-central-1": endpoint{}, - "eu-west-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-2": endpoint{}, + "dataexchange": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, }, }, - "iotevents": service{ - - Endpoints: endpoints{ - "ap-northeast-1": endpoint{}, - "ap-northeast-2": endpoint{}, - "ap-southeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "eu-central-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-2": endpoint{}, + "datapipeline": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, }, }, - "ioteventsdata": service{ - - Endpoints: endpoints{ - "ap-northeast-1": endpoint{ - Hostname: "data.iotevents.ap-northeast-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-northeast-1", - }, + "datasync": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "datasync-fips.ca-central-1.amazonaws.com", }, - "ap-northeast-2": endpoint{ - Hostname: "data.iotevents.ap-northeast-2.amazonaws.com", + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "datasync-fips.ca-west-1.amazonaws.com", + }, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "fips-ca-central-1", + }: endpoint{ + Hostname: "datasync-fips.ca-central-1.amazonaws.com", CredentialScope: credentialScope{ - Region: "ap-northeast-2", + Region: "ca-central-1", }, + Deprecated: boxedTrue, }, - "ap-southeast-1": endpoint{ - Hostname: "data.iotevents.ap-southeast-1.amazonaws.com", + endpointKey{ + Region: "fips-ca-west-1", + }: endpoint{ + Hostname: "datasync-fips.ca-west-1.amazonaws.com", CredentialScope: credentialScope{ - Region: "ap-southeast-1", + Region: "ca-west-1", }, + Deprecated: boxedTrue, }, - "ap-southeast-2": endpoint{ - Hostname: "data.iotevents.ap-southeast-2.amazonaws.com", + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "datasync-fips.us-east-1.amazonaws.com", CredentialScope: credentialScope{ - Region: "ap-southeast-2", + Region: "us-east-1", }, + Deprecated: boxedTrue, }, - "eu-central-1": endpoint{ - Hostname: "data.iotevents.eu-central-1.amazonaws.com", + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ + Hostname: "datasync-fips.us-east-2.amazonaws.com", CredentialScope: credentialScope{ - Region: "eu-central-1", + Region: "us-east-2", }, + Deprecated: boxedTrue, }, - "eu-west-1": endpoint{ - Hostname: "data.iotevents.eu-west-1.amazonaws.com", + endpointKey{ + Region: "fips-us-west-1", + }: endpoint{ + Hostname: "datasync-fips.us-west-1.amazonaws.com", CredentialScope: credentialScope{ - Region: "eu-west-1", + Region: "us-west-1", }, + Deprecated: boxedTrue, }, - "eu-west-2": endpoint{ - Hostname: "data.iotevents.eu-west-2.amazonaws.com", + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "datasync-fips.us-west-2.amazonaws.com", CredentialScope: credentialScope{ - Region: "eu-west-2", + Region: "us-west-2", }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "datasync-fips.us-east-1.amazonaws.com", }, - "us-east-1": endpoint{ - Hostname: "data.iotevents.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "datasync-fips.us-east-2.amazonaws.com", }, - "us-east-2": endpoint{ - Hostname: "data.iotevents.us-east-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-2", - }, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "datasync-fips.us-west-1.amazonaws.com", }, - "us-west-2": endpoint{ - Hostname: "data.iotevents.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "datasync-fips.us-west-2.amazonaws.com", }, }, }, - "iotsecuredtunneling": service{ - - Endpoints: endpoints{ - "ap-east-1": endpoint{}, - "ap-northeast-1": endpoint{}, - "ap-northeast-2": endpoint{}, - "ap-south-1": endpoint{}, - "ap-southeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "ca-central-1": endpoint{}, - "eu-central-1": endpoint{}, - "eu-north-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "eu-west-3": endpoint{}, - "me-south-1": endpoint{}, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, - }, - }, - "iotthingsgraph": service{ - Defaults: endpoint{ - CredentialScope: credentialScope{ - Service: "iotthingsgraph", + "datazone": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + DNSSuffix: "api.aws", + }, + defaultKey{ + Variant: fipsVariant, + }: endpoint{ + Hostname: "{service}-fips.{region}.{dnsSuffix}", + DNSSuffix: "api.aws", + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{ + Hostname: "datazone.af-south-1.api.aws", + }, + endpointKey{ + Region: "ap-east-1", + }: endpoint{ + Hostname: "datazone.ap-east-1.api.aws", + }, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{ + Hostname: "datazone.ap-northeast-1.api.aws", + }, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{ + Hostname: "datazone.ap-northeast-2.api.aws", + }, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{ + Hostname: "datazone.ap-northeast-3.api.aws", + }, + endpointKey{ + Region: "ap-south-1", + }: endpoint{ + Hostname: "datazone.ap-south-1.api.aws", + }, + endpointKey{ + Region: "ap-south-2", + }: endpoint{ + Hostname: "datazone.ap-south-2.api.aws", + }, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{ + Hostname: "datazone.ap-southeast-1.api.aws", + }, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{ + Hostname: "datazone.ap-southeast-2.api.aws", + }, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{ + Hostname: "datazone.ap-southeast-3.api.aws", + }, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{ + Hostname: "datazone.ap-southeast-4.api.aws", + }, + endpointKey{ + Region: "ca-central-1", + }: endpoint{ + Hostname: "datazone.ca-central-1.api.aws", + }, + endpointKey{ + Region: "ca-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "datazone-fips.ca-central-1.amazonaws.com", + }, + endpointKey{ + Region: "ca-west-1", + }: endpoint{ + Hostname: "datazone.ca-west-1.api.aws", + }, + endpointKey{ + Region: "eu-central-1", + }: endpoint{ + Hostname: "datazone.eu-central-1.api.aws", + }, + endpointKey{ + Region: "eu-central-2", + }: endpoint{ + Hostname: "datazone.eu-central-2.api.aws", + }, + endpointKey{ + Region: "eu-north-1", + }: endpoint{ + Hostname: "datazone.eu-north-1.api.aws", + }, + endpointKey{ + Region: "eu-south-1", + }: endpoint{ + Hostname: "datazone.eu-south-1.api.aws", + }, + endpointKey{ + Region: "eu-south-2", + }: endpoint{ + Hostname: "datazone.eu-south-2.api.aws", + }, + endpointKey{ + Region: "eu-west-1", + }: endpoint{ + Hostname: "datazone.eu-west-1.api.aws", + }, + endpointKey{ + Region: "eu-west-2", + }: endpoint{ + Hostname: "datazone.eu-west-2.api.aws", + }, + endpointKey{ + Region: "eu-west-3", + }: endpoint{ + Hostname: "datazone.eu-west-3.api.aws", + }, + endpointKey{ + Region: "il-central-1", + }: endpoint{ + Hostname: "datazone.il-central-1.api.aws", + }, + endpointKey{ + Region: "me-central-1", + }: endpoint{ + Hostname: "datazone.me-central-1.api.aws", + }, + endpointKey{ + Region: "me-south-1", + }: endpoint{ + Hostname: "datazone.me-south-1.api.aws", + }, + endpointKey{ + Region: "sa-east-1", + }: endpoint{ + Hostname: "datazone.sa-east-1.api.aws", + }, + endpointKey{ + Region: "us-east-1", + }: endpoint{ + Hostname: "datazone.us-east-1.api.aws", + }, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "datazone-fips.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{ + Hostname: "datazone.us-east-2.api.aws", + }, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "datazone-fips.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-1", + }: endpoint{ + Hostname: "datazone.us-west-1.api.aws", + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{ + Hostname: "datazone.us-west-2.api.aws", + }, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "datazone-fips.us-west-2.amazonaws.com", }, }, - Endpoints: endpoints{ - "ap-northeast-1": endpoint{}, - "ap-northeast-2": endpoint{}, - "ap-southeast-2": endpoint{}, - "eu-west-1": endpoint{}, - "us-east-1": endpoint{}, - "us-west-2": endpoint{}, + }, + "dax": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, }, }, - "kafka": service{ - - Endpoints: endpoints{ - "ap-east-1": endpoint{}, - "ap-northeast-1": endpoint{}, - "ap-northeast-2": endpoint{}, - "ap-south-1": endpoint{}, - "ap-southeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "ca-central-1": endpoint{}, - "eu-central-1": endpoint{}, - "eu-north-1": endpoint{}, - "eu-south-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "eu-west-3": endpoint{}, - "me-south-1": endpoint{}, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, + "devicefarm": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-west-2", + }: endpoint{}, }, }, - "kinesis": service{ - - Endpoints: endpoints{ - "af-south-1": endpoint{}, - "ap-east-1": endpoint{}, - "ap-northeast-1": endpoint{}, - "ap-northeast-2": endpoint{}, - "ap-south-1": endpoint{}, - "ap-southeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "ca-central-1": endpoint{}, - "eu-central-1": endpoint{}, - "eu-north-1": endpoint{}, - "eu-south-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "eu-west-3": endpoint{}, - "fips-us-east-1": endpoint{ - Hostname: "kinesis-fips.us-east-1.amazonaws.com", + "devops-guru": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + Protocols: []string{"https"}, + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "devops-guru-fips.ca-central-1.amazonaws.com", + }, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "fips-ca-central-1", + }: endpoint{ + Hostname: "devops-guru-fips.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "devops-guru-fips.us-east-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-east-1", }, + Deprecated: boxedTrue, }, - "fips-us-east-2": endpoint{ - Hostname: "kinesis-fips.us-east-2.amazonaws.com", + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ + Hostname: "devops-guru-fips.us-east-2.amazonaws.com", CredentialScope: credentialScope{ Region: "us-east-2", }, + Deprecated: boxedTrue, }, - "fips-us-west-1": endpoint{ - Hostname: "kinesis-fips.us-west-1.amazonaws.com", + endpointKey{ + Region: "fips-us-west-1", + }: endpoint{ + Hostname: "devops-guru-fips.us-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-west-1", }, + Deprecated: boxedTrue, }, - "fips-us-west-2": endpoint{ - Hostname: "kinesis-fips.us-west-2.amazonaws.com", + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "devops-guru-fips.us-west-2.amazonaws.com", CredentialScope: credentialScope{ Region: "us-west-2", }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "devops-guru-fips.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "devops-guru-fips.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "devops-guru-fips.us-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "devops-guru-fips.us-west-2.amazonaws.com", }, - "me-south-1": endpoint{}, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, - }, - }, - "kinesisanalytics": service{ - - Endpoints: endpoints{ - "ap-east-1": endpoint{}, - "ap-northeast-1": endpoint{}, - "ap-northeast-2": endpoint{}, - "ap-south-1": endpoint{}, - "ap-southeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "ca-central-1": endpoint{}, - "eu-central-1": endpoint{}, - "eu-north-1": endpoint{}, - "eu-south-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "eu-west-3": endpoint{}, - "me-south-1": endpoint{}, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, - }, - }, - "kinesisvideo": service{ - - Endpoints: endpoints{ - "ap-east-1": endpoint{}, - "ap-northeast-1": endpoint{}, - "ap-northeast-2": endpoint{}, - "ap-south-1": endpoint{}, - "ap-southeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "ca-central-1": endpoint{}, - "eu-central-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "eu-west-3": endpoint{}, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-2": endpoint{}, }, }, - "kms": service{ - - Endpoints: endpoints{ - "af-south-1": endpoint{}, - "ap-east-1": endpoint{}, - "ap-northeast-1": endpoint{}, - "ap-northeast-2": endpoint{}, - "ap-south-1": endpoint{}, - "ap-southeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "ca-central-1": endpoint{}, - "eu-central-1": endpoint{}, - "eu-north-1": endpoint{}, - "eu-south-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "eu-west-3": endpoint{}, - "me-south-1": endpoint{}, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, - }, - }, - "lakeformation": service{ - - Endpoints: endpoints{ - "ap-northeast-1": endpoint{}, - "ap-northeast-2": endpoint{}, - "ap-south-1": endpoint{}, - "ap-southeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "ca-central-1": endpoint{}, - "eu-central-1": endpoint{}, - "eu-north-1": endpoint{}, - "eu-south-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "eu-west-3": endpoint{}, - "fips-us-east-1": endpoint{ - Hostname: "lakeformation-fips.us-east-1.amazonaws.com", + "directconnect": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "directconnect-fips.us-east-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-east-1", }, + Deprecated: boxedTrue, }, - "fips-us-east-2": endpoint{ - Hostname: "lakeformation-fips.us-east-2.amazonaws.com", + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ + Hostname: "directconnect-fips.us-east-2.amazonaws.com", CredentialScope: credentialScope{ Region: "us-east-2", }, + Deprecated: boxedTrue, }, - "fips-us-west-1": endpoint{ - Hostname: "lakeformation-fips.us-west-1.amazonaws.com", + endpointKey{ + Region: "fips-us-west-1", + }: endpoint{ + Hostname: "directconnect-fips.us-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-west-1", }, + Deprecated: boxedTrue, }, - "fips-us-west-2": endpoint{ - Hostname: "lakeformation-fips.us-west-2.amazonaws.com", + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "directconnect-fips.us-west-2.amazonaws.com", CredentialScope: credentialScope{ Region: "us-west-2", }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "directconnect-fips.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "directconnect-fips.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "directconnect-fips.us-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "directconnect-fips.us-west-2.amazonaws.com", }, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, }, }, - "lambda": service{ - - Endpoints: endpoints{ - "af-south-1": endpoint{}, - "ap-east-1": endpoint{}, - "ap-northeast-1": endpoint{}, - "ap-northeast-2": endpoint{}, - "ap-south-1": endpoint{}, - "ap-southeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "ca-central-1": endpoint{}, - "eu-central-1": endpoint{}, - "eu-north-1": endpoint{}, - "eu-south-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "eu-west-3": endpoint{}, - "fips-us-east-1": endpoint{ - Hostname: "lambda-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, - }, - "fips-us-east-2": endpoint{ - Hostname: "lambda-fips.us-east-2.amazonaws.com", + "discovery": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + }, + }, + "dlm": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + }, + }, + "dms": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, + endpointKey{ + Region: "dms", + }: endpoint{ CredentialScope: credentialScope{ - Region: "us-east-2", + Region: "us-west-1", }, + Deprecated: boxedTrue, }, - "fips-us-west-1": endpoint{ - Hostname: "lambda-fips.us-west-1.amazonaws.com", + endpointKey{ + Region: "dms", + Variant: fipsVariant, + }: endpoint{ + Hostname: "dms-fips.us-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-west-1", }, + Deprecated: boxedTrue, }, - "fips-us-west-2": endpoint{ - Hostname: "lambda-fips.us-west-2.amazonaws.com", + endpointKey{ + Region: "dms-fips", + }: endpoint{ + Hostname: "dms-fips.us-west-1.amazonaws.com", CredentialScope: credentialScope{ - Region: "us-west-2", + Region: "us-west-1", }, - }, - "me-south-1": endpoint{}, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, - }, - }, - "license-manager": service{ - - Endpoints: endpoints{ - "af-south-1": endpoint{}, - "ap-east-1": endpoint{}, - "ap-northeast-1": endpoint{}, - "ap-northeast-2": endpoint{}, - "ap-south-1": endpoint{}, - "ap-southeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "ca-central-1": endpoint{}, - "eu-central-1": endpoint{}, - "eu-north-1": endpoint{}, - "eu-south-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "eu-west-3": endpoint{}, - "fips-us-east-1": endpoint{ - Hostname: "license-manager-fips.us-east-1.amazonaws.com", + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "dms-fips.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-1-fips", + }: endpoint{ + Hostname: "dms-fips.us-east-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-east-1", }, + Deprecated: boxedTrue, }, - "fips-us-east-2": endpoint{ - Hostname: "license-manager-fips.us-east-2.amazonaws.com", + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "dms-fips.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-east-2-fips", + }: endpoint{ + Hostname: "dms-fips.us-east-2.amazonaws.com", CredentialScope: credentialScope{ Region: "us-east-2", }, + Deprecated: boxedTrue, }, - "fips-us-west-1": endpoint{ - Hostname: "license-manager-fips.us-west-1.amazonaws.com", + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "dms-fips.us-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-west-1-fips", + }: endpoint{ + Hostname: "dms-fips.us-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-west-1", }, + Deprecated: boxedTrue, }, - "fips-us-west-2": endpoint{ - Hostname: "license-manager-fips.us-west-2.amazonaws.com", + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "dms-fips.us-west-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2-fips", + }: endpoint{ + Hostname: "dms-fips.us-west-2.amazonaws.com", CredentialScope: credentialScope{ Region: "us-west-2", }, + Deprecated: boxedTrue, }, - "me-south-1": endpoint{}, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, - }, - }, - "lightsail": service{ - - Endpoints: endpoints{ - "ap-northeast-1": endpoint{}, - "ap-northeast-2": endpoint{}, - "ap-south-1": endpoint{}, - "ap-southeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "ca-central-1": endpoint{}, - "eu-central-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "eu-west-3": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-2": endpoint{}, }, }, - "logs": service{ - - Endpoints: endpoints{ - "af-south-1": endpoint{}, - "ap-east-1": endpoint{}, - "ap-northeast-1": endpoint{}, - "ap-northeast-2": endpoint{}, - "ap-south-1": endpoint{}, - "ap-southeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "ca-central-1": endpoint{}, - "eu-central-1": endpoint{}, - "eu-north-1": endpoint{}, - "eu-south-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "eu-west-3": endpoint{}, - "fips-us-east-1": endpoint{ - Hostname: "logs-fips.us-east-1.amazonaws.com", + "docdb": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{ + Hostname: "rds.ap-northeast-1.amazonaws.com", CredentialScope: credentialScope{ - Region: "us-east-1", + Region: "ap-northeast-1", }, }, - "fips-us-east-2": endpoint{ - Hostname: "logs-fips.us-east-2.amazonaws.com", + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{ + Hostname: "rds.ap-northeast-2.amazonaws.com", CredentialScope: credentialScope{ - Region: "us-east-2", + Region: "ap-northeast-2", }, }, - "fips-us-west-1": endpoint{ - Hostname: "logs-fips.us-west-1.amazonaws.com", + endpointKey{ + Region: "ap-south-1", + }: endpoint{ + Hostname: "rds.ap-south-1.amazonaws.com", CredentialScope: credentialScope{ - Region: "us-west-1", + Region: "ap-south-1", }, }, - "fips-us-west-2": endpoint{ - Hostname: "logs-fips.us-west-2.amazonaws.com", + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{ + Hostname: "rds.ap-southeast-1.amazonaws.com", CredentialScope: credentialScope{ - Region: "us-west-2", + Region: "ap-southeast-1", }, }, - "me-south-1": endpoint{}, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, - }, - }, - "lookoutvision": service{ - - Endpoints: endpoints{ - "ap-northeast-1": endpoint{}, - "ap-northeast-2": endpoint{}, - "eu-central-1": endpoint{}, - "eu-west-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-2": endpoint{}, - }, - }, - "machinelearning": service{ - - Endpoints: endpoints{ - "eu-west-1": endpoint{}, - "us-east-1": endpoint{}, - }, - }, - "macie": service{ - - Endpoints: endpoints{ - "fips-us-east-1": endpoint{ - Hostname: "macie-fips.us-east-1.amazonaws.com", + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{ + Hostname: "rds.ap-southeast-2.amazonaws.com", CredentialScope: credentialScope{ - Region: "us-east-1", + Region: "ap-southeast-2", }, }, - "fips-us-west-2": endpoint{ - Hostname: "macie-fips.us-west-2.amazonaws.com", + endpointKey{ + Region: "ca-central-1", + }: endpoint{ + Hostname: "rds.ca-central-1.amazonaws.com", CredentialScope: credentialScope{ - Region: "us-west-2", + Region: "ca-central-1", }, }, - "us-east-1": endpoint{}, - "us-west-2": endpoint{}, - }, - }, - "macie2": service{ - - Endpoints: endpoints{ - "ap-east-1": endpoint{}, - "ap-northeast-1": endpoint{}, - "ap-northeast-2": endpoint{}, - "ap-south-1": endpoint{}, - "ap-southeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "ca-central-1": endpoint{}, - "eu-central-1": endpoint{}, - "eu-north-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "eu-west-3": endpoint{}, - "fips-us-east-1": endpoint{ - Hostname: "macie2-fips.us-east-1.amazonaws.com", + endpointKey{ + Region: "eu-central-1", + }: endpoint{ + Hostname: "rds.eu-central-1.amazonaws.com", CredentialScope: credentialScope{ - Region: "us-east-1", + Region: "eu-central-1", }, }, - "fips-us-east-2": endpoint{ - Hostname: "macie2-fips.us-east-2.amazonaws.com", + endpointKey{ + Region: "eu-west-1", + }: endpoint{ + Hostname: "rds.eu-west-1.amazonaws.com", CredentialScope: credentialScope{ - Region: "us-east-2", + Region: "eu-west-1", }, }, - "fips-us-west-1": endpoint{ - Hostname: "macie2-fips.us-west-1.amazonaws.com", + endpointKey{ + Region: "eu-west-2", + }: endpoint{ + Hostname: "rds.eu-west-2.amazonaws.com", CredentialScope: credentialScope{ - Region: "us-west-1", + Region: "eu-west-2", }, }, - "fips-us-west-2": endpoint{ - Hostname: "macie2-fips.us-west-2.amazonaws.com", + endpointKey{ + Region: "eu-west-3", + }: endpoint{ + Hostname: "rds.eu-west-3.amazonaws.com", CredentialScope: credentialScope{ - Region: "us-west-2", + Region: "eu-west-3", }, }, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, - }, - }, - "managedblockchain": service{ - - Endpoints: endpoints{ - "ap-northeast-1": endpoint{}, - "ap-northeast-2": endpoint{}, - "ap-southeast-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "us-east-1": endpoint{}, - }, - }, - "marketplacecommerceanalytics": service{ - - Endpoints: endpoints{ - "us-east-1": endpoint{}, - }, - }, - "mediaconnect": service{ - - Endpoints: endpoints{ - "ap-east-1": endpoint{}, - "ap-northeast-1": endpoint{}, - "ap-northeast-2": endpoint{}, - "ap-south-1": endpoint{}, - "ap-southeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "eu-central-1": endpoint{}, - "eu-north-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "eu-west-3": endpoint{}, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, - }, - }, - "mediaconvert": service{ - - Endpoints: endpoints{ - "ap-northeast-1": endpoint{}, - "ap-northeast-2": endpoint{}, - "ap-south-1": endpoint{}, - "ap-southeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "ca-central-1": endpoint{}, - "eu-central-1": endpoint{}, - "eu-north-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "eu-west-3": endpoint{}, - "fips-ca-central-1": endpoint{ - Hostname: "mediaconvert-fips.ca-central-1.amazonaws.com", + endpointKey{ + Region: "sa-east-1", + }: endpoint{ + Hostname: "rds.sa-east-1.amazonaws.com", CredentialScope: credentialScope{ - Region: "ca-central-1", + Region: "sa-east-1", }, }, - "fips-us-east-1": endpoint{ - Hostname: "mediaconvert-fips.us-east-1.amazonaws.com", + endpointKey{ + Region: "us-east-1", + }: endpoint{ + Hostname: "rds.us-east-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-east-1", }, }, - "fips-us-east-2": endpoint{ - Hostname: "mediaconvert-fips.us-east-2.amazonaws.com", + endpointKey{ + Region: "us-east-2", + }: endpoint{ + Hostname: "rds.us-east-2.amazonaws.com", CredentialScope: credentialScope{ Region: "us-east-2", }, }, - "fips-us-west-1": endpoint{ - Hostname: "mediaconvert-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - }, - "fips-us-west-2": endpoint{ - Hostname: "mediaconvert-fips.us-west-2.amazonaws.com", + endpointKey{ + Region: "us-west-2", + }: endpoint{ + Hostname: "rds.us-west-2.amazonaws.com", CredentialScope: credentialScope{ Region: "us-west-2", }, }, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, }, }, - "medialive": service{ - - Endpoints: endpoints{ - "ap-northeast-1": endpoint{}, - "ap-northeast-2": endpoint{}, - "ap-south-1": endpoint{}, - "ap-southeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "eu-central-1": endpoint{}, - "eu-north-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "eu-west-3": endpoint{}, - "fips-us-east-1": endpoint{ - Hostname: "medialive-fips.us-east-1.amazonaws.com", + "drs": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "drs-fips.us-east-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-east-1", }, + Deprecated: boxedTrue, }, - "fips-us-east-2": endpoint{ - Hostname: "medialive-fips.us-east-2.amazonaws.com", + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ + Hostname: "drs-fips.us-east-2.amazonaws.com", CredentialScope: credentialScope{ Region: "us-east-2", }, + Deprecated: boxedTrue, }, - "fips-us-west-2": endpoint{ - Hostname: "medialive-fips.us-west-2.amazonaws.com", + endpointKey{ + Region: "fips-us-west-1", + }: endpoint{ + Hostname: "drs-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "drs-fips.us-west-2.amazonaws.com", CredentialScope: credentialScope{ Region: "us-west-2", }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "drs-fips.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "drs-fips.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "drs-fips.us-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "drs-fips.us-west-2.amazonaws.com", }, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-2": endpoint{}, - }, - }, - "mediapackage": service{ - - Endpoints: endpoints{ - "ap-northeast-1": endpoint{}, - "ap-northeast-2": endpoint{}, - "ap-south-1": endpoint{}, - "ap-southeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "eu-central-1": endpoint{}, - "eu-north-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "eu-west-3": endpoint{}, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, - }, - }, - "mediastore": service{ - - Endpoints: endpoints{ - "ap-northeast-1": endpoint{}, - "ap-northeast-2": endpoint{}, - "ap-southeast-2": endpoint{}, - "eu-central-1": endpoint{}, - "eu-north-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "us-east-1": endpoint{}, - "us-west-2": endpoint{}, - }, - }, - "metering.marketplace": service{ - Defaults: endpoint{ - CredentialScope: credentialScope{ - Service: "aws-marketplace", - }, - }, - Endpoints: endpoints{ - "af-south-1": endpoint{}, - "ap-east-1": endpoint{}, - "ap-northeast-1": endpoint{}, - "ap-northeast-2": endpoint{}, - "ap-south-1": endpoint{}, - "ap-southeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "ca-central-1": endpoint{}, - "eu-central-1": endpoint{}, - "eu-north-1": endpoint{}, - "eu-south-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "eu-west-3": endpoint{}, - "me-south-1": endpoint{}, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, - }, - }, - "mgh": service{ - - Endpoints: endpoints{ - "ap-northeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "eu-central-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "us-east-1": endpoint{}, - "us-west-2": endpoint{}, - }, - }, - "mobileanalytics": service{ - - Endpoints: endpoints{ - "us-east-1": endpoint{}, }, }, - "models.lex": service{ - Defaults: endpoint{ - CredentialScope: credentialScope{ - Service: "lex", + "ds": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "ds-fips.ca-central-1.amazonaws.com", }, - }, - Endpoints: endpoints{ - "ap-northeast-1": endpoint{}, - "ap-southeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "eu-central-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "us-east-1": endpoint{}, - "us-west-2": endpoint{}, - }, - }, - "monitoring": service{ - Defaults: endpoint{ - Protocols: []string{"http", "https"}, - }, - Endpoints: endpoints{ - "af-south-1": endpoint{}, - "ap-east-1": endpoint{}, - "ap-northeast-1": endpoint{}, - "ap-northeast-2": endpoint{}, - "ap-south-1": endpoint{}, - "ap-southeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "ca-central-1": endpoint{}, - "eu-central-1": endpoint{}, - "eu-north-1": endpoint{}, - "eu-south-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "eu-west-3": endpoint{}, - "fips-us-east-1": endpoint{ - Hostname: "monitoring-fips.us-east-1.amazonaws.com", + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "ds-fips.ca-west-1.amazonaws.com", + }, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "fips-ca-central-1", + }: endpoint{ + Hostname: "ds-fips.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-ca-west-1", + }: endpoint{ + Hostname: "ds-fips.ca-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "ds-fips.us-east-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-east-1", }, + Deprecated: boxedTrue, }, - "fips-us-east-2": endpoint{ - Hostname: "monitoring-fips.us-east-2.amazonaws.com", + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ + Hostname: "ds-fips.us-east-2.amazonaws.com", CredentialScope: credentialScope{ Region: "us-east-2", }, + Deprecated: boxedTrue, }, - "fips-us-west-1": endpoint{ - Hostname: "monitoring-fips.us-west-1.amazonaws.com", + endpointKey{ + Region: "fips-us-west-1", + }: endpoint{ + Hostname: "ds-fips.us-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-west-1", }, + Deprecated: boxedTrue, }, - "fips-us-west-2": endpoint{ - Hostname: "monitoring-fips.us-west-2.amazonaws.com", + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "ds-fips.us-west-2.amazonaws.com", CredentialScope: credentialScope{ Region: "us-west-2", }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "ds-fips.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "ds-fips.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "ds-fips.us-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "ds-fips.us-west-2.amazonaws.com", }, - "me-south-1": endpoint{}, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, }, }, - "mq": service{ - - Endpoints: endpoints{ - "ap-east-1": endpoint{}, - "ap-northeast-1": endpoint{}, - "ap-northeast-2": endpoint{}, - "ap-south-1": endpoint{}, - "ap-southeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "ca-central-1": endpoint{}, - "eu-central-1": endpoint{}, - "eu-north-1": endpoint{}, - "eu-south-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "eu-west-3": endpoint{}, - "fips-us-east-1": endpoint{ - Hostname: "mq-fips.us-east-1.amazonaws.com", + "dynamodb": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + Protocols: []string{"http", "https"}, + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "dynamodb-fips.ca-central-1.amazonaws.com", + }, + endpointKey{ + Region: "ca-central-1-fips", + }: endpoint{ + Hostname: "dynamodb-fips.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "dynamodb-fips.ca-west-1.amazonaws.com", + }, + endpointKey{ + Region: "ca-west-1-fips", + }: endpoint{ + Hostname: "dynamodb-fips.ca-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "local", + }: endpoint{ + Hostname: "localhost:8000", + Protocols: []string{"http"}, CredentialScope: credentialScope{ Region: "us-east-1", }, }, - "fips-us-east-2": endpoint{ - Hostname: "mq-fips.us-east-2.amazonaws.com", + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "dynamodb-fips.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-1-fips", + }: endpoint{ + Hostname: "dynamodb-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "dynamodb-fips.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-east-2-fips", + }: endpoint{ + Hostname: "dynamodb-fips.us-east-2.amazonaws.com", CredentialScope: credentialScope{ Region: "us-east-2", }, + Deprecated: boxedTrue, }, - "fips-us-west-1": endpoint{ - Hostname: "mq-fips.us-west-1.amazonaws.com", + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "dynamodb-fips.us-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-west-1-fips", + }: endpoint{ + Hostname: "dynamodb-fips.us-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-west-1", }, + Deprecated: boxedTrue, }, - "fips-us-west-2": endpoint{ - Hostname: "mq-fips.us-west-2.amazonaws.com", + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "dynamodb-fips.us-west-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2-fips", + }: endpoint{ + Hostname: "dynamodb-fips.us-west-2.amazonaws.com", CredentialScope: credentialScope{ Region: "us-west-2", }, + Deprecated: boxedTrue, }, - "me-south-1": endpoint{}, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, }, }, - "mturk-requester": service{ - IsRegionalized: boxedFalse, - - Endpoints: endpoints{ - "sandbox": endpoint{ - Hostname: "mturk-requester-sandbox.us-east-1.amazonaws.com", + "ebs": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "ebs-fips.ca-central-1.amazonaws.com", }, - "us-east-1": endpoint{}, - }, - }, - "neptune": service{ - - Endpoints: endpoints{ - "ap-east-1": endpoint{ - Hostname: "rds.ap-east-1.amazonaws.com", + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "ebs-fips.ca-west-1.amazonaws.com", + }, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "fips-ca-central-1", + }: endpoint{ + Hostname: "ebs-fips.ca-central-1.amazonaws.com", CredentialScope: credentialScope{ - Region: "ap-east-1", + Region: "ca-central-1", }, + Deprecated: boxedTrue, }, - "ap-northeast-1": endpoint{ - Hostname: "rds.ap-northeast-1.amazonaws.com", + endpointKey{ + Region: "fips-ca-west-1", + }: endpoint{ + Hostname: "ebs-fips.ca-west-1.amazonaws.com", CredentialScope: credentialScope{ - Region: "ap-northeast-1", + Region: "ca-west-1", }, + Deprecated: boxedTrue, }, - "ap-northeast-2": endpoint{ - Hostname: "rds.ap-northeast-2.amazonaws.com", + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "ebs-fips.us-east-1.amazonaws.com", CredentialScope: credentialScope{ - Region: "ap-northeast-2", + Region: "us-east-1", }, + Deprecated: boxedTrue, }, - "ap-south-1": endpoint{ - Hostname: "rds.ap-south-1.amazonaws.com", + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ + Hostname: "ebs-fips.us-east-2.amazonaws.com", CredentialScope: credentialScope{ - Region: "ap-south-1", + Region: "us-east-2", }, + Deprecated: boxedTrue, }, - "ap-southeast-1": endpoint{ - Hostname: "rds.ap-southeast-1.amazonaws.com", + endpointKey{ + Region: "fips-us-west-1", + }: endpoint{ + Hostname: "ebs-fips.us-west-1.amazonaws.com", CredentialScope: credentialScope{ - Region: "ap-southeast-1", + Region: "us-west-1", }, + Deprecated: boxedTrue, }, - "ap-southeast-2": endpoint{ - Hostname: "rds.ap-southeast-2.amazonaws.com", + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "ebs-fips.us-west-2.amazonaws.com", CredentialScope: credentialScope{ - Region: "ap-southeast-2", + Region: "us-west-2", }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "ebs-fips.us-east-1.amazonaws.com", }, - "ca-central-1": endpoint{ - Hostname: "rds.ca-central-1.amazonaws.com", + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "ebs-fips.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "ebs-fips.us-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "ebs-fips.us-west-2.amazonaws.com", + }, + }, + }, + "ec2": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + Protocols: []string{"http", "https"}, + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "ec2.ap-south-1.api.aws", + }, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "ec2-fips.ca-central-1.amazonaws.com", + }, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "ec2-fips.ca-west-1.amazonaws.com", + }, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "ec2.eu-west-1.api.aws", + }, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "fips-ca-central-1", + }: endpoint{ + Hostname: "ec2-fips.ca-central-1.amazonaws.com", CredentialScope: credentialScope{ Region: "ca-central-1", }, + Deprecated: boxedTrue, }, - "eu-central-1": endpoint{ - Hostname: "rds.eu-central-1.amazonaws.com", + endpointKey{ + Region: "fips-ca-west-1", + }: endpoint{ + Hostname: "ec2-fips.ca-west-1.amazonaws.com", CredentialScope: credentialScope{ - Region: "eu-central-1", + Region: "ca-west-1", }, + Deprecated: boxedTrue, }, - "eu-north-1": endpoint{ - Hostname: "rds.eu-north-1.amazonaws.com", + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "ec2-fips.us-east-1.amazonaws.com", CredentialScope: credentialScope{ - Region: "eu-north-1", + Region: "us-east-1", }, + Deprecated: boxedTrue, }, - "eu-west-1": endpoint{ - Hostname: "rds.eu-west-1.amazonaws.com", + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ + Hostname: "ec2-fips.us-east-2.amazonaws.com", CredentialScope: credentialScope{ - Region: "eu-west-1", + Region: "us-east-2", }, + Deprecated: boxedTrue, }, - "eu-west-2": endpoint{ - Hostname: "rds.eu-west-2.amazonaws.com", + endpointKey{ + Region: "fips-us-west-1", + }: endpoint{ + Hostname: "ec2-fips.us-west-1.amazonaws.com", CredentialScope: credentialScope{ - Region: "eu-west-2", + Region: "us-west-1", }, + Deprecated: boxedTrue, }, - "eu-west-3": endpoint{ - Hostname: "rds.eu-west-3.amazonaws.com", + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "ec2-fips.us-west-2.amazonaws.com", CredentialScope: credentialScope{ - Region: "eu-west-3", + Region: "us-west-2", }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "ec2.sa-east-1.api.aws", + }, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "ec2.us-east-1.api.aws", + }, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "ec2-fips.us-east-1.amazonaws.com", }, - "me-south-1": endpoint{ - Hostname: "rds.me-south-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "me-south-1", - }, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "ec2.us-east-2.api.aws", + }, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "ec2-fips.us-east-2.amazonaws.com", }, - "sa-east-1": endpoint{ - Hostname: "rds.sa-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "sa-east-1", - }, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "ec2-fips.us-west-1.amazonaws.com", }, - "us-east-1": endpoint{ - Hostname: "rds.us-east-1.amazonaws.com", + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "ec2.us-west-2.api.aws", + }, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "ec2-fips.us-west-2.amazonaws.com", + }, + }, + }, + "ecs": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "ecs-fips.us-east-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-east-1", }, + Deprecated: boxedTrue, }, - "us-east-2": endpoint{ - Hostname: "rds.us-east-2.amazonaws.com", + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ + Hostname: "ecs-fips.us-east-2.amazonaws.com", CredentialScope: credentialScope{ Region: "us-east-2", }, + Deprecated: boxedTrue, }, - "us-west-1": endpoint{ - Hostname: "rds.us-west-1.amazonaws.com", + endpointKey{ + Region: "fips-us-west-1", + }: endpoint{ + Hostname: "ecs-fips.us-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-west-1", }, + Deprecated: boxedTrue, }, - "us-west-2": endpoint{ - Hostname: "rds.us-west-2.amazonaws.com", + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "ecs-fips.us-west-2.amazonaws.com", CredentialScope: credentialScope{ Region: "us-west-2", }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "ecs-fips.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "ecs-fips.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "ecs-fips.us-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "ecs-fips.us-west-2.amazonaws.com", }, }, }, - "oidc": service{ - - Endpoints: endpoints{ - "ap-northeast-1": endpoint{ - Hostname: "oidc.ap-northeast-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-northeast-1", - }, + "edge.sagemaker": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + }, + }, + "eks": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + Protocols: []string{"http", "https"}, }, - "ap-northeast-2": endpoint{ - Hostname: "oidc.ap-northeast-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-northeast-2", - }, + defaultKey{ + Variant: fipsVariant, + }: endpoint{ + Hostname: "fips.eks.{region}.{dnsSuffix}", + Protocols: []string{"http", "https"}, }, - "ap-south-1": endpoint{ - Hostname: "oidc.ap-south-1.amazonaws.com", + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "fips.eks.us-east-1.amazonaws.com", CredentialScope: credentialScope{ - Region: "ap-south-1", + Region: "us-east-1", }, + Deprecated: boxedTrue, }, - "ap-southeast-1": endpoint{ - Hostname: "oidc.ap-southeast-1.amazonaws.com", + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ + Hostname: "fips.eks.us-east-2.amazonaws.com", CredentialScope: credentialScope{ - Region: "ap-southeast-1", + Region: "us-east-2", }, + Deprecated: boxedTrue, }, - "ap-southeast-2": endpoint{ - Hostname: "oidc.ap-southeast-2.amazonaws.com", + endpointKey{ + Region: "fips-us-west-1", + }: endpoint{ + Hostname: "fips.eks.us-west-1.amazonaws.com", CredentialScope: credentialScope{ - Region: "ap-southeast-2", + Region: "us-west-1", }, + Deprecated: boxedTrue, }, - "ca-central-1": endpoint{ - Hostname: "oidc.ca-central-1.amazonaws.com", + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "fips.eks.us-west-2.amazonaws.com", CredentialScope: credentialScope{ - Region: "ca-central-1", + Region: "us-west-2", }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "fips.eks.us-east-1.amazonaws.com", }, - "eu-central-1": endpoint{ - Hostname: "oidc.eu-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-central-1", - }, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "fips.eks.us-east-2.amazonaws.com", }, - "eu-north-1": endpoint{ - Hostname: "oidc.eu-north-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-north-1", - }, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "fips.eks.us-west-1.amazonaws.com", }, - "eu-west-1": endpoint{ - Hostname: "oidc.eu-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-west-1", - }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "fips.eks.us-west-2.amazonaws.com", }, - "eu-west-2": endpoint{ - Hostname: "oidc.eu-west-2.amazonaws.com", + }, + }, + "eks-auth": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + DNSSuffix: "api.aws", + }, + defaultKey{ + Variant: fipsVariant, + }: endpoint{ + Hostname: "{service}-fips.{region}.{dnsSuffix}", + DNSSuffix: "api.aws", + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{ + Hostname: "eks-auth.af-south-1.api.aws", + }, + endpointKey{ + Region: "ap-east-1", + }: endpoint{ + Hostname: "eks-auth.ap-east-1.api.aws", + }, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{ + Hostname: "eks-auth.ap-northeast-1.api.aws", + }, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{ + Hostname: "eks-auth.ap-northeast-2.api.aws", + }, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{ + Hostname: "eks-auth.ap-northeast-3.api.aws", + }, + endpointKey{ + Region: "ap-south-1", + }: endpoint{ + Hostname: "eks-auth.ap-south-1.api.aws", + }, + endpointKey{ + Region: "ap-south-2", + }: endpoint{ + Hostname: "eks-auth.ap-south-2.api.aws", + }, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{ + Hostname: "eks-auth.ap-southeast-1.api.aws", + }, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{ + Hostname: "eks-auth.ap-southeast-2.api.aws", + }, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{ + Hostname: "eks-auth.ap-southeast-3.api.aws", + }, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{ + Hostname: "eks-auth.ap-southeast-4.api.aws", + }, + endpointKey{ + Region: "ca-central-1", + }: endpoint{ + Hostname: "eks-auth.ca-central-1.api.aws", + }, + endpointKey{ + Region: "ca-west-1", + }: endpoint{ + Hostname: "eks-auth.ca-west-1.api.aws", + }, + endpointKey{ + Region: "eu-central-1", + }: endpoint{ + Hostname: "eks-auth.eu-central-1.api.aws", + }, + endpointKey{ + Region: "eu-central-2", + }: endpoint{ + Hostname: "eks-auth.eu-central-2.api.aws", + }, + endpointKey{ + Region: "eu-north-1", + }: endpoint{ + Hostname: "eks-auth.eu-north-1.api.aws", + }, + endpointKey{ + Region: "eu-south-1", + }: endpoint{ + Hostname: "eks-auth.eu-south-1.api.aws", + }, + endpointKey{ + Region: "eu-south-2", + }: endpoint{ + Hostname: "eks-auth.eu-south-2.api.aws", + }, + endpointKey{ + Region: "eu-west-1", + }: endpoint{ + Hostname: "eks-auth.eu-west-1.api.aws", + }, + endpointKey{ + Region: "eu-west-2", + }: endpoint{ + Hostname: "eks-auth.eu-west-2.api.aws", + }, + endpointKey{ + Region: "eu-west-3", + }: endpoint{ + Hostname: "eks-auth.eu-west-3.api.aws", + }, + endpointKey{ + Region: "il-central-1", + }: endpoint{ + Hostname: "eks-auth.il-central-1.api.aws", + }, + endpointKey{ + Region: "me-central-1", + }: endpoint{ + Hostname: "eks-auth.me-central-1.api.aws", + }, + endpointKey{ + Region: "me-south-1", + }: endpoint{ + Hostname: "eks-auth.me-south-1.api.aws", + }, + endpointKey{ + Region: "sa-east-1", + }: endpoint{ + Hostname: "eks-auth.sa-east-1.api.aws", + }, + endpointKey{ + Region: "us-east-1", + }: endpoint{ + Hostname: "eks-auth.us-east-1.api.aws", + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{ + Hostname: "eks-auth.us-east-2.api.aws", + }, + endpointKey{ + Region: "us-west-1", + }: endpoint{ + Hostname: "eks-auth.us-west-1.api.aws", + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{ + Hostname: "eks-auth.us-west-2.api.aws", + }, + }, + }, + "elasticache": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "fips", + }: endpoint{ + Hostname: "elasticache-fips.us-west-1.amazonaws.com", CredentialScope: credentialScope{ - Region: "eu-west-2", + Region: "us-west-1", }, - }, - "us-east-1": endpoint{ - Hostname: "oidc.us-east-1.amazonaws.com", + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "elasticache-fips.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-1-fips", + }: endpoint{ + Hostname: "elasticache-fips.us-east-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-east-1", }, + Deprecated: boxedTrue, }, - "us-east-2": endpoint{ - Hostname: "oidc.us-east-2.amazonaws.com", + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "elasticache-fips.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-east-2-fips", + }: endpoint{ + Hostname: "elasticache-fips.us-east-2.amazonaws.com", CredentialScope: credentialScope{ Region: "us-east-2", }, + Deprecated: boxedTrue, }, - "us-west-2": endpoint{ - Hostname: "oidc.us-west-2.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-2", - }, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "elasticache-fips.us-west-1.amazonaws.com", }, - }, - }, - "opsworks": service{ - - Endpoints: endpoints{ - "ap-northeast-1": endpoint{}, - "ap-northeast-2": endpoint{}, - "ap-south-1": endpoint{}, - "ap-southeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "ca-central-1": endpoint{}, - "eu-central-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "eu-west-3": endpoint{}, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, - }, - }, - "opsworks-cm": service{ - - Endpoints: endpoints{ - "ap-northeast-1": endpoint{}, - "ap-southeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "eu-central-1": endpoint{}, - "eu-west-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, - }, - }, - "organizations": service{ - PartitionEndpoint: "aws-global", - IsRegionalized: boxedFalse, - - Endpoints: endpoints{ - "aws-global": endpoint{ - Hostname: "organizations.us-east-1.amazonaws.com", + endpointKey{ + Region: "us-west-1-fips", + }: endpoint{ + Hostname: "elasticache-fips.us-west-1.amazonaws.com", CredentialScope: credentialScope{ - Region: "us-east-1", + Region: "us-west-1", }, + Deprecated: boxedTrue, }, - "fips-aws-global": endpoint{ - Hostname: "organizations-fips.us-east-1.amazonaws.com", + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "elasticache-fips.us-west-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2-fips", + }: endpoint{ + Hostname: "elasticache-fips.us-west-2.amazonaws.com", CredentialScope: credentialScope{ - Region: "us-east-1", + Region: "us-west-2", }, + Deprecated: boxedTrue, }, }, }, - "outposts": service{ - - Endpoints: endpoints{ - "af-south-1": endpoint{}, - "ap-east-1": endpoint{}, - "ap-northeast-1": endpoint{}, - "ap-northeast-2": endpoint{}, - "ap-south-1": endpoint{}, - "ap-southeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "ca-central-1": endpoint{}, - "eu-central-1": endpoint{}, - "eu-north-1": endpoint{}, - "eu-south-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "eu-west-3": endpoint{}, - "fips-ca-central-1": endpoint{ - Hostname: "outposts-fips.ca-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, - }, - "fips-us-east-1": endpoint{ - Hostname: "outposts-fips.us-east-1.amazonaws.com", + "elasticbeanstalk": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "elasticbeanstalk-fips.us-east-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-east-1", }, + Deprecated: boxedTrue, }, - "fips-us-east-2": endpoint{ - Hostname: "outposts-fips.us-east-2.amazonaws.com", + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ + Hostname: "elasticbeanstalk-fips.us-east-2.amazonaws.com", CredentialScope: credentialScope{ Region: "us-east-2", }, + Deprecated: boxedTrue, }, - "fips-us-west-1": endpoint{ - Hostname: "outposts-fips.us-west-1.amazonaws.com", + endpointKey{ + Region: "fips-us-west-1", + }: endpoint{ + Hostname: "elasticbeanstalk-fips.us-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-west-1", }, + Deprecated: boxedTrue, }, - "fips-us-west-2": endpoint{ - Hostname: "outposts-fips.us-west-2.amazonaws.com", + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "elasticbeanstalk-fips.us-west-2.amazonaws.com", CredentialScope: credentialScope{ Region: "us-west-2", }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "elasticbeanstalk-fips.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "elasticbeanstalk-fips.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "elasticbeanstalk-fips.us-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "elasticbeanstalk-fips.us-west-2.amazonaws.com", }, - "me-south-1": endpoint{}, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, }, }, - "pinpoint": service{ - Defaults: endpoint{ - CredentialScope: credentialScope{ - Service: "mobiletargeting", - }, - }, - Endpoints: endpoints{ - "ap-northeast-1": endpoint{}, - "ap-northeast-2": endpoint{}, - "ap-south-1": endpoint{}, - "ap-southeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "ca-central-1": endpoint{}, - "eu-central-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "fips-us-east-1": endpoint{ - Hostname: "pinpoint-fips.us-east-1.amazonaws.com", + "elasticfilesystem": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "af-south-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "elasticfilesystem-fips.af-south-1.amazonaws.com", + }, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "elasticfilesystem-fips.ap-east-1.amazonaws.com", + }, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "elasticfilesystem-fips.ap-northeast-1.amazonaws.com", + }, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "elasticfilesystem-fips.ap-northeast-2.amazonaws.com", + }, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + Variant: fipsVariant, + }: endpoint{ + Hostname: "elasticfilesystem-fips.ap-northeast-3.amazonaws.com", + }, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "elasticfilesystem-fips.ap-south-1.amazonaws.com", + }, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "elasticfilesystem-fips.ap-south-2.amazonaws.com", + }, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "elasticfilesystem-fips.ap-southeast-1.amazonaws.com", + }, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "elasticfilesystem-fips.ap-southeast-2.amazonaws.com", + }, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + Variant: fipsVariant, + }: endpoint{ + Hostname: "elasticfilesystem-fips.ap-southeast-3.amazonaws.com", + }, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + Variant: fipsVariant, + }: endpoint{ + Hostname: "elasticfilesystem-fips.ap-southeast-4.amazonaws.com", + }, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "elasticfilesystem-fips.ca-central-1.amazonaws.com", + }, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "elasticfilesystem-fips.ca-west-1.amazonaws.com", + }, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "elasticfilesystem-fips.eu-central-1.amazonaws.com", + }, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "elasticfilesystem-fips.eu-central-2.amazonaws.com", + }, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "elasticfilesystem-fips.eu-north-1.amazonaws.com", + }, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "elasticfilesystem-fips.eu-south-1.amazonaws.com", + }, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "elasticfilesystem-fips.eu-south-2.amazonaws.com", + }, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "elasticfilesystem-fips.eu-west-1.amazonaws.com", + }, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "elasticfilesystem-fips.eu-west-2.amazonaws.com", + }, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + Variant: fipsVariant, + }: endpoint{ + Hostname: "elasticfilesystem-fips.eu-west-3.amazonaws.com", + }, + endpointKey{ + Region: "fips-af-south-1", + }: endpoint{ + Hostname: "elasticfilesystem-fips.af-south-1.amazonaws.com", CredentialScope: credentialScope{ - Region: "us-east-1", + Region: "af-south-1", }, + Deprecated: boxedTrue, }, - "fips-us-west-2": endpoint{ - Hostname: "pinpoint-fips.us-west-2.amazonaws.com", + endpointKey{ + Region: "fips-ap-east-1", + }: endpoint{ + Hostname: "elasticfilesystem-fips.ap-east-1.amazonaws.com", CredentialScope: credentialScope{ - Region: "us-west-2", + Region: "ap-east-1", }, + Deprecated: boxedTrue, }, - "us-east-1": endpoint{ - Hostname: "pinpoint.us-east-1.amazonaws.com", + endpointKey{ + Region: "fips-ap-northeast-1", + }: endpoint{ + Hostname: "elasticfilesystem-fips.ap-northeast-1.amazonaws.com", CredentialScope: credentialScope{ - Region: "us-east-1", + Region: "ap-northeast-1", }, + Deprecated: boxedTrue, }, - "us-west-2": endpoint{ - Hostname: "pinpoint.us-west-2.amazonaws.com", + endpointKey{ + Region: "fips-ap-northeast-2", + }: endpoint{ + Hostname: "elasticfilesystem-fips.ap-northeast-2.amazonaws.com", CredentialScope: credentialScope{ - Region: "us-west-2", + Region: "ap-northeast-2", }, + Deprecated: boxedTrue, }, - }, - }, - "polly": service{ - - Endpoints: endpoints{ - "ap-east-1": endpoint{}, - "ap-northeast-1": endpoint{}, - "ap-northeast-2": endpoint{}, - "ap-south-1": endpoint{}, - "ap-southeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "ca-central-1": endpoint{}, - "eu-central-1": endpoint{}, - "eu-north-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "eu-west-3": endpoint{}, - "fips-us-east-1": endpoint{ - Hostname: "polly-fips.us-east-1.amazonaws.com", + endpointKey{ + Region: "fips-ap-northeast-3", + }: endpoint{ + Hostname: "elasticfilesystem-fips.ap-northeast-3.amazonaws.com", CredentialScope: credentialScope{ - Region: "us-east-1", + Region: "ap-northeast-3", }, + Deprecated: boxedTrue, }, - "fips-us-east-2": endpoint{ - Hostname: "polly-fips.us-east-2.amazonaws.com", + endpointKey{ + Region: "fips-ap-south-1", + }: endpoint{ + Hostname: "elasticfilesystem-fips.ap-south-1.amazonaws.com", CredentialScope: credentialScope{ - Region: "us-east-2", + Region: "ap-south-1", }, + Deprecated: boxedTrue, }, - "fips-us-west-1": endpoint{ - Hostname: "polly-fips.us-west-1.amazonaws.com", + endpointKey{ + Region: "fips-ap-south-2", + }: endpoint{ + Hostname: "elasticfilesystem-fips.ap-south-2.amazonaws.com", CredentialScope: credentialScope{ - Region: "us-west-1", + Region: "ap-south-2", }, + Deprecated: boxedTrue, }, - "fips-us-west-2": endpoint{ - Hostname: "polly-fips.us-west-2.amazonaws.com", + endpointKey{ + Region: "fips-ap-southeast-1", + }: endpoint{ + Hostname: "elasticfilesystem-fips.ap-southeast-1.amazonaws.com", CredentialScope: credentialScope{ - Region: "us-west-2", + Region: "ap-southeast-1", }, + Deprecated: boxedTrue, }, - "me-south-1": endpoint{}, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, - }, - }, - "portal.sso": service{ - - Endpoints: endpoints{ - "ap-southeast-1": endpoint{ - Hostname: "portal.sso.ap-southeast-1.amazonaws.com", + endpointKey{ + Region: "fips-ap-southeast-2", + }: endpoint{ + Hostname: "elasticfilesystem-fips.ap-southeast-2.amazonaws.com", CredentialScope: credentialScope{ - Region: "ap-southeast-1", + Region: "ap-southeast-2", }, + Deprecated: boxedTrue, }, - "ap-southeast-2": endpoint{ - Hostname: "portal.sso.ap-southeast-2.amazonaws.com", + endpointKey{ + Region: "fips-ap-southeast-3", + }: endpoint{ + Hostname: "elasticfilesystem-fips.ap-southeast-3.amazonaws.com", CredentialScope: credentialScope{ - Region: "ap-southeast-2", + Region: "ap-southeast-3", }, + Deprecated: boxedTrue, }, - "ca-central-1": endpoint{ - Hostname: "portal.sso.ca-central-1.amazonaws.com", + endpointKey{ + Region: "fips-ap-southeast-4", + }: endpoint{ + Hostname: "elasticfilesystem-fips.ap-southeast-4.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-southeast-4", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-ca-central-1", + }: endpoint{ + Hostname: "elasticfilesystem-fips.ca-central-1.amazonaws.com", CredentialScope: credentialScope{ Region: "ca-central-1", }, + Deprecated: boxedTrue, }, - "eu-central-1": endpoint{ - Hostname: "portal.sso.eu-central-1.amazonaws.com", + endpointKey{ + Region: "fips-ca-west-1", + }: endpoint{ + Hostname: "elasticfilesystem-fips.ca-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-eu-central-1", + }: endpoint{ + Hostname: "elasticfilesystem-fips.eu-central-1.amazonaws.com", CredentialScope: credentialScope{ Region: "eu-central-1", }, + Deprecated: boxedTrue, }, - "eu-west-1": endpoint{ - Hostname: "portal.sso.eu-west-1.amazonaws.com", + endpointKey{ + Region: "fips-eu-central-2", + }: endpoint{ + Hostname: "elasticfilesystem-fips.eu-central-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-central-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-eu-north-1", + }: endpoint{ + Hostname: "elasticfilesystem-fips.eu-north-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-north-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-eu-south-1", + }: endpoint{ + Hostname: "elasticfilesystem-fips.eu-south-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-south-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-eu-south-2", + }: endpoint{ + Hostname: "elasticfilesystem-fips.eu-south-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-south-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-eu-west-1", + }: endpoint{ + Hostname: "elasticfilesystem-fips.eu-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "eu-west-1", }, + Deprecated: boxedTrue, }, - "eu-west-2": endpoint{ - Hostname: "portal.sso.eu-west-2.amazonaws.com", + endpointKey{ + Region: "fips-eu-west-2", + }: endpoint{ + Hostname: "elasticfilesystem-fips.eu-west-2.amazonaws.com", CredentialScope: credentialScope{ Region: "eu-west-2", }, + Deprecated: boxedTrue, }, - "us-east-1": endpoint{ - Hostname: "portal.sso.us-east-1.amazonaws.com", + endpointKey{ + Region: "fips-eu-west-3", + }: endpoint{ + Hostname: "elasticfilesystem-fips.eu-west-3.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-west-3", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-il-central-1", + }: endpoint{ + Hostname: "elasticfilesystem-fips.il-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "il-central-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-me-central-1", + }: endpoint{ + Hostname: "elasticfilesystem-fips.me-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "me-central-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-me-south-1", + }: endpoint{ + Hostname: "elasticfilesystem-fips.me-south-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "me-south-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-sa-east-1", + }: endpoint{ + Hostname: "elasticfilesystem-fips.sa-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "sa-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "elasticfilesystem-fips.us-east-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-east-1", }, + Deprecated: boxedTrue, }, - "us-east-2": endpoint{ - Hostname: "portal.sso.us-east-2.amazonaws.com", + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ + Hostname: "elasticfilesystem-fips.us-east-2.amazonaws.com", CredentialScope: credentialScope{ Region: "us-east-2", }, + Deprecated: boxedTrue, }, - "us-west-2": endpoint{ - Hostname: "portal.sso.us-west-2.amazonaws.com", + endpointKey{ + Region: "fips-us-west-1", + }: endpoint{ + Hostname: "elasticfilesystem-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "elasticfilesystem-fips.us-west-2.amazonaws.com", CredentialScope: credentialScope{ Region: "us-west-2", }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "il-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "elasticfilesystem-fips.il-central-1.amazonaws.com", + }, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "elasticfilesystem-fips.me-central-1.amazonaws.com", + }, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "elasticfilesystem-fips.me-south-1.amazonaws.com", + }, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "elasticfilesystem-fips.sa-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "elasticfilesystem-fips.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "elasticfilesystem-fips.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "elasticfilesystem-fips.us-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "elasticfilesystem-fips.us-west-2.amazonaws.com", }, }, }, - "projects.iot1click": service{ - - Endpoints: endpoints{ - "ap-northeast-1": endpoint{}, - "eu-central-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-2": endpoint{}, - }, - }, - "qldb": service{ - - Endpoints: endpoints{ - "ap-northeast-1": endpoint{}, - "ap-northeast-2": endpoint{}, - "ap-southeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "eu-central-1": endpoint{}, - "eu-west-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-2": endpoint{}, - }, - }, - "ram": service{ - - Endpoints: endpoints{ - "af-south-1": endpoint{}, - "ap-east-1": endpoint{}, - "ap-northeast-1": endpoint{}, - "ap-northeast-2": endpoint{}, - "ap-south-1": endpoint{}, - "ap-southeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "ca-central-1": endpoint{}, - "eu-central-1": endpoint{}, - "eu-north-1": endpoint{}, - "eu-south-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "eu-west-3": endpoint{}, - "me-south-1": endpoint{}, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, - }, - }, - "rds": service{ - - Endpoints: endpoints{ - "af-south-1": endpoint{}, - "ap-east-1": endpoint{}, - "ap-northeast-1": endpoint{}, - "ap-northeast-2": endpoint{}, - "ap-south-1": endpoint{}, - "ap-southeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "ca-central-1": endpoint{}, - "eu-central-1": endpoint{}, - "eu-north-1": endpoint{}, - "eu-south-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "eu-west-3": endpoint{}, - "me-south-1": endpoint{}, - "rds-fips.ca-central-1": endpoint{ - Hostname: "rds-fips.ca-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, + "elasticloadbalancing": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + Protocols: []string{"https"}, }, - "rds-fips.us-east-1": endpoint{ - Hostname: "rds-fips.us-east-1.amazonaws.com", + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "elasticloadbalancing-fips.us-east-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-east-1", }, + Deprecated: boxedTrue, }, - "rds-fips.us-east-2": endpoint{ - Hostname: "rds-fips.us-east-2.amazonaws.com", + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ + Hostname: "elasticloadbalancing-fips.us-east-2.amazonaws.com", CredentialScope: credentialScope{ Region: "us-east-2", }, + Deprecated: boxedTrue, }, - "rds-fips.us-west-1": endpoint{ - Hostname: "rds-fips.us-west-1.amazonaws.com", + endpointKey{ + Region: "fips-us-west-1", + }: endpoint{ + Hostname: "elasticloadbalancing-fips.us-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-west-1", }, + Deprecated: boxedTrue, }, - "rds-fips.us-west-2": endpoint{ - Hostname: "rds-fips.us-west-2.amazonaws.com", + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "elasticloadbalancing-fips.us-west-2.amazonaws.com", CredentialScope: credentialScope{ Region: "us-west-2", }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "elasticloadbalancing-fips.us-east-1.amazonaws.com", }, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{ - SSLCommonName: "{service}.{dnsSuffix}", + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "elasticloadbalancing-fips.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "elasticloadbalancing-fips.us-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "elasticloadbalancing-fips.us-west-2.amazonaws.com", }, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, }, }, - "redshift": service{ - - Endpoints: endpoints{ - "af-south-1": endpoint{}, - "ap-east-1": endpoint{}, - "ap-northeast-1": endpoint{}, - "ap-northeast-2": endpoint{}, - "ap-south-1": endpoint{}, - "ap-southeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "ca-central-1": endpoint{}, - "eu-central-1": endpoint{}, - "eu-north-1": endpoint{}, - "eu-south-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "eu-west-3": endpoint{}, - "fips-ca-central-1": endpoint{ - Hostname: "redshift-fips.ca-central-1.amazonaws.com", + "elasticmapreduce": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + SSLCommonName: "{region}.{service}.{dnsSuffix}", + Protocols: []string{"https"}, + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "elasticmapreduce-fips.ca-central-1.amazonaws.com", + }, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "elasticmapreduce-fips.ca-west-1.amazonaws.com", + }, + endpointKey{ + Region: "eu-central-1", + }: endpoint{ + SSLCommonName: "{service}.{region}.{dnsSuffix}", + }, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "fips-ca-central-1", + }: endpoint{ + Hostname: "elasticmapreduce-fips.ca-central-1.amazonaws.com", CredentialScope: credentialScope{ Region: "ca-central-1", }, + Deprecated: boxedTrue, }, - "fips-us-east-1": endpoint{ - Hostname: "redshift-fips.us-east-1.amazonaws.com", + endpointKey{ + Region: "fips-ca-west-1", + }: endpoint{ + Hostname: "elasticmapreduce-fips.ca-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "elasticmapreduce-fips.us-east-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-east-1", }, + Deprecated: boxedTrue, }, - "fips-us-east-2": endpoint{ - Hostname: "redshift-fips.us-east-2.amazonaws.com", + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ + Hostname: "elasticmapreduce-fips.us-east-2.amazonaws.com", CredentialScope: credentialScope{ Region: "us-east-2", }, + Deprecated: boxedTrue, }, - "fips-us-west-1": endpoint{ - Hostname: "redshift-fips.us-west-1.amazonaws.com", + endpointKey{ + Region: "fips-us-west-1", + }: endpoint{ + Hostname: "elasticmapreduce-fips.us-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-west-1", }, + Deprecated: boxedTrue, }, - "fips-us-west-2": endpoint{ - Hostname: "redshift-fips.us-west-2.amazonaws.com", + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "elasticmapreduce-fips.us-west-2.amazonaws.com", CredentialScope: credentialScope{ Region: "us-west-2", }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{ + SSLCommonName: "{service}.{region}.{dnsSuffix}", + }, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "elasticmapreduce-fips.us-east-1.amazonaws.com", + SSLCommonName: "{service}.{region}.{dnsSuffix}", + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "elasticmapreduce.us-east-2.api.aws", + }, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "elasticmapreduce-fips.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "elasticmapreduce-fips.us-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "elasticmapreduce-fips.us-west-2.amazonaws.com", }, - "me-south-1": endpoint{}, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, }, }, - "rekognition": service{ - - Endpoints: endpoints{ - "ap-northeast-1": endpoint{}, - "ap-northeast-2": endpoint{}, - "ap-south-1": endpoint{}, - "ap-southeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "ca-central-1": endpoint{}, - "eu-central-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "rekognition-fips.ca-central-1": endpoint{ - Hostname: "rekognition-fips.ca-central-1.amazonaws.com", + "elastictranscoder": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + }, + }, + "email": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "email-fips.ca-central-1.amazonaws.com", + }, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "fips-ca-central-1", + }: endpoint{ + Hostname: "email-fips.ca-central-1.amazonaws.com", CredentialScope: credentialScope{ Region: "ca-central-1", }, + Deprecated: boxedTrue, }, - "rekognition-fips.us-east-1": endpoint{ - Hostname: "rekognition-fips.us-east-1.amazonaws.com", + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "email-fips.us-east-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-east-1", }, + Deprecated: boxedTrue, }, - "rekognition-fips.us-east-2": endpoint{ - Hostname: "rekognition-fips.us-east-2.amazonaws.com", + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ + Hostname: "email-fips.us-east-2.amazonaws.com", CredentialScope: credentialScope{ Region: "us-east-2", }, + Deprecated: boxedTrue, }, - "rekognition-fips.us-west-1": endpoint{ - Hostname: "rekognition-fips.us-west-1.amazonaws.com", + endpointKey{ + Region: "fips-us-west-1", + }: endpoint{ + Hostname: "email-fips.us-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-west-1", }, + Deprecated: boxedTrue, }, - "rekognition-fips.us-west-2": endpoint{ - Hostname: "rekognition-fips.us-west-2.amazonaws.com", + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "email-fips.us-west-2.amazonaws.com", CredentialScope: credentialScope{ Region: "us-west-2", }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "email-fips.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "email-fips.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "email-fips.us-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "email-fips.us-west-2.amazonaws.com", + }, + }, + }, + "emr-containers": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "emr-containers-fips.ca-central-1.amazonaws.com", + }, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "fips-ca-central-1", + }: endpoint{ + Hostname: "emr-containers-fips.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + Deprecated: boxedTrue, }, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, - }, - }, - "resource-groups": service{ - - Endpoints: endpoints{ - "af-south-1": endpoint{}, - "ap-east-1": endpoint{}, - "ap-northeast-1": endpoint{}, - "ap-northeast-2": endpoint{}, - "ap-south-1": endpoint{}, - "ap-southeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "ca-central-1": endpoint{}, - "eu-central-1": endpoint{}, - "eu-north-1": endpoint{}, - "eu-south-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "eu-west-3": endpoint{}, - "fips-us-east-1": endpoint{ - Hostname: "resource-groups-fips.us-east-1.amazonaws.com", + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "emr-containers-fips.us-east-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-east-1", }, + Deprecated: boxedTrue, }, - "fips-us-east-2": endpoint{ - Hostname: "resource-groups-fips.us-east-2.amazonaws.com", + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ + Hostname: "emr-containers-fips.us-east-2.amazonaws.com", CredentialScope: credentialScope{ Region: "us-east-2", }, + Deprecated: boxedTrue, }, - "fips-us-west-1": endpoint{ - Hostname: "resource-groups-fips.us-west-1.amazonaws.com", + endpointKey{ + Region: "fips-us-west-1", + }: endpoint{ + Hostname: "emr-containers-fips.us-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-west-1", }, + Deprecated: boxedTrue, }, - "fips-us-west-2": endpoint{ - Hostname: "resource-groups-fips.us-west-2.amazonaws.com", + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "emr-containers-fips.us-west-2.amazonaws.com", CredentialScope: credentialScope{ Region: "us-west-2", }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "emr-containers-fips.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "emr-containers-fips.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "emr-containers-fips.us-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "emr-containers-fips.us-west-2.amazonaws.com", + }, + }, + }, + "emr-serverless": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "emr-serverless-fips.ca-central-1.amazonaws.com", + }, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "fips-ca-central-1", + }: endpoint{ + Hostname: "emr-serverless-fips.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + Deprecated: boxedTrue, }, - "me-south-1": endpoint{}, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, - }, - }, - "robomaker": service{ - - Endpoints: endpoints{ - "ap-northeast-1": endpoint{}, - "ap-southeast-1": endpoint{}, - "eu-central-1": endpoint{}, - "eu-west-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-2": endpoint{}, - }, - }, - "route53": service{ - PartitionEndpoint: "aws-global", - IsRegionalized: boxedFalse, - - Endpoints: endpoints{ - "aws-global": endpoint{ - Hostname: "route53.amazonaws.com", + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "emr-serverless-fips.us-east-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-east-1", }, + Deprecated: boxedTrue, }, - "fips-aws-global": endpoint{ - Hostname: "route53-fips.amazonaws.com", + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ + Hostname: "emr-serverless-fips.us-east-2.amazonaws.com", CredentialScope: credentialScope{ - Region: "us-east-1", + Region: "us-east-2", }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-1", + }: endpoint{ + Hostname: "emr-serverless-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "emr-serverless-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "emr-serverless-fips.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "emr-serverless-fips.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "emr-serverless-fips.us-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "emr-serverless-fips.us-west-2.amazonaws.com", }, }, }, - "route53domains": service{ - - Endpoints: endpoints{ - "us-east-1": endpoint{}, - }, - }, - "route53resolver": service{ - Defaults: endpoint{ - Protocols: []string{"https"}, - }, - Endpoints: endpoints{ - "af-south-1": endpoint{}, - "ap-east-1": endpoint{}, - "ap-northeast-1": endpoint{}, - "ap-northeast-2": endpoint{}, - "ap-south-1": endpoint{}, - "ap-southeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "ca-central-1": endpoint{}, - "eu-central-1": endpoint{}, - "eu-north-1": endpoint{}, - "eu-south-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "eu-west-3": endpoint{}, - "me-south-1": endpoint{}, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, - }, - }, - "runtime.lex": service{ - Defaults: endpoint{ - CredentialScope: credentialScope{ - Service: "lex", + "entitlement.marketplace": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + CredentialScope: credentialScope{ + Service: "aws-marketplace", + }, }, }, - Endpoints: endpoints{ - "ap-northeast-1": endpoint{}, - "ap-southeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "eu-central-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "us-east-1": endpoint{}, - "us-west-2": endpoint{}, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-east-1", + }: endpoint{}, }, }, - "runtime.sagemaker": service{ - - Endpoints: endpoints{ - "af-south-1": endpoint{}, - "ap-east-1": endpoint{}, - "ap-northeast-1": endpoint{}, - "ap-northeast-2": endpoint{}, - "ap-south-1": endpoint{}, - "ap-southeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "ca-central-1": endpoint{}, - "eu-central-1": endpoint{}, - "eu-north-1": endpoint{}, - "eu-south-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "eu-west-3": endpoint{}, - "me-south-1": endpoint{}, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-1-fips": endpoint{ - Hostname: "runtime-fips.sagemaker.us-east-1.amazonaws.com", + "es": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "af-south-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "aos.af-south-1.api.aws", + }, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "aos.ap-east-1.api.aws", + }, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "aos.ap-northeast-1.api.aws", + }, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "aos.ap-northeast-2.api.aws", + }, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "aos.ap-northeast-3.api.aws", + }, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "aos.ap-south-1.api.aws", + }, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "aos.ap-south-2.api.aws", + }, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "aos.ap-southeast-1.api.aws", + }, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "aos.ap-southeast-2.api.aws", + }, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "aos.ap-southeast-3.api.aws", + }, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "aos.ap-southeast-4.api.aws", + }, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "aos.ca-central-1.api.aws", + }, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "aos.ca-west-1.api.aws", + }, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "aos.eu-central-1.api.aws", + }, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "aos.eu-central-2.api.aws", + }, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "aos.eu-north-1.api.aws", + }, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "aos.eu-south-1.api.aws", + }, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "aos.eu-south-2.api.aws", + }, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "aos.eu-west-1.api.aws", + }, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "aos.eu-west-2.api.aws", + }, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "aos.eu-west-3.api.aws", + }, + endpointKey{ + Region: "fips", + }: endpoint{ + Hostname: "es-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "il-central-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "aos.il-central-1.api.aws", + }, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "aos.me-central-1.api.aws", + }, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "aos.me-south-1.api.aws", + }, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "aos.sa-east-1.api.aws", + }, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "aos.us-east-1.api.aws", + }, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "es-fips.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-1-fips", + }: endpoint{ + Hostname: "es-fips.us-east-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-east-1", }, + Deprecated: boxedTrue, }, - "us-east-2": endpoint{}, - "us-east-2-fips": endpoint{ - Hostname: "runtime-fips.sagemaker.us-east-2.amazonaws.com", + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "aos.us-east-2.api.aws", + }, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "es-fips.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-east-2-fips", + }: endpoint{ + Hostname: "es-fips.us-east-2.amazonaws.com", CredentialScope: credentialScope{ Region: "us-east-2", }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "aos.us-west-1.api.aws", + }, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "es-fips.us-west-1.amazonaws.com", }, - "us-west-1": endpoint{}, - "us-west-1-fips": endpoint{ - Hostname: "runtime-fips.sagemaker.us-west-1.amazonaws.com", + endpointKey{ + Region: "us-west-1-fips", + }: endpoint{ + Hostname: "es-fips.us-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-west-1", }, + Deprecated: boxedTrue, }, - "us-west-2": endpoint{}, - "us-west-2-fips": endpoint{ - Hostname: "runtime-fips.sagemaker.us-west-2.amazonaws.com", + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "aos.us-west-2.api.aws", + }, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "es-fips.us-west-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2-fips", + }: endpoint{ + Hostname: "es-fips.us-west-2.amazonaws.com", CredentialScope: credentialScope{ Region: "us-west-2", }, + Deprecated: boxedTrue, }, }, }, - "s3": service{ - PartitionEndpoint: "aws-global", - IsRegionalized: boxedTrue, - Defaults: endpoint{ - Protocols: []string{"http", "https"}, - SignatureVersions: []string{"s3v4"}, - - HasDualStack: boxedTrue, - DualStackHostname: "{service}.dualstack.{region}.{dnsSuffix}", - }, - Endpoints: endpoints{ - "af-south-1": endpoint{}, - "ap-east-1": endpoint{}, - "ap-northeast-1": endpoint{ - Hostname: "s3.ap-northeast-1.amazonaws.com", - SignatureVersions: []string{"s3", "s3v4"}, - }, - "ap-northeast-2": endpoint{}, - "ap-south-1": endpoint{}, - "ap-southeast-1": endpoint{ - Hostname: "s3.ap-southeast-1.amazonaws.com", - SignatureVersions: []string{"s3", "s3v4"}, - }, - "ap-southeast-2": endpoint{ - Hostname: "s3.ap-southeast-2.amazonaws.com", - SignatureVersions: []string{"s3", "s3v4"}, - }, - "aws-global": endpoint{ - Hostname: "s3.amazonaws.com", - SignatureVersions: []string{"s3", "s3v4"}, + "events": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "events-fips.us-east-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-east-1", }, + Deprecated: boxedTrue, }, - "ca-central-1": endpoint{}, - "eu-central-1": endpoint{}, - "eu-north-1": endpoint{}, - "eu-south-1": endpoint{}, - "eu-west-1": endpoint{ - Hostname: "s3.eu-west-1.amazonaws.com", - SignatureVersions: []string{"s3", "s3v4"}, - }, - "eu-west-2": endpoint{}, - "eu-west-3": endpoint{}, - "me-south-1": endpoint{}, - "s3-external-1": endpoint{ - Hostname: "s3-external-1.amazonaws.com", - SignatureVersions: []string{"s3", "s3v4"}, + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ + Hostname: "events-fips.us-east-2.amazonaws.com", CredentialScope: credentialScope{ - Region: "us-east-1", + Region: "us-east-2", }, + Deprecated: boxedTrue, }, - "sa-east-1": endpoint{ - Hostname: "s3.sa-east-1.amazonaws.com", - SignatureVersions: []string{"s3", "s3v4"}, - }, - "us-east-1": endpoint{ - Hostname: "s3.us-east-1.amazonaws.com", - SignatureVersions: []string{"s3", "s3v4"}, + endpointKey{ + Region: "fips-us-west-1", + }: endpoint{ + Hostname: "events-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + Deprecated: boxedTrue, }, - "us-east-2": endpoint{}, - "us-west-1": endpoint{ - Hostname: "s3.us-west-1.amazonaws.com", - SignatureVersions: []string{"s3", "s3v4"}, + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "events-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "events-fips.us-east-1.amazonaws.com", }, - "us-west-2": endpoint{ - Hostname: "s3.us-west-2.amazonaws.com", - SignatureVersions: []string{"s3", "s3v4"}, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "events-fips.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "events-fips.us-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "events-fips.us-west-2.amazonaws.com", }, }, }, - "s3-control": service{ - Defaults: endpoint{ - Protocols: []string{"https"}, - SignatureVersions: []string{"s3v4"}, - - HasDualStack: boxedTrue, - DualStackHostname: "{service}.dualstack.{region}.{dnsSuffix}", + "evidently": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{ + Hostname: "evidently.ap-northeast-1.amazonaws.com", + }, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{ + Hostname: "evidently.ap-southeast-1.amazonaws.com", + }, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{ + Hostname: "evidently.ap-southeast-2.amazonaws.com", + }, + endpointKey{ + Region: "eu-central-1", + }: endpoint{ + Hostname: "evidently.eu-central-1.amazonaws.com", + }, + endpointKey{ + Region: "eu-north-1", + }: endpoint{ + Hostname: "evidently.eu-north-1.amazonaws.com", + }, + endpointKey{ + Region: "eu-west-1", + }: endpoint{ + Hostname: "evidently.eu-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-1", + }: endpoint{ + Hostname: "evidently.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{ + Hostname: "evidently.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{ + Hostname: "evidently.us-west-2.amazonaws.com", + }, + }, + }, + "finspace": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + }, + }, + "finspace-api": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, }, - Endpoints: endpoints{ - "ap-northeast-1": endpoint{ - Hostname: "s3-control.ap-northeast-1.amazonaws.com", - SignatureVersions: []string{"s3v4"}, + }, + "firehose": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "firehose-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ + Hostname: "firehose-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-1", + }: endpoint{ + Hostname: "firehose-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "firehose-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "firehose-fips.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "firehose-fips.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "firehose-fips.us-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "firehose-fips.us-west-2.amazonaws.com", + }, + }, + }, + "fms": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + Protocols: []string{"https"}, + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "af-south-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "fms-fips.af-south-1.amazonaws.com", + }, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "fms-fips.ap-east-1.amazonaws.com", + }, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "fms-fips.ap-northeast-1.amazonaws.com", + }, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "fms-fips.ap-northeast-2.amazonaws.com", + }, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "fms-fips.ap-south-1.amazonaws.com", + }, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "fms-fips.ap-southeast-1.amazonaws.com", + }, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "fms-fips.ap-southeast-2.amazonaws.com", + }, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "fms-fips.ca-central-1.amazonaws.com", + }, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "fms-fips.eu-central-1.amazonaws.com", + }, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "fms-fips.eu-south-1.amazonaws.com", + }, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "fms-fips.eu-west-1.amazonaws.com", + }, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "fms-fips.eu-west-2.amazonaws.com", + }, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + Variant: fipsVariant, + }: endpoint{ + Hostname: "fms-fips.eu-west-3.amazonaws.com", + }, + endpointKey{ + Region: "fips-af-south-1", + }: endpoint{ + Hostname: "fms-fips.af-south-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "af-south-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-ap-east-1", + }: endpoint{ + Hostname: "fms-fips.ap-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-ap-northeast-1", + }: endpoint{ + Hostname: "fms-fips.ap-northeast-1.amazonaws.com", CredentialScope: credentialScope{ Region: "ap-northeast-1", }, + Deprecated: boxedTrue, }, - "ap-northeast-2": endpoint{ - Hostname: "s3-control.ap-northeast-2.amazonaws.com", - SignatureVersions: []string{"s3v4"}, + endpointKey{ + Region: "fips-ap-northeast-2", + }: endpoint{ + Hostname: "fms-fips.ap-northeast-2.amazonaws.com", CredentialScope: credentialScope{ Region: "ap-northeast-2", }, + Deprecated: boxedTrue, }, - "ap-south-1": endpoint{ - Hostname: "s3-control.ap-south-1.amazonaws.com", - SignatureVersions: []string{"s3v4"}, + endpointKey{ + Region: "fips-ap-south-1", + }: endpoint{ + Hostname: "fms-fips.ap-south-1.amazonaws.com", CredentialScope: credentialScope{ Region: "ap-south-1", }, + Deprecated: boxedTrue, }, - "ap-southeast-1": endpoint{ - Hostname: "s3-control.ap-southeast-1.amazonaws.com", - SignatureVersions: []string{"s3v4"}, + endpointKey{ + Region: "fips-ap-southeast-1", + }: endpoint{ + Hostname: "fms-fips.ap-southeast-1.amazonaws.com", CredentialScope: credentialScope{ Region: "ap-southeast-1", }, + Deprecated: boxedTrue, }, - "ap-southeast-2": endpoint{ - Hostname: "s3-control.ap-southeast-2.amazonaws.com", - SignatureVersions: []string{"s3v4"}, + endpointKey{ + Region: "fips-ap-southeast-2", + }: endpoint{ + Hostname: "fms-fips.ap-southeast-2.amazonaws.com", CredentialScope: credentialScope{ Region: "ap-southeast-2", }, + Deprecated: boxedTrue, }, - "ca-central-1": endpoint{ - Hostname: "s3-control.ca-central-1.amazonaws.com", - SignatureVersions: []string{"s3v4"}, - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, - }, - "ca-central-1-fips": endpoint{ - Hostname: "s3-control-fips.ca-central-1.amazonaws.com", - SignatureVersions: []string{"s3v4"}, + endpointKey{ + Region: "fips-ca-central-1", + }: endpoint{ + Hostname: "fms-fips.ca-central-1.amazonaws.com", CredentialScope: credentialScope{ Region: "ca-central-1", }, + Deprecated: boxedTrue, }, - "eu-central-1": endpoint{ - Hostname: "s3-control.eu-central-1.amazonaws.com", - SignatureVersions: []string{"s3v4"}, + endpointKey{ + Region: "fips-eu-central-1", + }: endpoint{ + Hostname: "fms-fips.eu-central-1.amazonaws.com", CredentialScope: credentialScope{ Region: "eu-central-1", }, + Deprecated: boxedTrue, }, - "eu-north-1": endpoint{ - Hostname: "s3-control.eu-north-1.amazonaws.com", - SignatureVersions: []string{"s3v4"}, + endpointKey{ + Region: "fips-eu-south-1", + }: endpoint{ + Hostname: "fms-fips.eu-south-1.amazonaws.com", CredentialScope: credentialScope{ - Region: "eu-north-1", + Region: "eu-south-1", }, + Deprecated: boxedTrue, }, - "eu-west-1": endpoint{ - Hostname: "s3-control.eu-west-1.amazonaws.com", - SignatureVersions: []string{"s3v4"}, + endpointKey{ + Region: "fips-eu-west-1", + }: endpoint{ + Hostname: "fms-fips.eu-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "eu-west-1", }, + Deprecated: boxedTrue, }, - "eu-west-2": endpoint{ - Hostname: "s3-control.eu-west-2.amazonaws.com", - SignatureVersions: []string{"s3v4"}, + endpointKey{ + Region: "fips-eu-west-2", + }: endpoint{ + Hostname: "fms-fips.eu-west-2.amazonaws.com", CredentialScope: credentialScope{ Region: "eu-west-2", }, + Deprecated: boxedTrue, }, - "eu-west-3": endpoint{ - Hostname: "s3-control.eu-west-3.amazonaws.com", - SignatureVersions: []string{"s3v4"}, + endpointKey{ + Region: "fips-eu-west-3", + }: endpoint{ + Hostname: "fms-fips.eu-west-3.amazonaws.com", CredentialScope: credentialScope{ Region: "eu-west-3", }, + Deprecated: boxedTrue, }, - "sa-east-1": endpoint{ - Hostname: "s3-control.sa-east-1.amazonaws.com", - SignatureVersions: []string{"s3v4"}, + endpointKey{ + Region: "fips-me-south-1", + }: endpoint{ + Hostname: "fms-fips.me-south-1.amazonaws.com", CredentialScope: credentialScope{ - Region: "sa-east-1", + Region: "me-south-1", }, + Deprecated: boxedTrue, }, - "us-east-1": endpoint{ - Hostname: "s3-control.us-east-1.amazonaws.com", - SignatureVersions: []string{"s3v4"}, + endpointKey{ + Region: "fips-sa-east-1", + }: endpoint{ + Hostname: "fms-fips.sa-east-1.amazonaws.com", CredentialScope: credentialScope{ - Region: "us-east-1", + Region: "sa-east-1", }, + Deprecated: boxedTrue, }, - "us-east-1-fips": endpoint{ - Hostname: "s3-control-fips.us-east-1.amazonaws.com", - SignatureVersions: []string{"s3v4"}, + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "fms-fips.us-east-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-east-1", }, + Deprecated: boxedTrue, }, - "us-east-2": endpoint{ - Hostname: "s3-control.us-east-2.amazonaws.com", - SignatureVersions: []string{"s3v4"}, + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ + Hostname: "fms-fips.us-east-2.amazonaws.com", CredentialScope: credentialScope{ Region: "us-east-2", }, + Deprecated: boxedTrue, }, - "us-east-2-fips": endpoint{ - Hostname: "s3-control-fips.us-east-2.amazonaws.com", - SignatureVersions: []string{"s3v4"}, + endpointKey{ + Region: "fips-us-west-1", + }: endpoint{ + Hostname: "fms-fips.us-west-1.amazonaws.com", CredentialScope: credentialScope{ - Region: "us-east-2", + Region: "us-west-1", }, + Deprecated: boxedTrue, }, - "us-west-1": endpoint{ - Hostname: "s3-control.us-west-1.amazonaws.com", - SignatureVersions: []string{"s3v4"}, + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "fms-fips.us-west-2.amazonaws.com", CredentialScope: credentialScope{ - Region: "us-west-1", + Region: "us-west-2", }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "fms-fips.me-south-1.amazonaws.com", + }, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "fms-fips.sa-east-1.amazonaws.com", }, - "us-west-1-fips": endpoint{ - Hostname: "s3-control-fips.us-west-1.amazonaws.com", - SignatureVersions: []string{"s3v4"}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "fms-fips.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "fms-fips.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "fms-fips.us-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "fms-fips.us-west-2.amazonaws.com", + }, + }, + }, + "forecast": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "forecast-fips.us-east-1.amazonaws.com", CredentialScope: credentialScope{ - Region: "us-west-1", + Region: "us-east-1", }, + Deprecated: boxedTrue, }, - "us-west-2": endpoint{ - Hostname: "s3-control.us-west-2.amazonaws.com", - SignatureVersions: []string{"s3v4"}, + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ + Hostname: "forecast-fips.us-east-2.amazonaws.com", CredentialScope: credentialScope{ - Region: "us-west-2", + Region: "us-east-2", }, + Deprecated: boxedTrue, }, - "us-west-2-fips": endpoint{ - Hostname: "s3-control-fips.us-west-2.amazonaws.com", - SignatureVersions: []string{"s3v4"}, + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "forecast-fips.us-west-2.amazonaws.com", CredentialScope: credentialScope{ Region: "us-west-2", }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "forecast-fips.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "forecast-fips.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "forecast-fips.us-west-2.amazonaws.com", }, }, }, - "savingsplans": service{ - PartitionEndpoint: "aws-global", - IsRegionalized: boxedFalse, - - Endpoints: endpoints{ - "aws-global": endpoint{ - Hostname: "savingsplans.amazonaws.com", + "forecastquery": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "forecastquery-fips.us-east-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-east-1", }, + Deprecated: boxedTrue, }, - }, - }, - "schemas": service{ - - Endpoints: endpoints{ - "ap-east-1": endpoint{}, - "ap-northeast-1": endpoint{}, - "ap-northeast-2": endpoint{}, - "ap-south-1": endpoint{}, - "ap-southeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "ca-central-1": endpoint{}, - "eu-central-1": endpoint{}, - "eu-north-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "eu-west-3": endpoint{}, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, - }, - }, - "sdb": service{ - Defaults: endpoint{ - Protocols: []string{"http", "https"}, - SignatureVersions: []string{"v2"}, - }, - Endpoints: endpoints{ - "ap-northeast-1": endpoint{}, - "ap-southeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "eu-west-1": endpoint{}, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{ - Hostname: "sdb.amazonaws.com", + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ + Hostname: "forecastquery-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + Deprecated: boxedTrue, }, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "forecastquery-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "forecastquery-fips.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "forecastquery-fips.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "forecastquery-fips.us-west-2.amazonaws.com", + }, + }, + }, + "frauddetector": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, }, }, - "secretsmanager": service{ - - Endpoints: endpoints{ - "af-south-1": endpoint{}, - "ap-east-1": endpoint{}, - "ap-northeast-1": endpoint{}, - "ap-northeast-2": endpoint{}, - "ap-south-1": endpoint{}, - "ap-southeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "ca-central-1": endpoint{}, - "eu-central-1": endpoint{}, - "eu-north-1": endpoint{}, - "eu-south-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "eu-west-3": endpoint{}, - "me-south-1": endpoint{}, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-1-fips": endpoint{ - Hostname: "secretsmanager-fips.us-east-1.amazonaws.com", + "fsx": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "fsx-fips.ca-central-1.amazonaws.com", + }, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "fips-ca-central-1", + }: endpoint{ + Hostname: "fsx-fips.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-prod-ca-central-1", + }: endpoint{ + Hostname: "fsx-fips.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-prod-us-east-1", + }: endpoint{ + Hostname: "fsx-fips.us-east-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-east-1", }, + Deprecated: boxedTrue, }, - "us-east-2": endpoint{}, - "us-east-2-fips": endpoint{ - Hostname: "secretsmanager-fips.us-east-2.amazonaws.com", + endpointKey{ + Region: "fips-prod-us-east-2", + }: endpoint{ + Hostname: "fsx-fips.us-east-2.amazonaws.com", CredentialScope: credentialScope{ Region: "us-east-2", }, + Deprecated: boxedTrue, }, - "us-west-1": endpoint{}, - "us-west-1-fips": endpoint{ - Hostname: "secretsmanager-fips.us-west-1.amazonaws.com", + endpointKey{ + Region: "fips-prod-us-west-1", + }: endpoint{ + Hostname: "fsx-fips.us-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-west-1", }, + Deprecated: boxedTrue, }, - "us-west-2": endpoint{}, - "us-west-2-fips": endpoint{ - Hostname: "secretsmanager-fips.us-west-2.amazonaws.com", + endpointKey{ + Region: "fips-prod-us-west-2", + }: endpoint{ + Hostname: "fsx-fips.us-west-2.amazonaws.com", CredentialScope: credentialScope{ Region: "us-west-2", }, + Deprecated: boxedTrue, }, - }, - }, - "securityhub": service{ - - Endpoints: endpoints{ - "af-south-1": endpoint{}, - "ap-east-1": endpoint{}, - "ap-northeast-1": endpoint{}, - "ap-northeast-2": endpoint{}, - "ap-south-1": endpoint{}, - "ap-southeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "ca-central-1": endpoint{}, - "eu-central-1": endpoint{}, - "eu-north-1": endpoint{}, - "eu-south-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "eu-west-3": endpoint{}, - "fips-us-east-1": endpoint{ - Hostname: "securityhub-fips.us-east-1.amazonaws.com", + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "fsx-fips.us-east-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-east-1", }, + Deprecated: boxedTrue, }, - "fips-us-east-2": endpoint{ - Hostname: "securityhub-fips.us-east-2.amazonaws.com", + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ + Hostname: "fsx-fips.us-east-2.amazonaws.com", CredentialScope: credentialScope{ Region: "us-east-2", }, + Deprecated: boxedTrue, }, - "fips-us-west-1": endpoint{ - Hostname: "securityhub-fips.us-west-1.amazonaws.com", + endpointKey{ + Region: "fips-us-west-1", + }: endpoint{ + Hostname: "fsx-fips.us-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-west-1", }, + Deprecated: boxedTrue, }, - "fips-us-west-2": endpoint{ - Hostname: "securityhub-fips.us-west-2.amazonaws.com", + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "fsx-fips.us-west-2.amazonaws.com", CredentialScope: credentialScope{ Region: "us-west-2", }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "prod-ca-central-1", + }: endpoint{ + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + Deprecated: boxedTrue, }, - "me-south-1": endpoint{}, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, - }, - }, - "serverlessrepo": service{ - Defaults: endpoint{ - Protocols: []string{"https"}, - }, - Endpoints: endpoints{ - "ap-east-1": endpoint{ - Protocols: []string{"https"}, + endpointKey{ + Region: "prod-ca-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "fsx-fips.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + Deprecated: boxedTrue, }, - "ap-northeast-1": endpoint{ - Protocols: []string{"https"}, + endpointKey{ + Region: "prod-us-east-1", + }: endpoint{ + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, }, - "ap-northeast-2": endpoint{ - Protocols: []string{"https"}, + endpointKey{ + Region: "prod-us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "fsx-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, }, - "ap-south-1": endpoint{ - Protocols: []string{"https"}, + endpointKey{ + Region: "prod-us-east-2", + }: endpoint{ + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + Deprecated: boxedTrue, }, - "ap-southeast-1": endpoint{ - Protocols: []string{"https"}, + endpointKey{ + Region: "prod-us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "fsx-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + Deprecated: boxedTrue, }, - "ap-southeast-2": endpoint{ - Protocols: []string{"https"}, + endpointKey{ + Region: "prod-us-west-1", + }: endpoint{ + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + Deprecated: boxedTrue, }, - "ca-central-1": endpoint{ - Protocols: []string{"https"}, + endpointKey{ + Region: "prod-us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "fsx-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + Deprecated: boxedTrue, }, - "eu-central-1": endpoint{ - Protocols: []string{"https"}, + endpointKey{ + Region: "prod-us-west-2", + }: endpoint{ + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, }, - "eu-north-1": endpoint{ - Protocols: []string{"https"}, + endpointKey{ + Region: "prod-us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "fsx-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "fsx-fips.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "fsx-fips.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "fsx-fips.us-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "fsx-fips.us-west-2.amazonaws.com", }, - "eu-west-1": endpoint{ - Protocols: []string{"https"}, + }, + }, + "gamelift": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + }, + }, + "geo": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + }, + }, + "glacier": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + Protocols: []string{"http", "https"}, }, - "eu-west-2": endpoint{ - Protocols: []string{"https"}, - }, - "eu-west-3": endpoint{ - Protocols: []string{"https"}, - }, - "me-south-1": endpoint{ - Protocols: []string{"https"}, - }, - "sa-east-1": endpoint{ - Protocols: []string{"https"}, - }, - "us-east-1": endpoint{ - Protocols: []string{"https"}, - }, - "us-east-2": endpoint{ - Protocols: []string{"https"}, - }, - "us-west-1": endpoint{ - Protocols: []string{"https"}, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "glacier-fips.ca-central-1.amazonaws.com", }, - "us-west-2": endpoint{ - Protocols: []string{"https"}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "fips-ca-central-1", + }: endpoint{ + Hostname: "glacier-fips.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + Deprecated: boxedTrue, }, - }, - }, - "servicecatalog": service{ - - Endpoints: endpoints{ - "af-south-1": endpoint{}, - "ap-east-1": endpoint{}, - "ap-northeast-1": endpoint{}, - "ap-northeast-2": endpoint{}, - "ap-south-1": endpoint{}, - "ap-southeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "ca-central-1": endpoint{}, - "eu-central-1": endpoint{}, - "eu-north-1": endpoint{}, - "eu-south-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "eu-west-3": endpoint{}, - "me-south-1": endpoint{}, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-1-fips": endpoint{ - Hostname: "servicecatalog-fips.us-east-1.amazonaws.com", + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "glacier-fips.us-east-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-east-1", }, + Deprecated: boxedTrue, }, - "us-east-2": endpoint{}, - "us-east-2-fips": endpoint{ - Hostname: "servicecatalog-fips.us-east-2.amazonaws.com", + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ + Hostname: "glacier-fips.us-east-2.amazonaws.com", CredentialScope: credentialScope{ Region: "us-east-2", }, + Deprecated: boxedTrue, }, - "us-west-1": endpoint{}, - "us-west-1-fips": endpoint{ - Hostname: "servicecatalog-fips.us-west-1.amazonaws.com", + endpointKey{ + Region: "fips-us-west-1", + }: endpoint{ + Hostname: "glacier-fips.us-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-west-1", }, + Deprecated: boxedTrue, }, - "us-west-2": endpoint{}, - "us-west-2-fips": endpoint{ - Hostname: "servicecatalog-fips.us-west-2.amazonaws.com", + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "glacier-fips.us-west-2.amazonaws.com", CredentialScope: credentialScope{ Region: "us-west-2", }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "glacier-fips.us-east-1.amazonaws.com", }, - }, - }, - "servicediscovery": service{ - - Endpoints: endpoints{ - "ap-east-1": endpoint{}, - "ap-northeast-1": endpoint{}, - "ap-northeast-2": endpoint{}, - "ap-south-1": endpoint{}, - "ap-southeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "ca-central-1": endpoint{}, - "eu-central-1": endpoint{}, - "eu-north-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "eu-west-3": endpoint{}, - "me-south-1": endpoint{}, - "sa-east-1": endpoint{}, - "servicediscovery-fips": endpoint{ - Hostname: "servicediscovery-fips.ca-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "glacier-fips.us-east-2.amazonaws.com", }, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, - }, - }, - "servicequotas": service{ - Defaults: endpoint{ - Protocols: []string{"https"}, - }, - Endpoints: endpoints{ - "af-south-1": endpoint{}, - "ap-east-1": endpoint{}, - "ap-northeast-1": endpoint{}, - "ap-northeast-2": endpoint{}, - "ap-south-1": endpoint{}, - "ap-southeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "ca-central-1": endpoint{}, - "eu-central-1": endpoint{}, - "eu-north-1": endpoint{}, - "eu-south-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "eu-west-3": endpoint{}, - "me-south-1": endpoint{}, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, - }, - }, - "session.qldb": service{ - - Endpoints: endpoints{ - "ap-northeast-1": endpoint{}, - "ap-northeast-2": endpoint{}, - "ap-southeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "eu-central-1": endpoint{}, - "eu-west-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-2": endpoint{}, - }, - }, - "shield": service{ - PartitionEndpoint: "aws-global", - IsRegionalized: boxedFalse, - Defaults: endpoint{ - SSLCommonName: "shield.us-east-1.amazonaws.com", - Protocols: []string{"https"}, - }, - Endpoints: endpoints{ - "aws-global": endpoint{ - Hostname: "shield.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "glacier-fips.us-west-1.amazonaws.com", }, - "fips-aws-global": endpoint{ - Hostname: "shield-fips.us-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-east-1", - }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "glacier-fips.us-west-2.amazonaws.com", }, }, }, - "sms": service{ - - Endpoints: endpoints{ - "af-south-1": endpoint{}, - "ap-east-1": endpoint{}, - "ap-northeast-1": endpoint{}, - "ap-northeast-2": endpoint{}, - "ap-south-1": endpoint{}, - "ap-southeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "ca-central-1": endpoint{}, - "eu-central-1": endpoint{}, - "eu-north-1": endpoint{}, - "eu-south-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "eu-west-3": endpoint{}, - "fips-us-east-1": endpoint{ - Hostname: "sms-fips.us-east-1.amazonaws.com", + "glue": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "glue-fips.us-east-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-east-1", }, + Deprecated: boxedTrue, }, - "fips-us-east-2": endpoint{ - Hostname: "sms-fips.us-east-2.amazonaws.com", + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ + Hostname: "glue-fips.us-east-2.amazonaws.com", CredentialScope: credentialScope{ Region: "us-east-2", }, + Deprecated: boxedTrue, }, - "fips-us-west-1": endpoint{ - Hostname: "sms-fips.us-west-1.amazonaws.com", + endpointKey{ + Region: "fips-us-west-1", + }: endpoint{ + Hostname: "glue-fips.us-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-west-1", }, + Deprecated: boxedTrue, }, - "fips-us-west-2": endpoint{ - Hostname: "sms-fips.us-west-2.amazonaws.com", + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "glue-fips.us-west-2.amazonaws.com", CredentialScope: credentialScope{ Region: "us-west-2", }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "glue-fips.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "glue-fips.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "glue-fips.us-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "glue-fips.us-west-2.amazonaws.com", }, - "me-south-1": endpoint{}, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, }, }, - "snowball": service{ - - Endpoints: endpoints{ - "af-south-1": endpoint{}, - "ap-east-1": endpoint{}, - "ap-northeast-1": endpoint{}, - "ap-northeast-2": endpoint{}, - "ap-south-1": endpoint{}, - "ap-southeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "ca-central-1": endpoint{}, - "eu-central-1": endpoint{}, - "eu-north-1": endpoint{}, - "eu-south-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "eu-west-3": endpoint{}, - "fips-ap-northeast-1": endpoint{ - Hostname: "snowball-fips.ap-northeast-1.amazonaws.com", + "grafana": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{ + Hostname: "grafana.ap-northeast-1.amazonaws.com", CredentialScope: credentialScope{ Region: "ap-northeast-1", }, }, - "fips-ap-northeast-2": endpoint{ - Hostname: "snowball-fips.ap-northeast-2.amazonaws.com", + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{ + Hostname: "grafana.ap-northeast-2.amazonaws.com", CredentialScope: credentialScope{ Region: "ap-northeast-2", }, }, - "fips-ap-northeast-3": endpoint{ - Hostname: "snowball-fips.ap-northeast-3.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-northeast-3", - }, - }, - "fips-ap-south-1": endpoint{ - Hostname: "snowball-fips.ap-south-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ap-south-1", - }, - }, - "fips-ap-southeast-1": endpoint{ - Hostname: "snowball-fips.ap-southeast-1.amazonaws.com", + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{ + Hostname: "grafana.ap-southeast-1.amazonaws.com", CredentialScope: credentialScope{ Region: "ap-southeast-1", }, }, - "fips-ap-southeast-2": endpoint{ - Hostname: "snowball-fips.ap-southeast-2.amazonaws.com", + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{ + Hostname: "grafana.ap-southeast-2.amazonaws.com", CredentialScope: credentialScope{ Region: "ap-southeast-2", }, }, - "fips-ca-central-1": endpoint{ - Hostname: "snowball-fips.ca-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, - }, - "fips-eu-central-1": endpoint{ - Hostname: "snowball-fips.eu-central-1.amazonaws.com", + endpointKey{ + Region: "eu-central-1", + }: endpoint{ + Hostname: "grafana.eu-central-1.amazonaws.com", CredentialScope: credentialScope{ Region: "eu-central-1", }, }, - "fips-eu-west-1": endpoint{ - Hostname: "snowball-fips.eu-west-1.amazonaws.com", + endpointKey{ + Region: "eu-west-1", + }: endpoint{ + Hostname: "grafana.eu-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "eu-west-1", }, }, - "fips-eu-west-2": endpoint{ - Hostname: "snowball-fips.eu-west-2.amazonaws.com", + endpointKey{ + Region: "eu-west-2", + }: endpoint{ + Hostname: "grafana.eu-west-2.amazonaws.com", CredentialScope: credentialScope{ Region: "eu-west-2", }, }, - "fips-eu-west-3": endpoint{ - Hostname: "snowball-fips.eu-west-3.amazonaws.com", - CredentialScope: credentialScope{ - Region: "eu-west-3", - }, - }, - "fips-sa-east-1": endpoint{ - Hostname: "snowball-fips.sa-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "sa-east-1", - }, - }, - "fips-us-east-1": endpoint{ - Hostname: "snowball-fips.us-east-1.amazonaws.com", + endpointKey{ + Region: "us-east-1", + }: endpoint{ + Hostname: "grafana.us-east-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-east-1", }, }, - "fips-us-east-2": endpoint{ - Hostname: "snowball-fips.us-east-2.amazonaws.com", + endpointKey{ + Region: "us-east-2", + }: endpoint{ + Hostname: "grafana.us-east-2.amazonaws.com", CredentialScope: credentialScope{ Region: "us-east-2", }, }, - "fips-us-west-1": endpoint{ - Hostname: "snowball-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - }, - "fips-us-west-2": endpoint{ - Hostname: "snowball-fips.us-west-2.amazonaws.com", + endpointKey{ + Region: "us-west-2", + }: endpoint{ + Hostname: "grafana.us-west-2.amazonaws.com", CredentialScope: credentialScope{ Region: "us-west-2", }, }, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, }, }, - "sns": service{ - Defaults: endpoint{ - Protocols: []string{"http", "https"}, - }, - Endpoints: endpoints{ - "af-south-1": endpoint{}, - "ap-east-1": endpoint{}, - "ap-northeast-1": endpoint{}, - "ap-northeast-2": endpoint{}, - "ap-south-1": endpoint{}, - "ap-southeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "ca-central-1": endpoint{}, - "eu-central-1": endpoint{}, - "eu-north-1": endpoint{}, - "eu-south-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "eu-west-3": endpoint{}, - "fips-us-east-1": endpoint{ - Hostname: "sns-fips.us-east-1.amazonaws.com", + "greengrass": service{ + IsRegionalized: boxedTrue, + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + Protocols: []string{"https"}, + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "greengrass-fips.ca-central-1.amazonaws.com", + }, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "fips-ca-central-1", + }: endpoint{ + Hostname: "greengrass-fips.ca-central-1.amazonaws.com", CredentialScope: credentialScope{ - Region: "us-east-1", + Region: "ca-central-1", }, + Deprecated: boxedTrue, }, - "fips-us-east-2": endpoint{ - Hostname: "sns-fips.us-east-2.amazonaws.com", + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "greengrass-fips.us-east-1.amazonaws.com", CredentialScope: credentialScope{ - Region: "us-east-2", + Region: "us-east-1", }, + Deprecated: boxedTrue, }, - "fips-us-west-1": endpoint{ - Hostname: "sns-fips.us-west-1.amazonaws.com", + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ + Hostname: "greengrass-fips.us-east-2.amazonaws.com", CredentialScope: credentialScope{ - Region: "us-west-1", + Region: "us-east-2", }, + Deprecated: boxedTrue, }, - "fips-us-west-2": endpoint{ - Hostname: "sns-fips.us-west-2.amazonaws.com", + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "greengrass-fips.us-west-2.amazonaws.com", CredentialScope: credentialScope{ Region: "us-west-2", }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "greengrass-fips.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "greengrass-fips.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "greengrass-fips.us-west-2.amazonaws.com", }, - "me-south-1": endpoint{}, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, }, }, - "sqs": service{ - Defaults: endpoint{ - SSLCommonName: "{region}.queue.{dnsSuffix}", - Protocols: []string{"http", "https"}, - }, - Endpoints: endpoints{ - "af-south-1": endpoint{}, - "ap-east-1": endpoint{}, - "ap-northeast-1": endpoint{}, - "ap-northeast-2": endpoint{}, - "ap-south-1": endpoint{}, - "ap-southeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "ca-central-1": endpoint{}, - "eu-central-1": endpoint{}, - "eu-north-1": endpoint{}, - "eu-south-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "eu-west-3": endpoint{}, - "fips-us-east-1": endpoint{ - Hostname: "sqs-fips.us-east-1.amazonaws.com", + "groundstation": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "groundstation-fips.us-east-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-east-1", }, + Deprecated: boxedTrue, }, - "fips-us-east-2": endpoint{ - Hostname: "sqs-fips.us-east-2.amazonaws.com", + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ + Hostname: "groundstation-fips.us-east-2.amazonaws.com", CredentialScope: credentialScope{ Region: "us-east-2", }, + Deprecated: boxedTrue, }, - "fips-us-west-1": endpoint{ - Hostname: "sqs-fips.us-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-west-1", - }, - }, - "fips-us-west-2": endpoint{ - Hostname: "sqs-fips.us-west-2.amazonaws.com", + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "groundstation-fips.us-west-2.amazonaws.com", CredentialScope: credentialScope{ Region: "us-west-2", }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "groundstation-fips.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "groundstation-fips.us-east-2.amazonaws.com", }, - "me-south-1": endpoint{}, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{ - SSLCommonName: "queue.{dnsSuffix}", + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "groundstation-fips.us-west-2.amazonaws.com", }, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, }, }, - "ssm": service{ - - Endpoints: endpoints{ - "af-south-1": endpoint{}, - "ap-east-1": endpoint{}, - "ap-northeast-1": endpoint{}, - "ap-northeast-2": endpoint{}, - "ap-south-1": endpoint{}, - "ap-southeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "ca-central-1": endpoint{}, - "eu-central-1": endpoint{}, - "eu-north-1": endpoint{}, - "eu-south-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "eu-west-3": endpoint{}, - "fips-ca-central-1": endpoint{ - Hostname: "ssm-fips.ca-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, + "guardduty": service{ + IsRegionalized: boxedTrue, + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + Protocols: []string{"https"}, }, - "fips-us-east-1": endpoint{ - Hostname: "ssm-fips.us-east-1.amazonaws.com", + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "guardduty-fips.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-1-fips", + }: endpoint{ + Hostname: "guardduty-fips.us-east-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-east-1", }, + Deprecated: boxedTrue, }, - "fips-us-east-2": endpoint{ - Hostname: "ssm-fips.us-east-2.amazonaws.com", + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "guardduty-fips.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-east-2-fips", + }: endpoint{ + Hostname: "guardduty-fips.us-east-2.amazonaws.com", CredentialScope: credentialScope{ Region: "us-east-2", }, + Deprecated: boxedTrue, }, - "fips-us-west-1": endpoint{ - Hostname: "ssm-fips.us-west-1.amazonaws.com", + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "guardduty-fips.us-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-west-1-fips", + }: endpoint{ + Hostname: "guardduty-fips.us-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-west-1", }, + Deprecated: boxedTrue, }, - "fips-us-west-2": endpoint{ - Hostname: "ssm-fips.us-west-2.amazonaws.com", + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "guardduty-fips.us-west-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2-fips", + }: endpoint{ + Hostname: "guardduty-fips.us-west-2.amazonaws.com", CredentialScope: credentialScope{ Region: "us-west-2", }, + Deprecated: boxedTrue, }, - "me-south-1": endpoint{}, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, }, }, - "states": service{ - - Endpoints: endpoints{ - "af-south-1": endpoint{}, - "ap-east-1": endpoint{}, - "ap-northeast-1": endpoint{}, - "ap-northeast-2": endpoint{}, - "ap-south-1": endpoint{}, - "ap-southeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "ca-central-1": endpoint{}, - "eu-central-1": endpoint{}, - "eu-north-1": endpoint{}, - "eu-south-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "eu-west-3": endpoint{}, - "fips-us-east-1": endpoint{ - Hostname: "states-fips.us-east-1.amazonaws.com", + "health": service{ + PartitionEndpoint: "aws-global", + IsRegionalized: boxedFalse, + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + SSLCommonName: "health.us-east-1.amazonaws.com", + Protocols: []string{"https"}, + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "aws-global", + }: endpoint{ + Hostname: "global.health.amazonaws.com", CredentialScope: credentialScope{ Region: "us-east-1", }, }, - "fips-us-east-2": endpoint{ - Hostname: "states-fips.us-east-2.amazonaws.com", + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ + Hostname: "health-fips.us-east-2.amazonaws.com", CredentialScope: credentialScope{ Region: "us-east-2", }, + Deprecated: boxedTrue, }, - "fips-us-west-1": endpoint{ - Hostname: "states-fips.us-west-1.amazonaws.com", + endpointKey{ + Region: "us-east-2", + }: endpoint{ CredentialScope: credentialScope{ - Region: "us-west-1", + Region: "us-east-2", }, + Deprecated: boxedTrue, }, - "fips-us-west-2": endpoint{ - Hostname: "states-fips.us-west-2.amazonaws.com", + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "health-fips.us-east-2.amazonaws.com", CredentialScope: credentialScope{ - Region: "us-west-2", + Region: "us-east-2", }, + Deprecated: boxedTrue, }, - "me-south-1": endpoint{}, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, }, }, - "storagegateway": service{ - - Endpoints: endpoints{ - "af-south-1": endpoint{}, - "ap-east-1": endpoint{}, - "ap-northeast-1": endpoint{}, - "ap-northeast-2": endpoint{}, - "ap-south-1": endpoint{}, - "ap-southeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "ca-central-1": endpoint{}, - "eu-central-1": endpoint{}, - "eu-north-1": endpoint{}, - "eu-south-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "eu-west-3": endpoint{}, - "fips": endpoint{ - Hostname: "storagegateway-fips.ca-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, + "healthlake": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + Protocols: []string{"https"}, }, - "me-south-1": endpoint{}, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, }, }, - "streams.dynamodb": service{ - Defaults: endpoint{ - Protocols: []string{"http", "https"}, - CredentialScope: credentialScope{ - Service: "dynamodb", - }, - }, - Endpoints: endpoints{ - "ap-northeast-1": endpoint{}, - "ap-northeast-2": endpoint{}, - "ap-south-1": endpoint{}, - "ap-southeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "ca-central-1": endpoint{}, - "ca-central-1-fips": endpoint{ - Hostname: "dynamodb-fips.ca-central-1.amazonaws.com", + "honeycode": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + }, + }, + "iam": service{ + PartitionEndpoint: "aws-global", + IsRegionalized: boxedFalse, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "aws-global", + }: endpoint{ + Hostname: "iam.amazonaws.com", CredentialScope: credentialScope{ - Region: "ca-central-1", + Region: "us-east-1", }, }, - "eu-central-1": endpoint{}, - "eu-north-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "eu-west-3": endpoint{}, - "local": endpoint{ - Hostname: "localhost:8000", - Protocols: []string{"http"}, + endpointKey{ + Region: "aws-global", + Variant: fipsVariant, + }: endpoint{ + Hostname: "iam-fips.amazonaws.com", CredentialScope: credentialScope{ Region: "us-east-1", }, }, - "me-south-1": endpoint{}, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-1-fips": endpoint{ - Hostname: "dynamodb-fips.us-east-1.amazonaws.com", + endpointKey{ + Region: "aws-global-fips", + }: endpoint{ + Hostname: "iam-fips.amazonaws.com", CredentialScope: credentialScope{ Region: "us-east-1", }, + Deprecated: boxedTrue, }, - "us-east-2": endpoint{}, - "us-east-2-fips": endpoint{ - Hostname: "dynamodb-fips.us-east-2.amazonaws.com", + endpointKey{ + Region: "iam", + }: endpoint{ CredentialScope: credentialScope{ - Region: "us-east-2", + Region: "us-east-1", }, + Deprecated: boxedTrue, }, - "us-west-1": endpoint{}, - "us-west-1-fips": endpoint{ - Hostname: "dynamodb-fips.us-west-1.amazonaws.com", + endpointKey{ + Region: "iam", + Variant: fipsVariant, + }: endpoint{ + Hostname: "iam-fips.amazonaws.com", CredentialScope: credentialScope{ - Region: "us-west-1", + Region: "us-east-1", }, + Deprecated: boxedTrue, }, - "us-west-2": endpoint{}, - "us-west-2-fips": endpoint{ - Hostname: "dynamodb-fips.us-west-2.amazonaws.com", + endpointKey{ + Region: "iam-fips", + }: endpoint{ + Hostname: "iam-fips.amazonaws.com", CredentialScope: credentialScope{ - Region: "us-west-2", + Region: "us-east-1", }, + Deprecated: boxedTrue, }, }, }, - "sts": service{ - PartitionEndpoint: "aws-global", - - Endpoints: endpoints{ - "af-south-1": endpoint{}, - "ap-east-1": endpoint{}, - "ap-northeast-1": endpoint{}, - "ap-northeast-2": endpoint{}, - "ap-south-1": endpoint{}, - "ap-southeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "aws-global": endpoint{ - Hostname: "sts.amazonaws.com", + "identity-chime": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "identity-chime-fips.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-1-fips", + }: endpoint{ + Hostname: "identity-chime-fips.us-east-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-east-1", }, + Deprecated: boxedTrue, }, - "ca-central-1": endpoint{}, - "eu-central-1": endpoint{}, - "eu-north-1": endpoint{}, - "eu-south-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "eu-west-3": endpoint{}, - "me-south-1": endpoint{}, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-1-fips": endpoint{ - Hostname: "sts-fips.us-east-1.amazonaws.com", + }, + }, + "identitystore": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + }, + }, + "importexport": service{ + PartitionEndpoint: "aws-global", + IsRegionalized: boxedFalse, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "aws-global", + }: endpoint{ + Hostname: "importexport.amazonaws.com", + SignatureVersions: []string{"v2", "v4"}, + CredentialScope: credentialScope{ + Region: "us-east-1", + Service: "IngestionService", + }, + }, + }, + }, + "ingest.timestream": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "ingest-fips-us-east-1", + }: endpoint{ + Hostname: "ingest.timestream-fips.us-east-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-east-1", }, + Deprecated: boxedTrue, }, - "us-east-2": endpoint{}, - "us-east-2-fips": endpoint{ - Hostname: "sts-fips.us-east-2.amazonaws.com", + endpointKey{ + Region: "ingest-fips-us-east-2", + }: endpoint{ + Hostname: "ingest.timestream-fips.us-east-2.amazonaws.com", CredentialScope: credentialScope{ Region: "us-east-2", }, + Deprecated: boxedTrue, }, - "us-west-1": endpoint{}, - "us-west-1-fips": endpoint{ - Hostname: "sts-fips.us-west-1.amazonaws.com", + endpointKey{ + Region: "ingest-fips-us-west-2", + }: endpoint{ + Hostname: "ingest.timestream-fips.us-west-2.amazonaws.com", CredentialScope: credentialScope{ - Region: "us-west-1", + Region: "us-west-2", }, + Deprecated: boxedTrue, }, - "us-west-2": endpoint{}, - "us-west-2-fips": endpoint{ - Hostname: "sts-fips.us-west-2.amazonaws.com", + endpointKey{ + Region: "ingest-us-east-1", + }: endpoint{ CredentialScope: credentialScope{ - Region: "us-west-2", + Region: "us-east-1", }, + Deprecated: boxedTrue, }, - }, - }, - "support": service{ - PartitionEndpoint: "aws-global", - - Endpoints: endpoints{ - "aws-global": endpoint{ - Hostname: "support.us-east-1.amazonaws.com", + endpointKey{ + Region: "ingest-us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "ingest.timestream-fips.us-east-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-east-1", }, + Deprecated: boxedTrue, }, - }, - }, - "swf": service{ - - Endpoints: endpoints{ - "af-south-1": endpoint{}, - "ap-east-1": endpoint{}, - "ap-northeast-1": endpoint{}, - "ap-northeast-2": endpoint{}, - "ap-south-1": endpoint{}, - "ap-southeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "ca-central-1": endpoint{}, - "eu-central-1": endpoint{}, - "eu-north-1": endpoint{}, - "eu-south-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "eu-west-3": endpoint{}, - "fips-us-east-1": endpoint{ - Hostname: "swf-fips.us-east-1.amazonaws.com", + endpointKey{ + Region: "ingest-us-east-2", + }: endpoint{ CredentialScope: credentialScope{ - Region: "us-east-1", + Region: "us-east-2", }, + Deprecated: boxedTrue, }, - "fips-us-east-2": endpoint{ - Hostname: "swf-fips.us-east-2.amazonaws.com", + endpointKey{ + Region: "ingest-us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "ingest.timestream-fips.us-east-2.amazonaws.com", CredentialScope: credentialScope{ Region: "us-east-2", }, + Deprecated: boxedTrue, }, - "fips-us-west-1": endpoint{ - Hostname: "swf-fips.us-west-1.amazonaws.com", + endpointKey{ + Region: "ingest-us-west-2", + }: endpoint{ CredentialScope: credentialScope{ - Region: "us-west-1", + Region: "us-west-2", }, + Deprecated: boxedTrue, }, - "fips-us-west-2": endpoint{ - Hostname: "swf-fips.us-west-2.amazonaws.com", + endpointKey{ + Region: "ingest-us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "ingest.timestream-fips.us-west-2.amazonaws.com", CredentialScope: credentialScope{ Region: "us-west-2", }, + Deprecated: boxedTrue, }, - "me-south-1": endpoint{}, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, - }, - }, - "tagging": service{ - - Endpoints: endpoints{ - "af-south-1": endpoint{}, - "ap-east-1": endpoint{}, - "ap-northeast-1": endpoint{}, - "ap-northeast-2": endpoint{}, - "ap-south-1": endpoint{}, - "ap-southeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "ca-central-1": endpoint{}, - "eu-central-1": endpoint{}, - "eu-north-1": endpoint{}, - "eu-south-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "eu-west-3": endpoint{}, - "me-south-1": endpoint{}, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, }, }, - "transcribe": service{ - Defaults: endpoint{ - Protocols: []string{"https"}, - }, - Endpoints: endpoints{ - "ap-east-1": endpoint{}, - "ap-northeast-1": endpoint{}, - "ap-northeast-2": endpoint{}, - "ap-south-1": endpoint{}, - "ap-southeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "ca-central-1": endpoint{}, - "eu-central-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "eu-west-3": endpoint{}, - "fips-us-east-1": endpoint{ - Hostname: "fips.transcribe.us-east-1.amazonaws.com", + "inspector": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "inspector-fips.us-east-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-east-1", }, + Deprecated: boxedTrue, }, - "fips-us-east-2": endpoint{ - Hostname: "fips.transcribe.us-east-2.amazonaws.com", + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ + Hostname: "inspector-fips.us-east-2.amazonaws.com", CredentialScope: credentialScope{ Region: "us-east-2", }, + Deprecated: boxedTrue, }, - "fips-us-west-1": endpoint{ - Hostname: "fips.transcribe.us-west-1.amazonaws.com", + endpointKey{ + Region: "fips-us-west-1", + }: endpoint{ + Hostname: "inspector-fips.us-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-west-1", }, + Deprecated: boxedTrue, }, - "fips-us-west-2": endpoint{ - Hostname: "fips.transcribe.us-west-2.amazonaws.com", + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "inspector-fips.us-west-2.amazonaws.com", CredentialScope: credentialScope{ Region: "us-west-2", }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "inspector-fips.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "inspector-fips.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "inspector-fips.us-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "inspector-fips.us-west-2.amazonaws.com", }, - "me-south-1": endpoint{}, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, - }, - }, - "transcribestreaming": service{ - - Endpoints: endpoints{ - "ap-northeast-1": endpoint{}, - "ap-northeast-2": endpoint{}, - "ap-southeast-2": endpoint{}, - "ca-central-1": endpoint{}, - "eu-central-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-2": endpoint{}, }, }, - "transfer": service{ - - Endpoints: endpoints{ - "ap-northeast-1": endpoint{}, - "ap-northeast-2": endpoint{}, - "ap-south-1": endpoint{}, - "ap-southeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "ca-central-1": endpoint{}, - "eu-central-1": endpoint{}, - "eu-north-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "eu-west-3": endpoint{}, - "fips-ca-central-1": endpoint{ - Hostname: "transfer-fips.ca-central-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "ca-central-1", - }, - }, - "fips-us-east-1": endpoint{ - Hostname: "transfer-fips.us-east-1.amazonaws.com", + "inspector2": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "inspector2-fips.us-east-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-east-1", }, + Deprecated: boxedTrue, }, - "fips-us-east-2": endpoint{ - Hostname: "transfer-fips.us-east-2.amazonaws.com", + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ + Hostname: "inspector2-fips.us-east-2.amazonaws.com", CredentialScope: credentialScope{ Region: "us-east-2", }, + Deprecated: boxedTrue, }, - "fips-us-west-1": endpoint{ - Hostname: "transfer-fips.us-west-1.amazonaws.com", + endpointKey{ + Region: "fips-us-west-1", + }: endpoint{ + Hostname: "inspector2-fips.us-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-west-1", }, + Deprecated: boxedTrue, }, - "fips-us-west-2": endpoint{ - Hostname: "transfer-fips.us-west-2.amazonaws.com", + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "inspector2-fips.us-west-2.amazonaws.com", CredentialScope: credentialScope{ Region: "us-west-2", }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "inspector2-fips.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "inspector2-fips.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "inspector2-fips.us-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "inspector2-fips.us-west-2.amazonaws.com", + }, + }, + }, + "internetmonitor": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + DNSSuffix: "api.aws", + }, + defaultKey{ + Variant: fipsVariant, + }: endpoint{ + Hostname: "{service}-fips.{region}.{dnsSuffix}", + DNSSuffix: "api.aws", + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{ + Hostname: "internetmonitor.af-south-1.api.aws", + }, + endpointKey{ + Region: "ap-east-1", + }: endpoint{ + Hostname: "internetmonitor.ap-east-1.api.aws", + }, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{ + Hostname: "internetmonitor.ap-northeast-1.api.aws", + }, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{ + Hostname: "internetmonitor.ap-northeast-2.api.aws", + }, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{ + Hostname: "internetmonitor.ap-northeast-3.api.aws", + }, + endpointKey{ + Region: "ap-south-1", + }: endpoint{ + Hostname: "internetmonitor.ap-south-1.api.aws", + }, + endpointKey{ + Region: "ap-south-2", + }: endpoint{ + Hostname: "internetmonitor.ap-south-2.api.aws", + }, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{ + Hostname: "internetmonitor.ap-southeast-1.api.aws", + }, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{ + Hostname: "internetmonitor.ap-southeast-2.api.aws", + }, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{ + Hostname: "internetmonitor.ap-southeast-3.api.aws", + }, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{ + Hostname: "internetmonitor.ap-southeast-4.api.aws", + }, + endpointKey{ + Region: "ca-central-1", + }: endpoint{ + Hostname: "internetmonitor.ca-central-1.api.aws", + }, + endpointKey{ + Region: "ca-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "internetmonitor-fips.ca-central-1.amazonaws.com", + }, + endpointKey{ + Region: "ca-west-1", + }: endpoint{ + Hostname: "internetmonitor.ca-west-1.api.aws", + }, + endpointKey{ + Region: "eu-central-1", + }: endpoint{ + Hostname: "internetmonitor.eu-central-1.api.aws", + }, + endpointKey{ + Region: "eu-central-2", + }: endpoint{ + Hostname: "internetmonitor.eu-central-2.api.aws", + }, + endpointKey{ + Region: "eu-north-1", + }: endpoint{ + Hostname: "internetmonitor.eu-north-1.api.aws", + }, + endpointKey{ + Region: "eu-south-1", + }: endpoint{ + Hostname: "internetmonitor.eu-south-1.api.aws", + }, + endpointKey{ + Region: "eu-south-2", + }: endpoint{ + Hostname: "internetmonitor.eu-south-2.api.aws", + }, + endpointKey{ + Region: "eu-west-1", + }: endpoint{ + Hostname: "internetmonitor.eu-west-1.api.aws", + }, + endpointKey{ + Region: "eu-west-2", + }: endpoint{ + Hostname: "internetmonitor.eu-west-2.api.aws", + }, + endpointKey{ + Region: "eu-west-3", + }: endpoint{ + Hostname: "internetmonitor.eu-west-3.api.aws", + }, + endpointKey{ + Region: "il-central-1", + }: endpoint{ + Hostname: "internetmonitor.il-central-1.api.aws", + }, + endpointKey{ + Region: "me-central-1", + }: endpoint{ + Hostname: "internetmonitor.me-central-1.api.aws", + }, + endpointKey{ + Region: "me-south-1", + }: endpoint{ + Hostname: "internetmonitor.me-south-1.api.aws", + }, + endpointKey{ + Region: "sa-east-1", + }: endpoint{ + Hostname: "internetmonitor.sa-east-1.api.aws", + }, + endpointKey{ + Region: "us-east-1", + }: endpoint{ + Hostname: "internetmonitor.us-east-1.api.aws", + }, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "internetmonitor-fips.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{ + Hostname: "internetmonitor.us-east-2.api.aws", + }, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "internetmonitor-fips.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-1", + }: endpoint{ + Hostname: "internetmonitor.us-west-1.api.aws", + }, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "internetmonitor-fips.us-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{ + Hostname: "internetmonitor.us-west-2.api.aws", + }, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "internetmonitor-fips.us-west-2.amazonaws.com", }, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, }, }, - "translate": service{ - Defaults: endpoint{ - Protocols: []string{"https"}, - }, - Endpoints: endpoints{ - "ap-east-1": endpoint{}, - "ap-northeast-1": endpoint{}, - "ap-northeast-2": endpoint{}, - "ap-south-1": endpoint{}, - "ap-southeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "ca-central-1": endpoint{}, - "eu-central-1": endpoint{}, - "eu-north-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "eu-west-3": endpoint{}, - "us-east-1": endpoint{}, - "us-east-1-fips": endpoint{ - Hostname: "translate-fips.us-east-1.amazonaws.com", + "iot": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "iot-fips.ca-central-1.amazonaws.com", + }, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "fips-ca-central-1", + }: endpoint{ + Hostname: "iot-fips.ca-central-1.amazonaws.com", + + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "iot-fips.us-east-1.amazonaws.com", + + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ + Hostname: "iot-fips.us-east-2.amazonaws.com", + + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-1", + }: endpoint{ + Hostname: "iot-fips.us-west-1.amazonaws.com", + + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "iot-fips.us-west-2.amazonaws.com", + + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "iot-fips.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "iot-fips.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "iot-fips.us-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "iot-fips.us-west-2.amazonaws.com", + }, + }, + }, + "iotanalytics": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + }, + }, + "iotevents": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "iotevents-fips.ca-central-1.amazonaws.com", + }, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "fips-ca-central-1", + }: endpoint{ + Hostname: "iotevents-fips.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "iotevents-fips.us-east-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-east-1", }, + Deprecated: boxedTrue, }, - "us-east-2": endpoint{}, - "us-east-2-fips": endpoint{ - Hostname: "translate-fips.us-east-2.amazonaws.com", + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ + Hostname: "iotevents-fips.us-east-2.amazonaws.com", CredentialScope: credentialScope{ Region: "us-east-2", }, + Deprecated: boxedTrue, }, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, - "us-west-2-fips": endpoint{ - Hostname: "translate-fips.us-west-2.amazonaws.com", + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "iotevents-fips.us-west-2.amazonaws.com", CredentialScope: credentialScope{ Region: "us-west-2", }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "iotevents-fips.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "iotevents-fips.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "iotevents-fips.us-west-2.amazonaws.com", }, }, }, - "waf": service{ - PartitionEndpoint: "aws-global", - IsRegionalized: boxedFalse, - - Endpoints: endpoints{ - "aws-fips": endpoint{ - Hostname: "waf-fips.amazonaws.com", + "ioteventsdata": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{ + Hostname: "data.iotevents.ap-northeast-1.amazonaws.com", CredentialScope: credentialScope{ - Region: "us-east-1", + Region: "ap-northeast-1", }, }, - "aws-global": endpoint{ - Hostname: "waf.amazonaws.com", + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{ + Hostname: "data.iotevents.ap-northeast-2.amazonaws.com", CredentialScope: credentialScope{ - Region: "us-east-1", + Region: "ap-northeast-2", }, }, - }, - }, - "waf-regional": service{ - - Endpoints: endpoints{ - "af-south-1": endpoint{ - Hostname: "waf-regional.af-south-1.amazonaws.com", + endpointKey{ + Region: "ap-south-1", + }: endpoint{ + Hostname: "data.iotevents.ap-south-1.amazonaws.com", CredentialScope: credentialScope{ - Region: "af-south-1", + Region: "ap-south-1", }, }, - "ap-east-1": endpoint{ - Hostname: "waf-regional.ap-east-1.amazonaws.com", + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{ + Hostname: "data.iotevents.ap-southeast-1.amazonaws.com", CredentialScope: credentialScope{ - Region: "ap-east-1", + Region: "ap-southeast-1", }, }, - "ap-northeast-1": endpoint{ - Hostname: "waf-regional.ap-northeast-1.amazonaws.com", + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{ + Hostname: "data.iotevents.ap-southeast-2.amazonaws.com", CredentialScope: credentialScope{ - Region: "ap-northeast-1", + Region: "ap-southeast-2", }, }, - "ap-northeast-2": endpoint{ - Hostname: "waf-regional.ap-northeast-2.amazonaws.com", + endpointKey{ + Region: "ca-central-1", + }: endpoint{ + Hostname: "data.iotevents.ca-central-1.amazonaws.com", CredentialScope: credentialScope{ - Region: "ap-northeast-2", + Region: "ca-central-1", }, }, - "ap-south-1": endpoint{ - Hostname: "waf-regional.ap-south-1.amazonaws.com", + endpointKey{ + Region: "ca-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "data.iotevents-fips.ca-central-1.amazonaws.com", CredentialScope: credentialScope{ - Region: "ap-south-1", + Region: "ca-central-1", }, }, - "ap-southeast-1": endpoint{ - Hostname: "waf-regional.ap-southeast-1.amazonaws.com", + endpointKey{ + Region: "eu-central-1", + }: endpoint{ + Hostname: "data.iotevents.eu-central-1.amazonaws.com", CredentialScope: credentialScope{ - Region: "ap-southeast-1", + Region: "eu-central-1", }, }, - "ap-southeast-2": endpoint{ - Hostname: "waf-regional.ap-southeast-2.amazonaws.com", + endpointKey{ + Region: "eu-west-1", + }: endpoint{ + Hostname: "data.iotevents.eu-west-1.amazonaws.com", CredentialScope: credentialScope{ - Region: "ap-southeast-2", + Region: "eu-west-1", }, }, - "ca-central-1": endpoint{ - Hostname: "waf-regional.ca-central-1.amazonaws.com", + endpointKey{ + Region: "eu-west-2", + }: endpoint{ + Hostname: "data.iotevents.eu-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-west-2", + }, + }, + endpointKey{ + Region: "fips-ca-central-1", + }: endpoint{ + Hostname: "data.iotevents-fips.ca-central-1.amazonaws.com", CredentialScope: credentialScope{ Region: "ca-central-1", }, + Deprecated: boxedTrue, }, - "eu-central-1": endpoint{ - Hostname: "waf-regional.eu-central-1.amazonaws.com", + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "data.iotevents-fips.us-east-1.amazonaws.com", CredentialScope: credentialScope{ - Region: "eu-central-1", + Region: "us-east-1", }, + Deprecated: boxedTrue, }, - "eu-north-1": endpoint{ - Hostname: "waf-regional.eu-north-1.amazonaws.com", + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ + Hostname: "data.iotevents-fips.us-east-2.amazonaws.com", CredentialScope: credentialScope{ - Region: "eu-north-1", + Region: "us-east-2", }, + Deprecated: boxedTrue, }, - "eu-south-1": endpoint{ - Hostname: "waf-regional.eu-south-1.amazonaws.com", + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "data.iotevents-fips.us-west-2.amazonaws.com", CredentialScope: credentialScope{ - Region: "eu-south-1", + Region: "us-west-2", }, + Deprecated: boxedTrue, }, - "eu-west-1": endpoint{ - Hostname: "waf-regional.eu-west-1.amazonaws.com", + endpointKey{ + Region: "us-east-1", + }: endpoint{ + Hostname: "data.iotevents.us-east-1.amazonaws.com", CredentialScope: credentialScope{ - Region: "eu-west-1", + Region: "us-east-1", }, }, - "eu-west-2": endpoint{ - Hostname: "waf-regional.eu-west-2.amazonaws.com", + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "data.iotevents-fips.us-east-1.amazonaws.com", CredentialScope: credentialScope{ - Region: "eu-west-2", + Region: "us-east-1", }, }, - "eu-west-3": endpoint{ - Hostname: "waf-regional.eu-west-3.amazonaws.com", + endpointKey{ + Region: "us-east-2", + }: endpoint{ + Hostname: "data.iotevents.us-east-2.amazonaws.com", CredentialScope: credentialScope{ - Region: "eu-west-3", + Region: "us-east-2", }, }, - "fips-af-south-1": endpoint{ - Hostname: "waf-regional-fips.af-south-1.amazonaws.com", + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "data.iotevents-fips.us-east-2.amazonaws.com", CredentialScope: credentialScope{ - Region: "af-south-1", + Region: "us-east-2", }, }, - "fips-ap-east-1": endpoint{ - Hostname: "waf-regional-fips.ap-east-1.amazonaws.com", + endpointKey{ + Region: "us-west-2", + }: endpoint{ + Hostname: "data.iotevents.us-west-2.amazonaws.com", CredentialScope: credentialScope{ - Region: "ap-east-1", + Region: "us-west-2", }, }, - "fips-ap-northeast-1": endpoint{ - Hostname: "waf-regional-fips.ap-northeast-1.amazonaws.com", + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "data.iotevents-fips.us-west-2.amazonaws.com", CredentialScope: credentialScope{ - Region: "ap-northeast-1", + Region: "us-west-2", }, }, - "fips-ap-northeast-2": endpoint{ - Hostname: "waf-regional-fips.ap-northeast-2.amazonaws.com", + }, + }, + "iotfleetwise": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + }, + }, + "iotsecuredtunneling": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{}, + defaultKey{ + Variant: fipsVariant, + }: endpoint{ + Hostname: "api.tunneling.iot-fips.{region}.{dnsSuffix}", + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "api.tunneling.iot-fips.ca-central-1.amazonaws.com", + }, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "fips-ca-central-1", + }: endpoint{ + Hostname: "api.tunneling.iot-fips.ca-central-1.amazonaws.com", CredentialScope: credentialScope{ - Region: "ap-northeast-2", + Region: "ca-central-1", }, + Deprecated: boxedTrue, }, - "fips-ap-south-1": endpoint{ - Hostname: "waf-regional-fips.ap-south-1.amazonaws.com", + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "api.tunneling.iot-fips.us-east-1.amazonaws.com", CredentialScope: credentialScope{ - Region: "ap-south-1", + Region: "us-east-1", }, + Deprecated: boxedTrue, }, - "fips-ap-southeast-1": endpoint{ - Hostname: "waf-regional-fips.ap-southeast-1.amazonaws.com", + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ + Hostname: "api.tunneling.iot-fips.us-east-2.amazonaws.com", CredentialScope: credentialScope{ - Region: "ap-southeast-1", + Region: "us-east-2", }, + Deprecated: boxedTrue, }, - "fips-ap-southeast-2": endpoint{ - Hostname: "waf-regional-fips.ap-southeast-2.amazonaws.com", + endpointKey{ + Region: "fips-us-west-1", + }: endpoint{ + Hostname: "api.tunneling.iot-fips.us-west-1.amazonaws.com", CredentialScope: credentialScope{ - Region: "ap-southeast-2", + Region: "us-west-1", }, + Deprecated: boxedTrue, }, - "fips-ca-central-1": endpoint{ - Hostname: "waf-regional-fips.ca-central-1.amazonaws.com", + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "api.tunneling.iot-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "api.tunneling.iot-fips.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "api.tunneling.iot-fips.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "api.tunneling.iot-fips.us-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "api.tunneling.iot-fips.us-west-2.amazonaws.com", + }, + }, + }, + "iotsitewise": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "iotsitewise-fips.ca-central-1.amazonaws.com", + }, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "fips-ca-central-1", + }: endpoint{ + Hostname: "iotsitewise-fips.ca-central-1.amazonaws.com", CredentialScope: credentialScope{ Region: "ca-central-1", }, + Deprecated: boxedTrue, }, - "fips-eu-central-1": endpoint{ - Hostname: "waf-regional-fips.eu-central-1.amazonaws.com", + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "iotsitewise-fips.us-east-1.amazonaws.com", CredentialScope: credentialScope{ - Region: "eu-central-1", + Region: "us-east-1", }, + Deprecated: boxedTrue, }, - "fips-eu-north-1": endpoint{ - Hostname: "waf-regional-fips.eu-north-1.amazonaws.com", + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ + Hostname: "iotsitewise-fips.us-east-2.amazonaws.com", CredentialScope: credentialScope{ - Region: "eu-north-1", + Region: "us-east-2", }, + Deprecated: boxedTrue, }, - "fips-eu-south-1": endpoint{ - Hostname: "waf-regional-fips.eu-south-1.amazonaws.com", + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "iotsitewise-fips.us-west-2.amazonaws.com", CredentialScope: credentialScope{ - Region: "eu-south-1", + Region: "us-west-2", }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "iotsitewise-fips.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "iotsitewise-fips.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "iotsitewise-fips.us-west-2.amazonaws.com", }, - "fips-eu-west-1": endpoint{ - Hostname: "waf-regional-fips.eu-west-1.amazonaws.com", + }, + }, + "iotthingsgraph": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + CredentialScope: credentialScope{ + Service: "iotthingsgraph", + }, + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + }, + }, + "iottwinmaker": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "api-ap-northeast-1", + }: endpoint{ + Hostname: "api.iottwinmaker.ap-northeast-1.amazonaws.com", CredentialScope: credentialScope{ - Region: "eu-west-1", + Region: "ap-northeast-1", }, }, - "fips-eu-west-2": endpoint{ - Hostname: "waf-regional-fips.eu-west-2.amazonaws.com", + endpointKey{ + Region: "api-ap-northeast-2", + }: endpoint{ + Hostname: "api.iottwinmaker.ap-northeast-2.amazonaws.com", CredentialScope: credentialScope{ - Region: "eu-west-2", + Region: "ap-northeast-2", }, }, - "fips-eu-west-3": endpoint{ - Hostname: "waf-regional-fips.eu-west-3.amazonaws.com", + endpointKey{ + Region: "api-ap-south-1", + }: endpoint{ + Hostname: "api.iottwinmaker.ap-south-1.amazonaws.com", CredentialScope: credentialScope{ - Region: "eu-west-3", + Region: "ap-south-1", }, }, - "fips-me-south-1": endpoint{ - Hostname: "waf-regional-fips.me-south-1.amazonaws.com", + endpointKey{ + Region: "api-ap-southeast-1", + }: endpoint{ + Hostname: "api.iottwinmaker.ap-southeast-1.amazonaws.com", CredentialScope: credentialScope{ - Region: "me-south-1", + Region: "ap-southeast-1", }, }, - "fips-sa-east-1": endpoint{ - Hostname: "waf-regional-fips.sa-east-1.amazonaws.com", + endpointKey{ + Region: "api-ap-southeast-2", + }: endpoint{ + Hostname: "api.iottwinmaker.ap-southeast-2.amazonaws.com", CredentialScope: credentialScope{ - Region: "sa-east-1", + Region: "ap-southeast-2", }, }, - "fips-us-east-1": endpoint{ - Hostname: "waf-regional-fips.us-east-1.amazonaws.com", + endpointKey{ + Region: "api-eu-central-1", + }: endpoint{ + Hostname: "api.iottwinmaker.eu-central-1.amazonaws.com", CredentialScope: credentialScope{ - Region: "us-east-1", + Region: "eu-central-1", }, }, - "fips-us-east-2": endpoint{ - Hostname: "waf-regional-fips.us-east-2.amazonaws.com", + endpointKey{ + Region: "api-eu-west-1", + }: endpoint{ + Hostname: "api.iottwinmaker.eu-west-1.amazonaws.com", CredentialScope: credentialScope{ - Region: "us-east-2", + Region: "eu-west-1", }, }, - "fips-us-west-1": endpoint{ - Hostname: "waf-regional-fips.us-west-1.amazonaws.com", + endpointKey{ + Region: "api-us-east-1", + }: endpoint{ + Hostname: "api.iottwinmaker.us-east-1.amazonaws.com", CredentialScope: credentialScope{ - Region: "us-west-1", + Region: "us-east-1", }, }, - "fips-us-west-2": endpoint{ - Hostname: "waf-regional-fips.us-west-2.amazonaws.com", + endpointKey{ + Region: "api-us-west-2", + }: endpoint{ + Hostname: "api.iottwinmaker.us-west-2.amazonaws.com", CredentialScope: credentialScope{ Region: "us-west-2", }, }, - "me-south-1": endpoint{ - Hostname: "waf-regional.me-south-1.amazonaws.com", + endpointKey{ + Region: "data-ap-northeast-1", + }: endpoint{ + Hostname: "data.iottwinmaker.ap-northeast-1.amazonaws.com", CredentialScope: credentialScope{ - Region: "me-south-1", + Region: "ap-northeast-1", }, }, - "sa-east-1": endpoint{ - Hostname: "waf-regional.sa-east-1.amazonaws.com", + endpointKey{ + Region: "data-ap-northeast-2", + }: endpoint{ + Hostname: "data.iottwinmaker.ap-northeast-2.amazonaws.com", CredentialScope: credentialScope{ - Region: "sa-east-1", + Region: "ap-northeast-2", }, }, - "us-east-1": endpoint{ - Hostname: "waf-regional.us-east-1.amazonaws.com", + endpointKey{ + Region: "data-ap-south-1", + }: endpoint{ + Hostname: "data.iottwinmaker.ap-south-1.amazonaws.com", CredentialScope: credentialScope{ - Region: "us-east-1", + Region: "ap-south-1", }, }, - "us-east-2": endpoint{ - Hostname: "waf-regional.us-east-2.amazonaws.com", + endpointKey{ + Region: "data-ap-southeast-1", + }: endpoint{ + Hostname: "data.iottwinmaker.ap-southeast-1.amazonaws.com", CredentialScope: credentialScope{ - Region: "us-east-2", + Region: "ap-southeast-1", }, }, - "us-west-1": endpoint{ - Hostname: "waf-regional.us-west-1.amazonaws.com", + endpointKey{ + Region: "data-ap-southeast-2", + }: endpoint{ + Hostname: "data.iottwinmaker.ap-southeast-2.amazonaws.com", CredentialScope: credentialScope{ - Region: "us-west-1", + Region: "ap-southeast-2", }, }, - "us-west-2": endpoint{ - Hostname: "waf-regional.us-west-2.amazonaws.com", + endpointKey{ + Region: "data-eu-central-1", + }: endpoint{ + Hostname: "data.iottwinmaker.eu-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-central-1", + }, + }, + endpointKey{ + Region: "data-eu-west-1", + }: endpoint{ + Hostname: "data.iottwinmaker.eu-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-west-1", + }, + }, + endpointKey{ + Region: "data-us-east-1", + }: endpoint{ + Hostname: "data.iottwinmaker.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + endpointKey{ + Region: "data-us-west-2", + }: endpoint{ + Hostname: "data.iottwinmaker.us-west-2.amazonaws.com", CredentialScope: credentialScope{ Region: "us-west-2", }, }, - }, - }, - "workdocs": service{ - - Endpoints: endpoints{ - "ap-northeast-1": endpoint{}, - "ap-southeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "eu-west-1": endpoint{}, - "fips-us-east-1": endpoint{ - Hostname: "workdocs-fips.us-east-1.amazonaws.com", + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "fips-api-us-east-1", + }: endpoint{ + Hostname: "api.iottwinmaker-fips.us-east-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-east-1", }, }, - "fips-us-west-2": endpoint{ - Hostname: "workdocs-fips.us-west-2.amazonaws.com", + endpointKey{ + Region: "fips-api-us-west-2", + }: endpoint{ + Hostname: "api.iottwinmaker-fips.us-west-2.amazonaws.com", CredentialScope: credentialScope{ Region: "us-west-2", }, }, - "us-east-1": endpoint{}, - "us-west-2": endpoint{}, - }, - }, - "workmail": service{ - Defaults: endpoint{ - Protocols: []string{"https"}, - }, - Endpoints: endpoints{ - "eu-west-1": endpoint{}, - "us-east-1": endpoint{}, - "us-west-2": endpoint{}, - }, - }, - "workspaces": service{ - - Endpoints: endpoints{ - "ap-northeast-1": endpoint{}, - "ap-northeast-2": endpoint{}, - "ap-southeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "ca-central-1": endpoint{}, - "eu-central-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "fips-us-east-1": endpoint{ - Hostname: "workspaces-fips.us-east-1.amazonaws.com", + endpointKey{ + Region: "fips-data-us-east-1", + }: endpoint{ + Hostname: "data.iottwinmaker-fips.us-east-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-east-1", }, }, - "fips-us-west-2": endpoint{ - Hostname: "workspaces-fips.us-west-2.amazonaws.com", + endpointKey{ + Region: "fips-data-us-west-2", + }: endpoint{ + Hostname: "data.iottwinmaker-fips.us-west-2.amazonaws.com", CredentialScope: credentialScope{ Region: "us-west-2", }, }, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-west-2": endpoint{}, + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "iottwinmaker-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "iottwinmaker-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "iottwinmaker-fips.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "iottwinmaker-fips.us-west-2.amazonaws.com", + }, + }, + }, + "iotwireless": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{ + Hostname: "api.iotwireless.ap-northeast-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-northeast-1", + }, + }, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{ + Hostname: "api.iotwireless.ap-southeast-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-southeast-2", + }, + }, + endpointKey{ + Region: "eu-west-1", + }: endpoint{ + Hostname: "api.iotwireless.eu-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-west-1", + }, + }, + endpointKey{ + Region: "us-east-1", + }: endpoint{ + Hostname: "api.iotwireless.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{ + Hostname: "api.iotwireless.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, + }, + }, + "ivs": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + }, + }, + "ivschat": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + }, + }, + "ivsrealtime": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + }, + }, + "kafka": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "kafka-fips.ca-central-1.amazonaws.com", + }, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "fips-ca-central-1", + }: endpoint{ + Hostname: "kafka-fips.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "kafka-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ + Hostname: "kafka-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-1", + }: endpoint{ + Hostname: "kafka-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "kafka-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "kafka-fips.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "kafka-fips.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "kafka-fips.us-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "kafka-fips.us-west-2.amazonaws.com", + }, + }, + }, + "kafkaconnect": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + }, + }, + "kendra": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "kendra-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ + Hostname: "kendra-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "kendra-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "kendra-fips.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "kendra-fips.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "kendra-fips.us-west-2.amazonaws.com", + }, + }, + }, + "kendra-ranking": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + DNSSuffix: "api.aws", + }, + defaultKey{ + Variant: fipsVariant, + }: endpoint{ + Hostname: "{service}-fips.{region}.{dnsSuffix}", + DNSSuffix: "api.aws", + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{ + Hostname: "kendra-ranking.af-south-1.api.aws", + }, + endpointKey{ + Region: "ap-east-1", + }: endpoint{ + Hostname: "kendra-ranking.ap-east-1.api.aws", + }, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{ + Hostname: "kendra-ranking.ap-northeast-1.api.aws", + }, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{ + Hostname: "kendra-ranking.ap-northeast-2.api.aws", + }, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{ + Hostname: "kendra-ranking.ap-northeast-3.api.aws", + }, + endpointKey{ + Region: "ap-south-1", + }: endpoint{ + Hostname: "kendra-ranking.ap-south-1.api.aws", + }, + endpointKey{ + Region: "ap-south-2", + }: endpoint{ + Hostname: "kendra-ranking.ap-south-2.api.aws", + }, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{ + Hostname: "kendra-ranking.ap-southeast-1.api.aws", + }, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{ + Hostname: "kendra-ranking.ap-southeast-2.api.aws", + }, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{ + Hostname: "kendra-ranking.ap-southeast-3.api.aws", + }, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{ + Hostname: "kendra-ranking.ap-southeast-4.api.aws", + }, + endpointKey{ + Region: "ca-central-1", + }: endpoint{ + Hostname: "kendra-ranking.ca-central-1.api.aws", + }, + endpointKey{ + Region: "ca-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "kendra-ranking-fips.ca-central-1.api.aws", + }, + endpointKey{ + Region: "ca-west-1", + }: endpoint{ + Hostname: "kendra-ranking.ca-west-1.api.aws", + }, + endpointKey{ + Region: "eu-central-2", + }: endpoint{ + Hostname: "kendra-ranking.eu-central-2.api.aws", + }, + endpointKey{ + Region: "eu-north-1", + }: endpoint{ + Hostname: "kendra-ranking.eu-north-1.api.aws", + }, + endpointKey{ + Region: "eu-south-1", + }: endpoint{ + Hostname: "kendra-ranking.eu-south-1.api.aws", + }, + endpointKey{ + Region: "eu-south-2", + }: endpoint{ + Hostname: "kendra-ranking.eu-south-2.api.aws", + }, + endpointKey{ + Region: "eu-west-1", + }: endpoint{ + Hostname: "kendra-ranking.eu-west-1.api.aws", + }, + endpointKey{ + Region: "eu-west-3", + }: endpoint{ + Hostname: "kendra-ranking.eu-west-3.api.aws", + }, + endpointKey{ + Region: "il-central-1", + }: endpoint{ + Hostname: "kendra-ranking.il-central-1.api.aws", + }, + endpointKey{ + Region: "me-central-1", + }: endpoint{ + Hostname: "kendra-ranking.me-central-1.api.aws", + }, + endpointKey{ + Region: "me-south-1", + }: endpoint{ + Hostname: "kendra-ranking.me-south-1.api.aws", + }, + endpointKey{ + Region: "sa-east-1", + }: endpoint{ + Hostname: "kendra-ranking.sa-east-1.api.aws", + }, + endpointKey{ + Region: "us-east-1", + }: endpoint{ + Hostname: "kendra-ranking.us-east-1.api.aws", + }, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "kendra-ranking-fips.us-east-1.api.aws", + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{ + Hostname: "kendra-ranking.us-east-2.api.aws", + }, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "kendra-ranking-fips.us-east-2.api.aws", + }, + endpointKey{ + Region: "us-west-1", + }: endpoint{ + Hostname: "kendra-ranking.us-west-1.api.aws", + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{ + Hostname: "kendra-ranking.us-west-2.api.aws", + }, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "kendra-ranking-fips.us-west-2.api.aws", + }, + }, + }, + "kinesis": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "kinesis-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ + Hostname: "kinesis-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-1", + }: endpoint{ + Hostname: "kinesis-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "kinesis-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "kinesis-fips.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "kinesis-fips.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "kinesis-fips.us-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "kinesis-fips.us-west-2.amazonaws.com", + }, + }, + }, + "kinesisanalytics": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + }, + }, + "kinesisvideo": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + }, + }, + "kms": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ProdFips", + }: endpoint{ + Hostname: "kms-fips.eu-central-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-central-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "af-south-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "kms-fips.af-south-1.amazonaws.com", + }, + endpointKey{ + Region: "af-south-1-fips", + }: endpoint{ + Hostname: "kms-fips.af-south-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "af-south-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "kms-fips.ap-east-1.amazonaws.com", + }, + endpointKey{ + Region: "ap-east-1-fips", + }: endpoint{ + Hostname: "kms-fips.ap-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "kms-fips.ap-northeast-1.amazonaws.com", + }, + endpointKey{ + Region: "ap-northeast-1-fips", + }: endpoint{ + Hostname: "kms-fips.ap-northeast-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-northeast-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "kms-fips.ap-northeast-2.amazonaws.com", + }, + endpointKey{ + Region: "ap-northeast-2-fips", + }: endpoint{ + Hostname: "kms-fips.ap-northeast-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-northeast-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + Variant: fipsVariant, + }: endpoint{ + Hostname: "kms-fips.ap-northeast-3.amazonaws.com", + }, + endpointKey{ + Region: "ap-northeast-3-fips", + }: endpoint{ + Hostname: "kms-fips.ap-northeast-3.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-northeast-3", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "kms-fips.ap-south-1.amazonaws.com", + }, + endpointKey{ + Region: "ap-south-1-fips", + }: endpoint{ + Hostname: "kms-fips.ap-south-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-south-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "kms-fips.ap-south-2.amazonaws.com", + }, + endpointKey{ + Region: "ap-south-2-fips", + }: endpoint{ + Hostname: "kms-fips.ap-south-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-south-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "kms-fips.ap-southeast-1.amazonaws.com", + }, + endpointKey{ + Region: "ap-southeast-1-fips", + }: endpoint{ + Hostname: "kms-fips.ap-southeast-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-southeast-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "kms-fips.ap-southeast-2.amazonaws.com", + }, + endpointKey{ + Region: "ap-southeast-2-fips", + }: endpoint{ + Hostname: "kms-fips.ap-southeast-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-southeast-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + Variant: fipsVariant, + }: endpoint{ + Hostname: "kms-fips.ap-southeast-3.amazonaws.com", + }, + endpointKey{ + Region: "ap-southeast-3-fips", + }: endpoint{ + Hostname: "kms-fips.ap-southeast-3.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-southeast-3", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + Variant: fipsVariant, + }: endpoint{ + Hostname: "kms-fips.ap-southeast-4.amazonaws.com", + }, + endpointKey{ + Region: "ap-southeast-4-fips", + }: endpoint{ + Hostname: "kms-fips.ap-southeast-4.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-southeast-4", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "kms-fips.ca-central-1.amazonaws.com", + }, + endpointKey{ + Region: "ca-central-1-fips", + }: endpoint{ + Hostname: "kms-fips.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "kms-fips.ca-west-1.amazonaws.com", + }, + endpointKey{ + Region: "ca-west-1-fips", + }: endpoint{ + Hostname: "kms-fips.ca-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "kms-fips.eu-central-1.amazonaws.com", + }, + endpointKey{ + Region: "eu-central-1-fips", + }: endpoint{ + Hostname: "kms-fips.eu-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-central-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "kms-fips.eu-central-2.amazonaws.com", + }, + endpointKey{ + Region: "eu-central-2-fips", + }: endpoint{ + Hostname: "kms-fips.eu-central-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-central-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "kms-fips.eu-north-1.amazonaws.com", + }, + endpointKey{ + Region: "eu-north-1-fips", + }: endpoint{ + Hostname: "kms-fips.eu-north-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-north-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "kms-fips.eu-south-1.amazonaws.com", + }, + endpointKey{ + Region: "eu-south-1-fips", + }: endpoint{ + Hostname: "kms-fips.eu-south-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-south-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "kms-fips.eu-south-2.amazonaws.com", + }, + endpointKey{ + Region: "eu-south-2-fips", + }: endpoint{ + Hostname: "kms-fips.eu-south-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-south-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "kms-fips.eu-west-1.amazonaws.com", + }, + endpointKey{ + Region: "eu-west-1-fips", + }: endpoint{ + Hostname: "kms-fips.eu-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "kms-fips.eu-west-2.amazonaws.com", + }, + endpointKey{ + Region: "eu-west-2-fips", + }: endpoint{ + Hostname: "kms-fips.eu-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-west-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + Variant: fipsVariant, + }: endpoint{ + Hostname: "kms-fips.eu-west-3.amazonaws.com", + }, + endpointKey{ + Region: "eu-west-3-fips", + }: endpoint{ + Hostname: "kms-fips.eu-west-3.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-west-3", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "il-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "kms-fips.il-central-1.amazonaws.com", + }, + endpointKey{ + Region: "il-central-1-fips", + }: endpoint{ + Hostname: "kms-fips.il-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "il-central-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "kms-fips.me-central-1.amazonaws.com", + }, + endpointKey{ + Region: "me-central-1-fips", + }: endpoint{ + Hostname: "kms-fips.me-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "me-central-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "kms-fips.me-south-1.amazonaws.com", + }, + endpointKey{ + Region: "me-south-1-fips", + }: endpoint{ + Hostname: "kms-fips.me-south-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "me-south-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "kms-fips.sa-east-1.amazonaws.com", + }, + endpointKey{ + Region: "sa-east-1-fips", + }: endpoint{ + Hostname: "kms-fips.sa-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "sa-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "kms-fips.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-1-fips", + }: endpoint{ + Hostname: "kms-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "kms-fips.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-east-2-fips", + }: endpoint{ + Hostname: "kms-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "kms-fips.us-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-west-1-fips", + }: endpoint{ + Hostname: "kms-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "kms-fips.us-west-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2-fips", + }: endpoint{ + Hostname: "kms-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, + }, + }, + "lakeformation": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "lakeformation-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ + Hostname: "lakeformation-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-1", + }: endpoint{ + Hostname: "lakeformation-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "lakeformation-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "lakeformation-fips.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "lakeformation-fips.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "lakeformation-fips.us-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "lakeformation-fips.us-west-2.amazonaws.com", + }, + }, + }, + "lambda": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "af-south-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "lambda.af-south-1.api.aws", + }, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "lambda.ap-east-1.api.aws", + }, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "lambda.ap-northeast-1.api.aws", + }, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "lambda.ap-northeast-2.api.aws", + }, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "lambda.ap-northeast-3.api.aws", + }, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "lambda.ap-south-1.api.aws", + }, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "lambda.ap-south-2.api.aws", + }, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "lambda.ap-southeast-1.api.aws", + }, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "lambda.ap-southeast-2.api.aws", + }, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "lambda.ap-southeast-3.api.aws", + }, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "lambda.ap-southeast-4.api.aws", + }, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "lambda.ca-central-1.api.aws", + }, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "lambda.ca-west-1.api.aws", + }, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "lambda.eu-central-1.api.aws", + }, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "lambda.eu-central-2.api.aws", + }, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "lambda.eu-north-1.api.aws", + }, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "lambda.eu-south-1.api.aws", + }, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "lambda.eu-south-2.api.aws", + }, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "lambda.eu-west-1.api.aws", + }, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "lambda.eu-west-2.api.aws", + }, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "lambda.eu-west-3.api.aws", + }, + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "lambda-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ + Hostname: "lambda-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-1", + }: endpoint{ + Hostname: "lambda-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "lambda-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "il-central-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "lambda.il-central-1.api.aws", + }, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "lambda.me-central-1.api.aws", + }, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "lambda.me-south-1.api.aws", + }, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "lambda.sa-east-1.api.aws", + }, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "lambda.us-east-1.api.aws", + }, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "lambda-fips.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "lambda.us-east-2.api.aws", + }, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "lambda-fips.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "lambda.us-west-1.api.aws", + }, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "lambda-fips.us-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "lambda.us-west-2.api.aws", + }, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "lambda-fips.us-west-2.amazonaws.com", + }, + }, + }, + "license-manager": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "license-manager-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ + Hostname: "license-manager-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-1", + }: endpoint{ + Hostname: "license-manager-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "license-manager-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "license-manager-fips.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "license-manager-fips.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "license-manager-fips.us-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "license-manager-fips.us-west-2.amazonaws.com", + }, + }, + }, + "license-manager-linux-subscriptions": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "license-manager-linux-subscriptions-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ + Hostname: "license-manager-linux-subscriptions-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-1", + }: endpoint{ + Hostname: "license-manager-linux-subscriptions-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "license-manager-linux-subscriptions-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "license-manager-linux-subscriptions-fips.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "license-manager-linux-subscriptions-fips.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "license-manager-linux-subscriptions-fips.us-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "license-manager-linux-subscriptions-fips.us-west-2.amazonaws.com", + }, + }, + }, + "license-manager-user-subscriptions": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "license-manager-user-subscriptions-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ + Hostname: "license-manager-user-subscriptions-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-1", + }: endpoint{ + Hostname: "license-manager-user-subscriptions-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "license-manager-user-subscriptions-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "license-manager-user-subscriptions-fips.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "license-manager-user-subscriptions-fips.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "license-manager-user-subscriptions-fips.us-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "license-manager-user-subscriptions-fips.us-west-2.amazonaws.com", + }, + }, + }, + "lightsail": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + }, + }, + "logs": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "af-south-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "logs.af-south-1.api.aws", + }, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "logs.ap-east-1.api.aws", + }, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "logs.ap-northeast-1.api.aws", + }, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "logs.ap-northeast-2.api.aws", + }, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "logs.ap-northeast-3.api.aws", + }, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "logs.ap-south-1.api.aws", + }, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "logs.ap-south-2.api.aws", + }, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "logs.ap-southeast-1.api.aws", + }, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "logs.ap-southeast-2.api.aws", + }, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "logs.ap-southeast-3.api.aws", + }, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "logs.ap-southeast-4.api.aws", + }, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "logs.ca-central-1.api.aws", + }, + endpointKey{ + Region: "ca-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "logs-fips.ca-central-1.amazonaws.com", + }, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "logs.ca-west-1.api.aws", + }, + endpointKey{ + Region: "ca-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "logs-fips.ca-west-1.amazonaws.com", + }, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "logs.eu-central-1.api.aws", + }, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "logs.eu-central-2.api.aws", + }, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "logs.eu-north-1.api.aws", + }, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "logs.eu-south-1.api.aws", + }, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "logs.eu-south-2.api.aws", + }, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "logs.eu-west-1.api.aws", + }, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "logs.eu-west-2.api.aws", + }, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "logs.eu-west-3.api.aws", + }, + endpointKey{ + Region: "fips-ca-central-1", + }: endpoint{ + Hostname: "logs-fips.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-ca-west-1", + }: endpoint{ + Hostname: "logs-fips.ca-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "logs-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ + Hostname: "logs-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-1", + }: endpoint{ + Hostname: "logs-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "logs-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "il-central-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "logs.il-central-1.api.aws", + }, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "logs.me-central-1.api.aws", + }, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "logs.me-south-1.api.aws", + }, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "logs.sa-east-1.api.aws", + }, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "logs.us-east-1.api.aws", + }, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "logs-fips.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "logs.us-east-2.api.aws", + }, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "logs-fips.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "logs.us-west-1.api.aws", + }, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "logs-fips.us-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "logs.us-west-2.api.aws", + }, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "logs-fips.us-west-2.amazonaws.com", + }, + }, + }, + "lookoutequipment": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + }, + }, + "lookoutmetrics": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + }, + }, + "lookoutvision": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + }, + }, + "m2": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + Variant: fipsVariant, + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "fips-ca-central-1", + }: endpoint{ + + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ + + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-1", + }: endpoint{ + + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{}, + }, + }, + "machinelearning": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + }, + }, + "macie2": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "macie2-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ + Hostname: "macie2-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-1", + }: endpoint{ + Hostname: "macie2-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "macie2-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "macie2-fips.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "macie2-fips.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "macie2-fips.us-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "macie2-fips.us-west-2.amazonaws.com", + }, + }, + }, + "managedblockchain": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + }, + }, + "managedblockchain-query": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + }, + }, + "marketplacecommerceanalytics": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + }, + }, + "media-pipelines-chime": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "media-pipelines-chime-fips.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-1-fips", + }: endpoint{ + Hostname: "media-pipelines-chime-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "media-pipelines-chime-fips.us-west-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2-fips", + }: endpoint{ + Hostname: "media-pipelines-chime-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, + }, + }, + "mediaconnect": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + }, + }, + "mediaconvert": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "mediaconvert-fips.ca-central-1.amazonaws.com", + }, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "fips-ca-central-1", + }: endpoint{ + Hostname: "mediaconvert-fips.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "mediaconvert-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ + Hostname: "mediaconvert-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-1", + }: endpoint{ + Hostname: "mediaconvert-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "mediaconvert-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "mediaconvert-fips.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "mediaconvert-fips.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "mediaconvert-fips.us-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "mediaconvert-fips.us-west-2.amazonaws.com", + }, + }, + }, + "medialive": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "medialive-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ + Hostname: "medialive-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "medialive-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "medialive-fips.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "medialive-fips.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "medialive-fips.us-west-2.amazonaws.com", + }, + }, + }, + "mediapackage": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + }, + }, + "mediapackage-vod": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + }, + }, + "mediapackagev2": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + }, + }, + "mediastore": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + }, + }, + "meetings-chime": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "meetings-chime-fips.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-1-fips", + }: endpoint{ + Hostname: "meetings-chime-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "meetings-chime-fips.us-west-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2-fips", + }: endpoint{ + Hostname: "meetings-chime-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, + }, + }, + "memory-db": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "fips", + }: endpoint{ + Hostname: "memory-db-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + }, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + }, + }, + "messaging-chime": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "messaging-chime-fips.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-1-fips", + }: endpoint{ + Hostname: "messaging-chime-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, + }, + }, + }, + "metering.marketplace": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + CredentialScope: credentialScope{ + Service: "aws-marketplace", + }, + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + }, + }, + "metrics.sagemaker": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + }, + }, + "mgh": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + }, + }, + "mgn": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "mgn-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ + Hostname: "mgn-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-1", + }: endpoint{ + Hostname: "mgn-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "mgn-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "mgn-fips.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "mgn-fips.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "mgn-fips.us-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "mgn-fips.us-west-2.amazonaws.com", + }, + }, + }, + "migrationhub-orchestrator": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + }, + }, + "migrationhub-strategy": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + }, + }, + "mobileanalytics": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + }, + }, + "models-v2-lex": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + }, + }, + "models.lex": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + CredentialScope: credentialScope{ + Service: "lex", + }, + }, + defaultKey{ + Variant: fipsVariant, + }: endpoint{ + Hostname: "models-fips.lex.{region}.{dnsSuffix}", + CredentialScope: credentialScope{ + Service: "lex", + }, + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "models-fips.lex.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-1-fips", + }: endpoint{ + Hostname: "models-fips.lex.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "models-fips.lex.us-west-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2-fips", + }: endpoint{ + Hostname: "models-fips.lex.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, + }, + }, + "monitoring": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + Protocols: []string{"http", "https"}, + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "monitoring-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ + Hostname: "monitoring-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-1", + }: endpoint{ + Hostname: "monitoring-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "monitoring-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "monitoring-fips.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "monitoring-fips.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "monitoring-fips.us-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "monitoring-fips.us-west-2.amazonaws.com", + }, + }, + }, + "mq": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "mq-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ + Hostname: "mq-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-1", + }: endpoint{ + Hostname: "mq-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "mq-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "mq-fips.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "mq-fips.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "mq-fips.us-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "mq-fips.us-west-2.amazonaws.com", + }, + }, + }, + "mturk-requester": service{ + IsRegionalized: boxedFalse, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "sandbox", + }: endpoint{ + Hostname: "mturk-requester-sandbox.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + }, + }, + "neptune": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-east-1", + }: endpoint{ + Hostname: "rds.ap-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-east-1", + }, + }, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{ + Hostname: "rds.ap-northeast-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-northeast-1", + }, + }, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{ + Hostname: "rds.ap-northeast-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-northeast-2", + }, + }, + endpointKey{ + Region: "ap-south-1", + }: endpoint{ + Hostname: "rds.ap-south-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-south-1", + }, + }, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{ + Hostname: "rds.ap-southeast-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-southeast-1", + }, + }, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{ + Hostname: "rds.ap-southeast-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-southeast-2", + }, + }, + endpointKey{ + Region: "ca-central-1", + }: endpoint{ + Hostname: "rds.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + }, + endpointKey{ + Region: "eu-central-1", + }: endpoint{ + Hostname: "rds.eu-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-central-1", + }, + }, + endpointKey{ + Region: "eu-north-1", + }: endpoint{ + Hostname: "rds.eu-north-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-north-1", + }, + }, + endpointKey{ + Region: "eu-west-1", + }: endpoint{ + Hostname: "rds.eu-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-west-1", + }, + }, + endpointKey{ + Region: "eu-west-2", + }: endpoint{ + Hostname: "rds.eu-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-west-2", + }, + }, + endpointKey{ + Region: "eu-west-3", + }: endpoint{ + Hostname: "rds.eu-west-3.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-west-3", + }, + }, + endpointKey{ + Region: "me-south-1", + }: endpoint{ + Hostname: "rds.me-south-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "me-south-1", + }, + }, + endpointKey{ + Region: "sa-east-1", + }: endpoint{ + Hostname: "rds.sa-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "sa-east-1", + }, + }, + endpointKey{ + Region: "us-east-1", + }: endpoint{ + Hostname: "rds.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{ + Hostname: "rds.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + }, + endpointKey{ + Region: "us-west-1", + }: endpoint{ + Hostname: "rds.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{ + Hostname: "rds.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, + }, + }, + "network-firewall": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "network-firewall-fips.ca-central-1.amazonaws.com", + }, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "fips-ca-central-1", + }: endpoint{ + Hostname: "network-firewall-fips.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "network-firewall-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ + Hostname: "network-firewall-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-1", + }: endpoint{ + Hostname: "network-firewall-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "network-firewall-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "network-firewall-fips.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "network-firewall-fips.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "network-firewall-fips.us-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "network-firewall-fips.us-west-2.amazonaws.com", + }, + }, + }, + "networkmanager": service{ + PartitionEndpoint: "aws-global", + IsRegionalized: boxedFalse, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "aws-global", + }: endpoint{ + Hostname: "networkmanager.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, + endpointKey{ + Region: "aws-global", + Variant: fipsVariant, + }: endpoint{ + Hostname: "networkmanager-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, + endpointKey{ + Region: "fips-aws-global", + }: endpoint{ + Hostname: "networkmanager-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, + }, + }, + "nimble": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + }, + }, + "oam": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + }, + }, + "oidc": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{ + Hostname: "oidc.af-south-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "af-south-1", + }, + }, + endpointKey{ + Region: "ap-east-1", + }: endpoint{ + Hostname: "oidc.ap-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-east-1", + }, + }, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{ + Hostname: "oidc.ap-northeast-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-northeast-1", + }, + }, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{ + Hostname: "oidc.ap-northeast-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-northeast-2", + }, + }, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{ + Hostname: "oidc.ap-northeast-3.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-northeast-3", + }, + }, + endpointKey{ + Region: "ap-south-1", + }: endpoint{ + Hostname: "oidc.ap-south-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-south-1", + }, + }, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{ + Hostname: "oidc.ap-southeast-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-southeast-1", + }, + }, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{ + Hostname: "oidc.ap-southeast-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-southeast-2", + }, + }, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{ + Hostname: "oidc.ap-southeast-3.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-southeast-3", + }, + }, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{ + Hostname: "oidc.ap-southeast-4.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-southeast-4", + }, + }, + endpointKey{ + Region: "ca-central-1", + }: endpoint{ + Hostname: "oidc.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + }, + endpointKey{ + Region: "eu-central-1", + }: endpoint{ + Hostname: "oidc.eu-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-central-1", + }, + }, + endpointKey{ + Region: "eu-central-2", + }: endpoint{ + Hostname: "oidc.eu-central-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-central-2", + }, + }, + endpointKey{ + Region: "eu-north-1", + }: endpoint{ + Hostname: "oidc.eu-north-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-north-1", + }, + }, + endpointKey{ + Region: "eu-south-1", + }: endpoint{ + Hostname: "oidc.eu-south-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-south-1", + }, + }, + endpointKey{ + Region: "eu-west-1", + }: endpoint{ + Hostname: "oidc.eu-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-west-1", + }, + }, + endpointKey{ + Region: "eu-west-2", + }: endpoint{ + Hostname: "oidc.eu-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-west-2", + }, + }, + endpointKey{ + Region: "eu-west-3", + }: endpoint{ + Hostname: "oidc.eu-west-3.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-west-3", + }, + }, + endpointKey{ + Region: "il-central-1", + }: endpoint{ + Hostname: "oidc.il-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "il-central-1", + }, + }, + endpointKey{ + Region: "me-central-1", + }: endpoint{ + Hostname: "oidc.me-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "me-central-1", + }, + }, + endpointKey{ + Region: "me-south-1", + }: endpoint{ + Hostname: "oidc.me-south-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "me-south-1", + }, + }, + endpointKey{ + Region: "sa-east-1", + }: endpoint{ + Hostname: "oidc.sa-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "sa-east-1", + }, + }, + endpointKey{ + Region: "us-east-1", + }: endpoint{ + Hostname: "oidc.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{ + Hostname: "oidc.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + }, + endpointKey{ + Region: "us-west-1", + }: endpoint{ + Hostname: "oidc.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{ + Hostname: "oidc.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, + }, + }, + "omics": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{ + Hostname: "omics.ap-southeast-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-southeast-1", + }, + }, + endpointKey{ + Region: "eu-central-1", + }: endpoint{ + Hostname: "omics.eu-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-central-1", + }, + }, + endpointKey{ + Region: "eu-west-1", + }: endpoint{ + Hostname: "omics.eu-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-west-1", + }, + }, + endpointKey{ + Region: "eu-west-2", + }: endpoint{ + Hostname: "omics.eu-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-west-2", + }, + }, + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "omics-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "omics-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "il-central-1", + }: endpoint{ + Hostname: "omics.il-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "il-central-1", + }, + }, + endpointKey{ + Region: "us-east-1", + }: endpoint{ + Hostname: "omics.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "omics-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{ + Hostname: "omics.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "omics-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, + }, + }, + "opsworks": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + }, + }, + "opsworks-cm": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + }, + }, + "organizations": service{ + PartitionEndpoint: "aws-global", + IsRegionalized: boxedFalse, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "aws-global", + }: endpoint{ + Hostname: "organizations.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + endpointKey{ + Region: "aws-global", + Variant: fipsVariant, + }: endpoint{ + Hostname: "organizations-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + endpointKey{ + Region: "fips-aws-global", + }: endpoint{ + Hostname: "organizations-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, + }, + }, + }, + "osis": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + }, + }, + "outposts": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "outposts-fips.ca-central-1.amazonaws.com", + }, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "fips-ca-central-1", + }: endpoint{ + Hostname: "outposts-fips.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "outposts-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ + Hostname: "outposts-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-1", + }: endpoint{ + Hostname: "outposts-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "outposts-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "outposts-fips.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "outposts-fips.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "outposts-fips.us-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "outposts-fips.us-west-2.amazonaws.com", + }, + }, + }, + "participant.connect": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "participant.connect-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "participant.connect-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "participant.connect-fips.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "participant.connect-fips.us-west-2.amazonaws.com", + }, + }, + }, + "personalize": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + }, + }, + "pi": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + }, + }, + "pinpoint": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + CredentialScope: credentialScope{ + Service: "mobiletargeting", + }, + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{ + Hostname: "pinpoint.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + }, + endpointKey{ + Region: "ca-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "pinpoint-fips.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + }, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "fips-ca-central-1", + }: endpoint{ + Hostname: "pinpoint-fips.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "pinpoint-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ + Hostname: "pinpoint-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "pinpoint-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-east-1", + }: endpoint{ + Hostname: "pinpoint.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "pinpoint-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{ + Hostname: "pinpoint.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + }, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "pinpoint-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{ + Hostname: "pinpoint.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "pinpoint-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, + }, + }, + "pipes": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + }, + }, + "polly": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "polly-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ + Hostname: "polly-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-1", + }: endpoint{ + Hostname: "polly-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "polly-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "polly-fips.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "polly-fips.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "polly-fips.us-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "polly-fips.us-west-2.amazonaws.com", + }, + }, + }, + "portal.sso": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{ + Hostname: "portal.sso.af-south-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "af-south-1", + }, + }, + endpointKey{ + Region: "ap-east-1", + }: endpoint{ + Hostname: "portal.sso.ap-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-east-1", + }, + }, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{ + Hostname: "portal.sso.ap-northeast-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-northeast-1", + }, + }, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{ + Hostname: "portal.sso.ap-northeast-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-northeast-2", + }, + }, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{ + Hostname: "portal.sso.ap-northeast-3.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-northeast-3", + }, + }, + endpointKey{ + Region: "ap-south-1", + }: endpoint{ + Hostname: "portal.sso.ap-south-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-south-1", + }, + }, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{ + Hostname: "portal.sso.ap-southeast-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-southeast-1", + }, + }, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{ + Hostname: "portal.sso.ap-southeast-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-southeast-2", + }, + }, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{ + Hostname: "portal.sso.ap-southeast-3.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-southeast-3", + }, + }, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{ + Hostname: "portal.sso.ap-southeast-4.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-southeast-4", + }, + }, + endpointKey{ + Region: "ca-central-1", + }: endpoint{ + Hostname: "portal.sso.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + }, + endpointKey{ + Region: "eu-central-1", + }: endpoint{ + Hostname: "portal.sso.eu-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-central-1", + }, + }, + endpointKey{ + Region: "eu-central-2", + }: endpoint{ + Hostname: "portal.sso.eu-central-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-central-2", + }, + }, + endpointKey{ + Region: "eu-north-1", + }: endpoint{ + Hostname: "portal.sso.eu-north-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-north-1", + }, + }, + endpointKey{ + Region: "eu-south-1", + }: endpoint{ + Hostname: "portal.sso.eu-south-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-south-1", + }, + }, + endpointKey{ + Region: "eu-west-1", + }: endpoint{ + Hostname: "portal.sso.eu-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-west-1", + }, + }, + endpointKey{ + Region: "eu-west-2", + }: endpoint{ + Hostname: "portal.sso.eu-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-west-2", + }, + }, + endpointKey{ + Region: "eu-west-3", + }: endpoint{ + Hostname: "portal.sso.eu-west-3.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-west-3", + }, + }, + endpointKey{ + Region: "il-central-1", + }: endpoint{ + Hostname: "portal.sso.il-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "il-central-1", + }, + }, + endpointKey{ + Region: "me-central-1", + }: endpoint{ + Hostname: "portal.sso.me-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "me-central-1", + }, + }, + endpointKey{ + Region: "me-south-1", + }: endpoint{ + Hostname: "portal.sso.me-south-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "me-south-1", + }, + }, + endpointKey{ + Region: "sa-east-1", + }: endpoint{ + Hostname: "portal.sso.sa-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "sa-east-1", + }, + }, + endpointKey{ + Region: "us-east-1", + }: endpoint{ + Hostname: "portal.sso.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{ + Hostname: "portal.sso.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + }, + endpointKey{ + Region: "us-west-1", + }: endpoint{ + Hostname: "portal.sso.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{ + Hostname: "portal.sso.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, + }, + }, + "private-networks": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + }, + }, + "profile": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "profile-fips.ca-central-1.amazonaws.com", + }, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "fips-ca-central-1", + }: endpoint{ + Hostname: "profile-fips.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "profile-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "profile-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "profile-fips.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "profile-fips.us-west-2.amazonaws.com", + }, + }, + }, + "projects.iot1click": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + }, + }, + "proton": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + }, + }, + "qbusiness": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + DNSSuffix: "api.aws", + }, + defaultKey{ + Variant: fipsVariant, + }: endpoint{ + Hostname: "{service}-fips.{region}.{dnsSuffix}", + DNSSuffix: "api.aws", + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{ + Hostname: "qbusiness.af-south-1.api.aws", + }, + endpointKey{ + Region: "ap-east-1", + }: endpoint{ + Hostname: "qbusiness.ap-east-1.api.aws", + }, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{ + Hostname: "qbusiness.ap-northeast-1.api.aws", + }, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{ + Hostname: "qbusiness.ap-northeast-2.api.aws", + }, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{ + Hostname: "qbusiness.ap-northeast-3.api.aws", + }, + endpointKey{ + Region: "ap-south-1", + }: endpoint{ + Hostname: "qbusiness.ap-south-1.api.aws", + }, + endpointKey{ + Region: "ap-south-2", + }: endpoint{ + Hostname: "qbusiness.ap-south-2.api.aws", + }, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{ + Hostname: "qbusiness.ap-southeast-1.api.aws", + }, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{ + Hostname: "qbusiness.ap-southeast-2.api.aws", + }, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{ + Hostname: "qbusiness.ap-southeast-3.api.aws", + }, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{ + Hostname: "qbusiness.ap-southeast-4.api.aws", + }, + endpointKey{ + Region: "ca-central-1", + }: endpoint{ + Hostname: "qbusiness.ca-central-1.api.aws", + }, + endpointKey{ + Region: "ca-west-1", + }: endpoint{ + Hostname: "qbusiness.ca-west-1.api.aws", + }, + endpointKey{ + Region: "eu-central-1", + }: endpoint{ + Hostname: "qbusiness.eu-central-1.api.aws", + }, + endpointKey{ + Region: "eu-central-2", + }: endpoint{ + Hostname: "qbusiness.eu-central-2.api.aws", + }, + endpointKey{ + Region: "eu-north-1", + }: endpoint{ + Hostname: "qbusiness.eu-north-1.api.aws", + }, + endpointKey{ + Region: "eu-south-1", + }: endpoint{ + Hostname: "qbusiness.eu-south-1.api.aws", + }, + endpointKey{ + Region: "eu-south-2", + }: endpoint{ + Hostname: "qbusiness.eu-south-2.api.aws", + }, + endpointKey{ + Region: "eu-west-1", + }: endpoint{ + Hostname: "qbusiness.eu-west-1.api.aws", + }, + endpointKey{ + Region: "eu-west-2", + }: endpoint{ + Hostname: "qbusiness.eu-west-2.api.aws", + }, + endpointKey{ + Region: "eu-west-3", + }: endpoint{ + Hostname: "qbusiness.eu-west-3.api.aws", + }, + endpointKey{ + Region: "il-central-1", + }: endpoint{ + Hostname: "qbusiness.il-central-1.api.aws", + }, + endpointKey{ + Region: "me-central-1", + }: endpoint{ + Hostname: "qbusiness.me-central-1.api.aws", + }, + endpointKey{ + Region: "me-south-1", + }: endpoint{ + Hostname: "qbusiness.me-south-1.api.aws", + }, + endpointKey{ + Region: "sa-east-1", + }: endpoint{ + Hostname: "qbusiness.sa-east-1.api.aws", + }, + endpointKey{ + Region: "us-east-1", + }: endpoint{ + Hostname: "qbusiness.us-east-1.api.aws", + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{ + Hostname: "qbusiness.us-east-2.api.aws", + }, + endpointKey{ + Region: "us-west-1", + }: endpoint{ + Hostname: "qbusiness.us-west-1.api.aws", + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{ + Hostname: "qbusiness.us-west-2.api.aws", + }, + }, + }, + "qldb": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "qldb-fips.ca-central-1.amazonaws.com", + }, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "fips-ca-central-1", + }: endpoint{ + Hostname: "qldb-fips.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "qldb-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ + Hostname: "qldb-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "qldb-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "qldb-fips.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "qldb-fips.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "qldb-fips.us-west-2.amazonaws.com", + }, + }, + }, + "quicksight": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + }, + }, + "ram": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "ram-fips.ca-central-1.amazonaws.com", + }, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "ram-fips.ca-west-1.amazonaws.com", + }, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "fips-ca-central-1", + }: endpoint{ + Hostname: "ram-fips.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-ca-west-1", + }: endpoint{ + Hostname: "ram-fips.ca-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "ram-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ + Hostname: "ram-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-1", + }: endpoint{ + Hostname: "ram-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "ram-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "ram-fips.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "ram-fips.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "ram-fips.us-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "ram-fips.us-west-2.amazonaws.com", + }, + }, + }, + "rbin": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "rbin-fips.ca-central-1.amazonaws.com", + }, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "rbin-fips.ca-west-1.amazonaws.com", + }, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "fips-ca-central-1", + }: endpoint{ + Hostname: "rbin-fips.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-ca-west-1", + }: endpoint{ + Hostname: "rbin-fips.ca-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "rbin-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ + Hostname: "rbin-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-1", + }: endpoint{ + Hostname: "rbin-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "rbin-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "rbin-fips.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "rbin-fips.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "rbin-fips.us-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "rbin-fips.us-west-2.amazonaws.com", + }, + }, + }, + "rds": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "rds-fips.ca-central-1.amazonaws.com", + }, + endpointKey{ + Region: "ca-central-1-fips", + }: endpoint{ + Hostname: "rds-fips.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "rds-fips.ca-west-1.amazonaws.com", + }, + endpointKey{ + Region: "ca-west-1-fips", + }: endpoint{ + Hostname: "rds-fips.ca-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "rds-fips.ca-central-1", + }: endpoint{ + Hostname: "rds-fips.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "rds-fips.ca-west-1", + }: endpoint{ + Hostname: "rds-fips.ca-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "rds-fips.us-east-1", + }: endpoint{ + Hostname: "rds-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "rds-fips.us-east-2", + }: endpoint{ + Hostname: "rds-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "rds-fips.us-west-1", + }: endpoint{ + Hostname: "rds-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "rds-fips.us-west-2", + }: endpoint{ + Hostname: "rds-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "rds.ca-central-1", + }: endpoint{ + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "rds.ca-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "rds-fips.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "rds.ca-west-1", + }: endpoint{ + CredentialScope: credentialScope{ + Region: "ca-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "rds.ca-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "rds-fips.ca-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "rds.us-east-1", + }: endpoint{ + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "rds.us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "rds-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "rds.us-east-2", + }: endpoint{ + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "rds.us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "rds-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "rds.us-west-1", + }: endpoint{ + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "rds.us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "rds-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "rds.us-west-2", + }: endpoint{ + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "rds.us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "rds-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{ + SSLCommonName: "{service}.{dnsSuffix}", + }, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "rds-fips.us-east-1.amazonaws.com", + SSLCommonName: "{service}.{dnsSuffix}", + }, + endpointKey{ + Region: "us-east-1-fips", + }: endpoint{ + Hostname: "rds-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "rds-fips.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-east-2-fips", + }: endpoint{ + Hostname: "rds-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "rds-fips.us-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-west-1-fips", + }: endpoint{ + Hostname: "rds-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "rds-fips.us-west-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2-fips", + }: endpoint{ + Hostname: "rds-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, + }, + }, + "rds-data": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "rds-data-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ + Hostname: "rds-data-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-1", + }: endpoint{ + Hostname: "rds-data-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "rds-data-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "rds-data-fips.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "rds-data-fips.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "rds-data-fips.us-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "rds-data-fips.us-west-2.amazonaws.com", + }, + }, + }, + "redshift": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "redshift-fips.ca-central-1.amazonaws.com", + }, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "redshift-fips.ca-west-1.amazonaws.com", + }, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "fips-ca-central-1", + }: endpoint{ + Hostname: "redshift-fips.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-ca-west-1", + }: endpoint{ + Hostname: "redshift-fips.ca-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "redshift-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ + Hostname: "redshift-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-1", + }: endpoint{ + Hostname: "redshift-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "redshift-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "redshift-fips.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "redshift-fips.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "redshift-fips.us-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "redshift-fips.us-west-2.amazonaws.com", + }, + }, + }, + "redshift-serverless": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "redshift-serverless-fips.ca-central-1.amazonaws.com", + }, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "fips-ca-central-1", + }: endpoint{ + Hostname: "redshift-serverless-fips.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "redshift-serverless-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ + Hostname: "redshift-serverless-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-1", + }: endpoint{ + Hostname: "redshift-serverless-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "redshift-serverless-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "redshift-serverless-fips.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "redshift-serverless-fips.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "redshift-serverless-fips.us-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "redshift-serverless-fips.us-west-2.amazonaws.com", + }, + }, + }, + "rekognition": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "rekognition-fips.ca-central-1.amazonaws.com", + }, + endpointKey{ + Region: "ca-central-1-fips", + }: endpoint{ + Hostname: "rekognition-fips.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "rekognition-fips.ca-central-1", + }: endpoint{ + Hostname: "rekognition-fips.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "rekognition-fips.us-east-1", + }: endpoint{ + Hostname: "rekognition-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "rekognition-fips.us-east-2", + }: endpoint{ + Hostname: "rekognition-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "rekognition-fips.us-west-1", + }: endpoint{ + Hostname: "rekognition-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "rekognition-fips.us-west-2", + }: endpoint{ + Hostname: "rekognition-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "rekognition.ca-central-1", + }: endpoint{ + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "rekognition.ca-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "rekognition-fips.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "rekognition.us-east-1", + }: endpoint{ + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "rekognition.us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "rekognition-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "rekognition.us-east-2", + }: endpoint{ + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "rekognition.us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "rekognition-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "rekognition.us-west-1", + }: endpoint{ + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "rekognition.us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "rekognition-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "rekognition.us-west-2", + }: endpoint{ + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "rekognition.us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "rekognition-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "rekognition-fips.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-1-fips", + }: endpoint{ + Hostname: "rekognition-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "rekognition-fips.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-east-2-fips", + }: endpoint{ + Hostname: "rekognition-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "rekognition-fips.us-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-west-1-fips", + }: endpoint{ + Hostname: "rekognition-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "rekognition-fips.us-west-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2-fips", + }: endpoint{ + Hostname: "rekognition-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, + }, + }, + "resiliencehub": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + }, + }, + "resource-explorer-2": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + }, + }, + "resource-groups": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "resource-groups-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ + Hostname: "resource-groups-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-1", + }: endpoint{ + Hostname: "resource-groups-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "resource-groups-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "resource-groups-fips.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "resource-groups-fips.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "resource-groups-fips.us-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "resource-groups-fips.us-west-2.amazonaws.com", + }, + }, + }, + "robomaker": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + }, + }, + "rolesanywhere": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "rolesanywhere-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ + Hostname: "rolesanywhere-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-1", + }: endpoint{ + Hostname: "rolesanywhere-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "rolesanywhere-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "rolesanywhere-fips.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "rolesanywhere-fips.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "rolesanywhere-fips.us-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "rolesanywhere-fips.us-west-2.amazonaws.com", + }, + }, + }, + "route53": service{ + PartitionEndpoint: "aws-global", + IsRegionalized: boxedFalse, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "aws-global", + }: endpoint{ + Hostname: "route53.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + endpointKey{ + Region: "aws-global", + Variant: fipsVariant, + }: endpoint{ + Hostname: "route53-fips.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + endpointKey{ + Region: "fips-aws-global", + }: endpoint{ + Hostname: "route53-fips.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, + }, + }, + }, + "route53-recovery-control-config": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "aws-global", + }: endpoint{ + Hostname: "route53-recovery-control-config.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, + }, + }, + "route53domains": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + }, + }, + "route53resolver": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + Protocols: []string{"https"}, + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + }, + }, + "rum": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + }, + }, + "runtime-v2-lex": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + }, + }, + "runtime.lex": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + CredentialScope: credentialScope{ + Service: "lex", + }, + }, + defaultKey{ + Variant: fipsVariant, + }: endpoint{ + Hostname: "runtime-fips.lex.{region}.{dnsSuffix}", + CredentialScope: credentialScope{ + Service: "lex", + }, + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "runtime-fips.lex.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-1-fips", + }: endpoint{ + Hostname: "runtime-fips.lex.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "runtime-fips.lex.us-west-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2-fips", + }: endpoint{ + Hostname: "runtime-fips.lex.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, + }, + }, + "runtime.sagemaker": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{}, + defaultKey{ + Variant: fipsVariant, + }: endpoint{ + Hostname: "runtime-fips.sagemaker.{region}.{dnsSuffix}", + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "runtime-fips.sagemaker.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-1-fips", + }: endpoint{ + Hostname: "runtime-fips.sagemaker.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "runtime-fips.sagemaker.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-east-2-fips", + }: endpoint{ + Hostname: "runtime-fips.sagemaker.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "runtime-fips.sagemaker.us-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-west-1-fips", + }: endpoint{ + Hostname: "runtime-fips.sagemaker.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "runtime-fips.sagemaker.us-west-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2-fips", + }: endpoint{ + Hostname: "runtime-fips.sagemaker.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, + }, + }, + "s3": service{ + PartitionEndpoint: "aws-global", + IsRegionalized: boxedTrue, + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + Protocols: []string{"http", "https"}, + SignatureVersions: []string{"s3v4"}, + }, + defaultKey{ + Variant: dualStackVariant, + }: endpoint{ + Hostname: "{service}.dualstack.{region}.{dnsSuffix}", + DNSSuffix: "amazonaws.com", + Protocols: []string{"http", "https"}, + SignatureVersions: []string{"s3v4"}, + }, + defaultKey{ + Variant: fipsVariant | dualStackVariant, + }: endpoint{ + Hostname: "{service}-fips.dualstack.{region}.{dnsSuffix}", + DNSSuffix: "amazonaws.com", + Protocols: []string{"http", "https"}, + SignatureVersions: []string{"s3v4"}, + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "af-south-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "s3.dualstack.af-south-1.amazonaws.com", + }, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "s3.dualstack.ap-east-1.amazonaws.com", + }, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{ + Hostname: "s3.ap-northeast-1.amazonaws.com", + SignatureVersions: []string{"s3", "s3v4"}, + }, + endpointKey{ + Region: "ap-northeast-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "s3.dualstack.ap-northeast-1.amazonaws.com", + SignatureVersions: []string{"s3", "s3v4"}, + }, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "s3.dualstack.ap-northeast-2.amazonaws.com", + }, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "s3.dualstack.ap-northeast-3.amazonaws.com", + }, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "s3.dualstack.ap-south-1.amazonaws.com", + }, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "s3.dualstack.ap-south-2.amazonaws.com", + }, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{ + Hostname: "s3.ap-southeast-1.amazonaws.com", + SignatureVersions: []string{"s3", "s3v4"}, + }, + endpointKey{ + Region: "ap-southeast-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "s3.dualstack.ap-southeast-1.amazonaws.com", + SignatureVersions: []string{"s3", "s3v4"}, + }, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{ + Hostname: "s3.ap-southeast-2.amazonaws.com", + SignatureVersions: []string{"s3", "s3v4"}, + }, + endpointKey{ + Region: "ap-southeast-2", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "s3.dualstack.ap-southeast-2.amazonaws.com", + SignatureVersions: []string{"s3", "s3v4"}, + }, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "s3.dualstack.ap-southeast-3.amazonaws.com", + }, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "s3.dualstack.ap-southeast-4.amazonaws.com", + }, + endpointKey{ + Region: "aws-global", + }: endpoint{ + Hostname: "s3.amazonaws.com", + SignatureVersions: []string{"s3", "s3v4"}, + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "s3.dualstack.ca-central-1.amazonaws.com", + }, + endpointKey{ + Region: "ca-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "s3-fips.ca-central-1.amazonaws.com", + }, + endpointKey{ + Region: "ca-central-1", + Variant: fipsVariant | dualStackVariant, + }: endpoint{ + Hostname: "s3-fips.dualstack.ca-central-1.amazonaws.com", + }, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "s3.dualstack.ca-west-1.amazonaws.com", + }, + endpointKey{ + Region: "ca-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "s3-fips.ca-west-1.amazonaws.com", + }, + endpointKey{ + Region: "ca-west-1", + Variant: fipsVariant | dualStackVariant, + }: endpoint{ + Hostname: "s3-fips.dualstack.ca-west-1.amazonaws.com", + }, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "s3.dualstack.eu-central-1.amazonaws.com", + }, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "s3.dualstack.eu-central-2.amazonaws.com", + }, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "s3.dualstack.eu-north-1.amazonaws.com", + }, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "s3.dualstack.eu-south-1.amazonaws.com", + }, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "s3.dualstack.eu-south-2.amazonaws.com", + }, + endpointKey{ + Region: "eu-west-1", + }: endpoint{ + Hostname: "s3.eu-west-1.amazonaws.com", + SignatureVersions: []string{"s3", "s3v4"}, + }, + endpointKey{ + Region: "eu-west-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "s3.dualstack.eu-west-1.amazonaws.com", + SignatureVersions: []string{"s3", "s3v4"}, + }, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "s3.dualstack.eu-west-2.amazonaws.com", + }, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "s3.dualstack.eu-west-3.amazonaws.com", + }, + endpointKey{ + Region: "fips-ca-central-1", + }: endpoint{ + Hostname: "s3-fips.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-ca-west-1", + }: endpoint{ + Hostname: "s3-fips.ca-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "s3-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ + Hostname: "s3-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-1", + }: endpoint{ + Hostname: "s3-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "s3-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "il-central-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "s3.dualstack.il-central-1.amazonaws.com", + }, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "s3.dualstack.me-central-1.amazonaws.com", + }, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "s3.dualstack.me-south-1.amazonaws.com", + }, + endpointKey{ + Region: "s3-external-1", + }: endpoint{ + Hostname: "s3-external-1.amazonaws.com", + SignatureVersions: []string{"s3", "s3v4"}, + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + endpointKey{ + Region: "sa-east-1", + }: endpoint{ + Hostname: "s3.sa-east-1.amazonaws.com", + SignatureVersions: []string{"s3", "s3v4"}, + }, + endpointKey{ + Region: "sa-east-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "s3.dualstack.sa-east-1.amazonaws.com", + SignatureVersions: []string{"s3", "s3v4"}, + }, + endpointKey{ + Region: "us-east-1", + }: endpoint{ + Hostname: "s3.us-east-1.amazonaws.com", + SignatureVersions: []string{"s3", "s3v4"}, + }, + endpointKey{ + Region: "us-east-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "s3.dualstack.us-east-1.amazonaws.com", + SignatureVersions: []string{"s3", "s3v4"}, + }, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "s3-fips.us-east-1.amazonaws.com", + SignatureVersions: []string{"s3", "s3v4"}, + }, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant | dualStackVariant, + }: endpoint{ + Hostname: "s3-fips.dualstack.us-east-1.amazonaws.com", + SignatureVersions: []string{"s3", "s3v4"}, + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "s3.dualstack.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "s3-fips.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant | dualStackVariant, + }: endpoint{ + Hostname: "s3-fips.dualstack.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-1", + }: endpoint{ + Hostname: "s3.us-west-1.amazonaws.com", + SignatureVersions: []string{"s3", "s3v4"}, + }, + endpointKey{ + Region: "us-west-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "s3.dualstack.us-west-1.amazonaws.com", + SignatureVersions: []string{"s3", "s3v4"}, + }, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "s3-fips.us-west-1.amazonaws.com", + SignatureVersions: []string{"s3", "s3v4"}, + }, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant | dualStackVariant, + }: endpoint{ + Hostname: "s3-fips.dualstack.us-west-1.amazonaws.com", + SignatureVersions: []string{"s3", "s3v4"}, + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{ + Hostname: "s3.us-west-2.amazonaws.com", + SignatureVersions: []string{"s3", "s3v4"}, + }, + endpointKey{ + Region: "us-west-2", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "s3.dualstack.us-west-2.amazonaws.com", + SignatureVersions: []string{"s3", "s3v4"}, + }, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "s3-fips.us-west-2.amazonaws.com", + SignatureVersions: []string{"s3", "s3v4"}, + }, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant | dualStackVariant, + }: endpoint{ + Hostname: "s3-fips.dualstack.us-west-2.amazonaws.com", + SignatureVersions: []string{"s3", "s3v4"}, + }, + }, + }, + "s3-control": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + Protocols: []string{"https"}, + SignatureVersions: []string{"s3v4"}, + }, + defaultKey{ + Variant: dualStackVariant, + }: endpoint{ + Hostname: "{service}.dualstack.{region}.{dnsSuffix}", + DNSSuffix: "amazonaws.com", + Protocols: []string{"https"}, + SignatureVersions: []string{"s3v4"}, + }, + defaultKey{ + Variant: fipsVariant | dualStackVariant, + }: endpoint{ + Hostname: "{service}-fips.dualstack.{region}.{dnsSuffix}", + DNSSuffix: "amazonaws.com", + Protocols: []string{"https"}, + SignatureVersions: []string{"s3v4"}, + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{ + Hostname: "s3-control.ap-northeast-1.amazonaws.com", + SignatureVersions: []string{"s3v4"}, + CredentialScope: credentialScope{ + Region: "ap-northeast-1", + }, + }, + endpointKey{ + Region: "ap-northeast-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "s3-control.dualstack.ap-northeast-1.amazonaws.com", + SignatureVersions: []string{"s3v4"}, + CredentialScope: credentialScope{ + Region: "ap-northeast-1", + }, + }, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{ + Hostname: "s3-control.ap-northeast-2.amazonaws.com", + SignatureVersions: []string{"s3v4"}, + CredentialScope: credentialScope{ + Region: "ap-northeast-2", + }, + }, + endpointKey{ + Region: "ap-northeast-2", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "s3-control.dualstack.ap-northeast-2.amazonaws.com", + SignatureVersions: []string{"s3v4"}, + CredentialScope: credentialScope{ + Region: "ap-northeast-2", + }, + }, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{ + Hostname: "s3-control.ap-northeast-3.amazonaws.com", + SignatureVersions: []string{"s3v4"}, + CredentialScope: credentialScope{ + Region: "ap-northeast-3", + }, + }, + endpointKey{ + Region: "ap-northeast-3", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "s3-control.dualstack.ap-northeast-3.amazonaws.com", + SignatureVersions: []string{"s3v4"}, + CredentialScope: credentialScope{ + Region: "ap-northeast-3", + }, + }, + endpointKey{ + Region: "ap-south-1", + }: endpoint{ + Hostname: "s3-control.ap-south-1.amazonaws.com", + SignatureVersions: []string{"s3v4"}, + CredentialScope: credentialScope{ + Region: "ap-south-1", + }, + }, + endpointKey{ + Region: "ap-south-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "s3-control.dualstack.ap-south-1.amazonaws.com", + SignatureVersions: []string{"s3v4"}, + CredentialScope: credentialScope{ + Region: "ap-south-1", + }, + }, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{ + Hostname: "s3-control.ap-southeast-1.amazonaws.com", + SignatureVersions: []string{"s3v4"}, + CredentialScope: credentialScope{ + Region: "ap-southeast-1", + }, + }, + endpointKey{ + Region: "ap-southeast-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "s3-control.dualstack.ap-southeast-1.amazonaws.com", + SignatureVersions: []string{"s3v4"}, + CredentialScope: credentialScope{ + Region: "ap-southeast-1", + }, + }, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{ + Hostname: "s3-control.ap-southeast-2.amazonaws.com", + SignatureVersions: []string{"s3v4"}, + CredentialScope: credentialScope{ + Region: "ap-southeast-2", + }, + }, + endpointKey{ + Region: "ap-southeast-2", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "s3-control.dualstack.ap-southeast-2.amazonaws.com", + SignatureVersions: []string{"s3v4"}, + CredentialScope: credentialScope{ + Region: "ap-southeast-2", + }, + }, + endpointKey{ + Region: "ca-central-1", + }: endpoint{ + Hostname: "s3-control.ca-central-1.amazonaws.com", + SignatureVersions: []string{"s3v4"}, + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + }, + endpointKey{ + Region: "ca-central-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "s3-control.dualstack.ca-central-1.amazonaws.com", + SignatureVersions: []string{"s3v4"}, + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + }, + endpointKey{ + Region: "ca-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "s3-control-fips.ca-central-1.amazonaws.com", + SignatureVersions: []string{"s3v4"}, + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + }, + endpointKey{ + Region: "ca-central-1", + Variant: fipsVariant | dualStackVariant, + }: endpoint{ + Hostname: "s3-control-fips.dualstack.ca-central-1.amazonaws.com", + SignatureVersions: []string{"s3v4"}, + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + }, + endpointKey{ + Region: "ca-central-1-fips", + }: endpoint{ + Hostname: "s3-control-fips.ca-central-1.amazonaws.com", + SignatureVersions: []string{"s3v4"}, + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "eu-central-1", + }: endpoint{ + Hostname: "s3-control.eu-central-1.amazonaws.com", + SignatureVersions: []string{"s3v4"}, + CredentialScope: credentialScope{ + Region: "eu-central-1", + }, + }, + endpointKey{ + Region: "eu-central-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "s3-control.dualstack.eu-central-1.amazonaws.com", + SignatureVersions: []string{"s3v4"}, + CredentialScope: credentialScope{ + Region: "eu-central-1", + }, + }, + endpointKey{ + Region: "eu-north-1", + }: endpoint{ + Hostname: "s3-control.eu-north-1.amazonaws.com", + SignatureVersions: []string{"s3v4"}, + CredentialScope: credentialScope{ + Region: "eu-north-1", + }, + }, + endpointKey{ + Region: "eu-north-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "s3-control.dualstack.eu-north-1.amazonaws.com", + SignatureVersions: []string{"s3v4"}, + CredentialScope: credentialScope{ + Region: "eu-north-1", + }, + }, + endpointKey{ + Region: "eu-west-1", + }: endpoint{ + Hostname: "s3-control.eu-west-1.amazonaws.com", + SignatureVersions: []string{"s3v4"}, + CredentialScope: credentialScope{ + Region: "eu-west-1", + }, + }, + endpointKey{ + Region: "eu-west-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "s3-control.dualstack.eu-west-1.amazonaws.com", + SignatureVersions: []string{"s3v4"}, + CredentialScope: credentialScope{ + Region: "eu-west-1", + }, + }, + endpointKey{ + Region: "eu-west-2", + }: endpoint{ + Hostname: "s3-control.eu-west-2.amazonaws.com", + SignatureVersions: []string{"s3v4"}, + CredentialScope: credentialScope{ + Region: "eu-west-2", + }, + }, + endpointKey{ + Region: "eu-west-2", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "s3-control.dualstack.eu-west-2.amazonaws.com", + SignatureVersions: []string{"s3v4"}, + CredentialScope: credentialScope{ + Region: "eu-west-2", + }, + }, + endpointKey{ + Region: "eu-west-3", + }: endpoint{ + Hostname: "s3-control.eu-west-3.amazonaws.com", + SignatureVersions: []string{"s3v4"}, + CredentialScope: credentialScope{ + Region: "eu-west-3", + }, + }, + endpointKey{ + Region: "eu-west-3", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "s3-control.dualstack.eu-west-3.amazonaws.com", + SignatureVersions: []string{"s3v4"}, + CredentialScope: credentialScope{ + Region: "eu-west-3", + }, + }, + endpointKey{ + Region: "sa-east-1", + }: endpoint{ + Hostname: "s3-control.sa-east-1.amazonaws.com", + SignatureVersions: []string{"s3v4"}, + CredentialScope: credentialScope{ + Region: "sa-east-1", + }, + }, + endpointKey{ + Region: "sa-east-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "s3-control.dualstack.sa-east-1.amazonaws.com", + SignatureVersions: []string{"s3v4"}, + CredentialScope: credentialScope{ + Region: "sa-east-1", + }, + }, + endpointKey{ + Region: "us-east-1", + }: endpoint{ + Hostname: "s3-control.us-east-1.amazonaws.com", + SignatureVersions: []string{"s3v4"}, + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + endpointKey{ + Region: "us-east-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "s3-control.dualstack.us-east-1.amazonaws.com", + SignatureVersions: []string{"s3v4"}, + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "s3-control-fips.us-east-1.amazonaws.com", + SignatureVersions: []string{"s3v4"}, + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant | dualStackVariant, + }: endpoint{ + Hostname: "s3-control-fips.dualstack.us-east-1.amazonaws.com", + SignatureVersions: []string{"s3v4"}, + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + endpointKey{ + Region: "us-east-1-fips", + }: endpoint{ + Hostname: "s3-control-fips.us-east-1.amazonaws.com", + SignatureVersions: []string{"s3v4"}, + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{ + Hostname: "s3-control.us-east-2.amazonaws.com", + SignatureVersions: []string{"s3v4"}, + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + }, + endpointKey{ + Region: "us-east-2", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "s3-control.dualstack.us-east-2.amazonaws.com", + SignatureVersions: []string{"s3v4"}, + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + }, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "s3-control-fips.us-east-2.amazonaws.com", + SignatureVersions: []string{"s3v4"}, + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + }, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant | dualStackVariant, + }: endpoint{ + Hostname: "s3-control-fips.dualstack.us-east-2.amazonaws.com", + SignatureVersions: []string{"s3v4"}, + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + }, + endpointKey{ + Region: "us-east-2-fips", + }: endpoint{ + Hostname: "s3-control-fips.us-east-2.amazonaws.com", + SignatureVersions: []string{"s3v4"}, + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-west-1", + }: endpoint{ + Hostname: "s3-control.us-west-1.amazonaws.com", + SignatureVersions: []string{"s3v4"}, + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + }, + endpointKey{ + Region: "us-west-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "s3-control.dualstack.us-west-1.amazonaws.com", + SignatureVersions: []string{"s3v4"}, + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + }, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "s3-control-fips.us-west-1.amazonaws.com", + SignatureVersions: []string{"s3v4"}, + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + }, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant | dualStackVariant, + }: endpoint{ + Hostname: "s3-control-fips.dualstack.us-west-1.amazonaws.com", + SignatureVersions: []string{"s3v4"}, + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + }, + endpointKey{ + Region: "us-west-1-fips", + }: endpoint{ + Hostname: "s3-control-fips.us-west-1.amazonaws.com", + SignatureVersions: []string{"s3v4"}, + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{ + Hostname: "s3-control.us-west-2.amazonaws.com", + SignatureVersions: []string{"s3v4"}, + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, + endpointKey{ + Region: "us-west-2", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "s3-control.dualstack.us-west-2.amazonaws.com", + SignatureVersions: []string{"s3v4"}, + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "s3-control-fips.us-west-2.amazonaws.com", + SignatureVersions: []string{"s3v4"}, + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant | dualStackVariant, + }: endpoint{ + Hostname: "s3-control-fips.dualstack.us-west-2.amazonaws.com", + SignatureVersions: []string{"s3v4"}, + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, + endpointKey{ + Region: "us-west-2-fips", + }: endpoint{ + Hostname: "s3-control-fips.us-west-2.amazonaws.com", + SignatureVersions: []string{"s3v4"}, + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, + }, + }, + "s3-outposts": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "af-south-1", + Variant: dualStackVariant, + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + Variant: dualStackVariant, + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + Variant: dualStackVariant, + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + Variant: dualStackVariant, + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + Variant: dualStackVariant, + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + Variant: dualStackVariant, + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + Variant: dualStackVariant, + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + Variant: dualStackVariant, + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + Variant: dualStackVariant, + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + Variant: dualStackVariant, + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + Variant: fipsVariant, + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + Variant: fipsVariant | dualStackVariant, + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + Variant: dualStackVariant, + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + Variant: dualStackVariant, + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + Variant: dualStackVariant, + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + Variant: dualStackVariant, + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + Variant: dualStackVariant, + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + Variant: dualStackVariant, + }: endpoint{}, + endpointKey{ + Region: "fips-ca-central-1", + }: endpoint{ + + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ + + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-1", + }: endpoint{ + + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "il-central-1", + Variant: dualStackVariant, + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + Variant: dualStackVariant, + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + Variant: dualStackVariant, + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: dualStackVariant, + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant | dualStackVariant, + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: dualStackVariant, + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant | dualStackVariant, + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: dualStackVariant, + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant | dualStackVariant, + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: dualStackVariant, + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant | dualStackVariant, + }: endpoint{}, + }, + }, + "sagemaker-geospatial": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + }, + }, + "savingsplans": service{ + PartitionEndpoint: "aws-global", + IsRegionalized: boxedFalse, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "aws-global", + }: endpoint{ + Hostname: "savingsplans.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + }, + }, + "scheduler": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + }, + }, + "schemas": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + }, + }, + "sdb": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + Protocols: []string{"http", "https"}, + SignatureVersions: []string{"v2"}, + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{ + Hostname: "sdb.amazonaws.com", + }, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + }, + }, + "secretsmanager": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "af-south-1", + Variant: dualStackVariant, + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + Variant: dualStackVariant, + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + Variant: dualStackVariant, + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + Variant: dualStackVariant, + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + Variant: dualStackVariant, + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + Variant: dualStackVariant, + }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + Variant: dualStackVariant, + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + Variant: dualStackVariant, + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + Variant: dualStackVariant, + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + Variant: dualStackVariant, + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + Variant: dualStackVariant, + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + Variant: dualStackVariant, + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + Variant: fipsVariant, + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + Variant: fipsVariant | dualStackVariant, + }: endpoint{}, + endpointKey{ + Region: "ca-central-1-fips", + }: endpoint{ + + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + Variant: dualStackVariant, + }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + Variant: fipsVariant, + }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + Variant: fipsVariant | dualStackVariant, + }: endpoint{}, + endpointKey{ + Region: "ca-west-1-fips", + }: endpoint{ + + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + Variant: dualStackVariant, + }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + Variant: dualStackVariant, + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + Variant: dualStackVariant, + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + Variant: dualStackVariant, + }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + Variant: dualStackVariant, + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + Variant: dualStackVariant, + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + Variant: dualStackVariant, + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + Variant: dualStackVariant, + }: endpoint{}, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "il-central-1", + Variant: dualStackVariant, + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + Variant: dualStackVariant, + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + Variant: dualStackVariant, + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + Variant: dualStackVariant, + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: dualStackVariant, + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant | dualStackVariant, + }: endpoint{}, + endpointKey{ + Region: "us-east-1-fips", + }: endpoint{ + + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: dualStackVariant, + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant | dualStackVariant, + }: endpoint{}, + endpointKey{ + Region: "us-east-2-fips", + }: endpoint{ + + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: dualStackVariant, + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant | dualStackVariant, + }: endpoint{}, + endpointKey{ + Region: "us-west-1-fips", + }: endpoint{ + + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: dualStackVariant, + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant | dualStackVariant, + }: endpoint{}, + endpointKey{ + Region: "us-west-2-fips", + }: endpoint{ + + Deprecated: boxedTrue, + }, + }, + }, + "securityhub": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "securityhub-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ + Hostname: "securityhub-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-1", + }: endpoint{ + Hostname: "securityhub-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "securityhub-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "securityhub-fips.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "securityhub-fips.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "securityhub-fips.us-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "securityhub-fips.us-west-2.amazonaws.com", + }, + }, + }, + "securitylake": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "securitylake-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ + Hostname: "securitylake-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-1", + }: endpoint{ + Hostname: "securitylake-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "securitylake-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "securitylake-fips.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "securitylake-fips.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "securitylake-fips.us-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "securitylake-fips.us-west-2.amazonaws.com", + }, + }, + }, + "serverlessrepo": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + Protocols: []string{"https"}, + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-east-1", + }: endpoint{ + Protocols: []string{"https"}, + }, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{ + Protocols: []string{"https"}, + }, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{ + Protocols: []string{"https"}, + }, + endpointKey{ + Region: "ap-south-1", + }: endpoint{ + Protocols: []string{"https"}, + }, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{ + Protocols: []string{"https"}, + }, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{ + Protocols: []string{"https"}, + }, + endpointKey{ + Region: "ca-central-1", + }: endpoint{ + Protocols: []string{"https"}, + }, + endpointKey{ + Region: "eu-central-1", + }: endpoint{ + Protocols: []string{"https"}, + }, + endpointKey{ + Region: "eu-north-1", + }: endpoint{ + Protocols: []string{"https"}, + }, + endpointKey{ + Region: "eu-west-1", + }: endpoint{ + Protocols: []string{"https"}, + }, + endpointKey{ + Region: "eu-west-2", + }: endpoint{ + Protocols: []string{"https"}, + }, + endpointKey{ + Region: "eu-west-3", + }: endpoint{ + Protocols: []string{"https"}, + }, + endpointKey{ + Region: "me-south-1", + }: endpoint{ + Protocols: []string{"https"}, + }, + endpointKey{ + Region: "sa-east-1", + }: endpoint{ + Protocols: []string{"https"}, + }, + endpointKey{ + Region: "us-east-1", + }: endpoint{ + Protocols: []string{"https"}, + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{ + Protocols: []string{"https"}, + }, + endpointKey{ + Region: "us-west-1", + }: endpoint{ + Protocols: []string{"https"}, + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{ + Protocols: []string{"https"}, + }, + }, + }, + "servicecatalog": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "servicecatalog-fips.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-1-fips", + }: endpoint{ + Hostname: "servicecatalog-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "servicecatalog-fips.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-east-2-fips", + }: endpoint{ + Hostname: "servicecatalog-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "servicecatalog-fips.us-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-west-1-fips", + }: endpoint{ + Hostname: "servicecatalog-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "servicecatalog-fips.us-west-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2-fips", + }: endpoint{ + Hostname: "servicecatalog-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, + }, + }, + "servicecatalog-appregistry": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "servicecatalog-appregistry-fips.ca-central-1.amazonaws.com", + }, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "fips-ca-central-1", + }: endpoint{ + Hostname: "servicecatalog-appregistry-fips.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "servicecatalog-appregistry-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ + Hostname: "servicecatalog-appregistry-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-1", + }: endpoint{ + Hostname: "servicecatalog-appregistry-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "servicecatalog-appregistry-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "servicecatalog-appregistry-fips.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "servicecatalog-appregistry-fips.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "servicecatalog-appregistry-fips.us-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "servicecatalog-appregistry-fips.us-west-2.amazonaws.com", + }, + }, + }, + "servicediscovery": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "af-south-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "servicediscovery.af-south-1.api.aws", + }, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "servicediscovery.ap-east-1.api.aws", + }, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "servicediscovery.ap-northeast-1.api.aws", + }, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "servicediscovery.ap-northeast-2.api.aws", + }, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "servicediscovery.ap-northeast-3.api.aws", + }, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "servicediscovery.ap-south-1.api.aws", + }, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "servicediscovery.ap-south-2.api.aws", + }, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "servicediscovery.ap-southeast-1.api.aws", + }, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "servicediscovery.ap-southeast-2.api.aws", + }, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "servicediscovery.ap-southeast-3.api.aws", + }, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "servicediscovery.ap-southeast-4.api.aws", + }, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "servicediscovery.ca-central-1.api.aws", + }, + endpointKey{ + Region: "ca-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "servicediscovery-fips.ca-central-1.amazonaws.com", + }, + endpointKey{ + Region: "ca-central-1", + Variant: fipsVariant | dualStackVariant, + }: endpoint{ + Hostname: "servicediscovery-fips.ca-central-1.api.aws", + }, + endpointKey{ + Region: "ca-central-1-fips", + }: endpoint{ + Hostname: "servicediscovery-fips.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "servicediscovery.eu-central-1.api.aws", + }, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "servicediscovery.eu-central-2.api.aws", + }, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "servicediscovery.eu-north-1.api.aws", + }, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "servicediscovery.eu-south-1.api.aws", + }, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "servicediscovery.eu-south-2.api.aws", + }, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "servicediscovery.eu-west-1.api.aws", + }, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "servicediscovery.eu-west-2.api.aws", + }, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "servicediscovery.eu-west-3.api.aws", + }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "il-central-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "servicediscovery.il-central-1.api.aws", + }, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "servicediscovery.me-central-1.api.aws", + }, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "servicediscovery.me-south-1.api.aws", + }, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "servicediscovery.sa-east-1.api.aws", + }, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "servicediscovery.us-east-1.api.aws", + }, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "servicediscovery-fips.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant | dualStackVariant, + }: endpoint{ + Hostname: "servicediscovery-fips.us-east-1.api.aws", + }, + endpointKey{ + Region: "us-east-1-fips", + }: endpoint{ + Hostname: "servicediscovery-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "servicediscovery.us-east-2.api.aws", + }, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "servicediscovery-fips.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant | dualStackVariant, + }: endpoint{ + Hostname: "servicediscovery-fips.us-east-2.api.aws", + }, + endpointKey{ + Region: "us-east-2-fips", + }: endpoint{ + Hostname: "servicediscovery-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "servicediscovery.us-west-1.api.aws", + }, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "servicediscovery-fips.us-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant | dualStackVariant, + }: endpoint{ + Hostname: "servicediscovery-fips.us-west-1.api.aws", + }, + endpointKey{ + Region: "us-west-1-fips", + }: endpoint{ + Hostname: "servicediscovery-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "servicediscovery.us-west-2.api.aws", + }, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "servicediscovery-fips.us-west-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant | dualStackVariant, + }: endpoint{ + Hostname: "servicediscovery-fips.us-west-2.api.aws", + }, + endpointKey{ + Region: "us-west-2-fips", + }: endpoint{ + Hostname: "servicediscovery-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, + }, + }, + "servicequotas": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + Protocols: []string{"https"}, + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + }, + }, + "session.qldb": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "session.qldb-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ + Hostname: "session.qldb-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "session.qldb-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "session.qldb-fips.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "session.qldb-fips.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "session.qldb-fips.us-west-2.amazonaws.com", + }, + }, + }, + "shield": service{ + PartitionEndpoint: "aws-global", + IsRegionalized: boxedFalse, + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + SSLCommonName: "shield.us-east-1.amazonaws.com", + Protocols: []string{"https"}, + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "aws-global", + }: endpoint{ + Hostname: "shield.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + endpointKey{ + Region: "aws-global", + Variant: fipsVariant, + }: endpoint{ + Hostname: "shield-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + endpointKey{ + Region: "fips-aws-global", + }: endpoint{ + Hostname: "shield-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, + }, + }, + }, + "signer": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "signer-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ + Hostname: "signer-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-1", + }: endpoint{ + Hostname: "signer-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "signer-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-verification-us-east-1", + }: endpoint{ + Hostname: "verification.signer-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + endpointKey{ + Region: "fips-verification-us-east-2", + }: endpoint{ + Hostname: "verification.signer-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + }, + endpointKey{ + Region: "fips-verification-us-west-1", + }: endpoint{ + Hostname: "verification.signer-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + }, + endpointKey{ + Region: "fips-verification-us-west-2", + }: endpoint{ + Hostname: "verification.signer-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "signer-fips.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "signer-fips.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "signer-fips.us-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "signer-fips.us-west-2.amazonaws.com", + }, + endpointKey{ + Region: "verification-af-south-1", + }: endpoint{ + Hostname: "verification.signer.af-south-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "af-south-1", + }, + }, + endpointKey{ + Region: "verification-ap-east-1", + }: endpoint{ + Hostname: "verification.signer.ap-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-east-1", + }, + }, + endpointKey{ + Region: "verification-ap-northeast-1", + }: endpoint{ + Hostname: "verification.signer.ap-northeast-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-northeast-1", + }, + }, + endpointKey{ + Region: "verification-ap-northeast-2", + }: endpoint{ + Hostname: "verification.signer.ap-northeast-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-northeast-2", + }, + }, + endpointKey{ + Region: "verification-ap-south-1", + }: endpoint{ + Hostname: "verification.signer.ap-south-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-south-1", + }, + }, + endpointKey{ + Region: "verification-ap-southeast-1", + }: endpoint{ + Hostname: "verification.signer.ap-southeast-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-southeast-1", + }, + }, + endpointKey{ + Region: "verification-ap-southeast-2", + }: endpoint{ + Hostname: "verification.signer.ap-southeast-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-southeast-2", + }, + }, + endpointKey{ + Region: "verification-ca-central-1", + }: endpoint{ + Hostname: "verification.signer.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + }, + endpointKey{ + Region: "verification-eu-central-1", + }: endpoint{ + Hostname: "verification.signer.eu-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-central-1", + }, + }, + endpointKey{ + Region: "verification-eu-north-1", + }: endpoint{ + Hostname: "verification.signer.eu-north-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-north-1", + }, + }, + endpointKey{ + Region: "verification-eu-south-1", + }: endpoint{ + Hostname: "verification.signer.eu-south-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-south-1", + }, + }, + endpointKey{ + Region: "verification-eu-west-1", + }: endpoint{ + Hostname: "verification.signer.eu-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-west-1", + }, + }, + endpointKey{ + Region: "verification-eu-west-2", + }: endpoint{ + Hostname: "verification.signer.eu-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-west-2", + }, + }, + endpointKey{ + Region: "verification-eu-west-3", + }: endpoint{ + Hostname: "verification.signer.eu-west-3.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-west-3", + }, + }, + endpointKey{ + Region: "verification-me-south-1", + }: endpoint{ + Hostname: "verification.signer.me-south-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "me-south-1", + }, + }, + endpointKey{ + Region: "verification-sa-east-1", + }: endpoint{ + Hostname: "verification.signer.sa-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "sa-east-1", + }, + }, + endpointKey{ + Region: "verification-us-east-1", + }: endpoint{ + Hostname: "verification.signer.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + endpointKey{ + Region: "verification-us-east-2", + }: endpoint{ + Hostname: "verification.signer.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + }, + endpointKey{ + Region: "verification-us-west-1", + }: endpoint{ + Hostname: "verification.signer.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + }, + endpointKey{ + Region: "verification-us-west-2", + }: endpoint{ + Hostname: "verification.signer.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, + }, + }, + "simspaceweaver": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + }, + }, + "sms": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "sms-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "sms-fips.us-west-2.amazonaws.com", + }, + }, + }, + "sms-voice": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "sms-voice-fips.ca-central-1.amazonaws.com", + }, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "fips-ca-central-1", + }: endpoint{ + Hostname: "sms-voice-fips.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "sms-voice-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ + Hostname: "sms-voice-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-1", + }: endpoint{ + Hostname: "sms-voice-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "sms-voice-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "sms-voice-fips.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "sms-voice-fips.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "sms-voice-fips.us-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "sms-voice-fips.us-west-2.amazonaws.com", + }, + }, + }, + "snowball": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "snowball-fips.ap-northeast-1.amazonaws.com", + }, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "snowball-fips.ap-northeast-2.amazonaws.com", + }, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + Variant: fipsVariant, + }: endpoint{ + Hostname: "snowball-fips.ap-northeast-3.amazonaws.com", + }, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "snowball-fips.ap-south-1.amazonaws.com", + }, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "snowball-fips.ap-southeast-1.amazonaws.com", + }, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "snowball-fips.ap-southeast-2.amazonaws.com", + }, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "snowball-fips.ca-central-1.amazonaws.com", + }, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "snowball-fips.eu-central-1.amazonaws.com", + }, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "snowball-fips.eu-west-1.amazonaws.com", + }, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "snowball-fips.eu-west-2.amazonaws.com", + }, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + Variant: fipsVariant, + }: endpoint{ + Hostname: "snowball-fips.eu-west-3.amazonaws.com", + }, + endpointKey{ + Region: "fips-ap-northeast-1", + }: endpoint{ + Hostname: "snowball-fips.ap-northeast-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-northeast-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-ap-northeast-2", + }: endpoint{ + Hostname: "snowball-fips.ap-northeast-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-northeast-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-ap-northeast-3", + }: endpoint{ + Hostname: "snowball-fips.ap-northeast-3.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-northeast-3", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-ap-south-1", + }: endpoint{ + Hostname: "snowball-fips.ap-south-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-south-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-ap-southeast-1", + }: endpoint{ + Hostname: "snowball-fips.ap-southeast-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-southeast-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-ap-southeast-2", + }: endpoint{ + Hostname: "snowball-fips.ap-southeast-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-southeast-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-ca-central-1", + }: endpoint{ + Hostname: "snowball-fips.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-eu-central-1", + }: endpoint{ + Hostname: "snowball-fips.eu-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-central-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-eu-west-1", + }: endpoint{ + Hostname: "snowball-fips.eu-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-eu-west-2", + }: endpoint{ + Hostname: "snowball-fips.eu-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-west-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-eu-west-3", + }: endpoint{ + Hostname: "snowball-fips.eu-west-3.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-west-3", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-sa-east-1", + }: endpoint{ + Hostname: "snowball-fips.sa-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "sa-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "snowball-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ + Hostname: "snowball-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-1", + }: endpoint{ + Hostname: "snowball-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "snowball-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "snowball-fips.sa-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "snowball-fips.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "snowball-fips.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "snowball-fips.us-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "snowball-fips.us-west-2.amazonaws.com", + }, + }, + }, + "sns": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + Protocols: []string{"http", "https"}, + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "sns-fips.ca-west-1.amazonaws.com", + }, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "fips-ca-west-1", + }: endpoint{ + Hostname: "sns-fips.ca-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "sns-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ + Hostname: "sns-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-1", + }: endpoint{ + Hostname: "sns-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "sns-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "sns-fips.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "sns-fips.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "sns-fips.us-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "sns-fips.us-west-2.amazonaws.com", + }, + }, + }, + "sqs": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + SSLCommonName: "{region}.queue.{dnsSuffix}", + Protocols: []string{"http", "https"}, + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "sqs-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ + Hostname: "sqs-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-1", + }: endpoint{ + Hostname: "sqs-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "sqs-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{ + SSLCommonName: "queue.{dnsSuffix}", + }, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "sqs-fips.us-east-1.amazonaws.com", + SSLCommonName: "queue.{dnsSuffix}", + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "sqs-fips.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "sqs-fips.us-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "sqs-fips.us-west-2.amazonaws.com", + }, + }, + }, + "ssm": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "ssm-fips.ca-central-1.amazonaws.com", + }, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "ssm-fips.ca-west-1.amazonaws.com", + }, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "fips-ca-central-1", + }: endpoint{ + Hostname: "ssm-fips.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-ca-west-1", + }: endpoint{ + Hostname: "ssm-fips.ca-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "ssm-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ + Hostname: "ssm-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-1", + }: endpoint{ + Hostname: "ssm-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "ssm-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "ssm-fips.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "ssm-fips.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "ssm-fips.us-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "ssm-fips.us-west-2.amazonaws.com", + }, + }, + }, + "ssm-contacts": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "ssm-contacts-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ + Hostname: "ssm-contacts-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-1", + }: endpoint{ + Hostname: "ssm-contacts-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "ssm-contacts-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "ssm-contacts-fips.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "ssm-contacts-fips.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "ssm-contacts-fips.us-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "ssm-contacts-fips.us-west-2.amazonaws.com", + }, + }, + }, + "ssm-incidents": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "ssm-incidents-fips.ca-central-1.amazonaws.com", + }, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "fips-ca-central-1", + }: endpoint{ + Hostname: "ssm-incidents-fips.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "ssm-incidents-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ + Hostname: "ssm-incidents-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-1", + }: endpoint{ + Hostname: "ssm-incidents-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "ssm-incidents-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "ssm-incidents-fips.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "ssm-incidents-fips.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "ssm-incidents-fips.us-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "ssm-incidents-fips.us-west-2.amazonaws.com", + }, + }, + }, + "ssm-sap": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "ssm-sap-fips.ca-central-1.amazonaws.com", + }, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "fips-ca-central-1", + }: endpoint{ + Hostname: "ssm-sap-fips.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "ssm-sap-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ + Hostname: "ssm-sap-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-1", + }: endpoint{ + Hostname: "ssm-sap-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "ssm-sap-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "ssm-sap-fips.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "ssm-sap-fips.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "ssm-sap-fips.us-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "ssm-sap-fips.us-west-2.amazonaws.com", + }, + }, + }, + "sso": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + }, + }, + "states": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "states-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ + Hostname: "states-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-1", + }: endpoint{ + Hostname: "states-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "states-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "states-fips.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "states-fips.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "states-fips.us-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "states-fips.us-west-2.amazonaws.com", + }, + }, + }, + "storagegateway": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "storagegateway-fips.ca-central-1.amazonaws.com", + }, + endpointKey{ + Region: "ca-central-1-fips", + }: endpoint{ + Hostname: "storagegateway-fips.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "storagegateway-fips.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-1-fips", + }: endpoint{ + Hostname: "storagegateway-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "storagegateway-fips.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-east-2-fips", + }: endpoint{ + Hostname: "storagegateway-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "storagegateway-fips.us-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-west-1-fips", + }: endpoint{ + Hostname: "storagegateway-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "storagegateway-fips.us-west-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2-fips", + }: endpoint{ + Hostname: "storagegateway-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, + }, + }, + "streams.dynamodb": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + Protocols: []string{"http", "https"}, + CredentialScope: credentialScope{ + Service: "dynamodb", + }, + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "local", + }: endpoint{ + Hostname: "localhost:8000", + Protocols: []string{"http"}, + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + }, + }, + "sts": service{ + PartitionEndpoint: "aws-global", + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "aws-global", + }: endpoint{ + Hostname: "sts.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "sts-fips.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-1-fips", + }: endpoint{ + Hostname: "sts-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "sts-fips.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-east-2-fips", + }: endpoint{ + Hostname: "sts-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "sts-fips.us-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-west-1-fips", + }: endpoint{ + Hostname: "sts-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "sts-fips.us-west-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2-fips", + }: endpoint{ + Hostname: "sts-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, + }, + }, + "support": service{ + PartitionEndpoint: "aws-global", + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "aws-global", + }: endpoint{ + Hostname: "support.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + }, + }, + "supportapp": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + }, + }, + "swf": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "swf-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ + Hostname: "swf-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-1", + }: endpoint{ + Hostname: "swf-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "swf-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "swf-fips.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "swf-fips.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "swf-fips.us-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "swf-fips.us-west-2.amazonaws.com", + }, + }, + }, + "synthetics": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "synthetics-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ + Hostname: "synthetics-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-1", + }: endpoint{ + Hostname: "synthetics-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "synthetics-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "synthetics-fips.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "synthetics-fips.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "synthetics-fips.us-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "synthetics-fips.us-west-2.amazonaws.com", + }, + }, + }, + "tagging": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + }, + }, + "textract": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "textract-fips.ca-central-1.amazonaws.com", + }, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "fips-ca-central-1", + }: endpoint{ + Hostname: "textract-fips.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "textract-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ + Hostname: "textract-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-1", + }: endpoint{ + Hostname: "textract-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "textract-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "textract-fips.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "textract-fips.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "textract-fips.us-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "textract-fips.us-west-2.amazonaws.com", + }, + }, + }, + "thinclient": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + }, + }, + "tnb": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + }, + }, + "transcribe": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + Protocols: []string{"https"}, + }, + defaultKey{ + Variant: fipsVariant, + }: endpoint{ + Hostname: "fips.transcribe.{region}.{dnsSuffix}", + Protocols: []string{"https"}, + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "fips.transcribe.ca-central-1.amazonaws.com", + }, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "fips-ca-central-1", + }: endpoint{ + Hostname: "fips.transcribe.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "fips.transcribe.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ + Hostname: "fips.transcribe.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-1", + }: endpoint{ + Hostname: "fips.transcribe.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "fips.transcribe.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "fips.transcribe.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "fips.transcribe.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "fips.transcribe.us-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "fips.transcribe.us-west-2.amazonaws.com", + }, + }, + }, + "transcribestreaming": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "transcribestreaming-ca-central-1", + }: endpoint{ + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "transcribestreaming-ca-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "transcribestreaming-fips.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "transcribestreaming-fips-ca-central-1", + }: endpoint{ + Hostname: "transcribestreaming-fips.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "transcribestreaming-fips-us-east-1", + }: endpoint{ + Hostname: "transcribestreaming-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "transcribestreaming-fips-us-east-2", + }: endpoint{ + Hostname: "transcribestreaming-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "transcribestreaming-fips-us-west-2", + }: endpoint{ + Hostname: "transcribestreaming-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "transcribestreaming-us-east-1", + }: endpoint{ + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "transcribestreaming-us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "transcribestreaming-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "transcribestreaming-us-east-2", + }: endpoint{ + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "transcribestreaming-us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "transcribestreaming-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "transcribestreaming-us-west-2", + }: endpoint{ + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "transcribestreaming-us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "transcribestreaming-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + }, + }, + "transfer": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "transfer-fips.ca-central-1.amazonaws.com", + }, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "fips-ca-central-1", + }: endpoint{ + Hostname: "transfer-fips.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "transfer-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ + Hostname: "transfer-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-1", + }: endpoint{ + Hostname: "transfer-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "transfer-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "transfer-fips.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "transfer-fips.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "transfer-fips.us-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "transfer-fips.us-west-2.amazonaws.com", + }, + }, + }, + "translate": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + Protocols: []string{"https"}, + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "translate-fips.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-1-fips", + }: endpoint{ + Hostname: "translate-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "translate-fips.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-east-2-fips", + }: endpoint{ + Hostname: "translate-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "translate-fips.us-west-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2-fips", + }: endpoint{ + Hostname: "translate-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, + }, + }, + "verifiedpermissions": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + }, + }, + "voice-chime": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "voice-chime-fips.ca-central-1.amazonaws.com", + }, + endpointKey{ + Region: "ca-central-1-fips", + }: endpoint{ + Hostname: "voice-chime-fips.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "voice-chime-fips.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-1-fips", + }: endpoint{ + Hostname: "voice-chime-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "voice-chime-fips.us-west-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2-fips", + }: endpoint{ + Hostname: "voice-chime-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, + }, + }, + "voiceid": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "voiceid-fips.ca-central-1.amazonaws.com", + }, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "fips-ca-central-1", + }: endpoint{ + Hostname: "voiceid-fips.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "voiceid-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "voiceid-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "voiceid-fips.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "voiceid-fips.us-west-2.amazonaws.com", + }, + }, + }, + "vpc-lattice": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + }, + }, + "waf": service{ + PartitionEndpoint: "aws-global", + IsRegionalized: boxedFalse, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "aws", + }: endpoint{ + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "aws", + Variant: fipsVariant, + }: endpoint{ + Hostname: "waf-fips.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "aws-fips", + }: endpoint{ + Hostname: "waf-fips.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "aws-global", + }: endpoint{ + Hostname: "waf.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + endpointKey{ + Region: "aws-global", + Variant: fipsVariant, + }: endpoint{ + Hostname: "waf-fips.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + endpointKey{ + Region: "aws-global-fips", + }: endpoint{ + Hostname: "waf-fips.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, + }, + }, + }, + "waf-regional": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{ + Hostname: "waf-regional.af-south-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "af-south-1", + }, + }, + endpointKey{ + Region: "af-south-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "waf-regional-fips.af-south-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "af-south-1", + }, + }, + endpointKey{ + Region: "ap-east-1", + }: endpoint{ + Hostname: "waf-regional.ap-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-east-1", + }, + }, + endpointKey{ + Region: "ap-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "waf-regional-fips.ap-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-east-1", + }, + }, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{ + Hostname: "waf-regional.ap-northeast-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-northeast-1", + }, + }, + endpointKey{ + Region: "ap-northeast-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "waf-regional-fips.ap-northeast-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-northeast-1", + }, + }, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{ + Hostname: "waf-regional.ap-northeast-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-northeast-2", + }, + }, + endpointKey{ + Region: "ap-northeast-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "waf-regional-fips.ap-northeast-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-northeast-2", + }, + }, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{ + Hostname: "waf-regional.ap-northeast-3.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-northeast-3", + }, + }, + endpointKey{ + Region: "ap-northeast-3", + Variant: fipsVariant, + }: endpoint{ + Hostname: "waf-regional-fips.ap-northeast-3.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-northeast-3", + }, + }, + endpointKey{ + Region: "ap-south-1", + }: endpoint{ + Hostname: "waf-regional.ap-south-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-south-1", + }, + }, + endpointKey{ + Region: "ap-south-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "waf-regional-fips.ap-south-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-south-1", + }, + }, + endpointKey{ + Region: "ap-south-2", + }: endpoint{ + Hostname: "waf-regional.ap-south-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-south-2", + }, + }, + endpointKey{ + Region: "ap-south-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "waf-regional-fips.ap-south-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-south-2", + }, + }, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{ + Hostname: "waf-regional.ap-southeast-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-southeast-1", + }, + }, + endpointKey{ + Region: "ap-southeast-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "waf-regional-fips.ap-southeast-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-southeast-1", + }, + }, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{ + Hostname: "waf-regional.ap-southeast-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-southeast-2", + }, + }, + endpointKey{ + Region: "ap-southeast-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "waf-regional-fips.ap-southeast-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-southeast-2", + }, + }, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{ + Hostname: "waf-regional.ap-southeast-3.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-southeast-3", + }, + }, + endpointKey{ + Region: "ap-southeast-3", + Variant: fipsVariant, + }: endpoint{ + Hostname: "waf-regional-fips.ap-southeast-3.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-southeast-3", + }, + }, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{ + Hostname: "waf-regional.ap-southeast-4.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-southeast-4", + }, + }, + endpointKey{ + Region: "ap-southeast-4", + Variant: fipsVariant, + }: endpoint{ + Hostname: "waf-regional-fips.ap-southeast-4.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-southeast-4", + }, + }, + endpointKey{ + Region: "ca-central-1", + }: endpoint{ + Hostname: "waf-regional.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + }, + endpointKey{ + Region: "ca-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "waf-regional-fips.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + }, + endpointKey{ + Region: "eu-central-1", + }: endpoint{ + Hostname: "waf-regional.eu-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-central-1", + }, + }, + endpointKey{ + Region: "eu-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "waf-regional-fips.eu-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-central-1", + }, + }, + endpointKey{ + Region: "eu-central-2", + }: endpoint{ + Hostname: "waf-regional.eu-central-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-central-2", + }, + }, + endpointKey{ + Region: "eu-central-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "waf-regional-fips.eu-central-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-central-2", + }, + }, + endpointKey{ + Region: "eu-north-1", + }: endpoint{ + Hostname: "waf-regional.eu-north-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-north-1", + }, + }, + endpointKey{ + Region: "eu-north-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "waf-regional-fips.eu-north-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-north-1", + }, + }, + endpointKey{ + Region: "eu-south-1", + }: endpoint{ + Hostname: "waf-regional.eu-south-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-south-1", + }, + }, + endpointKey{ + Region: "eu-south-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "waf-regional-fips.eu-south-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-south-1", + }, + }, + endpointKey{ + Region: "eu-south-2", + }: endpoint{ + Hostname: "waf-regional.eu-south-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-south-2", + }, + }, + endpointKey{ + Region: "eu-south-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "waf-regional-fips.eu-south-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-south-2", + }, + }, + endpointKey{ + Region: "eu-west-1", + }: endpoint{ + Hostname: "waf-regional.eu-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-west-1", + }, + }, + endpointKey{ + Region: "eu-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "waf-regional-fips.eu-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-west-1", + }, + }, + endpointKey{ + Region: "eu-west-2", + }: endpoint{ + Hostname: "waf-regional.eu-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-west-2", + }, + }, + endpointKey{ + Region: "eu-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "waf-regional-fips.eu-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-west-2", + }, + }, + endpointKey{ + Region: "eu-west-3", + }: endpoint{ + Hostname: "waf-regional.eu-west-3.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-west-3", + }, + }, + endpointKey{ + Region: "eu-west-3", + Variant: fipsVariant, + }: endpoint{ + Hostname: "waf-regional-fips.eu-west-3.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-west-3", + }, + }, + endpointKey{ + Region: "fips-af-south-1", + }: endpoint{ + Hostname: "waf-regional-fips.af-south-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "af-south-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-ap-east-1", + }: endpoint{ + Hostname: "waf-regional-fips.ap-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-ap-northeast-1", + }: endpoint{ + Hostname: "waf-regional-fips.ap-northeast-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-northeast-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-ap-northeast-2", + }: endpoint{ + Hostname: "waf-regional-fips.ap-northeast-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-northeast-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-ap-northeast-3", + }: endpoint{ + Hostname: "waf-regional-fips.ap-northeast-3.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-northeast-3", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-ap-south-1", + }: endpoint{ + Hostname: "waf-regional-fips.ap-south-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-south-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-ap-south-2", + }: endpoint{ + Hostname: "waf-regional-fips.ap-south-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-south-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-ap-southeast-1", + }: endpoint{ + Hostname: "waf-regional-fips.ap-southeast-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-southeast-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-ap-southeast-2", + }: endpoint{ + Hostname: "waf-regional-fips.ap-southeast-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-southeast-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-ap-southeast-3", + }: endpoint{ + Hostname: "waf-regional-fips.ap-southeast-3.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-southeast-3", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-ap-southeast-4", + }: endpoint{ + Hostname: "waf-regional-fips.ap-southeast-4.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-southeast-4", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-ca-central-1", + }: endpoint{ + Hostname: "waf-regional-fips.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-eu-central-1", + }: endpoint{ + Hostname: "waf-regional-fips.eu-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-central-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-eu-central-2", + }: endpoint{ + Hostname: "waf-regional-fips.eu-central-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-central-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-eu-north-1", + }: endpoint{ + Hostname: "waf-regional-fips.eu-north-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-north-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-eu-south-1", + }: endpoint{ + Hostname: "waf-regional-fips.eu-south-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-south-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-eu-south-2", + }: endpoint{ + Hostname: "waf-regional-fips.eu-south-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-south-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-eu-west-1", + }: endpoint{ + Hostname: "waf-regional-fips.eu-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-eu-west-2", + }: endpoint{ + Hostname: "waf-regional-fips.eu-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-west-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-eu-west-3", + }: endpoint{ + Hostname: "waf-regional-fips.eu-west-3.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-west-3", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-il-central-1", + }: endpoint{ + Hostname: "waf-regional-fips.il-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "il-central-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-me-central-1", + }: endpoint{ + Hostname: "waf-regional-fips.me-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "me-central-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-me-south-1", + }: endpoint{ + Hostname: "waf-regional-fips.me-south-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "me-south-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-sa-east-1", + }: endpoint{ + Hostname: "waf-regional-fips.sa-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "sa-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "waf-regional-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ + Hostname: "waf-regional-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-1", + }: endpoint{ + Hostname: "waf-regional-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "waf-regional-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "il-central-1", + }: endpoint{ + Hostname: "waf-regional.il-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "il-central-1", + }, + }, + endpointKey{ + Region: "il-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "waf-regional-fips.il-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "il-central-1", + }, + }, + endpointKey{ + Region: "me-central-1", + }: endpoint{ + Hostname: "waf-regional.me-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "me-central-1", + }, + }, + endpointKey{ + Region: "me-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "waf-regional-fips.me-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "me-central-1", + }, + }, + endpointKey{ + Region: "me-south-1", + }: endpoint{ + Hostname: "waf-regional.me-south-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "me-south-1", + }, + }, + endpointKey{ + Region: "me-south-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "waf-regional-fips.me-south-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "me-south-1", + }, + }, + endpointKey{ + Region: "sa-east-1", + }: endpoint{ + Hostname: "waf-regional.sa-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "sa-east-1", + }, + }, + endpointKey{ + Region: "sa-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "waf-regional-fips.sa-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "sa-east-1", + }, + }, + endpointKey{ + Region: "us-east-1", + }: endpoint{ + Hostname: "waf-regional.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "waf-regional-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{ + Hostname: "waf-regional.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + }, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "waf-regional-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + }, + endpointKey{ + Region: "us-west-1", + }: endpoint{ + Hostname: "waf-regional.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + }, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "waf-regional-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{ + Hostname: "waf-regional.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "waf-regional-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, + }, + }, + "wafv2": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{ + Hostname: "wafv2.af-south-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "af-south-1", + }, + }, + endpointKey{ + Region: "af-south-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "wafv2-fips.af-south-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "af-south-1", + }, + }, + endpointKey{ + Region: "ap-east-1", + }: endpoint{ + Hostname: "wafv2.ap-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-east-1", + }, + }, + endpointKey{ + Region: "ap-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "wafv2-fips.ap-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-east-1", + }, + }, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{ + Hostname: "wafv2.ap-northeast-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-northeast-1", + }, + }, + endpointKey{ + Region: "ap-northeast-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "wafv2-fips.ap-northeast-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-northeast-1", + }, + }, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{ + Hostname: "wafv2.ap-northeast-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-northeast-2", + }, + }, + endpointKey{ + Region: "ap-northeast-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "wafv2-fips.ap-northeast-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-northeast-2", + }, + }, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{ + Hostname: "wafv2.ap-northeast-3.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-northeast-3", + }, + }, + endpointKey{ + Region: "ap-northeast-3", + Variant: fipsVariant, + }: endpoint{ + Hostname: "wafv2-fips.ap-northeast-3.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-northeast-3", + }, + }, + endpointKey{ + Region: "ap-south-1", + }: endpoint{ + Hostname: "wafv2.ap-south-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-south-1", + }, + }, + endpointKey{ + Region: "ap-south-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "wafv2-fips.ap-south-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-south-1", + }, + }, + endpointKey{ + Region: "ap-south-2", + }: endpoint{ + Hostname: "wafv2.ap-south-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-south-2", + }, + }, + endpointKey{ + Region: "ap-south-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "wafv2-fips.ap-south-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-south-2", + }, + }, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{ + Hostname: "wafv2.ap-southeast-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-southeast-1", + }, + }, + endpointKey{ + Region: "ap-southeast-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "wafv2-fips.ap-southeast-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-southeast-1", + }, + }, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{ + Hostname: "wafv2.ap-southeast-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-southeast-2", + }, + }, + endpointKey{ + Region: "ap-southeast-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "wafv2-fips.ap-southeast-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-southeast-2", + }, + }, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{ + Hostname: "wafv2.ap-southeast-3.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-southeast-3", + }, + }, + endpointKey{ + Region: "ap-southeast-3", + Variant: fipsVariant, + }: endpoint{ + Hostname: "wafv2-fips.ap-southeast-3.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-southeast-3", + }, + }, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{ + Hostname: "wafv2.ap-southeast-4.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-southeast-4", + }, + }, + endpointKey{ + Region: "ap-southeast-4", + Variant: fipsVariant, + }: endpoint{ + Hostname: "wafv2-fips.ap-southeast-4.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-southeast-4", + }, + }, + endpointKey{ + Region: "ca-central-1", + }: endpoint{ + Hostname: "wafv2.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + }, + endpointKey{ + Region: "ca-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "wafv2-fips.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + }, + endpointKey{ + Region: "eu-central-1", + }: endpoint{ + Hostname: "wafv2.eu-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-central-1", + }, + }, + endpointKey{ + Region: "eu-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "wafv2-fips.eu-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-central-1", + }, + }, + endpointKey{ + Region: "eu-central-2", + }: endpoint{ + Hostname: "wafv2.eu-central-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-central-2", + }, + }, + endpointKey{ + Region: "eu-central-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "wafv2-fips.eu-central-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-central-2", + }, + }, + endpointKey{ + Region: "eu-north-1", + }: endpoint{ + Hostname: "wafv2.eu-north-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-north-1", + }, + }, + endpointKey{ + Region: "eu-north-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "wafv2-fips.eu-north-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-north-1", + }, + }, + endpointKey{ + Region: "eu-south-1", + }: endpoint{ + Hostname: "wafv2.eu-south-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-south-1", + }, + }, + endpointKey{ + Region: "eu-south-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "wafv2-fips.eu-south-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-south-1", + }, + }, + endpointKey{ + Region: "eu-south-2", + }: endpoint{ + Hostname: "wafv2.eu-south-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-south-2", + }, + }, + endpointKey{ + Region: "eu-south-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "wafv2-fips.eu-south-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-south-2", + }, + }, + endpointKey{ + Region: "eu-west-1", + }: endpoint{ + Hostname: "wafv2.eu-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-west-1", + }, + }, + endpointKey{ + Region: "eu-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "wafv2-fips.eu-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-west-1", + }, + }, + endpointKey{ + Region: "eu-west-2", + }: endpoint{ + Hostname: "wafv2.eu-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-west-2", + }, + }, + endpointKey{ + Region: "eu-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "wafv2-fips.eu-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-west-2", + }, + }, + endpointKey{ + Region: "eu-west-3", + }: endpoint{ + Hostname: "wafv2.eu-west-3.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-west-3", + }, + }, + endpointKey{ + Region: "eu-west-3", + Variant: fipsVariant, + }: endpoint{ + Hostname: "wafv2-fips.eu-west-3.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-west-3", + }, + }, + endpointKey{ + Region: "fips-af-south-1", + }: endpoint{ + Hostname: "wafv2-fips.af-south-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "af-south-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-ap-east-1", + }: endpoint{ + Hostname: "wafv2-fips.ap-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-ap-northeast-1", + }: endpoint{ + Hostname: "wafv2-fips.ap-northeast-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-northeast-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-ap-northeast-2", + }: endpoint{ + Hostname: "wafv2-fips.ap-northeast-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-northeast-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-ap-northeast-3", + }: endpoint{ + Hostname: "wafv2-fips.ap-northeast-3.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-northeast-3", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-ap-south-1", + }: endpoint{ + Hostname: "wafv2-fips.ap-south-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-south-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-ap-south-2", + }: endpoint{ + Hostname: "wafv2-fips.ap-south-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-south-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-ap-southeast-1", + }: endpoint{ + Hostname: "wafv2-fips.ap-southeast-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-southeast-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-ap-southeast-2", + }: endpoint{ + Hostname: "wafv2-fips.ap-southeast-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-southeast-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-ap-southeast-3", + }: endpoint{ + Hostname: "wafv2-fips.ap-southeast-3.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-southeast-3", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-ap-southeast-4", + }: endpoint{ + Hostname: "wafv2-fips.ap-southeast-4.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ap-southeast-4", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-ca-central-1", + }: endpoint{ + Hostname: "wafv2-fips.ca-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "ca-central-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-eu-central-1", + }: endpoint{ + Hostname: "wafv2-fips.eu-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-central-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-eu-central-2", + }: endpoint{ + Hostname: "wafv2-fips.eu-central-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-central-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-eu-north-1", + }: endpoint{ + Hostname: "wafv2-fips.eu-north-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-north-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-eu-south-1", + }: endpoint{ + Hostname: "wafv2-fips.eu-south-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-south-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-eu-south-2", + }: endpoint{ + Hostname: "wafv2-fips.eu-south-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-south-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-eu-west-1", + }: endpoint{ + Hostname: "wafv2-fips.eu-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-eu-west-2", + }: endpoint{ + Hostname: "wafv2-fips.eu-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-west-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-eu-west-3", + }: endpoint{ + Hostname: "wafv2-fips.eu-west-3.amazonaws.com", + CredentialScope: credentialScope{ + Region: "eu-west-3", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-il-central-1", + }: endpoint{ + Hostname: "wafv2-fips.il-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "il-central-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-me-central-1", + }: endpoint{ + Hostname: "wafv2-fips.me-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "me-central-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-me-south-1", + }: endpoint{ + Hostname: "wafv2-fips.me-south-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "me-south-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-sa-east-1", + }: endpoint{ + Hostname: "wafv2-fips.sa-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "sa-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "wafv2-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ + Hostname: "wafv2-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-1", + }: endpoint{ + Hostname: "wafv2-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "wafv2-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "il-central-1", + }: endpoint{ + Hostname: "wafv2.il-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "il-central-1", + }, + }, + endpointKey{ + Region: "il-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "wafv2-fips.il-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "il-central-1", + }, + }, + endpointKey{ + Region: "me-central-1", + }: endpoint{ + Hostname: "wafv2.me-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "me-central-1", + }, + }, + endpointKey{ + Region: "me-central-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "wafv2-fips.me-central-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "me-central-1", + }, + }, + endpointKey{ + Region: "me-south-1", + }: endpoint{ + Hostname: "wafv2.me-south-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "me-south-1", + }, + }, + endpointKey{ + Region: "me-south-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "wafv2-fips.me-south-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "me-south-1", + }, + }, + endpointKey{ + Region: "sa-east-1", + }: endpoint{ + Hostname: "wafv2.sa-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "sa-east-1", + }, + }, + endpointKey{ + Region: "sa-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "wafv2-fips.sa-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "sa-east-1", + }, + }, + endpointKey{ + Region: "us-east-1", + }: endpoint{ + Hostname: "wafv2.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "wafv2-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{ + Hostname: "wafv2.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + }, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "wafv2-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + }, + endpointKey{ + Region: "us-west-1", + }: endpoint{ + Hostname: "wafv2.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + }, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "wafv2-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{ + Hostname: "wafv2.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "wafv2-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + }, + }, + }, + "wellarchitected": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + }, + }, + "wisdom": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "ui-ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ui-ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ui-ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ui-ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ui-ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "ui-eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "ui-eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "ui-us-east-1", + }: endpoint{}, + endpointKey{ + Region: "ui-us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{}, + }, + }, + "workdocs": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "workdocs-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "workdocs-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "workdocs-fips.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "workdocs-fips.us-west-2.amazonaws.com", + }, + }, + }, + "workmail": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + Protocols: []string{"https"}, + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + }, + }, + "workspaces": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "workspaces-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "workspaces-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "workspaces-fips.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "workspaces-fips.us-west-2.amazonaws.com", + }, + }, + }, + "workspaces-web": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + }, + }, + "xray": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "af-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-east-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-northeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-south-1", + }: endpoint{}, + endpointKey{ + Region: "ap-south-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-1", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-2", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-3", + }: endpoint{}, + endpointKey{ + Region: "ap-southeast-4", + }: endpoint{}, + endpointKey{ + Region: "ca-central-1", + }: endpoint{}, + endpointKey{ + Region: "ca-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-1", + }: endpoint{}, + endpointKey{ + Region: "eu-central-2", + }: endpoint{}, + endpointKey{ + Region: "eu-north-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-1", + }: endpoint{}, + endpointKey{ + Region: "eu-south-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-1", + }: endpoint{}, + endpointKey{ + Region: "eu-west-2", + }: endpoint{}, + endpointKey{ + Region: "eu-west-3", + }: endpoint{}, + endpointKey{ + Region: "fips-us-east-1", + }: endpoint{ + Hostname: "xray-fips.us-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-east-2", + }: endpoint{ + Hostname: "xray-fips.us-east-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-east-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-1", + }: endpoint{ + Hostname: "xray-fips.us-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-west-2", + }: endpoint{ + Hostname: "xray-fips.us-west-2.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-west-2", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "il-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-central-1", + }: endpoint{}, + endpointKey{ + Region: "me-south-1", + }: endpoint{}, + endpointKey{ + Region: "sa-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "xray-fips.us-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-east-2", + }: endpoint{}, + endpointKey{ + Region: "us-east-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "xray-fips.us-east-2.amazonaws.com", + }, + endpointKey{ + Region: "us-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "xray-fips.us-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-west-2", + }: endpoint{}, + endpointKey{ + Region: "us-west-2", + Variant: fipsVariant, + }: endpoint{ + Hostname: "xray-fips.us-west-2.amazonaws.com", + }, + }, + }, + }, +} + +// AwsCnPartition returns the Resolver for AWS China. +func AwsCnPartition() Partition { + return awscnPartition.Partition() +} + +var awscnPartition = partition{ + ID: "aws-cn", + Name: "AWS China", + DNSSuffix: "amazonaws.com.cn", + RegionRegex: regionRegex{ + Regexp: func() *regexp.Regexp { + reg, _ := regexp.Compile("^cn\\-\\w+\\-\\d+$") + return reg + }(), + }, + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + Hostname: "{service}.{region}.{dnsSuffix}", + Protocols: []string{"https"}, + SignatureVersions: []string{"v4"}, + }, + defaultKey{ + Variant: dualStackVariant, + }: endpoint{ + Hostname: "{service}.{region}.{dnsSuffix}", + DNSSuffix: "api.amazonwebservices.com.cn", + Protocols: []string{"https"}, + SignatureVersions: []string{"v4"}, + }, + defaultKey{ + Variant: fipsVariant, + }: endpoint{ + Hostname: "{service}-fips.{region}.{dnsSuffix}", + DNSSuffix: "amazonaws.com.cn", + Protocols: []string{"https"}, + SignatureVersions: []string{"v4"}, + }, + defaultKey{ + Variant: fipsVariant | dualStackVariant, + }: endpoint{ + Hostname: "{service}-fips.{region}.{dnsSuffix}", + DNSSuffix: "api.amazonwebservices.com.cn", + Protocols: []string{"https"}, + SignatureVersions: []string{"v4"}, + }, + }, + Regions: regions{ + "cn-north-1": region{ + Description: "China (Beijing)", + }, + "cn-northwest-1": region{ + Description: "China (Ningxia)", + }, + }, + Services: services{ + "access-analyzer": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + }, + }, + "account": service{ + PartitionEndpoint: "aws-cn-global", + IsRegionalized: boxedFalse, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "aws-cn-global", + }: endpoint{ + Hostname: "account.cn-northwest-1.amazonaws.com.cn", + CredentialScope: credentialScope{ + Region: "cn-northwest-1", + }, + }, + }, + }, + "acm": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + }, + }, + "airflow": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + }, + }, + "api.ecr": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{ + Hostname: "api.ecr.cn-north-1.amazonaws.com.cn", + CredentialScope: credentialScope{ + Region: "cn-north-1", + }, + }, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{ + Hostname: "api.ecr.cn-northwest-1.amazonaws.com.cn", + CredentialScope: credentialScope{ + Region: "cn-northwest-1", + }, + }, + }, + }, + "api.pricing": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + CredentialScope: credentialScope{ + Service: "pricing", + }, + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + }, + }, + "api.sagemaker": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + }, + }, + "api.tunneling.iot": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + }, + }, + "apigateway": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + }, + }, + "appconfig": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + }, + }, + "appconfigdata": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + }, + }, + "application-autoscaling": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + Protocols: []string{"http", "https"}, + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + }, + }, + "applicationinsights": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + }, + }, + "appmesh": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "cn-north-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "appmesh.cn-north-1.api.amazonwebservices.com.cn", + }, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "appmesh.cn-northwest-1.api.amazonwebservices.com.cn", + }, + }, + }, + "appsync": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + }, + }, + "arc-zonal-shift": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + }, + }, + "athena": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "cn-north-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "athena.cn-north-1.api.amazonwebservices.com.cn", + }, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "athena.cn-northwest-1.api.amazonwebservices.com.cn", + }, + }, + }, + "autoscaling": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + Protocols: []string{"http", "https"}, + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + }, + }, + "autoscaling-plans": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + Protocols: []string{"http", "https"}, + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + }, + }, + "backup": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + }, + }, + "backupstorage": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + }, + }, + "batch": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + }, + }, + "budgets": service{ + PartitionEndpoint: "aws-cn-global", + IsRegionalized: boxedFalse, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "aws-cn-global", + }: endpoint{ + Hostname: "budgets.amazonaws.com.cn", + CredentialScope: credentialScope{ + Region: "cn-northwest-1", + }, + }, + }, + }, + "cassandra": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + }, + }, + "ce": service{ + PartitionEndpoint: "aws-cn-global", + IsRegionalized: boxedFalse, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "aws-cn-global", + }: endpoint{ + Hostname: "ce.cn-northwest-1.amazonaws.com.cn", + CredentialScope: credentialScope{ + Region: "cn-northwest-1", + }, + }, + }, + }, + "cloudcontrolapi": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + }, + }, + "cloudformation": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + }, + }, + "cloudfront": service{ + PartitionEndpoint: "aws-cn-global", + IsRegionalized: boxedFalse, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "aws-cn-global", + }: endpoint{ + Hostname: "cloudfront.cn-northwest-1.amazonaws.com.cn", + Protocols: []string{"http", "https"}, + CredentialScope: credentialScope{ + Region: "cn-northwest-1", + }, + }, + }, + }, + "cloudtrail": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + }, + }, + "codebuild": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + }, + }, + "codecommit": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + }, + }, + "codedeploy": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + }, + }, + "codepipeline": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + }, + }, + "cognito-identity": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + }, + }, + "compute-optimizer": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{ + Hostname: "compute-optimizer.cn-north-1.amazonaws.com.cn", + CredentialScope: credentialScope{ + Region: "cn-north-1", + }, + }, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{ + Hostname: "compute-optimizer.cn-northwest-1.amazonaws.com.cn", + CredentialScope: credentialScope{ + Region: "cn-northwest-1", + }, + }, + }, + }, + "config": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + }, + }, + "cur": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + }, + }, + "data-ats.iot": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + Protocols: []string{"https"}, + CredentialScope: credentialScope{ + Service: "iotdata", + }, + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{ + Hostname: "data.ats.iot.cn-north-1.amazonaws.com.cn", + Protocols: []string{"https"}, + }, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + }, + }, + "data.jobs.iot": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + }, + }, + "databrew": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + }, + }, + "datasync": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + }, + }, + "datazone": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + DNSSuffix: "api.amazonwebservices.com.cn", + }, + defaultKey{ + Variant: fipsVariant, + }: endpoint{ + Hostname: "{service}-fips.{region}.{dnsSuffix}", + DNSSuffix: "api.amazonwebservices.com.cn", + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{ + Hostname: "datazone.cn-north-1.api.amazonwebservices.com.cn", + }, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{ + Hostname: "datazone.cn-northwest-1.api.amazonwebservices.com.cn", + }, + }, + }, + "dax": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + }, + }, + "directconnect": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + }, + }, + "dlm": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + }, + }, + "dms": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + }, + }, + "docdb": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{ + Hostname: "rds.cn-northwest-1.amazonaws.com.cn", + CredentialScope: credentialScope{ + Region: "cn-northwest-1", + }, + }, + }, + }, + "ds": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + }, + }, + "dynamodb": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + Protocols: []string{"http", "https"}, + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + }, + }, + "ebs": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + }, + }, + "ec2": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + Protocols: []string{"http", "https"}, + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + }, + }, + "ecs": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + }, + }, + "eks": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + Protocols: []string{"http", "https"}, + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + }, + }, + "eks-auth": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + DNSSuffix: "api.amazonwebservices.com.cn", + }, + defaultKey{ + Variant: fipsVariant, + }: endpoint{ + Hostname: "{service}-fips.{region}.{dnsSuffix}", + DNSSuffix: "api.amazonwebservices.com.cn", + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{ + Hostname: "eks-auth.cn-north-1.api.amazonwebservices.com.cn", + }, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{ + Hostname: "eks-auth.cn-northwest-1.api.amazonwebservices.com.cn", + }, + }, + }, + "elasticache": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + }, + }, + "elasticbeanstalk": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + }, + }, + "elasticfilesystem": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "cn-north-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "elasticfilesystem-fips.cn-north-1.amazonaws.com.cn", + }, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "elasticfilesystem-fips.cn-northwest-1.amazonaws.com.cn", + }, + endpointKey{ + Region: "fips-cn-north-1", + }: endpoint{ + Hostname: "elasticfilesystem-fips.cn-north-1.amazonaws.com.cn", + CredentialScope: credentialScope{ + Region: "cn-north-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-cn-northwest-1", + }: endpoint{ + Hostname: "elasticfilesystem-fips.cn-northwest-1.amazonaws.com.cn", + CredentialScope: credentialScope{ + Region: "cn-northwest-1", + }, + Deprecated: boxedTrue, + }, + }, + }, + "elasticloadbalancing": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + Protocols: []string{"https"}, + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + }, + }, + "elasticmapreduce": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + Protocols: []string{"https"}, + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "cn-north-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "elasticmapreduce.cn-north-1.api.amazonwebservices.com.cn", + }, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "elasticmapreduce.cn-northwest-1.api.amazonwebservices.com.cn", + }, + }, + }, + "emr-containers": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + }, + }, + "emr-serverless": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + }, + }, + "es": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "cn-north-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "aos.cn-north-1.api.amazonwebservices.com.cn", + }, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "aos.cn-northwest-1.api.amazonwebservices.com.cn", + }, + }, + }, + "events": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + }, + }, + "firehose": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "cn-north-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "firehose.cn-north-1.api.amazonwebservices.com.cn", + }, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "firehose.cn-northwest-1.api.amazonwebservices.com.cn", + }, + }, + }, + "fms": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + Protocols: []string{"https"}, + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + }, + }, + "fsx": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + }, + }, + "gamelift": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + }, + }, + "glacier": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + Protocols: []string{"http", "https"}, + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + }, + }, + "glue": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + }, + }, + "greengrass": service{ + IsRegionalized: boxedTrue, + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + Protocols: []string{"https"}, + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + }, + }, + "guardduty": service{ + IsRegionalized: boxedTrue, + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + Protocols: []string{"https"}, + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + }, + }, + "health": service{ + PartitionEndpoint: "aws-cn-global", + IsRegionalized: boxedFalse, + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + SSLCommonName: "health.cn-northwest-1.amazonaws.com.cn", + Protocols: []string{"https"}, + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "aws-cn-global", + }: endpoint{ + Hostname: "global.health.amazonaws.com.cn", + CredentialScope: credentialScope{ + Region: "cn-northwest-1", + }, + }, + }, + }, + "iam": service{ + PartitionEndpoint: "aws-cn-global", + IsRegionalized: boxedFalse, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "aws-cn-global", + }: endpoint{ + Hostname: "iam.cn-north-1.amazonaws.com.cn", + CredentialScope: credentialScope{ + Region: "cn-north-1", + }, + }, + }, + }, + "identitystore": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + }, + }, + "inspector2": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + }, + }, + "internetmonitor": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + DNSSuffix: "api.amazonwebservices.com.cn", + }, + defaultKey{ + Variant: fipsVariant, + }: endpoint{ + Hostname: "{service}-fips.{region}.{dnsSuffix}", + DNSSuffix: "api.amazonwebservices.com.cn", + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{ + Hostname: "internetmonitor.cn-north-1.api.amazonwebservices.com.cn", + }, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{ + Hostname: "internetmonitor.cn-northwest-1.api.amazonwebservices.com.cn", + }, + }, + }, + "iot": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + }, + }, + "iotanalytics": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + }, + }, + "iotevents": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + }, + }, + "ioteventsdata": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{ + Hostname: "data.iotevents.cn-north-1.amazonaws.com.cn", + CredentialScope: credentialScope{ + Region: "cn-north-1", + }, + }, + }, + }, + "iotsecuredtunneling": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + }, + }, + "iotsitewise": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + }, + }, + "iottwinmaker": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "api-cn-north-1", + }: endpoint{ + Hostname: "api.iottwinmaker.cn-north-1.amazonaws.com.cn", + CredentialScope: credentialScope{ + Region: "cn-north-1", + }, + }, + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "data-cn-north-1", + }: endpoint{ + Hostname: "data.iottwinmaker.cn-north-1.amazonaws.com.cn", + CredentialScope: credentialScope{ + Region: "cn-north-1", + }, + }, + }, + }, + "kafka": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + }, + }, + "kendra-ranking": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + DNSSuffix: "api.amazonwebservices.com.cn", + }, + defaultKey{ + Variant: fipsVariant, + }: endpoint{ + Hostname: "{service}-fips.{region}.{dnsSuffix}", + DNSSuffix: "api.amazonwebservices.com.cn", + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{ + Hostname: "kendra-ranking.cn-north-1.api.amazonwebservices.com.cn", + }, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{ + Hostname: "kendra-ranking.cn-northwest-1.api.amazonwebservices.com.cn", + }, + }, + }, + "kinesis": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + }, + }, + "kinesisanalytics": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + }, + }, + "kinesisvideo": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + }, + }, + "kms": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + }, + }, + "lakeformation": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + }, + }, + "lambda": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "cn-north-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "lambda.cn-north-1.api.amazonwebservices.com.cn", + }, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "lambda.cn-northwest-1.api.amazonwebservices.com.cn", + }, + }, + }, + "license-manager": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + }, + }, + "license-manager-linux-subscriptions": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + }, + }, + "logs": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + }, + }, + "mediaconvert": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{ + Hostname: "subscribe.mediaconvert.cn-northwest-1.amazonaws.com.cn", + CredentialScope: credentialScope{ + Region: "cn-northwest-1", + }, + }, + }, + }, + "memory-db": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + }, + }, + "metrics.sagemaker": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + }, + }, + "monitoring": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + Protocols: []string{"http", "https"}, + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + }, + }, + "mq": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + }, + }, + "neptune": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{ + Hostname: "rds.cn-north-1.amazonaws.com.cn", + CredentialScope: credentialScope{ + Region: "cn-north-1", + }, + }, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{ + Hostname: "rds.cn-northwest-1.amazonaws.com.cn", + CredentialScope: credentialScope{ + Region: "cn-northwest-1", + }, + }, + }, + }, + "network-firewall": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + }, + }, + "oam": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + }, + }, + "oidc": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{ + Hostname: "oidc.cn-north-1.amazonaws.com.cn", + CredentialScope: credentialScope{ + Region: "cn-north-1", + }, + }, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{ + Hostname: "oidc.cn-northwest-1.amazonaws.com.cn", + CredentialScope: credentialScope{ + Region: "cn-northwest-1", + }, + }, + }, + }, + "organizations": service{ + PartitionEndpoint: "aws-cn-global", + IsRegionalized: boxedFalse, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "aws-cn-global", + }: endpoint{ + Hostname: "organizations.cn-northwest-1.amazonaws.com.cn", + CredentialScope: credentialScope{ + Region: "cn-northwest-1", + }, + }, + }, + }, + "personalize": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + }, + }, + "pi": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + }, + }, + "pipes": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + }, + }, + "polly": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + }, + }, + "portal.sso": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{ + Hostname: "portal.sso.cn-north-1.amazonaws.com.cn", + CredentialScope: credentialScope{ + Region: "cn-north-1", + }, + }, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{ + Hostname: "portal.sso.cn-northwest-1.amazonaws.com.cn", + CredentialScope: credentialScope{ + Region: "cn-northwest-1", + }, + }, + }, + }, + "qbusiness": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + DNSSuffix: "api.amazonwebservices.com.cn", + }, + defaultKey{ + Variant: fipsVariant, + }: endpoint{ + Hostname: "{service}-fips.{region}.{dnsSuffix}", + DNSSuffix: "api.amazonwebservices.com.cn", + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{ + Hostname: "qbusiness.cn-north-1.api.amazonwebservices.com.cn", + }, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{ + Hostname: "qbusiness.cn-northwest-1.api.amazonwebservices.com.cn", + }, + }, + }, + "quicksight": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + }, + }, + "ram": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + }, + }, + "rbin": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + }, + }, + "rds": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + }, + }, + "redshift": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + }, + }, + "redshift-serverless": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + }, + }, + "resource-groups": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + }, + }, + "rolesanywhere": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + }, + }, + "route53": service{ + PartitionEndpoint: "aws-cn-global", + IsRegionalized: boxedFalse, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "aws-cn-global", + }: endpoint{ + Hostname: "route53.amazonaws.com.cn", + CredentialScope: credentialScope{ + Region: "cn-northwest-1", + }, + }, + }, + }, + "route53resolver": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + Protocols: []string{"https"}, + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + }, + }, + "runtime.sagemaker": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + }, + }, + "s3": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + Protocols: []string{"http", "https"}, + SignatureVersions: []string{"s3v4"}, + }, + defaultKey{ + Variant: dualStackVariant, + }: endpoint{ + Hostname: "{service}.dualstack.{region}.{dnsSuffix}", + DNSSuffix: "amazonaws.com.cn", + Protocols: []string{"http", "https"}, + SignatureVersions: []string{"s3v4"}, + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "cn-north-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "s3.dualstack.cn-north-1.amazonaws.com.cn", + }, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "s3.dualstack.cn-northwest-1.amazonaws.com.cn", + }, + }, + }, + "s3-control": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + Protocols: []string{"https"}, + SignatureVersions: []string{"s3v4"}, + }, + defaultKey{ + Variant: dualStackVariant, + }: endpoint{ + Hostname: "{service}.dualstack.{region}.{dnsSuffix}", + DNSSuffix: "amazonaws.com.cn", + Protocols: []string{"https"}, + SignatureVersions: []string{"s3v4"}, + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{ + Hostname: "s3-control.cn-north-1.amazonaws.com.cn", + SignatureVersions: []string{"s3v4"}, + CredentialScope: credentialScope{ + Region: "cn-north-1", + }, + }, + endpointKey{ + Region: "cn-north-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "s3-control.dualstack.cn-north-1.amazonaws.com.cn", + SignatureVersions: []string{"s3v4"}, + CredentialScope: credentialScope{ + Region: "cn-north-1", + }, + }, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{ + Hostname: "s3-control.cn-northwest-1.amazonaws.com.cn", + SignatureVersions: []string{"s3v4"}, + CredentialScope: credentialScope{ + Region: "cn-northwest-1", + }, + }, + endpointKey{ + Region: "cn-northwest-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "s3-control.dualstack.cn-northwest-1.amazonaws.com.cn", + SignatureVersions: []string{"s3v4"}, + CredentialScope: credentialScope{ + Region: "cn-northwest-1", + }, + }, + }, + }, + "savingsplans": service{ + IsRegionalized: boxedTrue, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{ + Hostname: "savingsplans.cn-north-1.amazonaws.com.cn", + CredentialScope: credentialScope{ + Region: "cn-north-1", + }, + }, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{ + Hostname: "savingsplans.cn-northwest-1.amazonaws.com.cn", + CredentialScope: credentialScope{ + Region: "cn-northwest-1", + }, + }, + }, + }, + "schemas": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + }, + }, + "secretsmanager": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "cn-north-1", + Variant: dualStackVariant, + }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + Variant: dualStackVariant, + }: endpoint{}, + }, + }, + "securityhub": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + }, + }, + "serverlessrepo": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + Protocols: []string{"https"}, + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{ + Protocols: []string{"https"}, + }, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{ + Protocols: []string{"https"}, + }, + }, + }, + "servicecatalog": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + }, + }, + "servicediscovery": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "cn-north-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "servicediscovery.cn-north-1.api.amazonwebservices.com.cn", + }, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "servicediscovery.cn-northwest-1.api.amazonwebservices.com.cn", + }, + }, + }, + "servicequotas": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + Protocols: []string{"https"}, + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + }, + }, + "signer": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + endpointKey{ + Region: "verification-cn-north-1", + }: endpoint{ + Hostname: "verification.signer.cn-north-1.amazonaws.com.cn", + CredentialScope: credentialScope{ + Region: "cn-north-1", + }, + }, + endpointKey{ + Region: "verification-cn-northwest-1", + }: endpoint{ + Hostname: "verification.signer.cn-northwest-1.amazonaws.com.cn", + CredentialScope: credentialScope{ + Region: "cn-northwest-1", + }, + }, + }, + }, + "sms": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + }, + }, + "snowball": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "cn-north-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "snowball-fips.cn-north-1.amazonaws.com.cn", + }, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "snowball-fips.cn-northwest-1.amazonaws.com.cn", + }, + endpointKey{ + Region: "fips-cn-north-1", + }: endpoint{ + Hostname: "snowball-fips.cn-north-1.amazonaws.com.cn", + CredentialScope: credentialScope{ + Region: "cn-north-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-cn-northwest-1", + }: endpoint{ + Hostname: "snowball-fips.cn-northwest-1.amazonaws.com.cn", + CredentialScope: credentialScope{ + Region: "cn-northwest-1", + }, + Deprecated: boxedTrue, + }, + }, + }, + "sns": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + Protocols: []string{"http", "https"}, + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + }, + }, + "sqs": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + SSLCommonName: "{region}.queue.{dnsSuffix}", + Protocols: []string{"http", "https"}, + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + }, + }, + "ssm": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + }, + }, + "sso": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + }, + }, + "states": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "cn-north-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "states.cn-north-1.api.amazonwebservices.com.cn", + }, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "states.cn-northwest-1.api.amazonwebservices.com.cn", + }, + }, + }, + "storagegateway": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + }, + }, + "streams.dynamodb": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + Protocols: []string{"http", "https"}, + CredentialScope: credentialScope{ + Service: "dynamodb", + }, + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + }, + }, + "sts": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + }, + }, + "support": service{ + PartitionEndpoint: "aws-cn-global", + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "aws-cn-global", + }: endpoint{ + Hostname: "support.cn-north-1.amazonaws.com.cn", + CredentialScope: credentialScope{ + Region: "cn-north-1", + }, + }, + }, + }, + "swf": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + }, + }, + "synthetics": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + }, + }, + "tagging": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + }, + }, + "transcribe": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + Protocols: []string{"https"}, + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{ + Hostname: "cn.transcribe.cn-north-1.amazonaws.com.cn", + CredentialScope: credentialScope{ + Region: "cn-north-1", + }, + }, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{ + Hostname: "cn.transcribe.cn-northwest-1.amazonaws.com.cn", + CredentialScope: credentialScope{ + Region: "cn-northwest-1", + }, + }, + }, + }, + "transcribestreaming": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + }, + }, + "transfer": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + }, + }, + "waf-regional": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{ + Hostname: "waf-regional.cn-north-1.amazonaws.com.cn", + CredentialScope: credentialScope{ + Region: "cn-north-1", + }, + }, + endpointKey{ + Region: "cn-north-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "waf-regional-fips.cn-north-1.amazonaws.com.cn", + CredentialScope: credentialScope{ + Region: "cn-north-1", + }, + }, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{ + Hostname: "waf-regional.cn-northwest-1.amazonaws.com.cn", + CredentialScope: credentialScope{ + Region: "cn-northwest-1", + }, + }, + endpointKey{ + Region: "cn-northwest-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "waf-regional-fips.cn-northwest-1.amazonaws.com.cn", + CredentialScope: credentialScope{ + Region: "cn-northwest-1", + }, + }, + endpointKey{ + Region: "fips-cn-north-1", + }: endpoint{ + Hostname: "waf-regional-fips.cn-north-1.amazonaws.com.cn", + CredentialScope: credentialScope{ + Region: "cn-north-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-cn-northwest-1", + }: endpoint{ + Hostname: "waf-regional-fips.cn-northwest-1.amazonaws.com.cn", + CredentialScope: credentialScope{ + Region: "cn-northwest-1", + }, + Deprecated: boxedTrue, + }, + }, + }, + "wafv2": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{ + Hostname: "wafv2.cn-north-1.amazonaws.com.cn", + CredentialScope: credentialScope{ + Region: "cn-north-1", + }, + }, + endpointKey{ + Region: "cn-north-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "wafv2-fips.cn-north-1.amazonaws.com.cn", + CredentialScope: credentialScope{ + Region: "cn-north-1", + }, + }, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{ + Hostname: "wafv2.cn-northwest-1.amazonaws.com.cn", + CredentialScope: credentialScope{ + Region: "cn-northwest-1", + }, + }, + endpointKey{ + Region: "cn-northwest-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "wafv2-fips.cn-northwest-1.amazonaws.com.cn", + CredentialScope: credentialScope{ + Region: "cn-northwest-1", + }, + }, + endpointKey{ + Region: "fips-cn-north-1", + }: endpoint{ + Hostname: "wafv2-fips.cn-north-1.amazonaws.com.cn", + CredentialScope: credentialScope{ + Region: "cn-north-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-cn-northwest-1", + }: endpoint{ + Hostname: "wafv2-fips.cn-northwest-1.amazonaws.com.cn", + CredentialScope: credentialScope{ + Region: "cn-northwest-1", + }, + Deprecated: boxedTrue, + }, + }, + }, + "workspaces": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + }, + }, + "xray": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "cn-north-1", + }: endpoint{}, + endpointKey{ + Region: "cn-northwest-1", + }: endpoint{}, + }, + }, + }, +} + +// AwsUsGovPartition returns the Resolver for AWS GovCloud (US). +func AwsUsGovPartition() Partition { + return awsusgovPartition.Partition() +} + +var awsusgovPartition = partition{ + ID: "aws-us-gov", + Name: "AWS GovCloud (US)", + DNSSuffix: "amazonaws.com", + RegionRegex: regionRegex{ + Regexp: func() *regexp.Regexp { + reg, _ := regexp.Compile("^us\\-gov\\-\\w+\\-\\d+$") + return reg + }(), + }, + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + Hostname: "{service}.{region}.{dnsSuffix}", + Protocols: []string{"https"}, + SignatureVersions: []string{"v4"}, + }, + defaultKey{ + Variant: dualStackVariant, + }: endpoint{ + Hostname: "{service}.{region}.{dnsSuffix}", + DNSSuffix: "api.aws", + Protocols: []string{"https"}, + SignatureVersions: []string{"v4"}, + }, + defaultKey{ + Variant: fipsVariant, + }: endpoint{ + Hostname: "{service}-fips.{region}.{dnsSuffix}", + DNSSuffix: "amazonaws.com", + Protocols: []string{"https"}, + SignatureVersions: []string{"v4"}, + }, + defaultKey{ + Variant: fipsVariant | dualStackVariant, + }: endpoint{ + Hostname: "{service}-fips.{region}.{dnsSuffix}", + DNSSuffix: "api.aws", + Protocols: []string{"https"}, + SignatureVersions: []string{"v4"}, + }, + }, + Regions: regions{ + "us-gov-east-1": region{ + Description: "AWS GovCloud (US-East)", + }, + "us-gov-west-1": region{ + Description: "AWS GovCloud (US-West)", + }, + }, + Services: services{ + "access-analyzer": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{ + Hostname: "access-analyzer.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + }, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "access-analyzer.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + }, + endpointKey{ + Region: "us-gov-east-1-fips", + }: endpoint{ + Hostname: "access-analyzer.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{ + Hostname: "access-analyzer.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "access-analyzer.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, + endpointKey{ + Region: "us-gov-west-1-fips", + }: endpoint{ + Hostname: "access-analyzer.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + Deprecated: boxedTrue, + }, + }, + }, + "acm": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{}, + defaultKey{ + Variant: fipsVariant, + }: endpoint{ + Hostname: "acm.{region}.{dnsSuffix}", + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{ + Hostname: "acm.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{ + Hostname: "acm.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, + }, + }, + "acm-pca": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + Protocols: []string{"https"}, + }, + defaultKey{ + Variant: fipsVariant, + }: endpoint{ + Hostname: "acm-pca.{region}.{dnsSuffix}", + Protocols: []string{"https"}, + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-gov-east-1", + }: endpoint{ + Hostname: "acm-pca.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-gov-west-1", + }: endpoint{ + Hostname: "acm-pca.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "acm-pca.us-gov-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "acm-pca.us-gov-west-1.amazonaws.com", + }, + }, + }, + "api.detective": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + Protocols: []string{"https"}, + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "api.detective-fips.us-gov-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-gov-east-1-fips", + }: endpoint{ + Hostname: "api.detective-fips.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "api.detective-fips.us-gov-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-gov-west-1-fips", + }: endpoint{ + Hostname: "api.detective-fips.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + Deprecated: boxedTrue, + }, + }, + }, + "api.ecr": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{}, + defaultKey{ + Variant: fipsVariant, + }: endpoint{ + Hostname: "ecr-fips.{region}.{dnsSuffix}", + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "dkr-us-gov-east-1", + }: endpoint{ + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "dkr-us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "ecr-fips.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "dkr-us-gov-west-1", + }: endpoint{ + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "dkr-us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "ecr-fips.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-dkr-us-gov-east-1", + }: endpoint{ + Hostname: "ecr-fips.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-dkr-us-gov-west-1", + }: endpoint{ + Hostname: "ecr-fips.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-gov-east-1", + }: endpoint{ + Hostname: "ecr-fips.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-gov-west-1", + }: endpoint{ + Hostname: "ecr-fips.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{ + Hostname: "api.ecr.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + }, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "ecr-fips.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{ + Hostname: "api.ecr.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "ecr-fips.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, + }, + }, + "api.sagemaker": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{}, + defaultKey{ + Variant: fipsVariant, + }: endpoint{ + Hostname: "api-fips.sagemaker.{region}.{dnsSuffix}", + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "api-fips.sagemaker.us-gov-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-gov-west-1-fips", + }: endpoint{ + Hostname: "api-fips.sagemaker.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-gov-west-1-fips-secondary", + }: endpoint{ + Hostname: "api.sagemaker.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-gov-west-1-secondary", + }: endpoint{ + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-gov-west-1-secondary", + Variant: fipsVariant, + }: endpoint{ + Hostname: "api.sagemaker.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + Deprecated: boxedTrue, + }, + }, + }, + "api.tunneling.iot": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{}, + defaultKey{ + Variant: fipsVariant, + }: endpoint{ + Hostname: "api.tunneling.iot-fips.{region}.{dnsSuffix}", + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-gov-east-1", + }: endpoint{ + Hostname: "api.tunneling.iot-fips.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-gov-west-1", + }: endpoint{ + Hostname: "api.tunneling.iot-fips.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "api.tunneling.iot-fips.us-gov-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "api.tunneling.iot-fips.us-gov-west-1.amazonaws.com", + }, + }, + }, + "apigateway": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + }, + }, + "appconfig": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-gov-east-1", + }: endpoint{ + Hostname: "appconfig.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-gov-west-1", + }: endpoint{ + Hostname: "appconfig.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "appconfig.us-gov-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "appconfig.us-gov-west-1.amazonaws.com", + }, + }, + }, + "appconfigdata": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-gov-east-1", + }: endpoint{ + Hostname: "appconfigdata.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-gov-west-1", + }: endpoint{ + Hostname: "appconfigdata.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "appconfigdata.us-gov-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "appconfigdata.us-gov-west-1.amazonaws.com", + }, + }, + }, + "application-autoscaling": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + Hostname: "autoscaling.{region}.amazonaws.com", + Protocols: []string{"http", "https"}, + CredentialScope: credentialScope{ + Service: "application-autoscaling", + }, + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{ + Hostname: "application-autoscaling.us-gov-east-1.amazonaws.com", + Protocols: []string{"http", "https"}, + }, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "application-autoscaling.us-gov-east-1.amazonaws.com", + Protocols: []string{"http", "https"}, + }, + endpointKey{ + Region: "us-gov-east-1-fips", + }: endpoint{ + Hostname: "application-autoscaling.us-gov-east-1.amazonaws.com", + Protocols: []string{"http", "https"}, + + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{ + Hostname: "application-autoscaling.us-gov-west-1.amazonaws.com", + Protocols: []string{"http", "https"}, + }, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "application-autoscaling.us-gov-west-1.amazonaws.com", + Protocols: []string{"http", "https"}, + }, + endpointKey{ + Region: "us-gov-west-1-fips", + }: endpoint{ + Hostname: "application-autoscaling.us-gov-west-1.amazonaws.com", + Protocols: []string{"http", "https"}, + + Deprecated: boxedTrue, + }, + }, + }, + "applicationinsights": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{ + Hostname: "applicationinsights.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{ + Hostname: "applicationinsights.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, + }, + }, + "appstream2": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + Protocols: []string{"https"}, + CredentialScope: credentialScope{ + Service: "appstream", + }, + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips", + }: endpoint{ + Hostname: "appstream2-fips.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "appstream2-fips.us-gov-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-gov-east-1-fips", + }: endpoint{ + Hostname: "appstream2-fips.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "appstream2-fips.us-gov-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-gov-west-1-fips", + }: endpoint{ + Hostname: "appstream2-fips.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + Deprecated: boxedTrue, + }, + }, + }, + "arc-zonal-shift": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + }, + }, + "athena": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-gov-east-1", + }: endpoint{ + Hostname: "athena-fips.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-gov-west-1", + }: endpoint{ + Hostname: "athena-fips.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-east-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "athena.us-gov-east-1.api.aws", + }, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "athena-fips.us-gov-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant | dualStackVariant, + }: endpoint{ + Hostname: "athena-fips.us-gov-east-1.api.aws", + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "athena.us-gov-west-1.api.aws", + }, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "athena-fips.us-gov-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant | dualStackVariant, + }: endpoint{ + Hostname: "athena-fips.us-gov-west-1.api.aws", + }, + }, + }, + "autoscaling": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{}, + defaultKey{ + Variant: fipsVariant, + }: endpoint{ + Hostname: "autoscaling.{region}.{dnsSuffix}", + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{ + Protocols: []string{"http", "https"}, + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{ + Protocols: []string{"http", "https"}, + }, }, }, - "xray": service{ - - Endpoints: endpoints{ - "af-south-1": endpoint{}, - "ap-east-1": endpoint{}, - "ap-northeast-1": endpoint{}, - "ap-northeast-2": endpoint{}, - "ap-south-1": endpoint{}, - "ap-southeast-1": endpoint{}, - "ap-southeast-2": endpoint{}, - "ca-central-1": endpoint{}, - "eu-central-1": endpoint{}, - "eu-north-1": endpoint{}, - "eu-south-1": endpoint{}, - "eu-west-1": endpoint{}, - "eu-west-2": endpoint{}, - "eu-west-3": endpoint{}, - "me-south-1": endpoint{}, - "sa-east-1": endpoint{}, - "us-east-1": endpoint{}, - "us-east-2": endpoint{}, - "us-west-1": endpoint{}, - "us-west-2": endpoint{}, + "autoscaling-plans": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + Protocols: []string{"http", "https"}, + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{ + Protocols: []string{"http", "https"}, + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{ + Protocols: []string{"http", "https"}, + }, }, }, - }, -} - -// AwsCnPartition returns the Resolver for AWS China. -func AwsCnPartition() Partition { - return awscnPartition.Partition() -} - -var awscnPartition = partition{ - ID: "aws-cn", - Name: "AWS China", - DNSSuffix: "amazonaws.com.cn", - RegionRegex: regionRegex{ - Regexp: func() *regexp.Regexp { - reg, _ := regexp.Compile("^cn\\-\\w+\\-\\d+$") - return reg - }(), - }, - Defaults: endpoint{ - Hostname: "{service}.{region}.{dnsSuffix}", - Protocols: []string{"https"}, - SignatureVersions: []string{"v4"}, - }, - Regions: regions{ - "cn-north-1": region{ - Description: "China (Beijing)", + "backup": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + }, + }, + "backup-gateway": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + }, + }, + "backupstorage": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + }, }, - "cn-northwest-1": region{ - Description: "China (Ningxia)", + "batch": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{}, + defaultKey{ + Variant: fipsVariant, + }: endpoint{ + Hostname: "batch.{region}.{dnsSuffix}", + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-gov-east-1", + }: endpoint{ + Hostname: "batch.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-gov-west-1", + }: endpoint{ + Hostname: "batch.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "batch.us-gov-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "batch.us-gov-west-1.amazonaws.com", + }, + }, }, - }, - Services: services{ - "access-analyzer": service{ - - Endpoints: endpoints{ - "cn-north-1": endpoint{}, - "cn-northwest-1": endpoint{}, + "bedrock": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, }, }, - "acm": service{ - - Endpoints: endpoints{ - "cn-north-1": endpoint{}, - "cn-northwest-1": endpoint{}, + "cassandra": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{ + Hostname: "cassandra.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + }, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "cassandra.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + }, + endpointKey{ + Region: "us-gov-east-1-fips", + }: endpoint{ + Hostname: "cassandra.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{ + Hostname: "cassandra.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "cassandra.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, + endpointKey{ + Region: "us-gov-west-1-fips", + }: endpoint{ + Hostname: "cassandra.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + Deprecated: boxedTrue, + }, }, }, - "api.ecr": service{ - - Endpoints: endpoints{ - "cn-north-1": endpoint{ - Hostname: "api.ecr.cn-north-1.amazonaws.com.cn", + "cloudcontrolapi": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-gov-east-1", + }: endpoint{ + Hostname: "cloudcontrolapi-fips.us-gov-east-1.amazonaws.com", CredentialScope: credentialScope{ - Region: "cn-north-1", + Region: "us-gov-east-1", }, + Deprecated: boxedTrue, }, - "cn-northwest-1": endpoint{ - Hostname: "api.ecr.cn-northwest-1.amazonaws.com.cn", + endpointKey{ + Region: "fips-us-gov-west-1", + }: endpoint{ + Hostname: "cloudcontrolapi-fips.us-gov-west-1.amazonaws.com", CredentialScope: credentialScope{ - Region: "cn-northwest-1", + Region: "us-gov-west-1", }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "cloudcontrolapi-fips.us-gov-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "cloudcontrolapi-fips.us-gov-west-1.amazonaws.com", }, }, }, - "api.sagemaker": service{ - - Endpoints: endpoints{ - "cn-north-1": endpoint{}, - "cn-northwest-1": endpoint{}, + "clouddirectory": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "clouddirectory.us-gov-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-gov-west-1-fips", + }: endpoint{ + Hostname: "clouddirectory.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + Deprecated: boxedTrue, + }, }, }, - "apigateway": service{ - - Endpoints: endpoints{ - "cn-north-1": endpoint{}, - "cn-northwest-1": endpoint{}, + "cloudformation": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{ + Hostname: "cloudformation.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + }, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "cloudformation.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + }, + endpointKey{ + Region: "us-gov-east-1-fips", + }: endpoint{ + Hostname: "cloudformation.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{ + Hostname: "cloudformation.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "cloudformation.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, + endpointKey{ + Region: "us-gov-west-1-fips", + }: endpoint{ + Hostname: "cloudformation.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + Deprecated: boxedTrue, + }, }, }, - "application-autoscaling": service{ - Defaults: endpoint{ - Protocols: []string{"http", "https"}, + "cloudhsm": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + }, + }, + "cloudhsmv2": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + CredentialScope: credentialScope{ + Service: "cloudhsm", + }, + }, }, - Endpoints: endpoints{ - "cn-north-1": endpoint{}, - "cn-northwest-1": endpoint{}, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, }, }, - "appsync": service{ - - Endpoints: endpoints{ - "cn-north-1": endpoint{}, - "cn-northwest-1": endpoint{}, + "cloudtrail": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{}, + defaultKey{ + Variant: fipsVariant, + }: endpoint{ + Hostname: "cloudtrail.us-gov-west-1.amazonaws.com", + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-gov-east-1", + }: endpoint{ + Hostname: "cloudtrail.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-gov-west-1", + }: endpoint{ + Hostname: "cloudtrail.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "cloudtrail.us-gov-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "cloudtrail.us-gov-west-1.amazonaws.com", + }, }, }, - "athena": service{ - - Endpoints: endpoints{ - "cn-north-1": endpoint{}, - "cn-northwest-1": endpoint{}, + "codebuild": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "codebuild-fips.us-gov-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-gov-east-1-fips", + }: endpoint{ + Hostname: "codebuild-fips.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "codebuild-fips.us-gov-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-gov-west-1-fips", + }: endpoint{ + Hostname: "codebuild-fips.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + Deprecated: boxedTrue, + }, }, }, - "autoscaling": service{ - Defaults: endpoint{ - Protocols: []string{"http", "https"}, + "codecommit": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips", + }: endpoint{ + Hostname: "codecommit-fips.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "codecommit-fips.us-gov-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-gov-east-1-fips", + }: endpoint{ + Hostname: "codecommit-fips.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "codecommit-fips.us-gov-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-gov-west-1-fips", + }: endpoint{ + Hostname: "codecommit-fips.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + Deprecated: boxedTrue, + }, }, - Endpoints: endpoints{ - "cn-north-1": endpoint{}, - "cn-northwest-1": endpoint{}, + }, + "codedeploy": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "codedeploy-fips.us-gov-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-gov-east-1-fips", + }: endpoint{ + Hostname: "codedeploy-fips.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "codedeploy-fips.us-gov-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-gov-west-1-fips", + }: endpoint{ + Hostname: "codedeploy-fips.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + Deprecated: boxedTrue, + }, }, }, - "autoscaling-plans": service{ - Defaults: endpoint{ - Protocols: []string{"http", "https"}, + "codepipeline": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-gov-east-1", + }: endpoint{ + Hostname: "codepipeline-fips.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-gov-west-1", + }: endpoint{ + Hostname: "codepipeline-fips.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "codepipeline-fips.us-gov-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "codepipeline-fips.us-gov-west-1.amazonaws.com", + }, }, - Endpoints: endpoints{ - "cn-north-1": endpoint{}, - "cn-northwest-1": endpoint{}, + }, + "codestar-connections": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, }, }, - "backup": service{ - - Endpoints: endpoints{ - "cn-north-1": endpoint{}, - "cn-northwest-1": endpoint{}, + "cognito-identity": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-gov-west-1", + }: endpoint{ + Hostname: "cognito-identity-fips.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "cognito-identity-fips.us-gov-west-1.amazonaws.com", + }, }, }, - "batch": service{ - - Endpoints: endpoints{ - "cn-north-1": endpoint{}, - "cn-northwest-1": endpoint{}, + "cognito-idp": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-gov-west-1", + }: endpoint{ + Hostname: "cognito-idp-fips.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "cognito-idp-fips.us-gov-west-1.amazonaws.com", + }, + }, + }, + "comprehend": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + Protocols: []string{"https"}, + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-gov-west-1", + }: endpoint{ + Hostname: "comprehend-fips.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "comprehend-fips.us-gov-west-1.amazonaws.com", + }, }, }, - "budgets": service{ - PartitionEndpoint: "aws-cn-global", - IsRegionalized: boxedFalse, - - Endpoints: endpoints{ - "aws-cn-global": endpoint{ - Hostname: "budgets.amazonaws.com.cn", + "comprehendmedical": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-gov-west-1", + }: endpoint{ + Hostname: "comprehendmedical-fips.us-gov-west-1.amazonaws.com", CredentialScope: credentialScope{ - Region: "cn-northwest-1", + Region: "us-gov-west-1", }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "comprehendmedical-fips.us-gov-west-1.amazonaws.com", }, }, }, - "ce": service{ - PartitionEndpoint: "aws-cn-global", - IsRegionalized: boxedFalse, - - Endpoints: endpoints{ - "aws-cn-global": endpoint{ - Hostname: "ce.cn-northwest-1.amazonaws.com.cn", + "compute-optimizer": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{ + Hostname: "compute-optimizer-fips.us-gov-east-1.amazonaws.com", CredentialScope: credentialScope{ - Region: "cn-northwest-1", + Region: "us-gov-east-1", + }, + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{ + Hostname: "compute-optimizer-fips.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", }, }, }, }, - "cloudformation": service{ - - Endpoints: endpoints{ - "cn-north-1": endpoint{}, - "cn-northwest-1": endpoint{}, + "config": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{}, + defaultKey{ + Variant: fipsVariant, + }: endpoint{ + Hostname: "config.{region}.{dnsSuffix}", + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-gov-east-1", + }: endpoint{ + Hostname: "config.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-gov-west-1", + }: endpoint{ + Hostname: "config.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "config.us-gov-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "config.us-gov-west-1.amazonaws.com", + }, }, }, - "cloudfront": service{ - PartitionEndpoint: "aws-cn-global", - IsRegionalized: boxedFalse, - - Endpoints: endpoints{ - "aws-cn-global": endpoint{ - Hostname: "cloudfront.cn-northwest-1.amazonaws.com.cn", - Protocols: []string{"http", "https"}, + "connect": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-gov-west-1", + }: endpoint{ + Hostname: "connect.us-gov-west-1.amazonaws.com", CredentialScope: credentialScope{ - Region: "cn-northwest-1", + Region: "us-gov-west-1", }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "connect.us-gov-west-1.amazonaws.com", }, }, }, - "cloudtrail": service{ - - Endpoints: endpoints{ - "cn-north-1": endpoint{}, - "cn-northwest-1": endpoint{}, + "controltower": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, }, }, - "codebuild": service{ - - Endpoints: endpoints{ - "cn-north-1": endpoint{}, - "cn-northwest-1": endpoint{}, + "data-ats.iot": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + Protocols: []string{"https"}, + CredentialScope: credentialScope{ + Service: "iotdata", + }, + }, }, - }, - "codecommit": service{ - - Endpoints: endpoints{ - "cn-north-1": endpoint{}, - "cn-northwest-1": endpoint{}, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-gov-east-1", + }: endpoint{ + Hostname: "data.iot-fips.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Service: "iotdata", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-gov-west-1", + }: endpoint{ + Hostname: "data.iot-fips.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Service: "iotdata", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "data.iot-fips.us-gov-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "data.iot-fips.us-gov-west-1.amazonaws.com", + }, }, }, - "codedeploy": service{ - - Endpoints: endpoints{ - "cn-north-1": endpoint{}, - "cn-northwest-1": endpoint{}, + "data.jobs.iot": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-gov-east-1", + }: endpoint{ + Hostname: "data.jobs.iot-fips.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-gov-west-1", + }: endpoint{ + Hostname: "data.jobs.iot-fips.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "data.jobs.iot-fips.us-gov-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "data.jobs.iot-fips.us-gov-west-1.amazonaws.com", + }, }, }, - "cognito-identity": service{ - - Endpoints: endpoints{ - "cn-north-1": endpoint{}, + "databrew": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-gov-west-1", + }: endpoint{ + Hostname: "databrew.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "databrew.us-gov-west-1.amazonaws.com", + }, }, }, - "config": service{ - - Endpoints: endpoints{ - "cn-north-1": endpoint{}, - "cn-northwest-1": endpoint{}, + "datasync": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-gov-east-1", + }: endpoint{ + Hostname: "datasync-fips.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-gov-west-1", + }: endpoint{ + Hostname: "datasync-fips.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "datasync-fips.us-gov-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "datasync-fips.us-gov-west-1.amazonaws.com", + }, }, }, - "cur": service{ - - Endpoints: endpoints{ - "cn-northwest-1": endpoint{}, + "datazone": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + DNSSuffix: "api.aws", + }, + defaultKey{ + Variant: fipsVariant, + }: endpoint{ + Hostname: "{service}-fips.{region}.{dnsSuffix}", + DNSSuffix: "api.aws", + }, }, - }, - "dax": service{ - - Endpoints: endpoints{ - "cn-northwest-1": endpoint{}, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{ + Hostname: "datazone.us-gov-east-1.api.aws", + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{ + Hostname: "datazone.us-gov-west-1.api.aws", + }, }, }, "directconnect": service{ - - Endpoints: endpoints{ - "cn-north-1": endpoint{}, - "cn-northwest-1": endpoint{}, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{ + Hostname: "directconnect.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{ + Hostname: "directconnect.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, + }, + }, + "dlm": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "dlm.us-gov-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-gov-east-1-fips", + }: endpoint{ + Hostname: "dlm.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "dlm.us-gov-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-gov-west-1-fips", + }: endpoint{ + Hostname: "dlm.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + Deprecated: boxedTrue, + }, }, }, "dms": service{ - - Endpoints: endpoints{ - "cn-north-1": endpoint{}, - "cn-northwest-1": endpoint{}, + Defaults: endpointDefaults{ + defaultKey{}: endpoint{}, + defaultKey{ + Variant: fipsVariant, + }: endpoint{ + Hostname: "dms.{region}.{dnsSuffix}", + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "dms", + }: endpoint{ + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "dms", + Variant: fipsVariant, + }: endpoint{ + Hostname: "dms.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "dms-fips", + }: endpoint{ + Hostname: "dms.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "dms.us-gov-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-gov-east-1-fips", + }: endpoint{ + Hostname: "dms.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "dms.us-gov-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-gov-west-1-fips", + }: endpoint{ + Hostname: "dms.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + Deprecated: boxedTrue, + }, }, }, "docdb": service{ - - Endpoints: endpoints{ - "cn-northwest-1": endpoint{ - Hostname: "rds.cn-northwest-1.amazonaws.com.cn", + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{ + Hostname: "rds.us-gov-west-1.amazonaws.com", CredentialScope: credentialScope{ - Region: "cn-northwest-1", + Region: "us-gov-west-1", + }, + }, + }, + }, + "drs": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-gov-east-1", + }: endpoint{ + Hostname: "drs-fips.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-gov-west-1", + }: endpoint{ + Hostname: "drs-fips.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "drs-fips.us-gov-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "drs-fips.us-gov-west-1.amazonaws.com", }, }, }, "ds": service{ - - Endpoints: endpoints{ - "cn-north-1": endpoint{}, - "cn-northwest-1": endpoint{}, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-gov-east-1", + }: endpoint{ + Hostname: "ds-fips.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-gov-west-1", + }: endpoint{ + Hostname: "ds-fips.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "ds-fips.us-gov-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "ds-fips.us-gov-west-1.amazonaws.com", + }, }, }, "dynamodb": service{ - Defaults: endpoint{ - Protocols: []string{"http", "https"}, - }, - Endpoints: endpoints{ - "cn-north-1": endpoint{}, - "cn-northwest-1": endpoint{}, + Defaults: endpointDefaults{ + defaultKey{}: endpoint{}, + defaultKey{ + Variant: fipsVariant, + }: endpoint{ + Hostname: "dynamodb.{region}.{dnsSuffix}", + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "dynamodb.us-gov-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-gov-east-1-fips", + }: endpoint{ + Hostname: "dynamodb.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "dynamodb.us-gov-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-gov-west-1-fips", + }: endpoint{ + Hostname: "dynamodb.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + Deprecated: boxedTrue, + }, }, }, "ebs": service{ - - Endpoints: endpoints{ - "cn-north-1": endpoint{}, - "cn-northwest-1": endpoint{}, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, }, }, "ec2": service{ - Defaults: endpoint{ - Protocols: []string{"http", "https"}, + Defaults: endpointDefaults{ + defaultKey{}: endpoint{}, + defaultKey{ + Variant: fipsVariant, + }: endpoint{ + Hostname: "ec2.{region}.{dnsSuffix}", + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{ + Hostname: "ec2.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + }, + endpointKey{ + Region: "us-gov-east-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "ec2.us-gov-east-1.api.aws", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{ + Hostname: "ec2.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, + endpointKey{ + Region: "us-gov-west-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "ec2.us-gov-west-1.api.aws", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, }, - Endpoints: endpoints{ - "cn-north-1": endpoint{}, - "cn-northwest-1": endpoint{}, + }, + "ecs": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-gov-east-1", + }: endpoint{ + Hostname: "ecs-fips.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-gov-west-1", + }: endpoint{ + Hostname: "ecs-fips.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "ecs-fips.us-gov-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "ecs-fips.us-gov-west-1.amazonaws.com", + }, }, }, - "ec2metadata": service{ - PartitionEndpoint: "aws-global", - IsRegionalized: boxedFalse, - - Endpoints: endpoints{ - "aws-global": endpoint{ - Hostname: "169.254.169.254/latest", - Protocols: []string{"http"}, + "eks": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + Protocols: []string{"http", "https"}, + }, + defaultKey{ + Variant: fipsVariant, + }: endpoint{ + Hostname: "eks.{region}.{dnsSuffix}", + Protocols: []string{"http", "https"}, }, }, - }, - "ecs": service{ - - Endpoints: endpoints{ - "cn-north-1": endpoint{}, - "cn-northwest-1": endpoint{}, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-gov-east-1", + }: endpoint{ + Hostname: "eks.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-gov-west-1", + }: endpoint{ + Hostname: "eks.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "eks.us-gov-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "eks.us-gov-west-1.amazonaws.com", + }, }, }, - "eks": service{ - Defaults: endpoint{ - Protocols: []string{"http", "https"}, + "eks-auth": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + DNSSuffix: "api.aws", + }, + defaultKey{ + Variant: fipsVariant, + }: endpoint{ + Hostname: "{service}-fips.{region}.{dnsSuffix}", + DNSSuffix: "api.aws", + }, }, - Endpoints: endpoints{ - "cn-north-1": endpoint{}, - "cn-northwest-1": endpoint{}, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{ + Hostname: "eks-auth.us-gov-east-1.api.aws", + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{ + Hostname: "eks-auth.us-gov-west-1.api.aws", + }, }, }, "elasticache": service{ - - Endpoints: endpoints{ - "cn-north-1": endpoint{}, - "cn-northwest-1": endpoint{}, + Defaults: endpointDefaults{ + defaultKey{}: endpoint{}, + defaultKey{ + Variant: fipsVariant, + }: endpoint{ + Hostname: "elasticache.{region}.{dnsSuffix}", + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips", + }: endpoint{ + Hostname: "elasticache.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "elasticache.us-gov-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-gov-west-1-fips", + }: endpoint{ + Hostname: "elasticache.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + Deprecated: boxedTrue, + }, }, }, "elasticbeanstalk": service{ - - Endpoints: endpoints{ - "cn-north-1": endpoint{}, - "cn-northwest-1": endpoint{}, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{ + Hostname: "elasticbeanstalk.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + }, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "elasticbeanstalk.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + }, + endpointKey{ + Region: "us-gov-east-1-fips", + }: endpoint{ + Hostname: "elasticbeanstalk.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{ + Hostname: "elasticbeanstalk.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "elasticbeanstalk.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, + endpointKey{ + Region: "us-gov-west-1-fips", + }: endpoint{ + Hostname: "elasticbeanstalk.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + Deprecated: boxedTrue, + }, }, }, "elasticfilesystem": service{ - - Endpoints: endpoints{ - "cn-north-1": endpoint{}, - "cn-northwest-1": endpoint{}, - "fips-cn-north-1": endpoint{ - Hostname: "elasticfilesystem-fips.cn-north-1.amazonaws.com.cn", + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-gov-east-1", + }: endpoint{ + Hostname: "elasticfilesystem-fips.us-gov-east-1.amazonaws.com", CredentialScope: credentialScope{ - Region: "cn-north-1", + Region: "us-gov-east-1", }, + Deprecated: boxedTrue, }, - "fips-cn-northwest-1": endpoint{ - Hostname: "elasticfilesystem-fips.cn-northwest-1.amazonaws.com.cn", + endpointKey{ + Region: "fips-us-gov-west-1", + }: endpoint{ + Hostname: "elasticfilesystem-fips.us-gov-west-1.amazonaws.com", CredentialScope: credentialScope{ - Region: "cn-northwest-1", + Region: "us-gov-west-1", }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "elasticfilesystem-fips.us-gov-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "elasticfilesystem-fips.us-gov-west-1.amazonaws.com", }, }, }, "elasticloadbalancing": service{ - Defaults: endpoint{ - Protocols: []string{"https"}, - }, - Endpoints: endpoints{ - "cn-north-1": endpoint{}, - "cn-northwest-1": endpoint{}, + Defaults: endpointDefaults{ + defaultKey{}: endpoint{}, + defaultKey{ + Variant: fipsVariant, + }: endpoint{ + Hostname: "elasticloadbalancing.{region}.{dnsSuffix}", + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-gov-east-1", + }: endpoint{ + Hostname: "elasticloadbalancing.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-gov-west-1", + }: endpoint{ + Hostname: "elasticloadbalancing.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "elasticloadbalancing.us-gov-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{ + Protocols: []string{"http", "https"}, + }, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "elasticloadbalancing.us-gov-west-1.amazonaws.com", + Protocols: []string{"http", "https"}, + }, }, }, "elasticmapreduce": service{ - Defaults: endpoint{ - Protocols: []string{"https"}, - }, - Endpoints: endpoints{ - "cn-north-1": endpoint{}, - "cn-northwest-1": endpoint{}, - }, - }, - "es": service{ - - Endpoints: endpoints{ - "cn-north-1": endpoint{}, - "cn-northwest-1": endpoint{}, - }, - }, - "events": service{ - - Endpoints: endpoints{ - "cn-north-1": endpoint{}, - "cn-northwest-1": endpoint{}, - }, - }, - "firehose": service{ - - Endpoints: endpoints{ - "cn-north-1": endpoint{}, - "cn-northwest-1": endpoint{}, - }, - }, - "fsx": service{ - - Endpoints: endpoints{ - "cn-north-1": endpoint{}, - "cn-northwest-1": endpoint{}, - }, - }, - "gamelift": service{ - - Endpoints: endpoints{ - "cn-north-1": endpoint{}, - }, - }, - "glacier": service{ - Defaults: endpoint{ - Protocols: []string{"http", "https"}, - }, - Endpoints: endpoints{ - "cn-north-1": endpoint{}, - "cn-northwest-1": endpoint{}, - }, - }, - "glue": service{ - - Endpoints: endpoints{ - "cn-north-1": endpoint{}, - "cn-northwest-1": endpoint{}, - }, - }, - "greengrass": service{ - IsRegionalized: boxedTrue, - Defaults: endpoint{ - Protocols: []string{"https"}, - }, - Endpoints: endpoints{ - "cn-north-1": endpoint{}, - }, - }, - "health": service{ - - Endpoints: endpoints{ - "cn-north-1": endpoint{}, - "cn-northwest-1": endpoint{}, - }, - }, - "iam": service{ - PartitionEndpoint: "aws-cn-global", - IsRegionalized: boxedFalse, - - Endpoints: endpoints{ - "aws-cn-global": endpoint{ - Hostname: "iam.cn-north-1.amazonaws.com.cn", + Defaults: endpointDefaults{ + defaultKey{}: endpoint{}, + defaultKey{ + Variant: fipsVariant, + }: endpoint{ + Hostname: "elasticmapreduce.{region}.{dnsSuffix}", + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-gov-east-1", + }: endpoint{ + Hostname: "elasticmapreduce.us-gov-east-1.amazonaws.com", CredentialScope: credentialScope{ - Region: "cn-north-1", + Region: "us-gov-east-1", }, + Deprecated: boxedTrue, }, - }, - }, - "iot": service{ - Defaults: endpoint{ - CredentialScope: credentialScope{ - Service: "execute-api", + endpointKey{ + Region: "fips-us-gov-west-1", + }: endpoint{ + Hostname: "elasticmapreduce.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-east-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "elasticmapreduce.us-gov-east-1.api.aws", + }, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "elasticmapreduce.us-gov-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{ + Protocols: []string{"https"}, + }, + endpointKey{ + Region: "us-gov-west-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "elasticmapreduce.us-gov-west-1.api.aws", + Protocols: []string{"https"}, + }, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "elasticmapreduce.us-gov-west-1.amazonaws.com", + Protocols: []string{"https"}, }, - }, - Endpoints: endpoints{ - "cn-north-1": endpoint{}, - "cn-northwest-1": endpoint{}, - }, - }, - "iotanalytics": service{ - - Endpoints: endpoints{ - "cn-north-1": endpoint{}, - }, - }, - "iotevents": service{ - - Endpoints: endpoints{ - "cn-north-1": endpoint{}, }, }, - "ioteventsdata": service{ - - Endpoints: endpoints{ - "cn-north-1": endpoint{ - Hostname: "data.iotevents.cn-north-1.amazonaws.com.cn", + "email": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-gov-west-1", + }: endpoint{ + Hostname: "email-fips.us-gov-west-1.amazonaws.com", CredentialScope: credentialScope{ - Region: "cn-north-1", + Region: "us-gov-west-1", }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "email-fips.us-gov-west-1.amazonaws.com", }, }, }, - "iotsecuredtunneling": service{ - - Endpoints: endpoints{ - "cn-north-1": endpoint{}, - "cn-northwest-1": endpoint{}, - }, - }, - "kafka": service{ - - Endpoints: endpoints{ - "cn-north-1": endpoint{}, - "cn-northwest-1": endpoint{}, - }, - }, - "kinesis": service{ - - Endpoints: endpoints{ - "cn-north-1": endpoint{}, - "cn-northwest-1": endpoint{}, - }, - }, - "kinesisanalytics": service{ - - Endpoints: endpoints{ - "cn-north-1": endpoint{}, - "cn-northwest-1": endpoint{}, + "emr-containers": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, }, }, - "kms": service{ - - Endpoints: endpoints{ - "cn-north-1": endpoint{}, - "cn-northwest-1": endpoint{}, + "emr-serverless": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, }, }, - "lakeformation": service{ - - Endpoints: endpoints{ - "cn-north-1": endpoint{}, + "es": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips", + }: endpoint{ + Hostname: "es-fips.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-east-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "aos.us-gov-east-1.api.aws", + }, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "es-fips.us-gov-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-gov-east-1-fips", + }: endpoint{ + Hostname: "es-fips.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "aos.us-gov-west-1.api.aws", + }, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "es-fips.us-gov-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-gov-west-1-fips", + }: endpoint{ + Hostname: "es-fips.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + Deprecated: boxedTrue, + }, }, }, - "lambda": service{ - - Endpoints: endpoints{ - "cn-north-1": endpoint{}, - "cn-northwest-1": endpoint{}, + "events": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-gov-east-1", + }: endpoint{ + Hostname: "events.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-gov-west-1", + }: endpoint{ + Hostname: "events.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "events.us-gov-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "events.us-gov-west-1.amazonaws.com", + }, }, }, - "license-manager": service{ - - Endpoints: endpoints{ - "cn-north-1": endpoint{}, - "cn-northwest-1": endpoint{}, + "firehose": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-gov-east-1", + }: endpoint{ + Hostname: "firehose-fips.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-gov-west-1", + }: endpoint{ + Hostname: "firehose-fips.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "firehose-fips.us-gov-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "firehose-fips.us-gov-west-1.amazonaws.com", + }, }, }, - "logs": service{ - - Endpoints: endpoints{ - "cn-north-1": endpoint{}, - "cn-northwest-1": endpoint{}, + "fms": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + Protocols: []string{"https"}, + }, }, - }, - "mediaconvert": service{ - - Endpoints: endpoints{ - "cn-northwest-1": endpoint{ - Hostname: "subscribe.mediaconvert.cn-northwest-1.amazonaws.com.cn", + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-gov-east-1", + }: endpoint{ + Hostname: "fms-fips.us-gov-east-1.amazonaws.com", CredentialScope: credentialScope{ - Region: "cn-northwest-1", + Region: "us-gov-east-1", }, + Deprecated: boxedTrue, }, - }, - }, - "monitoring": service{ - Defaults: endpoint{ - Protocols: []string{"http", "https"}, - }, - Endpoints: endpoints{ - "cn-north-1": endpoint{}, - "cn-northwest-1": endpoint{}, - }, - }, - "neptune": service{ - - Endpoints: endpoints{ - "cn-northwest-1": endpoint{ - Hostname: "rds.cn-northwest-1.amazonaws.com.cn", + endpointKey{ + Region: "fips-us-gov-west-1", + }: endpoint{ + Hostname: "fms-fips.us-gov-west-1.amazonaws.com", CredentialScope: credentialScope{ - Region: "cn-northwest-1", + Region: "us-gov-west-1", }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "fms-fips.us-gov-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "fms-fips.us-gov-west-1.amazonaws.com", }, }, }, - "organizations": service{ - PartitionEndpoint: "aws-cn-global", - IsRegionalized: boxedFalse, - - Endpoints: endpoints{ - "aws-cn-global": endpoint{ - Hostname: "organizations.cn-northwest-1.amazonaws.com.cn", + "fsx": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-prod-us-gov-east-1", + }: endpoint{ + Hostname: "fsx-fips.us-gov-east-1.amazonaws.com", CredentialScope: credentialScope{ - Region: "cn-northwest-1", + Region: "us-gov-east-1", }, + Deprecated: boxedTrue, }, - }, - }, - "polly": service{ - - Endpoints: endpoints{ - "cn-northwest-1": endpoint{}, - }, - }, - "ram": service{ - - Endpoints: endpoints{ - "cn-north-1": endpoint{}, - "cn-northwest-1": endpoint{}, - }, - }, - "rds": service{ - - Endpoints: endpoints{ - "cn-north-1": endpoint{}, - "cn-northwest-1": endpoint{}, - }, - }, - "redshift": service{ - - Endpoints: endpoints{ - "cn-north-1": endpoint{}, - "cn-northwest-1": endpoint{}, - }, - }, - "resource-groups": service{ - - Endpoints: endpoints{ - "cn-north-1": endpoint{}, - "cn-northwest-1": endpoint{}, - }, - }, - "route53": service{ - PartitionEndpoint: "aws-cn-global", - IsRegionalized: boxedFalse, - - Endpoints: endpoints{ - "aws-cn-global": endpoint{ - Hostname: "route53.amazonaws.com.cn", + endpointKey{ + Region: "fips-prod-us-gov-west-1", + }: endpoint{ + Hostname: "fsx-fips.us-gov-west-1.amazonaws.com", CredentialScope: credentialScope{ - Region: "cn-northwest-1", + Region: "us-gov-west-1", }, + Deprecated: boxedTrue, }, - }, - }, - "runtime.sagemaker": service{ - - Endpoints: endpoints{ - "cn-north-1": endpoint{}, - "cn-northwest-1": endpoint{}, - }, - }, - "s3": service{ - Defaults: endpoint{ - Protocols: []string{"http", "https"}, - SignatureVersions: []string{"s3v4"}, - - HasDualStack: boxedTrue, - DualStackHostname: "{service}.dualstack.{region}.{dnsSuffix}", - }, - Endpoints: endpoints{ - "cn-north-1": endpoint{}, - "cn-northwest-1": endpoint{}, - }, - }, - "s3-control": service{ - Defaults: endpoint{ - Protocols: []string{"https"}, - SignatureVersions: []string{"s3v4"}, - - HasDualStack: boxedTrue, - DualStackHostname: "{service}.dualstack.{region}.{dnsSuffix}", - }, - Endpoints: endpoints{ - "cn-north-1": endpoint{ - Hostname: "s3-control.cn-north-1.amazonaws.com.cn", - SignatureVersions: []string{"s3v4"}, + endpointKey{ + Region: "fips-us-gov-east-1", + }: endpoint{ + Hostname: "fsx-fips.us-gov-east-1.amazonaws.com", CredentialScope: credentialScope{ - Region: "cn-north-1", + Region: "us-gov-east-1", }, + Deprecated: boxedTrue, }, - "cn-northwest-1": endpoint{ - Hostname: "s3-control.cn-northwest-1.amazonaws.com.cn", - SignatureVersions: []string{"s3v4"}, + endpointKey{ + Region: "fips-us-gov-west-1", + }: endpoint{ + Hostname: "fsx-fips.us-gov-west-1.amazonaws.com", CredentialScope: credentialScope{ - Region: "cn-northwest-1", + Region: "us-gov-west-1", }, + Deprecated: boxedTrue, }, - }, - }, - "secretsmanager": service{ - - Endpoints: endpoints{ - "cn-north-1": endpoint{}, - "cn-northwest-1": endpoint{}, - }, - }, - "securityhub": service{ - - Endpoints: endpoints{ - "cn-north-1": endpoint{}, - "cn-northwest-1": endpoint{}, - }, - }, - "serverlessrepo": service{ - Defaults: endpoint{ - Protocols: []string{"https"}, - }, - Endpoints: endpoints{ - "cn-north-1": endpoint{ - Protocols: []string{"https"}, + endpointKey{ + Region: "prod-us-gov-east-1", + }: endpoint{ + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + Deprecated: boxedTrue, }, - "cn-northwest-1": endpoint{ - Protocols: []string{"https"}, + endpointKey{ + Region: "prod-us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "fsx-fips.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + Deprecated: boxedTrue, }, - }, - }, - "servicediscovery": service{ - - Endpoints: endpoints{ - "cn-north-1": endpoint{}, - "cn-northwest-1": endpoint{}, - }, - }, - "sms": service{ - - Endpoints: endpoints{ - "cn-north-1": endpoint{}, - "cn-northwest-1": endpoint{}, - }, - }, - "snowball": service{ - - Endpoints: endpoints{ - "cn-north-1": endpoint{}, - "cn-northwest-1": endpoint{}, - "fips-cn-north-1": endpoint{ - Hostname: "snowball-fips.cn-north-1.amazonaws.com.cn", + endpointKey{ + Region: "prod-us-gov-west-1", + }: endpoint{ CredentialScope: credentialScope{ - Region: "cn-north-1", + Region: "us-gov-west-1", }, + Deprecated: boxedTrue, }, - "fips-cn-northwest-1": endpoint{ - Hostname: "snowball-fips.cn-northwest-1.amazonaws.com.cn", + endpointKey{ + Region: "prod-us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "fsx-fips.us-gov-west-1.amazonaws.com", CredentialScope: credentialScope{ - Region: "cn-northwest-1", + Region: "us-gov-west-1", }, + Deprecated: boxedTrue, }, - }, - }, - "sns": service{ - Defaults: endpoint{ - Protocols: []string{"http", "https"}, - }, - Endpoints: endpoints{ - "cn-north-1": endpoint{}, - "cn-northwest-1": endpoint{}, - }, - }, - "sqs": service{ - Defaults: endpoint{ - SSLCommonName: "{region}.queue.{dnsSuffix}", - Protocols: []string{"http", "https"}, - }, - Endpoints: endpoints{ - "cn-north-1": endpoint{}, - "cn-northwest-1": endpoint{}, - }, - }, - "ssm": service{ - - Endpoints: endpoints{ - "cn-north-1": endpoint{}, - "cn-northwest-1": endpoint{}, - }, - }, - "states": service{ - - Endpoints: endpoints{ - "cn-north-1": endpoint{}, - "cn-northwest-1": endpoint{}, - }, - }, - "storagegateway": service{ - - Endpoints: endpoints{ - "cn-north-1": endpoint{}, - "cn-northwest-1": endpoint{}, - }, - }, - "streams.dynamodb": service{ - Defaults: endpoint{ - Protocols: []string{"http", "https"}, - CredentialScope: credentialScope{ - Service: "dynamodb", + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "fsx-fips.us-gov-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "fsx-fips.us-gov-west-1.amazonaws.com", }, - }, - Endpoints: endpoints{ - "cn-north-1": endpoint{}, - "cn-northwest-1": endpoint{}, - }, - }, - "sts": service{ - - Endpoints: endpoints{ - "cn-north-1": endpoint{}, - "cn-northwest-1": endpoint{}, }, }, - "support": service{ - PartitionEndpoint: "aws-cn-global", - - Endpoints: endpoints{ - "aws-cn-global": endpoint{ - Hostname: "support.cn-north-1.amazonaws.com.cn", + "geo": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-gov-west-1", + }: endpoint{ + Hostname: "geo-fips.us-gov-west-1.amazonaws.com", CredentialScope: credentialScope{ - Region: "cn-north-1", + Region: "us-gov-west-1", }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "geo-fips.us-gov-west-1.amazonaws.com", }, }, }, - "swf": service{ - - Endpoints: endpoints{ - "cn-north-1": endpoint{}, - "cn-northwest-1": endpoint{}, - }, - }, - "tagging": service{ - - Endpoints: endpoints{ - "cn-north-1": endpoint{}, - "cn-northwest-1": endpoint{}, - }, - }, - "transcribe": service{ - Defaults: endpoint{ - Protocols: []string{"https"}, - }, - Endpoints: endpoints{ - "cn-north-1": endpoint{ - Hostname: "cn.transcribe.cn-north-1.amazonaws.com.cn", + "glacier": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-gov-east-1", + }: endpoint{ + Hostname: "glacier.us-gov-east-1.amazonaws.com", CredentialScope: credentialScope{ - Region: "cn-north-1", + Region: "us-gov-east-1", }, + Deprecated: boxedTrue, }, - "cn-northwest-1": endpoint{ - Hostname: "cn.transcribe.cn-northwest-1.amazonaws.com.cn", + endpointKey{ + Region: "fips-us-gov-west-1", + }: endpoint{ + Hostname: "glacier.us-gov-west-1.amazonaws.com", CredentialScope: credentialScope{ - Region: "cn-northwest-1", + Region: "us-gov-west-1", }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "glacier.us-gov-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{ + Protocols: []string{"http", "https"}, + }, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "glacier.us-gov-west-1.amazonaws.com", + Protocols: []string{"http", "https"}, }, }, }, - "workspaces": service{ - - Endpoints: endpoints{ - "cn-northwest-1": endpoint{}, + "glue": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-gov-east-1", + }: endpoint{ + Hostname: "glue-fips.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-gov-west-1", + }: endpoint{ + Hostname: "glue-fips.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-east-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "glue.us-gov-east-1.api.aws", + }, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "glue-fips.us-gov-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant | dualStackVariant, + }: endpoint{ + Hostname: "glue-fips.us-gov-east-1.api.aws", + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "glue.us-gov-west-1.api.aws", + }, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "glue-fips.us-gov-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant | dualStackVariant, + }: endpoint{ + Hostname: "glue-fips.us-gov-west-1.api.aws", + }, }, }, - "xray": service{ - - Endpoints: endpoints{ - "cn-north-1": endpoint{}, - "cn-northwest-1": endpoint{}, + "greengrass": service{ + IsRegionalized: boxedTrue, + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + Protocols: []string{"https"}, + }, }, - }, - }, -} - -// AwsUsGovPartition returns the Resolver for AWS GovCloud (US). -func AwsUsGovPartition() Partition { - return awsusgovPartition.Partition() -} - -var awsusgovPartition = partition{ - ID: "aws-us-gov", - Name: "AWS GovCloud (US)", - DNSSuffix: "amazonaws.com", - RegionRegex: regionRegex{ - Regexp: func() *regexp.Regexp { - reg, _ := regexp.Compile("^us\\-gov\\-\\w+\\-\\d+$") - return reg - }(), - }, - Defaults: endpoint{ - Hostname: "{service}.{region}.{dnsSuffix}", - Protocols: []string{"https"}, - SignatureVersions: []string{"v4"}, - }, - Regions: regions{ - "us-gov-east-1": region{ - Description: "AWS GovCloud (US-East)", - }, - "us-gov-west-1": region{ - Description: "AWS GovCloud (US-West)", - }, - }, - Services: services{ - "access-analyzer": service{ - - Endpoints: endpoints{ - "us-gov-east-1": endpoint{ - Hostname: "access-analyzer.us-gov-east-1.amazonaws.com", + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "dataplane-us-gov-east-1", + }: endpoint{ + Hostname: "greengrass-ats.iot.us-gov-east-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-east-1", }, }, - "us-gov-west-1": endpoint{ - Hostname: "access-analyzer.us-gov-west-1.amazonaws.com", + endpointKey{ + Region: "dataplane-us-gov-west-1", + }: endpoint{ + Hostname: "greengrass-ats.iot.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, + endpointKey{ + Region: "fips-us-gov-east-1", + }: endpoint{ + Hostname: "greengrass.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-gov-west-1", + }: endpoint{ + Hostname: "greengrass.us-gov-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-west-1", }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "greengrass.us-gov-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "greengrass.us-gov-west-1.amazonaws.com", }, }, }, - "acm": service{ - - Endpoints: endpoints{ - "us-gov-east-1": endpoint{ - Hostname: "acm.us-gov-east-1.amazonaws.com", + "guardduty": service{ + IsRegionalized: boxedTrue, + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + Protocols: []string{"https"}, + }, + defaultKey{ + Variant: fipsVariant, + }: endpoint{ + Hostname: "guardduty.{region}.{dnsSuffix}", + Protocols: []string{"https"}, + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "guardduty.us-gov-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-gov-east-1-fips", + }: endpoint{ + Hostname: "guardduty.us-gov-east-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-east-1", }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "guardduty.us-gov-west-1.amazonaws.com", }, - "us-gov-west-1": endpoint{ - Hostname: "acm.us-gov-west-1.amazonaws.com", + endpointKey{ + Region: "us-gov-west-1-fips", + }: endpoint{ + Hostname: "guardduty.us-gov-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-west-1", }, + Deprecated: boxedTrue, }, }, }, - "acm-pca": service{ - Defaults: endpoint{ - Protocols: []string{"https"}, + "health": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + SSLCommonName: "health.us-gov-west-1.amazonaws.com", + Protocols: []string{"https"}, + }, }, - Endpoints: endpoints{ - "fips-us-gov-east-1": endpoint{ - Hostname: "acm-pca.us-gov-east-1.amazonaws.com", + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "aws-us-gov-global", + }: endpoint{ + Hostname: "global.health.us-gov.amazonaws.com", CredentialScope: credentialScope{ - Region: "us-gov-east-1", + Region: "us-gov-west-1", }, }, - "fips-us-gov-west-1": endpoint{ - Hostname: "acm-pca.us-gov-west-1.amazonaws.com", + endpointKey{ + Region: "fips-us-gov-west-1", + }: endpoint{ + Hostname: "health-fips.us-gov-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-west-1", }, + Deprecated: boxedTrue, }, - "us-gov-east-1": endpoint{}, - "us-gov-west-1": endpoint{}, - }, - }, - "api.ecr": service{ - - Endpoints: endpoints{ - "fips-dkr-us-gov-east-1": endpoint{ - Hostname: "ecr-fips.us-gov-east-1.amazonaws.com", + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{ CredentialScope: credentialScope{ - Region: "us-gov-east-1", + Region: "us-gov-west-1", }, + Deprecated: boxedTrue, }, - "fips-dkr-us-gov-west-1": endpoint{ - Hostname: "ecr-fips.us-gov-west-1.amazonaws.com", + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "health-fips.us-gov-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-west-1", }, + Deprecated: boxedTrue, }, - "fips-us-gov-east-1": endpoint{ - Hostname: "ecr-fips.us-gov-east-1.amazonaws.com", + }, + }, + "iam": service{ + PartitionEndpoint: "aws-us-gov-global", + IsRegionalized: boxedFalse, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "aws-us-gov-global", + }: endpoint{ + Hostname: "iam.us-gov.amazonaws.com", CredentialScope: credentialScope{ - Region: "us-gov-east-1", + Region: "us-gov-west-1", }, }, - "fips-us-gov-west-1": endpoint{ - Hostname: "ecr-fips.us-gov-west-1.amazonaws.com", + endpointKey{ + Region: "aws-us-gov-global", + Variant: fipsVariant, + }: endpoint{ + Hostname: "iam.us-gov.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-west-1", }, }, - "us-gov-east-1": endpoint{ - Hostname: "api.ecr.us-gov-east-1.amazonaws.com", + endpointKey{ + Region: "aws-us-gov-global-fips", + }: endpoint{ + Hostname: "iam.us-gov.amazonaws.com", CredentialScope: credentialScope{ - Region: "us-gov-east-1", + Region: "us-gov-west-1", }, + Deprecated: boxedTrue, }, - "us-gov-west-1": endpoint{ - Hostname: "api.ecr.us-gov-west-1.amazonaws.com", + endpointKey{ + Region: "iam-govcloud", + }: endpoint{ CredentialScope: credentialScope{ Region: "us-gov-west-1", }, + Deprecated: boxedTrue, }, - }, - }, - "api.sagemaker": service{ - - Endpoints: endpoints{ - "us-gov-west-1": endpoint{}, - "us-gov-west-1-fips": endpoint{ - Hostname: "api-fips.sagemaker.us-gov-west-1.amazonaws.com", + endpointKey{ + Region: "iam-govcloud", + Variant: fipsVariant, + }: endpoint{ + Hostname: "iam.us-gov.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-west-1", }, + Deprecated: boxedTrue, }, - "us-gov-west-1-fips-secondary": endpoint{ - Hostname: "api.sagemaker.us-gov-west-1.amazonaws.com", + endpointKey{ + Region: "iam-govcloud-fips", + }: endpoint{ + Hostname: "iam.us-gov.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-west-1", }, + Deprecated: boxedTrue, }, }, }, - "apigateway": service{ - - Endpoints: endpoints{ - "us-gov-east-1": endpoint{}, - "us-gov-west-1": endpoint{}, - }, - }, - "application-autoscaling": service{ - Defaults: endpoint{ - Hostname: "autoscaling.{region}.amazonaws.com", - Protocols: []string{"http", "https"}, - CredentialScope: credentialScope{ - Service: "application-autoscaling", + "identitystore": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{}, + defaultKey{ + Variant: fipsVariant, + }: endpoint{ + Hostname: "identitystore.{region}.{dnsSuffix}", }, }, - Endpoints: endpoints{ - "us-gov-east-1": endpoint{ - Protocols: []string{"http", "https"}, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-gov-east-1", + }: endpoint{ + Hostname: "identitystore.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + Deprecated: boxedTrue, }, - "us-gov-west-1": endpoint{ - Protocols: []string{"http", "https"}, + endpointKey{ + Region: "fips-us-gov-west-1", + }: endpoint{ + Hostname: "identitystore.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "identitystore.us-gov-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "identitystore.us-gov-west-1.amazonaws.com", + }, + }, + }, + "ingest.timestream": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "ingest.timestream.us-gov-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-gov-west-1-fips", + }: endpoint{ + Hostname: "ingest.timestream.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + Deprecated: boxedTrue, }, }, }, - "appstream2": service{ - Defaults: endpoint{ - Protocols: []string{"https"}, - CredentialScope: credentialScope{ - Service: "appstream", + "inspector": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-gov-east-1", + }: endpoint{ + Hostname: "inspector-fips.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + Deprecated: boxedTrue, }, - }, - Endpoints: endpoints{ - "fips": endpoint{ - Hostname: "appstream2-fips.us-gov-west-1.amazonaws.com", + endpointKey{ + Region: "fips-us-gov-west-1", + }: endpoint{ + Hostname: "inspector-fips.us-gov-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-west-1", }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "inspector-fips.us-gov-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "inspector-fips.us-gov-west-1.amazonaws.com", }, - "us-gov-west-1": endpoint{}, }, }, - "athena": service{ - - Endpoints: endpoints{ - "fips-us-gov-east-1": endpoint{ - Hostname: "athena-fips.us-gov-east-1.amazonaws.com", + "inspector2": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-gov-east-1", + }: endpoint{ + Hostname: "inspector2-fips.us-gov-east-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-east-1", }, + Deprecated: boxedTrue, }, - "fips-us-gov-west-1": endpoint{ - Hostname: "athena-fips.us-gov-west-1.amazonaws.com", + endpointKey{ + Region: "fips-us-gov-west-1", + }: endpoint{ + Hostname: "inspector2-fips.us-gov-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-west-1", }, + Deprecated: boxedTrue, }, - "us-gov-east-1": endpoint{}, - "us-gov-west-1": endpoint{}, - }, - }, - "autoscaling": service{ - - Endpoints: endpoints{ - "us-gov-east-1": endpoint{ - Protocols: []string{"http", "https"}, + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "inspector2-fips.us-gov-east-1.amazonaws.com", }, - "us-gov-west-1": endpoint{ - Protocols: []string{"http", "https"}, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "inspector2-fips.us-gov-west-1.amazonaws.com", }, }, }, - "autoscaling-plans": service{ - Defaults: endpoint{ - Protocols: []string{"http", "https"}, + "internetmonitor": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + DNSSuffix: "api.aws", + }, + defaultKey{ + Variant: fipsVariant, + }: endpoint{ + Hostname: "{service}-fips.{region}.{dnsSuffix}", + DNSSuffix: "api.aws", + }, }, - Endpoints: endpoints{ - "us-gov-east-1": endpoint{ - Protocols: []string{"http", "https"}, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{ + Hostname: "internetmonitor.us-gov-east-1.api.aws", }, - "us-gov-west-1": endpoint{ - Protocols: []string{"http", "https"}, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{ + Hostname: "internetmonitor.us-gov-west-1.api.aws", }, }, }, - "backup": service{ + "iot": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-gov-east-1", + }: endpoint{ + Hostname: "iot-fips.us-gov-east-1.amazonaws.com", + + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-gov-west-1", + }: endpoint{ + Hostname: "iot-fips.us-gov-west-1.amazonaws.com", - Endpoints: endpoints{ - "us-gov-east-1": endpoint{}, - "us-gov-west-1": endpoint{}, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "iot-fips.us-gov-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "iot-fips.us-gov-west-1.amazonaws.com", + }, }, }, - "batch": service{ - - Endpoints: endpoints{ - "fips-us-gov-east-1": endpoint{ - Hostname: "batch.us-gov-east-1.amazonaws.com", + "iotevents": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-gov-west-1", + }: endpoint{ + Hostname: "iotevents-fips.us-gov-west-1.amazonaws.com", CredentialScope: credentialScope{ - Region: "us-gov-east-1", + Region: "us-gov-west-1", }, + Deprecated: boxedTrue, }, - "fips-us-gov-west-1": endpoint{ - Hostname: "batch.us-gov-west-1.amazonaws.com", + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "iotevents-fips.us-gov-west-1.amazonaws.com", + }, + }, + }, + "ioteventsdata": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-gov-west-1", + }: endpoint{ + Hostname: "data.iotevents-fips.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{ + Hostname: "data.iotevents.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "data.iotevents-fips.us-gov-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-west-1", }, }, - "us-gov-east-1": endpoint{}, - "us-gov-west-1": endpoint{}, }, }, - "clouddirectory": service{ - - Endpoints: endpoints{ - "us-gov-west-1": endpoint{}, + "iotsecuredtunneling": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{}, + defaultKey{ + Variant: fipsVariant, + }: endpoint{ + Hostname: "api.tunneling.iot-fips.{region}.{dnsSuffix}", + }, }, - }, - "cloudformation": service{ - - Endpoints: endpoints{ - "us-gov-east-1": endpoint{ - Hostname: "cloudformation.us-gov-east-1.amazonaws.com", + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-gov-east-1", + }: endpoint{ + Hostname: "api.tunneling.iot-fips.us-gov-east-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-east-1", }, + Deprecated: boxedTrue, }, - "us-gov-west-1": endpoint{ - Hostname: "cloudformation.us-gov-west-1.amazonaws.com", + endpointKey{ + Region: "fips-us-gov-west-1", + }: endpoint{ + Hostname: "api.tunneling.iot-fips.us-gov-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-west-1", }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "api.tunneling.iot-fips.us-gov-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "api.tunneling.iot-fips.us-gov-west-1.amazonaws.com", }, }, }, - "cloudhsm": service{ - - Endpoints: endpoints{ - "us-gov-west-1": endpoint{}, - }, - }, - "cloudhsmv2": service{ - Defaults: endpoint{ - CredentialScope: credentialScope{ - Service: "cloudhsm", + "iotsitewise": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-gov-west-1", + }: endpoint{ + Hostname: "iotsitewise-fips.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "iotsitewise-fips.us-gov-west-1.amazonaws.com", }, - }, - Endpoints: endpoints{ - "us-gov-east-1": endpoint{}, - "us-gov-west-1": endpoint{}, }, }, - "cloudtrail": service{ - - Endpoints: endpoints{ - "us-gov-east-1": endpoint{ - Hostname: "cloudtrail.us-gov-east-1.amazonaws.com", + "iottwinmaker": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "api-us-gov-west-1", + }: endpoint{ + Hostname: "api.iottwinmaker.us-gov-west-1.amazonaws.com", CredentialScope: credentialScope{ - Region: "us-gov-east-1", + Region: "us-gov-west-1", }, }, - "us-gov-west-1": endpoint{ - Hostname: "cloudtrail.us-gov-west-1.amazonaws.com", + endpointKey{ + Region: "data-us-gov-west-1", + }: endpoint{ + Hostname: "data.iottwinmaker.us-gov-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-west-1", }, }, - }, - }, - "codebuild": service{ - - Endpoints: endpoints{ - "us-gov-east-1": endpoint{}, - "us-gov-east-1-fips": endpoint{ - Hostname: "codebuild-fips.us-gov-east-1.amazonaws.com", + endpointKey{ + Region: "fips-api-us-gov-west-1", + }: endpoint{ + Hostname: "api.iottwinmaker-fips.us-gov-west-1.amazonaws.com", CredentialScope: credentialScope{ - Region: "us-gov-east-1", + Region: "us-gov-west-1", }, }, - "us-gov-west-1": endpoint{}, - "us-gov-west-1-fips": endpoint{ - Hostname: "codebuild-fips.us-gov-west-1.amazonaws.com", + endpointKey{ + Region: "fips-data-us-gov-west-1", + }: endpoint{ + Hostname: "data.iottwinmaker-fips.us-gov-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-west-1", }, }, - }, - }, - "codecommit": service{ - - Endpoints: endpoints{ - "fips": endpoint{ - Hostname: "codecommit-fips.us-gov-west-1.amazonaws.com", + endpointKey{ + Region: "fips-us-gov-west-1", + }: endpoint{ + Hostname: "iottwinmaker-fips.us-gov-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-west-1", }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "iottwinmaker-fips.us-gov-west-1.amazonaws.com", }, - "us-gov-east-1": endpoint{}, - "us-gov-west-1": endpoint{}, }, }, - "codedeploy": service{ - - Endpoints: endpoints{ - "us-gov-east-1": endpoint{}, - "us-gov-east-1-fips": endpoint{ - Hostname: "codedeploy-fips.us-gov-east-1.amazonaws.com", + "kafka": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{ + Hostname: "kafka.us-gov-east-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-east-1", }, }, - "us-gov-west-1": endpoint{}, - "us-gov-west-1-fips": endpoint{ - Hostname: "codedeploy-fips.us-gov-west-1.amazonaws.com", + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "kafka.us-gov-east-1.amazonaws.com", CredentialScope: credentialScope{ - Region: "us-gov-west-1", + Region: "us-gov-east-1", }, }, - }, - }, - "codepipeline": service{ - - Endpoints: endpoints{ - "fips-us-gov-west-1": endpoint{ - Hostname: "codepipeline-fips.us-gov-west-1.amazonaws.com", + endpointKey{ + Region: "us-gov-east-1-fips", + }: endpoint{ + Hostname: "kafka.us-gov-east-1.amazonaws.com", CredentialScope: credentialScope{ - Region: "us-gov-west-1", + Region: "us-gov-east-1", }, + Deprecated: boxedTrue, }, - "us-gov-west-1": endpoint{}, - }, - }, - "cognito-identity": service{ - - Endpoints: endpoints{ - "fips-us-gov-west-1": endpoint{ - Hostname: "cognito-identity-fips.us-gov-west-1.amazonaws.com", + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{ + Hostname: "kafka.us-gov-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-west-1", }, }, - "us-gov-west-1": endpoint{}, - }, - }, - "cognito-idp": service{ - - Endpoints: endpoints{ - "fips-us-gov-west-1": endpoint{ - Hostname: "cognito-idp-fips.us-gov-west-1.amazonaws.com", + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "kafka.us-gov-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-west-1", }, }, - "us-gov-west-1": endpoint{}, - }, - }, - "comprehend": service{ - Defaults: endpoint{ - Protocols: []string{"https"}, - }, - Endpoints: endpoints{ - "fips-us-gov-west-1": endpoint{ - Hostname: "comprehend-fips.us-gov-west-1.amazonaws.com", + endpointKey{ + Region: "us-gov-west-1-fips", + }: endpoint{ + Hostname: "kafka.us-gov-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-west-1", }, + Deprecated: boxedTrue, }, - "us-gov-west-1": endpoint{}, }, }, - "comprehendmedical": service{ - - Endpoints: endpoints{ - "fips-us-gov-west-1": endpoint{ - Hostname: "comprehendmedical-fips.us-gov-west-1.amazonaws.com", + "kendra": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-gov-west-1", + }: endpoint{ + Hostname: "kendra-fips.us-gov-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-west-1", }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "kendra-fips.us-gov-west-1.amazonaws.com", }, - "us-gov-west-1": endpoint{}, }, }, - "config": service{ - - Endpoints: endpoints{ - "fips-us-gov-east-1": endpoint{ - Hostname: "config.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, + "kendra-ranking": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + DNSSuffix: "api.aws", }, - "fips-us-gov-west-1": endpoint{ - Hostname: "config.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, + defaultKey{ + Variant: fipsVariant, + }: endpoint{ + Hostname: "{service}-fips.{region}.{dnsSuffix}", + DNSSuffix: "api.aws", + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{ + Hostname: "kendra-ranking.us-gov-east-1.api.aws", + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{ + Hostname: "kendra-ranking.us-gov-west-1.api.aws", }, - "us-gov-east-1": endpoint{}, - "us-gov-west-1": endpoint{}, }, }, - "datasync": service{ - - Endpoints: endpoints{ - "fips-us-gov-east-1": endpoint{ - Hostname: "datasync-fips.us-gov-east-1.amazonaws.com", + "kinesis": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-gov-east-1", + }: endpoint{ + Hostname: "kinesis.us-gov-east-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-east-1", }, + Deprecated: boxedTrue, }, - "fips-us-gov-west-1": endpoint{ - Hostname: "datasync-fips.us-gov-west-1.amazonaws.com", + endpointKey{ + Region: "fips-us-gov-west-1", + }: endpoint{ + Hostname: "kinesis.us-gov-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-west-1", }, + Deprecated: boxedTrue, }, - "us-gov-east-1": endpoint{}, - "us-gov-west-1": endpoint{}, - }, - }, - "directconnect": service{ - - Endpoints: endpoints{ - "us-gov-east-1": endpoint{ - Hostname: "directconnect.us-gov-east-1.amazonaws.com", + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{ + Hostname: "kinesis.us-gov-east-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-east-1", }, }, - "us-gov-west-1": endpoint{ - Hostname: "directconnect.us-gov-west-1.amazonaws.com", + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "kinesis.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{ + Hostname: "kinesis.us-gov-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-west-1", }, }, - }, - }, - "dms": service{ - - Endpoints: endpoints{ - "dms-fips": endpoint{ - Hostname: "dms.us-gov-west-1.amazonaws.com", + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "kinesis.us-gov-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-west-1", }, }, - "us-gov-east-1": endpoint{}, - "us-gov-west-1": endpoint{}, }, }, - "docdb": service{ - - Endpoints: endpoints{ - "us-gov-west-1": endpoint{ - Hostname: "rds.us-gov-west-1.amazonaws.com", + "kinesisanalytics": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + }, + }, + "kms": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ProdFips", + }: endpoint{ + Hostname: "kms-fips.us-gov-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-west-1", }, + Deprecated: boxedTrue, }, - }, - }, - "ds": service{ - - Endpoints: endpoints{ - "fips-us-gov-east-1": endpoint{ - Hostname: "ds-fips.us-gov-east-1.amazonaws.com", + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "kms-fips.us-gov-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-gov-east-1-fips", + }: endpoint{ + Hostname: "kms-fips.us-gov-east-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-east-1", }, + Deprecated: boxedTrue, }, - "fips-us-gov-west-1": endpoint{ - Hostname: "ds-fips.us-gov-west-1.amazonaws.com", + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "kms-fips.us-gov-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-gov-west-1-fips", + }: endpoint{ + Hostname: "kms-fips.us-gov-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-west-1", }, + Deprecated: boxedTrue, }, - "us-gov-east-1": endpoint{}, - "us-gov-west-1": endpoint{}, }, }, - "dynamodb": service{ - - Endpoints: endpoints{ - "us-gov-east-1": endpoint{}, - "us-gov-east-1-fips": endpoint{ - Hostname: "dynamodb.us-gov-east-1.amazonaws.com", + "lakeformation": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-gov-east-1", + }: endpoint{ + Hostname: "lakeformation-fips.us-gov-east-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-east-1", }, + Deprecated: boxedTrue, }, - "us-gov-west-1": endpoint{}, - "us-gov-west-1-fips": endpoint{ - Hostname: "dynamodb.us-gov-west-1.amazonaws.com", + endpointKey{ + Region: "fips-us-gov-west-1", + }: endpoint{ + Hostname: "lakeformation-fips.us-gov-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-west-1", }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-east-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "lakeformation.us-gov-east-1.api.aws", + }, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "lakeformation-fips.us-gov-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant | dualStackVariant, + }: endpoint{ + Hostname: "lakeformation-fips.us-gov-east-1.api.aws", + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "lakeformation.us-gov-west-1.api.aws", + }, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "lakeformation-fips.us-gov-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant | dualStackVariant, + }: endpoint{ + Hostname: "lakeformation-fips.us-gov-west-1.api.aws", }, }, }, - "ebs": service{ - - Endpoints: endpoints{ - "us-gov-east-1": endpoint{}, - "us-gov-west-1": endpoint{}, - }, - }, - "ec2": service{ - - Endpoints: endpoints{ - "us-gov-east-1": endpoint{ - Hostname: "ec2.us-gov-east-1.amazonaws.com", + "lambda": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-gov-east-1", + }: endpoint{ + Hostname: "lambda-fips.us-gov-east-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-east-1", }, + Deprecated: boxedTrue, }, - "us-gov-west-1": endpoint{ - Hostname: "ec2.us-gov-west-1.amazonaws.com", + endpointKey{ + Region: "fips-us-gov-west-1", + }: endpoint{ + Hostname: "lambda-fips.us-gov-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-west-1", }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-east-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "lambda.us-gov-east-1.api.aws", + }, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "lambda-fips.us-gov-east-1.amazonaws.com", }, - }, - }, - "ec2metadata": service{ - PartitionEndpoint: "aws-global", - IsRegionalized: boxedFalse, - - Endpoints: endpoints{ - "aws-global": endpoint{ - Hostname: "169.254.169.254/latest", - Protocols: []string{"http"}, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "lambda.us-gov-west-1.api.aws", + }, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "lambda-fips.us-gov-west-1.amazonaws.com", }, }, }, - "ecs": service{ - - Endpoints: endpoints{ - "fips-us-gov-east-1": endpoint{ - Hostname: "ecs-fips.us-gov-east-1.amazonaws.com", + "license-manager": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-gov-east-1", + }: endpoint{ + Hostname: "license-manager-fips.us-gov-east-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-east-1", }, + Deprecated: boxedTrue, }, - "fips-us-gov-west-1": endpoint{ - Hostname: "ecs-fips.us-gov-west-1.amazonaws.com", + endpointKey{ + Region: "fips-us-gov-west-1", + }: endpoint{ + Hostname: "license-manager-fips.us-gov-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-west-1", }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "license-manager-fips.us-gov-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "license-manager-fips.us-gov-west-1.amazonaws.com", }, - "us-gov-east-1": endpoint{}, - "us-gov-west-1": endpoint{}, }, }, - "eks": service{ - Defaults: endpoint{ - Protocols: []string{"http", "https"}, + "license-manager-linux-subscriptions": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, }, - Endpoints: endpoints{ - "fips-us-gov-east-1": endpoint{ - Hostname: "eks.us-gov-east-1.amazonaws.com", + }, + "logs": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-gov-east-1", + }: endpoint{ + Hostname: "logs.us-gov-east-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-east-1", }, + Deprecated: boxedTrue, }, - "fips-us-gov-west-1": endpoint{ - Hostname: "eks.us-gov-west-1.amazonaws.com", + endpointKey{ + Region: "fips-us-gov-west-1", + }: endpoint{ + Hostname: "logs.us-gov-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-west-1", }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "logs.us-gov-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "logs.us-gov-west-1.amazonaws.com", }, - "us-gov-east-1": endpoint{}, - "us-gov-west-1": endpoint{}, }, }, - "elasticache": service{ + "m2": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-gov-east-1", + }: endpoint{ - Endpoints: endpoints{ - "fips": endpoint{ - Hostname: "elasticache.us-gov-west-1.amazonaws.com", + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-gov-west-1", + }: endpoint{ + + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{}, + }, + }, + "managedblockchain": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + }, + }, + "mediaconvert": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-gov-west-1", + }: endpoint{ + Hostname: "mediaconvert.us-gov-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-west-1", }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "mediaconvert.us-gov-west-1.amazonaws.com", }, - "us-gov-east-1": endpoint{}, - "us-gov-west-1": endpoint{}, }, }, - "elasticbeanstalk": service{ - - Endpoints: endpoints{ - "us-gov-east-1": endpoint{ - Hostname: "elasticbeanstalk.us-gov-east-1.amazonaws.com", + "meetings-chime": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "meetings-chime-fips.us-gov-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-gov-east-1-fips", + }: endpoint{ + Hostname: "meetings-chime-fips.us-gov-east-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-east-1", }, + Deprecated: boxedTrue, }, - "us-gov-west-1": endpoint{ - Hostname: "elasticbeanstalk.us-gov-west-1.amazonaws.com", + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "meetings-chime-fips.us-gov-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-gov-west-1-fips", + }: endpoint{ + Hostname: "meetings-chime-fips.us-gov-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-west-1", }, + Deprecated: boxedTrue, }, }, }, - "elasticfilesystem": service{ - - Endpoints: endpoints{ - "fips-us-gov-east-1": endpoint{ - Hostname: "elasticfilesystem-fips.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - }, - "fips-us-gov-west-1": endpoint{ - Hostname: "elasticfilesystem-fips.us-gov-west-1.amazonaws.com", + "metering.marketplace": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ CredentialScope: credentialScope{ - Region: "us-gov-west-1", + Service: "aws-marketplace", }, }, - "us-gov-east-1": endpoint{}, - "us-gov-west-1": endpoint{}, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, }, }, - "elasticloadbalancing": service{ - - Endpoints: endpoints{ - "fips-us-gov-east-1": endpoint{ - Hostname: "elasticloadbalancing.us-gov-east-1.amazonaws.com", + "metrics.sagemaker": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + }, + }, + "mgn": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-gov-east-1", + }: endpoint{ + Hostname: "mgn-fips.us-gov-east-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-east-1", }, + Deprecated: boxedTrue, }, - "fips-us-gov-west-1": endpoint{ - Hostname: "elasticloadbalancing.us-gov-west-1.amazonaws.com", + endpointKey{ + Region: "fips-us-gov-west-1", + }: endpoint{ + Hostname: "mgn-fips.us-gov-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-west-1", }, + Deprecated: boxedTrue, }, - "us-gov-east-1": endpoint{}, - "us-gov-west-1": endpoint{ - Protocols: []string{"http", "https"}, + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "mgn-fips.us-gov-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "mgn-fips.us-gov-west-1.amazonaws.com", }, }, }, - "elasticmapreduce": service{ - - Endpoints: endpoints{ - "fips-us-gov-east-1": endpoint{ - Hostname: "elasticmapreduce.us-gov-east-1.amazonaws.com", + "models.lex": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ CredentialScope: credentialScope{ - Region: "us-gov-east-1", + Service: "lex", }, }, - "fips-us-gov-west-1": endpoint{ - Hostname: "elasticmapreduce.us-gov-west-1.amazonaws.com", + defaultKey{ + Variant: fipsVariant, + }: endpoint{ + Hostname: "models-fips.lex.{region}.{dnsSuffix}", CredentialScope: credentialScope{ - Region: "us-gov-west-1", + Service: "lex", }, }, - "us-gov-east-1": endpoint{}, - "us-gov-west-1": endpoint{ - Protocols: []string{"https"}, - }, }, - }, - "email": service{ - - Endpoints: endpoints{ - "fips-us-gov-west-1": endpoint{ - Hostname: "email-fips.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "models-fips.lex.us-gov-west-1.amazonaws.com", }, - "us-gov-west-1": endpoint{}, - }, - }, - "es": service{ - - Endpoints: endpoints{ - "fips": endpoint{ - Hostname: "es-fips.us-gov-west-1.amazonaws.com", + endpointKey{ + Region: "us-gov-west-1-fips", + }: endpoint{ + Hostname: "models-fips.lex.us-gov-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-west-1", }, + Deprecated: boxedTrue, }, - "us-gov-east-1": endpoint{}, - "us-gov-west-1": endpoint{}, }, }, - "events": service{ - - Endpoints: endpoints{ - "us-gov-east-1": endpoint{ - Hostname: "events.us-gov-east-1.amazonaws.com", + "monitoring": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{}, + defaultKey{ + Variant: fipsVariant, + }: endpoint{ + Hostname: "monitoring.{region}.{dnsSuffix}", + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-gov-east-1", + }: endpoint{ + Hostname: "monitoring.us-gov-east-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-east-1", }, + Deprecated: boxedTrue, }, - "us-gov-west-1": endpoint{ - Hostname: "events.us-gov-west-1.amazonaws.com", + endpointKey{ + Region: "fips-us-gov-west-1", + }: endpoint{ + Hostname: "monitoring.us-gov-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-west-1", }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "monitoring.us-gov-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "monitoring.us-gov-west-1.amazonaws.com", }, }, }, - "firehose": service{ - - Endpoints: endpoints{ - "fips-us-gov-east-1": endpoint{ - Hostname: "firehose-fips.us-gov-east-1.amazonaws.com", + "mq": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-gov-east-1", + }: endpoint{ + Hostname: "mq-fips.us-gov-east-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-east-1", }, + Deprecated: boxedTrue, }, - "fips-us-gov-west-1": endpoint{ - Hostname: "firehose-fips.us-gov-west-1.amazonaws.com", + endpointKey{ + Region: "fips-us-gov-west-1", + }: endpoint{ + Hostname: "mq-fips.us-gov-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-west-1", }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "mq-fips.us-gov-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "mq-fips.us-gov-west-1.amazonaws.com", }, - "us-gov-east-1": endpoint{}, - "us-gov-west-1": endpoint{}, }, }, - "glacier": service{ - - Endpoints: endpoints{ - "us-gov-east-1": endpoint{ - Hostname: "glacier.us-gov-east-1.amazonaws.com", + "neptune": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{ + Hostname: "rds.us-gov-east-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-east-1", }, }, - "us-gov-west-1": endpoint{ - Hostname: "glacier.us-gov-west-1.amazonaws.com", - Protocols: []string{"http", "https"}, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{ + Hostname: "rds.us-gov-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-west-1", }, }, }, }, - "glue": service{ - - Endpoints: endpoints{ - "fips-us-gov-east-1": endpoint{ - Hostname: "glue-fips.us-gov-east-1.amazonaws.com", + "network-firewall": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-gov-east-1", + }: endpoint{ + Hostname: "network-firewall-fips.us-gov-east-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-east-1", }, + Deprecated: boxedTrue, }, - "fips-us-gov-west-1": endpoint{ - Hostname: "glue-fips.us-gov-west-1.amazonaws.com", + endpointKey{ + Region: "fips-us-gov-west-1", + }: endpoint{ + Hostname: "network-firewall-fips.us-gov-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-west-1", }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "network-firewall-fips.us-gov-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "network-firewall-fips.us-gov-west-1.amazonaws.com", }, - "us-gov-east-1": endpoint{}, - "us-gov-west-1": endpoint{}, }, }, - "greengrass": service{ - IsRegionalized: boxedTrue, - Defaults: endpoint{ - Protocols: []string{"https"}, - }, - Endpoints: endpoints{ - "dataplane-us-gov-east-1": endpoint{ - Hostname: "greengrass-ats.iot.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - }, - "dataplane-us-gov-west-1": endpoint{ - Hostname: "greengrass-ats.iot.us-gov-west-1.amazonaws.com", + "networkmanager": service{ + PartitionEndpoint: "aws-us-gov-global", + IsRegionalized: boxedFalse, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "aws-us-gov-global", + }: endpoint{ + Hostname: "networkmanager.us-gov-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-west-1", }, }, - "fips-us-gov-east-1": endpoint{ - Hostname: "greengrass-fips.us-gov-east-1.amazonaws.com", + endpointKey{ + Region: "aws-us-gov-global", + Variant: fipsVariant, + }: endpoint{ + Hostname: "networkmanager.us-gov-west-1.amazonaws.com", CredentialScope: credentialScope{ - Region: "us-gov-east-1", + Region: "us-gov-west-1", }, }, - "us-gov-east-1": endpoint{}, - "us-gov-west-1": endpoint{ - Hostname: "greengrass.us-gov-west-1.amazonaws.com", + endpointKey{ + Region: "fips-aws-us-gov-global", + }: endpoint{ + Hostname: "networkmanager.us-gov-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-west-1", }, + Deprecated: boxedTrue, }, }, }, - "guardduty": service{ - IsRegionalized: boxedTrue, - Defaults: endpoint{ - Protocols: []string{"https"}, - }, - Endpoints: endpoints{ - "us-gov-east-1": endpoint{}, - "us-gov-east-1-fips": endpoint{ - Hostname: "guardduty.us-gov-east-1.amazonaws.com", + "oidc": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{ + Hostname: "oidc.us-gov-east-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-east-1", }, }, - "us-gov-west-1": endpoint{}, - "us-gov-west-1-fips": endpoint{ - Hostname: "guardduty.us-gov-west-1.amazonaws.com", + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{ + Hostname: "oidc.us-gov-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-west-1", }, }, }, }, - "health": service{ - - Endpoints: endpoints{ - "fips-us-gov-west-1": endpoint{ - Hostname: "health-fips.us-gov-west-1.amazonaws.com", + "organizations": service{ + PartitionEndpoint: "aws-us-gov-global", + IsRegionalized: boxedFalse, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "aws-us-gov-global", + }: endpoint{ + Hostname: "organizations.us-gov-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-west-1", }, }, - }, - }, - "iam": service{ - PartitionEndpoint: "aws-us-gov-global", - IsRegionalized: boxedFalse, - - Endpoints: endpoints{ - "aws-us-gov-global": endpoint{ - Hostname: "iam.us-gov.amazonaws.com", + endpointKey{ + Region: "aws-us-gov-global", + Variant: fipsVariant, + }: endpoint{ + Hostname: "organizations.us-gov-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-west-1", }, }, - "iam-govcloud-fips": endpoint{ - Hostname: "iam.us-gov.amazonaws.com", + endpointKey{ + Region: "fips-aws-us-gov-global", + }: endpoint{ + Hostname: "organizations.us-gov-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-west-1", }, + Deprecated: boxedTrue, }, }, }, - "inspector": service{ - - Endpoints: endpoints{ - "fips-us-gov-east-1": endpoint{ - Hostname: "inspector-fips.us-gov-east-1.amazonaws.com", + "outposts": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-gov-east-1", + }: endpoint{ + Hostname: "outposts.us-gov-east-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-east-1", }, + Deprecated: boxedTrue, }, - "fips-us-gov-west-1": endpoint{ - Hostname: "inspector-fips.us-gov-west-1.amazonaws.com", + endpointKey{ + Region: "fips-us-gov-west-1", + }: endpoint{ + Hostname: "outposts.us-gov-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-west-1", }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "outposts.us-gov-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "outposts.us-gov-west-1.amazonaws.com", }, - "us-gov-east-1": endpoint{}, - "us-gov-west-1": endpoint{}, }, }, - "iot": service{ - Defaults: endpoint{ - CredentialScope: credentialScope{ - Service: "execute-api", + "participant.connect": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-gov-west-1", + }: endpoint{ + Hostname: "participant.connect.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "participant.connect.us-gov-west-1.amazonaws.com", }, - }, - Endpoints: endpoints{ - "us-gov-east-1": endpoint{}, - "us-gov-west-1": endpoint{}, }, }, - "iotsecuredtunneling": service{ - - Endpoints: endpoints{ - "us-gov-east-1": endpoint{}, - "us-gov-west-1": endpoint{}, + "pi": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, }, }, - "kafka": service{ - - Endpoints: endpoints{ - "us-gov-east-1": endpoint{}, - "us-gov-west-1": endpoint{}, + "pinpoint": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + CredentialScope: credentialScope{ + Service: "mobiletargeting", + }, + }, }, - }, - "kinesis": service{ - - Endpoints: endpoints{ - "us-gov-east-1": endpoint{ - Hostname: "kinesis.us-gov-east-1.amazonaws.com", + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-gov-west-1", + }: endpoint{ + Hostname: "pinpoint-fips.us-gov-west-1.amazonaws.com", CredentialScope: credentialScope{ - Region: "us-gov-east-1", + Region: "us-gov-west-1", }, + Deprecated: boxedTrue, }, - "us-gov-west-1": endpoint{ - Hostname: "kinesis.us-gov-west-1.amazonaws.com", + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{ + Hostname: "pinpoint.us-gov-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-west-1", }, }, - }, - }, - "kinesisanalytics": service{ - - Endpoints: endpoints{ - "us-gov-east-1": endpoint{}, - "us-gov-west-1": endpoint{}, - }, - }, - "kms": service{ - - Endpoints: endpoints{ - "ProdFips": endpoint{ - Hostname: "kms-fips.us-gov-west-1.amazonaws.com", + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "pinpoint-fips.us-gov-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-west-1", }, }, - "us-gov-east-1": endpoint{}, - "us-gov-west-1": endpoint{}, }, }, - "lakeformation": service{ - - Endpoints: endpoints{ - "fips-us-gov-west-1": endpoint{ - Hostname: "lakeformation-fips.us-gov-west-1.amazonaws.com", + "polly": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-gov-west-1", + }: endpoint{ + Hostname: "polly-fips.us-gov-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-west-1", }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "polly-fips.us-gov-west-1.amazonaws.com", }, - "us-gov-west-1": endpoint{}, }, }, - "lambda": service{ - - Endpoints: endpoints{ - "fips-us-gov-east-1": endpoint{ - Hostname: "lambda-fips.us-gov-east-1.amazonaws.com", + "portal.sso": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{ + Hostname: "portal.sso.us-gov-east-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-east-1", }, }, - "fips-us-gov-west-1": endpoint{ - Hostname: "lambda-fips.us-gov-west-1.amazonaws.com", + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{ + Hostname: "portal.sso.us-gov-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-west-1", }, }, - "us-gov-east-1": endpoint{}, - "us-gov-west-1": endpoint{}, }, }, - "license-manager": service{ - - Endpoints: endpoints{ - "fips-us-gov-east-1": endpoint{ - Hostname: "license-manager-fips.us-gov-east-1.amazonaws.com", + "qbusiness": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + DNSSuffix: "api.aws", + }, + defaultKey{ + Variant: fipsVariant, + }: endpoint{ + Hostname: "{service}-fips.{region}.{dnsSuffix}", + DNSSuffix: "api.aws", + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{ + Hostname: "qbusiness.us-gov-east-1.api.aws", + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{ + Hostname: "qbusiness.us-gov-west-1.api.aws", + }, + }, + }, + "quicksight": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "api", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + }, + }, + "ram": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{ + Hostname: "ram.us-gov-east-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-east-1", }, }, - "fips-us-gov-west-1": endpoint{ - Hostname: "license-manager-fips.us-gov-west-1.amazonaws.com", + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "ram.us-gov-east-1.amazonaws.com", CredentialScope: credentialScope{ - Region: "us-gov-west-1", + Region: "us-gov-east-1", }, }, - "us-gov-east-1": endpoint{}, - "us-gov-west-1": endpoint{}, - }, - }, - "logs": service{ - - Endpoints: endpoints{ - "us-gov-east-1": endpoint{ - Hostname: "logs.us-gov-east-1.amazonaws.com", + endpointKey{ + Region: "us-gov-east-1-fips", + }: endpoint{ + Hostname: "ram.us-gov-east-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-east-1", }, + Deprecated: boxedTrue, }, - "us-gov-west-1": endpoint{ - Hostname: "logs.us-gov-west-1.amazonaws.com", + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{ + Hostname: "ram.us-gov-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-west-1", }, }, - }, - }, - "mediaconvert": service{ - - Endpoints: endpoints{ - "us-gov-west-1": endpoint{ - Hostname: "mediaconvert.us-gov-west-1.amazonaws.com", + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "ram.us-gov-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-west-1", }, }, - }, - }, - "metering.marketplace": service{ - Defaults: endpoint{ - CredentialScope: credentialScope{ - Service: "aws-marketplace", + endpointKey{ + Region: "us-gov-west-1-fips", + }: endpoint{ + Hostname: "ram.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + Deprecated: boxedTrue, }, }, - Endpoints: endpoints{ - "us-gov-east-1": endpoint{}, - "us-gov-west-1": endpoint{}, - }, }, - "monitoring": service{ - - Endpoints: endpoints{ - "fips-us-gov-east-1": endpoint{ - Hostname: "monitoring.us-gov-east-1.amazonaws.com", + "rbin": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-gov-east-1", + }: endpoint{ + Hostname: "rbin-fips.us-gov-east-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-east-1", }, + Deprecated: boxedTrue, }, - "fips-us-gov-west-1": endpoint{ - Hostname: "monitoring.us-gov-west-1.amazonaws.com", + endpointKey{ + Region: "fips-us-gov-west-1", + }: endpoint{ + Hostname: "rbin-fips.us-gov-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-west-1", }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "rbin-fips.us-gov-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "rbin-fips.us-gov-west-1.amazonaws.com", }, - "us-gov-east-1": endpoint{}, - "us-gov-west-1": endpoint{}, }, }, - "neptune": service{ - - Endpoints: endpoints{ - "us-gov-east-1": endpoint{ + "rds": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{}, + defaultKey{ + Variant: fipsVariant, + }: endpoint{ + Hostname: "rds.{region}.{dnsSuffix}", + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "rds.us-gov-east-1", + }: endpoint{ Hostname: "rds.us-gov-east-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-east-1", }, + Deprecated: boxedTrue, }, - "us-gov-west-1": endpoint{ + endpointKey{ + Region: "rds.us-gov-west-1", + }: endpoint{ Hostname: "rds.us-gov-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-west-1", }, + Deprecated: boxedTrue, }, - }, - }, - "organizations": service{ - PartitionEndpoint: "aws-us-gov-global", - IsRegionalized: boxedFalse, - - Endpoints: endpoints{ - "aws-us-gov-global": endpoint{ - Hostname: "organizations.us-gov-west-1.amazonaws.com", + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "rds.us-gov-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-gov-east-1-fips", + }: endpoint{ + Hostname: "rds.us-gov-east-1.amazonaws.com", CredentialScope: credentialScope{ - Region: "us-gov-west-1", + Region: "us-gov-east-1", }, + Deprecated: boxedTrue, }, - "fips-aws-us-gov-global": endpoint{ - Hostname: "organizations.us-gov-west-1.amazonaws.com", + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "rds.us-gov-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-gov-west-1-fips", + }: endpoint{ + Hostname: "rds.us-gov-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-west-1", }, + Deprecated: boxedTrue, }, }, }, - "outposts": service{ - - Endpoints: endpoints{ - "us-gov-east-1": endpoint{ - Hostname: "outposts.us-gov-east-1.amazonaws.com", + "redshift": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{ + Hostname: "redshift.us-gov-east-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-east-1", }, }, - "us-gov-west-1": endpoint{ - Hostname: "outposts.us-gov-west-1.amazonaws.com", + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{ + Hostname: "redshift.us-gov-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-west-1", }, }, }, }, - "pinpoint": service{ - Defaults: endpoint{ - CredentialScope: credentialScope{ - Service: "mobiletargeting", + "rekognition": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "rekognition-fips.us-gov-west-1", + }: endpoint{ + Hostname: "rekognition-fips.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + Deprecated: boxedTrue, }, - }, - Endpoints: endpoints{ - "fips-us-gov-west-1": endpoint{ - Hostname: "pinpoint-fips.us-gov-west-1.amazonaws.com", + endpointKey{ + Region: "rekognition.us-gov-west-1", + }: endpoint{ CredentialScope: credentialScope{ Region: "us-gov-west-1", }, + Deprecated: boxedTrue, }, - "us-gov-west-1": endpoint{ - Hostname: "pinpoint.us-gov-west-1.amazonaws.com", + endpointKey{ + Region: "rekognition.us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "rekognition-fips.us-gov-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-west-1", }, + Deprecated: boxedTrue, }, - }, - }, - "polly": service{ - - Endpoints: endpoints{ - "fips-us-gov-west-1": endpoint{ - Hostname: "polly-fips.us-gov-west-1.amazonaws.com", + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "rekognition-fips.us-gov-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-gov-west-1-fips", + }: endpoint{ + Hostname: "rekognition-fips.us-gov-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-west-1", }, + Deprecated: boxedTrue, }, - "us-gov-west-1": endpoint{}, - }, - }, - "ram": service{ - - Endpoints: endpoints{ - "us-gov-east-1": endpoint{}, - "us-gov-west-1": endpoint{}, }, }, - "rds": service{ - - Endpoints: endpoints{ - "rds.us-gov-east-1": endpoint{ - Hostname: "rds.us-gov-east-1.amazonaws.com", + "resiliencehub": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-gov-east-1", + }: endpoint{ + Hostname: "resiliencehub-fips.us-gov-east-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-east-1", }, + Deprecated: boxedTrue, }, - "rds.us-gov-west-1": endpoint{ - Hostname: "rds.us-gov-west-1.amazonaws.com", + endpointKey{ + Region: "fips-us-gov-west-1", + }: endpoint{ + Hostname: "resiliencehub-fips.us-gov-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-west-1", }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "resiliencehub-fips.us-gov-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "resiliencehub-fips.us-gov-west-1.amazonaws.com", }, - "us-gov-east-1": endpoint{}, - "us-gov-west-1": endpoint{}, }, }, - "redshift": service{ - - Endpoints: endpoints{ - "us-gov-east-1": endpoint{ - Hostname: "redshift.us-gov-east-1.amazonaws.com", + "resource-groups": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{}, + defaultKey{ + Variant: fipsVariant, + }: endpoint{ + Hostname: "resource-groups.{region}.{dnsSuffix}", + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-gov-east-1", + }: endpoint{ + Hostname: "resource-groups.us-gov-east-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-east-1", }, + Deprecated: boxedTrue, }, - "us-gov-west-1": endpoint{ - Hostname: "redshift.us-gov-west-1.amazonaws.com", + endpointKey{ + Region: "fips-us-gov-west-1", + }: endpoint{ + Hostname: "resource-groups.us-gov-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-west-1", }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "resource-groups.us-gov-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "resource-groups.us-gov-west-1.amazonaws.com", }, }, }, - "rekognition": service{ - - Endpoints: endpoints{ - "rekognition-fips.us-gov-west-1": endpoint{ - Hostname: "rekognition-fips.us-gov-west-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-west-1", - }, - }, - "us-gov-west-1": endpoint{}, + "robomaker": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, }, }, - "resource-groups": service{ - - Endpoints: endpoints{ - "fips-us-gov-east-1": endpoint{ - Hostname: "resource-groups.us-gov-east-1.amazonaws.com", + "rolesanywhere": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-gov-east-1", + }: endpoint{ + Hostname: "rolesanywhere-fips.us-gov-east-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-east-1", }, + Deprecated: boxedTrue, }, - "fips-us-gov-west-1": endpoint{ - Hostname: "resource-groups.us-gov-west-1.amazonaws.com", + endpointKey{ + Region: "fips-us-gov-west-1", + }: endpoint{ + Hostname: "rolesanywhere-fips.us-gov-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-west-1", }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "rolesanywhere-fips.us-gov-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "rolesanywhere-fips.us-gov-west-1.amazonaws.com", }, - "us-gov-east-1": endpoint{}, - "us-gov-west-1": endpoint{}, }, }, "route53": service{ PartitionEndpoint: "aws-us-gov-global", IsRegionalized: boxedFalse, - - Endpoints: endpoints{ - "aws-us-gov-global": endpoint{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "aws-us-gov-global", + }: endpoint{ + Hostname: "route53.us-gov.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, + endpointKey{ + Region: "aws-us-gov-global", + Variant: fipsVariant, + }: endpoint{ Hostname: "route53.us-gov.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-west-1", }, }, - "fips-aws-us-gov-global": endpoint{ + endpointKey{ + Region: "fips-aws-us-gov-global", + }: endpoint{ Hostname: "route53.us-gov.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-west-1", }, + Deprecated: boxedTrue, }, }, }, "route53resolver": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "route53resolver.us-gov-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-gov-east-1-fips", + }: endpoint{ + Hostname: "route53resolver.us-gov-east-1.amazonaws.com", + + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "route53resolver.us-gov-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-gov-west-1-fips", + }: endpoint{ + Hostname: "route53resolver.us-gov-west-1.amazonaws.com", - Endpoints: endpoints{ - "us-gov-east-1": endpoint{}, - "us-gov-west-1": endpoint{}, + Deprecated: boxedTrue, + }, + }, + }, + "runtime.lex": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + CredentialScope: credentialScope{ + Service: "lex", + }, + }, + defaultKey{ + Variant: fipsVariant, + }: endpoint{ + Hostname: "runtime-fips.lex.{region}.{dnsSuffix}", + CredentialScope: credentialScope{ + Service: "lex", + }, + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "runtime-fips.lex.us-gov-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-gov-west-1-fips", + }: endpoint{ + Hostname: "runtime-fips.lex.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + Deprecated: boxedTrue, + }, }, }, "runtime.sagemaker": service{ - - Endpoints: endpoints{ - "us-gov-west-1": endpoint{}, + Defaults: endpointDefaults{ + defaultKey{}: endpoint{}, + defaultKey{ + Variant: fipsVariant, + }: endpoint{ + Hostname: "runtime.sagemaker.{region}.{dnsSuffix}", + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "runtime.sagemaker.us-gov-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-gov-west-1-fips", + }: endpoint{ + Hostname: "runtime.sagemaker.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + Deprecated: boxedTrue, + }, }, }, "s3": service{ - Defaults: endpoint{ - SignatureVersions: []string{"s3", "s3v4"}, - - HasDualStack: boxedTrue, - DualStackHostname: "{service}.dualstack.{region}.{dnsSuffix}", + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + SignatureVersions: []string{"s3", "s3v4"}, + }, + defaultKey{ + Variant: dualStackVariant, + }: endpoint{ + Hostname: "{service}.dualstack.{region}.{dnsSuffix}", + DNSSuffix: "amazonaws.com", + SignatureVersions: []string{"s3", "s3v4"}, + }, + defaultKey{ + Variant: fipsVariant | dualStackVariant, + }: endpoint{ + Hostname: "{service}-fips.dualstack.{region}.{dnsSuffix}", + DNSSuffix: "amazonaws.com", + SignatureVersions: []string{"s3", "s3v4"}, + }, }, - Endpoints: endpoints{ - "fips-us-gov-west-1": endpoint{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-gov-east-1", + }: endpoint{ + Hostname: "s3-fips.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-gov-west-1", + }: endpoint{ Hostname: "s3-fips.us-gov-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-west-1", }, + Deprecated: boxedTrue, }, - "us-gov-east-1": endpoint{ + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{ Hostname: "s3.us-gov-east-1.amazonaws.com", Protocols: []string{"http", "https"}, }, - "us-gov-west-1": endpoint{ + endpointKey{ + Region: "us-gov-east-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "s3.dualstack.us-gov-east-1.amazonaws.com", + Protocols: []string{"http", "https"}, + }, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "s3-fips.us-gov-east-1.amazonaws.com", + Protocols: []string{"http", "https"}, + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{ Hostname: "s3.us-gov-west-1.amazonaws.com", Protocols: []string{"http", "https"}, }, + endpointKey{ + Region: "us-gov-west-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "s3.dualstack.us-gov-west-1.amazonaws.com", + Protocols: []string{"http", "https"}, + }, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "s3-fips.us-gov-west-1.amazonaws.com", + Protocols: []string{"http", "https"}, + }, }, }, "s3-control": service{ - Defaults: endpoint{ - Protocols: []string{"https"}, - SignatureVersions: []string{"s3v4"}, - - HasDualStack: boxedTrue, - DualStackHostname: "{service}.dualstack.{region}.{dnsSuffix}", + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + Protocols: []string{"https"}, + SignatureVersions: []string{"s3v4"}, + }, + defaultKey{ + Variant: dualStackVariant, + }: endpoint{ + Hostname: "{service}.dualstack.{region}.{dnsSuffix}", + DNSSuffix: "amazonaws.com", + Protocols: []string{"https"}, + SignatureVersions: []string{"s3v4"}, + }, + defaultKey{ + Variant: fipsVariant | dualStackVariant, + }: endpoint{ + Hostname: "{service}-fips.dualstack.{region}.{dnsSuffix}", + DNSSuffix: "amazonaws.com", + Protocols: []string{"https"}, + SignatureVersions: []string{"s3v4"}, + }, }, - Endpoints: endpoints{ - "us-gov-east-1": endpoint{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{ Hostname: "s3-control.us-gov-east-1.amazonaws.com", SignatureVersions: []string{"s3v4"}, CredentialScope: credentialScope{ Region: "us-gov-east-1", }, }, - "us-gov-east-1-fips": endpoint{ + endpointKey{ + Region: "us-gov-east-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "s3-control.dualstack.us-gov-east-1.amazonaws.com", + SignatureVersions: []string{"s3v4"}, + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + }, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "s3-control-fips.us-gov-east-1.amazonaws.com", + SignatureVersions: []string{"s3v4"}, + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + }, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant | dualStackVariant, + }: endpoint{ + Hostname: "s3-control-fips.dualstack.us-gov-east-1.amazonaws.com", + SignatureVersions: []string{"s3v4"}, + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + }, + endpointKey{ + Region: "us-gov-east-1-fips", + }: endpoint{ Hostname: "s3-control-fips.us-gov-east-1.amazonaws.com", SignatureVersions: []string{"s3v4"}, CredentialScope: credentialScope{ Region: "us-gov-east-1", }, + Deprecated: boxedTrue, }, - "us-gov-west-1": endpoint{ + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{ Hostname: "s3-control.us-gov-west-1.amazonaws.com", SignatureVersions: []string{"s3v4"}, CredentialScope: credentialScope{ Region: "us-gov-west-1", }, }, - "us-gov-west-1-fips": endpoint{ + endpointKey{ + Region: "us-gov-west-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "s3-control.dualstack.us-gov-west-1.amazonaws.com", + SignatureVersions: []string{"s3v4"}, + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ Hostname: "s3-control-fips.us-gov-west-1.amazonaws.com", SignatureVersions: []string{"s3v4"}, CredentialScope: credentialScope{ Region: "us-gov-west-1", }, }, - }, - }, - "secretsmanager": service{ - - Endpoints: endpoints{ - "us-gov-east-1": endpoint{}, - "us-gov-east-1-fips": endpoint{ - Hostname: "secretsmanager-fips.us-gov-east-1.amazonaws.com", + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant | dualStackVariant, + }: endpoint{ + Hostname: "s3-control-fips.dualstack.us-gov-west-1.amazonaws.com", + SignatureVersions: []string{"s3v4"}, CredentialScope: credentialScope{ - Region: "us-gov-east-1", + Region: "us-gov-west-1", }, }, - "us-gov-west-1": endpoint{}, - "us-gov-west-1-fips": endpoint{ - Hostname: "secretsmanager-fips.us-gov-west-1.amazonaws.com", + endpointKey{ + Region: "us-gov-west-1-fips", + }: endpoint{ + Hostname: "s3-control-fips.us-gov-west-1.amazonaws.com", + SignatureVersions: []string{"s3v4"}, CredentialScope: credentialScope{ Region: "us-gov-west-1", }, + Deprecated: boxedTrue, + }, + }, + }, + "s3-outposts": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-gov-east-1", + }: endpoint{ + + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-gov-west-1", + }: endpoint{ + + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-east-1", + Variant: dualStackVariant, + }: endpoint{}, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{}, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant | dualStackVariant, + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: dualStackVariant, + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant | dualStackVariant, + }: endpoint{}, + }, + }, + "secretsmanager": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-east-1", + Variant: dualStackVariant, + }: endpoint{}, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{}, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant | dualStackVariant, + }: endpoint{}, + endpointKey{ + Region: "us-gov-east-1-fips", + }: endpoint{ + + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: dualStackVariant, + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant | dualStackVariant, + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1-fips", + }: endpoint{ + + Deprecated: boxedTrue, }, }, }, "securityhub": service{ - - Endpoints: endpoints{ - "fips-us-gov-east-1": endpoint{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-gov-east-1", + }: endpoint{ Hostname: "securityhub-fips.us-gov-east-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-east-1", }, + Deprecated: boxedTrue, }, - "fips-us-gov-west-1": endpoint{ + endpointKey{ + Region: "fips-us-gov-west-1", + }: endpoint{ Hostname: "securityhub-fips.us-gov-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-west-1", }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "securityhub-fips.us-gov-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "securityhub-fips.us-gov-west-1.amazonaws.com", }, - "us-gov-east-1": endpoint{}, - "us-gov-west-1": endpoint{}, }, }, "serverlessrepo": service{ - Defaults: endpoint{ - Protocols: []string{"https"}, + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + Protocols: []string{"https"}, + }, }, - Endpoints: endpoints{ - "us-gov-east-1": endpoint{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{ + Protocols: []string{"https"}, + }, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ Hostname: "serverlessrepo.us-gov-east-1.amazonaws.com", Protocols: []string{"https"}, + }, + endpointKey{ + Region: "us-gov-east-1-fips", + }: endpoint{ + Hostname: "serverlessrepo.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{ + Protocols: []string{"https"}, + }, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "serverlessrepo.us-gov-west-1.amazonaws.com", + Protocols: []string{"https"}, + }, + endpointKey{ + Region: "us-gov-west-1-fips", + }: endpoint{ + Hostname: "serverlessrepo.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + Deprecated: boxedTrue, + }, + }, + }, + "servicecatalog": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "servicecatalog-fips.us-gov-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-gov-east-1-fips", + }: endpoint{ + Hostname: "servicecatalog-fips.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "servicecatalog-fips.us-gov-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-gov-west-1-fips", + }: endpoint{ + Hostname: "servicecatalog-fips.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + Deprecated: boxedTrue, + }, + }, + }, + "servicecatalog-appregistry": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{}, + defaultKey{ + Variant: fipsVariant, + }: endpoint{ + Hostname: "servicecatalog-appregistry.{region}.{dnsSuffix}", + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + }, + }, + "servicediscovery": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "servicediscovery", + }: endpoint{ + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "servicediscovery", + Variant: fipsVariant, + }: endpoint{ + Hostname: "servicediscovery-fips.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "servicediscovery-fips", + }: endpoint{ + Hostname: "servicediscovery-fips.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-east-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "servicediscovery.us-gov-east-1.api.aws", + }, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "servicediscovery-fips.us-gov-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant | dualStackVariant, + }: endpoint{ + Hostname: "servicediscovery-fips.us-gov-east-1.api.aws", + }, + endpointKey{ + Region: "us-gov-east-1-fips", + }: endpoint{ + Hostname: "servicediscovery-fips.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: dualStackVariant, + }: endpoint{ + Hostname: "servicediscovery.us-gov-west-1.api.aws", + }, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "servicediscovery-fips.us-gov-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant | dualStackVariant, + }: endpoint{ + Hostname: "servicediscovery-fips.us-gov-west-1.api.aws", + }, + endpointKey{ + Region: "us-gov-west-1-fips", + }: endpoint{ + Hostname: "servicediscovery-fips.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + Deprecated: boxedTrue, + }, + }, + }, + "servicequotas": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + Protocols: []string{"https"}, + }, + defaultKey{ + Variant: fipsVariant, + }: endpoint{ + Hostname: "servicequotas.{region}.{dnsSuffix}", + Protocols: []string{"https"}, + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-gov-east-1", + }: endpoint{ + Hostname: "servicequotas.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-gov-west-1", + }: endpoint{ + Hostname: "servicequotas.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "servicequotas.us-gov-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "servicequotas.us-gov-west-1.amazonaws.com", + }, + }, + }, + "signer": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + }, + }, + "simspaceweaver": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-gov-east-1", + }: endpoint{ + Hostname: "simspaceweaver.us-gov-east-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-east-1", }, + Deprecated: boxedTrue, }, - "us-gov-west-1": endpoint{ - Hostname: "serverlessrepo.us-gov-west-1.amazonaws.com", - Protocols: []string{"https"}, + endpointKey{ + Region: "fips-us-gov-west-1", + }: endpoint{ + Hostname: "simspaceweaver.us-gov-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-west-1", }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "simspaceweaver.us-gov-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "simspaceweaver.us-gov-west-1.amazonaws.com", }, }, }, - "servicecatalog": service{ - - Endpoints: endpoints{ - "us-gov-east-1": endpoint{}, - "us-gov-east-1-fips": endpoint{ - Hostname: "servicecatalog-fips.us-gov-east-1.amazonaws.com", - CredentialScope: credentialScope{ - Region: "us-gov-east-1", - }, - }, - "us-gov-west-1": endpoint{}, - "us-gov-west-1-fips": endpoint{ - Hostname: "servicecatalog-fips.us-gov-west-1.amazonaws.com", + "sms": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-gov-west-1", + }: endpoint{ + Hostname: "sms-fips.us-gov-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-west-1", }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "sms-fips.us-gov-west-1.amazonaws.com", }, }, }, - "sms": service{ - - Endpoints: endpoints{ - "fips-us-gov-east-1": endpoint{ - Hostname: "sms-fips.us-gov-east-1.amazonaws.com", + "sms-voice": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-gov-east-1", + }: endpoint{ + Hostname: "sms-voice-fips.us-gov-east-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-east-1", }, + Deprecated: boxedTrue, }, - "fips-us-gov-west-1": endpoint{ - Hostname: "sms-fips.us-gov-west-1.amazonaws.com", + endpointKey{ + Region: "fips-us-gov-west-1", + }: endpoint{ + Hostname: "sms-voice-fips.us-gov-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-west-1", }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "sms-voice-fips.us-gov-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "sms-voice-fips.us-gov-west-1.amazonaws.com", }, - "us-gov-east-1": endpoint{}, - "us-gov-west-1": endpoint{}, }, }, "snowball": service{ - - Endpoints: endpoints{ - "fips-us-gov-east-1": endpoint{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-gov-east-1", + }: endpoint{ Hostname: "snowball-fips.us-gov-east-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-east-1", }, + Deprecated: boxedTrue, }, - "fips-us-gov-west-1": endpoint{ + endpointKey{ + Region: "fips-us-gov-west-1", + }: endpoint{ Hostname: "snowball-fips.us-gov-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-west-1", }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "snowball-fips.us-gov-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "snowball-fips.us-gov-west-1.amazonaws.com", }, - "us-gov-east-1": endpoint{}, - "us-gov-west-1": endpoint{}, }, }, "sns": service{ - - Endpoints: endpoints{ - "us-gov-east-1": endpoint{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-gov-east-1", + }: endpoint{ Hostname: "sns.us-gov-east-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-east-1", }, + Deprecated: boxedTrue, }, - "us-gov-west-1": endpoint{ - Hostname: "sns.us-gov-west-1.amazonaws.com", - Protocols: []string{"http", "https"}, + endpointKey{ + Region: "fips-us-gov-west-1", + }: endpoint{ + Hostname: "sns.us-gov-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-west-1", }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "sns.us-gov-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{ + Protocols: []string{"https"}, + }, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "sns.us-gov-west-1.amazonaws.com", + Protocols: []string{"https"}, }, }, }, "sqs": service{ - - Endpoints: endpoints{ - "us-gov-east-1": endpoint{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{}, + defaultKey{ + Variant: fipsVariant, + }: endpoint{ + Hostname: "sqs.{region}.{dnsSuffix}", + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{ Hostname: "sqs.us-gov-east-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-east-1", }, }, - "us-gov-west-1": endpoint{ + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{ Hostname: "sqs.us-gov-west-1.amazonaws.com", SSLCommonName: "{region}.queue.{dnsSuffix}", Protocols: []string{"http", "https"}, @@ -9139,228 +42928,815 @@ var awsusgovPartition = partition{ }, }, "ssm": service{ - - Endpoints: endpoints{ - "fips-us-gov-east-1": endpoint{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{}, + defaultKey{ + Variant: fipsVariant, + }: endpoint{ + Hostname: "ssm.{region}.{dnsSuffix}", + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-gov-east-1", + }: endpoint{ Hostname: "ssm.us-gov-east-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-east-1", }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-gov-west-1", + }: endpoint{ + Hostname: "ssm.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "ssm.us-gov-east-1.amazonaws.com", }, - "fips-us-gov-west-1": endpoint{ + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ Hostname: "ssm.us-gov-west-1.amazonaws.com", + }, + }, + }, + "sso": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{ + Hostname: "sso.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + }, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "sso.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + }, + endpointKey{ + Region: "us-gov-east-1-fips", + }: endpoint{ + Hostname: "sso.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{ + Hostname: "sso.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "sso.us-gov-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-west-1", }, }, - "us-gov-east-1": endpoint{}, - "us-gov-west-1": endpoint{}, + endpointKey{ + Region: "us-gov-west-1-fips", + }: endpoint{ + Hostname: "sso.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + Deprecated: boxedTrue, + }, }, }, "states": service{ - - Endpoints: endpoints{ - "fips-us-gov-east-1": endpoint{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-gov-east-1", + }: endpoint{ Hostname: "states-fips.us-gov-east-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-east-1", }, + Deprecated: boxedTrue, }, - "fips-us-gov-west-1": endpoint{ + endpointKey{ + Region: "fips-us-gov-west-1", + }: endpoint{ Hostname: "states.us-gov-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-west-1", }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "states-fips.us-gov-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "states.us-gov-west-1.amazonaws.com", }, - "us-gov-east-1": endpoint{}, - "us-gov-west-1": endpoint{}, }, }, "storagegateway": service{ - - Endpoints: endpoints{ - "fips": endpoint{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips", + }: endpoint{ + Hostname: "storagegateway-fips.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "storagegateway-fips.us-gov-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-gov-east-1-fips", + }: endpoint{ + Hostname: "storagegateway-fips.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "storagegateway-fips.us-gov-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-gov-west-1-fips", + }: endpoint{ Hostname: "storagegateway-fips.us-gov-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-west-1", }, + Deprecated: boxedTrue, }, - "us-gov-east-1": endpoint{}, - "us-gov-west-1": endpoint{}, }, }, "streams.dynamodb": service{ - Defaults: endpoint{ - CredentialScope: credentialScope{ - Service: "dynamodb", + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + CredentialScope: credentialScope{ + Service: "dynamodb", + }, + }, + defaultKey{ + Variant: fipsVariant, + }: endpoint{ + Hostname: "streams.dynamodb.{region}.{dnsSuffix}", + CredentialScope: credentialScope{ + Service: "dynamodb", + }, }, }, - Endpoints: endpoints{ - "us-gov-east-1": endpoint{}, - "us-gov-east-1-fips": endpoint{ - Hostname: "dynamodb.us-gov-east-1.amazonaws.com", + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "streams.dynamodb.us-gov-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-gov-east-1-fips", + }: endpoint{ + Hostname: "streams.dynamodb.us-gov-east-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-east-1", }, + Deprecated: boxedTrue, }, - "us-gov-west-1": endpoint{}, - "us-gov-west-1-fips": endpoint{ - Hostname: "dynamodb.us-gov-west-1.amazonaws.com", + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "streams.dynamodb.us-gov-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-gov-west-1-fips", + }: endpoint{ + Hostname: "streams.dynamodb.us-gov-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-west-1", }, + Deprecated: boxedTrue, }, }, }, "sts": service{ - - Endpoints: endpoints{ - "us-gov-east-1": endpoint{}, - "us-gov-east-1-fips": endpoint{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{}, + defaultKey{ + Variant: fipsVariant, + }: endpoint{ + Hostname: "sts.{region}.{dnsSuffix}", + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "sts.us-gov-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-gov-east-1-fips", + }: endpoint{ Hostname: "sts.us-gov-east-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-east-1", }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "sts.us-gov-west-1.amazonaws.com", }, - "us-gov-west-1": endpoint{}, - "us-gov-west-1-fips": endpoint{ + endpointKey{ + Region: "us-gov-west-1-fips", + }: endpoint{ Hostname: "sts.us-gov-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-west-1", }, + Deprecated: boxedTrue, }, }, }, "support": service{ PartitionEndpoint: "aws-us-gov-global", - - Endpoints: endpoints{ - "aws-us-gov-global": endpoint{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "aws-us-gov-global", + }: endpoint{ + Hostname: "support.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, + endpointKey{ + Region: "fips-us-gov-west-1", + }: endpoint{ Hostname: "support.us-gov-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-west-1", }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{ + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + Deprecated: boxedTrue, }, - "fips-us-gov-west-1": endpoint{ + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ Hostname: "support.us-gov-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-west-1", }, + Deprecated: boxedTrue, }, }, }, "swf": service{ - - Endpoints: endpoints{ - "us-gov-east-1": endpoint{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{ + Hostname: "swf.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + }, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "swf.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + }, + endpointKey{ + Region: "us-gov-east-1-fips", + }: endpoint{ Hostname: "swf.us-gov-east-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-east-1", }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{ + Hostname: "swf.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "swf.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, }, - "us-gov-west-1": endpoint{ + endpointKey{ + Region: "us-gov-west-1-fips", + }: endpoint{ Hostname: "swf.us-gov-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-west-1", }, + Deprecated: boxedTrue, + }, + }, + }, + "synthetics": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-gov-east-1", + }: endpoint{ + Hostname: "synthetics-fips.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-gov-west-1", + }: endpoint{ + Hostname: "synthetics-fips.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "synthetics-fips.us-gov-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "synthetics-fips.us-gov-west-1.amazonaws.com", }, }, }, "tagging": service{ - - Endpoints: endpoints{ - "us-gov-east-1": endpoint{}, - "us-gov-west-1": endpoint{}, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + }, + }, + "textract": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-gov-east-1", + }: endpoint{ + Hostname: "textract-fips.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-gov-west-1", + }: endpoint{ + Hostname: "textract-fips.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "textract-fips.us-gov-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "textract-fips.us-gov-west-1.amazonaws.com", + }, }, }, "transcribe": service{ - Defaults: endpoint{ - Protocols: []string{"https"}, + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + Protocols: []string{"https"}, + }, + defaultKey{ + Variant: fipsVariant, + }: endpoint{ + Hostname: "fips.transcribe.{region}.{dnsSuffix}", + Protocols: []string{"https"}, + }, }, - Endpoints: endpoints{ - "fips-us-gov-east-1": endpoint{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-gov-east-1", + }: endpoint{ Hostname: "fips.transcribe.us-gov-east-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-east-1", }, + Deprecated: boxedTrue, }, - "fips-us-gov-west-1": endpoint{ + endpointKey{ + Region: "fips-us-gov-west-1", + }: endpoint{ Hostname: "fips.transcribe.us-gov-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-west-1", }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "fips.transcribe.us-gov-east-1.amazonaws.com", }, - "us-gov-east-1": endpoint{}, - "us-gov-west-1": endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "fips.transcribe.us-gov-west-1.amazonaws.com", + }, + }, + }, + "transcribestreaming": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, }, }, "transfer": service{ - - Endpoints: endpoints{ - "fips-us-gov-east-1": endpoint{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-gov-east-1", + }: endpoint{ Hostname: "transfer-fips.us-gov-east-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-east-1", }, + Deprecated: boxedTrue, }, - "fips-us-gov-west-1": endpoint{ + endpointKey{ + Region: "fips-us-gov-west-1", + }: endpoint{ Hostname: "transfer-fips.us-gov-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-west-1", }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "transfer-fips.us-gov-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "transfer-fips.us-gov-west-1.amazonaws.com", }, - "us-gov-east-1": endpoint{}, - "us-gov-west-1": endpoint{}, }, }, "translate": service{ - Defaults: endpoint{ - Protocols: []string{"https"}, + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + Protocols: []string{"https"}, + }, }, - Endpoints: endpoints{ - "us-gov-west-1": endpoint{}, - "us-gov-west-1-fips": endpoint{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "translate-fips.us-gov-west-1.amazonaws.com", + }, + endpointKey{ + Region: "us-gov-west-1-fips", + }: endpoint{ Hostname: "translate-fips.us-gov-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-west-1", }, + Deprecated: boxedTrue, }, }, }, "waf-regional": service{ - - Endpoints: endpoints{ - "fips-us-gov-west-1": endpoint{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-gov-east-1", + }: endpoint{ + Hostname: "waf-regional-fips.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-gov-west-1", + }: endpoint{ Hostname: "waf-regional-fips.us-gov-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-west-1", }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{ + Hostname: "waf-regional.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + }, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "waf-regional-fips.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, }, - "us-gov-west-1": endpoint{ + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{ Hostname: "waf-regional.us-gov-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-west-1", }, }, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "waf-regional-fips.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, + }, + }, + "wafv2": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-gov-east-1", + }: endpoint{ + Hostname: "wafv2-fips.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-gov-west-1", + }: endpoint{ + Hostname: "wafv2-fips.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{ + Hostname: "wafv2.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + }, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "wafv2-fips.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{ + Hostname: "wafv2.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "wafv2-fips.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + }, + }, + }, + "wellarchitected": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, }, }, "workspaces": service{ - - Endpoints: endpoints{ - "fips-us-gov-west-1": endpoint{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-gov-east-1", + }: endpoint{ + Hostname: "workspaces-fips.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-gov-west-1", + }: endpoint{ Hostname: "workspaces-fips.us-gov-west-1.amazonaws.com", CredentialScope: credentialScope{ Region: "us-gov-west-1", }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "workspaces-fips.us-gov-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "workspaces-fips.us-gov-west-1.amazonaws.com", }, - "us-gov-west-1": endpoint{}, }, }, "xray": service{ - - Endpoints: endpoints{ - "us-gov-east-1": endpoint{}, - "us-gov-west-1": endpoint{}, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-gov-east-1", + }: endpoint{ + Hostname: "xray-fips.us-gov-east-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-gov-west-1", + }: endpoint{ + Hostname: "xray-fips.us-gov-west-1.amazonaws.com", + CredentialScope: credentialScope{ + Region: "us-gov-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-gov-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "xray-fips.us-gov-east-1.amazonaws.com", + }, + endpointKey{ + Region: "us-gov-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-gov-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "xray-fips.us-gov-west-1.amazonaws.com", + }, }, }, }, @@ -9381,203 +43757,594 @@ var awsisoPartition = partition{ return reg }(), }, - Defaults: endpoint{ - Hostname: "{service}.{region}.{dnsSuffix}", - Protocols: []string{"https"}, - SignatureVersions: []string{"v4"}, + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + Hostname: "{service}.{region}.{dnsSuffix}", + Protocols: []string{"https"}, + SignatureVersions: []string{"v4"}, + }, + defaultKey{ + Variant: fipsVariant, + }: endpoint{ + Hostname: "{service}-fips.{region}.{dnsSuffix}", + DNSSuffix: "c2s.ic.gov", + Protocols: []string{"https"}, + SignatureVersions: []string{"v4"}, + }, }, Regions: regions{ "us-iso-east-1": region{ Description: "US ISO East", }, + "us-iso-west-1": region{ + Description: "US ISO WEST", + }, }, Services: services{ "api.ecr": service{ - - Endpoints: endpoints{ - "us-iso-east-1": endpoint{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-iso-east-1", + }: endpoint{ Hostname: "api.ecr.us-iso-east-1.c2s.ic.gov", CredentialScope: credentialScope{ Region: "us-iso-east-1", }, }, + endpointKey{ + Region: "us-iso-west-1", + }: endpoint{ + Hostname: "api.ecr.us-iso-west-1.c2s.ic.gov", + CredentialScope: credentialScope{ + Region: "us-iso-west-1", + }, + }, + }, + }, + "api.pricing": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + CredentialScope: credentialScope{ + Service: "pricing", + }, + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-iso-east-1", + }: endpoint{}, }, }, "api.sagemaker": service{ - - Endpoints: endpoints{ - "us-iso-east-1": endpoint{}, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-iso-east-1", + }: endpoint{}, + }, + }, + "apigateway": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-iso-east-1", + }: endpoint{}, + }, + }, + "appconfig": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-iso-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-iso-west-1", + }: endpoint{}, }, }, - "apigateway": service{ - - Endpoints: endpoints{ - "us-iso-east-1": endpoint{}, + "appconfigdata": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-iso-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-iso-west-1", + }: endpoint{}, }, }, "application-autoscaling": service{ - Defaults: endpoint{ - Protocols: []string{"http", "https"}, + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + Protocols: []string{"http", "https"}, + }, }, - Endpoints: endpoints{ - "us-iso-east-1": endpoint{}, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-iso-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-iso-west-1", + }: endpoint{}, + }, + }, + "arc-zonal-shift": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-iso-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-iso-west-1", + }: endpoint{}, + }, + }, + "athena": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-iso-east-1", + }: endpoint{}, }, }, "autoscaling": service{ - - Endpoints: endpoints{ - "us-iso-east-1": endpoint{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-iso-east-1", + }: endpoint{ Protocols: []string{"http", "https"}, }, + endpointKey{ + Region: "us-iso-west-1", + }: endpoint{}, + }, + }, + "cloudcontrolapi": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-iso-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-iso-west-1", + }: endpoint{}, }, }, "cloudformation": service{ - - Endpoints: endpoints{ - "us-iso-east-1": endpoint{}, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-iso-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-iso-west-1", + }: endpoint{}, }, }, "cloudtrail": service{ - - Endpoints: endpoints{ - "us-iso-east-1": endpoint{}, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-iso-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-iso-west-1", + }: endpoint{}, }, }, "codedeploy": service{ - - Endpoints: endpoints{ - "us-iso-east-1": endpoint{}, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-iso-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-iso-west-1", + }: endpoint{}, }, }, "comprehend": service{ - Defaults: endpoint{ - Protocols: []string{"https"}, + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + Protocols: []string{"https"}, + }, }, - Endpoints: endpoints{ - "us-iso-east-1": endpoint{}, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-iso-east-1", + }: endpoint{}, }, }, "config": service{ - - Endpoints: endpoints{ - "us-iso-east-1": endpoint{}, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-iso-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-iso-west-1", + }: endpoint{}, }, }, "datapipeline": service{ - - Endpoints: endpoints{ - "us-iso-east-1": endpoint{}, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-iso-east-1", + }: endpoint{}, + }, + }, + "datasync": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-iso-east-1", + }: endpoint{ + Hostname: "datasync-fips.us-iso-east-1.c2s.ic.gov", + CredentialScope: credentialScope{ + Region: "us-iso-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-iso-west-1", + }: endpoint{ + Hostname: "datasync-fips.us-iso-west-1.c2s.ic.gov", + CredentialScope: credentialScope{ + Region: "us-iso-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-iso-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-iso-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "datasync-fips.us-iso-east-1.c2s.ic.gov", + }, + endpointKey{ + Region: "us-iso-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-iso-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "datasync-fips.us-iso-west-1.c2s.ic.gov", + }, }, }, "directconnect": service{ - - Endpoints: endpoints{ - "us-iso-east-1": endpoint{}, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-iso-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-iso-west-1", + }: endpoint{}, + }, + }, + "dlm": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-iso-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-iso-west-1", + }: endpoint{}, }, }, "dms": service{ - - Endpoints: endpoints{ - "dms-fips": endpoint{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{}, + defaultKey{ + Variant: fipsVariant, + }: endpoint{ + Hostname: "dms.{region}.{dnsSuffix}", + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "dms", + }: endpoint{ + CredentialScope: credentialScope{ + Region: "us-iso-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "dms", + Variant: fipsVariant, + }: endpoint{ + Hostname: "dms.us-iso-east-1.c2s.ic.gov", + CredentialScope: credentialScope{ + Region: "us-iso-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "dms-fips", + }: endpoint{ + Hostname: "dms.us-iso-east-1.c2s.ic.gov", + CredentialScope: credentialScope{ + Region: "us-iso-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-iso-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-iso-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "dms.us-iso-east-1.c2s.ic.gov", + }, + endpointKey{ + Region: "us-iso-east-1-fips", + }: endpoint{ Hostname: "dms.us-iso-east-1.c2s.ic.gov", CredentialScope: credentialScope{ Region: "us-iso-east-1", }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-iso-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-iso-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "dms.us-iso-west-1.c2s.ic.gov", + }, + endpointKey{ + Region: "us-iso-west-1-fips", + }: endpoint{ + Hostname: "dms.us-iso-west-1.c2s.ic.gov", + CredentialScope: credentialScope{ + Region: "us-iso-west-1", + }, + Deprecated: boxedTrue, }, - "us-iso-east-1": endpoint{}, }, }, "ds": service{ - - Endpoints: endpoints{ - "us-iso-east-1": endpoint{}, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-iso-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-iso-west-1", + }: endpoint{}, }, }, "dynamodb": service{ - - Endpoints: endpoints{ - "us-iso-east-1": endpoint{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-iso-east-1", + }: endpoint{ Protocols: []string{"http", "https"}, }, + endpointKey{ + Region: "us-iso-west-1", + }: endpoint{}, }, }, - "ec2": service{ - - Endpoints: endpoints{ - "us-iso-east-1": endpoint{}, + "ebs": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-iso-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-iso-west-1", + }: endpoint{}, }, }, - "ec2metadata": service{ - PartitionEndpoint: "aws-global", - IsRegionalized: boxedFalse, - - Endpoints: endpoints{ - "aws-global": endpoint{ - Hostname: "169.254.169.254/latest", - Protocols: []string{"http"}, - }, + "ec2": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-iso-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-iso-west-1", + }: endpoint{}, }, }, "ecs": service{ - - Endpoints: endpoints{ - "us-iso-east-1": endpoint{}, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-iso-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-iso-west-1", + }: endpoint{}, + }, + }, + "eks": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + Protocols: []string{"http", "https"}, + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-iso-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-iso-west-1", + }: endpoint{}, }, }, "elasticache": service{ - - Endpoints: endpoints{ - "us-iso-east-1": endpoint{}, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-iso-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-iso-west-1", + }: endpoint{}, + }, + }, + "elasticfilesystem": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-iso-east-1", + }: endpoint{ + Hostname: "elasticfilesystem-fips.us-iso-east-1.c2s.ic.gov", + CredentialScope: credentialScope{ + Region: "us-iso-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-iso-west-1", + }: endpoint{ + Hostname: "elasticfilesystem-fips.us-iso-west-1.c2s.ic.gov", + CredentialScope: credentialScope{ + Region: "us-iso-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-iso-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-iso-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "elasticfilesystem-fips.us-iso-east-1.c2s.ic.gov", + }, + endpointKey{ + Region: "us-iso-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-iso-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "elasticfilesystem-fips.us-iso-west-1.c2s.ic.gov", + }, }, }, "elasticloadbalancing": service{ - - Endpoints: endpoints{ - "us-iso-east-1": endpoint{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-iso-east-1", + }: endpoint{ Protocols: []string{"http", "https"}, }, + endpointKey{ + Region: "us-iso-west-1", + }: endpoint{}, }, }, "elasticmapreduce": service{ - - Endpoints: endpoints{ - "us-iso-east-1": endpoint{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-iso-east-1", + }: endpoint{ + Hostname: "elasticmapreduce.us-iso-east-1.c2s.ic.gov", + CredentialScope: credentialScope{ + Region: "us-iso-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-iso-west-1", + }: endpoint{ + Hostname: "elasticmapreduce.us-iso-west-1.c2s.ic.gov", + CredentialScope: credentialScope{ + Region: "us-iso-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-iso-east-1", + }: endpoint{ + Protocols: []string{"https"}, + }, + endpointKey{ + Region: "us-iso-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "elasticmapreduce.us-iso-east-1.c2s.ic.gov", Protocols: []string{"https"}, }, + endpointKey{ + Region: "us-iso-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-iso-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "elasticmapreduce.us-iso-west-1.c2s.ic.gov", + }, }, }, "es": service{ - - Endpoints: endpoints{ - "us-iso-east-1": endpoint{}, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-iso-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-iso-west-1", + }: endpoint{}, }, }, "events": service{ - - Endpoints: endpoints{ - "us-iso-east-1": endpoint{}, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-iso-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-iso-west-1", + }: endpoint{}, + }, + }, + "firehose": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-iso-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-iso-west-1", + }: endpoint{}, }, }, "glacier": service{ - - Endpoints: endpoints{ - "us-iso-east-1": endpoint{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-iso-east-1", + }: endpoint{ Protocols: []string{"http", "https"}, }, + endpointKey{ + Region: "us-iso-west-1", + }: endpoint{}, + }, + }, + "glue": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-iso-east-1", + }: endpoint{}, + }, + }, + "guardduty": service{ + IsRegionalized: boxedTrue, + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + Protocols: []string{"https"}, + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-iso-east-1", + }: endpoint{}, }, }, "health": service{ - - Endpoints: endpoints{ - "us-iso-east-1": endpoint{}, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-iso-east-1", + }: endpoint{}, }, }, "iam": service{ PartitionEndpoint: "aws-iso-global", IsRegionalized: boxedFalse, - - Endpoints: endpoints{ - "aws-iso-global": endpoint{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "aws-iso-global", + }: endpoint{ Hostname: "iam.us-iso-east-1.c2s.ic.gov", CredentialScope: credentialScope{ Region: "us-iso-east-1", @@ -9586,59 +44353,363 @@ var awsisoPartition = partition{ }, }, "kinesis": service{ - - Endpoints: endpoints{ - "us-iso-east-1": endpoint{}, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-iso-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-iso-west-1", + }: endpoint{}, }, }, "kms": service{ - - Endpoints: endpoints{ - "ProdFips": endpoint{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ProdFips", + }: endpoint{ Hostname: "kms-fips.us-iso-east-1.c2s.ic.gov", CredentialScope: credentialScope{ Region: "us-iso-east-1", }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-iso-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-iso-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "kms-fips.us-iso-east-1.c2s.ic.gov", + }, + endpointKey{ + Region: "us-iso-east-1-fips", + }: endpoint{ + Hostname: "kms-fips.us-iso-east-1.c2s.ic.gov", + CredentialScope: credentialScope{ + Region: "us-iso-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-iso-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-iso-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "kms-fips.us-iso-west-1.c2s.ic.gov", + }, + endpointKey{ + Region: "us-iso-west-1-fips", + }: endpoint{ + Hostname: "kms-fips.us-iso-west-1.c2s.ic.gov", + CredentialScope: credentialScope{ + Region: "us-iso-west-1", + }, + Deprecated: boxedTrue, }, - "us-iso-east-1": endpoint{}, }, }, "lambda": service{ - - Endpoints: endpoints{ - "us-iso-east-1": endpoint{}, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-iso-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-iso-west-1", + }: endpoint{}, + }, + }, + "license-manager": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-iso-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-iso-west-1", + }: endpoint{}, }, }, "logs": service{ - - Endpoints: endpoints{ - "us-iso-east-1": endpoint{}, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-iso-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-iso-west-1", + }: endpoint{}, + }, + }, + "medialive": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-iso-east-1", + }: endpoint{}, + }, + }, + "mediapackage": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-iso-east-1", + }: endpoint{}, + }, + }, + "metrics.sagemaker": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-iso-east-1", + }: endpoint{}, }, }, "monitoring": service{ - - Endpoints: endpoints{ - "us-iso-east-1": endpoint{}, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-iso-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-iso-west-1", + }: endpoint{}, + }, + }, + "outposts": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-iso-east-1", + }: endpoint{}, + }, + }, + "ram": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-iso-east-1", + }: endpoint{ + Hostname: "ram-fips.us-iso-east-1.c2s.ic.gov", + CredentialScope: credentialScope{ + Region: "us-iso-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-iso-west-1", + }: endpoint{ + Hostname: "ram-fips.us-iso-west-1.c2s.ic.gov", + CredentialScope: credentialScope{ + Region: "us-iso-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-iso-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-iso-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "ram-fips.us-iso-east-1.c2s.ic.gov", + }, + endpointKey{ + Region: "us-iso-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-iso-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "ram-fips.us-iso-west-1.c2s.ic.gov", + }, + }, + }, + "rbin": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-iso-east-1", + }: endpoint{ + Hostname: "rbin-fips.us-iso-east-1.c2s.ic.gov", + CredentialScope: credentialScope{ + Region: "us-iso-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-iso-west-1", + }: endpoint{ + Hostname: "rbin-fips.us-iso-west-1.c2s.ic.gov", + CredentialScope: credentialScope{ + Region: "us-iso-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-iso-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-iso-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "rbin-fips.us-iso-east-1.c2s.ic.gov", + }, + endpointKey{ + Region: "us-iso-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-iso-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "rbin-fips.us-iso-west-1.c2s.ic.gov", + }, }, }, "rds": service{ - - Endpoints: endpoints{ - "us-iso-east-1": endpoint{}, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "rds-fips.us-iso-east-1", + }: endpoint{ + Hostname: "rds-fips.us-iso-east-1.c2s.ic.gov", + CredentialScope: credentialScope{ + Region: "us-iso-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "rds-fips.us-iso-west-1", + }: endpoint{ + Hostname: "rds-fips.us-iso-west-1.c2s.ic.gov", + CredentialScope: credentialScope{ + Region: "us-iso-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "rds.us-iso-east-1", + }: endpoint{ + CredentialScope: credentialScope{ + Region: "us-iso-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "rds.us-iso-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "rds-fips.us-iso-east-1.c2s.ic.gov", + CredentialScope: credentialScope{ + Region: "us-iso-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "rds.us-iso-west-1", + }: endpoint{ + CredentialScope: credentialScope{ + Region: "us-iso-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "rds.us-iso-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "rds-fips.us-iso-west-1.c2s.ic.gov", + CredentialScope: credentialScope{ + Region: "us-iso-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-iso-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-iso-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "rds-fips.us-iso-east-1.c2s.ic.gov", + }, + endpointKey{ + Region: "us-iso-east-1-fips", + }: endpoint{ + Hostname: "rds-fips.us-iso-east-1.c2s.ic.gov", + CredentialScope: credentialScope{ + Region: "us-iso-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-iso-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-iso-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "rds-fips.us-iso-west-1.c2s.ic.gov", + }, + endpointKey{ + Region: "us-iso-west-1-fips", + }: endpoint{ + Hostname: "rds-fips.us-iso-west-1.c2s.ic.gov", + CredentialScope: credentialScope{ + Region: "us-iso-west-1", + }, + Deprecated: boxedTrue, + }, }, }, "redshift": service{ - - Endpoints: endpoints{ - "us-iso-east-1": endpoint{}, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-iso-east-1", + }: endpoint{ + Hostname: "redshift-fips.us-iso-east-1.c2s.ic.gov", + CredentialScope: credentialScope{ + Region: "us-iso-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-iso-west-1", + }: endpoint{ + Hostname: "redshift-fips.us-iso-west-1.c2s.ic.gov", + CredentialScope: credentialScope{ + Region: "us-iso-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-iso-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-iso-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "redshift-fips.us-iso-east-1.c2s.ic.gov", + }, + endpointKey{ + Region: "us-iso-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-iso-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "redshift-fips.us-iso-west-1.c2s.ic.gov", + }, + }, + }, + "resource-groups": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-iso-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-iso-west-1", + }: endpoint{}, }, }, "route53": service{ PartitionEndpoint: "aws-iso-global", IsRegionalized: boxedFalse, - - Endpoints: endpoints{ - "aws-iso-global": endpoint{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "aws-iso-global", + }: endpoint{ Hostname: "route53.c2s.ic.gov", CredentialScope: credentialScope{ Region: "us-iso-east-1", @@ -9646,75 +44717,181 @@ var awsisoPartition = partition{ }, }, }, + "route53resolver": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-iso-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-iso-west-1", + }: endpoint{}, + }, + }, "runtime.sagemaker": service{ - - Endpoints: endpoints{ - "us-iso-east-1": endpoint{}, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-iso-east-1", + }: endpoint{}, }, }, "s3": service{ - Defaults: endpoint{ - SignatureVersions: []string{"s3v4"}, + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + SignatureVersions: []string{"s3v4"}, + }, }, - Endpoints: endpoints{ - "us-iso-east-1": endpoint{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-iso-east-1", + }: endpoint{ + Hostname: "s3-fips.us-iso-east-1.c2s.ic.gov", + CredentialScope: credentialScope{ + Region: "us-iso-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "fips-us-iso-west-1", + }: endpoint{ + Hostname: "s3-fips.us-iso-west-1.c2s.ic.gov", + CredentialScope: credentialScope{ + Region: "us-iso-west-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-iso-east-1", + }: endpoint{ + Protocols: []string{"http", "https"}, + SignatureVersions: []string{"s3v4"}, + }, + endpointKey{ + Region: "us-iso-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "s3-fips.us-iso-east-1.c2s.ic.gov", Protocols: []string{"http", "https"}, SignatureVersions: []string{"s3v4"}, }, + endpointKey{ + Region: "us-iso-east-1", + Variant: fipsVariant | dualStackVariant, + }: endpoint{ + Hostname: "s3-fips.dualstack.us-iso-east-1.c2s.ic.gov", + Protocols: []string{"http", "https"}, + SignatureVersions: []string{"s3v4"}, + }, + endpointKey{ + Region: "us-iso-west-1", + }: endpoint{}, + endpointKey{ + Region: "us-iso-west-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "s3-fips.us-iso-west-1.c2s.ic.gov", + }, + endpointKey{ + Region: "us-iso-west-1", + Variant: fipsVariant | dualStackVariant, + }: endpoint{ + Hostname: "s3-fips.dualstack.us-iso-west-1.c2s.ic.gov", + }, + }, + }, + "secretsmanager": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-iso-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-iso-west-1", + }: endpoint{}, }, }, "snowball": service{ - - Endpoints: endpoints{ - "us-iso-east-1": endpoint{}, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-iso-east-1", + }: endpoint{}, }, }, "sns": service{ - - Endpoints: endpoints{ - "us-iso-east-1": endpoint{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-iso-east-1", + }: endpoint{ Protocols: []string{"http", "https"}, }, + endpointKey{ + Region: "us-iso-west-1", + }: endpoint{}, }, }, "sqs": service{ - - Endpoints: endpoints{ - "us-iso-east-1": endpoint{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-iso-east-1", + }: endpoint{ Protocols: []string{"http", "https"}, }, + endpointKey{ + Region: "us-iso-west-1", + }: endpoint{}, + }, + }, + "ssm": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-iso-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-iso-west-1", + }: endpoint{}, }, }, "states": service{ - - Endpoints: endpoints{ - "us-iso-east-1": endpoint{}, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-iso-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-iso-west-1", + }: endpoint{}, }, }, "streams.dynamodb": service{ - Defaults: endpoint{ - Protocols: []string{"http", "https"}, - CredentialScope: credentialScope{ - Service: "dynamodb", + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + CredentialScope: credentialScope{ + Service: "dynamodb", + }, }, }, - Endpoints: endpoints{ - "us-iso-east-1": endpoint{ - Protocols: []string{"http", "https"}, - }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-iso-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-iso-west-1", + }: endpoint{}, }, }, "sts": service{ - - Endpoints: endpoints{ - "us-iso-east-1": endpoint{}, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-iso-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-iso-west-1", + }: endpoint{}, }, }, "support": service{ PartitionEndpoint: "aws-iso-global", - - Endpoints: endpoints{ - "aws-iso-global": endpoint{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "aws-iso-global", + }: endpoint{ Hostname: "support.us-iso-east-1.c2s.ic.gov", CredentialScope: credentialScope{ Region: "us-iso-east-1", @@ -9722,38 +44899,82 @@ var awsisoPartition = partition{ }, }, }, - "swf": service{ - - Endpoints: endpoints{ - "us-iso-east-1": endpoint{}, + "swf": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-iso-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-iso-west-1", + }: endpoint{}, + }, + }, + "synthetics": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-iso-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-iso-west-1", + }: endpoint{}, + }, + }, + "tagging": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-iso-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-iso-west-1", + }: endpoint{}, + }, + }, + "textract": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-iso-east-1", + }: endpoint{}, }, }, "transcribe": service{ - Defaults: endpoint{ - Protocols: []string{"https"}, + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + Protocols: []string{"https"}, + }, }, - Endpoints: endpoints{ - "us-iso-east-1": endpoint{}, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-iso-east-1", + }: endpoint{}, }, }, "transcribestreaming": service{ - - Endpoints: endpoints{ - "us-iso-east-1": endpoint{}, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-iso-east-1", + }: endpoint{}, }, }, "translate": service{ - Defaults: endpoint{ - Protocols: []string{"https"}, + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + Protocols: []string{"https"}, + }, }, - Endpoints: endpoints{ - "us-iso-east-1": endpoint{}, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-iso-east-1", + }: endpoint{}, }, }, "workspaces": service{ - - Endpoints: endpoints{ - "us-iso-east-1": endpoint{}, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-iso-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-iso-west-1", + }: endpoint{}, }, }, }, @@ -9774,10 +44995,20 @@ var awsisobPartition = partition{ return reg }(), }, - Defaults: endpoint{ - Hostname: "{service}.{region}.{dnsSuffix}", - Protocols: []string{"https"}, - SignatureVersions: []string{"v4"}, + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + Hostname: "{service}.{region}.{dnsSuffix}", + Protocols: []string{"https"}, + SignatureVersions: []string{"v4"}, + }, + defaultKey{ + Variant: fipsVariant, + }: endpoint{ + Hostname: "{service}-fips.{region}.{dnsSuffix}", + DNSSuffix: "sc2s.sgov.gov", + Protocols: []string{"https"}, + SignatureVersions: []string{"v4"}, + }, }, Regions: regions{ "us-isob-east-1": region{ @@ -9786,9 +45017,10 @@ var awsisobPartition = partition{ }, Services: services{ "api.ecr": service{ - - Endpoints: endpoints{ - "us-isob-east-1": endpoint{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-isob-east-1", + }: endpoint{ Hostname: "api.ecr.us-isob-east-1.sc2s.sgov.gov", CredentialScope: credentialScope{ Region: "us-isob-east-1", @@ -9796,147 +45028,330 @@ var awsisobPartition = partition{ }, }, }, + "api.pricing": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + CredentialScope: credentialScope{ + Service: "pricing", + }, + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-isob-east-1", + }: endpoint{}, + }, + }, + "api.sagemaker": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-isob-east-1", + }: endpoint{}, + }, + }, + "appconfig": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-isob-east-1", + }: endpoint{}, + }, + }, + "appconfigdata": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-isob-east-1", + }: endpoint{}, + }, + }, "application-autoscaling": service{ - Defaults: endpoint{ - Protocols: []string{"http", "https"}, + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + Protocols: []string{"http", "https"}, + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-isob-east-1", + }: endpoint{}, }, - Endpoints: endpoints{ - "us-isob-east-1": endpoint{}, + }, + "arc-zonal-shift": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-isob-east-1", + }: endpoint{}, }, }, "autoscaling": service{ - Defaults: endpoint{ - Protocols: []string{"http", "https"}, + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + Protocols: []string{"http", "https"}, + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-isob-east-1", + }: endpoint{}, }, - Endpoints: endpoints{ - "us-isob-east-1": endpoint{}, + }, + "cloudcontrolapi": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-isob-east-1", + }: endpoint{}, }, }, "cloudformation": service{ - - Endpoints: endpoints{ - "us-isob-east-1": endpoint{}, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-isob-east-1", + }: endpoint{}, }, }, "cloudtrail": service{ - - Endpoints: endpoints{ - "us-isob-east-1": endpoint{}, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-isob-east-1", + }: endpoint{}, }, }, "codedeploy": service{ - - Endpoints: endpoints{ - "us-isob-east-1": endpoint{}, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-isob-east-1", + }: endpoint{}, }, }, "config": service{ - - Endpoints: endpoints{ - "us-isob-east-1": endpoint{}, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-isob-east-1", + }: endpoint{}, }, }, "directconnect": service{ - - Endpoints: endpoints{ - "us-isob-east-1": endpoint{}, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-isob-east-1", + }: endpoint{}, + }, + }, + "dlm": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-isob-east-1", + }: endpoint{}, }, }, "dms": service{ - - Endpoints: endpoints{ - "dms-fips": endpoint{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{}, + defaultKey{ + Variant: fipsVariant, + }: endpoint{ + Hostname: "dms.{region}.{dnsSuffix}", + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "dms", + }: endpoint{ + CredentialScope: credentialScope{ + Region: "us-isob-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "dms", + Variant: fipsVariant, + }: endpoint{ + Hostname: "dms.us-isob-east-1.sc2s.sgov.gov", + CredentialScope: credentialScope{ + Region: "us-isob-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "dms-fips", + }: endpoint{ Hostname: "dms.us-isob-east-1.sc2s.sgov.gov", CredentialScope: credentialScope{ Region: "us-isob-east-1", }, + Deprecated: boxedTrue, }, - "us-isob-east-1": endpoint{}, + endpointKey{ + Region: "us-isob-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-isob-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "dms.us-isob-east-1.sc2s.sgov.gov", + }, + endpointKey{ + Region: "us-isob-east-1-fips", + }: endpoint{ + Hostname: "dms.us-isob-east-1.sc2s.sgov.gov", + CredentialScope: credentialScope{ + Region: "us-isob-east-1", + }, + Deprecated: boxedTrue, + }, + }, + }, + "ds": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-isob-east-1", + }: endpoint{}, }, }, "dynamodb": service{ - Defaults: endpoint{ - Protocols: []string{"http", "https"}, + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + Protocols: []string{"http", "https"}, + }, }, - Endpoints: endpoints{ - "us-isob-east-1": endpoint{}, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-isob-east-1", + }: endpoint{}, }, }, - "ec2": service{ - Defaults: endpoint{ - Protocols: []string{"http", "https"}, - }, - Endpoints: endpoints{ - "us-isob-east-1": endpoint{}, + "ebs": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-isob-east-1", + }: endpoint{}, }, }, - "ec2metadata": service{ - PartitionEndpoint: "aws-global", - IsRegionalized: boxedFalse, - - Endpoints: endpoints{ - "aws-global": endpoint{ - Hostname: "169.254.169.254/latest", - Protocols: []string{"http"}, + "ec2": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + Protocols: []string{"http", "https"}, }, }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-isob-east-1", + }: endpoint{}, + }, }, "ecs": service{ - - Endpoints: endpoints{ - "us-isob-east-1": endpoint{}, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-isob-east-1", + }: endpoint{}, + }, + }, + "eks": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + Protocols: []string{"http", "https"}, + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-isob-east-1", + }: endpoint{}, }, }, "elasticache": service{ - - Endpoints: endpoints{ - "us-isob-east-1": endpoint{}, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-isob-east-1", + }: endpoint{}, + }, + }, + "elasticfilesystem": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-isob-east-1", + }: endpoint{ + Hostname: "elasticfilesystem-fips.us-isob-east-1.sc2s.sgov.gov", + CredentialScope: credentialScope{ + Region: "us-isob-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-isob-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-isob-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "elasticfilesystem-fips.us-isob-east-1.sc2s.sgov.gov", + }, }, }, "elasticloadbalancing": service{ - - Endpoints: endpoints{ - "us-isob-east-1": endpoint{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-isob-east-1", + }: endpoint{ Protocols: []string{"https"}, }, }, }, "elasticmapreduce": service{ - - Endpoints: endpoints{ - "us-isob-east-1": endpoint{}, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-isob-east-1", + }: endpoint{ + Hostname: "elasticmapreduce.us-isob-east-1.sc2s.sgov.gov", + CredentialScope: credentialScope{ + Region: "us-isob-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-isob-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-isob-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "elasticmapreduce.us-isob-east-1.sc2s.sgov.gov", + }, }, }, "es": service{ - - Endpoints: endpoints{ - "us-isob-east-1": endpoint{}, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-isob-east-1", + }: endpoint{}, }, }, "events": service{ - - Endpoints: endpoints{ - "us-isob-east-1": endpoint{}, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-isob-east-1", + }: endpoint{}, }, }, "glacier": service{ - - Endpoints: endpoints{ - "us-isob-east-1": endpoint{}, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-isob-east-1", + }: endpoint{}, }, }, "health": service{ - - Endpoints: endpoints{ - "us-isob-east-1": endpoint{}, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-isob-east-1", + }: endpoint{}, }, }, "iam": service{ PartitionEndpoint: "aws-iso-b-global", IsRegionalized: boxedFalse, - - Endpoints: endpoints{ - "aws-iso-b-global": endpoint{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "aws-iso-b-global", + }: endpoint{ Hostname: "iam.us-isob-east-1.sc2s.sgov.gov", CredentialScope: credentialScope{ Region: "us-isob-east-1", @@ -9945,125 +45360,395 @@ var awsisobPartition = partition{ }, }, "kinesis": service{ - - Endpoints: endpoints{ - "us-isob-east-1": endpoint{}, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-isob-east-1", + }: endpoint{}, }, }, "kms": service{ - - Endpoints: endpoints{ - "ProdFips": endpoint{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "ProdFips", + }: endpoint{ + Hostname: "kms-fips.us-isob-east-1.sc2s.sgov.gov", + CredentialScope: credentialScope{ + Region: "us-isob-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-isob-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-isob-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "kms-fips.us-isob-east-1.sc2s.sgov.gov", + }, + endpointKey{ + Region: "us-isob-east-1-fips", + }: endpoint{ Hostname: "kms-fips.us-isob-east-1.sc2s.sgov.gov", CredentialScope: credentialScope{ Region: "us-isob-east-1", }, + Deprecated: boxedTrue, }, - "us-isob-east-1": endpoint{}, }, }, "lambda": service{ - - Endpoints: endpoints{ - "us-isob-east-1": endpoint{}, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-isob-east-1", + }: endpoint{}, }, }, "license-manager": service{ - - Endpoints: endpoints{ - "us-isob-east-1": endpoint{}, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-isob-east-1", + }: endpoint{}, }, }, "logs": service{ - - Endpoints: endpoints{ - "us-isob-east-1": endpoint{}, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-isob-east-1", + }: endpoint{}, + }, + }, + "metering.marketplace": service{ + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + CredentialScope: credentialScope{ + Service: "aws-marketplace", + }, + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-isob-east-1", + }: endpoint{}, + }, + }, + "metrics.sagemaker": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-isob-east-1", + }: endpoint{}, }, }, "monitoring": service{ - - Endpoints: endpoints{ - "us-isob-east-1": endpoint{}, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-isob-east-1", + }: endpoint{}, + }, + }, + "outposts": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-isob-east-1", + }: endpoint{}, + }, + }, + "ram": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-isob-east-1", + }: endpoint{ + Hostname: "ram-fips.us-isob-east-1.sc2s.sgov.gov", + CredentialScope: credentialScope{ + Region: "us-isob-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-isob-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-isob-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "ram-fips.us-isob-east-1.sc2s.sgov.gov", + }, + }, + }, + "rbin": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-isob-east-1", + }: endpoint{ + Hostname: "rbin-fips.us-isob-east-1.sc2s.sgov.gov", + CredentialScope: credentialScope{ + Region: "us-isob-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-isob-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-isob-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "rbin-fips.us-isob-east-1.sc2s.sgov.gov", + }, }, }, "rds": service{ - - Endpoints: endpoints{ - "us-isob-east-1": endpoint{}, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "rds-fips.us-isob-east-1", + }: endpoint{ + Hostname: "rds-fips.us-isob-east-1.sc2s.sgov.gov", + CredentialScope: credentialScope{ + Region: "us-isob-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "rds.us-isob-east-1", + }: endpoint{ + CredentialScope: credentialScope{ + Region: "us-isob-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "rds.us-isob-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "rds-fips.us-isob-east-1.sc2s.sgov.gov", + CredentialScope: credentialScope{ + Region: "us-isob-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-isob-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-isob-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "rds-fips.us-isob-east-1.sc2s.sgov.gov", + }, + endpointKey{ + Region: "us-isob-east-1-fips", + }: endpoint{ + Hostname: "rds-fips.us-isob-east-1.sc2s.sgov.gov", + CredentialScope: credentialScope{ + Region: "us-isob-east-1", + }, + Deprecated: boxedTrue, + }, }, }, "redshift": service{ - - Endpoints: endpoints{ - "us-isob-east-1": endpoint{}, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-isob-east-1", + }: endpoint{ + Hostname: "redshift-fips.us-isob-east-1.sc2s.sgov.gov", + CredentialScope: credentialScope{ + Region: "us-isob-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-isob-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-isob-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "redshift-fips.us-isob-east-1.sc2s.sgov.gov", + }, + }, + }, + "resource-groups": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-isob-east-1", + }: endpoint{}, + }, + }, + "route53": service{ + PartitionEndpoint: "aws-iso-b-global", + IsRegionalized: boxedFalse, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "aws-iso-b-global", + }: endpoint{ + Hostname: "route53.sc2s.sgov.gov", + CredentialScope: credentialScope{ + Region: "us-isob-east-1", + }, + }, + }, + }, + "route53resolver": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-isob-east-1", + }: endpoint{}, + }, + }, + "runtime.sagemaker": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-isob-east-1", + }: endpoint{}, }, }, "s3": service{ - Defaults: endpoint{ - Protocols: []string{"http", "https"}, - SignatureVersions: []string{"s3v4"}, + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + Protocols: []string{"http", "https"}, + SignatureVersions: []string{"s3v4"}, + }, + }, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips-us-isob-east-1", + }: endpoint{ + Hostname: "s3-fips.us-isob-east-1.sc2s.sgov.gov", + CredentialScope: credentialScope{ + Region: "us-isob-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-isob-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-isob-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "s3-fips.us-isob-east-1.sc2s.sgov.gov", + }, + endpointKey{ + Region: "us-isob-east-1", + Variant: fipsVariant | dualStackVariant, + }: endpoint{ + Hostname: "s3-fips.dualstack.us-isob-east-1.sc2s.sgov.gov", + }, }, - Endpoints: endpoints{ - "us-isob-east-1": endpoint{}, + }, + "secretsmanager": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-isob-east-1", + }: endpoint{}, }, }, "snowball": service{ - - Endpoints: endpoints{ - "us-isob-east-1": endpoint{}, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-isob-east-1", + }: endpoint{}, }, }, "sns": service{ - Defaults: endpoint{ - Protocols: []string{"http", "https"}, + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + Protocols: []string{"http", "https"}, + }, }, - Endpoints: endpoints{ - "us-isob-east-1": endpoint{}, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-isob-east-1", + }: endpoint{}, }, }, "sqs": service{ - Defaults: endpoint{ - SSLCommonName: "{region}.queue.{dnsSuffix}", - Protocols: []string{"http", "https"}, + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + SSLCommonName: "{region}.queue.{dnsSuffix}", + Protocols: []string{"http", "https"}, + }, }, - Endpoints: endpoints{ - "us-isob-east-1": endpoint{}, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-isob-east-1", + }: endpoint{}, }, }, "ssm": service{ - - Endpoints: endpoints{ - "us-isob-east-1": endpoint{}, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-isob-east-1", + }: endpoint{}, }, }, "states": service{ - - Endpoints: endpoints{ - "us-isob-east-1": endpoint{}, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-isob-east-1", + }: endpoint{}, + }, + }, + "storagegateway": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "fips", + }: endpoint{ + Hostname: "storagegateway-fips.us-isob-east-1.sc2s.sgov.gov", + CredentialScope: credentialScope{ + Region: "us-isob-east-1", + }, + Deprecated: boxedTrue, + }, + endpointKey{ + Region: "us-isob-east-1", + }: endpoint{}, + endpointKey{ + Region: "us-isob-east-1", + Variant: fipsVariant, + }: endpoint{ + Hostname: "storagegateway-fips.us-isob-east-1.sc2s.sgov.gov", + }, + endpointKey{ + Region: "us-isob-east-1-fips", + }: endpoint{ + Hostname: "storagegateway-fips.us-isob-east-1.sc2s.sgov.gov", + CredentialScope: credentialScope{ + Region: "us-isob-east-1", + }, + Deprecated: boxedTrue, + }, }, }, "streams.dynamodb": service{ - Defaults: endpoint{ - Protocols: []string{"http", "https"}, - CredentialScope: credentialScope{ - Service: "dynamodb", + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + Protocols: []string{"http", "https"}, + CredentialScope: credentialScope{ + Service: "dynamodb", + }, }, }, - Endpoints: endpoints{ - "us-isob-east-1": endpoint{}, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-isob-east-1", + }: endpoint{}, }, }, "sts": service{ - - Endpoints: endpoints{ - "us-isob-east-1": endpoint{}, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-isob-east-1", + }: endpoint{}, }, }, "support": service{ PartitionEndpoint: "aws-iso-b-global", - - Endpoints: endpoints{ - "aws-iso-b-global": endpoint{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "aws-iso-b-global", + }: endpoint{ Hostname: "support.us-isob-east-1.sc2s.sgov.gov", CredentialScope: credentialScope{ Region: "us-isob-east-1", @@ -10072,10 +45757,100 @@ var awsisobPartition = partition{ }, }, "swf": service{ - - Endpoints: endpoints{ - "us-isob-east-1": endpoint{}, + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-isob-east-1", + }: endpoint{}, + }, + }, + "synthetics": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-isob-east-1", + }: endpoint{}, + }, + }, + "tagging": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-isob-east-1", + }: endpoint{}, + }, + }, + "workspaces": service{ + Endpoints: serviceEndpoints{ + endpointKey{ + Region: "us-isob-east-1", + }: endpoint{}, }, }, }, } + +// AwsIsoEPartition returns the Resolver for AWS ISOE (Europe). +func AwsIsoEPartition() Partition { + return awsisoePartition.Partition() +} + +var awsisoePartition = partition{ + ID: "aws-iso-e", + Name: "AWS ISOE (Europe)", + DNSSuffix: "cloud.adc-e.uk", + RegionRegex: regionRegex{ + Regexp: func() *regexp.Regexp { + reg, _ := regexp.Compile("^eu\\-isoe\\-\\w+\\-\\d+$") + return reg + }(), + }, + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + Hostname: "{service}.{region}.{dnsSuffix}", + Protocols: []string{"https"}, + SignatureVersions: []string{"v4"}, + }, + defaultKey{ + Variant: fipsVariant, + }: endpoint{ + Hostname: "{service}-fips.{region}.{dnsSuffix}", + DNSSuffix: "cloud.adc-e.uk", + Protocols: []string{"https"}, + SignatureVersions: []string{"v4"}, + }, + }, + Regions: regions{}, + Services: services{}, +} + +// AwsIsoFPartition returns the Resolver for AWS ISOF. +func AwsIsoFPartition() Partition { + return awsisofPartition.Partition() +} + +var awsisofPartition = partition{ + ID: "aws-iso-f", + Name: "AWS ISOF", + DNSSuffix: "csp.hci.ic.gov", + RegionRegex: regionRegex{ + Regexp: func() *regexp.Regexp { + reg, _ := regexp.Compile("^us\\-isof\\-\\w+\\-\\d+$") + return reg + }(), + }, + Defaults: endpointDefaults{ + defaultKey{}: endpoint{ + Hostname: "{service}.{region}.{dnsSuffix}", + Protocols: []string{"https"}, + SignatureVersions: []string{"v4"}, + }, + defaultKey{ + Variant: fipsVariant, + }: endpoint{ + Hostname: "{service}-fips.{region}.{dnsSuffix}", + DNSSuffix: "csp.hci.ic.gov", + Protocols: []string{"https"}, + SignatureVersions: []string{"v4"}, + }, + }, + Regions: regions{}, + Services: services{}, +} diff --git a/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/endpoints/doc.go b/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/endpoints/doc.go index 84316b92c05..66dec6bebf0 100644 --- a/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/endpoints/doc.go +++ b/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/endpoints/doc.go @@ -9,7 +9,7 @@ // AWS GovCloud (US) (aws-us-gov). // . // -// Enumerating Regions and Endpoint Metadata +// # Enumerating Regions and Endpoint Metadata // // Casting the Resolver returned by DefaultResolver to a EnumPartitions interface // will allow you to get access to the list of underlying Partitions with the @@ -17,22 +17,22 @@ // resolving to a single partition, or enumerate regions, services, and endpoints // in the partition. // -// resolver := endpoints.DefaultResolver() -// partitions := resolver.(endpoints.EnumPartitions).Partitions() +// resolver := endpoints.DefaultResolver() +// partitions := resolver.(endpoints.EnumPartitions).Partitions() // -// for _, p := range partitions { -// fmt.Println("Regions for", p.ID()) -// for id, _ := range p.Regions() { -// fmt.Println("*", id) -// } +// for _, p := range partitions { +// fmt.Println("Regions for", p.ID()) +// for id, _ := range p.Regions() { +// fmt.Println("*", id) +// } // -// fmt.Println("Services for", p.ID()) -// for id, _ := range p.Services() { -// fmt.Println("*", id) -// } -// } +// fmt.Println("Services for", p.ID()) +// for id, _ := range p.Services() { +// fmt.Println("*", id) +// } +// } // -// Using Custom Endpoints +// # Using Custom Endpoints // // The endpoints package also gives you the ability to use your own logic how // endpoints are resolved. This is a great way to define a custom endpoint @@ -47,20 +47,19 @@ // of Resolver.EndpointFor, converting it to a type that satisfies the // Resolver interface. // +// myCustomResolver := func(service, region string, optFns ...func(*endpoints.Options)) (endpoints.ResolvedEndpoint, error) { +// if service == endpoints.S3ServiceID { +// return endpoints.ResolvedEndpoint{ +// URL: "s3.custom.endpoint.com", +// SigningRegion: "custom-signing-region", +// }, nil +// } // -// myCustomResolver := func(service, region string, optFns ...func(*endpoints.Options)) (endpoints.ResolvedEndpoint, error) { -// if service == endpoints.S3ServiceID { -// return endpoints.ResolvedEndpoint{ -// URL: "s3.custom.endpoint.com", -// SigningRegion: "custom-signing-region", -// }, nil -// } +// return endpoints.DefaultResolver().EndpointFor(service, region, optFns...) +// } // -// return endpoints.DefaultResolver().EndpointFor(service, region, optFns...) -// } -// -// sess := session.Must(session.NewSession(&aws.Config{ -// Region: aws.String("us-west-2"), -// EndpointResolver: endpoints.ResolverFunc(myCustomResolver), -// })) +// sess := session.Must(session.NewSession(&aws.Config{ +// Region: aws.String("us-west-2"), +// EndpointResolver: endpoints.ResolverFunc(myCustomResolver), +// })) package endpoints diff --git a/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/endpoints/endpoints.go b/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/endpoints/endpoints.go index ca956e5f12a..a686a48fa27 100644 --- a/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/endpoints/endpoints.go +++ b/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/endpoints/endpoints.go @@ -8,6 +8,41 @@ import ( "github.com/aws/aws-sdk-go/aws/awserr" ) +// A Logger is a minimalistic interface for the SDK to log messages to. +type Logger interface { + Log(...interface{}) +} + +// DualStackEndpointState is a constant to describe the dual-stack endpoint resolution +// behavior. +type DualStackEndpointState uint + +const ( + // DualStackEndpointStateUnset is the default value behavior for dual-stack endpoint + // resolution. + DualStackEndpointStateUnset DualStackEndpointState = iota + + // DualStackEndpointStateEnabled enable dual-stack endpoint resolution for endpoints. + DualStackEndpointStateEnabled + + // DualStackEndpointStateDisabled disables dual-stack endpoint resolution for endpoints. + DualStackEndpointStateDisabled +) + +// FIPSEndpointState is a constant to describe the FIPS endpoint resolution behavior. +type FIPSEndpointState uint + +const ( + // FIPSEndpointStateUnset is the default value behavior for FIPS endpoint resolution. + FIPSEndpointStateUnset FIPSEndpointState = iota + + // FIPSEndpointStateEnabled enables FIPS endpoint resolution for service endpoints. + FIPSEndpointStateEnabled + + // FIPSEndpointStateDisabled disables FIPS endpoint resolution for endpoints. + FIPSEndpointStateDisabled +) + // Options provide the configuration needed to direct how the // endpoints will be resolved. type Options struct { @@ -21,8 +56,19 @@ type Options struct { // be returned. This endpoint may not be valid. If StrictMatching is // enabled only services that are known to support dualstack will return // dualstack endpoints. + // + // Deprecated: This option will continue to function for S3 and S3 Control for backwards compatibility. + // UseDualStackEndpoint should be used to enable usage of a service's dual-stack endpoint for all service clients + // moving forward. For S3 and S3 Control, when UseDualStackEndpoint is set to a non-zero value it takes higher + // precedence then this option. UseDualStack bool + // Sets the resolver to resolve a dual-stack endpoint for the service. + UseDualStackEndpoint DualStackEndpointState + + // UseFIPSEndpoint specifies the resolver must resolve a FIPS endpoint. + UseFIPSEndpoint FIPSEndpointState + // Enables strict matching of services and regions resolved endpoints. // If the partition doesn't enumerate the exact service and region an // error will be returned. This option will prevent returning endpoints @@ -48,11 +94,65 @@ type Options struct { // This option is ignored if StrictMatching is enabled. ResolveUnknownService bool + // Specifies the EC2 Instance Metadata Service default endpoint selection mode (IPv4 or IPv6) + EC2MetadataEndpointMode EC2IMDSEndpointModeState + // STS Regional Endpoint flag helps with resolving the STS endpoint STSRegionalEndpoint STSRegionalEndpoint // S3 Regional Endpoint flag helps with resolving the S3 endpoint S3UsEast1RegionalEndpoint S3UsEast1RegionalEndpoint + + // ResolvedRegion is the resolved region string. If provided (non-zero length) it takes priority + // over the region name passed to the ResolveEndpoint call. + ResolvedRegion string + + // Logger is the logger that will be used to log messages. + Logger Logger + + // Determines whether logging of deprecated endpoints usage is enabled. + LogDeprecated bool +} + +func (o Options) getEndpointVariant(service string) (v endpointVariant) { + const s3 = "s3" + const s3Control = "s3-control" + + if (o.UseDualStackEndpoint == DualStackEndpointStateEnabled) || + ((service == s3 || service == s3Control) && (o.UseDualStackEndpoint == DualStackEndpointStateUnset && o.UseDualStack)) { + v |= dualStackVariant + } + if o.UseFIPSEndpoint == FIPSEndpointStateEnabled { + v |= fipsVariant + } + return v +} + +// EC2IMDSEndpointModeState is an enum configuration variable describing the client endpoint mode. +type EC2IMDSEndpointModeState uint + +// Enumeration values for EC2IMDSEndpointModeState +const ( + EC2IMDSEndpointModeStateUnset EC2IMDSEndpointModeState = iota + EC2IMDSEndpointModeStateIPv4 + EC2IMDSEndpointModeStateIPv6 +) + +// SetFromString sets the EC2IMDSEndpointModeState based on the provided string value. Unknown values will default to EC2IMDSEndpointModeStateUnset +func (e *EC2IMDSEndpointModeState) SetFromString(v string) error { + v = strings.TrimSpace(v) + + switch { + case len(v) == 0: + *e = EC2IMDSEndpointModeStateUnset + case strings.EqualFold(v, "IPv6"): + *e = EC2IMDSEndpointModeStateIPv6 + case strings.EqualFold(v, "IPv4"): + *e = EC2IMDSEndpointModeStateIPv4 + default: + return fmt.Errorf("unknown EC2 IMDS endpoint mode, must be either IPv6 or IPv4") + } + return nil } // STSRegionalEndpoint is an enum for the states of the STS Regional Endpoint @@ -166,10 +266,25 @@ func DisableSSLOption(o *Options) { // UseDualStackOption sets the UseDualStack option. Can be used as a functional // option when resolving endpoints. +// +// Deprecated: UseDualStackEndpointOption should be used to enable usage of a service's dual-stack endpoint. +// When DualStackEndpointState is set to a non-zero value it takes higher precedence then this option. func UseDualStackOption(o *Options) { o.UseDualStack = true } +// UseDualStackEndpointOption sets the UseDualStackEndpoint option to enabled. Can be used as a functional +// option when resolving endpoints. +func UseDualStackEndpointOption(o *Options) { + o.UseDualStackEndpoint = DualStackEndpointStateEnabled +} + +// UseFIPSEndpointOption sets the UseFIPSEndpoint option to enabled. Can be used as a functional +// option when resolving endpoints. +func UseFIPSEndpointOption(o *Options) { + o.UseFIPSEndpoint = FIPSEndpointStateEnabled +} + // StrictMatchingOption sets the StrictMatching option. Can be used as a functional // option when resolving endpoints. func StrictMatchingOption(o *Options) { @@ -238,16 +353,18 @@ type EnumPartitions interface { // as the second parameter. // // This example shows how to get the regions for DynamoDB in the AWS partition. -// rs, exists := endpoints.RegionsForService(endpoints.DefaultPartitions(), endpoints.AwsPartitionID, endpoints.DynamodbServiceID) +// +// rs, exists := endpoints.RegionsForService(endpoints.DefaultPartitions(), endpoints.AwsPartitionID, endpoints.DynamodbServiceID) // // This is equivalent to using the partition directly. -// rs := endpoints.AwsPartition().Services()[endpoints.DynamodbServiceID].Regions() +// +// rs := endpoints.AwsPartition().Services()[endpoints.DynamodbServiceID].Regions() func RegionsForService(ps []Partition, partitionID, serviceID string) (map[string]Region, bool) { for _, p := range ps { if p.ID() != partitionID { continue } - if _, ok := p.p.Services[serviceID]; !ok { + if _, ok := p.p.Services[serviceID]; !(ok || serviceID == Ec2metadataServiceID) { break } @@ -308,8 +425,8 @@ func (p Partition) ID() string { return p.id } // of new regions and services expansions. // // Errors that can be returned. -// * UnknownServiceError -// * UnknownEndpointError +// - UnknownServiceError +// - UnknownEndpointError func (p Partition) EndpointFor(service, region string, opts ...func(*Options)) (ResolvedEndpoint, error) { return p.p.EndpointFor(service, region, opts...) } @@ -333,6 +450,7 @@ func (p Partition) Regions() map[string]Region { // enumerating over the services in a partition. func (p Partition) Services() map[string]Service { ss := make(map[string]Service, len(p.p.Services)) + for id := range p.p.Services { ss[id] = Service{ id: id, @@ -340,6 +458,15 @@ func (p Partition) Services() map[string]Service { } } + // Since we have removed the customization that injected this into the model + // we still need to pretend that this is a modeled service. + if _, ok := ss[Ec2metadataServiceID]; !ok { + ss[Ec2metadataServiceID] = Service{ + id: Ec2metadataServiceID, + p: p.p, + } + } + return ss } @@ -367,7 +494,7 @@ func (r Region) ResolveEndpoint(service string, opts ...func(*Options)) (Resolve func (r Region) Services() map[string]Service { ss := map[string]Service{} for id, s := range r.p.Services { - if _, ok := s.Endpoints[r.id]; ok { + if _, ok := s.Endpoints[endpointKey{Region: r.id}]; ok { ss[id] = Service{ id: id, p: r.p, @@ -400,10 +527,24 @@ func (s Service) ResolveEndpoint(region string, opts ...func(*Options)) (Resolve // an URL that can be resolved to a instance of a service. func (s Service) Regions() map[string]Region { rs := map[string]Region{} - for id := range s.p.Services[s.id].Endpoints { - if r, ok := s.p.Regions[id]; ok { - rs[id] = Region{ - id: id, + + service, ok := s.p.Services[s.id] + + // Since ec2metadata customization has been removed we need to check + // if it was defined in non-standard endpoints.json file. If it's not + // then we can return the empty map as there is no regional-endpoints for IMDS. + // Otherwise, we iterate need to iterate the non-standard model. + if s.id == Ec2metadataServiceID && !ok { + return rs + } + + for id := range service.Endpoints { + if id.Variant != 0 { + continue + } + if r, ok := s.p.Regions[id.Region]; ok { + rs[id.Region] = Region{ + id: id.Region, desc: r.Description, p: s.p, } @@ -421,8 +562,11 @@ func (s Service) Regions() map[string]Region { func (s Service) Endpoints() map[string]Endpoint { es := make(map[string]Endpoint, len(s.p.Services[s.id].Endpoints)) for id := range s.p.Services[s.id].Endpoints { - es[id] = Endpoint{ - id: id, + if id.Variant != 0 { + continue + } + es[id.Region] = Endpoint{ + id: id.Region, serviceID: s.id, p: s.p, } diff --git a/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/endpoints/v3model.go b/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/endpoints/v3model.go index 773613722f4..89f6627dc62 100644 --- a/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/endpoints/v3model.go +++ b/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/endpoints/v3model.go @@ -1,12 +1,46 @@ package endpoints import ( + "encoding/json" "fmt" "regexp" "strconv" "strings" ) +const ( + ec2MetadataEndpointIPv6 = "http://[fd00:ec2::254]/latest" + ec2MetadataEndpointIPv4 = "http://169.254.169.254/latest" +) + +const dnsSuffixTemplateKey = "{dnsSuffix}" + +// defaultKey is a compound map key of a variant and other values. +type defaultKey struct { + Variant endpointVariant + ServiceVariant serviceVariant +} + +// endpointKey is a compound map key of a region and associated variant value. +type endpointKey struct { + Region string + Variant endpointVariant +} + +// endpointVariant is a bit field to describe the endpoints attributes. +type endpointVariant uint64 + +// serviceVariant is a bit field to describe the service endpoint attributes. +type serviceVariant uint64 + +const ( + // fipsVariant indicates that the endpoint is FIPS capable. + fipsVariant endpointVariant = 1 << (64 - 1 - iota) + + // dualStackVariant indicates that the endpoint is DualStack capable. + dualStackVariant +) + var regionValidationRegex = regexp.MustCompile(`^[[:alnum:]]([[:alnum:]\-]*[[:alnum:]])?$`) type partitions []partition @@ -15,8 +49,12 @@ func (ps partitions) EndpointFor(service, region string, opts ...func(*Options)) var opt Options opt.Set(opts...) + if len(opt.ResolvedRegion) > 0 { + region = opt.ResolvedRegion + } + for i := 0; i < len(ps); i++ { - if !ps[i].canResolveEndpoint(service, region, opt.StrictMatching) { + if !ps[i].canResolveEndpoint(service, region, opt) { continue } @@ -44,14 +82,76 @@ func (ps partitions) Partitions() []Partition { return parts } +type endpointWithVariants struct { + endpoint + Variants []endpointWithTags `json:"variants"` +} + +type endpointWithTags struct { + endpoint + Tags []string `json:"tags"` +} + +type endpointDefaults map[defaultKey]endpoint + +func (p *endpointDefaults) UnmarshalJSON(data []byte) error { + if *p == nil { + *p = make(endpointDefaults) + } + + var e endpointWithVariants + if err := json.Unmarshal(data, &e); err != nil { + return err + } + + (*p)[defaultKey{Variant: 0}] = e.endpoint + + e.Hostname = "" + e.DNSSuffix = "" + + for _, variant := range e.Variants { + endpointVariant, unknown := parseVariantTags(variant.Tags) + if unknown { + continue + } + + var ve endpoint + ve.mergeIn(e.endpoint) + ve.mergeIn(variant.endpoint) + + (*p)[defaultKey{Variant: endpointVariant}] = ve + } + + return nil +} + +func parseVariantTags(tags []string) (ev endpointVariant, unknown bool) { + if len(tags) == 0 { + unknown = true + return + } + + for _, tag := range tags { + switch { + case strings.EqualFold("fips", tag): + ev |= fipsVariant + case strings.EqualFold("dualstack", tag): + ev |= dualStackVariant + default: + unknown = true + } + } + return ev, unknown +} + type partition struct { - ID string `json:"partition"` - Name string `json:"partitionName"` - DNSSuffix string `json:"dnsSuffix"` - RegionRegex regionRegex `json:"regionRegex"` - Defaults endpoint `json:"defaults"` - Regions regions `json:"regions"` - Services services `json:"services"` + ID string `json:"partition"` + Name string `json:"partitionName"` + DNSSuffix string `json:"dnsSuffix"` + RegionRegex regionRegex `json:"regionRegex"` + Defaults endpointDefaults `json:"defaults"` + Regions regions `json:"regions"` + Services services `json:"services"` } func (p partition) Partition() Partition { @@ -62,15 +162,18 @@ func (p partition) Partition() Partition { } } -func (p partition) canResolveEndpoint(service, region string, strictMatch bool) bool { +func (p partition) canResolveEndpoint(service, region string, options Options) bool { s, hasService := p.Services[service] - _, hasEndpoint := s.Endpoints[region] + _, hasEndpoint := s.Endpoints[endpointKey{ + Region: region, + Variant: options.getEndpointVariant(service), + }] if hasEndpoint && hasService { return true } - if strictMatch { + if options.StrictMatching { return false } @@ -101,7 +204,17 @@ func (p partition) EndpointFor(service, region string, opts ...func(*Options)) ( var opt Options opt.Set(opts...) + if len(opt.ResolvedRegion) > 0 { + region = opt.ResolvedRegion + } + s, hasService := p.Services[service] + + if service == Ec2metadataServiceID && !hasService { + endpoint := getEC2MetadataEndpoint(p.ID, service, opt.EC2MetadataEndpointMode) + return endpoint, nil + } + if len(service) == 0 || !(hasService || opt.ResolveUnknownService) { // Only return error if the resolver will not fallback to creating // endpoint based on service endpoint ID passed in. @@ -112,21 +225,94 @@ func (p partition) EndpointFor(service, region string, opts ...func(*Options)) ( region = s.PartitionEndpoint } - if (service == "sts" && opt.STSRegionalEndpoint != RegionalSTSEndpoint) || - (service == "s3" && opt.S3UsEast1RegionalEndpoint != RegionalS3UsEast1Endpoint) { - if _, ok := legacyGlobalRegions[service][region]; ok { - region = "aws-global" + if r, ok := isLegacyGlobalRegion(service, region, opt); ok { + region = r + } + + variant := opt.getEndpointVariant(service) + + endpoints := s.Endpoints + + serviceDefaults, hasServiceDefault := s.Defaults[defaultKey{Variant: variant}] + // If we searched for a variant which may have no explicit service defaults, + // then we need to inherit the standard service defaults except the hostname and dnsSuffix + if variant != 0 && !hasServiceDefault { + serviceDefaults = s.Defaults[defaultKey{}] + serviceDefaults.Hostname = "" + serviceDefaults.DNSSuffix = "" + } + + partitionDefaults, hasPartitionDefault := p.Defaults[defaultKey{Variant: variant}] + + var dnsSuffix string + if len(serviceDefaults.DNSSuffix) > 0 { + dnsSuffix = serviceDefaults.DNSSuffix + } else if variant == 0 { + // For legacy reasons the partition dnsSuffix is not in the defaults, so if we looked for + // a non-variant endpoint then we need to set the dnsSuffix. + dnsSuffix = p.DNSSuffix + } + + noDefaults := !hasServiceDefault && !hasPartitionDefault + + e, hasEndpoint := s.endpointForRegion(region, endpoints, variant) + if len(region) == 0 || (!hasEndpoint && (opt.StrictMatching || noDefaults)) { + return resolved, NewUnknownEndpointError(p.ID, service, region, endpointList(endpoints, variant)) + } + + defs := []endpoint{partitionDefaults, serviceDefaults} + + return e.resolve(service, p.ID, region, dnsSuffixTemplateKey, dnsSuffix, defs, opt) +} + +func getEC2MetadataEndpoint(partitionID, service string, mode EC2IMDSEndpointModeState) ResolvedEndpoint { + switch mode { + case EC2IMDSEndpointModeStateIPv6: + return ResolvedEndpoint{ + URL: ec2MetadataEndpointIPv6, + PartitionID: partitionID, + SigningRegion: "aws-global", + SigningName: service, + SigningNameDerived: true, + SigningMethod: "v4", + } + case EC2IMDSEndpointModeStateIPv4: + fallthrough + default: + return ResolvedEndpoint{ + URL: ec2MetadataEndpointIPv4, + PartitionID: partitionID, + SigningRegion: "aws-global", + SigningName: service, + SigningNameDerived: true, + SigningMethod: "v4", } } +} - e, hasEndpoint := s.endpointForRegion(region) - if len(region) == 0 || (!hasEndpoint && opt.StrictMatching) { - return resolved, NewUnknownEndpointError(p.ID, service, region, endpointList(s.Endpoints)) +func isLegacyGlobalRegion(service string, region string, opt Options) (string, bool) { + if opt.getEndpointVariant(service) != 0 { + return "", false } - defs := []endpoint{p.Defaults, s.Defaults} + const ( + sts = "sts" + s3 = "s3" + awsGlobal = "aws-global" + ) - return e.resolve(service, p.ID, region, p.DNSSuffix, defs, opt) + switch { + case service == sts && opt.STSRegionalEndpoint == RegionalSTSEndpoint: + return region, false + case service == s3 && opt.S3UsEast1RegionalEndpoint == RegionalS3UsEast1Endpoint: + return region, false + default: + if _, ok := legacyGlobalRegions[service][region]; ok { + return awsGlobal, true + } + } + + return region, false } func serviceList(ss services) []string { @@ -136,10 +322,13 @@ func serviceList(ss services) []string { } return list } -func endpointList(es endpoints) []string { +func endpointList(es serviceEndpoints, variant endpointVariant) []string { list := make([]string, 0, len(es)) for k := range es { - list = append(list, k) + if k.Variant != variant { + continue + } + list = append(list, k.Region) } return list } @@ -171,19 +360,19 @@ type region struct { type services map[string]service type service struct { - PartitionEndpoint string `json:"partitionEndpoint"` - IsRegionalized boxedBool `json:"isRegionalized,omitempty"` - Defaults endpoint `json:"defaults"` - Endpoints endpoints `json:"endpoints"` + PartitionEndpoint string `json:"partitionEndpoint"` + IsRegionalized boxedBool `json:"isRegionalized,omitempty"` + Defaults endpointDefaults `json:"defaults"` + Endpoints serviceEndpoints `json:"endpoints"` } -func (s *service) endpointForRegion(region string) (endpoint, bool) { - if s.IsRegionalized == boxedFalse { - return s.Endpoints[s.PartitionEndpoint], region == s.PartitionEndpoint +func (s *service) endpointForRegion(region string, endpoints serviceEndpoints, variant endpointVariant) (endpoint, bool) { + if e, ok := endpoints[endpointKey{Region: region, Variant: variant}]; ok { + return e, true } - if e, ok := s.Endpoints[region]; ok { - return e, true + if s.IsRegionalized == boxedFalse { + return endpoints[endpointKey{Region: s.PartitionEndpoint, Variant: variant}], region == s.PartitionEndpoint } // Unable to find any matching endpoint, return @@ -191,22 +380,73 @@ func (s *service) endpointForRegion(region string) (endpoint, bool) { return endpoint{}, false } -type endpoints map[string]endpoint +type serviceEndpoints map[endpointKey]endpoint + +func (s *serviceEndpoints) UnmarshalJSON(data []byte) error { + if *s == nil { + *s = make(serviceEndpoints) + } + + var regionToEndpoint map[string]endpointWithVariants + + if err := json.Unmarshal(data, ®ionToEndpoint); err != nil { + return err + } + + for region, e := range regionToEndpoint { + (*s)[endpointKey{Region: region}] = e.endpoint + + e.Hostname = "" + e.DNSSuffix = "" + + for _, variant := range e.Variants { + endpointVariant, unknown := parseVariantTags(variant.Tags) + if unknown { + continue + } + + var ve endpoint + ve.mergeIn(e.endpoint) + ve.mergeIn(variant.endpoint) + + (*s)[endpointKey{Region: region, Variant: endpointVariant}] = ve + } + } + + return nil +} type endpoint struct { Hostname string `json:"hostname"` Protocols []string `json:"protocols"` CredentialScope credentialScope `json:"credentialScope"` - // Custom fields not modeled - HasDualStack boxedBool `json:"-"` - DualStackHostname string `json:"-"` + DNSSuffix string `json:"dnsSuffix"` // Signature Version not used SignatureVersions []string `json:"signatureVersions"` // SSLCommonName not used. SSLCommonName string `json:"sslCommonName"` + + Deprecated boxedBool `json:"deprecated"` +} + +// isZero returns whether the endpoint structure is an empty (zero) value. +func (e endpoint) isZero() bool { + switch { + case len(e.Hostname) != 0: + return false + case len(e.Protocols) != 0: + return false + case e.CredentialScope != (credentialScope{}): + return false + case len(e.SignatureVersions) != 0: + return false + case len(e.SSLCommonName) != 0: + return false + } + return true } const ( @@ -235,7 +475,7 @@ func getByPriority(s []string, p []string, def string) string { return s[0] } -func (e endpoint) resolve(service, partitionID, region, dnsSuffix string, defs []endpoint, opts Options) (ResolvedEndpoint, error) { +func (e endpoint) resolve(service, partitionID, region, dnsSuffixTemplateVariable, dnsSuffix string, defs []endpoint, opts Options) (ResolvedEndpoint, error) { var merged endpoint for _, def := range defs { merged.mergeIn(def) @@ -256,23 +496,26 @@ func (e endpoint) resolve(service, partitionID, region, dnsSuffix string, defs [ } hostname := e.Hostname - // Offset the hostname for dualstack if enabled - if opts.UseDualStack && e.HasDualStack == boxedTrue { - hostname = e.DualStackHostname - region = signingRegion - } if !validateInputRegion(region) { return ResolvedEndpoint{}, fmt.Errorf("invalid region identifier format provided") } + if len(merged.DNSSuffix) > 0 { + dnsSuffix = merged.DNSSuffix + } + u := strings.Replace(hostname, "{service}", service, 1) u = strings.Replace(u, "{region}", region, 1) - u = strings.Replace(u, "{dnsSuffix}", dnsSuffix, 1) + u = strings.Replace(u, dnsSuffixTemplateVariable, dnsSuffix, 1) scheme := getEndpointScheme(e.Protocols, opts.DisableSSL) u = fmt.Sprintf("%s://%s", scheme, u) + if e.Deprecated == boxedTrue && opts.LogDeprecated && opts.Logger != nil { + opts.Logger.Log(fmt.Sprintf("endpoint identifier %q, url %q marked as deprecated", region, u)) + } + return ResolvedEndpoint{ URL: u, PartitionID: partitionID, @@ -310,11 +553,11 @@ func (e *endpoint) mergeIn(other endpoint) { if len(other.SSLCommonName) > 0 { e.SSLCommonName = other.SSLCommonName } - if other.HasDualStack != boxedBoolUnset { - e.HasDualStack = other.HasDualStack + if len(other.DNSSuffix) > 0 { + e.DNSSuffix = other.DNSSuffix } - if len(other.DualStackHostname) > 0 { - e.DualStackHostname = other.DualStackHostname + if other.Deprecated != boxedBoolUnset { + e.Deprecated = other.Deprecated } } diff --git a/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/endpoints/v3model_codegen.go b/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/endpoints/v3model_codegen.go index 0fdfcc56e05..84922bca8a7 100644 --- a/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/endpoints/v3model_codegen.go +++ b/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/endpoints/v3model_codegen.go @@ -1,3 +1,4 @@ +//go:build codegen // +build codegen package endpoints @@ -154,18 +155,71 @@ func serviceSet(ps partitions) map[string]struct{} { return set } +func endpointVariantSetter(variant endpointVariant) (string, error) { + if variant == 0 { + return "0", nil + } + + if variant > (fipsVariant | dualStackVariant) { + return "", fmt.Errorf("unknown endpoint variant") + } + + var symbols []string + if variant&fipsVariant != 0 { + symbols = append(symbols, "fipsVariant") + } + if variant&dualStackVariant != 0 { + symbols = append(symbols, "dualStackVariant") + } + v := strings.Join(symbols, "|") + + return v, nil +} + +func endpointKeySetter(e endpointKey) (string, error) { + var sb strings.Builder + sb.WriteString("endpointKey{\n") + sb.WriteString(fmt.Sprintf("Region: %q,\n", e.Region)) + if e.Variant != 0 { + variantSetter, err := endpointVariantSetter(e.Variant) + if err != nil { + return "", err + } + sb.WriteString(fmt.Sprintf("Variant: %s,\n", variantSetter)) + } + sb.WriteString("}") + return sb.String(), nil +} + +func defaultKeySetter(e defaultKey) (string, error) { + var sb strings.Builder + sb.WriteString("defaultKey{\n") + if e.Variant != 0 { + variantSetter, err := endpointVariantSetter(e.Variant) + if err != nil { + return "", err + } + sb.WriteString(fmt.Sprintf("Variant: %s,\n", variantSetter)) + } + sb.WriteString("}") + return sb.String(), nil +} + var funcMap = template.FuncMap{ - "ToSymbol": toSymbol, - "QuoteString": quoteString, - "RegionConst": regionConstName, - "PartitionGetter": partitionGetter, - "PartitionVarName": partitionVarName, - "ListPartitionNames": listPartitionNames, - "BoxedBoolIfSet": boxedBoolIfSet, - "StringIfSet": stringIfSet, - "StringSliceIfSet": stringSliceIfSet, - "EndpointIsSet": endpointIsSet, - "ServicesSet": serviceSet, + "ToSymbol": toSymbol, + "QuoteString": quoteString, + "RegionConst": regionConstName, + "PartitionGetter": partitionGetter, + "PartitionVarName": partitionVarName, + "ListPartitionNames": listPartitionNames, + "BoxedBoolIfSet": boxedBoolIfSet, + "StringIfSet": stringIfSet, + "StringSliceIfSet": stringSliceIfSet, + "EndpointIsSet": endpointIsSet, + "ServicesSet": serviceSet, + "EndpointVariantSetter": endpointVariantSetter, + "EndpointKeySetter": endpointKeySetter, + "DefaultKeySetter": defaultKeySetter, } const v3Tmpl = ` @@ -271,9 +325,9 @@ partition{ {{ StringIfSet "Name: %q,\n" .Name -}} {{ StringIfSet "DNSSuffix: %q,\n" .DNSSuffix -}} RegionRegex: {{ template "gocode RegionRegex" .RegionRegex }}, - {{ if EndpointIsSet .Defaults -}} - Defaults: {{ template "gocode Endpoint" .Defaults }}, - {{- end }} + {{ if (gt (len .Defaults) 0) -}} + Defaults: {{ template "gocode Defaults" .Defaults -}}, + {{ end -}} Regions: {{ template "gocode Regions" .Regions }}, Services: {{ template "gocode Services" .Services }}, } @@ -314,19 +368,27 @@ services{ service{ {{ StringIfSet "PartitionEndpoint: %q,\n" .PartitionEndpoint -}} {{ BoxedBoolIfSet "IsRegionalized: %s,\n" .IsRegionalized -}} - {{ if EndpointIsSet .Defaults -}} - Defaults: {{ template "gocode Endpoint" .Defaults -}}, - {{- end }} + {{ if (gt (len .Defaults) 0) -}} + Defaults: {{ template "gocode Defaults" .Defaults -}}, + {{ end -}} {{ if .Endpoints -}} Endpoints: {{ template "gocode Endpoints" .Endpoints }}, {{- end }} } {{- end }} +{{ define "gocode Defaults" -}} +endpointDefaults{ + {{ range $id, $endpoint := . -}} + {{ DefaultKeySetter $id }}: {{ template "gocode Endpoint" $endpoint }}, + {{ end }} +} +{{- end }} + {{ define "gocode Endpoints" -}} -endpoints{ +serviceEndpoints{ {{ range $id, $endpoint := . -}} - "{{ $id }}": {{ template "gocode Endpoint" $endpoint }}, + {{ EndpointKeySetter $id }}: {{ template "gocode Endpoint" $endpoint }}, {{ end }} } {{- end }} @@ -334,6 +396,7 @@ endpoints{ {{ define "gocode Endpoint" -}} endpoint{ {{ StringIfSet "Hostname: %q,\n" .Hostname -}} + {{ StringIfSet "DNSSuffix: %q,\n" .DNSSuffix -}} {{ StringIfSet "SSLCommonName: %q,\n" .SSLCommonName -}} {{ StringSliceIfSet "Protocols: []string{%s},\n" .Protocols -}} {{ StringSliceIfSet "SignatureVersions: []string{%s},\n" .SignatureVersions -}} @@ -343,9 +406,7 @@ endpoint{ {{ StringIfSet "Service: %q,\n" .CredentialScope.Service -}} }, {{- end }} - {{ BoxedBoolIfSet "HasDualStack: %s,\n" .HasDualStack -}} - {{ StringIfSet "DualStackHostname: %q,\n" .DualStackHostname -}} - + {{ BoxedBoolIfSet "Deprecated: %s,\n" .Deprecated -}} } {{- end }} ` diff --git a/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/logger.go b/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/logger.go index 6ed15b2ecc2..49674cc79eb 100644 --- a/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/logger.go +++ b/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/logger.go @@ -77,6 +77,9 @@ const ( // wire unmarshaled message content of requests and responses made while // using the SDK Will also enable LogDebug. LogDebugWithEventStreamBody + + // LogDebugWithDeprecated states the SDK should log details about deprecated functionality. + LogDebugWithDeprecated ) // A Logger is a minimalistic interface for the SDK to log messages to. Should diff --git a/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/request/handlers.go b/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/request/handlers.go index e819ab6c0e8..9556332b65e 100644 --- a/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/request/handlers.go +++ b/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/request/handlers.go @@ -330,6 +330,9 @@ func MakeAddToUserAgentFreeFormHandler(s string) func(*Request) { // WithSetRequestHeaders updates the operation request's HTTP header to contain // the header key value pairs provided. If the header key already exists in the // request's HTTP header set, the existing value(s) will be replaced. +// +// Header keys added will be added as canonical format with title casing +// applied via http.Header.Set method. func WithSetRequestHeaders(h map[string]string) Option { return withRequestHeader(h).SetRequestHeaders } @@ -338,6 +341,6 @@ type withRequestHeader map[string]string func (h withRequestHeader) SetRequestHeaders(r *Request) { for k, v := range h { - r.HTTPRequest.Header[k] = []string{v} + r.HTTPRequest.Header.Set(k, v) } } diff --git a/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/request/request.go b/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/request/request.go index d597c6ead55..636d9ec943b 100644 --- a/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/request/request.go +++ b/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/request/request.go @@ -4,6 +4,7 @@ import ( "bytes" "fmt" "io" + "io/ioutil" "net/http" "net/url" "reflect" @@ -129,12 +130,27 @@ func New(cfg aws.Config, clientInfo metadata.ClientInfo, handlers Handlers, httpReq, _ := http.NewRequest(method, "", nil) var err error - httpReq.URL, err = url.Parse(clientInfo.Endpoint + operation.HTTPPath) + httpReq.URL, err = url.Parse(clientInfo.Endpoint) if err != nil { httpReq.URL = &url.URL{} err = awserr.New("InvalidEndpointURL", "invalid endpoint uri", err) } + if len(operation.HTTPPath) != 0 { + opHTTPPath := operation.HTTPPath + var opQueryString string + if idx := strings.Index(opHTTPPath, "?"); idx >= 0 { + opQueryString = opHTTPPath[idx+1:] + opHTTPPath = opHTTPPath[:idx] + } + + if strings.HasSuffix(httpReq.URL.Path, "/") && strings.HasPrefix(opHTTPPath, "/") { + opHTTPPath = opHTTPPath[1:] + } + httpReq.URL.Path += opHTTPPath + httpReq.URL.RawQuery = opQueryString + } + r := &Request{ Config: cfg, ClientInfo: clientInfo, @@ -510,6 +526,14 @@ func (r *Request) GetBody() io.ReadSeeker { // Send will not close the request.Request's body. func (r *Request) Send() error { defer func() { + // Ensure a non-nil HTTPResponse parameter is set to ensure handlers + // checking for HTTPResponse values, don't fail. + if r.HTTPResponse == nil { + r.HTTPResponse = &http.Response{ + Header: http.Header{}, + Body: ioutil.NopCloser(&bytes.Buffer{}), + } + } // Regardless of success or failure of the request trigger the Complete // request handlers. r.Handlers.Complete.Run(r) diff --git a/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/request/request_1_7.go b/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/request/request_1_7.go index e36e468b7c6..5921b8ff2ab 100644 --- a/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/request/request_1_7.go +++ b/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/request/request_1_7.go @@ -1,3 +1,4 @@ +//go:build !go1.8 // +build !go1.8 package request diff --git a/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/request/request_1_8.go b/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/request/request_1_8.go index de1292f45a2..ea643c9c44b 100644 --- a/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/request/request_1_8.go +++ b/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/request/request_1_8.go @@ -1,3 +1,4 @@ +//go:build go1.8 // +build go1.8 package request diff --git a/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/request/request_context.go b/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/request/request_context.go index a7365cd1e46..d8c5053025c 100644 --- a/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/request/request_context.go +++ b/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/request/request_context.go @@ -1,3 +1,4 @@ +//go:build go1.7 // +build go1.7 package request diff --git a/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/request/request_context_1_6.go b/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/request/request_context_1_6.go index 307fa0705be..49a243ef2d0 100644 --- a/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/request/request_context_1_6.go +++ b/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/request/request_context_1_6.go @@ -1,3 +1,4 @@ +//go:build !go1.7 // +build !go1.7 package request diff --git a/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/request/retryer.go b/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/request/retryer.go index 752ae47f845..3f0001f9181 100644 --- a/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/request/retryer.go +++ b/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/request/retryer.go @@ -15,8 +15,8 @@ import ( // and determine if a request API error should be retried. // // client.DefaultRetryer is the SDK's default implementation of the Retryer. It -// uses the which uses the Request.IsErrorRetryable and Request.IsErrorThrottle -// methods to determine if the request is retried. +// uses the Request.IsErrorRetryable and Request.IsErrorThrottle methods to +// determine if the request is retried. type Retryer interface { // RetryRules return the retry delay that should be used by the SDK before // making another request attempt for the failed request. diff --git a/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/session/credentials.go b/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/session/credentials.go index fe6dac1f476..ea8e3537658 100644 --- a/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/session/credentials.go +++ b/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/session/credentials.go @@ -9,12 +9,27 @@ import ( "github.com/aws/aws-sdk-go/aws/awserr" "github.com/aws/aws-sdk-go/aws/credentials" "github.com/aws/aws-sdk-go/aws/credentials/processcreds" + "github.com/aws/aws-sdk-go/aws/credentials/ssocreds" "github.com/aws/aws-sdk-go/aws/credentials/stscreds" "github.com/aws/aws-sdk-go/aws/defaults" "github.com/aws/aws-sdk-go/aws/request" "github.com/aws/aws-sdk-go/internal/shareddefaults" + "github.com/aws/aws-sdk-go/service/ssooidc" + "github.com/aws/aws-sdk-go/service/sts" ) +// CredentialsProviderOptions specifies additional options for configuring +// credentials providers. +type CredentialsProviderOptions struct { + // WebIdentityRoleProviderOptions configures a WebIdentityRoleProvider, + // such as setting its ExpiryWindow. + WebIdentityRoleProviderOptions func(*stscreds.WebIdentityRoleProvider) + + // ProcessProviderOptions configures a ProcessProvider, + // such as setting its Timeout. + ProcessProviderOptions func(*processcreds.ProcessProvider) +} + func resolveCredentials(cfg *aws.Config, envCfg envConfig, sharedCfg sharedConfig, handlers request.Handlers, @@ -23,7 +38,7 @@ func resolveCredentials(cfg *aws.Config, switch { case len(sessOpts.Profile) != 0: - // User explicitly provided an Profile in the session's configuration + // User explicitly provided a Profile in the session's configuration // so load that profile from shared config first. // Github(aws/aws-sdk-go#2727) return resolveCredsFromProfile(cfg, envCfg, sharedCfg, handlers, sessOpts) @@ -39,6 +54,7 @@ func resolveCredentials(cfg *aws.Config, envCfg.WebIdentityTokenFilePath, envCfg.RoleARN, envCfg.RoleSessionName, + sessOpts.CredentialsProviderOptions, ) default: @@ -58,6 +74,7 @@ var WebIdentityEmptyTokenFilePathErr = awserr.New(stscreds.ErrCodeWebIdentity, " func assumeWebIdentity(cfg *aws.Config, handlers request.Handlers, filepath string, roleARN, sessionName string, + credOptions *CredentialsProviderOptions, ) (*credentials.Credentials, error) { if len(filepath) == 0 { @@ -68,17 +85,18 @@ func assumeWebIdentity(cfg *aws.Config, handlers request.Handlers, return nil, WebIdentityEmptyRoleARNErr } - creds := stscreds.NewWebIdentityCredentials( - &Session{ - Config: cfg, - Handlers: handlers.Copy(), - }, - roleARN, - sessionName, - filepath, - ) + svc := sts.New(&Session{ + Config: cfg, + Handlers: handlers.Copy(), + }) - return creds, nil + var optFns []func(*stscreds.WebIdentityRoleProvider) + if credOptions != nil && credOptions.WebIdentityRoleProviderOptions != nil { + optFns = append(optFns, credOptions.WebIdentityRoleProviderOptions) + } + + p := stscreds.NewWebIdentityRoleProviderWithOptions(svc, roleARN, sessionName, stscreds.FetchTokenPath(filepath), optFns...) + return credentials.NewCredentials(p), nil } func resolveCredsFromProfile(cfg *aws.Config, @@ -100,10 +118,6 @@ func resolveCredsFromProfile(cfg *aws.Config, sharedCfg.Creds, ) - case len(sharedCfg.CredentialProcess) != 0: - // Get credentials from CredentialProcess - creds = processcreds.NewCredentials(sharedCfg.CredentialProcess) - case len(sharedCfg.CredentialSource) != 0: creds, err = resolveCredsFromSource(cfg, envCfg, sharedCfg, handlers, sessOpts, @@ -117,8 +131,20 @@ func resolveCredsFromProfile(cfg *aws.Config, sharedCfg.WebIdentityTokenFile, sharedCfg.RoleARN, sharedCfg.RoleSessionName, + sessOpts.CredentialsProviderOptions, ) + case sharedCfg.hasSSOConfiguration(): + creds, err = resolveSSOCredentials(cfg, sharedCfg, handlers) + + case len(sharedCfg.CredentialProcess) != 0: + // Get credentials from CredentialProcess + var optFns []func(*processcreds.ProcessProvider) + if sessOpts.CredentialsProviderOptions != nil && sessOpts.CredentialsProviderOptions.ProcessProviderOptions != nil { + optFns = append(optFns, sessOpts.CredentialsProviderOptions.ProcessProviderOptions) + } + creds = processcreds.NewCredentials(sharedCfg.CredentialProcess, optFns...) + default: // Fallback to default credentials provider, include mock errors for // the credential chain so user can identify why credentials failed to @@ -151,6 +177,46 @@ func resolveCredsFromProfile(cfg *aws.Config, return creds, nil } +func resolveSSOCredentials(cfg *aws.Config, sharedCfg sharedConfig, handlers request.Handlers) (*credentials.Credentials, error) { + if err := sharedCfg.validateSSOConfiguration(); err != nil { + return nil, err + } + + var optFns []func(provider *ssocreds.Provider) + cfgCopy := cfg.Copy() + + if sharedCfg.SSOSession != nil { + cfgCopy.Region = &sharedCfg.SSOSession.SSORegion + cachedPath, err := ssocreds.StandardCachedTokenFilepath(sharedCfg.SSOSession.Name) + if err != nil { + return nil, err + } + // create oidcClient with AnonymousCredentials to avoid recursively resolving credentials + mySession := Must(NewSession(&aws.Config{ + Credentials: credentials.AnonymousCredentials, + })) + oidcClient := ssooidc.New(mySession, cfgCopy) + tokenProvider := ssocreds.NewSSOTokenProvider(oidcClient, cachedPath) + optFns = append(optFns, func(p *ssocreds.Provider) { + p.TokenProvider = tokenProvider + p.CachedTokenFilepath = cachedPath + }) + } else { + cfgCopy.Region = &sharedCfg.SSORegion + } + + return ssocreds.NewCredentials( + &Session{ + Config: cfgCopy, + Handlers: handlers.Copy(), + }, + sharedCfg.SSOAccountID, + sharedCfg.SSORoleName, + sharedCfg.SSOStartURL, + optFns..., + ), nil +} + // valid credential source values const ( credSourceEc2Metadata = "Ec2InstanceMetadata" diff --git a/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/session/custom_transport.go b/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/session/custom_transport.go new file mode 100644 index 00000000000..4390ad52f49 --- /dev/null +++ b/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/session/custom_transport.go @@ -0,0 +1,28 @@ +//go:build go1.13 +// +build go1.13 + +package session + +import ( + "net" + "net/http" + "time" +) + +// Transport that should be used when a custom CA bundle is specified with the +// SDK. +func getCustomTransport() *http.Transport { + return &http.Transport{ + Proxy: http.ProxyFromEnvironment, + DialContext: (&net.Dialer{ + Timeout: 30 * time.Second, + KeepAlive: 30 * time.Second, + DualStack: true, + }).DialContext, + ForceAttemptHTTP2: true, + MaxIdleConns: 100, + IdleConnTimeout: 90 * time.Second, + TLSHandshakeTimeout: 10 * time.Second, + ExpectContinueTimeout: 1 * time.Second, + } +} diff --git a/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/session/cabundle_transport.go b/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/session/custom_transport_go1.12.go similarity index 83% rename from ecs-init/vendor/github.com/aws/aws-sdk-go/aws/session/cabundle_transport.go rename to ecs-init/vendor/github.com/aws/aws-sdk-go/aws/session/custom_transport_go1.12.go index ea9ebb6f6a2..668565bea0c 100644 --- a/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/session/cabundle_transport.go +++ b/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/session/custom_transport_go1.12.go @@ -1,4 +1,5 @@ -// +build go1.7 +//go:build !go1.13 && go1.7 +// +build !go1.13,go1.7 package session @@ -10,7 +11,7 @@ import ( // Transport that should be used when a custom CA bundle is specified with the // SDK. -func getCABundleTransport() *http.Transport { +func getCustomTransport() *http.Transport { return &http.Transport{ Proxy: http.ProxyFromEnvironment, DialContext: (&net.Dialer{ diff --git a/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/session/cabundle_transport_1_5.go b/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/session/custom_transport_go1.5.go similarity index 83% rename from ecs-init/vendor/github.com/aws/aws-sdk-go/aws/session/cabundle_transport_1_5.go rename to ecs-init/vendor/github.com/aws/aws-sdk-go/aws/session/custom_transport_go1.5.go index fec39dfc126..e101aa6b6c0 100644 --- a/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/session/cabundle_transport_1_5.go +++ b/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/session/custom_transport_go1.5.go @@ -1,3 +1,4 @@ +//go:build !go1.6 && go1.5 // +build !go1.6,go1.5 package session @@ -10,7 +11,7 @@ import ( // Transport that should be used when a custom CA bundle is specified with the // SDK. -func getCABundleTransport() *http.Transport { +func getCustomTransport() *http.Transport { return &http.Transport{ Proxy: http.ProxyFromEnvironment, Dial: (&net.Dialer{ diff --git a/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/session/cabundle_transport_1_6.go b/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/session/custom_transport_go1.6.go similarity index 85% rename from ecs-init/vendor/github.com/aws/aws-sdk-go/aws/session/cabundle_transport_1_6.go rename to ecs-init/vendor/github.com/aws/aws-sdk-go/aws/session/custom_transport_go1.6.go index 1c5a5391e65..b5fcbe0d1e0 100644 --- a/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/session/cabundle_transport_1_6.go +++ b/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/session/custom_transport_go1.6.go @@ -1,3 +1,4 @@ +//go:build !go1.7 && go1.6 // +build !go1.7,go1.6 package session @@ -10,7 +11,7 @@ import ( // Transport that should be used when a custom CA bundle is specified with the // SDK. -func getCABundleTransport() *http.Transport { +func getCustomTransport() *http.Transport { return &http.Transport{ Proxy: http.ProxyFromEnvironment, Dial: (&net.Dialer{ diff --git a/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/session/doc.go b/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/session/doc.go index cc461bd3230..ff3cc012ae3 100644 --- a/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/session/doc.go +++ b/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/session/doc.go @@ -208,6 +208,8 @@ env values as well. AWS_SDK_LOAD_CONFIG=1 +Custom Shared Config and Credential Files + Shared credentials file path can be set to instruct the SDK to use an alternative file for the shared credentials. If not set the file will be loaded from $HOME/.aws/credentials on Linux/Unix based systems, and @@ -222,6 +224,8 @@ $HOME/.aws/config on Linux/Unix based systems, and AWS_CONFIG_FILE=$HOME/my_shared_config +Custom CA Bundle + Path to a custom Credentials Authority (CA) bundle PEM file that the SDK will use instead of the default system's root CA bundle. Use this only if you want to replace the CA bundle the SDK uses for TLS requests. @@ -242,6 +246,29 @@ Setting a custom HTTPClient in the aws.Config options will override this setting To use this option and custom HTTP client, the HTTP client needs to be provided when creating the session. Not the service client. +Custom Client TLS Certificate + +The SDK supports the environment and session option being configured with +Client TLS certificates that are sent as a part of the client's TLS handshake +for client authentication. If used, both Cert and Key values are required. If +one is missing, or either fail to load the contents of the file an error will +be returned. + +HTTP Client's Transport concrete implementation must be a http.Transport +or creating the session will fail. + + AWS_SDK_GO_CLIENT_TLS_KEY=$HOME/my_client_key + AWS_SDK_GO_CLIENT_TLS_CERT=$HOME/my_client_cert + +This can also be configured via the session.Options ClientTLSCert and ClientTLSKey. + + sess, err := session.NewSessionWithOptions(session.Options{ + ClientTLSCert: myCertFile, + ClientTLSKey: myKeyFile, + }) + +Custom EC2 IMDS Endpoint + The endpoint of the EC2 IMDS client can be configured via the environment variable, AWS_EC2_METADATA_SERVICE_ENDPOINT when creating the client with a Session. See Options.EC2IMDSEndpoint for more details. @@ -256,7 +283,85 @@ component must be enclosed in square brackets. The custom EC2 IMDS endpoint can also be specified via the Session options. sess, err := session.NewSessionWithOptions(session.Options{ - EC2IMDSEndpoint: "http://[::1]", + EC2MetadataEndpoint: "http://[::1]", + }) + +FIPS and DualStack Endpoints + +The SDK can be configured to resolve an endpoint with certain capabilities such as FIPS and DualStack. + +You can configure a FIPS endpoint using an environment variable, shared config ($HOME/.aws/config), +or programmatically. + +To configure a FIPS endpoint set the environment variable set the AWS_USE_FIPS_ENDPOINT to true or false to enable +or disable FIPS endpoint resolution. + + AWS_USE_FIPS_ENDPOINT=true + +To configure a FIPS endpoint using shared config, set use_fips_endpoint to true or false to enable +or disable FIPS endpoint resolution. + + [profile myprofile] + region=us-west-2 + use_fips_endpoint=true + +To configure a FIPS endpoint programmatically + + // Option 1: Configure it on a session for all clients + sess, err := session.NewSessionWithOptions(session.Options{ + UseFIPSEndpoint: endpoints.FIPSEndpointStateEnabled, + }) + if err != nil { + // handle error + } + + client := s3.New(sess) + + // Option 2: Configure it per client + sess, err := session.NewSession() + if err != nil { + // handle error + } + + client := s3.New(sess, &aws.Config{ + UseFIPSEndpoint: endpoints.FIPSEndpointStateEnabled, + }) + +You can configure a DualStack endpoint using an environment variable, shared config ($HOME/.aws/config), +or programmatically. + +To configure a DualStack endpoint set the environment variable set the AWS_USE_DUALSTACK_ENDPOINT to true or false to +enable or disable DualStack endpoint resolution. + + AWS_USE_DUALSTACK_ENDPOINT=true + +To configure a DualStack endpoint using shared config, set use_dualstack_endpoint to true or false to enable +or disable DualStack endpoint resolution. + + [profile myprofile] + region=us-west-2 + use_dualstack_endpoint=true + +To configure a DualStack endpoint programmatically + + // Option 1: Configure it on a session for all clients + sess, err := session.NewSessionWithOptions(session.Options{ + UseDualStackEndpoint: endpoints.DualStackEndpointStateEnabled, + }) + if err != nil { + // handle error + } + + client := s3.New(sess) + + // Option 2: Configure it per client + sess, err := session.NewSession() + if err != nil { + // handle error + } + + client := s3.New(sess, &aws.Config{ + UseDualStackEndpoint: endpoints.DualStackEndpointStateEnabled, }) */ package session diff --git a/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/session/env_config.go b/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/session/env_config.go index d67c261d74f..93bb5de6470 100644 --- a/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/session/env_config.go +++ b/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/session/env_config.go @@ -101,6 +101,18 @@ type envConfig struct { // AWS_CA_BUNDLE=$HOME/my_custom_ca_bundle CustomCABundle string + // Sets the TLC client certificate that should be used by the SDK's HTTP transport + // when making requests. The certificate must be paired with a TLS client key file. + // + // AWS_SDK_GO_CLIENT_TLS_CERT=$HOME/my_client_cert + ClientTLSCert string + + // Sets the TLC client key that should be used by the SDK's HTTP transport + // when making requests. The key must be paired with a TLS client certificate file. + // + // AWS_SDK_GO_CLIENT_TLS_KEY=$HOME/my_client_key + ClientTLSKey string + csmEnabled string CSMEnabled *bool CSMPort string @@ -149,10 +161,33 @@ type envConfig struct { // AWS_S3_USE_ARN_REGION=true S3UseARNRegion bool - // Specifies the alternative endpoint to use for EC2 IMDS. + // Specifies the EC2 Instance Metadata Service endpoint to use. If specified it overrides EC2IMDSEndpointMode. // // AWS_EC2_METADATA_SERVICE_ENDPOINT=http://[::1] EC2IMDSEndpoint string + + // Specifies the EC2 Instance Metadata Service default endpoint selection mode (IPv4 or IPv6) + // + // AWS_EC2_METADATA_SERVICE_ENDPOINT_MODE=IPv6 + EC2IMDSEndpointMode endpoints.EC2IMDSEndpointModeState + + // Specifies that IMDS clients should not fallback to IMDSv1 if token + // requests fail. + // + // AWS_EC2_METADATA_V1_DISABLED=true + EC2IMDSv1Disabled *bool + + // Specifies that SDK clients must resolve a dual-stack endpoint for + // services. + // + // AWS_USE_DUALSTACK_ENDPOINT=true + UseDualStackEndpoint endpoints.DualStackEndpointState + + // Specifies that SDK clients must resolve a FIPS endpoint for + // services. + // + // AWS_USE_FIPS_ENDPOINT=true + UseFIPSEndpoint endpoints.FIPSEndpointState } var ( @@ -219,6 +254,27 @@ var ( ec2IMDSEndpointEnvKey = []string{ "AWS_EC2_METADATA_SERVICE_ENDPOINT", } + ec2IMDSEndpointModeEnvKey = []string{ + "AWS_EC2_METADATA_SERVICE_ENDPOINT_MODE", + } + ec2MetadataV1DisabledEnvKey = []string{ + "AWS_EC2_METADATA_V1_DISABLED", + } + useCABundleKey = []string{ + "AWS_CA_BUNDLE", + } + useClientTLSCert = []string{ + "AWS_SDK_GO_CLIENT_TLS_CERT", + } + useClientTLSKey = []string{ + "AWS_SDK_GO_CLIENT_TLS_KEY", + } + awsUseDualStackEndpoint = []string{ + "AWS_USE_DUALSTACK_ENDPOINT", + } + awsUseFIPSEndpoint = []string{ + "AWS_USE_FIPS_ENDPOINT", + } ) // loadEnvConfig retrieves the SDK's environment configuration. @@ -302,7 +358,9 @@ func envConfigLoad(enableSharedConfig bool) (envConfig, error) { cfg.SharedConfigFile = defaults.SharedConfigFilename() } - cfg.CustomCABundle = os.Getenv("AWS_CA_BUNDLE") + setFromEnvVal(&cfg.CustomCABundle, useCABundleKey) + setFromEnvVal(&cfg.ClientTLSCert, useClientTLSCert) + setFromEnvVal(&cfg.ClientTLSKey, useClientTLSKey) var err error // STS Regional Endpoint variable @@ -341,6 +399,18 @@ func envConfigLoad(enableSharedConfig bool) (envConfig, error) { } setFromEnvVal(&cfg.EC2IMDSEndpoint, ec2IMDSEndpointEnvKey) + if err := setEC2IMDSEndpointMode(&cfg.EC2IMDSEndpointMode, ec2IMDSEndpointModeEnvKey); err != nil { + return envConfig{}, err + } + setBoolPtrFromEnvVal(&cfg.EC2IMDSv1Disabled, ec2MetadataV1DisabledEnvKey) + + if err := setUseDualStackEndpointFromEnvVal(&cfg.UseDualStackEndpoint, awsUseDualStackEndpoint); err != nil { + return cfg, err + } + + if err := setUseFIPSEndpointFromEnvVal(&cfg.UseFIPSEndpoint, awsUseFIPSEndpoint); err != nil { + return cfg, err + } return cfg, nil } @@ -353,3 +423,77 @@ func setFromEnvVal(dst *string, keys []string) { } } } + +func setBoolPtrFromEnvVal(dst **bool, keys []string) { + for _, k := range keys { + value := os.Getenv(k) + if len(value) == 0 { + continue + } + + switch { + case strings.EqualFold(value, "false"): + *dst = new(bool) + **dst = false + case strings.EqualFold(value, "true"): + *dst = new(bool) + **dst = true + } + } +} + +func setEC2IMDSEndpointMode(mode *endpoints.EC2IMDSEndpointModeState, keys []string) error { + for _, k := range keys { + value := os.Getenv(k) + if len(value) == 0 { + continue + } + if err := mode.SetFromString(value); err != nil { + return fmt.Errorf("invalid value for environment variable, %s=%s, %v", k, value, err) + } + return nil + } + return nil +} + +func setUseDualStackEndpointFromEnvVal(dst *endpoints.DualStackEndpointState, keys []string) error { + for _, k := range keys { + value := os.Getenv(k) + if len(value) == 0 { + continue // skip if empty + } + + switch { + case strings.EqualFold(value, "true"): + *dst = endpoints.DualStackEndpointStateEnabled + case strings.EqualFold(value, "false"): + *dst = endpoints.DualStackEndpointStateDisabled + default: + return fmt.Errorf( + "invalid value for environment variable, %s=%s, need true, false", + k, value) + } + } + return nil +} + +func setUseFIPSEndpointFromEnvVal(dst *endpoints.FIPSEndpointState, keys []string) error { + for _, k := range keys { + value := os.Getenv(k) + if len(value) == 0 { + continue // skip if empty + } + + switch { + case strings.EqualFold(value, "true"): + *dst = endpoints.FIPSEndpointStateEnabled + case strings.EqualFold(value, "false"): + *dst = endpoints.FIPSEndpointStateDisabled + default: + return fmt.Errorf( + "invalid value for environment variable, %s=%s, need true, false", + k, value) + } + } + return nil +} diff --git a/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/session/session.go b/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/session/session.go index 6430a7f1526..3c88dee526d 100644 --- a/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/session/session.go +++ b/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/session/session.go @@ -8,6 +8,7 @@ import ( "io/ioutil" "net/http" "os" + "strings" "time" "github.com/aws/aws-sdk-go/aws" @@ -25,11 +26,18 @@ const ( // ErrCodeSharedConfig represents an error that occurs in the shared // configuration logic ErrCodeSharedConfig = "SharedConfigErr" + + // ErrCodeLoadCustomCABundle error code for unable to load custom CA bundle. + ErrCodeLoadCustomCABundle = "LoadCustomCABundleError" + + // ErrCodeLoadClientTLSCert error code for unable to load client TLS + // certificate or key + ErrCodeLoadClientTLSCert = "LoadClientTLSCertError" ) // ErrSharedConfigSourceCollision will be returned if a section contains both // source_profile and credential_source -var ErrSharedConfigSourceCollision = awserr.New(ErrCodeSharedConfig, "only source profile or credential source can be specified, not both", nil) +var ErrSharedConfigSourceCollision = awserr.New(ErrCodeSharedConfig, "only one credential type may be specified per profile: source profile, credential source, credential process, web identity token", nil) // ErrSharedConfigECSContainerEnvVarEmpty will be returned if the environment // variables are empty and Environment was set as the credential source @@ -166,7 +174,6 @@ const ( // Options provides the means to control how a Session is created and what // configuration values will be loaded. -// type Options struct { // Provides config values for the SDK to use when creating service clients // and making API requests to services. Any value set in with this field @@ -216,7 +223,7 @@ type Options struct { // from stdin for the MFA token code. // // This field is only used if the shared configuration is enabled, and - // the config enables assume role wit MFA via the mfa_serial field. + // the config enables assume role with MFA via the mfa_serial field. AssumeRoleTokenProvider func() (string, error) // When the SDK's shared config is configured to assume a role this option @@ -229,17 +236,46 @@ type Options struct { // the SDK will use instead of the default system's root CA bundle. Use this // only if you want to replace the CA bundle the SDK uses for TLS requests. // - // Enabling this option will attempt to merge the Transport into the SDK's HTTP - // client. If the client's Transport is not a http.Transport an error will be - // returned. If the Transport's TLS config is set this option will cause the SDK + // HTTP Client's Transport concrete implementation must be a http.Transport + // or creating the session will fail. + // + // If the Transport's TLS config is set this option will cause the SDK // to overwrite the Transport's TLS config's RootCAs value. If the CA // bundle reader contains multiple certificates all of them will be loaded. // - // The Session option CustomCABundle is also available when creating sessions - // to also enable this feature. CustomCABundle session option field has priority - // over the AWS_CA_BUNDLE environment variable, and will be used if both are set. + // Can also be specified via the environment variable: + // + // AWS_CA_BUNDLE=$HOME/ca_bundle + // + // Can also be specified via the shared config field: + // + // ca_bundle = $HOME/ca_bundle CustomCABundle io.Reader + // Reader for the TLC client certificate that should be used by the SDK's + // HTTP transport when making requests. The certificate must be paired with + // a TLS client key file. Will be ignored if both are not provided. + // + // HTTP Client's Transport concrete implementation must be a http.Transport + // or creating the session will fail. + // + // Can also be specified via the environment variable: + // + // AWS_SDK_GO_CLIENT_TLS_CERT=$HOME/my_client_cert + ClientTLSCert io.Reader + + // Reader for the TLC client key that should be used by the SDK's HTTP + // transport when making requests. The key must be paired with a TLS client + // certificate file. Will be ignored if both are not provided. + // + // HTTP Client's Transport concrete implementation must be a http.Transport + // or creating the session will fail. + // + // Can also be specified via the environment variable: + // + // AWS_SDK_GO_CLIENT_TLS_KEY=$HOME/my_client_key + ClientTLSKey io.Reader + // The handlers that the session and all API clients will be created with. // This must be a complete set of handlers. Use the defaults.Handlers() // function to initialize this value before changing the handlers to be @@ -247,8 +283,8 @@ type Options struct { Handlers request.Handlers // Allows specifying a custom endpoint to be used by the EC2 IMDS client - // when making requests to the EC2 IMDS API. The must endpoint value must - // include protocol prefix. + // when making requests to the EC2 IMDS API. The endpoint value should + // include the URI scheme. If the scheme is not present it will be defaulted to http. // // If unset, will the EC2 IMDS client will use its default endpoint. // @@ -262,6 +298,16 @@ type Options struct { // // AWS_EC2_METADATA_SERVICE_ENDPOINT=http://[::1] EC2IMDSEndpoint string + + // Specifies the EC2 Instance Metadata Service default endpoint selection mode (IPv4 or IPv6) + // + // AWS_EC2_METADATA_SERVICE_ENDPOINT_MODE=IPv6 + EC2IMDSEndpointMode endpoints.EC2IMDSEndpointModeState + + // Specifies options for creating credential providers. + // These are only used if the aws.Config does not already + // include credentials. + CredentialsProviderOptions *CredentialsProviderOptions } // NewSessionWithOptions returns a new Session created from SDK defaults, config files, @@ -275,24 +321,24 @@ type Options struct { // credentials file. Enabling the Shared Config will also allow the Session // to be built with retrieving credentials with AssumeRole set in the config. // -// // Equivalent to session.New -// sess := session.Must(session.NewSessionWithOptions(session.Options{})) +// // Equivalent to session.New +// sess := session.Must(session.NewSessionWithOptions(session.Options{})) // -// // Specify profile to load for the session's config -// sess := session.Must(session.NewSessionWithOptions(session.Options{ -// Profile: "profile_name", -// })) +// // Specify profile to load for the session's config +// sess := session.Must(session.NewSessionWithOptions(session.Options{ +// Profile: "profile_name", +// })) // -// // Specify profile for config and region for requests -// sess := session.Must(session.NewSessionWithOptions(session.Options{ -// Config: aws.Config{Region: aws.String("us-east-1")}, -// Profile: "profile_name", -// })) +// // Specify profile for config and region for requests +// sess := session.Must(session.NewSessionWithOptions(session.Options{ +// Config: aws.Config{Region: aws.String("us-east-1")}, +// Profile: "profile_name", +// })) // -// // Force enable Shared Config support -// sess := session.Must(session.NewSessionWithOptions(session.Options{ -// SharedConfigState: session.SharedConfigEnable, -// })) +// // Force enable Shared Config support +// sess := session.Must(session.NewSessionWithOptions(session.Options{ +// SharedConfigState: session.SharedConfigEnable, +// })) func NewSessionWithOptions(opts Options) (*Session, error) { var envCfg envConfig var err error @@ -319,17 +365,6 @@ func NewSessionWithOptions(opts Options) (*Session, error) { envCfg.EnableSharedConfig = true } - // Only use AWS_CA_BUNDLE if session option is not provided. - if len(envCfg.CustomCABundle) != 0 && opts.CustomCABundle == nil { - f, err := os.Open(envCfg.CustomCABundle) - if err != nil { - return nil, awserr.New("LoadCustomCABundleError", - "failed to open custom CA bundle PEM file", err) - } - defer f.Close() - opts.CustomCABundle = f - } - return newSession(opts, envCfg, &opts.Config) } @@ -339,7 +374,7 @@ func NewSessionWithOptions(opts Options) (*Session, error) { // This helper is intended to be used in variable initialization to load the // Session and configuration at startup. Such as: // -// var sess = session.Must(session.NewSession()) +// var sess = session.Must(session.NewSession()) func Must(sess *Session, err error) *Session { if err != nil { panic(err) @@ -350,19 +385,23 @@ func Must(sess *Session, err error) *Session { // Wraps the endpoint resolver with a resolver that will return a custom // endpoint for EC2 IMDS. -func wrapEC2IMDSEndpoint(resolver endpoints.Resolver, endpoint string) endpoints.Resolver { +func wrapEC2IMDSEndpoint(resolver endpoints.Resolver, endpoint string, mode endpoints.EC2IMDSEndpointModeState) endpoints.Resolver { return endpoints.ResolverFunc( func(service, region string, opts ...func(*endpoints.Options)) ( endpoints.ResolvedEndpoint, error, ) { - if service == ec2MetadataServiceID { + if service == ec2MetadataServiceID && len(endpoint) > 0 { return endpoints.ResolvedEndpoint{ URL: endpoint, SigningName: ec2MetadataServiceID, SigningRegion: region, }, nil + } else if service == ec2MetadataServiceID { + opts = append(opts, func(o *endpoints.Options) { + o.EC2MetadataEndpointMode = mode + }) } - return resolver.EndpointFor(service, region) + return resolver.EndpointFor(service, region, opts...) }) } @@ -379,8 +418,8 @@ func deprecatedNewSession(envCfg envConfig, cfgs ...*aws.Config) *Session { cfg.EndpointResolver = endpoints.DefaultResolver() } - if len(envCfg.EC2IMDSEndpoint) != 0 { - cfg.EndpointResolver = wrapEC2IMDSEndpoint(cfg.EndpointResolver, envCfg.EC2IMDSEndpoint) + if !(len(envCfg.EC2IMDSEndpoint) == 0 && envCfg.EC2IMDSEndpointMode == endpoints.EC2IMDSEndpointModeStateUnset) { + cfg.EndpointResolver = wrapEC2IMDSEndpoint(cfg.EndpointResolver, envCfg.EC2IMDSEndpoint, envCfg.EC2IMDSEndpointMode) } cfg.Credentials = defaults.CredChain(cfg, handlers) @@ -460,6 +499,10 @@ func newSession(opts Options, envCfg envConfig, cfgs ...*aws.Config) (*Session, return nil, err } + if err := setTLSOptions(&opts, cfg, envCfg, sharedCfg); err != nil { + return nil, err + } + s := &Session{ Config: cfg, Handlers: handlers, @@ -479,13 +522,6 @@ func newSession(opts Options, envCfg envConfig, cfgs ...*aws.Config) (*Session, } } - // Setup HTTP client with custom cert bundle if enabled - if opts.CustomCABundle != nil { - if err := loadCustomCABundle(s, opts.CustomCABundle); err != nil { - return nil, err - } - } - return s, nil } @@ -529,22 +565,83 @@ func loadCSMConfig(envCfg envConfig, cfgFiles []string) (csmConfig, error) { return csmConfig{}, nil } -func loadCustomCABundle(s *Session, bundle io.Reader) error { +func setTLSOptions(opts *Options, cfg *aws.Config, envCfg envConfig, sharedCfg sharedConfig) error { + // CA Bundle can be specified in both environment variable shared config file. + var caBundleFilename = envCfg.CustomCABundle + if len(caBundleFilename) == 0 { + caBundleFilename = sharedCfg.CustomCABundle + } + + // Only use environment value if session option is not provided. + customTLSOptions := map[string]struct { + filename string + field *io.Reader + errCode string + }{ + "custom CA bundle PEM": {filename: caBundleFilename, field: &opts.CustomCABundle, errCode: ErrCodeLoadCustomCABundle}, + "custom client TLS cert": {filename: envCfg.ClientTLSCert, field: &opts.ClientTLSCert, errCode: ErrCodeLoadClientTLSCert}, + "custom client TLS key": {filename: envCfg.ClientTLSKey, field: &opts.ClientTLSKey, errCode: ErrCodeLoadClientTLSCert}, + } + for name, v := range customTLSOptions { + if len(v.filename) != 0 && *v.field == nil { + f, err := os.Open(v.filename) + if err != nil { + return awserr.New(v.errCode, fmt.Sprintf("failed to open %s file", name), err) + } + defer f.Close() + *v.field = f + } + } + + // Setup HTTP client with custom cert bundle if enabled + if opts.CustomCABundle != nil { + if err := loadCustomCABundle(cfg.HTTPClient, opts.CustomCABundle); err != nil { + return err + } + } + + // Setup HTTP client TLS certificate and key for client TLS authentication. + if opts.ClientTLSCert != nil && opts.ClientTLSKey != nil { + if err := loadClientTLSCert(cfg.HTTPClient, opts.ClientTLSCert, opts.ClientTLSKey); err != nil { + return err + } + } else if opts.ClientTLSCert == nil && opts.ClientTLSKey == nil { + // Do nothing if neither values are available. + + } else { + return awserr.New(ErrCodeLoadClientTLSCert, + fmt.Sprintf("client TLS cert(%t) and key(%t) must both be provided", + opts.ClientTLSCert != nil, opts.ClientTLSKey != nil), nil) + } + + return nil +} + +func getHTTPTransport(client *http.Client) (*http.Transport, error) { var t *http.Transport - switch v := s.Config.HTTPClient.Transport.(type) { + switch v := client.Transport.(type) { case *http.Transport: t = v default: - if s.Config.HTTPClient.Transport != nil { - return awserr.New("LoadCustomCABundleError", - "unable to load custom CA bundle, HTTPClient's transport unsupported type", nil) + if client.Transport != nil { + return nil, fmt.Errorf("unsupported transport, %T", client.Transport) } } if t == nil { // Nil transport implies `http.DefaultTransport` should be used. Since // the SDK cannot modify, nor copy the `DefaultTransport` specifying // the values the next closest behavior. - t = getCABundleTransport() + t = getCustomTransport() + } + + return t, nil +} + +func loadCustomCABundle(client *http.Client, bundle io.Reader) error { + t, err := getHTTPTransport(client) + if err != nil { + return awserr.New(ErrCodeLoadCustomCABundle, + "unable to load custom CA bundle, HTTPClient's transport unsupported type", err) } p, err := loadCertPool(bundle) @@ -556,7 +653,7 @@ func loadCustomCABundle(s *Session, bundle io.Reader) error { } t.TLSClientConfig.RootCAs = p - s.Config.HTTPClient.Transport = t + client.Transport = t return nil } @@ -564,19 +661,57 @@ func loadCustomCABundle(s *Session, bundle io.Reader) error { func loadCertPool(r io.Reader) (*x509.CertPool, error) { b, err := ioutil.ReadAll(r) if err != nil { - return nil, awserr.New("LoadCustomCABundleError", + return nil, awserr.New(ErrCodeLoadCustomCABundle, "failed to read custom CA bundle PEM file", err) } p := x509.NewCertPool() if !p.AppendCertsFromPEM(b) { - return nil, awserr.New("LoadCustomCABundleError", + return nil, awserr.New(ErrCodeLoadCustomCABundle, "failed to load custom CA bundle PEM file", err) } return p, nil } +func loadClientTLSCert(client *http.Client, certFile, keyFile io.Reader) error { + t, err := getHTTPTransport(client) + if err != nil { + return awserr.New(ErrCodeLoadClientTLSCert, + "unable to get usable HTTP transport from client", err) + } + + cert, err := ioutil.ReadAll(certFile) + if err != nil { + return awserr.New(ErrCodeLoadClientTLSCert, + "unable to get read client TLS cert file", err) + } + + key, err := ioutil.ReadAll(keyFile) + if err != nil { + return awserr.New(ErrCodeLoadClientTLSCert, + "unable to get read client TLS key file", err) + } + + clientCert, err := tls.X509KeyPair(cert, key) + if err != nil { + return awserr.New(ErrCodeLoadClientTLSCert, + "unable to load x509 key pair from client cert", err) + } + + tlsCfg := t.TLSClientConfig + if tlsCfg == nil { + tlsCfg = &tls.Config{} + } + + tlsCfg.Certificates = append(tlsCfg.Certificates, clientCert) + + t.TLSClientConfig = tlsCfg + client.Transport = t + + return nil +} + func mergeConfigSrcs(cfg, userCfg *aws.Config, envCfg envConfig, sharedCfg sharedConfig, handlers request.Handlers, @@ -616,22 +751,40 @@ func mergeConfigSrcs(cfg, userCfg *aws.Config, endpoints.LegacyS3UsEast1Endpoint, }) - ec2IMDSEndpoint := sessOpts.EC2IMDSEndpoint - if len(ec2IMDSEndpoint) == 0 { - ec2IMDSEndpoint = envCfg.EC2IMDSEndpoint - } - if len(ec2IMDSEndpoint) != 0 { - cfg.EndpointResolver = wrapEC2IMDSEndpoint(cfg.EndpointResolver, ec2IMDSEndpoint) + var ec2IMDSEndpoint string + for _, v := range []string{ + sessOpts.EC2IMDSEndpoint, + envCfg.EC2IMDSEndpoint, + sharedCfg.EC2IMDSEndpoint, + } { + if len(v) != 0 { + ec2IMDSEndpoint = v + break + } } - // Configure credentials if not already set by the user when creating the - // Session. - if cfg.Credentials == credentials.AnonymousCredentials && userCfg.Credentials == nil { - creds, err := resolveCredentials(cfg, envCfg, sharedCfg, handlers, sessOpts) - if err != nil { - return err + var endpointMode endpoints.EC2IMDSEndpointModeState + for _, v := range []endpoints.EC2IMDSEndpointModeState{ + sessOpts.EC2IMDSEndpointMode, + envCfg.EC2IMDSEndpointMode, + sharedCfg.EC2IMDSEndpointMode, + } { + if v != endpoints.EC2IMDSEndpointModeStateUnset { + endpointMode = v + break } - cfg.Credentials = creds + } + + if len(ec2IMDSEndpoint) != 0 || endpointMode != endpoints.EC2IMDSEndpointModeStateUnset { + cfg.EndpointResolver = wrapEC2IMDSEndpoint(cfg.EndpointResolver, ec2IMDSEndpoint, endpointMode) + } + + cfg.EC2MetadataEnableFallback = userCfg.EC2MetadataEnableFallback + if cfg.EC2MetadataEnableFallback == nil && envCfg.EC2IMDSv1Disabled != nil { + cfg.EC2MetadataEnableFallback = aws.Bool(!*envCfg.EC2IMDSv1Disabled) + } + if cfg.EC2MetadataEnableFallback == nil && sharedCfg.EC2IMDSv1Disabled != nil { + cfg.EC2MetadataEnableFallback = aws.Bool(!*sharedCfg.EC2IMDSv1Disabled) } cfg.S3UseARNRegion = userCfg.S3UseARNRegion @@ -642,6 +795,31 @@ func mergeConfigSrcs(cfg, userCfg *aws.Config, cfg.S3UseARNRegion = &sharedCfg.S3UseARNRegion } + for _, v := range []endpoints.DualStackEndpointState{userCfg.UseDualStackEndpoint, envCfg.UseDualStackEndpoint, sharedCfg.UseDualStackEndpoint} { + if v != endpoints.DualStackEndpointStateUnset { + cfg.UseDualStackEndpoint = v + break + } + } + + for _, v := range []endpoints.FIPSEndpointState{userCfg.UseFIPSEndpoint, envCfg.UseFIPSEndpoint, sharedCfg.UseFIPSEndpoint} { + if v != endpoints.FIPSEndpointStateUnset { + cfg.UseFIPSEndpoint = v + break + } + } + + // Configure credentials if not already set by the user when creating the Session. + // Credentials are resolved last such that all _resolved_ config values are propagated to credential providers. + // ticket: P83606045 + if cfg.Credentials == credentials.AnonymousCredentials && userCfg.Credentials == nil { + creds, err := resolveCredentials(cfg, envCfg, sharedCfg, handlers, sessOpts) + if err != nil { + return err + } + cfg.Credentials = creds + } + return nil } @@ -675,8 +853,8 @@ func initHandlers(s *Session) { // and handlers. If any additional configs are provided they will be merged // on top of the Session's copied config. // -// // Create a copy of the current Session, configured for the us-west-2 region. -// sess.Copy(&aws.Config{Region: aws.String("us-west-2")}) +// // Create a copy of the current Session, configured for the us-west-2 region. +// sess.Copy(&aws.Config{Region: aws.String("us-west-2")}) func (s *Session) Copy(cfgs ...*aws.Config) *Session { newSession := &Session{ Config: s.Config.Copy(cfgs...), @@ -695,8 +873,10 @@ func (s *Session) Copy(cfgs ...*aws.Config) *Session { func (s *Session) ClientConfig(service string, cfgs ...*aws.Config) client.Config { s = s.Copy(cfgs...) + resolvedRegion := normalizeRegion(s.Config) + region := aws.StringValue(s.Config.Region) - resolved, err := s.resolveEndpoint(service, region, s.Config) + resolved, err := s.resolveEndpoint(service, region, resolvedRegion, s.Config) if err != nil { s.Handlers.Validate.PushBack(func(r *request.Request) { if len(r.ClientInfo.Endpoint) != 0 { @@ -717,12 +897,13 @@ func (s *Session) ClientConfig(service string, cfgs ...*aws.Config) client.Confi SigningRegion: resolved.SigningRegion, SigningNameDerived: resolved.SigningNameDerived, SigningName: resolved.SigningName, + ResolvedRegion: resolvedRegion, } } const ec2MetadataServiceID = "ec2metadata" -func (s *Session) resolveEndpoint(service, region string, cfg *aws.Config) (endpoints.ResolvedEndpoint, error) { +func (s *Session) resolveEndpoint(service, region, resolvedRegion string, cfg *aws.Config) (endpoints.ResolvedEndpoint, error) { if ep := aws.StringValue(cfg.Endpoint); len(ep) != 0 { return endpoints.ResolvedEndpoint{ @@ -734,7 +915,12 @@ func (s *Session) resolveEndpoint(service, region string, cfg *aws.Config) (endp resolved, err := cfg.EndpointResolver.EndpointFor(service, region, func(opt *endpoints.Options) { opt.DisableSSL = aws.BoolValue(cfg.DisableSSL) + opt.UseDualStack = aws.BoolValue(cfg.UseDualStack) + opt.UseDualStackEndpoint = cfg.UseDualStackEndpoint + + opt.UseFIPSEndpoint = cfg.UseFIPSEndpoint + // Support for STSRegionalEndpoint where the STSRegionalEndpoint is // provided in envConfig or sharedConfig with envConfig getting // precedence. @@ -748,6 +934,11 @@ func (s *Session) resolveEndpoint(service, region string, cfg *aws.Config) (endp // Support the condition where the service is modeled but its // endpoint metadata is not available. opt.ResolveUnknownService = true + + opt.ResolvedRegion = resolvedRegion + + opt.Logger = cfg.Logger + opt.LogDeprecated = cfg.LogLevel.Matches(aws.LogDebugWithDeprecated) }, ) if err != nil { @@ -763,6 +954,8 @@ func (s *Session) resolveEndpoint(service, region string, cfg *aws.Config) (endp func (s *Session) ClientConfigNoResolveEndpoint(cfgs ...*aws.Config) client.Config { s = s.Copy(cfgs...) + resolvedRegion := normalizeRegion(s.Config) + var resolved endpoints.ResolvedEndpoint if ep := aws.StringValue(s.Config.Endpoint); len(ep) > 0 { resolved.URL = endpoints.AddScheme(ep, aws.BoolValue(s.Config.DisableSSL)) @@ -776,6 +969,7 @@ func (s *Session) ClientConfigNoResolveEndpoint(cfgs ...*aws.Config) client.Conf SigningRegion: resolved.SigningRegion, SigningNameDerived: resolved.SigningNameDerived, SigningName: resolved.SigningName, + ResolvedRegion: resolvedRegion, } } @@ -789,3 +983,23 @@ func (s *Session) logDeprecatedNewSessionError(msg string, err error, cfgs []*aw r.Error = err }) } + +// normalizeRegion resolves / normalizes the configured region (converts pseudo fips regions), and modifies the provided +// config to have the equivalent options for resolution and returns the resolved region name. +func normalizeRegion(cfg *aws.Config) (resolved string) { + const fipsInfix = "-fips-" + const fipsPrefix = "-fips" + const fipsSuffix = "fips-" + + region := aws.StringValue(cfg.Region) + + if strings.Contains(region, fipsInfix) || + strings.Contains(region, fipsPrefix) || + strings.Contains(region, fipsSuffix) { + resolved = strings.Replace(strings.Replace(strings.Replace( + region, fipsInfix, "-", -1), fipsPrefix, "", -1), fipsSuffix, "", -1) + cfg.UseFIPSEndpoint = endpoints.FIPSEndpointStateEnabled + } + + return resolved +} diff --git a/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/session/shared_config.go b/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/session/shared_config.go index 680805a38ad..f3ce8183dd9 100644 --- a/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/session/shared_config.go +++ b/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/session/shared_config.go @@ -2,6 +2,7 @@ package session import ( "fmt" + "strings" "time" "github.com/aws/aws-sdk-go/aws/awserr" @@ -25,6 +26,19 @@ const ( roleSessionNameKey = `role_session_name` // optional roleDurationSecondsKey = "duration_seconds" // optional + // Prefix to be used for SSO sections. These are supposed to only exist in + // the shared config file, not the credentials file. + ssoSectionPrefix = `sso-session ` + + // AWS Single Sign-On (AWS SSO) group + ssoSessionNameKey = "sso_session" + + // AWS Single Sign-On (AWS SSO) group + ssoAccountIDKey = "sso_account_id" + ssoRegionKey = "sso_region" + ssoRoleNameKey = "sso_role_name" + ssoStartURL = "sso_start_url" + // CSM options csmEnabledKey = `csm_enabled` csmHostKey = `csm_host` @@ -34,6 +48,9 @@ const ( // Additional Config fields regionKey = `region` + // custom CA Bundle filename + customCABundleKey = `ca_bundle` + // endpoint discovery group enableEndpointDiscoveryKey = `endpoint_discovery_enabled` // optional @@ -56,10 +73,27 @@ const ( // S3 ARN Region Usage s3UseARNRegionKey = "s3_use_arn_region" + + // EC2 IMDS Endpoint Mode + ec2MetadataServiceEndpointModeKey = "ec2_metadata_service_endpoint_mode" + + // EC2 IMDS Endpoint + ec2MetadataServiceEndpointKey = "ec2_metadata_service_endpoint" + + // ECS IMDSv1 disable fallback + ec2MetadataV1DisabledKey = "ec2_metadata_v1_disabled" + + // Use DualStack Endpoint Resolution + useDualStackEndpoint = "use_dualstack_endpoint" + + // Use FIPS Endpoint Resolution + useFIPSEndpointKey = "use_fips_endpoint" ) // sharedConfig represents the configuration fields of the SDK config files. type sharedConfig struct { + Profile string + // Credentials values from the config file. Both aws_access_key_id and // aws_secret_access_key must be provided together in the same file to be // considered valid. The values will be ignored if not a complete group. @@ -75,6 +109,15 @@ type sharedConfig struct { CredentialProcess string WebIdentityTokenFile string + // SSO session options + SSOSessionName string + SSOSession *ssoSession + + SSOAccountID string + SSORegion string + SSORoleName string + SSOStartURL string + RoleARN string RoleSessionName string ExternalID string @@ -90,6 +133,15 @@ type sharedConfig struct { // region Region string + // CustomCABundle is the file path to a PEM file the SDK will read and + // use to configure the HTTP transport with additional CA certs that are + // not present in the platforms default CA store. + // + // This value will be ignored if the file does not exist. + // + // ca_bundle + CustomCABundle string + // EnableEndpointDiscovery can be enabled in the shared config by setting // endpoint_discovery_enabled to true // @@ -119,6 +171,34 @@ type sharedConfig struct { // // s3_use_arn_region=true S3UseARNRegion bool + + // Specifies the EC2 Instance Metadata Service default endpoint selection mode (IPv4 or IPv6) + // + // ec2_metadata_service_endpoint_mode=IPv6 + EC2IMDSEndpointMode endpoints.EC2IMDSEndpointModeState + + // Specifies the EC2 Instance Metadata Service endpoint to use. If specified it overrides EC2IMDSEndpointMode. + // + // ec2_metadata_service_endpoint=http://fd00:ec2::254 + EC2IMDSEndpoint string + + // Specifies that IMDS clients should not fallback to IMDSv1 if token + // requests fail. + // + // ec2_metadata_v1_disabled=true + EC2IMDSv1Disabled *bool + + // Specifies that SDK clients must resolve a dual-stack endpoint for + // services. + // + // use_dualstack_endpoint=true + UseDualStackEndpoint endpoints.DualStackEndpointState + + // Specifies that SDK clients must resolve a FIPS endpoint for + // services. + // + // use_fips_endpoint=true + UseFIPSEndpoint endpoints.FIPSEndpointState } type sharedConfigFile struct { @@ -126,6 +206,20 @@ type sharedConfigFile struct { IniData ini.Sections } +// SSOSession provides the shared configuration parameters of the sso-session +// section. +type ssoSession struct { + Name string + SSORegion string + SSOStartURL string +} + +func (s *ssoSession) setFromIniSection(section ini.Section) { + updateString(&s.Name, section, ssoSessionNameKey) + updateString(&s.SSORegion, section, ssoRegionKey) + updateString(&s.SSOStartURL, section, ssoStartURL) +} + // loadSharedConfig retrieves the configuration from the list of files using // the profile provided. The order the files are listed will determine // precedence. Values in subsequent files will overwrite values defined in @@ -177,6 +271,8 @@ func loadSharedConfigIniFiles(filenames []string) ([]sharedConfigFile, error) { } func (cfg *sharedConfig) setFromIniFiles(profiles map[string]struct{}, profile string, files []sharedConfigFile, exOpts bool) error { + cfg.Profile = profile + // Trim files from the list that don't exist. var skippedFiles int var profileNotFoundErr error @@ -204,13 +300,13 @@ func (cfg *sharedConfig) setFromIniFiles(profiles map[string]struct{}, profile s // profile only have credential provider options. cfg.clearAssumeRoleOptions() } else { - // First time a profile has been seen, It must either be a assume role - // or credentials. Assert if the credential type requires a role ARN, - // the ARN is also set. - if err := cfg.validateCredentialsRequireARN(profile); err != nil { + // First time a profile has been seen. Assert if the credential type + // requires a role ARN, the ARN is also set + if err := cfg.validateCredentialsConfig(profile); err != nil { return err } } + profiles[profile] = struct{}{} if err := cfg.validateCredentialType(); err != nil { @@ -246,6 +342,30 @@ func (cfg *sharedConfig) setFromIniFiles(profiles map[string]struct{}, profile s cfg.SourceProfile = srcCfg } + // If the profile contains an SSO session parameter, the session MUST exist + // as a section in the config file. Load the SSO session using the name + // provided. If the session section is not found or incomplete an error + // will be returned. + if cfg.hasSSOTokenProviderConfiguration() { + skippedFiles = 0 + for _, f := range files { + section, ok := f.IniData.GetSection(fmt.Sprintf(ssoSectionPrefix + strings.TrimSpace(cfg.SSOSessionName))) + if ok { + var ssoSession ssoSession + ssoSession.setFromIniSection(section) + ssoSession.Name = cfg.SSOSessionName + cfg.SSOSession = &ssoSession + break + } + skippedFiles++ + } + if skippedFiles == len(files) { + // If all files were skipped because the sso session section is not found, return + // the sso section not found error. + return fmt.Errorf("failed to find SSO session section, %v", cfg.SSOSessionName) + } + } + return nil } @@ -276,9 +396,17 @@ func (cfg *sharedConfig) setFromIniFile(profile string, file sharedConfigFile, e updateString(&cfg.SourceProfileName, section, sourceProfileKey) updateString(&cfg.CredentialSource, section, credentialSourceKey) updateString(&cfg.Region, section, regionKey) + updateString(&cfg.CustomCABundle, section, customCABundleKey) + // we're retaining a behavioral quirk with this field that existed before + // the removal of literal parsing for (aws-sdk-go-v2/#2276): + // - if the key is missing, the config field will not be set + // - if the key is set to a non-numeric, the config field will be set to 0 if section.Has(roleDurationSecondsKey) { - d := time.Duration(section.Int(roleDurationSecondsKey)) * time.Second + var d time.Duration + if v, ok := section.Int(roleDurationSecondsKey); ok { + d = time.Duration(v) * time.Second + } cfg.AssumeRoleDuration = &d } @@ -299,6 +427,27 @@ func (cfg *sharedConfig) setFromIniFile(profile string, file sharedConfigFile, e } cfg.S3UsEast1RegionalEndpoint = sre } + + // AWS Single Sign-On (AWS SSO) + // SSO session options + updateString(&cfg.SSOSessionName, section, ssoSessionNameKey) + + // AWS Single Sign-On (AWS SSO) + updateString(&cfg.SSOAccountID, section, ssoAccountIDKey) + updateString(&cfg.SSORegion, section, ssoRegionKey) + updateString(&cfg.SSORoleName, section, ssoRoleNameKey) + updateString(&cfg.SSOStartURL, section, ssoStartURL) + + if err := updateEC2MetadataServiceEndpointMode(&cfg.EC2IMDSEndpointMode, section, ec2MetadataServiceEndpointModeKey); err != nil { + return fmt.Errorf("failed to load %s from shared config, %s, %v", + ec2MetadataServiceEndpointModeKey, file.Filename, err) + } + updateString(&cfg.EC2IMDSEndpoint, section, ec2MetadataServiceEndpointKey) + updateBoolPtr(&cfg.EC2IMDSv1Disabled, section, ec2MetadataV1DisabledKey) + + updateUseDualStackEndpoint(&cfg.UseDualStackEndpoint, section, useDualStackEndpoint) + + updateUseFIPSEndpoint(&cfg.UseFIPSEndpoint, section, useFIPSEndpointKey) } updateString(&cfg.CredentialProcess, section, credentialProcessKey) @@ -329,6 +478,22 @@ func (cfg *sharedConfig) setFromIniFile(profile string, file sharedConfigFile, e return nil } +func updateEC2MetadataServiceEndpointMode(endpointMode *endpoints.EC2IMDSEndpointModeState, section ini.Section, key string) error { + if !section.Has(key) { + return nil + } + value := section.String(key) + return endpointMode.SetFromString(value) +} + +func (cfg *sharedConfig) validateCredentialsConfig(profile string) error { + if err := cfg.validateCredentialsRequireARN(profile); err != nil { + return err + } + + return nil +} + func (cfg *sharedConfig) validateCredentialsRequireARN(profile string) error { var credSource string @@ -365,12 +530,31 @@ func (cfg *sharedConfig) validateCredentialType() error { return nil } +func (cfg *sharedConfig) validateSSOConfiguration() error { + if cfg.hasSSOTokenProviderConfiguration() { + err := cfg.validateSSOTokenProviderConfiguration() + if err != nil { + return err + } + return nil + } + + if cfg.hasLegacySSOConfiguration() { + err := cfg.validateLegacySSOConfiguration() + if err != nil { + return err + } + } + return nil +} + func (cfg *sharedConfig) hasCredentials() bool { switch { case len(cfg.SourceProfileName) != 0: case len(cfg.CredentialSource) != 0: case len(cfg.CredentialProcess) != 0: case len(cfg.WebIdentityTokenFile) != 0: + case cfg.hasSSOConfiguration(): case cfg.Creds.HasKeys(): default: return false @@ -384,6 +568,10 @@ func (cfg *sharedConfig) clearCredentialOptions() { cfg.CredentialProcess = "" cfg.WebIdentityTokenFile = "" cfg.Creds = credentials.Value{} + cfg.SSOAccountID = "" + cfg.SSORegion = "" + cfg.SSORoleName = "" + cfg.SSOStartURL = "" } func (cfg *sharedConfig) clearAssumeRoleOptions() { @@ -394,6 +582,79 @@ func (cfg *sharedConfig) clearAssumeRoleOptions() { cfg.SourceProfileName = "" } +func (cfg *sharedConfig) hasSSOConfiguration() bool { + return cfg.hasSSOTokenProviderConfiguration() || cfg.hasLegacySSOConfiguration() +} + +func (c *sharedConfig) hasSSOTokenProviderConfiguration() bool { + return len(c.SSOSessionName) > 0 +} + +func (c *sharedConfig) hasLegacySSOConfiguration() bool { + return len(c.SSORegion) > 0 || len(c.SSOAccountID) > 0 || len(c.SSOStartURL) > 0 || len(c.SSORoleName) > 0 +} + +func (c *sharedConfig) validateSSOTokenProviderConfiguration() error { + var missing []string + + if len(c.SSOSessionName) == 0 { + missing = append(missing, ssoSessionNameKey) + } + + if c.SSOSession == nil { + missing = append(missing, ssoSectionPrefix) + } else { + if len(c.SSOSession.SSORegion) == 0 { + missing = append(missing, ssoRegionKey) + } + + if len(c.SSOSession.SSOStartURL) == 0 { + missing = append(missing, ssoStartURL) + } + } + + if len(missing) > 0 { + return fmt.Errorf("profile %q is configured to use SSO but is missing required configuration: %s", + c.Profile, strings.Join(missing, ", ")) + } + + if len(c.SSORegion) > 0 && c.SSORegion != c.SSOSession.SSORegion { + return fmt.Errorf("%s in profile %q must match %s in %s", ssoRegionKey, c.Profile, ssoRegionKey, ssoSectionPrefix) + } + + if len(c.SSOStartURL) > 0 && c.SSOStartURL != c.SSOSession.SSOStartURL { + return fmt.Errorf("%s in profile %q must match %s in %s", ssoStartURL, c.Profile, ssoStartURL, ssoSectionPrefix) + } + + return nil +} + +func (c *sharedConfig) validateLegacySSOConfiguration() error { + var missing []string + + if len(c.SSORegion) == 0 { + missing = append(missing, ssoRegionKey) + } + + if len(c.SSOStartURL) == 0 { + missing = append(missing, ssoStartURL) + } + + if len(c.SSOAccountID) == 0 { + missing = append(missing, ssoAccountIDKey) + } + + if len(c.SSORoleName) == 0 { + missing = append(missing, ssoRoleNameKey) + } + + if len(missing) > 0 { + return fmt.Errorf("profile %q is configured to use SSO but is missing required configuration: %s", + c.Profile, strings.Join(missing, ", ")) + } + return nil +} + func oneOrNone(bs ...bool) bool { var count int @@ -424,7 +685,10 @@ func updateBool(dst *bool, section ini.Section, key string) { if !section.Has(key) { return } - *dst = section.Bool(key) + + // retains pre-(aws-sdk-go-v2#2276) behavior where non-bool value would resolve to false + v, _ := section.Bool(key) + *dst = v } // updateBoolPtr will only update the dst with the value in the section key, @@ -433,8 +697,11 @@ func updateBoolPtr(dst **bool, section ini.Section, key string) { if !section.Has(key) { return } + + // retains pre-(aws-sdk-go-v2#2276) behavior where non-bool value would resolve to false + v, _ := section.Bool(key) *dst = new(bool) - **dst = section.Bool(key) + **dst = v } // SharedConfigLoadError is an error for the shared config file failed to load. @@ -553,3 +820,37 @@ func (e CredentialRequiresARNError) OrigErr() error { func (e CredentialRequiresARNError) Error() string { return awserr.SprintError(e.Code(), e.Message(), "", nil) } + +// updateEndpointDiscoveryType will only update the dst with the value in the section, if +// a valid key and corresponding EndpointDiscoveryType is found. +func updateUseDualStackEndpoint(dst *endpoints.DualStackEndpointState, section ini.Section, key string) { + if !section.Has(key) { + return + } + + // retains pre-(aws-sdk-go-v2/#2276) behavior where non-bool value would resolve to false + if v, _ := section.Bool(key); v { + *dst = endpoints.DualStackEndpointStateEnabled + } else { + *dst = endpoints.DualStackEndpointStateDisabled + } + + return +} + +// updateEndpointDiscoveryType will only update the dst with the value in the section, if +// a valid key and corresponding EndpointDiscoveryType is found. +func updateUseFIPSEndpoint(dst *endpoints.FIPSEndpointState, section ini.Section, key string) { + if !section.Has(key) { + return + } + + // retains pre-(aws-sdk-go-v2/#2276) behavior where non-bool value would resolve to false + if v, _ := section.Bool(key); v { + *dst = endpoints.FIPSEndpointStateEnabled + } else { + *dst = endpoints.FIPSEndpointStateDisabled + } + + return +} diff --git a/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/signer/v4/header_rules.go b/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/signer/v4/header_rules.go index 07ea799fbd3..9937538317a 100644 --- a/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/signer/v4/header_rules.go +++ b/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/signer/v4/header_rules.go @@ -34,23 +34,23 @@ func (m mapRule) IsValid(value string) bool { return ok } -// whitelist is a generic rule for whitelisting -type whitelist struct { +// allowList is a generic rule for allow listing +type allowList struct { rule } -// IsValid for whitelist checks if the value is within the whitelist -func (w whitelist) IsValid(value string) bool { +// IsValid for allow list checks if the value is within the allow list +func (w allowList) IsValid(value string) bool { return w.rule.IsValid(value) } -// blacklist is a generic rule for blacklisting -type blacklist struct { +// excludeList is a generic rule for exclude listing +type excludeList struct { rule } -// IsValid for whitelist checks if the value is within the whitelist -func (b blacklist) IsValid(value string) bool { +// IsValid for exclude list checks if the value is within the exclude list +func (b excludeList) IsValid(value string) bool { return !b.rule.IsValid(value) } diff --git a/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/signer/v4/request_context_go1.5.go b/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/signer/v4/request_context_go1.5.go index f35fc860b3b..cf672b6ac46 100644 --- a/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/signer/v4/request_context_go1.5.go +++ b/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/signer/v4/request_context_go1.5.go @@ -1,3 +1,4 @@ +//go:build !go1.7 // +build !go1.7 package v4 diff --git a/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/signer/v4/request_context_go1.7.go b/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/signer/v4/request_context_go1.7.go index fed5c859ca6..21fe74e6fac 100644 --- a/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/signer/v4/request_context_go1.7.go +++ b/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/signer/v4/request_context_go1.7.go @@ -1,3 +1,4 @@ +//go:build go1.7 // +build go1.7 package v4 diff --git a/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/signer/v4/uri_path.go b/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/signer/v4/uri_path.go index bd082e9d1f7..7711ec7377f 100644 --- a/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/signer/v4/uri_path.go +++ b/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/signer/v4/uri_path.go @@ -1,3 +1,4 @@ +//go:build go1.5 // +build go1.5 package v4 diff --git a/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/signer/v4/v4.go b/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/signer/v4/v4.go index d71f7b3f4fa..b542df93156 100644 --- a/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/signer/v4/v4.go +++ b/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/signer/v4/v4.go @@ -3,21 +3,21 @@ // Provides request signing for request that need to be signed with // AWS V4 Signatures. // -// Standalone Signer +// # Standalone Signer // // Generally using the signer outside of the SDK should not require any additional // logic when using Go v1.5 or higher. The signer does this by taking advantage // of the URL.EscapedPath method. If your request URI requires additional escaping -// you many need to use the URL.Opaque to define what the raw URI should be sent +// you may need to use the URL.Opaque to define what the raw URI should be sent // to the service as. // // The signer will first check the URL.Opaque field, and use its value if set. // The signer does require the URL.Opaque field to be set in the form of: // -// "///" +// "///" // -// // e.g. -// "//example.com/some/path" +// // e.g. +// "//example.com/some/path" // // The leading "//" and hostname are required or the URL.Opaque escaping will // not work correctly. @@ -90,7 +90,7 @@ const ( ) var ignoredHeaders = rules{ - blacklist{ + excludeList{ mapRule{ authorizationHeader: struct{}{}, "User-Agent": struct{}{}, @@ -99,9 +99,9 @@ var ignoredHeaders = rules{ }, } -// requiredSignedHeaders is a whitelist for build canonical headers. +// requiredSignedHeaders is a allow list for build canonical headers. var requiredSignedHeaders = rules{ - whitelist{ + allowList{ mapRule{ "Cache-Control": struct{}{}, "Content-Disposition": struct{}{}, @@ -125,6 +125,7 @@ var requiredSignedHeaders = rules{ "X-Amz-Copy-Source-Server-Side-Encryption-Customer-Algorithm": struct{}{}, "X-Amz-Copy-Source-Server-Side-Encryption-Customer-Key": struct{}{}, "X-Amz-Copy-Source-Server-Side-Encryption-Customer-Key-Md5": struct{}{}, + "X-Amz-Expected-Bucket-Owner": struct{}{}, "X-Amz-Grant-Full-control": struct{}{}, "X-Amz-Grant-Read": struct{}{}, "X-Amz-Grant-Read-Acp": struct{}{}, @@ -135,6 +136,7 @@ var requiredSignedHeaders = rules{ "X-Amz-Request-Payer": struct{}{}, "X-Amz-Server-Side-Encryption": struct{}{}, "X-Amz-Server-Side-Encryption-Aws-Kms-Key-Id": struct{}{}, + "X-Amz-Server-Side-Encryption-Context": struct{}{}, "X-Amz-Server-Side-Encryption-Customer-Algorithm": struct{}{}, "X-Amz-Server-Side-Encryption-Customer-Key": struct{}{}, "X-Amz-Server-Side-Encryption-Customer-Key-Md5": struct{}{}, @@ -145,12 +147,13 @@ var requiredSignedHeaders = rules{ }, }, patterns{"X-Amz-Meta-"}, + patterns{"X-Amz-Object-Lock-"}, } -// allowedHoisting is a whitelist for build query headers. The boolean value +// allowedHoisting is a allow list for build query headers. The boolean value // represents whether or not it is a pattern. var allowedQueryHoisting = inclusiveRules{ - blacklist{requiredSignedHeaders}, + excludeList{requiredSignedHeaders}, patterns{"X-Amz-"}, } @@ -417,7 +420,7 @@ var SignRequestHandler = request.NamedHandler{ // request handler should only be used with the SDK's built in service client's // API operation requests. // -// This function should not be used on its on its own, but in conjunction with +// This function should not be used on its own, but in conjunction with // an AWS service client's API operation call. To sign a standalone request // not created by a service client's API operation method use the "Sign" or // "Presign" functions of the "Signer" type. @@ -633,21 +636,25 @@ func (ctx *signingCtx) buildCanonicalHeaders(r rule, header http.Header) { ctx.Query.Set("X-Amz-SignedHeaders", ctx.signedHeaders) } - headerValues := make([]string, len(headers)) + headerItems := make([]string, len(headers)) for i, k := range headers { if k == "host" { if ctx.Request.Host != "" { - headerValues[i] = "host:" + ctx.Request.Host + headerItems[i] = "host:" + ctx.Request.Host } else { - headerValues[i] = "host:" + ctx.Request.URL.Host + headerItems[i] = "host:" + ctx.Request.URL.Host } } else { - headerValues[i] = k + ":" + - strings.Join(ctx.SignedHeaderVals[k], ",") + headerValues := make([]string, len(ctx.SignedHeaderVals[k])) + for i, v := range ctx.SignedHeaderVals[k] { + headerValues[i] = strings.TrimSpace(v) + } + headerItems[i] = k + ":" + + strings.Join(headerValues, ",") } } - stripExcessSpaces(headerValues) - ctx.canonicalHeaders = strings.Join(headerValues, "\n") + stripExcessSpaces(headerItems) + ctx.canonicalHeaders = strings.Join(headerItems, "\n") } func (ctx *signingCtx) buildCanonicalString() { @@ -689,9 +696,13 @@ func (ctx *signingCtx) buildBodyDigest() error { if hash == "" { includeSHA256Header := ctx.unsignedPayload || ctx.ServiceName == "s3" || - ctx.ServiceName == "glacier" + ctx.ServiceName == "s3-object-lambda" || + ctx.ServiceName == "glacier" || + ctx.ServiceName == "s3-outposts" - s3Presign := ctx.isPresign && ctx.ServiceName == "s3" + s3Presign := ctx.isPresign && + (ctx.ServiceName == "s3" || + ctx.ServiceName == "s3-object-lambda") if ctx.unsignedPayload || s3Presign { hash = "UNSIGNED-PAYLOAD" diff --git a/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/url.go b/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/url.go index 6192b2455b6..fed561bd597 100644 --- a/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/url.go +++ b/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/url.go @@ -1,3 +1,4 @@ +//go:build go1.8 // +build go1.8 package aws diff --git a/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/url_1_7.go b/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/url_1_7.go index 0210d2720e7..95282db03b8 100644 --- a/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/url_1_7.go +++ b/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/url_1_7.go @@ -1,3 +1,4 @@ +//go:build !go1.8 // +build !go1.8 package aws diff --git a/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/version.go b/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/version.go index c0e056ea83a..28f1c9a02f1 100644 --- a/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/version.go +++ b/ecs-init/vendor/github.com/aws/aws-sdk-go/aws/version.go @@ -5,4 +5,4 @@ package aws const SDKName = "aws-sdk-go" // SDKVersion is the version of this SDK -const SDKVersion = "1.36.0" +const SDKVersion = "1.51.3" diff --git a/ecs-init/vendor/github.com/aws/aws-sdk-go/internal/context/background_go1.5.go b/ecs-init/vendor/github.com/aws/aws-sdk-go/internal/context/background_go1.5.go index 876dcb3fde2..365345353e4 100644 --- a/ecs-init/vendor/github.com/aws/aws-sdk-go/internal/context/background_go1.5.go +++ b/ecs-init/vendor/github.com/aws/aws-sdk-go/internal/context/background_go1.5.go @@ -1,3 +1,4 @@ +//go:build !go1.7 // +build !go1.7 package context diff --git a/ecs-init/vendor/github.com/aws/aws-sdk-go/internal/ini/doc.go b/ecs-init/vendor/github.com/aws/aws-sdk-go/internal/ini/doc.go index 25ce0fe134d..1e55bbd07b9 100644 --- a/ecs-init/vendor/github.com/aws/aws-sdk-go/internal/ini/doc.go +++ b/ecs-init/vendor/github.com/aws/aws-sdk-go/internal/ini/doc.go @@ -13,17 +13,30 @@ // } // // Below is the BNF that describes this parser -// Grammar: -// stmt -> value stmt' -// stmt' -> epsilon | op stmt -// value -> number | string | boolean | quoted_string +// Grammar: +// stmt -> section | stmt' +// stmt' -> epsilon | expr +// expr -> value (stmt)* | equal_expr (stmt)* +// equal_expr -> value ( ':' | '=' ) equal_expr' +// equal_expr' -> number | string | quoted_string +// quoted_string -> " quoted_string' +// quoted_string' -> string quoted_string_end +// quoted_string_end -> " // -// section -> [ section' -// section' -> value section_close -// section_close -> ] +// section -> [ section' +// section' -> section_value section_close +// section_value -> number | string_subset | boolean | quoted_string_subset +// quoted_string_subset -> " quoted_string_subset' +// quoted_string_subset' -> string_subset quoted_string_end +// quoted_string_subset -> " +// section_close -> ] // -// SkipState will skip (NL WS)+ +// value -> number | string_subset | boolean +// string -> ? UTF-8 Code-Points except '\n' (U+000A) and '\r\n' (U+000D U+000A) ? +// string_subset -> ? Code-points excepted by grammar except ':' (U+003A), '=' (U+003D), '[' (U+005B), and ']' (U+005D) ? // -// comment -> # comment' | ; comment' -// comment' -> epsilon | value +// SkipState will skip (NL WS)+ +// +// comment -> # comment' | ; comment' +// comment' -> epsilon | value package ini diff --git a/ecs-init/vendor/github.com/aws/aws-sdk-go/internal/ini/fuzz.go b/ecs-init/vendor/github.com/aws/aws-sdk-go/internal/ini/fuzz.go index 8d462f77e24..6e545b63bc4 100644 --- a/ecs-init/vendor/github.com/aws/aws-sdk-go/internal/ini/fuzz.go +++ b/ecs-init/vendor/github.com/aws/aws-sdk-go/internal/ini/fuzz.go @@ -1,3 +1,4 @@ +//go:build gofuzz // +build gofuzz package ini diff --git a/ecs-init/vendor/github.com/aws/aws-sdk-go/internal/ini/ini_parser.go b/ecs-init/vendor/github.com/aws/aws-sdk-go/internal/ini/ini_parser.go index 55fa73ebcf2..0ba319491c0 100644 --- a/ecs-init/vendor/github.com/aws/aws-sdk-go/internal/ini/ini_parser.go +++ b/ecs-init/vendor/github.com/aws/aws-sdk-go/internal/ini/ini_parser.go @@ -5,9 +5,12 @@ import ( "io" ) +// ParseState represents the current state of the parser. +type ParseState uint + // State enums for the parse table const ( - InvalidState = iota + InvalidState ParseState = iota // stmt -> value stmt' StatementState // stmt' -> MarkComplete | op stmt @@ -36,8 +39,8 @@ const ( ) // parseTable is a state machine to dictate the grammar above. -var parseTable = map[ASTKind]map[TokenType]int{ - ASTKindStart: map[TokenType]int{ +var parseTable = map[ASTKind]map[TokenType]ParseState{ + ASTKindStart: { TokenLit: StatementState, TokenSep: OpenScopeState, TokenWS: SkipTokenState, @@ -45,7 +48,7 @@ var parseTable = map[ASTKind]map[TokenType]int{ TokenComment: CommentState, TokenNone: TerminalState, }, - ASTKindCommentStatement: map[TokenType]int{ + ASTKindCommentStatement: { TokenLit: StatementState, TokenSep: OpenScopeState, TokenWS: SkipTokenState, @@ -53,7 +56,7 @@ var parseTable = map[ASTKind]map[TokenType]int{ TokenComment: CommentState, TokenNone: MarkCompleteState, }, - ASTKindExpr: map[TokenType]int{ + ASTKindExpr: { TokenOp: StatementPrimeState, TokenLit: ValueState, TokenSep: OpenScopeState, @@ -62,13 +65,15 @@ var parseTable = map[ASTKind]map[TokenType]int{ TokenComment: CommentState, TokenNone: MarkCompleteState, }, - ASTKindEqualExpr: map[TokenType]int{ - TokenLit: ValueState, - TokenWS: SkipTokenState, - TokenNL: SkipState, - TokenNone: SkipState, + ASTKindEqualExpr: { + TokenLit: ValueState, + TokenSep: ValueState, + TokenOp: ValueState, + TokenWS: SkipTokenState, + TokenNL: SkipState, + TokenNone: SkipState, }, - ASTKindStatement: map[TokenType]int{ + ASTKindStatement: { TokenLit: SectionState, TokenSep: CloseScopeState, TokenWS: SkipTokenState, @@ -76,9 +81,9 @@ var parseTable = map[ASTKind]map[TokenType]int{ TokenComment: CommentState, TokenNone: MarkCompleteState, }, - ASTKindExprStatement: map[TokenType]int{ + ASTKindExprStatement: { TokenLit: ValueState, - TokenSep: OpenScopeState, + TokenSep: ValueState, TokenOp: ValueState, TokenWS: ValueState, TokenNL: MarkCompleteState, @@ -86,14 +91,14 @@ var parseTable = map[ASTKind]map[TokenType]int{ TokenNone: TerminalState, TokenComma: SkipState, }, - ASTKindSectionStatement: map[TokenType]int{ + ASTKindSectionStatement: { TokenLit: SectionState, TokenOp: SectionState, TokenSep: CloseScopeState, TokenWS: SectionState, TokenNL: SkipTokenState, }, - ASTKindCompletedSectionStatement: map[TokenType]int{ + ASTKindCompletedSectionStatement: { TokenWS: SkipTokenState, TokenNL: SkipTokenState, TokenLit: StatementState, @@ -101,7 +106,7 @@ var parseTable = map[ASTKind]map[TokenType]int{ TokenComment: CommentState, TokenNone: MarkCompleteState, }, - ASTKindSkipStatement: map[TokenType]int{ + ASTKindSkipStatement: { TokenLit: StatementState, TokenSep: OpenScopeState, TokenWS: SkipTokenState, @@ -205,18 +210,6 @@ loop: case ValueState: // ValueState requires the previous state to either be an equal expression // or an expression statement. - // - // This grammar occurs when the RHS is a number, word, or quoted string. - // equal_expr -> lit op equal_expr' - // equal_expr' -> number | string | quoted_string - // quoted_string -> " quoted_string' - // quoted_string' -> string quoted_string_end - // quoted_string_end -> " - // - // otherwise - // expr_stmt -> equal_expr (expr_stmt')* - // expr_stmt' -> ws S | op S | MarkComplete - // S -> equal_expr' expr_stmt' switch k.Kind { case ASTKindEqualExpr: // assigning a value to some key @@ -243,7 +236,7 @@ loop: } children[len(children)-1] = rhs - k.SetChildren(children) + root.SetChildren(children) stack.Push(k) } diff --git a/ecs-init/vendor/github.com/aws/aws-sdk-go/internal/ini/literal_tokens.go b/ecs-init/vendor/github.com/aws/aws-sdk-go/internal/ini/literal_tokens.go index 24df543d38c..b1b686086a9 100644 --- a/ecs-init/vendor/github.com/aws/aws-sdk-go/internal/ini/literal_tokens.go +++ b/ecs-init/vendor/github.com/aws/aws-sdk-go/internal/ini/literal_tokens.go @@ -4,6 +4,7 @@ import ( "fmt" "strconv" "strings" + "unicode" ) var ( @@ -18,7 +19,7 @@ var literalValues = [][]rune{ func isBoolValue(b []rune) bool { for _, lv := range literalValues { - if isLitValue(lv, b) { + if isCaselessLitValue(lv, b) { return true } } @@ -39,6 +40,21 @@ func isLitValue(want, have []rune) bool { return true } +// isCaselessLitValue is a caseless value comparison, assumes want is already lower-cased for efficiency. +func isCaselessLitValue(want, have []rune) bool { + if len(have) < len(want) { + return false + } + + for i := 0; i < len(want); i++ { + if want[i] != unicode.ToLower(have[i]) { + return false + } + } + + return true +} + // isNumberValue will return whether not the leading characters in // a byte slice is a number. A number is delimited by whitespace or // the newline token. @@ -138,11 +154,11 @@ func (v ValueType) String() string { // ValueType enums const ( NoneType = ValueType(iota) - DecimalType - IntegerType + DecimalType // deprecated + IntegerType // deprecated StringType QuotedStringType - BoolType + BoolType // deprecated ) // Value is a union container @@ -150,9 +166,9 @@ type Value struct { Type ValueType raw []rune - integer int64 - decimal float64 - boolean bool + integer int64 // deprecated + decimal float64 // deprecated + boolean bool // deprecated str string } @@ -177,7 +193,7 @@ func newValue(t ValueType, base int, raw []rune) (Value, error) { case QuotedStringType: v.str = string(raw[1 : len(raw)-1]) case BoolType: - v.boolean = runeCompare(v.raw, runesTrue) + v.boolean = isCaselessLitValue(runesTrue, v.raw) } // issue 2253 @@ -237,24 +253,6 @@ func newLitToken(b []rune) (Token, int, error) { } token = newToken(TokenLit, b[:n], QuotedStringType) - } else if isNumberValue(b) { - var base int - base, n, err = getNumericalValue(b) - if err != nil { - return token, 0, err - } - - value := b[:n] - vType := IntegerType - if contains(value, '.') || hasExponent(value) { - vType = DecimalType - } - token = newToken(TokenLit, value, vType) - token.base = base - } else if isBoolValue(b) { - n, err = getBoolValue(b) - - token = newToken(TokenLit, b[:n], BoolType) } else { n, err = getValue(b) token = newToken(TokenLit, b[:n], StringType) @@ -264,18 +262,33 @@ func newLitToken(b []rune) (Token, int, error) { } // IntValue returns an integer value -func (v Value) IntValue() int64 { - return v.integer +func (v Value) IntValue() (int64, bool) { + i, err := strconv.ParseInt(string(v.raw), 0, 64) + if err != nil { + return 0, false + } + return i, true } // FloatValue returns a float value -func (v Value) FloatValue() float64 { - return v.decimal +func (v Value) FloatValue() (float64, bool) { + f, err := strconv.ParseFloat(string(v.raw), 64) + if err != nil { + return 0, false + } + return f, true } // BoolValue returns a bool value -func (v Value) BoolValue() bool { - return v.boolean +func (v Value) BoolValue() (bool, bool) { + // we don't use ParseBool as it recognizes more than what we've + // historically supported + if isCaselessLitValue(runesTrue, v.raw) { + return true, true + } else if isCaselessLitValue(runesFalse, v.raw) { + return false, true + } + return false, false } func isTrimmable(r rune) bool { diff --git a/ecs-init/vendor/github.com/aws/aws-sdk-go/internal/ini/value_util.go b/ecs-init/vendor/github.com/aws/aws-sdk-go/internal/ini/value_util.go index 305999d29be..b5480fdeb35 100644 --- a/ecs-init/vendor/github.com/aws/aws-sdk-go/internal/ini/value_util.go +++ b/ecs-init/vendor/github.com/aws/aws-sdk-go/internal/ini/value_util.go @@ -57,7 +57,7 @@ func getBoolValue(b []rune) (int, error) { continue } - if isLitValue(lv, b) { + if isCaselessLitValue(lv, b) { n = len(lv) } } diff --git a/ecs-init/vendor/github.com/aws/aws-sdk-go/internal/ini/visitor.go b/ecs-init/vendor/github.com/aws/aws-sdk-go/internal/ini/visitor.go index 94841c32443..1d08e138aba 100644 --- a/ecs-init/vendor/github.com/aws/aws-sdk-go/internal/ini/visitor.go +++ b/ecs-init/vendor/github.com/aws/aws-sdk-go/internal/ini/visitor.go @@ -50,7 +50,10 @@ func (v *DefaultVisitor) VisitExpr(expr AST) error { rhs := children[1] - if rhs.Root.Type() != TokenLit { + // The right-hand value side the equality expression is allowed to contain '[', ']', ':', '=' in the values. + // If the token is not either a literal or one of the token types that identifies those four additional + // tokens then error. + if !(rhs.Root.Type() == TokenLit || rhs.Root.Type() == TokenOp || rhs.Root.Type() == TokenSep) { return NewParseError("unexpected token type") } @@ -142,17 +145,17 @@ func (t Section) ValueType(k string) (ValueType, bool) { } // Bool returns a bool value at k -func (t Section) Bool(k string) bool { +func (t Section) Bool(k string) (bool, bool) { return t.values[k].BoolValue() } // Int returns an integer value at k -func (t Section) Int(k string) int64 { +func (t Section) Int(k string) (int64, bool) { return t.values[k].IntValue() } // Float64 returns a float value at k -func (t Section) Float64(k string) float64 { +func (t Section) Float64(k string) (float64, bool) { return t.values[k].FloatValue() } diff --git a/ecs-init/vendor/github.com/aws/aws-sdk-go/internal/s3shared/arn/arn.go b/ecs-init/vendor/github.com/aws/aws-sdk-go/internal/s3shared/arn/arn.go index 7a8e46fbdae..216c4baabfe 100644 --- a/ecs-init/vendor/github.com/aws/aws-sdk-go/internal/s3shared/arn/arn.go +++ b/ecs-init/vendor/github.com/aws/aws-sdk-go/internal/s3shared/arn/arn.go @@ -7,6 +7,21 @@ import ( "github.com/aws/aws-sdk-go/aws/arn" ) +var supportedServiceARN = []string{ + "s3", + "s3-outposts", + "s3-object-lambda", +} + +func isSupportedServiceARN(service string) bool { + for _, name := range supportedServiceARN { + if name == service { + return true + } + } + return false +} + // Resource provides the interfaces abstracting ARNs of specific resource // types. type Resource interface { @@ -29,9 +44,14 @@ func ParseResource(s string, resParser ResourceParser) (resARN Resource, err err return nil, InvalidARNError{ARN: a, Reason: "partition not set"} } - if a.Service != "s3" && a.Service != "s3-outposts" { + if !isSupportedServiceARN(a.Service) { return nil, InvalidARNError{ARN: a, Reason: "service is not supported"} } + + if strings.HasPrefix(a.Region, "fips-") || strings.HasSuffix(a.Region, "-fips") { + return nil, InvalidARNError{ARN: a, Reason: "FIPS region not allowed in ARN"} + } + if len(a.Resource) == 0 { return nil, InvalidARNError{ARN: a, Reason: "resource not set"} } diff --git a/ecs-init/vendor/github.com/aws/aws-sdk-go/internal/s3shared/arn/s3_object_lambda_arn.go b/ecs-init/vendor/github.com/aws/aws-sdk-go/internal/s3shared/arn/s3_object_lambda_arn.go new file mode 100644 index 00000000000..513154cc0e3 --- /dev/null +++ b/ecs-init/vendor/github.com/aws/aws-sdk-go/internal/s3shared/arn/s3_object_lambda_arn.go @@ -0,0 +1,15 @@ +package arn + +// S3ObjectLambdaARN represents an ARN for the s3-object-lambda service +type S3ObjectLambdaARN interface { + Resource + + isS3ObjectLambdasARN() +} + +// S3ObjectLambdaAccessPointARN is an S3ObjectLambdaARN for the Access Point resource type +type S3ObjectLambdaAccessPointARN struct { + AccessPointARN +} + +func (s S3ObjectLambdaAccessPointARN) isS3ObjectLambdasARN() {} diff --git a/ecs-init/vendor/github.com/aws/aws-sdk-go/internal/s3shared/endpoint_errors.go b/ecs-init/vendor/github.com/aws/aws-sdk-go/internal/s3shared/endpoint_errors.go index e756b2f8733..4290ff67601 100644 --- a/ecs-init/vendor/github.com/aws/aws-sdk-go/internal/s3shared/endpoint_errors.go +++ b/ecs-init/vendor/github.com/aws/aws-sdk-go/internal/s3shared/endpoint_errors.go @@ -71,6 +71,8 @@ func NewInvalidARNWithUnsupportedPartitionError(resource arn.Resource, err error } // NewInvalidARNWithFIPSError ARN not supported for FIPS region +// +// Deprecated: FIPS will not appear in the ARN region component. func NewInvalidARNWithFIPSError(resource arn.Resource, err error) InvalidARNError { return InvalidARNError{ message: "resource ARN not supported for FIPS region", @@ -155,6 +157,17 @@ func NewClientConfiguredForFIPSError(resource arn.Resource, clientPartitionID, c } } +// NewFIPSConfigurationError denotes a configuration error when a client or request is configured for FIPS +func NewFIPSConfigurationError(resource arn.Resource, clientPartitionID, clientRegion string, err error) ConfigurationError { + return ConfigurationError{ + message: "use of ARN is not supported when client or request is configured for FIPS", + origErr: err, + resource: resource, + clientPartitionID: clientPartitionID, + clientRegion: clientRegion, + } +} + // NewClientConfiguredForAccelerateError denotes client config error for unsupported S3 accelerate func NewClientConfiguredForAccelerateError(resource arn.Resource, clientPartitionID, clientRegion string, err error) ConfigurationError { return ConfigurationError{ diff --git a/ecs-init/vendor/github.com/aws/aws-sdk-go/internal/s3shared/resource_request.go b/ecs-init/vendor/github.com/aws/aws-sdk-go/internal/s3shared/resource_request.go index 9f70a64ecff..ef43d6c5896 100644 --- a/ecs-init/vendor/github.com/aws/aws-sdk-go/internal/s3shared/resource_request.go +++ b/ecs-init/vendor/github.com/aws/aws-sdk-go/internal/s3shared/resource_request.go @@ -1,8 +1,6 @@ package s3shared import ( - "strings" - "github.com/aws/aws-sdk-go/aws" awsarn "github.com/aws/aws-sdk-go/aws/arn" "github.com/aws/aws-sdk-go/aws/request" @@ -25,16 +23,6 @@ func (r ResourceRequest) AllowCrossRegion() bool { return aws.BoolValue(r.Request.Config.S3UseARNRegion) } -// UseFIPS returns true if request config region is FIPS -func (r ResourceRequest) UseFIPS() bool { - return IsFIPS(aws.StringValue(r.Request.Config.Region)) -} - -// ResourceConfiguredForFIPS returns true if resource ARNs region is FIPS -func (r ResourceRequest) ResourceConfiguredForFIPS() bool { - return IsFIPS(r.ARN().Region) -} - // IsCrossPartition returns true if client is configured for another partition, than // the partition that resource ARN region resolves to. func (r ResourceRequest) IsCrossPartition() bool { @@ -51,11 +39,6 @@ func (r ResourceRequest) HasCustomEndpoint() bool { return len(aws.StringValue(r.Request.Config.Endpoint)) > 0 } -// IsFIPS returns true if region is a fips region -func IsFIPS(clientRegion string) bool { - return strings.HasPrefix(clientRegion, "fips-") || strings.HasSuffix(clientRegion, "-fips") -} - // IsCrossRegion returns true if request signing region is not same as configured region func IsCrossRegion(req *request.Request, otherRegion string) bool { return req.ClientInfo.SigningRegion != otherRegion diff --git a/ecs-init/vendor/github.com/aws/aws-sdk-go/internal/sdkio/io_go1.6.go b/ecs-init/vendor/github.com/aws/aws-sdk-go/internal/sdkio/io_go1.6.go index 5aa9137e0f9..037a998c4c3 100644 --- a/ecs-init/vendor/github.com/aws/aws-sdk-go/internal/sdkio/io_go1.6.go +++ b/ecs-init/vendor/github.com/aws/aws-sdk-go/internal/sdkio/io_go1.6.go @@ -1,3 +1,4 @@ +//go:build !go1.7 // +build !go1.7 package sdkio diff --git a/ecs-init/vendor/github.com/aws/aws-sdk-go/internal/sdkio/io_go1.7.go b/ecs-init/vendor/github.com/aws/aws-sdk-go/internal/sdkio/io_go1.7.go index e5f005613b7..65e7c60c4de 100644 --- a/ecs-init/vendor/github.com/aws/aws-sdk-go/internal/sdkio/io_go1.7.go +++ b/ecs-init/vendor/github.com/aws/aws-sdk-go/internal/sdkio/io_go1.7.go @@ -1,3 +1,4 @@ +//go:build go1.7 // +build go1.7 package sdkio diff --git a/ecs-init/vendor/github.com/aws/aws-sdk-go/internal/sdkmath/floor.go b/ecs-init/vendor/github.com/aws/aws-sdk-go/internal/sdkmath/floor.go index 44898eed0fd..a8452878324 100644 --- a/ecs-init/vendor/github.com/aws/aws-sdk-go/internal/sdkmath/floor.go +++ b/ecs-init/vendor/github.com/aws/aws-sdk-go/internal/sdkmath/floor.go @@ -1,3 +1,4 @@ +//go:build go1.10 // +build go1.10 package sdkmath diff --git a/ecs-init/vendor/github.com/aws/aws-sdk-go/internal/sdkmath/floor_go1.9.go b/ecs-init/vendor/github.com/aws/aws-sdk-go/internal/sdkmath/floor_go1.9.go index 810ec7f08b0..a3ae3e5dba8 100644 --- a/ecs-init/vendor/github.com/aws/aws-sdk-go/internal/sdkmath/floor_go1.9.go +++ b/ecs-init/vendor/github.com/aws/aws-sdk-go/internal/sdkmath/floor_go1.9.go @@ -1,3 +1,4 @@ +//go:build !go1.10 // +build !go1.10 package sdkmath diff --git a/ecs-init/vendor/github.com/aws/aws-sdk-go/internal/sdkrand/read.go b/ecs-init/vendor/github.com/aws/aws-sdk-go/internal/sdkrand/read.go index f4651da2da5..4bae66ceed5 100644 --- a/ecs-init/vendor/github.com/aws/aws-sdk-go/internal/sdkrand/read.go +++ b/ecs-init/vendor/github.com/aws/aws-sdk-go/internal/sdkrand/read.go @@ -1,3 +1,4 @@ +//go:build go1.6 // +build go1.6 package sdkrand diff --git a/ecs-init/vendor/github.com/aws/aws-sdk-go/internal/sdkrand/read_1_5.go b/ecs-init/vendor/github.com/aws/aws-sdk-go/internal/sdkrand/read_1_5.go index b1d93a33d48..3a6ab882516 100644 --- a/ecs-init/vendor/github.com/aws/aws-sdk-go/internal/sdkrand/read_1_5.go +++ b/ecs-init/vendor/github.com/aws/aws-sdk-go/internal/sdkrand/read_1_5.go @@ -1,3 +1,4 @@ +//go:build !go1.6 // +build !go1.6 package sdkrand diff --git a/ecs-init/vendor/github.com/aws/aws-sdk-go/internal/shareddefaults/shared_config.go b/ecs-init/vendor/github.com/aws/aws-sdk-go/internal/shareddefaults/shared_config.go index ebcbc2b40a3..34fea49ca81 100644 --- a/ecs-init/vendor/github.com/aws/aws-sdk-go/internal/shareddefaults/shared_config.go +++ b/ecs-init/vendor/github.com/aws/aws-sdk-go/internal/shareddefaults/shared_config.go @@ -1,9 +1,8 @@ package shareddefaults import ( - "os" + "os/user" "path/filepath" - "runtime" ) // SharedCredentialsFilename returns the SDK's default file path @@ -31,10 +30,17 @@ func SharedConfigFilename() string { // UserHomeDir returns the home directory for the user the process is // running under. func UserHomeDir() string { - if runtime.GOOS == "windows" { // Windows - return os.Getenv("USERPROFILE") + var home string + + home = userHomeDir() + if len(home) > 0 { + return home + } + + currUser, _ := user.Current() + if currUser != nil { + home = currUser.HomeDir } - // *nix - return os.Getenv("HOME") + return home } diff --git a/ecs-init/vendor/github.com/aws/aws-sdk-go/internal/shareddefaults/shared_config_resolve_home.go b/ecs-init/vendor/github.com/aws/aws-sdk-go/internal/shareddefaults/shared_config_resolve_home.go new file mode 100644 index 00000000000..eb298ae0fc1 --- /dev/null +++ b/ecs-init/vendor/github.com/aws/aws-sdk-go/internal/shareddefaults/shared_config_resolve_home.go @@ -0,0 +1,18 @@ +//go:build !go1.12 +// +build !go1.12 + +package shareddefaults + +import ( + "os" + "runtime" +) + +func userHomeDir() string { + if runtime.GOOS == "windows" { // Windows + return os.Getenv("USERPROFILE") + } + + // *nix + return os.Getenv("HOME") +} diff --git a/ecs-init/vendor/github.com/aws/aws-sdk-go/internal/shareddefaults/shared_config_resolve_home_go1.12.go b/ecs-init/vendor/github.com/aws/aws-sdk-go/internal/shareddefaults/shared_config_resolve_home_go1.12.go new file mode 100644 index 00000000000..51541b50876 --- /dev/null +++ b/ecs-init/vendor/github.com/aws/aws-sdk-go/internal/shareddefaults/shared_config_resolve_home_go1.12.go @@ -0,0 +1,13 @@ +//go:build go1.12 +// +build go1.12 + +package shareddefaults + +import ( + "os" +) + +func userHomeDir() string { + home, _ := os.UserHomeDir() + return home +} diff --git a/ecs-init/vendor/github.com/aws/aws-sdk-go/private/protocol/eventstream/eventstreamapi/error.go b/ecs-init/vendor/github.com/aws/aws-sdk-go/private/protocol/eventstream/eventstreamapi/error.go index 34c2e89d539..0a63340e41d 100644 --- a/ecs-init/vendor/github.com/aws/aws-sdk-go/private/protocol/eventstream/eventstreamapi/error.go +++ b/ecs-init/vendor/github.com/aws/aws-sdk-go/private/protocol/eventstream/eventstreamapi/error.go @@ -5,6 +5,10 @@ import ( "sync" ) +// InputWriterCloseErrorCode is used to denote an error occurred +// while closing the event stream input writer. +const InputWriterCloseErrorCode = "EventStreamInputWriterCloseError" + type messageError struct { code string msg string diff --git a/ecs-init/vendor/github.com/aws/aws-sdk-go/private/protocol/eventstream/eventstreamapi/transport.go b/ecs-init/vendor/github.com/aws/aws-sdk-go/private/protocol/eventstream/eventstreamapi/transport.go new file mode 100644 index 00000000000..4bf2b27b2b2 --- /dev/null +++ b/ecs-init/vendor/github.com/aws/aws-sdk-go/private/protocol/eventstream/eventstreamapi/transport.go @@ -0,0 +1,10 @@ +//go:build go1.18 +// +build go1.18 + +package eventstreamapi + +import "github.com/aws/aws-sdk-go/aws/request" + +// ApplyHTTPTransportFixes is a no-op for Go 1.18 and above. +func ApplyHTTPTransportFixes(r *request.Request) { +} diff --git a/ecs-init/vendor/github.com/aws/aws-sdk-go/private/protocol/eventstream/eventstreamapi/transport_go1.17.go b/ecs-init/vendor/github.com/aws/aws-sdk-go/private/protocol/eventstream/eventstreamapi/transport_go1.17.go new file mode 100644 index 00000000000..2ee2c36fd37 --- /dev/null +++ b/ecs-init/vendor/github.com/aws/aws-sdk-go/private/protocol/eventstream/eventstreamapi/transport_go1.17.go @@ -0,0 +1,19 @@ +//go:build !go1.18 +// +build !go1.18 + +package eventstreamapi + +import "github.com/aws/aws-sdk-go/aws/request" + +// ApplyHTTPTransportFixes applies fixes to the HTTP request for proper event +// stream functionality. Go 1.15 through 1.17 HTTP client could hang forever +// when an HTTP/2 connection failed with an non-200 status code and err. Using +// Expect 100-Continue, allows the HTTP client to gracefully handle the non-200 +// status code, and close the connection. +// +// This is a no-op for Go 1.18 and above. +func ApplyHTTPTransportFixes(r *request.Request) { + r.Handlers.Sign.PushBack(func(r *request.Request) { + r.HTTPRequest.Header.Set("Expect", "100-Continue") + }) +} diff --git a/ecs-init/vendor/github.com/aws/aws-sdk-go/private/protocol/eventstream/eventstreamapi/writer.go b/ecs-init/vendor/github.com/aws/aws-sdk-go/private/protocol/eventstream/eventstreamapi/writer.go index 10a3823dfa6..7d7a7935283 100644 --- a/ecs-init/vendor/github.com/aws/aws-sdk-go/private/protocol/eventstream/eventstreamapi/writer.go +++ b/ecs-init/vendor/github.com/aws/aws-sdk-go/private/protocol/eventstream/eventstreamapi/writer.go @@ -61,49 +61,3 @@ func (w *EventWriter) marshal(event Marshaler) (eventstream.Message, error) { msg.Headers.Set(EventTypeHeader, eventstream.StringValue(eventType)) return msg, nil } - -//type EventEncoder struct { -// encoder Encoder -// ppayloadMarshaler protocol.PayloadMarshaler -// eventTypeFor func(Marshaler) (string, error) -//} -// -//func (e EventEncoder) Encode(event Marshaler) error { -// msg, err := e.marshal(event) -// if err != nil { -// return err -// } -// -// return w.encoder.Encode(msg) -//} -// -//func (e EventEncoder) marshal(event Marshaler) (eventstream.Message, error) { -// eventType, err := w.eventTypeFor(event) -// if err != nil { -// return eventstream.Message{}, err -// } -// -// msg, err := event.MarshalEvent(w.payloadMarshaler) -// if err != nil { -// return eventstream.Message{}, err -// } -// -// msg.Headers.Set(EventTypeHeader, eventstream.StringValue(eventType)) -// return msg, nil -//} -// -//func (w *EventWriter) marshal(event Marshaler) (eventstream.Message, error) { -// eventType, err := w.eventTypeFor(event) -// if err != nil { -// return eventstream.Message{}, err -// } -// -// msg, err := event.MarshalEvent(w.payloadMarshaler) -// if err != nil { -// return eventstream.Message{}, err -// } -// -// msg.Headers.Set(EventTypeHeader, eventstream.StringValue(eventType)) -// return msg, nil -//} -// diff --git a/ecs-init/vendor/github.com/aws/aws-sdk-go/private/protocol/host.go b/ecs-init/vendor/github.com/aws/aws-sdk-go/private/protocol/host.go index d7d42db0a6a..1f1d27aea49 100644 --- a/ecs-init/vendor/github.com/aws/aws-sdk-go/private/protocol/host.go +++ b/ecs-init/vendor/github.com/aws/aws-sdk-go/private/protocol/host.go @@ -1,9 +1,10 @@ package protocol import ( - "strings" - "github.com/aws/aws-sdk-go/aws/request" + "net" + "strconv" + "strings" ) // ValidateEndpointHostHandler is a request handler that will validate the @@ -22,8 +23,26 @@ var ValidateEndpointHostHandler = request.NamedHandler{ // 3986 host. Returns error if the host is not valid. func ValidateEndpointHost(opName, host string) error { paramErrs := request.ErrInvalidParams{Context: opName} - labels := strings.Split(host, ".") + var hostname string + var port string + var err error + + if strings.Contains(host, ":") { + hostname, port, err = net.SplitHostPort(host) + + if err != nil { + paramErrs.Add(request.NewErrParamFormat("endpoint", err.Error(), host)) + } + + if !ValidPortNumber(port) { + paramErrs.Add(request.NewErrParamFormat("endpoint port number", "[0-65535]", port)) + } + } else { + hostname = host + } + + labels := strings.Split(hostname, ".") for i, label := range labels { if i == len(labels)-1 && len(label) == 0 { // Allow trailing dot for FQDN hosts. @@ -36,7 +55,11 @@ func ValidateEndpointHost(opName, host string) error { } } - if len(host) > 255 { + if len(hostname) == 0 { + paramErrs.Add(request.NewErrParamMinLen("endpoint host", 1)) + } + + if len(hostname) > 255 { paramErrs.Add(request.NewErrParamMaxLen( "endpoint host", 255, host, )) @@ -66,3 +89,16 @@ func ValidHostLabel(label string) bool { return true } + +// ValidPortNumber return if the port is valid RFC 3986 port +func ValidPortNumber(port string) bool { + i, err := strconv.Atoi(port) + if err != nil { + return false + } + + if i < 0 || i > 65535 { + return false + } + return true +} diff --git a/ecs-init/vendor/github.com/aws/aws-sdk-go/private/protocol/json/jsonutil/build.go b/ecs-init/vendor/github.com/aws/aws-sdk-go/private/protocol/json/jsonutil/build.go index 864fb6704b4..12e814ddf25 100644 --- a/ecs-init/vendor/github.com/aws/aws-sdk-go/private/protocol/json/jsonutil/build.go +++ b/ecs-init/vendor/github.com/aws/aws-sdk-go/private/protocol/json/jsonutil/build.go @@ -4,7 +4,6 @@ package jsonutil import ( "bytes" "encoding/base64" - "encoding/json" "fmt" "math" "reflect" @@ -16,6 +15,12 @@ import ( "github.com/aws/aws-sdk-go/private/protocol" ) +const ( + floatNaN = "NaN" + floatInf = "Infinity" + floatNegInf = "-Infinity" +) + var timeType = reflect.ValueOf(time.Time{}).Type() var byteSliceType = reflect.ValueOf([]byte{}).Type() @@ -82,13 +87,17 @@ func buildStruct(value reflect.Value, buf *bytes.Buffer, tag reflect.StructTag) field, _ := value.Type().FieldByName(payload) tag = field.Tag value = elemOf(value.FieldByName(payload)) - - if !value.IsValid() { + if !value.IsValid() && tag.Get("type") != "structure" { return nil } } buf.WriteByte('{') + defer buf.WriteString("}") + + if !value.IsValid() { + return nil + } t := value.Type() first := true @@ -144,8 +153,6 @@ func buildStruct(value reflect.Value, buf *bytes.Buffer, tag reflect.StructTag) } - buf.WriteString("}") - return nil } @@ -209,10 +216,16 @@ func buildScalar(v reflect.Value, buf *bytes.Buffer, tag reflect.StructTag) erro buf.Write(strconv.AppendInt(scratch[:0], value.Int(), 10)) case reflect.Float64: f := value.Float() - if math.IsInf(f, 0) || math.IsNaN(f) { - return &json.UnsupportedValueError{Value: v, Str: strconv.FormatFloat(f, 'f', -1, 64)} + switch { + case math.IsNaN(f): + writeString(floatNaN, buf) + case math.IsInf(f, 1): + writeString(floatInf, buf) + case math.IsInf(f, -1): + writeString(floatNegInf, buf) + default: + buf.Write(strconv.AppendFloat(scratch[:0], f, 'f', -1, 64)) } - buf.Write(strconv.AppendFloat(scratch[:0], f, 'f', -1, 64)) default: switch converted := value.Interface().(type) { case time.Time: diff --git a/ecs-init/vendor/github.com/aws/aws-sdk-go/private/protocol/json/jsonutil/unmarshal.go b/ecs-init/vendor/github.com/aws/aws-sdk-go/private/protocol/json/jsonutil/unmarshal.go index 8b2c9bbeba0..f9334879b80 100644 --- a/ecs-init/vendor/github.com/aws/aws-sdk-go/private/protocol/json/jsonutil/unmarshal.go +++ b/ecs-init/vendor/github.com/aws/aws-sdk-go/private/protocol/json/jsonutil/unmarshal.go @@ -6,6 +6,7 @@ import ( "encoding/json" "fmt" "io" + "math" "math/big" "reflect" "strings" @@ -258,6 +259,18 @@ func (u unmarshaler) unmarshalScalar(value reflect.Value, data interface{}, tag return err } value.Set(reflect.ValueOf(v)) + case *float64: + // These are regular strings when parsed by encoding/json's unmarshaler. + switch { + case strings.EqualFold(d, floatNaN): + value.Set(reflect.ValueOf(aws.Float64(math.NaN()))) + case strings.EqualFold(d, floatInf): + value.Set(reflect.ValueOf(aws.Float64(math.Inf(1)))) + case strings.EqualFold(d, floatNegInf): + value.Set(reflect.ValueOf(aws.Float64(math.Inf(-1)))) + default: + return fmt.Errorf("unknown JSON number value: %s", d) + } default: return fmt.Errorf("unsupported value: %v (%s)", value.Interface(), value.Type()) } diff --git a/ecs-init/vendor/github.com/aws/aws-sdk-go/private/protocol/jsonrpc/jsonrpc.go b/ecs-init/vendor/github.com/aws/aws-sdk-go/private/protocol/jsonrpc/jsonrpc.go new file mode 100644 index 00000000000..d9aa271148d --- /dev/null +++ b/ecs-init/vendor/github.com/aws/aws-sdk-go/private/protocol/jsonrpc/jsonrpc.go @@ -0,0 +1,87 @@ +// Package jsonrpc provides JSON RPC utilities for serialization of AWS +// requests and responses. +package jsonrpc + +//go:generate go run -tags codegen ../../../private/model/cli/gen-protocol-tests ../../../models/protocol_tests/input/json.json build_test.go +//go:generate go run -tags codegen ../../../private/model/cli/gen-protocol-tests ../../../models/protocol_tests/output/json.json unmarshal_test.go + +import ( + "github.com/aws/aws-sdk-go/aws/awserr" + "github.com/aws/aws-sdk-go/aws/request" + "github.com/aws/aws-sdk-go/private/protocol/json/jsonutil" + "github.com/aws/aws-sdk-go/private/protocol/rest" +) + +var emptyJSON = []byte("{}") + +// BuildHandler is a named request handler for building jsonrpc protocol +// requests +var BuildHandler = request.NamedHandler{ + Name: "awssdk.jsonrpc.Build", + Fn: Build, +} + +// UnmarshalHandler is a named request handler for unmarshaling jsonrpc +// protocol requests +var UnmarshalHandler = request.NamedHandler{ + Name: "awssdk.jsonrpc.Unmarshal", + Fn: Unmarshal, +} + +// UnmarshalMetaHandler is a named request handler for unmarshaling jsonrpc +// protocol request metadata +var UnmarshalMetaHandler = request.NamedHandler{ + Name: "awssdk.jsonrpc.UnmarshalMeta", + Fn: UnmarshalMeta, +} + +// Build builds a JSON payload for a JSON RPC request. +func Build(req *request.Request) { + var buf []byte + var err error + if req.ParamsFilled() { + buf, err = jsonutil.BuildJSON(req.Params) + if err != nil { + req.Error = awserr.New(request.ErrCodeSerialization, "failed encoding JSON RPC request", err) + return + } + } else { + buf = emptyJSON + } + + // Always serialize the body, don't suppress it. + req.SetBufferBody(buf) + + if req.ClientInfo.TargetPrefix != "" { + target := req.ClientInfo.TargetPrefix + "." + req.Operation.Name + req.HTTPRequest.Header.Add("X-Amz-Target", target) + } + + // Only set the content type if one is not already specified and an + // JSONVersion is specified. + if ct, v := req.HTTPRequest.Header.Get("Content-Type"), req.ClientInfo.JSONVersion; len(ct) == 0 && len(v) != 0 { + jsonVersion := req.ClientInfo.JSONVersion + req.HTTPRequest.Header.Set("Content-Type", "application/x-amz-json-"+jsonVersion) + } +} + +// Unmarshal unmarshals a response for a JSON RPC service. +func Unmarshal(req *request.Request) { + defer req.HTTPResponse.Body.Close() + if req.DataFilled() { + err := jsonutil.UnmarshalJSON(req.Data, req.HTTPResponse.Body) + if err != nil { + req.Error = awserr.NewRequestFailure( + awserr.New(request.ErrCodeSerialization, "failed decoding JSON RPC response", err), + req.HTTPResponse.StatusCode, + req.RequestID, + ) + } + } + return +} + +// UnmarshalMeta unmarshals headers from a response for a JSON RPC service. +func UnmarshalMeta(req *request.Request) { + rest.UnmarshalMeta(req) +} diff --git a/ecs-init/vendor/github.com/aws/aws-sdk-go/private/protocol/jsonrpc/unmarshal_error.go b/ecs-init/vendor/github.com/aws/aws-sdk-go/private/protocol/jsonrpc/unmarshal_error.go new file mode 100644 index 00000000000..9c1ccde54ae --- /dev/null +++ b/ecs-init/vendor/github.com/aws/aws-sdk-go/private/protocol/jsonrpc/unmarshal_error.go @@ -0,0 +1,160 @@ +package jsonrpc + +import ( + "bytes" + "io" + "io/ioutil" + "net/http" + "strings" + + "github.com/aws/aws-sdk-go/aws/awserr" + "github.com/aws/aws-sdk-go/aws/request" + "github.com/aws/aws-sdk-go/private/protocol" + "github.com/aws/aws-sdk-go/private/protocol/json/jsonutil" +) + +const ( + awsQueryError = "x-amzn-query-error" + // A valid header example - "x-amzn-query-error": ";" + awsQueryErrorPartsCount = 2 +) + +// UnmarshalTypedError provides unmarshaling errors API response errors +// for both typed and untyped errors. +type UnmarshalTypedError struct { + exceptions map[string]func(protocol.ResponseMetadata) error + queryExceptions map[string]func(protocol.ResponseMetadata, string) error +} + +// NewUnmarshalTypedError returns an UnmarshalTypedError initialized for the +// set of exception names to the error unmarshalers +func NewUnmarshalTypedError(exceptions map[string]func(protocol.ResponseMetadata) error) *UnmarshalTypedError { + return &UnmarshalTypedError{ + exceptions: exceptions, + queryExceptions: map[string]func(protocol.ResponseMetadata, string) error{}, + } +} + +// NewUnmarshalTypedErrorWithOptions works similar to NewUnmarshalTypedError applying options to the UnmarshalTypedError +// before returning it +func NewUnmarshalTypedErrorWithOptions(exceptions map[string]func(protocol.ResponseMetadata) error, optFns ...func(*UnmarshalTypedError)) *UnmarshalTypedError { + unmarshaledError := NewUnmarshalTypedError(exceptions) + for _, fn := range optFns { + fn(unmarshaledError) + } + return unmarshaledError +} + +// WithQueryCompatibility is a helper function to construct a functional option for use with NewUnmarshalTypedErrorWithOptions. +// The queryExceptions given act as an override for unmarshalling errors when query compatible error codes are found. +// See also [awsQueryCompatible trait] +// +// [awsQueryCompatible trait]: https://smithy.io/2.0/aws/protocols/aws-query-protocol.html#aws-protocols-awsquerycompatible-trait +func WithQueryCompatibility(queryExceptions map[string]func(protocol.ResponseMetadata, string) error) func(*UnmarshalTypedError) { + return func(typedError *UnmarshalTypedError) { + typedError.queryExceptions = queryExceptions + } +} + +// UnmarshalError attempts to unmarshal the HTTP response error as a known +// error type. If unable to unmarshal the error type, the generic SDK error +// type will be used. +func (u *UnmarshalTypedError) UnmarshalError( + resp *http.Response, + respMeta protocol.ResponseMetadata, +) (error, error) { + + var buf bytes.Buffer + var jsonErr jsonErrorResponse + teeReader := io.TeeReader(resp.Body, &buf) + err := jsonutil.UnmarshalJSONError(&jsonErr, teeReader) + if err != nil { + return nil, err + } + body := ioutil.NopCloser(&buf) + + // Code may be separated by hash(#), with the last element being the code + // used by the SDK. + codeParts := strings.SplitN(jsonErr.Code, "#", 2) + code := codeParts[len(codeParts)-1] + msg := jsonErr.Message + + queryCodeParts := queryCodeParts(resp, u) + + if fn, ok := u.exceptions[code]; ok { + // If query-compatible exceptions are found and query-error-header is found, + // then use associated constructor to get exception with query error code. + // + // If exception code is known, use associated constructor to get a value + // for the exception that the JSON body can be unmarshaled into. + var v error + queryErrFn, queryExceptionsFound := u.queryExceptions[code] + if len(queryCodeParts) == awsQueryErrorPartsCount && queryExceptionsFound { + v = queryErrFn(respMeta, queryCodeParts[0]) + } else { + v = fn(respMeta) + } + err := jsonutil.UnmarshalJSONCaseInsensitive(v, body) + if err != nil { + return nil, err + } + return v, nil + } + + if len(queryCodeParts) == awsQueryErrorPartsCount && len(u.queryExceptions) > 0 { + code = queryCodeParts[0] + } + + // fallback to unmodeled generic exceptions + return awserr.NewRequestFailure( + awserr.New(code, msg, nil), + respMeta.StatusCode, + respMeta.RequestID, + ), nil +} + +// A valid header example - "x-amzn-query-error": ";" +func queryCodeParts(resp *http.Response, u *UnmarshalTypedError) []string { + queryCodeHeader := resp.Header.Get(awsQueryError) + var queryCodeParts []string + if queryCodeHeader != "" && len(u.queryExceptions) > 0 { + queryCodeParts = strings.Split(queryCodeHeader, ";") + } + return queryCodeParts +} + +// UnmarshalErrorHandler is a named request handler for unmarshaling jsonrpc +// protocol request errors +var UnmarshalErrorHandler = request.NamedHandler{ + Name: "awssdk.jsonrpc.UnmarshalError", + Fn: UnmarshalError, +} + +// UnmarshalError unmarshals an error response for a JSON RPC service. +func UnmarshalError(req *request.Request) { + defer req.HTTPResponse.Body.Close() + + var jsonErr jsonErrorResponse + err := jsonutil.UnmarshalJSONError(&jsonErr, req.HTTPResponse.Body) + if err != nil { + req.Error = awserr.NewRequestFailure( + awserr.New(request.ErrCodeSerialization, + "failed to unmarshal error message", err), + req.HTTPResponse.StatusCode, + req.RequestID, + ) + return + } + + codes := strings.SplitN(jsonErr.Code, "#", 2) + req.Error = awserr.NewRequestFailure( + awserr.New(codes[len(codes)-1], jsonErr.Message, nil), + req.HTTPResponse.StatusCode, + req.RequestID, + ) +} + +type jsonErrorResponse struct { + Code string `json:"__type"` + Message string `json:"message"` +} diff --git a/ecs-init/vendor/github.com/aws/aws-sdk-go/private/protocol/query/queryutil/queryutil.go b/ecs-init/vendor/github.com/aws/aws-sdk-go/private/protocol/query/queryutil/queryutil.go index 75866d01218..058334053c2 100644 --- a/ecs-init/vendor/github.com/aws/aws-sdk-go/private/protocol/query/queryutil/queryutil.go +++ b/ecs-init/vendor/github.com/aws/aws-sdk-go/private/protocol/query/queryutil/queryutil.go @@ -3,6 +3,7 @@ package queryutil import ( "encoding/base64" "fmt" + "math" "net/url" "reflect" "sort" @@ -13,6 +14,12 @@ import ( "github.com/aws/aws-sdk-go/private/protocol" ) +const ( + floatNaN = "NaN" + floatInf = "Infinity" + floatNegInf = "-Infinity" +) + // Parse parses an object i and fills a url.Values object. The isEC2 flag // indicates if this is the EC2 Query sub-protocol. func Parse(body url.Values, i interface{}, isEC2 bool) error { @@ -228,9 +235,32 @@ func (q *queryParser) parseScalar(v url.Values, r reflect.Value, name string, ta case int: v.Set(name, strconv.Itoa(value)) case float64: - v.Set(name, strconv.FormatFloat(value, 'f', -1, 64)) + var str string + switch { + case math.IsNaN(value): + str = floatNaN + case math.IsInf(value, 1): + str = floatInf + case math.IsInf(value, -1): + str = floatNegInf + default: + str = strconv.FormatFloat(value, 'f', -1, 64) + } + v.Set(name, str) case float32: - v.Set(name, strconv.FormatFloat(float64(value), 'f', -1, 32)) + asFloat64 := float64(value) + var str string + switch { + case math.IsNaN(asFloat64): + str = floatNaN + case math.IsInf(asFloat64, 1): + str = floatInf + case math.IsInf(asFloat64, -1): + str = floatNegInf + default: + str = strconv.FormatFloat(asFloat64, 'f', -1, 32) + } + v.Set(name, str) case time.Time: const ISO8601UTC = "2006-01-02T15:04:05Z" format := tag.Get("timestampFormat") diff --git a/ecs-init/vendor/github.com/aws/aws-sdk-go/private/protocol/query/unmarshal_error.go b/ecs-init/vendor/github.com/aws/aws-sdk-go/private/protocol/query/unmarshal_error.go index 831b0110c54..2c0cbba909b 100644 --- a/ecs-init/vendor/github.com/aws/aws-sdk-go/private/protocol/query/unmarshal_error.go +++ b/ecs-init/vendor/github.com/aws/aws-sdk-go/private/protocol/query/unmarshal_error.go @@ -3,6 +3,7 @@ package query import ( "encoding/xml" "fmt" + "strings" "github.com/aws/aws-sdk-go/aws/awserr" "github.com/aws/aws-sdk-go/aws/request" @@ -62,7 +63,7 @@ func UnmarshalError(r *request.Request) { } r.Error = awserr.NewRequestFailure( - awserr.New(respErr.Code, respErr.Message, nil), + awserr.New(strings.TrimSpace(respErr.Code), strings.TrimSpace(respErr.Message), nil), r.HTTPResponse.StatusCode, reqID, ) diff --git a/ecs-init/vendor/github.com/aws/aws-sdk-go/private/protocol/rest/build.go b/ecs-init/vendor/github.com/aws/aws-sdk-go/private/protocol/rest/build.go index 1301b149d35..ecc521f88f1 100644 --- a/ecs-init/vendor/github.com/aws/aws-sdk-go/private/protocol/rest/build.go +++ b/ecs-init/vendor/github.com/aws/aws-sdk-go/private/protocol/rest/build.go @@ -6,6 +6,7 @@ import ( "encoding/base64" "fmt" "io" + "math" "net/http" "net/url" "path" @@ -20,6 +21,12 @@ import ( "github.com/aws/aws-sdk-go/private/protocol" ) +const ( + floatNaN = "NaN" + floatInf = "Infinity" + floatNegInf = "-Infinity" +) + // Whether the byte value can be sent without escaping in AWS URLs var noEscape [256]bool @@ -98,7 +105,7 @@ func buildLocationElements(r *request.Request, v reflect.Value, buildGETQuery bo // Support the ability to customize values to be marshaled as a // blob even though they were modeled as a string. Required for S3 - // API operations like SSECustomerKey is modeled as stirng but + // API operations like SSECustomerKey is modeled as string but // required to be base64 encoded in request. if field.Tag.Get("marshal-as") == "blob" { m = m.Convert(byteSliceType) @@ -272,7 +279,33 @@ func convertType(v reflect.Value, tag reflect.StructTag) (str string, err error) switch value := v.Interface().(type) { case string: + if tag.Get("suppressedJSONValue") == "true" && tag.Get("location") == "header" { + value = base64.StdEncoding.EncodeToString([]byte(value)) + } str = value + case []*string: + if tag.Get("location") != "header" || tag.Get("enum") == "" { + return "", fmt.Errorf("%T is only supported with location header and enum shapes", value) + } + if len(value) == 0 { + return "", errValueNotSet + } + + buff := &bytes.Buffer{} + for i, sv := range value { + if sv == nil || len(*sv) == 0 { + continue + } + if i != 0 { + buff.WriteRune(',') + } + item := *sv + if strings.Index(item, `,`) != -1 || strings.Index(item, `"`) != -1 { + item = strconv.Quote(item) + } + buff.WriteString(item) + } + str = string(buff.Bytes()) case []byte: str = base64.StdEncoding.EncodeToString(value) case bool: @@ -280,7 +313,16 @@ func convertType(v reflect.Value, tag reflect.StructTag) (str string, err error) case int64: str = strconv.FormatInt(value, 10) case float64: - str = strconv.FormatFloat(value, 'f', -1, 64) + switch { + case math.IsNaN(value): + str = floatNaN + case math.IsInf(value, 1): + str = floatInf + case math.IsInf(value, -1): + str = floatNegInf + default: + str = strconv.FormatFloat(value, 'f', -1, 64) + } case time.Time: format := tag.Get("timestampFormat") if len(format) == 0 { @@ -306,5 +348,6 @@ func convertType(v reflect.Value, tag reflect.StructTag) (str string, err error) err := fmt.Errorf("unsupported value for param %v (%s)", v.Interface(), v.Type()) return "", err } + return str, nil } diff --git a/ecs-init/vendor/github.com/aws/aws-sdk-go/private/protocol/rest/payload.go b/ecs-init/vendor/github.com/aws/aws-sdk-go/private/protocol/rest/payload.go index 4366de2e1e8..b54c99edae4 100644 --- a/ecs-init/vendor/github.com/aws/aws-sdk-go/private/protocol/rest/payload.go +++ b/ecs-init/vendor/github.com/aws/aws-sdk-go/private/protocol/rest/payload.go @@ -28,18 +28,27 @@ func PayloadMember(i interface{}) interface{} { return nil } -// PayloadType returns the type of a payload field member of i if there is one, or "". +const nopayloadPayloadType = "nopayload" + +// PayloadType returns the type of a payload field member of i if there is one, +// or "". func PayloadType(i interface{}) string { v := reflect.Indirect(reflect.ValueOf(i)) if !v.IsValid() { return "" } + if field, ok := v.Type().FieldByName("_"); ok { + if noPayload := field.Tag.Get(nopayloadPayloadType); noPayload != "" { + return nopayloadPayloadType + } + if payloadName := field.Tag.Get("payload"); payloadName != "" { if member, ok := v.Type().FieldByName(payloadName); ok { return member.Tag.Get("type") } } } + return "" } diff --git a/ecs-init/vendor/github.com/aws/aws-sdk-go/private/protocol/rest/unmarshal.go b/ecs-init/vendor/github.com/aws/aws-sdk-go/private/protocol/rest/unmarshal.go index 92f8b4d9a48..79fcf1699b7 100644 --- a/ecs-init/vendor/github.com/aws/aws-sdk-go/private/protocol/rest/unmarshal.go +++ b/ecs-init/vendor/github.com/aws/aws-sdk-go/private/protocol/rest/unmarshal.go @@ -6,6 +6,7 @@ import ( "fmt" "io" "io/ioutil" + "math" "net/http" "reflect" "strconv" @@ -140,7 +141,7 @@ func unmarshalLocationElements(resp *http.Response, v reflect.Value, lowerCaseHe prefix := field.Tag.Get("locationName") err := unmarshalHeaderMap(m, resp.Header, prefix, lowerCaseHeaderMaps) if err != nil { - awserr.New(request.ErrCodeSerialization, "failed to decode REST response", err) + return awserr.New(request.ErrCodeSerialization, "failed to decode REST response", err) } } } @@ -204,6 +205,13 @@ func unmarshalHeader(v reflect.Value, header string, tag reflect.StructTag) erro switch v.Interface().(type) { case *string: + if tag.Get("suppressedJSONValue") == "true" && tag.Get("location") == "header" { + b, err := base64.StdEncoding.DecodeString(header) + if err != nil { + return fmt.Errorf("failed to decode JSONValue, %v", err) + } + header = string(b) + } v.Set(reflect.ValueOf(&header)) case []byte: b, err := base64.StdEncoding.DecodeString(header) @@ -224,9 +232,20 @@ func unmarshalHeader(v reflect.Value, header string, tag reflect.StructTag) erro } v.Set(reflect.ValueOf(&i)) case *float64: - f, err := strconv.ParseFloat(header, 64) - if err != nil { - return err + var f float64 + switch { + case strings.EqualFold(header, floatNaN): + f = math.NaN() + case strings.EqualFold(header, floatInf): + f = math.Inf(1) + case strings.EqualFold(header, floatNegInf): + f = math.Inf(-1) + default: + var err error + f, err = strconv.ParseFloat(header, 64) + if err != nil { + return err + } } v.Set(reflect.ValueOf(&f)) case *time.Time: diff --git a/ecs-init/vendor/github.com/aws/aws-sdk-go/private/protocol/restjson/restjson.go b/ecs-init/vendor/github.com/aws/aws-sdk-go/private/protocol/restjson/restjson.go new file mode 100644 index 00000000000..2e0e205af37 --- /dev/null +++ b/ecs-init/vendor/github.com/aws/aws-sdk-go/private/protocol/restjson/restjson.go @@ -0,0 +1,59 @@ +// Package restjson provides RESTful JSON serialization of AWS +// requests and responses. +package restjson + +//go:generate go run -tags codegen ../../../private/model/cli/gen-protocol-tests ../../../models/protocol_tests/input/rest-json.json build_test.go +//go:generate go run -tags codegen ../../../private/model/cli/gen-protocol-tests ../../../models/protocol_tests/output/rest-json.json unmarshal_test.go + +import ( + "github.com/aws/aws-sdk-go/aws/request" + "github.com/aws/aws-sdk-go/private/protocol/jsonrpc" + "github.com/aws/aws-sdk-go/private/protocol/rest" +) + +// BuildHandler is a named request handler for building restjson protocol +// requests +var BuildHandler = request.NamedHandler{ + Name: "awssdk.restjson.Build", + Fn: Build, +} + +// UnmarshalHandler is a named request handler for unmarshaling restjson +// protocol requests +var UnmarshalHandler = request.NamedHandler{ + Name: "awssdk.restjson.Unmarshal", + Fn: Unmarshal, +} + +// UnmarshalMetaHandler is a named request handler for unmarshaling restjson +// protocol request metadata +var UnmarshalMetaHandler = request.NamedHandler{ + Name: "awssdk.restjson.UnmarshalMeta", + Fn: UnmarshalMeta, +} + +// Build builds a request for the REST JSON protocol. +func Build(r *request.Request) { + rest.Build(r) + + if t := rest.PayloadType(r.Params); t == "structure" || t == "" { + if v := r.HTTPRequest.Header.Get("Content-Type"); len(v) == 0 { + r.HTTPRequest.Header.Set("Content-Type", "application/json") + } + jsonrpc.Build(r) + } +} + +// Unmarshal unmarshals a response body for the REST JSON protocol. +func Unmarshal(r *request.Request) { + if t := rest.PayloadType(r.Data); t == "structure" || t == "" { + jsonrpc.Unmarshal(r) + } else { + rest.Unmarshal(r) + } +} + +// UnmarshalMeta unmarshals response headers for the REST JSON protocol. +func UnmarshalMeta(r *request.Request) { + rest.UnmarshalMeta(r) +} diff --git a/ecs-init/vendor/github.com/aws/aws-sdk-go/private/protocol/restjson/unmarshal_error.go b/ecs-init/vendor/github.com/aws/aws-sdk-go/private/protocol/restjson/unmarshal_error.go new file mode 100644 index 00000000000..5366a646d9c --- /dev/null +++ b/ecs-init/vendor/github.com/aws/aws-sdk-go/private/protocol/restjson/unmarshal_error.go @@ -0,0 +1,157 @@ +package restjson + +import ( + "bytes" + "encoding/json" + "io" + "io/ioutil" + "net/http" + "strings" + + "github.com/aws/aws-sdk-go/aws/awserr" + "github.com/aws/aws-sdk-go/aws/request" + "github.com/aws/aws-sdk-go/private/protocol" + "github.com/aws/aws-sdk-go/private/protocol/json/jsonutil" + "github.com/aws/aws-sdk-go/private/protocol/rest" +) + +const ( + errorTypeHeader = "X-Amzn-Errortype" + errorMessageHeader = "X-Amzn-Errormessage" +) + +// UnmarshalTypedError provides unmarshaling errors API response errors +// for both typed and untyped errors. +type UnmarshalTypedError struct { + exceptions map[string]func(protocol.ResponseMetadata) error +} + +// NewUnmarshalTypedError returns an UnmarshalTypedError initialized for the +// set of exception names to the error unmarshalers +func NewUnmarshalTypedError(exceptions map[string]func(protocol.ResponseMetadata) error) *UnmarshalTypedError { + return &UnmarshalTypedError{ + exceptions: exceptions, + } +} + +// UnmarshalError attempts to unmarshal the HTTP response error as a known +// error type. If unable to unmarshal the error type, the generic SDK error +// type will be used. +func (u *UnmarshalTypedError) UnmarshalError( + resp *http.Response, + respMeta protocol.ResponseMetadata, +) (error, error) { + code, msg, err := unmarshalErrorInfo(resp) + if err != nil { + return nil, err + } + + fn, ok := u.exceptions[code] + if !ok { + return awserr.NewRequestFailure( + awserr.New(code, msg, nil), + respMeta.StatusCode, + respMeta.RequestID, + ), nil + } + + v := fn(respMeta) + if err := jsonutil.UnmarshalJSONCaseInsensitive(v, resp.Body); err != nil { + return nil, err + } + + if err := rest.UnmarshalResponse(resp, v, true); err != nil { + return nil, err + } + + return v, nil +} + +// UnmarshalErrorHandler is a named request handler for unmarshaling restjson +// protocol request errors +var UnmarshalErrorHandler = request.NamedHandler{ + Name: "awssdk.restjson.UnmarshalError", + Fn: UnmarshalError, +} + +// UnmarshalError unmarshals a response error for the REST JSON protocol. +func UnmarshalError(r *request.Request) { + defer r.HTTPResponse.Body.Close() + + code, msg, err := unmarshalErrorInfo(r.HTTPResponse) + if err != nil { + r.Error = awserr.NewRequestFailure( + awserr.New(request.ErrCodeSerialization, "failed to unmarshal response error", err), + r.HTTPResponse.StatusCode, + r.RequestID, + ) + return + } + + r.Error = awserr.NewRequestFailure( + awserr.New(code, msg, nil), + r.HTTPResponse.StatusCode, + r.RequestID, + ) +} + +type jsonErrorResponse struct { + Type string `json:"__type"` + Code string `json:"code"` + Message string `json:"message"` +} + +func (j *jsonErrorResponse) SanitizedCode() string { + code := j.Code + if len(j.Type) > 0 { + code = j.Type + } + return sanitizeCode(code) +} + +// Remove superfluous components from a restJson error code. +// - If a : character is present, then take only the contents before the +// first : character in the value. +// - If a # character is present, then take only the contents after the first +// # character in the value. +// +// All of the following error values resolve to FooError: +// - FooError +// - FooError:http://internal.amazon.com/coral/com.amazon.coral.validate/ +// - aws.protocoltests.restjson#FooError +// - aws.protocoltests.restjson#FooError:http://internal.amazon.com/coral/com.amazon.coral.validate/ +func sanitizeCode(code string) string { + noColon := strings.SplitN(code, ":", 2)[0] + hashSplit := strings.SplitN(noColon, "#", 2) + return hashSplit[len(hashSplit)-1] +} + +// attempt to garner error details from the response, preferring header values +// when present +func unmarshalErrorInfo(resp *http.Response) (code string, msg string, err error) { + code = sanitizeCode(resp.Header.Get(errorTypeHeader)) + msg = resp.Header.Get(errorMessageHeader) + if len(code) > 0 && len(msg) > 0 { + return + } + + // a modeled error will have to be re-deserialized later, so the body must + // be preserved + var buf bytes.Buffer + tee := io.TeeReader(resp.Body, &buf) + defer func() { resp.Body = ioutil.NopCloser(&buf) }() + + var jsonErr jsonErrorResponse + if decodeErr := json.NewDecoder(tee).Decode(&jsonErr); decodeErr != nil && decodeErr != io.EOF { + err = awserr.NewUnmarshalError(decodeErr, "failed to decode response body", buf.Bytes()) + return + } + + if len(code) == 0 { + code = jsonErr.SanitizedCode() + } + if len(msg) == 0 { + msg = jsonErr.Message + } + return +} diff --git a/ecs-init/vendor/github.com/aws/aws-sdk-go/private/protocol/timestamp.go b/ecs-init/vendor/github.com/aws/aws-sdk-go/private/protocol/timestamp.go index 98f4caed91c..d9a4e764932 100644 --- a/ecs-init/vendor/github.com/aws/aws-sdk-go/private/protocol/timestamp.go +++ b/ecs-init/vendor/github.com/aws/aws-sdk-go/private/protocol/timestamp.go @@ -1,6 +1,8 @@ package protocol import ( + "bytes" + "fmt" "math" "strconv" "time" @@ -19,13 +21,16 @@ const ( // Output time is intended to not contain decimals const ( // RFC 7231#section-7.1.1.1 timetamp format. e.g Tue, 29 Apr 2014 18:30:38 GMT - RFC822TimeFormat = "Mon, 2 Jan 2006 15:04:05 GMT" + RFC822TimeFormat = "Mon, 2 Jan 2006 15:04:05 GMT" + rfc822TimeFormatSingleDigitDay = "Mon, _2 Jan 2006 15:04:05 GMT" + rfc822TimeFormatSingleDigitDayTwoDigitYear = "Mon, _2 Jan 06 15:04:05 GMT" // This format is used for output time without seconds precision RFC822OutputTimeFormat = "Mon, 02 Jan 2006 15:04:05 GMT" // RFC3339 a subset of the ISO8601 timestamp format. e.g 2014-04-29T18:30:38Z - ISO8601TimeFormat = "2006-01-02T15:04:05.999999999Z" + ISO8601TimeFormat = "2006-01-02T15:04:05.999999999Z" + iso8601TimeFormatNoZ = "2006-01-02T15:04:05.999999999" // This format is used for output time with fractional second precision up to milliseconds ISO8601OutputTimeFormat = "2006-01-02T15:04:05.999999999Z" @@ -67,10 +72,21 @@ func FormatTime(name string, t time.Time) string { // the time if it was able to be parsed, and fails otherwise. func ParseTime(formatName, value string) (time.Time, error) { switch formatName { - case RFC822TimeFormatName: - return time.Parse(RFC822TimeFormat, value) - case ISO8601TimeFormatName: - return time.Parse(ISO8601TimeFormat, value) + case RFC822TimeFormatName: // Smithy HTTPDate format + return tryParse(value, + RFC822TimeFormat, + rfc822TimeFormatSingleDigitDay, + rfc822TimeFormatSingleDigitDayTwoDigitYear, + time.RFC850, + time.ANSIC, + ) + case ISO8601TimeFormatName: // Smithy DateTime format + return tryParse(value, + ISO8601TimeFormat, + iso8601TimeFormatNoZ, + time.RFC3339Nano, + time.RFC3339, + ) case UnixTimeFormatName: v, err := strconv.ParseFloat(value, 64) _, dec := math.Modf(v) @@ -83,3 +99,36 @@ func ParseTime(formatName, value string) (time.Time, error) { panic("unknown timestamp format name, " + formatName) } } + +func tryParse(v string, formats ...string) (time.Time, error) { + var errs parseErrors + for _, f := range formats { + t, err := time.Parse(f, v) + if err != nil { + errs = append(errs, parseError{ + Format: f, + Err: err, + }) + continue + } + return t, nil + } + + return time.Time{}, fmt.Errorf("unable to parse time string, %v", errs) +} + +type parseErrors []parseError + +func (es parseErrors) Error() string { + var s bytes.Buffer + for _, e := range es { + fmt.Fprintf(&s, "\n * %q: %v", e.Format, e.Err) + } + + return "parse errors:" + s.String() +} + +type parseError struct { + Format string + Err error +} diff --git a/ecs-init/vendor/github.com/aws/aws-sdk-go/private/protocol/xml/xmlutil/build.go b/ecs-init/vendor/github.com/aws/aws-sdk-go/private/protocol/xml/xmlutil/build.go index 09ad951595e..58c12bd8ccb 100644 --- a/ecs-init/vendor/github.com/aws/aws-sdk-go/private/protocol/xml/xmlutil/build.go +++ b/ecs-init/vendor/github.com/aws/aws-sdk-go/private/protocol/xml/xmlutil/build.go @@ -5,6 +5,7 @@ import ( "encoding/base64" "encoding/xml" "fmt" + "math" "reflect" "sort" "strconv" @@ -14,6 +15,12 @@ import ( "github.com/aws/aws-sdk-go/private/protocol" ) +const ( + floatNaN = "NaN" + floatInf = "Infinity" + floatNegInf = "-Infinity" +) + // BuildXML will serialize params into an xml.Encoder. Error will be returned // if the serialization of any of the params or nested values fails. func BuildXML(params interface{}, e *xml.Encoder) error { @@ -275,6 +282,7 @@ func (b *xmlBuilder) buildMap(value reflect.Value, current *XMLNode, tag reflect // Error will be returned if the value type is unsupported. func (b *xmlBuilder) buildScalar(value reflect.Value, current *XMLNode, tag reflect.StructTag) error { var str string + switch converted := value.Interface().(type) { case string: str = converted @@ -289,9 +297,29 @@ func (b *xmlBuilder) buildScalar(value reflect.Value, current *XMLNode, tag refl case int: str = strconv.Itoa(converted) case float64: - str = strconv.FormatFloat(converted, 'f', -1, 64) + switch { + case math.IsNaN(converted): + str = floatNaN + case math.IsInf(converted, 1): + str = floatInf + case math.IsInf(converted, -1): + str = floatNegInf + default: + str = strconv.FormatFloat(converted, 'f', -1, 64) + } case float32: - str = strconv.FormatFloat(float64(converted), 'f', -1, 32) + // The SDK doesn't render float32 values in types, only float64. This case would never be hit currently. + asFloat64 := float64(converted) + switch { + case math.IsNaN(asFloat64): + str = floatNaN + case math.IsInf(asFloat64, 1): + str = floatInf + case math.IsInf(asFloat64, -1): + str = floatNegInf + default: + str = strconv.FormatFloat(asFloat64, 'f', -1, 32) + } case time.Time: format := tag.Get("timestampFormat") if len(format) == 0 { @@ -308,6 +336,8 @@ func (b *xmlBuilder) buildScalar(value reflect.Value, current *XMLNode, tag refl if tag.Get("xmlAttribute") != "" { // put into current node's attribute list attr := xml.Attr{Name: xname, Value: str} current.Attr = append(current.Attr, attr) + } else if len(xname.Local) == 0 { + current.Text = str } else { // regular text node current.AddChild(&XMLNode{Name: xname, Text: str}) } diff --git a/ecs-init/vendor/github.com/aws/aws-sdk-go/private/protocol/xml/xmlutil/unmarshal.go b/ecs-init/vendor/github.com/aws/aws-sdk-go/private/protocol/xml/xmlutil/unmarshal.go index 107c053f8ac..44a580a940b 100644 --- a/ecs-init/vendor/github.com/aws/aws-sdk-go/private/protocol/xml/xmlutil/unmarshal.go +++ b/ecs-init/vendor/github.com/aws/aws-sdk-go/private/protocol/xml/xmlutil/unmarshal.go @@ -6,6 +6,7 @@ import ( "encoding/xml" "fmt" "io" + "math" "reflect" "strconv" "strings" @@ -276,9 +277,20 @@ func parseScalar(r reflect.Value, node *XMLNode, tag reflect.StructTag) error { } r.Set(reflect.ValueOf(&v)) case *float64: - v, err := strconv.ParseFloat(node.Text, 64) - if err != nil { - return err + var v float64 + switch { + case strings.EqualFold(node.Text, floatNaN): + v = math.NaN() + case strings.EqualFold(node.Text, floatInf): + v = math.Inf(1) + case strings.EqualFold(node.Text, floatNegInf): + v = math.Inf(-1) + default: + var err error + v, err = strconv.ParseFloat(node.Text, 64) + if err != nil { + return err + } } r.Set(reflect.ValueOf(&v)) case *time.Time: diff --git a/ecs-init/vendor/github.com/aws/aws-sdk-go/private/protocol/xml/xmlutil/xml_to_struct.go b/ecs-init/vendor/github.com/aws/aws-sdk-go/private/protocol/xml/xmlutil/xml_to_struct.go index 42f71648eee..c85b79fddd2 100644 --- a/ecs-init/vendor/github.com/aws/aws-sdk-go/private/protocol/xml/xmlutil/xml_to_struct.go +++ b/ecs-init/vendor/github.com/aws/aws-sdk-go/private/protocol/xml/xmlutil/xml_to_struct.go @@ -18,6 +18,14 @@ type XMLNode struct { parent *XMLNode } +// textEncoder is a string type alias that implemnts the TextMarshaler interface. +// This alias type is used to ensure that the line feed (\n) (U+000A) is escaped. +type textEncoder string + +func (t textEncoder) MarshalText() ([]byte, error) { + return []byte(t), nil +} + // NewXMLElement returns a pointer to a new XMLNode initialized to default values. func NewXMLElement(name xml.Name) *XMLNode { return &XMLNode{ @@ -130,11 +138,16 @@ func StructToXML(e *xml.Encoder, node *XMLNode, sorted bool) error { attrs = sortedAttrs } - e.EncodeToken(xml.StartElement{Name: node.Name, Attr: attrs}) + startElement := xml.StartElement{Name: node.Name, Attr: attrs} if node.Text != "" { - e.EncodeToken(xml.CharData([]byte(node.Text))) - } else if sorted { + e.EncodeElement(textEncoder(node.Text), startElement) + return e.Flush() + } + + e.EncodeToken(startElement) + + if sorted { sortedNames := []string{} for k := range node.Children { sortedNames = append(sortedNames, k) @@ -154,6 +167,7 @@ func StructToXML(e *xml.Encoder, node *XMLNode, sorted bool) error { } } - e.EncodeToken(xml.EndElement{Name: node.Name}) + e.EncodeToken(startElement.End()) + return e.Flush() } diff --git a/ecs-init/vendor/github.com/aws/aws-sdk-go/service/s3/api.go b/ecs-init/vendor/github.com/aws/aws-sdk-go/service/s3/api.go index 66700cce13d..f472cdc8d2b 100644 --- a/ecs-init/vendor/github.com/aws/aws-sdk-go/service/s3/api.go +++ b/ecs-init/vendor/github.com/aws/aws-sdk-go/service/s3/api.go @@ -14,6 +14,7 @@ import ( "github.com/aws/aws-sdk-go/aws/awsutil" "github.com/aws/aws-sdk-go/aws/client" "github.com/aws/aws-sdk-go/aws/request" + "github.com/aws/aws-sdk-go/aws/signer/v4" "github.com/aws/aws-sdk-go/internal/s3shared/arn" "github.com/aws/aws-sdk-go/private/checksum" "github.com/aws/aws-sdk-go/private/protocol" @@ -39,14 +40,13 @@ const opAbortMultipartUpload = "AbortMultipartUpload" // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // +// // Example sending a request using the AbortMultipartUploadRequest method. +// req, resp := client.AbortMultipartUploadRequest(params) // -// // Example sending a request using the AbortMultipartUploadRequest method. -// req, resp := client.AbortMultipartUploadRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } // // See also, https://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/AbortMultipartUpload func (c *S3) AbortMultipartUploadRequest(input *AbortMultipartUploadInput) (req *request.Request, output *AbortMultipartUploadOutput) { @@ -74,24 +74,52 @@ func (c *S3) AbortMultipartUploadRequest(input *AbortMultipartUploadInput) (req // As a result, it might be necessary to abort a given multipart upload multiple // times in order to completely free all storage consumed by all parts. // -// To verify that all parts have been removed, so you don't get charged for +// To verify that all parts have been removed and prevent getting charged for // the part storage, you should call the ListParts (https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListParts.html) -// operation and ensure that the parts list is empty. +// API operation and ensure that the parts list is empty. +// +// Directory buckets - For directory buckets, you must make requests for this +// API operation to the Zonal endpoint. These endpoints support virtual-hosted-style +// requests in the format https://bucket_name.s3express-az_id.region.amazonaws.com/key-name +// . Path-style requests are not supported. For more information, see Regional +// and Zonal endpoints (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-Regions-and-Zones.html) +// in the Amazon S3 User Guide. +// +// Permissions +// +// - General purpose bucket permissions - For information about permissions +// required to use the multipart upload, see Multipart Upload and Permissions +// (https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuAndPermissions.html) +// in the Amazon S3 User Guide. // -// For information about permissions required to use the multipart upload API, -// see Multipart Upload API and Permissions (https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuAndPermissions.html). +// - Directory bucket permissions - To grant access to this API operation +// on a directory bucket, we recommend that you use the CreateSession (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html) +// API operation for session-based authorization. Specifically, you grant +// the s3express:CreateSession permission to the directory bucket in a bucket +// policy or an IAM identity-based policy. Then, you make the CreateSession +// API call on the bucket to obtain a session token. With the session token +// in your request header, you can make API requests to this operation. After +// the session token expires, you make another CreateSession API call to +// generate a new session token for use. Amazon Web Services CLI or SDKs +// create session and refresh the session token automatically to avoid service +// interruptions when a session expires. For more information about authorization, +// see CreateSession (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html). +// +// # HTTP Host header syntax +// +// Directory buckets - The HTTP Host header syntax is Bucket_name.s3express-az_id.region.amazonaws.com. // // The following operations are related to AbortMultipartUpload: // -// * CreateMultipartUpload (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateMultipartUpload.html) +// - CreateMultipartUpload (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateMultipartUpload.html) // -// * UploadPart (https://docs.aws.amazon.com/AmazonS3/latest/API/API_UploadPart.html) +// - UploadPart (https://docs.aws.amazon.com/AmazonS3/latest/API/API_UploadPart.html) // -// * CompleteMultipartUpload (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CompleteMultipartUpload.html) +// - CompleteMultipartUpload (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CompleteMultipartUpload.html) // -// * ListParts (https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListParts.html) +// - ListParts (https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListParts.html) // -// * ListMultipartUploads (https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListMultipartUploads.html) +// - ListMultipartUploads (https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListMultipartUploads.html) // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -101,8 +129,8 @@ func (c *S3) AbortMultipartUploadRequest(input *AbortMultipartUploadInput) (req // API operation AbortMultipartUpload for usage and error information. // // Returned Error Codes: -// * ErrCodeNoSuchUpload "NoSuchUpload" -// The specified multipart upload does not exist. +// - ErrCodeNoSuchUpload "NoSuchUpload" +// The specified multipart upload does not exist. // // See also, https://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/AbortMultipartUpload func (c *S3) AbortMultipartUpload(input *AbortMultipartUploadInput) (*AbortMultipartUploadOutput, error) { @@ -142,14 +170,13 @@ const opCompleteMultipartUpload = "CompleteMultipartUpload" // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // +// // Example sending a request using the CompleteMultipartUploadRequest method. +// req, resp := client.CompleteMultipartUploadRequest(params) // -// // Example sending a request using the CompleteMultipartUploadRequest method. -// req, resp := client.CompleteMultipartUploadRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } // // See also, https://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/CompleteMultipartUpload func (c *S3) CompleteMultipartUploadRequest(input *CompleteMultipartUploadInput) (req *request.Request, output *CompleteMultipartUploadOutput) { @@ -174,62 +201,105 @@ func (c *S3) CompleteMultipartUploadRequest(input *CompleteMultipartUploadInput) // // You first initiate the multipart upload and then upload all parts using the // UploadPart (https://docs.aws.amazon.com/AmazonS3/latest/API/API_UploadPart.html) +// operation or the UploadPartCopy (https://docs.aws.amazon.com/AmazonS3/latest/API/API_UploadPartCopy.html) // operation. After successfully uploading all relevant parts of an upload, -// you call this operation to complete the upload. Upon receiving this request, -// Amazon S3 concatenates all the parts in ascending order by part number to -// create a new object. In the Complete Multipart Upload request, you must provide -// the parts list. You must ensure that the parts list is complete. This operation -// concatenates the parts that you provide in the list. For each part in the -// list, you must provide the part number and the ETag value, returned after -// that part was uploaded. -// -// Processing of a Complete Multipart Upload request could take several minutes -// to complete. After Amazon S3 begins processing the request, it sends an HTTP +// you call this CompleteMultipartUpload operation to complete the upload. Upon +// receiving this request, Amazon S3 concatenates all the parts in ascending +// order by part number to create a new object. In the CompleteMultipartUpload +// request, you must provide the parts list and ensure that the parts list is +// complete. The CompleteMultipartUpload API operation concatenates the parts +// that you provide in the list. For each part in the list, you must provide +// the PartNumber value and the ETag value that are returned after that part +// was uploaded. +// +// The processing of a CompleteMultipartUpload request could take several minutes +// to finalize. After Amazon S3 begins processing the request, it sends an HTTP // response header that specifies a 200 OK response. While processing is in // progress, Amazon S3 periodically sends white space characters to keep the -// connection from timing out. Because a request could fail after the initial -// 200 OK response has been sent, it is important that you check the response -// body to determine whether the request succeeded. +// connection from timing out. A request could fail after the initial 200 OK +// response has been sent. This means that a 200 OK response can contain either +// a success or an error. The error response might be embedded in the 200 OK +// response. If you call this API operation directly, make sure to design your +// application to parse the contents of the response and handle it appropriately. +// If you use Amazon Web Services SDKs, SDKs handle this condition. The SDKs +// detect the embedded error and apply error handling per your configuration +// settings (including automatically retrying the request as appropriate). If +// the condition persists, the SDKs throw an exception (or, for the SDKs that +// don't use exceptions, they return an error). // // Note that if CompleteMultipartUpload fails, applications should be prepared -// to retry the failed requests. For more information, see Amazon S3 Error Best -// Practices (https://docs.aws.amazon.com/AmazonS3/latest/dev/ErrorBestPractices.html). +// to retry any failed requests (including 500 error responses). For more information, +// see Amazon S3 Error Best Practices (https://docs.aws.amazon.com/AmazonS3/latest/dev/ErrorBestPractices.html). +// +// You can't use Content-Type: application/x-www-form-urlencoded for the CompleteMultipartUpload +// requests. Also, if you don't provide a Content-Type header, CompleteMultipartUpload +// can still return a 200 OK response. // // For more information about multipart uploads, see Uploading Objects Using -// Multipart Upload (https://docs.aws.amazon.com/AmazonS3/latest/dev/uploadobjusingmpu.html). +// Multipart Upload (https://docs.aws.amazon.com/AmazonS3/latest/dev/uploadobjusingmpu.html) +// in the Amazon S3 User Guide. +// +// Directory buckets - For directory buckets, you must make requests for this +// API operation to the Zonal endpoint. These endpoints support virtual-hosted-style +// requests in the format https://bucket_name.s3express-az_id.region.amazonaws.com/key-name +// . Path-style requests are not supported. For more information, see Regional +// and Zonal endpoints (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-Regions-and-Zones.html) +// in the Amazon S3 User Guide. +// +// Permissions // -// For information about permissions required to use the multipart upload API, -// see Multipart Upload API and Permissions (https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuAndPermissions.html). +// - General purpose bucket permissions - For information about permissions +// required to use the multipart upload API, see Multipart Upload and Permissions +// (https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuAndPermissions.html) +// in the Amazon S3 User Guide. // -// CompleteMultipartUpload has the following special errors: +// - Directory bucket permissions - To grant access to this API operation +// on a directory bucket, we recommend that you use the CreateSession (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html) +// API operation for session-based authorization. Specifically, you grant +// the s3express:CreateSession permission to the directory bucket in a bucket +// policy or an IAM identity-based policy. Then, you make the CreateSession +// API call on the bucket to obtain a session token. With the session token +// in your request header, you can make API requests to this operation. After +// the session token expires, you make another CreateSession API call to +// generate a new session token for use. Amazon Web Services CLI or SDKs +// create session and refresh the session token automatically to avoid service +// interruptions when a session expires. For more information about authorization, +// see CreateSession (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html). // -// * Error code: EntityTooSmall Description: Your proposed upload is smaller -// than the minimum allowed object size. Each part must be at least 5 MB -// in size, except the last part. 400 Bad Request +// Special errors // -// * Error code: InvalidPart Description: One or more of the specified parts -// could not be found. The part might not have been uploaded, or the specified -// entity tag might not have matched the part's entity tag. 400 Bad Request +// - Error Code: EntityTooSmall Description: Your proposed upload is smaller +// than the minimum allowed object size. Each part must be at least 5 MB +// in size, except the last part. HTTP Status Code: 400 Bad Request // -// * Error code: InvalidPartOrder Description: The list of parts was not -// in ascending order. The parts list must be specified in order by part -// number. 400 Bad Request +// - Error Code: InvalidPart Description: One or more of the specified parts +// could not be found. The part might not have been uploaded, or the specified +// ETag might not have matched the uploaded part's ETag. HTTP Status Code: +// 400 Bad Request // -// * Error code: NoSuchUpload Description: The specified multipart upload -// does not exist. The upload ID might be invalid, or the multipart upload -// might have been aborted or completed. 404 Not Found +// - Error Code: InvalidPartOrder Description: The list of parts was not +// in ascending order. The parts list must be specified in order by part +// number. HTTP Status Code: 400 Bad Request +// +// - Error Code: NoSuchUpload Description: The specified multipart upload +// does not exist. The upload ID might be invalid, or the multipart upload +// might have been aborted or completed. HTTP Status Code: 404 Not Found +// +// # HTTP Host header syntax +// +// Directory buckets - The HTTP Host header syntax is Bucket_name.s3express-az_id.region.amazonaws.com. // // The following operations are related to CompleteMultipartUpload: // -// * CreateMultipartUpload (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateMultipartUpload.html) +// - CreateMultipartUpload (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateMultipartUpload.html) // -// * UploadPart (https://docs.aws.amazon.com/AmazonS3/latest/API/API_UploadPart.html) +// - UploadPart (https://docs.aws.amazon.com/AmazonS3/latest/API/API_UploadPart.html) // -// * AbortMultipartUpload (https://docs.aws.amazon.com/AmazonS3/latest/API/API_AbortMultipartUpload.html) +// - AbortMultipartUpload (https://docs.aws.amazon.com/AmazonS3/latest/API/API_AbortMultipartUpload.html) // -// * ListParts (https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListParts.html) +// - ListParts (https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListParts.html) // -// * ListMultipartUploads (https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListMultipartUploads.html) +// - ListMultipartUploads (https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListMultipartUploads.html) // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -275,14 +345,13 @@ const opCopyObject = "CopyObject" // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // +// // Example sending a request using the CopyObjectRequest method. +// req, resp := client.CopyObjectRequest(params) // -// // Example sending a request using the CopyObjectRequest method. -// req, resp := client.CopyObjectRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } // // See also, https://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/CopyObject func (c *S3) CopyObjectRequest(input *CopyObjectInput) (req *request.Request, output *CopyObjectOutput) { @@ -306,149 +375,124 @@ func (c *S3) CopyObjectRequest(input *CopyObjectInput) (req *request.Request, ou // Creates a copy of an object that is already stored in Amazon S3. // // You can store individual objects of up to 5 TB in Amazon S3. You create a -// copy of your object up to 5 GB in size in a single atomic operation using -// this API. However, to copy an object greater than 5 GB, you must use the -// multipart upload Upload Part - Copy API. For more information, see Copy Object -// Using the REST Multipart Upload API (https://docs.aws.amazon.com/AmazonS3/latest/dev/CopyingObjctsUsingRESTMPUapi.html). +// copy of your object up to 5 GB in size in a single atomic action using this +// API. However, to copy an object greater than 5 GB, you must use the multipart +// upload Upload Part - Copy (UploadPartCopy) API. For more information, see +// Copy Object Using the REST Multipart Upload API (https://docs.aws.amazon.com/AmazonS3/latest/dev/CopyingObjctsUsingRESTMPUapi.html). // -// All copy requests must be authenticated. Additionally, you must have read -// access to the source object and write access to the destination bucket. For -// more information, see REST Authentication (https://docs.aws.amazon.com/AmazonS3/latest/dev/RESTAuthentication.html). -// Both the Region that you want to copy the object from and the Region that -// you want to copy the object to must be enabled for your account. -// -// A copy request might return an error when Amazon S3 receives the copy request -// or while Amazon S3 is copying the files. If the error occurs before the copy -// operation starts, you receive a standard Amazon S3 error. If the error occurs -// during the copy operation, the error response is embedded in the 200 OK response. -// This means that a 200 OK response can contain either a success or an error. -// Design your application to parse the contents of the response and handle -// it appropriately. -// -// If the copy is successful, you receive a response with information about -// the copied object. +// You can copy individual objects between general purpose buckets, between +// directory buckets, and between general purpose buckets and directory buckets. // -// If the request is an HTTP 1.1 request, the response is chunk encoded. If -// it were not, it would not contain the content-length, and you would need -// to read the entire body. +// Directory buckets - For directory buckets, you must make requests for this +// API operation to the Zonal endpoint. These endpoints support virtual-hosted-style +// requests in the format https://bucket_name.s3express-az_id.region.amazonaws.com/key-name +// . Path-style requests are not supported. For more information, see Regional +// and Zonal endpoints (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-Regions-and-Zones.html) +// in the Amazon S3 User Guide. // -// The copy request charge is based on the storage class and Region that you -// specify for the destination object. For pricing information, see Amazon S3 -// pricing (https://aws.amazon.com/s3/pricing/). +// Both the Region that you want to copy the object from and the Region that +// you want to copy the object to must be enabled for your account. For more +// information about how to enable a Region for your account, see Enable or +// disable a Region for standalone accounts (https://docs.aws.amazon.com/accounts/latest/reference/manage-acct-regions.html#manage-acct-regions-enable-standalone) +// in the Amazon Web Services Account Management Guide. // // Amazon S3 transfer acceleration does not support cross-Region copies. If // you request a cross-Region copy using a transfer acceleration endpoint, you // get a 400 Bad Request error. For more information, see Transfer Acceleration // (https://docs.aws.amazon.com/AmazonS3/latest/dev/transfer-acceleration.html). // -// Metadata -// -// When copying an object, you can preserve all metadata (default) or specify -// new metadata. However, the ACL is not preserved and is set to private for -// the user making the request. To override the default ACL setting, specify -// a new ACL when generating a copy request. For more information, see Using -// ACLs (https://docs.aws.amazon.com/AmazonS3/latest/dev/S3_ACLs_UsingACLs.html). -// -// To specify whether you want the object metadata copied from the source object -// or replaced with metadata provided in the request, you can optionally add -// the x-amz-metadata-directive header. When you grant permissions, you can -// use the s3:x-amz-metadata-directive condition key to enforce certain metadata -// behavior when objects are uploaded. For more information, see Specifying -// Conditions in a Policy (https://docs.aws.amazon.com/AmazonS3/latest/dev/amazon-s3-policy-keys.html) -// in the Amazon S3 Developer Guide. For a complete list of Amazon S3-specific -// condition keys, see Actions, Resources, and Condition Keys for Amazon S3 -// (https://docs.aws.amazon.com/AmazonS3/latest/dev/list_amazons3.html). -// -// x-amz-copy-source-if Headers -// -// To only copy an object under certain conditions, such as whether the Etag -// matches or whether the object was modified before or after a specified date, -// use the following request parameters: -// -// * x-amz-copy-source-if-match -// -// * x-amz-copy-source-if-none-match -// -// * x-amz-copy-source-if-unmodified-since -// -// * x-amz-copy-source-if-modified-since -// -// If both the x-amz-copy-source-if-match and x-amz-copy-source-if-unmodified-since -// headers are present in the request and evaluate as follows, Amazon S3 returns -// 200 OK and copies the data: -// -// * x-amz-copy-source-if-match condition evaluates to true +// # Authentication and authorization // -// * x-amz-copy-source-if-unmodified-since condition evaluates to false -// -// If both the x-amz-copy-source-if-none-match and x-amz-copy-source-if-modified-since -// headers are present in the request and evaluate as follows, Amazon S3 returns -// the 412 Precondition Failed response code: -// -// * x-amz-copy-source-if-none-match condition evaluates to false -// -// * x-amz-copy-source-if-modified-since condition evaluates to true -// -// All headers with the x-amz- prefix, including x-amz-copy-source, must be -// signed. -// -// Server-side encryption -// -// When you perform a CopyObject operation, you can optionally use the appropriate -// encryption-related headers to encrypt the object using server-side encryption -// with AWS managed encryption keys (SSE-S3 or SSE-KMS) or a customer-provided -// encryption key. With server-side encryption, Amazon S3 encrypts your data -// as it writes it to disks in its data centers and decrypts the data when you -// access it. For more information about server-side encryption, see Using Server-Side -// Encryption (https://docs.aws.amazon.com/AmazonS3/latest/dev/serv-side-encryption.html). -// -// If a target object uses SSE-KMS, you can enable an S3 Bucket Key for the -// object. For more information, see Amazon S3 Bucket Keys (https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-key.html) -// in the Amazon Simple Storage Service Developer Guide. -// -// Access Control List (ACL)-Specific Request Headers +// All CopyObject requests must be authenticated and signed by using IAM credentials +// (access key ID and secret access key for the IAM identities). All headers +// with the x-amz- prefix, including x-amz-copy-source, must be signed. For +// more information, see REST Authentication (https://docs.aws.amazon.com/AmazonS3/latest/dev/RESTAuthentication.html). // -// When copying an object, you can optionally use headers to grant ACL-based -// permissions. By default, all objects are private. Only the owner has full -// access control. When adding a new object, you can grant permissions to individual -// AWS accounts or to predefined groups defined by Amazon S3. These permissions -// are then added to the ACL on the object. For more information, see Access -// Control List (ACL) Overview (https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html) -// and Managing ACLs Using the REST API (https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-using-rest-api.html). +// Directory buckets - You must use the IAM credentials to authenticate and +// authorize your access to the CopyObject API operation, instead of using the +// temporary security credentials through the CreateSession API operation. // -// Storage Class Options +// Amazon Web Services CLI or SDKs handles authentication and authorization +// on your behalf. // -// You can use the CopyObject operation to change the storage class of an object -// that is already stored in Amazon S3 using the StorageClass parameter. For -// more information, see Storage Classes (https://docs.aws.amazon.com/AmazonS3/latest/dev/storage-class-intro.html) -// in the Amazon S3 Service Developer Guide. +// # Permissions // -// Versioning +// You must have read access to the source object and write access to the destination +// bucket. // -// By default, x-amz-copy-source identifies the current version of an object -// to copy. If the current version is a delete marker, Amazon S3 behaves as -// if the object was deleted. To copy a different version, use the versionId -// subresource. +// - General purpose bucket permissions - You must have permissions in an +// IAM policy based on the source and destination bucket types in a CopyObject +// operation. If the source object is in a general purpose bucket, you must +// have s3:GetObject permission to read the source object that is being copied. +// If the destination bucket is a general purpose bucket, you must have s3:PutObject +// permission to write the object copy to the destination bucket. +// +// - Directory bucket permissions - You must have permissions in a bucket +// policy or an IAM identity-based policy based on the source and destination +// bucket types in a CopyObject operation. If the source object that you +// want to copy is in a directory bucket, you must have the s3express:CreateSession +// permission in the Action element of a policy to read the object. By default, +// the session is in the ReadWrite mode. If you want to restrict the access, +// you can explicitly set the s3express:SessionMode condition key to ReadOnly +// on the copy source bucket. If the copy destination is a directory bucket, +// you must have the s3express:CreateSession permission in the Action element +// of a policy to write the object to the destination. The s3express:SessionMode +// condition key can't be set to ReadOnly on the copy destination bucket. +// For example policies, see Example bucket policies for S3 Express One Zone +// (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-security-iam-example-bucket-policies.html) +// and Amazon Web Services Identity and Access Management (IAM) identity-based +// policies for S3 Express One Zone (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-security-iam-identity-policies.html) +// in the Amazon S3 User Guide. +// +// # Response and special errors +// +// When the request is an HTTP 1.1 request, the response is chunk encoded. When +// the request is not an HTTP 1.1 request, the response would not contain the +// Content-Length. You always need to read the entire response body to check +// if the copy succeeds. to keep the connection alive while we copy the data. +// +// - If the copy is successful, you receive a response with information about +// the copied object. +// +// - A copy request might return an error when Amazon S3 receives the copy +// request or while Amazon S3 is copying the files. A 200 OK response can +// contain either a success or an error. If the error occurs before the copy +// action starts, you receive a standard Amazon S3 error. If the error occurs +// during the copy operation, the error response is embedded in the 200 OK +// response. For example, in a cross-region copy, you may encounter throttling +// and receive a 200 OK response. For more information, see Resolve the Error +// 200 response when copying objects to Amazon S3 (https://repost.aws/knowledge-center/s3-resolve-200-internalerror). +// The 200 OK status code means the copy was accepted, but it doesn't mean +// the copy is complete. Another example is when you disconnect from Amazon +// S3 before the copy is complete, Amazon S3 might cancel the copy and you +// may receive a 200 OK response. You must stay connected to Amazon S3 until +// the entire response is successfully received and processed. If you call +// this API operation directly, make sure to design your application to parse +// the content of the response and handle it appropriately. If you use Amazon +// Web Services SDKs, SDKs handle this condition. The SDKs detect the embedded +// error and apply error handling per your configuration settings (including +// automatically retrying the request as appropriate). If the condition persists, +// the SDKs throw an exception (or, for the SDKs that don't use exceptions, +// they return an error). +// +// # Charge // -// If you enable versioning on the target bucket, Amazon S3 generates a unique -// version ID for the object being copied. This version ID is different from -// the version ID of the source object. Amazon S3 returns the version ID of -// the copied object in the x-amz-version-id response header in the response. +// The copy request charge is based on the storage class and Region that you +// specify for the destination object. The request can also result in a data +// retrieval charge for the source if the source storage class bills for data +// retrieval. If the copy source is in a different region, the data transfer +// is billed to the copy source account. For pricing information, see Amazon +// S3 pricing (http://aws.amazon.com/s3/pricing/). // -// If you do not enable versioning or suspend it on the target bucket, the version -// ID that Amazon S3 generates is always null. +// # HTTP Host header syntax // -// If the source object's storage class is GLACIER, you must restore a copy -// of this object before you can use it as a source object for the copy operation. -// For more information, see RestoreObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_RestoreObject.html). +// Directory buckets - The HTTP Host header syntax is Bucket_name.s3express-az_id.region.amazonaws.com. // // The following operations are related to CopyObject: // -// * PutObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObject.html) +// - PutObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObject.html) // -// * GetObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObject.html) -// -// For more information, see Copying Objects (https://docs.aws.amazon.com/AmazonS3/latest/dev/CopyingObjectsExamples.html). +// - GetObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObject.html) // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -458,9 +502,9 @@ func (c *S3) CopyObjectRequest(input *CopyObjectInput) (req *request.Request, ou // API operation CopyObject for usage and error information. // // Returned Error Codes: -// * ErrCodeObjectNotInActiveTierError "ObjectNotInActiveTierError" -// The source object of the COPY operation is not in the active tier and is -// only stored in Amazon S3 Glacier. +// - ErrCodeObjectNotInActiveTierError "ObjectNotInActiveTierError" +// The source object of the COPY action is not in the active tier and is only +// stored in Amazon S3 Glacier. // // See also, https://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/CopyObject func (c *S3) CopyObject(input *CopyObjectInput) (*CopyObjectOutput, error) { @@ -500,14 +544,13 @@ const opCreateBucket = "CreateBucket" // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // +// // Example sending a request using the CreateBucketRequest method. +// req, resp := client.CreateBucketRequest(params) // -// // Example sending a request using the CreateBucketRequest method. -// req, resp := client.CreateBucketRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } // // See also, https://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/CreateBucket func (c *S3) CreateBucketRequest(input *CreateBucketInput) (req *request.Request, output *CreateBucketOutput) { @@ -528,70 +571,103 @@ func (c *S3) CreateBucketRequest(input *CreateBucketInput) (req *request.Request // CreateBucket API operation for Amazon Simple Storage Service. // -// Creates a new S3 bucket. To create a bucket, you must register with Amazon -// S3 and have a valid AWS Access Key ID to authenticate requests. Anonymous -// requests are never allowed to create buckets. By creating the bucket, you -// become the bucket owner. -// -// Not every string is an acceptable bucket name. For information about bucket -// naming restrictions, see Working with Amazon S3 buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingBucket.html). -// -// If you want to create an Amazon S3 on Outposts bucket, see Create Bucket -// (https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_CreateBucket.html). -// -// By default, the bucket is created in the US East (N. Virginia) Region. You -// can optionally specify a Region in the request body. You might choose a Region -// to optimize latency, minimize costs, or address regulatory requirements. -// For example, if you reside in Europe, you will probably find it advantageous -// to create buckets in the Europe (Ireland) Region. For more information, see -// Accessing a bucket (https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingBucket.html#access-bucket-intro). -// -// If you send your create bucket request to the s3.amazonaws.com endpoint, -// the request goes to the us-east-1 Region. Accordingly, the signature calculations -// in Signature Version 4 must use us-east-1 as the Region, even if the location -// constraint in the request specifies another Region where the bucket is to -// be created. If you create a bucket in a Region other than US East (N. Virginia), -// your application must be able to handle 307 redirect. For more information, -// see Virtual hosting of buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/VirtualHosting.html). -// -// When creating a bucket using this operation, you can optionally specify the -// accounts or groups that should be granted specific permissions on the bucket. -// There are two ways to grant the appropriate permissions using the request -// headers. +// This action creates an Amazon S3 bucket. To create an Amazon S3 on Outposts +// bucket, see CreateBucket (https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_CreateBucket.html). +// +// Creates a new S3 bucket. To create a bucket, you must set up Amazon S3 and +// have a valid Amazon Web Services Access Key ID to authenticate requests. +// Anonymous requests are never allowed to create buckets. By creating the bucket, +// you become the bucket owner. +// +// There are two types of buckets: general purpose buckets and directory buckets. +// For more information about these bucket types, see Creating, configuring, +// and working with Amazon S3 buckets (https://docs.aws.amazon.com/AmazonS3/latest/userguide/creating-buckets-s3.html) +// in the Amazon S3 User Guide. +// +// - General purpose buckets - If you send your CreateBucket request to the +// s3.amazonaws.com global endpoint, the request goes to the us-east-1 Region. +// So the signature calculations in Signature Version 4 must use us-east-1 +// as the Region, even if the location constraint in the request specifies +// another Region where the bucket is to be created. If you create a bucket +// in a Region other than US East (N. Virginia), your application must be +// able to handle 307 redirect. For more information, see Virtual hosting +// of buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/VirtualHosting.html) +// in the Amazon S3 User Guide. +// +// - Directory buckets - For directory buckets, you must make requests for +// this API operation to the Regional endpoint. These endpoints support path-style +// requests in the format https://s3express-control.region_code.amazonaws.com/bucket-name +// . Virtual-hosted-style requests aren't supported. For more information, +// see Regional and Zonal endpoints (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-Regions-and-Zones.html) +// in the Amazon S3 User Guide. // -// * Specify a canned ACL using the x-amz-acl request header. Amazon S3 supports -// a set of predefined ACLs, known as canned ACLs. Each canned ACL has a -// predefined set of grantees and permissions. For more information, see -// Canned ACL (https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#CannedACL). -// -// * Specify access permissions explicitly using the x-amz-grant-read, x-amz-grant-write, -// x-amz-grant-read-acp, x-amz-grant-write-acp, and x-amz-grant-full-control -// headers. These headers map to the set of permissions Amazon S3 supports -// in an ACL. For more information, see Access control list (ACL) overview -// (https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html). You -// specify each grantee as a type=value pair, where the type is one of the -// following: id – if the value specified is the canonical user ID of an -// AWS account uri – if you are granting permissions to a predefined group -// emailAddress – if the value specified is the email address of an AWS -// account Using email addresses to specify a grantee is only supported in -// the following AWS Regions: US East (N. Virginia) US West (N. California) -// US West (Oregon) Asia Pacific (Singapore) Asia Pacific (Sydney) Asia Pacific -// (Tokyo) Europe (Ireland) South America (São Paulo) For a list of all -// the Amazon S3 supported Regions and endpoints, see Regions and Endpoints -// (https://docs.aws.amazon.com/general/latest/gr/rande.html#s3_region) in -// the AWS General Reference. For example, the following x-amz-grant-read -// header grants the AWS accounts identified by account IDs permissions to -// read object data and its metadata: x-amz-grant-read: id="11112222333", -// id="444455556666" +// Permissions // -// You can use either a canned ACL or specify access permissions explicitly. -// You cannot do both. +// - General purpose bucket permissions - In addition to the s3:CreateBucket +// permission, the following permissions are required in a policy when your +// CreateBucket request includes specific headers: Access control lists (ACLs) +// +// - In your CreateBucket request, if you specify an access control list +// (ACL) and set it to public-read, public-read-write, authenticated-read, +// or if you explicitly specify any other custom ACLs, both s3:CreateBucket +// and s3:PutBucketAcl permissions are required. In your CreateBucket request, +// if you set the ACL to private, or if you don't specify any ACLs, only +// the s3:CreateBucket permission is required. Object Lock - In your CreateBucket +// request, if you set x-amz-bucket-object-lock-enabled to true, the s3:PutBucketObjectLockConfiguration +// and s3:PutBucketVersioning permissions are required. S3 Object Ownership +// +// - If your CreateBucket request includes the x-amz-object-ownership header, +// then the s3:PutBucketOwnershipControls permission is required. To set +// an ACL on a bucket as part of a CreateBucket request, you must explicitly +// set S3 Object Ownership for the bucket to a different value than the default, +// BucketOwnerEnforced. Additionally, if your desired bucket ACL grants public +// access, you must first create the bucket (without the bucket ACL) and +// then explicitly disable Block Public Access on the bucket before using +// PutBucketAcl to set the ACL. If you try to create a bucket with a public +// ACL, the request will fail. For the majority of modern use cases in S3, +// we recommend that you keep all Block Public Access settings enabled and +// keep ACLs disabled. If you would like to share data with users outside +// of your account, you can use bucket policies as needed. For more information, +// see Controlling ownership of objects and disabling ACLs for your bucket +// (https://docs.aws.amazon.com/AmazonS3/latest/userguide/about-object-ownership.html) +// and Blocking public access to your Amazon S3 storage (https://docs.aws.amazon.com/AmazonS3/latest/userguide/access-control-block-public-access.html) +// in the Amazon S3 User Guide. S3 Block Public Access - If your specific +// use case requires granting public access to your S3 resources, you can +// disable Block Public Access. Specifically, you can create a new bucket +// with Block Public Access enabled, then separately call the DeletePublicAccessBlock +// (https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeletePublicAccessBlock.html) +// API. To use this operation, you must have the s3:PutBucketPublicAccessBlock +// permission. For more information about S3 Block Public Access, see Blocking +// public access to your Amazon S3 storage (https://docs.aws.amazon.com/AmazonS3/latest/userguide/access-control-block-public-access.html) +// in the Amazon S3 User Guide. +// +// - Directory bucket permissions - You must have the s3express:CreateBucket +// permission in an IAM identity-based policy instead of a bucket policy. +// Cross-account access to this API operation isn't supported. This operation +// can only be performed by the Amazon Web Services account that owns the +// resource. For more information about directory bucket policies and permissions, +// see Amazon Web Services Identity and Access Management (IAM) for S3 Express +// One Zone (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-security-iam.html) +// in the Amazon S3 User Guide. The permissions for ACLs, Object Lock, S3 +// Object Ownership, and S3 Block Public Access are not supported for directory +// buckets. For directory buckets, all Block Public Access settings are enabled +// at the bucket level and S3 Object Ownership is set to Bucket owner enforced +// (ACLs disabled). These settings can't be modified. For more information +// about permissions for creating and working with directory buckets, see +// Directory buckets (https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-buckets-overview.html) +// in the Amazon S3 User Guide. For more information about supported S3 features +// for directory buckets, see Features of S3 Express One Zone (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-one-zone.html#s3-express-features) +// in the Amazon S3 User Guide. +// +// # HTTP Host header syntax +// +// Directory buckets - The HTTP Host header syntax is s3express-control.region.amazonaws.com. // // The following operations are related to CreateBucket: // -// * PutObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObject.html) +// - PutObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObject.html) // -// * DeleteBucket (https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucket.html) +// - DeleteBucket (https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucket.html) // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -601,16 +677,17 @@ func (c *S3) CreateBucketRequest(input *CreateBucketInput) (req *request.Request // API operation CreateBucket for usage and error information. // // Returned Error Codes: -// * ErrCodeBucketAlreadyExists "BucketAlreadyExists" -// The requested bucket name is not available. The bucket namespace is shared -// by all users of the system. Select a different name and try again. // -// * ErrCodeBucketAlreadyOwnedByYou "BucketAlreadyOwnedByYou" -// The bucket you tried to create already exists, and you own it. Amazon S3 -// returns this error in all AWS Regions except in the North Virginia Region. -// For legacy compatibility, if you re-create an existing bucket that you already -// own in the North Virginia Region, Amazon S3 returns 200 OK and resets the -// bucket access control lists (ACLs). +// - ErrCodeBucketAlreadyExists "BucketAlreadyExists" +// The requested bucket name is not available. The bucket namespace is shared +// by all users of the system. Select a different name and try again. +// +// - ErrCodeBucketAlreadyOwnedByYou "BucketAlreadyOwnedByYou" +// The bucket you tried to create already exists, and you own it. Amazon S3 +// returns this error in all Amazon Web Services Regions except in the North +// Virginia Region. For legacy compatibility, if you re-create an existing bucket +// that you already own in the North Virginia Region, Amazon S3 returns 200 +// OK and resets the bucket access control lists (ACLs). // // See also, https://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/CreateBucket func (c *S3) CreateBucket(input *CreateBucketInput) (*CreateBucketOutput, error) { @@ -650,14 +727,13 @@ const opCreateMultipartUpload = "CreateMultipartUpload" // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // +// // Example sending a request using the CreateMultipartUploadRequest method. +// req, resp := client.CreateMultipartUploadRequest(params) // -// // Example sending a request using the CreateMultipartUploadRequest method. -// req, resp := client.CreateMultipartUploadRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } // // See also, https://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/CreateMultipartUpload func (c *S3) CreateMultipartUploadRequest(input *CreateMultipartUploadInput) (req *request.Request, output *CreateMultipartUploadOutput) { @@ -678,155 +754,156 @@ func (c *S3) CreateMultipartUploadRequest(input *CreateMultipartUploadInput) (re // CreateMultipartUpload API operation for Amazon Simple Storage Service. // -// This operation initiates a multipart upload and returns an upload ID. This -// upload ID is used to associate all of the parts in the specific multipart -// upload. You specify this upload ID in each of your subsequent upload part -// requests (see UploadPart (https://docs.aws.amazon.com/AmazonS3/latest/API/API_UploadPart.html)). +// This action initiates a multipart upload and returns an upload ID. This upload +// ID is used to associate all of the parts in the specific multipart upload. +// You specify this upload ID in each of your subsequent upload part requests +// (see UploadPart (https://docs.aws.amazon.com/AmazonS3/latest/API/API_UploadPart.html)). // You also include this upload ID in the final request to either complete or -// abort the multipart upload request. -// -// For more information about multipart uploads, see Multipart Upload Overview -// (https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuoverview.html). -// -// If you have configured a lifecycle rule to abort incomplete multipart uploads, -// the upload must complete within the number of days specified in the bucket -// lifecycle configuration. Otherwise, the incomplete multipart upload becomes -// eligible for an abort operation and Amazon S3 aborts the multipart upload. -// For more information, see Aborting Incomplete Multipart Uploads Using a Bucket -// Lifecycle Policy (https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuoverview.html#mpu-abort-incomplete-mpu-lifecycle-config). -// -// For information about the permissions required to use the multipart upload -// API, see Multipart Upload API and Permissions (https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuAndPermissions.html). -// -// For request signing, multipart upload is just a series of regular requests. -// You initiate a multipart upload, send one or more requests to upload parts, -// and then complete the multipart upload process. You sign each request individually. -// There is nothing special about signing multipart upload requests. For more -// information about signing, see Authenticating Requests (AWS Signature Version -// 4) (https://docs.aws.amazon.com/AmazonS3/latest/API/sig-v4-authenticating-requests.html). +// abort the multipart upload request. For more information about multipart +// uploads, see Multipart Upload Overview (https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuoverview.html) +// in the Amazon S3 User Guide. // // After you initiate a multipart upload and upload one or more parts, to stop // being charged for storing the uploaded parts, you must either complete or // abort the multipart upload. Amazon S3 frees up the space used to store the -// parts and stop charging you for storing them only after you either complete +// parts and stops charging you for storing them only after you either complete // or abort a multipart upload. // -// You can optionally request server-side encryption. For server-side encryption, -// Amazon S3 encrypts your data as it writes it to disks in its data centers -// and decrypts it when you access it. You can provide your own encryption key, -// or use AWS Key Management Service (AWS KMS) customer master keys (CMKs) or -// Amazon S3-managed encryption keys. If you choose to provide your own encryption -// key, the request headers you provide in UploadPart (AmazonS3/latest/API/API_UploadPart.html) -// and UploadPartCopy (https://docs.aws.amazon.com/AmazonS3/latest/API/API_UploadPartCopy.html) -// requests must match the headers you used in the request to initiate the upload -// by using CreateMultipartUpload. -// -// To perform a multipart upload with encryption using an AWS KMS CMK, the requester -// must have permission to the kms:Encrypt, kms:Decrypt, kms:ReEncrypt*, kms:GenerateDataKey*, -// and kms:DescribeKey actions on the key. These permissions are required because -// Amazon S3 must decrypt and read data from the encrypted file parts before -// it completes the multipart upload. -// -// If your AWS Identity and Access Management (IAM) user or role is in the same -// AWS account as the AWS KMS CMK, then you must have these permissions on the -// key policy. If your IAM user or role belongs to a different account than -// the key, then you must have the permissions on both the key policy and your -// IAM user or role. -// -// For more information, see Protecting Data Using Server-Side Encryption (https://docs.aws.amazon.com/AmazonS3/latest/dev/serv-side-encryption.html). +// If you have configured a lifecycle rule to abort incomplete multipart uploads, +// the created multipart upload must be completed within the number of days +// specified in the bucket lifecycle configuration. Otherwise, the incomplete +// multipart upload becomes eligible for an abort action and Amazon S3 aborts +// the multipart upload. For more information, see Aborting Incomplete Multipart +// Uploads Using a Bucket Lifecycle Configuration (https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuoverview.html#mpu-abort-incomplete-mpu-lifecycle-config). // -// Access Permissions +// - Directory buckets - S3 Lifecycle is not supported by directory buckets. // -// When copying an object, you can optionally specify the accounts or groups -// that should be granted specific permissions on the new object. There are -// two ways to grant the permissions using the request headers: +// - Directory buckets - For directory buckets, you must make requests for +// this API operation to the Zonal endpoint. These endpoints support virtual-hosted-style +// requests in the format https://bucket_name.s3express-az_id.region.amazonaws.com/key-name +// . Path-style requests are not supported. For more information, see Regional +// and Zonal endpoints (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-Regions-and-Zones.html) +// in the Amazon S3 User Guide. // -// * Specify a canned ACL with the x-amz-acl request header. For more information, -// see Canned ACL (https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#CannedACL). +// # Request signing // -// * Specify access permissions explicitly with the x-amz-grant-read, x-amz-grant-read-acp, -// x-amz-grant-write-acp, and x-amz-grant-full-control headers. These parameters -// map to the set of permissions that Amazon S3 supports in an ACL. For more -// information, see Access Control List (ACL) Overview (https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html). +// For request signing, multipart upload is just a series of regular requests. +// You initiate a multipart upload, send one or more requests to upload parts, +// and then complete the multipart upload process. You sign each request individually. +// There is nothing special about signing multipart upload requests. For more +// information about signing, see Authenticating Requests (Amazon Web Services +// Signature Version 4) (https://docs.aws.amazon.com/AmazonS3/latest/API/sig-v4-authenticating-requests.html) +// in the Amazon S3 User Guide. // -// You can use either a canned ACL or specify access permissions explicitly. -// You cannot do both. +// Permissions // -// Server-Side- Encryption-Specific Request Headers -// -// You can optionally tell Amazon S3 to encrypt data at rest using server-side -// encryption. Server-side encryption is for data encryption at rest. Amazon -// S3 encrypts your data as it writes it to disks in its data centers and decrypts -// it when you access it. The option you use depends on whether you want to -// use AWS managed encryption keys or provide your own encryption key. -// -// * Use encryption keys managed by Amazon S3 or customer master keys (CMKs) -// stored in AWS Key Management Service (AWS KMS) – If you want AWS to -// manage the keys used to encrypt data, specify the following headers in -// the request. x-amz-server-side-encryption x-amz-server-side-encryption-aws-kms-key-id -// x-amz-server-side-encryption-context If you specify x-amz-server-side-encryption:aws:kms, -// but don't provide x-amz-server-side-encryption-aws-kms-key-id, Amazon -// S3 uses the AWS managed CMK in AWS KMS to protect the data. All GET and -// PUT requests for an object protected by AWS KMS fail if you don't make -// them with SSL or by using SigV4. For more information about server-side -// encryption with CMKs stored in AWS KMS (SSE-KMS), see Protecting Data -// Using Server-Side Encryption with CMKs stored in AWS KMS (https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingKMSEncryption.html). -// -// * Use customer-provided encryption keys – If you want to manage your -// own encryption keys, provide all the following headers in the request. -// x-amz-server-side-encryption-customer-algorithm x-amz-server-side-encryption-customer-key -// x-amz-server-side-encryption-customer-key-MD5 For more information about -// server-side encryption with CMKs stored in AWS KMS (SSE-KMS), see Protecting -// Data Using Server-Side Encryption with CMKs stored in AWS KMS (https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingKMSEncryption.html). -// -// Access-Control-List (ACL)-Specific Request Headers -// -// You also can use the following access control–related headers with this -// operation. By default, all objects are private. Only the owner has full access -// control. When adding a new object, you can grant permissions to individual -// AWS accounts or to predefined groups defined by Amazon S3. These permissions -// are then added to the access control list (ACL) on the object. For more information, -// see Using ACLs (https://docs.aws.amazon.com/AmazonS3/latest/dev/S3_ACLs_UsingACLs.html). -// With this operation, you can grant access permissions using one of the following -// two methods: -// -// * Specify a canned ACL (x-amz-acl) — Amazon S3 supports a set of predefined -// ACLs, known as canned ACLs. Each canned ACL has a predefined set of grantees -// and permissions. For more information, see Canned ACL (https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#CannedACL). -// -// * Specify access permissions explicitly — To explicitly grant access -// permissions to specific AWS accounts or groups, use the following headers. -// Each header maps to specific permissions that Amazon S3 supports in an -// ACL. For more information, see Access Control List (ACL) Overview (https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html). -// In the header, you specify a list of grantees who get the specific permission. -// To grant permissions explicitly, use: x-amz-grant-read x-amz-grant-write -// x-amz-grant-read-acp x-amz-grant-write-acp x-amz-grant-full-control You -// specify each grantee as a type=value pair, where the type is one of the -// following: id – if the value specified is the canonical user ID of an -// AWS account uri – if you are granting permissions to a predefined group -// emailAddress – if the value specified is the email address of an AWS -// account Using email addresses to specify a grantee is only supported in -// the following AWS Regions: US East (N. Virginia) US West (N. California) -// US West (Oregon) Asia Pacific (Singapore) Asia Pacific (Sydney) Asia Pacific -// (Tokyo) Europe (Ireland) South America (São Paulo) For a list of all -// the Amazon S3 supported Regions and endpoints, see Regions and Endpoints -// (https://docs.aws.amazon.com/general/latest/gr/rande.html#s3_region) in -// the AWS General Reference. For example, the following x-amz-grant-read -// header grants the AWS accounts identified by account IDs permissions to -// read object data and its metadata: x-amz-grant-read: id="11112222333", -// id="444455556666" +// - General purpose bucket permissions - For information about the permissions +// required to use the multipart upload API, see Multipart upload and permissions +// (https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuAndPermissions.html) +// in the Amazon S3 User Guide. To perform a multipart upload with encryption +// by using an Amazon Web Services KMS key, the requester must have permission +// to the kms:Decrypt and kms:GenerateDataKey* actions on the key. These +// permissions are required because Amazon S3 must decrypt and read data +// from the encrypted file parts before it completes the multipart upload. +// For more information, see Multipart upload API and permissions (https://docs.aws.amazon.com/AmazonS3/latest/userguide/mpuoverview.html#mpuAndPermissions) +// and Protecting data using server-side encryption with Amazon Web Services +// KMS (https://docs.aws.amazon.com/AmazonS3/latest/userguide/UsingKMSEncryption.html) +// in the Amazon S3 User Guide. +// +// - Directory bucket permissions - To grant access to this API operation +// on a directory bucket, we recommend that you use the CreateSession (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html) +// API operation for session-based authorization. Specifically, you grant +// the s3express:CreateSession permission to the directory bucket in a bucket +// policy or an IAM identity-based policy. Then, you make the CreateSession +// API call on the bucket to obtain a session token. With the session token +// in your request header, you can make API requests to this operation. After +// the session token expires, you make another CreateSession API call to +// generate a new session token for use. Amazon Web Services CLI or SDKs +// create session and refresh the session token automatically to avoid service +// interruptions when a session expires. For more information about authorization, +// see CreateSession (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html). +// +// Encryption +// +// - General purpose buckets - Server-side encryption is for data encryption +// at rest. Amazon S3 encrypts your data as it writes it to disks in its +// data centers and decrypts it when you access it. Amazon S3 automatically +// encrypts all new objects that are uploaded to an S3 bucket. When doing +// a multipart upload, if you don't specify encryption information in your +// request, the encryption setting of the uploaded parts is set to the default +// encryption configuration of the destination bucket. By default, all buckets +// have a base level of encryption configuration that uses server-side encryption +// with Amazon S3 managed keys (SSE-S3). If the destination bucket has a +// default encryption configuration that uses server-side encryption with +// an Key Management Service (KMS) key (SSE-KMS), or a customer-provided +// encryption key (SSE-C), Amazon S3 uses the corresponding KMS key, or a +// customer-provided key to encrypt the uploaded parts. When you perform +// a CreateMultipartUpload operation, if you want to use a different type +// of encryption setting for the uploaded parts, you can request that Amazon +// S3 encrypts the object with a different encryption key (such as an Amazon +// S3 managed key, a KMS key, or a customer-provided key). When the encryption +// setting in your request is different from the default encryption configuration +// of the destination bucket, the encryption setting in your request takes +// precedence. If you choose to provide your own encryption key, the request +// headers you provide in UploadPart (https://docs.aws.amazon.com/AmazonS3/latest/API/API_UploadPart.html) +// and UploadPartCopy (https://docs.aws.amazon.com/AmazonS3/latest/API/API_UploadPartCopy.html) +// requests must match the headers you used in the CreateMultipartUpload +// request. Use KMS keys (SSE-KMS) that include the Amazon Web Services managed +// key (aws/s3) and KMS customer managed keys stored in Key Management Service +// (KMS) – If you want Amazon Web Services to manage the keys used to encrypt +// data, specify the following headers in the request. x-amz-server-side-encryption +// x-amz-server-side-encryption-aws-kms-key-id x-amz-server-side-encryption-context +// If you specify x-amz-server-side-encryption:aws:kms, but don't provide +// x-amz-server-side-encryption-aws-kms-key-id, Amazon S3 uses the Amazon +// Web Services managed key (aws/s3 key) in KMS to protect the data. To perform +// a multipart upload with encryption by using an Amazon Web Services KMS +// key, the requester must have permission to the kms:Decrypt and kms:GenerateDataKey* +// actions on the key. These permissions are required because Amazon S3 must +// decrypt and read data from the encrypted file parts before it completes +// the multipart upload. For more information, see Multipart upload API and +// permissions (https://docs.aws.amazon.com/AmazonS3/latest/userguide/mpuoverview.html#mpuAndPermissions) +// and Protecting data using server-side encryption with Amazon Web Services +// KMS (https://docs.aws.amazon.com/AmazonS3/latest/userguide/UsingKMSEncryption.html) +// in the Amazon S3 User Guide. If your Identity and Access Management (IAM) +// user or role is in the same Amazon Web Services account as the KMS key, +// then you must have these permissions on the key policy. If your IAM user +// or role is in a different account from the key, then you must have the +// permissions on both the key policy and your IAM user or role. All GET +// and PUT requests for an object protected by KMS fail if you don't make +// them by using Secure Sockets Layer (SSL), Transport Layer Security (TLS), +// or Signature Version 4. For information about configuring any of the officially +// supported Amazon Web Services SDKs and Amazon Web Services CLI, see Specifying +// the Signature Version in Request Authentication (https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingAWSSDK.html#specify-signature-version) +// in the Amazon S3 User Guide. For more information about server-side encryption +// with KMS keys (SSE-KMS), see Protecting Data Using Server-Side Encryption +// with KMS keys (https://docs.aws.amazon.com/AmazonS3/latest/userguide/UsingKMSEncryption.html) +// in the Amazon S3 User Guide. Use customer-provided encryption keys (SSE-C) +// – If you want to manage your own encryption keys, provide all the following +// headers in the request. x-amz-server-side-encryption-customer-algorithm +// x-amz-server-side-encryption-customer-key x-amz-server-side-encryption-customer-key-MD5 +// For more information about server-side encryption with customer-provided +// encryption keys (SSE-C), see Protecting data using server-side encryption +// with customer-provided encryption keys (SSE-C) (https://docs.aws.amazon.com/AmazonS3/latest/userguide/ServerSideEncryptionCustomerKeys.html) +// in the Amazon S3 User Guide. +// +// - Directory buckets -For directory buckets, only server-side encryption +// with Amazon S3 managed keys (SSE-S3) (AES256) is supported. +// +// # HTTP Host header syntax +// +// Directory buckets - The HTTP Host header syntax is Bucket_name.s3express-az_id.region.amazonaws.com. // // The following operations are related to CreateMultipartUpload: // -// * UploadPart (https://docs.aws.amazon.com/AmazonS3/latest/API/API_UploadPart.html) +// - UploadPart (https://docs.aws.amazon.com/AmazonS3/latest/API/API_UploadPart.html) // -// * CompleteMultipartUpload (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CompleteMultipartUpload.html) +// - CompleteMultipartUpload (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CompleteMultipartUpload.html) // -// * AbortMultipartUpload (https://docs.aws.amazon.com/AmazonS3/latest/API/API_AbortMultipartUpload.html) +// - AbortMultipartUpload (https://docs.aws.amazon.com/AmazonS3/latest/API/API_AbortMultipartUpload.html) // -// * ListParts (https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListParts.html) +// - ListParts (https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListParts.html) // -// * ListMultipartUploads (https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListMultipartUploads.html) +// - ListMultipartUploads (https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListMultipartUploads.html) // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -856,6 +933,152 @@ func (c *S3) CreateMultipartUploadWithContext(ctx aws.Context, input *CreateMult return out, req.Send() } +const opCreateSession = "CreateSession" + +// CreateSessionRequest generates a "aws/request.Request" representing the +// client's request for the CreateSession operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See CreateSession for more information on using the CreateSession +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the CreateSessionRequest method. +// req, resp := client.CreateSessionRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/CreateSession +func (c *S3) CreateSessionRequest(input *CreateSessionInput) (req *request.Request, output *CreateSessionOutput) { + op := &request.Operation{ + Name: opCreateSession, + HTTPMethod: "GET", + HTTPPath: "/{Bucket}?session", + } + + if input == nil { + input = &CreateSessionInput{} + } + + output = &CreateSessionOutput{} + req = c.newRequest(op, input, output) + return +} + +// CreateSession API operation for Amazon Simple Storage Service. +// +// Creates a session that establishes temporary security credentials to support +// fast authentication and authorization for the Zonal endpoint APIs on directory +// buckets. For more information about Zonal endpoint APIs that include the +// Availability Zone in the request endpoint, see S3 Express One Zone APIs (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-APIs.html) +// in the Amazon S3 User Guide. +// +// To make Zonal endpoint API requests on a directory bucket, use the CreateSession +// API operation. Specifically, you grant s3express:CreateSession permission +// to a bucket in a bucket policy or an IAM identity-based policy. Then, you +// use IAM credentials to make the CreateSession API request on the bucket, +// which returns temporary security credentials that include the access key +// ID, secret access key, session token, and expiration. These credentials have +// associated permissions to access the Zonal endpoint APIs. After the session +// is created, you don’t need to use other policies to grant permissions to +// each Zonal endpoint API individually. Instead, in your Zonal endpoint API +// requests, you sign your requests by applying the temporary security credentials +// of the session to the request headers and following the SigV4 protocol for +// authentication. You also apply the session token to the x-amz-s3session-token +// request header for authorization. Temporary security credentials are scoped +// to the bucket and expire after 5 minutes. After the expiration time, any +// calls that you make with those credentials will fail. You must use IAM credentials +// again to make a CreateSession API request that generates a new set of temporary +// credentials for use. Temporary credentials cannot be extended or refreshed +// beyond the original specified interval. +// +// If you use Amazon Web Services SDKs, SDKs handle the session token refreshes +// automatically to avoid service interruptions when a session expires. We recommend +// that you use the Amazon Web Services SDKs to initiate and manage requests +// to the CreateSession API. For more information, see Performance guidelines +// and design patterns (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-optimizing-performance-guidelines-design-patterns.html#s3-express-optimizing-performance-session-authentication) +// in the Amazon S3 User Guide. +// +// - You must make requests for this API operation to the Zonal endpoint. +// These endpoints support virtual-hosted-style requests in the format https://bucket_name.s3express-az_id.region.amazonaws.com. +// Path-style requests are not supported. For more information, see Regional +// and Zonal endpoints (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-Regions-and-Zones.html) +// in the Amazon S3 User Guide. +// +// - CopyObject API operation - Unlike other Zonal endpoint APIs, the CopyObject +// API operation doesn't use the temporary security credentials returned +// from the CreateSession API operation for authentication and authorization. +// For information about authentication and authorization of the CopyObject +// API operation on directory buckets, see CopyObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CopyObject.html). +// +// - HeadBucket API operation - Unlike other Zonal endpoint APIs, the HeadBucket +// API operation doesn't use the temporary security credentials returned +// from the CreateSession API operation for authentication and authorization. +// For information about authentication and authorization of the HeadBucket +// API operation on directory buckets, see HeadBucket (https://docs.aws.amazon.com/AmazonS3/latest/API/API_HeadBucket.html). +// +// # Permissions +// +// To obtain temporary security credentials, you must create a bucket policy +// or an IAM identity-based policy that grants s3express:CreateSession permission +// to the bucket. In a policy, you can have the s3express:SessionMode condition +// key to control who can create a ReadWrite or ReadOnly session. For more information +// about ReadWrite or ReadOnly sessions, see x-amz-create-session-mode (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html#API_CreateSession_RequestParameters). +// For example policies, see Example bucket policies for S3 Express One Zone +// (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-security-iam-example-bucket-policies.html) +// and Amazon Web Services Identity and Access Management (IAM) identity-based +// policies for S3 Express One Zone (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-security-iam-identity-policies.html) +// in the Amazon S3 User Guide. +// +// To grant cross-account access to Zonal endpoint APIs, the bucket policy should +// also grant both accounts the s3express:CreateSession permission. +// +// # HTTP Host header syntax +// +// Directory buckets - The HTTP Host header syntax is Bucket_name.s3express-az_id.region.amazonaws.com. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Simple Storage Service's +// API operation CreateSession for usage and error information. +// +// Returned Error Codes: +// - ErrCodeNoSuchBucket "NoSuchBucket" +// The specified bucket does not exist. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/CreateSession +func (c *S3) CreateSession(input *CreateSessionInput) (*CreateSessionOutput, error) { + req, out := c.CreateSessionRequest(input) + return out, req.Send() +} + +// CreateSessionWithContext is the same as CreateSession with the addition of +// the ability to pass a context and additional request options. +// +// See CreateSession for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *S3) CreateSessionWithContext(ctx aws.Context, input *CreateSessionInput, opts ...request.Option) (*CreateSessionOutput, error) { + req, out := c.CreateSessionRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opDeleteBucket = "DeleteBucket" // DeleteBucketRequest generates a "aws/request.Request" representing the @@ -872,14 +1095,13 @@ const opDeleteBucket = "DeleteBucket" // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // +// // Example sending a request using the DeleteBucketRequest method. +// req, resp := client.DeleteBucketRequest(params) // -// // Example sending a request using the DeleteBucketRequest method. -// req, resp := client.DeleteBucketRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } // // See also, https://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/DeleteBucket func (c *S3) DeleteBucketRequest(input *DeleteBucketInput) (req *request.Request, output *DeleteBucketOutput) { @@ -904,11 +1126,40 @@ func (c *S3) DeleteBucketRequest(input *DeleteBucketInput) (req *request.Request // Deletes the S3 bucket. All objects (including all object versions and delete // markers) in the bucket must be deleted before the bucket itself can be deleted. // -// Related Resources +// - Directory buckets - If multipart uploads in a directory bucket are in +// progress, you can't delete the bucket until all the in-progress multipart +// uploads are aborted or completed. // -// * CreateBucket (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateBucket.html) +// - Directory buckets - For directory buckets, you must make requests for +// this API operation to the Regional endpoint. These endpoints support path-style +// requests in the format https://s3express-control.region_code.amazonaws.com/bucket-name +// . Virtual-hosted-style requests aren't supported. For more information, +// see Regional and Zonal endpoints (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-Regions-and-Zones.html) +// in the Amazon S3 User Guide. +// +// Permissions // -// * DeleteObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteObject.html) +// - General purpose bucket permissions - You must have the s3:DeleteBucket +// permission on the specified bucket in a policy. +// +// - Directory bucket permissions - You must have the s3express:DeleteBucket +// permission in an IAM identity-based policy instead of a bucket policy. +// Cross-account access to this API operation isn't supported. This operation +// can only be performed by the Amazon Web Services account that owns the +// resource. For more information about directory bucket policies and permissions, +// see Amazon Web Services Identity and Access Management (IAM) for S3 Express +// One Zone (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-security-iam.html) +// in the Amazon S3 User Guide. +// +// # HTTP Host header syntax +// +// Directory buckets - The HTTP Host header syntax is s3express-control.region.amazonaws.com. +// +// The following operations are related to DeleteBucket: +// +// - CreateBucket (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateBucket.html) +// +// - DeleteObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteObject.html) // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -954,14 +1205,13 @@ const opDeleteBucketAnalyticsConfiguration = "DeleteBucketAnalyticsConfiguration // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // +// // Example sending a request using the DeleteBucketAnalyticsConfigurationRequest method. +// req, resp := client.DeleteBucketAnalyticsConfigurationRequest(params) // -// // Example sending a request using the DeleteBucketAnalyticsConfigurationRequest method. -// req, resp := client.DeleteBucketAnalyticsConfigurationRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } // // See also, https://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/DeleteBucketAnalyticsConfiguration func (c *S3) DeleteBucketAnalyticsConfigurationRequest(input *DeleteBucketAnalyticsConfigurationInput) (req *request.Request, output *DeleteBucketAnalyticsConfigurationOutput) { @@ -983,25 +1233,27 @@ func (c *S3) DeleteBucketAnalyticsConfigurationRequest(input *DeleteBucketAnalyt // DeleteBucketAnalyticsConfiguration API operation for Amazon Simple Storage Service. // +// This operation is not supported by directory buckets. +// // Deletes an analytics configuration for the bucket (specified by the analytics // configuration ID). // // To use this operation, you must have permissions to perform the s3:PutAnalyticsConfiguration // action. The bucket owner has this permission by default. The bucket owner // can grant this permission to others. For more information about permissions, -// see Permissions Related to Bucket Subresource Operations (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources) -// and Managing Access Permissions to Your Amazon S3 Resources (https://docs.aws.amazon.com/AmazonS3/latest/dev/s3-access-control.html). +// see Permissions Related to Bucket Subresource Operations (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources) +// and Managing Access Permissions to Your Amazon S3 Resources (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-access-control.html). // // For information about the Amazon S3 analytics feature, see Amazon S3 Analytics // – Storage Class Analysis (https://docs.aws.amazon.com/AmazonS3/latest/dev/analytics-storage-class.html). // // The following operations are related to DeleteBucketAnalyticsConfiguration: // -// * GetBucketAnalyticsConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketAnalyticsConfiguration.html) +// - GetBucketAnalyticsConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketAnalyticsConfiguration.html) // -// * ListBucketAnalyticsConfigurations (https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListBucketAnalyticsConfigurations.html) +// - ListBucketAnalyticsConfigurations (https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListBucketAnalyticsConfigurations.html) // -// * PutBucketAnalyticsConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketAnalyticsConfiguration.html) +// - PutBucketAnalyticsConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketAnalyticsConfiguration.html) // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -1047,14 +1299,13 @@ const opDeleteBucketCors = "DeleteBucketCors" // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // +// // Example sending a request using the DeleteBucketCorsRequest method. +// req, resp := client.DeleteBucketCorsRequest(params) // -// // Example sending a request using the DeleteBucketCorsRequest method. -// req, resp := client.DeleteBucketCorsRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } // // See also, https://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/DeleteBucketCors func (c *S3) DeleteBucketCorsRequest(input *DeleteBucketCorsInput) (req *request.Request, output *DeleteBucketCorsOutput) { @@ -1076,6 +1327,8 @@ func (c *S3) DeleteBucketCorsRequest(input *DeleteBucketCorsInput) (req *request // DeleteBucketCors API operation for Amazon Simple Storage Service. // +// This operation is not supported by directory buckets. +// // Deletes the cors configuration information set for the bucket. // // To use this operation, you must have permission to perform the s3:PutBucketCORS @@ -1083,13 +1336,13 @@ func (c *S3) DeleteBucketCorsRequest(input *DeleteBucketCorsInput) (req *request // permission to others. // // For information about cors, see Enabling Cross-Origin Resource Sharing (https://docs.aws.amazon.com/AmazonS3/latest/dev/cors.html) -// in the Amazon Simple Storage Service Developer Guide. +// in the Amazon S3 User Guide. // -// Related Resources: +// Related Resources // -// * PutBucketCors (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketCors.html) +// - PutBucketCors (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketCors.html) // -// * RESTOPTIONSobject (https://docs.aws.amazon.com/AmazonS3/latest/API/RESTOPTIONSobject.html) +// - RESTOPTIONSobject (https://docs.aws.amazon.com/AmazonS3/latest/API/RESTOPTIONSobject.html) // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -1135,14 +1388,13 @@ const opDeleteBucketEncryption = "DeleteBucketEncryption" // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // +// // Example sending a request using the DeleteBucketEncryptionRequest method. +// req, resp := client.DeleteBucketEncryptionRequest(params) // -// // Example sending a request using the DeleteBucketEncryptionRequest method. -// req, resp := client.DeleteBucketEncryptionRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } // // See also, https://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/DeleteBucketEncryption func (c *S3) DeleteBucketEncryptionRequest(input *DeleteBucketEncryptionInput) (req *request.Request, output *DeleteBucketEncryptionOutput) { @@ -1164,23 +1416,26 @@ func (c *S3) DeleteBucketEncryptionRequest(input *DeleteBucketEncryptionInput) ( // DeleteBucketEncryption API operation for Amazon Simple Storage Service. // -// This implementation of the DELETE operation removes default encryption from -// the bucket. For information about the Amazon S3 default encryption feature, -// see Amazon S3 Default Bucket Encryption (https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-encryption.html) -// in the Amazon Simple Storage Service Developer Guide. +// This operation is not supported by directory buckets. +// +// This implementation of the DELETE action resets the default encryption for +// the bucket as server-side encryption with Amazon S3 managed keys (SSE-S3). +// For information about the bucket default encryption feature, see Amazon S3 +// Bucket Default Encryption (https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-encryption.html) +// in the Amazon S3 User Guide. // // To use this operation, you must have permissions to perform the s3:PutEncryptionConfiguration // action. The bucket owner has this permission by default. The bucket owner // can grant this permission to others. For more information about permissions, -// see Permissions Related to Bucket Subresource Operations (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources) -// and Managing Access Permissions to your Amazon S3 Resources (https://docs.aws.amazon.com/AmazonS3/latest/dev/s3-access-control.html) -// in the Amazon Simple Storage Service Developer Guide. +// see Permissions Related to Bucket Subresource Operations (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources) +// and Managing Access Permissions to your Amazon S3 Resources (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-access-control.html) +// in the Amazon S3 User Guide. // -// Related Resources +// The following operations are related to DeleteBucketEncryption: // -// * PutBucketEncryption (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketEncryption.html) +// - PutBucketEncryption (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketEncryption.html) // -// * GetBucketEncryption (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketEncryption.html) +// - GetBucketEncryption (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketEncryption.html) // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -1226,14 +1481,13 @@ const opDeleteBucketIntelligentTieringConfiguration = "DeleteBucketIntelligentTi // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // +// // Example sending a request using the DeleteBucketIntelligentTieringConfigurationRequest method. +// req, resp := client.DeleteBucketIntelligentTieringConfigurationRequest(params) // -// // Example sending a request using the DeleteBucketIntelligentTieringConfigurationRequest method. -// req, resp := client.DeleteBucketIntelligentTieringConfigurationRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } // // See also, https://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/DeleteBucketIntelligentTieringConfiguration func (c *S3) DeleteBucketIntelligentTieringConfigurationRequest(input *DeleteBucketIntelligentTieringConfigurationInput) (req *request.Request, output *DeleteBucketIntelligentTieringConfigurationOutput) { @@ -1255,32 +1509,34 @@ func (c *S3) DeleteBucketIntelligentTieringConfigurationRequest(input *DeleteBuc // DeleteBucketIntelligentTieringConfiguration API operation for Amazon Simple Storage Service. // +// This operation is not supported by directory buckets. +// // Deletes the S3 Intelligent-Tiering configuration from the specified bucket. // // The S3 Intelligent-Tiering storage class is designed to optimize storage // costs by automatically moving data to the most cost-effective storage access -// tier, without additional operational overhead. S3 Intelligent-Tiering delivers -// automatic cost savings by moving data between access tiers, when access patterns -// change. -// -// The S3 Intelligent-Tiering storage class is suitable for objects larger than -// 128 KB that you plan to store for at least 30 days. If the size of an object -// is less than 128 KB, it is not eligible for auto-tiering. Smaller objects -// can be stored, but they are always charged at the frequent access tier rates +// tier, without performance impact or operational overhead. S3 Intelligent-Tiering +// delivers automatic cost savings in three low latency and high throughput +// access tiers. To get the lowest storage cost on data that can be accessed +// in minutes to hours, you can choose to activate additional archiving capabilities. +// +// The S3 Intelligent-Tiering storage class is the ideal storage class for data +// with unknown, changing, or unpredictable access patterns, independent of +// object size or retention period. If the size of an object is less than 128 +// KB, it is not monitored and not eligible for auto-tiering. Smaller objects +// can be stored, but they are always charged at the Frequent Access tier rates // in the S3 Intelligent-Tiering storage class. // -// If you delete an object before the end of the 30-day minimum storage duration -// period, you are charged for 30 days. For more information, see Storage class -// for automatically optimizing frequently and infrequently accessed objects -// (https://docs.aws.amazon.com/AmazonS3/latest/dev/storage-class-intro.html#sc-dynamic-data-access). +// For more information, see Storage class for automatically optimizing frequently +// and infrequently accessed objects (https://docs.aws.amazon.com/AmazonS3/latest/dev/storage-class-intro.html#sc-dynamic-data-access). // // Operations related to DeleteBucketIntelligentTieringConfiguration include: // -// * GetBucketIntelligentTieringConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketIntelligentTieringConfiguration.html) +// - GetBucketIntelligentTieringConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketIntelligentTieringConfiguration.html) // -// * PutBucketIntelligentTieringConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketIntelligentTieringConfiguration.html) +// - PutBucketIntelligentTieringConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketIntelligentTieringConfiguration.html) // -// * ListBucketIntelligentTieringConfigurations (https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListBucketIntelligentTieringConfigurations.html) +// - ListBucketIntelligentTieringConfigurations (https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListBucketIntelligentTieringConfigurations.html) // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -1326,14 +1582,13 @@ const opDeleteBucketInventoryConfiguration = "DeleteBucketInventoryConfiguration // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // +// // Example sending a request using the DeleteBucketInventoryConfigurationRequest method. +// req, resp := client.DeleteBucketInventoryConfigurationRequest(params) // -// // Example sending a request using the DeleteBucketInventoryConfigurationRequest method. -// req, resp := client.DeleteBucketInventoryConfigurationRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } // // See also, https://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/DeleteBucketInventoryConfiguration func (c *S3) DeleteBucketInventoryConfigurationRequest(input *DeleteBucketInventoryConfigurationInput) (req *request.Request, output *DeleteBucketInventoryConfigurationOutput) { @@ -1355,25 +1610,27 @@ func (c *S3) DeleteBucketInventoryConfigurationRequest(input *DeleteBucketInvent // DeleteBucketInventoryConfiguration API operation for Amazon Simple Storage Service. // +// This operation is not supported by directory buckets. +// // Deletes an inventory configuration (identified by the inventory ID) from // the bucket. // // To use this operation, you must have permissions to perform the s3:PutInventoryConfiguration // action. The bucket owner has this permission by default. The bucket owner // can grant this permission to others. For more information about permissions, -// see Permissions Related to Bucket Subresource Operations (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources) -// and Managing Access Permissions to Your Amazon S3 Resources (https://docs.aws.amazon.com/AmazonS3/latest/dev/s3-access-control.html). +// see Permissions Related to Bucket Subresource Operations (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources) +// and Managing Access Permissions to Your Amazon S3 Resources (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-access-control.html). // // For information about the Amazon S3 inventory feature, see Amazon S3 Inventory // (https://docs.aws.amazon.com/AmazonS3/latest/dev/storage-inventory.html). // // Operations related to DeleteBucketInventoryConfiguration include: // -// * GetBucketInventoryConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketInventoryConfiguration.html) +// - GetBucketInventoryConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketInventoryConfiguration.html) // -// * PutBucketInventoryConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketInventoryConfiguration.html) +// - PutBucketInventoryConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketInventoryConfiguration.html) // -// * ListBucketInventoryConfigurations (https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListBucketInventoryConfigurations.html) +// - ListBucketInventoryConfigurations (https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListBucketInventoryConfigurations.html) // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -1419,14 +1676,13 @@ const opDeleteBucketLifecycle = "DeleteBucketLifecycle" // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // +// // Example sending a request using the DeleteBucketLifecycleRequest method. +// req, resp := client.DeleteBucketLifecycleRequest(params) // -// // Example sending a request using the DeleteBucketLifecycleRequest method. -// req, resp := client.DeleteBucketLifecycleRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } // // See also, https://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/DeleteBucketLifecycle func (c *S3) DeleteBucketLifecycleRequest(input *DeleteBucketLifecycleInput) (req *request.Request, output *DeleteBucketLifecycleOutput) { @@ -1448,6 +1704,8 @@ func (c *S3) DeleteBucketLifecycleRequest(input *DeleteBucketLifecycleInput) (re // DeleteBucketLifecycle API operation for Amazon Simple Storage Service. // +// This operation is not supported by directory buckets. +// // Deletes the lifecycle configuration from the specified bucket. Amazon S3 // removes all the lifecycle configuration rules in the lifecycle subresource // associated with the bucket. Your objects never expire, and Amazon S3 no longer @@ -1466,9 +1724,9 @@ func (c *S3) DeleteBucketLifecycleRequest(input *DeleteBucketLifecycleInput) (re // // Related actions include: // -// * PutBucketLifecycleConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketLifecycleConfiguration.html) +// - PutBucketLifecycleConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketLifecycleConfiguration.html) // -// * GetBucketLifecycleConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketLifecycleConfiguration.html) +// - GetBucketLifecycleConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketLifecycleConfiguration.html) // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -1514,14 +1772,13 @@ const opDeleteBucketMetricsConfiguration = "DeleteBucketMetricsConfiguration" // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // +// // Example sending a request using the DeleteBucketMetricsConfigurationRequest method. +// req, resp := client.DeleteBucketMetricsConfigurationRequest(params) // -// // Example sending a request using the DeleteBucketMetricsConfigurationRequest method. -// req, resp := client.DeleteBucketMetricsConfigurationRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } // // See also, https://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/DeleteBucketMetricsConfiguration func (c *S3) DeleteBucketMetricsConfigurationRequest(input *DeleteBucketMetricsConfigurationInput) (req *request.Request, output *DeleteBucketMetricsConfigurationOutput) { @@ -1543,6 +1800,8 @@ func (c *S3) DeleteBucketMetricsConfigurationRequest(input *DeleteBucketMetricsC // DeleteBucketMetricsConfiguration API operation for Amazon Simple Storage Service. // +// This operation is not supported by directory buckets. +// // Deletes a metrics configuration for the Amazon CloudWatch request metrics // (specified by the metrics configuration ID) from the bucket. Note that this // doesn't include the daily storage metrics. @@ -1550,21 +1809,21 @@ func (c *S3) DeleteBucketMetricsConfigurationRequest(input *DeleteBucketMetricsC // To use this operation, you must have permissions to perform the s3:PutMetricsConfiguration // action. The bucket owner has this permission by default. The bucket owner // can grant this permission to others. For more information about permissions, -// see Permissions Related to Bucket Subresource Operations (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources) -// and Managing Access Permissions to Your Amazon S3 Resources (https://docs.aws.amazon.com/AmazonS3/latest/dev/s3-access-control.html). +// see Permissions Related to Bucket Subresource Operations (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources) +// and Managing Access Permissions to Your Amazon S3 Resources (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-access-control.html). // // For information about CloudWatch request metrics for Amazon S3, see Monitoring // Metrics with Amazon CloudWatch (https://docs.aws.amazon.com/AmazonS3/latest/dev/cloudwatch-monitoring.html). // // The following operations are related to DeleteBucketMetricsConfiguration: // -// * GetBucketMetricsConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketMetricsConfiguration.html) +// - GetBucketMetricsConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketMetricsConfiguration.html) // -// * PutBucketMetricsConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketMetricsConfiguration.html) +// - PutBucketMetricsConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketMetricsConfiguration.html) // -// * ListBucketMetricsConfigurations (https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListBucketMetricsConfigurations.html) +// - ListBucketMetricsConfigurations (https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListBucketMetricsConfigurations.html) // -// * Monitoring Metrics with Amazon CloudWatch (https://docs.aws.amazon.com/AmazonS3/latest/dev/cloudwatch-monitoring.html) +// - Monitoring Metrics with Amazon CloudWatch (https://docs.aws.amazon.com/AmazonS3/latest/dev/cloudwatch-monitoring.html) // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -1610,14 +1869,13 @@ const opDeleteBucketOwnershipControls = "DeleteBucketOwnershipControls" // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // +// // Example sending a request using the DeleteBucketOwnershipControlsRequest method. +// req, resp := client.DeleteBucketOwnershipControlsRequest(params) // -// // Example sending a request using the DeleteBucketOwnershipControlsRequest method. -// req, resp := client.DeleteBucketOwnershipControlsRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } // // See also, https://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/DeleteBucketOwnershipControls func (c *S3) DeleteBucketOwnershipControlsRequest(input *DeleteBucketOwnershipControlsInput) (req *request.Request, output *DeleteBucketOwnershipControlsOutput) { @@ -1639,6 +1897,8 @@ func (c *S3) DeleteBucketOwnershipControlsRequest(input *DeleteBucketOwnershipCo // DeleteBucketOwnershipControls API operation for Amazon Simple Storage Service. // +// This operation is not supported by directory buckets. +// // Removes OwnershipControls for an Amazon S3 bucket. To use this operation, // you must have the s3:PutBucketOwnershipControls permission. For more information // about Amazon S3 permissions, see Specifying Permissions in a Policy (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-with-s3-actions.html). @@ -1648,9 +1908,9 @@ func (c *S3) DeleteBucketOwnershipControlsRequest(input *DeleteBucketOwnershipCo // // The following operations are related to DeleteBucketOwnershipControls: // -// * GetBucketOwnershipControls +// - GetBucketOwnershipControls // -// * PutBucketOwnershipControls +// - PutBucketOwnershipControls // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -1696,14 +1956,13 @@ const opDeleteBucketPolicy = "DeleteBucketPolicy" // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // +// // Example sending a request using the DeleteBucketPolicyRequest method. +// req, resp := client.DeleteBucketPolicyRequest(params) // -// // Example sending a request using the DeleteBucketPolicyRequest method. -// req, resp := client.DeleteBucketPolicyRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } // // See also, https://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/DeleteBucketPolicy func (c *S3) DeleteBucketPolicyRequest(input *DeleteBucketPolicyInput) (req *request.Request, output *DeleteBucketPolicyOutput) { @@ -1725,29 +1984,58 @@ func (c *S3) DeleteBucketPolicyRequest(input *DeleteBucketPolicyInput) (req *req // DeleteBucketPolicy API operation for Amazon Simple Storage Service. // -// This implementation of the DELETE operation uses the policy subresource to -// delete the policy of a specified bucket. If you are using an identity other -// than the root user of the AWS account that owns the bucket, the calling identity -// must have the DeleteBucketPolicy permissions on the specified bucket and -// belong to the bucket owner's account to use this operation. +// Deletes the policy of a specified bucket. +// +// Directory buckets - For directory buckets, you must make requests for this +// API operation to the Regional endpoint. These endpoints support path-style +// requests in the format https://s3express-control.region_code.amazonaws.com/bucket-name +// . Virtual-hosted-style requests aren't supported. For more information, see +// Regional and Zonal endpoints (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-Regions-and-Zones.html) +// in the Amazon S3 User Guide. +// +// # Permissions +// +// If you are using an identity other than the root user of the Amazon Web Services +// account that owns the bucket, the calling identity must both have the DeleteBucketPolicy +// permissions on the specified bucket and belong to the bucket owner's account +// in order to use this operation. // // If you don't have DeleteBucketPolicy permissions, Amazon S3 returns a 403 // Access Denied error. If you have the correct permissions, but you're not // using an identity that belongs to the bucket owner's account, Amazon S3 returns // a 405 Method Not Allowed error. // -// As a security precaution, the root user of the AWS account that owns a bucket -// can always use this operation, even if the policy explicitly denies the root -// user the ability to perform this action. +// To ensure that bucket owners don't inadvertently lock themselves out of their +// own buckets, the root principal in a bucket owner's Amazon Web Services account +// can perform the GetBucketPolicy, PutBucketPolicy, and DeleteBucketPolicy +// API actions, even if their bucket policy explicitly denies the root principal's +// access. Bucket owner root principals can only be blocked from performing +// these API actions by VPC endpoint policies and Amazon Web Services Organizations +// policies. +// +// - General purpose bucket permissions - The s3:DeleteBucketPolicy permission +// is required in a policy. For more information about general purpose buckets +// bucket policies, see Using Bucket Policies and User Policies (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-iam-policies.html) +// in the Amazon S3 User Guide. +// +// - Directory bucket permissions - To grant access to this API operation, +// you must have the s3express:DeleteBucketPolicy permission in an IAM identity-based +// policy instead of a bucket policy. Cross-account access to this API operation +// isn't supported. This operation can only be performed by the Amazon Web +// Services account that owns the resource. For more information about directory +// bucket policies and permissions, see Amazon Web Services Identity and +// Access Management (IAM) for S3 Express One Zone (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-security-iam.html) +// in the Amazon S3 User Guide. +// +// # HTTP Host header syntax // -// For more information about bucket policies, see Using Bucket Policies and -// UserPolicies (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-iam-policies.html). +// Directory buckets - The HTTP Host header syntax is s3express-control.region.amazonaws.com. // // The following operations are related to DeleteBucketPolicy // -// * CreateBucket (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateBucket.html) +// - CreateBucket (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateBucket.html) // -// * DeleteObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteObject.html) +// - DeleteObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteObject.html) // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -1793,14 +2081,13 @@ const opDeleteBucketReplication = "DeleteBucketReplication" // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // +// // Example sending a request using the DeleteBucketReplicationRequest method. +// req, resp := client.DeleteBucketReplicationRequest(params) // -// // Example sending a request using the DeleteBucketReplicationRequest method. -// req, resp := client.DeleteBucketReplicationRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } // // See also, https://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/DeleteBucketReplication func (c *S3) DeleteBucketReplicationRequest(input *DeleteBucketReplicationInput) (req *request.Request, output *DeleteBucketReplicationOutput) { @@ -1822,25 +2109,27 @@ func (c *S3) DeleteBucketReplicationRequest(input *DeleteBucketReplicationInput) // DeleteBucketReplication API operation for Amazon Simple Storage Service. // +// This operation is not supported by directory buckets. +// // Deletes the replication configuration from the bucket. // // To use this operation, you must have permissions to perform the s3:PutReplicationConfiguration // action. The bucket owner has these permissions by default and can grant it // to others. For more information about permissions, see Permissions Related -// to Bucket Subresource Operations (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources) -// and Managing Access Permissions to Your Amazon S3 Resources (https://docs.aws.amazon.com/AmazonS3/latest/dev/s3-access-control.html). +// to Bucket Subresource Operations (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources) +// and Managing Access Permissions to Your Amazon S3 Resources (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-access-control.html). // // It can take a while for the deletion of a replication configuration to fully // propagate. // // For information about replication configuration, see Replication (https://docs.aws.amazon.com/AmazonS3/latest/dev/replication.html) -// in the Amazon S3 Developer Guide. +// in the Amazon S3 User Guide. // // The following operations are related to DeleteBucketReplication: // -// * PutBucketReplication (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketReplication.html) +// - PutBucketReplication (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketReplication.html) // -// * GetBucketReplication (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketReplication.html) +// - GetBucketReplication (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketReplication.html) // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -1886,14 +2175,13 @@ const opDeleteBucketTagging = "DeleteBucketTagging" // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // +// // Example sending a request using the DeleteBucketTaggingRequest method. +// req, resp := client.DeleteBucketTaggingRequest(params) // -// // Example sending a request using the DeleteBucketTaggingRequest method. -// req, resp := client.DeleteBucketTaggingRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } // // See also, https://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/DeleteBucketTagging func (c *S3) DeleteBucketTaggingRequest(input *DeleteBucketTaggingInput) (req *request.Request, output *DeleteBucketTaggingOutput) { @@ -1915,6 +2203,8 @@ func (c *S3) DeleteBucketTaggingRequest(input *DeleteBucketTaggingInput) (req *r // DeleteBucketTagging API operation for Amazon Simple Storage Service. // +// This operation is not supported by directory buckets. +// // Deletes the tags from the bucket. // // To use this operation, you must have permission to perform the s3:PutBucketTagging @@ -1923,9 +2213,9 @@ func (c *S3) DeleteBucketTaggingRequest(input *DeleteBucketTaggingInput) (req *r // // The following operations are related to DeleteBucketTagging: // -// * GetBucketTagging (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketTagging.html) +// - GetBucketTagging (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketTagging.html) // -// * PutBucketTagging (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketTagging.html) +// - PutBucketTagging (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketTagging.html) // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -1971,14 +2261,13 @@ const opDeleteBucketWebsite = "DeleteBucketWebsite" // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // +// // Example sending a request using the DeleteBucketWebsiteRequest method. +// req, resp := client.DeleteBucketWebsiteRequest(params) // -// // Example sending a request using the DeleteBucketWebsiteRequest method. -// req, resp := client.DeleteBucketWebsiteRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } // // See also, https://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/DeleteBucketWebsite func (c *S3) DeleteBucketWebsiteRequest(input *DeleteBucketWebsiteInput) (req *request.Request, output *DeleteBucketWebsiteOutput) { @@ -2000,15 +2289,17 @@ func (c *S3) DeleteBucketWebsiteRequest(input *DeleteBucketWebsiteInput) (req *r // DeleteBucketWebsite API operation for Amazon Simple Storage Service. // -// This operation removes the website configuration for a bucket. Amazon S3 -// returns a 200 OK response upon successfully deleting a website configuration -// on the specified bucket. You will get a 200 OK response if the website configuration +// This operation is not supported by directory buckets. +// +// This action removes the website configuration for a bucket. Amazon S3 returns +// a 200 OK response upon successfully deleting a website configuration on the +// specified bucket. You will get a 200 OK response if the website configuration // you are trying to delete does not exist on the bucket. Amazon S3 returns // a 404 response if the bucket specified in the request does not exist. // -// This DELETE operation requires the S3:DeleteBucketWebsite permission. By -// default, only the bucket owner can delete the website configuration attached -// to a bucket. However, bucket owners can grant other users permission to delete +// This DELETE action requires the S3:DeleteBucketWebsite permission. By default, +// only the bucket owner can delete the website configuration attached to a +// bucket. However, bucket owners can grant other users permission to delete // the website configuration by writing a bucket policy granting them the S3:DeleteBucketWebsite // permission. // @@ -2017,9 +2308,9 @@ func (c *S3) DeleteBucketWebsiteRequest(input *DeleteBucketWebsiteInput) (req *r // // The following operations are related to DeleteBucketWebsite: // -// * GetBucketWebsite (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketWebsite.html) +// - GetBucketWebsite (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketWebsite.html) // -// * PutBucketWebsite (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketWebsite.html) +// - PutBucketWebsite (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketWebsite.html) // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -2065,14 +2356,13 @@ const opDeleteObject = "DeleteObject" // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // +// // Example sending a request using the DeleteObjectRequest method. +// req, resp := client.DeleteObjectRequest(params) // -// // Example sending a request using the DeleteObjectRequest method. -// req, resp := client.DeleteObjectRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } // // See also, https://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/DeleteObject func (c *S3) DeleteObjectRequest(input *DeleteObjectInput) (req *request.Request, output *DeleteObjectOutput) { @@ -2093,33 +2383,91 @@ func (c *S3) DeleteObjectRequest(input *DeleteObjectInput) (req *request.Request // DeleteObject API operation for Amazon Simple Storage Service. // -// Removes the null version (if there is one) of an object and inserts a delete -// marker, which becomes the latest version of the object. If there isn't a -// null version, Amazon S3 does not remove any objects. -// -// To remove a specific version, you must be the bucket owner and you must use -// the version Id subresource. Using this subresource permanently deletes the -// version. If the object deleted is a delete marker, Amazon S3 sets the response -// header, x-amz-delete-marker, to true. +// Removes an object from a bucket. The behavior depends on the bucket's versioning +// state: +// +// - If bucket versioning is not enabled, the operation permanently deletes +// the object. +// +// - If bucket versioning is enabled, the operation inserts a delete marker, +// which becomes the current version of the object. To permanently delete +// an object in a versioned bucket, you must include the object’s versionId +// in the request. For more information about versioning-enabled buckets, +// see Deleting object versions from a versioning-enabled bucket (https://docs.aws.amazon.com/AmazonS3/latest/userguide/DeletingObjectVersions.html). +// +// - If bucket versioning is suspended, the operation removes the object +// that has a null versionId, if there is one, and inserts a delete marker +// that becomes the current version of the object. If there isn't an object +// with a null versionId, and all versions of the object have a versionId, +// Amazon S3 does not remove the object and only inserts a delete marker. +// To permanently delete an object that has a versionId, you must include +// the object’s versionId in the request. For more information about versioning-suspended +// buckets, see Deleting objects from versioning-suspended buckets (https://docs.aws.amazon.com/AmazonS3/latest/userguide/DeletingObjectsfromVersioningSuspendedBuckets.html). +// +// - Directory buckets - S3 Versioning isn't enabled and supported for directory +// buckets. For this API operation, only the null value of the version ID +// is supported by directory buckets. You can only specify null to the versionId +// query parameter in the request. +// +// - Directory buckets - For directory buckets, you must make requests for +// this API operation to the Zonal endpoint. These endpoints support virtual-hosted-style +// requests in the format https://bucket_name.s3express-az_id.region.amazonaws.com/key-name +// . Path-style requests are not supported. For more information, see Regional +// and Zonal endpoints (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-Regions-and-Zones.html) +// in the Amazon S3 User Guide. +// +// To remove a specific version, you must use the versionId query parameter. +// Using this query parameter permanently deletes the version. If the object +// deleted is a delete marker, Amazon S3 sets the response header x-amz-delete-marker +// to true. // // If the object you want to delete is in a bucket where the bucket versioning // configuration is MFA Delete enabled, you must include the x-amz-mfa request // header in the DELETE versionId request. Requests that include x-amz-mfa must -// use HTTPS. +// use HTTPS. For more information about MFA Delete, see Using MFA Delete (https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingMFADelete.html) +// in the Amazon S3 User Guide. To see sample requests that use versioning, +// see Sample Request (https://docs.aws.amazon.com/AmazonS3/latest/API/RESTObjectDELETE.html#ExampleVersionObjectDelete). // -// For more information about MFA Delete, see Using MFA Delete (https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingMFADelete.html). -// To see sample requests that use versioning, see Sample Request (https://docs.aws.amazon.com/AmazonS3/latest/API/RESTObjectDELETE.html#ExampleVersionObjectDelete). +// Directory buckets - MFA delete is not supported by directory buckets. // -// You can delete objects by explicitly calling the DELETE Object API or configure -// its lifecycle (PutBucketLifecycle (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketLifecycle.html)) +// You can delete objects by explicitly calling DELETE Object or calling (PutBucketLifecycle +// (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketLifecycle.html)) // to enable Amazon S3 to remove them for you. If you want to block users or // accounts from removing or deleting objects from your bucket, you must deny // them the s3:DeleteObject, s3:DeleteObjectVersion, and s3:PutLifeCycleConfiguration // actions. // -// The following operation is related to DeleteObject: +// Directory buckets - S3 Lifecycle is not supported by directory buckets. // -// * PutObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObject.html) +// Permissions +// +// - General purpose bucket permissions - The following permissions are required +// in your policies when your DeleteObjects request includes specific headers. +// s3:DeleteObject - To delete an object from a bucket, you must always have +// the s3:DeleteObject permission. s3:DeleteObjectVersion - To delete a specific +// version of an object from a versioning-enabled bucket, you must have the +// s3:DeleteObjectVersion permission. +// +// - Directory bucket permissions - To grant access to this API operation +// on a directory bucket, we recommend that you use the CreateSession (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html) +// API operation for session-based authorization. Specifically, you grant +// the s3express:CreateSession permission to the directory bucket in a bucket +// policy or an IAM identity-based policy. Then, you make the CreateSession +// API call on the bucket to obtain a session token. With the session token +// in your request header, you can make API requests to this operation. After +// the session token expires, you make another CreateSession API call to +// generate a new session token for use. Amazon Web Services CLI or SDKs +// create session and refresh the session token automatically to avoid service +// interruptions when a session expires. For more information about authorization, +// see CreateSession (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html). +// +// # HTTP Host header syntax +// +// Directory buckets - The HTTP Host header syntax is Bucket_name.s3express-az_id.region.amazonaws.com. +// +// The following action is related to DeleteObject: +// +// - PutObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObject.html) // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -2165,14 +2513,13 @@ const opDeleteObjectTagging = "DeleteObjectTagging" // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // +// // Example sending a request using the DeleteObjectTaggingRequest method. +// req, resp := client.DeleteObjectTaggingRequest(params) // -// // Example sending a request using the DeleteObjectTaggingRequest method. -// req, resp := client.DeleteObjectTaggingRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } // // See also, https://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/DeleteObjectTagging func (c *S3) DeleteObjectTaggingRequest(input *DeleteObjectTaggingInput) (req *request.Request, output *DeleteObjectTaggingOutput) { @@ -2193,6 +2540,8 @@ func (c *S3) DeleteObjectTaggingRequest(input *DeleteObjectTaggingInput) (req *r // DeleteObjectTagging API operation for Amazon Simple Storage Service. // +// This operation is not supported by directory buckets. +// // Removes the entire tag set from the specified object. For more information // about managing object tags, see Object Tagging (https://docs.aws.amazon.com/AmazonS3/latest/dev/object-tagging.html). // @@ -2203,11 +2552,11 @@ func (c *S3) DeleteObjectTaggingRequest(input *DeleteObjectTaggingInput) (req *r // in the request. You will need permission for the s3:DeleteObjectVersionTagging // action. // -// The following operations are related to DeleteBucketMetricsConfiguration: +// The following operations are related to DeleteObjectTagging: // -// * PutObjectTagging (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObjectTagging.html) +// - PutObjectTagging (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObjectTagging.html) // -// * GetObjectTagging (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObjectTagging.html) +// - GetObjectTagging (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObjectTagging.html) // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -2253,14 +2602,13 @@ const opDeleteObjects = "DeleteObjects" // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // +// // Example sending a request using the DeleteObjectsRequest method. +// req, resp := client.DeleteObjectsRequest(params) // -// // Example sending a request using the DeleteObjectsRequest method. -// req, resp := client.DeleteObjectsRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } // // See also, https://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/DeleteObjects func (c *S3) DeleteObjectsRequest(input *DeleteObjectsInput) (req *request.Request, output *DeleteObjectsOutput) { @@ -2290,43 +2638,89 @@ func (c *S3) DeleteObjectsRequest(input *DeleteObjectsInput) (req *request.Reque // then this operation provides a suitable alternative to sending individual // delete requests, reducing per-request overhead. // -// The request contains a list of up to 1000 keys that you want to delete. In -// the XML, you provide the object key names, and optionally, version IDs if -// you want to delete a specific version of the object from a versioning-enabled +// The request can contain a list of up to 1000 keys that you want to delete. +// In the XML, you provide the object key names, and optionally, version IDs +// if you want to delete a specific version of the object from a versioning-enabled // bucket. For each key, Amazon S3 performs a delete operation and returns the -// result of that delete, success, or failure, in the response. Note that if +// result of that delete, success or failure, in the response. Note that if // the object specified in the request is not found, Amazon S3 returns the result // as deleted. // +// - Directory buckets - S3 Versioning isn't enabled and supported for directory +// buckets. +// +// - Directory buckets - For directory buckets, you must make requests for +// this API operation to the Zonal endpoint. These endpoints support virtual-hosted-style +// requests in the format https://bucket_name.s3express-az_id.region.amazonaws.com/key-name +// . Path-style requests are not supported. For more information, see Regional +// and Zonal endpoints (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-Regions-and-Zones.html) +// in the Amazon S3 User Guide. +// // The operation supports two modes for the response: verbose and quiet. By // default, the operation uses verbose mode in which the response includes the // result of deletion of each key in your request. In quiet mode the response // includes only keys where the delete operation encountered an error. For a -// successful deletion, the operation does not return any information about -// the delete in the response body. +// successful deletion in a quiet mode, the operation does not return any information +// about the delete in the response body. // -// When performing this operation on an MFA Delete enabled bucket, that attempts +// When performing this action on an MFA Delete enabled bucket, that attempts // to delete any versioned objects, you must include an MFA token. If you do // not provide one, the entire request will fail, even if there are non-versioned // objects you are trying to delete. If you provide an invalid token, whether // there are versioned keys in the request or not, the entire Multi-Object Delete -// request will fail. For information about MFA Delete, see MFA Delete (https://docs.aws.amazon.com/AmazonS3/latest/dev/Versioning.html#MultiFactorAuthenticationDelete). +// request will fail. For information about MFA Delete, see MFA Delete (https://docs.aws.amazon.com/AmazonS3/latest/dev/Versioning.html#MultiFactorAuthenticationDelete) +// in the Amazon S3 User Guide. +// +// Directory buckets - MFA delete is not supported by directory buckets. +// +// Permissions // -// Finally, the Content-MD5 header is required for all Multi-Object Delete requests. -// Amazon S3 uses the header value to ensure that your request body has not -// been altered in transit. +// - General purpose bucket permissions - The following permissions are required +// in your policies when your DeleteObjects request includes specific headers. +// s3:DeleteObject - To delete an object from a bucket, you must always specify +// the s3:DeleteObject permission. s3:DeleteObjectVersion - To delete a specific +// version of an object from a versiong-enabled bucket, you must specify +// the s3:DeleteObjectVersion permission. +// +// - Directory bucket permissions - To grant access to this API operation +// on a directory bucket, we recommend that you use the CreateSession (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html) +// API operation for session-based authorization. Specifically, you grant +// the s3express:CreateSession permission to the directory bucket in a bucket +// policy or an IAM identity-based policy. Then, you make the CreateSession +// API call on the bucket to obtain a session token. With the session token +// in your request header, you can make API requests to this operation. After +// the session token expires, you make another CreateSession API call to +// generate a new session token for use. Amazon Web Services CLI or SDKs +// create session and refresh the session token automatically to avoid service +// interruptions when a session expires. For more information about authorization, +// see CreateSession (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html). +// +// Content-MD5 request header +// +// - General purpose bucket - The Content-MD5 request header is required +// for all Multi-Object Delete requests. Amazon S3 uses the header value +// to ensure that your request body has not been altered in transit. +// +// - Directory bucket - The Content-MD5 request header or a additional checksum +// request header (including x-amz-checksum-crc32, x-amz-checksum-crc32c, +// x-amz-checksum-sha1, or x-amz-checksum-sha256) is required for all Multi-Object +// Delete requests. +// +// # HTTP Host header syntax +// +// Directory buckets - The HTTP Host header syntax is Bucket_name.s3express-az_id.region.amazonaws.com. // // The following operations are related to DeleteObjects: // -// * CreateMultipartUpload (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateMultipartUpload.html) +// - CreateMultipartUpload (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateMultipartUpload.html) // -// * UploadPart (https://docs.aws.amazon.com/AmazonS3/latest/API/API_UploadPart.html) +// - UploadPart (https://docs.aws.amazon.com/AmazonS3/latest/API/API_UploadPart.html) // -// * CompleteMultipartUpload (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CompleteMultipartUpload.html) +// - CompleteMultipartUpload (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CompleteMultipartUpload.html) // -// * ListParts (https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListParts.html) +// - ListParts (https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListParts.html) // -// * AbortMultipartUpload (https://docs.aws.amazon.com/AmazonS3/latest/API/API_AbortMultipartUpload.html) +// - AbortMultipartUpload (https://docs.aws.amazon.com/AmazonS3/latest/API/API_AbortMultipartUpload.html) // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -2372,14 +2766,13 @@ const opDeletePublicAccessBlock = "DeletePublicAccessBlock" // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // +// // Example sending a request using the DeletePublicAccessBlockRequest method. +// req, resp := client.DeletePublicAccessBlockRequest(params) // -// // Example sending a request using the DeletePublicAccessBlockRequest method. -// req, resp := client.DeletePublicAccessBlockRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } // // See also, https://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/DeletePublicAccessBlock func (c *S3) DeletePublicAccessBlockRequest(input *DeletePublicAccessBlockInput) (req *request.Request, output *DeletePublicAccessBlockOutput) { @@ -2401,21 +2794,23 @@ func (c *S3) DeletePublicAccessBlockRequest(input *DeletePublicAccessBlockInput) // DeletePublicAccessBlock API operation for Amazon Simple Storage Service. // +// This operation is not supported by directory buckets. +// // Removes the PublicAccessBlock configuration for an Amazon S3 bucket. To use // this operation, you must have the s3:PutBucketPublicAccessBlock permission. // For more information about permissions, see Permissions Related to Bucket -// Subresource Operations (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources) -// and Managing Access Permissions to Your Amazon S3 Resources (https://docs.aws.amazon.com/AmazonS3/latest/dev/s3-access-control.html). +// Subresource Operations (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources) +// and Managing Access Permissions to Your Amazon S3 Resources (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-access-control.html). // // The following operations are related to DeletePublicAccessBlock: // -// * Using Amazon S3 Block Public Access (https://docs.aws.amazon.com/AmazonS3/latest/dev/access-control-block-public-access.html) +// - Using Amazon S3 Block Public Access (https://docs.aws.amazon.com/AmazonS3/latest/dev/access-control-block-public-access.html) // -// * GetPublicAccessBlock (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetPublicAccessBlock.html) +// - GetPublicAccessBlock (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetPublicAccessBlock.html) // -// * PutPublicAccessBlock (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutPublicAccessBlock.html) +// - PutPublicAccessBlock (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutPublicAccessBlock.html) // -// * GetBucketPolicyStatus (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketPolicyStatus.html) +// - GetBucketPolicyStatus (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketPolicyStatus.html) // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -2461,14 +2856,13 @@ const opGetBucketAccelerateConfiguration = "GetBucketAccelerateConfiguration" // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // +// // Example sending a request using the GetBucketAccelerateConfigurationRequest method. +// req, resp := client.GetBucketAccelerateConfigurationRequest(params) // -// // Example sending a request using the GetBucketAccelerateConfigurationRequest method. -// req, resp := client.GetBucketAccelerateConfigurationRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } // // See also, https://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/GetBucketAccelerateConfiguration func (c *S3) GetBucketAccelerateConfigurationRequest(input *GetBucketAccelerateConfigurationInput) (req *request.Request, output *GetBucketAccelerateConfigurationOutput) { @@ -2489,17 +2883,19 @@ func (c *S3) GetBucketAccelerateConfigurationRequest(input *GetBucketAccelerateC // GetBucketAccelerateConfiguration API operation for Amazon Simple Storage Service. // -// This implementation of the GET operation uses the accelerate subresource -// to return the Transfer Acceleration state of a bucket, which is either Enabled +// This operation is not supported by directory buckets. +// +// This implementation of the GET action uses the accelerate subresource to +// return the Transfer Acceleration state of a bucket, which is either Enabled // or Suspended. Amazon S3 Transfer Acceleration is a bucket-level feature that // enables you to perform faster data transfers to and from Amazon S3. // // To use this operation, you must have permission to perform the s3:GetAccelerateConfiguration // action. The bucket owner has this permission by default. The bucket owner // can grant this permission to others. For more information about permissions, -// see Permissions Related to Bucket Subresource Operations (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources) -// and Managing Access Permissions to your Amazon S3 Resources (https://docs.aws.amazon.com/AmazonS3/latest/dev/s3-access-control.html) -// in the Amazon Simple Storage Service Developer Guide. +// see Permissions Related to Bucket Subresource Operations (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources) +// and Managing Access Permissions to your Amazon S3 Resources (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-access-control.html) +// in the Amazon S3 User Guide. // // You set the Transfer Acceleration state of an existing bucket to Enabled // or Suspended by using the PutBucketAccelerateConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketAccelerateConfiguration.html) @@ -2511,11 +2907,11 @@ func (c *S3) GetBucketAccelerateConfigurationRequest(input *GetBucketAccelerateC // // For more information about transfer acceleration, see Transfer Acceleration // (https://docs.aws.amazon.com/AmazonS3/latest/dev/transfer-acceleration.html) -// in the Amazon Simple Storage Service Developer Guide. +// in the Amazon S3 User Guide. // -// Related Resources +// The following operations are related to GetBucketAccelerateConfiguration: // -// * PutBucketAccelerateConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketAccelerateConfiguration.html) +// - PutBucketAccelerateConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketAccelerateConfiguration.html) // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -2561,14 +2957,13 @@ const opGetBucketAcl = "GetBucketAcl" // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // +// // Example sending a request using the GetBucketAclRequest method. +// req, resp := client.GetBucketAclRequest(params) // -// // Example sending a request using the GetBucketAclRequest method. -// req, resp := client.GetBucketAclRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } // // See also, https://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/GetBucketAcl func (c *S3) GetBucketAclRequest(input *GetBucketAclInput) (req *request.Request, output *GetBucketAclOutput) { @@ -2589,15 +2984,32 @@ func (c *S3) GetBucketAclRequest(input *GetBucketAclInput) (req *request.Request // GetBucketAcl API operation for Amazon Simple Storage Service. // -// This implementation of the GET operation uses the acl subresource to return +// This operation is not supported by directory buckets. +// +// This implementation of the GET action uses the acl subresource to return // the access control list (ACL) of a bucket. To use GET to return the ACL of -// the bucket, you must have READ_ACP access to the bucket. If READ_ACP permission -// is granted to the anonymous user, you can return the ACL of the bucket without -// using an authorization header. +// the bucket, you must have the READ_ACP access to the bucket. If READ_ACP +// permission is granted to the anonymous user, you can return the ACL of the +// bucket without using an authorization header. // -// Related Resources +// When you use this API operation with an access point, provide the alias of +// the access point in place of the bucket name. // -// * ListObjects (https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListObjects.html) +// When you use this API operation with an Object Lambda access point, provide +// the alias of the Object Lambda access point in place of the bucket name. +// If the Object Lambda access point alias in a request is not valid, the error +// code InvalidAccessPointAliasError is returned. For more information about +// InvalidAccessPointAliasError, see List of Error Codes (https://docs.aws.amazon.com/AmazonS3/latest/API/ErrorResponses.html#ErrorCodeList). +// +// If your bucket uses the bucket owner enforced setting for S3 Object Ownership, +// requests to read ACLs are still supported and return the bucket-owner-full-control +// ACL with the owner being the account that created the bucket. For more information, +// see Controlling object ownership and disabling ACLs (https://docs.aws.amazon.com/AmazonS3/latest/userguide/about-object-ownership.html) +// in the Amazon S3 User Guide. +// +// The following operations are related to GetBucketAcl: +// +// - ListObjects (https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListObjects.html) // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -2643,14 +3055,13 @@ const opGetBucketAnalyticsConfiguration = "GetBucketAnalyticsConfiguration" // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // +// // Example sending a request using the GetBucketAnalyticsConfigurationRequest method. +// req, resp := client.GetBucketAnalyticsConfigurationRequest(params) // -// // Example sending a request using the GetBucketAnalyticsConfigurationRequest method. -// req, resp := client.GetBucketAnalyticsConfigurationRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } // // See also, https://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/GetBucketAnalyticsConfiguration func (c *S3) GetBucketAnalyticsConfigurationRequest(input *GetBucketAnalyticsConfigurationInput) (req *request.Request, output *GetBucketAnalyticsConfigurationOutput) { @@ -2671,27 +3082,29 @@ func (c *S3) GetBucketAnalyticsConfigurationRequest(input *GetBucketAnalyticsCon // GetBucketAnalyticsConfiguration API operation for Amazon Simple Storage Service. // -// This implementation of the GET operation returns an analytics configuration +// This operation is not supported by directory buckets. +// +// This implementation of the GET action returns an analytics configuration // (identified by the analytics configuration ID) from the bucket. // // To use this operation, you must have permissions to perform the s3:GetAnalyticsConfiguration // action. The bucket owner has this permission by default. The bucket owner // can grant this permission to others. For more information about permissions, -// see Permissions Related to Bucket Subresource Operations (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources) -// and Managing Access Permissions to Your Amazon S3 Resources (https://docs.aws.amazon.com/AmazonS3/latest/dev/s3-access-control.html) -// in the Amazon Simple Storage Service Developer Guide. +// see Permissions Related to Bucket Subresource Operations (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources) +// and Managing Access Permissions to Your Amazon S3 Resources (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-access-control.html) +// in the Amazon S3 User Guide. // // For information about Amazon S3 analytics feature, see Amazon S3 Analytics // – Storage Class Analysis (https://docs.aws.amazon.com/AmazonS3/latest/dev/analytics-storage-class.html) -// in the Amazon Simple Storage Service Developer Guide. +// in the Amazon S3 User Guide. // -// Related Resources +// The following operations are related to GetBucketAnalyticsConfiguration: // -// * DeleteBucketAnalyticsConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketAnalyticsConfiguration.html) +// - DeleteBucketAnalyticsConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketAnalyticsConfiguration.html) // -// * ListBucketAnalyticsConfigurations (https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListBucketAnalyticsConfigurations.html) +// - ListBucketAnalyticsConfigurations (https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListBucketAnalyticsConfigurations.html) // -// * PutBucketAnalyticsConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketAnalyticsConfiguration.html) +// - PutBucketAnalyticsConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketAnalyticsConfiguration.html) // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -2737,14 +3150,13 @@ const opGetBucketCors = "GetBucketCors" // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // +// // Example sending a request using the GetBucketCorsRequest method. +// req, resp := client.GetBucketCorsRequest(params) // -// // Example sending a request using the GetBucketCorsRequest method. -// req, resp := client.GetBucketCorsRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } // // See also, https://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/GetBucketCors func (c *S3) GetBucketCorsRequest(input *GetBucketCorsInput) (req *request.Request, output *GetBucketCorsOutput) { @@ -2765,20 +3177,32 @@ func (c *S3) GetBucketCorsRequest(input *GetBucketCorsInput) (req *request.Reque // GetBucketCors API operation for Amazon Simple Storage Service. // -// Returns the cors configuration information set for the bucket. +// This operation is not supported by directory buckets. +// +// Returns the Cross-Origin Resource Sharing (CORS) configuration information +// set for the bucket. // // To use this operation, you must have permission to perform the s3:GetBucketCORS // action. By default, the bucket owner has this permission and can grant it // to others. // -// For more information about cors, see Enabling Cross-Origin Resource Sharing +// When you use this API operation with an access point, provide the alias of +// the access point in place of the bucket name. +// +// When you use this API operation with an Object Lambda access point, provide +// the alias of the Object Lambda access point in place of the bucket name. +// If the Object Lambda access point alias in a request is not valid, the error +// code InvalidAccessPointAliasError is returned. For more information about +// InvalidAccessPointAliasError, see List of Error Codes (https://docs.aws.amazon.com/AmazonS3/latest/API/ErrorResponses.html#ErrorCodeList). +// +// For more information about CORS, see Enabling Cross-Origin Resource Sharing // (https://docs.aws.amazon.com/AmazonS3/latest/dev/cors.html). // // The following operations are related to GetBucketCors: // -// * PutBucketCors (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketCors.html) +// - PutBucketCors (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketCors.html) // -// * DeleteBucketCors (https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketCors.html) +// - DeleteBucketCors (https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketCors.html) // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -2824,14 +3248,13 @@ const opGetBucketEncryption = "GetBucketEncryption" // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // +// // Example sending a request using the GetBucketEncryptionRequest method. +// req, resp := client.GetBucketEncryptionRequest(params) // -// // Example sending a request using the GetBucketEncryptionRequest method. -// req, resp := client.GetBucketEncryptionRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } // // See also, https://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/GetBucketEncryption func (c *S3) GetBucketEncryptionRequest(input *GetBucketEncryptionInput) (req *request.Request, output *GetBucketEncryptionOutput) { @@ -2852,21 +3275,26 @@ func (c *S3) GetBucketEncryptionRequest(input *GetBucketEncryptionInput) (req *r // GetBucketEncryption API operation for Amazon Simple Storage Service. // -// Returns the default encryption configuration for an Amazon S3 bucket. For -// information about the Amazon S3 default encryption feature, see Amazon S3 -// Default Bucket Encryption (https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-encryption.html). +// This operation is not supported by directory buckets. +// +// Returns the default encryption configuration for an Amazon S3 bucket. By +// default, all buckets have a default encryption configuration that uses server-side +// encryption with Amazon S3 managed keys (SSE-S3). For information about the +// bucket default encryption feature, see Amazon S3 Bucket Default Encryption +// (https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-encryption.html) +// in the Amazon S3 User Guide. // // To use this operation, you must have permission to perform the s3:GetEncryptionConfiguration // action. The bucket owner has this permission by default. The bucket owner // can grant this permission to others. For more information about permissions, -// see Permissions Related to Bucket Subresource Operations (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources) -// and Managing Access Permissions to Your Amazon S3 Resources (https://docs.aws.amazon.com/AmazonS3/latest/dev/s3-access-control.html). +// see Permissions Related to Bucket Subresource Operations (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources) +// and Managing Access Permissions to Your Amazon S3 Resources (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-access-control.html). // // The following operations are related to GetBucketEncryption: // -// * PutBucketEncryption (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketEncryption.html) +// - PutBucketEncryption (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketEncryption.html) // -// * DeleteBucketEncryption (https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketEncryption.html) +// - DeleteBucketEncryption (https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketEncryption.html) // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -2912,14 +3340,13 @@ const opGetBucketIntelligentTieringConfiguration = "GetBucketIntelligentTieringC // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // +// // Example sending a request using the GetBucketIntelligentTieringConfigurationRequest method. +// req, resp := client.GetBucketIntelligentTieringConfigurationRequest(params) // -// // Example sending a request using the GetBucketIntelligentTieringConfigurationRequest method. -// req, resp := client.GetBucketIntelligentTieringConfigurationRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } // // See also, https://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/GetBucketIntelligentTieringConfiguration func (c *S3) GetBucketIntelligentTieringConfigurationRequest(input *GetBucketIntelligentTieringConfigurationInput) (req *request.Request, output *GetBucketIntelligentTieringConfigurationOutput) { @@ -2940,32 +3367,34 @@ func (c *S3) GetBucketIntelligentTieringConfigurationRequest(input *GetBucketInt // GetBucketIntelligentTieringConfiguration API operation for Amazon Simple Storage Service. // +// This operation is not supported by directory buckets. +// // Gets the S3 Intelligent-Tiering configuration from the specified bucket. // // The S3 Intelligent-Tiering storage class is designed to optimize storage // costs by automatically moving data to the most cost-effective storage access -// tier, without additional operational overhead. S3 Intelligent-Tiering delivers -// automatic cost savings by moving data between access tiers, when access patterns -// change. -// -// The S3 Intelligent-Tiering storage class is suitable for objects larger than -// 128 KB that you plan to store for at least 30 days. If the size of an object -// is less than 128 KB, it is not eligible for auto-tiering. Smaller objects -// can be stored, but they are always charged at the frequent access tier rates +// tier, without performance impact or operational overhead. S3 Intelligent-Tiering +// delivers automatic cost savings in three low latency and high throughput +// access tiers. To get the lowest storage cost on data that can be accessed +// in minutes to hours, you can choose to activate additional archiving capabilities. +// +// The S3 Intelligent-Tiering storage class is the ideal storage class for data +// with unknown, changing, or unpredictable access patterns, independent of +// object size or retention period. If the size of an object is less than 128 +// KB, it is not monitored and not eligible for auto-tiering. Smaller objects +// can be stored, but they are always charged at the Frequent Access tier rates // in the S3 Intelligent-Tiering storage class. // -// If you delete an object before the end of the 30-day minimum storage duration -// period, you are charged for 30 days. For more information, see Storage class -// for automatically optimizing frequently and infrequently accessed objects -// (https://docs.aws.amazon.com/AmazonS3/latest/dev/storage-class-intro.html#sc-dynamic-data-access). +// For more information, see Storage class for automatically optimizing frequently +// and infrequently accessed objects (https://docs.aws.amazon.com/AmazonS3/latest/dev/storage-class-intro.html#sc-dynamic-data-access). // // Operations related to GetBucketIntelligentTieringConfiguration include: // -// * DeleteBucketIntelligentTieringConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketIntelligentTieringConfiguration.html) +// - DeleteBucketIntelligentTieringConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketIntelligentTieringConfiguration.html) // -// * PutBucketIntelligentTieringConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketIntelligentTieringConfiguration.html) +// - PutBucketIntelligentTieringConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketIntelligentTieringConfiguration.html) // -// * ListBucketIntelligentTieringConfigurations (https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListBucketIntelligentTieringConfigurations.html) +// - ListBucketIntelligentTieringConfigurations (https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListBucketIntelligentTieringConfigurations.html) // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -3011,14 +3440,13 @@ const opGetBucketInventoryConfiguration = "GetBucketInventoryConfiguration" // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // +// // Example sending a request using the GetBucketInventoryConfigurationRequest method. +// req, resp := client.GetBucketInventoryConfigurationRequest(params) // -// // Example sending a request using the GetBucketInventoryConfigurationRequest method. -// req, resp := client.GetBucketInventoryConfigurationRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } // // See also, https://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/GetBucketInventoryConfiguration func (c *S3) GetBucketInventoryConfigurationRequest(input *GetBucketInventoryConfigurationInput) (req *request.Request, output *GetBucketInventoryConfigurationOutput) { @@ -3039,25 +3467,27 @@ func (c *S3) GetBucketInventoryConfigurationRequest(input *GetBucketInventoryCon // GetBucketInventoryConfiguration API operation for Amazon Simple Storage Service. // +// This operation is not supported by directory buckets. +// // Returns an inventory configuration (identified by the inventory configuration // ID) from the bucket. // // To use this operation, you must have permissions to perform the s3:GetInventoryConfiguration // action. The bucket owner has this permission by default and can grant this // permission to others. For more information about permissions, see Permissions -// Related to Bucket Subresource Operations (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources) -// and Managing Access Permissions to Your Amazon S3 Resources (https://docs.aws.amazon.com/AmazonS3/latest/dev/s3-access-control.html). +// Related to Bucket Subresource Operations (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources) +// and Managing Access Permissions to Your Amazon S3 Resources (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-access-control.html). // // For information about the Amazon S3 inventory feature, see Amazon S3 Inventory // (https://docs.aws.amazon.com/AmazonS3/latest/dev/storage-inventory.html). // // The following operations are related to GetBucketInventoryConfiguration: // -// * DeleteBucketInventoryConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketInventoryConfiguration.html) +// - DeleteBucketInventoryConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketInventoryConfiguration.html) // -// * ListBucketInventoryConfigurations (https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListBucketInventoryConfigurations.html) +// - ListBucketInventoryConfigurations (https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListBucketInventoryConfigurations.html) // -// * PutBucketInventoryConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketInventoryConfiguration.html) +// - PutBucketInventoryConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketInventoryConfiguration.html) // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -3103,14 +3533,13 @@ const opGetBucketLifecycle = "GetBucketLifecycle" // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // +// // Example sending a request using the GetBucketLifecycleRequest method. +// req, resp := client.GetBucketLifecycleRequest(params) // -// // Example sending a request using the GetBucketLifecycleRequest method. -// req, resp := client.GetBucketLifecycleRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } // // See also, https://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/GetBucketLifecycle // @@ -3136,34 +3565,35 @@ func (c *S3) GetBucketLifecycleRequest(input *GetBucketLifecycleInput) (req *req // GetBucketLifecycle API operation for Amazon Simple Storage Service. // -// // For an updated version of this API, see GetBucketLifecycleConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketLifecycleConfiguration.html). // If you configured a bucket lifecycle using the filter element, you should // see the updated version of this topic. This topic is provided for backward // compatibility. // +// This operation is not supported by directory buckets. +// // Returns the lifecycle configuration information set on the bucket. For information // about lifecycle configuration, see Object Lifecycle Management (https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lifecycle-mgmt.html). // // To use this operation, you must have permission to perform the s3:GetLifecycleConfiguration // action. The bucket owner has this permission by default. The bucket owner // can grant this permission to others. For more information about permissions, -// see Permissions Related to Bucket Subresource Operations (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources) -// and Managing Access Permissions to Your Amazon S3 Resources (https://docs.aws.amazon.com/AmazonS3/latest/dev/s3-access-control.html). +// see Permissions Related to Bucket Subresource Operations (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources) +// and Managing Access Permissions to Your Amazon S3 Resources (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-access-control.html). // // GetBucketLifecycle has the following special error: // -// * Error code: NoSuchLifecycleConfiguration Description: The lifecycle -// configuration does not exist. HTTP Status Code: 404 Not Found SOAP Fault -// Code Prefix: Client +// - Error code: NoSuchLifecycleConfiguration Description: The lifecycle +// configuration does not exist. HTTP Status Code: 404 Not Found SOAP Fault +// Code Prefix: Client // // The following operations are related to GetBucketLifecycle: // -// * GetBucketLifecycleConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketLifecycleConfiguration.html) +// - GetBucketLifecycleConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketLifecycleConfiguration.html) // -// * PutBucketLifecycle (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketLifecycle.html) +// - PutBucketLifecycle (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketLifecycle.html) // -// * DeleteBucketLifecycle (https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketLifecycle.html) +// - DeleteBucketLifecycle (https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketLifecycle.html) // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -3213,14 +3643,13 @@ const opGetBucketLifecycleConfiguration = "GetBucketLifecycleConfiguration" // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // +// // Example sending a request using the GetBucketLifecycleConfigurationRequest method. +// req, resp := client.GetBucketLifecycleConfigurationRequest(params) // -// // Example sending a request using the GetBucketLifecycleConfigurationRequest method. -// req, resp := client.GetBucketLifecycleConfigurationRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } // // See also, https://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/GetBucketLifecycleConfiguration func (c *S3) GetBucketLifecycleConfigurationRequest(input *GetBucketLifecycleConfigurationInput) (req *request.Request, output *GetBucketLifecycleConfigurationOutput) { @@ -3241,14 +3670,18 @@ func (c *S3) GetBucketLifecycleConfigurationRequest(input *GetBucketLifecycleCon // GetBucketLifecycleConfiguration API operation for Amazon Simple Storage Service. // +// This operation is not supported by directory buckets. // // Bucket lifecycle configuration now supports specifying a lifecycle rule using -// an object key name prefix, one or more object tags, or a combination of both. +// an object key name prefix, one or more object tags, object size, or any combination +// of these. Accordingly, this section describes the latest API. The previous +// version of the API supported filtering based only on an object key name prefix, +// which is supported for backward compatibility. For the related API description, +// see GetBucketLifecycle (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketLifecycle.html). // Accordingly, this section describes the latest API. The response describes // the new filter element that you can use to specify a filter to select a subset // of objects to which the rule applies. If you are using a previous version -// of the lifecycle configuration, it still works. For the earlier API description, -// see GetBucketLifecycle (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketLifecycle.html). +// of the lifecycle configuration, it still works. For the earlier action, // // Returns the lifecycle configuration information set on the bucket. For information // about lifecycle configuration, see Object Lifecycle Management (https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lifecycle-mgmt.html). @@ -3256,22 +3689,22 @@ func (c *S3) GetBucketLifecycleConfigurationRequest(input *GetBucketLifecycleCon // To use this operation, you must have permission to perform the s3:GetLifecycleConfiguration // action. The bucket owner has this permission, by default. The bucket owner // can grant this permission to others. For more information about permissions, -// see Permissions Related to Bucket Subresource Operations (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources) -// and Managing Access Permissions to Your Amazon S3 Resources (https://docs.aws.amazon.com/AmazonS3/latest/dev/s3-access-control.html). +// see Permissions Related to Bucket Subresource Operations (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources) +// and Managing Access Permissions to Your Amazon S3 Resources (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-access-control.html). // // GetBucketLifecycleConfiguration has the following special error: // -// * Error code: NoSuchLifecycleConfiguration Description: The lifecycle -// configuration does not exist. HTTP Status Code: 404 Not Found SOAP Fault -// Code Prefix: Client +// - Error code: NoSuchLifecycleConfiguration Description: The lifecycle +// configuration does not exist. HTTP Status Code: 404 Not Found SOAP Fault +// Code Prefix: Client // // The following operations are related to GetBucketLifecycleConfiguration: // -// * GetBucketLifecycle (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketLifecycle.html) +// - GetBucketLifecycle (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketLifecycle.html) // -// * PutBucketLifecycle (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketLifecycle.html) +// - PutBucketLifecycle (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketLifecycle.html) // -// * DeleteBucketLifecycle (https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketLifecycle.html) +// - DeleteBucketLifecycle (https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketLifecycle.html) // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -3317,14 +3750,13 @@ const opGetBucketLocation = "GetBucketLocation" // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // +// // Example sending a request using the GetBucketLocationRequest method. +// req, resp := client.GetBucketLocationRequest(params) // -// // Example sending a request using the GetBucketLocationRequest method. -// req, resp := client.GetBucketLocationRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } // // See also, https://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/GetBucketLocation func (c *S3) GetBucketLocationRequest(input *GetBucketLocationInput) (req *request.Request, output *GetBucketLocationOutput) { @@ -3345,17 +3777,30 @@ func (c *S3) GetBucketLocationRequest(input *GetBucketLocationInput) (req *reque // GetBucketLocation API operation for Amazon Simple Storage Service. // +// This operation is not supported by directory buckets. +// // Returns the Region the bucket resides in. You set the bucket's Region using // the LocationConstraint request parameter in a CreateBucket request. For more // information, see CreateBucket (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateBucket.html). // -// To use this implementation of the operation, you must be the bucket owner. +// When you use this API operation with an access point, provide the alias of +// the access point in place of the bucket name. +// +// When you use this API operation with an Object Lambda access point, provide +// the alias of the Object Lambda access point in place of the bucket name. +// If the Object Lambda access point alias in a request is not valid, the error +// code InvalidAccessPointAliasError is returned. For more information about +// InvalidAccessPointAliasError, see List of Error Codes (https://docs.aws.amazon.com/AmazonS3/latest/API/ErrorResponses.html#ErrorCodeList). +// +// We recommend that you use HeadBucket (https://docs.aws.amazon.com/AmazonS3/latest/API/API_HeadBucket.html) +// to return the Region that a bucket resides in. For backward compatibility, +// Amazon S3 continues to support GetBucketLocation. // // The following operations are related to GetBucketLocation: // -// * GetObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObject.html) +// - GetObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObject.html) // -// * CreateBucket (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateBucket.html) +// - CreateBucket (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateBucket.html) // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -3401,14 +3846,13 @@ const opGetBucketLogging = "GetBucketLogging" // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // +// // Example sending a request using the GetBucketLoggingRequest method. +// req, resp := client.GetBucketLoggingRequest(params) // -// // Example sending a request using the GetBucketLoggingRequest method. -// req, resp := client.GetBucketLoggingRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } // // See also, https://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/GetBucketLogging func (c *S3) GetBucketLoggingRequest(input *GetBucketLoggingInput) (req *request.Request, output *GetBucketLoggingOutput) { @@ -3429,14 +3873,16 @@ func (c *S3) GetBucketLoggingRequest(input *GetBucketLoggingInput) (req *request // GetBucketLogging API operation for Amazon Simple Storage Service. // +// This operation is not supported by directory buckets. +// // Returns the logging status of a bucket and the permissions users have to -// view and modify that status. To use GET, you must be the bucket owner. +// view and modify that status. // // The following operations are related to GetBucketLogging: // -// * CreateBucket (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateBucket.html) +// - CreateBucket (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateBucket.html) // -// * PutBucketLogging (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketLogging.html) +// - PutBucketLogging (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketLogging.html) // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -3482,14 +3928,13 @@ const opGetBucketMetricsConfiguration = "GetBucketMetricsConfiguration" // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // +// // Example sending a request using the GetBucketMetricsConfigurationRequest method. +// req, resp := client.GetBucketMetricsConfigurationRequest(params) // -// // Example sending a request using the GetBucketMetricsConfigurationRequest method. -// req, resp := client.GetBucketMetricsConfigurationRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } // // See also, https://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/GetBucketMetricsConfiguration func (c *S3) GetBucketMetricsConfigurationRequest(input *GetBucketMetricsConfigurationInput) (req *request.Request, output *GetBucketMetricsConfigurationOutput) { @@ -3510,27 +3955,29 @@ func (c *S3) GetBucketMetricsConfigurationRequest(input *GetBucketMetricsConfigu // GetBucketMetricsConfiguration API operation for Amazon Simple Storage Service. // +// This operation is not supported by directory buckets. +// // Gets a metrics configuration (specified by the metrics configuration ID) // from the bucket. Note that this doesn't include the daily storage metrics. // // To use this operation, you must have permissions to perform the s3:GetMetricsConfiguration // action. The bucket owner has this permission by default. The bucket owner // can grant this permission to others. For more information about permissions, -// see Permissions Related to Bucket Subresource Operations (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources) -// and Managing Access Permissions to Your Amazon S3 Resources (https://docs.aws.amazon.com/AmazonS3/latest/dev/s3-access-control.html). +// see Permissions Related to Bucket Subresource Operations (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources) +// and Managing Access Permissions to Your Amazon S3 Resources (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-access-control.html). // // For information about CloudWatch request metrics for Amazon S3, see Monitoring // Metrics with Amazon CloudWatch (https://docs.aws.amazon.com/AmazonS3/latest/dev/cloudwatch-monitoring.html). // // The following operations are related to GetBucketMetricsConfiguration: // -// * PutBucketMetricsConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketMetricsConfiguration.html) +// - PutBucketMetricsConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketMetricsConfiguration.html) // -// * DeleteBucketMetricsConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketMetricsConfiguration.html) +// - DeleteBucketMetricsConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketMetricsConfiguration.html) // -// * ListBucketMetricsConfigurations (https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListBucketMetricsConfigurations.html) +// - ListBucketMetricsConfigurations (https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListBucketMetricsConfigurations.html) // -// * Monitoring Metrics with Amazon CloudWatch (https://docs.aws.amazon.com/AmazonS3/latest/dev/cloudwatch-monitoring.html) +// - Monitoring Metrics with Amazon CloudWatch (https://docs.aws.amazon.com/AmazonS3/latest/dev/cloudwatch-monitoring.html) // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -3576,14 +4023,13 @@ const opGetBucketNotification = "GetBucketNotification" // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // +// // Example sending a request using the GetBucketNotificationRequest method. +// req, resp := client.GetBucketNotificationRequest(params) // -// // Example sending a request using the GetBucketNotificationRequest method. -// req, resp := client.GetBucketNotificationRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } // // See also, https://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/GetBucketNotification // @@ -3609,6 +4055,8 @@ func (c *S3) GetBucketNotificationRequest(input *GetBucketNotificationConfigurat // GetBucketNotification API operation for Amazon Simple Storage Service. // +// This operation is not supported by directory buckets. +// // No longer used, see GetBucketNotificationConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketNotificationConfiguration.html). // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -3659,14 +4107,13 @@ const opGetBucketNotificationConfiguration = "GetBucketNotificationConfiguration // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // +// // Example sending a request using the GetBucketNotificationConfigurationRequest method. +// req, resp := client.GetBucketNotificationConfigurationRequest(params) // -// // Example sending a request using the GetBucketNotificationConfigurationRequest method. -// req, resp := client.GetBucketNotificationConfigurationRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } // // See also, https://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/GetBucketNotificationConfiguration func (c *S3) GetBucketNotificationConfigurationRequest(input *GetBucketNotificationConfigurationRequest) (req *request.Request, output *NotificationConfiguration) { @@ -3687,23 +4134,34 @@ func (c *S3) GetBucketNotificationConfigurationRequest(input *GetBucketNotificat // GetBucketNotificationConfiguration API operation for Amazon Simple Storage Service. // +// This operation is not supported by directory buckets. +// // Returns the notification configuration of a bucket. // -// If notifications are not enabled on the bucket, the operation returns an -// empty NotificationConfiguration element. +// If notifications are not enabled on the bucket, the action returns an empty +// NotificationConfiguration element. // // By default, you must be the bucket owner to read the notification configuration // of a bucket. However, the bucket owner can use a bucket policy to grant permission // to other users to read this configuration with the s3:GetBucketNotification // permission. // +// When you use this API operation with an access point, provide the alias of +// the access point in place of the bucket name. +// +// When you use this API operation with an Object Lambda access point, provide +// the alias of the Object Lambda access point in place of the bucket name. +// If the Object Lambda access point alias in a request is not valid, the error +// code InvalidAccessPointAliasError is returned. For more information about +// InvalidAccessPointAliasError, see List of Error Codes (https://docs.aws.amazon.com/AmazonS3/latest/API/ErrorResponses.html#ErrorCodeList). +// // For more information about setting and reading the notification configuration // on a bucket, see Setting Up Notification of Bucket Events (https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html). // For more information about bucket policies, see Using Bucket Policies (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-iam-policies.html). // -// The following operation is related to GetBucketNotification: +// The following action is related to GetBucketNotification: // -// * PutBucketNotification (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketNotification.html) +// - PutBucketNotification (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketNotification.html) // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -3749,14 +4207,13 @@ const opGetBucketOwnershipControls = "GetBucketOwnershipControls" // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // +// // Example sending a request using the GetBucketOwnershipControlsRequest method. +// req, resp := client.GetBucketOwnershipControlsRequest(params) // -// // Example sending a request using the GetBucketOwnershipControlsRequest method. -// req, resp := client.GetBucketOwnershipControlsRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } // // See also, https://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/GetBucketOwnershipControls func (c *S3) GetBucketOwnershipControlsRequest(input *GetBucketOwnershipControlsInput) (req *request.Request, output *GetBucketOwnershipControlsOutput) { @@ -3777,18 +4234,20 @@ func (c *S3) GetBucketOwnershipControlsRequest(input *GetBucketOwnershipControls // GetBucketOwnershipControls API operation for Amazon Simple Storage Service. // +// This operation is not supported by directory buckets. +// // Retrieves OwnershipControls for an Amazon S3 bucket. To use this operation, // you must have the s3:GetBucketOwnershipControls permission. For more information -// about Amazon S3 permissions, see Specifying Permissions in a Policy (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-with-s3-actions.html). +// about Amazon S3 permissions, see Specifying permissions in a policy (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-with-s3-actions.html). // // For information about Amazon S3 Object Ownership, see Using Object Ownership -// (https://docs.aws.amazon.com/AmazonS3/latest/dev/about-object-ownership.html). +// (https://docs.aws.amazon.com/AmazonS3/latest/userguide/about-object-ownership.html). // // The following operations are related to GetBucketOwnershipControls: // -// * PutBucketOwnershipControls +// - PutBucketOwnershipControls // -// * DeleteBucketOwnershipControls +// - DeleteBucketOwnershipControls // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -3834,14 +4293,13 @@ const opGetBucketPolicy = "GetBucketPolicy" // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // +// // Example sending a request using the GetBucketPolicyRequest method. +// req, resp := client.GetBucketPolicyRequest(params) // -// // Example sending a request using the GetBucketPolicyRequest method. -// req, resp := client.GetBucketPolicyRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } // // See also, https://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/GetBucketPolicy func (c *S3) GetBucketPolicyRequest(input *GetBucketPolicyInput) (req *request.Request, output *GetBucketPolicyOutput) { @@ -3862,26 +4320,66 @@ func (c *S3) GetBucketPolicyRequest(input *GetBucketPolicyInput) (req *request.R // GetBucketPolicy API operation for Amazon Simple Storage Service. // -// Returns the policy of a specified bucket. If you are using an identity other -// than the root user of the AWS account that owns the bucket, the calling identity -// must have the GetBucketPolicy permissions on the specified bucket and belong -// to the bucket owner's account in order to use this operation. +// Returns the policy of a specified bucket. +// +// Directory buckets - For directory buckets, you must make requests for this +// API operation to the Regional endpoint. These endpoints support path-style +// requests in the format https://s3express-control.region_code.amazonaws.com/bucket-name +// . Virtual-hosted-style requests aren't supported. For more information, see +// Regional and Zonal endpoints (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-Regions-and-Zones.html) +// in the Amazon S3 User Guide. +// +// # Permissions +// +// If you are using an identity other than the root user of the Amazon Web Services +// account that owns the bucket, the calling identity must both have the GetBucketPolicy +// permissions on the specified bucket and belong to the bucket owner's account +// in order to use this operation. // // If you don't have GetBucketPolicy permissions, Amazon S3 returns a 403 Access // Denied error. If you have the correct permissions, but you're not using an // identity that belongs to the bucket owner's account, Amazon S3 returns a // 405 Method Not Allowed error. // -// As a security precaution, the root user of the AWS account that owns a bucket -// can always use this operation, even if the policy explicitly denies the root -// user the ability to perform this action. +// To ensure that bucket owners don't inadvertently lock themselves out of their +// own buckets, the root principal in a bucket owner's Amazon Web Services account +// can perform the GetBucketPolicy, PutBucketPolicy, and DeleteBucketPolicy +// API actions, even if their bucket policy explicitly denies the root principal's +// access. Bucket owner root principals can only be blocked from performing +// these API actions by VPC endpoint policies and Amazon Web Services Organizations +// policies. +// +// - General purpose bucket permissions - The s3:GetBucketPolicy permission +// is required in a policy. For more information about general purpose buckets +// bucket policies, see Using Bucket Policies and User Policies (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-iam-policies.html) +// in the Amazon S3 User Guide. +// +// - Directory bucket permissions - To grant access to this API operation, +// you must have the s3express:GetBucketPolicy permission in an IAM identity-based +// policy instead of a bucket policy. Cross-account access to this API operation +// isn't supported. This operation can only be performed by the Amazon Web +// Services account that owns the resource. For more information about directory +// bucket policies and permissions, see Amazon Web Services Identity and +// Access Management (IAM) for S3 Express One Zone (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-security-iam.html) +// in the Amazon S3 User Guide. +// +// # Example bucket policies // -// For more information about bucket policies, see Using Bucket Policies and -// User Policies (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-iam-policies.html). +// General purpose buckets example bucket policies - See Bucket policy examples +// (https://docs.aws.amazon.com/AmazonS3/latest/userguide/example-bucket-policies.html) +// in the Amazon S3 User Guide. // -// The following operation is related to GetBucketPolicy: +// Directory bucket example bucket policies - See Example bucket policies for +// S3 Express One Zone (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-security-iam-example-bucket-policies.html) +// in the Amazon S3 User Guide. // -// * GetObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObject.html) +// # HTTP Host header syntax +// +// Directory buckets - The HTTP Host header syntax is s3express-control.region.amazonaws.com. +// +// The following action is related to GetBucketPolicy: +// +// - GetObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObject.html) // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -3927,14 +4425,13 @@ const opGetBucketPolicyStatus = "GetBucketPolicyStatus" // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // +// // Example sending a request using the GetBucketPolicyStatusRequest method. +// req, resp := client.GetBucketPolicyStatusRequest(params) // -// // Example sending a request using the GetBucketPolicyStatusRequest method. -// req, resp := client.GetBucketPolicyStatusRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } // // See also, https://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/GetBucketPolicyStatus func (c *S3) GetBucketPolicyStatusRequest(input *GetBucketPolicyStatusInput) (req *request.Request, output *GetBucketPolicyStatusOutput) { @@ -3955,6 +4452,8 @@ func (c *S3) GetBucketPolicyStatusRequest(input *GetBucketPolicyStatusInput) (re // GetBucketPolicyStatus API operation for Amazon Simple Storage Service. // +// This operation is not supported by directory buckets. +// // Retrieves the policy status for an Amazon S3 bucket, indicating whether the // bucket is public. In order to use this operation, you must have the s3:GetBucketPolicyStatus // permission. For more information about Amazon S3 permissions, see Specifying @@ -3965,13 +4464,13 @@ func (c *S3) GetBucketPolicyStatusRequest(input *GetBucketPolicyStatusInput) (re // // The following operations are related to GetBucketPolicyStatus: // -// * Using Amazon S3 Block Public Access (https://docs.aws.amazon.com/AmazonS3/latest/dev/access-control-block-public-access.html) +// - Using Amazon S3 Block Public Access (https://docs.aws.amazon.com/AmazonS3/latest/dev/access-control-block-public-access.html) // -// * GetPublicAccessBlock (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetPublicAccessBlock.html) +// - GetPublicAccessBlock (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetPublicAccessBlock.html) // -// * PutPublicAccessBlock (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutPublicAccessBlock.html) +// - PutPublicAccessBlock (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutPublicAccessBlock.html) // -// * DeletePublicAccessBlock (https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeletePublicAccessBlock.html) +// - DeletePublicAccessBlock (https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeletePublicAccessBlock.html) // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -4017,14 +4516,13 @@ const opGetBucketReplication = "GetBucketReplication" // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // +// // Example sending a request using the GetBucketReplicationRequest method. +// req, resp := client.GetBucketReplicationRequest(params) // -// // Example sending a request using the GetBucketReplicationRequest method. -// req, resp := client.GetBucketReplicationRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } // // See also, https://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/GetBucketReplication func (c *S3) GetBucketReplicationRequest(input *GetBucketReplicationInput) (req *request.Request, output *GetBucketReplicationOutput) { @@ -4045,6 +4543,8 @@ func (c *S3) GetBucketReplicationRequest(input *GetBucketReplicationInput) (req // GetBucketReplication API operation for Amazon Simple Storage Service. // +// This operation is not supported by directory buckets. +// // Returns the replication configuration of a bucket. // // It can take a while to propagate the put or delete a replication configuration @@ -4052,11 +4552,11 @@ func (c *S3) GetBucketReplicationRequest(input *GetBucketReplicationInput) (req // can return a wrong result. // // For information about replication configuration, see Replication (https://docs.aws.amazon.com/AmazonS3/latest/dev/replication.html) -// in the Amazon Simple Storage Service Developer Guide. +// in the Amazon S3 User Guide. // -// This operation requires permissions for the s3:GetReplicationConfiguration -// action. For more information about permissions, see Using Bucket Policies -// and User Policies (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-iam-policies.html). +// This action requires permissions for the s3:GetReplicationConfiguration action. +// For more information about permissions, see Using Bucket Policies and User +// Policies (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-iam-policies.html). // // If you include the Filter element in a replication configuration, you must // also include the DeleteMarkerReplication and Priority elements. The response @@ -4067,9 +4567,9 @@ func (c *S3) GetBucketReplicationRequest(input *GetBucketReplicationInput) (req // // The following operations are related to GetBucketReplication: // -// * PutBucketReplication (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketReplication.html) +// - PutBucketReplication (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketReplication.html) // -// * DeleteBucketReplication (https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketReplication.html) +// - DeleteBucketReplication (https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketReplication.html) // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -4115,14 +4615,13 @@ const opGetBucketRequestPayment = "GetBucketRequestPayment" // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // +// // Example sending a request using the GetBucketRequestPaymentRequest method. +// req, resp := client.GetBucketRequestPaymentRequest(params) // -// // Example sending a request using the GetBucketRequestPaymentRequest method. -// req, resp := client.GetBucketRequestPaymentRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } // // See also, https://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/GetBucketRequestPayment func (c *S3) GetBucketRequestPaymentRequest(input *GetBucketRequestPaymentInput) (req *request.Request, output *GetBucketRequestPaymentOutput) { @@ -4143,13 +4642,15 @@ func (c *S3) GetBucketRequestPaymentRequest(input *GetBucketRequestPaymentInput) // GetBucketRequestPayment API operation for Amazon Simple Storage Service. // +// This operation is not supported by directory buckets. +// // Returns the request payment configuration of a bucket. To use this version // of the operation, you must be the bucket owner. For more information, see // Requester Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/RequesterPaysBuckets.html). // // The following operations are related to GetBucketRequestPayment: // -// * ListObjects (https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListObjects.html) +// - ListObjects (https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListObjects.html) // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -4195,14 +4696,13 @@ const opGetBucketTagging = "GetBucketTagging" // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // +// // Example sending a request using the GetBucketTaggingRequest method. +// req, resp := client.GetBucketTaggingRequest(params) // -// // Example sending a request using the GetBucketTaggingRequest method. -// req, resp := client.GetBucketTaggingRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } // // See also, https://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/GetBucketTagging func (c *S3) GetBucketTaggingRequest(input *GetBucketTaggingInput) (req *request.Request, output *GetBucketTaggingOutput) { @@ -4223,6 +4723,8 @@ func (c *S3) GetBucketTaggingRequest(input *GetBucketTaggingInput) (req *request // GetBucketTagging API operation for Amazon Simple Storage Service. // +// This operation is not supported by directory buckets. +// // Returns the tag set associated with the bucket. // // To use this operation, you must have permission to perform the s3:GetBucketTagging @@ -4231,14 +4733,14 @@ func (c *S3) GetBucketTaggingRequest(input *GetBucketTaggingInput) (req *request // // GetBucketTagging has the following special error: // -// * Error code: NoSuchTagSetError Description: There is no tag set associated -// with the bucket. +// - Error code: NoSuchTagSet Description: There is no tag set associated +// with the bucket. // // The following operations are related to GetBucketTagging: // -// * PutBucketTagging (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketTagging.html) +// - PutBucketTagging (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketTagging.html) // -// * DeleteBucketTagging (https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketTagging.html) +// - DeleteBucketTagging (https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketTagging.html) // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -4284,14 +4786,13 @@ const opGetBucketVersioning = "GetBucketVersioning" // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // +// // Example sending a request using the GetBucketVersioningRequest method. +// req, resp := client.GetBucketVersioningRequest(params) // -// // Example sending a request using the GetBucketVersioningRequest method. -// req, resp := client.GetBucketVersioningRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } // // See also, https://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/GetBucketVersioning func (c *S3) GetBucketVersioningRequest(input *GetBucketVersioningInput) (req *request.Request, output *GetBucketVersioningOutput) { @@ -4312,6 +4813,8 @@ func (c *S3) GetBucketVersioningRequest(input *GetBucketVersioningInput) (req *r // GetBucketVersioning API operation for Amazon Simple Storage Service. // +// This operation is not supported by directory buckets. +// // Returns the versioning state of a bucket. // // To retrieve the versioning state of a bucket, you must be the bucket owner. @@ -4322,11 +4825,11 @@ func (c *S3) GetBucketVersioningRequest(input *GetBucketVersioningInput) (req *r // // The following operations are related to GetBucketVersioning: // -// * GetObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObject.html) +// - GetObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObject.html) // -// * PutObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObject.html) +// - PutObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObject.html) // -// * DeleteObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteObject.html) +// - DeleteObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteObject.html) // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -4372,14 +4875,13 @@ const opGetBucketWebsite = "GetBucketWebsite" // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // +// // Example sending a request using the GetBucketWebsiteRequest method. +// req, resp := client.GetBucketWebsiteRequest(params) // -// // Example sending a request using the GetBucketWebsiteRequest method. -// req, resp := client.GetBucketWebsiteRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } // // See also, https://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/GetBucketWebsite func (c *S3) GetBucketWebsiteRequest(input *GetBucketWebsiteInput) (req *request.Request, output *GetBucketWebsiteOutput) { @@ -4400,21 +4902,23 @@ func (c *S3) GetBucketWebsiteRequest(input *GetBucketWebsiteInput) (req *request // GetBucketWebsite API operation for Amazon Simple Storage Service. // +// This operation is not supported by directory buckets. +// // Returns the website configuration for a bucket. To host website on Amazon // S3, you can configure a bucket as website by adding a website configuration. // For more information about hosting websites, see Hosting Websites on Amazon // S3 (https://docs.aws.amazon.com/AmazonS3/latest/dev/WebsiteHosting.html). // -// This GET operation requires the S3:GetBucketWebsite permission. By default, +// This GET action requires the S3:GetBucketWebsite permission. By default, // only the bucket owner can read the bucket website configuration. However, // bucket owners can allow other users to read the website configuration by // writing a bucket policy granting them the S3:GetBucketWebsite permission. // -// The following operations are related to DeleteBucketWebsite: +// The following operations are related to GetBucketWebsite: // -// * DeleteBucketWebsite (https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketWebsite.html) +// - DeleteBucketWebsite (https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketWebsite.html) // -// * PutBucketWebsite (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketWebsite.html) +// - PutBucketWebsite (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketWebsite.html) // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -4460,14 +4964,13 @@ const opGetObject = "GetObject" // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // +// // Example sending a request using the GetObjectRequest method. +// req, resp := client.GetObjectRequest(params) // -// // Example sending a request using the GetObjectRequest method. -// req, resp := client.GetObjectRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } // // See also, https://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/GetObject func (c *S3) GetObjectRequest(input *GetObjectInput) (req *request.Request, output *GetObjectOutput) { @@ -4488,133 +4991,132 @@ func (c *S3) GetObjectRequest(input *GetObjectInput) (req *request.Request, outp // GetObject API operation for Amazon Simple Storage Service. // -// Retrieves objects from Amazon S3. To use GET, you must have READ access to -// the object. If you grant READ access to the anonymous user, you can return -// the object without using an authorization header. -// -// An Amazon S3 bucket has no directory hierarchy such as you would find in -// a typical computer file system. You can, however, create a logical hierarchy -// by using object key names that imply a folder structure. For example, instead -// of naming an object sample.jpg, you can name it photos/2006/February/sample.jpg. -// -// To get an object from such a logical hierarchy, specify the full key name -// for the object in the GET operation. For a virtual hosted-style request example, -// if you have the object photos/2006/February/sample.jpg, specify the resource -// as /photos/2006/February/sample.jpg. For a path-style request example, if -// you have the object photos/2006/February/sample.jpg in the bucket named examplebucket, -// specify the resource as /examplebucket/photos/2006/February/sample.jpg. For -// more information about request types, see HTTP Host Header Bucket Specification -// (https://docs.aws.amazon.com/AmazonS3/latest/dev/VirtualHosting.html#VirtualHostingSpecifyBucket). -// -// To distribute large files to many people, you can save bandwidth costs by -// using BitTorrent. For more information, see Amazon S3 Torrent (https://docs.aws.amazon.com/AmazonS3/latest/dev/S3Torrent.html). -// For more information about returning the ACL of an object, see GetObjectAcl -// (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObjectAcl.html). -// -// If the object you are retrieving is stored in the S3 Glacier or S3 Glacier -// Deep Archive storage class, or S3 Intelligent-Tiering Archive or S3 Intelligent-Tiering -// Deep Archive tiers, before you can retrieve the object you must first restore -// a copy using RestoreObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_RestoreObject.html). -// Otherwise, this operation returns an InvalidObjectStateError error. For information -// about restoring archived objects, see Restoring Archived Objects (https://docs.aws.amazon.com/AmazonS3/latest/dev/restoring-objects.html). -// -// Encryption request headers, like x-amz-server-side-encryption, should not -// be sent for GET requests if your object uses server-side encryption with -// CMKs stored in AWS KMS (SSE-KMS) or server-side encryption with Amazon S3–managed -// encryption keys (SSE-S3). If your object does use these types of keys, you’ll -// get an HTTP 400 BadRequest error. -// -// If you encrypt an object by using server-side encryption with customer-provided -// encryption keys (SSE-C) when you store the object in Amazon S3, then when -// you GET the object, you must use the following headers: -// -// * x-amz-server-side-encryption-customer-algorithm -// -// * x-amz-server-side-encryption-customer-key -// -// * x-amz-server-side-encryption-customer-key-MD5 -// -// For more information about SSE-C, see Server-Side Encryption (Using Customer-Provided -// Encryption Keys) (https://docs.aws.amazon.com/AmazonS3/latest/dev/ServerSideEncryptionCustomerKeys.html). -// -// Assuming you have permission to read object tags (permission for the s3:GetObjectVersionTagging -// action), the response also returns the x-amz-tagging-count header that provides -// the count of number of tags associated with the object. You can use GetObjectTagging -// (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObjectTagging.html) -// to retrieve the tag set associated with an object. +// Retrieves an object from Amazon S3. +// +// In the GetObject request, specify the full key name for the object. +// +// General purpose buckets - Both the virtual-hosted-style requests and the +// path-style requests are supported. For a virtual hosted-style request example, +// if you have the object photos/2006/February/sample.jpg, specify the object +// key name as /photos/2006/February/sample.jpg. For a path-style request example, +// if you have the object photos/2006/February/sample.jpg in the bucket named +// examplebucket, specify the object key name as /examplebucket/photos/2006/February/sample.jpg. +// For more information about request types, see HTTP Host Header Bucket Specification +// (https://docs.aws.amazon.com/AmazonS3/latest/dev/VirtualHosting.html#VirtualHostingSpecifyBucket) +// in the Amazon S3 User Guide. +// +// Directory buckets - Only virtual-hosted-style requests are supported. For +// a virtual hosted-style request example, if you have the object photos/2006/February/sample.jpg +// in the bucket named examplebucket--use1-az5--x-s3, specify the object key +// name as /photos/2006/February/sample.jpg. Also, when you make requests to +// this API operation, your requests are sent to the Zonal endpoint. These endpoints +// support virtual-hosted-style requests in the format https://bucket_name.s3express-az_id.region.amazonaws.com/key-name +// . Path-style requests are not supported. For more information, see Regional +// and Zonal endpoints (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-Regions-and-Zones.html) +// in the Amazon S3 User Guide. // // Permissions // -// You need the s3:GetObject permission for this operation. For more information, -// see Specifying Permissions in a Policy (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-with-s3-actions.html). -// If the object you request does not exist, the error Amazon S3 returns depends -// on whether you also have the s3:ListBucket permission. -// -// * If you have the s3:ListBucket permission on the bucket, Amazon S3 will -// return an HTTP status code 404 ("no such key") error. -// -// * If you don’t have the s3:ListBucket permission, Amazon S3 will return -// an HTTP status code 403 ("access denied") error. +// - General purpose bucket permissions - You must have the required permissions +// in a policy. To use GetObject, you must have the READ access to the object +// (or version). If you grant READ access to the anonymous user, the GetObject +// operation returns the object without using an authorization header. For +// more information, see Specifying permissions in a policy (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-with-s3-actions.html) +// in the Amazon S3 User Guide. If you include a versionId in your request +// header, you must have the s3:GetObjectVersion permission to access a specific +// version of an object. The s3:GetObject permission is not required in this +// scenario. If you request the current version of an object without a specific +// versionId in the request header, only the s3:GetObject permission is required. +// The s3:GetObjectVersion permission is not required in this scenario. If +// the object that you request doesn’t exist, the error that Amazon S3 +// returns depends on whether you also have the s3:ListBucket permission. +// If you have the s3:ListBucket permission on the bucket, Amazon S3 returns +// an HTTP status code 404 Not Found error. If you don’t have the s3:ListBucket +// permission, Amazon S3 returns an HTTP status code 403 Access Denied error. +// +// - Directory bucket permissions - To grant access to this API operation +// on a directory bucket, we recommend that you use the CreateSession (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html) +// API operation for session-based authorization. Specifically, you grant +// the s3express:CreateSession permission to the directory bucket in a bucket +// policy or an IAM identity-based policy. Then, you make the CreateSession +// API call on the bucket to obtain a session token. With the session token +// in your request header, you can make API requests to this operation. After +// the session token expires, you make another CreateSession API call to +// generate a new session token for use. Amazon Web Services CLI or SDKs +// create session and refresh the session token automatically to avoid service +// interruptions when a session expires. For more information about authorization, +// see CreateSession (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html). +// +// # Storage classes +// +// If the object you are retrieving is stored in the S3 Glacier Flexible Retrieval +// storage class, the S3 Glacier Deep Archive storage class, the S3 Intelligent-Tiering +// Archive Access tier, or the S3 Intelligent-Tiering Deep Archive Access tier, +// before you can retrieve the object you must first restore a copy using RestoreObject +// (https://docs.aws.amazon.com/AmazonS3/latest/API/API_RestoreObject.html). +// Otherwise, this operation returns an InvalidObjectState error. For information +// about restoring archived objects, see Restoring Archived Objects (https://docs.aws.amazon.com/AmazonS3/latest/dev/restoring-objects.html) +// in the Amazon S3 User Guide. +// +// Directory buckets - For directory buckets, only the S3 Express One Zone storage +// class is supported to store newly created objects. Unsupported storage class +// values won't write a destination object and will respond with the HTTP status +// code 400 Bad Request. +// +// # Encryption // -// Versioning -// -// By default, the GET operation returns the current version of an object. To -// return a different version, use the versionId subresource. +// Encryption request headers, like x-amz-server-side-encryption, should not +// be sent for the GetObject requests, if your object uses server-side encryption +// with Amazon S3 managed encryption keys (SSE-S3), server-side encryption with +// Key Management Service (KMS) keys (SSE-KMS), or dual-layer server-side encryption +// with Amazon Web Services KMS keys (DSSE-KMS). If you include the header in +// your GetObject requests for the object that uses these types of keys, you’ll +// get an HTTP 400 Bad Request error. // -// If the current version of the object is a delete marker, Amazon S3 behaves -// as if the object was deleted and includes x-amz-delete-marker: true in the -// response. +// # Overriding response header values through the request // -// For more information about versioning, see PutBucketVersioning (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketVersioning.html). +// There are times when you want to override certain response header values +// of a GetObject response. For example, you might override the Content-Disposition +// response header value through your GetObject request. // -// Overriding Response Header Values +// You can override values for a set of response headers. These modified response +// header values are included only in a successful response, that is, when the +// HTTP status code 200 OK is returned. The headers you can override using the +// following query parameters in the request are a subset of the headers that +// Amazon S3 accepts when you create an object. // -// There are times when you want to override certain response header values -// in a GET response. For example, you might override the Content-Disposition -// response header value in your GET request. -// -// You can override values for a set of response headers using the following -// query parameters. These response header values are sent only on a successful -// request, that is, when status code 200 OK is returned. The set of headers -// you can override using these parameters is a subset of the headers that Amazon -// S3 accepts when you create an object. The response headers that you can override -// for the GET response are Content-Type, Content-Language, Expires, Cache-Control, -// Content-Disposition, and Content-Encoding. To override these header values -// in the GET response, you use the following request parameters. -// -// You must sign the request, either using an Authorization header or a presigned -// URL, when using these parameters. They cannot be used with an unsigned (anonymous) -// request. +// The response headers that you can override for the GetObject response are +// Cache-Control, Content-Disposition, Content-Encoding, Content-Language, Content-Type, +// and Expires. // -// * response-content-type +// To override values for a set of response headers in the GetObject response, +// you can use the following query parameters in the request. // -// * response-content-language +// - response-cache-control // -// * response-expires +// - response-content-disposition // -// * response-cache-control +// - response-content-encoding // -// * response-content-disposition +// - response-content-language // -// * response-content-encoding +// - response-content-type // -// Additional Considerations about Request Headers +// - response-expires // -// If both of the If-Match and If-Unmodified-Since headers are present in the -// request as follows: If-Match condition evaluates to true, and; If-Unmodified-Since -// condition evaluates to false; then, S3 returns 200 OK and the data requested. +// When you use these parameters, you must sign the request by using either +// an Authorization header or a presigned URL. These parameters cannot be used +// with an unsigned (anonymous) request. // -// If both of the If-None-Match and If-Modified-Since headers are present in -// the request as follows:If-None-Match condition evaluates to false, and; If-Modified-Since -// condition evaluates to true; then, S3 returns 304 Not Modified response code. +// # HTTP Host header syntax // -// For more information about conditional requests, see RFC 7232 (https://tools.ietf.org/html/rfc7232). +// Directory buckets - The HTTP Host header syntax is Bucket_name.s3express-az_id.region.amazonaws.com. // // The following operations are related to GetObject: // -// * ListBuckets (https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListBuckets.html) +// - ListBuckets (https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListBuckets.html) // -// * GetObjectAcl (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObjectAcl.html) +// - GetObjectAcl (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObjectAcl.html) // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -4624,11 +5126,21 @@ func (c *S3) GetObjectRequest(input *GetObjectInput) (req *request.Request, outp // API operation GetObject for usage and error information. // // Returned Error Codes: -// * ErrCodeNoSuchKey "NoSuchKey" -// The specified key does not exist. // -// * ErrCodeInvalidObjectState "InvalidObjectState" -// Object is archived and inaccessible until restored. +// - ErrCodeNoSuchKey "NoSuchKey" +// The specified key does not exist. +// +// - ErrCodeInvalidObjectState "InvalidObjectState" +// Object is archived and inaccessible until restored. +// +// If the object you are retrieving is stored in the S3 Glacier Flexible Retrieval +// storage class, the S3 Glacier Deep Archive storage class, the S3 Intelligent-Tiering +// Archive Access tier, or the S3 Intelligent-Tiering Deep Archive Access tier, +// before you can retrieve the object you must first restore a copy using RestoreObject +// (https://docs.aws.amazon.com/AmazonS3/latest/API/API_RestoreObject.html). +// Otherwise, this operation returns an InvalidObjectState error. For information +// about restoring archived objects, see Restoring Archived Objects (https://docs.aws.amazon.com/AmazonS3/latest/dev/restoring-objects.html) +// in the Amazon S3 User Guide. // // See also, https://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/GetObject func (c *S3) GetObject(input *GetObjectInput) (*GetObjectOutput, error) { @@ -4668,14 +5180,13 @@ const opGetObjectAcl = "GetObjectAcl" // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // +// // Example sending a request using the GetObjectAclRequest method. +// req, resp := client.GetObjectAclRequest(params) // -// // Example sending a request using the GetObjectAclRequest method. -// req, resp := client.GetObjectAclRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } // // See also, https://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/GetObjectAcl func (c *S3) GetObjectAclRequest(input *GetObjectAclInput) (req *request.Request, output *GetObjectAclOutput) { @@ -4696,23 +5207,34 @@ func (c *S3) GetObjectAclRequest(input *GetObjectAclInput) (req *request.Request // GetObjectAcl API operation for Amazon Simple Storage Service. // -// Returns the access control list (ACL) of an object. To use this operation, -// you must have READ_ACP access to the object. +// This operation is not supported by directory buckets. // -// This action is not supported by Amazon S3 on Outposts. +// Returns the access control list (ACL) of an object. To use this operation, +// you must have s3:GetObjectAcl permissions or READ_ACP access to the object. +// For more information, see Mapping of ACL permissions and access policy permissions +// (https://docs.aws.amazon.com/AmazonS3/latest/userguide/acl-overview.html#acl-access-policy-permission-mapping) +// in the Amazon S3 User Guide // -// Versioning +// This functionality is not supported for Amazon S3 on Outposts. // // By default, GET returns ACL information about the current version of an object. // To return ACL information about a different version, use the versionId subresource. // +// If your bucket uses the bucket owner enforced setting for S3 Object Ownership, +// requests to read ACLs are still supported and return the bucket-owner-full-control +// ACL with the owner being the account that created the bucket. For more information, +// see Controlling object ownership and disabling ACLs (https://docs.aws.amazon.com/AmazonS3/latest/userguide/about-object-ownership.html) +// in the Amazon S3 User Guide. +// // The following operations are related to GetObjectAcl: // -// * GetObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObject.html) +// - GetObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObject.html) +// +// - GetObjectAttributes (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObjectAttributes.html) // -// * DeleteObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteObject.html) +// - DeleteObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteObject.html) // -// * PutObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObject.html) +// - PutObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObject.html) // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -4722,8 +5244,8 @@ func (c *S3) GetObjectAclRequest(input *GetObjectAclInput) (req *request.Request // API operation GetObjectAcl for usage and error information. // // Returned Error Codes: -// * ErrCodeNoSuchKey "NoSuchKey" -// The specified key does not exist. +// - ErrCodeNoSuchKey "NoSuchKey" +// The specified key does not exist. // // See also, https://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/GetObjectAcl func (c *S3) GetObjectAcl(input *GetObjectAclInput) (*GetObjectAclOutput, error) { @@ -4747,6 +5269,201 @@ func (c *S3) GetObjectAclWithContext(ctx aws.Context, input *GetObjectAclInput, return out, req.Send() } +const opGetObjectAttributes = "GetObjectAttributes" + +// GetObjectAttributesRequest generates a "aws/request.Request" representing the +// client's request for the GetObjectAttributes operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See GetObjectAttributes for more information on using the GetObjectAttributes +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the GetObjectAttributesRequest method. +// req, resp := client.GetObjectAttributesRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/GetObjectAttributes +func (c *S3) GetObjectAttributesRequest(input *GetObjectAttributesInput) (req *request.Request, output *GetObjectAttributesOutput) { + op := &request.Operation{ + Name: opGetObjectAttributes, + HTTPMethod: "GET", + HTTPPath: "/{Bucket}/{Key+}?attributes", + } + + if input == nil { + input = &GetObjectAttributesInput{} + } + + output = &GetObjectAttributesOutput{} + req = c.newRequest(op, input, output) + return +} + +// GetObjectAttributes API operation for Amazon Simple Storage Service. +// +// Retrieves all the metadata from an object without returning the object itself. +// This operation is useful if you're interested only in an object's metadata. +// +// GetObjectAttributes combines the functionality of HeadObject and ListParts. +// All of the data returned with each of those individual calls can be returned +// with a single call to GetObjectAttributes. +// +// Directory buckets - For directory buckets, you must make requests for this +// API operation to the Zonal endpoint. These endpoints support virtual-hosted-style +// requests in the format https://bucket_name.s3express-az_id.region.amazonaws.com/key-name +// . Path-style requests are not supported. For more information, see Regional +// and Zonal endpoints (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-Regions-and-Zones.html) +// in the Amazon S3 User Guide. +// +// Permissions +// +// - General purpose bucket permissions - To use GetObjectAttributes, you +// must have READ access to the object. The permissions that you need to +// use this operation with depend on whether the bucket is versioned. If +// the bucket is versioned, you need both the s3:GetObjectVersion and s3:GetObjectVersionAttributes +// permissions for this operation. If the bucket is not versioned, you need +// the s3:GetObject and s3:GetObjectAttributes permissions. For more information, +// see Specifying Permissions in a Policy (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-with-s3-actions.html) +// in the Amazon S3 User Guide. If the object that you request does not exist, +// the error Amazon S3 returns depends on whether you also have the s3:ListBucket +// permission. If you have the s3:ListBucket permission on the bucket, Amazon +// S3 returns an HTTP status code 404 Not Found ("no such key") error. If +// you don't have the s3:ListBucket permission, Amazon S3 returns an HTTP +// status code 403 Forbidden ("access denied") error. +// +// - Directory bucket permissions - To grant access to this API operation +// on a directory bucket, we recommend that you use the CreateSession (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html) +// API operation for session-based authorization. Specifically, you grant +// the s3express:CreateSession permission to the directory bucket in a bucket +// policy or an IAM identity-based policy. Then, you make the CreateSession +// API call on the bucket to obtain a session token. With the session token +// in your request header, you can make API requests to this operation. After +// the session token expires, you make another CreateSession API call to +// generate a new session token for use. Amazon Web Services CLI or SDKs +// create session and refresh the session token automatically to avoid service +// interruptions when a session expires. For more information about authorization, +// see CreateSession (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html). +// +// # Encryption +// +// Encryption request headers, like x-amz-server-side-encryption, should not +// be sent for HEAD requests if your object uses server-side encryption with +// Key Management Service (KMS) keys (SSE-KMS), dual-layer server-side encryption +// with Amazon Web Services KMS keys (DSSE-KMS), or server-side encryption with +// Amazon S3 managed encryption keys (SSE-S3). The x-amz-server-side-encryption +// header is used when you PUT an object to S3 and want to specify the encryption +// method. If you include this header in a GET request for an object that uses +// these types of keys, you’ll get an HTTP 400 Bad Request error. It's because +// the encryption method can't be changed when you retrieve the object. +// +// If you encrypt an object by using server-side encryption with customer-provided +// encryption keys (SSE-C) when you store the object in Amazon S3, then when +// you retrieve the metadata from the object, you must use the following headers +// to provide the encryption key for the server to be able to retrieve the object's +// metadata. The headers are: +// +// - x-amz-server-side-encryption-customer-algorithm +// +// - x-amz-server-side-encryption-customer-key +// +// - x-amz-server-side-encryption-customer-key-MD5 +// +// For more information about SSE-C, see Server-Side Encryption (Using Customer-Provided +// Encryption Keys) (https://docs.aws.amazon.com/AmazonS3/latest/dev/ServerSideEncryptionCustomerKeys.html) +// in the Amazon S3 User Guide. +// +// Directory bucket permissions - For directory buckets, only server-side encryption +// with Amazon S3 managed keys (SSE-S3) (AES256) is supported. +// +// # Versioning +// +// Directory buckets - S3 Versioning isn't enabled and supported for directory +// buckets. For this API operation, only the null value of the version ID is +// supported by directory buckets. You can only specify null to the versionId +// query parameter in the request. +// +// # Conditional request headers +// +// Consider the following when using request headers: +// +// - If both of the If-Match and If-Unmodified-Since headers are present +// in the request as follows, then Amazon S3 returns the HTTP status code +// 200 OK and the data requested: If-Match condition evaluates to true. If-Unmodified-Since +// condition evaluates to false. For more information about conditional requests, +// see RFC 7232 (https://tools.ietf.org/html/rfc7232). +// +// - If both of the If-None-Match and If-Modified-Since headers are present +// in the request as follows, then Amazon S3 returns the HTTP status code +// 304 Not Modified: If-None-Match condition evaluates to false. If-Modified-Since +// condition evaluates to true. For more information about conditional requests, +// see RFC 7232 (https://tools.ietf.org/html/rfc7232). +// +// # HTTP Host header syntax +// +// Directory buckets - The HTTP Host header syntax is Bucket_name.s3express-az_id.region.amazonaws.com. +// +// The following actions are related to GetObjectAttributes: +// +// - GetObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObject.html) +// +// - GetObjectAcl (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObjectAcl.html) +// +// - GetObjectLegalHold (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObjectLegalHold.html) +// +// - GetObjectLockConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObjectLockConfiguration.html) +// +// - GetObjectRetention (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObjectRetention.html) +// +// - GetObjectTagging (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObjectTagging.html) +// +// - HeadObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_HeadObject.html) +// +// - ListParts (https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListParts.html) +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Simple Storage Service's +// API operation GetObjectAttributes for usage and error information. +// +// Returned Error Codes: +// - ErrCodeNoSuchKey "NoSuchKey" +// The specified key does not exist. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/GetObjectAttributes +func (c *S3) GetObjectAttributes(input *GetObjectAttributesInput) (*GetObjectAttributesOutput, error) { + req, out := c.GetObjectAttributesRequest(input) + return out, req.Send() +} + +// GetObjectAttributesWithContext is the same as GetObjectAttributes with the addition of +// the ability to pass a context and additional request options. +// +// See GetObjectAttributes for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *S3) GetObjectAttributesWithContext(ctx aws.Context, input *GetObjectAttributesInput, opts ...request.Option) (*GetObjectAttributesOutput, error) { + req, out := c.GetObjectAttributesRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + const opGetObjectLegalHold = "GetObjectLegalHold" // GetObjectLegalHoldRequest generates a "aws/request.Request" representing the @@ -4763,14 +5480,13 @@ const opGetObjectLegalHold = "GetObjectLegalHold" // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // +// // Example sending a request using the GetObjectLegalHoldRequest method. +// req, resp := client.GetObjectLegalHoldRequest(params) // -// // Example sending a request using the GetObjectLegalHoldRequest method. -// req, resp := client.GetObjectLegalHoldRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } // // See also, https://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/GetObjectLegalHold func (c *S3) GetObjectLegalHoldRequest(input *GetObjectLegalHoldInput) (req *request.Request, output *GetObjectLegalHoldOutput) { @@ -4791,10 +5507,16 @@ func (c *S3) GetObjectLegalHoldRequest(input *GetObjectLegalHoldInput) (req *req // GetObjectLegalHold API operation for Amazon Simple Storage Service. // -// Gets an object's current Legal Hold status. For more information, see Locking +// This operation is not supported by directory buckets. +// +// Gets an object's current legal hold status. For more information, see Locking // Objects (https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock.html). // -// This action is not supported by Amazon S3 on Outposts. +// This functionality is not supported for Amazon S3 on Outposts. +// +// The following action is related to GetObjectLegalHold: +// +// - GetObjectAttributes (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObjectAttributes.html) // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -4840,14 +5562,13 @@ const opGetObjectLockConfiguration = "GetObjectLockConfiguration" // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // +// // Example sending a request using the GetObjectLockConfigurationRequest method. +// req, resp := client.GetObjectLockConfigurationRequest(params) // -// // Example sending a request using the GetObjectLockConfigurationRequest method. -// req, resp := client.GetObjectLockConfigurationRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } // // See also, https://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/GetObjectLockConfiguration func (c *S3) GetObjectLockConfigurationRequest(input *GetObjectLockConfigurationInput) (req *request.Request, output *GetObjectLockConfigurationOutput) { @@ -4868,11 +5589,17 @@ func (c *S3) GetObjectLockConfigurationRequest(input *GetObjectLockConfiguration // GetObjectLockConfiguration API operation for Amazon Simple Storage Service. // +// This operation is not supported by directory buckets. +// // Gets the Object Lock configuration for a bucket. The rule specified in the // Object Lock configuration will be applied by default to every new object // placed in the specified bucket. For more information, see Locking Objects // (https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock.html). // +// The following action is related to GetObjectLockConfiguration: +// +// - GetObjectAttributes (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObjectAttributes.html) +// // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about // the error. @@ -4917,14 +5644,13 @@ const opGetObjectRetention = "GetObjectRetention" // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // +// // Example sending a request using the GetObjectRetentionRequest method. +// req, resp := client.GetObjectRetentionRequest(params) // -// // Example sending a request using the GetObjectRetentionRequest method. -// req, resp := client.GetObjectRetentionRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } // // See also, https://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/GetObjectRetention func (c *S3) GetObjectRetentionRequest(input *GetObjectRetentionInput) (req *request.Request, output *GetObjectRetentionOutput) { @@ -4945,10 +5671,16 @@ func (c *S3) GetObjectRetentionRequest(input *GetObjectRetentionInput) (req *req // GetObjectRetention API operation for Amazon Simple Storage Service. // +// This operation is not supported by directory buckets. +// // Retrieves an object's retention settings. For more information, see Locking // Objects (https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock.html). // -// This action is not supported by Amazon S3 on Outposts. +// This functionality is not supported for Amazon S3 on Outposts. +// +// The following action is related to GetObjectRetention: +// +// - GetObjectAttributes (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObjectAttributes.html) // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -4994,14 +5726,13 @@ const opGetObjectTagging = "GetObjectTagging" // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // +// // Example sending a request using the GetObjectTaggingRequest method. +// req, resp := client.GetObjectTaggingRequest(params) // -// // Example sending a request using the GetObjectTaggingRequest method. -// req, resp := client.GetObjectTaggingRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } // // See also, https://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/GetObjectTagging func (c *S3) GetObjectTaggingRequest(input *GetObjectTaggingInput) (req *request.Request, output *GetObjectTaggingOutput) { @@ -5022,11 +5753,13 @@ func (c *S3) GetObjectTaggingRequest(input *GetObjectTaggingInput) (req *request // GetObjectTagging API operation for Amazon Simple Storage Service. // +// This operation is not supported by directory buckets. +// // Returns the tag-set of an object. You send the GET request against the tagging // subresource associated with the object. // // To use this operation, you must have permission to perform the s3:GetObjectTagging -// action. By default, the GET operation returns information about current version +// action. By default, the GET action returns information about current version // of an object. For a versioned bucket, you can have multiple versions of an // object in your bucket. To retrieve tags of any other version, use the versionId // query parameter. You also need permission for the s3:GetObjectVersionTagging @@ -5038,9 +5771,13 @@ func (c *S3) GetObjectTaggingRequest(input *GetObjectTaggingInput) (req *request // For information about the Amazon S3 object tagging feature, see Object Tagging // (https://docs.aws.amazon.com/AmazonS3/latest/dev/object-tagging.html). // -// The following operation is related to GetObjectTagging: +// The following actions are related to GetObjectTagging: +// +// - DeleteObjectTagging (https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteObjectTagging.html) // -// * PutObjectTagging (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObjectTagging.html) +// - GetObjectAttributes (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObjectAttributes.html) +// +// - PutObjectTagging (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObjectTagging.html) // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -5086,14 +5823,13 @@ const opGetObjectTorrent = "GetObjectTorrent" // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // +// // Example sending a request using the GetObjectTorrentRequest method. +// req, resp := client.GetObjectTorrentRequest(params) // -// // Example sending a request using the GetObjectTorrentRequest method. -// req, resp := client.GetObjectTorrentRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } // // See also, https://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/GetObjectTorrent func (c *S3) GetObjectTorrentRequest(input *GetObjectTorrentInput) (req *request.Request, output *GetObjectTorrentOutput) { @@ -5114,9 +5850,10 @@ func (c *S3) GetObjectTorrentRequest(input *GetObjectTorrentInput) (req *request // GetObjectTorrent API operation for Amazon Simple Storage Service. // +// This operation is not supported by directory buckets. +// // Returns torrent files from a bucket. BitTorrent can save you bandwidth when -// you're distributing large files. For more information about BitTorrent, see -// Using BitTorrent with Amazon S3 (https://docs.aws.amazon.com/AmazonS3/latest/dev/S3Torrent.html). +// you're distributing large files. // // You can get torrent only for objects that are less than 5 GB in size, and // that are not encrypted using server-side encryption with a customer-provided @@ -5124,11 +5861,11 @@ func (c *S3) GetObjectTorrentRequest(input *GetObjectTorrentInput) (req *request // // To use GET, you must have READ access to the object. // -// This action is not supported by Amazon S3 on Outposts. +// This functionality is not supported for Amazon S3 on Outposts. // -// The following operation is related to GetObjectTorrent: +// The following action is related to GetObjectTorrent: // -// * GetObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObject.html) +// - GetObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObject.html) // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -5174,14 +5911,13 @@ const opGetPublicAccessBlock = "GetPublicAccessBlock" // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // +// // Example sending a request using the GetPublicAccessBlockRequest method. +// req, resp := client.GetPublicAccessBlockRequest(params) // -// // Example sending a request using the GetPublicAccessBlockRequest method. -// req, resp := client.GetPublicAccessBlockRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } // // See also, https://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/GetPublicAccessBlock func (c *S3) GetPublicAccessBlockRequest(input *GetPublicAccessBlockInput) (req *request.Request, output *GetPublicAccessBlockOutput) { @@ -5202,6 +5938,8 @@ func (c *S3) GetPublicAccessBlockRequest(input *GetPublicAccessBlockInput) (req // GetPublicAccessBlock API operation for Amazon Simple Storage Service. // +// This operation is not supported by directory buckets. +// // Retrieves the PublicAccessBlock configuration for an Amazon S3 bucket. To // use this operation, you must have the s3:GetBucketPublicAccessBlock permission. // For more information about Amazon S3 permissions, see Specifying Permissions @@ -5219,13 +5957,13 @@ func (c *S3) GetPublicAccessBlockRequest(input *GetPublicAccessBlockInput) (req // // The following operations are related to GetPublicAccessBlock: // -// * Using Amazon S3 Block Public Access (https://docs.aws.amazon.com/AmazonS3/latest/dev/access-control-block-public-access.html) +// - Using Amazon S3 Block Public Access (https://docs.aws.amazon.com/AmazonS3/latest/dev/access-control-block-public-access.html) // -// * PutPublicAccessBlock (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutPublicAccessBlock.html) +// - PutPublicAccessBlock (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutPublicAccessBlock.html) // -// * GetPublicAccessBlock (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetPublicAccessBlock.html) +// - GetPublicAccessBlock (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetPublicAccessBlock.html) // -// * DeletePublicAccessBlock (https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeletePublicAccessBlock.html) +// - DeletePublicAccessBlock (https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeletePublicAccessBlock.html) // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -5271,14 +6009,13 @@ const opHeadBucket = "HeadBucket" // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // +// // Example sending a request using the HeadBucketRequest method. +// req, resp := client.HeadBucketRequest(params) // -// // Example sending a request using the HeadBucketRequest method. -// req, resp := client.HeadBucketRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } // // See also, https://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/HeadBucket func (c *S3) HeadBucketRequest(input *HeadBucketInput) (req *request.Request, output *HeadBucketOutput) { @@ -5294,22 +6031,63 @@ func (c *S3) HeadBucketRequest(input *HeadBucketInput) (req *request.Request, ou output = &HeadBucketOutput{} req = c.newRequest(op, input, output) - req.Handlers.Unmarshal.Swap(restxml.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) return } // HeadBucket API operation for Amazon Simple Storage Service. // -// This operation is useful to determine if a bucket exists and you have permission -// to access it. The operation returns a 200 OK if the bucket exists and you -// have permission to access it. Otherwise, the operation might return responses -// such as 404 Not Found and 403 Forbidden. +// You can use this operation to determine if a bucket exists and if you have +// permission to access it. The action returns a 200 OK if the bucket exists +// and you have permission to access it. // -// To use this operation, you must have permissions to perform the s3:ListBucket -// action. The bucket owner has this permission by default and can grant this -// permission to others. For more information about permissions, see Permissions -// Related to Bucket Subresource Operations (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources) -// and Managing Access Permissions to Your Amazon S3 Resources (https://docs.aws.amazon.com/AmazonS3/latest/dev/s3-access-control.html). +// If the bucket does not exist or you do not have permission to access it, +// the HEAD request returns a generic 400 Bad Request, 403 Forbidden or 404 +// Not Found code. A message body is not included, so you cannot determine the +// exception beyond these HTTP response codes. +// +// Directory buckets - You must make requests for this API operation to the +// Zonal endpoint. These endpoints support virtual-hosted-style requests in +// the format https://bucket_name.s3express-az_id.region.amazonaws.com. Path-style +// requests are not supported. For more information, see Regional and Zonal +// endpoints (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-Regions-and-Zones.html) +// in the Amazon S3 User Guide. +// +// # Authentication and authorization +// +// All HeadBucket requests must be authenticated and signed by using IAM credentials +// (access key ID and secret access key for the IAM identities). All headers +// with the x-amz- prefix, including x-amz-copy-source, must be signed. For +// more information, see REST Authentication (https://docs.aws.amazon.com/AmazonS3/latest/dev/RESTAuthentication.html). +// +// Directory bucket - You must use IAM credentials to authenticate and authorize +// your access to the HeadBucket API operation, instead of using the temporary +// security credentials through the CreateSession API operation. +// +// Amazon Web Services CLI or SDKs handles authentication and authorization +// on your behalf. +// +// Permissions +// +// - General purpose bucket permissions - To use this operation, you must +// have permissions to perform the s3:ListBucket action. The bucket owner +// has this permission by default and can grant this permission to others. +// For more information about permissions, see Managing access permissions +// to your Amazon S3 resources (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-access-control.html) +// in the Amazon S3 User Guide. +// +// - Directory bucket permissions - You must have the s3express:CreateSession +// permission in the Action element of a policy. By default, the session +// is in the ReadWrite mode. If you want to restrict the access, you can +// explicitly set the s3express:SessionMode condition key to ReadOnly on +// the bucket. For more information about example bucket policies, see Example +// bucket policies for S3 Express One Zone (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-security-iam-example-bucket-policies.html) +// and Amazon Web Services Identity and Access Management (IAM) identity-based +// policies for S3 Express One Zone (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-security-iam-identity-policies.html) +// in the Amazon S3 User Guide. +// +// # HTTP Host header syntax +// +// Directory buckets - The HTTP Host header syntax is Bucket_name.s3express-az_id.region.amazonaws.com. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -5319,8 +6097,8 @@ func (c *S3) HeadBucketRequest(input *HeadBucketInput) (req *request.Request, ou // API operation HeadBucket for usage and error information. // // Returned Error Codes: -// * ErrCodeNoSuchBucket "NoSuchBucket" -// The specified bucket does not exist. +// - ErrCodeNoSuchBucket "NoSuchBucket" +// The specified bucket does not exist. // // See also, https://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/HeadBucket func (c *S3) HeadBucket(input *HeadBucketInput) (*HeadBucketOutput, error) { @@ -5360,14 +6138,13 @@ const opHeadObject = "HeadObject" // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // +// // Example sending a request using the HeadObjectRequest method. +// req, resp := client.HeadObjectRequest(params) // -// // Example sending a request using the HeadObjectRequest method. -// req, resp := client.HeadObjectRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } // // See also, https://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/HeadObject func (c *S3) HeadObjectRequest(input *HeadObjectInput) (req *request.Request, output *HeadObjectOutput) { @@ -5389,65 +6166,109 @@ func (c *S3) HeadObjectRequest(input *HeadObjectInput) (req *request.Request, ou // HeadObject API operation for Amazon Simple Storage Service. // // The HEAD operation retrieves metadata from an object without returning the -// object itself. This operation is useful if you're only interested in an object's -// metadata. To use HEAD, you must have READ access to the object. +// object itself. This operation is useful if you're interested only in an object's +// metadata. // // A HEAD request has the same options as a GET operation on an object. The // response is identical to the GET response except that there is no response -// body. +// body. Because of this, if the HEAD request generates an error, it returns +// a generic code, such as 400 Bad Request, 403 Forbidden, 404 Not Found, 405 +// Method Not Allowed, 412 Precondition Failed, or 304 Not Modified. It's not +// possible to retrieve the exact exception of these error codes. +// +// Request headers are limited to 8 KB in size. For more information, see Common +// Request Headers (https://docs.aws.amazon.com/AmazonS3/latest/API/RESTCommonRequestHeaders.html). +// +// Directory buckets - For directory buckets, you must make requests for this +// API operation to the Zonal endpoint. These endpoints support virtual-hosted-style +// requests in the format https://bucket_name.s3express-az_id.region.amazonaws.com/key-name +// . Path-style requests are not supported. For more information, see Regional +// and Zonal endpoints (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-Regions-and-Zones.html) +// in the Amazon S3 User Guide. +// +// Permissions +// +// - General purpose bucket permissions - To use HEAD, you must have the +// s3:GetObject permission. You need the relevant read object (or version) +// permission for this operation. For more information, see Actions, resources, +// and condition keys for Amazon S3 (https://docs.aws.amazon.com/AmazonS3/latest/dev/list_amazons3.html) +// in the Amazon S3 User Guide. If the object you request doesn't exist, +// the error that Amazon S3 returns depends on whether you also have the +// s3:ListBucket permission. If you have the s3:ListBucket permission on +// the bucket, Amazon S3 returns an HTTP status code 404 Not Found error. +// If you don’t have the s3:ListBucket permission, Amazon S3 returns an +// HTTP status code 403 Forbidden error. +// +// - Directory bucket permissions - To grant access to this API operation +// on a directory bucket, we recommend that you use the CreateSession (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html) +// API operation for session-based authorization. Specifically, you grant +// the s3express:CreateSession permission to the directory bucket in a bucket +// policy or an IAM identity-based policy. Then, you make the CreateSession +// API call on the bucket to obtain a session token. With the session token +// in your request header, you can make API requests to this operation. After +// the session token expires, you make another CreateSession API call to +// generate a new session token for use. Amazon Web Services CLI or SDKs +// create session and refresh the session token automatically to avoid service +// interruptions when a session expires. For more information about authorization, +// see CreateSession (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html). +// +// # Encryption +// +// Encryption request headers, like x-amz-server-side-encryption, should not +// be sent for HEAD requests if your object uses server-side encryption with +// Key Management Service (KMS) keys (SSE-KMS), dual-layer server-side encryption +// with Amazon Web Services KMS keys (DSSE-KMS), or server-side encryption with +// Amazon S3 managed encryption keys (SSE-S3). The x-amz-server-side-encryption +// header is used when you PUT an object to S3 and want to specify the encryption +// method. If you include this header in a HEAD request for an object that uses +// these types of keys, you’ll get an HTTP 400 Bad Request error. It's because +// the encryption method can't be changed when you retrieve the object. // // If you encrypt an object by using server-side encryption with customer-provided // encryption keys (SSE-C) when you store the object in Amazon S3, then when -// you retrieve the metadata from the object, you must use the following headers: +// you retrieve the metadata from the object, you must use the following headers +// to provide the encryption key for the server to be able to retrieve the object's +// metadata. The headers are: // -// * x-amz-server-side-encryption-customer-algorithm +// - x-amz-server-side-encryption-customer-algorithm // -// * x-amz-server-side-encryption-customer-key +// - x-amz-server-side-encryption-customer-key // -// * x-amz-server-side-encryption-customer-key-MD5 +// - x-amz-server-side-encryption-customer-key-MD5 // // For more information about SSE-C, see Server-Side Encryption (Using Customer-Provided -// Encryption Keys) (https://docs.aws.amazon.com/AmazonS3/latest/dev/ServerSideEncryptionCustomerKeys.html). -// -// Encryption request headers, like x-amz-server-side-encryption, should not -// be sent for GET requests if your object uses server-side encryption with -// CMKs stored in AWS KMS (SSE-KMS) or server-side encryption with Amazon S3–managed -// encryption keys (SSE-S3). If your object does use these types of keys, you’ll -// get an HTTP 400 BadRequest error. +// Encryption Keys) (https://docs.aws.amazon.com/AmazonS3/latest/dev/ServerSideEncryptionCustomerKeys.html) +// in the Amazon S3 User Guide. // -// Request headers are limited to 8 KB in size. For more information, see Common -// Request Headers (https://docs.aws.amazon.com/AmazonS3/latest/API/RESTCommonRequestHeaders.html). +// Directory bucket permissions - For directory buckets, only server-side encryption +// with Amazon S3 managed keys (SSE-S3) (AES256) is supported. // -// Consider the following when using request headers: +// Versioning // -// * Consideration 1 – If both of the If-Match and If-Unmodified-Since -// headers are present in the request as follows: If-Match condition evaluates -// to true, and; If-Unmodified-Since condition evaluates to false; Then Amazon -// S3 returns 200 OK and the data requested. +// - If the current version of the object is a delete marker, Amazon S3 behaves +// as if the object was deleted and includes x-amz-delete-marker: true in +// the response. // -// * Consideration 2 – If both of the If-None-Match and If-Modified-Since -// headers are present in the request as follows: If-None-Match condition -// evaluates to false, and; If-Modified-Since condition evaluates to true; -// Then Amazon S3 returns the 304 Not Modified response code. +// - If the specified version is a delete marker, the response returns a +// 405 Method Not Allowed error and the Last-Modified: timestamp response +// header. // -// For more information about conditional requests, see RFC 7232 (https://tools.ietf.org/html/rfc7232). +// - Directory buckets - Delete marker is not supported by directory buckets. // -// Permissions +// - Directory buckets - S3 Versioning isn't enabled and supported for directory +// buckets. For this API operation, only the null value of the version ID +// is supported by directory buckets. You can only specify null to the versionId +// query parameter in the request. // -// You need the s3:GetObject permission for this operation. For more information, -// see Specifying Permissions in a Policy (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-with-s3-actions.html). -// If the object you request does not exist, the error Amazon S3 returns depends -// on whether you also have the s3:ListBucket permission. +// # HTTP Host header syntax // -// * If you have the s3:ListBucket permission on the bucket, Amazon S3 returns -// an HTTP status code 404 ("no such key") error. +// Directory buckets - The HTTP Host header syntax is Bucket_name.s3express-az_id.region.amazonaws.com. // -// * If you don’t have the s3:ListBucket permission, Amazon S3 returns -// an HTTP status code 403 ("access denied") error. +// The following actions are related to HeadObject: // -// The following operation is related to HeadObject: +// - GetObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObject.html) // -// * GetObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObject.html) +// - GetObjectAttributes (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObjectAttributes.html) // // See http://docs.aws.amazon.com/AmazonS3/latest/API/ErrorResponses.html#RESTErrorResponses // for more information on returned errors. @@ -5496,14 +6317,13 @@ const opListBucketAnalyticsConfigurations = "ListBucketAnalyticsConfigurations" // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // +// // Example sending a request using the ListBucketAnalyticsConfigurationsRequest method. +// req, resp := client.ListBucketAnalyticsConfigurationsRequest(params) // -// // Example sending a request using the ListBucketAnalyticsConfigurationsRequest method. -// req, resp := client.ListBucketAnalyticsConfigurationsRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } // // See also, https://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/ListBucketAnalyticsConfigurations func (c *S3) ListBucketAnalyticsConfigurationsRequest(input *ListBucketAnalyticsConfigurationsInput) (req *request.Request, output *ListBucketAnalyticsConfigurationsOutput) { @@ -5524,33 +6344,35 @@ func (c *S3) ListBucketAnalyticsConfigurationsRequest(input *ListBucketAnalytics // ListBucketAnalyticsConfigurations API operation for Amazon Simple Storage Service. // +// This operation is not supported by directory buckets. +// // Lists the analytics configurations for the bucket. You can have up to 1,000 // analytics configurations per bucket. // -// This operation supports list pagination and does not return more than 100 -// configurations at a time. You should always check the IsTruncated element -// in the response. If there are no more configurations to list, IsTruncated -// is set to false. If there are more configurations to list, IsTruncated is -// set to true, and there will be a value in NextContinuationToken. You use -// the NextContinuationToken value to continue the pagination of the list by -// passing the value in continuation-token in the request to GET the next page. +// This action supports list pagination and does not return more than 100 configurations +// at a time. You should always check the IsTruncated element in the response. +// If there are no more configurations to list, IsTruncated is set to false. +// If there are more configurations to list, IsTruncated is set to true, and +// there will be a value in NextContinuationToken. You use the NextContinuationToken +// value to continue the pagination of the list by passing the value in continuation-token +// in the request to GET the next page. // // To use this operation, you must have permissions to perform the s3:GetAnalyticsConfiguration // action. The bucket owner has this permission by default. The bucket owner // can grant this permission to others. For more information about permissions, -// see Permissions Related to Bucket Subresource Operations (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources) -// and Managing Access Permissions to Your Amazon S3 Resources (https://docs.aws.amazon.com/AmazonS3/latest/dev/s3-access-control.html). +// see Permissions Related to Bucket Subresource Operations (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources) +// and Managing Access Permissions to Your Amazon S3 Resources (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-access-control.html). // // For information about Amazon S3 analytics feature, see Amazon S3 Analytics // – Storage Class Analysis (https://docs.aws.amazon.com/AmazonS3/latest/dev/analytics-storage-class.html). // // The following operations are related to ListBucketAnalyticsConfigurations: // -// * GetBucketAnalyticsConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketAnalyticsConfiguration.html) +// - GetBucketAnalyticsConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketAnalyticsConfiguration.html) // -// * DeleteBucketAnalyticsConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketAnalyticsConfiguration.html) +// - DeleteBucketAnalyticsConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketAnalyticsConfiguration.html) // -// * PutBucketAnalyticsConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketAnalyticsConfiguration.html) +// - PutBucketAnalyticsConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketAnalyticsConfiguration.html) // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -5596,14 +6418,13 @@ const opListBucketIntelligentTieringConfigurations = "ListBucketIntelligentTieri // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // +// // Example sending a request using the ListBucketIntelligentTieringConfigurationsRequest method. +// req, resp := client.ListBucketIntelligentTieringConfigurationsRequest(params) // -// // Example sending a request using the ListBucketIntelligentTieringConfigurationsRequest method. -// req, resp := client.ListBucketIntelligentTieringConfigurationsRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } // // See also, https://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/ListBucketIntelligentTieringConfigurations func (c *S3) ListBucketIntelligentTieringConfigurationsRequest(input *ListBucketIntelligentTieringConfigurationsInput) (req *request.Request, output *ListBucketIntelligentTieringConfigurationsOutput) { @@ -5624,32 +6445,34 @@ func (c *S3) ListBucketIntelligentTieringConfigurationsRequest(input *ListBucket // ListBucketIntelligentTieringConfigurations API operation for Amazon Simple Storage Service. // +// This operation is not supported by directory buckets. +// // Lists the S3 Intelligent-Tiering configuration from the specified bucket. // // The S3 Intelligent-Tiering storage class is designed to optimize storage // costs by automatically moving data to the most cost-effective storage access -// tier, without additional operational overhead. S3 Intelligent-Tiering delivers -// automatic cost savings by moving data between access tiers, when access patterns -// change. -// -// The S3 Intelligent-Tiering storage class is suitable for objects larger than -// 128 KB that you plan to store for at least 30 days. If the size of an object -// is less than 128 KB, it is not eligible for auto-tiering. Smaller objects -// can be stored, but they are always charged at the frequent access tier rates +// tier, without performance impact or operational overhead. S3 Intelligent-Tiering +// delivers automatic cost savings in three low latency and high throughput +// access tiers. To get the lowest storage cost on data that can be accessed +// in minutes to hours, you can choose to activate additional archiving capabilities. +// +// The S3 Intelligent-Tiering storage class is the ideal storage class for data +// with unknown, changing, or unpredictable access patterns, independent of +// object size or retention period. If the size of an object is less than 128 +// KB, it is not monitored and not eligible for auto-tiering. Smaller objects +// can be stored, but they are always charged at the Frequent Access tier rates // in the S3 Intelligent-Tiering storage class. // -// If you delete an object before the end of the 30-day minimum storage duration -// period, you are charged for 30 days. For more information, see Storage class -// for automatically optimizing frequently and infrequently accessed objects -// (https://docs.aws.amazon.com/AmazonS3/latest/dev/storage-class-intro.html#sc-dynamic-data-access). +// For more information, see Storage class for automatically optimizing frequently +// and infrequently accessed objects (https://docs.aws.amazon.com/AmazonS3/latest/dev/storage-class-intro.html#sc-dynamic-data-access). // // Operations related to ListBucketIntelligentTieringConfigurations include: // -// * DeleteBucketIntelligentTieringConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketIntelligentTieringConfiguration.html) +// - DeleteBucketIntelligentTieringConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketIntelligentTieringConfiguration.html) // -// * PutBucketIntelligentTieringConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketIntelligentTieringConfiguration.html) +// - PutBucketIntelligentTieringConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketIntelligentTieringConfiguration.html) // -// * GetBucketIntelligentTieringConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketIntelligentTieringConfiguration.html) +// - GetBucketIntelligentTieringConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketIntelligentTieringConfiguration.html) // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -5695,14 +6518,13 @@ const opListBucketInventoryConfigurations = "ListBucketInventoryConfigurations" // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // +// // Example sending a request using the ListBucketInventoryConfigurationsRequest method. +// req, resp := client.ListBucketInventoryConfigurationsRequest(params) // -// // Example sending a request using the ListBucketInventoryConfigurationsRequest method. -// req, resp := client.ListBucketInventoryConfigurationsRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } // // See also, https://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/ListBucketInventoryConfigurations func (c *S3) ListBucketInventoryConfigurationsRequest(input *ListBucketInventoryConfigurationsInput) (req *request.Request, output *ListBucketInventoryConfigurationsOutput) { @@ -5723,33 +6545,35 @@ func (c *S3) ListBucketInventoryConfigurationsRequest(input *ListBucketInventory // ListBucketInventoryConfigurations API operation for Amazon Simple Storage Service. // +// This operation is not supported by directory buckets. +// // Returns a list of inventory configurations for the bucket. You can have up // to 1,000 analytics configurations per bucket. // -// This operation supports list pagination and does not return more than 100 -// configurations at a time. Always check the IsTruncated element in the response. -// If there are no more configurations to list, IsTruncated is set to false. -// If there are more configurations to list, IsTruncated is set to true, and -// there is a value in NextContinuationToken. You use the NextContinuationToken -// value to continue the pagination of the list by passing the value in continuation-token +// This action supports list pagination and does not return more than 100 configurations +// at a time. Always check the IsTruncated element in the response. If there +// are no more configurations to list, IsTruncated is set to false. If there +// are more configurations to list, IsTruncated is set to true, and there is +// a value in NextContinuationToken. You use the NextContinuationToken value +// to continue the pagination of the list by passing the value in continuation-token // in the request to GET the next page. // // To use this operation, you must have permissions to perform the s3:GetInventoryConfiguration // action. The bucket owner has this permission by default. The bucket owner // can grant this permission to others. For more information about permissions, -// see Permissions Related to Bucket Subresource Operations (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources) -// and Managing Access Permissions to Your Amazon S3 Resources (https://docs.aws.amazon.com/AmazonS3/latest/dev/s3-access-control.html). +// see Permissions Related to Bucket Subresource Operations (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources) +// and Managing Access Permissions to Your Amazon S3 Resources (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-access-control.html). // // For information about the Amazon S3 inventory feature, see Amazon S3 Inventory // (https://docs.aws.amazon.com/AmazonS3/latest/dev/storage-inventory.html) // // The following operations are related to ListBucketInventoryConfigurations: // -// * GetBucketInventoryConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketInventoryConfiguration.html) +// - GetBucketInventoryConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketInventoryConfiguration.html) // -// * DeleteBucketInventoryConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketInventoryConfiguration.html) +// - DeleteBucketInventoryConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketInventoryConfiguration.html) // -// * PutBucketInventoryConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketInventoryConfiguration.html) +// - PutBucketInventoryConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketInventoryConfiguration.html) // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -5795,14 +6619,13 @@ const opListBucketMetricsConfigurations = "ListBucketMetricsConfigurations" // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // +// // Example sending a request using the ListBucketMetricsConfigurationsRequest method. +// req, resp := client.ListBucketMetricsConfigurationsRequest(params) // -// // Example sending a request using the ListBucketMetricsConfigurationsRequest method. -// req, resp := client.ListBucketMetricsConfigurationsRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } // // See also, https://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/ListBucketMetricsConfigurations func (c *S3) ListBucketMetricsConfigurationsRequest(input *ListBucketMetricsConfigurationsInput) (req *request.Request, output *ListBucketMetricsConfigurationsOutput) { @@ -5823,34 +6646,36 @@ func (c *S3) ListBucketMetricsConfigurationsRequest(input *ListBucketMetricsConf // ListBucketMetricsConfigurations API operation for Amazon Simple Storage Service. // +// This operation is not supported by directory buckets. +// // Lists the metrics configurations for the bucket. The metrics configurations // are only for the request metrics of the bucket and do not provide information // on daily storage metrics. You can have up to 1,000 configurations per bucket. // -// This operation supports list pagination and does not return more than 100 -// configurations at a time. Always check the IsTruncated element in the response. -// If there are no more configurations to list, IsTruncated is set to false. -// If there are more configurations to list, IsTruncated is set to true, and -// there is a value in NextContinuationToken. You use the NextContinuationToken -// value to continue the pagination of the list by passing the value in continuation-token +// This action supports list pagination and does not return more than 100 configurations +// at a time. Always check the IsTruncated element in the response. If there +// are no more configurations to list, IsTruncated is set to false. If there +// are more configurations to list, IsTruncated is set to true, and there is +// a value in NextContinuationToken. You use the NextContinuationToken value +// to continue the pagination of the list by passing the value in continuation-token // in the request to GET the next page. // // To use this operation, you must have permissions to perform the s3:GetMetricsConfiguration // action. The bucket owner has this permission by default. The bucket owner // can grant this permission to others. For more information about permissions, -// see Permissions Related to Bucket Subresource Operations (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources) -// and Managing Access Permissions to Your Amazon S3 Resources (https://docs.aws.amazon.com/AmazonS3/latest/dev/s3-access-control.html). +// see Permissions Related to Bucket Subresource Operations (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources) +// and Managing Access Permissions to Your Amazon S3 Resources (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-access-control.html). // // For more information about metrics configurations and CloudWatch request // metrics, see Monitoring Metrics with Amazon CloudWatch (https://docs.aws.amazon.com/AmazonS3/latest/dev/cloudwatch-monitoring.html). // // The following operations are related to ListBucketMetricsConfigurations: // -// * PutBucketMetricsConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketMetricsConfiguration.html) +// - PutBucketMetricsConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketMetricsConfiguration.html) // -// * GetBucketMetricsConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketMetricsConfiguration.html) +// - GetBucketMetricsConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketMetricsConfiguration.html) // -// * DeleteBucketMetricsConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketMetricsConfiguration.html) +// - DeleteBucketMetricsConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketMetricsConfiguration.html) // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -5896,14 +6721,13 @@ const opListBuckets = "ListBuckets" // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // +// // Example sending a request using the ListBucketsRequest method. +// req, resp := client.ListBucketsRequest(params) // -// // Example sending a request using the ListBucketsRequest method. -// req, resp := client.ListBucketsRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } // // See also, https://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/ListBuckets func (c *S3) ListBucketsRequest(input *ListBucketsInput) (req *request.Request, output *ListBucketsOutput) { @@ -5924,7 +6748,13 @@ func (c *S3) ListBucketsRequest(input *ListBucketsInput) (req *request.Request, // ListBuckets API operation for Amazon Simple Storage Service. // +// This operation is not supported by directory buckets. +// // Returns a list of all buckets owned by the authenticated sender of the request. +// To use this operation, you must have the s3:ListAllMyBuckets permission. +// +// For information about Amazon S3 buckets, see Creating, configuring, and working +// with Amazon S3 buckets (https://docs.aws.amazon.com/AmazonS3/latest/userguide/creating-buckets-s3.html). // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -5954,6 +6784,160 @@ func (c *S3) ListBucketsWithContext(ctx aws.Context, input *ListBucketsInput, op return out, req.Send() } +const opListDirectoryBuckets = "ListDirectoryBuckets" + +// ListDirectoryBucketsRequest generates a "aws/request.Request" representing the +// client's request for the ListDirectoryBuckets operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See ListDirectoryBuckets for more information on using the ListDirectoryBuckets +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the ListDirectoryBucketsRequest method. +// req, resp := client.ListDirectoryBucketsRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/ListDirectoryBuckets +func (c *S3) ListDirectoryBucketsRequest(input *ListDirectoryBucketsInput) (req *request.Request, output *ListDirectoryBucketsOutput) { + op := &request.Operation{ + Name: opListDirectoryBuckets, + HTTPMethod: "GET", + HTTPPath: "/", + Paginator: &request.Paginator{ + InputTokens: []string{"ContinuationToken"}, + OutputTokens: []string{"ContinuationToken"}, + LimitToken: "MaxDirectoryBuckets", + TruncationToken: "", + }, + } + + if input == nil { + input = &ListDirectoryBucketsInput{} + } + + output = &ListDirectoryBucketsOutput{} + req = c.newRequest(op, input, output) + return +} + +// ListDirectoryBuckets API operation for Amazon Simple Storage Service. +// +// Returns a list of all Amazon S3 directory buckets owned by the authenticated +// sender of the request. For more information about directory buckets, see +// Directory buckets (https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-buckets-overview.html) +// in the Amazon S3 User Guide. +// +// Directory buckets - For directory buckets, you must make requests for this +// API operation to the Regional endpoint. These endpoints support path-style +// requests in the format https://s3express-control.region_code.amazonaws.com/bucket-name +// . Virtual-hosted-style requests aren't supported. For more information, see +// Regional and Zonal endpoints (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-Regions-and-Zones.html) +// in the Amazon S3 User Guide. +// +// # Permissions +// +// You must have the s3express:ListAllMyDirectoryBuckets permission in an IAM +// identity-based policy instead of a bucket policy. Cross-account access to +// this API operation isn't supported. This operation can only be performed +// by the Amazon Web Services account that owns the resource. For more information +// about directory bucket policies and permissions, see Amazon Web Services +// Identity and Access Management (IAM) for S3 Express One Zone (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-security-iam.html) +// in the Amazon S3 User Guide. +// +// # HTTP Host header syntax +// +// Directory buckets - The HTTP Host header syntax is s3express-control.region.amazonaws.com. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Simple Storage Service's +// API operation ListDirectoryBuckets for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/ListDirectoryBuckets +func (c *S3) ListDirectoryBuckets(input *ListDirectoryBucketsInput) (*ListDirectoryBucketsOutput, error) { + req, out := c.ListDirectoryBucketsRequest(input) + return out, req.Send() +} + +// ListDirectoryBucketsWithContext is the same as ListDirectoryBuckets with the addition of +// the ability to pass a context and additional request options. +// +// See ListDirectoryBuckets for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *S3) ListDirectoryBucketsWithContext(ctx aws.Context, input *ListDirectoryBucketsInput, opts ...request.Option) (*ListDirectoryBucketsOutput, error) { + req, out := c.ListDirectoryBucketsRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +// ListDirectoryBucketsPages iterates over the pages of a ListDirectoryBuckets operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See ListDirectoryBuckets method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a ListDirectoryBuckets operation. +// pageNum := 0 +// err := client.ListDirectoryBucketsPages(params, +// func(page *s3.ListDirectoryBucketsOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +func (c *S3) ListDirectoryBucketsPages(input *ListDirectoryBucketsInput, fn func(*ListDirectoryBucketsOutput, bool) bool) error { + return c.ListDirectoryBucketsPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// ListDirectoryBucketsPagesWithContext same as ListDirectoryBucketsPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *S3) ListDirectoryBucketsPagesWithContext(ctx aws.Context, input *ListDirectoryBucketsInput, fn func(*ListDirectoryBucketsOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *ListDirectoryBucketsInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.ListDirectoryBucketsRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*ListDirectoryBucketsOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + const opListMultipartUploads = "ListMultipartUploads" // ListMultipartUploadsRequest generates a "aws/request.Request" representing the @@ -5970,14 +6954,13 @@ const opListMultipartUploads = "ListMultipartUploads" // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // +// // Example sending a request using the ListMultipartUploadsRequest method. +// req, resp := client.ListMultipartUploadsRequest(params) // -// // Example sending a request using the ListMultipartUploadsRequest method. -// req, resp := client.ListMultipartUploadsRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } // // See also, https://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/ListMultipartUploads func (c *S3) ListMultipartUploadsRequest(input *ListMultipartUploadsInput) (req *request.Request, output *ListMultipartUploadsOutput) { @@ -6004,40 +6987,91 @@ func (c *S3) ListMultipartUploadsRequest(input *ListMultipartUploadsInput) (req // ListMultipartUploads API operation for Amazon Simple Storage Service. // -// This operation lists in-progress multipart uploads. An in-progress multipart -// upload is a multipart upload that has been initiated using the Initiate Multipart -// Upload request, but has not yet been completed or aborted. +// This operation lists in-progress multipart uploads in a bucket. An in-progress +// multipart upload is a multipart upload that has been initiated by the CreateMultipartUpload +// request, but has not yet been completed or aborted. +// +// Directory buckets - If multipart uploads in a directory bucket are in progress, +// you can't delete the bucket until all the in-progress multipart uploads are +// aborted or completed. +// +// The ListMultipartUploads operation returns a maximum of 1,000 multipart uploads +// in the response. The limit of 1,000 multipart uploads is also the default +// value. You can further limit the number of uploads in a response by specifying +// the max-uploads request parameter. If there are more than 1,000 multipart +// uploads that satisfy your ListMultipartUploads request, the response returns +// an IsTruncated element with the value of true, a NextKeyMarker element, and +// a NextUploadIdMarker element. To list the remaining multipart uploads, you +// need to make subsequent ListMultipartUploads requests. In these requests, +// include two query parameters: key-marker and upload-id-marker. Set the value +// of key-marker to the NextKeyMarker value from the previous response. Similarly, +// set the value of upload-id-marker to the NextUploadIdMarker value from the +// previous response. +// +// Directory buckets - The upload-id-marker element and the NextUploadIdMarker +// element aren't supported by directory buckets. To list the additional multipart +// uploads, you only need to set the value of key-marker to the NextKeyMarker +// value from the previous response. // -// This operation returns at most 1,000 multipart uploads in the response. 1,000 -// multipart uploads is the maximum number of uploads a response can include, -// which is also the default value. You can further limit the number of uploads -// in a response by specifying the max-uploads parameter in the response. If -// additional multipart uploads satisfy the list criteria, the response will -// contain an IsTruncated element with the value true. To list the additional -// multipart uploads, use the key-marker and upload-id-marker request parameters. +// For more information about multipart uploads, see Uploading Objects Using +// Multipart Upload (https://docs.aws.amazon.com/AmazonS3/latest/dev/uploadobjusingmpu.html) +// in the Amazon S3 User Guide. // -// In the response, the uploads are sorted by key. If your application has initiated -// more than one multipart upload using the same object key, then uploads in -// the response are first sorted by key. Additionally, uploads are sorted in -// ascending order within each key by the upload initiation time. +// Directory buckets - For directory buckets, you must make requests for this +// API operation to the Zonal endpoint. These endpoints support virtual-hosted-style +// requests in the format https://bucket_name.s3express-az_id.region.amazonaws.com/key-name +// . Path-style requests are not supported. For more information, see Regional +// and Zonal endpoints (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-Regions-and-Zones.html) +// in the Amazon S3 User Guide. // -// For more information on multipart uploads, see Uploading Objects Using Multipart -// Upload (https://docs.aws.amazon.com/AmazonS3/latest/dev/uploadobjusingmpu.html). +// Permissions // -// For information on permissions required to use the multipart upload API, -// see Multipart Upload API and Permissions (https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuAndPermissions.html). +// - General purpose bucket permissions - For information about permissions +// required to use the multipart upload API, see Multipart Upload and Permissions +// (https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuAndPermissions.html) +// in the Amazon S3 User Guide. +// +// - Directory bucket permissions - To grant access to this API operation +// on a directory bucket, we recommend that you use the CreateSession (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html) +// API operation for session-based authorization. Specifically, you grant +// the s3express:CreateSession permission to the directory bucket in a bucket +// policy or an IAM identity-based policy. Then, you make the CreateSession +// API call on the bucket to obtain a session token. With the session token +// in your request header, you can make API requests to this operation. After +// the session token expires, you make another CreateSession API call to +// generate a new session token for use. Amazon Web Services CLI or SDKs +// create session and refresh the session token automatically to avoid service +// interruptions when a session expires. For more information about authorization, +// see CreateSession (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html). +// +// Sorting of multipart uploads in response +// +// - General purpose bucket - In the ListMultipartUploads response, the multipart +// uploads are sorted based on two criteria: Key-based sorting - Multipart +// uploads are initially sorted in ascending order based on their object +// keys. Time-based sorting - For uploads that share the same object key, +// they are further sorted in ascending order based on the upload initiation +// time. Among uploads with the same key, the one that was initiated first +// will appear before the ones that were initiated later. +// +// - Directory bucket - In the ListMultipartUploads response, the multipart +// uploads aren't sorted lexicographically based on the object keys. +// +// # HTTP Host header syntax +// +// Directory buckets - The HTTP Host header syntax is Bucket_name.s3express-az_id.region.amazonaws.com. // // The following operations are related to ListMultipartUploads: // -// * CreateMultipartUpload (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateMultipartUpload.html) +// - CreateMultipartUpload (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateMultipartUpload.html) // -// * UploadPart (https://docs.aws.amazon.com/AmazonS3/latest/API/API_UploadPart.html) +// - UploadPart (https://docs.aws.amazon.com/AmazonS3/latest/API/API_UploadPart.html) // -// * CompleteMultipartUpload (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CompleteMultipartUpload.html) +// - CompleteMultipartUpload (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CompleteMultipartUpload.html) // -// * ListParts (https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListParts.html) +// - ListParts (https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListParts.html) // -// * AbortMultipartUpload (https://docs.aws.amazon.com/AmazonS3/latest/API/API_AbortMultipartUpload.html) +// - AbortMultipartUpload (https://docs.aws.amazon.com/AmazonS3/latest/API/API_AbortMultipartUpload.html) // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -6075,15 +7109,14 @@ func (c *S3) ListMultipartUploadsWithContext(ctx aws.Context, input *ListMultipa // // Note: This operation can generate multiple requests to a service. // -// // Example iterating over at most 3 pages of a ListMultipartUploads operation. -// pageNum := 0 -// err := client.ListMultipartUploadsPages(params, -// func(page *s3.ListMultipartUploadsOutput, lastPage bool) bool { -// pageNum++ -// fmt.Println(page) -// return pageNum <= 3 -// }) -// +// // Example iterating over at most 3 pages of a ListMultipartUploads operation. +// pageNum := 0 +// err := client.ListMultipartUploadsPages(params, +// func(page *s3.ListMultipartUploadsOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) func (c *S3) ListMultipartUploadsPages(input *ListMultipartUploadsInput, fn func(*ListMultipartUploadsOutput, bool) bool) error { return c.ListMultipartUploadsPagesWithContext(aws.BackgroundContext(), input, fn) } @@ -6135,14 +7168,13 @@ const opListObjectVersions = "ListObjectVersions" // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // +// // Example sending a request using the ListObjectVersionsRequest method. +// req, resp := client.ListObjectVersionsRequest(params) // -// // Example sending a request using the ListObjectVersionsRequest method. -// req, resp := client.ListObjectVersionsRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } // // See also, https://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/ListObjectVersions func (c *S3) ListObjectVersionsRequest(input *ListObjectVersionsInput) (req *request.Request, output *ListObjectVersionsOutput) { @@ -6169,26 +7201,29 @@ func (c *S3) ListObjectVersionsRequest(input *ListObjectVersionsInput) (req *req // ListObjectVersions API operation for Amazon Simple Storage Service. // +// This operation is not supported by directory buckets. +// // Returns metadata about all versions of the objects in a bucket. You can also // use request parameters as selection criteria to return metadata about a subset // of all the object versions. // +// To use this operation, you must have permission to perform the s3:ListBucketVersions +// action. Be aware of the name difference. +// // A 200 OK response can contain valid or invalid XML. Make sure to design your // application to parse the contents of the response and handle it appropriately. // // To use this operation, you must have READ access to the bucket. // -// This action is not supported by Amazon S3 on Outposts. -// // The following operations are related to ListObjectVersions: // -// * ListObjectsV2 (https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListObjectsV2.html) +// - ListObjectsV2 (https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListObjectsV2.html) // -// * GetObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObject.html) +// - GetObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObject.html) // -// * PutObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObject.html) +// - PutObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObject.html) // -// * DeleteObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteObject.html) +// - DeleteObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteObject.html) // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -6226,15 +7261,14 @@ func (c *S3) ListObjectVersionsWithContext(ctx aws.Context, input *ListObjectVer // // Note: This operation can generate multiple requests to a service. // -// // Example iterating over at most 3 pages of a ListObjectVersions operation. -// pageNum := 0 -// err := client.ListObjectVersionsPages(params, -// func(page *s3.ListObjectVersionsOutput, lastPage bool) bool { -// pageNum++ -// fmt.Println(page) -// return pageNum <= 3 -// }) -// +// // Example iterating over at most 3 pages of a ListObjectVersions operation. +// pageNum := 0 +// err := client.ListObjectVersionsPages(params, +// func(page *s3.ListObjectVersionsOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) func (c *S3) ListObjectVersionsPages(input *ListObjectVersionsInput, fn func(*ListObjectVersionsOutput, bool) bool) error { return c.ListObjectVersionsPagesWithContext(aws.BackgroundContext(), input, fn) } @@ -6286,14 +7320,13 @@ const opListObjects = "ListObjects" // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // +// // Example sending a request using the ListObjectsRequest method. +// req, resp := client.ListObjectsRequest(params) // -// // Example sending a request using the ListObjectsRequest method. -// req, resp := client.ListObjectsRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } // // See also, https://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/ListObjects func (c *S3) ListObjectsRequest(input *ListObjectsInput) (req *request.Request, output *ListObjectsOutput) { @@ -6320,28 +7353,30 @@ func (c *S3) ListObjectsRequest(input *ListObjectsInput) (req *request.Request, // ListObjects API operation for Amazon Simple Storage Service. // +// This operation is not supported by directory buckets. +// // Returns some or all (up to 1,000) of the objects in a bucket. You can use // the request parameters as selection criteria to return a subset of the objects // in a bucket. A 200 OK response can contain valid or invalid XML. Be sure // to design your application to parse the contents of the response and handle // it appropriately. // -// This API has been revised. We recommend that you use the newer version, ListObjectsV2 -// (https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListObjectsV2.html), +// This action has been revised. We recommend that you use the newer version, +// ListObjectsV2 (https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListObjectsV2.html), // when developing applications. For backward compatibility, Amazon S3 continues // to support ListObjects. // // The following operations are related to ListObjects: // -// * ListObjectsV2 (https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListObjectsV2.html) +// - ListObjectsV2 (https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListObjectsV2.html) // -// * GetObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObject.html) +// - GetObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObject.html) // -// * PutObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObject.html) +// - PutObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObject.html) // -// * CreateBucket (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateBucket.html) +// - CreateBucket (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateBucket.html) // -// * ListBuckets (https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListBuckets.html) +// - ListBuckets (https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListBuckets.html) // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -6351,8 +7386,8 @@ func (c *S3) ListObjectsRequest(input *ListObjectsInput) (req *request.Request, // API operation ListObjects for usage and error information. // // Returned Error Codes: -// * ErrCodeNoSuchBucket "NoSuchBucket" -// The specified bucket does not exist. +// - ErrCodeNoSuchBucket "NoSuchBucket" +// The specified bucket does not exist. // // See also, https://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/ListObjects func (c *S3) ListObjects(input *ListObjectsInput) (*ListObjectsOutput, error) { @@ -6384,15 +7419,14 @@ func (c *S3) ListObjectsWithContext(ctx aws.Context, input *ListObjectsInput, op // // Note: This operation can generate multiple requests to a service. // -// // Example iterating over at most 3 pages of a ListObjects operation. -// pageNum := 0 -// err := client.ListObjectsPages(params, -// func(page *s3.ListObjectsOutput, lastPage bool) bool { -// pageNum++ -// fmt.Println(page) -// return pageNum <= 3 -// }) -// +// // Example iterating over at most 3 pages of a ListObjects operation. +// pageNum := 0 +// err := client.ListObjectsPages(params, +// func(page *s3.ListObjectsOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) func (c *S3) ListObjectsPages(input *ListObjectsInput, fn func(*ListObjectsOutput, bool) bool) error { return c.ListObjectsPagesWithContext(aws.BackgroundContext(), input, fn) } @@ -6444,14 +7478,13 @@ const opListObjectsV2 = "ListObjectsV2" // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // +// // Example sending a request using the ListObjectsV2Request method. +// req, resp := client.ListObjectsV2Request(params) // -// // Example sending a request using the ListObjectsV2Request method. -// req, resp := client.ListObjectsV2Request(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } // // See also, https://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/ListObjectsV2 func (c *S3) ListObjectsV2Request(input *ListObjectsV2Input) (req *request.Request, output *ListObjectsV2Output) { @@ -6478,35 +7511,69 @@ func (c *S3) ListObjectsV2Request(input *ListObjectsV2Input) (req *request.Reque // ListObjectsV2 API operation for Amazon Simple Storage Service. // -// Returns some or all (up to 1,000) of the objects in a bucket. You can use -// the request parameters as selection criteria to return a subset of the objects -// in a bucket. A 200 OK response can contain valid or invalid XML. Make sure -// to design your application to parse the contents of the response and handle -// it appropriately. +// Returns some or all (up to 1,000) of the objects in a bucket with each request. +// You can use the request parameters as selection criteria to return a subset +// of the objects in a bucket. A 200 OK response can contain valid or invalid +// XML. Make sure to design your application to parse the contents of the response +// and handle it appropriately. For more information about listing objects, +// see Listing object keys programmatically (https://docs.aws.amazon.com/AmazonS3/latest/userguide/ListingKeysUsingAPIs.html) +// in the Amazon S3 User Guide. To get a list of your buckets, see ListBuckets +// (https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListBuckets.html). +// +// Directory buckets - For directory buckets, you must make requests for this +// API operation to the Zonal endpoint. These endpoints support virtual-hosted-style +// requests in the format https://bucket_name.s3express-az_id.region.amazonaws.com/key-name +// . Path-style requests are not supported. For more information, see Regional +// and Zonal endpoints (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-Regions-and-Zones.html) +// in the Amazon S3 User Guide. // -// To use this operation, you must have READ access to the bucket. +// Permissions // -// To use this operation in an AWS Identity and Access Management (IAM) policy, -// you must have permissions to perform the s3:ListBucket action. The bucket -// owner has this permission by default and can grant this permission to others. -// For more information about permissions, see Permissions Related to Bucket -// Subresource Operations (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources) -// and Managing Access Permissions to Your Amazon S3 Resources (https://docs.aws.amazon.com/AmazonS3/latest/dev/s3-access-control.html). +// - General purpose bucket permissions - To use this operation, you must +// have READ access to the bucket. You must have permission to perform the +// s3:ListBucket action. The bucket owner has this permission by default +// and can grant this permission to others. For more information about permissions, +// see Permissions Related to Bucket Subresource Operations (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources) +// and Managing Access Permissions to Your Amazon S3 Resources (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-access-control.html) +// in the Amazon S3 User Guide. +// +// - Directory bucket permissions - To grant access to this API operation +// on a directory bucket, we recommend that you use the CreateSession (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html) +// API operation for session-based authorization. Specifically, you grant +// the s3express:CreateSession permission to the directory bucket in a bucket +// policy or an IAM identity-based policy. Then, you make the CreateSession +// API call on the bucket to obtain a session token. With the session token +// in your request header, you can make API requests to this operation. After +// the session token expires, you make another CreateSession API call to +// generate a new session token for use. Amazon Web Services CLI or SDKs +// create session and refresh the session token automatically to avoid service +// interruptions when a session expires. For more information about authorization, +// see CreateSession (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html). +// +// Sorting order of returned objects // -// This section describes the latest revision of the API. We recommend that -// you use this revised API for application development. For backward compatibility, -// Amazon S3 continues to support the prior version of this API, ListObjects -// (https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListObjects.html). +// - General purpose bucket - For general purpose buckets, ListObjectsV2 +// returns objects in lexicographical order based on their key names. // -// To get a list of your buckets, see ListBuckets (https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListBuckets.html). +// - Directory bucket - For directory buckets, ListObjectsV2 does not return +// objects in lexicographical order. +// +// # HTTP Host header syntax +// +// Directory buckets - The HTTP Host header syntax is Bucket_name.s3express-az_id.region.amazonaws.com. +// +// This section describes the latest revision of this action. We recommend that +// you use this revised API operation for application development. For backward +// compatibility, Amazon S3 continues to support the prior version of this API +// operation, ListObjects (https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListObjects.html). // // The following operations are related to ListObjectsV2: // -// * GetObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObject.html) +// - GetObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObject.html) // -// * PutObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObject.html) +// - PutObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObject.html) // -// * CreateBucket (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateBucket.html) +// - CreateBucket (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateBucket.html) // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -6516,8 +7583,8 @@ func (c *S3) ListObjectsV2Request(input *ListObjectsV2Input) (req *request.Reque // API operation ListObjectsV2 for usage and error information. // // Returned Error Codes: -// * ErrCodeNoSuchBucket "NoSuchBucket" -// The specified bucket does not exist. +// - ErrCodeNoSuchBucket "NoSuchBucket" +// The specified bucket does not exist. // // See also, https://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/ListObjectsV2 func (c *S3) ListObjectsV2(input *ListObjectsV2Input) (*ListObjectsV2Output, error) { @@ -6549,15 +7616,14 @@ func (c *S3) ListObjectsV2WithContext(ctx aws.Context, input *ListObjectsV2Input // // Note: This operation can generate multiple requests to a service. // -// // Example iterating over at most 3 pages of a ListObjectsV2 operation. -// pageNum := 0 -// err := client.ListObjectsV2Pages(params, -// func(page *s3.ListObjectsV2Output, lastPage bool) bool { -// pageNum++ -// fmt.Println(page) -// return pageNum <= 3 -// }) -// +// // Example iterating over at most 3 pages of a ListObjectsV2 operation. +// pageNum := 0 +// err := client.ListObjectsV2Pages(params, +// func(page *s3.ListObjectsV2Output, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) func (c *S3) ListObjectsV2Pages(input *ListObjectsV2Input, fn func(*ListObjectsV2Output, bool) bool) error { return c.ListObjectsV2PagesWithContext(aws.BackgroundContext(), input, fn) } @@ -6609,14 +7675,13 @@ const opListParts = "ListParts" // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // +// // Example sending a request using the ListPartsRequest method. +// req, resp := client.ListPartsRequest(params) // -// // Example sending a request using the ListPartsRequest method. -// req, resp := client.ListPartsRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } // // See also, https://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/ListParts func (c *S3) ListPartsRequest(input *ListPartsInput) (req *request.Request, output *ListPartsOutput) { @@ -6644,33 +7709,72 @@ func (c *S3) ListPartsRequest(input *ListPartsInput) (req *request.Request, outp // ListParts API operation for Amazon Simple Storage Service. // // Lists the parts that have been uploaded for a specific multipart upload. -// This operation must include the upload ID, which you obtain by sending the -// initiate multipart upload request (see CreateMultipartUpload (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateMultipartUpload.html)). -// This request returns a maximum of 1,000 uploaded parts. The default number -// of parts returned is 1,000 parts. You can restrict the number of parts returned -// by specifying the max-parts request parameter. If your multipart upload consists -// of more than 1,000 parts, the response returns an IsTruncated field with -// the value of true, and a NextPartNumberMarker element. In subsequent ListParts -// requests you can include the part-number-marker query string parameter and -// set its value to the NextPartNumberMarker field value from the previous response. +// +// To use this operation, you must provide the upload ID in the request. You +// obtain this uploadID by sending the initiate multipart upload request through +// CreateMultipartUpload (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateMultipartUpload.html). +// +// The ListParts request returns a maximum of 1,000 uploaded parts. The limit +// of 1,000 parts is also the default value. You can restrict the number of +// parts in a response by specifying the max-parts request parameter. If your +// multipart upload consists of more than 1,000 parts, the response returns +// an IsTruncated field with the value of true, and a NextPartNumberMarker element. +// To list remaining uploaded parts, in subsequent ListParts requests, include +// the part-number-marker query string parameter and set its value to the NextPartNumberMarker +// field value from the previous response. // // For more information on multipart uploads, see Uploading Objects Using Multipart -// Upload (https://docs.aws.amazon.com/AmazonS3/latest/dev/uploadobjusingmpu.html). +// Upload (https://docs.aws.amazon.com/AmazonS3/latest/dev/uploadobjusingmpu.html) +// in the Amazon S3 User Guide. // -// For information on permissions required to use the multipart upload API, -// see Multipart Upload API and Permissions (https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuAndPermissions.html). +// Directory buckets - For directory buckets, you must make requests for this +// API operation to the Zonal endpoint. These endpoints support virtual-hosted-style +// requests in the format https://bucket_name.s3express-az_id.region.amazonaws.com/key-name +// . Path-style requests are not supported. For more information, see Regional +// and Zonal endpoints (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-Regions-and-Zones.html) +// in the Amazon S3 User Guide. +// +// Permissions +// +// - General purpose bucket permissions - For information about permissions +// required to use the multipart upload API, see Multipart Upload and Permissions +// (https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuAndPermissions.html) +// in the Amazon S3 User Guide. If the upload was created using server-side +// encryption with Key Management Service (KMS) keys (SSE-KMS) or dual-layer +// server-side encryption with Amazon Web Services KMS keys (DSSE-KMS), you +// must have permission to the kms:Decrypt action for the ListParts request +// to succeed. +// +// - Directory bucket permissions - To grant access to this API operation +// on a directory bucket, we recommend that you use the CreateSession (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html) +// API operation for session-based authorization. Specifically, you grant +// the s3express:CreateSession permission to the directory bucket in a bucket +// policy or an IAM identity-based policy. Then, you make the CreateSession +// API call on the bucket to obtain a session token. With the session token +// in your request header, you can make API requests to this operation. After +// the session token expires, you make another CreateSession API call to +// generate a new session token for use. Amazon Web Services CLI or SDKs +// create session and refresh the session token automatically to avoid service +// interruptions when a session expires. For more information about authorization, +// see CreateSession (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html). +// +// # HTTP Host header syntax +// +// Directory buckets - The HTTP Host header syntax is Bucket_name.s3express-az_id.region.amazonaws.com. // // The following operations are related to ListParts: // -// * CreateMultipartUpload (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateMultipartUpload.html) +// - CreateMultipartUpload (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateMultipartUpload.html) +// +// - UploadPart (https://docs.aws.amazon.com/AmazonS3/latest/API/API_UploadPart.html) // -// * UploadPart (https://docs.aws.amazon.com/AmazonS3/latest/API/API_UploadPart.html) +// - CompleteMultipartUpload (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CompleteMultipartUpload.html) // -// * CompleteMultipartUpload (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CompleteMultipartUpload.html) +// - AbortMultipartUpload (https://docs.aws.amazon.com/AmazonS3/latest/API/API_AbortMultipartUpload.html) // -// * AbortMultipartUpload (https://docs.aws.amazon.com/AmazonS3/latest/API/API_AbortMultipartUpload.html) +// - GetObjectAttributes (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObjectAttributes.html) // -// * ListMultipartUploads (https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListMultipartUploads.html) +// - ListMultipartUploads (https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListMultipartUploads.html) // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -6708,15 +7812,14 @@ func (c *S3) ListPartsWithContext(ctx aws.Context, input *ListPartsInput, opts . // // Note: This operation can generate multiple requests to a service. // -// // Example iterating over at most 3 pages of a ListParts operation. -// pageNum := 0 -// err := client.ListPartsPages(params, -// func(page *s3.ListPartsOutput, lastPage bool) bool { -// pageNum++ -// fmt.Println(page) -// return pageNum <= 3 -// }) -// +// // Example iterating over at most 3 pages of a ListParts operation. +// pageNum := 0 +// err := client.ListPartsPages(params, +// func(page *s3.ListPartsOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) func (c *S3) ListPartsPages(input *ListPartsInput, fn func(*ListPartsOutput, bool) bool) error { return c.ListPartsPagesWithContext(aws.BackgroundContext(), input, fn) } @@ -6768,14 +7871,13 @@ const opPutBucketAccelerateConfiguration = "PutBucketAccelerateConfiguration" // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // +// // Example sending a request using the PutBucketAccelerateConfigurationRequest method. +// req, resp := client.PutBucketAccelerateConfigurationRequest(params) // -// // Example sending a request using the PutBucketAccelerateConfigurationRequest method. -// req, resp := client.PutBucketAccelerateConfigurationRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } // // See also, https://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/PutBucketAccelerateConfiguration func (c *S3) PutBucketAccelerateConfigurationRequest(input *PutBucketAccelerateConfigurationInput) (req *request.Request, output *PutBucketAccelerateConfigurationOutput) { @@ -6797,6 +7899,8 @@ func (c *S3) PutBucketAccelerateConfigurationRequest(input *PutBucketAccelerateC // PutBucketAccelerateConfiguration API operation for Amazon Simple Storage Service. // +// This operation is not supported by directory buckets. +// // Sets the accelerate configuration of an existing bucket. Amazon S3 Transfer // Acceleration is a bucket-level feature that enables you to perform faster // data transfers to Amazon S3. @@ -6804,18 +7908,18 @@ func (c *S3) PutBucketAccelerateConfigurationRequest(input *PutBucketAccelerateC // To use this operation, you must have permission to perform the s3:PutAccelerateConfiguration // action. The bucket owner has this permission by default. The bucket owner // can grant this permission to others. For more information about permissions, -// see Permissions Related to Bucket Subresource Operations (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources) -// and Managing Access Permissions to Your Amazon S3 Resources (https://docs.aws.amazon.com/AmazonS3/latest/dev/s3-access-control.html). +// see Permissions Related to Bucket Subresource Operations (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources) +// and Managing Access Permissions to Your Amazon S3 Resources (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-access-control.html). // // The Transfer Acceleration state of a bucket can be set to one of the following // two values: // -// * Enabled – Enables accelerated data transfers to the bucket. +// - Enabled – Enables accelerated data transfers to the bucket. // -// * Suspended – Disables accelerated data transfers to the bucket. +// - Suspended – Disables accelerated data transfers to the bucket. // // The GetBucketAccelerateConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketAccelerateConfiguration.html) -// operation returns the transfer acceleration state of a bucket. +// action returns the transfer acceleration state of a bucket. // // After setting the Transfer Acceleration state of a bucket to Enabled, it // might take up to thirty minutes before the data transfer rates to the bucket @@ -6829,9 +7933,9 @@ func (c *S3) PutBucketAccelerateConfigurationRequest(input *PutBucketAccelerateC // // The following operations are related to PutBucketAccelerateConfiguration: // -// * GetBucketAccelerateConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketAccelerateConfiguration.html) +// - GetBucketAccelerateConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketAccelerateConfiguration.html) // -// * CreateBucket (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateBucket.html) +// - CreateBucket (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateBucket.html) // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -6877,14 +7981,13 @@ const opPutBucketAcl = "PutBucketAcl" // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // +// // Example sending a request using the PutBucketAclRequest method. +// req, resp := client.PutBucketAclRequest(params) // -// // Example sending a request using the PutBucketAclRequest method. -// req, resp := client.PutBucketAclRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } // // See also, https://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/PutBucketAcl func (c *S3) PutBucketAclRequest(input *PutBucketAclInput) (req *request.Request, output *PutBucketAclOutput) { @@ -6910,15 +8013,17 @@ func (c *S3) PutBucketAclRequest(input *PutBucketAclInput) (req *request.Request // PutBucketAcl API operation for Amazon Simple Storage Service. // +// This operation is not supported by directory buckets. +// // Sets the permissions on an existing bucket using access control lists (ACL). // For more information, see Using ACLs (https://docs.aws.amazon.com/AmazonS3/latest/dev/S3_ACLs_UsingACLs.html). -// To set the ACL of a bucket, you must have WRITE_ACP permission. +// To set the ACL of a bucket, you must have the WRITE_ACP permission. // // You can use one of the following two ways to set a bucket's permissions: // -// * Specify the ACL in the request body +// - Specify the ACL in the request body // -// * Specify permissions using request headers +// - Specify permissions using request headers // // You cannot specify access permission using both the body and the request // headers. @@ -6928,74 +8033,83 @@ func (c *S3) PutBucketAclRequest(input *PutBucketAclInput) (req *request.Request // existing application that updates a bucket ACL using the request body, then // you can continue to use that approach. // -// Access Permissions -// -// You can set access permissions using one of the following methods: -// -// * Specify a canned ACL with the x-amz-acl request header. Amazon S3 supports -// a set of predefined ACLs, known as canned ACLs. Each canned ACL has a -// predefined set of grantees and permissions. Specify the canned ACL name -// as the value of x-amz-acl. If you use this header, you cannot use other -// access control-specific headers in your request. For more information, -// see Canned ACL (https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#CannedACL). -// -// * Specify access permissions explicitly with the x-amz-grant-read, x-amz-grant-read-acp, -// x-amz-grant-write-acp, and x-amz-grant-full-control headers. When using -// these headers, you specify explicit access permissions and grantees (AWS -// accounts or Amazon S3 groups) who will receive the permission. If you -// use these ACL-specific headers, you cannot use the x-amz-acl header to -// set a canned ACL. These parameters map to the set of permissions that -// Amazon S3 supports in an ACL. For more information, see Access Control -// List (ACL) Overview (https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html). -// You specify each grantee as a type=value pair, where the type is one of -// the following: id – if the value specified is the canonical user ID -// of an AWS account uri – if you are granting permissions to a predefined -// group emailAddress – if the value specified is the email address of -// an AWS account Using email addresses to specify a grantee is only supported -// in the following AWS Regions: US East (N. Virginia) US West (N. California) -// US West (Oregon) Asia Pacific (Singapore) Asia Pacific (Sydney) Asia Pacific -// (Tokyo) Europe (Ireland) South America (São Paulo) For a list of all -// the Amazon S3 supported Regions and endpoints, see Regions and Endpoints -// (https://docs.aws.amazon.com/general/latest/gr/rande.html#s3_region) in -// the AWS General Reference. For example, the following x-amz-grant-write -// header grants create, overwrite, and delete objects permission to LogDelivery -// group predefined by Amazon S3 and two AWS accounts identified by their -// email addresses. x-amz-grant-write: uri="http://acs.amazonaws.com/groups/s3/LogDelivery", -// id="111122223333", id="555566667777" +// If your bucket uses the bucket owner enforced setting for S3 Object Ownership, +// ACLs are disabled and no longer affect permissions. You must use policies +// to grant access to your bucket and the objects in it. Requests to set ACLs +// or update ACLs fail and return the AccessControlListNotSupported error code. +// Requests to read ACLs are still supported. For more information, see Controlling +// object ownership (https://docs.aws.amazon.com/AmazonS3/latest/userguide/about-object-ownership.html) +// in the Amazon S3 User Guide. +// +// # Permissions +// +// You can set access permissions by using one of the following methods: +// +// - Specify a canned ACL with the x-amz-acl request header. Amazon S3 supports +// a set of predefined ACLs, known as canned ACLs. Each canned ACL has a +// predefined set of grantees and permissions. Specify the canned ACL name +// as the value of x-amz-acl. If you use this header, you cannot use other +// access control-specific headers in your request. For more information, +// see Canned ACL (https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#CannedACL). +// +// - Specify access permissions explicitly with the x-amz-grant-read, x-amz-grant-read-acp, +// x-amz-grant-write-acp, and x-amz-grant-full-control headers. When using +// these headers, you specify explicit access permissions and grantees (Amazon +// Web Services accounts or Amazon S3 groups) who will receive the permission. +// If you use these ACL-specific headers, you cannot use the x-amz-acl header +// to set a canned ACL. These parameters map to the set of permissions that +// Amazon S3 supports in an ACL. For more information, see Access Control +// List (ACL) Overview (https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html). +// You specify each grantee as a type=value pair, where the type is one of +// the following: id – if the value specified is the canonical user ID +// of an Amazon Web Services account uri – if you are granting permissions +// to a predefined group emailAddress – if the value specified is the email +// address of an Amazon Web Services account Using email addresses to specify +// a grantee is only supported in the following Amazon Web Services Regions: +// US East (N. Virginia) US West (N. California) US West (Oregon) Asia Pacific +// (Singapore) Asia Pacific (Sydney) Asia Pacific (Tokyo) Europe (Ireland) +// South America (São Paulo) For a list of all the Amazon S3 supported Regions +// and endpoints, see Regions and Endpoints (https://docs.aws.amazon.com/general/latest/gr/rande.html#s3_region) +// in the Amazon Web Services General Reference. For example, the following +// x-amz-grant-write header grants create, overwrite, and delete objects +// permission to LogDelivery group predefined by Amazon S3 and two Amazon +// Web Services accounts identified by their email addresses. x-amz-grant-write: +// uri="http://acs.amazonaws.com/groups/s3/LogDelivery", id="111122223333", +// id="555566667777" // // You can use either a canned ACL or specify access permissions explicitly. // You cannot do both. // -// Grantee Values +// # Grantee Values // // You can specify the person (grantee) to whom you're assigning access rights // (using request elements) in the following ways: // -// * By the person's ID: <>ID<><>GranteesEmail<> -// DisplayName is optional and ignored in the request +// - By the person's ID: <>ID<><>GranteesEmail<> +// DisplayName is optional and ignored in the request // -// * By URI: <>http://acs.amazonaws.com/groups/global/AuthenticatedUsers<> +// - By URI: <>http://acs.amazonaws.com/groups/global/AuthenticatedUsers<> // -// * By Email address: <>Grantees@email.com<>lt;/Grantee> -// The grantee is resolved to the CanonicalUser and, in a response to a GET -// Object acl request, appears as the CanonicalUser. Using email addresses -// to specify a grantee is only supported in the following AWS Regions: US -// East (N. Virginia) US West (N. California) US West (Oregon) Asia Pacific -// (Singapore) Asia Pacific (Sydney) Asia Pacific (Tokyo) Europe (Ireland) -// South America (São Paulo) For a list of all the Amazon S3 supported Regions -// and endpoints, see Regions and Endpoints (https://docs.aws.amazon.com/general/latest/gr/rande.html#s3_region) -// in the AWS General Reference. +// - By Email address: <>Grantees@email.com<>& +// The grantee is resolved to the CanonicalUser and, in a response to a GET +// Object acl request, appears as the CanonicalUser. Using email addresses +// to specify a grantee is only supported in the following Amazon Web Services +// Regions: US East (N. Virginia) US West (N. California) US West (Oregon) +// Asia Pacific (Singapore) Asia Pacific (Sydney) Asia Pacific (Tokyo) Europe +// (Ireland) South America (São Paulo) For a list of all the Amazon S3 supported +// Regions and endpoints, see Regions and Endpoints (https://docs.aws.amazon.com/general/latest/gr/rande.html#s3_region) +// in the Amazon Web Services General Reference. // -// Related Resources +// The following operations are related to PutBucketAcl: // -// * CreateBucket (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateBucket.html) +// - CreateBucket (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateBucket.html) // -// * DeleteBucket (https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucket.html) +// - DeleteBucket (https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucket.html) // -// * GetObjectAcl (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObjectAcl.html) +// - GetObjectAcl (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObjectAcl.html) // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -7041,14 +8155,13 @@ const opPutBucketAnalyticsConfiguration = "PutBucketAnalyticsConfiguration" // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // +// // Example sending a request using the PutBucketAnalyticsConfigurationRequest method. +// req, resp := client.PutBucketAnalyticsConfigurationRequest(params) // -// // Example sending a request using the PutBucketAnalyticsConfigurationRequest method. -// req, resp := client.PutBucketAnalyticsConfigurationRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } // // See also, https://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/PutBucketAnalyticsConfiguration func (c *S3) PutBucketAnalyticsConfigurationRequest(input *PutBucketAnalyticsConfigurationInput) (req *request.Request, output *PutBucketAnalyticsConfigurationOutput) { @@ -7070,6 +8183,8 @@ func (c *S3) PutBucketAnalyticsConfigurationRequest(input *PutBucketAnalyticsCon // PutBucketAnalyticsConfiguration API operation for Amazon Simple Storage Service. // +// This operation is not supported by directory buckets. +// // Sets an analytics configuration for the bucket (specified by the analytics // configuration ID). You can have up to 1,000 analytics configurations per // bucket. @@ -7092,29 +8207,29 @@ func (c *S3) PutBucketAnalyticsConfigurationRequest(input *PutBucketAnalyticsCon // To use this operation, you must have permissions to perform the s3:PutAnalyticsConfiguration // action. The bucket owner has this permission by default. The bucket owner // can grant this permission to others. For more information about permissions, -// see Permissions Related to Bucket Subresource Operations (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources) -// and Managing Access Permissions to Your Amazon S3 Resources (https://docs.aws.amazon.com/AmazonS3/latest/dev/s3-access-control.html). +// see Permissions Related to Bucket Subresource Operations (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources) +// and Managing Access Permissions to Your Amazon S3 Resources (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-access-control.html). // -// Special Errors +// PutBucketAnalyticsConfiguration has the following special errors: // -// * HTTP Error: HTTP 400 Bad Request Code: InvalidArgument Cause: Invalid -// argument. +// - HTTP Error: HTTP 400 Bad Request Code: InvalidArgument Cause: Invalid +// argument. // -// * HTTP Error: HTTP 400 Bad Request Code: TooManyConfigurations Cause: -// You are attempting to create a new configuration but have already reached -// the 1,000-configuration limit. +// - HTTP Error: HTTP 400 Bad Request Code: TooManyConfigurations Cause: +// You are attempting to create a new configuration but have already reached +// the 1,000-configuration limit. // -// * HTTP Error: HTTP 403 Forbidden Code: AccessDenied Cause: You are not -// the owner of the specified bucket, or you do not have the s3:PutAnalyticsConfiguration -// bucket permission to set the configuration on the bucket. +// - HTTP Error: HTTP 403 Forbidden Code: AccessDenied Cause: You are not +// the owner of the specified bucket, or you do not have the s3:PutAnalyticsConfiguration +// bucket permission to set the configuration on the bucket. // -// Related Resources +// The following operations are related to PutBucketAnalyticsConfiguration: // -// * GetBucketAnalyticsConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketAnalyticsConfiguration.html) +// - GetBucketAnalyticsConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketAnalyticsConfiguration.html) // -// * DeleteBucketAnalyticsConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketAnalyticsConfiguration.html) +// - DeleteBucketAnalyticsConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketAnalyticsConfiguration.html) // -// * ListBucketAnalyticsConfigurations (https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListBucketAnalyticsConfigurations.html) +// - ListBucketAnalyticsConfigurations (https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListBucketAnalyticsConfigurations.html) // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -7160,14 +8275,13 @@ const opPutBucketCors = "PutBucketCors" // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // +// // Example sending a request using the PutBucketCorsRequest method. +// req, resp := client.PutBucketCorsRequest(params) // -// // Example sending a request using the PutBucketCorsRequest method. -// req, resp := client.PutBucketCorsRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } // // See also, https://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/PutBucketCors func (c *S3) PutBucketCorsRequest(input *PutBucketCorsInput) (req *request.Request, output *PutBucketCorsOutput) { @@ -7193,6 +8307,8 @@ func (c *S3) PutBucketCorsRequest(input *PutBucketCorsInput) (req *request.Reque // PutBucketCors API operation for Amazon Simple Storage Service. // +// This operation is not supported by directory buckets. +// // Sets the cors configuration for your bucket. If the configuration exists, // Amazon S3 replaces it. // @@ -7216,26 +8332,26 @@ func (c *S3) PutBucketCorsRequest(input *PutBucketCorsInput) (req *request.Reque // a cross-origin request. For a rule to match, the following conditions must // be met: // -// * The request's Origin header must match AllowedOrigin elements. +// - The request's Origin header must match AllowedOrigin elements. // -// * The request method (for example, GET, PUT, HEAD, and so on) or the Access-Control-Request-Method -// header in case of a pre-flight OPTIONS request must be one of the AllowedMethod -// elements. +// - The request method (for example, GET, PUT, HEAD, and so on) or the Access-Control-Request-Method +// header in case of a pre-flight OPTIONS request must be one of the AllowedMethod +// elements. // -// * Every header specified in the Access-Control-Request-Headers request -// header of a pre-flight request must match an AllowedHeader element. +// - Every header specified in the Access-Control-Request-Headers request +// header of a pre-flight request must match an AllowedHeader element. // // For more information about CORS, go to Enabling Cross-Origin Resource Sharing // (https://docs.aws.amazon.com/AmazonS3/latest/dev/cors.html) in the Amazon -// Simple Storage Service Developer Guide. +// S3 User Guide. // -// Related Resources +// The following operations are related to PutBucketCors: // -// * GetBucketCors (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketCors.html) +// - GetBucketCors (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketCors.html) // -// * DeleteBucketCors (https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketCors.html) +// - DeleteBucketCors (https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketCors.html) // -// * RESTOPTIONSobject (https://docs.aws.amazon.com/AmazonS3/latest/API/RESTOPTIONSobject.html) +// - RESTOPTIONSobject (https://docs.aws.amazon.com/AmazonS3/latest/API/RESTOPTIONSobject.html) // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -7281,14 +8397,13 @@ const opPutBucketEncryption = "PutBucketEncryption" // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // +// // Example sending a request using the PutBucketEncryptionRequest method. +// req, resp := client.PutBucketEncryptionRequest(params) // -// // Example sending a request using the PutBucketEncryptionRequest method. -// req, resp := client.PutBucketEncryptionRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } // // See also, https://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/PutBucketEncryption func (c *S3) PutBucketEncryptionRequest(input *PutBucketEncryptionInput) (req *request.Request, output *PutBucketEncryptionOutput) { @@ -7314,33 +8429,37 @@ func (c *S3) PutBucketEncryptionRequest(input *PutBucketEncryptionInput) (req *r // PutBucketEncryption API operation for Amazon Simple Storage Service. // -// This operation uses the encryption subresource to configure default encryption -// and Amazon S3 Bucket Key for an existing bucket. +// This operation is not supported by directory buckets. // -// Default encryption for a bucket can use server-side encryption with Amazon -// S3-managed keys (SSE-S3) or AWS KMS customer master keys (SSE-KMS). If you -// specify default encryption using SSE-KMS, you can also configure Amazon S3 -// Bucket Key. For information about default encryption, see Amazon S3 default -// bucket encryption (https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-encryption.html) -// in the Amazon Simple Storage Service Developer Guide. For more information -// about S3 Bucket Keys, see Amazon S3 Bucket Keys (https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-key.html) -// in the Amazon Simple Storage Service Developer Guide. +// This action uses the encryption subresource to configure default encryption +// and Amazon S3 Bucket Keys for an existing bucket. // -// This operation requires AWS Signature Version 4. For more information, see -// Authenticating Requests (AWS Signature Version 4) (sig-v4-authenticating-requests.html). +// By default, all buckets have a default encryption configuration that uses +// server-side encryption with Amazon S3 managed keys (SSE-S3). You can optionally +// configure default encryption for a bucket by using server-side encryption +// with Key Management Service (KMS) keys (SSE-KMS) or dual-layer server-side +// encryption with Amazon Web Services KMS keys (DSSE-KMS). If you specify default +// encryption by using SSE-KMS, you can also configure Amazon S3 Bucket Keys +// (https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-key.html). If you +// use PutBucketEncryption to set your default bucket encryption (https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-encryption.html) +// to SSE-KMS, you should verify that your KMS key ID is correct. Amazon S3 +// does not validate the KMS key ID provided in PutBucketEncryption requests. // -// To use this operation, you must have permissions to perform the s3:PutEncryptionConfiguration +// This action requires Amazon Web Services Signature Version 4. For more information, +// see Authenticating Requests (Amazon Web Services Signature Version 4) (https://docs.aws.amazon.com/AmazonS3/latest/API/sig-v4-authenticating-requests.html). +// +// To use this operation, you must have permission to perform the s3:PutEncryptionConfiguration // action. The bucket owner has this permission by default. The bucket owner // can grant this permission to others. For more information about permissions, -// see Permissions Related to Bucket Subresource Operations (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources) -// and Managing Access Permissions to Your Amazon S3 Resources (https://docs.aws.amazon.com/AmazonS3/latest/dev/s3-access-control.html) -// in the Amazon Simple Storage Service Developer Guide. +// see Permissions Related to Bucket Subresource Operations (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources) +// and Managing Access Permissions to Your Amazon S3 Resources (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-access-control.html) +// in the Amazon S3 User Guide. // -// Related Resources +// The following operations are related to PutBucketEncryption: // -// * GetBucketEncryption (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketEncryption.html) +// - GetBucketEncryption (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketEncryption.html) // -// * DeleteBucketEncryption (https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketEncryption.html) +// - DeleteBucketEncryption (https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketEncryption.html) // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -7386,14 +8505,13 @@ const opPutBucketIntelligentTieringConfiguration = "PutBucketIntelligentTieringC // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // +// // Example sending a request using the PutBucketIntelligentTieringConfigurationRequest method. +// req, resp := client.PutBucketIntelligentTieringConfigurationRequest(params) // -// // Example sending a request using the PutBucketIntelligentTieringConfigurationRequest method. -// req, resp := client.PutBucketIntelligentTieringConfigurationRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } // // See also, https://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/PutBucketIntelligentTieringConfiguration func (c *S3) PutBucketIntelligentTieringConfigurationRequest(input *PutBucketIntelligentTieringConfigurationInput) (req *request.Request, output *PutBucketIntelligentTieringConfigurationOutput) { @@ -7415,32 +8533,60 @@ func (c *S3) PutBucketIntelligentTieringConfigurationRequest(input *PutBucketInt // PutBucketIntelligentTieringConfiguration API operation for Amazon Simple Storage Service. // -// Puts a S3 Intelligent-Tiering configuration to the specified bucket. +// This operation is not supported by directory buckets. +// +// Puts a S3 Intelligent-Tiering configuration to the specified bucket. You +// can have up to 1,000 S3 Intelligent-Tiering configurations per bucket. // // The S3 Intelligent-Tiering storage class is designed to optimize storage // costs by automatically moving data to the most cost-effective storage access -// tier, without additional operational overhead. S3 Intelligent-Tiering delivers -// automatic cost savings by moving data between access tiers, when access patterns -// change. -// -// The S3 Intelligent-Tiering storage class is suitable for objects larger than -// 128 KB that you plan to store for at least 30 days. If the size of an object -// is less than 128 KB, it is not eligible for auto-tiering. Smaller objects -// can be stored, but they are always charged at the frequent access tier rates +// tier, without performance impact or operational overhead. S3 Intelligent-Tiering +// delivers automatic cost savings in three low latency and high throughput +// access tiers. To get the lowest storage cost on data that can be accessed +// in minutes to hours, you can choose to activate additional archiving capabilities. +// +// The S3 Intelligent-Tiering storage class is the ideal storage class for data +// with unknown, changing, or unpredictable access patterns, independent of +// object size or retention period. If the size of an object is less than 128 +// KB, it is not monitored and not eligible for auto-tiering. Smaller objects +// can be stored, but they are always charged at the Frequent Access tier rates // in the S3 Intelligent-Tiering storage class. // -// If you delete an object before the end of the 30-day minimum storage duration -// period, you are charged for 30 days. For more information, see Storage class -// for automatically optimizing frequently and infrequently accessed objects -// (https://docs.aws.amazon.com/AmazonS3/latest/dev/storage-class-intro.html#sc-dynamic-data-access). +// For more information, see Storage class for automatically optimizing frequently +// and infrequently accessed objects (https://docs.aws.amazon.com/AmazonS3/latest/dev/storage-class-intro.html#sc-dynamic-data-access). // // Operations related to PutBucketIntelligentTieringConfiguration include: // -// * DeleteBucketIntelligentTieringConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketIntelligentTieringConfiguration.html) +// - DeleteBucketIntelligentTieringConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketIntelligentTieringConfiguration.html) +// +// - GetBucketIntelligentTieringConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketIntelligentTieringConfiguration.html) +// +// - ListBucketIntelligentTieringConfigurations (https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListBucketIntelligentTieringConfigurations.html) +// +// You only need S3 Intelligent-Tiering enabled on a bucket if you want to automatically +// move objects stored in the S3 Intelligent-Tiering storage class to the Archive +// Access or Deep Archive Access tier. // -// * GetBucketIntelligentTieringConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketIntelligentTieringConfiguration.html) +// PutBucketIntelligentTieringConfiguration has the following special errors: // -// * ListBucketIntelligentTieringConfigurations (https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListBucketIntelligentTieringConfigurations.html) +// # HTTP 400 Bad Request Error +// +// Code: InvalidArgument +// +// Cause: Invalid Argument +// +// # HTTP 400 Bad Request Error +// +// Code: TooManyConfigurations +// +// Cause: You are attempting to create a new configuration but have already +// reached the 1,000-configuration limit. +// +// # HTTP 403 Forbidden Error +// +// Cause: You are not the owner of the specified bucket, or you do not have +// the s3:PutIntelligentTieringConfiguration bucket permission to set the configuration +// on the bucket. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -7486,14 +8632,13 @@ const opPutBucketInventoryConfiguration = "PutBucketInventoryConfiguration" // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // +// // Example sending a request using the PutBucketInventoryConfigurationRequest method. +// req, resp := client.PutBucketInventoryConfigurationRequest(params) // -// // Example sending a request using the PutBucketInventoryConfigurationRequest method. -// req, resp := client.PutBucketInventoryConfigurationRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } // // See also, https://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/PutBucketInventoryConfiguration func (c *S3) PutBucketInventoryConfigurationRequest(input *PutBucketInventoryConfigurationInput) (req *request.Request, output *PutBucketInventoryConfigurationOutput) { @@ -7515,54 +8660,80 @@ func (c *S3) PutBucketInventoryConfigurationRequest(input *PutBucketInventoryCon // PutBucketInventoryConfiguration API operation for Amazon Simple Storage Service. // -// This implementation of the PUT operation adds an inventory configuration -// (identified by the inventory ID) to the bucket. You can have up to 1,000 -// inventory configurations per bucket. +// This operation is not supported by directory buckets. +// +// This implementation of the PUT action adds an inventory configuration (identified +// by the inventory ID) to the bucket. You can have up to 1,000 inventory configurations +// per bucket. // // Amazon S3 inventory generates inventories of the objects in the bucket on // a daily or weekly basis, and the results are published to a flat file. The // bucket that is inventoried is called the source bucket, and the bucket where // the inventory flat file is stored is called the destination bucket. The destination -// bucket must be in the same AWS Region as the source bucket. +// bucket must be in the same Amazon Web Services Region as the source bucket. // // When you configure an inventory for a source bucket, you specify the destination // bucket where you want the inventory to be stored, and whether to generate // the inventory daily or weekly. You can also configure what object metadata // to include and whether to inventory all object versions or only current versions. // For more information, see Amazon S3 Inventory (https://docs.aws.amazon.com/AmazonS3/latest/dev/storage-inventory.html) -// in the Amazon Simple Storage Service Developer Guide. +// in the Amazon S3 User Guide. // // You must create a bucket policy on the destination bucket to grant permissions // to Amazon S3 to write objects to the bucket in the defined location. For // an example policy, see Granting Permissions for Amazon S3 Inventory and Storage // Class Analysis (https://docs.aws.amazon.com/AmazonS3/latest/dev/example-bucket-policies.html#example-bucket-policies-use-case-9). // -// To use this operation, you must have permissions to perform the s3:PutInventoryConfiguration +// # Permissions +// +// To use this operation, you must have permission to perform the s3:PutInventoryConfiguration // action. The bucket owner has this permission by default and can grant this -// permission to others. For more information about permissions, see Permissions -// Related to Bucket Subresource Operations (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources) -// and Managing Access Permissions to Your Amazon S3 Resources (https://docs.aws.amazon.com/AmazonS3/latest/dev/s3-access-control.html) -// in the Amazon Simple Storage Service Developer Guide. +// permission to others. // -// Special Errors +// The s3:PutInventoryConfiguration permission allows a user to create an S3 +// Inventory (https://docs.aws.amazon.com/AmazonS3/latest/userguide/storage-inventory.html) +// report that includes all object metadata fields available and to specify +// the destination bucket to store the inventory. A user with read access to +// objects in the destination bucket can also access all object metadata fields +// that are available in the inventory report. // -// * HTTP 400 Bad Request Error Code: InvalidArgument Cause: Invalid Argument +// To restrict access to an inventory report, see Restricting access to an Amazon +// S3 Inventory report (https://docs.aws.amazon.com/AmazonS3/latest/userguide/example-bucket-policies.html#example-bucket-policies-use-case-10) +// in the Amazon S3 User Guide. For more information about the metadata fields +// available in S3 Inventory, see Amazon S3 Inventory lists (https://docs.aws.amazon.com/AmazonS3/latest/userguide/storage-inventory.html#storage-inventory-contents) +// in the Amazon S3 User Guide. For more information about permissions, see +// Permissions related to bucket subresource operations (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources) +// and Identity and access management in Amazon S3 (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-access-control.html) +// in the Amazon S3 User Guide. // -// * HTTP 400 Bad Request Error Code: TooManyConfigurations Cause: You are -// attempting to create a new configuration but have already reached the -// 1,000-configuration limit. +// PutBucketInventoryConfiguration has the following special errors: // -// * HTTP 403 Forbidden Error Code: AccessDenied Cause: You are not the owner -// of the specified bucket, or you do not have the s3:PutInventoryConfiguration -// bucket permission to set the configuration on the bucket. +// # HTTP 400 Bad Request Error // -// Related Resources +// Code: InvalidArgument +// +// Cause: Invalid Argument +// +// # HTTP 400 Bad Request Error +// +// Code: TooManyConfigurations // -// * GetBucketInventoryConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketInventoryConfiguration.html) +// Cause: You are attempting to create a new configuration but have already +// reached the 1,000-configuration limit. // -// * DeleteBucketInventoryConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketInventoryConfiguration.html) +// # HTTP 403 Forbidden Error // -// * ListBucketInventoryConfigurations (https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListBucketInventoryConfigurations.html) +// Cause: You are not the owner of the specified bucket, or you do not have +// the s3:PutInventoryConfiguration bucket permission to set the configuration +// on the bucket. +// +// The following operations are related to PutBucketInventoryConfiguration: +// +// - GetBucketInventoryConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketInventoryConfiguration.html) +// +// - DeleteBucketInventoryConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketInventoryConfiguration.html) +// +// - ListBucketInventoryConfigurations (https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListBucketInventoryConfigurations.html) // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -7608,14 +8779,13 @@ const opPutBucketLifecycle = "PutBucketLifecycle" // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // +// // Example sending a request using the PutBucketLifecycleRequest method. +// req, resp := client.PutBucketLifecycleRequest(params) // -// // Example sending a request using the PutBucketLifecycleRequest method. -// req, resp := client.PutBucketLifecycleRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } // // See also, https://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/PutBucketLifecycle // @@ -7646,6 +8816,7 @@ func (c *S3) PutBucketLifecycleRequest(input *PutBucketLifecycleInput) (req *req // PutBucketLifecycle API operation for Amazon Simple Storage Service. // +// This operation is not supported by directory buckets. // // For an updated version of this API, see PutBucketLifecycleConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketLifecycleConfiguration.html). // This version has been deprecated. Existing lifecycle configurations will @@ -7654,47 +8825,47 @@ func (c *S3) PutBucketLifecycleRequest(input *PutBucketLifecycleInput) (req *req // Creates a new lifecycle configuration for the bucket or replaces an existing // lifecycle configuration. For information about lifecycle configuration, see // Object Lifecycle Management (https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lifecycle-mgmt.html) -// in the Amazon Simple Storage Service Developer Guide. +// in the Amazon S3 User Guide. // // By default, all Amazon S3 resources, including buckets, objects, and related // subresources (for example, lifecycle configuration and website configuration) -// are private. Only the resource owner, the AWS account that created the resource, -// can access it. The resource owner can optionally grant access permissions -// to others by writing an access policy. For this operation, users must get -// the s3:PutLifecycleConfiguration permission. +// are private. Only the resource owner, the Amazon Web Services account that +// created the resource, can access it. The resource owner can optionally grant +// access permissions to others by writing an access policy. For this operation, +// users must get the s3:PutLifecycleConfiguration permission. // // You can also explicitly deny permissions. Explicit denial also supersedes // any other permissions. If you want to prevent users or accounts from removing // or deleting objects from your bucket, you must deny them permissions for // the following actions: // -// * s3:DeleteObject +// - s3:DeleteObject // -// * s3:DeleteObjectVersion +// - s3:DeleteObjectVersion // -// * s3:PutLifecycleConfiguration +// - s3:PutLifecycleConfiguration // // For more information about permissions, see Managing Access Permissions to -// your Amazon S3 Resources (https://docs.aws.amazon.com/AmazonS3/latest/dev/s3-access-control.html) -// in the Amazon Simple Storage Service Developer Guide. +// your Amazon S3 Resources (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-access-control.html) +// in the Amazon S3 User Guide. // // For more examples of transitioning objects to storage classes such as STANDARD_IA // or ONEZONE_IA, see Examples of Lifecycle Configuration (https://docs.aws.amazon.com/AmazonS3/latest/dev/intro-lifecycle-rules.html#lifecycle-configuration-examples). // -// Related Resources +// The following operations are related to PutBucketLifecycle: // -// * GetBucketLifecycle (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketLifecycle.html)(Deprecated) +// - GetBucketLifecycle (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketLifecycle.html)(Deprecated) // -// * GetBucketLifecycleConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketLifecycleConfiguration.html) +// - GetBucketLifecycleConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketLifecycleConfiguration.html) // -// * RestoreObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_RestoreObject.html) +// - RestoreObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_RestoreObject.html) // -// * By default, a resource owner—in this case, a bucket owner, which is -// the AWS account that created the bucket—can perform any of the operations. -// A resource owner can also grant others permission to perform the operation. -// For more information, see the following topics in the Amazon Simple Storage -// Service Developer Guide: Specifying Permissions in a Policy (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-with-s3-actions.html) -// Managing Access Permissions to your Amazon S3 Resources (https://docs.aws.amazon.com/AmazonS3/latest/dev/s3-access-control.html) +// - By default, a resource owner—in this case, a bucket owner, which is +// the Amazon Web Services account that created the bucket—can perform +// any of the operations. A resource owner can also grant others permission +// to perform the operation. For more information, see the following topics +// in the Amazon S3 User Guide: Specifying Permissions in a Policy (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-with-s3-actions.html) +// Managing Access Permissions to your Amazon S3 Resources (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-access-control.html) // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -7744,14 +8915,13 @@ const opPutBucketLifecycleConfiguration = "PutBucketLifecycleConfiguration" // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // +// // Example sending a request using the PutBucketLifecycleConfigurationRequest method. +// req, resp := client.PutBucketLifecycleConfigurationRequest(params) // -// // Example sending a request using the PutBucketLifecycleConfigurationRequest method. -// req, resp := client.PutBucketLifecycleConfigurationRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } // // See also, https://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/PutBucketLifecycleConfiguration func (c *S3) PutBucketLifecycleConfigurationRequest(input *PutBucketLifecycleConfigurationInput) (req *request.Request, output *PutBucketLifecycleConfigurationOutput) { @@ -7777,69 +8947,74 @@ func (c *S3) PutBucketLifecycleConfigurationRequest(input *PutBucketLifecycleCon // PutBucketLifecycleConfiguration API operation for Amazon Simple Storage Service. // +// This operation is not supported by directory buckets. +// // Creates a new lifecycle configuration for the bucket or replaces an existing -// lifecycle configuration. For information about lifecycle configuration, see -// Managing Access Permissions to Your Amazon S3 Resources (https://docs.aws.amazon.com/AmazonS3/latest/dev/s3-access-control.html). +// lifecycle configuration. Keep in mind that this will overwrite an existing +// lifecycle configuration, so if you want to retain any configuration details, +// they must be included in the new lifecycle configuration. For information +// about lifecycle configuration, see Managing your storage lifecycle (https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-lifecycle-mgmt.html). // // Bucket lifecycle configuration now supports specifying a lifecycle rule using -// an object key name prefix, one or more object tags, or a combination of both. -// Accordingly, this section describes the latest API. The previous version -// of the API supported filtering based only on an object key name prefix, which -// is supported for backward compatibility. For the related API description, +// an object key name prefix, one or more object tags, object size, or any combination +// of these. Accordingly, this section describes the latest API. The previous +// version of the API supported filtering based only on an object key name prefix, +// which is supported for backward compatibility. For the related API description, // see PutBucketLifecycle (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketLifecycle.html). // -// Rules +// # Rules // // You specify the lifecycle configuration in your request body. The lifecycle -// configuration is specified as XML consisting of one or more rules. Each rule -// consists of the following: +// configuration is specified as XML consisting of one or more rules. An Amazon +// S3 Lifecycle configuration can have up to 1,000 rules. This limit is not +// adjustable. Each rule consists of the following: // -// * Filter identifying a subset of objects to which the rule applies. The -// filter can be based on a key name prefix, object tags, or a combination -// of both. +// - A filter identifying a subset of objects to which the rule applies. +// The filter can be based on a key name prefix, object tags, object size, +// or any combination of these. // -// * Status whether the rule is in effect. +// - A status indicating whether the rule is in effect. // -// * One or more lifecycle transition and expiration actions that you want -// Amazon S3 to perform on the objects identified by the filter. If the state -// of your bucket is versioning-enabled or versioning-suspended, you can -// have many versions of the same object (one current version and zero or -// more noncurrent versions). Amazon S3 provides predefined actions that -// you can specify for current and noncurrent object versions. +// - One or more lifecycle transition and expiration actions that you want +// Amazon S3 to perform on the objects identified by the filter. If the state +// of your bucket is versioning-enabled or versioning-suspended, you can +// have many versions of the same object (one current version and zero or +// more noncurrent versions). Amazon S3 provides predefined actions that +// you can specify for current and noncurrent object versions. // // For more information, see Object Lifecycle Management (https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lifecycle-mgmt.html) // and Lifecycle Configuration Elements (https://docs.aws.amazon.com/AmazonS3/latest/dev/intro-lifecycle-rules.html). // -// Permissions +// # Permissions // // By default, all Amazon S3 resources are private, including buckets, objects, // and related subresources (for example, lifecycle configuration and website -// configuration). Only the resource owner (that is, the AWS account that created -// it) can access the resource. The resource owner can optionally grant access -// permissions to others by writing an access policy. For this operation, a -// user must get the s3:PutLifecycleConfiguration permission. +// configuration). Only the resource owner (that is, the Amazon Web Services +// account that created it) can access the resource. The resource owner can +// optionally grant access permissions to others by writing an access policy. +// For this operation, a user must get the s3:PutLifecycleConfiguration permission. // -// You can also explicitly deny permissions. Explicit deny also supersedes any -// other permissions. If you want to block users or accounts from removing or -// deleting objects from your bucket, you must deny them permissions for the -// following actions: +// You can also explicitly deny permissions. An explicit deny also supersedes +// any other permissions. If you want to block users or accounts from removing +// or deleting objects from your bucket, you must deny them permissions for +// the following actions: // -// * s3:DeleteObject +// - s3:DeleteObject // -// * s3:DeleteObjectVersion +// - s3:DeleteObjectVersion // -// * s3:PutLifecycleConfiguration +// - s3:PutLifecycleConfiguration // // For more information about permissions, see Managing Access Permissions to -// Your Amazon S3 Resources (https://docs.aws.amazon.com/AmazonS3/latest/dev/s3-access-control.html). +// Your Amazon S3 Resources (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-access-control.html). // -// The following are related to PutBucketLifecycleConfiguration: +// The following operations are related to PutBucketLifecycleConfiguration: // -// * Examples of Lifecycle Configuration (https://docs.aws.amazon.com/AmazonS3/latest/dev/lifecycle-configuration-examples.html) +// - Examples of Lifecycle Configuration (https://docs.aws.amazon.com/AmazonS3/latest/dev/lifecycle-configuration-examples.html) // -// * GetBucketLifecycleConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketLifecycleConfiguration.html) +// - GetBucketLifecycleConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketLifecycleConfiguration.html) // -// * DeleteBucketLifecycle (https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketLifecycle.html) +// - DeleteBucketLifecycle (https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketLifecycle.html) // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -7885,14 +9060,13 @@ const opPutBucketLogging = "PutBucketLogging" // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // +// // Example sending a request using the PutBucketLoggingRequest method. +// req, resp := client.PutBucketLoggingRequest(params) // -// // Example sending a request using the PutBucketLoggingRequest method. -// req, resp := client.PutBucketLoggingRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } // // See also, https://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/PutBucketLogging func (c *S3) PutBucketLoggingRequest(input *PutBucketLoggingInput) (req *request.Request, output *PutBucketLoggingOutput) { @@ -7918,31 +9092,39 @@ func (c *S3) PutBucketLoggingRequest(input *PutBucketLoggingInput) (req *request // PutBucketLogging API operation for Amazon Simple Storage Service. // +// This operation is not supported by directory buckets. +// // Set the logging parameters for a bucket and to specify permissions for who // can view and modify the logging parameters. All logs are saved to buckets -// in the same AWS Region as the source bucket. To set the logging status of -// a bucket, you must be the bucket owner. +// in the same Amazon Web Services Region as the source bucket. To set the logging +// status of a bucket, you must be the bucket owner. // // The bucket owner is automatically granted FULL_CONTROL to all logs. You use // the Grantee request element to grant access to other people. The Permissions // request element specifies the kind of access the grantee has to the logs. // -// Grantee Values +// If the target bucket for log delivery uses the bucket owner enforced setting +// for S3 Object Ownership, you can't use the Grantee request element to grant +// access to others. Permissions can only be granted using policies. For more +// information, see Permissions for server access log delivery (https://docs.aws.amazon.com/AmazonS3/latest/userguide/enable-server-access-logging.html#grant-log-delivery-permissions-general) +// in the Amazon S3 User Guide. +// +// # Grantee Values // // You can specify the person (grantee) to whom you're assigning access rights -// (using request elements) in the following ways: +// (by using request elements) in the following ways: // -// * By the person's ID: <>ID<><>GranteesEmail<> -// DisplayName is optional and ignored in the request. +// - By the person's ID: <>ID<><>GranteesEmail<> +// DisplayName is optional and ignored in the request. // -// * By Email address: <>Grantees@email.com<> -// The grantee is resolved to the CanonicalUser and, in a response to a GET -// Object acl request, appears as the CanonicalUser. +// - By Email address: <>Grantees@email.com<> +// The grantee is resolved to the CanonicalUser and, in a response to a GETObjectAcl +// request, appears as the CanonicalUser. // -// * By URI: <>http://acs.amazonaws.com/groups/global/AuthenticatedUsers<> +// - By URI: <>http://acs.amazonaws.com/groups/global/AuthenticatedUsers<> // // To enable logging, you use LoggingEnabled and its children request elements. // To disable logging, you use an empty BucketLoggingStatus request element: @@ -7950,7 +9132,8 @@ func (c *S3) PutBucketLoggingRequest(input *PutBucketLoggingInput) (req *request // // // For more information about server access logging, see Server Access Logging -// (https://docs.aws.amazon.com/AmazonS3/latest/dev/ServerLogs.html). +// (https://docs.aws.amazon.com/AmazonS3/latest/userguide/ServerLogs.html) in +// the Amazon S3 User Guide. // // For more information about creating a bucket, see CreateBucket (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateBucket.html). // For more information about returning the logging status of a bucket, see @@ -7958,13 +9141,13 @@ func (c *S3) PutBucketLoggingRequest(input *PutBucketLoggingInput) (req *request // // The following operations are related to PutBucketLogging: // -// * PutObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObject.html) +// - PutObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObject.html) // -// * DeleteBucket (https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucket.html) +// - DeleteBucket (https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucket.html) // -// * CreateBucket (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateBucket.html) +// - CreateBucket (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateBucket.html) // -// * GetBucketLogging (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketLogging.html) +// - GetBucketLogging (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketLogging.html) // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -8010,14 +9193,13 @@ const opPutBucketMetricsConfiguration = "PutBucketMetricsConfiguration" // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // +// // Example sending a request using the PutBucketMetricsConfigurationRequest method. +// req, resp := client.PutBucketMetricsConfigurationRequest(params) // -// // Example sending a request using the PutBucketMetricsConfigurationRequest method. -// req, resp := client.PutBucketMetricsConfigurationRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } // // See also, https://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/PutBucketMetricsConfiguration func (c *S3) PutBucketMetricsConfigurationRequest(input *PutBucketMetricsConfigurationInput) (req *request.Request, output *PutBucketMetricsConfigurationOutput) { @@ -8039,6 +9221,8 @@ func (c *S3) PutBucketMetricsConfigurationRequest(input *PutBucketMetricsConfigu // PutBucketMetricsConfiguration API operation for Amazon Simple Storage Service. // +// This operation is not supported by directory buckets. +// // Sets a metrics configuration (specified by the metrics configuration ID) // for the bucket. You can have up to 1,000 metrics configurations per bucket. // If you're updating an existing metrics configuration, note that this is a @@ -8048,25 +9232,25 @@ func (c *S3) PutBucketMetricsConfigurationRequest(input *PutBucketMetricsConfigu // To use this operation, you must have permissions to perform the s3:PutMetricsConfiguration // action. The bucket owner has this permission by default. The bucket owner // can grant this permission to others. For more information about permissions, -// see Permissions Related to Bucket Subresource Operations (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources) -// and Managing Access Permissions to Your Amazon S3 Resources (https://docs.aws.amazon.com/AmazonS3/latest/dev/s3-access-control.html). +// see Permissions Related to Bucket Subresource Operations (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources) +// and Managing Access Permissions to Your Amazon S3 Resources (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-access-control.html). // // For information about CloudWatch request metrics for Amazon S3, see Monitoring // Metrics with Amazon CloudWatch (https://docs.aws.amazon.com/AmazonS3/latest/dev/cloudwatch-monitoring.html). // // The following operations are related to PutBucketMetricsConfiguration: // -// * DeleteBucketMetricsConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketMetricsConfiguration.html) +// - DeleteBucketMetricsConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketMetricsConfiguration.html) // -// * PutBucketMetricsConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketMetricsConfiguration.html) +// - GetBucketMetricsConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketMetricsConfiguration.html) // -// * ListBucketMetricsConfigurations (https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListBucketMetricsConfigurations.html) +// - ListBucketMetricsConfigurations (https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListBucketMetricsConfigurations.html) // -// GetBucketLifecycle has the following special error: +// PutBucketMetricsConfiguration has the following special error: // -// * Error code: TooManyConfigurations Description: You are attempting to -// create a new configuration but have already reached the 1,000-configuration -// limit. HTTP Status Code: HTTP 400 Bad Request +// - Error code: TooManyConfigurations Description: You are attempting to +// create a new configuration but have already reached the 1,000-configuration +// limit. HTTP Status Code: HTTP 400 Bad Request // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -8112,14 +9296,13 @@ const opPutBucketNotification = "PutBucketNotification" // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // +// // Example sending a request using the PutBucketNotificationRequest method. +// req, resp := client.PutBucketNotificationRequest(params) // -// // Example sending a request using the PutBucketNotificationRequest method. -// req, resp := client.PutBucketNotificationRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } // // See also, https://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/PutBucketNotification // @@ -8150,6 +9333,8 @@ func (c *S3) PutBucketNotificationRequest(input *PutBucketNotificationInput) (re // PutBucketNotification API operation for Amazon Simple Storage Service. // +// This operation is not supported by directory buckets. +// // No longer used, see the PutBucketNotificationConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketNotificationConfiguration.html) // operation. // @@ -8201,14 +9386,13 @@ const opPutBucketNotificationConfiguration = "PutBucketNotificationConfiguration // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // +// // Example sending a request using the PutBucketNotificationConfigurationRequest method. +// req, resp := client.PutBucketNotificationConfigurationRequest(params) // -// // Example sending a request using the PutBucketNotificationConfigurationRequest method. -// req, resp := client.PutBucketNotificationConfigurationRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } // // See also, https://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/PutBucketNotificationConfiguration func (c *S3) PutBucketNotificationConfigurationRequest(input *PutBucketNotificationConfigurationInput) (req *request.Request, output *PutBucketNotificationConfigurationOutput) { @@ -8230,6 +9414,8 @@ func (c *S3) PutBucketNotificationConfigurationRequest(input *PutBucketNotificat // PutBucketNotificationConfiguration API operation for Amazon Simple Storage Service. // +// This operation is not supported by directory buckets. +// // Enables notifications of specified events for a bucket. For more information // about event notifications, see Configuring Event Notifications (https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html). // @@ -8245,13 +9431,13 @@ func (c *S3) PutBucketNotificationConfigurationRequest(input *PutBucketNotificat // // // -// This operation replaces the existing notification configuration with the -// configuration you include in the request body. +// This action replaces the existing notification configuration with the configuration +// you include in the request body. // // After Amazon S3 receives this request, it first verifies that any Amazon // Simple Notification Service (Amazon SNS) or Amazon Simple Queue Service (Amazon // SQS) destination exists, and that the bucket owner has permission to publish -// to it by sending a test notification. In the case of AWS Lambda destinations, +// to it by sending a test notification. In the case of Lambda destinations, // Amazon S3 verifies that the Lambda function permissions grant Amazon S3 permission // to invoke the function from the Amazon S3 bucket. For more information, see // Configuring Notifications for Amazon S3 Events (https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html). @@ -8259,26 +9445,29 @@ func (c *S3) PutBucketNotificationConfigurationRequest(input *PutBucketNotificat // You can disable notifications by adding the empty NotificationConfiguration // element. // +// For more information about the number of event notification configurations +// that you can create per bucket, see Amazon S3 service quotas (https://docs.aws.amazon.com/general/latest/gr/s3.html#limits_s3) +// in Amazon Web Services General Reference. +// // By default, only the bucket owner can configure notifications on a bucket. // However, bucket owners can use a bucket policy to grant permission to other -// users to set this configuration with s3:PutBucketNotification permission. +// users to set this configuration with the required s3:PutBucketNotification +// permission. // // The PUT notification is an atomic operation. For example, suppose your notification // configuration includes SNS topic, SQS queue, and Lambda function configurations. // When you send a PUT request with this configuration, Amazon S3 sends test -// messages to your SNS topic. If the message fails, the entire PUT operation -// will fail, and Amazon S3 will not add the configuration to your bucket. -// -// Responses +// messages to your SNS topic. If the message fails, the entire PUT action will +// fail, and Amazon S3 will not add the configuration to your bucket. // // If the configuration in the request body includes only one TopicConfiguration // specifying only the s3:ReducedRedundancyLostObject event type, the response // will also include the x-amz-sns-test-message-id header containing the message // ID of the test notification sent to the topic. // -// The following operation is related to PutBucketNotificationConfiguration: +// The following action is related to PutBucketNotificationConfiguration: // -// * GetBucketNotificationConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketNotificationConfiguration.html) +// - GetBucketNotificationConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketNotificationConfiguration.html) // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -8324,14 +9513,13 @@ const opPutBucketOwnershipControls = "PutBucketOwnershipControls" // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // +// // Example sending a request using the PutBucketOwnershipControlsRequest method. +// req, resp := client.PutBucketOwnershipControlsRequest(params) // -// // Example sending a request using the PutBucketOwnershipControlsRequest method. -// req, resp := client.PutBucketOwnershipControlsRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } // // See also, https://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/PutBucketOwnershipControls func (c *S3) PutBucketOwnershipControlsRequest(input *PutBucketOwnershipControlsInput) (req *request.Request, output *PutBucketOwnershipControlsOutput) { @@ -8357,19 +9545,21 @@ func (c *S3) PutBucketOwnershipControlsRequest(input *PutBucketOwnershipControls // PutBucketOwnershipControls API operation for Amazon Simple Storage Service. // +// This operation is not supported by directory buckets. +// // Creates or modifies OwnershipControls for an Amazon S3 bucket. To use this // operation, you must have the s3:PutBucketOwnershipControls permission. For -// more information about Amazon S3 permissions, see Specifying Permissions -// in a Policy (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-with-s3-actions.html). +// more information about Amazon S3 permissions, see Specifying permissions +// in a policy (https://docs.aws.amazon.com/AmazonS3/latest/user-guide/using-with-s3-actions.html). // -// For information about Amazon S3 Object Ownership, see Using Object Ownership -// (https://docs.aws.amazon.com/AmazonS3/latest/dev/about-object-ownership.html). +// For information about Amazon S3 Object Ownership, see Using object ownership +// (https://docs.aws.amazon.com/AmazonS3/latest/user-guide/about-object-ownership.html). // // The following operations are related to PutBucketOwnershipControls: // -// * GetBucketOwnershipControls +// - GetBucketOwnershipControls // -// * DeleteBucketOwnershipControls +// - DeleteBucketOwnershipControls // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -8415,14 +9605,13 @@ const opPutBucketPolicy = "PutBucketPolicy" // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // +// // Example sending a request using the PutBucketPolicyRequest method. +// req, resp := client.PutBucketPolicyRequest(params) // -// // Example sending a request using the PutBucketPolicyRequest method. -// req, resp := client.PutBucketPolicyRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } // // See also, https://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/PutBucketPolicy func (c *S3) PutBucketPolicyRequest(input *PutBucketPolicyInput) (req *request.Request, output *PutBucketPolicyOutput) { @@ -8448,28 +9637,68 @@ func (c *S3) PutBucketPolicyRequest(input *PutBucketPolicyInput) (req *request.R // PutBucketPolicy API operation for Amazon Simple Storage Service. // -// Applies an Amazon S3 bucket policy to an Amazon S3 bucket. If you are using -// an identity other than the root user of the AWS account that owns the bucket, -// the calling identity must have the PutBucketPolicy permissions on the specified -// bucket and belong to the bucket owner's account in order to use this operation. +// Applies an Amazon S3 bucket policy to an Amazon S3 bucket. +// +// Directory buckets - For directory buckets, you must make requests for this +// API operation to the Regional endpoint. These endpoints support path-style +// requests in the format https://s3express-control.region_code.amazonaws.com/bucket-name +// . Virtual-hosted-style requests aren't supported. For more information, see +// Regional and Zonal endpoints (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-Regions-and-Zones.html) +// in the Amazon S3 User Guide. +// +// # Permissions +// +// If you are using an identity other than the root user of the Amazon Web Services +// account that owns the bucket, the calling identity must both have the PutBucketPolicy +// permissions on the specified bucket and belong to the bucket owner's account +// in order to use this operation. // // If you don't have PutBucketPolicy permissions, Amazon S3 returns a 403 Access // Denied error. If you have the correct permissions, but you're not using an // identity that belongs to the bucket owner's account, Amazon S3 returns a // 405 Method Not Allowed error. // -// As a security precaution, the root user of the AWS account that owns a bucket -// can always use this operation, even if the policy explicitly denies the root -// user the ability to perform this action. +// To ensure that bucket owners don't inadvertently lock themselves out of their +// own buckets, the root principal in a bucket owner's Amazon Web Services account +// can perform the GetBucketPolicy, PutBucketPolicy, and DeleteBucketPolicy +// API actions, even if their bucket policy explicitly denies the root principal's +// access. Bucket owner root principals can only be blocked from performing +// these API actions by VPC endpoint policies and Amazon Web Services Organizations +// policies. +// +// - General purpose bucket permissions - The s3:PutBucketPolicy permission +// is required in a policy. For more information about general purpose buckets +// bucket policies, see Using Bucket Policies and User Policies (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-iam-policies.html) +// in the Amazon S3 User Guide. +// +// - Directory bucket permissions - To grant access to this API operation, +// you must have the s3express:PutBucketPolicy permission in an IAM identity-based +// policy instead of a bucket policy. Cross-account access to this API operation +// isn't supported. This operation can only be performed by the Amazon Web +// Services account that owns the resource. For more information about directory +// bucket policies and permissions, see Amazon Web Services Identity and +// Access Management (IAM) for S3 Express One Zone (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-security-iam.html) +// in the Amazon S3 User Guide. +// +// # Example bucket policies // -// For more information about bucket policies, see Using Bucket Policies and -// User Policies (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-iam-policies.html). +// General purpose buckets example bucket policies - See Bucket policy examples +// (https://docs.aws.amazon.com/AmazonS3/latest/userguide/example-bucket-policies.html) +// in the Amazon S3 User Guide. +// +// Directory bucket example bucket policies - See Example bucket policies for +// S3 Express One Zone (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-security-iam-example-bucket-policies.html) +// in the Amazon S3 User Guide. +// +// # HTTP Host header syntax +// +// Directory buckets - The HTTP Host header syntax is s3express-control.region.amazonaws.com. // // The following operations are related to PutBucketPolicy: // -// * CreateBucket (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateBucket.html) +// - CreateBucket (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateBucket.html) // -// * DeleteBucket (https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucket.html) +// - DeleteBucket (https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucket.html) // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -8515,14 +9744,13 @@ const opPutBucketReplication = "PutBucketReplication" // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // +// // Example sending a request using the PutBucketReplicationRequest method. +// req, resp := client.PutBucketReplicationRequest(params) // -// // Example sending a request using the PutBucketReplicationRequest method. -// req, resp := client.PutBucketReplicationRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } // // See also, https://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/PutBucketReplication func (c *S3) PutBucketReplicationRequest(input *PutBucketReplicationInput) (req *request.Request, output *PutBucketReplicationOutput) { @@ -8548,18 +9776,19 @@ func (c *S3) PutBucketReplicationRequest(input *PutBucketReplicationInput) (req // PutBucketReplication API operation for Amazon Simple Storage Service. // +// This operation is not supported by directory buckets. +// // Creates a replication configuration or replaces an existing one. For more // information, see Replication (https://docs.aws.amazon.com/AmazonS3/latest/dev/replication.html) -// in the Amazon S3 Developer Guide. -// -// To perform this operation, the user or role performing the operation must -// have the iam:PassRole (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use_passrole.html) -// permission. +// in the Amazon S3 User Guide. // // Specify the replication configuration in the request body. In the replication // configuration, you provide the name of the destination bucket or buckets // where you want Amazon S3 to replicate objects, the IAM role that Amazon S3 // can assume to replicate objects on your behalf, and other relevant information. +// You can invoke this request for a specific Amazon Web Services Region by +// using the aws:RequestedRegion (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_condition-keys.html#condition-keys-requestedregion) +// condition key. // // A replication configuration must include at least one rule, and can contain // a maximum of 1,000. Each rule identifies a subset of objects to replicate @@ -8579,29 +9808,38 @@ func (c *S3) PutBucketReplicationRequest(input *PutBucketReplicationInput) (req // For information about enabling versioning on a bucket, see Using Versioning // (https://docs.aws.amazon.com/AmazonS3/latest/dev/Versioning.html). // -// By default, a resource owner, in this case the AWS account that created the -// bucket, can perform this operation. The resource owner can also grant others -// permissions to perform the operation. For more information about permissions, -// see Specifying Permissions in a Policy (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-with-s3-actions.html) -// and Managing Access Permissions to Your Amazon S3 Resources (https://docs.aws.amazon.com/AmazonS3/latest/dev/s3-access-control.html). -// -// Handling Replication of Encrypted Objects +// # Handling Replication of Encrypted Objects // // By default, Amazon S3 doesn't replicate objects that are stored at rest using -// server-side encryption with CMKs stored in AWS KMS. To replicate AWS KMS-encrypted +// server-side encryption with KMS keys. To replicate Amazon Web Services KMS-encrypted // objects, add the following: SourceSelectionCriteria, SseKmsEncryptedObjects, // Status, EncryptionConfiguration, and ReplicaKmsKeyID. For information about // replication configuration, see Replicating Objects Created with SSE Using -// CMKs stored in AWS KMS (https://docs.aws.amazon.com/AmazonS3/latest/dev/replication-config-for-kms-objects.html). +// KMS keys (https://docs.aws.amazon.com/AmazonS3/latest/dev/replication-config-for-kms-objects.html). // // For information on PutBucketReplication errors, see List of replication-related // error codes (https://docs.aws.amazon.com/AmazonS3/latest/API/ErrorResponses.html#ReplicationErrorCodeList) // +// # Permissions +// +// To create a PutBucketReplication request, you must have s3:PutReplicationConfiguration +// permissions for the bucket. +// +// By default, a resource owner, in this case the Amazon Web Services account +// that created the bucket, can perform this operation. The resource owner can +// also grant others permissions to perform the operation. For more information +// about permissions, see Specifying Permissions in a Policy (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-with-s3-actions.html) +// and Managing Access Permissions to Your Amazon S3 Resources (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-access-control.html). +// +// To perform this operation, the user or role performing the action must have +// the iam:PassRole (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use_passrole.html) +// permission. +// // The following operations are related to PutBucketReplication: // -// * GetBucketReplication (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketReplication.html) +// - GetBucketReplication (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketReplication.html) // -// * DeleteBucketReplication (https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketReplication.html) +// - DeleteBucketReplication (https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketReplication.html) // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -8647,14 +9885,13 @@ const opPutBucketRequestPayment = "PutBucketRequestPayment" // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // +// // Example sending a request using the PutBucketRequestPaymentRequest method. +// req, resp := client.PutBucketRequestPaymentRequest(params) // -// // Example sending a request using the PutBucketRequestPaymentRequest method. -// req, resp := client.PutBucketRequestPaymentRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } // // See also, https://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/PutBucketRequestPayment func (c *S3) PutBucketRequestPaymentRequest(input *PutBucketRequestPaymentInput) (req *request.Request, output *PutBucketRequestPaymentOutput) { @@ -8680,6 +9917,8 @@ func (c *S3) PutBucketRequestPaymentRequest(input *PutBucketRequestPaymentInput) // PutBucketRequestPayment API operation for Amazon Simple Storage Service. // +// This operation is not supported by directory buckets. +// // Sets the request payment configuration for a bucket. By default, the bucket // owner pays for downloads from the bucket. This configuration parameter enables // the bucket owner (only) to specify that the person requesting the download @@ -8688,9 +9927,9 @@ func (c *S3) PutBucketRequestPaymentRequest(input *PutBucketRequestPaymentInput) // // The following operations are related to PutBucketRequestPayment: // -// * CreateBucket (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateBucket.html) +// - CreateBucket (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateBucket.html) // -// * GetBucketRequestPayment (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketRequestPayment.html) +// - GetBucketRequestPayment (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketRequestPayment.html) // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -8736,14 +9975,13 @@ const opPutBucketTagging = "PutBucketTagging" // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // +// // Example sending a request using the PutBucketTaggingRequest method. +// req, resp := client.PutBucketTaggingRequest(params) // -// // Example sending a request using the PutBucketTaggingRequest method. -// req, resp := client.PutBucketTaggingRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } // // See also, https://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/PutBucketTagging func (c *S3) PutBucketTaggingRequest(input *PutBucketTaggingInput) (req *request.Request, output *PutBucketTaggingOutput) { @@ -8769,48 +10007,50 @@ func (c *S3) PutBucketTaggingRequest(input *PutBucketTaggingInput) (req *request // PutBucketTagging API operation for Amazon Simple Storage Service. // +// This operation is not supported by directory buckets. +// // Sets the tags for a bucket. // -// Use tags to organize your AWS bill to reflect your own cost structure. To -// do this, sign up to get your AWS account bill with tag key values included. -// Then, to see the cost of combined resources, organize your billing information -// according to resources with the same tag key values. For example, you can -// tag several resources with a specific application name, and then organize -// your billing information to see the total cost of that application across -// several services. For more information, see Cost Allocation and Tagging (https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/cost-alloc-tags.html). +// Use tags to organize your Amazon Web Services bill to reflect your own cost +// structure. To do this, sign up to get your Amazon Web Services account bill +// with tag key values included. Then, to see the cost of combined resources, +// organize your billing information according to resources with the same tag +// key values. For example, you can tag several resources with a specific application +// name, and then organize your billing information to see the total cost of +// that application across several services. For more information, see Cost +// Allocation and Tagging (https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/cost-alloc-tags.html) +// and Using Cost Allocation in Amazon S3 Bucket Tags (https://docs.aws.amazon.com/AmazonS3/latest/userguide/CostAllocTagging.html). // -// Within a bucket, if you add a tag that has the same key as an existing tag, -// the new value overwrites the old value. For more information, see Using Cost -// Allocation in Amazon S3 Bucket Tags (https://docs.aws.amazon.com/AmazonS3/latest/dev/CostAllocTagging.html). +// When this operation sets the tags for a bucket, it will overwrite any current +// tags the bucket already has. You cannot use this operation to add tags to +// an existing list of tags. // // To use this operation, you must have permissions to perform the s3:PutBucketTagging // action. The bucket owner has this permission by default and can grant this // permission to others. For more information about permissions, see Permissions -// Related to Bucket Subresource Operations (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources) -// and Managing Access Permissions to Your Amazon S3 Resources (https://docs.aws.amazon.com/AmazonS3/latest/dev/s3-access-control.html). +// Related to Bucket Subresource Operations (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources) +// and Managing Access Permissions to Your Amazon S3 Resources (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-access-control.html). // -// PutBucketTagging has the following special errors: +// PutBucketTagging has the following special errors. For more Amazon S3 errors +// see, Error Responses (https://docs.aws.amazon.com/AmazonS3/latest/API/ErrorResponses.html). // -// * Error code: InvalidTagError Description: The tag provided was not a -// valid tag. This error can occur if the tag did not pass input validation. -// For information about tag restrictions, see User-Defined Tag Restrictions -// (https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/allocation-tag-restrictions.html) -// and AWS-Generated Cost Allocation Tag Restrictions (https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/aws-tag-restrictions.html). +// - InvalidTag - The tag provided was not a valid tag. This error can occur +// if the tag did not pass input validation. For more information, see Using +// Cost Allocation in Amazon S3 Bucket Tags (https://docs.aws.amazon.com/AmazonS3/latest/userguide/CostAllocTagging.html). // -// * Error code: MalformedXMLError Description: The XML provided does not -// match the schema. +// - MalformedXML - The XML provided does not match the schema. // -// * Error code: OperationAbortedError Description: A conflicting conditional -// operation is currently in progress against this resource. Please try again. +// - OperationAborted - A conflicting conditional action is currently in +// progress against this resource. Please try again. // -// * Error code: InternalError Description: The service was unable to apply -// the provided tag to the bucket. +// - InternalError - The service was unable to apply the provided tag to +// the bucket. // // The following operations are related to PutBucketTagging: // -// * GetBucketTagging (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketTagging.html) +// - GetBucketTagging (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketTagging.html) // -// * DeleteBucketTagging (https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketTagging.html) +// - DeleteBucketTagging (https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketTagging.html) // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -8856,14 +10096,13 @@ const opPutBucketVersioning = "PutBucketVersioning" // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // +// // Example sending a request using the PutBucketVersioningRequest method. +// req, resp := client.PutBucketVersioningRequest(params) // -// // Example sending a request using the PutBucketVersioningRequest method. -// req, resp := client.PutBucketVersioningRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } // // See also, https://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/PutBucketVersioning func (c *S3) PutBucketVersioningRequest(input *PutBucketVersioningInput) (req *request.Request, output *PutBucketVersioningOutput) { @@ -8889,8 +10128,9 @@ func (c *S3) PutBucketVersioningRequest(input *PutBucketVersioningInput) (req *r // PutBucketVersioning API operation for Amazon Simple Storage Service. // -// Sets the versioning state of an existing bucket. To set the versioning state, -// you must be the bucket owner. +// This operation is not supported by directory buckets. +// +// Sets the versioning state of an existing bucket. // // You can set the versioning state with one of the following values: // @@ -8904,26 +10144,26 @@ func (c *S3) PutBucketVersioningRequest(input *PutBucketVersioningInput) (req *r // state; a GetBucketVersioning (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketVersioning.html) // request does not return a versioning state value. // -// If the bucket owner enables MFA Delete in the bucket versioning configuration, -// the bucket owner must include the x-amz-mfa request header and the Status -// and the MfaDelete request elements in a request to set the versioning state -// of the bucket. +// In order to enable MFA Delete, you must be the bucket owner. If you are the +// bucket owner and want to enable MFA Delete in the bucket versioning configuration, +// you must include the x-amz-mfa request header and the Status and the MfaDelete +// request elements in a request to set the versioning state of the bucket. // -// If you have an object expiration lifecycle policy in your non-versioned bucket -// and you want to maintain the same permanent delete behavior when you enable -// versioning, you must add a noncurrent expiration policy. The noncurrent expiration -// lifecycle policy will manage the deletes of the noncurrent object versions -// in the version-enabled bucket. (A version-enabled bucket maintains one current -// and zero or more noncurrent object versions.) For more information, see Lifecycle -// and Versioning (https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lifecycle-mgmt.html#lifecycle-and-other-bucket-config). +// If you have an object expiration lifecycle configuration in your non-versioned +// bucket and you want to maintain the same permanent delete behavior when you +// enable versioning, you must add a noncurrent expiration policy. The noncurrent +// expiration lifecycle configuration will manage the deletes of the noncurrent +// object versions in the version-enabled bucket. (A version-enabled bucket +// maintains one current and zero or more noncurrent object versions.) For more +// information, see Lifecycle and Versioning (https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lifecycle-mgmt.html#lifecycle-and-other-bucket-config). // -// Related Resources +// The following operations are related to PutBucketVersioning: // -// * CreateBucket (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateBucket.html) +// - CreateBucket (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateBucket.html) // -// * DeleteBucket (https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucket.html) +// - DeleteBucket (https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucket.html) // -// * GetBucketVersioning (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketVersioning.html) +// - GetBucketVersioning (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketVersioning.html) // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -8969,14 +10209,13 @@ const opPutBucketWebsite = "PutBucketWebsite" // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // +// // Example sending a request using the PutBucketWebsiteRequest method. +// req, resp := client.PutBucketWebsiteRequest(params) // -// // Example sending a request using the PutBucketWebsiteRequest method. -// req, resp := client.PutBucketWebsiteRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } // // See also, https://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/PutBucketWebsite func (c *S3) PutBucketWebsiteRequest(input *PutBucketWebsiteInput) (req *request.Request, output *PutBucketWebsiteOutput) { @@ -9002,13 +10241,15 @@ func (c *S3) PutBucketWebsiteRequest(input *PutBucketWebsiteInput) (req *request // PutBucketWebsite API operation for Amazon Simple Storage Service. // +// This operation is not supported by directory buckets. +// // Sets the configuration of the website that is specified in the website subresource. // To configure a bucket as a website, you can add this subresource on the bucket // with website configuration information such as the file name of the index // document and any redirect rules. For more information, see Hosting Websites // on Amazon S3 (https://docs.aws.amazon.com/AmazonS3/latest/dev/WebsiteHosting.html). // -// This PUT operation requires the S3:PutBucketWebsite permission. By default, +// This PUT action requires the S3:PutBucketWebsite permission. By default, // only the bucket owner can configure the website attached to a bucket; however, // bucket owners can allow other users to set the website configuration by writing // a bucket policy that grants them the S3:PutBucketWebsite permission. @@ -9018,13 +10259,13 @@ func (c *S3) PutBucketWebsiteRequest(input *PutBucketWebsiteInput) (req *request // are sent to another website, you don't need to provide index document name // for the bucket. // -// * WebsiteConfiguration +// - WebsiteConfiguration // -// * RedirectAllRequestsTo +// - RedirectAllRequestsTo // -// * HostName +// - HostName // -// * Protocol +// - Protocol // // If you want granular control over redirects, you can use the following elements // to add routing rules that describe conditions for redirecting requests and @@ -9032,42 +10273,44 @@ func (c *S3) PutBucketWebsiteRequest(input *PutBucketWebsiteInput) (req *request // must provide an index document for the bucket, because some requests might // not be redirected. // -// * WebsiteConfiguration +// - WebsiteConfiguration // -// * IndexDocument +// - IndexDocument // -// * Suffix +// - Suffix // -// * ErrorDocument +// - ErrorDocument // -// * Key +// - Key // -// * RoutingRules +// - RoutingRules // -// * RoutingRule +// - RoutingRule // -// * Condition +// - Condition // -// * HttpErrorCodeReturnedEquals +// - HttpErrorCodeReturnedEquals // -// * KeyPrefixEquals +// - KeyPrefixEquals // -// * Redirect +// - Redirect // -// * Protocol +// - Protocol // -// * HostName +// - HostName // -// * ReplaceKeyPrefixWith +// - ReplaceKeyPrefixWith // -// * ReplaceKeyWith +// - ReplaceKeyWith // -// * HttpRedirectCode +// - HttpRedirectCode // // Amazon S3 has a limitation of 50 routing rules per website configuration. // If you require more than 50 routing rules, you can use object redirect. For // more information, see Configuring an Object Redirect (https://docs.aws.amazon.com/AmazonS3/latest/dev/how-to-page-redirect.html) -// in the Amazon Simple Storage Service Developer Guide. +// in the Amazon S3 User Guide. +// +// The maximum request length is limited to 128 KB. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -9113,14 +10356,13 @@ const opPutObject = "PutObject" // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // +// // Example sending a request using the PutObjectRequest method. +// req, resp := client.PutObjectRequest(params) // -// // Example sending a request using the PutObjectRequest method. -// req, resp := client.PutObjectRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } // // See also, https://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/PutObject func (c *S3) PutObjectRequest(input *PutObjectInput) (req *request.Request, output *PutObjectOutput) { @@ -9141,77 +10383,89 @@ func (c *S3) PutObjectRequest(input *PutObjectInput) (req *request.Request, outp // PutObject API operation for Amazon Simple Storage Service. // -// Adds an object to a bucket. You must have WRITE permissions on a bucket to -// add an object to it. +// Adds an object to a bucket. // -// Amazon S3 never adds partial objects; if you receive a success response, -// Amazon S3 added the entire object to the bucket. +// - Amazon S3 never adds partial objects; if you receive a success response, +// Amazon S3 added the entire object to the bucket. You cannot use PutObject +// to only update a single piece of metadata for an existing object. You +// must put the entire object with updated metadata if you want to update +// some values. +// +// - If your bucket uses the bucket owner enforced setting for Object Ownership, +// ACLs are disabled and no longer affect permissions. All objects written +// to the bucket by any account will be owned by the bucket owner. +// +// - Directory buckets - For directory buckets, you must make requests for +// this API operation to the Zonal endpoint. These endpoints support virtual-hosted-style +// requests in the format https://bucket_name.s3express-az_id.region.amazonaws.com/key-name +// . Path-style requests are not supported. For more information, see Regional +// and Zonal endpoints (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-Regions-and-Zones.html) +// in the Amazon S3 User Guide. // // Amazon S3 is a distributed system. If it receives multiple write requests // for the same object simultaneously, it overwrites all but the last object -// written. Amazon S3 does not provide object locking; if you need this, make -// sure to build it into your application layer or use versioning instead. -// -// To ensure that data is not corrupted traversing the network, use the Content-MD5 -// header. When you use this header, Amazon S3 checks the object against the -// provided MD5 value and, if they do not match, returns an error. Additionally, -// you can calculate the MD5 while putting an object to Amazon S3 and compare -// the returned ETag to the calculated MD5 value. -// -// The Content-MD5 header is required for any request to upload an object with -// a retention period configured using Amazon S3 Object Lock. For more information -// about Amazon S3 Object Lock, see Amazon S3 Object Lock Overview (https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock-overview.html) -// in the Amazon Simple Storage Service Developer Guide. -// -// Server-side Encryption -// -// You can optionally request server-side encryption. With server-side encryption, -// Amazon S3 encrypts your data as it writes it to disks in its data centers -// and decrypts the data when you access it. You have the option to provide -// your own encryption key or use AWS managed encryption keys (SSE-S3 or SSE-KMS). -// For more information, see Using Server-Side Encryption (https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingServerSideEncryption.html). -// -// If you request server-side encryption using AWS Key Management Service (SSE-KMS), -// you can enable an S3 Bucket Key at the object-level. For more information, -// see Amazon S3 Bucket Keys (https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-key.html) -// in the Amazon Simple Storage Service Developer Guide. -// -// Access Control List (ACL)-Specific Request Headers -// -// You can use headers to grant ACL- based permissions. By default, all objects -// are private. Only the owner has full access control. When adding a new object, -// you can grant permissions to individual AWS accounts or to predefined groups -// defined by Amazon S3. These permissions are then added to the ACL on the -// object. For more information, see Access Control List (ACL) Overview (https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html) -// and Managing ACLs Using the REST API (https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-using-rest-api.html). -// -// Storage Class Options -// -// By default, Amazon S3 uses the STANDARD Storage Class to store newly created -// objects. The STANDARD storage class provides high durability and high availability. -// Depending on performance needs, you can specify a different Storage Class. -// Amazon S3 on Outposts only uses the OUTPOSTS Storage Class. For more information, -// see Storage Classes (https://docs.aws.amazon.com/AmazonS3/latest/dev/storage-class-intro.html) -// in the Amazon S3 Service Developer Guide. +// written. However, Amazon S3 provides features that can modify this behavior: +// +// - S3 Object Lock - To prevent objects from being deleted or overwritten, +// you can use Amazon S3 Object Lock (https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-lock.html) +// in the Amazon S3 User Guide. This functionality is not supported for directory +// buckets. +// +// - S3 Versioning - When you enable versioning for a bucket, if Amazon S3 +// receives multiple write requests for the same object simultaneously, it +// stores all versions of the objects. For each write request that is made +// to the same object, Amazon S3 automatically generates a unique version +// ID of that object being stored in Amazon S3. You can retrieve, replace, +// or delete any version of the object. For more information about versioning, +// see Adding Objects to Versioning-Enabled Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/AddingObjectstoVersioningEnabledBuckets.html) +// in the Amazon S3 User Guide. For information about returning the versioning +// state of a bucket, see GetBucketVersioning (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketVersioning.html). +// This functionality is not supported for directory buckets. // -// Versioning +// Permissions // -// If you enable versioning for a bucket, Amazon S3 automatically generates -// a unique version ID for the object being stored. Amazon S3 returns this ID -// in the response. When you enable versioning for a bucket, if Amazon S3 receives -// multiple write requests for the same object simultaneously, it stores all -// of the objects. +// - General purpose bucket permissions - The following permissions are required +// in your policies when your PutObject request includes specific headers. +// s3:PutObject - To successfully complete the PutObject request, you must +// always have the s3:PutObject permission on a bucket to add an object to +// it. s3:PutObjectAcl - To successfully change the objects ACL of your PutObject +// request, you must have the s3:PutObjectAcl. s3:PutObjectTagging - To successfully +// set the tag-set with your PutObject request, you must have the s3:PutObjectTagging. // -// For more information about versioning, see Adding Objects to Versioning Enabled -// Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/AddingObjectstoVersioningEnabledBuckets.html). -// For information about returning the versioning state of a bucket, see GetBucketVersioning -// (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketVersioning.html). +// - Directory bucket permissions - To grant access to this API operation +// on a directory bucket, we recommend that you use the CreateSession (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html) +// API operation for session-based authorization. Specifically, you grant +// the s3express:CreateSession permission to the directory bucket in a bucket +// policy or an IAM identity-based policy. Then, you make the CreateSession +// API call on the bucket to obtain a session token. With the session token +// in your request header, you can make API requests to this operation. After +// the session token expires, you make another CreateSession API call to +// generate a new session token for use. Amazon Web Services CLI or SDKs +// create session and refresh the session token automatically to avoid service +// interruptions when a session expires. For more information about authorization, +// see CreateSession (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html). // -// Related Resources +// Data integrity with Content-MD5 +// +// - General purpose bucket - To ensure that data is not corrupted traversing +// the network, use the Content-MD5 header. When you use this header, Amazon +// S3 checks the object against the provided MD5 value and, if they do not +// match, Amazon S3 returns an error. Alternatively, when the object's ETag +// is its MD5 digest, you can calculate the MD5 while putting the object +// to Amazon S3 and compare the returned ETag to the calculated MD5 value. +// +// - Directory bucket - This functionality is not supported for directory +// buckets. +// +// # HTTP Host header syntax // -// * CopyObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CopyObject.html) +// Directory buckets - The HTTP Host header syntax is Bucket_name.s3express-az_id.region.amazonaws.com. // -// * DeleteObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteObject.html) +// For more information about related Amazon S3 APIs, see the following: +// +// - CopyObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CopyObject.html) +// +// - DeleteObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteObject.html) // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -9257,14 +10511,13 @@ const opPutObjectAcl = "PutObjectAcl" // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // +// // Example sending a request using the PutObjectAclRequest method. +// req, resp := client.PutObjectAclRequest(params) // -// // Example sending a request using the PutObjectAclRequest method. -// req, resp := client.PutObjectAclRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } // // See also, https://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/PutObjectAcl func (c *S3) PutObjectAclRequest(input *PutObjectAclInput) (req *request.Request, output *PutObjectAclOutput) { @@ -9289,92 +10542,102 @@ func (c *S3) PutObjectAclRequest(input *PutObjectAclInput) (req *request.Request // PutObjectAcl API operation for Amazon Simple Storage Service. // +// This operation is not supported by directory buckets. +// // Uses the acl subresource to set the access control list (ACL) permissions -// for a new or existing object in an S3 bucket. You must have WRITE_ACP permission -// to set the ACL of an object. For more information, see What permissions can -// I grant? (https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#permissions) -// in the Amazon Simple Storage Service Developer Guide. +// for a new or existing object in an S3 bucket. You must have the WRITE_ACP +// permission to set the ACL of an object. For more information, see What permissions +// can I grant? (https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#permissions) +// in the Amazon S3 User Guide. // -// This action is not supported by Amazon S3 on Outposts. +// This functionality is not supported for Amazon S3 on Outposts. // // Depending on your application needs, you can choose to set the ACL on an // object using either the request body or the headers. For example, if you // have an existing application that updates a bucket ACL using the request // body, you can continue to use that approach. For more information, see Access // Control List (ACL) Overview (https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html) -// in the Amazon S3 Developer Guide. +// in the Amazon S3 User Guide. // -// Access Permissions +// If your bucket uses the bucket owner enforced setting for S3 Object Ownership, +// ACLs are disabled and no longer affect permissions. You must use policies +// to grant access to your bucket and the objects in it. Requests to set ACLs +// or update ACLs fail and return the AccessControlListNotSupported error code. +// Requests to read ACLs are still supported. For more information, see Controlling +// object ownership (https://docs.aws.amazon.com/AmazonS3/latest/userguide/about-object-ownership.html) +// in the Amazon S3 User Guide. +// +// # Permissions // // You can set access permissions using one of the following methods: // -// * Specify a canned ACL with the x-amz-acl request header. Amazon S3 supports -// a set of predefined ACLs, known as canned ACLs. Each canned ACL has a -// predefined set of grantees and permissions. Specify the canned ACL name -// as the value of x-amz-acl. If you use this header, you cannot use other -// access control-specific headers in your request. For more information, -// see Canned ACL (https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#CannedACL). -// -// * Specify access permissions explicitly with the x-amz-grant-read, x-amz-grant-read-acp, -// x-amz-grant-write-acp, and x-amz-grant-full-control headers. When using -// these headers, you specify explicit access permissions and grantees (AWS -// accounts or Amazon S3 groups) who will receive the permission. If you -// use these ACL-specific headers, you cannot use x-amz-acl header to set -// a canned ACL. These parameters map to the set of permissions that Amazon -// S3 supports in an ACL. For more information, see Access Control List (ACL) -// Overview (https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html). -// You specify each grantee as a type=value pair, where the type is one of -// the following: id – if the value specified is the canonical user ID -// of an AWS account uri – if you are granting permissions to a predefined -// group emailAddress – if the value specified is the email address of -// an AWS account Using email addresses to specify a grantee is only supported -// in the following AWS Regions: US East (N. Virginia) US West (N. California) -// US West (Oregon) Asia Pacific (Singapore) Asia Pacific (Sydney) Asia Pacific -// (Tokyo) Europe (Ireland) South America (São Paulo) For a list of all -// the Amazon S3 supported Regions and endpoints, see Regions and Endpoints -// (https://docs.aws.amazon.com/general/latest/gr/rande.html#s3_region) in -// the AWS General Reference. For example, the following x-amz-grant-read -// header grants list objects permission to the two AWS accounts identified -// by their email addresses. x-amz-grant-read: emailAddress="xyz@amazon.com", -// emailAddress="abc@amazon.com" +// - Specify a canned ACL with the x-amz-acl request header. Amazon S3 supports +// a set of predefined ACLs, known as canned ACLs. Each canned ACL has a +// predefined set of grantees and permissions. Specify the canned ACL name +// as the value of x-amz-acl. If you use this header, you cannot use other +// access control-specific headers in your request. For more information, +// see Canned ACL (https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#CannedACL). +// +// - Specify access permissions explicitly with the x-amz-grant-read, x-amz-grant-read-acp, +// x-amz-grant-write-acp, and x-amz-grant-full-control headers. When using +// these headers, you specify explicit access permissions and grantees (Amazon +// Web Services accounts or Amazon S3 groups) who will receive the permission. +// If you use these ACL-specific headers, you cannot use x-amz-acl header +// to set a canned ACL. These parameters map to the set of permissions that +// Amazon S3 supports in an ACL. For more information, see Access Control +// List (ACL) Overview (https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html). +// You specify each grantee as a type=value pair, where the type is one of +// the following: id – if the value specified is the canonical user ID +// of an Amazon Web Services account uri – if you are granting permissions +// to a predefined group emailAddress – if the value specified is the email +// address of an Amazon Web Services account Using email addresses to specify +// a grantee is only supported in the following Amazon Web Services Regions: +// US East (N. Virginia) US West (N. California) US West (Oregon) Asia Pacific +// (Singapore) Asia Pacific (Sydney) Asia Pacific (Tokyo) Europe (Ireland) +// South America (São Paulo) For a list of all the Amazon S3 supported Regions +// and endpoints, see Regions and Endpoints (https://docs.aws.amazon.com/general/latest/gr/rande.html#s3_region) +// in the Amazon Web Services General Reference. For example, the following +// x-amz-grant-read header grants list objects permission to the two Amazon +// Web Services accounts identified by their email addresses. x-amz-grant-read: +// emailAddress="xyz@amazon.com", emailAddress="abc@amazon.com" // // You can use either a canned ACL or specify access permissions explicitly. // You cannot do both. // -// Grantee Values +// # Grantee Values // // You can specify the person (grantee) to whom you're assigning access rights // (using request elements) in the following ways: // -// * By the person's ID: <>ID<><>GranteesEmail<> -// DisplayName is optional and ignored in the request. +// - By the person's ID: <>ID<><>GranteesEmail<> +// DisplayName is optional and ignored in the request. // -// * By URI: <>http://acs.amazonaws.com/groups/global/AuthenticatedUsers<> +// - By URI: <>http://acs.amazonaws.com/groups/global/AuthenticatedUsers<> // -// * By Email address: <>Grantees@email.com<>lt;/Grantee> -// The grantee is resolved to the CanonicalUser and, in a response to a GET -// Object acl request, appears as the CanonicalUser. Using email addresses -// to specify a grantee is only supported in the following AWS Regions: US -// East (N. Virginia) US West (N. California) US West (Oregon) Asia Pacific -// (Singapore) Asia Pacific (Sydney) Asia Pacific (Tokyo) Europe (Ireland) -// South America (São Paulo) For a list of all the Amazon S3 supported Regions -// and endpoints, see Regions and Endpoints (https://docs.aws.amazon.com/general/latest/gr/rande.html#s3_region) -// in the AWS General Reference. +// - By Email address: <>Grantees@email.com<>lt;/Grantee> +// The grantee is resolved to the CanonicalUser and, in a response to a GET +// Object acl request, appears as the CanonicalUser. Using email addresses +// to specify a grantee is only supported in the following Amazon Web Services +// Regions: US East (N. Virginia) US West (N. California) US West (Oregon) +// Asia Pacific (Singapore) Asia Pacific (Sydney) Asia Pacific (Tokyo) Europe +// (Ireland) South America (São Paulo) For a list of all the Amazon S3 supported +// Regions and endpoints, see Regions and Endpoints (https://docs.aws.amazon.com/general/latest/gr/rande.html#s3_region) +// in the Amazon Web Services General Reference. // -// Versioning +// # Versioning // // The ACL of an object is set at the object version level. By default, PUT // sets the ACL of the current version of an object. To set the ACL of a different // version, use the versionId subresource. // -// Related Resources +// The following operations are related to PutObjectAcl: // -// * CopyObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CopyObject.html) +// - CopyObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CopyObject.html) // -// * GetObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObject.html) +// - GetObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObject.html) // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -9384,8 +10647,8 @@ func (c *S3) PutObjectAclRequest(input *PutObjectAclInput) (req *request.Request // API operation PutObjectAcl for usage and error information. // // Returned Error Codes: -// * ErrCodeNoSuchKey "NoSuchKey" -// The specified key does not exist. +// - ErrCodeNoSuchKey "NoSuchKey" +// The specified key does not exist. // // See also, https://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/PutObjectAcl func (c *S3) PutObjectAcl(input *PutObjectAclInput) (*PutObjectAclOutput, error) { @@ -9425,14 +10688,13 @@ const opPutObjectLegalHold = "PutObjectLegalHold" // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // +// // Example sending a request using the PutObjectLegalHoldRequest method. +// req, resp := client.PutObjectLegalHoldRequest(params) // -// // Example sending a request using the PutObjectLegalHoldRequest method. -// req, resp := client.PutObjectLegalHoldRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } // // See also, https://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/PutObjectLegalHold func (c *S3) PutObjectLegalHoldRequest(input *PutObjectLegalHoldInput) (req *request.Request, output *PutObjectLegalHoldOutput) { @@ -9457,13 +10719,12 @@ func (c *S3) PutObjectLegalHoldRequest(input *PutObjectLegalHoldInput) (req *req // PutObjectLegalHold API operation for Amazon Simple Storage Service. // -// Applies a Legal Hold configuration to the specified object. +// This operation is not supported by directory buckets. // -// This action is not supported by Amazon S3 on Outposts. +// Applies a legal hold configuration to the specified object. For more information, +// see Locking Objects (https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock.html). // -// Related Resources -// -// * Locking Objects (https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock.html) +// This functionality is not supported for Amazon S3 on Outposts. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -9509,14 +10770,13 @@ const opPutObjectLockConfiguration = "PutObjectLockConfiguration" // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // +// // Example sending a request using the PutObjectLockConfigurationRequest method. +// req, resp := client.PutObjectLockConfigurationRequest(params) // -// // Example sending a request using the PutObjectLockConfigurationRequest method. -// req, resp := client.PutObjectLockConfigurationRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } // // See also, https://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/PutObjectLockConfiguration func (c *S3) PutObjectLockConfigurationRequest(input *PutObjectLockConfigurationInput) (req *request.Request, output *PutObjectLockConfigurationOutput) { @@ -9541,16 +10801,20 @@ func (c *S3) PutObjectLockConfigurationRequest(input *PutObjectLockConfiguration // PutObjectLockConfiguration API operation for Amazon Simple Storage Service. // +// This operation is not supported by directory buckets. +// // Places an Object Lock configuration on the specified bucket. The rule specified // in the Object Lock configuration will be applied by default to every new -// object placed in the specified bucket. +// object placed in the specified bucket. For more information, see Locking +// Objects (https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock.html). // -// DefaultRetention requires either Days or Years. You can't specify both at -// the same time. +// - The DefaultRetention settings require both a mode and a period. // -// Related Resources +// - The DefaultRetention period can be either Days or Years but you must +// select one. You cannot specify Days and Years at the same time. // -// * Locking Objects (https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock.html) +// - You can enable Object Lock for new or existing buckets. For more information, +// see Configuring Object Lock (https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-lock-configure.html). // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -9596,14 +10860,13 @@ const opPutObjectRetention = "PutObjectRetention" // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // +// // Example sending a request using the PutObjectRetentionRequest method. +// req, resp := client.PutObjectRetentionRequest(params) // -// // Example sending a request using the PutObjectRetentionRequest method. -// req, resp := client.PutObjectRetentionRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } // // See also, https://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/PutObjectRetention func (c *S3) PutObjectRetentionRequest(input *PutObjectRetentionInput) (req *request.Request, output *PutObjectRetentionOutput) { @@ -9628,13 +10891,15 @@ func (c *S3) PutObjectRetentionRequest(input *PutObjectRetentionInput) (req *req // PutObjectRetention API operation for Amazon Simple Storage Service. // -// Places an Object Retention configuration on an object. +// This operation is not supported by directory buckets. // -// This action is not supported by Amazon S3 on Outposts. -// -// Related Resources +// Places an Object Retention configuration on an object. For more information, +// see Locking Objects (https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock.html). +// Users or accounts require the s3:PutObjectRetention permission in order to +// place an Object Retention configuration on objects. Bypassing a Governance +// Retention configuration requires the s3:BypassGovernanceRetention permission. // -// * Locking Objects (https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock.html) +// This functionality is not supported for Amazon S3 on Outposts. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -9680,14 +10945,13 @@ const opPutObjectTagging = "PutObjectTagging" // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // +// // Example sending a request using the PutObjectTaggingRequest method. +// req, resp := client.PutObjectTaggingRequest(params) // -// // Example sending a request using the PutObjectTaggingRequest method. -// req, resp := client.PutObjectTaggingRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } // // See also, https://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/PutObjectTagging func (c *S3) PutObjectTaggingRequest(input *PutObjectTaggingInput) (req *request.Request, output *PutObjectTaggingOutput) { @@ -9712,12 +10976,15 @@ func (c *S3) PutObjectTaggingRequest(input *PutObjectTaggingInput) (req *request // PutObjectTagging API operation for Amazon Simple Storage Service. // -// Sets the supplied tag-set to an object that already exists in a bucket. +// This operation is not supported by directory buckets. +// +// Sets the supplied tag-set to an object that already exists in a bucket. A +// tag is a key-value pair. For more information, see Object Tagging (https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-tagging.html). // -// A tag is a key-value pair. You can associate tags with an object by sending -// a PUT request against the tagging subresource that is associated with the -// object. You can retrieve tags by sending a GET request. For more information, -// see GetObjectTagging (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObjectTagging.html). +// You can associate tags with an object by sending a PUT request against the +// tagging subresource that is associated with the object. You can retrieve +// tags by sending a GET request. For more information, see GetObjectTagging +// (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObjectTagging.html). // // For tagging-related restrictions related to characters and encodings, see // Tag Restrictions (https://docs.aws.amazon.com/awsaccountbilling/latest/aboutv2/allocation-tag-restrictions.html). @@ -9730,26 +10997,26 @@ func (c *S3) PutObjectTaggingRequest(input *PutObjectTaggingInput) (req *request // To put tags of any other version, use the versionId query parameter. You // also need permission for the s3:PutObjectVersionTagging action. // -// For information about the Amazon S3 object tagging feature, see Object Tagging -// (https://docs.aws.amazon.com/AmazonS3/latest/dev/object-tagging.html). +// PutObjectTagging has the following special errors. For more Amazon S3 errors +// see, Error Responses (https://docs.aws.amazon.com/AmazonS3/latest/API/ErrorResponses.html). // -// Special Errors +// - InvalidTag - The tag provided was not a valid tag. This error can occur +// if the tag did not pass input validation. For more information, see Object +// Tagging (https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-tagging.html). // -// * Code: InvalidTagError Cause: The tag provided was not a valid tag. This -// error can occur if the tag did not pass input validation. For more information, -// see Object Tagging (https://docs.aws.amazon.com/AmazonS3/latest/dev/object-tagging.html). +// - MalformedXML - The XML provided does not match the schema. // -// * Code: MalformedXMLError Cause: The XML provided does not match the schema. +// - OperationAborted - A conflicting conditional action is currently in +// progress against this resource. Please try again. // -// * Code: OperationAbortedError Cause: A conflicting conditional operation -// is currently in progress against this resource. Please try again. +// - InternalError - The service was unable to apply the provided tag to +// the object. // -// * Code: InternalError Cause: The service was unable to apply the provided -// tag to the object. +// The following operations are related to PutObjectTagging: // -// Related Resources +// - GetObjectTagging (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObjectTagging.html) // -// * GetObjectTagging (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObjectTagging.html) +// - DeleteObjectTagging (https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteObjectTagging.html) // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -9795,14 +11062,13 @@ const opPutPublicAccessBlock = "PutPublicAccessBlock" // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // +// // Example sending a request using the PutPublicAccessBlockRequest method. +// req, resp := client.PutPublicAccessBlockRequest(params) // -// // Example sending a request using the PutPublicAccessBlockRequest method. -// req, resp := client.PutPublicAccessBlockRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } // // See also, https://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/PutPublicAccessBlock func (c *S3) PutPublicAccessBlockRequest(input *PutPublicAccessBlockInput) (req *request.Request, output *PutPublicAccessBlockOutput) { @@ -9828,6 +11094,8 @@ func (c *S3) PutPublicAccessBlockRequest(input *PutPublicAccessBlockInput) (req // PutPublicAccessBlock API operation for Amazon Simple Storage Service. // +// This operation is not supported by directory buckets. +// // Creates or modifies the PublicAccessBlock configuration for an Amazon S3 // bucket. To use this operation, you must have the s3:PutBucketPublicAccessBlock // permission. For more information about Amazon S3 permissions, see Specifying @@ -9843,15 +11111,15 @@ func (c *S3) PutPublicAccessBlockRequest(input *PutPublicAccessBlockInput) (req // For more information about when Amazon S3 considers a bucket or an object // public, see The Meaning of "Public" (https://docs.aws.amazon.com/AmazonS3/latest/dev/access-control-block-public-access.html#access-control-block-public-access-policy-status). // -// Related Resources +// The following operations are related to PutPublicAccessBlock: // -// * GetPublicAccessBlock (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetPublicAccessBlock.html) +// - GetPublicAccessBlock (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetPublicAccessBlock.html) // -// * DeletePublicAccessBlock (https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeletePublicAccessBlock.html) +// - DeletePublicAccessBlock (https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeletePublicAccessBlock.html) // -// * GetBucketPolicyStatus (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketPolicyStatus.html) +// - GetBucketPolicyStatus (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketPolicyStatus.html) // -// * Using Amazon S3 Block Public Access (https://docs.aws.amazon.com/AmazonS3/latest/dev/access-control-block-public-access.html) +// - Using Amazon S3 Block Public Access (https://docs.aws.amazon.com/AmazonS3/latest/dev/access-control-block-public-access.html) // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -9897,14 +11165,13 @@ const opRestoreObject = "RestoreObject" // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // +// // Example sending a request using the RestoreObjectRequest method. +// req, resp := client.RestoreObjectRequest(params) // -// // Example sending a request using the RestoreObjectRequest method. -// req, resp := client.RestoreObjectRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } // // See also, https://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/RestoreObject func (c *S3) RestoreObjectRequest(input *RestoreObjectInput) (req *request.Request, output *RestoreObjectOutput) { @@ -9925,148 +11192,103 @@ func (c *S3) RestoreObjectRequest(input *RestoreObjectInput) (req *request.Reque // RestoreObject API operation for Amazon Simple Storage Service. // -// Restores an archived copy of an object back into Amazon S3 +// This operation is not supported by directory buckets. // -// This action is not supported by Amazon S3 on Outposts. +// # Restores an archived copy of an object back into Amazon S3 +// +// This functionality is not supported for Amazon S3 on Outposts. // // This action performs the following types of requests: // -// * select - Perform a select query on an archived object +// - restore an archive - Restore an archived object +// +// For more information about the S3 structure in the request body, see the +// following: +// +// - PutObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObject.html) +// +// - Managing Access with ACLs (https://docs.aws.amazon.com/AmazonS3/latest/dev/S3_ACLs_UsingACLs.html) +// in the Amazon S3 User Guide // -// * restore an archive - Restore an archived object +// - Protecting Data Using Server-Side Encryption (https://docs.aws.amazon.com/AmazonS3/latest/dev/serv-side-encryption.html) +// in the Amazon S3 User Guide +// +// # Permissions // // To use this operation, you must have permissions to perform the s3:RestoreObject // action. The bucket owner has this permission by default and can grant this // permission to others. For more information about permissions, see Permissions -// Related to Bucket Subresource Operations (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources) -// and Managing Access Permissions to Your Amazon S3 Resources (https://docs.aws.amazon.com/AmazonS3/latest/dev/s3-access-control.html) -// in the Amazon Simple Storage Service Developer Guide. -// -// Querying Archives with Select Requests -// -// You use a select type of request to perform SQL queries on archived objects. -// The archived objects that are being queried by the select request must be -// formatted as uncompressed comma-separated values (CSV) files. You can run -// queries and custom analytics on your archived data without having to restore -// your data to a hotter Amazon S3 tier. For an overview about select requests, -// see Querying Archived Objects (https://docs.aws.amazon.com/AmazonS3/latest/dev/querying-glacier-archives.html) -// in the Amazon Simple Storage Service Developer Guide. -// -// When making a select request, do the following: -// -// * Define an output location for the select query's output. This must be -// an Amazon S3 bucket in the same AWS Region as the bucket that contains -// the archive object that is being queried. The AWS account that initiates -// the job must have permissions to write to the S3 bucket. You can specify -// the storage class and encryption for the output objects stored in the -// bucket. For more information about output, see Querying Archived Objects -// (https://docs.aws.amazon.com/AmazonS3/latest/dev/querying-glacier-archives.html) -// in the Amazon Simple Storage Service Developer Guide. For more information -// about the S3 structure in the request body, see the following: PutObject -// (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutObject.html) Managing -// Access with ACLs (https://docs.aws.amazon.com/AmazonS3/latest/dev/S3_ACLs_UsingACLs.html) -// in the Amazon Simple Storage Service Developer Guide Protecting Data Using -// Server-Side Encryption (https://docs.aws.amazon.com/AmazonS3/latest/dev/serv-side-encryption.html) -// in the Amazon Simple Storage Service Developer Guide -// -// * Define the SQL expression for the SELECT type of restoration for your -// query in the request body's SelectParameters structure. You can use expressions -// like the following examples. The following expression returns all records -// from the specified object. SELECT * FROM Object Assuming that you are -// not using any headers for data stored in the object, you can specify columns -// with positional headers. SELECT s._1, s._2 FROM Object s WHERE s._3 > -// 100 If you have headers and you set the fileHeaderInfo in the CSV structure -// in the request body to USE, you can specify headers in the query. (If -// you set the fileHeaderInfo field to IGNORE, the first row is skipped for -// the query.) You cannot mix ordinal positions with header column names. -// SELECT s.Id, s.FirstName, s.SSN FROM S3Object s -// -// For more information about using SQL with S3 Glacier Select restore, see -// SQL Reference for Amazon S3 Select and S3 Glacier Select (https://docs.aws.amazon.com/AmazonS3/latest/dev/s3-glacier-select-sql-reference.html) -// in the Amazon Simple Storage Service Developer Guide. -// -// When making a select request, you can also do the following: -// -// * To expedite your queries, specify the Expedited tier. For more information -// about tiers, see "Restoring Archives," later in this topic. -// -// * Specify details about the data serialization format of both the input -// object that is being queried and the serialization of the CSV-encoded -// query results. -// -// The following are additional important facts about the select feature: -// -// * The output results are new Amazon S3 objects. Unlike archive retrievals, -// they are stored until explicitly deleted-manually or through a lifecycle -// policy. -// -// * You can issue more than one select request on the same Amazon S3 object. -// Amazon S3 doesn't deduplicate requests, so avoid issuing duplicate requests. -// -// * Amazon S3 accepts a select request even if the object has already been -// restored. A select request doesn’t return error response 409. -// -// Restoring objects -// -// Objects that you archive to the S3 Glacier or S3 Glacier Deep Archive storage -// class, and S3 Intelligent-Tiering Archive or S3 Intelligent-Tiering Deep -// Archive tiers are not accessible in real time. For objects in Archive Access -// or Deep Archive Access tiers you must first initiate a restore request, and -// then wait until the object is moved into the Frequent Access tier. For objects -// in S3 Glacier or S3 Glacier Deep Archive storage classes you must first initiate -// a restore request, and then wait until a temporary copy of the object is -// available. To access an archived object, you must restore the object for -// the duration (number of days) that you specify. +// Related to Bucket Subresource Operations (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-with-s3-actions.html#using-with-s3-actions-related-to-bucket-subresources) +// and Managing Access Permissions to Your Amazon S3 Resources (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-access-control.html) +// in the Amazon S3 User Guide. +// +// # Restoring objects +// +// Objects that you archive to the S3 Glacier Flexible Retrieval Flexible Retrieval +// or S3 Glacier Deep Archive storage class, and S3 Intelligent-Tiering Archive +// or S3 Intelligent-Tiering Deep Archive tiers, are not accessible in real +// time. For objects in the S3 Glacier Flexible Retrieval Flexible Retrieval +// or S3 Glacier Deep Archive storage classes, you must first initiate a restore +// request, and then wait until a temporary copy of the object is available. +// If you want a permanent copy of the object, create a copy of it in the Amazon +// S3 Standard storage class in your S3 bucket. To access an archived object, +// you must restore the object for the duration (number of days) that you specify. +// For objects in the Archive Access or Deep Archive Access tiers of S3 Intelligent-Tiering, +// you must first initiate a restore request, and then wait until the object +// is moved into the Frequent Access tier. // // To restore a specific object version, you can provide a version ID. If you // don't provide a version ID, Amazon S3 restores the current version. // -// When restoring an archived object (or using a select request), you can specify -// one of the following data access tier options in the Tier element of the -// request body: -// -// * Expedited - Expedited retrievals allow you to quickly access your data -// stored in the S3 Glacier storage class or S3 Intelligent-Tiering Archive -// tier when occasional urgent requests for a subset of archives are required. -// For all but the largest archived objects (250 MB+), data accessed using -// Expedited retrievals is typically made available within 1–5 minutes. -// Provisioned capacity ensures that retrieval capacity for Expedited retrievals -// is available when you need it. Expedited retrievals and provisioned capacity -// are not available for objects stored in the S3 Glacier Deep Archive storage -// class or S3 Intelligent-Tiering Deep Archive tier. -// -// * Standard - Standard retrievals allow you to access any of your archived -// objects within several hours. This is the default option for retrieval -// requests that do not specify the retrieval option. Standard retrievals -// typically finish within 3–5 hours for objects stored in the S3 Glacier -// storage class or S3 Intelligent-Tiering Archive tier. They typically finish -// within 12 hours for objects stored in the S3 Glacier Deep Archive storage -// class or S3 Intelligent-Tiering Deep Archive tier. Standard retrievals -// are free for objects stored in S3 Intelligent-Tiering. -// -// * Bulk - Bulk retrievals are the lowest-cost retrieval option in S3 Glacier, -// enabling you to retrieve large amounts, even petabytes, of data inexpensively. -// Bulk retrievals typically finish within 5–12 hours for objects stored -// in the S3 Glacier storage class or S3 Intelligent-Tiering Archive tier. -// They typically finish within 48 hours for objects stored in the S3 Glacier -// Deep Archive storage class or S3 Intelligent-Tiering Deep Archive tier. -// Bulk retrievals are free for objects stored in S3 Intelligent-Tiering. +// When restoring an archived object, you can specify one of the following data +// access tier options in the Tier element of the request body: +// +// - Expedited - Expedited retrievals allow you to quickly access your data +// stored in the S3 Glacier Flexible Retrieval Flexible Retrieval storage +// class or S3 Intelligent-Tiering Archive tier when occasional urgent requests +// for restoring archives are required. For all but the largest archived +// objects (250 MB+), data accessed using Expedited retrievals is typically +// made available within 1–5 minutes. Provisioned capacity ensures that +// retrieval capacity for Expedited retrievals is available when you need +// it. Expedited retrievals and provisioned capacity are not available for +// objects stored in the S3 Glacier Deep Archive storage class or S3 Intelligent-Tiering +// Deep Archive tier. +// +// - Standard - Standard retrievals allow you to access any of your archived +// objects within several hours. This is the default option for retrieval +// requests that do not specify the retrieval option. Standard retrievals +// typically finish within 3–5 hours for objects stored in the S3 Glacier +// Flexible Retrieval Flexible Retrieval storage class or S3 Intelligent-Tiering +// Archive tier. They typically finish within 12 hours for objects stored +// in the S3 Glacier Deep Archive storage class or S3 Intelligent-Tiering +// Deep Archive tier. Standard retrievals are free for objects stored in +// S3 Intelligent-Tiering. +// +// - Bulk - Bulk retrievals free for objects stored in the S3 Glacier Flexible +// Retrieval and S3 Intelligent-Tiering storage classes, enabling you to +// retrieve large amounts, even petabytes, of data at no cost. Bulk retrievals +// typically finish within 5–12 hours for objects stored in the S3 Glacier +// Flexible Retrieval Flexible Retrieval storage class or S3 Intelligent-Tiering +// Archive tier. Bulk retrievals are also the lowest-cost retrieval option +// when restoring objects from S3 Glacier Deep Archive. They typically finish +// within 48 hours for objects stored in the S3 Glacier Deep Archive storage +// class or S3 Intelligent-Tiering Deep Archive tier. // // For more information about archive retrieval options and provisioned capacity // for Expedited data access, see Restoring Archived Objects (https://docs.aws.amazon.com/AmazonS3/latest/dev/restoring-objects.html) -// in the Amazon Simple Storage Service Developer Guide. +// in the Amazon S3 User Guide. // // You can use Amazon S3 restore speed upgrade to change the restore speed to // a faster speed while it is in progress. For more information, see Upgrading // the speed of an in-progress restore (https://docs.aws.amazon.com/AmazonS3/latest/dev/restoring-objects.html#restoring-objects-upgrade-tier.title.html) -// in the Amazon Simple Storage Service Developer Guide. +// in the Amazon S3 User Guide. // // To get the status of object restoration, you can send a HEAD request. Operations // return the x-amz-restore header, which provides information about the restoration // status, in the response. You can use Amazon S3 event notifications to notify // you when a restore is initiated or completed. For more information, see Configuring // Amazon S3 Event Notifications (https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html) -// in the Amazon Simple Storage Service Developer Guide. +// in the Amazon S3 User Guide. // // After restoring an archived object, you can update the restoration period // by reissuing the request with a new period. Amazon S3 updates the restoration @@ -10081,38 +11303,33 @@ func (c *S3) RestoreObjectRequest(input *RestoreObjectInput) (req *request.Reque // the object in 3 days. For more information about lifecycle configuration, // see PutBucketLifecycleConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketLifecycleConfiguration.html) // and Object Lifecycle Management (https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lifecycle-mgmt.html) -// in Amazon Simple Storage Service Developer Guide. -// -// Responses +// in Amazon S3 User Guide. // -// A successful operation returns either the 200 OK or 202 Accepted status code. +// # Responses // -// * If the object is not previously restored, then Amazon S3 returns 202 -// Accepted in the response. +// A successful action returns either the 200 OK or 202 Accepted status code. // -// * If the object is previously restored, Amazon S3 returns 200 OK in the -// response. +// - If the object is not previously restored, then Amazon S3 returns 202 +// Accepted in the response. // -// Special Errors +// - If the object is previously restored, Amazon S3 returns 200 OK in the +// response. // -// * Code: RestoreAlreadyInProgress Cause: Object restore is already in progress. -// (This error does not apply to SELECT type requests.) HTTP Status Code: -// 409 Conflict SOAP Fault Code Prefix: Client +// - Special errors: Code: RestoreAlreadyInProgress Cause: Object restore +// is already in progress. HTTP Status Code: 409 Conflict SOAP Fault Code +// Prefix: Client // -// * Code: GlacierExpeditedRetrievalNotAvailable Cause: expedited retrievals -// are currently not available. Try again later. (Returned if there is insufficient -// capacity to process the Expedited request. This error applies only to -// Expedited retrievals and not to S3 Standard or Bulk retrievals.) HTTP -// Status Code: 503 SOAP Fault Code Prefix: N/A -// -// Related Resources +// - Code: GlacierExpeditedRetrievalNotAvailable Cause: expedited retrievals +// are currently not available. Try again later. (Returned if there is insufficient +// capacity to process the Expedited request. This error applies only to +// Expedited retrievals and not to S3 Standard or Bulk retrievals.) HTTP +// Status Code: 503 SOAP Fault Code Prefix: N/A // -// * PutBucketLifecycleConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketLifecycleConfiguration.html) +// The following operations are related to RestoreObject: // -// * GetBucketNotificationConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketNotificationConfiguration.html) +// - PutBucketLifecycleConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketLifecycleConfiguration.html) // -// * SQL Reference for Amazon S3 Select and S3 Glacier Select (https://docs.aws.amazon.com/AmazonS3/latest/dev/s3-glacier-select-sql-reference.html) -// in the Amazon Simple Storage Service Developer Guide +// - GetBucketNotificationConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketNotificationConfiguration.html) // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -10122,8 +11339,8 @@ func (c *S3) RestoreObjectRequest(input *RestoreObjectInput) (req *request.Reque // API operation RestoreObject for usage and error information. // // Returned Error Codes: -// * ErrCodeObjectAlreadyInActiveTierError "ObjectAlreadyInActiveTierError" -// This operation is not allowed against this storage tier. +// - ErrCodeObjectAlreadyInActiveTierError "ObjectAlreadyInActiveTierError" +// This action is not allowed against this storage tier. // // See also, https://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/RestoreObject func (c *S3) RestoreObject(input *RestoreObjectInput) (*RestoreObjectOutput, error) { @@ -10163,14 +11380,13 @@ const opSelectObjectContent = "SelectObjectContent" // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // +// // Example sending a request using the SelectObjectContentRequest method. +// req, resp := client.SelectObjectContentRequest(params) // -// // Example sending a request using the SelectObjectContentRequest method. -// req, resp := client.SelectObjectContentRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } // // See also, https://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/SelectObjectContent func (c *S3) SelectObjectContentRequest(input *SelectObjectContentInput) (req *request.Request, output *SelectObjectContentOutput) { @@ -10200,7 +11416,9 @@ func (c *S3) SelectObjectContentRequest(input *SelectObjectContentInput) (req *r // SelectObjectContent API operation for Amazon Simple Storage Service. // -// This operation filters the contents of an Amazon S3 object based on a simple +// This operation is not supported by directory buckets. +// +// This action filters the contents of an Amazon S3 object based on a simple // structured query language (SQL) statement. In the request, along with the // SQL expression, you must also specify a data serialization format (JSON, // CSV, or Apache Parquet) of the object. Amazon S3 uses this format to parse @@ -10208,86 +11426,86 @@ func (c *S3) SelectObjectContentRequest(input *SelectObjectContentInput) (req *r // SQL expression. You must also specify the data serialization format for the // response. // -// This action is not supported by Amazon S3 on Outposts. +// This functionality is not supported for Amazon S3 on Outposts. // // For more information about Amazon S3 Select, see Selecting Content from Objects // (https://docs.aws.amazon.com/AmazonS3/latest/dev/selecting-content-from-objects.html) -// in the Amazon Simple Storage Service Developer Guide. +// and SELECT Command (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-glacier-select-sql-reference-select.html) +// in the Amazon S3 User Guide. // -// For more information about using SQL with Amazon S3 Select, see SQL Reference -// for Amazon S3 Select and S3 Glacier Select (https://docs.aws.amazon.com/AmazonS3/latest/dev/s3-glacier-select-sql-reference.html) -// in the Amazon Simple Storage Service Developer Guide. -// -// Permissions +// # Permissions // -// You must have s3:GetObject permission for this operation. Amazon S3 Select +// You must have the s3:GetObject permission for this operation. Amazon S3 Select // does not support anonymous access. For more information about permissions, // see Specifying Permissions in a Policy (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-with-s3-actions.html) -// in the Amazon Simple Storage Service Developer Guide. +// in the Amazon S3 User Guide. // -// Object Data Formats +// # Object Data Formats // // You can use Amazon S3 Select to query objects that have the following format // properties: // -// * CSV, JSON, and Parquet - Objects must be in CSV, JSON, or Parquet format. +// - CSV, JSON, and Parquet - Objects must be in CSV, JSON, or Parquet format. // -// * UTF-8 - UTF-8 is the only encoding type Amazon S3 Select supports. +// - UTF-8 - UTF-8 is the only encoding type Amazon S3 Select supports. // -// * GZIP or BZIP2 - CSV and JSON files can be compressed using GZIP or BZIP2. -// GZIP and BZIP2 are the only compression formats that Amazon S3 Select -// supports for CSV and JSON files. Amazon S3 Select supports columnar compression -// for Parquet using GZIP or Snappy. Amazon S3 Select does not support whole-object -// compression for Parquet objects. +// - GZIP or BZIP2 - CSV and JSON files can be compressed using GZIP or BZIP2. +// GZIP and BZIP2 are the only compression formats that Amazon S3 Select +// supports for CSV and JSON files. Amazon S3 Select supports columnar compression +// for Parquet using GZIP or Snappy. Amazon S3 Select does not support whole-object +// compression for Parquet objects. // -// * Server-side encryption - Amazon S3 Select supports querying objects -// that are protected with server-side encryption. For objects that are encrypted -// with customer-provided encryption keys (SSE-C), you must use HTTPS, and -// you must use the headers that are documented in the GetObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObject.html). -// For more information about SSE-C, see Server-Side Encryption (Using Customer-Provided -// Encryption Keys) (https://docs.aws.amazon.com/AmazonS3/latest/dev/ServerSideEncryptionCustomerKeys.html) -// in the Amazon Simple Storage Service Developer Guide. For objects that -// are encrypted with Amazon S3 managed encryption keys (SSE-S3) and customer -// master keys (CMKs) stored in AWS Key Management Service (SSE-KMS), server-side -// encryption is handled transparently, so you don't need to specify anything. -// For more information about server-side encryption, including SSE-S3 and -// SSE-KMS, see Protecting Data Using Server-Side Encryption (https://docs.aws.amazon.com/AmazonS3/latest/dev/serv-side-encryption.html) -// in the Amazon Simple Storage Service Developer Guide. +// - Server-side encryption - Amazon S3 Select supports querying objects +// that are protected with server-side encryption. For objects that are encrypted +// with customer-provided encryption keys (SSE-C), you must use HTTPS, and +// you must use the headers that are documented in the GetObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObject.html). +// For more information about SSE-C, see Server-Side Encryption (Using Customer-Provided +// Encryption Keys) (https://docs.aws.amazon.com/AmazonS3/latest/dev/ServerSideEncryptionCustomerKeys.html) +// in the Amazon S3 User Guide. For objects that are encrypted with Amazon +// S3 managed keys (SSE-S3) and Amazon Web Services KMS keys (SSE-KMS), server-side +// encryption is handled transparently, so you don't need to specify anything. +// For more information about server-side encryption, including SSE-S3 and +// SSE-KMS, see Protecting Data Using Server-Side Encryption (https://docs.aws.amazon.com/AmazonS3/latest/dev/serv-side-encryption.html) +// in the Amazon S3 User Guide. // -// Working with the Response Body +// # Working with the Response Body // // Given the response size is unknown, Amazon S3 Select streams the response // as a series of messages and includes a Transfer-Encoding header with chunked // as its value in the response. For more information, see Appendix: SelectObjectContent -// Response (https://docs.aws.amazon.com/AmazonS3/latest/API/RESTSelectObjectAppendix.html) . +// Response (https://docs.aws.amazon.com/AmazonS3/latest/API/RESTSelectObjectAppendix.html). // -// GetObject Support +// # GetObject Support // -// The SelectObjectContent operation does not support the following GetObject -// functionality. For more information, see GetObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObject.html). +// The SelectObjectContent action does not support the following GetObject functionality. +// For more information, see GetObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObject.html). // -// * Range: Although you can specify a scan range for an Amazon S3 Select -// request (see SelectObjectContentRequest - ScanRange (https://docs.aws.amazon.com/AmazonS3/latest/API/API_SelectObjectContent.html#AmazonS3-SelectObjectContent-request-ScanRange) -// in the request parameters), you cannot specify the range of bytes of an -// object to return. +// - Range: Although you can specify a scan range for an Amazon S3 Select +// request (see SelectObjectContentRequest - ScanRange (https://docs.aws.amazon.com/AmazonS3/latest/API/API_SelectObjectContent.html#AmazonS3-SelectObjectContent-request-ScanRange) +// in the request parameters), you cannot specify the range of bytes of an +// object to return. // -// * GLACIER, DEEP_ARCHIVE and REDUCED_REDUNDANCY storage classes: You cannot -// specify the GLACIER, DEEP_ARCHIVE, or REDUCED_REDUNDANCY storage classes. -// For more information, about storage classes see Storage Classes (https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingMetadata.html#storage-class-intro) -// in the Amazon Simple Storage Service Developer Guide. +// - The GLACIER, DEEP_ARCHIVE, and REDUCED_REDUNDANCY storage classes, or +// the ARCHIVE_ACCESS and DEEP_ARCHIVE_ACCESS access tiers of the INTELLIGENT_TIERING +// storage class: You cannot query objects in the GLACIER, DEEP_ARCHIVE, +// or REDUCED_REDUNDANCY storage classes, nor objects in the ARCHIVE_ACCESS +// or DEEP_ARCHIVE_ACCESS access tiers of the INTELLIGENT_TIERING storage +// class. For more information about storage classes, see Using Amazon S3 +// storage classes (https://docs.aws.amazon.com/AmazonS3/latest/userguide/storage-class-intro.html) +// in the Amazon S3 User Guide. // -// Special Errors +// # Special Errors // // For a list of special errors for this operation, see List of SELECT Object // Content Error Codes (https://docs.aws.amazon.com/AmazonS3/latest/API/ErrorResponses.html#SelectObjectContentErrorCodeList) // -// Related Resources +// The following operations are related to SelectObjectContent: // -// * GetObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObject.html) +// - GetObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObject.html) // -// * GetBucketLifecycleConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketLifecycleConfiguration.html) +// - GetBucketLifecycleConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketLifecycleConfiguration.html) // -// * PutBucketLifecycleConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketLifecycleConfiguration.html) +// - PutBucketLifecycleConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketLifecycleConfiguration.html) // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -10318,6 +11536,7 @@ func (c *S3) SelectObjectContentWithContext(ctx aws.Context, input *SelectObject } var _ awserr.Error +var _ time.Time // SelectObjectContentEventStream provides the event stream handling for the SelectObjectContent. // @@ -10356,10 +11575,10 @@ type SelectObjectContentEventStream struct { // (e.g. http.Response.Body), that will be closed when the stream Close method // is called. // -// es := NewSelectObjectContentEventStream(func(o *SelectObjectContentEventStream{ -// es.Reader = myMockStreamReader -// es.StreamCloser = myMockStreamCloser -// }) +// es := NewSelectObjectContentEventStream(func(o *SelectObjectContentEventStream){ +// es.Reader = myMockStreamReader +// es.StreamCloser = myMockStreamCloser +// }) func NewSelectObjectContentEventStream(opts ...func(*SelectObjectContentEventStream)) *SelectObjectContentEventStream { es := &SelectObjectContentEventStream{ done: make(chan struct{}), @@ -10412,12 +11631,12 @@ func (es *SelectObjectContentEventStream) waitStreamPartClose() { // // These events are: // -// * ContinuationEvent -// * EndEvent -// * ProgressEvent -// * RecordsEvent -// * StatsEvent -// * SelectObjectContentEventStreamUnknownEvent +// - ContinuationEvent +// - EndEvent +// - ProgressEvent +// - RecordsEvent +// - StatsEvent +// - SelectObjectContentEventStreamUnknownEvent func (es *SelectObjectContentEventStream) Events() <-chan SelectObjectContentEventStreamEvent { return es.Reader.Events() } @@ -10453,7 +11672,6 @@ func (es *SelectObjectContentEventStream) runOutputStream(r *request.Request) { // // You can use the closing of the Reader's Events channel to terminate your // application's read from the API's stream. -// func (es *SelectObjectContentEventStream) Close() (err error) { es.closeOnce.Do(es.safeClose) return es.Err() @@ -10501,14 +11719,13 @@ const opUploadPart = "UploadPart" // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // +// // Example sending a request using the UploadPartRequest method. +// req, resp := client.UploadPartRequest(params) // -// // Example sending a request using the UploadPartRequest method. -// req, resp := client.UploadPartRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } // // See also, https://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/UploadPart func (c *S3) UploadPartRequest(input *UploadPartInput) (req *request.Request, output *UploadPartOutput) { @@ -10531,92 +11748,130 @@ func (c *S3) UploadPartRequest(input *UploadPartInput) (req *request.Request, ou // // Uploads a part in a multipart upload. // -// In this operation, you provide part data in your request. However, you have -// an option to specify your existing Amazon S3 object as a data source for -// the part you are uploading. To upload a part from an existing object, you -// use the UploadPartCopy (https://docs.aws.amazon.com/AmazonS3/latest/API/API_UploadPartCopy.html) +// In this operation, you provide new data as a part of an object in your request. +// However, you have an option to specify your existing Amazon S3 object as +// a data source for the part you are uploading. To upload a part from an existing +// object, you use the UploadPartCopy (https://docs.aws.amazon.com/AmazonS3/latest/API/API_UploadPartCopy.html) // operation. // // You must initiate a multipart upload (see CreateMultipartUpload (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateMultipartUpload.html)) // before you can upload any part. In response to your initiate request, Amazon -// S3 returns an upload ID, a unique identifier, that you must include in your +// S3 returns an upload ID, a unique identifier that you must include in your // upload part request. // // Part numbers can be any number from 1 to 10,000, inclusive. A part number // uniquely identifies a part and also defines its position within the object // being created. If you upload a new part using the same part number that was -// used with a previous part, the previously uploaded part is overwritten. Each -// part must be at least 5 MB in size, except the last part. There is no size -// limit on the last part of your multipart upload. -// -// To ensure that data is not corrupted when traversing the network, specify -// the Content-MD5 header in the upload part request. Amazon S3 checks the part -// data against the provided MD5 value. If they do not match, Amazon S3 returns -// an error. -// -// If the upload request is signed with Signature Version 4, then AWS S3 uses -// the x-amz-content-sha256 header as a checksum instead of Content-MD5. For -// more information see Authenticating Requests: Using the Authorization Header -// (AWS Signature Version 4) (https://docs.aws.amazon.com/AmazonS3/latest/API/sigv4-auth-using-authorization-header.html). -// -// Note: After you initiate multipart upload and upload one or more parts, you -// must either complete or abort multipart upload in order to stop getting charged +// used with a previous part, the previously uploaded part is overwritten. +// +// For information about maximum and minimum part sizes and other multipart +// upload specifications, see Multipart upload limits (https://docs.aws.amazon.com/AmazonS3/latest/userguide/qfacts.html) +// in the Amazon S3 User Guide. +// +// After you initiate multipart upload and upload one or more parts, you must +// either complete or abort multipart upload in order to stop getting charged // for storage of the uploaded parts. Only after you either complete or abort // multipart upload, Amazon S3 frees up the parts storage and stops charging // you for the parts storage. // // For more information on multipart uploads, go to Multipart Upload Overview // (https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuoverview.html) in the -// Amazon Simple Storage Service Developer Guide . -// -// For information on the permissions required to use the multipart upload API, -// go to Multipart Upload API and Permissions (https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuAndPermissions.html) -// in the Amazon Simple Storage Service Developer Guide. -// -// You can optionally request server-side encryption where Amazon S3 encrypts -// your data as it writes it to disks in its data centers and decrypts it for -// you when you access it. You have the option of providing your own encryption -// key, or you can use the AWS managed encryption keys. If you choose to provide -// your own encryption key, the request headers you provide in the request must -// match the headers you used in the request to initiate the upload by using -// CreateMultipartUpload (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateMultipartUpload.html). -// For more information, go to Using Server-Side Encryption (https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingServerSideEncryption.html) -// in the Amazon Simple Storage Service Developer Guide. -// -// Server-side encryption is supported by the S3 Multipart Upload actions. Unless -// you are using a customer-provided encryption key, you don't need to specify -// the encryption parameters in each UploadPart request. Instead, you only need -// to specify the server-side encryption parameters in the initial Initiate -// Multipart request. For more information, see CreateMultipartUpload (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateMultipartUpload.html). -// -// If you requested server-side encryption using a customer-provided encryption -// key in your initiate multipart upload request, you must provide identical -// encryption information in each part upload using the following headers. -// -// * x-amz-server-side-encryption-customer-algorithm -// -// * x-amz-server-side-encryption-customer-key -// -// * x-amz-server-side-encryption-customer-key-MD5 -// -// Special Errors -// -// * Code: NoSuchUpload Cause: The specified multipart upload does not exist. -// The upload ID might be invalid, or the multipart upload might have been -// aborted or completed. HTTP Status Code: 404 Not Found SOAP Fault Code -// Prefix: Client -// -// Related Resources -// -// * CreateMultipartUpload (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateMultipartUpload.html) +// Amazon S3 User Guide . // -// * CompleteMultipartUpload (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CompleteMultipartUpload.html) +// Directory buckets - For directory buckets, you must make requests for this +// API operation to the Zonal endpoint. These endpoints support virtual-hosted-style +// requests in the format https://bucket_name.s3express-az_id.region.amazonaws.com/key-name +// . Path-style requests are not supported. For more information, see Regional +// and Zonal endpoints (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-Regions-and-Zones.html) +// in the Amazon S3 User Guide. // -// * AbortMultipartUpload (https://docs.aws.amazon.com/AmazonS3/latest/API/API_AbortMultipartUpload.html) -// -// * ListParts (https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListParts.html) +// Permissions // -// * ListMultipartUploads (https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListMultipartUploads.html) +// - General purpose bucket permissions - For information on the permissions +// required to use the multipart upload API, see Multipart Upload and Permissions +// (https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuAndPermissions.html) +// in the Amazon S3 User Guide. +// +// - Directory bucket permissions - To grant access to this API operation +// on a directory bucket, we recommend that you use the CreateSession (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html) +// API operation for session-based authorization. Specifically, you grant +// the s3express:CreateSession permission to the directory bucket in a bucket +// policy or an IAM identity-based policy. Then, you make the CreateSession +// API call on the bucket to obtain a session token. With the session token +// in your request header, you can make API requests to this operation. After +// the session token expires, you make another CreateSession API call to +// generate a new session token for use. Amazon Web Services CLI or SDKs +// create session and refresh the session token automatically to avoid service +// interruptions when a session expires. For more information about authorization, +// see CreateSession (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateSession.html). +// +// # Data integrity +// +// General purpose bucket - To ensure that data is not corrupted traversing +// the network, specify the Content-MD5 header in the upload part request. Amazon +// S3 checks the part data against the provided MD5 value. If they do not match, +// Amazon S3 returns an error. If the upload request is signed with Signature +// Version 4, then Amazon Web Services S3 uses the x-amz-content-sha256 header +// as a checksum instead of Content-MD5. For more information see Authenticating +// Requests: Using the Authorization Header (Amazon Web Services Signature Version +// 4) (https://docs.aws.amazon.com/AmazonS3/latest/API/sigv4-auth-using-authorization-header.html). +// +// Directory buckets - MD5 is not supported by directory buckets. You can use +// checksum algorithms to check object integrity. +// +// Encryption +// +// - General purpose bucket - Server-side encryption is for data encryption +// at rest. Amazon S3 encrypts your data as it writes it to disks in its +// data centers and decrypts it when you access it. You have mutually exclusive +// options to protect data using server-side encryption in Amazon S3, depending +// on how you choose to manage the encryption keys. Specifically, the encryption +// key options are Amazon S3 managed keys (SSE-S3), Amazon Web Services KMS +// keys (SSE-KMS), and Customer-Provided Keys (SSE-C). Amazon S3 encrypts +// data with server-side encryption using Amazon S3 managed keys (SSE-S3) +// by default. You can optionally tell Amazon S3 to encrypt data at rest +// using server-side encryption with other key options. The option you use +// depends on whether you want to use KMS keys (SSE-KMS) or provide your +// own encryption key (SSE-C). Server-side encryption is supported by the +// S3 Multipart Upload operations. Unless you are using a customer-provided +// encryption key (SSE-C), you don't need to specify the encryption parameters +// in each UploadPart request. Instead, you only need to specify the server-side +// encryption parameters in the initial Initiate Multipart request. For more +// information, see CreateMultipartUpload (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateMultipartUpload.html). +// If you request server-side encryption using a customer-provided encryption +// key (SSE-C) in your initiate multipart upload request, you must provide +// identical encryption information in each part upload using the following +// request headers. x-amz-server-side-encryption-customer-algorithm x-amz-server-side-encryption-customer-key +// x-amz-server-side-encryption-customer-key-MD5 +// +// - Directory bucket - For directory buckets, only server-side encryption +// with Amazon S3 managed keys (SSE-S3) (AES256) is supported. +// +// For more information, see Using Server-Side Encryption (https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingServerSideEncryption.html) +// in the Amazon S3 User Guide. +// +// Special errors +// +// - Error Code: NoSuchUpload Description: The specified multipart upload +// does not exist. The upload ID might be invalid, or the multipart upload +// might have been aborted or completed. HTTP Status Code: 404 Not Found +// SOAP Fault Code Prefix: Client +// +// # HTTP Host header syntax +// +// Directory buckets - The HTTP Host header syntax is Bucket_name.s3express-az_id.region.amazonaws.com. +// +// The following operations are related to UploadPart: +// +// - CreateMultipartUpload (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateMultipartUpload.html) +// +// - CompleteMultipartUpload (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CompleteMultipartUpload.html) +// +// - AbortMultipartUpload (https://docs.aws.amazon.com/AmazonS3/latest/API/API_AbortMultipartUpload.html) +// +// - ListParts (https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListParts.html) +// +// - ListMultipartUploads (https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListMultipartUploads.html) // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -10662,14 +11917,13 @@ const opUploadPartCopy = "UploadPartCopy" // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // +// // Example sending a request using the UploadPartCopyRequest method. +// req, resp := client.UploadPartCopyRequest(params) // -// // Example sending a request using the UploadPartCopyRequest method. -// req, resp := client.UploadPartCopyRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } // // See also, https://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/UploadPartCopy func (c *S3) UploadPartCopyRequest(input *UploadPartCopyInput) (req *request.Request, output *UploadPartCopyOutput) { @@ -10690,95 +11944,119 @@ func (c *S3) UploadPartCopyRequest(input *UploadPartCopyInput) (req *request.Req // UploadPartCopy API operation for Amazon Simple Storage Service. // -// Uploads a part by copying data from an existing object as data source. You -// specify the data source by adding the request header x-amz-copy-source in -// your request and a byte range by adding the request header x-amz-copy-source-range +// Uploads a part by copying data from an existing object as data source. To +// specify the data source, you add the request header x-amz-copy-source in +// your request. To specify a byte range, you add the request header x-amz-copy-source-range // in your request. // -// The minimum allowable part size for a multipart upload is 5 MB. For more -// information about multipart upload limits, go to Quick Facts (https://docs.aws.amazon.com/AmazonS3/latest/dev/qfacts.html) -// in the Amazon Simple Storage Service Developer Guide. +// For information about maximum and minimum part sizes and other multipart +// upload specifications, see Multipart upload limits (https://docs.aws.amazon.com/AmazonS3/latest/userguide/qfacts.html) +// in the Amazon S3 User Guide. // -// Instead of using an existing object as part data, you might use the UploadPart -// (https://docs.aws.amazon.com/AmazonS3/latest/API/API_UploadPart.html) operation -// and provide data in your request. +// Instead of copying data from an existing object as part data, you might use +// the UploadPart (https://docs.aws.amazon.com/AmazonS3/latest/API/API_UploadPart.html) +// action to upload new data as a part of an object in your request. // // You must initiate a multipart upload before you can upload any part. In response -// to your initiate request. Amazon S3 returns a unique identifier, the upload -// ID, that you must include in your upload part request. -// -// For more information about using the UploadPartCopy operation, see the following: +// to your initiate request, Amazon S3 returns the upload ID, a unique identifier +// that you must include in your upload part request. +// +// For conceptual information about multipart uploads, see Uploading Objects +// Using Multipart Upload (https://docs.aws.amazon.com/AmazonS3/latest/dev/uploadobjusingmpu.html) +// in the Amazon S3 User Guide. For information about copying objects using +// a single atomic action vs. a multipart upload, see Operations on Objects +// (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectOperations.html) in +// the Amazon S3 User Guide. +// +// Directory buckets - For directory buckets, you must make requests for this +// API operation to the Zonal endpoint. These endpoints support virtual-hosted-style +// requests in the format https://bucket_name.s3express-az_id.region.amazonaws.com/key-name +// . Path-style requests are not supported. For more information, see Regional +// and Zonal endpoints (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-Regions-and-Zones.html) +// in the Amazon S3 User Guide. +// +// # Authentication and authorization +// +// All UploadPartCopy requests must be authenticated and signed by using IAM +// credentials (access key ID and secret access key for the IAM identities). +// All headers with the x-amz- prefix, including x-amz-copy-source, must be +// signed. For more information, see REST Authentication (https://docs.aws.amazon.com/AmazonS3/latest/dev/RESTAuthentication.html). // -// * For conceptual information about multipart uploads, see Uploading Objects -// Using Multipart Upload (https://docs.aws.amazon.com/AmazonS3/latest/dev/uploadobjusingmpu.html) -// in the Amazon Simple Storage Service Developer Guide. +// Directory buckets - You must use IAM credentials to authenticate and authorize +// your access to the UploadPartCopy API operation, instead of using the temporary +// security credentials through the CreateSession API operation. // -// * For information about permissions required to use the multipart upload -// API, see Multipart Upload API and Permissions (https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuAndPermissions.html) -// in the Amazon Simple Storage Service Developer Guide. +// Amazon Web Services CLI or SDKs handles authentication and authorization +// on your behalf. // -// * For information about copying objects using a single atomic operation -// vs. the multipart upload, see Operations on Objects (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectOperations.html) -// in the Amazon Simple Storage Service Developer Guide. +// # Permissions // -// * For information about using server-side encryption with customer-provided -// encryption keys with the UploadPartCopy operation, see CopyObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CopyObject.html) -// and UploadPart (https://docs.aws.amazon.com/AmazonS3/latest/API/API_UploadPart.html). +// You must have READ access to the source object and WRITE access to the destination +// bucket. // -// Note the following additional considerations about the request headers x-amz-copy-source-if-match, -// x-amz-copy-source-if-none-match, x-amz-copy-source-if-unmodified-since, and -// x-amz-copy-source-if-modified-since: +// - General purpose bucket permissions - You must have the permissions in +// a policy based on the bucket types of your source bucket and destination +// bucket in an UploadPartCopy operation. If the source object is in a general +// purpose bucket, you must have the s3:GetObject permission to read the +// source object that is being copied. If the destination bucket is a general +// purpose bucket, you must have the s3:PutObject permission to write the +// object copy to the destination bucket. For information about permissions +// required to use the multipart upload API, see Multipart Upload and Permissions +// (https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuAndPermissions.html) +// in the Amazon S3 User Guide. // -// * Consideration 1 - If both of the x-amz-copy-source-if-match and x-amz-copy-source-if-unmodified-since -// headers are present in the request as follows: x-amz-copy-source-if-match -// condition evaluates to true, and; x-amz-copy-source-if-unmodified-since -// condition evaluates to false; Amazon S3 returns 200 OK and copies the -// data. +// - Directory bucket permissions - You must have permissions in a bucket +// policy or an IAM identity-based policy based on the source and destination +// bucket types in an UploadPartCopy operation. If the source object that +// you want to copy is in a directory bucket, you must have the s3express:CreateSession +// permission in the Action element of a policy to read the object . By default, +// the session is in the ReadWrite mode. If you want to restrict the access, +// you can explicitly set the s3express:SessionMode condition key to ReadOnly +// on the copy source bucket. If the copy destination is a directory bucket, +// you must have the s3express:CreateSession permission in the Action element +// of a policy to write the object to the destination. The s3express:SessionMode +// condition key cannot be set to ReadOnly on the copy destination. For example +// policies, see Example bucket policies for S3 Express One Zone (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-security-iam-example-bucket-policies.html) +// and Amazon Web Services Identity and Access Management (IAM) identity-based +// policies for S3 Express One Zone (https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-express-security-iam-identity-policies.html) +// in the Amazon S3 User Guide. // -// * Consideration 2 - If both of the x-amz-copy-source-if-none-match and -// x-amz-copy-source-if-modified-since headers are present in the request -// as follows: x-amz-copy-source-if-none-match condition evaluates to false, -// and; x-amz-copy-source-if-modified-since condition evaluates to true; -// Amazon S3 returns 412 Precondition Failed response code. +// Encryption // -// Versioning +// - General purpose buckets - For information about using server-side encryption +// with customer-provided encryption keys with the UploadPartCopy operation, +// see CopyObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CopyObject.html) +// and UploadPart (https://docs.aws.amazon.com/AmazonS3/latest/API/API_UploadPart.html). // -// If your bucket has versioning enabled, you could have multiple versions of -// the same object. By default, x-amz-copy-source identifies the current version -// of the object to copy. If the current version is a delete marker and you -// don't specify a versionId in the x-amz-copy-source, Amazon S3 returns a 404 -// error, because the object does not exist. If you specify versionId in the -// x-amz-copy-source and the versionId is a delete marker, Amazon S3 returns -// an HTTP 400 error, because you are not allowed to specify a delete marker -// as a version for the x-amz-copy-source. +// - Directory buckets - For directory buckets, only server-side encryption +// with Amazon S3 managed keys (SSE-S3) (AES256) is supported. // -// You can optionally specify a specific version of the source object to copy -// by adding the versionId subresource as shown in the following example: +// Special errors // -// x-amz-copy-source: /bucket/object?versionId=version id +// - Error Code: NoSuchUpload Description: The specified multipart upload +// does not exist. The upload ID might be invalid, or the multipart upload +// might have been aborted or completed. HTTP Status Code: 404 Not Found // -// Special Errors +// - Error Code: InvalidRequest Description: The specified copy source is +// not supported as a byte-range copy source. HTTP Status Code: 400 Bad Request // -// * Code: NoSuchUpload Cause: The specified multipart upload does not exist. -// The upload ID might be invalid, or the multipart upload might have been -// aborted or completed. HTTP Status Code: 404 Not Found +// # HTTP Host header syntax // -// * Code: InvalidRequest Cause: The specified copy source is not supported -// as a byte-range copy source. HTTP Status Code: 400 Bad Request +// Directory buckets - The HTTP Host header syntax is Bucket_name.s3express-az_id.region.amazonaws.com. // -// Related Resources +// The following operations are related to UploadPartCopy: // -// * CreateMultipartUpload (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateMultipartUpload.html) +// - CreateMultipartUpload (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CreateMultipartUpload.html) // -// * UploadPart (https://docs.aws.amazon.com/AmazonS3/latest/API/API_UploadPart.html) +// - UploadPart (https://docs.aws.amazon.com/AmazonS3/latest/API/API_UploadPart.html) // -// * CompleteMultipartUpload (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CompleteMultipartUpload.html) +// - CompleteMultipartUpload (https://docs.aws.amazon.com/AmazonS3/latest/API/API_CompleteMultipartUpload.html) // -// * AbortMultipartUpload (https://docs.aws.amazon.com/AmazonS3/latest/API/API_AbortMultipartUpload.html) +// - AbortMultipartUpload (https://docs.aws.amazon.com/AmazonS3/latest/API/API_AbortMultipartUpload.html) // -// * ListParts (https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListParts.html) +// - ListParts (https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListParts.html) // -// * ListMultipartUploads (https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListMultipartUploads.html) +// - ListMultipartUploads (https://docs.aws.amazon.com/AmazonS3/latest/API/API_ListMultipartUploads.html) // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -10808,11 +12086,134 @@ func (c *S3) UploadPartCopyWithContext(ctx aws.Context, input *UploadPartCopyInp return out, req.Send() } +const opWriteGetObjectResponse = "WriteGetObjectResponse" + +// WriteGetObjectResponseRequest generates a "aws/request.Request" representing the +// client's request for the WriteGetObjectResponse operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See WriteGetObjectResponse for more information on using the WriteGetObjectResponse +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the WriteGetObjectResponseRequest method. +// req, resp := client.WriteGetObjectResponseRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/WriteGetObjectResponse +func (c *S3) WriteGetObjectResponseRequest(input *WriteGetObjectResponseInput) (req *request.Request, output *WriteGetObjectResponseOutput) { + op := &request.Operation{ + Name: opWriteGetObjectResponse, + HTTPMethod: "POST", + HTTPPath: "/WriteGetObjectResponse", + } + + if input == nil { + input = &WriteGetObjectResponseInput{} + } + + output = &WriteGetObjectResponseOutput{} + req = c.newRequest(op, input, output) + req.Handlers.Sign.Remove(v4.SignRequestHandler) + handler := v4.BuildNamedHandler("v4.CustomSignerHandler", v4.WithUnsignedPayload) + req.Handlers.Sign.PushFrontNamed(handler) + req.Handlers.Unmarshal.Swap(restxml.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) + req.Handlers.Build.PushBackNamed(protocol.NewHostPrefixHandler("{RequestRoute}.", input.hostLabels)) + req.Handlers.Build.PushBackNamed(protocol.ValidateEndpointHostHandler) + return +} + +// WriteGetObjectResponse API operation for Amazon Simple Storage Service. +// +// This operation is not supported by directory buckets. +// +// Passes transformed objects to a GetObject operation when using Object Lambda +// access points. For information about Object Lambda access points, see Transforming +// objects with Object Lambda access points (https://docs.aws.amazon.com/AmazonS3/latest/userguide/transforming-objects.html) +// in the Amazon S3 User Guide. +// +// This operation supports metadata that can be returned by GetObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObject.html), +// in addition to RequestRoute, RequestToken, StatusCode, ErrorCode, and ErrorMessage. +// The GetObject response metadata is supported so that the WriteGetObjectResponse +// caller, typically an Lambda function, can provide the same metadata when +// it internally invokes GetObject. When WriteGetObjectResponse is called by +// a customer-owned Lambda function, the metadata returned to the end user GetObject +// call might differ from what Amazon S3 would normally return. +// +// You can include any number of metadata headers. When including a metadata +// header, it should be prefaced with x-amz-meta. For example, x-amz-meta-my-custom-header: +// MyCustomValue. The primary use case for this is to forward GetObject metadata. +// +// Amazon Web Services provides some prebuilt Lambda functions that you can +// use with S3 Object Lambda to detect and redact personally identifiable information +// (PII) and decompress S3 objects. These Lambda functions are available in +// the Amazon Web Services Serverless Application Repository, and can be selected +// through the Amazon Web Services Management Console when you create your Object +// Lambda access point. +// +// Example 1: PII Access Control - This Lambda function uses Amazon Comprehend, +// a natural language processing (NLP) service using machine learning to find +// insights and relationships in text. It automatically detects personally identifiable +// information (PII) such as names, addresses, dates, credit card numbers, and +// social security numbers from documents in your Amazon S3 bucket. +// +// Example 2: PII Redaction - This Lambda function uses Amazon Comprehend, a +// natural language processing (NLP) service using machine learning to find +// insights and relationships in text. It automatically redacts personally identifiable +// information (PII) such as names, addresses, dates, credit card numbers, and +// social security numbers from documents in your Amazon S3 bucket. +// +// Example 3: Decompression - The Lambda function S3ObjectLambdaDecompression, +// is equipped to decompress objects stored in S3 in one of six compressed file +// formats including bzip2, gzip, snappy, zlib, zstandard and ZIP. +// +// For information on how to view and use these functions, see Using Amazon +// Web Services built Lambda functions (https://docs.aws.amazon.com/AmazonS3/latest/userguide/olap-examples.html) +// in the Amazon S3 User Guide. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for Amazon Simple Storage Service's +// API operation WriteGetObjectResponse for usage and error information. +// See also, https://docs.aws.amazon.com/goto/WebAPI/s3-2006-03-01/WriteGetObjectResponse +func (c *S3) WriteGetObjectResponse(input *WriteGetObjectResponseInput) (*WriteGetObjectResponseOutput, error) { + req, out := c.WriteGetObjectResponseRequest(input) + return out, req.Send() +} + +// WriteGetObjectResponseWithContext is the same as WriteGetObjectResponse with the addition of +// the ability to pass a context and additional request options. +// +// See WriteGetObjectResponse for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *S3) WriteGetObjectResponseWithContext(ctx aws.Context, input *WriteGetObjectResponseInput, opts ...request.Option) (*WriteGetObjectResponseOutput, error) { + req, out := c.WriteGetObjectResponseRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + // Specifies the days since the initiation of an incomplete multipart upload // that Amazon S3 will wait before permanently removing all parts of the upload. // For more information, see Aborting Incomplete Multipart Uploads Using a Bucket -// Lifecycle Policy (https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuoverview.html#mpu-abort-incomplete-mpu-lifecycle-config) -// in the Amazon Simple Storage Service Developer Guide. +// Lifecycle Configuration (https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuoverview.html#mpu-abort-incomplete-mpu-lifecycle-config) +// in the Amazon S3 User Guide. type AbortIncompleteMultipartUpload struct { _ struct{} `type:"structure"` @@ -10821,12 +12222,20 @@ type AbortIncompleteMultipartUpload struct { DaysAfterInitiation *int64 `type:"integer"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s AbortIncompleteMultipartUpload) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s AbortIncompleteMultipartUpload) GoString() string { return s.String() } @@ -10842,27 +12251,41 @@ type AbortMultipartUploadInput struct { // The bucket name to which the upload was taking place. // - // When using this API with an access point, you must direct requests to the - // access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. - // When using this operation with an access point through the AWS SDKs, you - // provide the access point ARN in place of the bucket name. For more information - // about access point ARNs, see Using Access Points (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-access-points.html) - // in the Amazon Simple Storage Service Developer Guide. - // - // When using this API with Amazon S3 on Outposts, you must direct requests - // to the S3 on Outposts hostname. The S3 on Outposts hostname takes the form - // AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com. When - // using this operation using S3 on Outposts through the AWS SDKs, you provide - // the Outposts bucket ARN in place of the bucket name. For more information - // about S3 on Outposts ARNs, see Using S3 on Outposts (https://docs.aws.amazon.com/AmazonS3/latest/dev/S3onOutposts.html) - // in the Amazon Simple Storage Service Developer Guide. + // Directory buckets - When you use this operation with a directory bucket, + // you must use virtual-hosted-style requests in the format Bucket_name.s3express-az_id.region.amazonaws.com. + // Path-style requests are not supported. Directory bucket names must be unique + // in the chosen Availability Zone. Bucket names must follow the format bucket_base_name--az-id--x-s3 + // (for example, DOC-EXAMPLE-BUCKET--usw2-az1--x-s3). For information about + // bucket naming restrictions, see Directory bucket naming rules (https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-bucket-naming-rules.html) + // in the Amazon S3 User Guide. + // + // Access points - When you use this action with an access point, you must provide + // the alias of the access point in place of the bucket name or specify the + // access point ARN. When using the access point ARN, you must direct requests + // to the access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. + // When using this action with an access point through the Amazon Web Services + // SDKs, you provide the access point ARN in place of the bucket name. For more + // information about access point ARNs, see Using access points (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html) + // in the Amazon S3 User Guide. + // + // Access points and Object Lambda access points are not supported by directory + // buckets. + // + // S3 on Outposts - When you use this action with Amazon S3 on Outposts, you + // must direct requests to the S3 on Outposts hostname. The S3 on Outposts hostname + // takes the form AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com. + // When you use this action with S3 on Outposts through the Amazon Web Services + // SDKs, you provide the Outposts access point ARN in place of the bucket name. + // For more information about S3 on Outposts ARNs, see What is S3 on Outposts? + // (https://docs.aws.amazon.com/AmazonS3/latest/userguide/S3onOutposts.html) + // in the Amazon S3 User Guide. // // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // The account id of the expected bucket owner. If the bucket is owned by a - // different account, the request will fail with an HTTP 403 (Access Denied) - // error. + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` // Key of the object for which the multipart upload was initiated. @@ -10871,10 +12294,14 @@ type AbortMultipartUploadInput struct { Key *string `location:"uri" locationName:"Key" min:"1" type:"string" required:"true"` // Confirms that the requester knows that they will be charged for the request. - // Bucket owners need not specify this parameter in their requests. For information - // about downloading objects from requester pays buckets, see Downloading Objects - // in Requestor Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) - // in the Amazon S3 Developer Guide. + // Bucket owners need not specify this parameter in their requests. If either + // the source or destination S3 bucket has Requester Pays enabled, the requester + // will pay for corresponding charges to copy the object. For information about + // downloading objects from Requester Pays buckets, see Downloading Objects + // in Requester Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) + // in the Amazon S3 User Guide. + // + // This functionality is not supported for directory buckets. RequestPayer *string `location:"header" locationName:"x-amz-request-payer" type:"string" enum:"RequestPayer"` // Upload ID that identifies the multipart upload. @@ -10883,12 +12310,20 @@ type AbortMultipartUploadInput struct { UploadId *string `location:"querystring" locationName:"uploadId" type:"string" required:"true"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s AbortMultipartUploadInput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s AbortMultipartUploadInput) GoString() string { return s.String() } @@ -10987,15 +12422,25 @@ type AbortMultipartUploadOutput struct { // If present, indicates that the requester was successfully charged for the // request. + // + // This functionality is not supported for directory buckets. RequestCharged *string `location:"header" locationName:"x-amz-request-charged" type:"string" enum:"RequestCharged"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s AbortMultipartUploadOutput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s AbortMultipartUploadOutput) GoString() string { return s.String() } @@ -11008,7 +12453,7 @@ func (s *AbortMultipartUploadOutput) SetRequestCharged(v string) *AbortMultipart // Configures the transfer acceleration state for an Amazon S3 bucket. For more // information, see Amazon S3 Transfer Acceleration (https://docs.aws.amazon.com/AmazonS3/latest/dev/transfer-acceleration.html) -// in the Amazon Simple Storage Service Developer Guide. +// in the Amazon S3 User Guide. type AccelerateConfiguration struct { _ struct{} `type:"structure"` @@ -11016,12 +12461,20 @@ type AccelerateConfiguration struct { Status *string `type:"string" enum:"BucketAccelerateStatus"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s AccelerateConfiguration) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s AccelerateConfiguration) GoString() string { return s.String() } @@ -11043,12 +12496,20 @@ type AccessControlPolicy struct { Owner *Owner `type:"structure"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s AccessControlPolicy) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s AccessControlPolicy) GoString() string { return s.String() } @@ -11091,18 +12552,26 @@ type AccessControlTranslation struct { // Specifies the replica ownership. For default and valid values, see PUT bucket // replication (https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTreplication.html) - // in the Amazon Simple Storage Service API Reference. + // in the Amazon S3 API Reference. // // Owner is a required field Owner *string `type:"string" required:"true" enum:"OwnerOverride"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s AccessControlTranslation) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s AccessControlTranslation) GoString() string { return s.String() } @@ -11140,12 +12609,20 @@ type AnalyticsAndOperator struct { Tags []*Tag `locationName:"Tag" locationNameList:"Tag" type:"list" flattened:"true"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s AnalyticsAndOperator) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s AnalyticsAndOperator) GoString() string { return s.String() } @@ -11204,12 +12681,20 @@ type AnalyticsConfiguration struct { StorageClassAnalysis *StorageClassAnalysis `type:"structure" required:"true"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s AnalyticsConfiguration) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s AnalyticsConfiguration) GoString() string { return s.String() } @@ -11268,12 +12753,20 @@ type AnalyticsExportDestination struct { S3BucketDestination *AnalyticsS3BucketDestination `type:"structure" required:"true"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s AnalyticsExportDestination) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s AnalyticsExportDestination) GoString() string { return s.String() } @@ -11319,12 +12812,20 @@ type AnalyticsFilter struct { Tag *Tag `type:"structure"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s AnalyticsFilter) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s AnalyticsFilter) GoString() string { return s.String() } @@ -11392,12 +12893,20 @@ type AnalyticsS3BucketDestination struct { Prefix *string `type:"string"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s AnalyticsS3BucketDestination) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s AnalyticsS3BucketDestination) GoString() string { return s.String() } @@ -11449,8 +12958,7 @@ func (s *AnalyticsS3BucketDestination) SetPrefix(v string) *AnalyticsS3BucketDes return s } -// In terms of implementation, a Bucket is a resource. An Amazon S3 bucket name -// is globally unique, and the namespace is shared by all AWS accounts. +// In terms of implementation, a Bucket is a resource. type Bucket struct { _ struct{} `type:"structure"` @@ -11462,12 +12970,20 @@ type Bucket struct { Name *string `type:"string"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s Bucket) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s Bucket) GoString() string { return s.String() } @@ -11484,9 +13000,54 @@ func (s *Bucket) SetName(v string) *Bucket { return s } +// Specifies the information about the bucket that will be created. For more +// information about directory buckets, see Directory buckets (https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-buckets-overview.html) +// in the Amazon S3 User Guide. +// +// This functionality is only supported by directory buckets. +type BucketInfo struct { + _ struct{} `type:"structure"` + + // The number of Availability Zone that's used for redundancy for the bucket. + DataRedundancy *string `type:"string" enum:"DataRedundancy"` + + // The type of bucket. + Type *string `type:"string" enum:"BucketType"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s BucketInfo) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s BucketInfo) GoString() string { + return s.String() +} + +// SetDataRedundancy sets the DataRedundancy field's value. +func (s *BucketInfo) SetDataRedundancy(v string) *BucketInfo { + s.DataRedundancy = &v + return s +} + +// SetType sets the Type field's value. +func (s *BucketInfo) SetType(v string) *BucketInfo { + s.Type = &v + return s +} + // Specifies the lifecycle configuration for objects in an Amazon S3 bucket. // For more information, see Object Lifecycle Management (https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lifecycle-mgmt.html) -// in the Amazon Simple Storage Service Developer Guide. +// in the Amazon S3 User Guide. type BucketLifecycleConfiguration struct { _ struct{} `type:"structure"` @@ -11496,12 +13057,20 @@ type BucketLifecycleConfiguration struct { Rules []*LifecycleRule `locationName:"Rule" type:"list" flattened:"true" required:"true"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s BucketLifecycleConfiguration) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s BucketLifecycleConfiguration) GoString() string { return s.String() } @@ -11542,16 +13111,24 @@ type BucketLoggingStatus struct { // Describes where logs are stored and the prefix that Amazon S3 assigns to // all log object keys for a bucket. For more information, see PUT Bucket logging // (https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTlogging.html) - // in the Amazon Simple Storage Service API Reference. + // in the Amazon S3 API Reference. LoggingEnabled *LoggingEnabled `type:"structure"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s BucketLoggingStatus) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s BucketLoggingStatus) GoString() string { return s.String() } @@ -11580,7 +13157,7 @@ func (s *BucketLoggingStatus) SetLoggingEnabled(v *LoggingEnabled) *BucketLoggin // Describes the cross-origin access configuration for objects in an Amazon // S3 bucket. For more information, see Enabling Cross-Origin Resource Sharing // (https://docs.aws.amazon.com/AmazonS3/latest/dev/cors.html) in the Amazon -// Simple Storage Service Developer Guide. +// S3 User Guide. type CORSConfiguration struct { _ struct{} `type:"structure"` @@ -11591,12 +13168,20 @@ type CORSConfiguration struct { CORSRules []*CORSRule `locationName:"CORSRule" type:"list" flattened:"true" required:"true"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s CORSConfiguration) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s CORSConfiguration) GoString() string { return s.String() } @@ -11656,17 +13241,28 @@ type CORSRule struct { // object). ExposeHeaders []*string `locationName:"ExposeHeader" type:"list" flattened:"true"` + // Unique identifier for the rule. The value cannot be longer than 255 characters. + ID *string `type:"string"` + // The time in seconds that your browser is to cache the preflight response // for the specified resource. MaxAgeSeconds *int64 `type:"integer"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s CORSRule) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s CORSRule) GoString() string { return s.String() } @@ -11711,6 +13307,12 @@ func (s *CORSRule) SetExposeHeaders(v []*string) *CORSRule { return s } +// SetID sets the ID field's value. +func (s *CORSRule) SetID(v string) *CORSRule { + s.ID = &v + return s +} + // SetMaxAgeSeconds sets the MaxAgeSeconds field's value. func (s *CORSRule) SetMaxAgeSeconds(v int64) *CORSRule { s.MaxAgeSeconds = &v @@ -11729,7 +13331,9 @@ type CSVInput struct { // A single character used to indicate that a row should be ignored when the // character is present at the start of that row. You can specify any character - // to indicate a comment line. + // to indicate a comment line. The default character is #. + // + // Default: # Comments *string `type:"string"` // A single character used to separate individual fields in a record. You can @@ -11769,12 +13373,20 @@ type CSVInput struct { RecordDelimiter *string `type:"string"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s CSVInput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s CSVInput) GoString() string { return s.String() } @@ -11851,12 +13463,20 @@ type CSVOutput struct { RecordDelimiter *string `type:"string"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s CSVOutput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s CSVOutput) GoString() string { return s.String() } @@ -11891,7 +13511,94 @@ func (s *CSVOutput) SetRecordDelimiter(v string) *CSVOutput { return s } -// Container for specifying the AWS Lambda notification configuration. +// Contains all the possible checksum or digest values for an object. +type Checksum struct { + _ struct{} `type:"structure"` + + // The base64-encoded, 32-bit CRC32 checksum of the object. This will only be + // present if it was uploaded with the object. When you use an API operation + // on an object that was uploaded using multipart uploads, this value may not + // be a direct checksum value of the full object. Instead, it's a calculation + // based on the checksum values of each individual part. For more information + // about how checksums are calculated with multipart uploads, see Checking object + // integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) + // in the Amazon S3 User Guide. + ChecksumCRC32 *string `type:"string"` + + // The base64-encoded, 32-bit CRC32C checksum of the object. This will only + // be present if it was uploaded with the object. When you use an API operation + // on an object that was uploaded using multipart uploads, this value may not + // be a direct checksum value of the full object. Instead, it's a calculation + // based on the checksum values of each individual part. For more information + // about how checksums are calculated with multipart uploads, see Checking object + // integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) + // in the Amazon S3 User Guide. + ChecksumCRC32C *string `type:"string"` + + // The base64-encoded, 160-bit SHA-1 digest of the object. This will only be + // present if it was uploaded with the object. When you use the API operation + // on an object that was uploaded using multipart uploads, this value may not + // be a direct checksum value of the full object. Instead, it's a calculation + // based on the checksum values of each individual part. For more information + // about how checksums are calculated with multipart uploads, see Checking object + // integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) + // in the Amazon S3 User Guide. + ChecksumSHA1 *string `type:"string"` + + // The base64-encoded, 256-bit SHA-256 digest of the object. This will only + // be present if it was uploaded with the object. When you use an API operation + // on an object that was uploaded using multipart uploads, this value may not + // be a direct checksum value of the full object. Instead, it's a calculation + // based on the checksum values of each individual part. For more information + // about how checksums are calculated with multipart uploads, see Checking object + // integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) + // in the Amazon S3 User Guide. + ChecksumSHA256 *string `type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s Checksum) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s Checksum) GoString() string { + return s.String() +} + +// SetChecksumCRC32 sets the ChecksumCRC32 field's value. +func (s *Checksum) SetChecksumCRC32(v string) *Checksum { + s.ChecksumCRC32 = &v + return s +} + +// SetChecksumCRC32C sets the ChecksumCRC32C field's value. +func (s *Checksum) SetChecksumCRC32C(v string) *Checksum { + s.ChecksumCRC32C = &v + return s +} + +// SetChecksumSHA1 sets the ChecksumSHA1 field's value. +func (s *Checksum) SetChecksumSHA1(v string) *Checksum { + s.ChecksumSHA1 = &v + return s +} + +// SetChecksumSHA256 sets the ChecksumSHA256 field's value. +func (s *Checksum) SetChecksumSHA256(v string) *Checksum { + s.ChecksumSHA256 = &v + return s +} + +// Container for specifying the Lambda notification configuration. type CloudFunctionConfiguration struct { _ struct{} `type:"structure"` @@ -11905,7 +13612,7 @@ type CloudFunctionConfiguration struct { Event *string `deprecated:"true" type:"string" enum:"Event"` // Bucket events for which to send notifications. - Events []*string `locationName:"Event" type:"list" flattened:"true"` + Events []*string `locationName:"Event" type:"list" flattened:"true" enum:"Event"` // An optional unique identifier for configurations in a notification configuration. // If you don't provide one, Amazon S3 will assign an ID. @@ -11915,12 +13622,20 @@ type CloudFunctionConfiguration struct { InvocationRole *string `type:"string"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s CloudFunctionConfiguration) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s CloudFunctionConfiguration) GoString() string { return s.String() } @@ -11967,12 +13682,20 @@ type CommonPrefix struct { Prefix *string `type:"string"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s CommonPrefix) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s CommonPrefix) GoString() string { return s.String() } @@ -11988,12 +13711,69 @@ type CompleteMultipartUploadInput struct { // Name of the bucket to which the multipart upload was initiated. // + // Directory buckets - When you use this operation with a directory bucket, + // you must use virtual-hosted-style requests in the format Bucket_name.s3express-az_id.region.amazonaws.com. + // Path-style requests are not supported. Directory bucket names must be unique + // in the chosen Availability Zone. Bucket names must follow the format bucket_base_name--az-id--x-s3 + // (for example, DOC-EXAMPLE-BUCKET--usw2-az1--x-s3). For information about + // bucket naming restrictions, see Directory bucket naming rules (https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-bucket-naming-rules.html) + // in the Amazon S3 User Guide. + // + // Access points - When you use this action with an access point, you must provide + // the alias of the access point in place of the bucket name or specify the + // access point ARN. When using the access point ARN, you must direct requests + // to the access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. + // When using this action with an access point through the Amazon Web Services + // SDKs, you provide the access point ARN in place of the bucket name. For more + // information about access point ARNs, see Using access points (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html) + // in the Amazon S3 User Guide. + // + // Access points and Object Lambda access points are not supported by directory + // buckets. + // + // S3 on Outposts - When you use this action with Amazon S3 on Outposts, you + // must direct requests to the S3 on Outposts hostname. The S3 on Outposts hostname + // takes the form AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com. + // When you use this action with S3 on Outposts through the Amazon Web Services + // SDKs, you provide the Outposts access point ARN in place of the bucket name. + // For more information about S3 on Outposts ARNs, see What is S3 on Outposts? + // (https://docs.aws.amazon.com/AmazonS3/latest/userguide/S3onOutposts.html) + // in the Amazon S3 User Guide. + // // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // The account id of the expected bucket owner. If the bucket is owned by a - // different account, the request will fail with an HTTP 403 (Access Denied) - // error. + // This header can be used as a data integrity check to verify that the data + // received is the same data that was originally sent. This header specifies + // the base64-encoded, 32-bit CRC32 checksum of the object. For more information, + // see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) + // in the Amazon S3 User Guide. + ChecksumCRC32 *string `location:"header" locationName:"x-amz-checksum-crc32" type:"string"` + + // This header can be used as a data integrity check to verify that the data + // received is the same data that was originally sent. This header specifies + // the base64-encoded, 32-bit CRC32C checksum of the object. For more information, + // see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) + // in the Amazon S3 User Guide. + ChecksumCRC32C *string `location:"header" locationName:"x-amz-checksum-crc32c" type:"string"` + + // This header can be used as a data integrity check to verify that the data + // received is the same data that was originally sent. This header specifies + // the base64-encoded, 160-bit SHA-1 digest of the object. For more information, + // see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) + // in the Amazon S3 User Guide. + ChecksumSHA1 *string `location:"header" locationName:"x-amz-checksum-sha1" type:"string"` + + // This header can be used as a data integrity check to verify that the data + // received is the same data that was originally sent. This header specifies + // the base64-encoded, 256-bit SHA-256 digest of the object. For more information, + // see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) + // in the Amazon S3 User Guide. + ChecksumSHA256 *string `location:"header" locationName:"x-amz-checksum-sha256" type:"string"` + + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` // Object key for which the multipart upload was initiated. @@ -12005,24 +13785,65 @@ type CompleteMultipartUploadInput struct { MultipartUpload *CompletedMultipartUpload `locationName:"CompleteMultipartUpload" type:"structure" xmlURI:"http://s3.amazonaws.com/doc/2006-03-01/"` // Confirms that the requester knows that they will be charged for the request. - // Bucket owners need not specify this parameter in their requests. For information - // about downloading objects from requester pays buckets, see Downloading Objects - // in Requestor Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) - // in the Amazon S3 Developer Guide. + // Bucket owners need not specify this parameter in their requests. If either + // the source or destination S3 bucket has Requester Pays enabled, the requester + // will pay for corresponding charges to copy the object. For information about + // downloading objects from Requester Pays buckets, see Downloading Objects + // in Requester Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) + // in the Amazon S3 User Guide. + // + // This functionality is not supported for directory buckets. RequestPayer *string `location:"header" locationName:"x-amz-request-payer" type:"string" enum:"RequestPayer"` + // The server-side encryption (SSE) algorithm used to encrypt the object. This + // parameter is required only when the object was created using a checksum algorithm + // or if your bucket policy requires the use of SSE-C. For more information, + // see Protecting data using SSE-C keys (https://docs.aws.amazon.com/AmazonS3/latest/userguide/ServerSideEncryptionCustomerKeys.html#ssec-require-condition-key) + // in the Amazon S3 User Guide. + // + // This functionality is not supported for directory buckets. + SSECustomerAlgorithm *string `location:"header" locationName:"x-amz-server-side-encryption-customer-algorithm" type:"string"` + + // The server-side encryption (SSE) customer managed key. This parameter is + // needed only when the object was created using a checksum algorithm. For more + // information, see Protecting data using SSE-C keys (https://docs.aws.amazon.com/AmazonS3/latest/dev/ServerSideEncryptionCustomerKeys.html) + // in the Amazon S3 User Guide. + // + // This functionality is not supported for directory buckets. + // + // SSECustomerKey is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by CompleteMultipartUploadInput's + // String and GoString methods. + SSECustomerKey *string `marshal-as:"blob" location:"header" locationName:"x-amz-server-side-encryption-customer-key" type:"string" sensitive:"true"` + + // The MD5 server-side encryption (SSE) customer managed key. This parameter + // is needed only when the object was created using a checksum algorithm. For + // more information, see Protecting data using SSE-C keys (https://docs.aws.amazon.com/AmazonS3/latest/dev/ServerSideEncryptionCustomerKeys.html) + // in the Amazon S3 User Guide. + // + // This functionality is not supported for directory buckets. + SSECustomerKeyMD5 *string `location:"header" locationName:"x-amz-server-side-encryption-customer-key-MD5" type:"string"` + // ID for the initiated multipart upload. // // UploadId is a required field UploadId *string `location:"querystring" locationName:"uploadId" type:"string" required:"true"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s CompleteMultipartUploadInput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s CompleteMultipartUploadInput) GoString() string { return s.String() } @@ -12065,6 +13886,30 @@ func (s *CompleteMultipartUploadInput) getBucket() (v string) { return *s.Bucket } +// SetChecksumCRC32 sets the ChecksumCRC32 field's value. +func (s *CompleteMultipartUploadInput) SetChecksumCRC32(v string) *CompleteMultipartUploadInput { + s.ChecksumCRC32 = &v + return s +} + +// SetChecksumCRC32C sets the ChecksumCRC32C field's value. +func (s *CompleteMultipartUploadInput) SetChecksumCRC32C(v string) *CompleteMultipartUploadInput { + s.ChecksumCRC32C = &v + return s +} + +// SetChecksumSHA1 sets the ChecksumSHA1 field's value. +func (s *CompleteMultipartUploadInput) SetChecksumSHA1(v string) *CompleteMultipartUploadInput { + s.ChecksumSHA1 = &v + return s +} + +// SetChecksumSHA256 sets the ChecksumSHA256 field's value. +func (s *CompleteMultipartUploadInput) SetChecksumSHA256(v string) *CompleteMultipartUploadInput { + s.ChecksumSHA256 = &v + return s +} + // SetExpectedBucketOwner sets the ExpectedBucketOwner field's value. func (s *CompleteMultipartUploadInput) SetExpectedBucketOwner(v string) *CompleteMultipartUploadInput { s.ExpectedBucketOwner = &v @@ -12089,6 +13934,31 @@ func (s *CompleteMultipartUploadInput) SetRequestPayer(v string) *CompleteMultip return s } +// SetSSECustomerAlgorithm sets the SSECustomerAlgorithm field's value. +func (s *CompleteMultipartUploadInput) SetSSECustomerAlgorithm(v string) *CompleteMultipartUploadInput { + s.SSECustomerAlgorithm = &v + return s +} + +// SetSSECustomerKey sets the SSECustomerKey field's value. +func (s *CompleteMultipartUploadInput) SetSSECustomerKey(v string) *CompleteMultipartUploadInput { + s.SSECustomerKey = &v + return s +} + +func (s *CompleteMultipartUploadInput) getSSECustomerKey() (v string) { + if s.SSECustomerKey == nil { + return v + } + return *s.SSECustomerKey +} + +// SetSSECustomerKeyMD5 sets the SSECustomerKeyMD5 field's value. +func (s *CompleteMultipartUploadInput) SetSSECustomerKeyMD5(v string) *CompleteMultipartUploadInput { + s.SSECustomerKeyMD5 = &v + return s +} + // SetUploadId sets the UploadId field's value. func (s *CompleteMultipartUploadInput) SetUploadId(v string) *CompleteMultipartUploadInput { s.UploadId = &v @@ -12125,38 +13995,72 @@ func (s CompleteMultipartUploadInput) updateArnableField(v string) (interface{}, type CompleteMultipartUploadOutput struct { _ struct{} `type:"structure"` - // The name of the bucket that contains the newly created object. - // - // When using this API with an access point, you must direct requests to the - // access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. - // When using this operation with an access point through the AWS SDKs, you - // provide the access point ARN in place of the bucket name. For more information - // about access point ARNs, see Using Access Points (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-access-points.html) - // in the Amazon Simple Storage Service Developer Guide. - // - // When using this API with Amazon S3 on Outposts, you must direct requests - // to the S3 on Outposts hostname. The S3 on Outposts hostname takes the form - // AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com. When - // using this operation using S3 on Outposts through the AWS SDKs, you provide - // the Outposts bucket ARN in place of the bucket name. For more information - // about S3 on Outposts ARNs, see Using S3 on Outposts (https://docs.aws.amazon.com/AmazonS3/latest/dev/S3onOutposts.html) - // in the Amazon Simple Storage Service Developer Guide. + // The name of the bucket that contains the newly created object. Does not return + // the access point ARN or access point alias if used. + // + // Access points are not supported by directory buckets. Bucket *string `type:"string"` // Indicates whether the multipart upload uses an S3 Bucket Key for server-side - // encryption with AWS KMS (SSE-KMS). + // encryption with Key Management Service (KMS) keys (SSE-KMS). + // + // This functionality is not supported for directory buckets. BucketKeyEnabled *bool `location:"header" locationName:"x-amz-server-side-encryption-bucket-key-enabled" type:"boolean"` + // The base64-encoded, 32-bit CRC32 checksum of the object. This will only be + // present if it was uploaded with the object. When you use an API operation + // on an object that was uploaded using multipart uploads, this value may not + // be a direct checksum value of the full object. Instead, it's a calculation + // based on the checksum values of each individual part. For more information + // about how checksums are calculated with multipart uploads, see Checking object + // integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) + // in the Amazon S3 User Guide. + ChecksumCRC32 *string `type:"string"` + + // The base64-encoded, 32-bit CRC32C checksum of the object. This will only + // be present if it was uploaded with the object. When you use an API operation + // on an object that was uploaded using multipart uploads, this value may not + // be a direct checksum value of the full object. Instead, it's a calculation + // based on the checksum values of each individual part. For more information + // about how checksums are calculated with multipart uploads, see Checking object + // integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) + // in the Amazon S3 User Guide. + ChecksumCRC32C *string `type:"string"` + + // The base64-encoded, 160-bit SHA-1 digest of the object. This will only be + // present if it was uploaded with the object. When you use the API operation + // on an object that was uploaded using multipart uploads, this value may not + // be a direct checksum value of the full object. Instead, it's a calculation + // based on the checksum values of each individual part. For more information + // about how checksums are calculated with multipart uploads, see Checking object + // integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) + // in the Amazon S3 User Guide. + ChecksumSHA1 *string `type:"string"` + + // The base64-encoded, 256-bit SHA-256 digest of the object. This will only + // be present if it was uploaded with the object. When you use an API operation + // on an object that was uploaded using multipart uploads, this value may not + // be a direct checksum value of the full object. Instead, it's a calculation + // based on the checksum values of each individual part. For more information + // about how checksums are calculated with multipart uploads, see Checking object + // integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) + // in the Amazon S3 User Guide. + ChecksumSHA256 *string `type:"string"` + // Entity tag that identifies the newly created object's data. Objects with // different object data will have different entity tags. The entity tag is // an opaque string. The entity tag may or may not be an MD5 digest of the object // data. If the entity tag is not an MD5 digest of the object data, it will // contain one or more nonhexadecimal characters and/or will consist of less - // than 32 or more than 32 hexadecimal digits. + // than 32 or more than 32 hexadecimal digits. For more information about how + // the entity tag is calculated, see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) + // in the Amazon S3 User Guide. ETag *string `type:"string"` // If the object expiration is configured, this will contain the expiration - // date (expiry-date) and rule ID (rule-id). The value of rule-id is URL encoded. + // date (expiry-date) and rule ID (rule-id). The value of rule-id is URL-encoded. + // + // This functionality is not supported for directory buckets. Expiration *string `location:"header" locationName:"x-amz-expiration" type:"string"` // The object key of the newly created object. @@ -12167,30 +14071,48 @@ type CompleteMultipartUploadOutput struct { // If present, indicates that the requester was successfully charged for the // request. + // + // This functionality is not supported for directory buckets. RequestCharged *string `location:"header" locationName:"x-amz-request-charged" type:"string" enum:"RequestCharged"` - // If present, specifies the ID of the AWS Key Management Service (AWS KMS) - // symmetric customer managed customer master key (CMK) that was used for the - // object. + // If present, indicates the ID of the Key Management Service (KMS) symmetric + // encryption customer managed key that was used for the object. + // + // This functionality is not supported for directory buckets. + // + // SSEKMSKeyId is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by CompleteMultipartUploadOutput's + // String and GoString methods. SSEKMSKeyId *string `location:"header" locationName:"x-amz-server-side-encryption-aws-kms-key-id" type:"string" sensitive:"true"` - // If you specified server-side encryption either with an Amazon S3-managed - // encryption key or an AWS KMS customer master key (CMK) in your initiate multipart - // upload request, the response includes this header. It confirms the encryption - // algorithm that Amazon S3 used to encrypt the object. + // The server-side encryption algorithm used when storing this object in Amazon + // S3 (for example, AES256, aws:kms). + // + // For directory buckets, only server-side encryption with Amazon S3 managed + // keys (SSE-S3) (AES256) is supported. ServerSideEncryption *string `location:"header" locationName:"x-amz-server-side-encryption" type:"string" enum:"ServerSideEncryption"` // Version ID of the newly created object, in case the bucket has versioning // turned on. + // + // This functionality is not supported for directory buckets. VersionId *string `location:"header" locationName:"x-amz-version-id" type:"string"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s CompleteMultipartUploadOutput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s CompleteMultipartUploadOutput) GoString() string { return s.String() } @@ -12214,6 +14136,30 @@ func (s *CompleteMultipartUploadOutput) SetBucketKeyEnabled(v bool) *CompleteMul return s } +// SetChecksumCRC32 sets the ChecksumCRC32 field's value. +func (s *CompleteMultipartUploadOutput) SetChecksumCRC32(v string) *CompleteMultipartUploadOutput { + s.ChecksumCRC32 = &v + return s +} + +// SetChecksumCRC32C sets the ChecksumCRC32C field's value. +func (s *CompleteMultipartUploadOutput) SetChecksumCRC32C(v string) *CompleteMultipartUploadOutput { + s.ChecksumCRC32C = &v + return s +} + +// SetChecksumSHA1 sets the ChecksumSHA1 field's value. +func (s *CompleteMultipartUploadOutput) SetChecksumSHA1(v string) *CompleteMultipartUploadOutput { + s.ChecksumSHA1 = &v + return s +} + +// SetChecksumSHA256 sets the ChecksumSHA256 field's value. +func (s *CompleteMultipartUploadOutput) SetChecksumSHA256(v string) *CompleteMultipartUploadOutput { + s.ChecksumSHA256 = &v + return s +} + // SetETag sets the ETag field's value. func (s *CompleteMultipartUploadOutput) SetETag(v string) *CompleteMultipartUploadOutput { s.ETag = &v @@ -12267,15 +14213,26 @@ type CompletedMultipartUpload struct { _ struct{} `type:"structure"` // Array of CompletedPart data types. + // + // If you do not supply a valid Part with your request, the service sends back + // an HTTP 400 response. Parts []*CompletedPart `locationName:"Part" type:"list" flattened:"true"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s CompletedMultipartUpload) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s CompletedMultipartUpload) GoString() string { return s.String() } @@ -12290,24 +14247,106 @@ func (s *CompletedMultipartUpload) SetParts(v []*CompletedPart) *CompletedMultip type CompletedPart struct { _ struct{} `type:"structure"` + // The base64-encoded, 32-bit CRC32 checksum of the object. This will only be + // present if it was uploaded with the object. When you use an API operation + // on an object that was uploaded using multipart uploads, this value may not + // be a direct checksum value of the full object. Instead, it's a calculation + // based on the checksum values of each individual part. For more information + // about how checksums are calculated with multipart uploads, see Checking object + // integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) + // in the Amazon S3 User Guide. + ChecksumCRC32 *string `type:"string"` + + // The base64-encoded, 32-bit CRC32C checksum of the object. This will only + // be present if it was uploaded with the object. When you use an API operation + // on an object that was uploaded using multipart uploads, this value may not + // be a direct checksum value of the full object. Instead, it's a calculation + // based on the checksum values of each individual part. For more information + // about how checksums are calculated with multipart uploads, see Checking object + // integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) + // in the Amazon S3 User Guide. + ChecksumCRC32C *string `type:"string"` + + // The base64-encoded, 160-bit SHA-1 digest of the object. This will only be + // present if it was uploaded with the object. When you use the API operation + // on an object that was uploaded using multipart uploads, this value may not + // be a direct checksum value of the full object. Instead, it's a calculation + // based on the checksum values of each individual part. For more information + // about how checksums are calculated with multipart uploads, see Checking object + // integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) + // in the Amazon S3 User Guide. + ChecksumSHA1 *string `type:"string"` + + // The base64-encoded, 256-bit SHA-256 digest of the object. This will only + // be present if it was uploaded with the object. When you use an API operation + // on an object that was uploaded using multipart uploads, this value may not + // be a direct checksum value of the full object. Instead, it's a calculation + // based on the checksum values of each individual part. For more information + // about how checksums are calculated with multipart uploads, see Checking object + // integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) + // in the Amazon S3 User Guide. + ChecksumSHA256 *string `type:"string"` + // Entity tag returned when the part was uploaded. ETag *string `type:"string"` // Part number that identifies the part. This is a positive integer between // 1 and 10,000. + // + // * General purpose buckets - In CompleteMultipartUpload, when a additional + // checksum (including x-amz-checksum-crc32, x-amz-checksum-crc32c, x-amz-checksum-sha1, + // or x-amz-checksum-sha256) is applied to each part, the PartNumber must + // start at 1 and the part numbers must be consecutive. Otherwise, Amazon + // S3 generates an HTTP 400 Bad Request status code and an InvalidPartOrder + // error code. + // + // * Directory buckets - In CompleteMultipartUpload, the PartNumber must + // start at 1 and the part numbers must be consecutive. PartNumber *int64 `type:"integer"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s CompletedPart) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s CompletedPart) GoString() string { return s.String() } +// SetChecksumCRC32 sets the ChecksumCRC32 field's value. +func (s *CompletedPart) SetChecksumCRC32(v string) *CompletedPart { + s.ChecksumCRC32 = &v + return s +} + +// SetChecksumCRC32C sets the ChecksumCRC32C field's value. +func (s *CompletedPart) SetChecksumCRC32C(v string) *CompletedPart { + s.ChecksumCRC32C = &v + return s +} + +// SetChecksumSHA1 sets the ChecksumSHA1 field's value. +func (s *CompletedPart) SetChecksumSHA1(v string) *CompletedPart { + s.ChecksumSHA1 = &v + return s +} + +// SetChecksumSHA256 sets the ChecksumSHA256 field's value. +func (s *CompletedPart) SetChecksumSHA256(v string) *CompletedPart { + s.ChecksumSHA256 = &v + return s +} + // SetETag sets the ETag field's value. func (s *CompletedPart) SetETag(v string) *CompletedPart { s.ETag = &v @@ -12341,15 +14380,27 @@ type Condition struct { // the parent element Condition is specified and sibling HttpErrorCodeReturnedEquals // is not specified. If both conditions are specified, both must be true for // the redirect to be applied. + // + // Replacement must be made for object keys containing special characters (such + // as carriage returns) when using XML requests. For more information, see XML + // related object key constraints (https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html#object-key-xml-related-constraints). KeyPrefixEquals *string `type:"string"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s Condition) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s Condition) GoString() string { return s.String() } @@ -12370,12 +14421,20 @@ type ContinuationEvent struct { _ struct{} `locationName:"ContinuationEvent" type:"structure"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s ContinuationEvent) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s ContinuationEvent) GoString() string { return s.String() } @@ -12402,66 +14461,134 @@ func (s *ContinuationEvent) MarshalEvent(pm protocol.PayloadMarshaler) (msg even type CopyObjectInput struct { _ struct{} `locationName:"CopyObjectRequest" type:"structure"` - // The canned ACL to apply to the object. + // The canned access control list (ACL) to apply to the object. + // + // When you copy an object, the ACL metadata is not preserved and is set to + // private by default. Only the owner has full access control. To override the + // default ACL setting, specify a new ACL when you generate a copy request. + // For more information, see Using ACLs (https://docs.aws.amazon.com/AmazonS3/latest/dev/S3_ACLs_UsingACLs.html). + // + // If the destination bucket that you're copying objects to uses the bucket + // owner enforced setting for S3 Object Ownership, ACLs are disabled and no + // longer affect permissions. Buckets that use this setting only accept PUT + // requests that don't specify an ACL or PUT requests that specify bucket owner + // full control ACLs, such as the bucket-owner-full-control canned ACL or an + // equivalent form of this ACL expressed in the XML format. For more information, + // see Controlling ownership of objects and disabling ACLs (https://docs.aws.amazon.com/AmazonS3/latest/userguide/about-object-ownership.html) + // in the Amazon S3 User Guide. + // + // * If your destination bucket uses the bucket owner enforced setting for + // Object Ownership, all objects written to the bucket by any account will + // be owned by the bucket owner. + // + // * This functionality is not supported for directory buckets. // - // This action is not supported by Amazon S3 on Outposts. + // * This functionality is not supported for Amazon S3 on Outposts. ACL *string `location:"header" locationName:"x-amz-acl" type:"string" enum:"ObjectCannedACL"` // The name of the destination bucket. // - // When using this API with an access point, you must direct requests to the - // access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. - // When using this operation with an access point through the AWS SDKs, you - // provide the access point ARN in place of the bucket name. For more information - // about access point ARNs, see Using Access Points (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-access-points.html) - // in the Amazon Simple Storage Service Developer Guide. - // - // When using this API with Amazon S3 on Outposts, you must direct requests - // to the S3 on Outposts hostname. The S3 on Outposts hostname takes the form - // AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com. When - // using this operation using S3 on Outposts through the AWS SDKs, you provide - // the Outposts bucket ARN in place of the bucket name. For more information - // about S3 on Outposts ARNs, see Using S3 on Outposts (https://docs.aws.amazon.com/AmazonS3/latest/dev/S3onOutposts.html) - // in the Amazon Simple Storage Service Developer Guide. + // Directory buckets - When you use this operation with a directory bucket, + // you must use virtual-hosted-style requests in the format Bucket_name.s3express-az_id.region.amazonaws.com. + // Path-style requests are not supported. Directory bucket names must be unique + // in the chosen Availability Zone. Bucket names must follow the format bucket_base_name--az-id--x-s3 + // (for example, DOC-EXAMPLE-BUCKET--usw2-az1--x-s3). For information about + // bucket naming restrictions, see Directory bucket naming rules (https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-bucket-naming-rules.html) + // in the Amazon S3 User Guide. + // + // Access points - When you use this action with an access point, you must provide + // the alias of the access point in place of the bucket name or specify the + // access point ARN. When using the access point ARN, you must direct requests + // to the access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. + // When using this action with an access point through the Amazon Web Services + // SDKs, you provide the access point ARN in place of the bucket name. For more + // information about access point ARNs, see Using access points (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html) + // in the Amazon S3 User Guide. + // + // Access points and Object Lambda access points are not supported by directory + // buckets. + // + // S3 on Outposts - When you use this action with Amazon S3 on Outposts, you + // must direct requests to the S3 on Outposts hostname. The S3 on Outposts hostname + // takes the form AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com. + // When you use this action with S3 on Outposts through the Amazon Web Services + // SDKs, you provide the Outposts access point ARN in place of the bucket name. + // For more information about S3 on Outposts ARNs, see What is S3 on Outposts? + // (https://docs.aws.amazon.com/AmazonS3/latest/userguide/S3onOutposts.html) + // in the Amazon S3 User Guide. // // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` // Specifies whether Amazon S3 should use an S3 Bucket Key for object encryption - // with server-side encryption using AWS KMS (SSE-KMS). Setting this header - // to true causes Amazon S3 to use an S3 Bucket Key for object encryption with - // SSE-KMS. + // with server-side encryption using Key Management Service (KMS) keys (SSE-KMS). + // If a target object uses SSE-KMS, you can enable an S3 Bucket Key for the + // object. // - // Specifying this header with a COPY operation doesn’t affect bucket-level - // settings for S3 Bucket Key. + // Setting this header to true causes Amazon S3 to use an S3 Bucket Key for + // object encryption with SSE-KMS. Specifying this header with a COPY action + // doesn’t affect bucket-level settings for S3 Bucket Key. + // + // For more information, see Amazon S3 Bucket Keys (https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-key.html) + // in the Amazon S3 User Guide. + // + // This functionality is not supported when the destination bucket is a directory + // bucket. BucketKeyEnabled *bool `location:"header" locationName:"x-amz-server-side-encryption-bucket-key-enabled" type:"boolean"` - // Specifies caching behavior along the request/reply chain. + // Specifies the caching behavior along the request/reply chain. CacheControl *string `location:"header" locationName:"Cache-Control" type:"string"` - // Specifies presentational information for the object. + // Indicates the algorithm that you want Amazon S3 to use to create the checksum + // for the object. For more information, see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) + // in the Amazon S3 User Guide. + // + // When you copy an object, if the source object has a checksum, that checksum + // value will be copied to the new object by default. If the CopyObject request + // does not include this x-amz-checksum-algorithm header, the checksum algorithm + // will be copied from the source object to the destination object (if it's + // present on the source object). You can optionally specify a different checksum + // algorithm to use with the x-amz-checksum-algorithm header. Unrecognized or + // unsupported values will respond with the HTTP status code 400 Bad Request. + // + // For directory buckets, when you use Amazon Web Services SDKs, CRC32 is the + // default checksum algorithm that's used for performance. + ChecksumAlgorithm *string `location:"header" locationName:"x-amz-checksum-algorithm" type:"string" enum:"ChecksumAlgorithm"` + + // Specifies presentational information for the object. Indicates whether an + // object should be displayed in a web browser or downloaded as a file. It allows + // specifying the desired filename for the downloaded file. ContentDisposition *string `location:"header" locationName:"Content-Disposition" type:"string"` // Specifies what content encodings have been applied to the object and thus // what decoding mechanisms must be applied to obtain the media-type referenced // by the Content-Type header field. + // + // For directory buckets, only the aws-chunked value is supported in this header + // field. ContentEncoding *string `location:"header" locationName:"Content-Encoding" type:"string"` // The language the content is in. ContentLanguage *string `location:"header" locationName:"Content-Language" type:"string"` - // A standard MIME type describing the format of the object data. + // A standard MIME type that describes the format of the object data. ContentType *string `location:"header" locationName:"Content-Type" type:"string"` - // Specifies the source object for the copy operation. You specify the value - // in one of two formats, depending on whether you want to access the source - // object through an access point (https://docs.aws.amazon.com/AmazonS3/latest/dev/access-points.html): + // Specifies the source object for the copy operation. The source object can + // be up to 5 GB. If the source object is an object that was uploaded by using + // a multipart upload, the object copy will be a single part object after the + // source object is copied to the destination bucket. + // + // You specify the value of the copy source in one of two formats, depending + // on whether you want to access the source object through an access point (https://docs.aws.amazon.com/AmazonS3/latest/userguide/access-points.html): // // * For objects not accessed through an access point, specify the name of // the source bucket and the key of the source object, separated by a slash - // (/). For example, to copy the object reports/january.pdf from the bucket - // awsexamplebucket, use awsexamplebucket/reports/january.pdf. The value - // must be URL encoded. + // (/). For example, to copy the object reports/january.pdf from the general + // purpose bucket awsexamplebucket, use awsexamplebucket/reports/january.pdf. + // The value must be URL-encoded. To copy the object reports/january.pdf + // from the directory bucket awsexamplebucket--use1-az5--x-s3, use awsexamplebucket--use1-az5--x-s3/reports/january.pdf. + // The value must be URL-encoded. // // * For objects accessed through access points, specify the Amazon Resource // Name (ARN) of the object as accessed through the access point, in the @@ -12470,57 +14597,130 @@ type CopyObjectInput struct { // my-access-point owned by account 123456789012 in Region us-west-2, use // the URL encoding of arn:aws:s3:us-west-2:123456789012:accesspoint/my-access-point/object/reports/january.pdf. // The value must be URL encoded. Amazon S3 supports copy operations using - // access points only when the source and destination buckets are in the - // same AWS Region. Alternatively, for objects accessed through Amazon S3 - // on Outposts, specify the ARN of the object as accessed in the format arn:aws:s3-outposts:::outpost//object/. + // Access points only when the source and destination buckets are in the + // same Amazon Web Services Region. Access points are not supported by directory + // buckets. Alternatively, for objects accessed through Amazon S3 on Outposts, + // specify the ARN of the object as accessed in the format arn:aws:s3-outposts:::outpost//object/. // For example, to copy the object reports/january.pdf through outpost my-outpost // owned by account 123456789012 in Region us-west-2, use the URL encoding // of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/object/reports/january.pdf. - // The value must be URL encoded. + // The value must be URL-encoded. // - // To copy a specific version of an object, append ?versionId= to - // the value (for example, awsexamplebucket/reports/january.pdf?versionId=QUpfdndhfd8438MNFDN93jdnJFkdmqnh893). + // If your source bucket versioning is enabled, the x-amz-copy-source header + // by default identifies the current version of an object to copy. If the current + // version is a delete marker, Amazon S3 behaves as if the object was deleted. + // To copy a different version, use the versionId query parameter. Specifically, + // append ?versionId= to the value (for example, awsexamplebucket/reports/january.pdf?versionId=QUpfdndhfd8438MNFDN93jdnJFkdmqnh893). // If you don't specify a version ID, Amazon S3 copies the latest version of // the source object. // + // If you enable versioning on the destination bucket, Amazon S3 generates a + // unique version ID for the copied object. This version ID is different from + // the version ID of the source object. Amazon S3 returns the version ID of + // the copied object in the x-amz-version-id response header in the response. + // + // If you do not enable versioning or suspend it on the destination bucket, + // the version ID that Amazon S3 generates in the x-amz-version-id response + // header is always null. + // + // Directory buckets - S3 Versioning isn't enabled and supported for directory + // buckets. + // // CopySource is a required field CopySource *string `location:"header" locationName:"x-amz-copy-source" type:"string" required:"true"` // Copies the object if its entity tag (ETag) matches the specified tag. + // + // If both the x-amz-copy-source-if-match and x-amz-copy-source-if-unmodified-since + // headers are present in the request and evaluate as follows, Amazon S3 returns + // 200 OK and copies the data: + // + // * x-amz-copy-source-if-match condition evaluates to true + // + // * x-amz-copy-source-if-unmodified-since condition evaluates to false CopySourceIfMatch *string `location:"header" locationName:"x-amz-copy-source-if-match" type:"string"` // Copies the object if it has been modified since the specified time. + // + // If both the x-amz-copy-source-if-none-match and x-amz-copy-source-if-modified-since + // headers are present in the request and evaluate as follows, Amazon S3 returns + // the 412 Precondition Failed response code: + // + // * x-amz-copy-source-if-none-match condition evaluates to false + // + // * x-amz-copy-source-if-modified-since condition evaluates to true CopySourceIfModifiedSince *time.Time `location:"header" locationName:"x-amz-copy-source-if-modified-since" type:"timestamp"` // Copies the object if its entity tag (ETag) is different than the specified // ETag. + // + // If both the x-amz-copy-source-if-none-match and x-amz-copy-source-if-modified-since + // headers are present in the request and evaluate as follows, Amazon S3 returns + // the 412 Precondition Failed response code: + // + // * x-amz-copy-source-if-none-match condition evaluates to false + // + // * x-amz-copy-source-if-modified-since condition evaluates to true CopySourceIfNoneMatch *string `location:"header" locationName:"x-amz-copy-source-if-none-match" type:"string"` // Copies the object if it hasn't been modified since the specified time. + // + // If both the x-amz-copy-source-if-match and x-amz-copy-source-if-unmodified-since + // headers are present in the request and evaluate as follows, Amazon S3 returns + // 200 OK and copies the data: + // + // * x-amz-copy-source-if-match condition evaluates to true + // + // * x-amz-copy-source-if-unmodified-since condition evaluates to false CopySourceIfUnmodifiedSince *time.Time `location:"header" locationName:"x-amz-copy-source-if-unmodified-since" type:"timestamp"` // Specifies the algorithm to use when decrypting the source object (for example, // AES256). + // + // If the source object for the copy is stored in Amazon S3 using SSE-C, you + // must provide the necessary encryption information in your request so that + // Amazon S3 can decrypt the object for copying. + // + // This functionality is not supported when the source object is in a directory + // bucket. CopySourceSSECustomerAlgorithm *string `location:"header" locationName:"x-amz-copy-source-server-side-encryption-customer-algorithm" type:"string"` // Specifies the customer-provided encryption key for Amazon S3 to use to decrypt - // the source object. The encryption key provided in this header must be one - // that was used when the source object was created. + // the source object. The encryption key provided in this header must be the + // same one that was used when the source object was created. + // + // If the source object for the copy is stored in Amazon S3 using SSE-C, you + // must provide the necessary encryption information in your request so that + // Amazon S3 can decrypt the object for copying. + // + // This functionality is not supported when the source object is in a directory + // bucket. + // + // CopySourceSSECustomerKey is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by CopyObjectInput's + // String and GoString methods. CopySourceSSECustomerKey *string `marshal-as:"blob" location:"header" locationName:"x-amz-copy-source-server-side-encryption-customer-key" type:"string" sensitive:"true"` // Specifies the 128-bit MD5 digest of the encryption key according to RFC 1321. // Amazon S3 uses this header for a message integrity check to ensure that the // encryption key was transmitted without error. + // + // If the source object for the copy is stored in Amazon S3 using SSE-C, you + // must provide the necessary encryption information in your request so that + // Amazon S3 can decrypt the object for copying. + // + // This functionality is not supported when the source object is in a directory + // bucket. CopySourceSSECustomerKeyMD5 *string `location:"header" locationName:"x-amz-copy-source-server-side-encryption-customer-key-MD5" type:"string"` - // The account id of the expected destination bucket owner. If the destination - // bucket is owned by a different account, the request will fail with an HTTP - // 403 (Access Denied) error. + // The account ID of the expected destination bucket owner. If the account ID + // that you provide does not match the actual owner of the destination bucket, + // the request fails with the HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` - // The account id of the expected source bucket owner. If the source bucket - // is owned by a different account, the request will fail with an HTTP 403 (Access - // Denied) error. + // The account ID of the expected source bucket owner. If the account ID that + // you provide does not match the actual owner of the source bucket, the request + // fails with the HTTP status code 403 Forbidden (access denied). ExpectedSourceBucketOwner *string `location:"header" locationName:"x-amz-source-expected-bucket-owner" type:"string"` // The date and time at which the object is no longer cacheable. @@ -12528,22 +14728,30 @@ type CopyObjectInput struct { // Gives the grantee READ, READ_ACP, and WRITE_ACP permissions on the object. // - // This action is not supported by Amazon S3 on Outposts. + // * This functionality is not supported for directory buckets. + // + // * This functionality is not supported for Amazon S3 on Outposts. GrantFullControl *string `location:"header" locationName:"x-amz-grant-full-control" type:"string"` // Allows grantee to read the object data and its metadata. // - // This action is not supported by Amazon S3 on Outposts. + // * This functionality is not supported for directory buckets. + // + // * This functionality is not supported for Amazon S3 on Outposts. GrantRead *string `location:"header" locationName:"x-amz-grant-read" type:"string"` // Allows grantee to read the object ACL. // - // This action is not supported by Amazon S3 on Outposts. + // * This functionality is not supported for directory buckets. + // + // * This functionality is not supported for Amazon S3 on Outposts. GrantReadACP *string `location:"header" locationName:"x-amz-grant-read-acp" type:"string"` // Allows grantee to write the ACL for the applicable object. // - // This action is not supported by Amazon S3 on Outposts. + // * This functionality is not supported for directory buckets. + // + // * This functionality is not supported for Amazon S3 on Outposts. GrantWriteACP *string `location:"header" locationName:"x-amz-grant-write-acp" type:"string"` // The key of the destination object. @@ -12555,87 +14763,289 @@ type CopyObjectInput struct { Metadata map[string]*string `location:"headers" locationName:"x-amz-meta-" type:"map"` // Specifies whether the metadata is copied from the source object or replaced - // with metadata provided in the request. + // with metadata that's provided in the request. When copying an object, you + // can preserve all metadata (the default) or specify new metadata. If this + // header isn’t specified, COPY is the default behavior. + // + // General purpose bucket - For general purpose buckets, when you grant permissions, + // you can use the s3:x-amz-metadata-directive condition key to enforce certain + // metadata behavior when objects are uploaded. For more information, see Amazon + // S3 condition key examples (https://docs.aws.amazon.com/AmazonS3/latest/dev/amazon-s3-policy-keys.html) + // in the Amazon S3 User Guide. + // + // x-amz-website-redirect-location is unique to each object and is not copied + // when using the x-amz-metadata-directive header. To copy the value, you must + // specify x-amz-website-redirect-location in the request header. MetadataDirective *string `location:"header" locationName:"x-amz-metadata-directive" type:"string" enum:"MetadataDirective"` - // Specifies whether you want to apply a Legal Hold to the copied object. + // Specifies whether you want to apply a legal hold to the object copy. + // + // This functionality is not supported for directory buckets. ObjectLockLegalHoldStatus *string `location:"header" locationName:"x-amz-object-lock-legal-hold" type:"string" enum:"ObjectLockLegalHoldStatus"` - // The Object Lock mode that you want to apply to the copied object. + // The Object Lock mode that you want to apply to the object copy. + // + // This functionality is not supported for directory buckets. ObjectLockMode *string `location:"header" locationName:"x-amz-object-lock-mode" type:"string" enum:"ObjectLockMode"` - // The date and time when you want the copied object's Object Lock to expire. + // The date and time when you want the Object Lock of the object copy to expire. + // + // This functionality is not supported for directory buckets. ObjectLockRetainUntilDate *time.Time `location:"header" locationName:"x-amz-object-lock-retain-until-date" type:"timestamp" timestampFormat:"iso8601"` // Confirms that the requester knows that they will be charged for the request. - // Bucket owners need not specify this parameter in their requests. For information - // about downloading objects from requester pays buckets, see Downloading Objects - // in Requestor Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) - // in the Amazon S3 Developer Guide. + // Bucket owners need not specify this parameter in their requests. If either + // the source or destination S3 bucket has Requester Pays enabled, the requester + // will pay for corresponding charges to copy the object. For information about + // downloading objects from Requester Pays buckets, see Downloading Objects + // in Requester Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) + // in the Amazon S3 User Guide. + // + // This functionality is not supported for directory buckets. RequestPayer *string `location:"header" locationName:"x-amz-request-payer" type:"string" enum:"RequestPayer"` - // Specifies the algorithm to use to when encrypting the object (for example, - // AES256). + // Specifies the algorithm to use when encrypting the object (for example, AES256). + // + // When you perform a CopyObject operation, if you want to use a different type + // of encryption setting for the target object, you can specify appropriate + // encryption-related headers to encrypt the target object with an Amazon S3 + // managed key, a KMS key, or a customer-provided key. If the encryption setting + // in your request is different from the default encryption configuration of + // the destination bucket, the encryption setting in your request takes precedence. + // + // This functionality is not supported when the destination bucket is a directory + // bucket. SSECustomerAlgorithm *string `location:"header" locationName:"x-amz-server-side-encryption-customer-algorithm" type:"string"` // Specifies the customer-provided encryption key for Amazon S3 to use in encrypting - // data. This value is used to store the object and then it is discarded; Amazon + // data. This value is used to store the object and then it is discarded. Amazon // S3 does not store the encryption key. The key must be appropriate for use // with the algorithm specified in the x-amz-server-side-encryption-customer-algorithm // header. + // + // This functionality is not supported when the destination bucket is a directory + // bucket. + // + // SSECustomerKey is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by CopyObjectInput's + // String and GoString methods. SSECustomerKey *string `marshal-as:"blob" location:"header" locationName:"x-amz-server-side-encryption-customer-key" type:"string" sensitive:"true"` // Specifies the 128-bit MD5 digest of the encryption key according to RFC 1321. // Amazon S3 uses this header for a message integrity check to ensure that the // encryption key was transmitted without error. + // + // This functionality is not supported when the destination bucket is a directory + // bucket. SSECustomerKeyMD5 *string `location:"header" locationName:"x-amz-server-side-encryption-customer-key-MD5" type:"string"` - // Specifies the AWS KMS Encryption Context to use for object encryption. The - // value of this header is a base64-encoded UTF-8 string holding JSON with the - // encryption context key-value pairs. + // Specifies the Amazon Web Services KMS Encryption Context to use for object + // encryption. The value of this header is a base64-encoded UTF-8 string holding + // JSON with the encryption context key-value pairs. This value must be explicitly + // added to specify encryption context for CopyObject requests. + // + // This functionality is not supported when the destination bucket is a directory + // bucket. + // + // SSEKMSEncryptionContext is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by CopyObjectInput's + // String and GoString methods. SSEKMSEncryptionContext *string `location:"header" locationName:"x-amz-server-side-encryption-context" type:"string" sensitive:"true"` - // Specifies the AWS KMS key ID to use for object encryption. All GET and PUT - // requests for an object protected by AWS KMS will fail if not made via SSL - // or using SigV4. For information about configuring using any of the officially - // supported AWS SDKs and AWS CLI, see Specifying the Signature Version in Request - // Authentication (https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingAWSSDK.html#specify-signature-version) - // in the Amazon S3 Developer Guide. + // Specifies the KMS ID (Key ID, Key ARN, or Key Alias) to use for object encryption. + // All GET and PUT requests for an object protected by KMS will fail if they're + // not made via SSL or using SigV4. For information about configuring any of + // the officially supported Amazon Web Services SDKs and Amazon Web Services + // CLI, see Specifying the Signature Version in Request Authentication (https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingAWSSDK.html#specify-signature-version) + // in the Amazon S3 User Guide. + // + // This functionality is not supported when the destination bucket is a directory + // bucket. + // + // SSEKMSKeyId is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by CopyObjectInput's + // String and GoString methods. SSEKMSKeyId *string `location:"header" locationName:"x-amz-server-side-encryption-aws-kms-key-id" type:"string" sensitive:"true"` // The server-side encryption algorithm used when storing this object in Amazon - // S3 (for example, AES256, aws:kms). + // S3 (for example, AES256, aws:kms, aws:kms:dsse). Unrecognized or unsupported + // values won’t write a destination object and will receive a 400 Bad Request + // response. + // + // Amazon S3 automatically encrypts all new objects that are copied to an S3 + // bucket. When copying an object, if you don't specify encryption information + // in your copy request, the encryption setting of the target object is set + // to the default encryption configuration of the destination bucket. By default, + // all buckets have a base level of encryption configuration that uses server-side + // encryption with Amazon S3 managed keys (SSE-S3). If the destination bucket + // has a default encryption configuration that uses server-side encryption with + // Key Management Service (KMS) keys (SSE-KMS), dual-layer server-side encryption + // with Amazon Web Services KMS keys (DSSE-KMS), or server-side encryption with + // customer-provided encryption keys (SSE-C), Amazon S3 uses the corresponding + // KMS key, or a customer-provided key to encrypt the target object copy. + // + // When you perform a CopyObject operation, if you want to use a different type + // of encryption setting for the target object, you can specify appropriate + // encryption-related headers to encrypt the target object with an Amazon S3 + // managed key, a KMS key, or a customer-provided key. If the encryption setting + // in your request is different from the default encryption configuration of + // the destination bucket, the encryption setting in your request takes precedence. + // + // With server-side encryption, Amazon S3 encrypts your data as it writes your + // data to disks in its data centers and decrypts the data when you access it. + // For more information about server-side encryption, see Using Server-Side + // Encryption (https://docs.aws.amazon.com/AmazonS3/latest/dev/serv-side-encryption.html) + // in the Amazon S3 User Guide. + // + // For directory buckets, only server-side encryption with Amazon S3 managed + // keys (SSE-S3) (AES256) is supported. ServerSideEncryption *string `location:"header" locationName:"x-amz-server-side-encryption" type:"string" enum:"ServerSideEncryption"` - // By default, Amazon S3 uses the STANDARD Storage Class to store newly created - // objects. The STANDARD storage class provides high durability and high availability. - // Depending on performance needs, you can specify a different Storage Class. - // Amazon S3 on Outposts only uses the OUTPOSTS Storage Class. For more information, - // see Storage Classes (https://docs.aws.amazon.com/AmazonS3/latest/dev/storage-class-intro.html) - // in the Amazon S3 Service Developer Guide. + // If the x-amz-storage-class header is not used, the copied object will be + // stored in the STANDARD Storage Class by default. The STANDARD storage class + // provides high durability and high availability. Depending on performance + // needs, you can specify a different Storage Class. + // + // * Directory buckets - For directory buckets, only the S3 Express One Zone + // storage class is supported to store newly created objects. Unsupported + // storage class values won't write a destination object and will respond + // with the HTTP status code 400 Bad Request. + // + // * Amazon S3 on Outposts - S3 on Outposts only uses the OUTPOSTS Storage + // Class. + // + // You can use the CopyObject action to change the storage class of an object + // that is already stored in Amazon S3 by using the x-amz-storage-class header. + // For more information, see Storage Classes (https://docs.aws.amazon.com/AmazonS3/latest/dev/storage-class-intro.html) + // in the Amazon S3 User Guide. + // + // Before using an object as a source object for the copy operation, you must + // restore a copy of it if it meets any of the following conditions: + // + // * The storage class of the source object is GLACIER or DEEP_ARCHIVE. + // + // * The storage class of the source object is INTELLIGENT_TIERING and it's + // S3 Intelligent-Tiering access tier (https://docs.aws.amazon.com/AmazonS3/latest/userguide/intelligent-tiering-overview.html#intel-tiering-tier-definition) + // is Archive Access or Deep Archive Access. + // + // For more information, see RestoreObject (https://docs.aws.amazon.com/AmazonS3/latest/API/API_RestoreObject.html) + // and Copying Objects (https://docs.aws.amazon.com/AmazonS3/latest/dev/CopyingObjectsExamples.html) + // in the Amazon S3 User Guide. StorageClass *string `location:"header" locationName:"x-amz-storage-class" type:"string" enum:"StorageClass"` - // The tag-set for the object destination object this value must be used in - // conjunction with the TaggingDirective. The tag-set must be encoded as URL - // Query parameters. + // The tag-set for the object copy in the destination bucket. This value must + // be used in conjunction with the x-amz-tagging-directive if you choose REPLACE + // for the x-amz-tagging-directive. If you choose COPY for the x-amz-tagging-directive, + // you don't need to set the x-amz-tagging header, because the tag-set will + // be copied from the source object directly. The tag-set must be encoded as + // URL Query parameters. + // + // The default value is the empty value. + // + // Directory buckets - For directory buckets in a CopyObject operation, only + // the empty tag-set is supported. Any requests that attempt to write non-empty + // tags into directory buckets will receive a 501 Not Implemented status code. + // When the destination bucket is a directory bucket, you will receive a 501 + // Not Implemented response in any of the following situations: + // + // * When you attempt to COPY the tag-set from an S3 source object that has + // non-empty tags. + // + // * When you attempt to REPLACE the tag-set of a source object and set a + // non-empty value to x-amz-tagging. + // + // * When you don't set the x-amz-tagging-directive header and the source + // object has non-empty tags. This is because the default value of x-amz-tagging-directive + // is COPY. + // + // Because only the empty tag-set is supported for directory buckets in a CopyObject + // operation, the following situations are allowed: + // + // * When you attempt to COPY the tag-set from a directory bucket source + // object that has no tags to a general purpose bucket. It copies an empty + // tag-set to the destination object. + // + // * When you attempt to REPLACE the tag-set of a directory bucket source + // object and set the x-amz-tagging value of the directory bucket destination + // object to empty. + // + // * When you attempt to REPLACE the tag-set of a general purpose bucket + // source object that has non-empty tags and set the x-amz-tagging value + // of the directory bucket destination object to empty. + // + // * When you attempt to REPLACE the tag-set of a directory bucket source + // object and don't set the x-amz-tagging value of the directory bucket destination + // object. This is because the default value of x-amz-tagging is the empty + // value. Tagging *string `location:"header" locationName:"x-amz-tagging" type:"string"` - // Specifies whether the object tag-set are copied from the source object or - // replaced with tag-set provided in the request. + // Specifies whether the object tag-set is copied from the source object or + // replaced with the tag-set that's provided in the request. + // + // The default value is COPY. + // + // Directory buckets - For directory buckets in a CopyObject operation, only + // the empty tag-set is supported. Any requests that attempt to write non-empty + // tags into directory buckets will receive a 501 Not Implemented status code. + // When the destination bucket is a directory bucket, you will receive a 501 + // Not Implemented response in any of the following situations: + // + // * When you attempt to COPY the tag-set from an S3 source object that has + // non-empty tags. + // + // * When you attempt to REPLACE the tag-set of a source object and set a + // non-empty value to x-amz-tagging. + // + // * When you don't set the x-amz-tagging-directive header and the source + // object has non-empty tags. This is because the default value of x-amz-tagging-directive + // is COPY. + // + // Because only the empty tag-set is supported for directory buckets in a CopyObject + // operation, the following situations are allowed: + // + // * When you attempt to COPY the tag-set from a directory bucket source + // object that has no tags to a general purpose bucket. It copies an empty + // tag-set to the destination object. + // + // * When you attempt to REPLACE the tag-set of a directory bucket source + // object and set the x-amz-tagging value of the directory bucket destination + // object to empty. + // + // * When you attempt to REPLACE the tag-set of a general purpose bucket + // source object that has non-empty tags and set the x-amz-tagging value + // of the directory bucket destination object to empty. + // + // * When you attempt to REPLACE the tag-set of a directory bucket source + // object and don't set the x-amz-tagging value of the directory bucket destination + // object. This is because the default value of x-amz-tagging is the empty + // value. TaggingDirective *string `location:"header" locationName:"x-amz-tagging-directive" type:"string" enum:"TaggingDirective"` - // If the bucket is configured as a website, redirects requests for this object - // to another object in the same bucket or to an external URL. Amazon S3 stores - // the value of this header in the object metadata. + // If the destination bucket is configured as a website, redirects requests + // for this object copy to another object in the same bucket or to an external + // URL. Amazon S3 stores the value of this header in the object metadata. This + // value is unique to each object and is not copied when using the x-amz-metadata-directive + // header. Instead, you may opt to provide this header in combination with the + // x-amz-metadata-directive header. + // + // This functionality is not supported for directory buckets. WebsiteRedirectLocation *string `location:"header" locationName:"x-amz-website-redirect-location" type:"string"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s CopyObjectInput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s CopyObjectInput) GoString() string { return s.String() } @@ -12696,6 +15106,12 @@ func (s *CopyObjectInput) SetCacheControl(v string) *CopyObjectInput { return s } +// SetChecksumAlgorithm sets the ChecksumAlgorithm field's value. +func (s *CopyObjectInput) SetChecksumAlgorithm(v string) *CopyObjectInput { + s.ChecksumAlgorithm = &v + return s +} + // SetContentDisposition sets the ContentDisposition field's value. func (s *CopyObjectInput) SetContentDisposition(v string) *CopyObjectInput { s.ContentDisposition = &v @@ -12957,56 +15373,93 @@ type CopyObjectOutput struct { _ struct{} `type:"structure" payload:"CopyObjectResult"` // Indicates whether the copied object uses an S3 Bucket Key for server-side - // encryption with AWS KMS (SSE-KMS). + // encryption with Key Management Service (KMS) keys (SSE-KMS). + // + // This functionality is not supported for directory buckets. BucketKeyEnabled *bool `location:"header" locationName:"x-amz-server-side-encryption-bucket-key-enabled" type:"boolean"` // Container for all response elements. CopyObjectResult *CopyObjectResult `type:"structure"` - // Version of the copied object in the destination bucket. + // Version ID of the source object that was copied. + // + // This functionality is not supported when the source object is in a directory + // bucket. CopySourceVersionId *string `location:"header" locationName:"x-amz-copy-source-version-id" type:"string"` // If the object expiration is configured, the response includes this header. + // + // This functionality is not supported for directory buckets. Expiration *string `location:"header" locationName:"x-amz-expiration" type:"string"` // If present, indicates that the requester was successfully charged for the // request. + // + // This functionality is not supported for directory buckets. RequestCharged *string `location:"header" locationName:"x-amz-request-charged" type:"string" enum:"RequestCharged"` // If server-side encryption with a customer-provided encryption key was requested, - // the response will include this header confirming the encryption algorithm - // used. + // the response will include this header to confirm the encryption algorithm + // that's used. + // + // This functionality is not supported for directory buckets. SSECustomerAlgorithm *string `location:"header" locationName:"x-amz-server-side-encryption-customer-algorithm" type:"string"` // If server-side encryption with a customer-provided encryption key was requested, - // the response will include this header to provide round-trip message integrity + // the response will include this header to provide the round-trip message integrity // verification of the customer-provided encryption key. + // + // This functionality is not supported for directory buckets. SSECustomerKeyMD5 *string `location:"header" locationName:"x-amz-server-side-encryption-customer-key-MD5" type:"string"` - // If present, specifies the AWS KMS Encryption Context to use for object encryption. - // The value of this header is a base64-encoded UTF-8 string holding JSON with - // the encryption context key-value pairs. + // If present, indicates the Amazon Web Services KMS Encryption Context to use + // for object encryption. The value of this header is a base64-encoded UTF-8 + // string holding JSON with the encryption context key-value pairs. + // + // This functionality is not supported for directory buckets. + // + // SSEKMSEncryptionContext is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by CopyObjectOutput's + // String and GoString methods. SSEKMSEncryptionContext *string `location:"header" locationName:"x-amz-server-side-encryption-context" type:"string" sensitive:"true"` - // If present, specifies the ID of the AWS Key Management Service (AWS KMS) - // symmetric customer managed customer master key (CMK) that was used for the - // object. + // If present, indicates the ID of the Key Management Service (KMS) symmetric + // encryption customer managed key that was used for the object. + // + // This functionality is not supported for directory buckets. + // + // SSEKMSKeyId is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by CopyObjectOutput's + // String and GoString methods. SSEKMSKeyId *string `location:"header" locationName:"x-amz-server-side-encryption-aws-kms-key-id" type:"string" sensitive:"true"` - // The server-side encryption algorithm used when storing this object in Amazon - // S3 (for example, AES256, aws:kms). + // The server-side encryption algorithm used when you store this object in Amazon + // S3 (for example, AES256, aws:kms, aws:kms:dsse). + // + // For directory buckets, only server-side encryption with Amazon S3 managed + // keys (SSE-S3) (AES256) is supported. ServerSideEncryption *string `location:"header" locationName:"x-amz-server-side-encryption" type:"string" enum:"ServerSideEncryption"` // Version ID of the newly created copy. + // + // This functionality is not supported for directory buckets. VersionId *string `location:"header" locationName:"x-amz-version-id" type:"string"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s CopyObjectOutput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s CopyObjectOutput) GoString() string { return s.String() } @@ -13081,25 +15534,80 @@ func (s *CopyObjectOutput) SetVersionId(v string) *CopyObjectOutput { type CopyObjectResult struct { _ struct{} `type:"structure"` + // The base64-encoded, 32-bit CRC32 checksum of the object. This will only be + // present if it was uploaded with the object. For more information, see Checking + // object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) + // in the Amazon S3 User Guide. + ChecksumCRC32 *string `type:"string"` + + // The base64-encoded, 32-bit CRC32C checksum of the object. This will only + // be present if it was uploaded with the object. For more information, see + // Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) + // in the Amazon S3 User Guide. + ChecksumCRC32C *string `type:"string"` + + // The base64-encoded, 160-bit SHA-1 digest of the object. This will only be + // present if it was uploaded with the object. For more information, see Checking + // object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) + // in the Amazon S3 User Guide. + ChecksumSHA1 *string `type:"string"` + + // The base64-encoded, 256-bit SHA-256 digest of the object. This will only + // be present if it was uploaded with the object. For more information, see + // Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) + // in the Amazon S3 User Guide. + ChecksumSHA256 *string `type:"string"` + // Returns the ETag of the new object. The ETag reflects only changes to the - // contents of an object, not its metadata. The source and destination ETag - // is identical for a successfully copied object. + // contents of an object, not its metadata. ETag *string `type:"string"` - // Returns the date that the object was last modified. + // Creation date of the object. LastModified *time.Time `type:"timestamp"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s CopyObjectResult) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s CopyObjectResult) GoString() string { return s.String() } +// SetChecksumCRC32 sets the ChecksumCRC32 field's value. +func (s *CopyObjectResult) SetChecksumCRC32(v string) *CopyObjectResult { + s.ChecksumCRC32 = &v + return s +} + +// SetChecksumCRC32C sets the ChecksumCRC32C field's value. +func (s *CopyObjectResult) SetChecksumCRC32C(v string) *CopyObjectResult { + s.ChecksumCRC32C = &v + return s +} + +// SetChecksumSHA1 sets the ChecksumSHA1 field's value. +func (s *CopyObjectResult) SetChecksumSHA1(v string) *CopyObjectResult { + s.ChecksumSHA1 = &v + return s +} + +// SetChecksumSHA256 sets the ChecksumSHA256 field's value. +func (s *CopyObjectResult) SetChecksumSHA256(v string) *CopyObjectResult { + s.ChecksumSHA256 = &v + return s +} + // SetETag sets the ETag field's value. func (s *CopyObjectResult) SetETag(v string) *CopyObjectResult { s.ETag = &v @@ -13116,6 +15624,46 @@ func (s *CopyObjectResult) SetLastModified(v time.Time) *CopyObjectResult { type CopyPartResult struct { _ struct{} `type:"structure"` + // The base64-encoded, 32-bit CRC32 checksum of the object. This will only be + // present if it was uploaded with the object. When you use an API operation + // on an object that was uploaded using multipart uploads, this value may not + // be a direct checksum value of the full object. Instead, it's a calculation + // based on the checksum values of each individual part. For more information + // about how checksums are calculated with multipart uploads, see Checking object + // integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) + // in the Amazon S3 User Guide. + ChecksumCRC32 *string `type:"string"` + + // The base64-encoded, 32-bit CRC32C checksum of the object. This will only + // be present if it was uploaded with the object. When you use an API operation + // on an object that was uploaded using multipart uploads, this value may not + // be a direct checksum value of the full object. Instead, it's a calculation + // based on the checksum values of each individual part. For more information + // about how checksums are calculated with multipart uploads, see Checking object + // integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) + // in the Amazon S3 User Guide. + ChecksumCRC32C *string `type:"string"` + + // The base64-encoded, 160-bit SHA-1 digest of the object. This will only be + // present if it was uploaded with the object. When you use the API operation + // on an object that was uploaded using multipart uploads, this value may not + // be a direct checksum value of the full object. Instead, it's a calculation + // based on the checksum values of each individual part. For more information + // about how checksums are calculated with multipart uploads, see Checking object + // integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) + // in the Amazon S3 User Guide. + ChecksumSHA1 *string `type:"string"` + + // The base64-encoded, 256-bit SHA-256 digest of the object. This will only + // be present if it was uploaded with the object. When you use an API operation + // on an object that was uploaded using multipart uploads, this value may not + // be a direct checksum value of the full object. Instead, it's a calculation + // based on the checksum values of each individual part. For more information + // about how checksums are calculated with multipart uploads, see Checking object + // integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) + // in the Amazon S3 User Guide. + ChecksumSHA256 *string `type:"string"` + // Entity tag of the object. ETag *string `type:"string"` @@ -13123,16 +15671,48 @@ type CopyPartResult struct { LastModified *time.Time `type:"timestamp"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s CopyPartResult) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s CopyPartResult) GoString() string { return s.String() } +// SetChecksumCRC32 sets the ChecksumCRC32 field's value. +func (s *CopyPartResult) SetChecksumCRC32(v string) *CopyPartResult { + s.ChecksumCRC32 = &v + return s +} + +// SetChecksumCRC32C sets the ChecksumCRC32C field's value. +func (s *CopyPartResult) SetChecksumCRC32C(v string) *CopyPartResult { + s.ChecksumCRC32C = &v + return s +} + +// SetChecksumSHA1 sets the ChecksumSHA1 field's value. +func (s *CopyPartResult) SetChecksumSHA1(v string) *CopyPartResult { + s.ChecksumSHA1 = &v + return s +} + +// SetChecksumSHA256 sets the ChecksumSHA256 field's value. +func (s *CopyPartResult) SetChecksumSHA256(v string) *CopyPartResult { + s.ChecksumSHA256 = &v + return s +} + // SetETag sets the ETag field's value. func (s *CopyPartResult) SetETag(v string) *CopyPartResult { s.ETag = &v @@ -13149,21 +15729,66 @@ func (s *CopyPartResult) SetLastModified(v time.Time) *CopyPartResult { type CreateBucketConfiguration struct { _ struct{} `type:"structure"` - // Specifies the Region where the bucket will be created. If you don't specify - // a Region, the bucket is created in the US East (N. Virginia) Region (us-east-1). + // Specifies the information about the bucket that will be created. + // + // This functionality is only supported by directory buckets. + Bucket *BucketInfo `type:"structure"` + + // Specifies the location where the bucket will be created. + // + // For directory buckets, the location type is Availability Zone. + // + // This functionality is only supported by directory buckets. + Location *LocationInfo `type:"structure"` + + // Specifies the Region where the bucket will be created. You might choose a + // Region to optimize latency, minimize costs, or address regulatory requirements. + // For example, if you reside in Europe, you will probably find it advantageous + // to create buckets in the Europe (Ireland) Region. For more information, see + // Accessing a bucket (https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingBucket.html#access-bucket-intro) + // in the Amazon S3 User Guide. + // + // If you don't specify a Region, the bucket is created in the US East (N. Virginia) + // Region (us-east-1) by default. + // + // This functionality is not supported for directory buckets. LocationConstraint *string `type:"string" enum:"BucketLocationConstraint"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s CreateBucketConfiguration) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s CreateBucketConfiguration) GoString() string { return s.String() } +// SetBucket sets the Bucket field's value. +func (s *CreateBucketConfiguration) SetBucket(v *BucketInfo) *CreateBucketConfiguration { + s.Bucket = v + return s +} + +func (s *CreateBucketConfiguration) getBucket() (v *BucketInfo) { + return s.Bucket +} + +// SetLocation sets the Location field's value. +func (s *CreateBucketConfiguration) SetLocation(v *LocationInfo) *CreateBucketConfiguration { + s.Location = v + return s +} + // SetLocationConstraint sets the LocationConstraint field's value. func (s *CreateBucketConfiguration) SetLocationConstraint(v string) *CreateBucketConfiguration { s.LocationConstraint = &v @@ -13174,10 +15799,25 @@ type CreateBucketInput struct { _ struct{} `locationName:"CreateBucketRequest" type:"structure" payload:"CreateBucketConfiguration"` // The canned ACL to apply to the bucket. + // + // This functionality is not supported for directory buckets. ACL *string `location:"header" locationName:"x-amz-acl" type:"string" enum:"BucketCannedACL"` // The name of the bucket to create. // + // General purpose buckets - For information about bucket naming restrictions, + // see Bucket naming rules (https://docs.aws.amazon.com/AmazonS3/latest/userguide/bucketnamingrules.html) + // in the Amazon S3 User Guide. + // + // Directory buckets - When you use this operation with a directory bucket, + // you must use path-style requests in the format https://s3express-control.region_code.amazonaws.com/bucket-name + // . Virtual-hosted-style requests aren't supported. Directory bucket names + // must be unique in the chosen Availability Zone. Bucket names must also follow + // the format bucket_base_name--az_id--x-s3 (for example, DOC-EXAMPLE-BUCKET--usw2-az1--x-s3). + // For information about bucket naming restrictions, see Directory bucket naming + // rules (https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-bucket-naming-rules.html) + // in the Amazon S3 User Guide + // // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` @@ -13186,30 +15826,80 @@ type CreateBucketInput struct { // Allows grantee the read, write, read ACP, and write ACP permissions on the // bucket. + // + // This functionality is not supported for directory buckets. GrantFullControl *string `location:"header" locationName:"x-amz-grant-full-control" type:"string"` // Allows grantee to list the objects in the bucket. + // + // This functionality is not supported for directory buckets. GrantRead *string `location:"header" locationName:"x-amz-grant-read" type:"string"` // Allows grantee to read the bucket ACL. + // + // This functionality is not supported for directory buckets. GrantReadACP *string `location:"header" locationName:"x-amz-grant-read-acp" type:"string"` - // Allows grantee to create, overwrite, and delete any object in the bucket. + // Allows grantee to create new objects in the bucket. + // + // For the bucket and object owners of existing objects, also allows deletions + // and overwrites of those objects. + // + // This functionality is not supported for directory buckets. GrantWrite *string `location:"header" locationName:"x-amz-grant-write" type:"string"` // Allows grantee to write the ACL for the applicable bucket. + // + // This functionality is not supported for directory buckets. GrantWriteACP *string `location:"header" locationName:"x-amz-grant-write-acp" type:"string"` // Specifies whether you want S3 Object Lock to be enabled for the new bucket. + // + // This functionality is not supported for directory buckets. ObjectLockEnabledForBucket *bool `location:"header" locationName:"x-amz-bucket-object-lock-enabled" type:"boolean"` + + // The container element for object ownership for a bucket's ownership controls. + // + // BucketOwnerPreferred - Objects uploaded to the bucket change ownership to + // the bucket owner if the objects are uploaded with the bucket-owner-full-control + // canned ACL. + // + // ObjectWriter - The uploading account will own the object if the object is + // uploaded with the bucket-owner-full-control canned ACL. + // + // BucketOwnerEnforced - Access control lists (ACLs) are disabled and no longer + // affect permissions. The bucket owner automatically owns and has full control + // over every object in the bucket. The bucket only accepts PUT requests that + // don't specify an ACL or specify bucket owner full control ACLs (such as the + // predefined bucket-owner-full-control canned ACL or a custom ACL in XML format + // that grants the same permissions). + // + // By default, ObjectOwnership is set to BucketOwnerEnforced and ACLs are disabled. + // We recommend keeping ACLs disabled, except in uncommon use cases where you + // must control access for each object individually. For more information about + // S3 Object Ownership, see Controlling ownership of objects and disabling ACLs + // for your bucket (https://docs.aws.amazon.com/AmazonS3/latest/userguide/about-object-ownership.html) + // in the Amazon S3 User Guide. + // + // This functionality is not supported for directory buckets. Directory buckets + // use the bucket owner enforced setting for S3 Object Ownership. + ObjectOwnership *string `location:"header" locationName:"x-amz-object-ownership" type:"string" enum:"ObjectOwnership"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s CreateBucketInput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s CreateBucketInput) GoString() string { return s.String() } @@ -13291,21 +15981,33 @@ func (s *CreateBucketInput) SetObjectLockEnabledForBucket(v bool) *CreateBucketI return s } +// SetObjectOwnership sets the ObjectOwnership field's value. +func (s *CreateBucketInput) SetObjectOwnership(v string) *CreateBucketInput { + s.ObjectOwnership = &v + return s +} + type CreateBucketOutput struct { _ struct{} `type:"structure"` - // Specifies the Region where the bucket will be created. If you are creating - // a bucket on the US East (N. Virginia) Region (us-east-1), you do not need - // to specify the location. + // A forward slash followed by the name of the bucket. Location *string `location:"header" locationName:"Location" type:"string"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s CreateBucketOutput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s CreateBucketOutput) GoString() string { return s.String() } @@ -13319,83 +16021,253 @@ func (s *CreateBucketOutput) SetLocation(v string) *CreateBucketOutput { type CreateMultipartUploadInput struct { _ struct{} `locationName:"CreateMultipartUploadRequest" type:"structure"` - // The canned ACL to apply to the object. + // The canned ACL to apply to the object. Amazon S3 supports a set of predefined + // ACLs, known as canned ACLs. Each canned ACL has a predefined set of grantees + // and permissions. For more information, see Canned ACL (https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#CannedACL) + // in the Amazon S3 User Guide. // - // This action is not supported by Amazon S3 on Outposts. - ACL *string `location:"header" locationName:"x-amz-acl" type:"string" enum:"ObjectCannedACL"` - - // The name of the bucket to which to initiate the upload + // By default, all objects are private. Only the owner has full access control. + // When uploading an object, you can grant access permissions to individual + // Amazon Web Services accounts or to predefined groups defined by Amazon S3. + // These permissions are then added to the access control list (ACL) on the + // new object. For more information, see Using ACLs (https://docs.aws.amazon.com/AmazonS3/latest/dev/S3_ACLs_UsingACLs.html). + // One way to grant the permissions using the request headers is to specify + // a canned ACL with the x-amz-acl request header. // - // When using this API with an access point, you must direct requests to the - // access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. - // When using this operation with an access point through the AWS SDKs, you - // provide the access point ARN in place of the bucket name. For more information - // about access point ARNs, see Using Access Points (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-access-points.html) - // in the Amazon Simple Storage Service Developer Guide. + // * This functionality is not supported for directory buckets. // - // When using this API with Amazon S3 on Outposts, you must direct requests - // to the S3 on Outposts hostname. The S3 on Outposts hostname takes the form - // AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com. When - // using this operation using S3 on Outposts through the AWS SDKs, you provide - // the Outposts bucket ARN in place of the bucket name. For more information - // about S3 on Outposts ARNs, see Using S3 on Outposts (https://docs.aws.amazon.com/AmazonS3/latest/dev/S3onOutposts.html) - // in the Amazon Simple Storage Service Developer Guide. + // * This functionality is not supported for Amazon S3 on Outposts. + ACL *string `location:"header" locationName:"x-amz-acl" type:"string" enum:"ObjectCannedACL"` + + // The name of the bucket where the multipart upload is initiated and where + // the object is uploaded. + // + // Directory buckets - When you use this operation with a directory bucket, + // you must use virtual-hosted-style requests in the format Bucket_name.s3express-az_id.region.amazonaws.com. + // Path-style requests are not supported. Directory bucket names must be unique + // in the chosen Availability Zone. Bucket names must follow the format bucket_base_name--az-id--x-s3 + // (for example, DOC-EXAMPLE-BUCKET--usw2-az1--x-s3). For information about + // bucket naming restrictions, see Directory bucket naming rules (https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-bucket-naming-rules.html) + // in the Amazon S3 User Guide. + // + // Access points - When you use this action with an access point, you must provide + // the alias of the access point in place of the bucket name or specify the + // access point ARN. When using the access point ARN, you must direct requests + // to the access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. + // When using this action with an access point through the Amazon Web Services + // SDKs, you provide the access point ARN in place of the bucket name. For more + // information about access point ARNs, see Using access points (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html) + // in the Amazon S3 User Guide. + // + // Access points and Object Lambda access points are not supported by directory + // buckets. + // + // S3 on Outposts - When you use this action with Amazon S3 on Outposts, you + // must direct requests to the S3 on Outposts hostname. The S3 on Outposts hostname + // takes the form AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com. + // When you use this action with S3 on Outposts through the Amazon Web Services + // SDKs, you provide the Outposts access point ARN in place of the bucket name. + // For more information about S3 on Outposts ARNs, see What is S3 on Outposts? + // (https://docs.aws.amazon.com/AmazonS3/latest/userguide/S3onOutposts.html) + // in the Amazon S3 User Guide. // // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` // Specifies whether Amazon S3 should use an S3 Bucket Key for object encryption - // with server-side encryption using AWS KMS (SSE-KMS). Setting this header - // to true causes Amazon S3 to use an S3 Bucket Key for object encryption with - // SSE-KMS. + // with server-side encryption using Key Management Service (KMS) keys (SSE-KMS). + // Setting this header to true causes Amazon S3 to use an S3 Bucket Key for + // object encryption with SSE-KMS. // - // Specifying this header with an object operation doesn’t affect bucket-level + // Specifying this header with an object action doesn’t affect bucket-level // settings for S3 Bucket Key. + // + // This functionality is not supported for directory buckets. BucketKeyEnabled *bool `location:"header" locationName:"x-amz-server-side-encryption-bucket-key-enabled" type:"boolean"` // Specifies caching behavior along the request/reply chain. CacheControl *string `location:"header" locationName:"Cache-Control" type:"string"` + // Indicates the algorithm that you want Amazon S3 to use to create the checksum + // for the object. For more information, see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) + // in the Amazon S3 User Guide. + ChecksumAlgorithm *string `location:"header" locationName:"x-amz-checksum-algorithm" type:"string" enum:"ChecksumAlgorithm"` + // Specifies presentational information for the object. ContentDisposition *string `location:"header" locationName:"Content-Disposition" type:"string"` // Specifies what content encodings have been applied to the object and thus // what decoding mechanisms must be applied to obtain the media-type referenced // by the Content-Type header field. + // + // For directory buckets, only the aws-chunked value is supported in this header + // field. ContentEncoding *string `location:"header" locationName:"Content-Encoding" type:"string"` - // The language the content is in. + // The language that the content is in. ContentLanguage *string `location:"header" locationName:"Content-Language" type:"string"` // A standard MIME type describing the format of the object data. ContentType *string `location:"header" locationName:"Content-Type" type:"string"` - // The account id of the expected bucket owner. If the bucket is owned by a - // different account, the request will fail with an HTTP 403 (Access Denied) - // error. + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` // The date and time at which the object is no longer cacheable. Expires *time.Time `location:"header" locationName:"Expires" type:"timestamp"` - // Gives the grantee READ, READ_ACP, and WRITE_ACP permissions on the object. + // Specify access permissions explicitly to give the grantee READ, READ_ACP, + // and WRITE_ACP permissions on the object. + // + // By default, all objects are private. Only the owner has full access control. + // When uploading an object, you can use this header to explicitly grant access + // permissions to specific Amazon Web Services accounts or groups. This header + // maps to specific permissions that Amazon S3 supports in an ACL. For more + // information, see Access Control List (ACL) Overview (https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html) + // in the Amazon S3 User Guide. + // + // You specify each grantee as a type=value pair, where the type is one of the + // following: + // + // * id – if the value specified is the canonical user ID of an Amazon + // Web Services account + // + // * uri – if you are granting permissions to a predefined group // - // This action is not supported by Amazon S3 on Outposts. + // * emailAddress – if the value specified is the email address of an Amazon + // Web Services account Using email addresses to specify a grantee is only + // supported in the following Amazon Web Services Regions: US East (N. Virginia) + // US West (N. California) US West (Oregon) Asia Pacific (Singapore) Asia + // Pacific (Sydney) Asia Pacific (Tokyo) Europe (Ireland) South America (São + // Paulo) For a list of all the Amazon S3 supported Regions and endpoints, + // see Regions and Endpoints (https://docs.aws.amazon.com/general/latest/gr/rande.html#s3_region) + // in the Amazon Web Services General Reference. + // + // For example, the following x-amz-grant-read header grants the Amazon Web + // Services accounts identified by account IDs permissions to read object data + // and its metadata: + // + // x-amz-grant-read: id="11112222333", id="444455556666" + // + // * This functionality is not supported for directory buckets. + // + // * This functionality is not supported for Amazon S3 on Outposts. GrantFullControl *string `location:"header" locationName:"x-amz-grant-full-control" type:"string"` - // Allows grantee to read the object data and its metadata. + // Specify access permissions explicitly to allow grantee to read the object + // data and its metadata. + // + // By default, all objects are private. Only the owner has full access control. + // When uploading an object, you can use this header to explicitly grant access + // permissions to specific Amazon Web Services accounts or groups. This header + // maps to specific permissions that Amazon S3 supports in an ACL. For more + // information, see Access Control List (ACL) Overview (https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html) + // in the Amazon S3 User Guide. + // + // You specify each grantee as a type=value pair, where the type is one of the + // following: + // + // * id – if the value specified is the canonical user ID of an Amazon + // Web Services account + // + // * uri – if you are granting permissions to a predefined group // - // This action is not supported by Amazon S3 on Outposts. + // * emailAddress – if the value specified is the email address of an Amazon + // Web Services account Using email addresses to specify a grantee is only + // supported in the following Amazon Web Services Regions: US East (N. Virginia) + // US West (N. California) US West (Oregon) Asia Pacific (Singapore) Asia + // Pacific (Sydney) Asia Pacific (Tokyo) Europe (Ireland) South America (São + // Paulo) For a list of all the Amazon S3 supported Regions and endpoints, + // see Regions and Endpoints (https://docs.aws.amazon.com/general/latest/gr/rande.html#s3_region) + // in the Amazon Web Services General Reference. + // + // For example, the following x-amz-grant-read header grants the Amazon Web + // Services accounts identified by account IDs permissions to read object data + // and its metadata: + // + // x-amz-grant-read: id="11112222333", id="444455556666" + // + // * This functionality is not supported for directory buckets. + // + // * This functionality is not supported for Amazon S3 on Outposts. GrantRead *string `location:"header" locationName:"x-amz-grant-read" type:"string"` - // Allows grantee to read the object ACL. + // Specify access permissions explicitly to allows grantee to read the object + // ACL. + // + // By default, all objects are private. Only the owner has full access control. + // When uploading an object, you can use this header to explicitly grant access + // permissions to specific Amazon Web Services accounts or groups. This header + // maps to specific permissions that Amazon S3 supports in an ACL. For more + // information, see Access Control List (ACL) Overview (https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html) + // in the Amazon S3 User Guide. + // + // You specify each grantee as a type=value pair, where the type is one of the + // following: + // + // * id – if the value specified is the canonical user ID of an Amazon + // Web Services account // - // This action is not supported by Amazon S3 on Outposts. + // * uri – if you are granting permissions to a predefined group + // + // * emailAddress – if the value specified is the email address of an Amazon + // Web Services account Using email addresses to specify a grantee is only + // supported in the following Amazon Web Services Regions: US East (N. Virginia) + // US West (N. California) US West (Oregon) Asia Pacific (Singapore) Asia + // Pacific (Sydney) Asia Pacific (Tokyo) Europe (Ireland) South America (São + // Paulo) For a list of all the Amazon S3 supported Regions and endpoints, + // see Regions and Endpoints (https://docs.aws.amazon.com/general/latest/gr/rande.html#s3_region) + // in the Amazon Web Services General Reference. + // + // For example, the following x-amz-grant-read header grants the Amazon Web + // Services accounts identified by account IDs permissions to read object data + // and its metadata: + // + // x-amz-grant-read: id="11112222333", id="444455556666" + // + // * This functionality is not supported for directory buckets. + // + // * This functionality is not supported for Amazon S3 on Outposts. GrantReadACP *string `location:"header" locationName:"x-amz-grant-read-acp" type:"string"` - // Allows grantee to write the ACL for the applicable object. + // Specify access permissions explicitly to allows grantee to allow grantee + // to write the ACL for the applicable object. + // + // By default, all objects are private. Only the owner has full access control. + // When uploading an object, you can use this header to explicitly grant access + // permissions to specific Amazon Web Services accounts or groups. This header + // maps to specific permissions that Amazon S3 supports in an ACL. For more + // information, see Access Control List (ACL) Overview (https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html) + // in the Amazon S3 User Guide. + // + // You specify each grantee as a type=value pair, where the type is one of the + // following: // - // This action is not supported by Amazon S3 on Outposts. + // * id – if the value specified is the canonical user ID of an Amazon + // Web Services account + // + // * uri – if you are granting permissions to a predefined group + // + // * emailAddress – if the value specified is the email address of an Amazon + // Web Services account Using email addresses to specify a grantee is only + // supported in the following Amazon Web Services Regions: US East (N. Virginia) + // US West (N. California) US West (Oregon) Asia Pacific (Singapore) Asia + // Pacific (Sydney) Asia Pacific (Tokyo) Europe (Ireland) South America (São + // Paulo) For a list of all the Amazon S3 supported Regions and endpoints, + // see Regions and Endpoints (https://docs.aws.amazon.com/general/latest/gr/rande.html#s3_region) + // in the Amazon Web Services General Reference. + // + // For example, the following x-amz-grant-read header grants the Amazon Web + // Services accounts identified by account IDs permissions to read object data + // and its metadata: + // + // x-amz-grant-read: id="11112222333", id="444455556666" + // + // * This functionality is not supported for directory buckets. + // + // * This functionality is not supported for Amazon S3 on Outposts. GrantWriteACP *string `location:"header" locationName:"x-amz-grant-write-acp" type:"string"` // Object key for which the multipart upload is to be initiated. @@ -13406,24 +16278,35 @@ type CreateMultipartUploadInput struct { // A map of metadata to store with the object in S3. Metadata map[string]*string `location:"headers" locationName:"x-amz-meta-" type:"map"` - // Specifies whether you want to apply a Legal Hold to the uploaded object. + // Specifies whether you want to apply a legal hold to the uploaded object. + // + // This functionality is not supported for directory buckets. ObjectLockLegalHoldStatus *string `location:"header" locationName:"x-amz-object-lock-legal-hold" type:"string" enum:"ObjectLockLegalHoldStatus"` // Specifies the Object Lock mode that you want to apply to the uploaded object. + // + // This functionality is not supported for directory buckets. ObjectLockMode *string `location:"header" locationName:"x-amz-object-lock-mode" type:"string" enum:"ObjectLockMode"` // Specifies the date and time when you want the Object Lock to expire. + // + // This functionality is not supported for directory buckets. ObjectLockRetainUntilDate *time.Time `location:"header" locationName:"x-amz-object-lock-retain-until-date" type:"timestamp" timestampFormat:"iso8601"` // Confirms that the requester knows that they will be charged for the request. - // Bucket owners need not specify this parameter in their requests. For information - // about downloading objects from requester pays buckets, see Downloading Objects - // in Requestor Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) - // in the Amazon S3 Developer Guide. + // Bucket owners need not specify this parameter in their requests. If either + // the source or destination S3 bucket has Requester Pays enabled, the requester + // will pay for corresponding charges to copy the object. For information about + // downloading objects from Requester Pays buckets, see Downloading Objects + // in Requester Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) + // in the Amazon S3 User Guide. + // + // This functionality is not supported for directory buckets. RequestPayer *string `location:"header" locationName:"x-amz-request-payer" type:"string" enum:"RequestPayer"` - // Specifies the algorithm to use to when encrypting the object (for example, - // AES256). + // Specifies the algorithm to use when encrypting the object (for example, AES256). + // + // This functionality is not supported for directory buckets. SSECustomerAlgorithm *string `location:"header" locationName:"x-amz-server-side-encryption-customer-algorithm" type:"string"` // Specifies the customer-provided encryption key for Amazon S3 to use in encrypting @@ -13431,53 +16314,88 @@ type CreateMultipartUploadInput struct { // S3 does not store the encryption key. The key must be appropriate for use // with the algorithm specified in the x-amz-server-side-encryption-customer-algorithm // header. + // + // This functionality is not supported for directory buckets. + // + // SSECustomerKey is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by CreateMultipartUploadInput's + // String and GoString methods. SSECustomerKey *string `marshal-as:"blob" location:"header" locationName:"x-amz-server-side-encryption-customer-key" type:"string" sensitive:"true"` - // Specifies the 128-bit MD5 digest of the encryption key according to RFC 1321. - // Amazon S3 uses this header for a message integrity check to ensure that the - // encryption key was transmitted without error. + // Specifies the 128-bit MD5 digest of the customer-provided encryption key + // according to RFC 1321. Amazon S3 uses this header for a message integrity + // check to ensure that the encryption key was transmitted without error. + // + // This functionality is not supported for directory buckets. SSECustomerKeyMD5 *string `location:"header" locationName:"x-amz-server-side-encryption-customer-key-MD5" type:"string"` - // Specifies the AWS KMS Encryption Context to use for object encryption. The - // value of this header is a base64-encoded UTF-8 string holding JSON with the - // encryption context key-value pairs. + // Specifies the Amazon Web Services KMS Encryption Context to use for object + // encryption. The value of this header is a base64-encoded UTF-8 string holding + // JSON with the encryption context key-value pairs. + // + // This functionality is not supported for directory buckets. + // + // SSEKMSEncryptionContext is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by CreateMultipartUploadInput's + // String and GoString methods. SSEKMSEncryptionContext *string `location:"header" locationName:"x-amz-server-side-encryption-context" type:"string" sensitive:"true"` - // Specifies the ID of the symmetric customer managed AWS KMS CMK to use for - // object encryption. All GET and PUT requests for an object protected by AWS - // KMS will fail if not made via SSL or using SigV4. For information about configuring - // using any of the officially supported AWS SDKs and AWS CLI, see Specifying - // the Signature Version in Request Authentication (https://docs.aws.amazon.com/http:/docs.aws.amazon.com/AmazonS3/latest/dev/UsingAWSSDK.html#specify-signature-version) - // in the Amazon S3 Developer Guide. + // Specifies the ID (Key ID, Key ARN, or Key Alias) of the symmetric encryption + // customer managed key to use for object encryption. + // + // This functionality is not supported for directory buckets. + // + // SSEKMSKeyId is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by CreateMultipartUploadInput's + // String and GoString methods. SSEKMSKeyId *string `location:"header" locationName:"x-amz-server-side-encryption-aws-kms-key-id" type:"string" sensitive:"true"` - // The server-side encryption algorithm used when storing this object in Amazon + // The server-side encryption algorithm used when you store this object in Amazon // S3 (for example, AES256, aws:kms). + // + // For directory buckets, only server-side encryption with Amazon S3 managed + // keys (SSE-S3) (AES256) is supported. ServerSideEncryption *string `location:"header" locationName:"x-amz-server-side-encryption" type:"string" enum:"ServerSideEncryption"` // By default, Amazon S3 uses the STANDARD Storage Class to store newly created // objects. The STANDARD storage class provides high durability and high availability. // Depending on performance needs, you can specify a different Storage Class. - // Amazon S3 on Outposts only uses the OUTPOSTS Storage Class. For more information, - // see Storage Classes (https://docs.aws.amazon.com/AmazonS3/latest/dev/storage-class-intro.html) - // in the Amazon S3 Service Developer Guide. + // For more information, see Storage Classes (https://docs.aws.amazon.com/AmazonS3/latest/dev/storage-class-intro.html) + // in the Amazon S3 User Guide. + // + // * For directory buckets, only the S3 Express One Zone storage class is + // supported to store newly created objects. + // + // * Amazon S3 on Outposts only uses the OUTPOSTS Storage Class. StorageClass *string `location:"header" locationName:"x-amz-storage-class" type:"string" enum:"StorageClass"` // The tag-set for the object. The tag-set must be encoded as URL Query parameters. + // + // This functionality is not supported for directory buckets. Tagging *string `location:"header" locationName:"x-amz-tagging" type:"string"` // If the bucket is configured as a website, redirects requests for this object // to another object in the same bucket or to an external URL. Amazon S3 stores // the value of this header in the object metadata. + // + // This functionality is not supported for directory buckets. WebsiteRedirectLocation *string `location:"header" locationName:"x-amz-website-redirect-location" type:"string"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s CreateMultipartUploadInput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s CreateMultipartUploadInput) GoString() string { return s.String() } @@ -13535,6 +16453,12 @@ func (s *CreateMultipartUploadInput) SetCacheControl(v string) *CreateMultipartU return s } +// SetChecksumAlgorithm sets the ChecksumAlgorithm field's value. +func (s *CreateMultipartUploadInput) SetChecksumAlgorithm(v string) *CreateMultipartUploadInput { + s.ChecksumAlgorithm = &v + return s +} + // SetContentDisposition sets the ContentDisposition field's value. func (s *CreateMultipartUploadInput) SetContentDisposition(v string) *CreateMultipartUploadInput { s.ContentDisposition = &v @@ -13727,80 +16651,106 @@ type CreateMultipartUploadOutput struct { // name in the request, the response includes this header. The header indicates // when the initiated multipart upload becomes eligible for an abort operation. // For more information, see Aborting Incomplete Multipart Uploads Using a Bucket - // Lifecycle Policy (https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuoverview.html#mpu-abort-incomplete-mpu-lifecycle-config). + // Lifecycle Configuration (https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuoverview.html#mpu-abort-incomplete-mpu-lifecycle-config) + // in the Amazon S3 User Guide. // // The response also includes the x-amz-abort-rule-id header that provides the - // ID of the lifecycle configuration rule that defines this action. + // ID of the lifecycle configuration rule that defines the abort action. + // + // This functionality is not supported for directory buckets. AbortDate *time.Time `location:"header" locationName:"x-amz-abort-date" type:"timestamp"` // This header is returned along with the x-amz-abort-date header. It identifies // the applicable lifecycle configuration rule that defines the action to abort // incomplete multipart uploads. + // + // This functionality is not supported for directory buckets. AbortRuleId *string `location:"header" locationName:"x-amz-abort-rule-id" type:"string"` - // The name of the bucket to which the multipart upload was initiated. + // The name of the bucket to which the multipart upload was initiated. Does + // not return the access point ARN or access point alias if used. // - // When using this API with an access point, you must direct requests to the - // access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. - // When using this operation with an access point through the AWS SDKs, you - // provide the access point ARN in place of the bucket name. For more information - // about access point ARNs, see Using Access Points (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-access-points.html) - // in the Amazon Simple Storage Service Developer Guide. - // - // When using this API with Amazon S3 on Outposts, you must direct requests - // to the S3 on Outposts hostname. The S3 on Outposts hostname takes the form - // AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com. When - // using this operation using S3 on Outposts through the AWS SDKs, you provide - // the Outposts bucket ARN in place of the bucket name. For more information - // about S3 on Outposts ARNs, see Using S3 on Outposts (https://docs.aws.amazon.com/AmazonS3/latest/dev/S3onOutposts.html) - // in the Amazon Simple Storage Service Developer Guide. + // Access points are not supported by directory buckets. Bucket *string `locationName:"Bucket" type:"string"` // Indicates whether the multipart upload uses an S3 Bucket Key for server-side - // encryption with AWS KMS (SSE-KMS). + // encryption with Key Management Service (KMS) keys (SSE-KMS). + // + // This functionality is not supported for directory buckets. BucketKeyEnabled *bool `location:"header" locationName:"x-amz-server-side-encryption-bucket-key-enabled" type:"boolean"` + // The algorithm that was used to create a checksum of the object. + ChecksumAlgorithm *string `location:"header" locationName:"x-amz-checksum-algorithm" type:"string" enum:"ChecksumAlgorithm"` + // Object key for which the multipart upload was initiated. Key *string `min:"1" type:"string"` // If present, indicates that the requester was successfully charged for the // request. + // + // This functionality is not supported for directory buckets. RequestCharged *string `location:"header" locationName:"x-amz-request-charged" type:"string" enum:"RequestCharged"` // If server-side encryption with a customer-provided encryption key was requested, - // the response will include this header confirming the encryption algorithm - // used. + // the response will include this header to confirm the encryption algorithm + // that's used. + // + // This functionality is not supported for directory buckets. SSECustomerAlgorithm *string `location:"header" locationName:"x-amz-server-side-encryption-customer-algorithm" type:"string"` // If server-side encryption with a customer-provided encryption key was requested, - // the response will include this header to provide round-trip message integrity + // the response will include this header to provide the round-trip message integrity // verification of the customer-provided encryption key. + // + // This functionality is not supported for directory buckets. SSECustomerKeyMD5 *string `location:"header" locationName:"x-amz-server-side-encryption-customer-key-MD5" type:"string"` - // If present, specifies the AWS KMS Encryption Context to use for object encryption. - // The value of this header is a base64-encoded UTF-8 string holding JSON with - // the encryption context key-value pairs. + // If present, indicates the Amazon Web Services KMS Encryption Context to use + // for object encryption. The value of this header is a base64-encoded UTF-8 + // string holding JSON with the encryption context key-value pairs. + // + // This functionality is not supported for directory buckets. + // + // SSEKMSEncryptionContext is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by CreateMultipartUploadOutput's + // String and GoString methods. SSEKMSEncryptionContext *string `location:"header" locationName:"x-amz-server-side-encryption-context" type:"string" sensitive:"true"` - // If present, specifies the ID of the AWS Key Management Service (AWS KMS) - // symmetric customer managed customer master key (CMK) that was used for the - // object. + // If present, indicates the ID of the Key Management Service (KMS) symmetric + // encryption customer managed key that was used for the object. + // + // This functionality is not supported for directory buckets. + // + // SSEKMSKeyId is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by CreateMultipartUploadOutput's + // String and GoString methods. SSEKMSKeyId *string `location:"header" locationName:"x-amz-server-side-encryption-aws-kms-key-id" type:"string" sensitive:"true"` - // The server-side encryption algorithm used when storing this object in Amazon + // The server-side encryption algorithm used when you store this object in Amazon // S3 (for example, AES256, aws:kms). + // + // For directory buckets, only server-side encryption with Amazon S3 managed + // keys (SSE-S3) (AES256) is supported. ServerSideEncryption *string `location:"header" locationName:"x-amz-server-side-encryption" type:"string" enum:"ServerSideEncryption"` // ID for the initiated multipart upload. UploadId *string `type:"string"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s CreateMultipartUploadOutput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s CreateMultipartUploadOutput) GoString() string { return s.String() } @@ -13836,6 +16786,12 @@ func (s *CreateMultipartUploadOutput) SetBucketKeyEnabled(v bool) *CreateMultipa return s } +// SetChecksumAlgorithm sets the ChecksumAlgorithm field's value. +func (s *CreateMultipartUploadOutput) SetChecksumAlgorithm(v string) *CreateMultipartUploadOutput { + s.ChecksumAlgorithm = &v + return s +} + // SetKey sets the Key field's value. func (s *CreateMultipartUploadOutput) SetKey(v string) *CreateMultipartUploadOutput { s.Key = &v @@ -13884,28 +16840,173 @@ func (s *CreateMultipartUploadOutput) SetUploadId(v string) *CreateMultipartUplo return s } +type CreateSessionInput struct { + _ struct{} `locationName:"CreateSessionRequest" type:"structure"` + + // The name of the bucket that you create a session for. + // + // Bucket is a required field + Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` + + // Specifies the mode of the session that will be created, either ReadWrite + // or ReadOnly. By default, a ReadWrite session is created. A ReadWrite session + // is capable of executing all the Zonal endpoint APIs on a directory bucket. + // A ReadOnly session is constrained to execute the following Zonal endpoint + // APIs: GetObject, HeadObject, ListObjectsV2, GetObjectAttributes, ListParts, + // and ListMultipartUploads. + SessionMode *string `location:"header" locationName:"x-amz-create-session-mode" type:"string" enum:"SessionMode"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CreateSessionInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CreateSessionInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *CreateSessionInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "CreateSessionInput"} + if s.Bucket == nil { + invalidParams.Add(request.NewErrParamRequired("Bucket")) + } + if s.Bucket != nil && len(*s.Bucket) < 1 { + invalidParams.Add(request.NewErrParamMinLen("Bucket", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetBucket sets the Bucket field's value. +func (s *CreateSessionInput) SetBucket(v string) *CreateSessionInput { + s.Bucket = &v + return s +} + +func (s *CreateSessionInput) getBucket() (v string) { + if s.Bucket == nil { + return v + } + return *s.Bucket +} + +// SetSessionMode sets the SessionMode field's value. +func (s *CreateSessionInput) SetSessionMode(v string) *CreateSessionInput { + s.SessionMode = &v + return s +} + +func (s *CreateSessionInput) getEndpointARN() (arn.Resource, error) { + if s.Bucket == nil { + return nil, fmt.Errorf("member Bucket is nil") + } + return parseEndpointARN(*s.Bucket) +} + +func (s *CreateSessionInput) hasEndpointARN() bool { + if s.Bucket == nil { + return false + } + return arn.IsARN(*s.Bucket) +} + +// updateArnableField updates the value of the input field that +// takes an ARN as an input. This method is useful to backfill +// the parsed resource name from ARN into the input member. +// It returns a pointer to a modified copy of input and an error. +// Note that original input is not modified. +func (s CreateSessionInput) updateArnableField(v string) (interface{}, error) { + if s.Bucket == nil { + return nil, fmt.Errorf("member Bucket is nil") + } + s.Bucket = aws.String(v) + return &s, nil +} + +type CreateSessionOutput struct { + _ struct{} `type:"structure"` + + // The established temporary security credentials for the created session.. + // + // Credentials is a required field + Credentials *SessionCredentials `locationName:"Credentials" type:"structure" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CreateSessionOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CreateSessionOutput) GoString() string { + return s.String() +} + +// SetCredentials sets the Credentials field's value. +func (s *CreateSessionOutput) SetCredentials(v *SessionCredentials) *CreateSessionOutput { + s.Credentials = v + return s +} + // The container element for specifying the default Object Lock retention settings // for new objects placed in the specified bucket. +// +// - The DefaultRetention settings require both a mode and a period. +// +// - The DefaultRetention period can be either Days or Years but you must +// select one. You cannot specify Days and Years at the same time. type DefaultRetention struct { _ struct{} `type:"structure"` // The number of days that you want to specify for the default retention period. + // Must be used with Mode. Days *int64 `type:"integer"` // The default Object Lock retention mode you want to apply to new objects placed - // in the specified bucket. + // in the specified bucket. Must be used with either Days or Years. Mode *string `type:"string" enum:"ObjectLockRetentionMode"` // The number of years that you want to specify for the default retention period. + // Must be used with Mode. Years *int64 `type:"integer"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s DefaultRetention) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s DefaultRetention) GoString() string { return s.String() } @@ -13932,7 +17033,12 @@ func (s *DefaultRetention) SetYears(v int64) *DefaultRetention { type Delete struct { _ struct{} `type:"structure"` - // The objects to delete. + // The object to delete. + // + // Directory buckets - For directory buckets, an object that's composed entirely + // of whitespace characters is not supported by the DeleteObjects API operation. + // The request will receive a 400 Bad Request error and none of the objects + // in the request will be deleted. // // Objects is a required field Objects []*ObjectIdentifier `locationName:"Object" type:"list" flattened:"true" required:"true"` @@ -13942,12 +17048,20 @@ type Delete struct { Quiet *bool `type:"boolean"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s Delete) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s Delete) GoString() string { return s.String() } @@ -13995,9 +17109,9 @@ type DeleteBucketAnalyticsConfigurationInput struct { // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // The account id of the expected bucket owner. If the bucket is owned by a - // different account, the request will fail with an HTTP 403 (Access Denied) - // error. + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` // The ID that identifies the analytics configuration. @@ -14006,12 +17120,20 @@ type DeleteBucketAnalyticsConfigurationInput struct { Id *string `location:"querystring" locationName:"id" type:"string" required:"true"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s DeleteBucketAnalyticsConfigurationInput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s DeleteBucketAnalyticsConfigurationInput) GoString() string { return s.String() } @@ -14091,12 +17213,20 @@ type DeleteBucketAnalyticsConfigurationOutput struct { _ struct{} `type:"structure"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s DeleteBucketAnalyticsConfigurationOutput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s DeleteBucketAnalyticsConfigurationOutput) GoString() string { return s.String() } @@ -14109,18 +17239,26 @@ type DeleteBucketCorsInput struct { // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // The account id of the expected bucket owner. If the bucket is owned by a - // different account, the request will fail with an HTTP 403 (Access Denied) - // error. + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s DeleteBucketCorsInput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s DeleteBucketCorsInput) GoString() string { return s.String() } @@ -14191,12 +17329,20 @@ type DeleteBucketCorsOutput struct { _ struct{} `type:"structure"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s DeleteBucketCorsOutput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s DeleteBucketCorsOutput) GoString() string { return s.String() } @@ -14210,18 +17356,26 @@ type DeleteBucketEncryptionInput struct { // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // The account id of the expected bucket owner. If the bucket is owned by a - // different account, the request will fail with an HTTP 403 (Access Denied) - // error. + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s DeleteBucketEncryptionInput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s DeleteBucketEncryptionInput) GoString() string { return s.String() } @@ -14292,12 +17446,20 @@ type DeleteBucketEncryptionOutput struct { _ struct{} `type:"structure"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s DeleteBucketEncryptionOutput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s DeleteBucketEncryptionOutput) GoString() string { return s.String() } @@ -14307,21 +17469,42 @@ type DeleteBucketInput struct { // Specifies the bucket being deleted. // + // Directory buckets - When you use this operation with a directory bucket, + // you must use path-style requests in the format https://s3express-control.region_code.amazonaws.com/bucket-name + // . Virtual-hosted-style requests aren't supported. Directory bucket names + // must be unique in the chosen Availability Zone. Bucket names must also follow + // the format bucket_base_name--az_id--x-s3 (for example, DOC-EXAMPLE-BUCKET--usw2-az1--x-s3). + // For information about bucket naming restrictions, see Directory bucket naming + // rules (https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-bucket-naming-rules.html) + // in the Amazon S3 User Guide + // // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // The account id of the expected bucket owner. If the bucket is owned by a - // different account, the request will fail with an HTTP 403 (Access Denied) - // error. + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). + // + // For directory buckets, this header is not supported in this API operation. + // If you specify this header, the request fails with the HTTP status code 501 + // Not Implemented. ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s DeleteBucketInput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s DeleteBucketInput) GoString() string { return s.String() } @@ -14403,12 +17586,20 @@ type DeleteBucketIntelligentTieringConfigurationInput struct { Id *string `location:"querystring" locationName:"id" type:"string" required:"true"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s DeleteBucketIntelligentTieringConfigurationInput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s DeleteBucketIntelligentTieringConfigurationInput) GoString() string { return s.String() } @@ -14482,12 +17673,20 @@ type DeleteBucketIntelligentTieringConfigurationOutput struct { _ struct{} `type:"structure"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s DeleteBucketIntelligentTieringConfigurationOutput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s DeleteBucketIntelligentTieringConfigurationOutput) GoString() string { return s.String() } @@ -14500,9 +17699,9 @@ type DeleteBucketInventoryConfigurationInput struct { // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // The account id of the expected bucket owner. If the bucket is owned by a - // different account, the request will fail with an HTTP 403 (Access Denied) - // error. + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` // The ID used to identify the inventory configuration. @@ -14511,12 +17710,20 @@ type DeleteBucketInventoryConfigurationInput struct { Id *string `location:"querystring" locationName:"id" type:"string" required:"true"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s DeleteBucketInventoryConfigurationInput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s DeleteBucketInventoryConfigurationInput) GoString() string { return s.String() } @@ -14596,12 +17803,20 @@ type DeleteBucketInventoryConfigurationOutput struct { _ struct{} `type:"structure"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s DeleteBucketInventoryConfigurationOutput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s DeleteBucketInventoryConfigurationOutput) GoString() string { return s.String() } @@ -14614,18 +17829,26 @@ type DeleteBucketLifecycleInput struct { // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // The account id of the expected bucket owner. If the bucket is owned by a - // different account, the request will fail with an HTTP 403 (Access Denied) - // error. + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s DeleteBucketLifecycleInput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s DeleteBucketLifecycleInput) GoString() string { return s.String() } @@ -14696,12 +17919,20 @@ type DeleteBucketLifecycleOutput struct { _ struct{} `type:"structure"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s DeleteBucketLifecycleOutput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s DeleteBucketLifecycleOutput) GoString() string { return s.String() } @@ -14714,23 +17945,32 @@ type DeleteBucketMetricsConfigurationInput struct { // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // The account id of the expected bucket owner. If the bucket is owned by a - // different account, the request will fail with an HTTP 403 (Access Denied) - // error. + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` - // The ID used to identify the metrics configuration. + // The ID used to identify the metrics configuration. The ID has a 64 character + // limit and can only contain letters, numbers, periods, dashes, and underscores. // // Id is a required field Id *string `location:"querystring" locationName:"id" type:"string" required:"true"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s DeleteBucketMetricsConfigurationInput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s DeleteBucketMetricsConfigurationInput) GoString() string { return s.String() } @@ -14810,12 +18050,20 @@ type DeleteBucketMetricsConfigurationOutput struct { _ struct{} `type:"structure"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s DeleteBucketMetricsConfigurationOutput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s DeleteBucketMetricsConfigurationOutput) GoString() string { return s.String() } @@ -14824,12 +18072,20 @@ type DeleteBucketOutput struct { _ struct{} `type:"structure"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s DeleteBucketOutput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s DeleteBucketOutput) GoString() string { return s.String() } @@ -14842,18 +18098,26 @@ type DeleteBucketOwnershipControlsInput struct { // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // The account id of the expected bucket owner. If the bucket is owned by a - // different account, the request will fail with an HTTP 403 (Access Denied) - // error. + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s DeleteBucketOwnershipControlsInput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s DeleteBucketOwnershipControlsInput) GoString() string { return s.String() } @@ -14924,12 +18188,20 @@ type DeleteBucketOwnershipControlsOutput struct { _ struct{} `type:"structure"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s DeleteBucketOwnershipControlsOutput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s DeleteBucketOwnershipControlsOutput) GoString() string { return s.String() } @@ -14939,21 +18211,42 @@ type DeleteBucketPolicyInput struct { // The bucket name. // + // Directory buckets - When you use this operation with a directory bucket, + // you must use path-style requests in the format https://s3express-control.region_code.amazonaws.com/bucket-name + // . Virtual-hosted-style requests aren't supported. Directory bucket names + // must be unique in the chosen Availability Zone. Bucket names must also follow + // the format bucket_base_name--az_id--x-s3 (for example, DOC-EXAMPLE-BUCKET--usw2-az1--x-s3). + // For information about bucket naming restrictions, see Directory bucket naming + // rules (https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-bucket-naming-rules.html) + // in the Amazon S3 User Guide + // // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // The account id of the expected bucket owner. If the bucket is owned by a - // different account, the request will fail with an HTTP 403 (Access Denied) - // error. + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). + // + // For directory buckets, this header is not supported in this API operation. + // If you specify this header, the request fails with the HTTP status code 501 + // Not Implemented. ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s DeleteBucketPolicyInput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s DeleteBucketPolicyInput) GoString() string { return s.String() } @@ -15024,12 +18317,20 @@ type DeleteBucketPolicyOutput struct { _ struct{} `type:"structure"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s DeleteBucketPolicyOutput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s DeleteBucketPolicyOutput) GoString() string { return s.String() } @@ -15042,18 +18343,26 @@ type DeleteBucketReplicationInput struct { // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // The account id of the expected bucket owner. If the bucket is owned by a - // different account, the request will fail with an HTTP 403 (Access Denied) - // error. + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s DeleteBucketReplicationInput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s DeleteBucketReplicationInput) GoString() string { return s.String() } @@ -15124,12 +18433,20 @@ type DeleteBucketReplicationOutput struct { _ struct{} `type:"structure"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s DeleteBucketReplicationOutput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s DeleteBucketReplicationOutput) GoString() string { return s.String() } @@ -15142,18 +18459,26 @@ type DeleteBucketTaggingInput struct { // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // The account id of the expected bucket owner. If the bucket is owned by a - // different account, the request will fail with an HTTP 403 (Access Denied) - // error. + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s DeleteBucketTaggingInput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s DeleteBucketTaggingInput) GoString() string { return s.String() } @@ -15224,12 +18549,20 @@ type DeleteBucketTaggingOutput struct { _ struct{} `type:"structure"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s DeleteBucketTaggingOutput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s DeleteBucketTaggingOutput) GoString() string { return s.String() } @@ -15242,18 +18575,26 @@ type DeleteBucketWebsiteInput struct { // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // The account id of the expected bucket owner. If the bucket is owned by a - // different account, the request will fail with an HTTP 403 (Access Denied) - // error. + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s DeleteBucketWebsiteInput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s DeleteBucketWebsiteInput) GoString() string { return s.String() } @@ -15324,12 +18665,20 @@ type DeleteBucketWebsiteOutput struct { _ struct{} `type:"structure"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s DeleteBucketWebsiteOutput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s DeleteBucketWebsiteOutput) GoString() string { return s.String() } @@ -15345,7 +18694,7 @@ type DeleteMarkerEntry struct { // The object key. Key *string `min:"1" type:"string"` - // Date and time the object was last modified. + // Date and time when the object was last modified. LastModified *time.Time `type:"timestamp"` // The account that created the delete marker.> @@ -15355,12 +18704,20 @@ type DeleteMarkerEntry struct { VersionId *string `type:"string"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s DeleteMarkerEntry) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s DeleteMarkerEntry) GoString() string { return s.String() } @@ -15417,12 +18774,20 @@ type DeleteMarkerReplication struct { Status *string `type:"string" enum:"DeleteMarkerReplicationStatus"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s DeleteMarkerReplication) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s DeleteMarkerReplication) GoString() string { return s.String() } @@ -15438,31 +18803,48 @@ type DeleteObjectInput struct { // The bucket name of the bucket containing the object. // - // When using this API with an access point, you must direct requests to the - // access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. - // When using this operation with an access point through the AWS SDKs, you - // provide the access point ARN in place of the bucket name. For more information - // about access point ARNs, see Using Access Points (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-access-points.html) - // in the Amazon Simple Storage Service Developer Guide. - // - // When using this API with Amazon S3 on Outposts, you must direct requests - // to the S3 on Outposts hostname. The S3 on Outposts hostname takes the form - // AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com. When - // using this operation using S3 on Outposts through the AWS SDKs, you provide - // the Outposts bucket ARN in place of the bucket name. For more information - // about S3 on Outposts ARNs, see Using S3 on Outposts (https://docs.aws.amazon.com/AmazonS3/latest/dev/S3onOutposts.html) - // in the Amazon Simple Storage Service Developer Guide. + // Directory buckets - When you use this operation with a directory bucket, + // you must use virtual-hosted-style requests in the format Bucket_name.s3express-az_id.region.amazonaws.com. + // Path-style requests are not supported. Directory bucket names must be unique + // in the chosen Availability Zone. Bucket names must follow the format bucket_base_name--az-id--x-s3 + // (for example, DOC-EXAMPLE-BUCKET--usw2-az1--x-s3). For information about + // bucket naming restrictions, see Directory bucket naming rules (https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-bucket-naming-rules.html) + // in the Amazon S3 User Guide. + // + // Access points - When you use this action with an access point, you must provide + // the alias of the access point in place of the bucket name or specify the + // access point ARN. When using the access point ARN, you must direct requests + // to the access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. + // When using this action with an access point through the Amazon Web Services + // SDKs, you provide the access point ARN in place of the bucket name. For more + // information about access point ARNs, see Using access points (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html) + // in the Amazon S3 User Guide. + // + // Access points and Object Lambda access points are not supported by directory + // buckets. + // + // S3 on Outposts - When you use this action with Amazon S3 on Outposts, you + // must direct requests to the S3 on Outposts hostname. The S3 on Outposts hostname + // takes the form AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com. + // When you use this action with S3 on Outposts through the Amazon Web Services + // SDKs, you provide the Outposts access point ARN in place of the bucket name. + // For more information about S3 on Outposts ARNs, see What is S3 on Outposts? + // (https://docs.aws.amazon.com/AmazonS3/latest/userguide/S3onOutposts.html) + // in the Amazon S3 User Guide. // // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` // Indicates whether S3 Object Lock should bypass Governance-mode restrictions - // to process this operation. + // to process this operation. To use this header, you must have the s3:BypassGovernanceRetention + // permission. + // + // This functionality is not supported for directory buckets. BypassGovernanceRetention *bool `location:"header" locationName:"x-amz-bypass-governance-retention" type:"boolean"` - // The account id of the expected bucket owner. If the bucket is owned by a - // different account, the request will fail with an HTTP 403 (Access Denied) - // error. + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` // Key name of the object to delete. @@ -15474,25 +18856,42 @@ type DeleteObjectInput struct { // and the value that is displayed on your authentication device. Required to // permanently delete a versioned object if versioning is configured with MFA // delete enabled. + // + // This functionality is not supported for directory buckets. MFA *string `location:"header" locationName:"x-amz-mfa" type:"string"` // Confirms that the requester knows that they will be charged for the request. - // Bucket owners need not specify this parameter in their requests. For information - // about downloading objects from requester pays buckets, see Downloading Objects - // in Requestor Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) - // in the Amazon S3 Developer Guide. + // Bucket owners need not specify this parameter in their requests. If either + // the source or destination S3 bucket has Requester Pays enabled, the requester + // will pay for corresponding charges to copy the object. For information about + // downloading objects from Requester Pays buckets, see Downloading Objects + // in Requester Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) + // in the Amazon S3 User Guide. + // + // This functionality is not supported for directory buckets. RequestPayer *string `location:"header" locationName:"x-amz-request-payer" type:"string" enum:"RequestPayer"` - // VersionId used to reference a specific version of the object. + // Version ID used to reference a specific version of the object. + // + // For directory buckets in this API operation, only the null value of the version + // ID is supported. VersionId *string `location:"querystring" locationName:"versionId" type:"string"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s DeleteObjectInput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s DeleteObjectInput) GoString() string { return s.String() } @@ -15598,25 +18997,41 @@ func (s DeleteObjectInput) updateArnableField(v string) (interface{}, error) { type DeleteObjectOutput struct { _ struct{} `type:"structure"` - // Specifies whether the versioned object that was permanently deleted was (true) - // or was not (false) a delete marker. + // Indicates whether the specified object version that was permanently deleted + // was (true) or was not (false) a delete marker before deletion. In a simple + // DELETE, this header indicates whether (true) or not (false) the current version + // of the object is a delete marker. + // + // This functionality is not supported for directory buckets. DeleteMarker *bool `location:"header" locationName:"x-amz-delete-marker" type:"boolean"` // If present, indicates that the requester was successfully charged for the // request. + // + // This functionality is not supported for directory buckets. RequestCharged *string `location:"header" locationName:"x-amz-request-charged" type:"string" enum:"RequestCharged"` // Returns the version ID of the delete marker created as a result of the DELETE // operation. + // + // This functionality is not supported for directory buckets. VersionId *string `location:"header" locationName:"x-amz-version-id" type:"string"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s DeleteObjectOutput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s DeleteObjectOutput) GoString() string { return s.String() } @@ -15644,30 +19059,34 @@ type DeleteObjectTaggingInput struct { // The bucket name containing the objects from which to remove the tags. // - // When using this API with an access point, you must direct requests to the - // access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. - // When using this operation with an access point through the AWS SDKs, you - // provide the access point ARN in place of the bucket name. For more information - // about access point ARNs, see Using Access Points (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-access-points.html) - // in the Amazon Simple Storage Service Developer Guide. - // - // When using this API with Amazon S3 on Outposts, you must direct requests - // to the S3 on Outposts hostname. The S3 on Outposts hostname takes the form - // AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com. When - // using this operation using S3 on Outposts through the AWS SDKs, you provide - // the Outposts bucket ARN in place of the bucket name. For more information - // about S3 on Outposts ARNs, see Using S3 on Outposts (https://docs.aws.amazon.com/AmazonS3/latest/dev/S3onOutposts.html) - // in the Amazon Simple Storage Service Developer Guide. + // Access points - When you use this action with an access point, you must provide + // the alias of the access point in place of the bucket name or specify the + // access point ARN. When using the access point ARN, you must direct requests + // to the access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. + // When using this action with an access point through the Amazon Web Services + // SDKs, you provide the access point ARN in place of the bucket name. For more + // information about access point ARNs, see Using access points (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html) + // in the Amazon S3 User Guide. + // + // S3 on Outposts - When you use this action with Amazon S3 on Outposts, you + // must direct requests to the S3 on Outposts hostname. The S3 on Outposts hostname + // takes the form AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com. + // When you use this action with S3 on Outposts through the Amazon Web Services + // SDKs, you provide the Outposts access point ARN in place of the bucket name. + // For more information about S3 on Outposts ARNs, see What is S3 on Outposts? + // (https://docs.aws.amazon.com/AmazonS3/latest/userguide/S3onOutposts.html) + // in the Amazon S3 User Guide. // // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // The account id of the expected bucket owner. If the bucket is owned by a - // different account, the request will fail with an HTTP 403 (Access Denied) - // error. + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` - // Name of the object key. + // The key that identifies the object in the bucket from which to remove all + // tags. // // Key is a required field Key *string `location:"uri" locationName:"Key" min:"1" type:"string" required:"true"` @@ -15676,12 +19095,20 @@ type DeleteObjectTaggingInput struct { VersionId *string `location:"querystring" locationName:"versionId" type:"string"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s DeleteObjectTaggingInput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s DeleteObjectTaggingInput) GoString() string { return s.String() } @@ -15773,12 +19200,20 @@ type DeleteObjectTaggingOutput struct { VersionId *string `location:"header" locationName:"x-amz-version-id" type:"string"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s DeleteObjectTaggingOutput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s DeleteObjectTaggingOutput) GoString() string { return s.String() } @@ -15794,59 +19229,136 @@ type DeleteObjectsInput struct { // The bucket name containing the objects to delete. // - // When using this API with an access point, you must direct requests to the - // access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. - // When using this operation with an access point through the AWS SDKs, you - // provide the access point ARN in place of the bucket name. For more information - // about access point ARNs, see Using Access Points (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-access-points.html) - // in the Amazon Simple Storage Service Developer Guide. - // - // When using this API with Amazon S3 on Outposts, you must direct requests - // to the S3 on Outposts hostname. The S3 on Outposts hostname takes the form - // AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com. When - // using this operation using S3 on Outposts through the AWS SDKs, you provide - // the Outposts bucket ARN in place of the bucket name. For more information - // about S3 on Outposts ARNs, see Using S3 on Outposts (https://docs.aws.amazon.com/AmazonS3/latest/dev/S3onOutposts.html) - // in the Amazon Simple Storage Service Developer Guide. + // Directory buckets - When you use this operation with a directory bucket, + // you must use virtual-hosted-style requests in the format Bucket_name.s3express-az_id.region.amazonaws.com. + // Path-style requests are not supported. Directory bucket names must be unique + // in the chosen Availability Zone. Bucket names must follow the format bucket_base_name--az-id--x-s3 + // (for example, DOC-EXAMPLE-BUCKET--usw2-az1--x-s3). For information about + // bucket naming restrictions, see Directory bucket naming rules (https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-bucket-naming-rules.html) + // in the Amazon S3 User Guide. + // + // Access points - When you use this action with an access point, you must provide + // the alias of the access point in place of the bucket name or specify the + // access point ARN. When using the access point ARN, you must direct requests + // to the access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. + // When using this action with an access point through the Amazon Web Services + // SDKs, you provide the access point ARN in place of the bucket name. For more + // information about access point ARNs, see Using access points (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html) + // in the Amazon S3 User Guide. + // + // Access points and Object Lambda access points are not supported by directory + // buckets. + // + // S3 on Outposts - When you use this action with Amazon S3 on Outposts, you + // must direct requests to the S3 on Outposts hostname. The S3 on Outposts hostname + // takes the form AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com. + // When you use this action with S3 on Outposts through the Amazon Web Services + // SDKs, you provide the Outposts access point ARN in place of the bucket name. + // For more information about S3 on Outposts ARNs, see What is S3 on Outposts? + // (https://docs.aws.amazon.com/AmazonS3/latest/userguide/S3onOutposts.html) + // in the Amazon S3 User Guide. // // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` // Specifies whether you want to delete this object even if it has a Governance-type - // Object Lock in place. You must have sufficient permissions to perform this - // operation. + // Object Lock in place. To use this header, you must have the s3:BypassGovernanceRetention + // permission. + // + // This functionality is not supported for directory buckets. BypassGovernanceRetention *bool `location:"header" locationName:"x-amz-bypass-governance-retention" type:"boolean"` + // Indicates the algorithm used to create the checksum for the object when you + // use the SDK. This header will not provide any additional functionality if + // you don't use the SDK. When you send this header, there must be a corresponding + // x-amz-checksum-algorithm or x-amz-trailer header sent. Otherwise, Amazon + // S3 fails the request with the HTTP status code 400 Bad Request. + // + // For the x-amz-checksum-algorithm header, replace algorithm with the supported + // algorithm from the following list: + // + // * CRC32 + // + // * CRC32C + // + // * SHA1 + // + // * SHA256 + // + // For more information, see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) + // in the Amazon S3 User Guide. + // + // If the individual checksum value you provide through x-amz-checksum-algorithm + // doesn't match the checksum algorithm you set through x-amz-sdk-checksum-algorithm, + // Amazon S3 ignores any provided ChecksumAlgorithm parameter and uses the checksum + // algorithm that matches the provided value in x-amz-checksum-algorithm . + // + // If you provide an individual checksum, Amazon S3 ignores any provided ChecksumAlgorithm + // parameter. + // + // The AWS SDK for Go v1 does not support automatic computing request payload + // checksum. This feature is available in the AWS SDK for Go v2. If a value + // is specified for this parameter, the matching algorithm's checksum member + // must be populated with the algorithm's checksum of the request payload. + // + // The SDK will automatically compute the Content-MD5 checksum for this operation. + // The AWS SDK for Go v2 allows you to configure alternative checksum algorithm + // to be used. + ChecksumAlgorithm *string `location:"header" locationName:"x-amz-sdk-checksum-algorithm" type:"string" enum:"ChecksumAlgorithm"` + // Container for the request. // // Delete is a required field Delete *Delete `locationName:"Delete" type:"structure" required:"true" xmlURI:"http://s3.amazonaws.com/doc/2006-03-01/"` - // The account id of the expected bucket owner. If the bucket is owned by a - // different account, the request will fail with an HTTP 403 (Access Denied) - // error. + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` // The concatenation of the authentication device's serial number, a space, // and the value that is displayed on your authentication device. Required to // permanently delete a versioned object if versioning is configured with MFA // delete enabled. + // + // When performing the DeleteObjects operation on an MFA delete enabled bucket, + // which attempts to delete the specified versioned objects, you must include + // an MFA token. If you don't provide an MFA token, the entire request will + // fail, even if there are non-versioned objects that you are trying to delete. + // If you provide an invalid token, whether there are versioned object keys + // in the request or not, the entire Multi-Object Delete request will fail. + // For information about MFA Delete, see MFA Delete (https://docs.aws.amazon.com/AmazonS3/latest/dev/Versioning.html#MultiFactorAuthenticationDelete) + // in the Amazon S3 User Guide. + // + // This functionality is not supported for directory buckets. MFA *string `location:"header" locationName:"x-amz-mfa" type:"string"` // Confirms that the requester knows that they will be charged for the request. - // Bucket owners need not specify this parameter in their requests. For information - // about downloading objects from requester pays buckets, see Downloading Objects - // in Requestor Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) - // in the Amazon S3 Developer Guide. + // Bucket owners need not specify this parameter in their requests. If either + // the source or destination S3 bucket has Requester Pays enabled, the requester + // will pay for corresponding charges to copy the object. For information about + // downloading objects from Requester Pays buckets, see Downloading Objects + // in Requester Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) + // in the Amazon S3 User Guide. + // + // This functionality is not supported for directory buckets. RequestPayer *string `location:"header" locationName:"x-amz-request-payer" type:"string" enum:"RequestPayer"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s DeleteObjectsInput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s DeleteObjectsInput) GoString() string { return s.String() } @@ -15894,6 +19406,12 @@ func (s *DeleteObjectsInput) SetBypassGovernanceRetention(v bool) *DeleteObjects return s } +// SetChecksumAlgorithm sets the ChecksumAlgorithm field's value. +func (s *DeleteObjectsInput) SetChecksumAlgorithm(v string) *DeleteObjectsInput { + s.ChecksumAlgorithm = &v + return s +} + // SetDelete sets the Delete field's value. func (s *DeleteObjectsInput) SetDelete(v *Delete) *DeleteObjectsInput { s.Delete = v @@ -15952,21 +19470,31 @@ type DeleteObjectsOutput struct { // was successfully deleted. Deleted []*DeletedObject `type:"list" flattened:"true"` - // Container for a failed delete operation that describes the object that Amazon + // Container for a failed delete action that describes the object that Amazon // S3 attempted to delete and the error it encountered. Errors []*Error `locationName:"Error" type:"list" flattened:"true"` // If present, indicates that the requester was successfully charged for the // request. + // + // This functionality is not supported for directory buckets. RequestCharged *string `location:"header" locationName:"x-amz-request-charged" type:"string" enum:"RequestCharged"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s DeleteObjectsOutput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s DeleteObjectsOutput) GoString() string { return s.String() } @@ -15997,18 +19525,26 @@ type DeletePublicAccessBlockInput struct { // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // The account id of the expected bucket owner. If the bucket is owned by a - // different account, the request will fail with an HTTP 403 (Access Denied) - // error. + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s DeletePublicAccessBlockInput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s DeletePublicAccessBlockInput) GoString() string { return s.String() } @@ -16079,12 +19615,20 @@ type DeletePublicAccessBlockOutput struct { _ struct{} `type:"structure"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s DeletePublicAccessBlockOutput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s DeletePublicAccessBlockOutput) GoString() string { return s.String() } @@ -16093,29 +19637,44 @@ func (s DeletePublicAccessBlockOutput) GoString() string { type DeletedObject struct { _ struct{} `type:"structure"` - // Specifies whether the versioned object that was permanently deleted was (true) - // or was not (false) a delete marker. In a simple DELETE, this header indicates - // whether (true) or not (false) a delete marker was created. + // Indicates whether the specified object version that was permanently deleted + // was (true) or was not (false) a delete marker before deletion. In a simple + // DELETE, this header indicates whether (true) or not (false) the current version + // of the object is a delete marker. + // + // This functionality is not supported for directory buckets. DeleteMarker *bool `type:"boolean"` // The version ID of the delete marker created as a result of the DELETE operation. // If you delete a specific object version, the value returned by this header // is the version ID of the object version deleted. + // + // This functionality is not supported for directory buckets. DeleteMarkerVersionId *string `type:"string"` // The name of the deleted object. Key *string `min:"1" type:"string"` // The version ID of the deleted object. + // + // This functionality is not supported for directory buckets. VersionId *string `type:"string"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s DeletedObject) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s DeletedObject) GoString() string { return s.String() } @@ -16151,17 +19710,18 @@ type Destination struct { // Specify this only in a cross-account scenario (where source and destination // bucket owners are not the same), and you want to change replica ownership - // to the AWS account that owns the destination bucket. If this is not specified - // in the replication configuration, the replicas are owned by same AWS account - // that owns the source object. + // to the Amazon Web Services account that owns the destination bucket. If this + // is not specified in the replication configuration, the replicas are owned + // by same Amazon Web Services account that owns the source object. AccessControlTranslation *AccessControlTranslation `type:"structure"` // Destination bucket owner account ID. In a cross-account scenario, if you - // direct Amazon S3 to change replica ownership to the AWS account that owns - // the destination bucket by specifying the AccessControlTranslation property, - // this is the account ID of the destination bucket owner. For more information, - // see Replication Additional Configuration: Changing the Replica Owner (https://docs.aws.amazon.com/AmazonS3/latest/dev/replication-change-owner.html) - // in the Amazon Simple Storage Service Developer Guide. + // direct Amazon S3 to change replica ownership to the Amazon Web Services account + // that owns the destination bucket by specifying the AccessControlTranslation + // property, this is the account ID of the destination bucket owner. For more + // information, see Replication Additional Configuration: Changing the Replica + // Owner (https://docs.aws.amazon.com/AmazonS3/latest/dev/replication-change-owner.html) + // in the Amazon S3 User Guide. Account *string `type:"string"` // The Amazon Resource Name (ARN) of the bucket where you want Amazon S3 to @@ -16189,16 +19749,24 @@ type Destination struct { // // For valid values, see the StorageClass element of the PUT Bucket replication // (https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTreplication.html) - // action in the Amazon Simple Storage Service API Reference. + // action in the Amazon S3 API Reference. StorageClass *string `type:"string" enum:"StorageClass"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s Destination) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s Destination) GoString() string { return s.String() } @@ -16295,19 +19863,31 @@ type Encryption struct { KMSContext *string `type:"string"` // If the encryption type is aws:kms, this optional value specifies the ID of - // the symmetric customer managed AWS KMS CMK to use for encryption of job results. - // Amazon S3 only supports symmetric CMKs. For more information, see Using Symmetric - // and Asymmetric Keys (https://docs.aws.amazon.com/kms/latest/developerguide/symmetric-asymmetric.html) - // in the AWS Key Management Service Developer Guide. + // the symmetric encryption customer managed key to use for encryption of job + // results. Amazon S3 only supports symmetric encryption KMS keys. For more + // information, see Asymmetric keys in KMS (https://docs.aws.amazon.com/kms/latest/developerguide/symmetric-asymmetric.html) + // in the Amazon Web Services Key Management Service Developer Guide. + // + // KMSKeyId is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by Encryption's + // String and GoString methods. KMSKeyId *string `type:"string" sensitive:"true"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s Encryption) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s Encryption) GoString() string { return s.String() } @@ -16348,21 +19928,29 @@ func (s *Encryption) SetKMSKeyId(v string) *Encryption { type EncryptionConfiguration struct { _ struct{} `type:"structure"` - // Specifies the ID (Key ARN or Alias ARN) of the customer managed customer - // master key (CMK) stored in AWS Key Management Service (KMS) for the destination - // bucket. Amazon S3 uses this key to encrypt replica objects. Amazon S3 only - // supports symmetric customer managed CMKs. For more information, see Using - // Symmetric and Asymmetric Keys (https://docs.aws.amazon.com/kms/latest/developerguide/symmetric-asymmetric.html) - // in the AWS Key Management Service Developer Guide. + // Specifies the ID (Key ARN or Alias ARN) of the customer managed Amazon Web + // Services KMS key stored in Amazon Web Services Key Management Service (KMS) + // for the destination bucket. Amazon S3 uses this key to encrypt replica objects. + // Amazon S3 only supports symmetric encryption KMS keys. For more information, + // see Asymmetric keys in Amazon Web Services KMS (https://docs.aws.amazon.com/kms/latest/developerguide/symmetric-asymmetric.html) + // in the Amazon Web Services Key Management Service Developer Guide. ReplicaKmsKeyID *string `type:"string"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s EncryptionConfiguration) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s EncryptionConfiguration) GoString() string { return s.String() } @@ -16380,12 +19968,20 @@ type EndEvent struct { _ struct{} `locationName:"EndEvent" type:"structure"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s EndEvent) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s EndEvent) GoString() string { return s.String() } @@ -16415,21 +20011,20 @@ type Error struct { // The error code is a string that uniquely identifies an error condition. It // is meant to be read and understood by programs that detect and handle errors - // by type. - // - // Amazon S3 error codes + // by type. The following is a list of Amazon S3 error codes. For more information, + // see Error responses (https://docs.aws.amazon.com/AmazonS3/latest/API/ErrorResponses.html). // // * Code: AccessDenied Description: Access Denied HTTP Status Code: 403 // Forbidden SOAP Fault Code Prefix: Client // - // * Code: AccountProblem Description: There is a problem with your AWS account - // that prevents the operation from completing successfully. Contact AWS - // Support for further assistance. HTTP Status Code: 403 Forbidden SOAP Fault - // Code Prefix: Client + // * Code: AccountProblem Description: There is a problem with your Amazon + // Web Services account that prevents the action from completing successfully. + // Contact Amazon Web Services Support for further assistance. HTTP Status + // Code: 403 Forbidden SOAP Fault Code Prefix: Client // // * Code: AllAccessDisabled Description: All access to this Amazon S3 resource - // has been disabled. Contact AWS Support for further assistance. HTTP Status - // Code: 403 Forbidden SOAP Fault Code Prefix: Client + // has been disabled. Contact Amazon Web Services Support for further assistance. + // HTTP Status Code: 403 Forbidden SOAP Fault Code Prefix: Client // // * Code: AmbiguousGrantByEmailAddress Description: The email address you // provided is associated with more than one account. HTTP Status Code: 400 @@ -16449,8 +20044,8 @@ type Error struct { // SOAP Fault Code Prefix: Client // // * Code: BucketAlreadyOwnedByYou Description: The bucket you tried to create - // already exists, and you own it. Amazon S3 returns this error in all AWS - // Regions except in the North Virginia Region. For legacy compatibility, + // already exists, and you own it. Amazon S3 returns this error in all Amazon + // Web Services Regions except in the North Virginia Region. For legacy compatibility, // if you re-create an existing bucket that you already own in the North // Virginia Region, Amazon S3 returns 200 OK and resets the bucket access // control lists (ACLs). Code: 409 Conflict (in all Regions except the North @@ -16499,9 +20094,9 @@ type Error struct { // try again. HTTP Status Code: 500 Internal Server Error SOAP Fault Code // Prefix: Server // - // * Code: InvalidAccessKeyId Description: The AWS access key ID you provided - // does not exist in our records. HTTP Status Code: 403 Forbidden SOAP Fault - // Code Prefix: Client + // * Code: InvalidAccessKeyId Description: The Amazon Web Services access + // key ID you provided does not exist in our records. HTTP Status Code: 403 + // Forbidden SOAP Fault Code Prefix: Client // // * Code: InvalidAddressingHeader Description: You must specify the Anonymous // role. HTTP Status Code: N/A SOAP Fault Code Prefix: Client @@ -16528,9 +20123,9 @@ type Error struct { // Select a Region for Your Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingBucket.html#access-bucket-intro). // HTTP Status Code: 400 Bad Request SOAP Fault Code Prefix: Client // - // * Code: InvalidObjectState Description: The operation is not valid for - // the current state of the object. HTTP Status Code: 403 Forbidden SOAP - // Fault Code Prefix: Client + // * Code: InvalidObjectState Description: The action is not valid for the + // current state of the object. HTTP Status Code: 403 Forbidden SOAP Fault + // Code Prefix: Client // // * Code: InvalidPart Description: One or more of the specified parts could // not be found. The part might not have been uploaded, or the specified @@ -16542,8 +20137,8 @@ type Error struct { // Code: 400 Bad Request SOAP Fault Code Prefix: Client // // * Code: InvalidPayer Description: All access to this object has been disabled. - // Please contact AWS Support for further assistance. HTTP Status Code: 403 - // Forbidden SOAP Fault Code Prefix: Client + // Please contact Amazon Web Services Support for further assistance. HTTP + // Status Code: 403 Forbidden SOAP Fault Code Prefix: Client // // * Code: InvalidPolicyDocument Description: The content of the form does // not meet the conditions specified in the policy document. HTTP Status @@ -16579,12 +20174,12 @@ type Error struct { // on this bucket. HTTP Status Code: 400 Bad Request Code: N/A // // * Code: InvalidRequest Description: Amazon S3 Transfer Acceleration is - // not supported on this bucket. Contact AWS Support for more information. - // HTTP Status Code: 400 Bad Request Code: N/A + // not supported on this bucket. Contact Amazon Web Services Support for + // more information. HTTP Status Code: 400 Bad Request Code: N/A // // * Code: InvalidRequest Description: Amazon S3 Transfer Acceleration cannot - // be enabled on this bucket. Contact AWS Support for more information. HTTP - // Status Code: 400 Bad Request Code: N/A + // be enabled on this bucket. Contact Amazon Web Services Support for more + // information. HTTP Status Code: 400 Bad Request Code: N/A // // * Code: InvalidSecurity Description: The provided security credentials // are not valid. HTTP Status Code: 403 Forbidden SOAP Fault Code Prefix: @@ -16692,10 +20287,10 @@ type Error struct { // // * Code: NotSignedUp Description: Your account is not signed up for the // Amazon S3 service. You must sign up before you can use Amazon S3. You - // can sign up at the following URL: https://aws.amazon.com/s3 HTTP Status - // Code: 403 Forbidden SOAP Fault Code Prefix: Client + // can sign up at the following URL: Amazon S3 (http://aws.amazon.com/s3) + // HTTP Status Code: 403 Forbidden SOAP Fault Code Prefix: Client // - // * Code: OperationAborted Description: A conflicting conditional operation + // * Code: OperationAborted Description: A conflicting conditional action // is currently in progress against this resource. Try again. HTTP Status // Code: 409 Conflict SOAP Fault Code Prefix: Client // @@ -16731,14 +20326,14 @@ type Error struct { // Fault Code Prefix: Client // // * Code: SignatureDoesNotMatch Description: The request signature we calculated - // does not match the signature you provided. Check your AWS secret access - // key and signing method. For more information, see REST Authentication + // does not match the signature you provided. Check your Amazon Web Services + // secret access key and signing method. For more information, see REST Authentication // (https://docs.aws.amazon.com/AmazonS3/latest/dev/RESTAuthentication.html) // and SOAP Authentication (https://docs.aws.amazon.com/AmazonS3/latest/dev/SOAPAuthentication.html) // for details. HTTP Status Code: 403 Forbidden SOAP Fault Code Prefix: Client // - // * Code: ServiceUnavailable Description: Reduce your request rate. HTTP - // Status Code: 503 Service Unavailable SOAP Fault Code Prefix: Server + // * Code: ServiceUnavailable Description: Service is unable to handle request. + // HTTP Status Code: 503 Service Unavailable SOAP Fault Code Prefix: Server // // * Code: SlowDown Description: Reduce your request rate. HTTP Status Code: // 503 Slow Down SOAP Fault Code Prefix: Server @@ -16778,15 +20373,25 @@ type Error struct { Message *string `type:"string"` // The version ID of the error. + // + // This functionality is not supported for directory buckets. VersionId *string `type:"string"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s Error) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s Error) GoString() string { return s.String() } @@ -16821,16 +20426,28 @@ type ErrorDocument struct { // The object key name to use when a 4XX class error occurs. // + // Replacement must be made for object keys containing special characters (such + // as carriage returns) when using XML requests. For more information, see XML + // related object key constraints (https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html#object-key-xml-related-constraints). + // // Key is a required field Key *string `min:"1" type:"string" required:"true"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s ErrorDocument) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s ErrorDocument) GoString() string { return s.String() } @@ -16857,22 +20474,55 @@ func (s *ErrorDocument) SetKey(v string) *ErrorDocument { return s } +// A container for specifying the configuration for Amazon EventBridge. +type EventBridgeConfiguration struct { + _ struct{} `type:"structure"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s EventBridgeConfiguration) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s EventBridgeConfiguration) GoString() string { + return s.String() +} + // Optional configuration to replicate existing source bucket objects. For more // information, see Replicating Existing Objects (https://docs.aws.amazon.com/AmazonS3/latest/dev/replication-what-is-isnot-replicated.html#existing-object-replication) -// in the Amazon S3 Developer Guide. +// in the Amazon S3 User Guide. type ExistingObjectReplication struct { _ struct{} `type:"structure"` + // Specifies whether Amazon S3 replicates existing source bucket objects. + // // Status is a required field Status *string `type:"string" required:"true" enum:"ExistingObjectReplicationStatus"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s ExistingObjectReplication) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s ExistingObjectReplication) GoString() string { return s.String() } @@ -16896,8 +20546,15 @@ func (s *ExistingObjectReplication) SetStatus(v string) *ExistingObjectReplicati return s } -// Specifies the Amazon S3 object key name to filter on and whether to filter -// on the suffix or prefix of the key name. +// Specifies the Amazon S3 object key name to filter on. An object key name +// is the name assigned to an object in your Amazon S3 bucket. You specify whether +// to filter on the suffix or prefix of the object key name. A prefix is a specific +// string of characters at the beginning of an object key name, which you can +// use to organize objects. For example, you can start the key names of related +// objects with a prefix, such as 2023- or engineering/. Then, you can use FilterRule +// to find objects in a bucket with key names that have the same prefix. A suffix +// is similar to a prefix, but it is at the end of the object key name instead +// of at the beginning. type FilterRule struct { _ struct{} `type:"structure"` @@ -16905,19 +20562,27 @@ type FilterRule struct { // the filtering rule applies. The maximum length is 1,024 characters. Overlapping // prefixes and suffixes are not supported. For more information, see Configuring // Event Notifications (https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html) - // in the Amazon Simple Storage Service Developer Guide. + // in the Amazon S3 User Guide. Name *string `type:"string" enum:"FilterRuleName"` // The value that the filter searches for in object key names. Value *string `type:"string"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s FilterRule) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s FilterRule) GoString() string { return s.String() } @@ -16942,18 +20607,37 @@ type GetBucketAccelerateConfigurationInput struct { // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // The account id of the expected bucket owner. If the bucket is owned by a - // different account, the request will fail with an HTTP 403 (Access Denied) - // error. + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` + + // Confirms that the requester knows that they will be charged for the request. + // Bucket owners need not specify this parameter in their requests. If either + // the source or destination S3 bucket has Requester Pays enabled, the requester + // will pay for corresponding charges to copy the object. For information about + // downloading objects from Requester Pays buckets, see Downloading Objects + // in Requester Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) + // in the Amazon S3 User Guide. + // + // This functionality is not supported for directory buckets. + RequestPayer *string `location:"header" locationName:"x-amz-request-payer" type:"string" enum:"RequestPayer"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s GetBucketAccelerateConfigurationInput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s GetBucketAccelerateConfigurationInput) GoString() string { return s.String() } @@ -16993,6 +20677,12 @@ func (s *GetBucketAccelerateConfigurationInput) SetExpectedBucketOwner(v string) return s } +// SetRequestPayer sets the RequestPayer field's value. +func (s *GetBucketAccelerateConfigurationInput) SetRequestPayer(v string) *GetBucketAccelerateConfigurationInput { + s.RequestPayer = &v + return s +} + func (s *GetBucketAccelerateConfigurationInput) getEndpointARN() (arn.Resource, error) { if s.Bucket == nil { return nil, fmt.Errorf("member Bucket is nil") @@ -17023,20 +20713,40 @@ func (s GetBucketAccelerateConfigurationInput) updateArnableField(v string) (int type GetBucketAccelerateConfigurationOutput struct { _ struct{} `type:"structure"` + // If present, indicates that the requester was successfully charged for the + // request. + // + // This functionality is not supported for directory buckets. + RequestCharged *string `location:"header" locationName:"x-amz-request-charged" type:"string" enum:"RequestCharged"` + // The accelerate configuration of the bucket. Status *string `type:"string" enum:"BucketAccelerateStatus"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s GetBucketAccelerateConfigurationOutput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s GetBucketAccelerateConfigurationOutput) GoString() string { return s.String() } +// SetRequestCharged sets the RequestCharged field's value. +func (s *GetBucketAccelerateConfigurationOutput) SetRequestCharged(v string) *GetBucketAccelerateConfigurationOutput { + s.RequestCharged = &v + return s +} + // SetStatus sets the Status field's value. func (s *GetBucketAccelerateConfigurationOutput) SetStatus(v string) *GetBucketAccelerateConfigurationOutput { s.Status = &v @@ -17048,21 +20758,38 @@ type GetBucketAclInput struct { // Specifies the S3 bucket whose ACL is being requested. // + // When you use this API operation with an access point, provide the alias of + // the access point in place of the bucket name. + // + // When you use this API operation with an Object Lambda access point, provide + // the alias of the Object Lambda access point in place of the bucket name. + // If the Object Lambda access point alias in a request is not valid, the error + // code InvalidAccessPointAliasError is returned. For more information about + // InvalidAccessPointAliasError, see List of Error Codes (https://docs.aws.amazon.com/AmazonS3/latest/API/ErrorResponses.html#ErrorCodeList). + // // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // The account id of the expected bucket owner. If the bucket is owned by a - // different account, the request will fail with an HTTP 403 (Access Denied) - // error. + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s GetBucketAclInput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s GetBucketAclInput) GoString() string { return s.String() } @@ -17139,12 +20866,20 @@ type GetBucketAclOutput struct { Owner *Owner `type:"structure"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s GetBucketAclOutput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s GetBucketAclOutput) GoString() string { return s.String() } @@ -17169,9 +20904,9 @@ type GetBucketAnalyticsConfigurationInput struct { // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // The account id of the expected bucket owner. If the bucket is owned by a - // different account, the request will fail with an HTTP 403 (Access Denied) - // error. + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` // The ID that identifies the analytics configuration. @@ -17180,12 +20915,20 @@ type GetBucketAnalyticsConfigurationInput struct { Id *string `location:"querystring" locationName:"id" type:"string" required:"true"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s GetBucketAnalyticsConfigurationInput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s GetBucketAnalyticsConfigurationInput) GoString() string { return s.String() } @@ -17268,12 +21011,20 @@ type GetBucketAnalyticsConfigurationOutput struct { AnalyticsConfiguration *AnalyticsConfiguration `type:"structure"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s GetBucketAnalyticsConfigurationOutput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s GetBucketAnalyticsConfigurationOutput) GoString() string { return s.String() } @@ -17289,21 +21040,38 @@ type GetBucketCorsInput struct { // The bucket name for which to get the cors configuration. // + // When you use this API operation with an access point, provide the alias of + // the access point in place of the bucket name. + // + // When you use this API operation with an Object Lambda access point, provide + // the alias of the Object Lambda access point in place of the bucket name. + // If the Object Lambda access point alias in a request is not valid, the error + // code InvalidAccessPointAliasError is returned. For more information about + // InvalidAccessPointAliasError, see List of Error Codes (https://docs.aws.amazon.com/AmazonS3/latest/API/ErrorResponses.html#ErrorCodeList). + // // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // The account id of the expected bucket owner. If the bucket is owned by a - // different account, the request will fail with an HTTP 403 (Access Denied) - // error. + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s GetBucketCorsInput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s GetBucketCorsInput) GoString() string { return s.String() } @@ -17378,12 +21146,20 @@ type GetBucketCorsOutput struct { CORSRules []*CORSRule `locationName:"CORSRule" type:"list" flattened:"true"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s GetBucketCorsOutput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s GetBucketCorsOutput) GoString() string { return s.String() } @@ -17403,18 +21179,26 @@ type GetBucketEncryptionInput struct { // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // The account id of the expected bucket owner. If the bucket is owned by a - // different account, the request will fail with an HTTP 403 (Access Denied) - // error. + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s GetBucketEncryptionInput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s GetBucketEncryptionInput) GoString() string { return s.String() } @@ -17488,12 +21272,20 @@ type GetBucketEncryptionOutput struct { ServerSideEncryptionConfiguration *ServerSideEncryptionConfiguration `type:"structure"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s GetBucketEncryptionOutput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s GetBucketEncryptionOutput) GoString() string { return s.String() } @@ -17519,12 +21311,20 @@ type GetBucketIntelligentTieringConfigurationInput struct { Id *string `location:"querystring" locationName:"id" type:"string" required:"true"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s GetBucketIntelligentTieringConfigurationInput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s GetBucketIntelligentTieringConfigurationInput) GoString() string { return s.String() } @@ -17601,12 +21401,20 @@ type GetBucketIntelligentTieringConfigurationOutput struct { IntelligentTieringConfiguration *IntelligentTieringConfiguration `type:"structure"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s GetBucketIntelligentTieringConfigurationOutput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s GetBucketIntelligentTieringConfigurationOutput) GoString() string { return s.String() } @@ -17625,9 +21433,9 @@ type GetBucketInventoryConfigurationInput struct { // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // The account id of the expected bucket owner. If the bucket is owned by a - // different account, the request will fail with an HTTP 403 (Access Denied) - // error. + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` // The ID used to identify the inventory configuration. @@ -17636,12 +21444,20 @@ type GetBucketInventoryConfigurationInput struct { Id *string `location:"querystring" locationName:"id" type:"string" required:"true"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s GetBucketInventoryConfigurationInput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s GetBucketInventoryConfigurationInput) GoString() string { return s.String() } @@ -17724,12 +21540,20 @@ type GetBucketInventoryConfigurationOutput struct { InventoryConfiguration *InventoryConfiguration `type:"structure"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s GetBucketInventoryConfigurationOutput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s GetBucketInventoryConfigurationOutput) GoString() string { return s.String() } @@ -17748,18 +21572,26 @@ type GetBucketLifecycleConfigurationInput struct { // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // The account id of the expected bucket owner. If the bucket is owned by a - // different account, the request will fail with an HTTP 403 (Access Denied) - // error. + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s GetBucketLifecycleConfigurationInput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s GetBucketLifecycleConfigurationInput) GoString() string { return s.String() } @@ -17833,12 +21665,20 @@ type GetBucketLifecycleConfigurationOutput struct { Rules []*LifecycleRule `locationName:"Rule" type:"list" flattened:"true"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s GetBucketLifecycleConfigurationOutput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s GetBucketLifecycleConfigurationOutput) GoString() string { return s.String() } @@ -17857,18 +21697,26 @@ type GetBucketLifecycleInput struct { // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // The account id of the expected bucket owner. If the bucket is owned by a - // different account, the request will fail with an HTTP 403 (Access Denied) - // error. + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s GetBucketLifecycleInput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s GetBucketLifecycleInput) GoString() string { return s.String() } @@ -17942,12 +21790,20 @@ type GetBucketLifecycleOutput struct { Rules []*Rule `locationName:"Rule" type:"list" flattened:"true"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s GetBucketLifecycleOutput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s GetBucketLifecycleOutput) GoString() string { return s.String() } @@ -17963,21 +21819,38 @@ type GetBucketLocationInput struct { // The name of the bucket for which to get the location. // + // When you use this API operation with an access point, provide the alias of + // the access point in place of the bucket name. + // + // When you use this API operation with an Object Lambda access point, provide + // the alias of the Object Lambda access point in place of the bucket name. + // If the Object Lambda access point alias in a request is not valid, the error + // code InvalidAccessPointAliasError is returned. For more information about + // InvalidAccessPointAliasError, see List of Error Codes (https://docs.aws.amazon.com/AmazonS3/latest/API/ErrorResponses.html#ErrorCodeList). + // // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // The account id of the expected bucket owner. If the bucket is owned by a - // different account, the request will fail with an HTTP 403 (Access Denied) - // error. + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s GetBucketLocationInput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s GetBucketLocationInput) GoString() string { return s.String() } @@ -18053,12 +21926,20 @@ type GetBucketLocationOutput struct { LocationConstraint *string `type:"string" enum:"BucketLocationConstraint"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s GetBucketLocationOutput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s GetBucketLocationOutput) GoString() string { return s.String() } @@ -18077,18 +21958,26 @@ type GetBucketLoggingInput struct { // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // The account id of the expected bucket owner. If the bucket is owned by a - // different account, the request will fail with an HTTP 403 (Access Denied) - // error. + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s GetBucketLoggingInput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s GetBucketLoggingInput) GoString() string { return s.String() } @@ -18161,16 +22050,24 @@ type GetBucketLoggingOutput struct { // Describes where logs are stored and the prefix that Amazon S3 assigns to // all log object keys for a bucket. For more information, see PUT Bucket logging // (https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTlogging.html) - // in the Amazon Simple Storage Service API Reference. + // in the Amazon S3 API Reference. LoggingEnabled *LoggingEnabled `type:"structure"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s GetBucketLoggingOutput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s GetBucketLoggingOutput) GoString() string { return s.String() } @@ -18189,23 +22086,32 @@ type GetBucketMetricsConfigurationInput struct { // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // The account id of the expected bucket owner. If the bucket is owned by a - // different account, the request will fail with an HTTP 403 (Access Denied) - // error. + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` - // The ID used to identify the metrics configuration. + // The ID used to identify the metrics configuration. The ID has a 64 character + // limit and can only contain letters, numbers, periods, dashes, and underscores. // // Id is a required field Id *string `location:"querystring" locationName:"id" type:"string" required:"true"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s GetBucketMetricsConfigurationInput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s GetBucketMetricsConfigurationInput) GoString() string { return s.String() } @@ -18288,12 +22194,20 @@ type GetBucketMetricsConfigurationOutput struct { MetricsConfiguration *MetricsConfiguration `type:"structure"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s GetBucketMetricsConfigurationOutput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s GetBucketMetricsConfigurationOutput) GoString() string { return s.String() } @@ -18309,21 +22223,38 @@ type GetBucketNotificationConfigurationRequest struct { // The name of the bucket for which to get the notification configuration. // + // When you use this API operation with an access point, provide the alias of + // the access point in place of the bucket name. + // + // When you use this API operation with an Object Lambda access point, provide + // the alias of the Object Lambda access point in place of the bucket name. + // If the Object Lambda access point alias in a request is not valid, the error + // code InvalidAccessPointAliasError is returned. For more information about + // InvalidAccessPointAliasError, see List of Error Codes (https://docs.aws.amazon.com/AmazonS3/latest/API/ErrorResponses.html#ErrorCodeList). + // // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // The account id of the expected bucket owner. If the bucket is owned by a - // different account, the request will fail with an HTTP 403 (Access Denied) - // error. + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s GetBucketNotificationConfigurationRequest) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s GetBucketNotificationConfigurationRequest) GoString() string { return s.String() } @@ -18398,18 +22329,26 @@ type GetBucketOwnershipControlsInput struct { // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // The account id of the expected bucket owner. If the bucket is owned by a - // different account, the request will fail with an HTTP 403 (Access Denied) - // error. + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s GetBucketOwnershipControlsInput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s GetBucketOwnershipControlsInput) GoString() string { return s.String() } @@ -18479,17 +22418,25 @@ func (s GetBucketOwnershipControlsInput) updateArnableField(v string) (interface type GetBucketOwnershipControlsOutput struct { _ struct{} `type:"structure" payload:"OwnershipControls"` - // The OwnershipControls (BucketOwnerPreferred or ObjectWriter) currently in - // effect for this Amazon S3 bucket. + // The OwnershipControls (BucketOwnerEnforced, BucketOwnerPreferred, or ObjectWriter) + // currently in effect for this Amazon S3 bucket. OwnershipControls *OwnershipControls `type:"structure"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s GetBucketOwnershipControlsOutput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s GetBucketOwnershipControlsOutput) GoString() string { return s.String() } @@ -18503,23 +22450,57 @@ func (s *GetBucketOwnershipControlsOutput) SetOwnershipControls(v *OwnershipCont type GetBucketPolicyInput struct { _ struct{} `locationName:"GetBucketPolicyRequest" type:"structure"` - // The bucket name for which to get the bucket policy. + // The bucket name to get the bucket policy for. + // + // Directory buckets - When you use this operation with a directory bucket, + // you must use path-style requests in the format https://s3express-control.region_code.amazonaws.com/bucket-name + // . Virtual-hosted-style requests aren't supported. Directory bucket names + // must be unique in the chosen Availability Zone. Bucket names must also follow + // the format bucket_base_name--az_id--x-s3 (for example, DOC-EXAMPLE-BUCKET--usw2-az1--x-s3). + // For information about bucket naming restrictions, see Directory bucket naming + // rules (https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-bucket-naming-rules.html) + // in the Amazon S3 User Guide + // + // Access points - When you use this API operation with an access point, provide + // the alias of the access point in place of the bucket name. + // + // Object Lambda access points - When you use this API operation with an Object + // Lambda access point, provide the alias of the Object Lambda access point + // in place of the bucket name. If the Object Lambda access point alias in a + // request is not valid, the error code InvalidAccessPointAliasError is returned. + // For more information about InvalidAccessPointAliasError, see List of Error + // Codes (https://docs.aws.amazon.com/AmazonS3/latest/API/ErrorResponses.html#ErrorCodeList). + // + // Access points and Object Lambda access points are not supported by directory + // buckets. // // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // The account id of the expected bucket owner. If the bucket is owned by a - // different account, the request will fail with an HTTP 403 (Access Denied) - // error. + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). + // + // For directory buckets, this header is not supported in this API operation. + // If you specify this header, the request fails with the HTTP status code 501 + // Not Implemented. ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s GetBucketPolicyInput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s GetBucketPolicyInput) GoString() string { return s.String() } @@ -18593,12 +22574,20 @@ type GetBucketPolicyOutput struct { Policy *string `type:"string"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s GetBucketPolicyOutput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s GetBucketPolicyOutput) GoString() string { return s.String() } @@ -18617,18 +22606,26 @@ type GetBucketPolicyStatusInput struct { // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // The account id of the expected bucket owner. If the bucket is owned by a - // different account, the request will fail with an HTTP 403 (Access Denied) - // error. + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s GetBucketPolicyStatusInput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s GetBucketPolicyStatusInput) GoString() string { return s.String() } @@ -18702,12 +22699,20 @@ type GetBucketPolicyStatusOutput struct { PolicyStatus *PolicyStatus `type:"structure"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s GetBucketPolicyStatusOutput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s GetBucketPolicyStatusOutput) GoString() string { return s.String() } @@ -18726,18 +22731,26 @@ type GetBucketReplicationInput struct { // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // The account id of the expected bucket owner. If the bucket is owned by a - // different account, the request will fail with an HTTP 403 (Access Denied) - // error. + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s GetBucketReplicationInput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s GetBucketReplicationInput) GoString() string { return s.String() } @@ -18812,12 +22825,20 @@ type GetBucketReplicationOutput struct { ReplicationConfiguration *ReplicationConfiguration `type:"structure"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s GetBucketReplicationOutput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s GetBucketReplicationOutput) GoString() string { return s.String() } @@ -18836,18 +22857,26 @@ type GetBucketRequestPaymentInput struct { // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // The account id of the expected bucket owner. If the bucket is owned by a - // different account, the request will fail with an HTTP 403 (Access Denied) - // error. + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s GetBucketRequestPaymentInput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s GetBucketRequestPaymentInput) GoString() string { return s.String() } @@ -18921,12 +22950,20 @@ type GetBucketRequestPaymentOutput struct { Payer *string `type:"string" enum:"Payer"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s GetBucketRequestPaymentOutput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s GetBucketRequestPaymentOutput) GoString() string { return s.String() } @@ -18945,18 +22982,26 @@ type GetBucketTaggingInput struct { // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // The account id of the expected bucket owner. If the bucket is owned by a - // different account, the request will fail with an HTTP 403 (Access Denied) - // error. + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s GetBucketTaggingInput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s GetBucketTaggingInput) GoString() string { return s.String() } @@ -19032,12 +23077,20 @@ type GetBucketTaggingOutput struct { TagSet []*Tag `locationNameList:"Tag" type:"list" required:"true"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s GetBucketTaggingOutput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s GetBucketTaggingOutput) GoString() string { return s.String() } @@ -19056,18 +23109,26 @@ type GetBucketVersioningInput struct { // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // The account id of the expected bucket owner. If the bucket is owned by a - // different account, the request will fail with an HTTP 403 (Access Denied) - // error. + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s GetBucketVersioningInput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s GetBucketVersioningInput) GoString() string { return s.String() } @@ -19146,12 +23207,20 @@ type GetBucketVersioningOutput struct { Status *string `type:"string" enum:"BucketVersioningStatus"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s GetBucketVersioningOutput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s GetBucketVersioningOutput) GoString() string { return s.String() } @@ -19176,18 +23245,26 @@ type GetBucketWebsiteInput struct { // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // The account id of the expected bucket owner. If the bucket is owned by a - // different account, the request will fail with an HTTP 403 (Access Denied) - // error. + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s GetBucketWebsiteInput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s GetBucketWebsiteInput) GoString() string { return s.String() } @@ -19271,12 +23348,20 @@ type GetBucketWebsiteOutput struct { RoutingRules []*RoutingRule `locationNameList:"RoutingRule" type:"list"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s GetBucketWebsiteOutput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s GetBucketWebsiteOutput) GoString() string { return s.String() } @@ -19310,19 +23395,21 @@ type GetObjectAclInput struct { // The bucket name that contains the object for which to get the ACL information. // - // When using this API with an access point, you must direct requests to the - // access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. - // When using this operation with an access point through the AWS SDKs, you - // provide the access point ARN in place of the bucket name. For more information - // about access point ARNs, see Using Access Points (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-access-points.html) - // in the Amazon Simple Storage Service Developer Guide. + // Access points - When you use this action with an access point, you must provide + // the alias of the access point in place of the bucket name or specify the + // access point ARN. When using the access point ARN, you must direct requests + // to the access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. + // When using this action with an access point through the Amazon Web Services + // SDKs, you provide the access point ARN in place of the bucket name. For more + // information about access point ARNs, see Using access points (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html) + // in the Amazon S3 User Guide. // // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // The account id of the expected bucket owner. If the bucket is owned by a - // different account, the request will fail with an HTTP 403 (Access Denied) - // error. + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` // The key of the object for which to get the ACL information. @@ -19331,22 +23418,36 @@ type GetObjectAclInput struct { Key *string `location:"uri" locationName:"Key" min:"1" type:"string" required:"true"` // Confirms that the requester knows that they will be charged for the request. - // Bucket owners need not specify this parameter in their requests. For information - // about downloading objects from requester pays buckets, see Downloading Objects - // in Requestor Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) - // in the Amazon S3 Developer Guide. + // Bucket owners need not specify this parameter in their requests. If either + // the source or destination S3 bucket has Requester Pays enabled, the requester + // will pay for corresponding charges to copy the object. For information about + // downloading objects from Requester Pays buckets, see Downloading Objects + // in Requester Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) + // in the Amazon S3 User Guide. + // + // This functionality is not supported for directory buckets. RequestPayer *string `location:"header" locationName:"x-amz-request-payer" type:"string" enum:"RequestPayer"` - // VersionId used to reference a specific version of the object. + // Version ID used to reference a specific version of the object. + // + // This functionality is not supported for directory buckets. VersionId *string `location:"querystring" locationName:"versionId" type:"string"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s GetObjectAclInput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s GetObjectAclInput) GoString() string { return s.String() } @@ -19448,15 +23549,25 @@ type GetObjectAclOutput struct { // If present, indicates that the requester was successfully charged for the // request. + // + // This functionality is not supported for directory buckets. RequestCharged *string `location:"header" locationName:"x-amz-request-charged" type:"string" enum:"RequestCharged"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s GetObjectAclOutput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s GetObjectAclOutput) GoString() string { return s.String() } @@ -19479,48 +23590,561 @@ func (s *GetObjectAclOutput) SetRequestCharged(v string) *GetObjectAclOutput { return s } +type GetObjectAttributesInput struct { + _ struct{} `locationName:"GetObjectAttributesRequest" type:"structure"` + + // The name of the bucket that contains the object. + // + // Directory buckets - When you use this operation with a directory bucket, + // you must use virtual-hosted-style requests in the format Bucket_name.s3express-az_id.region.amazonaws.com. + // Path-style requests are not supported. Directory bucket names must be unique + // in the chosen Availability Zone. Bucket names must follow the format bucket_base_name--az-id--x-s3 + // (for example, DOC-EXAMPLE-BUCKET--usw2-az1--x-s3). For information about + // bucket naming restrictions, see Directory bucket naming rules (https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-bucket-naming-rules.html) + // in the Amazon S3 User Guide. + // + // Access points - When you use this action with an access point, you must provide + // the alias of the access point in place of the bucket name or specify the + // access point ARN. When using the access point ARN, you must direct requests + // to the access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. + // When using this action with an access point through the Amazon Web Services + // SDKs, you provide the access point ARN in place of the bucket name. For more + // information about access point ARNs, see Using access points (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html) + // in the Amazon S3 User Guide. + // + // Access points and Object Lambda access points are not supported by directory + // buckets. + // + // S3 on Outposts - When you use this action with Amazon S3 on Outposts, you + // must direct requests to the S3 on Outposts hostname. The S3 on Outposts hostname + // takes the form AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com. + // When you use this action with S3 on Outposts through the Amazon Web Services + // SDKs, you provide the Outposts access point ARN in place of the bucket name. + // For more information about S3 on Outposts ARNs, see What is S3 on Outposts? + // (https://docs.aws.amazon.com/AmazonS3/latest/userguide/S3onOutposts.html) + // in the Amazon S3 User Guide. + // + // Bucket is a required field + Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` + + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). + ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` + + // The object key. + // + // Key is a required field + Key *string `location:"uri" locationName:"Key" min:"1" type:"string" required:"true"` + + // Sets the maximum number of parts to return. + MaxParts *int64 `location:"header" locationName:"x-amz-max-parts" type:"integer"` + + // Specifies the fields at the root level that you want returned in the response. + // Fields that you do not specify are not returned. + // + // ObjectAttributes is a required field + ObjectAttributes []*string `location:"header" locationName:"x-amz-object-attributes" type:"list" required:"true" enum:"ObjectAttributes"` + + // Specifies the part after which listing should begin. Only parts with higher + // part numbers will be listed. + PartNumberMarker *int64 `location:"header" locationName:"x-amz-part-number-marker" type:"integer"` + + // Confirms that the requester knows that they will be charged for the request. + // Bucket owners need not specify this parameter in their requests. If either + // the source or destination S3 bucket has Requester Pays enabled, the requester + // will pay for corresponding charges to copy the object. For information about + // downloading objects from Requester Pays buckets, see Downloading Objects + // in Requester Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) + // in the Amazon S3 User Guide. + // + // This functionality is not supported for directory buckets. + RequestPayer *string `location:"header" locationName:"x-amz-request-payer" type:"string" enum:"RequestPayer"` + + // Specifies the algorithm to use when encrypting the object (for example, AES256). + // + // This functionality is not supported for directory buckets. + SSECustomerAlgorithm *string `location:"header" locationName:"x-amz-server-side-encryption-customer-algorithm" type:"string"` + + // Specifies the customer-provided encryption key for Amazon S3 to use in encrypting + // data. This value is used to store the object and then it is discarded; Amazon + // S3 does not store the encryption key. The key must be appropriate for use + // with the algorithm specified in the x-amz-server-side-encryption-customer-algorithm + // header. + // + // This functionality is not supported for directory buckets. + // + // SSECustomerKey is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by GetObjectAttributesInput's + // String and GoString methods. + SSECustomerKey *string `marshal-as:"blob" location:"header" locationName:"x-amz-server-side-encryption-customer-key" type:"string" sensitive:"true"` + + // Specifies the 128-bit MD5 digest of the encryption key according to RFC 1321. + // Amazon S3 uses this header for a message integrity check to ensure that the + // encryption key was transmitted without error. + // + // This functionality is not supported for directory buckets. + SSECustomerKeyMD5 *string `location:"header" locationName:"x-amz-server-side-encryption-customer-key-MD5" type:"string"` + + // The version ID used to reference a specific version of the object. + // + // S3 Versioning isn't enabled and supported for directory buckets. For this + // API operation, only the null value of the version ID is supported by directory + // buckets. You can only specify null to the versionId query parameter in the + // request. + VersionId *string `location:"querystring" locationName:"versionId" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GetObjectAttributesInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GetObjectAttributesInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *GetObjectAttributesInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "GetObjectAttributesInput"} + if s.Bucket == nil { + invalidParams.Add(request.NewErrParamRequired("Bucket")) + } + if s.Bucket != nil && len(*s.Bucket) < 1 { + invalidParams.Add(request.NewErrParamMinLen("Bucket", 1)) + } + if s.Key == nil { + invalidParams.Add(request.NewErrParamRequired("Key")) + } + if s.Key != nil && len(*s.Key) < 1 { + invalidParams.Add(request.NewErrParamMinLen("Key", 1)) + } + if s.ObjectAttributes == nil { + invalidParams.Add(request.NewErrParamRequired("ObjectAttributes")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetBucket sets the Bucket field's value. +func (s *GetObjectAttributesInput) SetBucket(v string) *GetObjectAttributesInput { + s.Bucket = &v + return s +} + +func (s *GetObjectAttributesInput) getBucket() (v string) { + if s.Bucket == nil { + return v + } + return *s.Bucket +} + +// SetExpectedBucketOwner sets the ExpectedBucketOwner field's value. +func (s *GetObjectAttributesInput) SetExpectedBucketOwner(v string) *GetObjectAttributesInput { + s.ExpectedBucketOwner = &v + return s +} + +// SetKey sets the Key field's value. +func (s *GetObjectAttributesInput) SetKey(v string) *GetObjectAttributesInput { + s.Key = &v + return s +} + +// SetMaxParts sets the MaxParts field's value. +func (s *GetObjectAttributesInput) SetMaxParts(v int64) *GetObjectAttributesInput { + s.MaxParts = &v + return s +} + +// SetObjectAttributes sets the ObjectAttributes field's value. +func (s *GetObjectAttributesInput) SetObjectAttributes(v []*string) *GetObjectAttributesInput { + s.ObjectAttributes = v + return s +} + +// SetPartNumberMarker sets the PartNumberMarker field's value. +func (s *GetObjectAttributesInput) SetPartNumberMarker(v int64) *GetObjectAttributesInput { + s.PartNumberMarker = &v + return s +} + +// SetRequestPayer sets the RequestPayer field's value. +func (s *GetObjectAttributesInput) SetRequestPayer(v string) *GetObjectAttributesInput { + s.RequestPayer = &v + return s +} + +// SetSSECustomerAlgorithm sets the SSECustomerAlgorithm field's value. +func (s *GetObjectAttributesInput) SetSSECustomerAlgorithm(v string) *GetObjectAttributesInput { + s.SSECustomerAlgorithm = &v + return s +} + +// SetSSECustomerKey sets the SSECustomerKey field's value. +func (s *GetObjectAttributesInput) SetSSECustomerKey(v string) *GetObjectAttributesInput { + s.SSECustomerKey = &v + return s +} + +func (s *GetObjectAttributesInput) getSSECustomerKey() (v string) { + if s.SSECustomerKey == nil { + return v + } + return *s.SSECustomerKey +} + +// SetSSECustomerKeyMD5 sets the SSECustomerKeyMD5 field's value. +func (s *GetObjectAttributesInput) SetSSECustomerKeyMD5(v string) *GetObjectAttributesInput { + s.SSECustomerKeyMD5 = &v + return s +} + +// SetVersionId sets the VersionId field's value. +func (s *GetObjectAttributesInput) SetVersionId(v string) *GetObjectAttributesInput { + s.VersionId = &v + return s +} + +func (s *GetObjectAttributesInput) getEndpointARN() (arn.Resource, error) { + if s.Bucket == nil { + return nil, fmt.Errorf("member Bucket is nil") + } + return parseEndpointARN(*s.Bucket) +} + +func (s *GetObjectAttributesInput) hasEndpointARN() bool { + if s.Bucket == nil { + return false + } + return arn.IsARN(*s.Bucket) +} + +// updateArnableField updates the value of the input field that +// takes an ARN as an input. This method is useful to backfill +// the parsed resource name from ARN into the input member. +// It returns a pointer to a modified copy of input and an error. +// Note that original input is not modified. +func (s GetObjectAttributesInput) updateArnableField(v string) (interface{}, error) { + if s.Bucket == nil { + return nil, fmt.Errorf("member Bucket is nil") + } + s.Bucket = aws.String(v) + return &s, nil +} + +type GetObjectAttributesOutput struct { + _ struct{} `type:"structure"` + + // The checksum or digest of the object. + Checksum *Checksum `type:"structure"` + + // Specifies whether the object retrieved was (true) or was not (false) a delete + // marker. If false, this response header does not appear in the response. + // + // This functionality is not supported for directory buckets. + DeleteMarker *bool `location:"header" locationName:"x-amz-delete-marker" type:"boolean"` + + // An ETag is an opaque identifier assigned by a web server to a specific version + // of a resource found at a URL. + ETag *string `type:"string"` + + // The creation date of the object. + LastModified *time.Time `location:"header" locationName:"Last-Modified" type:"timestamp"` + + // A collection of parts associated with a multipart upload. + ObjectParts *GetObjectAttributesParts `type:"structure"` + + // The size of the object in bytes. + ObjectSize *int64 `type:"long"` + + // If present, indicates that the requester was successfully charged for the + // request. + // + // This functionality is not supported for directory buckets. + RequestCharged *string `location:"header" locationName:"x-amz-request-charged" type:"string" enum:"RequestCharged"` + + // Provides the storage class information of the object. Amazon S3 returns this + // header for all objects except for S3 Standard storage class objects. + // + // For more information, see Storage Classes (https://docs.aws.amazon.com/AmazonS3/latest/dev/storage-class-intro.html). + // + // Directory buckets - Only the S3 Express One Zone storage class is supported + // by directory buckets to store objects. + StorageClass *string `type:"string" enum:"StorageClass"` + + // The version ID of the object. + // + // This functionality is not supported for directory buckets. + VersionId *string `location:"header" locationName:"x-amz-version-id" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GetObjectAttributesOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GetObjectAttributesOutput) GoString() string { + return s.String() +} + +// SetChecksum sets the Checksum field's value. +func (s *GetObjectAttributesOutput) SetChecksum(v *Checksum) *GetObjectAttributesOutput { + s.Checksum = v + return s +} + +// SetDeleteMarker sets the DeleteMarker field's value. +func (s *GetObjectAttributesOutput) SetDeleteMarker(v bool) *GetObjectAttributesOutput { + s.DeleteMarker = &v + return s +} + +// SetETag sets the ETag field's value. +func (s *GetObjectAttributesOutput) SetETag(v string) *GetObjectAttributesOutput { + s.ETag = &v + return s +} + +// SetLastModified sets the LastModified field's value. +func (s *GetObjectAttributesOutput) SetLastModified(v time.Time) *GetObjectAttributesOutput { + s.LastModified = &v + return s +} + +// SetObjectParts sets the ObjectParts field's value. +func (s *GetObjectAttributesOutput) SetObjectParts(v *GetObjectAttributesParts) *GetObjectAttributesOutput { + s.ObjectParts = v + return s +} + +// SetObjectSize sets the ObjectSize field's value. +func (s *GetObjectAttributesOutput) SetObjectSize(v int64) *GetObjectAttributesOutput { + s.ObjectSize = &v + return s +} + +// SetRequestCharged sets the RequestCharged field's value. +func (s *GetObjectAttributesOutput) SetRequestCharged(v string) *GetObjectAttributesOutput { + s.RequestCharged = &v + return s +} + +// SetStorageClass sets the StorageClass field's value. +func (s *GetObjectAttributesOutput) SetStorageClass(v string) *GetObjectAttributesOutput { + s.StorageClass = &v + return s +} + +// SetVersionId sets the VersionId field's value. +func (s *GetObjectAttributesOutput) SetVersionId(v string) *GetObjectAttributesOutput { + s.VersionId = &v + return s +} + +// A collection of parts associated with a multipart upload. +type GetObjectAttributesParts struct { + _ struct{} `type:"structure"` + + // Indicates whether the returned list of parts is truncated. A value of true + // indicates that the list was truncated. A list can be truncated if the number + // of parts exceeds the limit returned in the MaxParts element. + IsTruncated *bool `type:"boolean"` + + // The maximum number of parts allowed in the response. + MaxParts *int64 `type:"integer"` + + // When a list is truncated, this element specifies the last part in the list, + // as well as the value to use for the PartNumberMarker request parameter in + // a subsequent request. + NextPartNumberMarker *int64 `type:"integer"` + + // The marker for the current part. + PartNumberMarker *int64 `type:"integer"` + + // A container for elements related to a particular part. A response can contain + // zero or more Parts elements. + // + // * General purpose buckets - For GetObjectAttributes, if a additional checksum + // (including x-amz-checksum-crc32, x-amz-checksum-crc32c, x-amz-checksum-sha1, + // or x-amz-checksum-sha256) isn't applied to the object specified in the + // request, the response doesn't return Part. + // + // * Directory buckets - For GetObjectAttributes, no matter whether a additional + // checksum is applied to the object specified in the request, the response + // returns Part. + Parts []*ObjectPart `locationName:"Part" type:"list" flattened:"true"` + + // The total number of parts. + TotalPartsCount *int64 `locationName:"PartsCount" type:"integer"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GetObjectAttributesParts) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GetObjectAttributesParts) GoString() string { + return s.String() +} + +// SetIsTruncated sets the IsTruncated field's value. +func (s *GetObjectAttributesParts) SetIsTruncated(v bool) *GetObjectAttributesParts { + s.IsTruncated = &v + return s +} + +// SetMaxParts sets the MaxParts field's value. +func (s *GetObjectAttributesParts) SetMaxParts(v int64) *GetObjectAttributesParts { + s.MaxParts = &v + return s +} + +// SetNextPartNumberMarker sets the NextPartNumberMarker field's value. +func (s *GetObjectAttributesParts) SetNextPartNumberMarker(v int64) *GetObjectAttributesParts { + s.NextPartNumberMarker = &v + return s +} + +// SetPartNumberMarker sets the PartNumberMarker field's value. +func (s *GetObjectAttributesParts) SetPartNumberMarker(v int64) *GetObjectAttributesParts { + s.PartNumberMarker = &v + return s +} + +// SetParts sets the Parts field's value. +func (s *GetObjectAttributesParts) SetParts(v []*ObjectPart) *GetObjectAttributesParts { + s.Parts = v + return s +} + +// SetTotalPartsCount sets the TotalPartsCount field's value. +func (s *GetObjectAttributesParts) SetTotalPartsCount(v int64) *GetObjectAttributesParts { + s.TotalPartsCount = &v + return s +} + type GetObjectInput struct { _ struct{} `locationName:"GetObjectRequest" type:"structure"` // The bucket name containing the object. // - // When using this API with an access point, you must direct requests to the - // access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. - // When using this operation with an access point through the AWS SDKs, you - // provide the access point ARN in place of the bucket name. For more information - // about access point ARNs, see Using Access Points (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-access-points.html) - // in the Amazon Simple Storage Service Developer Guide. - // - // When using this API with Amazon S3 on Outposts, you must direct requests - // to the S3 on Outposts hostname. The S3 on Outposts hostname takes the form - // AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com. When - // using this operation using S3 on Outposts through the AWS SDKs, you provide - // the Outposts bucket ARN in place of the bucket name. For more information - // about S3 on Outposts ARNs, see Using S3 on Outposts (https://docs.aws.amazon.com/AmazonS3/latest/dev/S3onOutposts.html) - // in the Amazon Simple Storage Service Developer Guide. + // Directory buckets - When you use this operation with a directory bucket, + // you must use virtual-hosted-style requests in the format Bucket_name.s3express-az_id.region.amazonaws.com. + // Path-style requests are not supported. Directory bucket names must be unique + // in the chosen Availability Zone. Bucket names must follow the format bucket_base_name--az-id--x-s3 + // (for example, DOC-EXAMPLE-BUCKET--usw2-az1--x-s3). For information about + // bucket naming restrictions, see Directory bucket naming rules (https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-bucket-naming-rules.html) + // in the Amazon S3 User Guide. + // + // Access points - When you use this action with an access point, you must provide + // the alias of the access point in place of the bucket name or specify the + // access point ARN. When using the access point ARN, you must direct requests + // to the access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. + // When using this action with an access point through the Amazon Web Services + // SDKs, you provide the access point ARN in place of the bucket name. For more + // information about access point ARNs, see Using access points (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html) + // in the Amazon S3 User Guide. + // + // Object Lambda access points - When you use this action with an Object Lambda + // access point, you must direct requests to the Object Lambda access point + // hostname. The Object Lambda access point hostname takes the form AccessPointName-AccountId.s3-object-lambda.Region.amazonaws.com. + // + // Access points and Object Lambda access points are not supported by directory + // buckets. + // + // S3 on Outposts - When you use this action with Amazon S3 on Outposts, you + // must direct requests to the S3 on Outposts hostname. The S3 on Outposts hostname + // takes the form AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com. + // When you use this action with S3 on Outposts through the Amazon Web Services + // SDKs, you provide the Outposts access point ARN in place of the bucket name. + // For more information about S3 on Outposts ARNs, see What is S3 on Outposts? + // (https://docs.aws.amazon.com/AmazonS3/latest/userguide/S3onOutposts.html) + // in the Amazon S3 User Guide. // // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // The account id of the expected bucket owner. If the bucket is owned by a - // different account, the request will fail with an HTTP 403 (Access Denied) - // error. + // To retrieve the checksum, this mode must be enabled. + // + // The AWS SDK for Go v1 does not support automatic response payload checksum + // validation. This feature is available in the AWS SDK for Go v2. + ChecksumMode *string `location:"header" locationName:"x-amz-checksum-mode" type:"string" enum:"ChecksumMode"` + + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` - // Return the object only if its entity tag (ETag) is the same as the one specified, - // otherwise return a 412 (precondition failed). + // Return the object only if its entity tag (ETag) is the same as the one specified + // in this header; otherwise, return a 412 Precondition Failed error. + // + // If both of the If-Match and If-Unmodified-Since headers are present in the + // request as follows: If-Match condition evaluates to true, and; If-Unmodified-Since + // condition evaluates to false; then, S3 returns 200 OK and the data requested. + // + // For more information about conditional requests, see RFC 7232 (https://tools.ietf.org/html/rfc7232). IfMatch *string `location:"header" locationName:"If-Match" type:"string"` - // Return the object only if it has been modified since the specified time, - // otherwise return a 304 (not modified). + // Return the object only if it has been modified since the specified time; + // otherwise, return a 304 Not Modified error. + // + // If both of the If-None-Match and If-Modified-Since headers are present in + // the request as follows:If-None-Match condition evaluates to false, and; If-Modified-Since + // condition evaluates to true; then, S3 returns 304 Not Modified status code. + // + // For more information about conditional requests, see RFC 7232 (https://tools.ietf.org/html/rfc7232). IfModifiedSince *time.Time `location:"header" locationName:"If-Modified-Since" type:"timestamp"` // Return the object only if its entity tag (ETag) is different from the one - // specified, otherwise return a 304 (not modified). + // specified in this header; otherwise, return a 304 Not Modified error. + // + // If both of the If-None-Match and If-Modified-Since headers are present in + // the request as follows:If-None-Match condition evaluates to false, and; If-Modified-Since + // condition evaluates to true; then, S3 returns 304 Not Modified HTTP status + // code. + // + // For more information about conditional requests, see RFC 7232 (https://tools.ietf.org/html/rfc7232). IfNoneMatch *string `location:"header" locationName:"If-None-Match" type:"string"` - // Return the object only if it has not been modified since the specified time, - // otherwise return a 412 (precondition failed). + // Return the object only if it has not been modified since the specified time; + // otherwise, return a 412 Precondition Failed error. + // + // If both of the If-Match and If-Unmodified-Since headers are present in the + // request as follows: If-Match condition evaluates to true, and; If-Unmodified-Since + // condition evaluates to false; then, S3 returns 200 OK and the data requested. + // + // For more information about conditional requests, see RFC 7232 (https://tools.ietf.org/html/rfc7232). IfUnmodifiedSince *time.Time `location:"header" locationName:"If-Unmodified-Since" type:"timestamp"` // Key of the object to get. @@ -19533,24 +24157,28 @@ type GetObjectInput struct { // Useful for downloading just a part of an object. PartNumber *int64 `location:"querystring" locationName:"partNumber" type:"integer"` - // Downloads the specified range bytes of an object. For more information about - // the HTTP Range header, see https://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.35 - // (https://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.35). + // Downloads the specified byte range of an object. For more information about + // the HTTP Range header, see https://www.rfc-editor.org/rfc/rfc9110.html#name-range + // (https://www.rfc-editor.org/rfc/rfc9110.html#name-range). // // Amazon S3 doesn't support retrieving multiple ranges of data per GET request. Range *string `location:"header" locationName:"Range" type:"string"` // Confirms that the requester knows that they will be charged for the request. - // Bucket owners need not specify this parameter in their requests. For information - // about downloading objects from requester pays buckets, see Downloading Objects - // in Requestor Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) - // in the Amazon S3 Developer Guide. + // Bucket owners need not specify this parameter in their requests. If either + // the source or destination S3 bucket has Requester Pays enabled, the requester + // will pay for corresponding charges to copy the object. For information about + // downloading objects from Requester Pays buckets, see Downloading Objects + // in Requester Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) + // in the Amazon S3 User Guide. + // + // This functionality is not supported for directory buckets. RequestPayer *string `location:"header" locationName:"x-amz-request-payer" type:"string" enum:"RequestPayer"` // Sets the Cache-Control header of the response. ResponseCacheControl *string `location:"querystring" locationName:"response-cache-control" type:"string"` - // Sets the Content-Disposition header of the response + // Sets the Content-Disposition header of the response. ResponseContentDisposition *string `location:"querystring" locationName:"response-content-disposition" type:"string"` // Sets the Content-Encoding header of the response. @@ -19563,34 +24191,111 @@ type GetObjectInput struct { ResponseContentType *string `location:"querystring" locationName:"response-content-type" type:"string"` // Sets the Expires header of the response. - ResponseExpires *time.Time `location:"querystring" locationName:"response-expires" type:"timestamp"` + ResponseExpires *time.Time `location:"querystring" locationName:"response-expires" type:"timestamp" timestampFormat:"rfc822"` - // Specifies the algorithm to use to when encrypting the object (for example, - // AES256). + // Specifies the algorithm to use when decrypting the object (for example, AES256). + // + // If you encrypt an object by using server-side encryption with customer-provided + // encryption keys (SSE-C) when you store the object in Amazon S3, then when + // you GET the object, you must use the following headers: + // + // * x-amz-server-side-encryption-customer-algorithm + // + // * x-amz-server-side-encryption-customer-key + // + // * x-amz-server-side-encryption-customer-key-MD5 + // + // For more information about SSE-C, see Server-Side Encryption (Using Customer-Provided + // Encryption Keys) (https://docs.aws.amazon.com/AmazonS3/latest/dev/ServerSideEncryptionCustomerKeys.html) + // in the Amazon S3 User Guide. + // + // This functionality is not supported for directory buckets. SSECustomerAlgorithm *string `location:"header" locationName:"x-amz-server-side-encryption-customer-algorithm" type:"string"` - // Specifies the customer-provided encryption key for Amazon S3 to use in encrypting - // data. This value is used to store the object and then it is discarded; Amazon - // S3 does not store the encryption key. The key must be appropriate for use - // with the algorithm specified in the x-amz-server-side-encryption-customer-algorithm - // header. + // Specifies the customer-provided encryption key that you originally provided + // for Amazon S3 to encrypt the data before storing it. This value is used to + // decrypt the object when recovering it and must match the one used when storing + // the data. The key must be appropriate for use with the algorithm specified + // in the x-amz-server-side-encryption-customer-algorithm header. + // + // If you encrypt an object by using server-side encryption with customer-provided + // encryption keys (SSE-C) when you store the object in Amazon S3, then when + // you GET the object, you must use the following headers: + // + // * x-amz-server-side-encryption-customer-algorithm + // + // * x-amz-server-side-encryption-customer-key + // + // * x-amz-server-side-encryption-customer-key-MD5 + // + // For more information about SSE-C, see Server-Side Encryption (Using Customer-Provided + // Encryption Keys) (https://docs.aws.amazon.com/AmazonS3/latest/dev/ServerSideEncryptionCustomerKeys.html) + // in the Amazon S3 User Guide. + // + // This functionality is not supported for directory buckets. + // + // SSECustomerKey is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by GetObjectInput's + // String and GoString methods. SSECustomerKey *string `marshal-as:"blob" location:"header" locationName:"x-amz-server-side-encryption-customer-key" type:"string" sensitive:"true"` - // Specifies the 128-bit MD5 digest of the encryption key according to RFC 1321. - // Amazon S3 uses this header for a message integrity check to ensure that the - // encryption key was transmitted without error. + // Specifies the 128-bit MD5 digest of the customer-provided encryption key + // according to RFC 1321. Amazon S3 uses this header for a message integrity + // check to ensure that the encryption key was transmitted without error. + // + // If you encrypt an object by using server-side encryption with customer-provided + // encryption keys (SSE-C) when you store the object in Amazon S3, then when + // you GET the object, you must use the following headers: + // + // * x-amz-server-side-encryption-customer-algorithm + // + // * x-amz-server-side-encryption-customer-key + // + // * x-amz-server-side-encryption-customer-key-MD5 + // + // For more information about SSE-C, see Server-Side Encryption (Using Customer-Provided + // Encryption Keys) (https://docs.aws.amazon.com/AmazonS3/latest/dev/ServerSideEncryptionCustomerKeys.html) + // in the Amazon S3 User Guide. + // + // This functionality is not supported for directory buckets. SSECustomerKeyMD5 *string `location:"header" locationName:"x-amz-server-side-encryption-customer-key-MD5" type:"string"` - // VersionId used to reference a specific version of the object. + // Version ID used to reference a specific version of the object. + // + // By default, the GetObject operation returns the current version of an object. + // To return a different version, use the versionId subresource. + // + // * If you include a versionId in your request header, you must have the + // s3:GetObjectVersion permission to access a specific version of an object. + // The s3:GetObject permission is not required in this scenario. + // + // * If you request the current version of an object without a specific versionId + // in the request header, only the s3:GetObject permission is required. The + // s3:GetObjectVersion permission is not required in this scenario. + // + // * Directory buckets - S3 Versioning isn't enabled and supported for directory + // buckets. For this API operation, only the null value of the version ID + // is supported by directory buckets. You can only specify null to the versionId + // query parameter in the request. + // + // For more information about versioning, see PutBucketVersioning (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketVersioning.html). VersionId *string `location:"querystring" locationName:"versionId" type:"string"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s GetObjectInput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s GetObjectInput) GoString() string { return s.String() } @@ -19630,6 +24335,12 @@ func (s *GetObjectInput) getBucket() (v string) { return *s.Bucket } +// SetChecksumMode sets the ChecksumMode field's value. +func (s *GetObjectInput) SetChecksumMode(v string) *GetObjectInput { + s.ChecksumMode = &v + return s +} + // SetExpectedBucketOwner sets the ExpectedBucketOwner field's value. func (s *GetObjectInput) SetExpectedBucketOwner(v string) *GetObjectInput { s.ExpectedBucketOwner = &v @@ -19781,46 +24492,60 @@ func (s GetObjectInput) updateArnableField(v string) (interface{}, error) { type GetObjectLegalHoldInput struct { _ struct{} `locationName:"GetObjectLegalHoldRequest" type:"structure"` - // The bucket name containing the object whose Legal Hold status you want to + // The bucket name containing the object whose legal hold status you want to // retrieve. // - // When using this API with an access point, you must direct requests to the - // access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. - // When using this operation with an access point through the AWS SDKs, you - // provide the access point ARN in place of the bucket name. For more information - // about access point ARNs, see Using Access Points (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-access-points.html) - // in the Amazon Simple Storage Service Developer Guide. + // Access points - When you use this action with an access point, you must provide + // the alias of the access point in place of the bucket name or specify the + // access point ARN. When using the access point ARN, you must direct requests + // to the access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. + // When using this action with an access point through the Amazon Web Services + // SDKs, you provide the access point ARN in place of the bucket name. For more + // information about access point ARNs, see Using access points (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html) + // in the Amazon S3 User Guide. // // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // The account id of the expected bucket owner. If the bucket is owned by a - // different account, the request will fail with an HTTP 403 (Access Denied) - // error. + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` - // The key name for the object whose Legal Hold status you want to retrieve. + // The key name for the object whose legal hold status you want to retrieve. // // Key is a required field Key *string `location:"uri" locationName:"Key" min:"1" type:"string" required:"true"` // Confirms that the requester knows that they will be charged for the request. - // Bucket owners need not specify this parameter in their requests. For information - // about downloading objects from requester pays buckets, see Downloading Objects - // in Requestor Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) - // in the Amazon S3 Developer Guide. + // Bucket owners need not specify this parameter in their requests. If either + // the source or destination S3 bucket has Requester Pays enabled, the requester + // will pay for corresponding charges to copy the object. For information about + // downloading objects from Requester Pays buckets, see Downloading Objects + // in Requester Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) + // in the Amazon S3 User Guide. + // + // This functionality is not supported for directory buckets. RequestPayer *string `location:"header" locationName:"x-amz-request-payer" type:"string" enum:"RequestPayer"` - // The version ID of the object whose Legal Hold status you want to retrieve. + // The version ID of the object whose legal hold status you want to retrieve. VersionId *string `location:"querystring" locationName:"versionId" type:"string"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s GetObjectLegalHoldInput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s GetObjectLegalHoldInput) GoString() string { return s.String() } @@ -19914,16 +24639,24 @@ func (s GetObjectLegalHoldInput) updateArnableField(v string) (interface{}, erro type GetObjectLegalHoldOutput struct { _ struct{} `type:"structure" payload:"LegalHold"` - // The current Legal Hold status for the specified object. - LegalHold *ObjectLockLegalHold `type:"structure"` + // The current legal hold status for the specified object. + LegalHold *ObjectLockLegalHold `locationName:"LegalHold" type:"structure"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s GetObjectLegalHoldOutput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s GetObjectLegalHoldOutput) GoString() string { return s.String() } @@ -19939,28 +24672,38 @@ type GetObjectLockConfigurationInput struct { // The bucket whose Object Lock configuration you want to retrieve. // - // When using this API with an access point, you must direct requests to the - // access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. - // When using this operation with an access point through the AWS SDKs, you - // provide the access point ARN in place of the bucket name. For more information - // about access point ARNs, see Using Access Points (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-access-points.html) - // in the Amazon Simple Storage Service Developer Guide. + // Access points - When you use this action with an access point, you must provide + // the alias of the access point in place of the bucket name or specify the + // access point ARN. When using the access point ARN, you must direct requests + // to the access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. + // When using this action with an access point through the Amazon Web Services + // SDKs, you provide the access point ARN in place of the bucket name. For more + // information about access point ARNs, see Using access points (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html) + // in the Amazon S3 User Guide. // // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // The account id of the expected bucket owner. If the bucket is owned by a - // different account, the request will fail with an HTTP 403 (Access Denied) - // error. + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s GetObjectLockConfigurationInput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s GetObjectLockConfigurationInput) GoString() string { return s.String() } @@ -20034,12 +24777,20 @@ type GetObjectLockConfigurationOutput struct { ObjectLockConfiguration *ObjectLockConfiguration `type:"structure"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s GetObjectLockConfigurationOutput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s GetObjectLockConfigurationOutput) GoString() string { return s.String() } @@ -20053,23 +24804,49 @@ func (s *GetObjectLockConfigurationOutput) SetObjectLockConfiguration(v *ObjectL type GetObjectOutput struct { _ struct{} `type:"structure" payload:"Body"` - // Indicates that a range of bytes was specified. + // Indicates that a range of bytes was specified in the request. AcceptRanges *string `location:"header" locationName:"accept-ranges" type:"string"` // Object data. Body io.ReadCloser `type:"blob"` // Indicates whether the object uses an S3 Bucket Key for server-side encryption - // with AWS KMS (SSE-KMS). + // with Key Management Service (KMS) keys (SSE-KMS). + // + // This functionality is not supported for directory buckets. BucketKeyEnabled *bool `location:"header" locationName:"x-amz-server-side-encryption-bucket-key-enabled" type:"boolean"` // Specifies caching behavior along the request/reply chain. CacheControl *string `location:"header" locationName:"Cache-Control" type:"string"` + // The base64-encoded, 32-bit CRC32 checksum of the object. This will only be + // present if it was uploaded with the object. For more information, see Checking + // object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) + // in the Amazon S3 User Guide. + ChecksumCRC32 *string `location:"header" locationName:"x-amz-checksum-crc32" type:"string"` + + // The base64-encoded, 32-bit CRC32C checksum of the object. This will only + // be present if it was uploaded with the object. For more information, see + // Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) + // in the Amazon S3 User Guide. + ChecksumCRC32C *string `location:"header" locationName:"x-amz-checksum-crc32c" type:"string"` + + // The base64-encoded, 160-bit SHA-1 digest of the object. This will only be + // present if it was uploaded with the object. For more information, see Checking + // object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) + // in the Amazon S3 User Guide. + ChecksumSHA1 *string `location:"header" locationName:"x-amz-checksum-sha1" type:"string"` + + // The base64-encoded, 256-bit SHA-256 digest of the object. This will only + // be present if it was uploaded with the object. For more information, see + // Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) + // in the Amazon S3 User Guide. + ChecksumSHA256 *string `location:"header" locationName:"x-amz-checksum-sha256" type:"string"` + // Specifies presentational information for the object. ContentDisposition *string `location:"header" locationName:"Content-Disposition" type:"string"` - // Specifies what content encodings have been applied to the object and thus + // Indicates what content encodings have been applied to the object and thus // what decoding mechanisms must be applied to obtain the media-type referenced // by the Content-Type header field. ContentEncoding *string `location:"header" locationName:"Content-Encoding" type:"string"` @@ -20086,24 +24863,40 @@ type GetObjectOutput struct { // A standard MIME type describing the format of the object data. ContentType *string `location:"header" locationName:"Content-Type" type:"string"` - // Specifies whether the object retrieved was (true) or was not (false) a Delete + // Indicates whether the object retrieved was (true) or was not (false) a Delete // Marker. If false, this response header does not appear in the response. + // + // * If the current version of the object is a delete marker, Amazon S3 behaves + // as if the object was deleted and includes x-amz-delete-marker: true in + // the response. + // + // * If the specified version in the request is a delete marker, the response + // returns a 405 Method Not Allowed error and the Last-Modified: timestamp + // response header. DeleteMarker *bool `location:"header" locationName:"x-amz-delete-marker" type:"boolean"` - // An ETag is an opaque identifier assigned by a web server to a specific version - // of a resource found at a URL. + // An entity tag (ETag) is an opaque identifier assigned by a web server to + // a specific version of a resource found at a URL. ETag *string `location:"header" locationName:"ETag" type:"string"` - // If the object expiration is configured (see PUT Bucket lifecycle), the response - // includes this header. It includes the expiry-date and rule-id key-value pairs - // providing object expiration information. The value of the rule-id is URL - // encoded. + // If the object expiration is configured (see PutBucketLifecycleConfiguration + // (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketLifecycleConfiguration.html)), + // the response includes this header. It includes the expiry-date and rule-id + // key-value pairs providing object expiration information. The value of the + // rule-id is URL-encoded. + // + // This functionality is not supported for directory buckets. Expiration *string `location:"header" locationName:"x-amz-expiration" type:"string"` // The date and time at which the object is no longer cacheable. Expires *string `location:"header" locationName:"Expires" type:"string"` - // Last modified date of the object + // Date and time when the object was last modified. + // + // General purpose buckets - When you specify a versionId of the object in your + // request, if the specified version in the request is a delete marker, the + // response returns a 405 Method Not Allowed error and the Last-Modified: timestamp + // response header. LastModified *time.Time `location:"header" locationName:"Last-Modified" type:"timestamp"` // A map of metadata to store with the object in S3. @@ -20113,78 +24906,128 @@ type GetObjectOutput struct { // Set `aws.Config.LowerCaseHeaderMaps` to `true` to write unmarshaled keys to the map as lowercase. Metadata map[string]*string `location:"headers" locationName:"x-amz-meta-" type:"map"` - // This is set to the number of metadata entries not returned in x-amz-meta - // headers. This can happen if you create metadata using an API like SOAP that - // supports more flexible metadata than the REST API. For example, using SOAP, - // you can create metadata whose values are not legal HTTP headers. + // This is set to the number of metadata entries not returned in the headers + // that are prefixed with x-amz-meta-. This can happen if you create metadata + // using an API like SOAP that supports more flexible metadata than the REST + // API. For example, using SOAP, you can create metadata whose values are not + // legal HTTP headers. + // + // This functionality is not supported for directory buckets. MissingMeta *int64 `location:"header" locationName:"x-amz-missing-meta" type:"integer"` // Indicates whether this object has an active legal hold. This field is only // returned if you have permission to view an object's legal hold status. + // + // This functionality is not supported for directory buckets. ObjectLockLegalHoldStatus *string `location:"header" locationName:"x-amz-object-lock-legal-hold" type:"string" enum:"ObjectLockLegalHoldStatus"` - // The Object Lock mode currently in place for this object. + // The Object Lock mode that's currently in place for this object. + // + // This functionality is not supported for directory buckets. ObjectLockMode *string `location:"header" locationName:"x-amz-object-lock-mode" type:"string" enum:"ObjectLockMode"` // The date and time when this object's Object Lock will expire. + // + // This functionality is not supported for directory buckets. ObjectLockRetainUntilDate *time.Time `location:"header" locationName:"x-amz-object-lock-retain-until-date" type:"timestamp" timestampFormat:"iso8601"` - // The count of parts this object has. + // The count of parts this object has. This value is only returned if you specify + // partNumber in your request and the object was uploaded as a multipart upload. PartsCount *int64 `location:"header" locationName:"x-amz-mp-parts-count" type:"integer"` // Amazon S3 can return this if your request involves a bucket that is either // a source or destination in a replication rule. + // + // This functionality is not supported for directory buckets. ReplicationStatus *string `location:"header" locationName:"x-amz-replication-status" type:"string" enum:"ReplicationStatus"` // If present, indicates that the requester was successfully charged for the // request. + // + // This functionality is not supported for directory buckets. RequestCharged *string `location:"header" locationName:"x-amz-request-charged" type:"string" enum:"RequestCharged"` - // Provides information about object restoration operation and expiration time + // Provides information about object restoration action and expiration time // of the restored object copy. + // + // This functionality is not supported for directory buckets. Only the S3 Express + // One Zone storage class is supported by directory buckets to store objects. Restore *string `location:"header" locationName:"x-amz-restore" type:"string"` // If server-side encryption with a customer-provided encryption key was requested, - // the response will include this header confirming the encryption algorithm - // used. + // the response will include this header to confirm the encryption algorithm + // that's used. + // + // This functionality is not supported for directory buckets. SSECustomerAlgorithm *string `location:"header" locationName:"x-amz-server-side-encryption-customer-algorithm" type:"string"` // If server-side encryption with a customer-provided encryption key was requested, - // the response will include this header to provide round-trip message integrity + // the response will include this header to provide the round-trip message integrity // verification of the customer-provided encryption key. + // + // This functionality is not supported for directory buckets. SSECustomerKeyMD5 *string `location:"header" locationName:"x-amz-server-side-encryption-customer-key-MD5" type:"string"` - // If present, specifies the ID of the AWS Key Management Service (AWS KMS) - // symmetric customer managed customer master key (CMK) that was used for the - // object. + // If present, indicates the ID of the Key Management Service (KMS) symmetric + // encryption customer managed key that was used for the object. + // + // This functionality is not supported for directory buckets. + // + // SSEKMSKeyId is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by GetObjectOutput's + // String and GoString methods. SSEKMSKeyId *string `location:"header" locationName:"x-amz-server-side-encryption-aws-kms-key-id" type:"string" sensitive:"true"` - // The server-side encryption algorithm used when storing this object in Amazon - // S3 (for example, AES256, aws:kms). + // The server-side encryption algorithm used when you store this object in Amazon + // S3 (for example, AES256, aws:kms, aws:kms:dsse). + // + // For directory buckets, only server-side encryption with Amazon S3 managed + // keys (SSE-S3) (AES256) is supported. ServerSideEncryption *string `location:"header" locationName:"x-amz-server-side-encryption" type:"string" enum:"ServerSideEncryption"` // Provides storage class information of the object. Amazon S3 returns this // header for all objects except for S3 Standard storage class objects. + // + // Directory buckets - Only the S3 Express One Zone storage class is supported + // by directory buckets to store objects. StorageClass *string `location:"header" locationName:"x-amz-storage-class" type:"string" enum:"StorageClass"` - // The number of tags, if any, on the object. + // The number of tags, if any, on the object, when you have the relevant permission + // to read object tags. + // + // You can use GetObjectTagging (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetObjectTagging.html) + // to retrieve the tag set associated with an object. + // + // This functionality is not supported for directory buckets. TagCount *int64 `location:"header" locationName:"x-amz-tagging-count" type:"integer"` - // Version of the object. + // Version ID of the object. + // + // This functionality is not supported for directory buckets. VersionId *string `location:"header" locationName:"x-amz-version-id" type:"string"` // If the bucket is configured as a website, redirects requests for this object // to another object in the same bucket or to an external URL. Amazon S3 stores // the value of this header in the object metadata. + // + // This functionality is not supported for directory buckets. WebsiteRedirectLocation *string `location:"header" locationName:"x-amz-website-redirect-location" type:"string"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s GetObjectOutput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s GetObjectOutput) GoString() string { return s.String() } @@ -20213,6 +25056,30 @@ func (s *GetObjectOutput) SetCacheControl(v string) *GetObjectOutput { return s } +// SetChecksumCRC32 sets the ChecksumCRC32 field's value. +func (s *GetObjectOutput) SetChecksumCRC32(v string) *GetObjectOutput { + s.ChecksumCRC32 = &v + return s +} + +// SetChecksumCRC32C sets the ChecksumCRC32C field's value. +func (s *GetObjectOutput) SetChecksumCRC32C(v string) *GetObjectOutput { + s.ChecksumCRC32C = &v + return s +} + +// SetChecksumSHA1 sets the ChecksumSHA1 field's value. +func (s *GetObjectOutput) SetChecksumSHA1(v string) *GetObjectOutput { + s.ChecksumSHA1 = &v + return s +} + +// SetChecksumSHA256 sets the ChecksumSHA256 field's value. +func (s *GetObjectOutput) SetChecksumSHA256(v string) *GetObjectOutput { + s.ChecksumSHA256 = &v + return s +} + // SetContentDisposition sets the ContentDisposition field's value. func (s *GetObjectOutput) SetContentDisposition(v string) *GetObjectOutput { s.ContentDisposition = &v @@ -20387,19 +25254,21 @@ type GetObjectRetentionInput struct { // The bucket name containing the object whose retention settings you want to // retrieve. // - // When using this API with an access point, you must direct requests to the - // access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. - // When using this operation with an access point through the AWS SDKs, you - // provide the access point ARN in place of the bucket name. For more information - // about access point ARNs, see Using Access Points (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-access-points.html) - // in the Amazon Simple Storage Service Developer Guide. + // Access points - When you use this action with an access point, you must provide + // the alias of the access point in place of the bucket name or specify the + // access point ARN. When using the access point ARN, you must direct requests + // to the access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. + // When using this action with an access point through the Amazon Web Services + // SDKs, you provide the access point ARN in place of the bucket name. For more + // information about access point ARNs, see Using access points (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html) + // in the Amazon S3 User Guide. // // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // The account id of the expected bucket owner. If the bucket is owned by a - // different account, the request will fail with an HTTP 403 (Access Denied) - // error. + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` // The key name for the object whose retention settings you want to retrieve. @@ -20408,22 +25277,34 @@ type GetObjectRetentionInput struct { Key *string `location:"uri" locationName:"Key" min:"1" type:"string" required:"true"` // Confirms that the requester knows that they will be charged for the request. - // Bucket owners need not specify this parameter in their requests. For information - // about downloading objects from requester pays buckets, see Downloading Objects - // in Requestor Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) - // in the Amazon S3 Developer Guide. + // Bucket owners need not specify this parameter in their requests. If either + // the source or destination S3 bucket has Requester Pays enabled, the requester + // will pay for corresponding charges to copy the object. For information about + // downloading objects from Requester Pays buckets, see Downloading Objects + // in Requester Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) + // in the Amazon S3 User Guide. + // + // This functionality is not supported for directory buckets. RequestPayer *string `location:"header" locationName:"x-amz-request-payer" type:"string" enum:"RequestPayer"` // The version ID for the object whose retention settings you want to retrieve. VersionId *string `location:"querystring" locationName:"versionId" type:"string"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s GetObjectRetentionInput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s GetObjectRetentionInput) GoString() string { return s.String() } @@ -20518,15 +25399,23 @@ type GetObjectRetentionOutput struct { _ struct{} `type:"structure" payload:"Retention"` // The container element for an object's retention settings. - Retention *ObjectLockRetention `type:"structure"` + Retention *ObjectLockRetention `locationName:"Retention" type:"structure"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s GetObjectRetentionOutput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s GetObjectRetentionOutput) GoString() string { return s.String() } @@ -20542,27 +25431,30 @@ type GetObjectTaggingInput struct { // The bucket name containing the object for which to get the tagging information. // - // When using this API with an access point, you must direct requests to the - // access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. - // When using this operation with an access point through the AWS SDKs, you - // provide the access point ARN in place of the bucket name. For more information - // about access point ARNs, see Using Access Points (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-access-points.html) - // in the Amazon Simple Storage Service Developer Guide. - // - // When using this API with Amazon S3 on Outposts, you must direct requests - // to the S3 on Outposts hostname. The S3 on Outposts hostname takes the form - // AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com. When - // using this operation using S3 on Outposts through the AWS SDKs, you provide - // the Outposts bucket ARN in place of the bucket name. For more information - // about S3 on Outposts ARNs, see Using S3 on Outposts (https://docs.aws.amazon.com/AmazonS3/latest/dev/S3onOutposts.html) - // in the Amazon Simple Storage Service Developer Guide. + // Access points - When you use this action with an access point, you must provide + // the alias of the access point in place of the bucket name or specify the + // access point ARN. When using the access point ARN, you must direct requests + // to the access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. + // When using this action with an access point through the Amazon Web Services + // SDKs, you provide the access point ARN in place of the bucket name. For more + // information about access point ARNs, see Using access points (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html) + // in the Amazon S3 User Guide. + // + // S3 on Outposts - When you use this action with Amazon S3 on Outposts, you + // must direct requests to the S3 on Outposts hostname. The S3 on Outposts hostname + // takes the form AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com. + // When you use this action with S3 on Outposts through the Amazon Web Services + // SDKs, you provide the Outposts access point ARN in place of the bucket name. + // For more information about S3 on Outposts ARNs, see What is S3 on Outposts? + // (https://docs.aws.amazon.com/AmazonS3/latest/userguide/S3onOutposts.html) + // in the Amazon S3 User Guide. // // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // The account id of the expected bucket owner. If the bucket is owned by a - // different account, the request will fail with an HTTP 403 (Access Denied) - // error. + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` // Object key for which to get the tagging information. @@ -20570,16 +25462,35 @@ type GetObjectTaggingInput struct { // Key is a required field Key *string `location:"uri" locationName:"Key" min:"1" type:"string" required:"true"` + // Confirms that the requester knows that they will be charged for the request. + // Bucket owners need not specify this parameter in their requests. If either + // the source or destination S3 bucket has Requester Pays enabled, the requester + // will pay for corresponding charges to copy the object. For information about + // downloading objects from Requester Pays buckets, see Downloading Objects + // in Requester Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) + // in the Amazon S3 User Guide. + // + // This functionality is not supported for directory buckets. + RequestPayer *string `location:"header" locationName:"x-amz-request-payer" type:"string" enum:"RequestPayer"` + // The versionId of the object for which to get the tagging information. VersionId *string `location:"querystring" locationName:"versionId" type:"string"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s GetObjectTaggingInput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s GetObjectTaggingInput) GoString() string { return s.String() } @@ -20631,6 +25542,12 @@ func (s *GetObjectTaggingInput) SetKey(v string) *GetObjectTaggingInput { return s } +// SetRequestPayer sets the RequestPayer field's value. +func (s *GetObjectTaggingInput) SetRequestPayer(v string) *GetObjectTaggingInput { + s.RequestPayer = &v + return s +} + // SetVersionId sets the VersionId field's value. func (s *GetObjectTaggingInput) SetVersionId(v string) *GetObjectTaggingInput { s.VersionId = &v @@ -20676,12 +25593,20 @@ type GetObjectTaggingOutput struct { VersionId *string `location:"header" locationName:"x-amz-version-id" type:"string"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s GetObjectTaggingOutput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s GetObjectTaggingOutput) GoString() string { return s.String() } @@ -20707,9 +25632,9 @@ type GetObjectTorrentInput struct { // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // The account id of the expected bucket owner. If the bucket is owned by a - // different account, the request will fail with an HTTP 403 (Access Denied) - // error. + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` // The object key for which to get the information. @@ -20718,19 +25643,31 @@ type GetObjectTorrentInput struct { Key *string `location:"uri" locationName:"Key" min:"1" type:"string" required:"true"` // Confirms that the requester knows that they will be charged for the request. - // Bucket owners need not specify this parameter in their requests. For information - // about downloading objects from requester pays buckets, see Downloading Objects - // in Requestor Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) - // in the Amazon S3 Developer Guide. + // Bucket owners need not specify this parameter in their requests. If either + // the source or destination S3 bucket has Requester Pays enabled, the requester + // will pay for corresponding charges to copy the object. For information about + // downloading objects from Requester Pays buckets, see Downloading Objects + // in Requester Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) + // in the Amazon S3 User Guide. + // + // This functionality is not supported for directory buckets. RequestPayer *string `location:"header" locationName:"x-amz-request-payer" type:"string" enum:"RequestPayer"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s GetObjectTorrentInput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s GetObjectTorrentInput) GoString() string { return s.String() } @@ -20823,15 +25760,25 @@ type GetObjectTorrentOutput struct { // If present, indicates that the requester was successfully charged for the // request. + // + // This functionality is not supported for directory buckets. RequestCharged *string `location:"header" locationName:"x-amz-request-charged" type:"string" enum:"RequestCharged"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s GetObjectTorrentOutput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s GetObjectTorrentOutput) GoString() string { return s.String() } @@ -20857,18 +25804,26 @@ type GetPublicAccessBlockInput struct { // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // The account id of the expected bucket owner. If the bucket is owned by a - // different account, the request will fail with an HTTP 403 (Access Denied) - // error. + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s GetPublicAccessBlockInput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s GetPublicAccessBlockInput) GoString() string { return s.String() } @@ -20943,12 +25898,20 @@ type GetPublicAccessBlockOutput struct { PublicAccessBlockConfiguration *PublicAccessBlockConfiguration `type:"structure"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s GetPublicAccessBlockOutput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s GetPublicAccessBlockOutput) GoString() string { return s.String() } @@ -20969,12 +25932,20 @@ type GlacierJobParameters struct { Tier *string `type:"string" required:"true" enum:"Tier"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s GlacierJobParameters) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s GlacierJobParameters) GoString() string { return s.String() } @@ -21009,12 +25980,20 @@ type Grant struct { Permission *string `type:"string" enum:"Permission"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s Grant) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s Grant) GoString() string { return s.String() } @@ -21056,7 +26035,7 @@ type Grantee struct { // Email address of the grantee. // // Using email addresses to specify a grantee is only supported in the following - // AWS Regions: + // Amazon Web Services Regions: // // * US East (N. Virginia) // @@ -21076,7 +26055,7 @@ type Grantee struct { // // For a list of all the Amazon S3 supported Regions and endpoints, see Regions // and Endpoints (https://docs.aws.amazon.com/general/latest/gr/rande.html#s3_region) - // in the AWS General Reference. + // in the Amazon Web Services General Reference. EmailAddress *string `type:"string"` // The canonical user ID of the grantee. @@ -21091,12 +26070,20 @@ type Grantee struct { URI *string `type:"string"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s Grantee) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s Grantee) GoString() string { return s.String() } @@ -21149,36 +26136,65 @@ type HeadBucketInput struct { // The bucket name. // - // When using this API with an access point, you must direct requests to the - // access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. - // When using this operation with an access point through the AWS SDKs, you - // provide the access point ARN in place of the bucket name. For more information - // about access point ARNs, see Using Access Points (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-access-points.html) - // in the Amazon Simple Storage Service Developer Guide. - // - // When using this API with Amazon S3 on Outposts, you must direct requests - // to the S3 on Outposts hostname. The S3 on Outposts hostname takes the form - // AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com. When - // using this operation using S3 on Outposts through the AWS SDKs, you provide - // the Outposts bucket ARN in place of the bucket name. For more information - // about S3 on Outposts ARNs, see Using S3 on Outposts (https://docs.aws.amazon.com/AmazonS3/latest/dev/S3onOutposts.html) - // in the Amazon Simple Storage Service Developer Guide. + // Directory buckets - When you use this operation with a directory bucket, + // you must use virtual-hosted-style requests in the format Bucket_name.s3express-az_id.region.amazonaws.com. + // Path-style requests are not supported. Directory bucket names must be unique + // in the chosen Availability Zone. Bucket names must follow the format bucket_base_name--az-id--x-s3 + // (for example, DOC-EXAMPLE-BUCKET--usw2-az1--x-s3). For information about + // bucket naming restrictions, see Directory bucket naming rules (https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-bucket-naming-rules.html) + // in the Amazon S3 User Guide. + // + // Access points - When you use this action with an access point, you must provide + // the alias of the access point in place of the bucket name or specify the + // access point ARN. When using the access point ARN, you must direct requests + // to the access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. + // When using this action with an access point through the Amazon Web Services + // SDKs, you provide the access point ARN in place of the bucket name. For more + // information about access point ARNs, see Using access points (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html) + // in the Amazon S3 User Guide. + // + // Object Lambda access points - When you use this API operation with an Object + // Lambda access point, provide the alias of the Object Lambda access point + // in place of the bucket name. If the Object Lambda access point alias in a + // request is not valid, the error code InvalidAccessPointAliasError is returned. + // For more information about InvalidAccessPointAliasError, see List of Error + // Codes (https://docs.aws.amazon.com/AmazonS3/latest/API/ErrorResponses.html#ErrorCodeList). + // + // Access points and Object Lambda access points are not supported by directory + // buckets. + // + // S3 on Outposts - When you use this action with Amazon S3 on Outposts, you + // must direct requests to the S3 on Outposts hostname. The S3 on Outposts hostname + // takes the form AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com. + // When you use this action with S3 on Outposts through the Amazon Web Services + // SDKs, you provide the Outposts access point ARN in place of the bucket name. + // For more information about S3 on Outposts ARNs, see What is S3 on Outposts? + // (https://docs.aws.amazon.com/AmazonS3/latest/userguide/S3onOutposts.html) + // in the Amazon S3 User Guide. // // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // The account id of the expected bucket owner. If the bucket is owned by a - // different account, the request will fail with an HTTP 403 (Access Denied) - // error. + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s HeadBucketInput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s HeadBucketInput) GoString() string { return s.String() } @@ -21247,60 +26263,181 @@ func (s HeadBucketInput) updateArnableField(v string) (interface{}, error) { type HeadBucketOutput struct { _ struct{} `type:"structure"` + + // Indicates whether the bucket name used in the request is an access point + // alias. + // + // This functionality is not supported for directory buckets. + AccessPointAlias *bool `location:"header" locationName:"x-amz-access-point-alias" type:"boolean"` + + // The name of the location where the bucket will be created. + // + // For directory buckets, the AZ ID of the Availability Zone where the bucket + // is created. An example AZ ID value is usw2-az1. + // + // This functionality is only supported by directory buckets. + BucketLocationName *string `location:"header" locationName:"x-amz-bucket-location-name" type:"string"` + + // The type of location where the bucket is created. + // + // This functionality is only supported by directory buckets. + BucketLocationType *string `location:"header" locationName:"x-amz-bucket-location-type" type:"string" enum:"LocationType"` + + // The Region that the bucket is located. + // + // This functionality is not supported for directory buckets. + BucketRegion *string `location:"header" locationName:"x-amz-bucket-region" type:"string"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s HeadBucketOutput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s HeadBucketOutput) GoString() string { return s.String() } +// SetAccessPointAlias sets the AccessPointAlias field's value. +func (s *HeadBucketOutput) SetAccessPointAlias(v bool) *HeadBucketOutput { + s.AccessPointAlias = &v + return s +} + +// SetBucketLocationName sets the BucketLocationName field's value. +func (s *HeadBucketOutput) SetBucketLocationName(v string) *HeadBucketOutput { + s.BucketLocationName = &v + return s +} + +// SetBucketLocationType sets the BucketLocationType field's value. +func (s *HeadBucketOutput) SetBucketLocationType(v string) *HeadBucketOutput { + s.BucketLocationType = &v + return s +} + +// SetBucketRegion sets the BucketRegion field's value. +func (s *HeadBucketOutput) SetBucketRegion(v string) *HeadBucketOutput { + s.BucketRegion = &v + return s +} + type HeadObjectInput struct { _ struct{} `locationName:"HeadObjectRequest" type:"structure"` - // The name of the bucket containing the object. - // - // When using this API with an access point, you must direct requests to the - // access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. - // When using this operation with an access point through the AWS SDKs, you - // provide the access point ARN in place of the bucket name. For more information - // about access point ARNs, see Using Access Points (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-access-points.html) - // in the Amazon Simple Storage Service Developer Guide. - // - // When using this API with Amazon S3 on Outposts, you must direct requests - // to the S3 on Outposts hostname. The S3 on Outposts hostname takes the form - // AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com. When - // using this operation using S3 on Outposts through the AWS SDKs, you provide - // the Outposts bucket ARN in place of the bucket name. For more information - // about S3 on Outposts ARNs, see Using S3 on Outposts (https://docs.aws.amazon.com/AmazonS3/latest/dev/S3onOutposts.html) - // in the Amazon Simple Storage Service Developer Guide. + // The name of the bucket that contains the object. + // + // Directory buckets - When you use this operation with a directory bucket, + // you must use virtual-hosted-style requests in the format Bucket_name.s3express-az_id.region.amazonaws.com. + // Path-style requests are not supported. Directory bucket names must be unique + // in the chosen Availability Zone. Bucket names must follow the format bucket_base_name--az-id--x-s3 + // (for example, DOC-EXAMPLE-BUCKET--usw2-az1--x-s3). For information about + // bucket naming restrictions, see Directory bucket naming rules (https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-bucket-naming-rules.html) + // in the Amazon S3 User Guide. + // + // Access points - When you use this action with an access point, you must provide + // the alias of the access point in place of the bucket name or specify the + // access point ARN. When using the access point ARN, you must direct requests + // to the access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. + // When using this action with an access point through the Amazon Web Services + // SDKs, you provide the access point ARN in place of the bucket name. For more + // information about access point ARNs, see Using access points (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html) + // in the Amazon S3 User Guide. + // + // Access points and Object Lambda access points are not supported by directory + // buckets. + // + // S3 on Outposts - When you use this action with Amazon S3 on Outposts, you + // must direct requests to the S3 on Outposts hostname. The S3 on Outposts hostname + // takes the form AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com. + // When you use this action with S3 on Outposts through the Amazon Web Services + // SDKs, you provide the Outposts access point ARN in place of the bucket name. + // For more information about S3 on Outposts ARNs, see What is S3 on Outposts? + // (https://docs.aws.amazon.com/AmazonS3/latest/userguide/S3onOutposts.html) + // in the Amazon S3 User Guide. // // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // The account id of the expected bucket owner. If the bucket is owned by a - // different account, the request will fail with an HTTP 403 (Access Denied) - // error. + // To retrieve the checksum, this parameter must be enabled. + // + // In addition, if you enable ChecksumMode and the object is encrypted with + // Amazon Web Services Key Management Service (Amazon Web Services KMS), you + // must have permission to use the kms:Decrypt action for the request to succeed. + ChecksumMode *string `location:"header" locationName:"x-amz-checksum-mode" type:"string" enum:"ChecksumMode"` + + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` - // Return the object only if its entity tag (ETag) is the same as the one specified, - // otherwise return a 412 (precondition failed). + // Return the object only if its entity tag (ETag) is the same as the one specified; + // otherwise, return a 412 (precondition failed) error. + // + // If both of the If-Match and If-Unmodified-Since headers are present in the + // request as follows: + // + // * If-Match condition evaluates to true, and; + // + // * If-Unmodified-Since condition evaluates to false; + // + // Then Amazon S3 returns 200 OK and the data requested. + // + // For more information about conditional requests, see RFC 7232 (https://tools.ietf.org/html/rfc7232). IfMatch *string `location:"header" locationName:"If-Match" type:"string"` - // Return the object only if it has been modified since the specified time, - // otherwise return a 304 (not modified). + // Return the object only if it has been modified since the specified time; + // otherwise, return a 304 (not modified) error. + // + // If both of the If-None-Match and If-Modified-Since headers are present in + // the request as follows: + // + // * If-None-Match condition evaluates to false, and; + // + // * If-Modified-Since condition evaluates to true; + // + // Then Amazon S3 returns the 304 Not Modified response code. + // + // For more information about conditional requests, see RFC 7232 (https://tools.ietf.org/html/rfc7232). IfModifiedSince *time.Time `location:"header" locationName:"If-Modified-Since" type:"timestamp"` // Return the object only if its entity tag (ETag) is different from the one - // specified, otherwise return a 304 (not modified). + // specified; otherwise, return a 304 (not modified) error. + // + // If both of the If-None-Match and If-Modified-Since headers are present in + // the request as follows: + // + // * If-None-Match condition evaluates to false, and; + // + // * If-Modified-Since condition evaluates to true; + // + // Then Amazon S3 returns the 304 Not Modified response code. + // + // For more information about conditional requests, see RFC 7232 (https://tools.ietf.org/html/rfc7232). IfNoneMatch *string `location:"header" locationName:"If-None-Match" type:"string"` - // Return the object only if it has not been modified since the specified time, - // otherwise return a 412 (precondition failed). + // Return the object only if it has not been modified since the specified time; + // otherwise, return a 412 (precondition failed) error. + // + // If both of the If-Match and If-Unmodified-Since headers are present in the + // request as follows: + // + // * If-Match condition evaluates to true, and; + // + // * If-Unmodified-Since condition evaluates to false; + // + // Then Amazon S3 returns 200 OK and the data requested. + // + // For more information about conditional requests, see RFC 7232 (https://tools.ietf.org/html/rfc7232). IfUnmodifiedSince *time.Time `location:"header" locationName:"If-Unmodified-Since" type:"timestamp"` // The object key. @@ -21314,22 +26451,25 @@ type HeadObjectInput struct { // object. PartNumber *int64 `location:"querystring" locationName:"partNumber" type:"integer"` - // Downloads the specified range bytes of an object. For more information about - // the HTTP Range header, see http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.35 - // (http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.35). - // - // Amazon S3 doesn't support retrieving multiple ranges of data per GET request. + // HeadObject returns only the metadata for an object. If the Range is satisfiable, + // only the ContentLength is affected in the response. If the Range is not satisfiable, + // S3 returns a 416 - Requested Range Not Satisfiable error. Range *string `location:"header" locationName:"Range" type:"string"` // Confirms that the requester knows that they will be charged for the request. - // Bucket owners need not specify this parameter in their requests. For information - // about downloading objects from requester pays buckets, see Downloading Objects - // in Requestor Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) - // in the Amazon S3 Developer Guide. + // Bucket owners need not specify this parameter in their requests. If either + // the source or destination S3 bucket has Requester Pays enabled, the requester + // will pay for corresponding charges to copy the object. For information about + // downloading objects from Requester Pays buckets, see Downloading Objects + // in Requester Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) + // in the Amazon S3 User Guide. + // + // This functionality is not supported for directory buckets. RequestPayer *string `location:"header" locationName:"x-amz-request-payer" type:"string" enum:"RequestPayer"` - // Specifies the algorithm to use to when encrypting the object (for example, - // AES256). + // Specifies the algorithm to use when encrypting the object (for example, AES256). + // + // This functionality is not supported for directory buckets. SSECustomerAlgorithm *string `location:"header" locationName:"x-amz-server-side-encryption-customer-algorithm" type:"string"` // Specifies the customer-provided encryption key for Amazon S3 to use in encrypting @@ -21337,23 +26477,42 @@ type HeadObjectInput struct { // S3 does not store the encryption key. The key must be appropriate for use // with the algorithm specified in the x-amz-server-side-encryption-customer-algorithm // header. + // + // This functionality is not supported for directory buckets. + // + // SSECustomerKey is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by HeadObjectInput's + // String and GoString methods. SSECustomerKey *string `marshal-as:"blob" location:"header" locationName:"x-amz-server-side-encryption-customer-key" type:"string" sensitive:"true"` // Specifies the 128-bit MD5 digest of the encryption key according to RFC 1321. // Amazon S3 uses this header for a message integrity check to ensure that the // encryption key was transmitted without error. + // + // This functionality is not supported for directory buckets. SSECustomerKeyMD5 *string `location:"header" locationName:"x-amz-server-side-encryption-customer-key-MD5" type:"string"` - // VersionId used to reference a specific version of the object. + // Version ID used to reference a specific version of the object. + // + // For directory buckets in this API operation, only the null value of the version + // ID is supported. VersionId *string `location:"querystring" locationName:"versionId" type:"string"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s HeadObjectInput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s HeadObjectInput) GoString() string { return s.String() } @@ -21393,6 +26552,12 @@ func (s *HeadObjectInput) getBucket() (v string) { return *s.Bucket } +// SetChecksumMode sets the ChecksumMode field's value. +func (s *HeadObjectInput) SetChecksumMode(v string) *HeadObjectInput { + s.ChecksumMode = &v + return s +} + // SetExpectedBucketOwner sets the ExpectedBucketOwner field's value. func (s *HeadObjectInput) SetExpectedBucketOwner(v string) *HeadObjectInput { s.ExpectedBucketOwner = &v @@ -21512,19 +26677,63 @@ type HeadObjectOutput struct { AcceptRanges *string `location:"header" locationName:"accept-ranges" type:"string"` // The archive state of the head object. + // + // This functionality is not supported for directory buckets. ArchiveStatus *string `location:"header" locationName:"x-amz-archive-status" type:"string" enum:"ArchiveStatus"` // Indicates whether the object uses an S3 Bucket Key for server-side encryption - // with AWS KMS (SSE-KMS). + // with Key Management Service (KMS) keys (SSE-KMS). + // + // This functionality is not supported for directory buckets. BucketKeyEnabled *bool `location:"header" locationName:"x-amz-server-side-encryption-bucket-key-enabled" type:"boolean"` // Specifies caching behavior along the request/reply chain. CacheControl *string `location:"header" locationName:"Cache-Control" type:"string"` + // The base64-encoded, 32-bit CRC32 checksum of the object. This will only be + // present if it was uploaded with the object. When you use an API operation + // on an object that was uploaded using multipart uploads, this value may not + // be a direct checksum value of the full object. Instead, it's a calculation + // based on the checksum values of each individual part. For more information + // about how checksums are calculated with multipart uploads, see Checking object + // integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) + // in the Amazon S3 User Guide. + ChecksumCRC32 *string `location:"header" locationName:"x-amz-checksum-crc32" type:"string"` + + // The base64-encoded, 32-bit CRC32C checksum of the object. This will only + // be present if it was uploaded with the object. When you use an API operation + // on an object that was uploaded using multipart uploads, this value may not + // be a direct checksum value of the full object. Instead, it's a calculation + // based on the checksum values of each individual part. For more information + // about how checksums are calculated with multipart uploads, see Checking object + // integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) + // in the Amazon S3 User Guide. + ChecksumCRC32C *string `location:"header" locationName:"x-amz-checksum-crc32c" type:"string"` + + // The base64-encoded, 160-bit SHA-1 digest of the object. This will only be + // present if it was uploaded with the object. When you use the API operation + // on an object that was uploaded using multipart uploads, this value may not + // be a direct checksum value of the full object. Instead, it's a calculation + // based on the checksum values of each individual part. For more information + // about how checksums are calculated with multipart uploads, see Checking object + // integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) + // in the Amazon S3 User Guide. + ChecksumSHA1 *string `location:"header" locationName:"x-amz-checksum-sha1" type:"string"` + + // The base64-encoded, 256-bit SHA-256 digest of the object. This will only + // be present if it was uploaded with the object. When you use an API operation + // on an object that was uploaded using multipart uploads, this value may not + // be a direct checksum value of the full object. Instead, it's a calculation + // based on the checksum values of each individual part. For more information + // about how checksums are calculated with multipart uploads, see Checking object + // integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) + // in the Amazon S3 User Guide. + ChecksumSHA256 *string `location:"header" locationName:"x-amz-checksum-sha256" type:"string"` + // Specifies presentational information for the object. ContentDisposition *string `location:"header" locationName:"Content-Disposition" type:"string"` - // Specifies what content encodings have been applied to the object and thus + // Indicates what content encodings have been applied to the object and thus // what decoding mechanisms must be applied to obtain the media-type referenced // by the Content-Type header field. ContentEncoding *string `location:"header" locationName:"Content-Encoding" type:"string"` @@ -21540,22 +26749,27 @@ type HeadObjectOutput struct { // Specifies whether the object retrieved was (true) or was not (false) a Delete // Marker. If false, this response header does not appear in the response. + // + // This functionality is not supported for directory buckets. DeleteMarker *bool `location:"header" locationName:"x-amz-delete-marker" type:"boolean"` - // An ETag is an opaque identifier assigned by a web server to a specific version - // of a resource found at a URL. + // An entity tag (ETag) is an opaque identifier assigned by a web server to + // a specific version of a resource found at a URL. ETag *string `location:"header" locationName:"ETag" type:"string"` - // If the object expiration is configured (see PUT Bucket lifecycle), the response - // includes this header. It includes the expiry-date and rule-id key-value pairs - // providing object expiration information. The value of the rule-id is URL - // encoded. + // If the object expiration is configured (see PutBucketLifecycleConfiguration + // (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketLifecycleConfiguration.html)), + // the response includes this header. It includes the expiry-date and rule-id + // key-value pairs providing object expiration information. The value of the + // rule-id is URL-encoded. + // + // This functionality is not supported for directory buckets. Expiration *string `location:"header" locationName:"x-amz-expiration" type:"string"` // The date and time at which the object is no longer cacheable. Expires *string `location:"header" locationName:"Expires" type:"string"` - // Last modified date of the object + // Date and time when the object was last modified. LastModified *time.Time `location:"header" locationName:"Last-Modified" type:"timestamp"` // A map of metadata to store with the object in S3. @@ -21569,6 +26783,8 @@ type HeadObjectOutput struct { // headers. This can happen if you create metadata using an API like SOAP that // supports more flexible metadata than the REST API. For example, using SOAP, // you can create metadata whose values are not legal HTTP headers. + // + // This functionality is not supported for directory buckets. MissingMeta *int64 `location:"header" locationName:"x-amz-missing-meta" type:"integer"` // Specifies whether a legal hold is in effect for this object. This header @@ -21576,18 +26792,25 @@ type HeadObjectOutput struct { // This header is not returned if the specified version of this object has never // had a legal hold applied. For more information about S3 Object Lock, see // Object Lock (https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock.html). + // + // This functionality is not supported for directory buckets. ObjectLockLegalHoldStatus *string `location:"header" locationName:"x-amz-object-lock-legal-hold" type:"string" enum:"ObjectLockLegalHoldStatus"` // The Object Lock mode, if any, that's in effect for this object. This header // is only returned if the requester has the s3:GetObjectRetention permission. // For more information about S3 Object Lock, see Object Lock (https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock.html). + // + // This functionality is not supported for directory buckets. ObjectLockMode *string `location:"header" locationName:"x-amz-object-lock-mode" type:"string" enum:"ObjectLockMode"` // The date and time when the Object Lock retention period expires. This header // is only returned if the requester has the s3:GetObjectRetention permission. + // + // This functionality is not supported for directory buckets. ObjectLockRetainUntilDate *time.Time `location:"header" locationName:"x-amz-object-lock-retain-until-date" type:"timestamp" timestampFormat:"iso8601"` - // The count of parts this object has. + // The count of parts this object has. This value is only returned if you specify + // partNumber in your request and the object was uploaded as a multipart upload. PartsCount *int64 `location:"header" locationName:"x-amz-mp-parts-count" type:"integer"` // Amazon S3 can return this header if your request involves a bucket that is @@ -21599,7 +26822,7 @@ type HeadObjectOutput struct { // these buckets, Amazon S3 will return the x-amz-replication-status header // in the response as follows: // - // * If requesting an object from the source bucket — Amazon S3 will return + // * If requesting an object from the source bucket, Amazon S3 will return // the x-amz-replication-status header if the object in your request is eligible // for replication. For example, suppose that in your replication configuration, // you specify object prefix TaxDocs requesting Amazon S3 to replicate objects @@ -21609,12 +26832,12 @@ type HeadObjectOutput struct { // header with value PENDING, COMPLETED or FAILED indicating object replication // status. // - // * If requesting an object from a destination bucket — Amazon S3 will - // return the x-amz-replication-status header with value REPLICA if the object - // in your request is a replica that Amazon S3 created and there is no replica + // * If requesting an object from a destination bucket, Amazon S3 will return + // the x-amz-replication-status header with value REPLICA if the object in + // your request is a replica that Amazon S3 created and there is no replica // modification replication in progress. // - // * When replicating objects to multiple destination buckets the x-amz-replication-status + // * When replicating objects to multiple destination buckets, the x-amz-replication-status // header acts differently. The header of the source object will only return // a value of COMPLETED when replication is successful to all destinations. // The header will remain at value PENDING until replication has completed @@ -21622,10 +26845,14 @@ type HeadObjectOutput struct { // header will return FAILED. // // For more information, see Replication (https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html). + // + // This functionality is not supported for directory buckets. ReplicationStatus *string `location:"header" locationName:"x-amz-replication-status" type:"string" enum:"ReplicationStatus"` // If present, indicates that the requester was successfully charged for the // request. + // + // This functionality is not supported for directory buckets. RequestCharged *string `location:"header" locationName:"x-amz-request-charged" type:"string" enum:"RequestCharged"` // If the object is an archived object (an object whose storage class is GLACIER), @@ -21636,57 +26863,85 @@ type HeadObjectOutput struct { // If an archive copy is already restored, the header value indicates when Amazon // S3 is scheduled to delete the object copy. For example: // - // x-amz-restore: ongoing-request="false", expiry-date="Fri, 23 Dec 2012 00:00:00 + // x-amz-restore: ongoing-request="false", expiry-date="Fri, 21 Dec 2012 00:00:00 // GMT" // // If the object restoration is in progress, the header returns the value ongoing-request="true". // // For more information about archiving objects, see Transitioning Objects: // General Considerations (https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lifecycle-mgmt.html#lifecycle-transition-general-considerations). + // + // This functionality is not supported for directory buckets. Only the S3 Express + // One Zone storage class is supported by directory buckets to store objects. Restore *string `location:"header" locationName:"x-amz-restore" type:"string"` // If server-side encryption with a customer-provided encryption key was requested, - // the response will include this header confirming the encryption algorithm - // used. + // the response will include this header to confirm the encryption algorithm + // that's used. + // + // This functionality is not supported for directory buckets. SSECustomerAlgorithm *string `location:"header" locationName:"x-amz-server-side-encryption-customer-algorithm" type:"string"` // If server-side encryption with a customer-provided encryption key was requested, - // the response will include this header to provide round-trip message integrity + // the response will include this header to provide the round-trip message integrity // verification of the customer-provided encryption key. + // + // This functionality is not supported for directory buckets. SSECustomerKeyMD5 *string `location:"header" locationName:"x-amz-server-side-encryption-customer-key-MD5" type:"string"` - // If present, specifies the ID of the AWS Key Management Service (AWS KMS) - // symmetric customer managed customer master key (CMK) that was used for the - // object. + // If present, indicates the ID of the Key Management Service (KMS) symmetric + // encryption customer managed key that was used for the object. + // + // This functionality is not supported for directory buckets. + // + // SSEKMSKeyId is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by HeadObjectOutput's + // String and GoString methods. SSEKMSKeyId *string `location:"header" locationName:"x-amz-server-side-encryption-aws-kms-key-id" type:"string" sensitive:"true"` - // If the object is stored using server-side encryption either with an AWS KMS - // customer master key (CMK) or an Amazon S3-managed encryption key, the response - // includes this header with the value of the server-side encryption algorithm - // used when storing this object in Amazon S3 (for example, AES256, aws:kms). + // The server-side encryption algorithm used when you store this object in Amazon + // S3 (for example, AES256, aws:kms, aws:kms:dsse). + // + // For directory buckets, only server-side encryption with Amazon S3 managed + // keys (SSE-S3) (AES256) is supported. ServerSideEncryption *string `location:"header" locationName:"x-amz-server-side-encryption" type:"string" enum:"ServerSideEncryption"` // Provides storage class information of the object. Amazon S3 returns this // header for all objects except for S3 Standard storage class objects. // // For more information, see Storage Classes (https://docs.aws.amazon.com/AmazonS3/latest/dev/storage-class-intro.html). + // + // Directory buckets - Only the S3 Express One Zone storage class is supported + // by directory buckets to store objects. StorageClass *string `location:"header" locationName:"x-amz-storage-class" type:"string" enum:"StorageClass"` - // Version of the object. + // Version ID of the object. + // + // This functionality is not supported for directory buckets. VersionId *string `location:"header" locationName:"x-amz-version-id" type:"string"` // If the bucket is configured as a website, redirects requests for this object // to another object in the same bucket or to an external URL. Amazon S3 stores // the value of this header in the object metadata. + // + // This functionality is not supported for directory buckets. WebsiteRedirectLocation *string `location:"header" locationName:"x-amz-website-redirect-location" type:"string"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s HeadObjectOutput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s HeadObjectOutput) GoString() string { return s.String() } @@ -21715,6 +26970,30 @@ func (s *HeadObjectOutput) SetCacheControl(v string) *HeadObjectOutput { return s } +// SetChecksumCRC32 sets the ChecksumCRC32 field's value. +func (s *HeadObjectOutput) SetChecksumCRC32(v string) *HeadObjectOutput { + s.ChecksumCRC32 = &v + return s +} + +// SetChecksumCRC32C sets the ChecksumCRC32C field's value. +func (s *HeadObjectOutput) SetChecksumCRC32C(v string) *HeadObjectOutput { + s.ChecksumCRC32C = &v + return s +} + +// SetChecksumSHA1 sets the ChecksumSHA1 field's value. +func (s *HeadObjectOutput) SetChecksumSHA1(v string) *HeadObjectOutput { + s.ChecksumSHA1 = &v + return s +} + +// SetChecksumSHA256 sets the ChecksumSHA256 field's value. +func (s *HeadObjectOutput) SetChecksumSHA256(v string) *HeadObjectOutput { + s.ChecksumSHA256 = &v + return s +} + // SetContentDisposition sets the ContentDisposition field's value. func (s *HeadObjectOutput) SetContentDisposition(v string) *HeadObjectOutput { s.ContentDisposition = &v @@ -21881,16 +27160,28 @@ type IndexDocument struct { // with the key name images/index.html) The suffix must not be empty and must // not include a slash character. // + // Replacement must be made for object keys containing special characters (such + // as carriage returns) when using XML requests. For more information, see XML + // related object key constraints (https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html#object-key-xml-related-constraints). + // // Suffix is a required field Suffix *string `type:"string" required:"true"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s IndexDocument) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s IndexDocument) GoString() string { return s.String() } @@ -21919,19 +27210,33 @@ type Initiator struct { _ struct{} `type:"structure"` // Name of the Principal. + // + // This functionality is not supported for directory buckets. DisplayName *string `type:"string"` - // If the principal is an AWS account, it provides the Canonical User ID. If - // the principal is an IAM User, it provides a user ARN value. + // If the principal is an Amazon Web Services account, it provides the Canonical + // User ID. If the principal is an IAM User, it provides a user ARN value. + // + // Directory buckets - If the principal is an Amazon Web Services account, it + // provides the Amazon Web Services account ID. If the principal is an IAM User, + // it provides a user ARN value. ID *string `type:"string"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s Initiator) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s Initiator) GoString() string { return s.String() } @@ -21966,12 +27271,20 @@ type InputSerialization struct { Parquet *ParquetInput `type:"structure"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s InputSerialization) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s InputSerialization) GoString() string { return s.String() } @@ -22014,12 +27327,20 @@ type IntelligentTieringAndOperator struct { Tags []*Tag `locationName:"Tag" locationNameList:"Tag" type:"list" flattened:"true"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s IntelligentTieringAndOperator) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s IntelligentTieringAndOperator) GoString() string { return s.String() } @@ -22084,12 +27405,20 @@ type IntelligentTieringConfiguration struct { Tierings []*Tiering `locationName:"Tiering" type:"list" flattened:"true" required:"true"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s IntelligentTieringConfiguration) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s IntelligentTieringConfiguration) GoString() string { return s.String() } @@ -22164,18 +27493,30 @@ type IntelligentTieringFilter struct { // An object key name prefix that identifies the subset of objects to which // the rule applies. + // + // Replacement must be made for object keys containing special characters (such + // as carriage returns) when using XML requests. For more information, see XML + // related object key constraints (https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html#object-key-xml-related-constraints). Prefix *string `type:"string"` // A container of a key value name pair. Tag *Tag `type:"structure"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s IntelligentTieringFilter) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s IntelligentTieringFilter) GoString() string { return s.String() } @@ -22220,7 +27561,7 @@ func (s *IntelligentTieringFilter) SetTag(v *Tag) *IntelligentTieringFilter { // Specifies the inventory configuration for an Amazon S3 bucket. For more information, // see GET Bucket inventory (https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketGETInventoryConfig.html) -// in the Amazon Simple Storage Service API Reference. +// in the Amazon S3 API Reference. type InventoryConfiguration struct { _ struct{} `type:"structure"` @@ -22253,7 +27594,7 @@ type InventoryConfiguration struct { IsEnabled *bool `type:"boolean" required:"true"` // Contains the optional fields that are included in the inventory results. - OptionalFields []*string `locationNameList:"Field" type:"list"` + OptionalFields []*string `locationNameList:"Field" type:"list" enum:"InventoryOptionalField"` // Specifies the schedule for generating inventory results. // @@ -22261,12 +27602,20 @@ type InventoryConfiguration struct { Schedule *InventorySchedule `type:"structure" required:"true"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s InventoryConfiguration) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s InventoryConfiguration) GoString() string { return s.String() } @@ -22364,12 +27713,20 @@ type InventoryDestination struct { S3BucketDestination *InventoryS3BucketDestination `type:"structure" required:"true"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s InventoryDestination) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s InventoryDestination) GoString() string { return s.String() } @@ -22410,12 +27767,20 @@ type InventoryEncryption struct { SSES3 *SSES3 `locationName:"SSE-S3" type:"structure"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s InventoryEncryption) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s InventoryEncryption) GoString() string { return s.String() } @@ -22458,12 +27823,20 @@ type InventoryFilter struct { Prefix *string `type:"string" required:"true"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s InventoryFilter) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s InventoryFilter) GoString() string { return s.String() } @@ -22518,12 +27891,20 @@ type InventoryS3BucketDestination struct { Prefix *string `type:"string"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s InventoryS3BucketDestination) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s InventoryS3BucketDestination) GoString() string { return s.String() } @@ -22596,12 +27977,20 @@ type InventorySchedule struct { Frequency *string `type:"string" required:"true" enum:"InventoryFrequency"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s InventorySchedule) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s InventorySchedule) GoString() string { return s.String() } @@ -22633,12 +28022,20 @@ type JSONInput struct { Type *string `type:"string" enum:"JSONType"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s JSONInput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s JSONInput) GoString() string { return s.String() } @@ -22658,12 +28055,20 @@ type JSONOutput struct { RecordDelimiter *string `type:"string"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s JSONOutput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s JSONOutput) GoString() string { return s.String() } @@ -22683,12 +28088,20 @@ type KeyFilter struct { FilterRules []*FilterRule `locationName:"FilterRule" type:"list" flattened:"true"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s KeyFilter) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s KeyFilter) GoString() string { return s.String() } @@ -22699,39 +28112,48 @@ func (s *KeyFilter) SetFilterRules(v []*FilterRule) *KeyFilter { return s } -// A container for specifying the configuration for AWS Lambda notifications. +// A container for specifying the configuration for Lambda notifications. type LambdaFunctionConfiguration struct { _ struct{} `type:"structure"` - // The Amazon S3 bucket event for which to invoke the AWS Lambda function. For - // more information, see Supported Event Types (https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html) - // in the Amazon Simple Storage Service Developer Guide. + // The Amazon S3 bucket event for which to invoke the Lambda function. For more + // information, see Supported Event Types (https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html) + // in the Amazon S3 User Guide. // // Events is a required field - Events []*string `locationName:"Event" type:"list" flattened:"true" required:"true"` + Events []*string `locationName:"Event" type:"list" flattened:"true" required:"true" enum:"Event"` // Specifies object key name filtering rules. For information about key name - // filtering, see Configuring Event Notifications (https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html) - // in the Amazon Simple Storage Service Developer Guide. + // filtering, see Configuring event notifications using object key name filtering + // (https://docs.aws.amazon.com/AmazonS3/latest/userguide/notification-how-to-filtering.html) + // in the Amazon S3 User Guide. Filter *NotificationConfigurationFilter `type:"structure"` // An optional unique identifier for configurations in a notification configuration. // If you don't provide one, Amazon S3 will assign an ID. Id *string `type:"string"` - // The Amazon Resource Name (ARN) of the AWS Lambda function that Amazon S3 - // invokes when the specified event type occurs. + // The Amazon Resource Name (ARN) of the Lambda function that Amazon S3 invokes + // when the specified event type occurs. // // LambdaFunctionArn is a required field LambdaFunctionArn *string `locationName:"CloudFunction" type:"string" required:"true"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s LambdaFunctionConfiguration) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s LambdaFunctionConfiguration) GoString() string { return s.String() } @@ -22777,6 +28199,9 @@ func (s *LambdaFunctionConfiguration) SetLambdaFunctionArn(v string) *LambdaFunc } // Container for lifecycle rules. You can add as many as 1000 rules. +// +// For more information see, Managing your storage lifecycle (https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-lifecycle-mgmt.html) +// in the Amazon S3 User Guide. type LifecycleConfiguration struct { _ struct{} `type:"structure"` @@ -22786,12 +28211,20 @@ type LifecycleConfiguration struct { Rules []*Rule `locationName:"Rule" type:"list" flattened:"true" required:"true"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s LifecycleConfiguration) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s LifecycleConfiguration) GoString() string { return s.String() } @@ -22826,11 +28259,14 @@ func (s *LifecycleConfiguration) SetRules(v []*Rule) *LifecycleConfiguration { } // Container for the expiration for the lifecycle of the object. +// +// For more information see, Managing your storage lifecycle (https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-lifecycle-mgmt.html) +// in the Amazon S3 User Guide. type LifecycleExpiration struct { _ struct{} `type:"structure"` - // Indicates at what date the object is to be moved or deleted. Should be in - // GMT ISO 8601 Format. + // Indicates at what date the object is to be moved or deleted. The date value + // must conform to the ISO 8601 format. The time is always midnight UTC. Date *time.Time `type:"timestamp" timestampFormat:"iso8601"` // Indicates the lifetime, in days, of the objects that are subject to the rule. @@ -22844,12 +28280,20 @@ type LifecycleExpiration struct { ExpiredObjectDeleteMarker *bool `type:"boolean"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s LifecycleExpiration) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s LifecycleExpiration) GoString() string { return s.String() } @@ -22873,14 +28317,17 @@ func (s *LifecycleExpiration) SetExpiredObjectDeleteMarker(v bool) *LifecycleExp } // A lifecycle rule for individual objects in an Amazon S3 bucket. +// +// For more information see, Managing your storage lifecycle (https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-lifecycle-mgmt.html) +// in the Amazon S3 User Guide. type LifecycleRule struct { _ struct{} `type:"structure"` // Specifies the days since the initiation of an incomplete multipart upload // that Amazon S3 will wait before permanently removing all parts of the upload. // For more information, see Aborting Incomplete Multipart Uploads Using a Bucket - // Lifecycle Policy (https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuoverview.html#mpu-abort-incomplete-mpu-lifecycle-config) - // in the Amazon Simple Storage Service Developer Guide. + // Lifecycle Configuration (https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuoverview.html#mpu-abort-incomplete-mpu-lifecycle-config) + // in the Amazon S3 User Guide. AbortIncompleteMultipartUpload *AbortIncompleteMultipartUpload `type:"structure"` // Specifies the expiration for the lifecycle of the object in the form of date, @@ -22888,7 +28335,8 @@ type LifecycleRule struct { Expiration *LifecycleExpiration `type:"structure"` // The Filter is used to identify objects that a Lifecycle Rule applies to. - // A Filter must have exactly one of Prefix, Tag, or And specified. + // A Filter must have exactly one of Prefix, Tag, or And specified. Filter is + // required if the LifecycleRule does not contain a Prefix element. Filter *LifecycleRuleFilter `type:"structure"` // Unique identifier for the rule. The value cannot be longer than 255 characters. @@ -22909,7 +28357,11 @@ type LifecycleRule struct { NoncurrentVersionTransitions []*NoncurrentVersionTransition `locationName:"NoncurrentVersionTransition" type:"list" flattened:"true"` // Prefix identifying one or more objects to which the rule applies. This is - // No longer used; use Filter instead. + // no longer used; use Filter instead. + // + // Replacement must be made for object keys containing special characters (such + // as carriage returns) when using XML requests. For more information, see XML + // related object key constraints (https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html#object-key-xml-related-constraints). // // Deprecated: Prefix has been deprecated Prefix *string `deprecated:"true" type:"string"` @@ -22924,12 +28376,20 @@ type LifecycleRule struct { Transitions []*Transition `locationName:"Transition" type:"list" flattened:"true"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s LifecycleRule) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s LifecycleRule) GoString() string { return s.String() } @@ -23012,6 +28472,12 @@ func (s *LifecycleRule) SetTransitions(v []*Transition) *LifecycleRule { type LifecycleRuleAndOperator struct { _ struct{} `type:"structure"` + // Minimum object size to which the rule applies. + ObjectSizeGreaterThan *int64 `type:"long"` + + // Maximum object size to which the rule applies. + ObjectSizeLessThan *int64 `type:"long"` + // Prefix identifying one or more objects to which the rule applies. Prefix *string `type:"string"` @@ -23020,12 +28486,20 @@ type LifecycleRuleAndOperator struct { Tags []*Tag `locationName:"Tag" locationNameList:"Tag" type:"list" flattened:"true"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s LifecycleRuleAndOperator) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s LifecycleRuleAndOperator) GoString() string { return s.String() } @@ -23050,6 +28524,18 @@ func (s *LifecycleRuleAndOperator) Validate() error { return nil } +// SetObjectSizeGreaterThan sets the ObjectSizeGreaterThan field's value. +func (s *LifecycleRuleAndOperator) SetObjectSizeGreaterThan(v int64) *LifecycleRuleAndOperator { + s.ObjectSizeGreaterThan = &v + return s +} + +// SetObjectSizeLessThan sets the ObjectSizeLessThan field's value. +func (s *LifecycleRuleAndOperator) SetObjectSizeLessThan(v int64) *LifecycleRuleAndOperator { + s.ObjectSizeLessThan = &v + return s +} + // SetPrefix sets the Prefix field's value. func (s *LifecycleRuleAndOperator) SetPrefix(v string) *LifecycleRuleAndOperator { s.Prefix = &v @@ -23063,7 +28549,9 @@ func (s *LifecycleRuleAndOperator) SetTags(v []*Tag) *LifecycleRuleAndOperator { } // The Filter is used to identify objects that a Lifecycle Rule applies to. -// A Filter must have exactly one of Prefix, Tag, or And specified. +// A Filter can have exactly one of Prefix, Tag, ObjectSizeGreaterThan, ObjectSizeLessThan, +// or And specified. If the Filter element is left empty, the Lifecycle Rule +// applies to all objects in the bucket. type LifecycleRuleFilter struct { _ struct{} `type:"structure"` @@ -23072,19 +28560,37 @@ type LifecycleRuleFilter struct { // of the predicates configured inside the And operator. And *LifecycleRuleAndOperator `type:"structure"` + // Minimum object size to which the rule applies. + ObjectSizeGreaterThan *int64 `type:"long"` + + // Maximum object size to which the rule applies. + ObjectSizeLessThan *int64 `type:"long"` + // Prefix identifying one or more objects to which the rule applies. + // + // Replacement must be made for object keys containing special characters (such + // as carriage returns) when using XML requests. For more information, see XML + // related object key constraints (https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html#object-key-xml-related-constraints). Prefix *string `type:"string"` // This tag must exist in the object's tag set in order for the rule to apply. Tag *Tag `type:"structure"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s LifecycleRuleFilter) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s LifecycleRuleFilter) GoString() string { return s.String() } @@ -23115,6 +28621,18 @@ func (s *LifecycleRuleFilter) SetAnd(v *LifecycleRuleAndOperator) *LifecycleRule return s } +// SetObjectSizeGreaterThan sets the ObjectSizeGreaterThan field's value. +func (s *LifecycleRuleFilter) SetObjectSizeGreaterThan(v int64) *LifecycleRuleFilter { + s.ObjectSizeGreaterThan = &v + return s +} + +// SetObjectSizeLessThan sets the ObjectSizeLessThan field's value. +func (s *LifecycleRuleFilter) SetObjectSizeLessThan(v int64) *LifecycleRuleFilter { + s.ObjectSizeLessThan = &v + return s +} + // SetPrefix sets the Prefix field's value. func (s *LifecycleRuleFilter) SetPrefix(v string) *LifecycleRuleFilter { s.Prefix = &v @@ -23139,18 +28657,26 @@ type ListBucketAnalyticsConfigurationsInput struct { // should begin. ContinuationToken *string `location:"querystring" locationName:"continuation-token" type:"string"` - // The account id of the expected bucket owner. If the bucket is owned by a - // different account, the request will fail with an HTTP 403 (Access Denied) - // error. + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s ListBucketAnalyticsConfigurationsInput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s ListBucketAnalyticsConfigurationsInput) GoString() string { return s.String() } @@ -23244,12 +28770,20 @@ type ListBucketAnalyticsConfigurationsOutput struct { NextContinuationToken *string `type:"string"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s ListBucketAnalyticsConfigurationsOutput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s ListBucketAnalyticsConfigurationsOutput) GoString() string { return s.String() } @@ -23292,12 +28826,20 @@ type ListBucketIntelligentTieringConfigurationsInput struct { ContinuationToken *string `location:"querystring" locationName:"continuation-token" type:"string"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s ListBucketIntelligentTieringConfigurationsInput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s ListBucketIntelligentTieringConfigurationsInput) GoString() string { return s.String() } @@ -23385,12 +28927,20 @@ type ListBucketIntelligentTieringConfigurationsOutput struct { NextContinuationToken *string `type:"string"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s ListBucketIntelligentTieringConfigurationsOutput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s ListBucketIntelligentTieringConfigurationsOutput) GoString() string { return s.String() } @@ -23433,18 +28983,26 @@ type ListBucketInventoryConfigurationsInput struct { // that Amazon S3 understands. ContinuationToken *string `location:"querystring" locationName:"continuation-token" type:"string"` - // The account id of the expected bucket owner. If the bucket is owned by a - // different account, the request will fail with an HTTP 403 (Access Denied) - // error. + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s ListBucketInventoryConfigurationsInput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s ListBucketInventoryConfigurationsInput) GoString() string { return s.String() } @@ -23538,12 +29096,20 @@ type ListBucketInventoryConfigurationsOutput struct { NextContinuationToken *string `type:"string"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s ListBucketInventoryConfigurationsOutput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s ListBucketInventoryConfigurationsOutput) GoString() string { return s.String() } @@ -23586,18 +29152,26 @@ type ListBucketMetricsConfigurationsInput struct { // value that Amazon S3 understands. ContinuationToken *string `location:"querystring" locationName:"continuation-token" type:"string"` - // The account id of the expected bucket owner. If the bucket is owned by a - // different account, the request will fail with an HTTP 403 (Access Denied) - // error. + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s ListBucketMetricsConfigurationsInput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s ListBucketMetricsConfigurationsInput) GoString() string { return s.String() } @@ -23692,12 +29266,20 @@ type ListBucketMetricsConfigurationsOutput struct { NextContinuationToken *string `type:"string"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s ListBucketMetricsConfigurationsOutput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s ListBucketMetricsConfigurationsOutput) GoString() string { return s.String() } @@ -23730,12 +29312,20 @@ type ListBucketsInput struct { _ struct{} `type:"structure"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s ListBucketsInput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s ListBucketsInput) GoString() string { return s.String() } @@ -23743,19 +29333,27 @@ func (s ListBucketsInput) GoString() string { type ListBucketsOutput struct { _ struct{} `type:"structure"` - // The list of buckets owned by the requestor. + // The list of buckets owned by the requester. Buckets []*Bucket `locationNameList:"Bucket" type:"list"` // The owner of the buckets listed. Owner *Owner `type:"structure"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s ListBucketsOutput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s ListBucketsOutput) GoString() string { return s.String() } @@ -23772,25 +29370,124 @@ func (s *ListBucketsOutput) SetOwner(v *Owner) *ListBucketsOutput { return s } +type ListDirectoryBucketsInput struct { + _ struct{} `locationName:"ListDirectoryBucketsRequest" type:"structure"` + + // ContinuationToken indicates to Amazon S3 that the list is being continued + // on this bucket with a token. ContinuationToken is obfuscated and is not a + // real key. You can use this ContinuationToken for pagination of the list results. + ContinuationToken *string `location:"querystring" locationName:"continuation-token" type:"string"` + + // Maximum number of buckets to be returned in response. When the number is + // more than the count of buckets that are owned by an Amazon Web Services account, + // return all the buckets in response. + MaxDirectoryBuckets *int64 `location:"querystring" locationName:"max-directory-buckets" type:"integer"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ListDirectoryBucketsInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ListDirectoryBucketsInput) GoString() string { + return s.String() +} + +// SetContinuationToken sets the ContinuationToken field's value. +func (s *ListDirectoryBucketsInput) SetContinuationToken(v string) *ListDirectoryBucketsInput { + s.ContinuationToken = &v + return s +} + +// SetMaxDirectoryBuckets sets the MaxDirectoryBuckets field's value. +func (s *ListDirectoryBucketsInput) SetMaxDirectoryBuckets(v int64) *ListDirectoryBucketsInput { + s.MaxDirectoryBuckets = &v + return s +} + +type ListDirectoryBucketsOutput struct { + _ struct{} `type:"structure"` + + // The list of buckets owned by the requester. + Buckets []*Bucket `locationNameList:"Bucket" type:"list"` + + // If ContinuationToken was sent with the request, it is included in the response. + // You can use the returned ContinuationToken for pagination of the list response. + ContinuationToken *string `type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ListDirectoryBucketsOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ListDirectoryBucketsOutput) GoString() string { + return s.String() +} + +// SetBuckets sets the Buckets field's value. +func (s *ListDirectoryBucketsOutput) SetBuckets(v []*Bucket) *ListDirectoryBucketsOutput { + s.Buckets = v + return s +} + +// SetContinuationToken sets the ContinuationToken field's value. +func (s *ListDirectoryBucketsOutput) SetContinuationToken(v string) *ListDirectoryBucketsOutput { + s.ContinuationToken = &v + return s +} + type ListMultipartUploadsInput struct { _ struct{} `locationName:"ListMultipartUploadsRequest" type:"structure"` // The name of the bucket to which the multipart upload was initiated. // - // When using this API with an access point, you must direct requests to the - // access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. - // When using this operation with an access point through the AWS SDKs, you - // provide the access point ARN in place of the bucket name. For more information - // about access point ARNs, see Using Access Points (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-access-points.html) - // in the Amazon Simple Storage Service Developer Guide. - // - // When using this API with Amazon S3 on Outposts, you must direct requests - // to the S3 on Outposts hostname. The S3 on Outposts hostname takes the form - // AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com. When - // using this operation using S3 on Outposts through the AWS SDKs, you provide - // the Outposts bucket ARN in place of the bucket name. For more information - // about S3 on Outposts ARNs, see Using S3 on Outposts (https://docs.aws.amazon.com/AmazonS3/latest/dev/S3onOutposts.html) - // in the Amazon Simple Storage Service Developer Guide. + // Directory buckets - When you use this operation with a directory bucket, + // you must use virtual-hosted-style requests in the format Bucket_name.s3express-az_id.region.amazonaws.com. + // Path-style requests are not supported. Directory bucket names must be unique + // in the chosen Availability Zone. Bucket names must follow the format bucket_base_name--az-id--x-s3 + // (for example, DOC-EXAMPLE-BUCKET--usw2-az1--x-s3). For information about + // bucket naming restrictions, see Directory bucket naming rules (https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-bucket-naming-rules.html) + // in the Amazon S3 User Guide. + // + // Access points - When you use this action with an access point, you must provide + // the alias of the access point in place of the bucket name or specify the + // access point ARN. When using the access point ARN, you must direct requests + // to the access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. + // When using this action with an access point through the Amazon Web Services + // SDKs, you provide the access point ARN in place of the bucket name. For more + // information about access point ARNs, see Using access points (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html) + // in the Amazon S3 User Guide. + // + // Access points and Object Lambda access points are not supported by directory + // buckets. + // + // S3 on Outposts - When you use this action with Amazon S3 on Outposts, you + // must direct requests to the S3 on Outposts hostname. The S3 on Outposts hostname + // takes the form AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com. + // When you use this action with S3 on Outposts through the Amazon Web Services + // SDKs, you provide the Outposts access point ARN in place of the bucket name. + // For more information about S3 on Outposts ARNs, see What is S3 on Outposts? + // (https://docs.aws.amazon.com/AmazonS3/latest/userguide/S3onOutposts.html) + // in the Amazon S3 User Guide. // // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` @@ -23803,30 +29500,40 @@ type ListMultipartUploadsInput struct { // parameter, then the substring starts at the beginning of the key. The keys // that are grouped under CommonPrefixes result element are not returned elsewhere // in the response. + // + // Directory buckets - For directory buckets, / is the only supported delimiter. Delimiter *string `location:"querystring" locationName:"delimiter" type:"string"` // Requests Amazon S3 to encode the object keys in the response and specifies - // the encoding method to use. An object key may contain any Unicode character; - // however, XML 1.0 parser cannot parse some characters, such as characters + // the encoding method to use. An object key can contain any Unicode character; + // however, the XML 1.0 parser cannot parse some characters, such as characters // with an ASCII value from 0 to 10. For characters that are not supported in // XML 1.0, you can add this parameter to request that Amazon S3 encode the // keys in the response. EncodingType *string `location:"querystring" locationName:"encoding-type" type:"string" enum:"EncodingType"` - // The account id of the expected bucket owner. If the bucket is owned by a - // different account, the request will fail with an HTTP 403 (Access Denied) - // error. + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` - // Together with upload-id-marker, this parameter specifies the multipart upload - // after which listing should begin. - // - // If upload-id-marker is not specified, only the keys lexicographically greater - // than the specified key-marker will be included in the list. - // - // If upload-id-marker is specified, any multipart uploads for a key equal to - // the key-marker might also be included, provided those multipart uploads have - // upload IDs lexicographically greater than the specified upload-id-marker. + // Specifies the multipart upload after which listing should begin. + // + // * General purpose buckets - For general purpose buckets, key-marker is + // an object key. Together with upload-id-marker, this parameter specifies + // the multipart upload after which listing should begin. If upload-id-marker + // is not specified, only the keys lexicographically greater than the specified + // key-marker will be included in the list. If upload-id-marker is specified, + // any multipart uploads for a key equal to the key-marker might also be + // included, provided those multipart uploads have upload IDs lexicographically + // greater than the specified upload-id-marker. + // + // * Directory buckets - For directory buckets, key-marker is obfuscated + // and isn't a real object key. The upload-id-marker parameter isn't supported + // by directory buckets. To list the additional multipart uploads, you only + // need to set the value of key-marker to the NextKeyMarker value from the + // previous response. In the ListMultipartUploads response, the multipart + // uploads aren't sorted lexicographically based on the object keys. KeyMarker *string `location:"querystring" locationName:"key-marker" type:"string"` // Sets the maximum number of multipart uploads, from 1 to 1,000, to return @@ -23836,24 +29543,48 @@ type ListMultipartUploadsInput struct { // Lists in-progress uploads only for those keys that begin with the specified // prefix. You can use prefixes to separate a bucket into different grouping - // of keys. (You can think of using prefix to make groups in the same way you'd - // use a folder in a file system.) + // of keys. (You can think of using prefix to make groups in the same way that + // you'd use a folder in a file system.) + // + // Directory buckets - For directory buckets, only prefixes that end in a delimiter + // (/) are supported. Prefix *string `location:"querystring" locationName:"prefix" type:"string"` + // Confirms that the requester knows that they will be charged for the request. + // Bucket owners need not specify this parameter in their requests. If either + // the source or destination S3 bucket has Requester Pays enabled, the requester + // will pay for corresponding charges to copy the object. For information about + // downloading objects from Requester Pays buckets, see Downloading Objects + // in Requester Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) + // in the Amazon S3 User Guide. + // + // This functionality is not supported for directory buckets. + RequestPayer *string `location:"header" locationName:"x-amz-request-payer" type:"string" enum:"RequestPayer"` + // Together with key-marker, specifies the multipart upload after which listing // should begin. If key-marker is not specified, the upload-id-marker parameter // is ignored. Otherwise, any multipart uploads for a key equal to the key-marker // might be included in the list only if they have an upload ID lexicographically // greater than the specified upload-id-marker. + // + // This functionality is not supported for directory buckets. UploadIdMarker *string `location:"querystring" locationName:"upload-id-marker" type:"string"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s ListMultipartUploadsInput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s ListMultipartUploadsInput) GoString() string { return s.String() } @@ -23923,6 +29654,12 @@ func (s *ListMultipartUploadsInput) SetPrefix(v string) *ListMultipartUploadsInp return s } +// SetRequestPayer sets the RequestPayer field's value. +func (s *ListMultipartUploadsInput) SetRequestPayer(v string) *ListMultipartUploadsInput { + s.RequestPayer = &v + return s +} + // SetUploadIdMarker sets the UploadIdMarker field's value. func (s *ListMultipartUploadsInput) SetUploadIdMarker(v string) *ListMultipartUploadsInput { s.UploadIdMarker = &v @@ -23959,23 +29696,29 @@ func (s ListMultipartUploadsInput) updateArnableField(v string) (interface{}, er type ListMultipartUploadsOutput struct { _ struct{} `type:"structure"` - // The name of the bucket to which the multipart upload was initiated. + // The name of the bucket to which the multipart upload was initiated. Does + // not return the access point ARN or access point alias if used. Bucket *string `type:"string"` // If you specify a delimiter in the request, then the result returns each distinct // key prefix containing the delimiter in a CommonPrefixes element. The distinct // key prefixes are returned in the Prefix child element. + // + // Directory buckets - For directory buckets, only prefixes that end in a delimiter + // (/) are supported. CommonPrefixes []*CommonPrefix `type:"list" flattened:"true"` // Contains the delimiter you specified in the request. If you don't specify // a delimiter in your request, this element is absent from the response. + // + // Directory buckets - For directory buckets, / is the only supported delimiter. Delimiter *string `type:"string"` // Encoding type used by Amazon S3 to encode object keys in the response. // - // If you specify encoding-type request parameter, Amazon S3 includes this element - // in the response, and returns encoded key name values in the following response - // elements: + // If you specify the encoding-type request parameter, Amazon S3 includes this + // element in the response, and returns encoded key name values in the following + // response elements: // // Delimiter, KeyMarker, Prefix, NextKeyMarker, Key. EncodingType *string `type:"string" enum:"EncodingType"` @@ -23999,13 +29742,30 @@ type ListMultipartUploadsOutput struct { // When a list is truncated, this element specifies the value that should be // used for the upload-id-marker request parameter in a subsequent request. + // + // This functionality is not supported for directory buckets. NextUploadIdMarker *string `type:"string"` // When a prefix is provided in the request, this field contains the specified // prefix. The result contains only keys starting with the specified prefix. + // + // Directory buckets - For directory buckets, only prefixes that end in a delimiter + // (/) are supported. Prefix *string `type:"string"` - // Upload ID after which listing began. + // If present, indicates that the requester was successfully charged for the + // request. + // + // This functionality is not supported for directory buckets. + RequestCharged *string `location:"header" locationName:"x-amz-request-charged" type:"string" enum:"RequestCharged"` + + // Together with key-marker, specifies the multipart upload after which listing + // should begin. If key-marker is not specified, the upload-id-marker parameter + // is ignored. Otherwise, any multipart uploads for a key equal to the key-marker + // might be included in the list only if they have an upload ID lexicographically + // greater than the specified upload-id-marker. + // + // This functionality is not supported for directory buckets. UploadIdMarker *string `type:"string"` // Container for elements related to a particular multipart upload. A response @@ -24013,12 +29773,20 @@ type ListMultipartUploadsOutput struct { Uploads []*MultipartUpload `locationName:"Upload" type:"list" flattened:"true"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s ListMultipartUploadsOutput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s ListMultipartUploadsOutput) GoString() string { return s.String() } @@ -24090,6 +29858,12 @@ func (s *ListMultipartUploadsOutput) SetPrefix(v string) *ListMultipartUploadsOu return s } +// SetRequestCharged sets the RequestCharged field's value. +func (s *ListMultipartUploadsOutput) SetRequestCharged(v string) *ListMultipartUploadsOutput { + s.RequestCharged = &v + return s +} + // SetUploadIdMarker sets the UploadIdMarker field's value. func (s *ListMultipartUploadsOutput) SetUploadIdMarker(v string) *ListMultipartUploadsOutput { s.UploadIdMarker = &v @@ -24118,46 +29892,69 @@ type ListObjectVersionsInput struct { Delimiter *string `location:"querystring" locationName:"delimiter" type:"string"` // Requests Amazon S3 to encode the object keys in the response and specifies - // the encoding method to use. An object key may contain any Unicode character; - // however, XML 1.0 parser cannot parse some characters, such as characters + // the encoding method to use. An object key can contain any Unicode character; + // however, the XML 1.0 parser cannot parse some characters, such as characters // with an ASCII value from 0 to 10. For characters that are not supported in // XML 1.0, you can add this parameter to request that Amazon S3 encode the // keys in the response. EncodingType *string `location:"querystring" locationName:"encoding-type" type:"string" enum:"EncodingType"` - // The account id of the expected bucket owner. If the bucket is owned by a - // different account, the request will fail with an HTTP 403 (Access Denied) - // error. + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` // Specifies the key to start with when listing objects in a bucket. KeyMarker *string `location:"querystring" locationName:"key-marker" type:"string"` - // Sets the maximum number of keys returned in the response. By default the - // API returns up to 1,000 key names. The response might contain fewer keys + // Sets the maximum number of keys returned in the response. By default, the + // action returns up to 1,000 key names. The response might contain fewer keys // but will never contain more. If additional keys satisfy the search criteria, // but were not returned because max-keys was exceeded, the response contains // true. To return the additional keys, see key-marker // and version-id-marker. MaxKeys *int64 `location:"querystring" locationName:"max-keys" type:"integer"` + // Specifies the optional fields that you want returned in the response. Fields + // that you do not specify are not returned. + OptionalObjectAttributes []*string `location:"header" locationName:"x-amz-optional-object-attributes" type:"list" enum:"OptionalObjectAttributes"` + // Use this parameter to select only those keys that begin with the specified // prefix. You can use prefixes to separate a bucket into different groupings - // of keys. (You can think of using prefix to make groups in the same way you'd - // use a folder in a file system.) You can use prefix with delimiter to roll - // up numerous objects into a single result under CommonPrefixes. + // of keys. (You can think of using prefix to make groups in the same way that + // you'd use a folder in a file system.) You can use prefix with delimiter to + // roll up numerous objects into a single result under CommonPrefixes. Prefix *string `location:"querystring" locationName:"prefix" type:"string"` + // Confirms that the requester knows that they will be charged for the request. + // Bucket owners need not specify this parameter in their requests. If either + // the source or destination S3 bucket has Requester Pays enabled, the requester + // will pay for corresponding charges to copy the object. For information about + // downloading objects from Requester Pays buckets, see Downloading Objects + // in Requester Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) + // in the Amazon S3 User Guide. + // + // This functionality is not supported for directory buckets. + RequestPayer *string `location:"header" locationName:"x-amz-request-payer" type:"string" enum:"RequestPayer"` + // Specifies the object version you want to start listing from. VersionIdMarker *string `location:"querystring" locationName:"version-id-marker" type:"string"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s ListObjectVersionsInput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s ListObjectVersionsInput) GoString() string { return s.String() } @@ -24221,12 +30018,24 @@ func (s *ListObjectVersionsInput) SetMaxKeys(v int64) *ListObjectVersionsInput { return s } +// SetOptionalObjectAttributes sets the OptionalObjectAttributes field's value. +func (s *ListObjectVersionsInput) SetOptionalObjectAttributes(v []*string) *ListObjectVersionsInput { + s.OptionalObjectAttributes = v + return s +} + // SetPrefix sets the Prefix field's value. func (s *ListObjectVersionsInput) SetPrefix(v string) *ListObjectVersionsInput { s.Prefix = &v return s } +// SetRequestPayer sets the RequestPayer field's value. +func (s *ListObjectVersionsInput) SetRequestPayer(v string) *ListObjectVersionsInput { + s.RequestPayer = &v + return s +} + // SetVersionIdMarker sets the VersionIdMarker field's value. func (s *ListObjectVersionsInput) SetVersionIdMarker(v string) *ListObjectVersionsInput { s.VersionIdMarker = &v @@ -24280,16 +30089,16 @@ type ListObjectVersionsOutput struct { // Encoding type used by Amazon S3 to encode object key names in the XML response. // - // If you specify encoding-type request parameter, Amazon S3 includes this element - // in the response, and returns encoded key name values in the following response - // elements: + // If you specify the encoding-type request parameter, Amazon S3 includes this + // element in the response, and returns encoded key name values in the following + // response elements: // // KeyMarker, NextKeyMarker, Prefix, Key, and Delimiter. EncodingType *string `type:"string" enum:"EncodingType"` // A flag that indicates whether Amazon S3 returned all of the results that // satisfied the search criteria. If your results were truncated, you can make - // a follow-up paginated request using the NextKeyMarker and NextVersionIdMarker + // a follow-up paginated request by using the NextKeyMarker and NextVersionIdMarker // response parameters as a starting place in another request to return the // rest of the results. IsTruncated *bool `type:"boolean"` @@ -24317,6 +30126,12 @@ type ListObjectVersionsOutput struct { // Selects objects that start with the value supplied by this parameter. Prefix *string `type:"string"` + // If present, indicates that the requester was successfully charged for the + // request. + // + // This functionality is not supported for directory buckets. + RequestCharged *string `location:"header" locationName:"x-amz-request-charged" type:"string" enum:"RequestCharged"` + // Marks the last version of the key returned in a truncated response. VersionIdMarker *string `type:"string"` @@ -24324,12 +30139,20 @@ type ListObjectVersionsOutput struct { Versions []*ObjectVersion `locationName:"Version" type:"list" flattened:"true"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s ListObjectVersionsOutput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s ListObjectVersionsOutput) GoString() string { return s.String() } @@ -24400,6 +30223,12 @@ func (s *ListObjectVersionsOutput) SetPrefix(v string) *ListObjectVersionsOutput return s } +// SetRequestCharged sets the RequestCharged field's value. +func (s *ListObjectVersionsOutput) SetRequestCharged(v string) *ListObjectVersionsOutput { + s.RequestCharged = &v + return s +} + // SetVersionIdMarker sets the VersionIdMarker field's value. func (s *ListObjectVersionsOutput) SetVersionIdMarker(v string) *ListObjectVersionsOutput { s.VersionIdMarker = &v @@ -24417,48 +30246,67 @@ type ListObjectsInput struct { // The name of the bucket containing the objects. // - // When using this API with an access point, you must direct requests to the - // access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. - // When using this operation with an access point through the AWS SDKs, you - // provide the access point ARN in place of the bucket name. For more information - // about access point ARNs, see Using Access Points (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-access-points.html) - // in the Amazon Simple Storage Service Developer Guide. - // - // When using this API with Amazon S3 on Outposts, you must direct requests - // to the S3 on Outposts hostname. The S3 on Outposts hostname takes the form - // AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com. When - // using this operation using S3 on Outposts through the AWS SDKs, you provide - // the Outposts bucket ARN in place of the bucket name. For more information - // about S3 on Outposts ARNs, see Using S3 on Outposts (https://docs.aws.amazon.com/AmazonS3/latest/dev/S3onOutposts.html) - // in the Amazon Simple Storage Service Developer Guide. + // Directory buckets - When you use this operation with a directory bucket, + // you must use virtual-hosted-style requests in the format Bucket_name.s3express-az_id.region.amazonaws.com. + // Path-style requests are not supported. Directory bucket names must be unique + // in the chosen Availability Zone. Bucket names must follow the format bucket_base_name--az-id--x-s3 + // (for example, DOC-EXAMPLE-BUCKET--usw2-az1--x-s3). For information about + // bucket naming restrictions, see Directory bucket naming rules (https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-bucket-naming-rules.html) + // in the Amazon S3 User Guide. + // + // Access points - When you use this action with an access point, you must provide + // the alias of the access point in place of the bucket name or specify the + // access point ARN. When using the access point ARN, you must direct requests + // to the access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. + // When using this action with an access point through the Amazon Web Services + // SDKs, you provide the access point ARN in place of the bucket name. For more + // information about access point ARNs, see Using access points (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html) + // in the Amazon S3 User Guide. + // + // Access points and Object Lambda access points are not supported by directory + // buckets. + // + // S3 on Outposts - When you use this action with Amazon S3 on Outposts, you + // must direct requests to the S3 on Outposts hostname. The S3 on Outposts hostname + // takes the form AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com. + // When you use this action with S3 on Outposts through the Amazon Web Services + // SDKs, you provide the Outposts access point ARN in place of the bucket name. + // For more information about S3 on Outposts ARNs, see What is S3 on Outposts? + // (https://docs.aws.amazon.com/AmazonS3/latest/userguide/S3onOutposts.html) + // in the Amazon S3 User Guide. // // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // A delimiter is a character you use to group keys. + // A delimiter is a character that you use to group keys. Delimiter *string `location:"querystring" locationName:"delimiter" type:"string"` // Requests Amazon S3 to encode the object keys in the response and specifies - // the encoding method to use. An object key may contain any Unicode character; - // however, XML 1.0 parser cannot parse some characters, such as characters + // the encoding method to use. An object key can contain any Unicode character; + // however, the XML 1.0 parser cannot parse some characters, such as characters // with an ASCII value from 0 to 10. For characters that are not supported in // XML 1.0, you can add this parameter to request that Amazon S3 encode the // keys in the response. EncodingType *string `location:"querystring" locationName:"encoding-type" type:"string" enum:"EncodingType"` - // The account id of the expected bucket owner. If the bucket is owned by a - // different account, the request will fail with an HTTP 403 (Access Denied) - // error. + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` - // Specifies the key to start with when listing objects in a bucket. + // Marker is where you want Amazon S3 to start listing from. Amazon S3 starts + // listing after this specified key. Marker can be any key in the bucket. Marker *string `location:"querystring" locationName:"marker" type:"string"` - // Sets the maximum number of keys returned in the response. By default the - // API returns up to 1,000 key names. The response might contain fewer keys + // Sets the maximum number of keys returned in the response. By default, the + // action returns up to 1,000 key names. The response might contain fewer keys // but will never contain more. MaxKeys *int64 `location:"querystring" locationName:"max-keys" type:"integer"` + // Specifies the optional fields that you want returned in the response. Fields + // that you do not specify are not returned. + OptionalObjectAttributes []*string `location:"header" locationName:"x-amz-optional-object-attributes" type:"list" enum:"OptionalObjectAttributes"` + // Limits the response to keys that begin with the specified prefix. Prefix *string `location:"querystring" locationName:"prefix" type:"string"` @@ -24468,12 +30316,20 @@ type ListObjectsInput struct { RequestPayer *string `location:"header" locationName:"x-amz-request-payer" type:"string" enum:"RequestPayer"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s ListObjectsInput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s ListObjectsInput) GoString() string { return s.String() } @@ -24537,6 +30393,12 @@ func (s *ListObjectsInput) SetMaxKeys(v int64) *ListObjectsInput { return s } +// SetOptionalObjectAttributes sets the OptionalObjectAttributes field's value. +func (s *ListObjectsInput) SetOptionalObjectAttributes(v []*string) *ListObjectsInput { + s.OptionalObjectAttributes = v + return s +} + // SetPrefix sets the Prefix field's value. func (s *ListObjectsInput) SetPrefix(v string) *ListObjectsInput { s.Prefix = &v @@ -24579,8 +30441,8 @@ func (s ListObjectsInput) updateArnableField(v string) (interface{}, error) { type ListObjectsOutput struct { _ struct{} `type:"structure"` - // All of the keys rolled up in a common prefix count as a single return when - // calculating the number of returns. + // All of the keys (up to 1,000) rolled up in a common prefix count as a single + // return when calculating the number of returns. // // A response can contain CommonPrefixes only if you specify a delimiter. // @@ -24590,7 +30452,7 @@ type ListObjectsOutput struct { // CommonPrefixes lists keys that act like subdirectories in the directory specified // by Prefix. // - // For example, if the prefix is notes/ and the delimiter is a slash (/) as + // For example, if the prefix is notes/ and the delimiter is a slash (/), as // in notes/summer/july, the common prefix is notes/summer/. All of the keys // that roll up into a common prefix count as a single return when calculating // the number of returns. @@ -24606,7 +30468,9 @@ type ListObjectsOutput struct { // the MaxKeys value. Delimiter *string `type:"string"` - // Encoding type used by Amazon S3 to encode object keys in the response. + // Encoding type used by Amazon S3 to encode object keys in the response. If + // using url, non-ASCII characters used in an object's key name will be URL + // encoded. For example, the object test_file(3).png will appear as test_file%283%29.png. EncodingType *string `type:"string" enum:"EncodingType"` // A flag that indicates whether Amazon S3 returned all of the results that @@ -24623,25 +30487,42 @@ type ListObjectsOutput struct { // The bucket name. Name *string `type:"string"` - // When response is truncated (the IsTruncated element value in the response - // is true), you can use the key name in this field as marker in the subsequent - // request to get next set of objects. Amazon S3 lists objects in alphabetical - // order Note: This element is returned only if you have delimiter request parameter - // specified. If response does not include the NextMarker and it is truncated, - // you can use the value of the last Key in the response as the marker in the - // subsequent request to get the next set of object keys. + // When the response is truncated (the IsTruncated element value in the response + // is true), you can use the key name in this field as the marker parameter + // in the subsequent request to get the next set of objects. Amazon S3 lists + // objects in alphabetical order. + // + // This element is returned only if you have the delimiter request parameter + // specified. If the response does not include the NextMarker element and it + // is truncated, you can use the value of the last Key element in the response + // as the marker parameter in the subsequent request to get the next set of + // object keys. NextMarker *string `type:"string"` // Keys that begin with the indicated prefix. Prefix *string `type:"string"` + + // If present, indicates that the requester was successfully charged for the + // request. + // + // This functionality is not supported for directory buckets. + RequestCharged *string `location:"header" locationName:"x-amz-request-charged" type:"string" enum:"RequestCharged"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s ListObjectsOutput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s ListObjectsOutput) GoString() string { return s.String() } @@ -24706,74 +30587,127 @@ func (s *ListObjectsOutput) SetPrefix(v string) *ListObjectsOutput { return s } +// SetRequestCharged sets the RequestCharged field's value. +func (s *ListObjectsOutput) SetRequestCharged(v string) *ListObjectsOutput { + s.RequestCharged = &v + return s +} + type ListObjectsV2Input struct { _ struct{} `locationName:"ListObjectsV2Request" type:"structure"` - // Bucket name to list. - // - // When using this API with an access point, you must direct requests to the - // access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. - // When using this operation with an access point through the AWS SDKs, you - // provide the access point ARN in place of the bucket name. For more information - // about access point ARNs, see Using Access Points (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-access-points.html) - // in the Amazon Simple Storage Service Developer Guide. - // - // When using this API with Amazon S3 on Outposts, you must direct requests - // to the S3 on Outposts hostname. The S3 on Outposts hostname takes the form - // AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com. When - // using this operation using S3 on Outposts through the AWS SDKs, you provide - // the Outposts bucket ARN in place of the bucket name. For more information - // about S3 on Outposts ARNs, see Using S3 on Outposts (https://docs.aws.amazon.com/AmazonS3/latest/dev/S3onOutposts.html) - // in the Amazon Simple Storage Service Developer Guide. + // Directory buckets - When you use this operation with a directory bucket, + // you must use virtual-hosted-style requests in the format Bucket_name.s3express-az_id.region.amazonaws.com. + // Path-style requests are not supported. Directory bucket names must be unique + // in the chosen Availability Zone. Bucket names must follow the format bucket_base_name--az-id--x-s3 + // (for example, DOC-EXAMPLE-BUCKET--usw2-az1--x-s3). For information about + // bucket naming restrictions, see Directory bucket naming rules (https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-bucket-naming-rules.html) + // in the Amazon S3 User Guide. + // + // Access points - When you use this action with an access point, you must provide + // the alias of the access point in place of the bucket name or specify the + // access point ARN. When using the access point ARN, you must direct requests + // to the access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. + // When using this action with an access point through the Amazon Web Services + // SDKs, you provide the access point ARN in place of the bucket name. For more + // information about access point ARNs, see Using access points (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html) + // in the Amazon S3 User Guide. + // + // Access points and Object Lambda access points are not supported by directory + // buckets. + // + // S3 on Outposts - When you use this action with Amazon S3 on Outposts, you + // must direct requests to the S3 on Outposts hostname. The S3 on Outposts hostname + // takes the form AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com. + // When you use this action with S3 on Outposts through the Amazon Web Services + // SDKs, you provide the Outposts access point ARN in place of the bucket name. + // For more information about S3 on Outposts ARNs, see What is S3 on Outposts? + // (https://docs.aws.amazon.com/AmazonS3/latest/userguide/S3onOutposts.html) + // in the Amazon S3 User Guide. // // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // ContinuationToken indicates Amazon S3 that the list is being continued on - // this bucket with a token. ContinuationToken is obfuscated and is not a real - // key. + // ContinuationToken indicates to Amazon S3 that the list is being continued + // on this bucket with a token. ContinuationToken is obfuscated and is not a + // real key. You can use this ContinuationToken for pagination of the list results. ContinuationToken *string `location:"querystring" locationName:"continuation-token" type:"string"` - // A delimiter is a character you use to group keys. + // A delimiter is a character that you use to group keys. + // + // * Directory buckets - For directory buckets, / is the only supported delimiter. + // + // * Directory buckets - When you query ListObjectsV2 with a delimiter during + // in-progress multipart uploads, the CommonPrefixes response parameter contains + // the prefixes that are associated with the in-progress multipart uploads. + // For more information about multipart uploads, see Multipart Upload Overview + // (https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuoverview.html) in + // the Amazon S3 User Guide. Delimiter *string `location:"querystring" locationName:"delimiter" type:"string"` - // Encoding type used by Amazon S3 to encode object keys in the response. + // Encoding type used by Amazon S3 to encode object keys in the response. If + // using url, non-ASCII characters used in an object's key name will be URL + // encoded. For example, the object test_file(3).png will appear as test_file%283%29.png. EncodingType *string `location:"querystring" locationName:"encoding-type" type:"string" enum:"EncodingType"` - // The account id of the expected bucket owner. If the bucket is owned by a - // different account, the request will fail with an HTTP 403 (Access Denied) - // error. + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` - // The owner field is not present in listV2 by default, if you want to return - // owner field with each key in the result then set the fetch owner field to - // true. + // The owner field is not present in ListObjectsV2 by default. If you want to + // return the owner field with each key in the result, then set the FetchOwner + // field to true. + // + // Directory buckets - For directory buckets, the bucket owner is returned as + // the object owner for all objects. FetchOwner *bool `location:"querystring" locationName:"fetch-owner" type:"boolean"` - // Sets the maximum number of keys returned in the response. By default the - // API returns up to 1,000 key names. The response might contain fewer keys + // Sets the maximum number of keys returned in the response. By default, the + // action returns up to 1,000 key names. The response might contain fewer keys // but will never contain more. MaxKeys *int64 `location:"querystring" locationName:"max-keys" type:"integer"` + // Specifies the optional fields that you want returned in the response. Fields + // that you do not specify are not returned. + // + // This functionality is not supported for directory buckets. + OptionalObjectAttributes []*string `location:"header" locationName:"x-amz-optional-object-attributes" type:"list" enum:"OptionalObjectAttributes"` + // Limits the response to keys that begin with the specified prefix. + // + // Directory buckets - For directory buckets, only prefixes that end in a delimiter + // (/) are supported. Prefix *string `location:"querystring" locationName:"prefix" type:"string"` // Confirms that the requester knows that she or he will be charged for the // list objects request in V2 style. Bucket owners need not specify this parameter // in their requests. + // + // This functionality is not supported for directory buckets. RequestPayer *string `location:"header" locationName:"x-amz-request-payer" type:"string" enum:"RequestPayer"` // StartAfter is where you want Amazon S3 to start listing from. Amazon S3 starts // listing after this specified key. StartAfter can be any key in the bucket. + // + // This functionality is not supported for directory buckets. StartAfter *string `location:"querystring" locationName:"start-after" type:"string"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s ListObjectsV2Input) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s ListObjectsV2Input) GoString() string { return s.String() } @@ -24843,6 +30777,12 @@ func (s *ListObjectsV2Input) SetMaxKeys(v int64) *ListObjectsV2Input { return s } +// SetOptionalObjectAttributes sets the OptionalObjectAttributes field's value. +func (s *ListObjectsV2Input) SetOptionalObjectAttributes(v []*string) *ListObjectsV2Input { + s.OptionalObjectAttributes = v + return s +} + // SetPrefix sets the Prefix field's value. func (s *ListObjectsV2Input) SetPrefix(v string) *ListObjectsV2Input { s.Prefix = &v @@ -24891,8 +30831,9 @@ func (s ListObjectsV2Input) updateArnableField(v string) (interface{}, error) { type ListObjectsV2Output struct { _ struct{} `type:"structure"` - // All of the keys rolled up into a common prefix count as a single return when - // calculating the number of returns. + // All of the keys (up to 1,000) that share the same prefix are grouped together. + // When counting the total numbers of returns by this API operation, this group + // of keys is considered as one item. // // A response can contain CommonPrefixes only if you specify a delimiter. // @@ -24906,12 +30847,24 @@ type ListObjectsV2Output struct { // in notes/summer/july, the common prefix is notes/summer/. All of the keys // that roll up into a common prefix count as a single return when calculating // the number of returns. + // + // * Directory buckets - For directory buckets, only prefixes that end in + // a delimiter (/) are supported. + // + // * Directory buckets - When you query ListObjectsV2 with a delimiter during + // in-progress multipart uploads, the CommonPrefixes response parameter contains + // the prefixes that are associated with the in-progress multipart uploads. + // For more information about multipart uploads, see Multipart Upload Overview + // (https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuoverview.html) in + // the Amazon S3 User Guide. CommonPrefixes []*CommonPrefix `type:"list" flattened:"true"` // Metadata about each object returned. Contents []*Object `type:"list" flattened:"true"` // If ContinuationToken was sent with the request, it is included in the response. + // You can use the returned ContinuationToken for pagination of the list response. + // You can use this ContinuationToken for pagination of the list results. ContinuationToken *string `type:"string"` // Causes keys that contain the same string between the prefix and the first @@ -24919,6 +30872,8 @@ type ListObjectsV2Output struct { // in the CommonPrefixes collection. These rolled-up keys are not returned elsewhere // in the response. Each rolled-up result counts as only one return against // the MaxKeys value. + // + // Directory buckets - For directory buckets, / is the only supported delimiter. Delimiter *string `type:"string"` // Encoding type used by Amazon S3 to encode object key names in the XML response. @@ -24936,31 +30891,16 @@ type ListObjectsV2Output struct { IsTruncated *bool `type:"boolean"` // KeyCount is the number of keys returned with this request. KeyCount will - // always be less than equals to MaxKeys field. Say you ask for 50 keys, your - // result will include less than equals 50 keys + // always be less than or equal to the MaxKeys field. For example, if you ask + // for 50 keys, your result will include 50 keys or fewer. KeyCount *int64 `type:"integer"` - // Sets the maximum number of keys returned in the response. By default the - // API returns up to 1,000 key names. The response might contain fewer keys + // Sets the maximum number of keys returned in the response. By default, the + // action returns up to 1,000 key names. The response might contain fewer keys // but will never contain more. MaxKeys *int64 `type:"integer"` // The bucket name. - // - // When using this API with an access point, you must direct requests to the - // access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. - // When using this operation with an access point through the AWS SDKs, you - // provide the access point ARN in place of the bucket name. For more information - // about access point ARNs, see Using Access Points (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-access-points.html) - // in the Amazon Simple Storage Service Developer Guide. - // - // When using this API with Amazon S3 on Outposts, you must direct requests - // to the S3 on Outposts hostname. The S3 on Outposts hostname takes the form - // AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com. When - // using this operation using S3 on Outposts through the AWS SDKs, you provide - // the Outposts bucket ARN in place of the bucket name. For more information - // about S3 on Outposts ARNs, see Using S3 on Outposts (https://docs.aws.amazon.com/AmazonS3/latest/dev/S3onOutposts.html) - // in the Amazon Simple Storage Service Developer Guide. Name *string `type:"string"` // NextContinuationToken is sent when isTruncated is true, which means there @@ -24970,18 +30910,37 @@ type ListObjectsV2Output struct { NextContinuationToken *string `type:"string"` // Keys that begin with the indicated prefix. + // + // Directory buckets - For directory buckets, only prefixes that end in a delimiter + // (/) are supported. Prefix *string `type:"string"` + // If present, indicates that the requester was successfully charged for the + // request. + // + // This functionality is not supported for directory buckets. + RequestCharged *string `location:"header" locationName:"x-amz-request-charged" type:"string" enum:"RequestCharged"` + // If StartAfter was sent with the request, it is included in the response. + // + // This functionality is not supported for directory buckets. StartAfter *string `type:"string"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s ListObjectsV2Output) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s ListObjectsV2Output) GoString() string { return s.String() } @@ -25052,6 +31011,12 @@ func (s *ListObjectsV2Output) SetPrefix(v string) *ListObjectsV2Output { return s } +// SetRequestCharged sets the RequestCharged field's value. +func (s *ListObjectsV2Output) SetRequestCharged(v string) *ListObjectsV2Output { + s.RequestCharged = &v + return s +} + // SetStartAfter sets the StartAfter field's value. func (s *ListObjectsV2Output) SetStartAfter(v string) *ListObjectsV2Output { s.StartAfter = &v @@ -25063,27 +31028,41 @@ type ListPartsInput struct { // The name of the bucket to which the parts are being uploaded. // - // When using this API with an access point, you must direct requests to the - // access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. - // When using this operation with an access point through the AWS SDKs, you - // provide the access point ARN in place of the bucket name. For more information - // about access point ARNs, see Using Access Points (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-access-points.html) - // in the Amazon Simple Storage Service Developer Guide. - // - // When using this API with Amazon S3 on Outposts, you must direct requests - // to the S3 on Outposts hostname. The S3 on Outposts hostname takes the form - // AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com. When - // using this operation using S3 on Outposts through the AWS SDKs, you provide - // the Outposts bucket ARN in place of the bucket name. For more information - // about S3 on Outposts ARNs, see Using S3 on Outposts (https://docs.aws.amazon.com/AmazonS3/latest/dev/S3onOutposts.html) - // in the Amazon Simple Storage Service Developer Guide. + // Directory buckets - When you use this operation with a directory bucket, + // you must use virtual-hosted-style requests in the format Bucket_name.s3express-az_id.region.amazonaws.com. + // Path-style requests are not supported. Directory bucket names must be unique + // in the chosen Availability Zone. Bucket names must follow the format bucket_base_name--az-id--x-s3 + // (for example, DOC-EXAMPLE-BUCKET--usw2-az1--x-s3). For information about + // bucket naming restrictions, see Directory bucket naming rules (https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-bucket-naming-rules.html) + // in the Amazon S3 User Guide. + // + // Access points - When you use this action with an access point, you must provide + // the alias of the access point in place of the bucket name or specify the + // access point ARN. When using the access point ARN, you must direct requests + // to the access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. + // When using this action with an access point through the Amazon Web Services + // SDKs, you provide the access point ARN in place of the bucket name. For more + // information about access point ARNs, see Using access points (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html) + // in the Amazon S3 User Guide. + // + // Access points and Object Lambda access points are not supported by directory + // buckets. + // + // S3 on Outposts - When you use this action with Amazon S3 on Outposts, you + // must direct requests to the S3 on Outposts hostname. The S3 on Outposts hostname + // takes the form AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com. + // When you use this action with S3 on Outposts through the Amazon Web Services + // SDKs, you provide the Outposts access point ARN in place of the bucket name. + // For more information about S3 on Outposts ARNs, see What is S3 on Outposts? + // (https://docs.aws.amazon.com/AmazonS3/latest/userguide/S3onOutposts.html) + // in the Amazon S3 User Guide. // // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // The account id of the expected bucket owner. If the bucket is owned by a - // different account, the request will fail with an HTTP 403 (Access Denied) - // error. + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` // Object key for which the multipart upload was initiated. @@ -25099,24 +31078,64 @@ type ListPartsInput struct { PartNumberMarker *int64 `location:"querystring" locationName:"part-number-marker" type:"integer"` // Confirms that the requester knows that they will be charged for the request. - // Bucket owners need not specify this parameter in their requests. For information - // about downloading objects from requester pays buckets, see Downloading Objects - // in Requestor Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) - // in the Amazon S3 Developer Guide. + // Bucket owners need not specify this parameter in their requests. If either + // the source or destination S3 bucket has Requester Pays enabled, the requester + // will pay for corresponding charges to copy the object. For information about + // downloading objects from Requester Pays buckets, see Downloading Objects + // in Requester Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) + // in the Amazon S3 User Guide. + // + // This functionality is not supported for directory buckets. RequestPayer *string `location:"header" locationName:"x-amz-request-payer" type:"string" enum:"RequestPayer"` + // The server-side encryption (SSE) algorithm used to encrypt the object. This + // parameter is needed only when the object was created using a checksum algorithm. + // For more information, see Protecting data using SSE-C keys (https://docs.aws.amazon.com/AmazonS3/latest/dev/ServerSideEncryptionCustomerKeys.html) + // in the Amazon S3 User Guide. + // + // This functionality is not supported for directory buckets. + SSECustomerAlgorithm *string `location:"header" locationName:"x-amz-server-side-encryption-customer-algorithm" type:"string"` + + // The server-side encryption (SSE) customer managed key. This parameter is + // needed only when the object was created using a checksum algorithm. For more + // information, see Protecting data using SSE-C keys (https://docs.aws.amazon.com/AmazonS3/latest/dev/ServerSideEncryptionCustomerKeys.html) + // in the Amazon S3 User Guide. + // + // This functionality is not supported for directory buckets. + // + // SSECustomerKey is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by ListPartsInput's + // String and GoString methods. + SSECustomerKey *string `marshal-as:"blob" location:"header" locationName:"x-amz-server-side-encryption-customer-key" type:"string" sensitive:"true"` + + // The MD5 server-side encryption (SSE) customer managed key. This parameter + // is needed only when the object was created using a checksum algorithm. For + // more information, see Protecting data using SSE-C keys (https://docs.aws.amazon.com/AmazonS3/latest/dev/ServerSideEncryptionCustomerKeys.html) + // in the Amazon S3 User Guide. + // + // This functionality is not supported for directory buckets. + SSECustomerKeyMD5 *string `location:"header" locationName:"x-amz-server-side-encryption-customer-key-MD5" type:"string"` + // Upload ID identifying the multipart upload whose parts are being listed. // // UploadId is a required field UploadId *string `location:"querystring" locationName:"uploadId" type:"string" required:"true"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s ListPartsInput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s ListPartsInput) GoString() string { return s.String() } @@ -25189,6 +31208,31 @@ func (s *ListPartsInput) SetRequestPayer(v string) *ListPartsInput { return s } +// SetSSECustomerAlgorithm sets the SSECustomerAlgorithm field's value. +func (s *ListPartsInput) SetSSECustomerAlgorithm(v string) *ListPartsInput { + s.SSECustomerAlgorithm = &v + return s +} + +// SetSSECustomerKey sets the SSECustomerKey field's value. +func (s *ListPartsInput) SetSSECustomerKey(v string) *ListPartsInput { + s.SSECustomerKey = &v + return s +} + +func (s *ListPartsInput) getSSECustomerKey() (v string) { + if s.SSECustomerKey == nil { + return v + } + return *s.SSECustomerKey +} + +// SetSSECustomerKeyMD5 sets the SSECustomerKeyMD5 field's value. +func (s *ListPartsInput) SetSSECustomerKeyMD5(v string) *ListPartsInput { + s.SSECustomerKeyMD5 = &v + return s +} + // SetUploadId sets the UploadId field's value. func (s *ListPartsInput) SetUploadId(v string) *ListPartsInput { s.UploadId = &v @@ -25230,24 +31274,32 @@ type ListPartsOutput struct { // name in the request, then the response includes this header indicating when // the initiated multipart upload will become eligible for abort operation. // For more information, see Aborting Incomplete Multipart Uploads Using a Bucket - // Lifecycle Policy (https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuoverview.html#mpu-abort-incomplete-mpu-lifecycle-config). + // Lifecycle Configuration (https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuoverview.html#mpu-abort-incomplete-mpu-lifecycle-config). // // The response will also include the x-amz-abort-rule-id header that will provide // the ID of the lifecycle configuration rule that defines this action. + // + // This functionality is not supported for directory buckets. AbortDate *time.Time `location:"header" locationName:"x-amz-abort-date" type:"timestamp"` // This header is returned along with the x-amz-abort-date header. It identifies // applicable lifecycle configuration rule that defines the action to abort // incomplete multipart uploads. + // + // This functionality is not supported for directory buckets. AbortRuleId *string `location:"header" locationName:"x-amz-abort-rule-id" type:"string"` - // The name of the bucket to which the multipart upload was initiated. + // The name of the bucket to which the multipart upload was initiated. Does + // not return the access point ARN or access point alias if used. Bucket *string `type:"string"` + // The algorithm that was used to create a checksum of the object. + ChecksumAlgorithm *string `type:"string" enum:"ChecksumAlgorithm"` + // Container element that identifies who initiated the multipart upload. If - // the initiator is an AWS account, this element provides the same information - // as the Owner element. If the initiator is an IAM User, this element provides - // the user ARN and display name. + // the initiator is an Amazon Web Services account, this element provides the + // same information as the Owner element. If the initiator is an IAM User, this + // element provides the user ARN and display name. Initiator *Initiator `type:"structure"` // Indicates whether the returned list of parts is truncated. A true value indicates @@ -25269,11 +31321,13 @@ type ListPartsOutput struct { // Container element that identifies the object owner, after the object is created. // If multipart upload is initiated by an IAM user, this element provides the // parent account ID and display name. + // + // Directory buckets - The bucket owner is returned as the object owner for + // all the parts. Owner *Owner `type:"structure"` - // When a list is truncated, this element specifies the last part in the list, - // as well as the value to use for the part-number-marker request parameter - // in a subsequent request. + // Specifies the part after which listing should begin. Only parts with higher + // part numbers will be listed. PartNumberMarker *int64 `type:"integer"` // Container for elements related to a particular part. A response can contain @@ -25282,22 +31336,34 @@ type ListPartsOutput struct { // If present, indicates that the requester was successfully charged for the // request. + // + // This functionality is not supported for directory buckets. RequestCharged *string `location:"header" locationName:"x-amz-request-charged" type:"string" enum:"RequestCharged"` - // Class of storage (STANDARD or REDUCED_REDUNDANCY) used to store the uploaded - // object. + // The class of storage used to store the uploaded object. + // + // Directory buckets - Only the S3 Express One Zone storage class is supported + // by directory buckets to store objects. StorageClass *string `type:"string" enum:"StorageClass"` // Upload ID identifying the multipart upload whose parts are being listed. UploadId *string `type:"string"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s ListPartsOutput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s ListPartsOutput) GoString() string { return s.String() } @@ -25327,6 +31393,12 @@ func (s *ListPartsOutput) getBucket() (v string) { return *s.Bucket } +// SetChecksumAlgorithm sets the ChecksumAlgorithm field's value. +func (s *ListPartsOutput) SetChecksumAlgorithm(v string) *ListPartsOutput { + s.ChecksumAlgorithm = &v + return s +} + // SetInitiator sets the Initiator field's value. func (s *ListPartsOutput) SetInitiator(v *Initiator) *ListPartsOutput { s.Initiator = v @@ -25427,12 +31499,20 @@ type Location struct { UserMetadata []*MetadataEntry `locationNameList:"MetadataEntry" type:"list"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s Location) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s Location) GoString() string { return s.String() } @@ -25521,10 +31601,60 @@ func (s *Location) SetUserMetadata(v []*MetadataEntry) *Location { return s } +// Specifies the location where the bucket will be created. +// +// For directory buckets, the location type is Availability Zone. For more information +// about directory buckets, see Directory buckets (https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-buckets-overview.html) +// in the Amazon S3 User Guide. +// +// This functionality is only supported by directory buckets. +type LocationInfo struct { + _ struct{} `type:"structure"` + + // The name of the location where the bucket will be created. + // + // For directory buckets, the name of the location is the AZ ID of the Availability + // Zone where the bucket will be created. An example AZ ID value is usw2-az1. + Name *string `type:"string"` + + // The type of location where the bucket will be created. + Type *string `type:"string" enum:"LocationType"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s LocationInfo) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s LocationInfo) GoString() string { + return s.String() +} + +// SetName sets the Name field's value. +func (s *LocationInfo) SetName(v string) *LocationInfo { + s.Name = &v + return s +} + +// SetType sets the Type field's value. +func (s *LocationInfo) SetType(v string) *LocationInfo { + s.Type = &v + return s +} + // Describes where logs are stored and the prefix that Amazon S3 assigns to // all log object keys for a bucket. For more information, see PUT Bucket logging // (https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTlogging.html) -// in the Amazon Simple Storage Service API Reference. +// in the Amazon S3 API Reference. type LoggingEnabled struct { _ struct{} `type:"structure"` @@ -25539,8 +31669,16 @@ type LoggingEnabled struct { TargetBucket *string `type:"string" required:"true"` // Container for granting information. + // + // Buckets that use the bucket owner enforced setting for Object Ownership don't + // support target grants. For more information, see Permissions for server access + // log delivery (https://docs.aws.amazon.com/AmazonS3/latest/userguide/enable-server-access-logging.html#grant-log-delivery-permissions-general) + // in the Amazon S3 User Guide. TargetGrants []*TargetGrant `locationNameList:"Grant" type:"list"` + // Amazon S3 key format for log objects. + TargetObjectKeyFormat *TargetObjectKeyFormat `type:"structure"` + // A prefix for all log object keys. If you store log files from multiple Amazon // S3 buckets in a single bucket, you can use a prefix to distinguish which // log files came from which bucket. @@ -25549,12 +31687,20 @@ type LoggingEnabled struct { TargetPrefix *string `type:"string" required:"true"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s LoggingEnabled) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s LoggingEnabled) GoString() string { return s.String() } @@ -25597,6 +31743,12 @@ func (s *LoggingEnabled) SetTargetGrants(v []*TargetGrant) *LoggingEnabled { return s } +// SetTargetObjectKeyFormat sets the TargetObjectKeyFormat field's value. +func (s *LoggingEnabled) SetTargetObjectKeyFormat(v *TargetObjectKeyFormat) *LoggingEnabled { + s.TargetObjectKeyFormat = v + return s +} + // SetTargetPrefix sets the TargetPrefix field's value. func (s *LoggingEnabled) SetTargetPrefix(v string) *LoggingEnabled { s.TargetPrefix = &v @@ -25607,19 +31759,27 @@ func (s *LoggingEnabled) SetTargetPrefix(v string) *LoggingEnabled { type MetadataEntry struct { _ struct{} `type:"structure"` - // Name of the Object. + // Name of the object. Name *string `type:"string"` - // Value of the Object. + // Value of the object. Value *string `type:"string"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s MetadataEntry) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s MetadataEntry) GoString() string { return s.String() } @@ -25651,12 +31811,20 @@ type Metrics struct { Status *string `type:"string" required:"true" enum:"MetricsStatus"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s Metrics) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s Metrics) GoString() string { return s.String() } @@ -25692,6 +31860,9 @@ func (s *Metrics) SetStatus(v string) *Metrics { type MetricsAndOperator struct { _ struct{} `type:"structure"` + // The access point ARN used when evaluating an AND predicate. + AccessPointArn *string `type:"string"` + // The prefix used when evaluating an AND predicate. Prefix *string `type:"string"` @@ -25699,12 +31870,20 @@ type MetricsAndOperator struct { Tags []*Tag `locationName:"Tag" locationNameList:"Tag" type:"list" flattened:"true"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s MetricsAndOperator) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s MetricsAndOperator) GoString() string { return s.String() } @@ -25729,6 +31908,12 @@ func (s *MetricsAndOperator) Validate() error { return nil } +// SetAccessPointArn sets the AccessPointArn field's value. +func (s *MetricsAndOperator) SetAccessPointArn(v string) *MetricsAndOperator { + s.AccessPointArn = &v + return s +} + // SetPrefix sets the Prefix field's value. func (s *MetricsAndOperator) SetPrefix(v string) *MetricsAndOperator { s.Prefix = &v @@ -25745,29 +31930,37 @@ func (s *MetricsAndOperator) SetTags(v []*Tag) *MetricsAndOperator { // by the metrics configuration ID) from an Amazon S3 bucket. If you're updating // an existing metrics configuration, note that this is a full replacement of // the existing metrics configuration. If you don't include the elements you -// want to keep, they are erased. For more information, see PUT Bucket metrics -// (https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTMetricConfiguration.html) -// in the Amazon Simple Storage Service API Reference. +// want to keep, they are erased. For more information, see PutBucketMetricsConfiguration +// (https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTMetricConfiguration.html). type MetricsConfiguration struct { _ struct{} `type:"structure"` // Specifies a metrics configuration filter. The metrics configuration will // only include objects that meet the filter's criteria. A filter must be a - // prefix, a tag, or a conjunction (MetricsAndOperator). + // prefix, an object tag, an access point ARN, or a conjunction (MetricsAndOperator). Filter *MetricsFilter `type:"structure"` - // The ID used to identify the metrics configuration. + // The ID used to identify the metrics configuration. The ID has a 64 character + // limit and can only contain letters, numbers, periods, dashes, and underscores. // // Id is a required field Id *string `type:"string" required:"true"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s MetricsConfiguration) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s MetricsConfiguration) GoString() string { return s.String() } @@ -25804,10 +31997,14 @@ func (s *MetricsConfiguration) SetId(v string) *MetricsConfiguration { // Specifies a metrics configuration filter. The metrics configuration only // includes objects that meet the filter's criteria. A filter must be a prefix, -// a tag, or a conjunction (MetricsAndOperator). +// an object tag, an access point ARN, or a conjunction (MetricsAndOperator). +// For more information, see PutBucketMetricsConfiguration (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketMetricsConfiguration.html). type MetricsFilter struct { _ struct{} `type:"structure"` + // The access point ARN used when evaluating a metrics filter. + AccessPointArn *string `type:"string"` + // A conjunction (logical AND) of predicates, which is used in evaluating a // metrics filter. The operator must have at least two predicates, and an object // must match all of the predicates in order for the filter to apply. @@ -25820,12 +32017,20 @@ type MetricsFilter struct { Tag *Tag `type:"structure"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s MetricsFilter) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s MetricsFilter) GoString() string { return s.String() } @@ -25850,6 +32055,12 @@ func (s *MetricsFilter) Validate() error { return nil } +// SetAccessPointArn sets the AccessPointArn field's value. +func (s *MetricsFilter) SetAccessPointArn(v string) *MetricsFilter { + s.AccessPointArn = &v + return s +} + // SetAnd sets the And field's value. func (s *MetricsFilter) SetAnd(v *MetricsAndOperator) *MetricsFilter { s.And = v @@ -25872,6 +32083,9 @@ func (s *MetricsFilter) SetTag(v *Tag) *MetricsFilter { type MultipartUpload struct { _ struct{} `type:"structure"` + // The algorithm that was used to create a checksum of the object. + ChecksumAlgorithm *string `type:"string" enum:"ChecksumAlgorithm"` + // Date and time at which the multipart upload was initiated. Initiated *time.Time `type:"timestamp"` @@ -25882,25 +32096,45 @@ type MultipartUpload struct { Key *string `min:"1" type:"string"` // Specifies the owner of the object that is part of the multipart upload. + // + // Directory buckets - The bucket owner is returned as the object owner for + // all the objects. Owner *Owner `type:"structure"` // The class of storage used to store the object. + // + // Directory buckets - Only the S3 Express One Zone storage class is supported + // by directory buckets to store objects. StorageClass *string `type:"string" enum:"StorageClass"` // Upload ID that identifies the multipart upload. UploadId *string `type:"string"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s MultipartUpload) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s MultipartUpload) GoString() string { return s.String() } +// SetChecksumAlgorithm sets the ChecksumAlgorithm field's value. +func (s *MultipartUpload) SetChecksumAlgorithm(v string) *MultipartUpload { + s.ChecksumAlgorithm = &v + return s +} + // SetInitiated sets the Initiated field's value. func (s *MultipartUpload) SetInitiated(v time.Time) *MultipartUpload { s.Initiated = &v @@ -25945,24 +32179,46 @@ func (s *MultipartUpload) SetUploadId(v string) *MultipartUpload { type NoncurrentVersionExpiration struct { _ struct{} `type:"structure"` + // Specifies how many newer noncurrent versions must exist before Amazon S3 + // can perform the associated action on a given version. If there are this many + // more recent noncurrent versions, Amazon S3 will take the associated action. + // For more information about noncurrent versions, see Lifecycle configuration + // elements (https://docs.aws.amazon.com/AmazonS3/latest/userguide/intro-lifecycle-rules.html) + // in the Amazon S3 User Guide. + NewerNoncurrentVersions *int64 `type:"integer"` + // Specifies the number of days an object is noncurrent before Amazon S3 can - // perform the associated action. For information about the noncurrent days - // calculations, see How Amazon S3 Calculates When an Object Became Noncurrent - // (https://docs.aws.amazon.com/AmazonS3/latest/dev/intro-lifecycle-rules.html#non-current-days-calculations) - // in the Amazon Simple Storage Service Developer Guide. + // perform the associated action. The value must be a non-zero positive integer. + // For information about the noncurrent days calculations, see How Amazon S3 + // Calculates When an Object Became Noncurrent (https://docs.aws.amazon.com/AmazonS3/latest/dev/intro-lifecycle-rules.html#non-current-days-calculations) + // in the Amazon S3 User Guide. NoncurrentDays *int64 `type:"integer"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s NoncurrentVersionExpiration) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s NoncurrentVersionExpiration) GoString() string { return s.String() } +// SetNewerNoncurrentVersions sets the NewerNoncurrentVersions field's value. +func (s *NoncurrentVersionExpiration) SetNewerNoncurrentVersions(v int64) *NoncurrentVersionExpiration { + s.NewerNoncurrentVersions = &v + return s +} + // SetNoncurrentDays sets the NoncurrentDays field's value. func (s *NoncurrentVersionExpiration) SetNoncurrentDays(v int64) *NoncurrentVersionExpiration { s.NoncurrentDays = &v @@ -25970,36 +32226,58 @@ func (s *NoncurrentVersionExpiration) SetNoncurrentDays(v int64) *NoncurrentVers } // Container for the transition rule that describes when noncurrent objects -// transition to the STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER, -// or DEEP_ARCHIVE storage class. If your bucket is versioning-enabled (or versioning -// is suspended), you can set this action to request that Amazon S3 transition -// noncurrent object versions to the STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, -// GLACIER, or DEEP_ARCHIVE storage class at a specific period in the object's -// lifetime. +// transition to the STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER_IR, +// GLACIER, or DEEP_ARCHIVE storage class. If your bucket is versioning-enabled +// (or versioning is suspended), you can set this action to request that Amazon +// S3 transition noncurrent object versions to the STANDARD_IA, ONEZONE_IA, +// INTELLIGENT_TIERING, GLACIER_IR, GLACIER, or DEEP_ARCHIVE storage class at +// a specific period in the object's lifetime. type NoncurrentVersionTransition struct { _ struct{} `type:"structure"` + // Specifies how many newer noncurrent versions must exist before Amazon S3 + // can perform the associated action on a given version. If there are this many + // more recent noncurrent versions, Amazon S3 will take the associated action. + // For more information about noncurrent versions, see Lifecycle configuration + // elements (https://docs.aws.amazon.com/AmazonS3/latest/userguide/intro-lifecycle-rules.html) + // in the Amazon S3 User Guide. + NewerNoncurrentVersions *int64 `type:"integer"` + // Specifies the number of days an object is noncurrent before Amazon S3 can // perform the associated action. For information about the noncurrent days // calculations, see How Amazon S3 Calculates How Long an Object Has Been Noncurrent // (https://docs.aws.amazon.com/AmazonS3/latest/dev/intro-lifecycle-rules.html#non-current-days-calculations) - // in the Amazon Simple Storage Service Developer Guide. + // in the Amazon S3 User Guide. NoncurrentDays *int64 `type:"integer"` // The class of storage used to store the object. StorageClass *string `type:"string" enum:"TransitionStorageClass"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s NoncurrentVersionTransition) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s NoncurrentVersionTransition) GoString() string { return s.String() } +// SetNewerNoncurrentVersions sets the NewerNoncurrentVersions field's value. +func (s *NoncurrentVersionTransition) SetNewerNoncurrentVersions(v int64) *NoncurrentVersionTransition { + s.NewerNoncurrentVersions = &v + return s +} + // SetNoncurrentDays sets the NoncurrentDays field's value. func (s *NoncurrentVersionTransition) SetNoncurrentDays(v int64) *NoncurrentVersionTransition { s.NoncurrentDays = &v @@ -26017,8 +32295,11 @@ func (s *NoncurrentVersionTransition) SetStorageClass(v string) *NoncurrentVersi type NotificationConfiguration struct { _ struct{} `type:"structure"` - // Describes the AWS Lambda functions to invoke and the events for which to - // invoke them. + // Enables delivery of events to Amazon EventBridge. + EventBridgeConfiguration *EventBridgeConfiguration `type:"structure"` + + // Describes the Lambda functions to invoke and the events for which to invoke + // them. LambdaFunctionConfigurations []*LambdaFunctionConfiguration `locationName:"CloudFunctionConfiguration" type:"list" flattened:"true"` // The Amazon Simple Queue Service queues to publish messages to and the events @@ -26030,12 +32311,20 @@ type NotificationConfiguration struct { TopicConfigurations []*TopicConfiguration `locationName:"TopicConfiguration" type:"list" flattened:"true"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s NotificationConfiguration) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s NotificationConfiguration) GoString() string { return s.String() } @@ -26080,6 +32369,12 @@ func (s *NotificationConfiguration) Validate() error { return nil } +// SetEventBridgeConfiguration sets the EventBridgeConfiguration field's value. +func (s *NotificationConfiguration) SetEventBridgeConfiguration(v *EventBridgeConfiguration) *NotificationConfiguration { + s.EventBridgeConfiguration = v + return s +} + // SetLambdaFunctionConfigurations sets the LambdaFunctionConfigurations field's value. func (s *NotificationConfiguration) SetLambdaFunctionConfigurations(v []*LambdaFunctionConfiguration) *NotificationConfiguration { s.LambdaFunctionConfigurations = v @@ -26101,7 +32396,7 @@ func (s *NotificationConfiguration) SetTopicConfigurations(v []*TopicConfigurati type NotificationConfigurationDeprecated struct { _ struct{} `type:"structure"` - // Container for specifying the AWS Lambda notification configuration. + // Container for specifying the Lambda notification configuration. CloudFunctionConfiguration *CloudFunctionConfiguration `type:"structure"` // This data type is deprecated. This data type specifies the configuration @@ -26115,12 +32410,20 @@ type NotificationConfigurationDeprecated struct { TopicConfiguration *TopicConfigurationDeprecated `type:"structure"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s NotificationConfigurationDeprecated) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s NotificationConfigurationDeprecated) GoString() string { return s.String() } @@ -26144,8 +32447,9 @@ func (s *NotificationConfigurationDeprecated) SetTopicConfiguration(v *TopicConf } // Specifies object key name filtering rules. For information about key name -// filtering, see Configuring Event Notifications (https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html) -// in the Amazon Simple Storage Service Developer Guide. +// filtering, see Configuring event notifications using object key name filtering +// (https://docs.aws.amazon.com/AmazonS3/latest/userguide/notification-how-to-filtering.html) +// in the Amazon S3 User Guide. type NotificationConfigurationFilter struct { _ struct{} `type:"structure"` @@ -26153,12 +32457,20 @@ type NotificationConfigurationFilter struct { Key *KeyFilter `locationName:"S3Key" type:"structure"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s NotificationConfigurationFilter) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s NotificationConfigurationFilter) GoString() string { return s.String() } @@ -26173,51 +32485,89 @@ func (s *NotificationConfigurationFilter) SetKey(v *KeyFilter) *NotificationConf type Object struct { _ struct{} `type:"structure"` + // The algorithm that was used to create a checksum of the object. + ChecksumAlgorithm []*string `type:"list" flattened:"true" enum:"ChecksumAlgorithm"` + // The entity tag is a hash of the object. The ETag reflects changes only to // the contents of an object, not its metadata. The ETag may or may not be an // MD5 digest of the object data. Whether or not it is depends on how the object // was created and how it is encrypted as described below: // // * Objects created by the PUT Object, POST Object, or Copy operation, or - // through the AWS Management Console, and are encrypted by SSE-S3 or plaintext, - // have ETags that are an MD5 digest of their object data. + // through the Amazon Web Services Management Console, and are encrypted + // by SSE-S3 or plaintext, have ETags that are an MD5 digest of their object + // data. // // * Objects created by the PUT Object, POST Object, or Copy operation, or - // through the AWS Management Console, and are encrypted by SSE-C or SSE-KMS, - // have ETags that are not an MD5 digest of their object data. + // through the Amazon Web Services Management Console, and are encrypted + // by SSE-C or SSE-KMS, have ETags that are not an MD5 digest of their object + // data. // // * If an object is created by either the Multipart Upload or Part Copy // operation, the ETag is not an MD5 digest, regardless of the method of - // encryption. + // encryption. If an object is larger than 16 MB, the Amazon Web Services + // Management Console will upload or copy that object as a Multipart Upload, + // and therefore the ETag will not be an MD5 digest. + // + // Directory buckets - MD5 is not supported by directory buckets. ETag *string `type:"string"` // The name that you assign to an object. You use the object key to retrieve // the object. Key *string `min:"1" type:"string"` - // The date the Object was Last Modified + // Creation date of the object. LastModified *time.Time `type:"timestamp"` // The owner of the object + // + // Directory buckets - The bucket owner is returned as the object owner. Owner *Owner `type:"structure"` + // Specifies the restoration status of an object. Objects in certain storage + // classes must be restored before they can be retrieved. For more information + // about these storage classes and how to work with archived objects, see Working + // with archived objects (https://docs.aws.amazon.com/AmazonS3/latest/userguide/archived-objects.html) + // in the Amazon S3 User Guide. + // + // This functionality is not supported for directory buckets. Only the S3 Express + // One Zone storage class is supported by directory buckets to store objects. + RestoreStatus *RestoreStatus `type:"structure"` + // Size in bytes of the object - Size *int64 `type:"integer"` + Size *int64 `type:"long"` // The class of storage used to store the object. + // + // Directory buckets - Only the S3 Express One Zone storage class is supported + // by directory buckets to store objects. StorageClass *string `type:"string" enum:"ObjectStorageClass"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s Object) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s Object) GoString() string { return s.String() } +// SetChecksumAlgorithm sets the ChecksumAlgorithm field's value. +func (s *Object) SetChecksumAlgorithm(v []*string) *Object { + s.ChecksumAlgorithm = v + return s +} + // SetETag sets the ETag field's value. func (s *Object) SetETag(v string) *Object { s.ETag = &v @@ -26242,6 +32592,12 @@ func (s *Object) SetOwner(v *Owner) *Object { return s } +// SetRestoreStatus sets the RestoreStatus field's value. +func (s *Object) SetRestoreStatus(v *RestoreStatus) *Object { + s.RestoreStatus = v + return s +} + // SetSize sets the Size field's value. func (s *Object) SetSize(v int64) *Object { s.Size = &v @@ -26258,21 +32614,35 @@ func (s *Object) SetStorageClass(v string) *Object { type ObjectIdentifier struct { _ struct{} `type:"structure"` - // Key name of the object to delete. + // Key name of the object. + // + // Replacement must be made for object keys containing special characters (such + // as carriage returns) when using XML requests. For more information, see XML + // related object key constraints (https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html#object-key-xml-related-constraints). // // Key is a required field Key *string `min:"1" type:"string" required:"true"` - // VersionId for the specific version of the object to delete. + // Version ID for the specific version of the object to delete. + // + // This functionality is not supported for directory buckets. VersionId *string `type:"string"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s ObjectIdentifier) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s ObjectIdentifier) GoString() string { return s.String() } @@ -26309,19 +32679,31 @@ func (s *ObjectIdentifier) SetVersionId(v string) *ObjectIdentifier { type ObjectLockConfiguration struct { _ struct{} `type:"structure"` - // Indicates whether this bucket has an Object Lock configuration enabled. + // Indicates whether this bucket has an Object Lock configuration enabled. Enable + // ObjectLockEnabled when you apply ObjectLockConfiguration to a bucket. ObjectLockEnabled *string `type:"string" enum:"ObjectLockEnabled"` - // The Object Lock rule in place for the specified object. + // Specifies the Object Lock rule for the specified object. Enable the this + // rule when you apply ObjectLockConfiguration to a bucket. Bucket settings + // require both a mode and a period. The period can be either Days or Years + // but you must select one. You cannot specify Days and Years at the same time. Rule *ObjectLockRule `type:"structure"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s ObjectLockConfiguration) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s ObjectLockConfiguration) GoString() string { return s.String() } @@ -26338,20 +32720,28 @@ func (s *ObjectLockConfiguration) SetRule(v *ObjectLockRule) *ObjectLockConfigur return s } -// A Legal Hold configuration for an object. +// A legal hold configuration for an object. type ObjectLockLegalHold struct { _ struct{} `type:"structure"` - // Indicates whether the specified object has a Legal Hold in place. + // Indicates whether the specified object has a legal hold in place. Status *string `type:"string" enum:"ObjectLockLegalHoldStatus"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s ObjectLockLegalHold) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s ObjectLockLegalHold) GoString() string { return s.String() } @@ -26373,12 +32763,20 @@ type ObjectLockRetention struct { RetainUntilDate *time.Time `type:"timestamp" timestampFormat:"iso8601"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s ObjectLockRetention) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s ObjectLockRetention) GoString() string { return s.String() } @@ -26399,17 +32797,27 @@ func (s *ObjectLockRetention) SetRetainUntilDate(v time.Time) *ObjectLockRetenti type ObjectLockRule struct { _ struct{} `type:"structure"` - // The default retention period that you want to apply to new objects placed - // in the specified bucket. + // The default Object Lock retention mode and period that you want to apply + // to new objects placed in the specified bucket. Bucket settings require both + // a mode and a period. The period can be either Days or Years but you must + // select one. You cannot specify Days and Years at the same time. DefaultRetention *DefaultRetention `type:"structure"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s ObjectLockRule) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s ObjectLockRule) GoString() string { return s.String() } @@ -26420,10 +32828,116 @@ func (s *ObjectLockRule) SetDefaultRetention(v *DefaultRetention) *ObjectLockRul return s } +// A container for elements related to an individual part. +type ObjectPart struct { + _ struct{} `type:"structure"` + + // This header can be used as a data integrity check to verify that the data + // received is the same data that was originally sent. This header specifies + // the base64-encoded, 32-bit CRC32 checksum of the object. For more information, + // see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) + // in the Amazon S3 User Guide. + ChecksumCRC32 *string `type:"string"` + + // The base64-encoded, 32-bit CRC32C checksum of the object. This will only + // be present if it was uploaded with the object. When you use an API operation + // on an object that was uploaded using multipart uploads, this value may not + // be a direct checksum value of the full object. Instead, it's a calculation + // based on the checksum values of each individual part. For more information + // about how checksums are calculated with multipart uploads, see Checking object + // integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) + // in the Amazon S3 User Guide. + ChecksumCRC32C *string `type:"string"` + + // The base64-encoded, 160-bit SHA-1 digest of the object. This will only be + // present if it was uploaded with the object. When you use the API operation + // on an object that was uploaded using multipart uploads, this value may not + // be a direct checksum value of the full object. Instead, it's a calculation + // based on the checksum values of each individual part. For more information + // about how checksums are calculated with multipart uploads, see Checking object + // integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) + // in the Amazon S3 User Guide. + ChecksumSHA1 *string `type:"string"` + + // The base64-encoded, 256-bit SHA-256 digest of the object. This will only + // be present if it was uploaded with the object. When you use an API operation + // on an object that was uploaded using multipart uploads, this value may not + // be a direct checksum value of the full object. Instead, it's a calculation + // based on the checksum values of each individual part. For more information + // about how checksums are calculated with multipart uploads, see Checking object + // integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) + // in the Amazon S3 User Guide. + ChecksumSHA256 *string `type:"string"` + + // The part number identifying the part. This value is a positive integer between + // 1 and 10,000. + PartNumber *int64 `type:"integer"` + + // The size of the uploaded part in bytes. + Size *int64 `type:"long"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ObjectPart) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ObjectPart) GoString() string { + return s.String() +} + +// SetChecksumCRC32 sets the ChecksumCRC32 field's value. +func (s *ObjectPart) SetChecksumCRC32(v string) *ObjectPart { + s.ChecksumCRC32 = &v + return s +} + +// SetChecksumCRC32C sets the ChecksumCRC32C field's value. +func (s *ObjectPart) SetChecksumCRC32C(v string) *ObjectPart { + s.ChecksumCRC32C = &v + return s +} + +// SetChecksumSHA1 sets the ChecksumSHA1 field's value. +func (s *ObjectPart) SetChecksumSHA1(v string) *ObjectPart { + s.ChecksumSHA1 = &v + return s +} + +// SetChecksumSHA256 sets the ChecksumSHA256 field's value. +func (s *ObjectPart) SetChecksumSHA256(v string) *ObjectPart { + s.ChecksumSHA256 = &v + return s +} + +// SetPartNumber sets the PartNumber field's value. +func (s *ObjectPart) SetPartNumber(v int64) *ObjectPart { + s.PartNumber = &v + return s +} + +// SetSize sets the Size field's value. +func (s *ObjectPart) SetSize(v int64) *ObjectPart { + s.Size = &v + return s +} + // The version of an object. type ObjectVersion struct { _ struct{} `type:"structure"` + // The algorithm that was used to create a checksum of the object. + ChecksumAlgorithm []*string `type:"list" flattened:"true" enum:"ChecksumAlgorithm"` + // The entity tag is an MD5 hash of that version of the object. ETag *string `type:"string"` @@ -26434,14 +32948,21 @@ type ObjectVersion struct { // The object key. Key *string `min:"1" type:"string"` - // Date and time the object was last modified. + // Date and time when the object was last modified. LastModified *time.Time `type:"timestamp"` // Specifies the owner of the object. Owner *Owner `type:"structure"` + // Specifies the restoration status of an object. Objects in certain storage + // classes must be restored before they can be retrieved. For more information + // about these storage classes and how to work with archived objects, see Working + // with archived objects (https://docs.aws.amazon.com/AmazonS3/latest/userguide/archived-objects.html) + // in the Amazon S3 User Guide. + RestoreStatus *RestoreStatus `type:"structure"` + // Size in bytes of the object. - Size *int64 `type:"integer"` + Size *int64 `type:"long"` // The class of storage used to store the object. StorageClass *string `type:"string" enum:"ObjectVersionStorageClass"` @@ -26450,16 +32971,30 @@ type ObjectVersion struct { VersionId *string `type:"string"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s ObjectVersion) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s ObjectVersion) GoString() string { return s.String() } +// SetChecksumAlgorithm sets the ChecksumAlgorithm field's value. +func (s *ObjectVersion) SetChecksumAlgorithm(v []*string) *ObjectVersion { + s.ChecksumAlgorithm = v + return s +} + // SetETag sets the ETag field's value. func (s *ObjectVersion) SetETag(v string) *ObjectVersion { s.ETag = &v @@ -26490,6 +33025,12 @@ func (s *ObjectVersion) SetOwner(v *Owner) *ObjectVersion { return s } +// SetRestoreStatus sets the RestoreStatus field's value. +func (s *ObjectVersion) SetRestoreStatus(v *RestoreStatus) *ObjectVersion { + s.RestoreStatus = v + return s +} + // SetSize sets the Size field's value. func (s *ObjectVersion) SetSize(v int64) *ObjectVersion { s.Size = &v @@ -26516,12 +33057,20 @@ type OutputLocation struct { S3 *Location `type:"structure"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s OutputLocation) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s OutputLocation) GoString() string { return s.String() } @@ -26558,12 +33107,20 @@ type OutputSerialization struct { JSON *JSONOutput `type:"structure"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s OutputSerialization) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s OutputSerialization) GoString() string { return s.String() } @@ -26584,19 +33141,46 @@ func (s *OutputSerialization) SetJSON(v *JSONOutput) *OutputSerialization { type Owner struct { _ struct{} `type:"structure"` - // Container for the display name of the owner. + // Container for the display name of the owner. This value is only supported + // in the following Amazon Web Services Regions: + // + // * US East (N. Virginia) + // + // * US West (N. California) + // + // * US West (Oregon) + // + // * Asia Pacific (Singapore) + // + // * Asia Pacific (Sydney) + // + // * Asia Pacific (Tokyo) + // + // * Europe (Ireland) + // + // * South America (São Paulo) + // + // This functionality is not supported for directory buckets. DisplayName *string `type:"string"` // Container for the ID of the owner. ID *string `type:"string"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s Owner) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s Owner) GoString() string { return s.String() } @@ -26623,12 +33207,20 @@ type OwnershipControls struct { Rules []*OwnershipControlsRule `locationName:"Rule" type:"list" flattened:"true" required:"true"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s OwnershipControls) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s OwnershipControls) GoString() string { return s.String() } @@ -26675,16 +33267,41 @@ type OwnershipControlsRule struct { // ObjectWriter - The uploading account will own the object if the object is // uploaded with the bucket-owner-full-control canned ACL. // + // BucketOwnerEnforced - Access control lists (ACLs) are disabled and no longer + // affect permissions. The bucket owner automatically owns and has full control + // over every object in the bucket. The bucket only accepts PUT requests that + // don't specify an ACL or specify bucket owner full control ACLs (such as the + // predefined bucket-owner-full-control canned ACL or a custom ACL in XML format + // that grants the same permissions). + // + // By default, ObjectOwnership is set to BucketOwnerEnforced and ACLs are disabled. + // We recommend keeping ACLs disabled, except in uncommon use cases where you + // must control access for each object individually. For more information about + // S3 Object Ownership, see Controlling ownership of objects and disabling ACLs + // for your bucket (https://docs.aws.amazon.com/AmazonS3/latest/userguide/about-object-ownership.html) + // in the Amazon S3 User Guide. + // + // This functionality is not supported for directory buckets. Directory buckets + // use the bucket owner enforced setting for S3 Object Ownership. + // // ObjectOwnership is a required field ObjectOwnership *string `type:"string" required:"true" enum:"ObjectOwnership"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s OwnershipControlsRule) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s OwnershipControlsRule) GoString() string { return s.String() } @@ -26713,12 +33330,20 @@ type ParquetInput struct { _ struct{} `type:"structure"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s ParquetInput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s ParquetInput) GoString() string { return s.String() } @@ -26727,6 +33352,40 @@ func (s ParquetInput) GoString() string { type Part struct { _ struct{} `type:"structure"` + // This header can be used as a data integrity check to verify that the data + // received is the same data that was originally sent. This header specifies + // the base64-encoded, 32-bit CRC32 checksum of the object. For more information, + // see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) + // in the Amazon S3 User Guide. + ChecksumCRC32 *string `type:"string"` + + // The base64-encoded, 32-bit CRC32C checksum of the object. This will only + // be present if it was uploaded with the object. When you use an API operation + // on an object that was uploaded using multipart uploads, this value may not + // be a direct checksum value of the full object. Instead, it's a calculation + // based on the checksum values of each individual part. For more information + // about how checksums are calculated with multipart uploads, see Checking object + // integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) + // in the Amazon S3 User Guide. + ChecksumCRC32C *string `type:"string"` + + // The base64-encoded, 160-bit SHA-1 digest of the object. This will only be + // present if it was uploaded with the object. When you use the API operation + // on an object that was uploaded using multipart uploads, this value may not + // be a direct checksum value of the full object. Instead, it's a calculation + // based on the checksum values of each individual part. For more information + // about how checksums are calculated with multipart uploads, see Checking object + // integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) + // in the Amazon S3 User Guide. + ChecksumSHA1 *string `type:"string"` + + // This header can be used as a data integrity check to verify that the data + // received is the same data that was originally sent. This header specifies + // the base64-encoded, 256-bit SHA-256 digest of the object. For more information, + // see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) + // in the Amazon S3 User Guide. + ChecksumSHA256 *string `type:"string"` + // Entity tag returned when the part was uploaded. ETag *string `type:"string"` @@ -26738,19 +33397,51 @@ type Part struct { PartNumber *int64 `type:"integer"` // Size in bytes of the uploaded part data. - Size *int64 `type:"integer"` + Size *int64 `type:"long"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s Part) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s Part) GoString() string { return s.String() } +// SetChecksumCRC32 sets the ChecksumCRC32 field's value. +func (s *Part) SetChecksumCRC32(v string) *Part { + s.ChecksumCRC32 = &v + return s +} + +// SetChecksumCRC32C sets the ChecksumCRC32C field's value. +func (s *Part) SetChecksumCRC32C(v string) *Part { + s.ChecksumCRC32C = &v + return s +} + +// SetChecksumSHA1 sets the ChecksumSHA1 field's value. +func (s *Part) SetChecksumSHA1(v string) *Part { + s.ChecksumSHA1 = &v + return s +} + +// SetChecksumSHA256 sets the ChecksumSHA256 field's value. +func (s *Part) SetChecksumSHA256(v string) *Part { + s.ChecksumSHA256 = &v + return s +} + // SetETag sets the ETag field's value. func (s *Part) SetETag(v string) *Part { s.ETag = &v @@ -26775,6 +33466,44 @@ func (s *Part) SetSize(v int64) *Part { return s } +// Amazon S3 keys for log objects are partitioned in the following format: +// +// [DestinationPrefix][SourceAccountId]/[SourceRegion]/[SourceBucket]/[YYYY]/[MM]/[DD]/[YYYY]-[MM]-[DD]-[hh]-[mm]-[ss]-[UniqueString] +// +// PartitionedPrefix defaults to EventTime delivery when server access logs +// are delivered. +type PartitionedPrefix struct { + _ struct{} `locationName:"PartitionedPrefix" type:"structure"` + + // Specifies the partition date source for the partitioned prefix. PartitionDateSource + // can be EventTime or DeliveryTime. + PartitionDateSource *string `type:"string" enum:"PartitionDateSource"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s PartitionedPrefix) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s PartitionedPrefix) GoString() string { + return s.String() +} + +// SetPartitionDateSource sets the PartitionDateSource field's value. +func (s *PartitionedPrefix) SetPartitionDateSource(v string) *PartitionedPrefix { + s.PartitionDateSource = &v + return s +} + // The container element for a bucket's policy status. type PolicyStatus struct { _ struct{} `type:"structure"` @@ -26784,12 +33513,20 @@ type PolicyStatus struct { IsPublic *bool `locationName:"IsPublic" type:"boolean"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s PolicyStatus) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s PolicyStatus) GoString() string { return s.String() } @@ -26814,12 +33551,20 @@ type Progress struct { BytesScanned *int64 `type:"long"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s Progress) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s Progress) GoString() string { return s.String() } @@ -26850,12 +33595,20 @@ type ProgressEvent struct { Details *Progress `locationName:"Details" type:"structure"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s ProgressEvent) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s ProgressEvent) GoString() string { return s.String() } @@ -26899,7 +33652,7 @@ func (s *ProgressEvent) MarshalEvent(pm protocol.PayloadMarshaler) (msg eventstr // S3 bucket. You can enable the configuration options in any combination. For // more information about when Amazon S3 considers a bucket or object public, // see The Meaning of "Public" (https://docs.aws.amazon.com/AmazonS3/latest/dev/access-control-block-public-access.html#access-control-block-public-access-policy-status) -// in the Amazon Simple Storage Service Developer Guide. +// in the Amazon S3 User Guide. type PublicAccessBlockConfiguration struct { _ struct{} `type:"structure"` @@ -26907,7 +33660,7 @@ type PublicAccessBlockConfiguration struct { // for this bucket and objects in this bucket. Setting this element to TRUE // causes the following behavior: // - // * PUT Bucket acl and PUT Object acl calls fail if the specified ACL is + // * PUT Bucket ACL and PUT Object ACL calls fail if the specified ACL is // public. // // * PUT Object calls fail if the request includes a public ACL. @@ -26934,8 +33687,8 @@ type PublicAccessBlockConfiguration struct { // Specifies whether Amazon S3 should restrict public bucket policies for this // bucket. Setting this element to TRUE restricts access to this bucket to only - // AWS service principals and authorized users within this account if the bucket - // has a public policy. + // Amazon Web Service principals and authorized users within this account if + // the bucket has a public policy. // // Enabling this setting doesn't affect previously stored bucket policies, except // that public and cross-account access within any public bucket policy, including @@ -26943,12 +33696,20 @@ type PublicAccessBlockConfiguration struct { RestrictPublicBuckets *bool `locationName:"RestrictPublicBuckets" type:"boolean"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s PublicAccessBlockConfiguration) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s PublicAccessBlockConfiguration) GoString() string { return s.String() } @@ -26990,18 +33751,43 @@ type PutBucketAccelerateConfigurationInput struct { // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // The account id of the expected bucket owner. If the bucket is owned by a - // different account, the request will fail with an HTTP 403 (Access Denied) - // error. + // Indicates the algorithm used to create the checksum for the object when you + // use the SDK. This header will not provide any additional functionality if + // you don't use the SDK. When you send this header, there must be a corresponding + // x-amz-checksum or x-amz-trailer header sent. Otherwise, Amazon S3 fails the + // request with the HTTP status code 400 Bad Request. For more information, + // see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) + // in the Amazon S3 User Guide. + // + // If you provide an individual checksum, Amazon S3 ignores any provided ChecksumAlgorithm + // parameter. + // + // The AWS SDK for Go v1 does not support automatic computing request payload + // checksum. This feature is available in the AWS SDK for Go v2. If a value + // is specified for this parameter, the matching algorithm's checksum member + // must be populated with the algorithm's checksum of the request payload. + ChecksumAlgorithm *string `location:"header" locationName:"x-amz-sdk-checksum-algorithm" type:"string" enum:"ChecksumAlgorithm"` + + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s PutBucketAccelerateConfigurationInput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s PutBucketAccelerateConfigurationInput) GoString() string { return s.String() } @@ -27044,6 +33830,12 @@ func (s *PutBucketAccelerateConfigurationInput) getBucket() (v string) { return *s.Bucket } +// SetChecksumAlgorithm sets the ChecksumAlgorithm field's value. +func (s *PutBucketAccelerateConfigurationInput) SetChecksumAlgorithm(v string) *PutBucketAccelerateConfigurationInput { + s.ChecksumAlgorithm = &v + return s +} + // SetExpectedBucketOwner sets the ExpectedBucketOwner field's value. func (s *PutBucketAccelerateConfigurationInput) SetExpectedBucketOwner(v string) *PutBucketAccelerateConfigurationInput { s.ExpectedBucketOwner = &v @@ -27081,12 +33873,20 @@ type PutBucketAccelerateConfigurationOutput struct { _ struct{} `type:"structure"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s PutBucketAccelerateConfigurationOutput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s PutBucketAccelerateConfigurationOutput) GoString() string { return s.String() } @@ -27105,9 +33905,30 @@ type PutBucketAclInput struct { // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // The account id of the expected bucket owner. If the bucket is owned by a - // different account, the request will fail with an HTTP 403 (Access Denied) - // error. + // Indicates the algorithm used to create the checksum for the object when you + // use the SDK. This header will not provide any additional functionality if + // you don't use the SDK. When you send this header, there must be a corresponding + // x-amz-checksum or x-amz-trailer header sent. Otherwise, Amazon S3 fails the + // request with the HTTP status code 400 Bad Request. For more information, + // see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) + // in the Amazon S3 User Guide. + // + // If you provide an individual checksum, Amazon S3 ignores any provided ChecksumAlgorithm + // parameter. + // + // The AWS SDK for Go v1 does not support automatic computing request payload + // checksum. This feature is available in the AWS SDK for Go v2. If a value + // is specified for this parameter, the matching algorithm's checksum member + // must be populated with the algorithm's checksum of the request payload. + // + // The SDK will automatically compute the Content-MD5 checksum for this operation. + // The AWS SDK for Go v2 allows you to configure alternative checksum algorithm + // to be used. + ChecksumAlgorithm *string `location:"header" locationName:"x-amz-sdk-checksum-algorithm" type:"string" enum:"ChecksumAlgorithm"` + + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` // Allows grantee the read, write, read ACP, and write ACP permissions on the @@ -27120,19 +33941,30 @@ type PutBucketAclInput struct { // Allows grantee to read the bucket ACL. GrantReadACP *string `location:"header" locationName:"x-amz-grant-read-acp" type:"string"` - // Allows grantee to create, overwrite, and delete any object in the bucket. + // Allows grantee to create new objects in the bucket. + // + // For the bucket and object owners of existing objects, also allows deletions + // and overwrites of those objects. GrantWrite *string `location:"header" locationName:"x-amz-grant-write" type:"string"` // Allows grantee to write the ACL for the applicable bucket. GrantWriteACP *string `location:"header" locationName:"x-amz-grant-write-acp" type:"string"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s PutBucketAclInput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s PutBucketAclInput) GoString() string { return s.String() } @@ -27183,6 +34015,12 @@ func (s *PutBucketAclInput) getBucket() (v string) { return *s.Bucket } +// SetChecksumAlgorithm sets the ChecksumAlgorithm field's value. +func (s *PutBucketAclInput) SetChecksumAlgorithm(v string) *PutBucketAclInput { + s.ChecksumAlgorithm = &v + return s +} + // SetExpectedBucketOwner sets the ExpectedBucketOwner field's value. func (s *PutBucketAclInput) SetExpectedBucketOwner(v string) *PutBucketAclInput { s.ExpectedBucketOwner = &v @@ -27250,12 +34088,20 @@ type PutBucketAclOutput struct { _ struct{} `type:"structure"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s PutBucketAclOutput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s PutBucketAclOutput) GoString() string { return s.String() } @@ -27273,9 +34119,9 @@ type PutBucketAnalyticsConfigurationInput struct { // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // The account id of the expected bucket owner. If the bucket is owned by a - // different account, the request will fail with an HTTP 403 (Access Denied) - // error. + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` // The ID that identifies the analytics configuration. @@ -27284,12 +34130,20 @@ type PutBucketAnalyticsConfigurationInput struct { Id *string `location:"querystring" locationName:"id" type:"string" required:"true"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s PutBucketAnalyticsConfigurationInput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s PutBucketAnalyticsConfigurationInput) GoString() string { return s.String() } @@ -27383,12 +34237,20 @@ type PutBucketAnalyticsConfigurationOutput struct { _ struct{} `type:"structure"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s PutBucketAnalyticsConfigurationOutput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s PutBucketAnalyticsConfigurationOutput) GoString() string { return s.String() } @@ -27404,23 +34266,52 @@ type PutBucketCorsInput struct { // Describes the cross-origin access configuration for objects in an Amazon // S3 bucket. For more information, see Enabling Cross-Origin Resource Sharing // (https://docs.aws.amazon.com/AmazonS3/latest/dev/cors.html) in the Amazon - // Simple Storage Service Developer Guide. + // S3 User Guide. // // CORSConfiguration is a required field CORSConfiguration *CORSConfiguration `locationName:"CORSConfiguration" type:"structure" required:"true" xmlURI:"http://s3.amazonaws.com/doc/2006-03-01/"` - // The account id of the expected bucket owner. If the bucket is owned by a - // different account, the request will fail with an HTTP 403 (Access Denied) - // error. + // Indicates the algorithm used to create the checksum for the object when you + // use the SDK. This header will not provide any additional functionality if + // you don't use the SDK. When you send this header, there must be a corresponding + // x-amz-checksum or x-amz-trailer header sent. Otherwise, Amazon S3 fails the + // request with the HTTP status code 400 Bad Request. For more information, + // see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) + // in the Amazon S3 User Guide. + // + // If you provide an individual checksum, Amazon S3 ignores any provided ChecksumAlgorithm + // parameter. + // + // The AWS SDK for Go v1 does not support automatic computing request payload + // checksum. This feature is available in the AWS SDK for Go v2. If a value + // is specified for this parameter, the matching algorithm's checksum member + // must be populated with the algorithm's checksum of the request payload. + // + // The SDK will automatically compute the Content-MD5 checksum for this operation. + // The AWS SDK for Go v2 allows you to configure alternative checksum algorithm + // to be used. + ChecksumAlgorithm *string `location:"header" locationName:"x-amz-sdk-checksum-algorithm" type:"string" enum:"ChecksumAlgorithm"` + + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s PutBucketCorsInput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s PutBucketCorsInput) GoString() string { return s.String() } @@ -27468,6 +34359,12 @@ func (s *PutBucketCorsInput) SetCORSConfiguration(v *CORSConfiguration) *PutBuck return s } +// SetChecksumAlgorithm sets the ChecksumAlgorithm field's value. +func (s *PutBucketCorsInput) SetChecksumAlgorithm(v string) *PutBucketCorsInput { + s.ChecksumAlgorithm = &v + return s +} + // SetExpectedBucketOwner sets the ExpectedBucketOwner field's value. func (s *PutBucketCorsInput) SetExpectedBucketOwner(v string) *PutBucketCorsInput { s.ExpectedBucketOwner = &v @@ -27505,12 +34402,20 @@ type PutBucketCorsOutput struct { _ struct{} `type:"structure"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s PutBucketCorsOutput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s PutBucketCorsOutput) GoString() string { return s.String() } @@ -27519,17 +34424,41 @@ type PutBucketEncryptionInput struct { _ struct{} `locationName:"PutBucketEncryptionRequest" type:"structure" payload:"ServerSideEncryptionConfiguration"` // Specifies default encryption for a bucket using server-side encryption with - // Amazon S3-managed keys (SSE-S3) or customer master keys stored in AWS KMS - // (SSE-KMS). For information about the Amazon S3 default encryption feature, - // see Amazon S3 Default Bucket Encryption (https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-encryption.html) - // in the Amazon Simple Storage Service Developer Guide. + // different key options. By default, all buckets have a default encryption + // configuration that uses server-side encryption with Amazon S3 managed keys + // (SSE-S3). You can optionally configure default encryption for a bucket by + // using server-side encryption with an Amazon Web Services KMS key (SSE-KMS) + // or a customer-provided key (SSE-C). For information about the bucket default + // encryption feature, see Amazon S3 Bucket Default Encryption (https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-encryption.html) + // in the Amazon S3 User Guide. // // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // The account id of the expected bucket owner. If the bucket is owned by a - // different account, the request will fail with an HTTP 403 (Access Denied) - // error. + // Indicates the algorithm used to create the checksum for the object when you + // use the SDK. This header will not provide any additional functionality if + // you don't use the SDK. When you send this header, there must be a corresponding + // x-amz-checksum or x-amz-trailer header sent. Otherwise, Amazon S3 fails the + // request with the HTTP status code 400 Bad Request. For more information, + // see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) + // in the Amazon S3 User Guide. + // + // If you provide an individual checksum, Amazon S3 ignores any provided ChecksumAlgorithm + // parameter. + // + // The AWS SDK for Go v1 does not support automatic computing request payload + // checksum. This feature is available in the AWS SDK for Go v2. If a value + // is specified for this parameter, the matching algorithm's checksum member + // must be populated with the algorithm's checksum of the request payload. + // + // The SDK will automatically compute the Content-MD5 checksum for this operation. + // The AWS SDK for Go v2 allows you to configure alternative checksum algorithm + // to be used. + ChecksumAlgorithm *string `location:"header" locationName:"x-amz-sdk-checksum-algorithm" type:"string" enum:"ChecksumAlgorithm"` + + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` // Specifies the default server-side-encryption configuration. @@ -27538,12 +34467,20 @@ type PutBucketEncryptionInput struct { ServerSideEncryptionConfiguration *ServerSideEncryptionConfiguration `locationName:"ServerSideEncryptionConfiguration" type:"structure" required:"true" xmlURI:"http://s3.amazonaws.com/doc/2006-03-01/"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s PutBucketEncryptionInput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s PutBucketEncryptionInput) GoString() string { return s.String() } @@ -27585,6 +34522,12 @@ func (s *PutBucketEncryptionInput) getBucket() (v string) { return *s.Bucket } +// SetChecksumAlgorithm sets the ChecksumAlgorithm field's value. +func (s *PutBucketEncryptionInput) SetChecksumAlgorithm(v string) *PutBucketEncryptionInput { + s.ChecksumAlgorithm = &v + return s +} + // SetExpectedBucketOwner sets the ExpectedBucketOwner field's value. func (s *PutBucketEncryptionInput) SetExpectedBucketOwner(v string) *PutBucketEncryptionInput { s.ExpectedBucketOwner = &v @@ -27628,12 +34571,20 @@ type PutBucketEncryptionOutput struct { _ struct{} `type:"structure"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s PutBucketEncryptionOutput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s PutBucketEncryptionOutput) GoString() string { return s.String() } @@ -27658,12 +34609,20 @@ type PutBucketIntelligentTieringConfigurationInput struct { IntelligentTieringConfiguration *IntelligentTieringConfiguration `locationName:"IntelligentTieringConfiguration" type:"structure" required:"true" xmlURI:"http://s3.amazonaws.com/doc/2006-03-01/"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s PutBucketIntelligentTieringConfigurationInput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s PutBucketIntelligentTieringConfigurationInput) GoString() string { return s.String() } @@ -27751,12 +34710,20 @@ type PutBucketIntelligentTieringConfigurationOutput struct { _ struct{} `type:"structure"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s PutBucketIntelligentTieringConfigurationOutput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s PutBucketIntelligentTieringConfigurationOutput) GoString() string { return s.String() } @@ -27769,9 +34736,9 @@ type PutBucketInventoryConfigurationInput struct { // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // The account id of the expected bucket owner. If the bucket is owned by a - // different account, the request will fail with an HTTP 403 (Access Denied) - // error. + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` // The ID used to identify the inventory configuration. @@ -27785,12 +34752,20 @@ type PutBucketInventoryConfigurationInput struct { InventoryConfiguration *InventoryConfiguration `locationName:"InventoryConfiguration" type:"structure" required:"true" xmlURI:"http://s3.amazonaws.com/doc/2006-03-01/"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s PutBucketInventoryConfigurationInput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s PutBucketInventoryConfigurationInput) GoString() string { return s.String() } @@ -27884,12 +34859,20 @@ type PutBucketInventoryConfigurationOutput struct { _ struct{} `type:"structure"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s PutBucketInventoryConfigurationOutput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s PutBucketInventoryConfigurationOutput) GoString() string { return s.String() } @@ -27902,21 +34885,50 @@ type PutBucketLifecycleConfigurationInput struct { // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // The account id of the expected bucket owner. If the bucket is owned by a - // different account, the request will fail with an HTTP 403 (Access Denied) - // error. + // Indicates the algorithm used to create the checksum for the object when you + // use the SDK. This header will not provide any additional functionality if + // you don't use the SDK. When you send this header, there must be a corresponding + // x-amz-checksum or x-amz-trailer header sent. Otherwise, Amazon S3 fails the + // request with the HTTP status code 400 Bad Request. For more information, + // see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) + // in the Amazon S3 User Guide. + // + // If you provide an individual checksum, Amazon S3 ignores any provided ChecksumAlgorithm + // parameter. + // + // The AWS SDK for Go v1 does not support automatic computing request payload + // checksum. This feature is available in the AWS SDK for Go v2. If a value + // is specified for this parameter, the matching algorithm's checksum member + // must be populated with the algorithm's checksum of the request payload. + // + // The SDK will automatically compute the Content-MD5 checksum for this operation. + // The AWS SDK for Go v2 allows you to configure alternative checksum algorithm + // to be used. + ChecksumAlgorithm *string `location:"header" locationName:"x-amz-sdk-checksum-algorithm" type:"string" enum:"ChecksumAlgorithm"` + + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` // Container for lifecycle rules. You can add as many as 1,000 rules. LifecycleConfiguration *BucketLifecycleConfiguration `locationName:"LifecycleConfiguration" type:"structure" xmlURI:"http://s3.amazonaws.com/doc/2006-03-01/"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s PutBucketLifecycleConfigurationInput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s PutBucketLifecycleConfigurationInput) GoString() string { return s.String() } @@ -27955,6 +34967,12 @@ func (s *PutBucketLifecycleConfigurationInput) getBucket() (v string) { return *s.Bucket } +// SetChecksumAlgorithm sets the ChecksumAlgorithm field's value. +func (s *PutBucketLifecycleConfigurationInput) SetChecksumAlgorithm(v string) *PutBucketLifecycleConfigurationInput { + s.ChecksumAlgorithm = &v + return s +} + // SetExpectedBucketOwner sets the ExpectedBucketOwner field's value. func (s *PutBucketLifecycleConfigurationInput) SetExpectedBucketOwner(v string) *PutBucketLifecycleConfigurationInput { s.ExpectedBucketOwner = &v @@ -27998,12 +35016,20 @@ type PutBucketLifecycleConfigurationOutput struct { _ struct{} `type:"structure"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s PutBucketLifecycleConfigurationOutput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s PutBucketLifecycleConfigurationOutput) GoString() string { return s.String() } @@ -28014,21 +35040,53 @@ type PutBucketLifecycleInput struct { // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // The account id of the expected bucket owner. If the bucket is owned by a - // different account, the request will fail with an HTTP 403 (Access Denied) - // error. + // Indicates the algorithm used to create the checksum for the object when you + // use the SDK. This header will not provide any additional functionality if + // you don't use the SDK. When you send this header, there must be a corresponding + // x-amz-checksum or x-amz-trailer header sent. Otherwise, Amazon S3 fails the + // request with the HTTP status code 400 Bad Request. For more information, + // see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) + // in the Amazon S3 User Guide. + // + // If you provide an individual checksum, Amazon S3 ignores any provided ChecksumAlgorithm + // parameter. + // + // The AWS SDK for Go v1 does not support automatic computing request payload + // checksum. This feature is available in the AWS SDK for Go v2. If a value + // is specified for this parameter, the matching algorithm's checksum member + // must be populated with the algorithm's checksum of the request payload. + // + // The SDK will automatically compute the Content-MD5 checksum for this operation. + // The AWS SDK for Go v2 allows you to configure alternative checksum algorithm + // to be used. + ChecksumAlgorithm *string `location:"header" locationName:"x-amz-sdk-checksum-algorithm" type:"string" enum:"ChecksumAlgorithm"` + + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` // Container for lifecycle rules. You can add as many as 1000 rules. + // + // For more information see, Managing your storage lifecycle (https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-lifecycle-mgmt.html) + // in the Amazon S3 User Guide. LifecycleConfiguration *LifecycleConfiguration `locationName:"LifecycleConfiguration" type:"structure" xmlURI:"http://s3.amazonaws.com/doc/2006-03-01/"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s PutBucketLifecycleInput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s PutBucketLifecycleInput) GoString() string { return s.String() } @@ -28067,6 +35125,12 @@ func (s *PutBucketLifecycleInput) getBucket() (v string) { return *s.Bucket } +// SetChecksumAlgorithm sets the ChecksumAlgorithm field's value. +func (s *PutBucketLifecycleInput) SetChecksumAlgorithm(v string) *PutBucketLifecycleInput { + s.ChecksumAlgorithm = &v + return s +} + // SetExpectedBucketOwner sets the ExpectedBucketOwner field's value. func (s *PutBucketLifecycleInput) SetExpectedBucketOwner(v string) *PutBucketLifecycleInput { s.ExpectedBucketOwner = &v @@ -28110,12 +35174,20 @@ type PutBucketLifecycleOutput struct { _ struct{} `type:"structure"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s PutBucketLifecycleOutput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s PutBucketLifecycleOutput) GoString() string { return s.String() } @@ -28133,18 +35205,47 @@ type PutBucketLoggingInput struct { // BucketLoggingStatus is a required field BucketLoggingStatus *BucketLoggingStatus `locationName:"BucketLoggingStatus" type:"structure" required:"true" xmlURI:"http://s3.amazonaws.com/doc/2006-03-01/"` - // The account id of the expected bucket owner. If the bucket is owned by a - // different account, the request will fail with an HTTP 403 (Access Denied) - // error. + // Indicates the algorithm used to create the checksum for the object when you + // use the SDK. This header will not provide any additional functionality if + // you don't use the SDK. When you send this header, there must be a corresponding + // x-amz-checksum or x-amz-trailer header sent. Otherwise, Amazon S3 fails the + // request with the HTTP status code 400 Bad Request. For more information, + // see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) + // in the Amazon S3 User Guide. + // + // If you provide an individual checksum, Amazon S3 ignores any provided ChecksumAlgorithm + // parameter. + // + // The AWS SDK for Go v1 does not support automatic computing request payload + // checksum. This feature is available in the AWS SDK for Go v2. If a value + // is specified for this parameter, the matching algorithm's checksum member + // must be populated with the algorithm's checksum of the request payload. + // + // The SDK will automatically compute the Content-MD5 checksum for this operation. + // The AWS SDK for Go v2 allows you to configure alternative checksum algorithm + // to be used. + ChecksumAlgorithm *string `location:"header" locationName:"x-amz-sdk-checksum-algorithm" type:"string" enum:"ChecksumAlgorithm"` + + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s PutBucketLoggingInput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s PutBucketLoggingInput) GoString() string { return s.String() } @@ -28192,6 +35293,12 @@ func (s *PutBucketLoggingInput) SetBucketLoggingStatus(v *BucketLoggingStatus) * return s } +// SetChecksumAlgorithm sets the ChecksumAlgorithm field's value. +func (s *PutBucketLoggingInput) SetChecksumAlgorithm(v string) *PutBucketLoggingInput { + s.ChecksumAlgorithm = &v + return s +} + // SetExpectedBucketOwner sets the ExpectedBucketOwner field's value. func (s *PutBucketLoggingInput) SetExpectedBucketOwner(v string) *PutBucketLoggingInput { s.ExpectedBucketOwner = &v @@ -28229,12 +35336,20 @@ type PutBucketLoggingOutput struct { _ struct{} `type:"structure"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s PutBucketLoggingOutput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s PutBucketLoggingOutput) GoString() string { return s.String() } @@ -28247,12 +35362,13 @@ type PutBucketMetricsConfigurationInput struct { // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // The account id of the expected bucket owner. If the bucket is owned by a - // different account, the request will fail with an HTTP 403 (Access Denied) - // error. + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` - // The ID used to identify the metrics configuration. + // The ID used to identify the metrics configuration. The ID has a 64 character + // limit and can only contain letters, numbers, periods, dashes, and underscores. // // Id is a required field Id *string `location:"querystring" locationName:"id" type:"string" required:"true"` @@ -28263,12 +35379,20 @@ type PutBucketMetricsConfigurationInput struct { MetricsConfiguration *MetricsConfiguration `locationName:"MetricsConfiguration" type:"structure" required:"true" xmlURI:"http://s3.amazonaws.com/doc/2006-03-01/"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s PutBucketMetricsConfigurationInput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s PutBucketMetricsConfigurationInput) GoString() string { return s.String() } @@ -28362,12 +35486,20 @@ type PutBucketMetricsConfigurationOutput struct { _ struct{} `type:"structure"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s PutBucketMetricsConfigurationOutput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s PutBucketMetricsConfigurationOutput) GoString() string { return s.String() } @@ -28380,9 +35512,9 @@ type PutBucketNotificationConfigurationInput struct { // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // The account id of the expected bucket owner. If the bucket is owned by a - // different account, the request will fail with an HTTP 403 (Access Denied) - // error. + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` // A container for specifying the notification configuration of the bucket. @@ -28390,14 +35522,26 @@ type PutBucketNotificationConfigurationInput struct { // // NotificationConfiguration is a required field NotificationConfiguration *NotificationConfiguration `locationName:"NotificationConfiguration" type:"structure" required:"true" xmlURI:"http://s3.amazonaws.com/doc/2006-03-01/"` + + // Skips validation of Amazon SQS, Amazon SNS, and Lambda destinations. True + // or false value. + SkipDestinationValidation *bool `location:"header" locationName:"x-amz-skip-destination-validation" type:"boolean"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s PutBucketNotificationConfigurationInput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s PutBucketNotificationConfigurationInput) GoString() string { return s.String() } @@ -28451,6 +35595,12 @@ func (s *PutBucketNotificationConfigurationInput) SetNotificationConfiguration(v return s } +// SetSkipDestinationValidation sets the SkipDestinationValidation field's value. +func (s *PutBucketNotificationConfigurationInput) SetSkipDestinationValidation(v bool) *PutBucketNotificationConfigurationInput { + s.SkipDestinationValidation = &v + return s +} + func (s *PutBucketNotificationConfigurationInput) getEndpointARN() (arn.Resource, error) { if s.Bucket == nil { return nil, fmt.Errorf("member Bucket is nil") @@ -28482,12 +35632,20 @@ type PutBucketNotificationConfigurationOutput struct { _ struct{} `type:"structure"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s PutBucketNotificationConfigurationOutput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s PutBucketNotificationConfigurationOutput) GoString() string { return s.String() } @@ -28500,9 +35658,30 @@ type PutBucketNotificationInput struct { // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // The account id of the expected bucket owner. If the bucket is owned by a - // different account, the request will fail with an HTTP 403 (Access Denied) - // error. + // Indicates the algorithm used to create the checksum for the object when you + // use the SDK. This header will not provide any additional functionality if + // you don't use the SDK. When you send this header, there must be a corresponding + // x-amz-checksum or x-amz-trailer header sent. Otherwise, Amazon S3 fails the + // request with the HTTP status code 400 Bad Request. For more information, + // see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) + // in the Amazon S3 User Guide. + // + // If you provide an individual checksum, Amazon S3 ignores any provided ChecksumAlgorithm + // parameter. + // + // The AWS SDK for Go v1 does not support automatic computing request payload + // checksum. This feature is available in the AWS SDK for Go v2. If a value + // is specified for this parameter, the matching algorithm's checksum member + // must be populated with the algorithm's checksum of the request payload. + // + // The SDK will automatically compute the Content-MD5 checksum for this operation. + // The AWS SDK for Go v2 allows you to configure alternative checksum algorithm + // to be used. + ChecksumAlgorithm *string `location:"header" locationName:"x-amz-sdk-checksum-algorithm" type:"string" enum:"ChecksumAlgorithm"` + + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` // The container for the configuration. @@ -28511,12 +35690,20 @@ type PutBucketNotificationInput struct { NotificationConfiguration *NotificationConfigurationDeprecated `locationName:"NotificationConfiguration" type:"structure" required:"true" xmlURI:"http://s3.amazonaws.com/doc/2006-03-01/"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s PutBucketNotificationInput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s PutBucketNotificationInput) GoString() string { return s.String() } @@ -28553,6 +35740,12 @@ func (s *PutBucketNotificationInput) getBucket() (v string) { return *s.Bucket } +// SetChecksumAlgorithm sets the ChecksumAlgorithm field's value. +func (s *PutBucketNotificationInput) SetChecksumAlgorithm(v string) *PutBucketNotificationInput { + s.ChecksumAlgorithm = &v + return s +} + // SetExpectedBucketOwner sets the ExpectedBucketOwner field's value. func (s *PutBucketNotificationInput) SetExpectedBucketOwner(v string) *PutBucketNotificationInput { s.ExpectedBucketOwner = &v @@ -28596,12 +35789,20 @@ type PutBucketNotificationOutput struct { _ struct{} `type:"structure"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s PutBucketNotificationOutput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s PutBucketNotificationOutput) GoString() string { return s.String() } @@ -28614,24 +35815,32 @@ type PutBucketOwnershipControlsInput struct { // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // The account id of the expected bucket owner. If the bucket is owned by a - // different account, the request will fail with an HTTP 403 (Access Denied) - // error. + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` - // The OwnershipControls (BucketOwnerPreferred or ObjectWriter) that you want - // to apply to this Amazon S3 bucket. + // The OwnershipControls (BucketOwnerEnforced, BucketOwnerPreferred, or ObjectWriter) + // that you want to apply to this Amazon S3 bucket. // // OwnershipControls is a required field OwnershipControls *OwnershipControls `locationName:"OwnershipControls" type:"structure" required:"true" xmlURI:"http://s3.amazonaws.com/doc/2006-03-01/"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s PutBucketOwnershipControlsInput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s PutBucketOwnershipControlsInput) GoString() string { return s.String() } @@ -28716,12 +35925,20 @@ type PutBucketOwnershipControlsOutput struct { _ struct{} `type:"structure"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s PutBucketOwnershipControlsOutput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s PutBucketOwnershipControlsOutput) GoString() string { return s.String() } @@ -28731,30 +35948,94 @@ type PutBucketPolicyInput struct { // The name of the bucket. // + // Directory buckets - When you use this operation with a directory bucket, + // you must use path-style requests in the format https://s3express-control.region_code.amazonaws.com/bucket-name + // . Virtual-hosted-style requests aren't supported. Directory bucket names + // must be unique in the chosen Availability Zone. Bucket names must also follow + // the format bucket_base_name--az_id--x-s3 (for example, DOC-EXAMPLE-BUCKET--usw2-az1--x-s3). + // For information about bucket naming restrictions, see Directory bucket naming + // rules (https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-bucket-naming-rules.html) + // in the Amazon S3 User Guide + // // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` + // Indicates the algorithm used to create the checksum for the object when you + // use the SDK. This header will not provide any additional functionality if + // you don't use the SDK. When you send this header, there must be a corresponding + // x-amz-checksum-algorithm or x-amz-trailer header sent. Otherwise, Amazon + // S3 fails the request with the HTTP status code 400 Bad Request. + // + // For the x-amz-checksum-algorithm header, replace algorithm with the supported + // algorithm from the following list: + // + // * CRC32 + // + // * CRC32C + // + // * SHA1 + // + // * SHA256 + // + // For more information, see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) + // in the Amazon S3 User Guide. + // + // If the individual checksum value you provide through x-amz-checksum-algorithm + // doesn't match the checksum algorithm you set through x-amz-sdk-checksum-algorithm, + // Amazon S3 ignores any provided ChecksumAlgorithm parameter and uses the checksum + // algorithm that matches the provided value in x-amz-checksum-algorithm . + // + // For directory buckets, when you use Amazon Web Services SDKs, CRC32 is the + // default checksum algorithm that's used for performance. + // + // The AWS SDK for Go v1 does not support automatic computing request payload + // checksum. This feature is available in the AWS SDK for Go v2. If a value + // is specified for this parameter, the matching algorithm's checksum member + // must be populated with the algorithm's checksum of the request payload. + // + // The SDK will automatically compute the Content-MD5 checksum for this operation. + // The AWS SDK for Go v2 allows you to configure alternative checksum algorithm + // to be used. + ChecksumAlgorithm *string `location:"header" locationName:"x-amz-sdk-checksum-algorithm" type:"string" enum:"ChecksumAlgorithm"` + // Set this parameter to true to confirm that you want to remove your permissions // to change this bucket policy in the future. + // + // This functionality is not supported for directory buckets. ConfirmRemoveSelfBucketAccess *bool `location:"header" locationName:"x-amz-confirm-remove-self-bucket-access" type:"boolean"` - // The account id of the expected bucket owner. If the bucket is owned by a - // different account, the request will fail with an HTTP 403 (Access Denied) - // error. + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). + // + // For directory buckets, this header is not supported in this API operation. + // If you specify this header, the request fails with the HTTP status code 501 + // Not Implemented. ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` // The bucket policy as a JSON document. // + // For directory buckets, the only IAM action supported in the bucket policy + // is s3express:CreateSession. + // // Policy is a required field Policy *string `type:"string" required:"true"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s PutBucketPolicyInput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s PutBucketPolicyInput) GoString() string { return s.String() } @@ -28791,6 +36072,12 @@ func (s *PutBucketPolicyInput) getBucket() (v string) { return *s.Bucket } +// SetChecksumAlgorithm sets the ChecksumAlgorithm field's value. +func (s *PutBucketPolicyInput) SetChecksumAlgorithm(v string) *PutBucketPolicyInput { + s.ChecksumAlgorithm = &v + return s +} + // SetConfirmRemoveSelfBucketAccess sets the ConfirmRemoveSelfBucketAccess field's value. func (s *PutBucketPolicyInput) SetConfirmRemoveSelfBucketAccess(v bool) *PutBucketPolicyInput { s.ConfirmRemoveSelfBucketAccess = &v @@ -28840,12 +36127,20 @@ type PutBucketPolicyOutput struct { _ struct{} `type:"structure"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s PutBucketPolicyOutput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s PutBucketPolicyOutput) GoString() string { return s.String() } @@ -28858,9 +36153,30 @@ type PutBucketReplicationInput struct { // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // The account id of the expected bucket owner. If the bucket is owned by a - // different account, the request will fail with an HTTP 403 (Access Denied) - // error. + // Indicates the algorithm used to create the checksum for the object when you + // use the SDK. This header will not provide any additional functionality if + // you don't use the SDK. When you send this header, there must be a corresponding + // x-amz-checksum or x-amz-trailer header sent. Otherwise, Amazon S3 fails the + // request with the HTTP status code 400 Bad Request. For more information, + // see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) + // in the Amazon S3 User Guide. + // + // If you provide an individual checksum, Amazon S3 ignores any provided ChecksumAlgorithm + // parameter. + // + // The AWS SDK for Go v1 does not support automatic computing request payload + // checksum. This feature is available in the AWS SDK for Go v2. If a value + // is specified for this parameter, the matching algorithm's checksum member + // must be populated with the algorithm's checksum of the request payload. + // + // The SDK will automatically compute the Content-MD5 checksum for this operation. + // The AWS SDK for Go v2 allows you to configure alternative checksum algorithm + // to be used. + ChecksumAlgorithm *string `location:"header" locationName:"x-amz-sdk-checksum-algorithm" type:"string" enum:"ChecksumAlgorithm"` + + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` // A container for replication rules. You can add up to 1,000 rules. The maximum @@ -28873,12 +36189,20 @@ type PutBucketReplicationInput struct { Token *string `location:"header" locationName:"x-amz-bucket-object-lock-token" type:"string"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s PutBucketReplicationInput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s PutBucketReplicationInput) GoString() string { return s.String() } @@ -28920,6 +36244,12 @@ func (s *PutBucketReplicationInput) getBucket() (v string) { return *s.Bucket } +// SetChecksumAlgorithm sets the ChecksumAlgorithm field's value. +func (s *PutBucketReplicationInput) SetChecksumAlgorithm(v string) *PutBucketReplicationInput { + s.ChecksumAlgorithm = &v + return s +} + // SetExpectedBucketOwner sets the ExpectedBucketOwner field's value. func (s *PutBucketReplicationInput) SetExpectedBucketOwner(v string) *PutBucketReplicationInput { s.ExpectedBucketOwner = &v @@ -28969,12 +36299,20 @@ type PutBucketReplicationOutput struct { _ struct{} `type:"structure"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s PutBucketReplicationOutput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s PutBucketReplicationOutput) GoString() string { return s.String() } @@ -28987,9 +36325,30 @@ type PutBucketRequestPaymentInput struct { // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // The account id of the expected bucket owner. If the bucket is owned by a - // different account, the request will fail with an HTTP 403 (Access Denied) - // error. + // Indicates the algorithm used to create the checksum for the object when you + // use the SDK. This header will not provide any additional functionality if + // you don't use the SDK. When you send this header, there must be a corresponding + // x-amz-checksum or x-amz-trailer header sent. Otherwise, Amazon S3 fails the + // request with the HTTP status code 400 Bad Request. For more information, + // see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) + // in the Amazon S3 User Guide. + // + // If you provide an individual checksum, Amazon S3 ignores any provided ChecksumAlgorithm + // parameter. + // + // The AWS SDK for Go v1 does not support automatic computing request payload + // checksum. This feature is available in the AWS SDK for Go v2. If a value + // is specified for this parameter, the matching algorithm's checksum member + // must be populated with the algorithm's checksum of the request payload. + // + // The SDK will automatically compute the Content-MD5 checksum for this operation. + // The AWS SDK for Go v2 allows you to configure alternative checksum algorithm + // to be used. + ChecksumAlgorithm *string `location:"header" locationName:"x-amz-sdk-checksum-algorithm" type:"string" enum:"ChecksumAlgorithm"` + + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` // Container for Payer. @@ -28998,12 +36357,20 @@ type PutBucketRequestPaymentInput struct { RequestPaymentConfiguration *RequestPaymentConfiguration `locationName:"RequestPaymentConfiguration" type:"structure" required:"true" xmlURI:"http://s3.amazonaws.com/doc/2006-03-01/"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s PutBucketRequestPaymentInput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s PutBucketRequestPaymentInput) GoString() string { return s.String() } @@ -29045,6 +36412,12 @@ func (s *PutBucketRequestPaymentInput) getBucket() (v string) { return *s.Bucket } +// SetChecksumAlgorithm sets the ChecksumAlgorithm field's value. +func (s *PutBucketRequestPaymentInput) SetChecksumAlgorithm(v string) *PutBucketRequestPaymentInput { + s.ChecksumAlgorithm = &v + return s +} + // SetExpectedBucketOwner sets the ExpectedBucketOwner field's value. func (s *PutBucketRequestPaymentInput) SetExpectedBucketOwner(v string) *PutBucketRequestPaymentInput { s.ExpectedBucketOwner = &v @@ -29088,12 +36461,20 @@ type PutBucketRequestPaymentOutput struct { _ struct{} `type:"structure"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s PutBucketRequestPaymentOutput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s PutBucketRequestPaymentOutput) GoString() string { return s.String() } @@ -29106,9 +36487,30 @@ type PutBucketTaggingInput struct { // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // The account id of the expected bucket owner. If the bucket is owned by a - // different account, the request will fail with an HTTP 403 (Access Denied) - // error. + // Indicates the algorithm used to create the checksum for the object when you + // use the SDK. This header will not provide any additional functionality if + // you don't use the SDK. When you send this header, there must be a corresponding + // x-amz-checksum or x-amz-trailer header sent. Otherwise, Amazon S3 fails the + // request with the HTTP status code 400 Bad Request. For more information, + // see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) + // in the Amazon S3 User Guide. + // + // If you provide an individual checksum, Amazon S3 ignores any provided ChecksumAlgorithm + // parameter. + // + // The AWS SDK for Go v1 does not support automatic computing request payload + // checksum. This feature is available in the AWS SDK for Go v2. If a value + // is specified for this parameter, the matching algorithm's checksum member + // must be populated with the algorithm's checksum of the request payload. + // + // The SDK will automatically compute the Content-MD5 checksum for this operation. + // The AWS SDK for Go v2 allows you to configure alternative checksum algorithm + // to be used. + ChecksumAlgorithm *string `location:"header" locationName:"x-amz-sdk-checksum-algorithm" type:"string" enum:"ChecksumAlgorithm"` + + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` // Container for the TagSet and Tag elements. @@ -29117,12 +36519,20 @@ type PutBucketTaggingInput struct { Tagging *Tagging `locationName:"Tagging" type:"structure" required:"true" xmlURI:"http://s3.amazonaws.com/doc/2006-03-01/"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s PutBucketTaggingInput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s PutBucketTaggingInput) GoString() string { return s.String() } @@ -29164,6 +36574,12 @@ func (s *PutBucketTaggingInput) getBucket() (v string) { return *s.Bucket } +// SetChecksumAlgorithm sets the ChecksumAlgorithm field's value. +func (s *PutBucketTaggingInput) SetChecksumAlgorithm(v string) *PutBucketTaggingInput { + s.ChecksumAlgorithm = &v + return s +} + // SetExpectedBucketOwner sets the ExpectedBucketOwner field's value. func (s *PutBucketTaggingInput) SetExpectedBucketOwner(v string) *PutBucketTaggingInput { s.ExpectedBucketOwner = &v @@ -29207,12 +36623,20 @@ type PutBucketTaggingOutput struct { _ struct{} `type:"structure"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s PutBucketTaggingOutput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s PutBucketTaggingOutput) GoString() string { return s.String() } @@ -29225,9 +36649,30 @@ type PutBucketVersioningInput struct { // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // The account id of the expected bucket owner. If the bucket is owned by a - // different account, the request will fail with an HTTP 403 (Access Denied) - // error. + // Indicates the algorithm used to create the checksum for the object when you + // use the SDK. This header will not provide any additional functionality if + // you don't use the SDK. When you send this header, there must be a corresponding + // x-amz-checksum or x-amz-trailer header sent. Otherwise, Amazon S3 fails the + // request with the HTTP status code 400 Bad Request. For more information, + // see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) + // in the Amazon S3 User Guide. + // + // If you provide an individual checksum, Amazon S3 ignores any provided ChecksumAlgorithm + // parameter. + // + // The AWS SDK for Go v1 does not support automatic computing request payload + // checksum. This feature is available in the AWS SDK for Go v2. If a value + // is specified for this parameter, the matching algorithm's checksum member + // must be populated with the algorithm's checksum of the request payload. + // + // The SDK will automatically compute the Content-MD5 checksum for this operation. + // The AWS SDK for Go v2 allows you to configure alternative checksum algorithm + // to be used. + ChecksumAlgorithm *string `location:"header" locationName:"x-amz-sdk-checksum-algorithm" type:"string" enum:"ChecksumAlgorithm"` + + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` // The concatenation of the authentication device's serial number, a space, @@ -29240,12 +36685,20 @@ type PutBucketVersioningInput struct { VersioningConfiguration *VersioningConfiguration `locationName:"VersioningConfiguration" type:"structure" required:"true" xmlURI:"http://s3.amazonaws.com/doc/2006-03-01/"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s PutBucketVersioningInput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s PutBucketVersioningInput) GoString() string { return s.String() } @@ -29282,6 +36735,12 @@ func (s *PutBucketVersioningInput) getBucket() (v string) { return *s.Bucket } +// SetChecksumAlgorithm sets the ChecksumAlgorithm field's value. +func (s *PutBucketVersioningInput) SetChecksumAlgorithm(v string) *PutBucketVersioningInput { + s.ChecksumAlgorithm = &v + return s +} + // SetExpectedBucketOwner sets the ExpectedBucketOwner field's value. func (s *PutBucketVersioningInput) SetExpectedBucketOwner(v string) *PutBucketVersioningInput { s.ExpectedBucketOwner = &v @@ -29331,12 +36790,20 @@ type PutBucketVersioningOutput struct { _ struct{} `type:"structure"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s PutBucketVersioningOutput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s PutBucketVersioningOutput) GoString() string { return s.String() } @@ -29349,9 +36816,30 @@ type PutBucketWebsiteInput struct { // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // The account id of the expected bucket owner. If the bucket is owned by a - // different account, the request will fail with an HTTP 403 (Access Denied) - // error. + // Indicates the algorithm used to create the checksum for the object when you + // use the SDK. This header will not provide any additional functionality if + // you don't use the SDK. When you send this header, there must be a corresponding + // x-amz-checksum or x-amz-trailer header sent. Otherwise, Amazon S3 fails the + // request with the HTTP status code 400 Bad Request. For more information, + // see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) + // in the Amazon S3 User Guide. + // + // If you provide an individual checksum, Amazon S3 ignores any provided ChecksumAlgorithm + // parameter. + // + // The AWS SDK for Go v1 does not support automatic computing request payload + // checksum. This feature is available in the AWS SDK for Go v2. If a value + // is specified for this parameter, the matching algorithm's checksum member + // must be populated with the algorithm's checksum of the request payload. + // + // The SDK will automatically compute the Content-MD5 checksum for this operation. + // The AWS SDK for Go v2 allows you to configure alternative checksum algorithm + // to be used. + ChecksumAlgorithm *string `location:"header" locationName:"x-amz-sdk-checksum-algorithm" type:"string" enum:"ChecksumAlgorithm"` + + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` // Container for the request. @@ -29360,12 +36848,20 @@ type PutBucketWebsiteInput struct { WebsiteConfiguration *WebsiteConfiguration `locationName:"WebsiteConfiguration" type:"structure" required:"true" xmlURI:"http://s3.amazonaws.com/doc/2006-03-01/"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s PutBucketWebsiteInput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s PutBucketWebsiteInput) GoString() string { return s.String() } @@ -29407,6 +36903,12 @@ func (s *PutBucketWebsiteInput) getBucket() (v string) { return *s.Bucket } +// SetChecksumAlgorithm sets the ChecksumAlgorithm field's value. +func (s *PutBucketWebsiteInput) SetChecksumAlgorithm(v string) *PutBucketWebsiteInput { + s.ChecksumAlgorithm = &v + return s +} + // SetExpectedBucketOwner sets the ExpectedBucketOwner field's value. func (s *PutBucketWebsiteInput) SetExpectedBucketOwner(v string) *PutBucketWebsiteInput { s.ExpectedBucketOwner = &v @@ -29450,12 +36952,20 @@ type PutBucketWebsiteOutput struct { _ struct{} `type:"structure"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s PutBucketWebsiteOutput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s PutBucketWebsiteOutput) GoString() string { return s.String() } @@ -29473,82 +36983,116 @@ type PutObjectAclInput struct { // The bucket name that contains the object to which you want to attach the // ACL. // - // When using this API with an access point, you must direct requests to the - // access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. - // When using this operation with an access point through the AWS SDKs, you - // provide the access point ARN in place of the bucket name. For more information - // about access point ARNs, see Using Access Points (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-access-points.html) - // in the Amazon Simple Storage Service Developer Guide. + // Access points - When you use this action with an access point, you must provide + // the alias of the access point in place of the bucket name or specify the + // access point ARN. When using the access point ARN, you must direct requests + // to the access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. + // When using this action with an access point through the Amazon Web Services + // SDKs, you provide the access point ARN in place of the bucket name. For more + // information about access point ARNs, see Using access points (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html) + // in the Amazon S3 User Guide. + // + // S3 on Outposts - When you use this action with Amazon S3 on Outposts, you + // must direct requests to the S3 on Outposts hostname. The S3 on Outposts hostname + // takes the form AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com. + // When you use this action with S3 on Outposts through the Amazon Web Services + // SDKs, you provide the Outposts access point ARN in place of the bucket name. + // For more information about S3 on Outposts ARNs, see What is S3 on Outposts? + // (https://docs.aws.amazon.com/AmazonS3/latest/userguide/S3onOutposts.html) + // in the Amazon S3 User Guide. // // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // The account id of the expected bucket owner. If the bucket is owned by a - // different account, the request will fail with an HTTP 403 (Access Denied) - // error. + // Indicates the algorithm used to create the checksum for the object when you + // use the SDK. This header will not provide any additional functionality if + // you don't use the SDK. When you send this header, there must be a corresponding + // x-amz-checksum or x-amz-trailer header sent. Otherwise, Amazon S3 fails the + // request with the HTTP status code 400 Bad Request. For more information, + // see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) + // in the Amazon S3 User Guide. + // + // If you provide an individual checksum, Amazon S3 ignores any provided ChecksumAlgorithm + // parameter. + // + // The AWS SDK for Go v1 does not support automatic computing request payload + // checksum. This feature is available in the AWS SDK for Go v2. If a value + // is specified for this parameter, the matching algorithm's checksum member + // must be populated with the algorithm's checksum of the request payload. + // + // The SDK will automatically compute the Content-MD5 checksum for this operation. + // The AWS SDK for Go v2 allows you to configure alternative checksum algorithm + // to be used. + ChecksumAlgorithm *string `location:"header" locationName:"x-amz-sdk-checksum-algorithm" type:"string" enum:"ChecksumAlgorithm"` + + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` // Allows grantee the read, write, read ACP, and write ACP permissions on the // bucket. // - // This action is not supported by Amazon S3 on Outposts. + // This functionality is not supported for Amazon S3 on Outposts. GrantFullControl *string `location:"header" locationName:"x-amz-grant-full-control" type:"string"` // Allows grantee to list the objects in the bucket. // - // This action is not supported by Amazon S3 on Outposts. + // This functionality is not supported for Amazon S3 on Outposts. GrantRead *string `location:"header" locationName:"x-amz-grant-read" type:"string"` // Allows grantee to read the bucket ACL. // - // This action is not supported by Amazon S3 on Outposts. + // This functionality is not supported for Amazon S3 on Outposts. GrantReadACP *string `location:"header" locationName:"x-amz-grant-read-acp" type:"string"` - // Allows grantee to create, overwrite, and delete any object in the bucket. + // Allows grantee to create new objects in the bucket. + // + // For the bucket and object owners of existing objects, also allows deletions + // and overwrites of those objects. GrantWrite *string `location:"header" locationName:"x-amz-grant-write" type:"string"` // Allows grantee to write the ACL for the applicable bucket. // - // This action is not supported by Amazon S3 on Outposts. + // This functionality is not supported for Amazon S3 on Outposts. GrantWriteACP *string `location:"header" locationName:"x-amz-grant-write-acp" type:"string"` - // Key for which the PUT operation was initiated. - // - // When using this API with an access point, you must direct requests to the - // access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. - // When using this operation with an access point through the AWS SDKs, you - // provide the access point ARN in place of the bucket name. For more information - // about access point ARNs, see Using Access Points (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-access-points.html) - // in the Amazon Simple Storage Service Developer Guide. - // - // When using this API with Amazon S3 on Outposts, you must direct requests - // to the S3 on Outposts hostname. The S3 on Outposts hostname takes the form - // AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com. When - // using this operation using S3 on Outposts through the AWS SDKs, you provide - // the Outposts bucket ARN in place of the bucket name. For more information - // about S3 on Outposts ARNs, see Using S3 on Outposts (https://docs.aws.amazon.com/AmazonS3/latest/dev/S3onOutposts.html) - // in the Amazon Simple Storage Service Developer Guide. + // Key for which the PUT action was initiated. // // Key is a required field Key *string `location:"uri" locationName:"Key" min:"1" type:"string" required:"true"` // Confirms that the requester knows that they will be charged for the request. - // Bucket owners need not specify this parameter in their requests. For information - // about downloading objects from requester pays buckets, see Downloading Objects - // in Requestor Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) - // in the Amazon S3 Developer Guide. + // Bucket owners need not specify this parameter in their requests. If either + // the source or destination S3 bucket has Requester Pays enabled, the requester + // will pay for corresponding charges to copy the object. For information about + // downloading objects from Requester Pays buckets, see Downloading Objects + // in Requester Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) + // in the Amazon S3 User Guide. + // + // This functionality is not supported for directory buckets. RequestPayer *string `location:"header" locationName:"x-amz-request-payer" type:"string" enum:"RequestPayer"` - // VersionId used to reference a specific version of the object. + // Version ID used to reference a specific version of the object. + // + // This functionality is not supported for directory buckets. VersionId *string `location:"querystring" locationName:"versionId" type:"string"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s PutObjectAclInput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s PutObjectAclInput) GoString() string { return s.String() } @@ -29605,6 +37149,12 @@ func (s *PutObjectAclInput) getBucket() (v string) { return *s.Bucket } +// SetChecksumAlgorithm sets the ChecksumAlgorithm field's value. +func (s *PutObjectAclInput) SetChecksumAlgorithm(v string) *PutObjectAclInput { + s.ChecksumAlgorithm = &v + return s +} + // SetExpectedBucketOwner sets the ExpectedBucketOwner field's value. func (s *PutObjectAclInput) SetExpectedBucketOwner(v string) *PutObjectAclInput { s.ExpectedBucketOwner = &v @@ -29691,15 +37241,25 @@ type PutObjectAclOutput struct { // If present, indicates that the requester was successfully charged for the // request. + // + // This functionality is not supported for directory buckets. RequestCharged *string `location:"header" locationName:"x-amz-request-charged" type:"string" enum:"RequestCharged"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s PutObjectAclOutput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s PutObjectAclOutput) GoString() string { return s.String() } @@ -29714,41 +37274,80 @@ type PutObjectInput struct { _ struct{} `locationName:"PutObjectRequest" type:"structure" payload:"Body"` // The canned ACL to apply to the object. For more information, see Canned ACL - // (https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#CannedACL). - // - // This action is not supported by Amazon S3 on Outposts. + // (https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#CannedACL) + // in the Amazon S3 User Guide. + // + // When adding a new object, you can use headers to grant ACL-based permissions + // to individual Amazon Web Services accounts or to predefined groups defined + // by Amazon S3. These permissions are then added to the ACL on the object. + // By default, all objects are private. Only the owner has full access control. + // For more information, see Access Control List (ACL) Overview (https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html) + // and Managing ACLs Using the REST API (https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-using-rest-api.html) + // in the Amazon S3 User Guide. + // + // If the bucket that you're uploading objects to uses the bucket owner enforced + // setting for S3 Object Ownership, ACLs are disabled and no longer affect permissions. + // Buckets that use this setting only accept PUT requests that don't specify + // an ACL or PUT requests that specify bucket owner full control ACLs, such + // as the bucket-owner-full-control canned ACL or an equivalent form of this + // ACL expressed in the XML format. PUT requests that contain other ACLs (for + // example, custom grants to certain Amazon Web Services accounts) fail and + // return a 400 error with the error code AccessControlListNotSupported. For + // more information, see Controlling ownership of objects and disabling ACLs + // (https://docs.aws.amazon.com/AmazonS3/latest/userguide/about-object-ownership.html) + // in the Amazon S3 User Guide. + // + // * This functionality is not supported for directory buckets. + // + // * This functionality is not supported for Amazon S3 on Outposts. ACL *string `location:"header" locationName:"x-amz-acl" type:"string" enum:"ObjectCannedACL"` // Object data. Body io.ReadSeeker `type:"blob"` - // The bucket name to which the PUT operation was initiated. - // - // When using this API with an access point, you must direct requests to the - // access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. - // When using this operation with an access point through the AWS SDKs, you - // provide the access point ARN in place of the bucket name. For more information - // about access point ARNs, see Using Access Points (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-access-points.html) - // in the Amazon Simple Storage Service Developer Guide. - // - // When using this API with Amazon S3 on Outposts, you must direct requests - // to the S3 on Outposts hostname. The S3 on Outposts hostname takes the form - // AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com. When - // using this operation using S3 on Outposts through the AWS SDKs, you provide - // the Outposts bucket ARN in place of the bucket name. For more information - // about S3 on Outposts ARNs, see Using S3 on Outposts (https://docs.aws.amazon.com/AmazonS3/latest/dev/S3onOutposts.html) - // in the Amazon Simple Storage Service Developer Guide. + // The bucket name to which the PUT action was initiated. + // + // Directory buckets - When you use this operation with a directory bucket, + // you must use virtual-hosted-style requests in the format Bucket_name.s3express-az_id.region.amazonaws.com. + // Path-style requests are not supported. Directory bucket names must be unique + // in the chosen Availability Zone. Bucket names must follow the format bucket_base_name--az-id--x-s3 + // (for example, DOC-EXAMPLE-BUCKET--usw2-az1--x-s3). For information about + // bucket naming restrictions, see Directory bucket naming rules (https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-bucket-naming-rules.html) + // in the Amazon S3 User Guide. + // + // Access points - When you use this action with an access point, you must provide + // the alias of the access point in place of the bucket name or specify the + // access point ARN. When using the access point ARN, you must direct requests + // to the access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. + // When using this action with an access point through the Amazon Web Services + // SDKs, you provide the access point ARN in place of the bucket name. For more + // information about access point ARNs, see Using access points (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html) + // in the Amazon S3 User Guide. + // + // Access points and Object Lambda access points are not supported by directory + // buckets. + // + // S3 on Outposts - When you use this action with Amazon S3 on Outposts, you + // must direct requests to the S3 on Outposts hostname. The S3 on Outposts hostname + // takes the form AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com. + // When you use this action with S3 on Outposts through the Amazon Web Services + // SDKs, you provide the Outposts access point ARN in place of the bucket name. + // For more information about S3 on Outposts ARNs, see What is S3 on Outposts? + // (https://docs.aws.amazon.com/AmazonS3/latest/userguide/S3onOutposts.html) + // in the Amazon S3 User Guide. // // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` // Specifies whether Amazon S3 should use an S3 Bucket Key for object encryption - // with server-side encryption using AWS KMS (SSE-KMS). Setting this header - // to true causes Amazon S3 to use an S3 Bucket Key for object encryption with - // SSE-KMS. + // with server-side encryption using Key Management Service (KMS) keys (SSE-KMS). + // Setting this header to true causes Amazon S3 to use an S3 Bucket Key for + // object encryption with SSE-KMS. // - // Specifying this header with a PUT operation doesn’t affect bucket-level - // settings for S3 Bucket Key. + // Specifying this header with a PUT action doesn’t affect bucket-level settings + // for S3 Bucket Key. + // + // This functionality is not supported for directory buckets. BucketKeyEnabled *bool `location:"header" locationName:"x-amz-server-side-encryption-bucket-key-enabled" type:"boolean"` // Can be used to specify caching behavior along the request/reply chain. For @@ -29756,22 +37355,84 @@ type PutObjectInput struct { // (http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.9). CacheControl *string `location:"header" locationName:"Cache-Control" type:"string"` + // Indicates the algorithm used to create the checksum for the object when you + // use the SDK. This header will not provide any additional functionality if + // you don't use the SDK. When you send this header, there must be a corresponding + // x-amz-checksum-algorithm or x-amz-trailer header sent. Otherwise, Amazon + // S3 fails the request with the HTTP status code 400 Bad Request. + // + // For the x-amz-checksum-algorithm header, replace algorithm with the supported + // algorithm from the following list: + // + // * CRC32 + // + // * CRC32C + // + // * SHA1 + // + // * SHA256 + // + // For more information, see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) + // in the Amazon S3 User Guide. + // + // If the individual checksum value you provide through x-amz-checksum-algorithm + // doesn't match the checksum algorithm you set through x-amz-sdk-checksum-algorithm, + // Amazon S3 ignores any provided ChecksumAlgorithm parameter and uses the checksum + // algorithm that matches the provided value in x-amz-checksum-algorithm . + // + // For directory buckets, when you use Amazon Web Services SDKs, CRC32 is the + // default checksum algorithm that's used for performance. + // + // The AWS SDK for Go v1 does not support automatic computing request payload + // checksum. This feature is available in the AWS SDK for Go v2. If a value + // is specified for this parameter, the matching algorithm's checksum member + // must be populated with the algorithm's checksum of the request payload. + ChecksumAlgorithm *string `location:"header" locationName:"x-amz-sdk-checksum-algorithm" type:"string" enum:"ChecksumAlgorithm"` + + // This header can be used as a data integrity check to verify that the data + // received is the same data that was originally sent. This header specifies + // the base64-encoded, 32-bit CRC32 checksum of the object. For more information, + // see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) + // in the Amazon S3 User Guide. + ChecksumCRC32 *string `location:"header" locationName:"x-amz-checksum-crc32" type:"string"` + + // This header can be used as a data integrity check to verify that the data + // received is the same data that was originally sent. This header specifies + // the base64-encoded, 32-bit CRC32C checksum of the object. For more information, + // see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) + // in the Amazon S3 User Guide. + ChecksumCRC32C *string `location:"header" locationName:"x-amz-checksum-crc32c" type:"string"` + + // This header can be used as a data integrity check to verify that the data + // received is the same data that was originally sent. This header specifies + // the base64-encoded, 160-bit SHA-1 digest of the object. For more information, + // see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) + // in the Amazon S3 User Guide. + ChecksumSHA1 *string `location:"header" locationName:"x-amz-checksum-sha1" type:"string"` + + // This header can be used as a data integrity check to verify that the data + // received is the same data that was originally sent. This header specifies + // the base64-encoded, 256-bit SHA-256 digest of the object. For more information, + // see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) + // in the Amazon S3 User Guide. + ChecksumSHA256 *string `location:"header" locationName:"x-amz-checksum-sha256" type:"string"` + // Specifies presentational information for the object. For more information, - // see http://www.w3.org/Protocols/rfc2616/rfc2616-sec19.html#sec19.5.1 (http://www.w3.org/Protocols/rfc2616/rfc2616-sec19.html#sec19.5.1). + // see https://www.rfc-editor.org/rfc/rfc6266#section-4 (https://www.rfc-editor.org/rfc/rfc6266#section-4). ContentDisposition *string `location:"header" locationName:"Content-Disposition" type:"string"` // Specifies what content encodings have been applied to the object and thus // what decoding mechanisms must be applied to obtain the media-type referenced - // by the Content-Type header field. For more information, see http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.11 - // (http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.11). + // by the Content-Type header field. For more information, see https://www.rfc-editor.org/rfc/rfc9110.html#field.content-encoding + // (https://www.rfc-editor.org/rfc/rfc9110.html#field.content-encoding). ContentEncoding *string `location:"header" locationName:"Content-Encoding" type:"string"` // The language the content is in. ContentLanguage *string `location:"header" locationName:"Content-Language" type:"string"` // Size of the body in bytes. This parameter is useful when the size of the - // body cannot be determined automatically. For more information, see http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.13 - // (http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.13). + // body cannot be determined automatically. For more information, see https://www.rfc-editor.org/rfc/rfc9110.html#name-content-length + // (https://www.rfc-editor.org/rfc/rfc9110.html#name-content-length). ContentLength *int64 `location:"header" locationName:"Content-Length" type:"long"` // The base64-encoded 128-bit MD5 digest of the message (without the headers) @@ -29780,42 +37441,57 @@ type PutObjectInput struct { // it is optional, we recommend using the Content-MD5 mechanism as an end-to-end // integrity check. For more information about REST request authentication, // see REST Authentication (https://docs.aws.amazon.com/AmazonS3/latest/dev/RESTAuthentication.html). + // + // The Content-MD5 header is required for any request to upload an object with + // a retention period configured using Amazon S3 Object Lock. For more information + // about Amazon S3 Object Lock, see Amazon S3 Object Lock Overview (https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock-overview.html) + // in the Amazon S3 User Guide. + // + // This functionality is not supported for directory buckets. ContentMD5 *string `location:"header" locationName:"Content-MD5" type:"string"` // A standard MIME type describing the format of the contents. For more information, - // see http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.17 (http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.17). + // see https://www.rfc-editor.org/rfc/rfc9110.html#name-content-type (https://www.rfc-editor.org/rfc/rfc9110.html#name-content-type). ContentType *string `location:"header" locationName:"Content-Type" type:"string"` - // The account id of the expected bucket owner. If the bucket is owned by a - // different account, the request will fail with an HTTP 403 (Access Denied) - // error. + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` // The date and time at which the object is no longer cacheable. For more information, - // see http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.21 (http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.21). + // see https://www.rfc-editor.org/rfc/rfc7234#section-5.3 (https://www.rfc-editor.org/rfc/rfc7234#section-5.3). Expires *time.Time `location:"header" locationName:"Expires" type:"timestamp"` // Gives the grantee READ, READ_ACP, and WRITE_ACP permissions on the object. // - // This action is not supported by Amazon S3 on Outposts. + // * This functionality is not supported for directory buckets. + // + // * This functionality is not supported for Amazon S3 on Outposts. GrantFullControl *string `location:"header" locationName:"x-amz-grant-full-control" type:"string"` // Allows grantee to read the object data and its metadata. // - // This action is not supported by Amazon S3 on Outposts. + // * This functionality is not supported for directory buckets. + // + // * This functionality is not supported for Amazon S3 on Outposts. GrantRead *string `location:"header" locationName:"x-amz-grant-read" type:"string"` // Allows grantee to read the object ACL. // - // This action is not supported by Amazon S3 on Outposts. + // * This functionality is not supported for directory buckets. + // + // * This functionality is not supported for Amazon S3 on Outposts. GrantReadACP *string `location:"header" locationName:"x-amz-grant-read-acp" type:"string"` // Allows grantee to write the ACL for the applicable object. // - // This action is not supported by Amazon S3 on Outposts. + // * This functionality is not supported for directory buckets. + // + // * This functionality is not supported for Amazon S3 on Outposts. GrantWriteACP *string `location:"header" locationName:"x-amz-grant-write-acp" type:"string"` - // Object key for which the PUT operation was initiated. + // Object key for which the PUT action was initiated. // // Key is a required field Key *string `location:"uri" locationName:"Key" min:"1" type:"string" required:"true"` @@ -29824,24 +37500,37 @@ type PutObjectInput struct { Metadata map[string]*string `location:"headers" locationName:"x-amz-meta-" type:"map"` // Specifies whether a legal hold will be applied to this object. For more information - // about S3 Object Lock, see Object Lock (https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock.html). + // about S3 Object Lock, see Object Lock (https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock.html) + // in the Amazon S3 User Guide. + // + // This functionality is not supported for directory buckets. ObjectLockLegalHoldStatus *string `location:"header" locationName:"x-amz-object-lock-legal-hold" type:"string" enum:"ObjectLockLegalHoldStatus"` // The Object Lock mode that you want to apply to this object. + // + // This functionality is not supported for directory buckets. ObjectLockMode *string `location:"header" locationName:"x-amz-object-lock-mode" type:"string" enum:"ObjectLockMode"` - // The date and time when you want this object's Object Lock to expire. + // The date and time when you want this object's Object Lock to expire. Must + // be formatted as a timestamp parameter. + // + // This functionality is not supported for directory buckets. ObjectLockRetainUntilDate *time.Time `location:"header" locationName:"x-amz-object-lock-retain-until-date" type:"timestamp" timestampFormat:"iso8601"` // Confirms that the requester knows that they will be charged for the request. - // Bucket owners need not specify this parameter in their requests. For information - // about downloading objects from requester pays buckets, see Downloading Objects - // in Requestor Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) - // in the Amazon S3 Developer Guide. + // Bucket owners need not specify this parameter in their requests. If either + // the source or destination S3 bucket has Requester Pays enabled, the requester + // will pay for corresponding charges to copy the object. For information about + // downloading objects from Requester Pays buckets, see Downloading Objects + // in Requester Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) + // in the Amazon S3 User Guide. + // + // This functionality is not supported for directory buckets. RequestPayer *string `location:"header" locationName:"x-amz-request-payer" type:"string" enum:"RequestPayer"` - // Specifies the algorithm to use to when encrypting the object (for example, - // AES256). + // Specifies the algorithm to use when encrypting the object (for example, AES256). + // + // This functionality is not supported for directory buckets. SSECustomerAlgorithm *string `location:"header" locationName:"x-amz-server-side-encryption-customer-algorithm" type:"string"` // Specifies the customer-provided encryption key for Amazon S3 to use in encrypting @@ -29849,50 +37538,92 @@ type PutObjectInput struct { // S3 does not store the encryption key. The key must be appropriate for use // with the algorithm specified in the x-amz-server-side-encryption-customer-algorithm // header. + // + // This functionality is not supported for directory buckets. + // + // SSECustomerKey is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by PutObjectInput's + // String and GoString methods. SSECustomerKey *string `marshal-as:"blob" location:"header" locationName:"x-amz-server-side-encryption-customer-key" type:"string" sensitive:"true"` // Specifies the 128-bit MD5 digest of the encryption key according to RFC 1321. // Amazon S3 uses this header for a message integrity check to ensure that the // encryption key was transmitted without error. + // + // This functionality is not supported for directory buckets. SSECustomerKeyMD5 *string `location:"header" locationName:"x-amz-server-side-encryption-customer-key-MD5" type:"string"` - // Specifies the AWS KMS Encryption Context to use for object encryption. The - // value of this header is a base64-encoded UTF-8 string holding JSON with the - // encryption context key-value pairs. + // Specifies the Amazon Web Services KMS Encryption Context to use for object + // encryption. The value of this header is a base64-encoded UTF-8 string holding + // JSON with the encryption context key-value pairs. This value is stored as + // object metadata and automatically gets passed on to Amazon Web Services KMS + // for future GetObject or CopyObject operations on this object. This value + // must be explicitly added during CopyObject operations. + // + // This functionality is not supported for directory buckets. + // + // SSEKMSEncryptionContext is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by PutObjectInput's + // String and GoString methods. SSEKMSEncryptionContext *string `location:"header" locationName:"x-amz-server-side-encryption-context" type:"string" sensitive:"true"` - // If x-amz-server-side-encryption is present and has the value of aws:kms, - // this header specifies the ID of the AWS Key Management Service (AWS KMS) - // symmetrical customer managed customer master key (CMK) that was used for - // the object. + // If x-amz-server-side-encryption has a valid value of aws:kms or aws:kms:dsse, + // this header specifies the ID (Key ID, Key ARN, or Key Alias) of the Key Management + // Service (KMS) symmetric encryption customer managed key that was used for + // the object. If you specify x-amz-server-side-encryption:aws:kms or x-amz-server-side-encryption:aws:kms:dsse, + // but do not providex-amz-server-side-encryption-aws-kms-key-id, Amazon S3 + // uses the Amazon Web Services managed key (aws/s3) to protect the data. If + // the KMS key does not exist in the same account that's issuing the command, + // you must use the full ARN and not just the ID. + // + // This functionality is not supported for directory buckets. // - // If the value of x-amz-server-side-encryption is aws:kms, this header specifies - // the ID of the symmetric customer managed AWS KMS CMK that will be used for - // the object. If you specify x-amz-server-side-encryption:aws:kms, but do not - // providex-amz-server-side-encryption-aws-kms-key-id, Amazon S3 uses the AWS - // managed CMK in AWS to protect the data. + // SSEKMSKeyId is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by PutObjectInput's + // String and GoString methods. SSEKMSKeyId *string `location:"header" locationName:"x-amz-server-side-encryption-aws-kms-key-id" type:"string" sensitive:"true"` - // The server-side encryption algorithm used when storing this object in Amazon - // S3 (for example, AES256, aws:kms). + // The server-side encryption algorithm that was used when you store this object + // in Amazon S3 (for example, AES256, aws:kms, aws:kms:dsse). + // + // General purpose buckets - You have four mutually exclusive options to protect + // data using server-side encryption in Amazon S3, depending on how you choose + // to manage the encryption keys. Specifically, the encryption key options are + // Amazon S3 managed keys (SSE-S3), Amazon Web Services KMS keys (SSE-KMS or + // DSSE-KMS), and customer-provided keys (SSE-C). Amazon S3 encrypts data with + // server-side encryption by using Amazon S3 managed keys (SSE-S3) by default. + // You can optionally tell Amazon S3 to encrypt data at rest by using server-side + // encryption with other key options. For more information, see Using Server-Side + // Encryption (https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingServerSideEncryption.html) + // in the Amazon S3 User Guide. + // + // Directory buckets - For directory buckets, only the server-side encryption + // with Amazon S3 managed keys (SSE-S3) (AES256) value is supported. ServerSideEncryption *string `location:"header" locationName:"x-amz-server-side-encryption" type:"string" enum:"ServerSideEncryption"` // By default, Amazon S3 uses the STANDARD Storage Class to store newly created // objects. The STANDARD storage class provides high durability and high availability. // Depending on performance needs, you can specify a different Storage Class. - // Amazon S3 on Outposts only uses the OUTPOSTS Storage Class. For more information, - // see Storage Classes (https://docs.aws.amazon.com/AmazonS3/latest/dev/storage-class-intro.html) - // in the Amazon S3 Service Developer Guide. + // For more information, see Storage Classes (https://docs.aws.amazon.com/AmazonS3/latest/dev/storage-class-intro.html) + // in the Amazon S3 User Guide. + // + // * For directory buckets, only the S3 Express One Zone storage class is + // supported to store newly created objects. + // + // * Amazon S3 on Outposts only uses the OUTPOSTS Storage Class. StorageClass *string `location:"header" locationName:"x-amz-storage-class" type:"string" enum:"StorageClass"` // The tag-set for the object. The tag-set must be encoded as URL Query parameters. // (For example, "Key1=Value1") + // + // This functionality is not supported for directory buckets. Tagging *string `location:"header" locationName:"x-amz-tagging" type:"string"` // If the bucket is configured as a website, redirects requests for this object // to another object in the same bucket or to an external URL. Amazon S3 stores // the value of this header in the object metadata. For information about object - // metadata, see Object Key and Metadata (https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingMetadata.html). + // metadata, see Object Key and Metadata (https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingMetadata.html) + // in the Amazon S3 User Guide. // // In the following example, the request header sets the redirect to an object // (anotherPage.html) in the same bucket: @@ -29906,16 +37637,27 @@ type PutObjectInput struct { // // For more information about website hosting in Amazon S3, see Hosting Websites // on Amazon S3 (https://docs.aws.amazon.com/AmazonS3/latest/dev/WebsiteHosting.html) - // and How to Configure Website Page Redirects (https://docs.aws.amazon.com/AmazonS3/latest/dev/how-to-page-redirect.html). + // and How to Configure Website Page Redirects (https://docs.aws.amazon.com/AmazonS3/latest/dev/how-to-page-redirect.html) + // in the Amazon S3 User Guide. + // + // This functionality is not supported for directory buckets. WebsiteRedirectLocation *string `location:"header" locationName:"x-amz-website-redirect-location" type:"string"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s PutObjectInput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s PutObjectInput) GoString() string { return s.String() } @@ -29979,6 +37721,36 @@ func (s *PutObjectInput) SetCacheControl(v string) *PutObjectInput { return s } +// SetChecksumAlgorithm sets the ChecksumAlgorithm field's value. +func (s *PutObjectInput) SetChecksumAlgorithm(v string) *PutObjectInput { + s.ChecksumAlgorithm = &v + return s +} + +// SetChecksumCRC32 sets the ChecksumCRC32 field's value. +func (s *PutObjectInput) SetChecksumCRC32(v string) *PutObjectInput { + s.ChecksumCRC32 = &v + return s +} + +// SetChecksumCRC32C sets the ChecksumCRC32C field's value. +func (s *PutObjectInput) SetChecksumCRC32C(v string) *PutObjectInput { + s.ChecksumCRC32C = &v + return s +} + +// SetChecksumSHA1 sets the ChecksumSHA1 field's value. +func (s *PutObjectInput) SetChecksumSHA1(v string) *PutObjectInput { + s.ChecksumSHA1 = &v + return s +} + +// SetChecksumSHA256 sets the ChecksumSHA256 field's value. +func (s *PutObjectInput) SetChecksumSHA256(v string) *PutObjectInput { + s.ChecksumSHA256 = &v + return s +} + // SetContentDisposition sets the ContentDisposition field's value. func (s *PutObjectInput) SetContentDisposition(v string) *PutObjectInput { s.ContentDisposition = &v @@ -30178,50 +37950,85 @@ func (s PutObjectInput) updateArnableField(v string) (interface{}, error) { type PutObjectLegalHoldInput struct { _ struct{} `locationName:"PutObjectLegalHoldRequest" type:"structure" payload:"LegalHold"` - // The bucket name containing the object that you want to place a Legal Hold + // The bucket name containing the object that you want to place a legal hold // on. // - // When using this API with an access point, you must direct requests to the - // access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. - // When using this operation with an access point through the AWS SDKs, you - // provide the access point ARN in place of the bucket name. For more information - // about access point ARNs, see Using Access Points (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-access-points.html) - // in the Amazon Simple Storage Service Developer Guide. + // Access points - When you use this action with an access point, you must provide + // the alias of the access point in place of the bucket name or specify the + // access point ARN. When using the access point ARN, you must direct requests + // to the access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. + // When using this action with an access point through the Amazon Web Services + // SDKs, you provide the access point ARN in place of the bucket name. For more + // information about access point ARNs, see Using access points (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html) + // in the Amazon S3 User Guide. // // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // The account id of the expected bucket owner. If the bucket is owned by a - // different account, the request will fail with an HTTP 403 (Access Denied) - // error. + // Indicates the algorithm used to create the checksum for the object when you + // use the SDK. This header will not provide any additional functionality if + // you don't use the SDK. When you send this header, there must be a corresponding + // x-amz-checksum or x-amz-trailer header sent. Otherwise, Amazon S3 fails the + // request with the HTTP status code 400 Bad Request. For more information, + // see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) + // in the Amazon S3 User Guide. + // + // If you provide an individual checksum, Amazon S3 ignores any provided ChecksumAlgorithm + // parameter. + // + // The AWS SDK for Go v1 does not support automatic computing request payload + // checksum. This feature is available in the AWS SDK for Go v2. If a value + // is specified for this parameter, the matching algorithm's checksum member + // must be populated with the algorithm's checksum of the request payload. + // + // The SDK will automatically compute the Content-MD5 checksum for this operation. + // The AWS SDK for Go v2 allows you to configure alternative checksum algorithm + // to be used. + ChecksumAlgorithm *string `location:"header" locationName:"x-amz-sdk-checksum-algorithm" type:"string" enum:"ChecksumAlgorithm"` + + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` - // The key name for the object that you want to place a Legal Hold on. + // The key name for the object that you want to place a legal hold on. // // Key is a required field Key *string `location:"uri" locationName:"Key" min:"1" type:"string" required:"true"` - // Container element for the Legal Hold configuration you want to apply to the + // Container element for the legal hold configuration you want to apply to the // specified object. LegalHold *ObjectLockLegalHold `locationName:"LegalHold" type:"structure" xmlURI:"http://s3.amazonaws.com/doc/2006-03-01/"` // Confirms that the requester knows that they will be charged for the request. - // Bucket owners need not specify this parameter in their requests. For information - // about downloading objects from requester pays buckets, see Downloading Objects - // in Requestor Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) - // in the Amazon S3 Developer Guide. + // Bucket owners need not specify this parameter in their requests. If either + // the source or destination S3 bucket has Requester Pays enabled, the requester + // will pay for corresponding charges to copy the object. For information about + // downloading objects from Requester Pays buckets, see Downloading Objects + // in Requester Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) + // in the Amazon S3 User Guide. + // + // This functionality is not supported for directory buckets. RequestPayer *string `location:"header" locationName:"x-amz-request-payer" type:"string" enum:"RequestPayer"` - // The version ID of the object that you want to place a Legal Hold on. + // The version ID of the object that you want to place a legal hold on. VersionId *string `location:"querystring" locationName:"versionId" type:"string"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s PutObjectLegalHoldInput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s PutObjectLegalHoldInput) GoString() string { return s.String() } @@ -30261,6 +38068,12 @@ func (s *PutObjectLegalHoldInput) getBucket() (v string) { return *s.Bucket } +// SetChecksumAlgorithm sets the ChecksumAlgorithm field's value. +func (s *PutObjectLegalHoldInput) SetChecksumAlgorithm(v string) *PutObjectLegalHoldInput { + s.ChecksumAlgorithm = &v + return s +} + // SetExpectedBucketOwner sets the ExpectedBucketOwner field's value. func (s *PutObjectLegalHoldInput) SetExpectedBucketOwner(v string) *PutObjectLegalHoldInput { s.ExpectedBucketOwner = &v @@ -30323,15 +38136,25 @@ type PutObjectLegalHoldOutput struct { // If present, indicates that the requester was successfully charged for the // request. + // + // This functionality is not supported for directory buckets. RequestCharged *string `location:"header" locationName:"x-amz-request-charged" type:"string" enum:"RequestCharged"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s PutObjectLegalHoldOutput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s PutObjectLegalHoldOutput) GoString() string { return s.String() } @@ -30350,31 +38173,64 @@ type PutObjectLockConfigurationInput struct { // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // The account id of the expected bucket owner. If the bucket is owned by a - // different account, the request will fail with an HTTP 403 (Access Denied) - // error. + // Indicates the algorithm used to create the checksum for the object when you + // use the SDK. This header will not provide any additional functionality if + // you don't use the SDK. When you send this header, there must be a corresponding + // x-amz-checksum or x-amz-trailer header sent. Otherwise, Amazon S3 fails the + // request with the HTTP status code 400 Bad Request. For more information, + // see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) + // in the Amazon S3 User Guide. + // + // If you provide an individual checksum, Amazon S3 ignores any provided ChecksumAlgorithm + // parameter. + // + // The AWS SDK for Go v1 does not support automatic computing request payload + // checksum. This feature is available in the AWS SDK for Go v2. If a value + // is specified for this parameter, the matching algorithm's checksum member + // must be populated with the algorithm's checksum of the request payload. + // + // The SDK will automatically compute the Content-MD5 checksum for this operation. + // The AWS SDK for Go v2 allows you to configure alternative checksum algorithm + // to be used. + ChecksumAlgorithm *string `location:"header" locationName:"x-amz-sdk-checksum-algorithm" type:"string" enum:"ChecksumAlgorithm"` + + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` // The Object Lock configuration that you want to apply to the specified bucket. ObjectLockConfiguration *ObjectLockConfiguration `locationName:"ObjectLockConfiguration" type:"structure" xmlURI:"http://s3.amazonaws.com/doc/2006-03-01/"` // Confirms that the requester knows that they will be charged for the request. - // Bucket owners need not specify this parameter in their requests. For information - // about downloading objects from requester pays buckets, see Downloading Objects - // in Requestor Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) - // in the Amazon S3 Developer Guide. + // Bucket owners need not specify this parameter in their requests. If either + // the source or destination S3 bucket has Requester Pays enabled, the requester + // will pay for corresponding charges to copy the object. For information about + // downloading objects from Requester Pays buckets, see Downloading Objects + // in Requester Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) + // in the Amazon S3 User Guide. + // + // This functionality is not supported for directory buckets. RequestPayer *string `location:"header" locationName:"x-amz-request-payer" type:"string" enum:"RequestPayer"` // A token to allow Object Lock to be enabled for an existing bucket. Token *string `location:"header" locationName:"x-amz-bucket-object-lock-token" type:"string"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s PutObjectLockConfigurationInput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s PutObjectLockConfigurationInput) GoString() string { return s.String() } @@ -30408,6 +38264,12 @@ func (s *PutObjectLockConfigurationInput) getBucket() (v string) { return *s.Bucket } +// SetChecksumAlgorithm sets the ChecksumAlgorithm field's value. +func (s *PutObjectLockConfigurationInput) SetChecksumAlgorithm(v string) *PutObjectLockConfigurationInput { + s.ChecksumAlgorithm = &v + return s +} + // SetExpectedBucketOwner sets the ExpectedBucketOwner field's value. func (s *PutObjectLockConfigurationInput) SetExpectedBucketOwner(v string) *PutObjectLockConfigurationInput { s.ExpectedBucketOwner = &v @@ -30464,15 +38326,25 @@ type PutObjectLockConfigurationOutput struct { // If present, indicates that the requester was successfully charged for the // request. + // + // This functionality is not supported for directory buckets. RequestCharged *string `location:"header" locationName:"x-amz-request-charged" type:"string" enum:"RequestCharged"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s PutObjectLockConfigurationOutput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s PutObjectLockConfigurationOutput) GoString() string { return s.String() } @@ -30487,60 +38359,151 @@ type PutObjectOutput struct { _ struct{} `type:"structure"` // Indicates whether the uploaded object uses an S3 Bucket Key for server-side - // encryption with AWS KMS (SSE-KMS). + // encryption with Key Management Service (KMS) keys (SSE-KMS). + // + // This functionality is not supported for directory buckets. BucketKeyEnabled *bool `location:"header" locationName:"x-amz-server-side-encryption-bucket-key-enabled" type:"boolean"` + // The base64-encoded, 32-bit CRC32 checksum of the object. This will only be + // present if it was uploaded with the object. When you use an API operation + // on an object that was uploaded using multipart uploads, this value may not + // be a direct checksum value of the full object. Instead, it's a calculation + // based on the checksum values of each individual part. For more information + // about how checksums are calculated with multipart uploads, see Checking object + // integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) + // in the Amazon S3 User Guide. + ChecksumCRC32 *string `location:"header" locationName:"x-amz-checksum-crc32" type:"string"` + + // The base64-encoded, 32-bit CRC32C checksum of the object. This will only + // be present if it was uploaded with the object. When you use an API operation + // on an object that was uploaded using multipart uploads, this value may not + // be a direct checksum value of the full object. Instead, it's a calculation + // based on the checksum values of each individual part. For more information + // about how checksums are calculated with multipart uploads, see Checking object + // integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) + // in the Amazon S3 User Guide. + ChecksumCRC32C *string `location:"header" locationName:"x-amz-checksum-crc32c" type:"string"` + + // The base64-encoded, 160-bit SHA-1 digest of the object. This will only be + // present if it was uploaded with the object. When you use the API operation + // on an object that was uploaded using multipart uploads, this value may not + // be a direct checksum value of the full object. Instead, it's a calculation + // based on the checksum values of each individual part. For more information + // about how checksums are calculated with multipart uploads, see Checking object + // integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) + // in the Amazon S3 User Guide. + ChecksumSHA1 *string `location:"header" locationName:"x-amz-checksum-sha1" type:"string"` + + // The base64-encoded, 256-bit SHA-256 digest of the object. This will only + // be present if it was uploaded with the object. When you use an API operation + // on an object that was uploaded using multipart uploads, this value may not + // be a direct checksum value of the full object. Instead, it's a calculation + // based on the checksum values of each individual part. For more information + // about how checksums are calculated with multipart uploads, see Checking object + // integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) + // in the Amazon S3 User Guide. + ChecksumSHA256 *string `location:"header" locationName:"x-amz-checksum-sha256" type:"string"` + // Entity tag for the uploaded object. + // + // General purpose buckets - To ensure that data is not corrupted traversing + // the network, for objects where the ETag is the MD5 digest of the object, + // you can calculate the MD5 while putting an object to Amazon S3 and compare + // the returned ETag to the calculated MD5 value. + // + // Directory buckets - The ETag for the object in a directory bucket isn't the + // MD5 digest of the object. ETag *string `location:"header" locationName:"ETag" type:"string"` // If the expiration is configured for the object (see PutBucketLifecycleConfiguration - // (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketLifecycleConfiguration.html)), - // the response includes this header. It includes the expiry-date and rule-id - // key-value pairs that provide information about object expiration. The value - // of the rule-id is URL encoded. + // (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketLifecycleConfiguration.html)) + // in the Amazon S3 User Guide, the response includes this header. It includes + // the expiry-date and rule-id key-value pairs that provide information about + // object expiration. The value of the rule-id is URL-encoded. + // + // This functionality is not supported for directory buckets. Expiration *string `location:"header" locationName:"x-amz-expiration" type:"string"` // If present, indicates that the requester was successfully charged for the // request. + // + // This functionality is not supported for directory buckets. RequestCharged *string `location:"header" locationName:"x-amz-request-charged" type:"string" enum:"RequestCharged"` // If server-side encryption with a customer-provided encryption key was requested, - // the response will include this header confirming the encryption algorithm - // used. + // the response will include this header to confirm the encryption algorithm + // that's used. + // + // This functionality is not supported for directory buckets. SSECustomerAlgorithm *string `location:"header" locationName:"x-amz-server-side-encryption-customer-algorithm" type:"string"` // If server-side encryption with a customer-provided encryption key was requested, - // the response will include this header to provide round-trip message integrity + // the response will include this header to provide the round-trip message integrity // verification of the customer-provided encryption key. + // + // This functionality is not supported for directory buckets. SSECustomerKeyMD5 *string `location:"header" locationName:"x-amz-server-side-encryption-customer-key-MD5" type:"string"` - // If present, specifies the AWS KMS Encryption Context to use for object encryption. - // The value of this header is a base64-encoded UTF-8 string holding JSON with - // the encryption context key-value pairs. + // If present, indicates the Amazon Web Services KMS Encryption Context to use + // for object encryption. The value of this header is a base64-encoded UTF-8 + // string holding JSON with the encryption context key-value pairs. This value + // is stored as object metadata and automatically gets passed on to Amazon Web + // Services KMS for future GetObject or CopyObject operations on this object. + // + // This functionality is not supported for directory buckets. + // + // SSEKMSEncryptionContext is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by PutObjectOutput's + // String and GoString methods. SSEKMSEncryptionContext *string `location:"header" locationName:"x-amz-server-side-encryption-context" type:"string" sensitive:"true"` - // If x-amz-server-side-encryption is present and has the value of aws:kms, - // this header specifies the ID of the AWS Key Management Service (AWS KMS) - // symmetric customer managed customer master key (CMK) that was used for the - // object. + // If x-amz-server-side-encryption has a valid value of aws:kms or aws:kms:dsse, + // this header indicates the ID of the Key Management Service (KMS) symmetric + // encryption customer managed key that was used for the object. + // + // This functionality is not supported for directory buckets. + // + // SSEKMSKeyId is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by PutObjectOutput's + // String and GoString methods. SSEKMSKeyId *string `location:"header" locationName:"x-amz-server-side-encryption-aws-kms-key-id" type:"string" sensitive:"true"` - // If you specified server-side encryption either with an AWS KMS customer master - // key (CMK) or Amazon S3-managed encryption key in your PUT request, the response - // includes this header. It confirms the encryption algorithm that Amazon S3 - // used to encrypt the object. + // The server-side encryption algorithm used when you store this object in Amazon + // S3 (for example, AES256, aws:kms, aws:kms:dsse). + // + // For directory buckets, only server-side encryption with Amazon S3 managed + // keys (SSE-S3) (AES256) is supported. ServerSideEncryption *string `location:"header" locationName:"x-amz-server-side-encryption" type:"string" enum:"ServerSideEncryption"` - // Version of the object. + // Version ID of the object. + // + // If you enable versioning for a bucket, Amazon S3 automatically generates + // a unique version ID for the object being stored. Amazon S3 returns this ID + // in the response. When you enable versioning for a bucket, if Amazon S3 receives + // multiple write requests for the same object simultaneously, it stores all + // of the objects. For more information about versioning, see Adding Objects + // to Versioning-Enabled Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/AddingObjectstoVersioningEnabledBuckets.html) + // in the Amazon S3 User Guide. For information about returning the versioning + // state of a bucket, see GetBucketVersioning (https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketVersioning.html). + // + // This functionality is not supported for directory buckets. VersionId *string `location:"header" locationName:"x-amz-version-id" type:"string"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s PutObjectOutput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s PutObjectOutput) GoString() string { return s.String() } @@ -30551,6 +38514,30 @@ func (s *PutObjectOutput) SetBucketKeyEnabled(v bool) *PutObjectOutput { return s } +// SetChecksumCRC32 sets the ChecksumCRC32 field's value. +func (s *PutObjectOutput) SetChecksumCRC32(v string) *PutObjectOutput { + s.ChecksumCRC32 = &v + return s +} + +// SetChecksumCRC32C sets the ChecksumCRC32C field's value. +func (s *PutObjectOutput) SetChecksumCRC32C(v string) *PutObjectOutput { + s.ChecksumCRC32C = &v + return s +} + +// SetChecksumSHA1 sets the ChecksumSHA1 field's value. +func (s *PutObjectOutput) SetChecksumSHA1(v string) *PutObjectOutput { + s.ChecksumSHA1 = &v + return s +} + +// SetChecksumSHA256 sets the ChecksumSHA256 field's value. +func (s *PutObjectOutput) SetChecksumSHA256(v string) *PutObjectOutput { + s.ChecksumSHA256 = &v + return s +} + // SetETag sets the ETag field's value. func (s *PutObjectOutput) SetETag(v string) *PutObjectOutput { s.ETag = &v @@ -30611,22 +38598,45 @@ type PutObjectRetentionInput struct { // The bucket name that contains the object you want to apply this Object Retention // configuration to. // - // When using this API with an access point, you must direct requests to the - // access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. - // When using this operation with an access point through the AWS SDKs, you - // provide the access point ARN in place of the bucket name. For more information - // about access point ARNs, see Using Access Points (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-access-points.html) - // in the Amazon Simple Storage Service Developer Guide. + // Access points - When you use this action with an access point, you must provide + // the alias of the access point in place of the bucket name or specify the + // access point ARN. When using the access point ARN, you must direct requests + // to the access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. + // When using this action with an access point through the Amazon Web Services + // SDKs, you provide the access point ARN in place of the bucket name. For more + // information about access point ARNs, see Using access points (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html) + // in the Amazon S3 User Guide. // // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // Indicates whether this operation should bypass Governance-mode restrictions. + // Indicates whether this action should bypass Governance-mode restrictions. BypassGovernanceRetention *bool `location:"header" locationName:"x-amz-bypass-governance-retention" type:"boolean"` - // The account id of the expected bucket owner. If the bucket is owned by a - // different account, the request will fail with an HTTP 403 (Access Denied) - // error. + // Indicates the algorithm used to create the checksum for the object when you + // use the SDK. This header will not provide any additional functionality if + // you don't use the SDK. When you send this header, there must be a corresponding + // x-amz-checksum or x-amz-trailer header sent. Otherwise, Amazon S3 fails the + // request with the HTTP status code 400 Bad Request. For more information, + // see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) + // in the Amazon S3 User Guide. + // + // If you provide an individual checksum, Amazon S3 ignores any provided ChecksumAlgorithm + // parameter. + // + // The AWS SDK for Go v1 does not support automatic computing request payload + // checksum. This feature is available in the AWS SDK for Go v2. If a value + // is specified for this parameter, the matching algorithm's checksum member + // must be populated with the algorithm's checksum of the request payload. + // + // The SDK will automatically compute the Content-MD5 checksum for this operation. + // The AWS SDK for Go v2 allows you to configure alternative checksum algorithm + // to be used. + ChecksumAlgorithm *string `location:"header" locationName:"x-amz-sdk-checksum-algorithm" type:"string" enum:"ChecksumAlgorithm"` + + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` // The key name for the object that you want to apply this Object Retention @@ -30636,10 +38646,14 @@ type PutObjectRetentionInput struct { Key *string `location:"uri" locationName:"Key" min:"1" type:"string" required:"true"` // Confirms that the requester knows that they will be charged for the request. - // Bucket owners need not specify this parameter in their requests. For information - // about downloading objects from requester pays buckets, see Downloading Objects - // in Requestor Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) - // in the Amazon S3 Developer Guide. + // Bucket owners need not specify this parameter in their requests. If either + // the source or destination S3 bucket has Requester Pays enabled, the requester + // will pay for corresponding charges to copy the object. For information about + // downloading objects from Requester Pays buckets, see Downloading Objects + // in Requester Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) + // in the Amazon S3 User Guide. + // + // This functionality is not supported for directory buckets. RequestPayer *string `location:"header" locationName:"x-amz-request-payer" type:"string" enum:"RequestPayer"` // The container element for the Object Retention configuration. @@ -30650,12 +38664,20 @@ type PutObjectRetentionInput struct { VersionId *string `location:"querystring" locationName:"versionId" type:"string"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s PutObjectRetentionInput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s PutObjectRetentionInput) GoString() string { return s.String() } @@ -30701,6 +38723,12 @@ func (s *PutObjectRetentionInput) SetBypassGovernanceRetention(v bool) *PutObjec return s } +// SetChecksumAlgorithm sets the ChecksumAlgorithm field's value. +func (s *PutObjectRetentionInput) SetChecksumAlgorithm(v string) *PutObjectRetentionInput { + s.ChecksumAlgorithm = &v + return s +} + // SetExpectedBucketOwner sets the ExpectedBucketOwner field's value. func (s *PutObjectRetentionInput) SetExpectedBucketOwner(v string) *PutObjectRetentionInput { s.ExpectedBucketOwner = &v @@ -30763,15 +38791,25 @@ type PutObjectRetentionOutput struct { // If present, indicates that the requester was successfully charged for the // request. + // + // This functionality is not supported for directory buckets. RequestCharged *string `location:"header" locationName:"x-amz-request-charged" type:"string" enum:"RequestCharged"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s PutObjectRetentionOutput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s PutObjectRetentionOutput) GoString() string { return s.String() } @@ -30787,27 +38825,51 @@ type PutObjectTaggingInput struct { // The bucket name containing the object. // - // When using this API with an access point, you must direct requests to the - // access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. - // When using this operation with an access point through the AWS SDKs, you - // provide the access point ARN in place of the bucket name. For more information - // about access point ARNs, see Using Access Points (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-access-points.html) - // in the Amazon Simple Storage Service Developer Guide. - // - // When using this API with Amazon S3 on Outposts, you must direct requests - // to the S3 on Outposts hostname. The S3 on Outposts hostname takes the form - // AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com. When - // using this operation using S3 on Outposts through the AWS SDKs, you provide - // the Outposts bucket ARN in place of the bucket name. For more information - // about S3 on Outposts ARNs, see Using S3 on Outposts (https://docs.aws.amazon.com/AmazonS3/latest/dev/S3onOutposts.html) - // in the Amazon Simple Storage Service Developer Guide. + // Access points - When you use this action with an access point, you must provide + // the alias of the access point in place of the bucket name or specify the + // access point ARN. When using the access point ARN, you must direct requests + // to the access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. + // When using this action with an access point through the Amazon Web Services + // SDKs, you provide the access point ARN in place of the bucket name. For more + // information about access point ARNs, see Using access points (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html) + // in the Amazon S3 User Guide. + // + // S3 on Outposts - When you use this action with Amazon S3 on Outposts, you + // must direct requests to the S3 on Outposts hostname. The S3 on Outposts hostname + // takes the form AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com. + // When you use this action with S3 on Outposts through the Amazon Web Services + // SDKs, you provide the Outposts access point ARN in place of the bucket name. + // For more information about S3 on Outposts ARNs, see What is S3 on Outposts? + // (https://docs.aws.amazon.com/AmazonS3/latest/userguide/S3onOutposts.html) + // in the Amazon S3 User Guide. // // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // The account id of the expected bucket owner. If the bucket is owned by a - // different account, the request will fail with an HTTP 403 (Access Denied) - // error. + // Indicates the algorithm used to create the checksum for the object when you + // use the SDK. This header will not provide any additional functionality if + // you don't use the SDK. When you send this header, there must be a corresponding + // x-amz-checksum or x-amz-trailer header sent. Otherwise, Amazon S3 fails the + // request with the HTTP status code 400 Bad Request. For more information, + // see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) + // in the Amazon S3 User Guide. + // + // If you provide an individual checksum, Amazon S3 ignores any provided ChecksumAlgorithm + // parameter. + // + // The AWS SDK for Go v1 does not support automatic computing request payload + // checksum. This feature is available in the AWS SDK for Go v2. If a value + // is specified for this parameter, the matching algorithm's checksum member + // must be populated with the algorithm's checksum of the request payload. + // + // The SDK will automatically compute the Content-MD5 checksum for this operation. + // The AWS SDK for Go v2 allows you to configure alternative checksum algorithm + // to be used. + ChecksumAlgorithm *string `location:"header" locationName:"x-amz-sdk-checksum-algorithm" type:"string" enum:"ChecksumAlgorithm"` + + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` // Name of the object key. @@ -30815,6 +38877,17 @@ type PutObjectTaggingInput struct { // Key is a required field Key *string `location:"uri" locationName:"Key" min:"1" type:"string" required:"true"` + // Confirms that the requester knows that they will be charged for the request. + // Bucket owners need not specify this parameter in their requests. If either + // the source or destination S3 bucket has Requester Pays enabled, the requester + // will pay for corresponding charges to copy the object. For information about + // downloading objects from Requester Pays buckets, see Downloading Objects + // in Requester Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) + // in the Amazon S3 User Guide. + // + // This functionality is not supported for directory buckets. + RequestPayer *string `location:"header" locationName:"x-amz-request-payer" type:"string" enum:"RequestPayer"` + // Container for the TagSet and Tag elements // // Tagging is a required field @@ -30824,12 +38897,20 @@ type PutObjectTaggingInput struct { VersionId *string `location:"querystring" locationName:"versionId" type:"string"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s PutObjectTaggingInput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s PutObjectTaggingInput) GoString() string { return s.String() } @@ -30877,6 +38958,12 @@ func (s *PutObjectTaggingInput) getBucket() (v string) { return *s.Bucket } +// SetChecksumAlgorithm sets the ChecksumAlgorithm field's value. +func (s *PutObjectTaggingInput) SetChecksumAlgorithm(v string) *PutObjectTaggingInput { + s.ChecksumAlgorithm = &v + return s +} + // SetExpectedBucketOwner sets the ExpectedBucketOwner field's value. func (s *PutObjectTaggingInput) SetExpectedBucketOwner(v string) *PutObjectTaggingInput { s.ExpectedBucketOwner = &v @@ -30889,6 +38976,12 @@ func (s *PutObjectTaggingInput) SetKey(v string) *PutObjectTaggingInput { return s } +// SetRequestPayer sets the RequestPayer field's value. +func (s *PutObjectTaggingInput) SetRequestPayer(v string) *PutObjectTaggingInput { + s.RequestPayer = &v + return s +} + // SetTagging sets the Tagging field's value. func (s *PutObjectTaggingInput) SetTagging(v *Tagging) *PutObjectTaggingInput { s.Tagging = v @@ -30935,12 +39028,20 @@ type PutObjectTaggingOutput struct { VersionId *string `location:"header" locationName:"x-amz-version-id" type:"string"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s PutObjectTaggingOutput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s PutObjectTaggingOutput) GoString() string { return s.String() } @@ -30960,27 +39061,56 @@ type PutPublicAccessBlockInput struct { // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // The account id of the expected bucket owner. If the bucket is owned by a - // different account, the request will fail with an HTTP 403 (Access Denied) - // error. + // Indicates the algorithm used to create the checksum for the object when you + // use the SDK. This header will not provide any additional functionality if + // you don't use the SDK. When you send this header, there must be a corresponding + // x-amz-checksum or x-amz-trailer header sent. Otherwise, Amazon S3 fails the + // request with the HTTP status code 400 Bad Request. For more information, + // see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) + // in the Amazon S3 User Guide. + // + // If you provide an individual checksum, Amazon S3 ignores any provided ChecksumAlgorithm + // parameter. + // + // The AWS SDK for Go v1 does not support automatic computing request payload + // checksum. This feature is available in the AWS SDK for Go v2. If a value + // is specified for this parameter, the matching algorithm's checksum member + // must be populated with the algorithm's checksum of the request payload. + // + // The SDK will automatically compute the Content-MD5 checksum for this operation. + // The AWS SDK for Go v2 allows you to configure alternative checksum algorithm + // to be used. + ChecksumAlgorithm *string `location:"header" locationName:"x-amz-sdk-checksum-algorithm" type:"string" enum:"ChecksumAlgorithm"` + + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` // The PublicAccessBlock configuration that you want to apply to this Amazon // S3 bucket. You can enable the configuration options in any combination. For // more information about when Amazon S3 considers a bucket or object public, // see The Meaning of "Public" (https://docs.aws.amazon.com/AmazonS3/latest/dev/access-control-block-public-access.html#access-control-block-public-access-policy-status) - // in the Amazon Simple Storage Service Developer Guide. + // in the Amazon S3 User Guide. // // PublicAccessBlockConfiguration is a required field PublicAccessBlockConfiguration *PublicAccessBlockConfiguration `locationName:"PublicAccessBlockConfiguration" type:"structure" required:"true" xmlURI:"http://s3.amazonaws.com/doc/2006-03-01/"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s PutPublicAccessBlockInput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s PutPublicAccessBlockInput) GoString() string { return s.String() } @@ -31017,6 +39147,12 @@ func (s *PutPublicAccessBlockInput) getBucket() (v string) { return *s.Bucket } +// SetChecksumAlgorithm sets the ChecksumAlgorithm field's value. +func (s *PutPublicAccessBlockInput) SetChecksumAlgorithm(v string) *PutPublicAccessBlockInput { + s.ChecksumAlgorithm = &v + return s +} + // SetExpectedBucketOwner sets the ExpectedBucketOwner field's value. func (s *PutPublicAccessBlockInput) SetExpectedBucketOwner(v string) *PutPublicAccessBlockInput { s.ExpectedBucketOwner = &v @@ -31060,12 +39196,20 @@ type PutPublicAccessBlockOutput struct { _ struct{} `type:"structure"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s PutPublicAccessBlockOutput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s PutPublicAccessBlockOutput) GoString() string { return s.String() } @@ -31078,11 +39222,12 @@ type QueueConfiguration struct { // A collection of bucket events for which to send notifications // // Events is a required field - Events []*string `locationName:"Event" type:"list" flattened:"true" required:"true"` + Events []*string `locationName:"Event" type:"list" flattened:"true" required:"true" enum:"Event"` // Specifies object key name filtering rules. For information about key name - // filtering, see Configuring Event Notifications (https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html) - // in the Amazon Simple Storage Service Developer Guide. + // filtering, see Configuring event notifications using object key name filtering + // (https://docs.aws.amazon.com/AmazonS3/latest/userguide/notification-how-to-filtering.html) + // in the Amazon S3 User Guide. Filter *NotificationConfigurationFilter `type:"structure"` // An optional unique identifier for configurations in a notification configuration. @@ -31096,12 +39241,20 @@ type QueueConfiguration struct { QueueArn *string `locationName:"Queue" type:"string" required:"true"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s QueueConfiguration) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s QueueConfiguration) GoString() string { return s.String() } @@ -31158,8 +39311,8 @@ type QueueConfigurationDeprecated struct { // Deprecated: Event has been deprecated Event *string `deprecated:"true" type:"string" enum:"Event"` - // A collection of bucket events for which to send notifications - Events []*string `locationName:"Event" type:"list" flattened:"true"` + // A collection of bucket events for which to send notifications. + Events []*string `locationName:"Event" type:"list" flattened:"true" enum:"Event"` // An optional unique identifier for configurations in a notification configuration. // If you don't provide one, Amazon S3 will assign an ID. @@ -31170,12 +39323,20 @@ type QueueConfigurationDeprecated struct { Queue *string `type:"string"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s QueueConfigurationDeprecated) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s QueueConfigurationDeprecated) GoString() string { return s.String() } @@ -31209,17 +39370,24 @@ type RecordsEvent struct { _ struct{} `locationName:"RecordsEvent" type:"structure" payload:"Payload"` // The byte array of partial, one or more result records. - // // Payload is automatically base64 encoded/decoded by the SDK. Payload []byte `type:"blob"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s RecordsEvent) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s RecordsEvent) GoString() string { return s.String() } @@ -31275,20 +39443,36 @@ type Redirect struct { // and in the Redirect set ReplaceKeyPrefixWith to /documents. Not required // if one of the siblings is present. Can be present only if ReplaceKeyWith // is not provided. + // + // Replacement must be made for object keys containing special characters (such + // as carriage returns) when using XML requests. For more information, see XML + // related object key constraints (https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html#object-key-xml-related-constraints). ReplaceKeyPrefixWith *string `type:"string"` // The specific object key to use in the redirect request. For example, redirect // request to error.html. Not required if one of the siblings is present. Can // be present only if ReplaceKeyPrefixWith is not provided. + // + // Replacement must be made for object keys containing special characters (such + // as carriage returns) when using XML requests. For more information, see XML + // related object key constraints (https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html#object-key-xml-related-constraints). ReplaceKeyWith *string `type:"string"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s Redirect) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s Redirect) GoString() string { return s.String() } @@ -31338,12 +39522,20 @@ type RedirectAllRequestsTo struct { Protocol *string `type:"string" enum:"Protocol"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s RedirectAllRequestsTo) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s RedirectAllRequestsTo) GoString() string { return s.String() } @@ -31391,12 +39583,20 @@ type ReplicaModifications struct { Status *string `type:"string" required:"true" enum:"ReplicaModificationsStatus"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s ReplicaModifications) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s ReplicaModifications) GoString() string { return s.String() } @@ -31425,10 +39625,10 @@ func (s *ReplicaModifications) SetStatus(v string) *ReplicaModifications { type ReplicationConfiguration struct { _ struct{} `type:"structure"` - // The Amazon Resource Name (ARN) of the AWS Identity and Access Management - // (IAM) role that Amazon S3 assumes when replicating objects. For more information, + // The Amazon Resource Name (ARN) of the Identity and Access Management (IAM) + // role that Amazon S3 assumes when replicating objects. For more information, // see How to Set Up Replication (https://docs.aws.amazon.com/AmazonS3/latest/dev/replication-how-setup.html) - // in the Amazon Simple Storage Service Developer Guide. + // in the Amazon S3 User Guide. // // Role is a required field Role *string `type:"string" required:"true"` @@ -31440,12 +39640,20 @@ type ReplicationConfiguration struct { Rules []*ReplicationRule `locationName:"Rule" type:"list" flattened:"true" required:"true"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s ReplicationConfiguration) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s ReplicationConfiguration) GoString() string { return s.String() } @@ -31515,7 +39723,7 @@ type ReplicationRule struct { // Optional configuration to replicate existing source bucket objects. For more // information, see Replicating Existing Objects (https://docs.aws.amazon.com/AmazonS3/latest/dev/replication-what-is-isnot-replicated.html#existing-object-replication) - // in the Amazon S3 Developer Guide. + // in the Amazon S3 User Guide. ExistingObjectReplication *ExistingObjectReplication `type:"structure"` // A filter that identifies the subset of objects to which the replication rule @@ -31529,6 +39737,10 @@ type ReplicationRule struct { // the rule applies. The maximum prefix length is 1,024 characters. To include // all objects in a bucket, specify an empty string. // + // Replacement must be made for object keys containing special characters (such + // as carriage returns) when using XML requests. For more information, see XML + // related object key constraints (https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html#object-key-xml-related-constraints). + // // Deprecated: Prefix has been deprecated Prefix *string `deprecated:"true" type:"string"` @@ -31539,14 +39751,15 @@ type ReplicationRule struct { // with the highest priority. The higher the number, the higher the priority. // // For more information, see Replication (https://docs.aws.amazon.com/AmazonS3/latest/dev/replication.html) - // in the Amazon Simple Storage Service Developer Guide. + // in the Amazon S3 User Guide. Priority *int64 `type:"integer"` // A container that describes additional filters for identifying the source // objects that you want to replicate. You can choose to enable or disable the // replication of these objects. Currently, Amazon S3 supports only the filter // that you can specify for objects created with server-side encryption using - // a customer master key (CMK) stored in AWS Key Management Service (SSE-KMS). + // a customer managed key stored in Amazon Web Services Key Management Service + // (SSE-KMS). SourceSelectionCriteria *SourceSelectionCriteria `type:"structure"` // Specifies whether the rule is enabled. @@ -31555,12 +39768,20 @@ type ReplicationRule struct { Status *string `type:"string" required:"true" enum:"ReplicationRuleStatus"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s ReplicationRule) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s ReplicationRule) GoString() string { return s.String() } @@ -31661,11 +39882,11 @@ func (s *ReplicationRule) SetStatus(v string) *ReplicationRule { // // For example: // -// * If you specify both a Prefix and a Tag filter, wrap these filters in -// an And tag. +// - If you specify both a Prefix and a Tag filter, wrap these filters in +// an And tag. // -// * If you specify a filter based on multiple tags, wrap the Tag elements -// in an And tag +// - If you specify a filter based on multiple tags, wrap the Tag elements +// in an And tag. type ReplicationRuleAndOperator struct { _ struct{} `type:"structure"` @@ -31677,12 +39898,20 @@ type ReplicationRuleAndOperator struct { Tags []*Tag `locationName:"Tag" locationNameList:"Tag" type:"list" flattened:"true"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s ReplicationRuleAndOperator) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s ReplicationRuleAndOperator) GoString() string { return s.String() } @@ -31737,6 +39966,10 @@ type ReplicationRuleFilter struct { // An object key name prefix that identifies the subset of objects to which // the rule applies. + // + // Replacement must be made for object keys containing special characters (such + // as carriage returns) when using XML requests. For more information, see XML + // related object key constraints (https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html#object-key-xml-related-constraints). Prefix *string `type:"string"` // A container for specifying a tag key and value. @@ -31745,12 +39978,20 @@ type ReplicationRuleFilter struct { Tag *Tag `type:"structure"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s ReplicationRuleFilter) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s ReplicationRuleFilter) GoString() string { return s.String() } @@ -31812,12 +40053,20 @@ type ReplicationTime struct { Time *ReplicationTimeValue `type:"structure" required:"true"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s ReplicationTime) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s ReplicationTime) GoString() string { return s.String() } @@ -31857,16 +40106,24 @@ type ReplicationTimeValue struct { // Contains an integer specifying time in minutes. // - // Valid values: 15 minutes. + // Valid value: 15 Minutes *int64 `type:"integer"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s ReplicationTimeValue) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s ReplicationTimeValue) GoString() string { return s.String() } @@ -31887,12 +40144,20 @@ type RequestPaymentConfiguration struct { Payer *string `type:"string" required:"true" enum:"Payer"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s RequestPaymentConfiguration) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s RequestPaymentConfiguration) GoString() string { return s.String() } @@ -31925,12 +40190,20 @@ type RequestProgress struct { Enabled *bool `type:"boolean"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s RequestProgress) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s RequestProgress) GoString() string { return s.String() } @@ -31946,39 +40219,63 @@ type RestoreObjectInput struct { // The bucket name containing the object to restore. // - // When using this API with an access point, you must direct requests to the - // access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. - // When using this operation with an access point through the AWS SDKs, you - // provide the access point ARN in place of the bucket name. For more information - // about access point ARNs, see Using Access Points (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-access-points.html) - // in the Amazon Simple Storage Service Developer Guide. - // - // When using this API with Amazon S3 on Outposts, you must direct requests - // to the S3 on Outposts hostname. The S3 on Outposts hostname takes the form - // AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com. When - // using this operation using S3 on Outposts through the AWS SDKs, you provide - // the Outposts bucket ARN in place of the bucket name. For more information - // about S3 on Outposts ARNs, see Using S3 on Outposts (https://docs.aws.amazon.com/AmazonS3/latest/dev/S3onOutposts.html) - // in the Amazon Simple Storage Service Developer Guide. + // Access points - When you use this action with an access point, you must provide + // the alias of the access point in place of the bucket name or specify the + // access point ARN. When using the access point ARN, you must direct requests + // to the access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. + // When using this action with an access point through the Amazon Web Services + // SDKs, you provide the access point ARN in place of the bucket name. For more + // information about access point ARNs, see Using access points (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html) + // in the Amazon S3 User Guide. + // + // S3 on Outposts - When you use this action with Amazon S3 on Outposts, you + // must direct requests to the S3 on Outposts hostname. The S3 on Outposts hostname + // takes the form AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com. + // When you use this action with S3 on Outposts through the Amazon Web Services + // SDKs, you provide the Outposts access point ARN in place of the bucket name. + // For more information about S3 on Outposts ARNs, see What is S3 on Outposts? + // (https://docs.aws.amazon.com/AmazonS3/latest/userguide/S3onOutposts.html) + // in the Amazon S3 User Guide. // // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // The account id of the expected bucket owner. If the bucket is owned by a - // different account, the request will fail with an HTTP 403 (Access Denied) - // error. + // Indicates the algorithm used to create the checksum for the object when you + // use the SDK. This header will not provide any additional functionality if + // you don't use the SDK. When you send this header, there must be a corresponding + // x-amz-checksum or x-amz-trailer header sent. Otherwise, Amazon S3 fails the + // request with the HTTP status code 400 Bad Request. For more information, + // see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) + // in the Amazon S3 User Guide. + // + // If you provide an individual checksum, Amazon S3 ignores any provided ChecksumAlgorithm + // parameter. + // + // The AWS SDK for Go v1 does not support automatic computing request payload + // checksum. This feature is available in the AWS SDK for Go v2. If a value + // is specified for this parameter, the matching algorithm's checksum member + // must be populated with the algorithm's checksum of the request payload. + ChecksumAlgorithm *string `location:"header" locationName:"x-amz-sdk-checksum-algorithm" type:"string" enum:"ChecksumAlgorithm"` + + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` - // Object key for which the operation was initiated. + // Object key for which the action was initiated. // // Key is a required field Key *string `location:"uri" locationName:"Key" min:"1" type:"string" required:"true"` // Confirms that the requester knows that they will be charged for the request. - // Bucket owners need not specify this parameter in their requests. For information - // about downloading objects from requester pays buckets, see Downloading Objects - // in Requestor Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) - // in the Amazon S3 Developer Guide. + // Bucket owners need not specify this parameter in their requests. If either + // the source or destination S3 bucket has Requester Pays enabled, the requester + // will pay for corresponding charges to copy the object. For information about + // downloading objects from Requester Pays buckets, see Downloading Objects + // in Requester Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) + // in the Amazon S3 User Guide. + // + // This functionality is not supported for directory buckets. RequestPayer *string `location:"header" locationName:"x-amz-request-payer" type:"string" enum:"RequestPayer"` // Container for restore job parameters. @@ -31988,12 +40285,20 @@ type RestoreObjectInput struct { VersionId *string `location:"querystring" locationName:"versionId" type:"string"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s RestoreObjectInput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s RestoreObjectInput) GoString() string { return s.String() } @@ -32038,6 +40343,12 @@ func (s *RestoreObjectInput) getBucket() (v string) { return *s.Bucket } +// SetChecksumAlgorithm sets the ChecksumAlgorithm field's value. +func (s *RestoreObjectInput) SetChecksumAlgorithm(v string) *RestoreObjectInput { + s.ChecksumAlgorithm = &v + return s +} + // SetExpectedBucketOwner sets the ExpectedBucketOwner field's value. func (s *RestoreObjectInput) SetExpectedBucketOwner(v string) *RestoreObjectInput { s.ExpectedBucketOwner = &v @@ -32100,6 +40411,8 @@ type RestoreObjectOutput struct { // If present, indicates that the requester was successfully charged for the // request. + // + // This functionality is not supported for directory buckets. RequestCharged *string `location:"header" locationName:"x-amz-request-charged" type:"string" enum:"RequestCharged"` // Indicates the path in the provided S3 output location where Select results @@ -32107,12 +40420,20 @@ type RestoreObjectOutput struct { RestoreOutputPath *string `location:"header" locationName:"x-amz-restore-output-path" type:"string"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s RestoreObjectOutput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s RestoreObjectOutput) GoString() string { return s.String() } @@ -32160,12 +40481,20 @@ type RestoreRequest struct { Type *string `type:"string" enum:"RestoreRequestType"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s RestoreRequest) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s RestoreRequest) GoString() string { return s.String() } @@ -32237,10 +40566,71 @@ func (s *RestoreRequest) SetType(v string) *RestoreRequest { return s } +// Specifies the restoration status of an object. Objects in certain storage +// classes must be restored before they can be retrieved. For more information +// about these storage classes and how to work with archived objects, see Working +// with archived objects (https://docs.aws.amazon.com/AmazonS3/latest/userguide/archived-objects.html) +// in the Amazon S3 User Guide. +// +// This functionality is not supported for directory buckets. Only the S3 Express +// One Zone storage class is supported by directory buckets to store objects. +type RestoreStatus struct { + _ struct{} `type:"structure"` + + // Specifies whether the object is currently being restored. If the object restoration + // is in progress, the header returns the value TRUE. For example: + // + // x-amz-optional-object-attributes: IsRestoreInProgress="true" + // + // If the object restoration has completed, the header returns the value FALSE. + // For example: + // + // x-amz-optional-object-attributes: IsRestoreInProgress="false", RestoreExpiryDate="2012-12-21T00:00:00.000Z" + // + // If the object hasn't been restored, there is no header response. + IsRestoreInProgress *bool `type:"boolean"` + + // Indicates when the restored copy will expire. This value is populated only + // if the object has already been restored. For example: + // + // x-amz-optional-object-attributes: IsRestoreInProgress="false", RestoreExpiryDate="2012-12-21T00:00:00.000Z" + RestoreExpiryDate *time.Time `type:"timestamp"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s RestoreStatus) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s RestoreStatus) GoString() string { + return s.String() +} + +// SetIsRestoreInProgress sets the IsRestoreInProgress field's value. +func (s *RestoreStatus) SetIsRestoreInProgress(v bool) *RestoreStatus { + s.IsRestoreInProgress = &v + return s +} + +// SetRestoreExpiryDate sets the RestoreExpiryDate field's value. +func (s *RestoreStatus) SetRestoreExpiryDate(v time.Time) *RestoreStatus { + s.RestoreExpiryDate = &v + return s +} + // Specifies the redirect behavior and when a redirect is applied. For more // information about routing rules, see Configuring advanced conditional redirects // (https://docs.aws.amazon.com/AmazonS3/latest/dev/how-to-page-redirect.html#advanced-conditional-redirects) -// in the Amazon Simple Storage Service Developer Guide. +// in the Amazon S3 User Guide. type RoutingRule struct { _ struct{} `type:"structure"` @@ -32258,12 +40648,20 @@ type RoutingRule struct { Redirect *Redirect `type:"structure" required:"true"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s RoutingRule) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s RoutingRule) GoString() string { return s.String() } @@ -32295,16 +40693,16 @@ func (s *RoutingRule) SetRedirect(v *Redirect) *RoutingRule { // Specifies lifecycle rules for an Amazon S3 bucket. For more information, // see Put Bucket Lifecycle Configuration (https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTlifecycle.html) -// in the Amazon Simple Storage Service API Reference. For examples, see Put -// Bucket Lifecycle Configuration Examples (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketLifecycleConfiguration.html#API_PutBucketLifecycleConfiguration_Examples) +// in the Amazon S3 API Reference. For examples, see Put Bucket Lifecycle Configuration +// Examples (https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketLifecycleConfiguration.html#API_PutBucketLifecycleConfiguration_Examples). type Rule struct { _ struct{} `type:"structure"` // Specifies the days since the initiation of an incomplete multipart upload // that Amazon S3 will wait before permanently removing all parts of the upload. // For more information, see Aborting Incomplete Multipart Uploads Using a Bucket - // Lifecycle Policy (https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuoverview.html#mpu-abort-incomplete-mpu-lifecycle-config) - // in the Amazon Simple Storage Service Developer Guide. + // Lifecycle Configuration (https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuoverview.html#mpu-abort-incomplete-mpu-lifecycle-config) + // in the Amazon S3 User Guide. AbortIncompleteMultipartUpload *AbortIncompleteMultipartUpload `type:"structure"` // Specifies the expiration for the lifecycle of the object. @@ -32321,17 +40719,21 @@ type Rule struct { NoncurrentVersionExpiration *NoncurrentVersionExpiration `type:"structure"` // Container for the transition rule that describes when noncurrent objects - // transition to the STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER, - // or DEEP_ARCHIVE storage class. If your bucket is versioning-enabled (or versioning - // is suspended), you can set this action to request that Amazon S3 transition - // noncurrent object versions to the STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, - // GLACIER, or DEEP_ARCHIVE storage class at a specific period in the object's - // lifetime. + // transition to the STANDARD_IA, ONEZONE_IA, INTELLIGENT_TIERING, GLACIER_IR, + // GLACIER, or DEEP_ARCHIVE storage class. If your bucket is versioning-enabled + // (or versioning is suspended), you can set this action to request that Amazon + // S3 transition noncurrent object versions to the STANDARD_IA, ONEZONE_IA, + // INTELLIGENT_TIERING, GLACIER_IR, GLACIER, or DEEP_ARCHIVE storage class at + // a specific period in the object's lifetime. NoncurrentVersionTransition *NoncurrentVersionTransition `type:"structure"` // Object key prefix that identifies one or more objects to which this rule // applies. // + // Replacement must be made for object keys containing special characters (such + // as carriage returns) when using XML requests. For more information, see XML + // related object key constraints (https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html#object-key-xml-related-constraints). + // // Prefix is a required field Prefix *string `type:"string" required:"true"` @@ -32344,16 +40746,24 @@ type Rule struct { // Specifies when an object transitions to a specified storage class. For more // information about Amazon S3 lifecycle configuration rules, see Transitioning // Objects Using Amazon S3 Lifecycle (https://docs.aws.amazon.com/AmazonS3/latest/dev/lifecycle-transition-general-considerations.html) - // in the Amazon Simple Storage Service Developer Guide. + // in the Amazon S3 User Guide. Transition *Transition `type:"structure"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s Rule) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s Rule) GoString() string { return s.String() } @@ -32426,19 +40836,31 @@ func (s *Rule) SetTransition(v *Transition) *Rule { type SSEKMS struct { _ struct{} `locationName:"SSE-KMS" type:"structure"` - // Specifies the ID of the AWS Key Management Service (AWS KMS) symmetric customer - // managed customer master key (CMK) to use for encrypting inventory reports. + // Specifies the ID of the Key Management Service (KMS) symmetric encryption + // customer managed key to use for encrypting inventory reports. + // + // KeyId is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by SSEKMS's + // String and GoString methods. // // KeyId is a required field KeyId *string `type:"string" required:"true" sensitive:"true"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s SSEKMS) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s SSEKMS) GoString() string { return s.String() } @@ -32467,12 +40889,20 @@ type SSES3 struct { _ struct{} `locationName:"SSE-S3" type:"structure"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s SSES3) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s SSES3) GoString() string { return s.String() } @@ -32493,17 +40923,25 @@ type ScanRange struct { // Specifies the start of the byte range. This parameter is optional. Valid // values: non-negative integers. The default value is 0. If only start is supplied, - // it means scan from that point to the end of the file.For example; 50 + // it means scan from that point to the end of the file. For example, 50 // means scan from byte 50 until the end of the file. Start *int64 `type:"long"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s ScanRange) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s ScanRange) GoString() string { return s.String() } @@ -32525,11 +40963,11 @@ func (s *ScanRange) SetStart(v int64) *ScanRange { // // These events are: // -// * ContinuationEvent -// * EndEvent -// * ProgressEvent -// * RecordsEvent -// * StatsEvent +// - ContinuationEvent +// - EndEvent +// - ProgressEvent +// - RecordsEvent +// - StatsEvent type SelectObjectContentEventStreamEvent interface { eventSelectObjectContentEventStream() eventstreamapi.Marshaler @@ -32543,12 +40981,12 @@ type SelectObjectContentEventStreamEvent interface { // // These events are: // -// * ContinuationEvent -// * EndEvent -// * ProgressEvent -// * RecordsEvent -// * StatsEvent -// * SelectObjectContentEventStreamUnknownEvent +// - ContinuationEvent +// - EndEvent +// - ProgressEvent +// - RecordsEvent +// - StatsEvent +// - SelectObjectContentEventStreamUnknownEvent type SelectObjectContentEventStreamReader interface { // Returns a channel of events as they are read from the event stream. Events() <-chan SelectObjectContentEventStreamEvent @@ -32703,9 +41141,9 @@ type SelectObjectContentInput struct { // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` - // The account id of the expected bucket owner. If the bucket is owned by a - // different account, the request will fail with an HTTP 403 (Access Denied) - // error. + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` // The expression that is used to query the object. @@ -32736,16 +41174,26 @@ type SelectObjectContentInput struct { // Specifies if periodic request progress information should be enabled. RequestProgress *RequestProgress `type:"structure"` - // The SSE Algorithm used to encrypt the object. For more information, see Server-Side - // Encryption (Using Customer-Provided Encryption Keys (https://docs.aws.amazon.com/AmazonS3/latest/dev/ServerSideEncryptionCustomerKeys.html). + // The server-side encryption (SSE) algorithm used to encrypt the object. This + // parameter is needed only when the object was created using a checksum algorithm. + // For more information, see Protecting data using SSE-C keys (https://docs.aws.amazon.com/AmazonS3/latest/dev/ServerSideEncryptionCustomerKeys.html) + // in the Amazon S3 User Guide. SSECustomerAlgorithm *string `location:"header" locationName:"x-amz-server-side-encryption-customer-algorithm" type:"string"` - // The SSE Customer Key. For more information, see Server-Side Encryption (Using - // Customer-Provided Encryption Keys (https://docs.aws.amazon.com/AmazonS3/latest/dev/ServerSideEncryptionCustomerKeys.html). + // The server-side encryption (SSE) customer managed key. This parameter is + // needed only when the object was created using a checksum algorithm. For more + // information, see Protecting data using SSE-C keys (https://docs.aws.amazon.com/AmazonS3/latest/dev/ServerSideEncryptionCustomerKeys.html) + // in the Amazon S3 User Guide. + // + // SSECustomerKey is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by SelectObjectContentInput's + // String and GoString methods. SSECustomerKey *string `marshal-as:"blob" location:"header" locationName:"x-amz-server-side-encryption-customer-key" type:"string" sensitive:"true"` - // The SSE Customer Key MD5. For more information, see Server-Side Encryption - // (Using Customer-Provided Encryption Keys (https://docs.aws.amazon.com/AmazonS3/latest/dev/ServerSideEncryptionCustomerKeys.html). + // The MD5 server-side encryption (SSE) customer managed key. This parameter + // is needed only when the object was created using a checksum algorithm. For + // more information, see Protecting data using SSE-C keys (https://docs.aws.amazon.com/AmazonS3/latest/dev/ServerSideEncryptionCustomerKeys.html) + // in the Amazon S3 User Guide. SSECustomerKeyMD5 *string `location:"header" locationName:"x-amz-server-side-encryption-customer-key-MD5" type:"string"` // Specifies the byte range of the object to get the records from. A record @@ -32767,12 +41215,20 @@ type SelectObjectContentInput struct { ScanRange *ScanRange `type:"structure"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s SelectObjectContentInput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s SelectObjectContentInput) GoString() string { return s.String() } @@ -32930,12 +41386,20 @@ type SelectObjectContentOutput struct { EventStream *SelectObjectContentEventStream } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s SelectObjectContentOutput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s SelectObjectContentOutput) GoString() string { return s.String() } @@ -32978,12 +41442,20 @@ type SelectParameters struct { OutputSerialization *OutputSerialization `type:"structure" required:"true"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s SelectParameters) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s SelectParameters) GoString() string { return s.String() } @@ -33036,30 +41508,43 @@ func (s *SelectParameters) SetOutputSerialization(v *OutputSerialization) *Selec // Describes the default server-side encryption to apply to new objects in the // bucket. If a PUT Object request doesn't specify any server-side encryption, -// this default encryption will be applied. For more information, see PUT Bucket -// encryption (https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTencryption.html) -// in the Amazon Simple Storage Service API Reference. +// this default encryption will be applied. If you don't specify a customer +// managed key at configuration, Amazon S3 automatically creates an Amazon Web +// Services KMS key in your Amazon Web Services account the first time that +// you add an object encrypted with SSE-KMS to a bucket. By default, Amazon +// S3 uses this KMS key for SSE-KMS. For more information, see PUT Bucket encryption +// (https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTencryption.html) +// in the Amazon S3 API Reference. type ServerSideEncryptionByDefault struct { _ struct{} `type:"structure"` - // AWS Key Management Service (KMS) customer master key ID to use for the default - // encryption. This parameter is allowed if and only if SSEAlgorithm is set - // to aws:kms. - // - // You can specify the key ID or the Amazon Resource Name (ARN) of the CMK. - // However, if you are using encryption with cross-account operations, you must - // use a fully qualified CMK ARN. For more information, see Using encryption - // for cross-account operations (https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-encryption.html#bucket-encryption-update-bucket-policy). + // Amazon Web Services Key Management Service (KMS) customer Amazon Web Services + // KMS key ID to use for the default encryption. This parameter is allowed if + // and only if SSEAlgorithm is set to aws:kms or aws:kms:dsse. // - // For example: + // You can specify the key ID, key alias, or the Amazon Resource Name (ARN) + // of the KMS key. // // * Key ID: 1234abcd-12ab-34cd-56ef-1234567890ab // // * Key ARN: arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab // - // Amazon S3 only supports symmetric CMKs and not asymmetric CMKs. For more - // information, see Using Symmetric and Asymmetric Keys (https://docs.aws.amazon.com/kms/latest/developerguide/symmetric-asymmetric.html) - // in the AWS Key Management Service Developer Guide. + // * Key Alias: alias/alias-name + // + // If you use a key ID, you can run into a LogDestination undeliverable error + // when creating a VPC flow log. + // + // If you are using encryption with cross-account or Amazon Web Services service + // operations you must use a fully qualified KMS key ARN. For more information, + // see Using encryption for cross-account operations (https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-encryption.html#bucket-encryption-update-bucket-policy). + // + // Amazon S3 only supports symmetric encryption KMS keys. For more information, + // see Asymmetric keys in Amazon Web Services KMS (https://docs.aws.amazon.com/kms/latest/developerguide/symmetric-asymmetric.html) + // in the Amazon Web Services Key Management Service Developer Guide. + // + // KMSMasterKeyID is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by ServerSideEncryptionByDefault's + // String and GoString methods. KMSMasterKeyID *string `type:"string" sensitive:"true"` // Server-side encryption algorithm to use for the default encryption. @@ -33068,12 +41553,20 @@ type ServerSideEncryptionByDefault struct { SSEAlgorithm *string `type:"string" required:"true" enum:"ServerSideEncryption"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s ServerSideEncryptionByDefault) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s ServerSideEncryptionByDefault) GoString() string { return s.String() } @@ -33114,12 +41607,20 @@ type ServerSideEncryptionConfiguration struct { Rules []*ServerSideEncryptionRule `locationName:"Rule" type:"list" flattened:"true" required:"true"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s ServerSideEncryptionConfiguration) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s ServerSideEncryptionConfiguration) GoString() string { return s.String() } @@ -33168,16 +41669,24 @@ type ServerSideEncryptionRule struct { // S3 to use an S3 Bucket Key. By default, S3 Bucket Key is not enabled. // // For more information, see Amazon S3 Bucket Keys (https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-key.html) - // in the Amazon Simple Storage Service Developer Guide. + // in the Amazon S3 User Guide. BucketKeyEnabled *bool `type:"boolean"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s ServerSideEncryptionRule) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s ServerSideEncryptionRule) GoString() string { return s.String() } @@ -33209,11 +41718,124 @@ func (s *ServerSideEncryptionRule) SetBucketKeyEnabled(v bool) *ServerSideEncryp return s } +// The established temporary security credentials of the session. +// +// Directory buckets - These session credentials are only supported for the +// authentication and authorization of Zonal endpoint APIs on directory buckets. +type SessionCredentials struct { + _ struct{} `type:"structure"` + + // A unique identifier that's associated with a secret access key. The access + // key ID and the secret access key are used together to sign programmatic Amazon + // Web Services requests cryptographically. + // + // AccessKeyId is a required field + AccessKeyId *string `locationName:"AccessKeyId" type:"string" required:"true"` + + // Temporary security credentials expire after a specified interval. After temporary + // credentials expire, any calls that you make with those credentials will fail. + // So you must generate a new set of temporary credentials. Temporary credentials + // cannot be extended or refreshed beyond the original specified interval. + // + // Expiration is a required field + Expiration *time.Time `locationName:"Expiration" type:"timestamp" required:"true"` + + // A key that's used with the access key ID to cryptographically sign programmatic + // Amazon Web Services requests. Signing a request identifies the sender and + // prevents the request from being altered. + // + // SecretAccessKey is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by SessionCredentials's + // String and GoString methods. + // + // SecretAccessKey is a required field + SecretAccessKey *string `locationName:"SecretAccessKey" type:"string" required:"true" sensitive:"true"` + + // A part of the temporary security credentials. The session token is used to + // validate the temporary security credentials. + // + // SessionToken is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by SessionCredentials's + // String and GoString methods. + // + // SessionToken is a required field + SessionToken *string `locationName:"SessionToken" type:"string" required:"true" sensitive:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s SessionCredentials) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s SessionCredentials) GoString() string { + return s.String() +} + +// SetAccessKeyId sets the AccessKeyId field's value. +func (s *SessionCredentials) SetAccessKeyId(v string) *SessionCredentials { + s.AccessKeyId = &v + return s +} + +// SetExpiration sets the Expiration field's value. +func (s *SessionCredentials) SetExpiration(v time.Time) *SessionCredentials { + s.Expiration = &v + return s +} + +// SetSecretAccessKey sets the SecretAccessKey field's value. +func (s *SessionCredentials) SetSecretAccessKey(v string) *SessionCredentials { + s.SecretAccessKey = &v + return s +} + +// SetSessionToken sets the SessionToken field's value. +func (s *SessionCredentials) SetSessionToken(v string) *SessionCredentials { + s.SessionToken = &v + return s +} + +// To use simple format for S3 keys for log objects, set SimplePrefix to an +// empty object. +// +// [DestinationPrefix][YYYY]-[MM]-[DD]-[hh]-[mm]-[ss]-[UniqueString] +type SimplePrefix struct { + _ struct{} `locationName:"SimplePrefix" type:"structure"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s SimplePrefix) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s SimplePrefix) GoString() string { + return s.String() +} + // A container that describes additional filters for identifying the source // objects that you want to replicate. You can choose to enable or disable the // replication of these objects. Currently, Amazon S3 supports only the filter // that you can specify for objects created with server-side encryption using -// a customer master key (CMK) stored in AWS Key Management Service (SSE-KMS). +// a customer managed key stored in Amazon Web Services Key Management Service +// (SSE-KMS). type SourceSelectionCriteria struct { _ struct{} `type:"structure"` @@ -33229,17 +41851,25 @@ type SourceSelectionCriteria struct { ReplicaModifications *ReplicaModifications `type:"structure"` // A container for filter information for the selection of Amazon S3 objects - // encrypted with AWS KMS. If you include SourceSelectionCriteria in the replication - // configuration, this element is required. + // encrypted with Amazon Web Services KMS. If you include SourceSelectionCriteria + // in the replication configuration, this element is required. SseKmsEncryptedObjects *SseKmsEncryptedObjects `type:"structure"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s SourceSelectionCriteria) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s SourceSelectionCriteria) GoString() string { return s.String() } @@ -33277,23 +41907,32 @@ func (s *SourceSelectionCriteria) SetSseKmsEncryptedObjects(v *SseKmsEncryptedOb } // A container for filter information for the selection of S3 objects encrypted -// with AWS KMS. +// with Amazon Web Services KMS. type SseKmsEncryptedObjects struct { _ struct{} `type:"structure"` // Specifies whether Amazon S3 replicates objects created with server-side encryption - // using a customer master key (CMK) stored in AWS Key Management Service. + // using an Amazon Web Services KMS key stored in Amazon Web Services Key Management + // Service. // // Status is a required field Status *string `type:"string" required:"true" enum:"SseKmsEncryptedObjectsStatus"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s SseKmsEncryptedObjects) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s SseKmsEncryptedObjects) GoString() string { return s.String() } @@ -33331,12 +41970,20 @@ type Stats struct { BytesScanned *int64 `type:"long"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s Stats) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s Stats) GoString() string { return s.String() } @@ -33367,12 +42014,20 @@ type StatsEvent struct { Details *Stats `locationName:"Details" type:"structure"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s StatsEvent) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s StatsEvent) GoString() string { return s.String() } @@ -33423,12 +42078,20 @@ type StorageClassAnalysis struct { DataExport *StorageClassAnalysisDataExport `type:"structure"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s StorageClassAnalysis) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s StorageClassAnalysis) GoString() string { return s.String() } @@ -33470,12 +42133,20 @@ type StorageClassAnalysisDataExport struct { OutputSchemaVersion *string `type:"string" required:"true" enum:"StorageClassAnalysisSchemaVersion"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s StorageClassAnalysisDataExport) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s StorageClassAnalysisDataExport) GoString() string { return s.String() } @@ -33528,12 +42199,20 @@ type Tag struct { Value *string `type:"string" required:"true"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s Tag) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s Tag) GoString() string { return s.String() } @@ -33579,12 +42258,20 @@ type Tagging struct { TagSet []*Tag `locationNameList:"Tag" type:"list" required:"true"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s Tagging) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s Tagging) GoString() string { return s.String() } @@ -33619,6 +42306,11 @@ func (s *Tagging) SetTagSet(v []*Tag) *Tagging { } // Container for granting information. +// +// Buckets that use the bucket owner enforced setting for Object Ownership don't +// support target grants. For more information, see Permissions server access +// log delivery (https://docs.aws.amazon.com/AmazonS3/latest/userguide/enable-server-access-logging.html#grant-log-delivery-permissions-general) +// in the Amazon S3 User Guide. type TargetGrant struct { _ struct{} `type:"structure"` @@ -33629,12 +42321,20 @@ type TargetGrant struct { Permission *string `type:"string" enum:"BucketLogsPermission"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s TargetGrant) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s TargetGrant) GoString() string { return s.String() } @@ -33666,6 +42366,49 @@ func (s *TargetGrant) SetPermission(v string) *TargetGrant { return s } +// Amazon S3 key format for log objects. Only one format, PartitionedPrefix +// or SimplePrefix, is allowed. +type TargetObjectKeyFormat struct { + _ struct{} `type:"structure"` + + // Partitioned S3 key for log objects. + PartitionedPrefix *PartitionedPrefix `locationName:"PartitionedPrefix" type:"structure"` + + // To use the simple format for S3 keys for log objects. To specify SimplePrefix + // format, set SimplePrefix to {}. + SimplePrefix *SimplePrefix `locationName:"SimplePrefix" type:"structure"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s TargetObjectKeyFormat) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s TargetObjectKeyFormat) GoString() string { + return s.String() +} + +// SetPartitionedPrefix sets the PartitionedPrefix field's value. +func (s *TargetObjectKeyFormat) SetPartitionedPrefix(v *PartitionedPrefix) *TargetObjectKeyFormat { + s.PartitionedPrefix = v + return s +} + +// SetSimplePrefix sets the SimplePrefix field's value. +func (s *TargetObjectKeyFormat) SetSimplePrefix(v *SimplePrefix) *TargetObjectKeyFormat { + s.SimplePrefix = v + return s +} + // The S3 Intelligent-Tiering storage class is designed to optimize storage // costs by automatically moving data to the most cost-effective storage access // tier, without additional operational overhead. @@ -33689,12 +42432,20 @@ type Tiering struct { Days *int64 `type:"integer" required:"true"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s Tiering) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s Tiering) GoString() string { return s.String() } @@ -33735,14 +42486,15 @@ type TopicConfiguration struct { // The Amazon S3 bucket event about which to send notifications. For more information, // see Supported Event Types (https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html) - // in the Amazon Simple Storage Service Developer Guide. + // in the Amazon S3 User Guide. // // Events is a required field - Events []*string `locationName:"Event" type:"list" flattened:"true" required:"true"` + Events []*string `locationName:"Event" type:"list" flattened:"true" required:"true" enum:"Event"` // Specifies object key name filtering rules. For information about key name - // filtering, see Configuring Event Notifications (https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html) - // in the Amazon Simple Storage Service Developer Guide. + // filtering, see Configuring event notifications using object key name filtering + // (https://docs.aws.amazon.com/AmazonS3/latest/userguide/notification-how-to-filtering.html) + // in the Amazon S3 User Guide. Filter *NotificationConfigurationFilter `type:"structure"` // An optional unique identifier for configurations in a notification configuration. @@ -33756,12 +42508,20 @@ type TopicConfiguration struct { TopicArn *string `locationName:"Topic" type:"string" required:"true"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s TopicConfiguration) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s TopicConfiguration) GoString() string { return s.String() } @@ -33820,7 +42580,7 @@ type TopicConfigurationDeprecated struct { Event *string `deprecated:"true" type:"string" enum:"Event"` // A collection of events related to objects - Events []*string `locationName:"Event" type:"list" flattened:"true"` + Events []*string `locationName:"Event" type:"list" flattened:"true" enum:"Event"` // An optional unique identifier for configurations in a notification configuration. // If you don't provide one, Amazon S3 will assign an ID. @@ -33831,12 +42591,20 @@ type TopicConfigurationDeprecated struct { Topic *string `type:"string"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s TopicConfigurationDeprecated) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s TopicConfigurationDeprecated) GoString() string { return s.String() } @@ -33868,7 +42636,7 @@ func (s *TopicConfigurationDeprecated) SetTopic(v string) *TopicConfigurationDep // Specifies when an object transitions to a specified storage class. For more // information about Amazon S3 lifecycle configuration rules, see Transitioning // Objects Using Amazon S3 Lifecycle (https://docs.aws.amazon.com/AmazonS3/latest/dev/lifecycle-transition-general-considerations.html) -// in the Amazon Simple Storage Service Developer Guide. +// in the Amazon S3 User Guide. type Transition struct { _ struct{} `type:"structure"` @@ -33884,12 +42652,20 @@ type Transition struct { StorageClass *string `type:"string" enum:"TransitionStorageClass"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s Transition) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s Transition) GoString() string { return s.String() } @@ -33917,32 +42693,46 @@ type UploadPartCopyInput struct { // The bucket name. // - // When using this API with an access point, you must direct requests to the - // access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. - // When using this operation with an access point through the AWS SDKs, you - // provide the access point ARN in place of the bucket name. For more information - // about access point ARNs, see Using Access Points (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-access-points.html) - // in the Amazon Simple Storage Service Developer Guide. - // - // When using this API with Amazon S3 on Outposts, you must direct requests - // to the S3 on Outposts hostname. The S3 on Outposts hostname takes the form - // AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com. When - // using this operation using S3 on Outposts through the AWS SDKs, you provide - // the Outposts bucket ARN in place of the bucket name. For more information - // about S3 on Outposts ARNs, see Using S3 on Outposts (https://docs.aws.amazon.com/AmazonS3/latest/dev/S3onOutposts.html) - // in the Amazon Simple Storage Service Developer Guide. + // Directory buckets - When you use this operation with a directory bucket, + // you must use virtual-hosted-style requests in the format Bucket_name.s3express-az_id.region.amazonaws.com. + // Path-style requests are not supported. Directory bucket names must be unique + // in the chosen Availability Zone. Bucket names must follow the format bucket_base_name--az-id--x-s3 + // (for example, DOC-EXAMPLE-BUCKET--usw2-az1--x-s3). For information about + // bucket naming restrictions, see Directory bucket naming rules (https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-bucket-naming-rules.html) + // in the Amazon S3 User Guide. + // + // Access points - When you use this action with an access point, you must provide + // the alias of the access point in place of the bucket name or specify the + // access point ARN. When using the access point ARN, you must direct requests + // to the access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. + // When using this action with an access point through the Amazon Web Services + // SDKs, you provide the access point ARN in place of the bucket name. For more + // information about access point ARNs, see Using access points (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html) + // in the Amazon S3 User Guide. + // + // Access points and Object Lambda access points are not supported by directory + // buckets. + // + // S3 on Outposts - When you use this action with Amazon S3 on Outposts, you + // must direct requests to the S3 on Outposts hostname. The S3 on Outposts hostname + // takes the form AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com. + // When you use this action with S3 on Outposts through the Amazon Web Services + // SDKs, you provide the Outposts access point ARN in place of the bucket name. + // For more information about S3 on Outposts ARNs, see What is S3 on Outposts? + // (https://docs.aws.amazon.com/AmazonS3/latest/userguide/S3onOutposts.html) + // in the Amazon S3 User Guide. // // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` // Specifies the source object for the copy operation. You specify the value // in one of two formats, depending on whether you want to access the source - // object through an access point (https://docs.aws.amazon.com/AmazonS3/latest/dev/access-points.html): + // object through an access point (https://docs.aws.amazon.com/AmazonS3/latest/userguide/access-points.html): // // * For objects not accessed through an access point, specify the name of // the source bucket and key of the source object, separated by a slash (/). // For example, to copy the object reports/january.pdf from the bucket awsexamplebucket, - // use awsexamplebucket/reports/january.pdf. The value must be URL encoded. + // use awsexamplebucket/reports/january.pdf. The value must be URL-encoded. // // * For objects accessed through access points, specify the Amazon Resource // Name (ARN) of the object as accessed through the access point, in the @@ -33951,33 +42741,81 @@ type UploadPartCopyInput struct { // my-access-point owned by account 123456789012 in Region us-west-2, use // the URL encoding of arn:aws:s3:us-west-2:123456789012:accesspoint/my-access-point/object/reports/january.pdf. // The value must be URL encoded. Amazon S3 supports copy operations using - // access points only when the source and destination buckets are in the - // same AWS Region. Alternatively, for objects accessed through Amazon S3 - // on Outposts, specify the ARN of the object as accessed in the format arn:aws:s3-outposts:::outpost//object/. + // Access points only when the source and destination buckets are in the + // same Amazon Web Services Region. Access points are not supported by directory + // buckets. Alternatively, for objects accessed through Amazon S3 on Outposts, + // specify the ARN of the object as accessed in the format arn:aws:s3-outposts:::outpost//object/. // For example, to copy the object reports/january.pdf through outpost my-outpost // owned by account 123456789012 in Region us-west-2, use the URL encoding // of arn:aws:s3-outposts:us-west-2:123456789012:outpost/my-outpost/object/reports/january.pdf. - // The value must be URL encoded. + // The value must be URL-encoded. // - // To copy a specific version of an object, append ?versionId= to - // the value (for example, awsexamplebucket/reports/january.pdf?versionId=QUpfdndhfd8438MNFDN93jdnJFkdmqnh893). - // If you don't specify a version ID, Amazon S3 copies the latest version of - // the source object. + // If your bucket has versioning enabled, you could have multiple versions of + // the same object. By default, x-amz-copy-source identifies the current version + // of the source object to copy. To copy a specific version of the source object + // to copy, append ?versionId= to the x-amz-copy-source request + // header (for example, x-amz-copy-source: /awsexamplebucket/reports/january.pdf?versionId=QUpfdndhfd8438MNFDN93jdnJFkdmqnh893). + // + // If the current version is a delete marker and you don't specify a versionId + // in the x-amz-copy-source request header, Amazon S3 returns a 404 Not Found + // error, because the object does not exist. If you specify versionId in the + // x-amz-copy-source and the versionId is a delete marker, Amazon S3 returns + // an HTTP 400 Bad Request error, because you are not allowed to specify a delete + // marker as a version for the x-amz-copy-source. + // + // Directory buckets - S3 Versioning isn't enabled and supported for directory + // buckets. // // CopySource is a required field CopySource *string `location:"header" locationName:"x-amz-copy-source" type:"string" required:"true"` // Copies the object if its entity tag (ETag) matches the specified tag. + // + // If both of the x-amz-copy-source-if-match and x-amz-copy-source-if-unmodified-since + // headers are present in the request as follows: + // + // x-amz-copy-source-if-match condition evaluates to true, and; + // + // x-amz-copy-source-if-unmodified-since condition evaluates to false; + // + // Amazon S3 returns 200 OK and copies the data. CopySourceIfMatch *string `location:"header" locationName:"x-amz-copy-source-if-match" type:"string"` // Copies the object if it has been modified since the specified time. + // + // If both of the x-amz-copy-source-if-none-match and x-amz-copy-source-if-modified-since + // headers are present in the request as follows: + // + // x-amz-copy-source-if-none-match condition evaluates to false, and; + // + // x-amz-copy-source-if-modified-since condition evaluates to true; + // + // Amazon S3 returns 412 Precondition Failed response code. CopySourceIfModifiedSince *time.Time `location:"header" locationName:"x-amz-copy-source-if-modified-since" type:"timestamp"` // Copies the object if its entity tag (ETag) is different than the specified // ETag. + // + // If both of the x-amz-copy-source-if-none-match and x-amz-copy-source-if-modified-since + // headers are present in the request as follows: + // + // x-amz-copy-source-if-none-match condition evaluates to false, and; + // + // x-amz-copy-source-if-modified-since condition evaluates to true; + // + // Amazon S3 returns 412 Precondition Failed response code. CopySourceIfNoneMatch *string `location:"header" locationName:"x-amz-copy-source-if-none-match" type:"string"` // Copies the object if it hasn't been modified since the specified time. + // + // If both of the x-amz-copy-source-if-match and x-amz-copy-source-if-unmodified-since + // headers are present in the request as follows: + // + // x-amz-copy-source-if-match condition evaluates to true, and; + // + // x-amz-copy-source-if-unmodified-since condition evaluates to false; + // + // Amazon S3 returns 200 OK and copies the data. CopySourceIfUnmodifiedSince *time.Time `location:"header" locationName:"x-amz-copy-source-if-unmodified-since" type:"timestamp"` // The range of bytes to copy from the source object. The range value must use @@ -33989,26 +42827,39 @@ type UploadPartCopyInput struct { // Specifies the algorithm to use when decrypting the source object (for example, // AES256). + // + // This functionality is not supported when the source object is in a directory + // bucket. CopySourceSSECustomerAlgorithm *string `location:"header" locationName:"x-amz-copy-source-server-side-encryption-customer-algorithm" type:"string"` // Specifies the customer-provided encryption key for Amazon S3 to use to decrypt // the source object. The encryption key provided in this header must be one // that was used when the source object was created. + // + // This functionality is not supported when the source object is in a directory + // bucket. + // + // CopySourceSSECustomerKey is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by UploadPartCopyInput's + // String and GoString methods. CopySourceSSECustomerKey *string `marshal-as:"blob" location:"header" locationName:"x-amz-copy-source-server-side-encryption-customer-key" type:"string" sensitive:"true"` // Specifies the 128-bit MD5 digest of the encryption key according to RFC 1321. // Amazon S3 uses this header for a message integrity check to ensure that the // encryption key was transmitted without error. + // + // This functionality is not supported when the source object is in a directory + // bucket. CopySourceSSECustomerKeyMD5 *string `location:"header" locationName:"x-amz-copy-source-server-side-encryption-customer-key-MD5" type:"string"` - // The account id of the expected destination bucket owner. If the destination - // bucket is owned by a different account, the request will fail with an HTTP - // 403 (Access Denied) error. + // The account ID of the expected destination bucket owner. If the account ID + // that you provide does not match the actual owner of the destination bucket, + // the request fails with the HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` - // The account id of the expected source bucket owner. If the source bucket - // is owned by a different account, the request will fail with an HTTP 403 (Access - // Denied) error. + // The account ID of the expected source bucket owner. If the account ID that + // you provide does not match the actual owner of the source bucket, the request + // fails with the HTTP status code 403 Forbidden (access denied). ExpectedSourceBucketOwner *string `location:"header" locationName:"x-amz-source-expected-bucket-owner" type:"string"` // Object key for which the multipart upload was initiated. @@ -34023,14 +42874,20 @@ type UploadPartCopyInput struct { PartNumber *int64 `location:"querystring" locationName:"partNumber" type:"integer" required:"true"` // Confirms that the requester knows that they will be charged for the request. - // Bucket owners need not specify this parameter in their requests. For information - // about downloading objects from requester pays buckets, see Downloading Objects - // in Requestor Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) - // in the Amazon S3 Developer Guide. + // Bucket owners need not specify this parameter in their requests. If either + // the source or destination S3 bucket has Requester Pays enabled, the requester + // will pay for corresponding charges to copy the object. For information about + // downloading objects from Requester Pays buckets, see Downloading Objects + // in Requester Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) + // in the Amazon S3 User Guide. + // + // This functionality is not supported for directory buckets. RequestPayer *string `location:"header" locationName:"x-amz-request-payer" type:"string" enum:"RequestPayer"` - // Specifies the algorithm to use to when encrypting the object (for example, - // AES256). + // Specifies the algorithm to use when encrypting the object (for example, AES256). + // + // This functionality is not supported when the destination bucket is a directory + // bucket. SSECustomerAlgorithm *string `location:"header" locationName:"x-amz-server-side-encryption-customer-algorithm" type:"string"` // Specifies the customer-provided encryption key for Amazon S3 to use in encrypting @@ -34039,11 +42896,21 @@ type UploadPartCopyInput struct { // with the algorithm specified in the x-amz-server-side-encryption-customer-algorithm // header. This must be the same encryption key specified in the initiate multipart // upload request. + // + // This functionality is not supported when the destination bucket is a directory + // bucket. + // + // SSECustomerKey is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by UploadPartCopyInput's + // String and GoString methods. SSECustomerKey *string `marshal-as:"blob" location:"header" locationName:"x-amz-server-side-encryption-customer-key" type:"string" sensitive:"true"` // Specifies the 128-bit MD5 digest of the encryption key according to RFC 1321. // Amazon S3 uses this header for a message integrity check to ensure that the // encryption key was transmitted without error. + // + // This functionality is not supported when the destination bucket is a directory + // bucket. SSECustomerKeyMD5 *string `location:"header" locationName:"x-amz-server-side-encryption-customer-key-MD5" type:"string"` // Upload ID identifying the multipart upload whose part is being copied. @@ -34052,12 +42919,20 @@ type UploadPartCopyInput struct { UploadId *string `location:"querystring" locationName:"uploadId" type:"string" required:"true"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s UploadPartCopyInput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s UploadPartCopyInput) GoString() string { return s.String() } @@ -34259,7 +43134,9 @@ type UploadPartCopyOutput struct { _ struct{} `type:"structure" payload:"CopyPartResult"` // Indicates whether the multipart upload uses an S3 Bucket Key for server-side - // encryption with AWS KMS (SSE-KMS). + // encryption with Key Management Service (KMS) keys (SSE-KMS). + // + // This functionality is not supported for directory buckets. BucketKeyEnabled *bool `location:"header" locationName:"x-amz-server-side-encryption-bucket-key-enabled" type:"boolean"` // Container for all response elements. @@ -34267,38 +43144,63 @@ type UploadPartCopyOutput struct { // The version of the source object that was copied, if you have enabled versioning // on the source bucket. + // + // This functionality is not supported when the source object is in a directory + // bucket. CopySourceVersionId *string `location:"header" locationName:"x-amz-copy-source-version-id" type:"string"` // If present, indicates that the requester was successfully charged for the // request. + // + // This functionality is not supported for directory buckets. RequestCharged *string `location:"header" locationName:"x-amz-request-charged" type:"string" enum:"RequestCharged"` // If server-side encryption with a customer-provided encryption key was requested, - // the response will include this header confirming the encryption algorithm - // used. + // the response will include this header to confirm the encryption algorithm + // that's used. + // + // This functionality is not supported for directory buckets. SSECustomerAlgorithm *string `location:"header" locationName:"x-amz-server-side-encryption-customer-algorithm" type:"string"` // If server-side encryption with a customer-provided encryption key was requested, - // the response will include this header to provide round-trip message integrity + // the response will include this header to provide the round-trip message integrity // verification of the customer-provided encryption key. + // + // This functionality is not supported for directory buckets. SSECustomerKeyMD5 *string `location:"header" locationName:"x-amz-server-side-encryption-customer-key-MD5" type:"string"` - // If present, specifies the ID of the AWS Key Management Service (AWS KMS) - // symmetric customer managed customer master key (CMK) that was used for the - // object. + // If present, indicates the ID of the Key Management Service (KMS) symmetric + // encryption customer managed key that was used for the object. + // + // This functionality is not supported for directory buckets. + // + // SSEKMSKeyId is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by UploadPartCopyOutput's + // String and GoString methods. SSEKMSKeyId *string `location:"header" locationName:"x-amz-server-side-encryption-aws-kms-key-id" type:"string" sensitive:"true"` - // The server-side encryption algorithm used when storing this object in Amazon + // The server-side encryption algorithm used when you store this object in Amazon // S3 (for example, AES256, aws:kms). + // + // For directory buckets, only server-side encryption with Amazon S3 managed + // keys (SSE-S3) (AES256) is supported. ServerSideEncryption *string `location:"header" locationName:"x-amz-server-side-encryption" type:"string" enum:"ServerSideEncryption"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s UploadPartCopyOutput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s UploadPartCopyOutput) GoString() string { return s.String() } @@ -34359,24 +43261,86 @@ type UploadPartInput struct { // The name of the bucket to which the multipart upload was initiated. // - // When using this API with an access point, you must direct requests to the - // access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. - // When using this operation with an access point through the AWS SDKs, you - // provide the access point ARN in place of the bucket name. For more information - // about access point ARNs, see Using Access Points (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-access-points.html) - // in the Amazon Simple Storage Service Developer Guide. - // - // When using this API with Amazon S3 on Outposts, you must direct requests - // to the S3 on Outposts hostname. The S3 on Outposts hostname takes the form - // AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com. When - // using this operation using S3 on Outposts through the AWS SDKs, you provide - // the Outposts bucket ARN in place of the bucket name. For more information - // about S3 on Outposts ARNs, see Using S3 on Outposts (https://docs.aws.amazon.com/AmazonS3/latest/dev/S3onOutposts.html) - // in the Amazon Simple Storage Service Developer Guide. + // Directory buckets - When you use this operation with a directory bucket, + // you must use virtual-hosted-style requests in the format Bucket_name.s3express-az_id.region.amazonaws.com. + // Path-style requests are not supported. Directory bucket names must be unique + // in the chosen Availability Zone. Bucket names must follow the format bucket_base_name--az-id--x-s3 + // (for example, DOC-EXAMPLE-BUCKET--usw2-az1--x-s3). For information about + // bucket naming restrictions, see Directory bucket naming rules (https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-bucket-naming-rules.html) + // in the Amazon S3 User Guide. + // + // Access points - When you use this action with an access point, you must provide + // the alias of the access point in place of the bucket name or specify the + // access point ARN. When using the access point ARN, you must direct requests + // to the access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. + // When using this action with an access point through the Amazon Web Services + // SDKs, you provide the access point ARN in place of the bucket name. For more + // information about access point ARNs, see Using access points (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html) + // in the Amazon S3 User Guide. + // + // Access points and Object Lambda access points are not supported by directory + // buckets. + // + // S3 on Outposts - When you use this action with Amazon S3 on Outposts, you + // must direct requests to the S3 on Outposts hostname. The S3 on Outposts hostname + // takes the form AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com. + // When you use this action with S3 on Outposts through the Amazon Web Services + // SDKs, you provide the Outposts access point ARN in place of the bucket name. + // For more information about S3 on Outposts ARNs, see What is S3 on Outposts? + // (https://docs.aws.amazon.com/AmazonS3/latest/userguide/S3onOutposts.html) + // in the Amazon S3 User Guide. // // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` + // Indicates the algorithm used to create the checksum for the object when you + // use the SDK. This header will not provide any additional functionality if + // you don't use the SDK. When you send this header, there must be a corresponding + // x-amz-checksum or x-amz-trailer header sent. Otherwise, Amazon S3 fails the + // request with the HTTP status code 400 Bad Request. For more information, + // see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) + // in the Amazon S3 User Guide. + // + // If you provide an individual checksum, Amazon S3 ignores any provided ChecksumAlgorithm + // parameter. + // + // This checksum algorithm must be the same for all parts and it match the checksum + // value supplied in the CreateMultipartUpload request. + // + // The AWS SDK for Go v1 does not support automatic computing request payload + // checksum. This feature is available in the AWS SDK for Go v2. If a value + // is specified for this parameter, the matching algorithm's checksum member + // must be populated with the algorithm's checksum of the request payload. + ChecksumAlgorithm *string `location:"header" locationName:"x-amz-sdk-checksum-algorithm" type:"string" enum:"ChecksumAlgorithm"` + + // This header can be used as a data integrity check to verify that the data + // received is the same data that was originally sent. This header specifies + // the base64-encoded, 32-bit CRC32 checksum of the object. For more information, + // see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) + // in the Amazon S3 User Guide. + ChecksumCRC32 *string `location:"header" locationName:"x-amz-checksum-crc32" type:"string"` + + // This header can be used as a data integrity check to verify that the data + // received is the same data that was originally sent. This header specifies + // the base64-encoded, 32-bit CRC32C checksum of the object. For more information, + // see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) + // in the Amazon S3 User Guide. + ChecksumCRC32C *string `location:"header" locationName:"x-amz-checksum-crc32c" type:"string"` + + // This header can be used as a data integrity check to verify that the data + // received is the same data that was originally sent. This header specifies + // the base64-encoded, 160-bit SHA-1 digest of the object. For more information, + // see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) + // in the Amazon S3 User Guide. + ChecksumSHA1 *string `location:"header" locationName:"x-amz-checksum-sha1" type:"string"` + + // This header can be used as a data integrity check to verify that the data + // received is the same data that was originally sent. This header specifies + // the base64-encoded, 256-bit SHA-256 digest of the object. For more information, + // see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) + // in the Amazon S3 User Guide. + ChecksumSHA256 *string `location:"header" locationName:"x-amz-checksum-sha256" type:"string"` + // Size of the body in bytes. This parameter is useful when the size of the // body cannot be determined automatically. ContentLength *int64 `location:"header" locationName:"Content-Length" type:"long"` @@ -34384,11 +43348,13 @@ type UploadPartInput struct { // The base64-encoded 128-bit MD5 digest of the part data. This parameter is // auto-populated when using the command from the CLI. This parameter is required // if object lock parameters are specified. + // + // This functionality is not supported for directory buckets. ContentMD5 *string `location:"header" locationName:"Content-MD5" type:"string"` - // The account id of the expected bucket owner. If the bucket is owned by a - // different account, the request will fail with an HTTP 403 (Access Denied) - // error. + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` // Object key for which the multipart upload was initiated. @@ -34403,14 +43369,19 @@ type UploadPartInput struct { PartNumber *int64 `location:"querystring" locationName:"partNumber" type:"integer" required:"true"` // Confirms that the requester knows that they will be charged for the request. - // Bucket owners need not specify this parameter in their requests. For information - // about downloading objects from requester pays buckets, see Downloading Objects - // in Requestor Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) - // in the Amazon S3 Developer Guide. + // Bucket owners need not specify this parameter in their requests. If either + // the source or destination S3 bucket has Requester Pays enabled, the requester + // will pay for corresponding charges to copy the object. For information about + // downloading objects from Requester Pays buckets, see Downloading Objects + // in Requester Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) + // in the Amazon S3 User Guide. + // + // This functionality is not supported for directory buckets. RequestPayer *string `location:"header" locationName:"x-amz-request-payer" type:"string" enum:"RequestPayer"` - // Specifies the algorithm to use to when encrypting the object (for example, - // AES256). + // Specifies the algorithm to use when encrypting the object (for example, AES256). + // + // This functionality is not supported for directory buckets. SSECustomerAlgorithm *string `location:"header" locationName:"x-amz-server-side-encryption-customer-algorithm" type:"string"` // Specifies the customer-provided encryption key for Amazon S3 to use in encrypting @@ -34419,11 +43390,19 @@ type UploadPartInput struct { // with the algorithm specified in the x-amz-server-side-encryption-customer-algorithm // header. This must be the same encryption key specified in the initiate multipart // upload request. + // + // This functionality is not supported for directory buckets. + // + // SSECustomerKey is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by UploadPartInput's + // String and GoString methods. SSECustomerKey *string `marshal-as:"blob" location:"header" locationName:"x-amz-server-side-encryption-customer-key" type:"string" sensitive:"true"` // Specifies the 128-bit MD5 digest of the encryption key according to RFC 1321. // Amazon S3 uses this header for a message integrity check to ensure that the // encryption key was transmitted without error. + // + // This functionality is not supported for directory buckets. SSECustomerKeyMD5 *string `location:"header" locationName:"x-amz-server-side-encryption-customer-key-MD5" type:"string"` // Upload ID identifying the multipart upload whose part is being uploaded. @@ -34432,12 +43411,20 @@ type UploadPartInput struct { UploadId *string `location:"querystring" locationName:"uploadId" type:"string" required:"true"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s UploadPartInput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s UploadPartInput) GoString() string { return s.String() } @@ -34489,6 +43476,36 @@ func (s *UploadPartInput) getBucket() (v string) { return *s.Bucket } +// SetChecksumAlgorithm sets the ChecksumAlgorithm field's value. +func (s *UploadPartInput) SetChecksumAlgorithm(v string) *UploadPartInput { + s.ChecksumAlgorithm = &v + return s +} + +// SetChecksumCRC32 sets the ChecksumCRC32 field's value. +func (s *UploadPartInput) SetChecksumCRC32(v string) *UploadPartInput { + s.ChecksumCRC32 = &v + return s +} + +// SetChecksumCRC32C sets the ChecksumCRC32C field's value. +func (s *UploadPartInput) SetChecksumCRC32C(v string) *UploadPartInput { + s.ChecksumCRC32C = &v + return s +} + +// SetChecksumSHA1 sets the ChecksumSHA1 field's value. +func (s *UploadPartInput) SetChecksumSHA1(v string) *UploadPartInput { + s.ChecksumSHA1 = &v + return s +} + +// SetChecksumSHA256 sets the ChecksumSHA256 field's value. +func (s *UploadPartInput) SetChecksumSHA256(v string) *UploadPartInput { + s.ChecksumSHA256 = &v + return s +} + // SetContentLength sets the ContentLength field's value. func (s *UploadPartInput) SetContentLength(v int64) *UploadPartInput { s.ContentLength = &v @@ -34587,41 +43604,106 @@ type UploadPartOutput struct { _ struct{} `type:"structure"` // Indicates whether the multipart upload uses an S3 Bucket Key for server-side - // encryption with AWS KMS (SSE-KMS). + // encryption with Key Management Service (KMS) keys (SSE-KMS). + // + // This functionality is not supported for directory buckets. BucketKeyEnabled *bool `location:"header" locationName:"x-amz-server-side-encryption-bucket-key-enabled" type:"boolean"` + // The base64-encoded, 32-bit CRC32 checksum of the object. This will only be + // present if it was uploaded with the object. When you use an API operation + // on an object that was uploaded using multipart uploads, this value may not + // be a direct checksum value of the full object. Instead, it's a calculation + // based on the checksum values of each individual part. For more information + // about how checksums are calculated with multipart uploads, see Checking object + // integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) + // in the Amazon S3 User Guide. + ChecksumCRC32 *string `location:"header" locationName:"x-amz-checksum-crc32" type:"string"` + + // The base64-encoded, 32-bit CRC32C checksum of the object. This will only + // be present if it was uploaded with the object. When you use an API operation + // on an object that was uploaded using multipart uploads, this value may not + // be a direct checksum value of the full object. Instead, it's a calculation + // based on the checksum values of each individual part. For more information + // about how checksums are calculated with multipart uploads, see Checking object + // integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) + // in the Amazon S3 User Guide. + ChecksumCRC32C *string `location:"header" locationName:"x-amz-checksum-crc32c" type:"string"` + + // The base64-encoded, 160-bit SHA-1 digest of the object. This will only be + // present if it was uploaded with the object. When you use the API operation + // on an object that was uploaded using multipart uploads, this value may not + // be a direct checksum value of the full object. Instead, it's a calculation + // based on the checksum values of each individual part. For more information + // about how checksums are calculated with multipart uploads, see Checking object + // integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) + // in the Amazon S3 User Guide. + ChecksumSHA1 *string `location:"header" locationName:"x-amz-checksum-sha1" type:"string"` + + // The base64-encoded, 256-bit SHA-256 digest of the object. This will only + // be present if it was uploaded with the object. When you use an API operation + // on an object that was uploaded using multipart uploads, this value may not + // be a direct checksum value of the full object. Instead, it's a calculation + // based on the checksum values of each individual part. For more information + // about how checksums are calculated with multipart uploads, see Checking object + // integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html#large-object-checksums) + // in the Amazon S3 User Guide. + ChecksumSHA256 *string `location:"header" locationName:"x-amz-checksum-sha256" type:"string"` + // Entity tag for the uploaded object. ETag *string `location:"header" locationName:"ETag" type:"string"` // If present, indicates that the requester was successfully charged for the // request. + // + // This functionality is not supported for directory buckets. RequestCharged *string `location:"header" locationName:"x-amz-request-charged" type:"string" enum:"RequestCharged"` // If server-side encryption with a customer-provided encryption key was requested, - // the response will include this header confirming the encryption algorithm - // used. + // the response will include this header to confirm the encryption algorithm + // that's used. + // + // This functionality is not supported for directory buckets. SSECustomerAlgorithm *string `location:"header" locationName:"x-amz-server-side-encryption-customer-algorithm" type:"string"` // If server-side encryption with a customer-provided encryption key was requested, - // the response will include this header to provide round-trip message integrity + // the response will include this header to provide the round-trip message integrity // verification of the customer-provided encryption key. + // + // This functionality is not supported for directory buckets. SSECustomerKeyMD5 *string `location:"header" locationName:"x-amz-server-side-encryption-customer-key-MD5" type:"string"` - // If present, specifies the ID of the AWS Key Management Service (AWS KMS) - // symmetric customer managed customer master key (CMK) was used for the object. + // If present, indicates the ID of the Key Management Service (KMS) symmetric + // encryption customer managed key that was used for the object. + // + // This functionality is not supported for directory buckets. + // + // SSEKMSKeyId is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by UploadPartOutput's + // String and GoString methods. SSEKMSKeyId *string `location:"header" locationName:"x-amz-server-side-encryption-aws-kms-key-id" type:"string" sensitive:"true"` - // The server-side encryption algorithm used when storing this object in Amazon + // The server-side encryption algorithm used when you store this object in Amazon // S3 (for example, AES256, aws:kms). + // + // For directory buckets, only server-side encryption with Amazon S3 managed + // keys (SSE-S3) (AES256) is supported. ServerSideEncryption *string `location:"header" locationName:"x-amz-server-side-encryption" type:"string" enum:"ServerSideEncryption"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s UploadPartOutput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s UploadPartOutput) GoString() string { return s.String() } @@ -34632,6 +43714,30 @@ func (s *UploadPartOutput) SetBucketKeyEnabled(v bool) *UploadPartOutput { return s } +// SetChecksumCRC32 sets the ChecksumCRC32 field's value. +func (s *UploadPartOutput) SetChecksumCRC32(v string) *UploadPartOutput { + s.ChecksumCRC32 = &v + return s +} + +// SetChecksumCRC32C sets the ChecksumCRC32C field's value. +func (s *UploadPartOutput) SetChecksumCRC32C(v string) *UploadPartOutput { + s.ChecksumCRC32C = &v + return s +} + +// SetChecksumSHA1 sets the ChecksumSHA1 field's value. +func (s *UploadPartOutput) SetChecksumSHA1(v string) *UploadPartOutput { + s.ChecksumSHA1 = &v + return s +} + +// SetChecksumSHA256 sets the ChecksumSHA256 field's value. +func (s *UploadPartOutput) SetChecksumSHA256(v string) *UploadPartOutput { + s.ChecksumSHA256 = &v + return s +} + // SetETag sets the ETag field's value. func (s *UploadPartOutput) SetETag(v string) *UploadPartOutput { s.ETag = &v @@ -34670,7 +43776,7 @@ func (s *UploadPartOutput) SetServerSideEncryption(v string) *UploadPartOutput { // Describes the versioning state of an Amazon S3 bucket. For more information, // see PUT Bucket versioning (https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTVersioningStatus.html) -// in the Amazon Simple Storage Service API Reference. +// in the Amazon S3 API Reference. type VersioningConfiguration struct { _ struct{} `type:"structure"` @@ -34683,12 +43789,20 @@ type VersioningConfiguration struct { Status *string `type:"string" enum:"BucketVersioningStatus"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s VersioningConfiguration) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s VersioningConfiguration) GoString() string { return s.String() } @@ -34724,12 +43838,20 @@ type WebsiteConfiguration struct { RoutingRules []*RoutingRule `locationNameList:"RoutingRule" type:"list"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s WebsiteConfiguration) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s WebsiteConfiguration) GoString() string { return s.String() } @@ -34793,6 +43915,552 @@ func (s *WebsiteConfiguration) SetRoutingRules(v []*RoutingRule) *WebsiteConfigu return s } +type WriteGetObjectResponseInput struct { + _ struct{} `locationName:"WriteGetObjectResponseRequest" type:"structure" payload:"Body"` + + // Indicates that a range of bytes was specified. + AcceptRanges *string `location:"header" locationName:"x-amz-fwd-header-accept-ranges" type:"string"` + + // The object data. + // + // To use an non-seekable io.Reader for this request wrap the io.Reader with + // "aws.ReadSeekCloser". The SDK will not retry request errors for non-seekable + // readers. This will allow the SDK to send the reader's payload as chunked + // transfer encoding. + Body io.ReadSeeker `type:"blob"` + + // Indicates whether the object stored in Amazon S3 uses an S3 bucket key for + // server-side encryption with Amazon Web Services KMS (SSE-KMS). + BucketKeyEnabled *bool `location:"header" locationName:"x-amz-fwd-header-x-amz-server-side-encryption-bucket-key-enabled" type:"boolean"` + + // Specifies caching behavior along the request/reply chain. + CacheControl *string `location:"header" locationName:"x-amz-fwd-header-Cache-Control" type:"string"` + + // This header can be used as a data integrity check to verify that the data + // received is the same data that was originally sent. This specifies the base64-encoded, + // 32-bit CRC32 checksum of the object returned by the Object Lambda function. + // This may not match the checksum for the object stored in Amazon S3. Amazon + // S3 will perform validation of the checksum values only when the original + // GetObject request required checksum validation. For more information about + // checksums, see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) + // in the Amazon S3 User Guide. + // + // Only one checksum header can be specified at a time. If you supply multiple + // checksum headers, this request will fail. + ChecksumCRC32 *string `location:"header" locationName:"x-amz-fwd-header-x-amz-checksum-crc32" type:"string"` + + // This header can be used as a data integrity check to verify that the data + // received is the same data that was originally sent. This specifies the base64-encoded, + // 32-bit CRC32C checksum of the object returned by the Object Lambda function. + // This may not match the checksum for the object stored in Amazon S3. Amazon + // S3 will perform validation of the checksum values only when the original + // GetObject request required checksum validation. For more information about + // checksums, see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) + // in the Amazon S3 User Guide. + // + // Only one checksum header can be specified at a time. If you supply multiple + // checksum headers, this request will fail. + ChecksumCRC32C *string `location:"header" locationName:"x-amz-fwd-header-x-amz-checksum-crc32c" type:"string"` + + // This header can be used as a data integrity check to verify that the data + // received is the same data that was originally sent. This specifies the base64-encoded, + // 160-bit SHA-1 digest of the object returned by the Object Lambda function. + // This may not match the checksum for the object stored in Amazon S3. Amazon + // S3 will perform validation of the checksum values only when the original + // GetObject request required checksum validation. For more information about + // checksums, see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) + // in the Amazon S3 User Guide. + // + // Only one checksum header can be specified at a time. If you supply multiple + // checksum headers, this request will fail. + ChecksumSHA1 *string `location:"header" locationName:"x-amz-fwd-header-x-amz-checksum-sha1" type:"string"` + + // This header can be used as a data integrity check to verify that the data + // received is the same data that was originally sent. This specifies the base64-encoded, + // 256-bit SHA-256 digest of the object returned by the Object Lambda function. + // This may not match the checksum for the object stored in Amazon S3. Amazon + // S3 will perform validation of the checksum values only when the original + // GetObject request required checksum validation. For more information about + // checksums, see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) + // in the Amazon S3 User Guide. + // + // Only one checksum header can be specified at a time. If you supply multiple + // checksum headers, this request will fail. + ChecksumSHA256 *string `location:"header" locationName:"x-amz-fwd-header-x-amz-checksum-sha256" type:"string"` + + // Specifies presentational information for the object. + ContentDisposition *string `location:"header" locationName:"x-amz-fwd-header-Content-Disposition" type:"string"` + + // Specifies what content encodings have been applied to the object and thus + // what decoding mechanisms must be applied to obtain the media-type referenced + // by the Content-Type header field. + ContentEncoding *string `location:"header" locationName:"x-amz-fwd-header-Content-Encoding" type:"string"` + + // The language the content is in. + ContentLanguage *string `location:"header" locationName:"x-amz-fwd-header-Content-Language" type:"string"` + + // The size of the content body in bytes. + ContentLength *int64 `location:"header" locationName:"Content-Length" type:"long"` + + // The portion of the object returned in the response. + ContentRange *string `location:"header" locationName:"x-amz-fwd-header-Content-Range" type:"string"` + + // A standard MIME type describing the format of the object data. + ContentType *string `location:"header" locationName:"x-amz-fwd-header-Content-Type" type:"string"` + + // Specifies whether an object stored in Amazon S3 is (true) or is not (false) + // a delete marker. + DeleteMarker *bool `location:"header" locationName:"x-amz-fwd-header-x-amz-delete-marker" type:"boolean"` + + // An opaque identifier assigned by a web server to a specific version of a + // resource found at a URL. + ETag *string `location:"header" locationName:"x-amz-fwd-header-ETag" type:"string"` + + // A string that uniquely identifies an error condition. Returned in the + // tag of the error XML response for a corresponding GetObject call. Cannot + // be used with a successful StatusCode header or when the transformed object + // is provided in the body. All error codes from S3 are sentence-cased. The + // regular expression (regex) value is "^[A-Z][a-zA-Z]+$". + ErrorCode *string `location:"header" locationName:"x-amz-fwd-error-code" type:"string"` + + // Contains a generic description of the error condition. Returned in the + // tag of the error XML response for a corresponding GetObject call. Cannot + // be used with a successful StatusCode header or when the transformed object + // is provided in body. + ErrorMessage *string `location:"header" locationName:"x-amz-fwd-error-message" type:"string"` + + // If the object expiration is configured (see PUT Bucket lifecycle), the response + // includes this header. It includes the expiry-date and rule-id key-value pairs + // that provide the object expiration information. The value of the rule-id + // is URL-encoded. + Expiration *string `location:"header" locationName:"x-amz-fwd-header-x-amz-expiration" type:"string"` + + // The date and time at which the object is no longer cacheable. + Expires *time.Time `location:"header" locationName:"x-amz-fwd-header-Expires" type:"timestamp"` + + // The date and time that the object was last modified. + LastModified *time.Time `location:"header" locationName:"x-amz-fwd-header-Last-Modified" type:"timestamp"` + + // A map of metadata to store with the object in S3. + Metadata map[string]*string `location:"headers" locationName:"x-amz-meta-" type:"map"` + + // Set to the number of metadata entries not returned in x-amz-meta headers. + // This can happen if you create metadata using an API like SOAP that supports + // more flexible metadata than the REST API. For example, using SOAP, you can + // create metadata whose values are not legal HTTP headers. + MissingMeta *int64 `location:"header" locationName:"x-amz-fwd-header-x-amz-missing-meta" type:"integer"` + + // Indicates whether an object stored in Amazon S3 has an active legal hold. + ObjectLockLegalHoldStatus *string `location:"header" locationName:"x-amz-fwd-header-x-amz-object-lock-legal-hold" type:"string" enum:"ObjectLockLegalHoldStatus"` + + // Indicates whether an object stored in Amazon S3 has Object Lock enabled. + // For more information about S3 Object Lock, see Object Lock (https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-lock.html). + ObjectLockMode *string `location:"header" locationName:"x-amz-fwd-header-x-amz-object-lock-mode" type:"string" enum:"ObjectLockMode"` + + // The date and time when Object Lock is configured to expire. + ObjectLockRetainUntilDate *time.Time `location:"header" locationName:"x-amz-fwd-header-x-amz-object-lock-retain-until-date" type:"timestamp" timestampFormat:"iso8601"` + + // The count of parts this object has. + PartsCount *int64 `location:"header" locationName:"x-amz-fwd-header-x-amz-mp-parts-count" type:"integer"` + + // Indicates if request involves bucket that is either a source or destination + // in a Replication rule. For more information about S3 Replication, see Replication + // (https://docs.aws.amazon.com/AmazonS3/latest/userguide/replication.html). + ReplicationStatus *string `location:"header" locationName:"x-amz-fwd-header-x-amz-replication-status" type:"string" enum:"ReplicationStatus"` + + // If present, indicates that the requester was successfully charged for the + // request. + // + // This functionality is not supported for directory buckets. + RequestCharged *string `location:"header" locationName:"x-amz-fwd-header-x-amz-request-charged" type:"string" enum:"RequestCharged"` + + // Route prefix to the HTTP URL generated. + // + // RequestRoute is a required field + RequestRoute *string `location:"header" locationName:"x-amz-request-route" type:"string" required:"true"` + + // A single use encrypted token that maps WriteGetObjectResponse to the end + // user GetObject request. + // + // RequestToken is a required field + RequestToken *string `location:"header" locationName:"x-amz-request-token" type:"string" required:"true"` + + // Provides information about object restoration operation and expiration time + // of the restored object copy. + Restore *string `location:"header" locationName:"x-amz-fwd-header-x-amz-restore" type:"string"` + + // Encryption algorithm used if server-side encryption with a customer-provided + // encryption key was specified for object stored in Amazon S3. + SSECustomerAlgorithm *string `location:"header" locationName:"x-amz-fwd-header-x-amz-server-side-encryption-customer-algorithm" type:"string"` + + // 128-bit MD5 digest of customer-provided encryption key used in Amazon S3 + // to encrypt data stored in S3. For more information, see Protecting data using + // server-side encryption with customer-provided encryption keys (SSE-C) (https://docs.aws.amazon.com/AmazonS3/latest/userguide/ServerSideEncryptionCustomerKeys.html). + SSECustomerKeyMD5 *string `location:"header" locationName:"x-amz-fwd-header-x-amz-server-side-encryption-customer-key-MD5" type:"string"` + + // If present, specifies the ID (Key ID, Key ARN, or Key Alias) of the Amazon + // Web Services Key Management Service (Amazon Web Services KMS) symmetric encryption + // customer managed key that was used for stored in Amazon S3 object. + // + // SSEKMSKeyId is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by WriteGetObjectResponseInput's + // String and GoString methods. + SSEKMSKeyId *string `location:"header" locationName:"x-amz-fwd-header-x-amz-server-side-encryption-aws-kms-key-id" type:"string" sensitive:"true"` + + // The server-side encryption algorithm used when storing requested object in + // Amazon S3 (for example, AES256, aws:kms). + ServerSideEncryption *string `location:"header" locationName:"x-amz-fwd-header-x-amz-server-side-encryption" type:"string" enum:"ServerSideEncryption"` + + // The integer status code for an HTTP response of a corresponding GetObject + // request. The following is a list of status codes. + // + // * 200 - OK + // + // * 206 - Partial Content + // + // * 304 - Not Modified + // + // * 400 - Bad Request + // + // * 401 - Unauthorized + // + // * 403 - Forbidden + // + // * 404 - Not Found + // + // * 405 - Method Not Allowed + // + // * 409 - Conflict + // + // * 411 - Length Required + // + // * 412 - Precondition Failed + // + // * 416 - Range Not Satisfiable + // + // * 500 - Internal Server Error + // + // * 503 - Service Unavailable + StatusCode *int64 `location:"header" locationName:"x-amz-fwd-status" type:"integer"` + + // Provides storage class information of the object. Amazon S3 returns this + // header for all objects except for S3 Standard storage class objects. + // + // For more information, see Storage Classes (https://docs.aws.amazon.com/AmazonS3/latest/dev/storage-class-intro.html). + StorageClass *string `location:"header" locationName:"x-amz-fwd-header-x-amz-storage-class" type:"string" enum:"StorageClass"` + + // The number of tags, if any, on the object. + TagCount *int64 `location:"header" locationName:"x-amz-fwd-header-x-amz-tagging-count" type:"integer"` + + // An ID used to reference a specific version of the object. + VersionId *string `location:"header" locationName:"x-amz-fwd-header-x-amz-version-id" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s WriteGetObjectResponseInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s WriteGetObjectResponseInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *WriteGetObjectResponseInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "WriteGetObjectResponseInput"} + if s.RequestRoute == nil { + invalidParams.Add(request.NewErrParamRequired("RequestRoute")) + } + if s.RequestRoute != nil && len(*s.RequestRoute) < 1 { + invalidParams.Add(request.NewErrParamMinLen("RequestRoute", 1)) + } + if s.RequestToken == nil { + invalidParams.Add(request.NewErrParamRequired("RequestToken")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetAcceptRanges sets the AcceptRanges field's value. +func (s *WriteGetObjectResponseInput) SetAcceptRanges(v string) *WriteGetObjectResponseInput { + s.AcceptRanges = &v + return s +} + +// SetBody sets the Body field's value. +func (s *WriteGetObjectResponseInput) SetBody(v io.ReadSeeker) *WriteGetObjectResponseInput { + s.Body = v + return s +} + +// SetBucketKeyEnabled sets the BucketKeyEnabled field's value. +func (s *WriteGetObjectResponseInput) SetBucketKeyEnabled(v bool) *WriteGetObjectResponseInput { + s.BucketKeyEnabled = &v + return s +} + +// SetCacheControl sets the CacheControl field's value. +func (s *WriteGetObjectResponseInput) SetCacheControl(v string) *WriteGetObjectResponseInput { + s.CacheControl = &v + return s +} + +// SetChecksumCRC32 sets the ChecksumCRC32 field's value. +func (s *WriteGetObjectResponseInput) SetChecksumCRC32(v string) *WriteGetObjectResponseInput { + s.ChecksumCRC32 = &v + return s +} + +// SetChecksumCRC32C sets the ChecksumCRC32C field's value. +func (s *WriteGetObjectResponseInput) SetChecksumCRC32C(v string) *WriteGetObjectResponseInput { + s.ChecksumCRC32C = &v + return s +} + +// SetChecksumSHA1 sets the ChecksumSHA1 field's value. +func (s *WriteGetObjectResponseInput) SetChecksumSHA1(v string) *WriteGetObjectResponseInput { + s.ChecksumSHA1 = &v + return s +} + +// SetChecksumSHA256 sets the ChecksumSHA256 field's value. +func (s *WriteGetObjectResponseInput) SetChecksumSHA256(v string) *WriteGetObjectResponseInput { + s.ChecksumSHA256 = &v + return s +} + +// SetContentDisposition sets the ContentDisposition field's value. +func (s *WriteGetObjectResponseInput) SetContentDisposition(v string) *WriteGetObjectResponseInput { + s.ContentDisposition = &v + return s +} + +// SetContentEncoding sets the ContentEncoding field's value. +func (s *WriteGetObjectResponseInput) SetContentEncoding(v string) *WriteGetObjectResponseInput { + s.ContentEncoding = &v + return s +} + +// SetContentLanguage sets the ContentLanguage field's value. +func (s *WriteGetObjectResponseInput) SetContentLanguage(v string) *WriteGetObjectResponseInput { + s.ContentLanguage = &v + return s +} + +// SetContentLength sets the ContentLength field's value. +func (s *WriteGetObjectResponseInput) SetContentLength(v int64) *WriteGetObjectResponseInput { + s.ContentLength = &v + return s +} + +// SetContentRange sets the ContentRange field's value. +func (s *WriteGetObjectResponseInput) SetContentRange(v string) *WriteGetObjectResponseInput { + s.ContentRange = &v + return s +} + +// SetContentType sets the ContentType field's value. +func (s *WriteGetObjectResponseInput) SetContentType(v string) *WriteGetObjectResponseInput { + s.ContentType = &v + return s +} + +// SetDeleteMarker sets the DeleteMarker field's value. +func (s *WriteGetObjectResponseInput) SetDeleteMarker(v bool) *WriteGetObjectResponseInput { + s.DeleteMarker = &v + return s +} + +// SetETag sets the ETag field's value. +func (s *WriteGetObjectResponseInput) SetETag(v string) *WriteGetObjectResponseInput { + s.ETag = &v + return s +} + +// SetErrorCode sets the ErrorCode field's value. +func (s *WriteGetObjectResponseInput) SetErrorCode(v string) *WriteGetObjectResponseInput { + s.ErrorCode = &v + return s +} + +// SetErrorMessage sets the ErrorMessage field's value. +func (s *WriteGetObjectResponseInput) SetErrorMessage(v string) *WriteGetObjectResponseInput { + s.ErrorMessage = &v + return s +} + +// SetExpiration sets the Expiration field's value. +func (s *WriteGetObjectResponseInput) SetExpiration(v string) *WriteGetObjectResponseInput { + s.Expiration = &v + return s +} + +// SetExpires sets the Expires field's value. +func (s *WriteGetObjectResponseInput) SetExpires(v time.Time) *WriteGetObjectResponseInput { + s.Expires = &v + return s +} + +// SetLastModified sets the LastModified field's value. +func (s *WriteGetObjectResponseInput) SetLastModified(v time.Time) *WriteGetObjectResponseInput { + s.LastModified = &v + return s +} + +// SetMetadata sets the Metadata field's value. +func (s *WriteGetObjectResponseInput) SetMetadata(v map[string]*string) *WriteGetObjectResponseInput { + s.Metadata = v + return s +} + +// SetMissingMeta sets the MissingMeta field's value. +func (s *WriteGetObjectResponseInput) SetMissingMeta(v int64) *WriteGetObjectResponseInput { + s.MissingMeta = &v + return s +} + +// SetObjectLockLegalHoldStatus sets the ObjectLockLegalHoldStatus field's value. +func (s *WriteGetObjectResponseInput) SetObjectLockLegalHoldStatus(v string) *WriteGetObjectResponseInput { + s.ObjectLockLegalHoldStatus = &v + return s +} + +// SetObjectLockMode sets the ObjectLockMode field's value. +func (s *WriteGetObjectResponseInput) SetObjectLockMode(v string) *WriteGetObjectResponseInput { + s.ObjectLockMode = &v + return s +} + +// SetObjectLockRetainUntilDate sets the ObjectLockRetainUntilDate field's value. +func (s *WriteGetObjectResponseInput) SetObjectLockRetainUntilDate(v time.Time) *WriteGetObjectResponseInput { + s.ObjectLockRetainUntilDate = &v + return s +} + +// SetPartsCount sets the PartsCount field's value. +func (s *WriteGetObjectResponseInput) SetPartsCount(v int64) *WriteGetObjectResponseInput { + s.PartsCount = &v + return s +} + +// SetReplicationStatus sets the ReplicationStatus field's value. +func (s *WriteGetObjectResponseInput) SetReplicationStatus(v string) *WriteGetObjectResponseInput { + s.ReplicationStatus = &v + return s +} + +// SetRequestCharged sets the RequestCharged field's value. +func (s *WriteGetObjectResponseInput) SetRequestCharged(v string) *WriteGetObjectResponseInput { + s.RequestCharged = &v + return s +} + +// SetRequestRoute sets the RequestRoute field's value. +func (s *WriteGetObjectResponseInput) SetRequestRoute(v string) *WriteGetObjectResponseInput { + s.RequestRoute = &v + return s +} + +// SetRequestToken sets the RequestToken field's value. +func (s *WriteGetObjectResponseInput) SetRequestToken(v string) *WriteGetObjectResponseInput { + s.RequestToken = &v + return s +} + +// SetRestore sets the Restore field's value. +func (s *WriteGetObjectResponseInput) SetRestore(v string) *WriteGetObjectResponseInput { + s.Restore = &v + return s +} + +// SetSSECustomerAlgorithm sets the SSECustomerAlgorithm field's value. +func (s *WriteGetObjectResponseInput) SetSSECustomerAlgorithm(v string) *WriteGetObjectResponseInput { + s.SSECustomerAlgorithm = &v + return s +} + +// SetSSECustomerKeyMD5 sets the SSECustomerKeyMD5 field's value. +func (s *WriteGetObjectResponseInput) SetSSECustomerKeyMD5(v string) *WriteGetObjectResponseInput { + s.SSECustomerKeyMD5 = &v + return s +} + +// SetSSEKMSKeyId sets the SSEKMSKeyId field's value. +func (s *WriteGetObjectResponseInput) SetSSEKMSKeyId(v string) *WriteGetObjectResponseInput { + s.SSEKMSKeyId = &v + return s +} + +// SetServerSideEncryption sets the ServerSideEncryption field's value. +func (s *WriteGetObjectResponseInput) SetServerSideEncryption(v string) *WriteGetObjectResponseInput { + s.ServerSideEncryption = &v + return s +} + +// SetStatusCode sets the StatusCode field's value. +func (s *WriteGetObjectResponseInput) SetStatusCode(v int64) *WriteGetObjectResponseInput { + s.StatusCode = &v + return s +} + +// SetStorageClass sets the StorageClass field's value. +func (s *WriteGetObjectResponseInput) SetStorageClass(v string) *WriteGetObjectResponseInput { + s.StorageClass = &v + return s +} + +// SetTagCount sets the TagCount field's value. +func (s *WriteGetObjectResponseInput) SetTagCount(v int64) *WriteGetObjectResponseInput { + s.TagCount = &v + return s +} + +// SetVersionId sets the VersionId field's value. +func (s *WriteGetObjectResponseInput) SetVersionId(v string) *WriteGetObjectResponseInput { + s.VersionId = &v + return s +} + +func (s *WriteGetObjectResponseInput) hostLabels() map[string]string { + return map[string]string{ + "RequestRoute": aws.StringValue(s.RequestRoute), + } +} + +type WriteGetObjectResponseOutput struct { + _ struct{} `type:"structure"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s WriteGetObjectResponseOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s WriteGetObjectResponseOutput) GoString() string { + return s.String() +} + const ( // AnalyticsS3ExportFileFormatCsv is a AnalyticsS3ExportFileFormat enum value AnalyticsS3ExportFileFormatCsv = "CSV" @@ -34880,12 +44548,18 @@ const ( // BucketLocationConstraintApSouth1 is a BucketLocationConstraint enum value BucketLocationConstraintApSouth1 = "ap-south-1" + // BucketLocationConstraintApSouth2 is a BucketLocationConstraint enum value + BucketLocationConstraintApSouth2 = "ap-south-2" + // BucketLocationConstraintApSoutheast1 is a BucketLocationConstraint enum value BucketLocationConstraintApSoutheast1 = "ap-southeast-1" // BucketLocationConstraintApSoutheast2 is a BucketLocationConstraint enum value BucketLocationConstraintApSoutheast2 = "ap-southeast-2" + // BucketLocationConstraintApSoutheast3 is a BucketLocationConstraint enum value + BucketLocationConstraintApSoutheast3 = "ap-southeast-3" + // BucketLocationConstraintCaCentral1 is a BucketLocationConstraint enum value BucketLocationConstraintCaCentral1 = "ca-central-1" @@ -34907,6 +44581,9 @@ const ( // BucketLocationConstraintEuSouth1 is a BucketLocationConstraint enum value BucketLocationConstraintEuSouth1 = "eu-south-1" + // BucketLocationConstraintEuSouth2 is a BucketLocationConstraint enum value + BucketLocationConstraintEuSouth2 = "eu-south-2" + // BucketLocationConstraintEuWest1 is a BucketLocationConstraint enum value BucketLocationConstraintEuWest1 = "eu-west-1" @@ -34947,8 +44624,10 @@ func BucketLocationConstraint_Values() []string { BucketLocationConstraintApNortheast2, BucketLocationConstraintApNortheast3, BucketLocationConstraintApSouth1, + BucketLocationConstraintApSouth2, BucketLocationConstraintApSoutheast1, BucketLocationConstraintApSoutheast2, + BucketLocationConstraintApSoutheast3, BucketLocationConstraintCaCentral1, BucketLocationConstraintCnNorth1, BucketLocationConstraintCnNorthwest1, @@ -34956,6 +44635,7 @@ func BucketLocationConstraint_Values() []string { BucketLocationConstraintEuCentral1, BucketLocationConstraintEuNorth1, BucketLocationConstraintEuSouth1, + BucketLocationConstraintEuSouth2, BucketLocationConstraintEuWest1, BucketLocationConstraintEuWest2, BucketLocationConstraintEuWest3, @@ -34989,6 +44669,18 @@ func BucketLogsPermission_Values() []string { } } +const ( + // BucketTypeDirectory is a BucketType enum value + BucketTypeDirectory = "Directory" +) + +// BucketType_Values returns all elements of the BucketType enum +func BucketType_Values() []string { + return []string{ + BucketTypeDirectory, + } +} + const ( // BucketVersioningStatusEnabled is a BucketVersioningStatus enum value BucketVersioningStatusEnabled = "Enabled" @@ -35005,6 +44697,42 @@ func BucketVersioningStatus_Values() []string { } } +const ( + // ChecksumAlgorithmCrc32 is a ChecksumAlgorithm enum value + ChecksumAlgorithmCrc32 = "CRC32" + + // ChecksumAlgorithmCrc32c is a ChecksumAlgorithm enum value + ChecksumAlgorithmCrc32c = "CRC32C" + + // ChecksumAlgorithmSha1 is a ChecksumAlgorithm enum value + ChecksumAlgorithmSha1 = "SHA1" + + // ChecksumAlgorithmSha256 is a ChecksumAlgorithm enum value + ChecksumAlgorithmSha256 = "SHA256" +) + +// ChecksumAlgorithm_Values returns all elements of the ChecksumAlgorithm enum +func ChecksumAlgorithm_Values() []string { + return []string{ + ChecksumAlgorithmCrc32, + ChecksumAlgorithmCrc32c, + ChecksumAlgorithmSha1, + ChecksumAlgorithmSha256, + } +} + +const ( + // ChecksumModeEnabled is a ChecksumMode enum value + ChecksumModeEnabled = "ENABLED" +) + +// ChecksumMode_Values returns all elements of the ChecksumMode enum +func ChecksumMode_Values() []string { + return []string{ + ChecksumModeEnabled, + } +} + const ( // CompressionTypeNone is a CompressionType enum value CompressionTypeNone = "NONE" @@ -35025,6 +44753,18 @@ func CompressionType_Values() []string { } } +const ( + // DataRedundancySingleAvailabilityZone is a DataRedundancy enum value + DataRedundancySingleAvailabilityZone = "SingleAvailabilityZone" +) + +// DataRedundancy_Values returns all elements of the DataRedundancy enum +func DataRedundancy_Values() []string { + return []string{ + DataRedundancySingleAvailabilityZone, + } +} + const ( // DeleteMarkerReplicationStatusEnabled is a DeleteMarkerReplicationStatus enum value DeleteMarkerReplicationStatusEnabled = "Enabled" @@ -35042,8 +44782,8 @@ func DeleteMarkerReplicationStatus_Values() []string { } // Requests Amazon S3 to encode the object keys in the response and specifies -// the encoding method to use. An object key may contain any Unicode character; -// however, XML 1.0 parser cannot parse some characters, such as characters +// the encoding method to use. An object key can contain any Unicode character; +// however, the XML 1.0 parser cannot parse some characters, such as characters // with an ASCII value from 0 to 10. For characters that are not supported in // XML 1.0, you can add this parameter to request that Amazon S3 encode the // keys in the response. @@ -35111,6 +44851,36 @@ const ( // EventS3ReplicationOperationReplicatedAfterThreshold is a Event enum value EventS3ReplicationOperationReplicatedAfterThreshold = "s3:Replication:OperationReplicatedAfterThreshold" + + // EventS3ObjectRestoreDelete is a Event enum value + EventS3ObjectRestoreDelete = "s3:ObjectRestore:Delete" + + // EventS3LifecycleTransition is a Event enum value + EventS3LifecycleTransition = "s3:LifecycleTransition" + + // EventS3IntelligentTiering is a Event enum value + EventS3IntelligentTiering = "s3:IntelligentTiering" + + // EventS3ObjectAclPut is a Event enum value + EventS3ObjectAclPut = "s3:ObjectAcl:Put" + + // EventS3LifecycleExpiration is a Event enum value + EventS3LifecycleExpiration = "s3:LifecycleExpiration:*" + + // EventS3LifecycleExpirationDelete is a Event enum value + EventS3LifecycleExpirationDelete = "s3:LifecycleExpiration:Delete" + + // EventS3LifecycleExpirationDeleteMarkerCreated is a Event enum value + EventS3LifecycleExpirationDeleteMarkerCreated = "s3:LifecycleExpiration:DeleteMarkerCreated" + + // EventS3ObjectTagging is a Event enum value + EventS3ObjectTagging = "s3:ObjectTagging:*" + + // EventS3ObjectTaggingPut is a Event enum value + EventS3ObjectTaggingPut = "s3:ObjectTagging:Put" + + // EventS3ObjectTaggingDelete is a Event enum value + EventS3ObjectTaggingDelete = "s3:ObjectTagging:Delete" ) // Event_Values returns all elements of the Event enum @@ -35133,6 +44903,16 @@ func Event_Values() []string { EventS3ReplicationOperationNotTracked, EventS3ReplicationOperationMissedThreshold, EventS3ReplicationOperationReplicatedAfterThreshold, + EventS3ObjectRestoreDelete, + EventS3LifecycleTransition, + EventS3IntelligentTiering, + EventS3ObjectAclPut, + EventS3LifecycleExpiration, + EventS3LifecycleExpirationDelete, + EventS3LifecycleExpirationDeleteMarkerCreated, + EventS3ObjectTagging, + EventS3ObjectTaggingPut, + EventS3ObjectTaggingDelete, } } @@ -35333,6 +45113,18 @@ const ( // InventoryOptionalFieldIntelligentTieringAccessTier is a InventoryOptionalField enum value InventoryOptionalFieldIntelligentTieringAccessTier = "IntelligentTieringAccessTier" + + // InventoryOptionalFieldBucketKeyStatus is a InventoryOptionalField enum value + InventoryOptionalFieldBucketKeyStatus = "BucketKeyStatus" + + // InventoryOptionalFieldChecksumAlgorithm is a InventoryOptionalField enum value + InventoryOptionalFieldChecksumAlgorithm = "ChecksumAlgorithm" + + // InventoryOptionalFieldObjectAccessControlList is a InventoryOptionalField enum value + InventoryOptionalFieldObjectAccessControlList = "ObjectAccessControlList" + + // InventoryOptionalFieldObjectOwner is a InventoryOptionalField enum value + InventoryOptionalFieldObjectOwner = "ObjectOwner" ) // InventoryOptionalField_Values returns all elements of the InventoryOptionalField enum @@ -35349,6 +45141,10 @@ func InventoryOptionalField_Values() []string { InventoryOptionalFieldObjectLockMode, InventoryOptionalFieldObjectLockLegalHoldStatus, InventoryOptionalFieldIntelligentTieringAccessTier, + InventoryOptionalFieldBucketKeyStatus, + InventoryOptionalFieldChecksumAlgorithm, + InventoryOptionalFieldObjectAccessControlList, + InventoryOptionalFieldObjectOwner, } } @@ -35368,6 +45164,18 @@ func JSONType_Values() []string { } } +const ( + // LocationTypeAvailabilityZone is a LocationType enum value + LocationTypeAvailabilityZone = "AvailabilityZone" +) + +// LocationType_Values returns all elements of the LocationType enum +func LocationType_Values() []string { + return []string{ + LocationTypeAvailabilityZone, + } +} + const ( // MFADeleteEnabled is a MFADelete enum value MFADeleteEnabled = "Enabled" @@ -35432,6 +45240,34 @@ func MetricsStatus_Values() []string { } } +const ( + // ObjectAttributesEtag is a ObjectAttributes enum value + ObjectAttributesEtag = "ETag" + + // ObjectAttributesChecksum is a ObjectAttributes enum value + ObjectAttributesChecksum = "Checksum" + + // ObjectAttributesObjectParts is a ObjectAttributes enum value + ObjectAttributesObjectParts = "ObjectParts" + + // ObjectAttributesStorageClass is a ObjectAttributes enum value + ObjectAttributesStorageClass = "StorageClass" + + // ObjectAttributesObjectSize is a ObjectAttributes enum value + ObjectAttributesObjectSize = "ObjectSize" +) + +// ObjectAttributes_Values returns all elements of the ObjectAttributes enum +func ObjectAttributes_Values() []string { + return []string{ + ObjectAttributesEtag, + ObjectAttributesChecksum, + ObjectAttributesObjectParts, + ObjectAttributesStorageClass, + ObjectAttributesObjectSize, + } +} + const ( // ObjectCannedACLPrivate is a ObjectCannedACL enum value ObjectCannedACLPrivate = "private" @@ -35536,12 +45372,32 @@ func ObjectLockRetentionMode_Values() []string { // // ObjectWriter - The uploading account will own the object if the object is // uploaded with the bucket-owner-full-control canned ACL. +// +// BucketOwnerEnforced - Access control lists (ACLs) are disabled and no longer +// affect permissions. The bucket owner automatically owns and has full control +// over every object in the bucket. The bucket only accepts PUT requests that +// don't specify an ACL or specify bucket owner full control ACLs (such as the +// predefined bucket-owner-full-control canned ACL or a custom ACL in XML format +// that grants the same permissions). +// +// By default, ObjectOwnership is set to BucketOwnerEnforced and ACLs are disabled. +// We recommend keeping ACLs disabled, except in uncommon use cases where you +// must control access for each object individually. For more information about +// S3 Object Ownership, see Controlling ownership of objects and disabling ACLs +// for your bucket (https://docs.aws.amazon.com/AmazonS3/latest/userguide/about-object-ownership.html) +// in the Amazon S3 User Guide. +// +// This functionality is not supported for directory buckets. Directory buckets +// use the bucket owner enforced setting for S3 Object Ownership. const ( // ObjectOwnershipBucketOwnerPreferred is a ObjectOwnership enum value ObjectOwnershipBucketOwnerPreferred = "BucketOwnerPreferred" // ObjectOwnershipObjectWriter is a ObjectOwnership enum value ObjectOwnershipObjectWriter = "ObjectWriter" + + // ObjectOwnershipBucketOwnerEnforced is a ObjectOwnership enum value + ObjectOwnershipBucketOwnerEnforced = "BucketOwnerEnforced" ) // ObjectOwnership_Values returns all elements of the ObjectOwnership enum @@ -35549,6 +45405,7 @@ func ObjectOwnership_Values() []string { return []string{ ObjectOwnershipBucketOwnerPreferred, ObjectOwnershipObjectWriter, + ObjectOwnershipBucketOwnerEnforced, } } @@ -35576,6 +45433,15 @@ const ( // ObjectStorageClassOutposts is a ObjectStorageClass enum value ObjectStorageClassOutposts = "OUTPOSTS" + + // ObjectStorageClassGlacierIr is a ObjectStorageClass enum value + ObjectStorageClassGlacierIr = "GLACIER_IR" + + // ObjectStorageClassSnow is a ObjectStorageClass enum value + ObjectStorageClassSnow = "SNOW" + + // ObjectStorageClassExpressOnezone is a ObjectStorageClass enum value + ObjectStorageClassExpressOnezone = "EXPRESS_ONEZONE" ) // ObjectStorageClass_Values returns all elements of the ObjectStorageClass enum @@ -35589,6 +45455,9 @@ func ObjectStorageClass_Values() []string { ObjectStorageClassIntelligentTiering, ObjectStorageClassDeepArchive, ObjectStorageClassOutposts, + ObjectStorageClassGlacierIr, + ObjectStorageClassSnow, + ObjectStorageClassExpressOnezone, } } @@ -35604,6 +45473,18 @@ func ObjectVersionStorageClass_Values() []string { } } +const ( + // OptionalObjectAttributesRestoreStatus is a OptionalObjectAttributes enum value + OptionalObjectAttributesRestoreStatus = "RestoreStatus" +) + +// OptionalObjectAttributes_Values returns all elements of the OptionalObjectAttributes enum +func OptionalObjectAttributes_Values() []string { + return []string{ + OptionalObjectAttributesRestoreStatus, + } +} + const ( // OwnerOverrideDestination is a OwnerOverride enum value OwnerOverrideDestination = "Destination" @@ -35616,6 +45497,22 @@ func OwnerOverride_Values() []string { } } +const ( + // PartitionDateSourceEventTime is a PartitionDateSource enum value + PartitionDateSourceEventTime = "EventTime" + + // PartitionDateSourceDeliveryTime is a PartitionDateSource enum value + PartitionDateSourceDeliveryTime = "DeliveryTime" +) + +// PartitionDateSource_Values returns all elements of the PartitionDateSource enum +func PartitionDateSource_Values() []string { + return []string{ + PartitionDateSourceEventTime, + PartitionDateSourceDeliveryTime, + } +} + const ( // PayerRequester is a Payer enum value PayerRequester = "Requester" @@ -35736,6 +45633,9 @@ const ( // ReplicationStatusReplica is a ReplicationStatus enum value ReplicationStatusReplica = "REPLICA" + + // ReplicationStatusCompleted is a ReplicationStatus enum value + ReplicationStatusCompleted = "COMPLETED" ) // ReplicationStatus_Values returns all elements of the ReplicationStatus enum @@ -35745,6 +45645,7 @@ func ReplicationStatus_Values() []string { ReplicationStatusPending, ReplicationStatusFailed, ReplicationStatusReplica, + ReplicationStatusCompleted, } } @@ -35766,6 +45667,8 @@ func ReplicationTimeStatus_Values() []string { // If present, indicates that the requester was successfully charged for the // request. +// +// This functionality is not supported for directory buckets. const ( // RequestChargedRequester is a RequestCharged enum value RequestChargedRequester = "requester" @@ -35779,10 +45682,14 @@ func RequestCharged_Values() []string { } // Confirms that the requester knows that they will be charged for the request. -// Bucket owners need not specify this parameter in their requests. For information -// about downloading objects from requester pays buckets, see Downloading Objects -// in Requestor Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) -// in the Amazon S3 Developer Guide. +// Bucket owners need not specify this parameter in their requests. If either +// the source or destination S3 bucket has Requester Pays enabled, the requester +// will pay for corresponding charges to copy the object. For information about +// downloading objects from Requester Pays buckets, see Downloading Objects +// in Requester Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) +// in the Amazon S3 User Guide. +// +// This functionality is not supported for directory buckets. const ( // RequestPayerRequester is a RequestPayer enum value RequestPayerRequester = "requester" @@ -35813,6 +45720,9 @@ const ( // ServerSideEncryptionAwsKms is a ServerSideEncryption enum value ServerSideEncryptionAwsKms = "aws:kms" + + // ServerSideEncryptionAwsKmsDsse is a ServerSideEncryption enum value + ServerSideEncryptionAwsKmsDsse = "aws:kms:dsse" ) // ServerSideEncryption_Values returns all elements of the ServerSideEncryption enum @@ -35820,6 +45730,23 @@ func ServerSideEncryption_Values() []string { return []string{ ServerSideEncryptionAes256, ServerSideEncryptionAwsKms, + ServerSideEncryptionAwsKmsDsse, + } +} + +const ( + // SessionModeReadOnly is a SessionMode enum value + SessionModeReadOnly = "ReadOnly" + + // SessionModeReadWrite is a SessionMode enum value + SessionModeReadWrite = "ReadWrite" +) + +// SessionMode_Values returns all elements of the SessionMode enum +func SessionMode_Values() []string { + return []string{ + SessionModeReadOnly, + SessionModeReadWrite, } } @@ -35863,6 +45790,15 @@ const ( // StorageClassOutposts is a StorageClass enum value StorageClassOutposts = "OUTPOSTS" + + // StorageClassGlacierIr is a StorageClass enum value + StorageClassGlacierIr = "GLACIER_IR" + + // StorageClassSnow is a StorageClass enum value + StorageClassSnow = "SNOW" + + // StorageClassExpressOnezone is a StorageClass enum value + StorageClassExpressOnezone = "EXPRESS_ONEZONE" ) // StorageClass_Values returns all elements of the StorageClass enum @@ -35876,6 +45812,9 @@ func StorageClass_Values() []string { StorageClassGlacier, StorageClassDeepArchive, StorageClassOutposts, + StorageClassGlacierIr, + StorageClassSnow, + StorageClassExpressOnezone, } } @@ -35942,6 +45881,9 @@ const ( // TransitionStorageClassDeepArchive is a TransitionStorageClass enum value TransitionStorageClassDeepArchive = "DEEP_ARCHIVE" + + // TransitionStorageClassGlacierIr is a TransitionStorageClass enum value + TransitionStorageClassGlacierIr = "GLACIER_IR" ) // TransitionStorageClass_Values returns all elements of the TransitionStorageClass enum @@ -35952,6 +45894,7 @@ func TransitionStorageClass_Values() []string { TransitionStorageClassOnezoneIa, TransitionStorageClassIntelligentTiering, TransitionStorageClassDeepArchive, + TransitionStorageClassGlacierIr, } } diff --git a/ecs-init/vendor/github.com/aws/aws-sdk-go/service/s3/bucket_location.go b/ecs-init/vendor/github.com/aws/aws-sdk-go/service/s3/bucket_location.go index 9ba8a788720..20828387ea2 100644 --- a/ecs-init/vendor/github.com/aws/aws-sdk-go/service/s3/bucket_location.go +++ b/ecs-init/vendor/github.com/aws/aws-sdk-go/service/s3/bucket_location.go @@ -39,11 +39,11 @@ func NormalizeBucketLocation(loc string) string { // See http://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketGETlocation.html // for more information on the values that can be returned. // -// req, result := svc.GetBucketLocationRequest(&s3.GetBucketLocationInput{ -// Bucket: aws.String(bucket), -// }) -// req.Handlers.Unmarshal.PushBackNamed(NormalizeBucketLocationHandler) -// err := req.Send() +// req, result := svc.GetBucketLocationRequest(&s3.GetBucketLocationInput{ +// Bucket: aws.String(bucket), +// }) +// req.Handlers.Unmarshal.PushBackNamed(NormalizeBucketLocationHandler) +// err := req.Send() var NormalizeBucketLocationHandler = request.NamedHandler{ Name: "awssdk.s3.NormalizeBucketLocation", Fn: func(req *request.Request) { @@ -65,12 +65,12 @@ var NormalizeBucketLocationHandler = request.NamedHandler{ // See http://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketGETlocation.html // for more information on the values that can be returned. // -// result, err := svc.GetBucketLocationWithContext(ctx, -// &s3.GetBucketLocationInput{ -// Bucket: aws.String(bucket), -// }, -// s3.WithNormalizeBucketLocation, -// ) +// result, err := svc.GetBucketLocationWithContext(ctx, +// &s3.GetBucketLocationInput{ +// Bucket: aws.String(bucket), +// }, +// s3.WithNormalizeBucketLocation, +// ) func WithNormalizeBucketLocation(r *request.Request) { r.Handlers.Unmarshal.PushBackNamed(NormalizeBucketLocationHandler) } diff --git a/ecs-init/vendor/github.com/aws/aws-sdk-go/service/s3/customizations.go b/ecs-init/vendor/github.com/aws/aws-sdk-go/service/s3/customizations.go index f1959b03a95..229606b708a 100644 --- a/ecs-init/vendor/github.com/aws/aws-sdk-go/service/s3/customizations.go +++ b/ecs-init/vendor/github.com/aws/aws-sdk-go/service/s3/customizations.go @@ -1,7 +1,9 @@ package s3 import ( + "github.com/aws/aws-sdk-go/aws" "github.com/aws/aws-sdk-go/aws/client" + "github.com/aws/aws-sdk-go/aws/endpoints" "github.com/aws/aws-sdk-go/aws/request" "github.com/aws/aws-sdk-go/internal/s3shared/arn" "github.com/aws/aws-sdk-go/internal/s3shared/s3err" @@ -13,6 +15,14 @@ func init() { } func defaultInitClientFn(c *client.Client) { + if c.Config.UseDualStackEndpoint == endpoints.DualStackEndpointStateUnset { + if aws.BoolValue(c.Config.UseDualStack) { + c.Config.UseDualStackEndpoint = endpoints.DualStackEndpointStateEnabled + } else { + c.Config.UseDualStackEndpoint = endpoints.DualStackEndpointStateDisabled + } + } + // Support building custom endpoints based on config c.Handlers.Build.PushFront(endpointHandler) @@ -40,7 +50,7 @@ func defaultInitRequestFn(r *request.Request) { // Auto-populate LocationConstraint with current region r.Handlers.Validate.PushFront(populateLocationConstraint) case opCopyObject, opUploadPartCopy, opCompleteMultipartUpload: - r.Handlers.Unmarshal.PushFront(copyMultipartStatusOKUnmarhsalError) + r.Handlers.Unmarshal.PushFront(copyMultipartStatusOKUnmarshalError) r.Handlers.Unmarshal.PushBackNamed(s3err.RequestFailureWrapperHandler()) case opPutObject, opUploadPart: r.Handlers.Build.PushBack(computeBodyHashes) @@ -48,6 +58,8 @@ func defaultInitRequestFn(r *request.Request) { // case opGetObject: // r.Handlers.Build.PushBack(askForTxEncodingAppendMD5) // r.Handlers.Unmarshal.PushBack(useMD5ValidationReader) + case opWriteGetObjectResponse: + r.Handlers.Build.PushFront(buildWriteGetObjectResponseEndpoint) } } diff --git a/ecs-init/vendor/github.com/aws/aws-sdk-go/service/s3/doc.go b/ecs-init/vendor/github.com/aws/aws-sdk-go/service/s3/doc.go index 0def02255ac..c148f757ee1 100644 --- a/ecs-init/vendor/github.com/aws/aws-sdk-go/service/s3/doc.go +++ b/ecs-init/vendor/github.com/aws/aws-sdk-go/service/s3/doc.go @@ -8,7 +8,7 @@ // See s3 package documentation for more information. // https://docs.aws.amazon.com/sdk-for-go/api/service/s3/ // -// Using the Client +// # Using the Client // // To contact Amazon Simple Storage Service with the SDK use the New function to create // a new service client. With that client you can make API requests to the service. diff --git a/ecs-init/vendor/github.com/aws/aws-sdk-go/service/s3/doc_custom.go b/ecs-init/vendor/github.com/aws/aws-sdk-go/service/s3/doc_custom.go index 7f7aca20859..2e8244f8f64 100644 --- a/ecs-init/vendor/github.com/aws/aws-sdk-go/service/s3/doc_custom.go +++ b/ecs-init/vendor/github.com/aws/aws-sdk-go/service/s3/doc_custom.go @@ -6,99 +6,99 @@ // for optimizations if the Body satisfies that type. Once the Uploader instance // is created you can call Upload concurrently from multiple goroutines safely. // -// // The session the S3 Uploader will use -// sess := session.Must(session.NewSession()) -// -// // Create an uploader with the session and default options -// uploader := s3manager.NewUploader(sess) -// -// f, err := os.Open(filename) -// if err != nil { -// return fmt.Errorf("failed to open file %q, %v", filename, err) -// } -// -// // Upload the file to S3. -// result, err := uploader.Upload(&s3manager.UploadInput{ -// Bucket: aws.String(myBucket), -// Key: aws.String(myString), -// Body: f, -// }) -// if err != nil { -// return fmt.Errorf("failed to upload file, %v", err) -// } -// fmt.Printf("file uploaded to, %s\n", aws.StringValue(result.Location)) +// // The session the S3 Uploader will use +// sess := session.Must(session.NewSession()) +// +// // Create an uploader with the session and default options +// uploader := s3manager.NewUploader(sess) +// +// f, err := os.Open(filename) +// if err != nil { +// return fmt.Errorf("failed to open file %q, %v", filename, err) +// } +// +// // Upload the file to S3. +// result, err := uploader.Upload(&s3manager.UploadInput{ +// Bucket: aws.String(myBucket), +// Key: aws.String(myString), +// Body: f, +// }) +// if err != nil { +// return fmt.Errorf("failed to upload file, %v", err) +// } +// fmt.Printf("file uploaded to, %s\n", aws.StringValue(result.Location)) // // See the s3manager package's Uploader type documentation for more information. // https://docs.aws.amazon.com/sdk-for-go/api/service/s3/s3manager/#Uploader // -// Download Manager +// # Download Manager // // The s3manager package's Downloader provides concurrently downloading of Objects // from S3. The Downloader will write S3 Object content with an io.WriterAt. // Once the Downloader instance is created you can call Download concurrently from // multiple goroutines safely. // -// // The session the S3 Downloader will use -// sess := session.Must(session.NewSession()) +// // The session the S3 Downloader will use +// sess := session.Must(session.NewSession()) // -// // Create a downloader with the session and default options -// downloader := s3manager.NewDownloader(sess) +// // Create a downloader with the session and default options +// downloader := s3manager.NewDownloader(sess) // -// // Create a file to write the S3 Object contents to. -// f, err := os.Create(filename) -// if err != nil { -// return fmt.Errorf("failed to create file %q, %v", filename, err) -// } +// // Create a file to write the S3 Object contents to. +// f, err := os.Create(filename) +// if err != nil { +// return fmt.Errorf("failed to create file %q, %v", filename, err) +// } // -// // Write the contents of S3 Object to the file -// n, err := downloader.Download(f, &s3.GetObjectInput{ -// Bucket: aws.String(myBucket), -// Key: aws.String(myString), -// }) -// if err != nil { -// return fmt.Errorf("failed to download file, %v", err) -// } -// fmt.Printf("file downloaded, %d bytes\n", n) +// // Write the contents of S3 Object to the file +// n, err := downloader.Download(f, &s3.GetObjectInput{ +// Bucket: aws.String(myBucket), +// Key: aws.String(myString), +// }) +// if err != nil { +// return fmt.Errorf("failed to download file, %v", err) +// } +// fmt.Printf("file downloaded, %d bytes\n", n) // // See the s3manager package's Downloader type documentation for more information. // https://docs.aws.amazon.com/sdk-for-go/api/service/s3/s3manager/#Downloader // -// Automatic URI cleaning +// # Automatic URI cleaning // // Interacting with objects whose keys contain adjacent slashes (e.g. bucketname/foo//bar/objectname) // requires setting DisableRestProtocolURICleaning to true in the aws.Config struct // used by the service client. // -// svc := s3.New(sess, &aws.Config{ -// DisableRestProtocolURICleaning: aws.Bool(true), -// }) -// out, err := svc.GetObject(&s3.GetObjectInput { -// Bucket: aws.String("bucketname"), -// Key: aws.String("//foo//bar//moo"), -// }) +// svc := s3.New(sess, &aws.Config{ +// DisableRestProtocolURICleaning: aws.Bool(true), +// }) +// out, err := svc.GetObject(&s3.GetObjectInput { +// Bucket: aws.String("bucketname"), +// Key: aws.String("//foo//bar//moo"), +// }) // -// Get Bucket Region +// # Get Bucket Region // // GetBucketRegion will attempt to get the region for a bucket using a region // hint to determine which AWS partition to perform the query on. Use this utility // to determine the region a bucket is in. // -// sess := session.Must(session.NewSession()) +// sess := session.Must(session.NewSession()) // -// bucket := "my-bucket" -// region, err := s3manager.GetBucketRegion(ctx, sess, bucket, "us-west-2") -// if err != nil { -// if aerr, ok := err.(awserr.Error); ok && aerr.Code() == "NotFound" { -// fmt.Fprintf(os.Stderr, "unable to find bucket %s's region not found\n", bucket) -// } -// return err -// } -// fmt.Printf("Bucket %s is in %s region\n", bucket, region) +// bucket := "my-bucket" +// region, err := s3manager.GetBucketRegion(ctx, sess, bucket, "us-west-2") +// if err != nil { +// if aerr, ok := err.(awserr.Error); ok && aerr.Code() == "NotFound" { +// fmt.Fprintf(os.Stderr, "unable to find bucket %s's region not found\n", bucket) +// } +// return err +// } +// fmt.Printf("Bucket %s is in %s region\n", bucket, region) // // See the s3manager package's GetBucketRegion function documentation for more information // https://docs.aws.amazon.com/sdk-for-go/api/service/s3/s3manager/#GetBucketRegion // -// S3 Crypto Client +// # S3 Crypto Client // // The s3crypto package provides the tools to upload and download encrypted // content from S3. The Encryption and Decryption clients can be used concurrently @@ -106,5 +106,4 @@ // // See the s3crypto package documentation for more information. // https://docs.aws.amazon.com/sdk-for-go/api/service/s3/s3crypto/ -// package s3 diff --git a/ecs-init/vendor/github.com/aws/aws-sdk-go/service/s3/endpoint.go b/ecs-init/vendor/github.com/aws/aws-sdk-go/service/s3/endpoint.go index 403aebb688c..71b43869264 100644 --- a/ecs-init/vendor/github.com/aws/aws-sdk-go/service/s3/endpoint.go +++ b/ecs-init/vendor/github.com/aws/aws-sdk-go/service/s3/endpoint.go @@ -1,6 +1,9 @@ package s3 import ( + "fmt" + "github.com/aws/aws-sdk-go/aws/awserr" + "github.com/aws/aws-sdk-go/aws/endpoints" "net/url" "strings" @@ -11,6 +14,13 @@ import ( "github.com/aws/aws-sdk-go/internal/s3shared/arn" ) +const ( + s3Namespace = "s3" + s3AccessPointNamespace = "s3-accesspoint" + s3ObjectsLambdaNamespace = "s3-object-lambda" + s3OutpostsNamespace = "s3-outposts" +) + // Used by shapes with members decorated as endpoint ARN. func parseEndpointARN(v string) (arn.Resource, error) { return arn.ParseResource(v, accessPointResourceParser) @@ -20,10 +30,14 @@ func accessPointResourceParser(a awsarn.ARN) (arn.Resource, error) { resParts := arn.SplitResource(a.Resource) switch resParts[0] { case "accesspoint": - if a.Service != "s3" { - return arn.AccessPointARN{}, arn.InvalidARNError{ARN: a, Reason: "service is not s3"} + switch a.Service { + case s3Namespace: + return arn.ParseAccessPointResource(a, resParts[1:]) + case s3ObjectsLambdaNamespace: + return parseS3ObjectLambdaAccessPointResource(a, resParts) + default: + return arn.AccessPointARN{}, arn.InvalidARNError{ARN: a, Reason: fmt.Sprintf("service is not %s or %s", s3Namespace, s3ObjectsLambdaNamespace)} } - return arn.ParseAccessPointResource(a, resParts[1:]) case "outpost": if a.Service != "s3-outposts" { return arn.OutpostAccessPointARN{}, arn.InvalidARNError{ARN: a, Reason: "service is not s3-outposts"} @@ -38,9 +52,8 @@ func accessPointResourceParser(a awsarn.ARN) (arn.Resource, error) { // outpost access-point resource. // // Supported Outpost AccessPoint ARN format: -// - ARN format: arn:{partition}:s3-outposts:{region}:{accountId}:outpost/{outpostId}/accesspoint/{accesspointName} -// - example: arn:aws:s3-outposts:us-west-2:012345678901:outpost/op-1234567890123456/accesspoint/myaccesspoint -// +// - ARN format: arn:{partition}:s3-outposts:{region}:{accountId}:outpost/{outpostId}/accesspoint/{accesspointName} +// - example: arn:aws:s3-outposts:us-west-2:012345678901:outpost/op-1234567890123456/accesspoint/myaccesspoint func parseOutpostAccessPointResource(a awsarn.ARN, resParts []string) (arn.OutpostAccessPointARN, error) { // outpost accesspoint arn is only valid if service is s3-outposts if a.Service != "s3-outposts" { @@ -80,6 +93,25 @@ func parseOutpostAccessPointResource(a awsarn.ARN, resParts []string) (arn.Outpo return outpostAccessPointARN, nil } +func parseS3ObjectLambdaAccessPointResource(a awsarn.ARN, resParts []string) (arn.S3ObjectLambdaAccessPointARN, error) { + if a.Service != s3ObjectsLambdaNamespace { + return arn.S3ObjectLambdaAccessPointARN{}, arn.InvalidARNError{ARN: a, Reason: fmt.Sprintf("service is not %s", s3ObjectsLambdaNamespace)} + } + + accessPointARN, err := arn.ParseAccessPointResource(a, resParts[1:]) + if err != nil { + return arn.S3ObjectLambdaAccessPointARN{}, err + } + + if len(accessPointARN.Region) == 0 { + return arn.S3ObjectLambdaAccessPointARN{}, arn.InvalidARNError{ARN: a, Reason: fmt.Sprintf("%s region not set", s3ObjectsLambdaNamespace)} + } + + return arn.S3ObjectLambdaAccessPointARN{ + AccessPointARN: accessPointARN, + }, nil +} + func endpointHandler(req *request.Request) { endpoint, ok := req.Params.(endpointARNGetter) if !ok || !endpoint.hasEndpointARN() { @@ -98,7 +130,7 @@ func endpointHandler(req *request.Request) { Request: req, } - if resReq.IsCrossPartition() { + if len(resReq.Request.ClientInfo.PartitionID) != 0 && resReq.IsCrossPartition() { req.Error = s3shared.NewClientPartitionMismatchError(resource, req.ClientInfo.PartitionID, aws.StringValue(req.Config.Region), nil) return @@ -110,21 +142,22 @@ func endpointHandler(req *request.Request) { return } - if resReq.HasCustomEndpoint() { - req.Error = s3shared.NewInvalidARNWithCustomEndpointError(resource, nil) - return - } - switch tv := resource.(type) { case arn.AccessPointARN: err = updateRequestAccessPointEndpoint(req, tv) if err != nil { req.Error = err } + case arn.S3ObjectLambdaAccessPointARN: + err = updateRequestS3ObjectLambdaAccessPointEndpoint(req, tv) + if err != nil { + req.Error = err + } case arn.OutpostAccessPointARN: // outposts does not support FIPS regions - if resReq.ResourceConfiguredForFIPS() { - req.Error = s3shared.NewInvalidARNWithFIPSError(resource, nil) + if req.Config.UseFIPSEndpoint == endpoints.FIPSEndpointStateEnabled { + req.Error = s3shared.NewFIPSConfigurationError(resource, req.ClientInfo.PartitionID, + aws.StringValue(req.Config.Region), nil) return } @@ -155,8 +188,7 @@ func updateRequestAccessPointEndpoint(req *request.Request, accessPoint arn.Acce req.ClientInfo.PartitionID, aws.StringValue(req.Config.Region), nil) } - // Ignore the disable host prefix for access points since custom endpoints - // are not supported. + // Ignore the disable host prefix for access points req.Config.DisableEndpointHostPrefix = aws.Bool(false) if err := accessPointEndpointBuilder(accessPoint).build(req); err != nil { @@ -168,6 +200,31 @@ func updateRequestAccessPointEndpoint(req *request.Request, accessPoint arn.Acce return nil } +func updateRequestS3ObjectLambdaAccessPointEndpoint(req *request.Request, accessPoint arn.S3ObjectLambdaAccessPointARN) error { + // DualStack not supported + if isUseDualStackEndpoint(req) { + return s3shared.NewClientConfiguredForDualStackError(accessPoint, + req.ClientInfo.PartitionID, aws.StringValue(req.Config.Region), nil) + } + + // Accelerate not supported + if aws.BoolValue(req.Config.S3UseAccelerate) { + return s3shared.NewClientConfiguredForAccelerateError(accessPoint, + req.ClientInfo.PartitionID, aws.StringValue(req.Config.Region), nil) + } + + // Ignore the disable host prefix for access points + req.Config.DisableEndpointHostPrefix = aws.Bool(false) + + if err := s3ObjectLambdaAccessPointEndpointBuilder(accessPoint).build(req); err != nil { + return err + } + + removeBucketFromPath(req.HTTPRequest.URL) + + return nil +} + func updateRequestOutpostAccessPointEndpoint(req *request.Request, accessPoint arn.OutpostAccessPointARN) error { // Accelerate not supported if aws.BoolValue(req.Config.S3UseAccelerate) { @@ -176,13 +233,12 @@ func updateRequestOutpostAccessPointEndpoint(req *request.Request, accessPoint a } // Dualstack not supported - if aws.BoolValue(req.Config.UseDualStack) { + if isUseDualStackEndpoint(req) { return s3shared.NewClientConfiguredForDualStackError(accessPoint, req.ClientInfo.PartitionID, aws.StringValue(req.Config.Region), nil) } - // Ignore the disable host prefix for access points since custom endpoints - // are not supported. + // Ignore the disable host prefix for access points req.Config.DisableEndpointHostPrefix = aws.Bool(false) if err := outpostAccessPointEndpointBuilder(accessPoint).build(req); err != nil { @@ -199,3 +255,44 @@ func removeBucketFromPath(u *url.URL) { u.Path = "/" } } + +func buildWriteGetObjectResponseEndpoint(req *request.Request) { + // DualStack not supported + if isUseDualStackEndpoint(req) { + req.Error = awserr.New("ConfigurationError", "client configured for dualstack but not supported for operation", nil) + return + } + + // Accelerate not supported + if aws.BoolValue(req.Config.S3UseAccelerate) { + req.Error = awserr.New("ConfigurationError", "client configured for accelerate but not supported for operation", nil) + return + } + + signingName := s3ObjectsLambdaNamespace + signingRegion := req.ClientInfo.SigningRegion + + if !hasCustomEndpoint(req) { + endpoint, err := resolveRegionalEndpoint(req, aws.StringValue(req.Config.Region), req.ClientInfo.ResolvedRegion, EndpointsID) + if err != nil { + req.Error = awserr.New(request.ErrCodeSerialization, "failed to resolve endpoint", err) + return + } + signingRegion = endpoint.SigningRegion + + if err = updateRequestEndpoint(req, endpoint.URL); err != nil { + req.Error = err + return + } + updateS3HostPrefixForS3ObjectLambda(req) + } + + redirectSigner(req, signingName, signingRegion) +} + +func isUseDualStackEndpoint(req *request.Request) bool { + if req.Config.UseDualStackEndpoint != endpoints.DualStackEndpointStateUnset { + return req.Config.UseDualStackEndpoint == endpoints.DualStackEndpointStateEnabled + } + return aws.BoolValue(req.Config.UseDualStack) +} diff --git a/ecs-init/vendor/github.com/aws/aws-sdk-go/service/s3/endpoint_builder.go b/ecs-init/vendor/github.com/aws/aws-sdk-go/service/s3/endpoint_builder.go index c1c77da9adb..7ae18ef5481 100644 --- a/ecs-init/vendor/github.com/aws/aws-sdk-go/service/s3/endpoint_builder.go +++ b/ecs-init/vendor/github.com/aws/aws-sdk-go/service/s3/endpoint_builder.go @@ -22,6 +22,11 @@ const ( outpostAccessPointPrefixTemplate = accessPointPrefixTemplate + "{" + outpostPrefixLabel + "}." ) +// hasCustomEndpoint returns true if endpoint is a custom endpoint +func hasCustomEndpoint(r *request.Request) bool { + return len(aws.StringValue(r.Config.Endpoint)) > 0 +} + // accessPointEndpointBuilder represents the endpoint builder for access point arn type accessPointEndpointBuilder arn.AccessPointARN @@ -32,39 +37,25 @@ type accessPointEndpointBuilder arn.AccessPointARN // - example : myaccesspoint-012345678901.s3-accesspoint.us-west-2.amazonaws.com // // Access Point Endpoint requests are signed using "s3" as signing name. -// func (a accessPointEndpointBuilder) build(req *request.Request) error { resolveService := arn.AccessPointARN(a).Service resolveRegion := arn.AccessPointARN(a).Region - cfgRegion := aws.StringValue(req.Config.Region) - - if s3shared.IsFIPS(cfgRegion) { - if aws.BoolValue(req.Config.S3UseARNRegion) && s3shared.IsCrossRegion(req, resolveRegion) { - // FIPS with cross region is not supported, the SDK must fail - // because there is no well defined method for SDK to construct a - // correct FIPS endpoint. - return s3shared.NewClientConfiguredForCrossRegionFIPSError(arn.AccessPointARN(a), - req.ClientInfo.PartitionID, cfgRegion, nil) - } - resolveRegion = cfgRegion - } - endpoint, err := resolveRegionalEndpoint(req, resolveRegion, resolveService) + endpoint, err := resolveRegionalEndpoint(req, resolveRegion, "", resolveService) if err != nil { return s3shared.NewFailedToResolveEndpointError(arn.AccessPointARN(a), - req.ClientInfo.PartitionID, cfgRegion, err) + req.ClientInfo.PartitionID, resolveRegion, err) } - if err = updateRequestEndpoint(req, endpoint.URL); err != nil { - return err - } + endpoint.URL = endpoints.AddScheme(endpoint.URL, aws.BoolValue(req.Config.DisableSSL)) - const serviceEndpointLabel = "s3-accesspoint" + if !hasCustomEndpoint(req) { + if err = updateRequestEndpoint(req, endpoint.URL); err != nil { + return err + } - // dual stack provided by endpoint resolver - cfgHost := req.HTTPRequest.URL.Host - if strings.HasPrefix(cfgHost, "s3") { - req.HTTPRequest.URL.Host = serviceEndpointLabel + cfgHost[2:] + // dual stack provided by endpoint resolver + updateS3HostForS3AccessPoint(req) } protocol.HostPrefixBuilder{ @@ -90,6 +81,60 @@ func (a accessPointEndpointBuilder) hostPrefixLabelValues() map[string]string { } } +// s3ObjectLambdaAccessPointEndpointBuilder represents the endpoint builder for an s3 object lambda access point arn +type s3ObjectLambdaAccessPointEndpointBuilder arn.S3ObjectLambdaAccessPointARN + +// build builds the endpoint for corresponding access point arn +// +// For building an endpoint from access point arn, format used is: +// - Access point endpoint format : {accesspointName}-{accountId}.s3-object-lambda.{region}.{dnsSuffix} +// - example : myaccesspoint-012345678901.s3-object-lambda.us-west-2.amazonaws.com +// +// Access Point Endpoint requests are signed using "s3-object-lambda" as signing name. +func (a s3ObjectLambdaAccessPointEndpointBuilder) build(req *request.Request) error { + resolveRegion := arn.S3ObjectLambdaAccessPointARN(a).Region + + endpoint, err := resolveRegionalEndpoint(req, resolveRegion, "", EndpointsID) + if err != nil { + return s3shared.NewFailedToResolveEndpointError(arn.S3ObjectLambdaAccessPointARN(a), + req.ClientInfo.PartitionID, resolveRegion, err) + } + + endpoint.URL = endpoints.AddScheme(endpoint.URL, aws.BoolValue(req.Config.DisableSSL)) + + endpoint.SigningName = s3ObjectsLambdaNamespace + + if !hasCustomEndpoint(req) { + if err = updateRequestEndpoint(req, endpoint.URL); err != nil { + return err + } + + updateS3HostPrefixForS3ObjectLambda(req) + } + + protocol.HostPrefixBuilder{ + Prefix: accessPointPrefixTemplate, + LabelsFn: a.hostPrefixLabelValues, + }.Build(req) + + // signer redirection + redirectSigner(req, endpoint.SigningName, endpoint.SigningRegion) + + err = protocol.ValidateEndpointHost(req.Operation.Name, req.HTTPRequest.URL.Host) + if err != nil { + return s3shared.NewInvalidARNError(arn.S3ObjectLambdaAccessPointARN(a), err) + } + + return nil +} + +func (a s3ObjectLambdaAccessPointEndpointBuilder) hostPrefixLabelValues() map[string]string { + return map[string]string{ + accessPointPrefixLabel: arn.S3ObjectLambdaAccessPointARN(a).AccessPointName, + accountIDPrefixLabel: arn.S3ObjectLambdaAccessPointARN(a).AccountID, + } +} + // outpostAccessPointEndpointBuilder represents the Endpoint builder for outpost access point arn. type outpostAccessPointEndpointBuilder arn.OutpostAccessPointARN @@ -100,30 +145,28 @@ type outpostAccessPointEndpointBuilder arn.OutpostAccessPointARN // - example : myaccesspoint-012345678901.op-01234567890123456.s3-outposts.us-west-2.amazonaws.com // // Outpost AccessPoint Endpoint request are signed using "s3-outposts" as signing name. -// func (o outpostAccessPointEndpointBuilder) build(req *request.Request) error { resolveRegion := o.Region resolveService := o.Service endpointsID := resolveService - if resolveService == "s3-outposts" { + if resolveService == s3OutpostsNamespace { endpointsID = "s3" } - endpoint, err := resolveRegionalEndpoint(req, resolveRegion, endpointsID) + endpoint, err := resolveRegionalEndpoint(req, resolveRegion, "", endpointsID) if err != nil { return s3shared.NewFailedToResolveEndpointError(o, req.ClientInfo.PartitionID, resolveRegion, err) } - if err = updateRequestEndpoint(req, endpoint.URL); err != nil { - return err - } + endpoint.URL = endpoints.AddScheme(endpoint.URL, aws.BoolValue(req.Config.DisableSSL)) - // add url host as s3-outposts - cfgHost := req.HTTPRequest.URL.Host - if strings.HasPrefix(cfgHost, endpointsID) { - req.HTTPRequest.URL.Host = resolveService + cfgHost[len(endpointsID):] + if !hasCustomEndpoint(req) { + if err = updateRequestEndpoint(req, endpoint.URL); err != nil { + return err + } + updateHostPrefix(req, endpointsID, resolveService) } protocol.HostPrefixBuilder{ @@ -150,17 +193,20 @@ func (o outpostAccessPointEndpointBuilder) hostPrefixLabelValues() map[string]st } } -func resolveRegionalEndpoint(r *request.Request, region string, endpointsID string) (endpoints.ResolvedEndpoint, error) { +func resolveRegionalEndpoint(r *request.Request, region, resolvedRegion, endpointsID string) (endpoints.ResolvedEndpoint, error) { return r.Config.EndpointResolver.EndpointFor(endpointsID, region, func(opts *endpoints.Options) { opts.DisableSSL = aws.BoolValue(r.Config.DisableSSL) opts.UseDualStack = aws.BoolValue(r.Config.UseDualStack) + opts.UseDualStackEndpoint = r.Config.UseDualStackEndpoint + opts.UseFIPSEndpoint = r.Config.UseFIPSEndpoint opts.S3UsEast1RegionalEndpoint = endpoints.RegionalS3UsEast1Endpoint + opts.ResolvedRegion = resolvedRegion + opts.Logger = r.Config.Logger + opts.LogDeprecated = r.Config.LogLevel.Matches(aws.LogDebugWithDeprecated) }) } func updateRequestEndpoint(r *request.Request, endpoint string) (err error) { - endpoint = endpoints.AddScheme(endpoint, aws.BoolValue(r.Config.DisableSSL)) - r.HTTPRequest.URL, err = url.Parse(endpoint + r.Operation.HTTPPath) if err != nil { return awserr.New(request.ErrCodeSerialization, @@ -175,3 +221,19 @@ func redirectSigner(req *request.Request, signingName string, signingRegion stri req.ClientInfo.SigningName = signingName req.ClientInfo.SigningRegion = signingRegion } + +func updateS3HostForS3AccessPoint(req *request.Request) { + updateHostPrefix(req, "s3", s3AccessPointNamespace) +} + +func updateS3HostPrefixForS3ObjectLambda(req *request.Request) { + updateHostPrefix(req, "s3", s3ObjectsLambdaNamespace) +} + +func updateHostPrefix(req *request.Request, oldEndpointPrefix, newEndpointPrefix string) { + host := req.HTTPRequest.URL.Host + if strings.HasPrefix(host, oldEndpointPrefix) { + // replace service hostlabel oldEndpointPrefix to newEndpointPrefix + req.HTTPRequest.URL.Host = newEndpointPrefix + host[len(oldEndpointPrefix):] + } +} diff --git a/ecs-init/vendor/github.com/aws/aws-sdk-go/service/s3/errors.go b/ecs-init/vendor/github.com/aws/aws-sdk-go/service/s3/errors.go index f64b55135ee..8a67333ab26 100644 --- a/ecs-init/vendor/github.com/aws/aws-sdk-go/service/s3/errors.go +++ b/ecs-init/vendor/github.com/aws/aws-sdk-go/service/s3/errors.go @@ -15,16 +15,25 @@ const ( // "BucketAlreadyOwnedByYou". // // The bucket you tried to create already exists, and you own it. Amazon S3 - // returns this error in all AWS Regions except in the North Virginia Region. - // For legacy compatibility, if you re-create an existing bucket that you already - // own in the North Virginia Region, Amazon S3 returns 200 OK and resets the - // bucket access control lists (ACLs). + // returns this error in all Amazon Web Services Regions except in the North + // Virginia Region. For legacy compatibility, if you re-create an existing bucket + // that you already own in the North Virginia Region, Amazon S3 returns 200 + // OK and resets the bucket access control lists (ACLs). ErrCodeBucketAlreadyOwnedByYou = "BucketAlreadyOwnedByYou" // ErrCodeInvalidObjectState for service response error code // "InvalidObjectState". // // Object is archived and inaccessible until restored. + // + // If the object you are retrieving is stored in the S3 Glacier Flexible Retrieval + // storage class, the S3 Glacier Deep Archive storage class, the S3 Intelligent-Tiering + // Archive Access tier, or the S3 Intelligent-Tiering Deep Archive Access tier, + // before you can retrieve the object you must first restore a copy using RestoreObject + // (https://docs.aws.amazon.com/AmazonS3/latest/API/API_RestoreObject.html). + // Otherwise, this operation returns an InvalidObjectState error. For information + // about restoring archived objects, see Restoring Archived Objects (https://docs.aws.amazon.com/AmazonS3/latest/dev/restoring-objects.html) + // in the Amazon S3 User Guide. ErrCodeInvalidObjectState = "InvalidObjectState" // ErrCodeNoSuchBucket for service response error code @@ -48,13 +57,13 @@ const ( // ErrCodeObjectAlreadyInActiveTierError for service response error code // "ObjectAlreadyInActiveTierError". // - // This operation is not allowed against this storage tier. + // This action is not allowed against this storage tier. ErrCodeObjectAlreadyInActiveTierError = "ObjectAlreadyInActiveTierError" // ErrCodeObjectNotInActiveTierError for service response error code // "ObjectNotInActiveTierError". // - // The source object of the COPY operation is not in the active tier and is - // only stored in Amazon S3 Glacier. + // The source object of the COPY action is not in the active tier and is only + // stored in Amazon S3 Glacier. ErrCodeObjectNotInActiveTierError = "ObjectNotInActiveTierError" ) diff --git a/ecs-init/vendor/github.com/aws/aws-sdk-go/service/s3/platform_handlers.go b/ecs-init/vendor/github.com/aws/aws-sdk-go/service/s3/platform_handlers.go index 8e6f3307d41..308b7d473e2 100644 --- a/ecs-init/vendor/github.com/aws/aws-sdk-go/service/s3/platform_handlers.go +++ b/ecs-init/vendor/github.com/aws/aws-sdk-go/service/s3/platform_handlers.go @@ -1,3 +1,4 @@ +//go:build !go1.6 // +build !go1.6 package s3 diff --git a/ecs-init/vendor/github.com/aws/aws-sdk-go/service/s3/platform_handlers_go1.6.go b/ecs-init/vendor/github.com/aws/aws-sdk-go/service/s3/platform_handlers_go1.6.go index 14d05f7b75a..70feffab752 100644 --- a/ecs-init/vendor/github.com/aws/aws-sdk-go/service/s3/platform_handlers_go1.6.go +++ b/ecs-init/vendor/github.com/aws/aws-sdk-go/service/s3/platform_handlers_go1.6.go @@ -1,3 +1,4 @@ +//go:build go1.6 // +build go1.6 package s3 @@ -24,5 +25,5 @@ func add100Continue(r *request.Request) { return } - r.HTTPRequest.Header.Set("Expect", "100-Continue") + r.HTTPRequest.Header.Set("Expect", "100-continue") } diff --git a/ecs-init/vendor/github.com/aws/aws-sdk-go/service/s3/s3iface/interface.go b/ecs-init/vendor/github.com/aws/aws-sdk-go/service/s3/s3iface/interface.go index 7c622187843..d13b4617030 100644 --- a/ecs-init/vendor/github.com/aws/aws-sdk-go/service/s3/s3iface/interface.go +++ b/ecs-init/vendor/github.com/aws/aws-sdk-go/service/s3/s3iface/interface.go @@ -23,37 +23,37 @@ import ( // can be stubbed out for unit testing your code with the SDK without needing // to inject custom request handlers into the SDK's request pipeline. // -// // myFunc uses an SDK service client to make a request to -// // Amazon Simple Storage Service. -// func myFunc(svc s3iface.S3API) bool { -// // Make svc.AbortMultipartUpload request -// } +// // myFunc uses an SDK service client to make a request to +// // Amazon Simple Storage Service. +// func myFunc(svc s3iface.S3API) bool { +// // Make svc.AbortMultipartUpload request +// } // -// func main() { -// sess := session.New() -// svc := s3.New(sess) +// func main() { +// sess := session.New() +// svc := s3.New(sess) // -// myFunc(svc) -// } +// myFunc(svc) +// } // // In your _test.go file: // -// // Define a mock struct to be used in your unit tests of myFunc. -// type mockS3Client struct { -// s3iface.S3API -// } -// func (m *mockS3Client) AbortMultipartUpload(input *s3.AbortMultipartUploadInput) (*s3.AbortMultipartUploadOutput, error) { -// // mock response/functionality -// } +// // Define a mock struct to be used in your unit tests of myFunc. +// type mockS3Client struct { +// s3iface.S3API +// } +// func (m *mockS3Client) AbortMultipartUpload(input *s3.AbortMultipartUploadInput) (*s3.AbortMultipartUploadOutput, error) { +// // mock response/functionality +// } // -// func TestMyFunc(t *testing.T) { -// // Setup Test -// mockSvc := &mockS3Client{} +// func TestMyFunc(t *testing.T) { +// // Setup Test +// mockSvc := &mockS3Client{} // -// myfunc(mockSvc) +// myfunc(mockSvc) // -// // Verify myFunc's functionality -// } +// // Verify myFunc's functionality +// } // // It is important to note that this interface will have breaking changes // when the service model is updated and adds new API operations, paginators, @@ -80,6 +80,10 @@ type S3API interface { CreateMultipartUploadWithContext(aws.Context, *s3.CreateMultipartUploadInput, ...request.Option) (*s3.CreateMultipartUploadOutput, error) CreateMultipartUploadRequest(*s3.CreateMultipartUploadInput) (*request.Request, *s3.CreateMultipartUploadOutput) + CreateSession(*s3.CreateSessionInput) (*s3.CreateSessionOutput, error) + CreateSessionWithContext(aws.Context, *s3.CreateSessionInput, ...request.Option) (*s3.CreateSessionOutput, error) + CreateSessionRequest(*s3.CreateSessionInput) (*request.Request, *s3.CreateSessionOutput) + DeleteBucket(*s3.DeleteBucketInput) (*s3.DeleteBucketOutput, error) DeleteBucketWithContext(aws.Context, *s3.DeleteBucketInput, ...request.Option) (*s3.DeleteBucketOutput, error) DeleteBucketRequest(*s3.DeleteBucketInput) (*request.Request, *s3.DeleteBucketOutput) @@ -244,6 +248,10 @@ type S3API interface { GetObjectAclWithContext(aws.Context, *s3.GetObjectAclInput, ...request.Option) (*s3.GetObjectAclOutput, error) GetObjectAclRequest(*s3.GetObjectAclInput) (*request.Request, *s3.GetObjectAclOutput) + GetObjectAttributes(*s3.GetObjectAttributesInput) (*s3.GetObjectAttributesOutput, error) + GetObjectAttributesWithContext(aws.Context, *s3.GetObjectAttributesInput, ...request.Option) (*s3.GetObjectAttributesOutput, error) + GetObjectAttributesRequest(*s3.GetObjectAttributesInput) (*request.Request, *s3.GetObjectAttributesOutput) + GetObjectLegalHold(*s3.GetObjectLegalHoldInput) (*s3.GetObjectLegalHoldOutput, error) GetObjectLegalHoldWithContext(aws.Context, *s3.GetObjectLegalHoldInput, ...request.Option) (*s3.GetObjectLegalHoldOutput, error) GetObjectLegalHoldRequest(*s3.GetObjectLegalHoldInput) (*request.Request, *s3.GetObjectLegalHoldOutput) @@ -296,6 +304,13 @@ type S3API interface { ListBucketsWithContext(aws.Context, *s3.ListBucketsInput, ...request.Option) (*s3.ListBucketsOutput, error) ListBucketsRequest(*s3.ListBucketsInput) (*request.Request, *s3.ListBucketsOutput) + ListDirectoryBuckets(*s3.ListDirectoryBucketsInput) (*s3.ListDirectoryBucketsOutput, error) + ListDirectoryBucketsWithContext(aws.Context, *s3.ListDirectoryBucketsInput, ...request.Option) (*s3.ListDirectoryBucketsOutput, error) + ListDirectoryBucketsRequest(*s3.ListDirectoryBucketsInput) (*request.Request, *s3.ListDirectoryBucketsOutput) + + ListDirectoryBucketsPages(*s3.ListDirectoryBucketsInput, func(*s3.ListDirectoryBucketsOutput, bool) bool) error + ListDirectoryBucketsPagesWithContext(aws.Context, *s3.ListDirectoryBucketsInput, func(*s3.ListDirectoryBucketsOutput, bool) bool, ...request.Option) error + ListMultipartUploads(*s3.ListMultipartUploadsInput) (*s3.ListMultipartUploadsOutput, error) ListMultipartUploadsWithContext(aws.Context, *s3.ListMultipartUploadsInput, ...request.Option) (*s3.ListMultipartUploadsOutput, error) ListMultipartUploadsRequest(*s3.ListMultipartUploadsInput) (*request.Request, *s3.ListMultipartUploadsOutput) @@ -455,6 +470,10 @@ type S3API interface { UploadPartCopyWithContext(aws.Context, *s3.UploadPartCopyInput, ...request.Option) (*s3.UploadPartCopyOutput, error) UploadPartCopyRequest(*s3.UploadPartCopyInput) (*request.Request, *s3.UploadPartCopyOutput) + WriteGetObjectResponse(*s3.WriteGetObjectResponseInput) (*s3.WriteGetObjectResponseOutput, error) + WriteGetObjectResponseWithContext(aws.Context, *s3.WriteGetObjectResponseInput, ...request.Option) (*s3.WriteGetObjectResponseOutput, error) + WriteGetObjectResponseRequest(*s3.WriteGetObjectResponseInput) (*request.Request, *s3.WriteGetObjectResponseOutput) + WaitUntilBucketExists(*s3.HeadBucketInput) error WaitUntilBucketExistsWithContext(aws.Context, *s3.HeadBucketInput, ...request.WaiterOption) error diff --git a/ecs-init/vendor/github.com/aws/aws-sdk-go/service/s3/s3manager/arn.go b/ecs-init/vendor/github.com/aws/aws-sdk-go/service/s3/s3manager/arn.go new file mode 100644 index 00000000000..f0a7f9bfcff --- /dev/null +++ b/ecs-init/vendor/github.com/aws/aws-sdk-go/service/s3/s3manager/arn.go @@ -0,0 +1,23 @@ +package s3manager + +import ( + "fmt" + "github.com/aws/aws-sdk-go/aws/arn" +) + +func validateSupportedARNType(bucket string) error { + if !arn.IsARN(bucket) { + return nil + } + + parsedARN, err := arn.Parse(bucket) + if err != nil { + return err + } + + if parsedARN.Service == "s3-object-lambda" { + return fmt.Errorf("manager does not support s3-object-lambda service ARNs") + } + + return nil +} diff --git a/ecs-init/vendor/github.com/aws/aws-sdk-go/service/s3/s3manager/batch.go b/ecs-init/vendor/github.com/aws/aws-sdk-go/service/s3/s3manager/batch.go index 22bd0b7ce59..0804bca6550 100644 --- a/ecs-init/vendor/github.com/aws/aws-sdk-go/service/s3/s3manager/batch.go +++ b/ecs-init/vendor/github.com/aws/aws-sdk-go/service/s3/s3manager/batch.go @@ -112,6 +112,7 @@ type BatchDeleteIterator interface { // iterate through a list of objects and delete the objects. // // Example: +// // iter := &s3manager.DeleteListIterator{ // Client: svc, // Input: &s3.ListObjectsInput{ @@ -203,6 +204,7 @@ type BatchDelete struct { // objects. // // Example: +// // batcher := s3manager.NewBatchDeleteWithClient(client, size) // // objects := []BatchDeleteObject{ @@ -236,6 +238,7 @@ func NewBatchDeleteWithClient(client s3iface.S3API, options ...func(*BatchDelete // objects. // // Example: +// // batcher := s3manager.NewBatchDelete(sess, size) // // objects := []BatchDeleteObject{ diff --git a/ecs-init/vendor/github.com/aws/aws-sdk-go/service/s3/s3manager/bucket_region.go b/ecs-init/vendor/github.com/aws/aws-sdk-go/service/s3/s3manager/bucket_region.go index 9cc1e5970c1..569474c2870 100644 --- a/ecs-init/vendor/github.com/aws/aws-sdk-go/service/s3/s3manager/bucket_region.go +++ b/ecs-init/vendor/github.com/aws/aws-sdk-go/service/s3/s3manager/bucket_region.go @@ -24,30 +24,30 @@ import ( // For example to get the region of a bucket which exists in "eu-central-1" // you could provide a region hint of "us-west-2". // -// sess := session.Must(session.NewSession()) -// -// bucket := "my-bucket" -// region, err := s3manager.GetBucketRegion(ctx, sess, bucket, "us-west-2") -// if err != nil { -// if aerr, ok := err.(awserr.Error); ok && aerr.Code() == "NotFound" { -// fmt.Fprintf(os.Stderr, "unable to find bucket %s's region not found\n", bucket) -// } -// return err -// } -// fmt.Printf("Bucket %s is in %s region\n", bucket, region) +// sess := session.Must(session.NewSession()) +// +// bucket := "my-bucket" +// region, err := s3manager.GetBucketRegion(ctx, sess, bucket, "us-west-2") +// if err != nil { +// if aerr, ok := err.(awserr.Error); ok && aerr.Code() == "NotFound" { +// fmt.Fprintf(os.Stderr, "unable to find bucket %s's region not found\n", bucket) +// } +// return err +// } +// fmt.Printf("Bucket %s is in %s region\n", bucket, region) // // By default the request will be made to the Amazon S3 endpoint using the Path // style addressing. // -// s3.us-west-2.amazonaws.com/bucketname +// s3.us-west-2.amazonaws.com/bucketname // // This is not compatible with Amazon S3's FIPS endpoints. To override this // behavior to use Virtual Host style addressing, provide a functional option // that will set the Request's Config.S3ForcePathStyle to aws.Bool(false). // -// region, err := s3manager.GetBucketRegion(ctx, sess, "bucketname", "us-west-2", func(r *request.Request) { -// r.S3ForcePathStyle = aws.Bool(false) -// }) +// region, err := s3manager.GetBucketRegion(ctx, sess, "bucketname", "us-west-2", func(r *request.Request) { +// r.S3ForcePathStyle = aws.Bool(false) +// }) // // To configure the GetBucketRegion to make a request via the Amazon // S3 FIPS endpoints directly when a FIPS region name is not available, (e.g. @@ -55,11 +55,11 @@ import ( // utility is called with. The hint region will be ignored if an endpoint URL // is configured on the session or client. // -// sess, err := session.NewSession(&aws.Config{ -// Endpoint: aws.String("https://s3-fips.us-west-2.amazonaws.com"), -// }) +// sess, err := session.NewSession(&aws.Config{ +// Endpoint: aws.String("https://s3-fips.us-west-2.amazonaws.com"), +// }) // -// region, err := s3manager.GetBucketRegion(context.Background(), sess, "bucketname", "") +// region, err := s3manager.GetBucketRegion(context.Background(), sess, "bucketname", "") func GetBucketRegion(ctx aws.Context, c client.ConfigProvider, bucket, regionHint string, opts ...request.Option) (string, error) { var cfg aws.Config if len(regionHint) != 0 { @@ -78,15 +78,15 @@ const bucketRegionHeader = "X-Amz-Bucket-Region" // By default the request will be made to the Amazon S3 endpoint using the Path // style addressing. // -// s3.us-west-2.amazonaws.com/bucketname +// s3.us-west-2.amazonaws.com/bucketname // // This is not compatible with Amazon S3's FIPS endpoints. To override this // behavior to use Virtual Host style addressing, provide a functional option // that will set the Request's Config.S3ForcePathStyle to aws.Bool(false). // -// region, err := s3manager.GetBucketRegionWithClient(ctx, client, "bucketname", func(r *request.Request) { -// r.S3ForcePathStyle = aws.Bool(false) -// }) +// region, err := s3manager.GetBucketRegionWithClient(ctx, client, "bucketname", func(r *request.Request) { +// r.S3ForcePathStyle = aws.Bool(false) +// }) // // To configure the GetBucketRegion to make a request via the Amazon // S3 FIPS endpoints directly when a FIPS region name is not available, (e.g. @@ -94,11 +94,11 @@ const bucketRegionHeader = "X-Amz-Bucket-Region" // utility is called with. The hint region will be ignored if an endpoint URL // is configured on the session or client. // -// region, err := s3manager.GetBucketRegionWithClient(context.Background(), -// s3.New(sess, &aws.Config{ -// Endpoint: aws.String("https://s3-fips.us-west-2.amazonaws.com"), -// }), -// "bucketname") +// region, err := s3manager.GetBucketRegionWithClient(context.Background(), +// s3.New(sess, &aws.Config{ +// Endpoint: aws.String("https://s3-fips.us-west-2.amazonaws.com"), +// }), +// "bucketname") // // See GetBucketRegion for more information. func GetBucketRegionWithClient(ctx aws.Context, svc s3iface.S3API, bucket string, opts ...request.Option) (string, error) { diff --git a/ecs-init/vendor/github.com/aws/aws-sdk-go/service/s3/s3manager/default_read_seeker_write_to.go b/ecs-init/vendor/github.com/aws/aws-sdk-go/service/s3/s3manager/default_read_seeker_write_to.go index 42276530a8b..e013be27e1c 100644 --- a/ecs-init/vendor/github.com/aws/aws-sdk-go/service/s3/s3manager/default_read_seeker_write_to.go +++ b/ecs-init/vendor/github.com/aws/aws-sdk-go/service/s3/s3manager/default_read_seeker_write_to.go @@ -1,3 +1,4 @@ +//go:build !windows // +build !windows package s3manager diff --git a/ecs-init/vendor/github.com/aws/aws-sdk-go/service/s3/s3manager/default_writer_read_from.go b/ecs-init/vendor/github.com/aws/aws-sdk-go/service/s3/s3manager/default_writer_read_from.go index ada50c24355..5583c30a440 100644 --- a/ecs-init/vendor/github.com/aws/aws-sdk-go/service/s3/s3manager/default_writer_read_from.go +++ b/ecs-init/vendor/github.com/aws/aws-sdk-go/service/s3/s3manager/default_writer_read_from.go @@ -1,3 +1,4 @@ +//go:build !windows // +build !windows package s3manager diff --git a/ecs-init/vendor/github.com/aws/aws-sdk-go/service/s3/s3manager/download.go b/ecs-init/vendor/github.com/aws/aws-sdk-go/service/s3/s3manager/download.go index 4b54b7c033d..37eb7dd521e 100644 --- a/ecs-init/vendor/github.com/aws/aws-sdk-go/service/s3/s3manager/download.go +++ b/ecs-init/vendor/github.com/aws/aws-sdk-go/service/s3/s3manager/download.go @@ -86,16 +86,17 @@ func WithDownloaderRequestOptions(opts ...request.Option) func(*Downloader) { // interface. // // Example: -// // The session the S3 Downloader will use -// sess := session.Must(session.NewSession()) // -// // Create a downloader with the session and default options -// downloader := s3manager.NewDownloader(sess) +// // The session the S3 Downloader will use +// sess := session.Must(session.NewSession()) // -// // Create a downloader with the session and custom options -// downloader := s3manager.NewDownloader(sess, func(d *s3manager.Downloader) { -// d.PartSize = 64 * 1024 * 1024 // 64MB per part -// }) +// // Create a downloader with the session and default options +// downloader := s3manager.NewDownloader(sess) +// +// // Create a downloader with the session and custom options +// downloader := s3manager.NewDownloader(sess, func(d *s3manager.Downloader) { +// d.PartSize = 64 * 1024 * 1024 // 64MB per part +// }) func NewDownloader(c client.ConfigProvider, options ...func(*Downloader)) *Downloader { return newDownloader(s3.New(c), options...) } @@ -120,19 +121,20 @@ func newDownloader(client s3iface.S3API, options ...func(*Downloader)) *Download // to make S3 API calls. // // Example: -// // The session the S3 Downloader will use -// sess := session.Must(session.NewSession()) // -// // The S3 client the S3 Downloader will use -// s3Svc := s3.New(sess) +// // The session the S3 Downloader will use +// sess := session.Must(session.NewSession()) +// +// // The S3 client the S3 Downloader will use +// s3Svc := s3.New(sess) // -// // Create a downloader with the s3 client and default options -// downloader := s3manager.NewDownloaderWithClient(s3Svc) +// // Create a downloader with the s3 client and default options +// downloader := s3manager.NewDownloaderWithClient(s3Svc) // -// // Create a downloader with the s3 client and custom options -// downloader := s3manager.NewDownloaderWithClient(s3Svc, func(d *s3manager.Downloader) { -// d.PartSize = 64 * 1024 * 1024 // 64MB per part -// }) +// // Create a downloader with the s3 client and custom options +// downloader := s3manager.NewDownloaderWithClient(s3Svc, func(d *s3manager.Downloader) { +// d.PartSize = 64 * 1024 * 1024 // 64MB per part +// }) func NewDownloaderWithClient(svc s3iface.S3API, options ...func(*Downloader)) *Downloader { return newDownloader(svc, options...) } @@ -192,6 +194,10 @@ func (d Downloader) Download(w io.WriterAt, input *s3.GetObjectInput, options .. // to perform a single GetObjectInput request for that object's range. This will // caused the part size, and concurrency configurations to be ignored. func (d Downloader) DownloadWithContext(ctx aws.Context, w io.WriterAt, input *s3.GetObjectInput, options ...func(*Downloader)) (n int64, err error) { + if err := validateSupportedARNType(aws.StringValue(input.Bucket)); err != nil { + return 0, err + } + impl := downloader{w: w, in: input, cfg: d, ctx: ctx} for _, option := range options { @@ -219,6 +225,7 @@ func (d Downloader) DownloadWithContext(ctx aws.Context, w io.WriterAt, input *s // to the io.WriterAt specificed in the iterator. // // Example: +// // svc := s3manager.NewDownloader(session) // // fooFile, err := os.Open("/tmp/foo.file") @@ -460,7 +467,11 @@ func (d *downloader) tryDownloadChunk(in *s3.GetObjectInput, w io.Writer) (int64 } d.setTotalBytes(resp) // Set total if not yet set. - n, err := io.Copy(w, resp.Body) + var src io.Reader = resp.Body + if d.cfg.BufferProvider != nil { + src = &suppressWriterAt{suppressed: src} + } + n, err := io.Copy(w, src) resp.Body.Close() if err != nil { return n, &errReadingBody{err: err} diff --git a/ecs-init/vendor/github.com/aws/aws-sdk-go/service/s3/s3manager/upload.go b/ecs-init/vendor/github.com/aws/aws-sdk-go/service/s3/s3manager/upload.go index 8770d404119..da243a302f7 100644 --- a/ecs-init/vendor/github.com/aws/aws-sdk-go/service/s3/s3manager/upload.go +++ b/ecs-init/vendor/github.com/aws/aws-sdk-go/service/s3/s3manager/upload.go @@ -40,18 +40,17 @@ const DefaultUploadConcurrency = 5 // // Example: // -// u := s3manager.NewUploader(opts) -// output, err := u.upload(input) -// if err != nil { -// if multierr, ok := err.(s3manager.MultiUploadFailure); ok { -// // Process error and its associated uploadID -// fmt.Println("Error:", multierr.Code(), multierr.Message(), multierr.UploadID()) -// } else { -// // Process error generically -// fmt.Println("Error:", err.Error()) -// } -// } -// +// u := s3manager.NewUploader(opts) +// output, err := u.upload(input) +// if err != nil { +// if multierr, ok := err.(s3manager.MultiUploadFailure); ok { +// // Process error and its associated uploadID +// fmt.Println("Error:", multierr.Code(), multierr.Message(), multierr.UploadID()) +// } else { +// // Process error generically +// fmt.Println("Error:", err.Error()) +// } +// } type MultiUploadFailure interface { awserr.Error @@ -77,7 +76,7 @@ type multiUploadError struct { // Error returns the string representation of the error. // -// See apierr.BaseError ErrorWithExtra for output format +// # See apierr.BaseError ErrorWithExtra for output format // // Satisfies the error interface. func (m multiUploadError) Error() string { @@ -109,6 +108,9 @@ type UploadOutput struct { // The ID for a multipart upload to S3. In the case of an error the error // can be cast to the MultiUploadFailure interface to extract the upload ID. UploadID string + + // Entity tag of the object. + ETag *string } // WithUploaderRequestOptions appends to the Uploader's API request options. @@ -121,6 +123,14 @@ func WithUploaderRequestOptions(opts ...request.Option) func(*Uploader) { // The Uploader structure that calls Upload(). It is safe to call Upload() // on this structure for multiple objects and across concurrent goroutines. // Mutating the Uploader's properties is not safe to be done concurrently. +// +// The ContentMD5 member for pre-computed MD5 checksums will be ignored for +// multipart uploads. Objects that will be uploaded in a single part, the +// ContentMD5 will be used. +// +// The Checksum members for pre-computed checksums will be ignored for +// multipart uploads. Objects that will be uploaded in a single part, will +// include the checksum member in the request. type Uploader struct { // The buffer size (in bytes) to use when buffering data into chunks and // sending them as parts to S3. The minimum allowed part size is 5MB, and @@ -176,16 +186,17 @@ type Uploader struct { // satisfies the client.ConfigProvider interface. // // Example: -// // The session the S3 Uploader will use -// sess := session.Must(session.NewSession()) // -// // Create an uploader with the session and default options -// uploader := s3manager.NewUploader(sess) +// // The session the S3 Uploader will use +// sess := session.Must(session.NewSession()) +// +// // Create an uploader with the session and default options +// uploader := s3manager.NewUploader(sess) // -// // Create an uploader with the session and custom options -// uploader := s3manager.NewUploader(session, func(u *s3manager.Uploader) { -// u.PartSize = 64 * 1024 * 1024 // 64MB per part -// }) +// // Create an uploader with the session and custom options +// uploader := s3manager.NewUploader(session, func(u *s3manager.Uploader) { +// u.PartSize = 64 * 1024 * 1024 // 64MB per part +// }) func NewUploader(c client.ConfigProvider, options ...func(*Uploader)) *Uploader { return newUploader(s3.New(c), options...) } @@ -214,19 +225,20 @@ func newUploader(client s3iface.S3API, options ...func(*Uploader)) *Uploader { // a S3 service client to make S3 API calls. // // Example: -// // The session the S3 Uploader will use -// sess := session.Must(session.NewSession()) // -// // S3 service client the Upload manager will use. -// s3Svc := s3.New(sess) +// // The session the S3 Uploader will use +// sess := session.Must(session.NewSession()) +// +// // S3 service client the Upload manager will use. +// s3Svc := s3.New(sess) // -// // Create an uploader with S3 client and default options -// uploader := s3manager.NewUploaderWithClient(s3Svc) +// // Create an uploader with S3 client and default options +// uploader := s3manager.NewUploaderWithClient(s3Svc) // -// // Create an uploader with S3 client and custom options -// uploader := s3manager.NewUploaderWithClient(s3Svc, func(u *s3manager.Uploader) { -// u.PartSize = 64 * 1024 * 1024 // 64MB per part -// }) +// // Create an uploader with S3 client and custom options +// uploader := s3manager.NewUploaderWithClient(s3Svc, func(u *s3manager.Uploader) { +// u.PartSize = 64 * 1024 * 1024 // 64MB per part +// }) func NewUploaderWithClient(svc s3iface.S3API, options ...func(*Uploader)) *Uploader { return newUploader(svc, options...) } @@ -245,21 +257,22 @@ func NewUploaderWithClient(svc s3iface.S3API, options ...func(*Uploader)) *Uploa // It is safe to call this method concurrently across goroutines. // // Example: -// // Upload input parameters -// upParams := &s3manager.UploadInput{ -// Bucket: &bucketName, -// Key: &keyName, -// Body: file, -// } // -// // Perform an upload. -// result, err := uploader.Upload(upParams) +// // Upload input parameters +// upParams := &s3manager.UploadInput{ +// Bucket: &bucketName, +// Key: &keyName, +// Body: file, +// } +// +// // Perform an upload. +// result, err := uploader.Upload(upParams) // -// // Perform upload with options different than the those in the Uploader. -// result, err := uploader.Upload(upParams, func(u *s3manager.Uploader) { -// u.PartSize = 10 * 1024 * 1024 // 10MB part size -// u.LeavePartsOnError = true // Don't delete the parts if the upload fails. -// }) +// // Perform upload with options different than the those in the Uploader. +// result, err := uploader.Upload(upParams, func(u *s3manager.Uploader) { +// u.PartSize = 10 * 1024 * 1024 // 10MB part size +// u.LeavePartsOnError = true // Don't delete the parts if the upload fails. +// }) func (u Uploader) Upload(input *UploadInput, options ...func(*Uploader)) (*UploadOutput, error) { return u.UploadWithContext(aws.BackgroundContext(), input, options...) } @@ -299,6 +312,7 @@ func (u Uploader) UploadWithContext(ctx aws.Context, input *UploadInput, opts .. // allows for custom defined functionality. // // Example: +// // svc:= s3manager.NewUploader(sess) // // objects := []BatchUploadObject{ @@ -388,6 +402,10 @@ func (u *uploader) upload() (*UploadOutput, error) { // init will initialize all default options. func (u *uploader) init() error { + if err := validateSupportedARNType(aws.StringValue(u.in.Bucket)); err != nil { + return err + } + if u.cfg.Concurrency == 0 { u.cfg.Concurrency = DefaultUploadConcurrency } @@ -527,6 +545,7 @@ func (u *uploader) singlePart(r io.ReadSeeker, cleanup func()) (*UploadOutput, e return &UploadOutput{ Location: url, VersionID: out.VersionId, + ETag: out.ETag, }, nil } @@ -632,6 +651,7 @@ func (u *multiuploader) upload(firstBuf io.ReadSeeker, cleanup func()) (*UploadO Location: uploadLocation, VersionID: complete.VersionId, UploadID: u.uploadID, + ETag: complete.ETag, }, nil } diff --git a/ecs-init/vendor/github.com/aws/aws-sdk-go/service/s3/s3manager/upload_input.go b/ecs-init/vendor/github.com/aws/aws-sdk-go/service/s3/s3manager/upload_input.go index 6cac26fa83d..f9c6e786de2 100644 --- a/ecs-init/vendor/github.com/aws/aws-sdk-go/service/s3/s3manager/upload_input.go +++ b/ecs-init/vendor/github.com/aws/aws-sdk-go/service/s3/s3manager/upload_input.go @@ -11,45 +11,92 @@ import ( // to an object in an Amazon S3 bucket. This type is similar to the s3 // package's PutObjectInput with the exception that the Body member is an // io.Reader instead of an io.ReadSeeker. +// +// The ContentMD5 member for pre-computed MD5 checksums will be ignored for +// multipart uploads. Objects that will be uploaded in a single part, the +// ContentMD5 will be used. +// +// The Checksum members for pre-computed checksums will be ignored for +// multipart uploads. Objects that will be uploaded in a single part, will +// include the checksum member in the request. type UploadInput struct { _ struct{} `locationName:"PutObjectRequest" type:"structure" payload:"Body"` // The canned ACL to apply to the object. For more information, see Canned ACL - // (https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#CannedACL). + // (https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#CannedACL) + // in the Amazon S3 User Guide. // - // This action is not supported by Amazon S3 on Outposts. + // When adding a new object, you can use headers to grant ACL-based permissions + // to individual Amazon Web Services accounts or to predefined groups defined + // by Amazon S3. These permissions are then added to the ACL on the object. + // By default, all objects are private. Only the owner has full access control. + // For more information, see Access Control List (ACL) Overview (https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html) + // and Managing ACLs Using the REST API (https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-using-rest-api.html) + // in the Amazon S3 User Guide. + // + // If the bucket that you're uploading objects to uses the bucket owner enforced + // setting for S3 Object Ownership, ACLs are disabled and no longer affect permissions. + // Buckets that use this setting only accept PUT requests that don't specify + // an ACL or PUT requests that specify bucket owner full control ACLs, such + // as the bucket-owner-full-control canned ACL or an equivalent form of this + // ACL expressed in the XML format. PUT requests that contain other ACLs (for + // example, custom grants to certain Amazon Web Services accounts) fail and + // return a 400 error with the error code AccessControlListNotSupported. For + // more information, see Controlling ownership of objects and disabling ACLs + // (https://docs.aws.amazon.com/AmazonS3/latest/userguide/about-object-ownership.html) + // in the Amazon S3 User Guide. + // + // * This functionality is not supported for directory buckets. + // + // * This functionality is not supported for Amazon S3 on Outposts. ACL *string `location:"header" locationName:"x-amz-acl" type:"string" enum:"ObjectCannedACL"` // The readable body payload to send to S3. Body io.Reader - // The bucket name to which the PUT operation was initiated. + // The bucket name to which the PUT action was initiated. + // + // Directory buckets - When you use this operation with a directory bucket, + // you must use virtual-hosted-style requests in the format Bucket_name.s3express-az_id.region.amazonaws.com. + // Path-style requests are not supported. Directory bucket names must be unique + // in the chosen Availability Zone. Bucket names must follow the format bucket_base_name--az-id--x-s3 + // (for example, DOC-EXAMPLE-BUCKET--usw2-az1--x-s3). For information about + // bucket naming restrictions, see Directory bucket naming rules (https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-bucket-naming-rules.html) + // in the Amazon S3 User Guide. + // + // Access points - When you use this action with an access point, you must provide + // the alias of the access point in place of the bucket name or specify the + // access point ARN. When using the access point ARN, you must direct requests + // to the access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. + // When using this action with an access point through the Amazon Web Services + // SDKs, you provide the access point ARN in place of the bucket name. For more + // information about access point ARNs, see Using access points (https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-access-points.html) + // in the Amazon S3 User Guide. // - // When using this API with an access point, you must direct requests to the - // access point hostname. The access point hostname takes the form AccessPointName-AccountId.s3-accesspoint.Region.amazonaws.com. - // When using this operation with an access point through the AWS SDKs, you - // provide the access point ARN in place of the bucket name. For more information - // about access point ARNs, see Using Access Points (https://docs.aws.amazon.com/AmazonS3/latest/dev/using-access-points.html) - // in the Amazon Simple Storage Service Developer Guide. + // Access points and Object Lambda access points are not supported by directory + // buckets. // - // When using this API with Amazon S3 on Outposts, you must direct requests - // to the S3 on Outposts hostname. The S3 on Outposts hostname takes the form - // AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com. When - // using this operation using S3 on Outposts through the AWS SDKs, you provide - // the Outposts bucket ARN in place of the bucket name. For more information - // about S3 on Outposts ARNs, see Using S3 on Outposts (https://docs.aws.amazon.com/AmazonS3/latest/dev/S3onOutposts.html) - // in the Amazon Simple Storage Service Developer Guide. + // S3 on Outposts - When you use this action with Amazon S3 on Outposts, you + // must direct requests to the S3 on Outposts hostname. The S3 on Outposts hostname + // takes the form AccessPointName-AccountId.outpostID.s3-outposts.Region.amazonaws.com. + // When you use this action with S3 on Outposts through the Amazon Web Services + // SDKs, you provide the Outposts access point ARN in place of the bucket name. + // For more information about S3 on Outposts ARNs, see What is S3 on Outposts? + // (https://docs.aws.amazon.com/AmazonS3/latest/userguide/S3onOutposts.html) + // in the Amazon S3 User Guide. // // Bucket is a required field Bucket *string `location:"uri" locationName:"Bucket" type:"string" required:"true"` // Specifies whether Amazon S3 should use an S3 Bucket Key for object encryption - // with server-side encryption using AWS KMS (SSE-KMS). Setting this header - // to true causes Amazon S3 to use an S3 Bucket Key for object encryption with - // SSE-KMS. + // with server-side encryption using Key Management Service (KMS) keys (SSE-KMS). + // Setting this header to true causes Amazon S3 to use an S3 Bucket Key for + // object encryption with SSE-KMS. // - // Specifying this header with a PUT operation doesn’t affect bucket-level - // settings for S3 Bucket Key. + // Specifying this header with a PUT action doesn’t affect bucket-level settings + // for S3 Bucket Key. + // + // This functionality is not supported for directory buckets. BucketKeyEnabled *bool `location:"header" locationName:"x-amz-server-side-encryption-bucket-key-enabled" type:"boolean"` // Can be used to specify caching behavior along the request/reply chain. For @@ -57,14 +104,76 @@ type UploadInput struct { // (http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.9). CacheControl *string `location:"header" locationName:"Cache-Control" type:"string"` + // Indicates the algorithm used to create the checksum for the object when you + // use the SDK. This header will not provide any additional functionality if + // you don't use the SDK. When you send this header, there must be a corresponding + // x-amz-checksum-algorithm or x-amz-trailer header sent. Otherwise, Amazon + // S3 fails the request with the HTTP status code 400 Bad Request. + // + // For the x-amz-checksum-algorithm header, replace algorithm with the supported + // algorithm from the following list: + // + // * CRC32 + // + // * CRC32C + // + // * SHA1 + // + // * SHA256 + // + // For more information, see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) + // in the Amazon S3 User Guide. + // + // If the individual checksum value you provide through x-amz-checksum-algorithm + // doesn't match the checksum algorithm you set through x-amz-sdk-checksum-algorithm, + // Amazon S3 ignores any provided ChecksumAlgorithm parameter and uses the checksum + // algorithm that matches the provided value in x-amz-checksum-algorithm . + // + // For directory buckets, when you use Amazon Web Services SDKs, CRC32 is the + // default checksum algorithm that's used for performance. + // + // The AWS SDK for Go v1 does not support automatic computing request payload + // checksum. This feature is available in the AWS SDK for Go v2. If a value + // is specified for this parameter, the matching algorithm's checksum member + // must be populated with the algorithm's checksum of the request payload. + ChecksumAlgorithm *string `location:"header" locationName:"x-amz-sdk-checksum-algorithm" type:"string" enum:"ChecksumAlgorithm"` + + // This header can be used as a data integrity check to verify that the data + // received is the same data that was originally sent. This header specifies + // the base64-encoded, 32-bit CRC32 checksum of the object. For more information, + // see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) + // in the Amazon S3 User Guide. + ChecksumCRC32 *string `location:"header" locationName:"x-amz-checksum-crc32" type:"string"` + + // This header can be used as a data integrity check to verify that the data + // received is the same data that was originally sent. This header specifies + // the base64-encoded, 32-bit CRC32C checksum of the object. For more information, + // see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) + // in the Amazon S3 User Guide. + ChecksumCRC32C *string `location:"header" locationName:"x-amz-checksum-crc32c" type:"string"` + + // This header can be used as a data integrity check to verify that the data + // received is the same data that was originally sent. This header specifies + // the base64-encoded, 160-bit SHA-1 digest of the object. For more information, + // see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) + // in the Amazon S3 User Guide. + ChecksumSHA1 *string `location:"header" locationName:"x-amz-checksum-sha1" type:"string"` + + // This header can be used as a data integrity check to verify that the data + // received is the same data that was originally sent. This header specifies + // the base64-encoded, 256-bit SHA-256 digest of the object. For more information, + // see Checking object integrity (https://docs.aws.amazon.com/AmazonS3/latest/userguide/checking-object-integrity.html) + // in the Amazon S3 User Guide. + ChecksumSHA256 *string `location:"header" locationName:"x-amz-checksum-sha256" type:"string"` + // Specifies presentational information for the object. For more information, - // see http://www.w3.org/Protocols/rfc2616/rfc2616-sec19.html#sec19.5.1 (http://www.w3.org/Protocols/rfc2616/rfc2616-sec19.html#sec19.5.1). + // see https://www.rfc-editor.org/rfc/rfc6266#section-4 (https://www.rfc-editor.org/rfc/rfc6266#section-4). ContentDisposition *string `location:"header" locationName:"Content-Disposition" type:"string"` // Specifies what content encodings have been applied to the object and thus // what decoding mechanisms must be applied to obtain the media-type referenced - // by the Content-Type header field. For more information, see http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.11 - // (http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.11). + // by the Content-Type header field. For more information, see https://www.rfc-editor.org/rfc/rfc9110.html#field.content-encoding + // (https://www.rfc-editor.org/rfc/rfc9110.html#field.content-encoding). ContentEncoding *string `location:"header" locationName:"Content-Encoding" type:"string"` // The language the content is in. @@ -76,42 +185,60 @@ type UploadInput struct { // it is optional, we recommend using the Content-MD5 mechanism as an end-to-end // integrity check. For more information about REST request authentication, // see REST Authentication (https://docs.aws.amazon.com/AmazonS3/latest/dev/RESTAuthentication.html). + // + // The Content-MD5 header is required for any request to upload an object with + // a retention period configured using Amazon S3 Object Lock. For more information + // about Amazon S3 Object Lock, see Amazon S3 Object Lock Overview (https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock-overview.html) + // in the Amazon S3 User Guide. + // + // This functionality is not supported for directory buckets. + // + // If the ContentMD5 is provided for a multipart upload, it will be ignored. + // Objects that will be uploaded in a single part, the ContentMD5 will be used. ContentMD5 *string `location:"header" locationName:"Content-MD5" type:"string"` // A standard MIME type describing the format of the contents. For more information, - // see http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.17 (http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.17). + // see https://www.rfc-editor.org/rfc/rfc9110.html#name-content-type (https://www.rfc-editor.org/rfc/rfc9110.html#name-content-type). ContentType *string `location:"header" locationName:"Content-Type" type:"string"` - // The account id of the expected bucket owner. If the bucket is owned by a - // different account, the request will fail with an HTTP 403 (Access Denied) - // error. + // The account ID of the expected bucket owner. If the account ID that you provide + // does not match the actual owner of the bucket, the request fails with the + // HTTP status code 403 Forbidden (access denied). ExpectedBucketOwner *string `location:"header" locationName:"x-amz-expected-bucket-owner" type:"string"` // The date and time at which the object is no longer cacheable. For more information, - // see http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.21 (http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html#sec14.21). + // see https://www.rfc-editor.org/rfc/rfc7234#section-5.3 (https://www.rfc-editor.org/rfc/rfc7234#section-5.3). Expires *time.Time `location:"header" locationName:"Expires" type:"timestamp"` // Gives the grantee READ, READ_ACP, and WRITE_ACP permissions on the object. // - // This action is not supported by Amazon S3 on Outposts. + // * This functionality is not supported for directory buckets. + // + // * This functionality is not supported for Amazon S3 on Outposts. GrantFullControl *string `location:"header" locationName:"x-amz-grant-full-control" type:"string"` // Allows grantee to read the object data and its metadata. // - // This action is not supported by Amazon S3 on Outposts. + // * This functionality is not supported for directory buckets. + // + // * This functionality is not supported for Amazon S3 on Outposts. GrantRead *string `location:"header" locationName:"x-amz-grant-read" type:"string"` // Allows grantee to read the object ACL. // - // This action is not supported by Amazon S3 on Outposts. + // * This functionality is not supported for directory buckets. + // + // * This functionality is not supported for Amazon S3 on Outposts. GrantReadACP *string `location:"header" locationName:"x-amz-grant-read-acp" type:"string"` // Allows grantee to write the ACL for the applicable object. // - // This action is not supported by Amazon S3 on Outposts. + // * This functionality is not supported for directory buckets. + // + // * This functionality is not supported for Amazon S3 on Outposts. GrantWriteACP *string `location:"header" locationName:"x-amz-grant-write-acp" type:"string"` - // Object key for which the PUT operation was initiated. + // Object key for which the PUT action was initiated. // // Key is a required field Key *string `location:"uri" locationName:"Key" min:"1" type:"string" required:"true"` @@ -120,24 +247,37 @@ type UploadInput struct { Metadata map[string]*string `location:"headers" locationName:"x-amz-meta-" type:"map"` // Specifies whether a legal hold will be applied to this object. For more information - // about S3 Object Lock, see Object Lock (https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock.html). + // about S3 Object Lock, see Object Lock (https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock.html) + // in the Amazon S3 User Guide. + // + // This functionality is not supported for directory buckets. ObjectLockLegalHoldStatus *string `location:"header" locationName:"x-amz-object-lock-legal-hold" type:"string" enum:"ObjectLockLegalHoldStatus"` // The Object Lock mode that you want to apply to this object. + // + // This functionality is not supported for directory buckets. ObjectLockMode *string `location:"header" locationName:"x-amz-object-lock-mode" type:"string" enum:"ObjectLockMode"` - // The date and time when you want this object's Object Lock to expire. + // The date and time when you want this object's Object Lock to expire. Must + // be formatted as a timestamp parameter. + // + // This functionality is not supported for directory buckets. ObjectLockRetainUntilDate *time.Time `location:"header" locationName:"x-amz-object-lock-retain-until-date" type:"timestamp" timestampFormat:"iso8601"` // Confirms that the requester knows that they will be charged for the request. - // Bucket owners need not specify this parameter in their requests. For information - // about downloading objects from requester pays buckets, see Downloading Objects - // in Requestor Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) - // in the Amazon S3 Developer Guide. + // Bucket owners need not specify this parameter in their requests. If either + // the source or destination S3 bucket has Requester Pays enabled, the requester + // will pay for corresponding charges to copy the object. For information about + // downloading objects from Requester Pays buckets, see Downloading Objects + // in Requester Pays Buckets (https://docs.aws.amazon.com/AmazonS3/latest/dev/ObjectsinRequesterPaysBuckets.html) + // in the Amazon S3 User Guide. + // + // This functionality is not supported for directory buckets. RequestPayer *string `location:"header" locationName:"x-amz-request-payer" type:"string" enum:"RequestPayer"` - // Specifies the algorithm to use to when encrypting the object (for example, - // AES256). + // Specifies the algorithm to use when encrypting the object (for example, AES256). + // + // This functionality is not supported for directory buckets. SSECustomerAlgorithm *string `location:"header" locationName:"x-amz-server-side-encryption-customer-algorithm" type:"string"` // Specifies the customer-provided encryption key for Amazon S3 to use in encrypting @@ -145,50 +285,80 @@ type UploadInput struct { // S3 does not store the encryption key. The key must be appropriate for use // with the algorithm specified in the x-amz-server-side-encryption-customer-algorithm // header. + // + // This functionality is not supported for directory buckets. SSECustomerKey *string `marshal-as:"blob" location:"header" locationName:"x-amz-server-side-encryption-customer-key" type:"string" sensitive:"true"` // Specifies the 128-bit MD5 digest of the encryption key according to RFC 1321. // Amazon S3 uses this header for a message integrity check to ensure that the // encryption key was transmitted without error. + // + // This functionality is not supported for directory buckets. SSECustomerKeyMD5 *string `location:"header" locationName:"x-amz-server-side-encryption-customer-key-MD5" type:"string"` - // Specifies the AWS KMS Encryption Context to use for object encryption. The - // value of this header is a base64-encoded UTF-8 string holding JSON with the - // encryption context key-value pairs. + // Specifies the Amazon Web Services KMS Encryption Context to use for object + // encryption. The value of this header is a base64-encoded UTF-8 string holding + // JSON with the encryption context key-value pairs. This value is stored as + // object metadata and automatically gets passed on to Amazon Web Services KMS + // for future GetObject or CopyObject operations on this object. This value + // must be explicitly added during CopyObject operations. + // + // This functionality is not supported for directory buckets. SSEKMSEncryptionContext *string `location:"header" locationName:"x-amz-server-side-encryption-context" type:"string" sensitive:"true"` - // If x-amz-server-side-encryption is present and has the value of aws:kms, - // this header specifies the ID of the AWS Key Management Service (AWS KMS) - // symmetrical customer managed customer master key (CMK) that was used for - // the object. + // If x-amz-server-side-encryption has a valid value of aws:kms or aws:kms:dsse, + // this header specifies the ID (Key ID, Key ARN, or Key Alias) of the Key Management + // Service (KMS) symmetric encryption customer managed key that was used for + // the object. If you specify x-amz-server-side-encryption:aws:kms or x-amz-server-side-encryption:aws:kms:dsse, + // but do not providex-amz-server-side-encryption-aws-kms-key-id, Amazon S3 + // uses the Amazon Web Services managed key (aws/s3) to protect the data. If + // the KMS key does not exist in the same account that's issuing the command, + // you must use the full ARN and not just the ID. // - // If the value of x-amz-server-side-encryption is aws:kms, this header specifies - // the ID of the symmetric customer managed AWS KMS CMK that will be used for - // the object. If you specify x-amz-server-side-encryption:aws:kms, but do not - // providex-amz-server-side-encryption-aws-kms-key-id, Amazon S3 uses the AWS - // managed CMK in AWS to protect the data. + // This functionality is not supported for directory buckets. SSEKMSKeyId *string `location:"header" locationName:"x-amz-server-side-encryption-aws-kms-key-id" type:"string" sensitive:"true"` - // The server-side encryption algorithm used when storing this object in Amazon - // S3 (for example, AES256, aws:kms). + // The server-side encryption algorithm that was used when you store this object + // in Amazon S3 (for example, AES256, aws:kms, aws:kms:dsse). + // + // General purpose buckets - You have four mutually exclusive options to protect + // data using server-side encryption in Amazon S3, depending on how you choose + // to manage the encryption keys. Specifically, the encryption key options are + // Amazon S3 managed keys (SSE-S3), Amazon Web Services KMS keys (SSE-KMS or + // DSSE-KMS), and customer-provided keys (SSE-C). Amazon S3 encrypts data with + // server-side encryption by using Amazon S3 managed keys (SSE-S3) by default. + // You can optionally tell Amazon S3 to encrypt data at rest by using server-side + // encryption with other key options. For more information, see Using Server-Side + // Encryption (https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingServerSideEncryption.html) + // in the Amazon S3 User Guide. + // + // Directory buckets - For directory buckets, only the server-side encryption + // with Amazon S3 managed keys (SSE-S3) (AES256) value is supported. ServerSideEncryption *string `location:"header" locationName:"x-amz-server-side-encryption" type:"string" enum:"ServerSideEncryption"` // By default, Amazon S3 uses the STANDARD Storage Class to store newly created // objects. The STANDARD storage class provides high durability and high availability. // Depending on performance needs, you can specify a different Storage Class. - // Amazon S3 on Outposts only uses the OUTPOSTS Storage Class. For more information, - // see Storage Classes (https://docs.aws.amazon.com/AmazonS3/latest/dev/storage-class-intro.html) - // in the Amazon S3 Service Developer Guide. + // For more information, see Storage Classes (https://docs.aws.amazon.com/AmazonS3/latest/dev/storage-class-intro.html) + // in the Amazon S3 User Guide. + // + // * For directory buckets, only the S3 Express One Zone storage class is + // supported to store newly created objects. + // + // * Amazon S3 on Outposts only uses the OUTPOSTS Storage Class. StorageClass *string `location:"header" locationName:"x-amz-storage-class" type:"string" enum:"StorageClass"` // The tag-set for the object. The tag-set must be encoded as URL Query parameters. // (For example, "Key1=Value1") + // + // This functionality is not supported for directory buckets. Tagging *string `location:"header" locationName:"x-amz-tagging" type:"string"` // If the bucket is configured as a website, redirects requests for this object // to another object in the same bucket or to an external URL. Amazon S3 stores // the value of this header in the object metadata. For information about object - // metadata, see Object Key and Metadata (https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingMetadata.html). + // metadata, see Object Key and Metadata (https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingMetadata.html) + // in the Amazon S3 User Guide. // // In the following example, the request header sets the redirect to an object // (anotherPage.html) in the same bucket: @@ -202,6 +372,9 @@ type UploadInput struct { // // For more information about website hosting in Amazon S3, see Hosting Websites // on Amazon S3 (https://docs.aws.amazon.com/AmazonS3/latest/dev/WebsiteHosting.html) - // and How to Configure Website Page Redirects (https://docs.aws.amazon.com/AmazonS3/latest/dev/how-to-page-redirect.html). + // and How to Configure Website Page Redirects (https://docs.aws.amazon.com/AmazonS3/latest/dev/how-to-page-redirect.html) + // in the Amazon S3 User Guide. + // + // This functionality is not supported for directory buckets. WebsiteRedirectLocation *string `location:"header" locationName:"x-amz-website-redirect-location" type:"string"` } diff --git a/ecs-init/vendor/github.com/aws/aws-sdk-go/service/s3/s3manager/writer_read_from.go b/ecs-init/vendor/github.com/aws/aws-sdk-go/service/s3/s3manager/writer_read_from.go index 765dc07ca32..a74a02d935d 100644 --- a/ecs-init/vendor/github.com/aws/aws-sdk-go/service/s3/s3manager/writer_read_from.go +++ b/ecs-init/vendor/github.com/aws/aws-sdk-go/service/s3/s3manager/writer_read_from.go @@ -73,3 +73,11 @@ func (p *PooledBufferedReadFromProvider) GetReadFrom(writer io.Writer) (r Writer } return r, cleanup } + +type suppressWriterAt struct { + suppressed io.Reader +} + +func (s *suppressWriterAt) Read(p []byte) (n int, err error) { + return s.suppressed.Read(p) +} diff --git a/ecs-init/vendor/github.com/aws/aws-sdk-go/service/s3/service.go b/ecs-init/vendor/github.com/aws/aws-sdk-go/service/s3/service.go index b4c07b4d47e..3e75d0e9427 100644 --- a/ecs-init/vendor/github.com/aws/aws-sdk-go/service/s3/service.go +++ b/ecs-init/vendor/github.com/aws/aws-sdk-go/service/s3/service.go @@ -39,31 +39,36 @@ const ( // aws.Config parameter to add your extra config. // // Example: -// mySession := session.Must(session.NewSession()) // -// // Create a S3 client from just a session. -// svc := s3.New(mySession) +// mySession := session.Must(session.NewSession()) // -// // Create a S3 client with additional configuration -// svc := s3.New(mySession, aws.NewConfig().WithRegion("us-west-2")) +// // Create a S3 client from just a session. +// svc := s3.New(mySession) +// +// // Create a S3 client with additional configuration +// svc := s3.New(mySession, aws.NewConfig().WithRegion("us-west-2")) func New(p client.ConfigProvider, cfgs ...*aws.Config) *S3 { c := p.ClientConfig(EndpointsID, cfgs...) - return newClient(*c.Config, c.Handlers, c.PartitionID, c.Endpoint, c.SigningRegion, c.SigningName) + if c.SigningNameDerived || len(c.SigningName) == 0 { + c.SigningName = "s3" + } + return newClient(*c.Config, c.Handlers, c.PartitionID, c.Endpoint, c.SigningRegion, c.SigningName, c.ResolvedRegion) } // newClient creates, initializes and returns a new service client instance. -func newClient(cfg aws.Config, handlers request.Handlers, partitionID, endpoint, signingRegion, signingName string) *S3 { +func newClient(cfg aws.Config, handlers request.Handlers, partitionID, endpoint, signingRegion, signingName, resolvedRegion string) *S3 { svc := &S3{ Client: client.New( cfg, metadata.ClientInfo{ - ServiceName: ServiceName, - ServiceID: ServiceID, - SigningName: signingName, - SigningRegion: signingRegion, - PartitionID: partitionID, - Endpoint: endpoint, - APIVersion: "2006-03-01", + ServiceName: ServiceName, + ServiceID: ServiceID, + SigningName: signingName, + SigningRegion: signingRegion, + PartitionID: partitionID, + Endpoint: endpoint, + APIVersion: "2006-03-01", + ResolvedRegion: resolvedRegion, }, handlers, ), diff --git a/ecs-init/vendor/github.com/aws/aws-sdk-go/service/s3/statusok_error.go b/ecs-init/vendor/github.com/aws/aws-sdk-go/service/s3/statusok_error.go index 247770e4c88..096adc091dd 100644 --- a/ecs-init/vendor/github.com/aws/aws-sdk-go/service/s3/statusok_error.go +++ b/ecs-init/vendor/github.com/aws/aws-sdk-go/service/s3/statusok_error.go @@ -11,16 +11,21 @@ import ( "github.com/aws/aws-sdk-go/internal/sdkio" ) -func copyMultipartStatusOKUnmarhsalError(r *request.Request) { +func copyMultipartStatusOKUnmarshalError(r *request.Request) { b, err := ioutil.ReadAll(r.HTTPResponse.Body) + r.HTTPResponse.Body.Close() if err != nil { r.Error = awserr.NewRequestFailure( awserr.New(request.ErrCodeSerialization, "unable to read response body", err), r.HTTPResponse.StatusCode, r.RequestID, ) + // Note, some middleware later in the stack like restxml.Unmarshal expect a valid, non-closed Body + // even in case of an error, so we replace it with an empty Reader. + r.HTTPResponse.Body = ioutil.NopCloser(bytes.NewBuffer(nil)) return } + body := bytes.NewReader(b) r.HTTPResponse.Body = ioutil.NopCloser(body) defer body.Seek(0, sdkio.SeekStart) diff --git a/ecs-init/vendor/github.com/aws/aws-sdk-go/service/sso/api.go b/ecs-init/vendor/github.com/aws/aws-sdk-go/service/sso/api.go new file mode 100644 index 00000000000..b8f590f71d3 --- /dev/null +++ b/ecs-init/vendor/github.com/aws/aws-sdk-go/service/sso/api.go @@ -0,0 +1,1367 @@ +// Code generated by private/model/cli/gen-api/main.go. DO NOT EDIT. + +package sso + +import ( + "fmt" + + "github.com/aws/aws-sdk-go/aws" + "github.com/aws/aws-sdk-go/aws/awsutil" + "github.com/aws/aws-sdk-go/aws/credentials" + "github.com/aws/aws-sdk-go/aws/request" + "github.com/aws/aws-sdk-go/private/protocol" + "github.com/aws/aws-sdk-go/private/protocol/restjson" +) + +const opGetRoleCredentials = "GetRoleCredentials" + +// GetRoleCredentialsRequest generates a "aws/request.Request" representing the +// client's request for the GetRoleCredentials operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See GetRoleCredentials for more information on using the GetRoleCredentials +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the GetRoleCredentialsRequest method. +// req, resp := client.GetRoleCredentialsRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/sso-2019-06-10/GetRoleCredentials +func (c *SSO) GetRoleCredentialsRequest(input *GetRoleCredentialsInput) (req *request.Request, output *GetRoleCredentialsOutput) { + op := &request.Operation{ + Name: opGetRoleCredentials, + HTTPMethod: "GET", + HTTPPath: "/federation/credentials", + } + + if input == nil { + input = &GetRoleCredentialsInput{} + } + + output = &GetRoleCredentialsOutput{} + req = c.newRequest(op, input, output) + req.Config.Credentials = credentials.AnonymousCredentials + return +} + +// GetRoleCredentials API operation for AWS Single Sign-On. +// +// Returns the STS short-term credentials for a given role name that is assigned +// to the user. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for AWS Single Sign-On's +// API operation GetRoleCredentials for usage and error information. +// +// Returned Error Types: +// +// - InvalidRequestException +// Indicates that a problem occurred with the input to the request. For example, +// a required parameter might be missing or out of range. +// +// - UnauthorizedException +// Indicates that the request is not authorized. This can happen due to an invalid +// access token in the request. +// +// - TooManyRequestsException +// Indicates that the request is being made too frequently and is more than +// what the server can handle. +// +// - ResourceNotFoundException +// The specified resource doesn't exist. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/sso-2019-06-10/GetRoleCredentials +func (c *SSO) GetRoleCredentials(input *GetRoleCredentialsInput) (*GetRoleCredentialsOutput, error) { + req, out := c.GetRoleCredentialsRequest(input) + return out, req.Send() +} + +// GetRoleCredentialsWithContext is the same as GetRoleCredentials with the addition of +// the ability to pass a context and additional request options. +// +// See GetRoleCredentials for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *SSO) GetRoleCredentialsWithContext(ctx aws.Context, input *GetRoleCredentialsInput, opts ...request.Option) (*GetRoleCredentialsOutput, error) { + req, out := c.GetRoleCredentialsRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opListAccountRoles = "ListAccountRoles" + +// ListAccountRolesRequest generates a "aws/request.Request" representing the +// client's request for the ListAccountRoles operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See ListAccountRoles for more information on using the ListAccountRoles +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the ListAccountRolesRequest method. +// req, resp := client.ListAccountRolesRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/sso-2019-06-10/ListAccountRoles +func (c *SSO) ListAccountRolesRequest(input *ListAccountRolesInput) (req *request.Request, output *ListAccountRolesOutput) { + op := &request.Operation{ + Name: opListAccountRoles, + HTTPMethod: "GET", + HTTPPath: "/assignment/roles", + Paginator: &request.Paginator{ + InputTokens: []string{"nextToken"}, + OutputTokens: []string{"nextToken"}, + LimitToken: "maxResults", + TruncationToken: "", + }, + } + + if input == nil { + input = &ListAccountRolesInput{} + } + + output = &ListAccountRolesOutput{} + req = c.newRequest(op, input, output) + req.Config.Credentials = credentials.AnonymousCredentials + return +} + +// ListAccountRoles API operation for AWS Single Sign-On. +// +// Lists all roles that are assigned to the user for a given AWS account. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for AWS Single Sign-On's +// API operation ListAccountRoles for usage and error information. +// +// Returned Error Types: +// +// - InvalidRequestException +// Indicates that a problem occurred with the input to the request. For example, +// a required parameter might be missing or out of range. +// +// - UnauthorizedException +// Indicates that the request is not authorized. This can happen due to an invalid +// access token in the request. +// +// - TooManyRequestsException +// Indicates that the request is being made too frequently and is more than +// what the server can handle. +// +// - ResourceNotFoundException +// The specified resource doesn't exist. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/sso-2019-06-10/ListAccountRoles +func (c *SSO) ListAccountRoles(input *ListAccountRolesInput) (*ListAccountRolesOutput, error) { + req, out := c.ListAccountRolesRequest(input) + return out, req.Send() +} + +// ListAccountRolesWithContext is the same as ListAccountRoles with the addition of +// the ability to pass a context and additional request options. +// +// See ListAccountRoles for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *SSO) ListAccountRolesWithContext(ctx aws.Context, input *ListAccountRolesInput, opts ...request.Option) (*ListAccountRolesOutput, error) { + req, out := c.ListAccountRolesRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +// ListAccountRolesPages iterates over the pages of a ListAccountRoles operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See ListAccountRoles method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a ListAccountRoles operation. +// pageNum := 0 +// err := client.ListAccountRolesPages(params, +// func(page *sso.ListAccountRolesOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +func (c *SSO) ListAccountRolesPages(input *ListAccountRolesInput, fn func(*ListAccountRolesOutput, bool) bool) error { + return c.ListAccountRolesPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// ListAccountRolesPagesWithContext same as ListAccountRolesPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *SSO) ListAccountRolesPagesWithContext(ctx aws.Context, input *ListAccountRolesInput, fn func(*ListAccountRolesOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *ListAccountRolesInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.ListAccountRolesRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*ListAccountRolesOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + +const opListAccounts = "ListAccounts" + +// ListAccountsRequest generates a "aws/request.Request" representing the +// client's request for the ListAccounts operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See ListAccounts for more information on using the ListAccounts +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the ListAccountsRequest method. +// req, resp := client.ListAccountsRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/sso-2019-06-10/ListAccounts +func (c *SSO) ListAccountsRequest(input *ListAccountsInput) (req *request.Request, output *ListAccountsOutput) { + op := &request.Operation{ + Name: opListAccounts, + HTTPMethod: "GET", + HTTPPath: "/assignment/accounts", + Paginator: &request.Paginator{ + InputTokens: []string{"nextToken"}, + OutputTokens: []string{"nextToken"}, + LimitToken: "maxResults", + TruncationToken: "", + }, + } + + if input == nil { + input = &ListAccountsInput{} + } + + output = &ListAccountsOutput{} + req = c.newRequest(op, input, output) + req.Config.Credentials = credentials.AnonymousCredentials + return +} + +// ListAccounts API operation for AWS Single Sign-On. +// +// Lists all AWS accounts assigned to the user. These AWS accounts are assigned +// by the administrator of the account. For more information, see Assign User +// Access (https://docs.aws.amazon.com/singlesignon/latest/userguide/useraccess.html#assignusers) +// in the IAM Identity Center User Guide. This operation returns a paginated +// response. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for AWS Single Sign-On's +// API operation ListAccounts for usage and error information. +// +// Returned Error Types: +// +// - InvalidRequestException +// Indicates that a problem occurred with the input to the request. For example, +// a required parameter might be missing or out of range. +// +// - UnauthorizedException +// Indicates that the request is not authorized. This can happen due to an invalid +// access token in the request. +// +// - TooManyRequestsException +// Indicates that the request is being made too frequently and is more than +// what the server can handle. +// +// - ResourceNotFoundException +// The specified resource doesn't exist. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/sso-2019-06-10/ListAccounts +func (c *SSO) ListAccounts(input *ListAccountsInput) (*ListAccountsOutput, error) { + req, out := c.ListAccountsRequest(input) + return out, req.Send() +} + +// ListAccountsWithContext is the same as ListAccounts with the addition of +// the ability to pass a context and additional request options. +// +// See ListAccounts for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *SSO) ListAccountsWithContext(ctx aws.Context, input *ListAccountsInput, opts ...request.Option) (*ListAccountsOutput, error) { + req, out := c.ListAccountsRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +// ListAccountsPages iterates over the pages of a ListAccounts operation, +// calling the "fn" function with the response data for each page. To stop +// iterating, return false from the fn function. +// +// See ListAccounts method for more information on how to use this operation. +// +// Note: This operation can generate multiple requests to a service. +// +// // Example iterating over at most 3 pages of a ListAccounts operation. +// pageNum := 0 +// err := client.ListAccountsPages(params, +// func(page *sso.ListAccountsOutput, lastPage bool) bool { +// pageNum++ +// fmt.Println(page) +// return pageNum <= 3 +// }) +func (c *SSO) ListAccountsPages(input *ListAccountsInput, fn func(*ListAccountsOutput, bool) bool) error { + return c.ListAccountsPagesWithContext(aws.BackgroundContext(), input, fn) +} + +// ListAccountsPagesWithContext same as ListAccountsPages except +// it takes a Context and allows setting request options on the pages. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *SSO) ListAccountsPagesWithContext(ctx aws.Context, input *ListAccountsInput, fn func(*ListAccountsOutput, bool) bool, opts ...request.Option) error { + p := request.Pagination{ + NewRequest: func() (*request.Request, error) { + var inCpy *ListAccountsInput + if input != nil { + tmp := *input + inCpy = &tmp + } + req, _ := c.ListAccountsRequest(inCpy) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return req, nil + }, + } + + for p.Next() { + if !fn(p.Page().(*ListAccountsOutput), !p.HasNextPage()) { + break + } + } + + return p.Err() +} + +const opLogout = "Logout" + +// LogoutRequest generates a "aws/request.Request" representing the +// client's request for the Logout operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See Logout for more information on using the Logout +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the LogoutRequest method. +// req, resp := client.LogoutRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/sso-2019-06-10/Logout +func (c *SSO) LogoutRequest(input *LogoutInput) (req *request.Request, output *LogoutOutput) { + op := &request.Operation{ + Name: opLogout, + HTTPMethod: "POST", + HTTPPath: "/logout", + } + + if input == nil { + input = &LogoutInput{} + } + + output = &LogoutOutput{} + req = c.newRequest(op, input, output) + req.Config.Credentials = credentials.AnonymousCredentials + req.Handlers.Unmarshal.Swap(restjson.UnmarshalHandler.Name, protocol.UnmarshalDiscardBodyHandler) + return +} + +// Logout API operation for AWS Single Sign-On. +// +// Removes the locally stored SSO tokens from the client-side cache and sends +// an API call to the IAM Identity Center service to invalidate the corresponding +// server-side IAM Identity Center sign in session. +// +// If a user uses IAM Identity Center to access the AWS CLI, the user’s IAM +// Identity Center sign in session is used to obtain an IAM session, as specified +// in the corresponding IAM Identity Center permission set. More specifically, +// IAM Identity Center assumes an IAM role in the target account on behalf of +// the user, and the corresponding temporary AWS credentials are returned to +// the client. +// +// After user logout, any existing IAM role sessions that were created by using +// IAM Identity Center permission sets continue based on the duration configured +// in the permission set. For more information, see User authentications (https://docs.aws.amazon.com/singlesignon/latest/userguide/authconcept.html) +// in the IAM Identity Center User Guide. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for AWS Single Sign-On's +// API operation Logout for usage and error information. +// +// Returned Error Types: +// +// - InvalidRequestException +// Indicates that a problem occurred with the input to the request. For example, +// a required parameter might be missing or out of range. +// +// - UnauthorizedException +// Indicates that the request is not authorized. This can happen due to an invalid +// access token in the request. +// +// - TooManyRequestsException +// Indicates that the request is being made too frequently and is more than +// what the server can handle. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/sso-2019-06-10/Logout +func (c *SSO) Logout(input *LogoutInput) (*LogoutOutput, error) { + req, out := c.LogoutRequest(input) + return out, req.Send() +} + +// LogoutWithContext is the same as Logout with the addition of +// the ability to pass a context and additional request options. +// +// See Logout for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *SSO) LogoutWithContext(ctx aws.Context, input *LogoutInput, opts ...request.Option) (*LogoutOutput, error) { + req, out := c.LogoutRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +// Provides information about your AWS account. +type AccountInfo struct { + _ struct{} `type:"structure"` + + // The identifier of the AWS account that is assigned to the user. + AccountId *string `locationName:"accountId" type:"string"` + + // The display name of the AWS account that is assigned to the user. + AccountName *string `locationName:"accountName" type:"string"` + + // The email address of the AWS account that is assigned to the user. + EmailAddress *string `locationName:"emailAddress" min:"1" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s AccountInfo) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s AccountInfo) GoString() string { + return s.String() +} + +// SetAccountId sets the AccountId field's value. +func (s *AccountInfo) SetAccountId(v string) *AccountInfo { + s.AccountId = &v + return s +} + +// SetAccountName sets the AccountName field's value. +func (s *AccountInfo) SetAccountName(v string) *AccountInfo { + s.AccountName = &v + return s +} + +// SetEmailAddress sets the EmailAddress field's value. +func (s *AccountInfo) SetEmailAddress(v string) *AccountInfo { + s.EmailAddress = &v + return s +} + +type GetRoleCredentialsInput struct { + _ struct{} `type:"structure" nopayload:"true"` + + // The token issued by the CreateToken API call. For more information, see CreateToken + // (https://docs.aws.amazon.com/singlesignon/latest/OIDCAPIReference/API_CreateToken.html) + // in the IAM Identity Center OIDC API Reference Guide. + // + // AccessToken is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by GetRoleCredentialsInput's + // String and GoString methods. + // + // AccessToken is a required field + AccessToken *string `location:"header" locationName:"x-amz-sso_bearer_token" type:"string" required:"true" sensitive:"true"` + + // The identifier for the AWS account that is assigned to the user. + // + // AccountId is a required field + AccountId *string `location:"querystring" locationName:"account_id" type:"string" required:"true"` + + // The friendly name of the role that is assigned to the user. + // + // RoleName is a required field + RoleName *string `location:"querystring" locationName:"role_name" type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GetRoleCredentialsInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GetRoleCredentialsInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *GetRoleCredentialsInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "GetRoleCredentialsInput"} + if s.AccessToken == nil { + invalidParams.Add(request.NewErrParamRequired("AccessToken")) + } + if s.AccountId == nil { + invalidParams.Add(request.NewErrParamRequired("AccountId")) + } + if s.RoleName == nil { + invalidParams.Add(request.NewErrParamRequired("RoleName")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetAccessToken sets the AccessToken field's value. +func (s *GetRoleCredentialsInput) SetAccessToken(v string) *GetRoleCredentialsInput { + s.AccessToken = &v + return s +} + +// SetAccountId sets the AccountId field's value. +func (s *GetRoleCredentialsInput) SetAccountId(v string) *GetRoleCredentialsInput { + s.AccountId = &v + return s +} + +// SetRoleName sets the RoleName field's value. +func (s *GetRoleCredentialsInput) SetRoleName(v string) *GetRoleCredentialsInput { + s.RoleName = &v + return s +} + +type GetRoleCredentialsOutput struct { + _ struct{} `type:"structure"` + + // The credentials for the role that is assigned to the user. + RoleCredentials *RoleCredentials `locationName:"roleCredentials" type:"structure"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GetRoleCredentialsOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s GetRoleCredentialsOutput) GoString() string { + return s.String() +} + +// SetRoleCredentials sets the RoleCredentials field's value. +func (s *GetRoleCredentialsOutput) SetRoleCredentials(v *RoleCredentials) *GetRoleCredentialsOutput { + s.RoleCredentials = v + return s +} + +// Indicates that a problem occurred with the input to the request. For example, +// a required parameter might be missing or out of range. +type InvalidRequestException struct { + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` + + Message_ *string `locationName:"message" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s InvalidRequestException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s InvalidRequestException) GoString() string { + return s.String() +} + +func newErrorInvalidRequestException(v protocol.ResponseMetadata) error { + return &InvalidRequestException{ + RespMetadata: v, + } +} + +// Code returns the exception type name. +func (s *InvalidRequestException) Code() string { + return "InvalidRequestException" +} + +// Message returns the exception's message. +func (s *InvalidRequestException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s *InvalidRequestException) OrigErr() error { + return nil +} + +func (s *InvalidRequestException) Error() string { + return fmt.Sprintf("%s: %s", s.Code(), s.Message()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s *InvalidRequestException) StatusCode() int { + return s.RespMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s *InvalidRequestException) RequestID() string { + return s.RespMetadata.RequestID +} + +type ListAccountRolesInput struct { + _ struct{} `type:"structure" nopayload:"true"` + + // The token issued by the CreateToken API call. For more information, see CreateToken + // (https://docs.aws.amazon.com/singlesignon/latest/OIDCAPIReference/API_CreateToken.html) + // in the IAM Identity Center OIDC API Reference Guide. + // + // AccessToken is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by ListAccountRolesInput's + // String and GoString methods. + // + // AccessToken is a required field + AccessToken *string `location:"header" locationName:"x-amz-sso_bearer_token" type:"string" required:"true" sensitive:"true"` + + // The identifier for the AWS account that is assigned to the user. + // + // AccountId is a required field + AccountId *string `location:"querystring" locationName:"account_id" type:"string" required:"true"` + + // The number of items that clients can request per page. + MaxResults *int64 `location:"querystring" locationName:"max_result" min:"1" type:"integer"` + + // The page token from the previous response output when you request subsequent + // pages. + NextToken *string `location:"querystring" locationName:"next_token" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ListAccountRolesInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ListAccountRolesInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *ListAccountRolesInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "ListAccountRolesInput"} + if s.AccessToken == nil { + invalidParams.Add(request.NewErrParamRequired("AccessToken")) + } + if s.AccountId == nil { + invalidParams.Add(request.NewErrParamRequired("AccountId")) + } + if s.MaxResults != nil && *s.MaxResults < 1 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetAccessToken sets the AccessToken field's value. +func (s *ListAccountRolesInput) SetAccessToken(v string) *ListAccountRolesInput { + s.AccessToken = &v + return s +} + +// SetAccountId sets the AccountId field's value. +func (s *ListAccountRolesInput) SetAccountId(v string) *ListAccountRolesInput { + s.AccountId = &v + return s +} + +// SetMaxResults sets the MaxResults field's value. +func (s *ListAccountRolesInput) SetMaxResults(v int64) *ListAccountRolesInput { + s.MaxResults = &v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *ListAccountRolesInput) SetNextToken(v string) *ListAccountRolesInput { + s.NextToken = &v + return s +} + +type ListAccountRolesOutput struct { + _ struct{} `type:"structure"` + + // The page token client that is used to retrieve the list of accounts. + NextToken *string `locationName:"nextToken" type:"string"` + + // A paginated response with the list of roles and the next token if more results + // are available. + RoleList []*RoleInfo `locationName:"roleList" type:"list"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ListAccountRolesOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ListAccountRolesOutput) GoString() string { + return s.String() +} + +// SetNextToken sets the NextToken field's value. +func (s *ListAccountRolesOutput) SetNextToken(v string) *ListAccountRolesOutput { + s.NextToken = &v + return s +} + +// SetRoleList sets the RoleList field's value. +func (s *ListAccountRolesOutput) SetRoleList(v []*RoleInfo) *ListAccountRolesOutput { + s.RoleList = v + return s +} + +type ListAccountsInput struct { + _ struct{} `type:"structure" nopayload:"true"` + + // The token issued by the CreateToken API call. For more information, see CreateToken + // (https://docs.aws.amazon.com/singlesignon/latest/OIDCAPIReference/API_CreateToken.html) + // in the IAM Identity Center OIDC API Reference Guide. + // + // AccessToken is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by ListAccountsInput's + // String and GoString methods. + // + // AccessToken is a required field + AccessToken *string `location:"header" locationName:"x-amz-sso_bearer_token" type:"string" required:"true" sensitive:"true"` + + // This is the number of items clients can request per page. + MaxResults *int64 `location:"querystring" locationName:"max_result" min:"1" type:"integer"` + + // (Optional) When requesting subsequent pages, this is the page token from + // the previous response output. + NextToken *string `location:"querystring" locationName:"next_token" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ListAccountsInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ListAccountsInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *ListAccountsInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "ListAccountsInput"} + if s.AccessToken == nil { + invalidParams.Add(request.NewErrParamRequired("AccessToken")) + } + if s.MaxResults != nil && *s.MaxResults < 1 { + invalidParams.Add(request.NewErrParamMinValue("MaxResults", 1)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetAccessToken sets the AccessToken field's value. +func (s *ListAccountsInput) SetAccessToken(v string) *ListAccountsInput { + s.AccessToken = &v + return s +} + +// SetMaxResults sets the MaxResults field's value. +func (s *ListAccountsInput) SetMaxResults(v int64) *ListAccountsInput { + s.MaxResults = &v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *ListAccountsInput) SetNextToken(v string) *ListAccountsInput { + s.NextToken = &v + return s +} + +type ListAccountsOutput struct { + _ struct{} `type:"structure"` + + // A paginated response with the list of account information and the next token + // if more results are available. + AccountList []*AccountInfo `locationName:"accountList" type:"list"` + + // The page token client that is used to retrieve the list of accounts. + NextToken *string `locationName:"nextToken" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ListAccountsOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ListAccountsOutput) GoString() string { + return s.String() +} + +// SetAccountList sets the AccountList field's value. +func (s *ListAccountsOutput) SetAccountList(v []*AccountInfo) *ListAccountsOutput { + s.AccountList = v + return s +} + +// SetNextToken sets the NextToken field's value. +func (s *ListAccountsOutput) SetNextToken(v string) *ListAccountsOutput { + s.NextToken = &v + return s +} + +type LogoutInput struct { + _ struct{} `type:"structure" nopayload:"true"` + + // The token issued by the CreateToken API call. For more information, see CreateToken + // (https://docs.aws.amazon.com/singlesignon/latest/OIDCAPIReference/API_CreateToken.html) + // in the IAM Identity Center OIDC API Reference Guide. + // + // AccessToken is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by LogoutInput's + // String and GoString methods. + // + // AccessToken is a required field + AccessToken *string `location:"header" locationName:"x-amz-sso_bearer_token" type:"string" required:"true" sensitive:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s LogoutInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s LogoutInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *LogoutInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "LogoutInput"} + if s.AccessToken == nil { + invalidParams.Add(request.NewErrParamRequired("AccessToken")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetAccessToken sets the AccessToken field's value. +func (s *LogoutInput) SetAccessToken(v string) *LogoutInput { + s.AccessToken = &v + return s +} + +type LogoutOutput struct { + _ struct{} `type:"structure"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s LogoutOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s LogoutOutput) GoString() string { + return s.String() +} + +// The specified resource doesn't exist. +type ResourceNotFoundException struct { + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` + + Message_ *string `locationName:"message" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ResourceNotFoundException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ResourceNotFoundException) GoString() string { + return s.String() +} + +func newErrorResourceNotFoundException(v protocol.ResponseMetadata) error { + return &ResourceNotFoundException{ + RespMetadata: v, + } +} + +// Code returns the exception type name. +func (s *ResourceNotFoundException) Code() string { + return "ResourceNotFoundException" +} + +// Message returns the exception's message. +func (s *ResourceNotFoundException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s *ResourceNotFoundException) OrigErr() error { + return nil +} + +func (s *ResourceNotFoundException) Error() string { + return fmt.Sprintf("%s: %s", s.Code(), s.Message()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s *ResourceNotFoundException) StatusCode() int { + return s.RespMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s *ResourceNotFoundException) RequestID() string { + return s.RespMetadata.RequestID +} + +// Provides information about the role credentials that are assigned to the +// user. +type RoleCredentials struct { + _ struct{} `type:"structure"` + + // The identifier used for the temporary security credentials. For more information, + // see Using Temporary Security Credentials to Request Access to AWS Resources + // (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_use-resources.html) + // in the AWS IAM User Guide. + AccessKeyId *string `locationName:"accessKeyId" type:"string"` + + // The date on which temporary security credentials expire. + Expiration *int64 `locationName:"expiration" type:"long"` + + // The key that is used to sign the request. For more information, see Using + // Temporary Security Credentials to Request Access to AWS Resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_use-resources.html) + // in the AWS IAM User Guide. + // + // SecretAccessKey is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by RoleCredentials's + // String and GoString methods. + SecretAccessKey *string `locationName:"secretAccessKey" type:"string" sensitive:"true"` + + // The token used for temporary credentials. For more information, see Using + // Temporary Security Credentials to Request Access to AWS Resources (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_use-resources.html) + // in the AWS IAM User Guide. + // + // SessionToken is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by RoleCredentials's + // String and GoString methods. + SessionToken *string `locationName:"sessionToken" type:"string" sensitive:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s RoleCredentials) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s RoleCredentials) GoString() string { + return s.String() +} + +// SetAccessKeyId sets the AccessKeyId field's value. +func (s *RoleCredentials) SetAccessKeyId(v string) *RoleCredentials { + s.AccessKeyId = &v + return s +} + +// SetExpiration sets the Expiration field's value. +func (s *RoleCredentials) SetExpiration(v int64) *RoleCredentials { + s.Expiration = &v + return s +} + +// SetSecretAccessKey sets the SecretAccessKey field's value. +func (s *RoleCredentials) SetSecretAccessKey(v string) *RoleCredentials { + s.SecretAccessKey = &v + return s +} + +// SetSessionToken sets the SessionToken field's value. +func (s *RoleCredentials) SetSessionToken(v string) *RoleCredentials { + s.SessionToken = &v + return s +} + +// Provides information about the role that is assigned to the user. +type RoleInfo struct { + _ struct{} `type:"structure"` + + // The identifier of the AWS account assigned to the user. + AccountId *string `locationName:"accountId" type:"string"` + + // The friendly name of the role that is assigned to the user. + RoleName *string `locationName:"roleName" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s RoleInfo) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s RoleInfo) GoString() string { + return s.String() +} + +// SetAccountId sets the AccountId field's value. +func (s *RoleInfo) SetAccountId(v string) *RoleInfo { + s.AccountId = &v + return s +} + +// SetRoleName sets the RoleName field's value. +func (s *RoleInfo) SetRoleName(v string) *RoleInfo { + s.RoleName = &v + return s +} + +// Indicates that the request is being made too frequently and is more than +// what the server can handle. +type TooManyRequestsException struct { + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` + + Message_ *string `locationName:"message" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s TooManyRequestsException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s TooManyRequestsException) GoString() string { + return s.String() +} + +func newErrorTooManyRequestsException(v protocol.ResponseMetadata) error { + return &TooManyRequestsException{ + RespMetadata: v, + } +} + +// Code returns the exception type name. +func (s *TooManyRequestsException) Code() string { + return "TooManyRequestsException" +} + +// Message returns the exception's message. +func (s *TooManyRequestsException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s *TooManyRequestsException) OrigErr() error { + return nil +} + +func (s *TooManyRequestsException) Error() string { + return fmt.Sprintf("%s: %s", s.Code(), s.Message()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s *TooManyRequestsException) StatusCode() int { + return s.RespMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s *TooManyRequestsException) RequestID() string { + return s.RespMetadata.RequestID +} + +// Indicates that the request is not authorized. This can happen due to an invalid +// access token in the request. +type UnauthorizedException struct { + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` + + Message_ *string `locationName:"message" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s UnauthorizedException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s UnauthorizedException) GoString() string { + return s.String() +} + +func newErrorUnauthorizedException(v protocol.ResponseMetadata) error { + return &UnauthorizedException{ + RespMetadata: v, + } +} + +// Code returns the exception type name. +func (s *UnauthorizedException) Code() string { + return "UnauthorizedException" +} + +// Message returns the exception's message. +func (s *UnauthorizedException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s *UnauthorizedException) OrigErr() error { + return nil +} + +func (s *UnauthorizedException) Error() string { + return fmt.Sprintf("%s: %s", s.Code(), s.Message()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s *UnauthorizedException) StatusCode() int { + return s.RespMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s *UnauthorizedException) RequestID() string { + return s.RespMetadata.RequestID +} diff --git a/ecs-init/vendor/github.com/aws/aws-sdk-go/service/sso/doc.go b/ecs-init/vendor/github.com/aws/aws-sdk-go/service/sso/doc.go new file mode 100644 index 00000000000..15e61a32282 --- /dev/null +++ b/ecs-init/vendor/github.com/aws/aws-sdk-go/service/sso/doc.go @@ -0,0 +1,45 @@ +// Code generated by private/model/cli/gen-api/main.go. DO NOT EDIT. + +// Package sso provides the client and types for making API +// requests to AWS Single Sign-On. +// +// AWS IAM Identity Center (successor to AWS Single Sign-On) Portal is a web +// service that makes it easy for you to assign user access to IAM Identity +// Center resources such as the AWS access portal. Users can get AWS account +// applications and roles assigned to them and get federated into the application. +// +// Although AWS Single Sign-On was renamed, the sso and identitystore API namespaces +// will continue to retain their original name for backward compatibility purposes. +// For more information, see IAM Identity Center rename (https://docs.aws.amazon.com/singlesignon/latest/userguide/what-is.html#renamed). +// +// This reference guide describes the IAM Identity Center Portal operations +// that you can call programatically and includes detailed information on data +// types and errors. +// +// AWS provides SDKs that consist of libraries and sample code for various programming +// languages and platforms, such as Java, Ruby, .Net, iOS, or Android. The SDKs +// provide a convenient way to create programmatic access to IAM Identity Center +// and other AWS services. For more information about the AWS SDKs, including +// how to download and install them, see Tools for Amazon Web Services (http://aws.amazon.com/tools/). +// +// See https://docs.aws.amazon.com/goto/WebAPI/sso-2019-06-10 for more information on this service. +// +// See sso package documentation for more information. +// https://docs.aws.amazon.com/sdk-for-go/api/service/sso/ +// +// # Using the Client +// +// To contact AWS Single Sign-On with the SDK use the New function to create +// a new service client. With that client you can make API requests to the service. +// These clients are safe to use concurrently. +// +// See the SDK's documentation for more information on how to use the SDK. +// https://docs.aws.amazon.com/sdk-for-go/api/ +// +// See aws.Config documentation for more information on configuring SDK clients. +// https://docs.aws.amazon.com/sdk-for-go/api/aws/#Config +// +// See the AWS Single Sign-On client SSO for more +// information on creating client for this service. +// https://docs.aws.amazon.com/sdk-for-go/api/service/sso/#New +package sso diff --git a/ecs-init/vendor/github.com/aws/aws-sdk-go/service/sso/errors.go b/ecs-init/vendor/github.com/aws/aws-sdk-go/service/sso/errors.go new file mode 100644 index 00000000000..77a6792e352 --- /dev/null +++ b/ecs-init/vendor/github.com/aws/aws-sdk-go/service/sso/errors.go @@ -0,0 +1,44 @@ +// Code generated by private/model/cli/gen-api/main.go. DO NOT EDIT. + +package sso + +import ( + "github.com/aws/aws-sdk-go/private/protocol" +) + +const ( + + // ErrCodeInvalidRequestException for service response error code + // "InvalidRequestException". + // + // Indicates that a problem occurred with the input to the request. For example, + // a required parameter might be missing or out of range. + ErrCodeInvalidRequestException = "InvalidRequestException" + + // ErrCodeResourceNotFoundException for service response error code + // "ResourceNotFoundException". + // + // The specified resource doesn't exist. + ErrCodeResourceNotFoundException = "ResourceNotFoundException" + + // ErrCodeTooManyRequestsException for service response error code + // "TooManyRequestsException". + // + // Indicates that the request is being made too frequently and is more than + // what the server can handle. + ErrCodeTooManyRequestsException = "TooManyRequestsException" + + // ErrCodeUnauthorizedException for service response error code + // "UnauthorizedException". + // + // Indicates that the request is not authorized. This can happen due to an invalid + // access token in the request. + ErrCodeUnauthorizedException = "UnauthorizedException" +) + +var exceptionFromCode = map[string]func(protocol.ResponseMetadata) error{ + "InvalidRequestException": newErrorInvalidRequestException, + "ResourceNotFoundException": newErrorResourceNotFoundException, + "TooManyRequestsException": newErrorTooManyRequestsException, + "UnauthorizedException": newErrorUnauthorizedException, +} diff --git a/ecs-init/vendor/github.com/aws/aws-sdk-go/service/sso/service.go b/ecs-init/vendor/github.com/aws/aws-sdk-go/service/sso/service.go new file mode 100644 index 00000000000..7094cfe4130 --- /dev/null +++ b/ecs-init/vendor/github.com/aws/aws-sdk-go/service/sso/service.go @@ -0,0 +1,106 @@ +// Code generated by private/model/cli/gen-api/main.go. DO NOT EDIT. + +package sso + +import ( + "github.com/aws/aws-sdk-go/aws" + "github.com/aws/aws-sdk-go/aws/client" + "github.com/aws/aws-sdk-go/aws/client/metadata" + "github.com/aws/aws-sdk-go/aws/request" + "github.com/aws/aws-sdk-go/aws/signer/v4" + "github.com/aws/aws-sdk-go/private/protocol" + "github.com/aws/aws-sdk-go/private/protocol/restjson" +) + +// SSO provides the API operation methods for making requests to +// AWS Single Sign-On. See this package's package overview docs +// for details on the service. +// +// SSO methods are safe to use concurrently. It is not safe to +// modify mutate any of the struct's properties though. +type SSO struct { + *client.Client +} + +// Used for custom client initialization logic +var initClient func(*client.Client) + +// Used for custom request initialization logic +var initRequest func(*request.Request) + +// Service information constants +const ( + ServiceName = "SSO" // Name of service. + EndpointsID = "portal.sso" // ID to lookup a service endpoint with. + ServiceID = "SSO" // ServiceID is a unique identifier of a specific service. +) + +// New creates a new instance of the SSO client with a session. +// If additional configuration is needed for the client instance use the optional +// aws.Config parameter to add your extra config. +// +// Example: +// +// mySession := session.Must(session.NewSession()) +// +// // Create a SSO client from just a session. +// svc := sso.New(mySession) +// +// // Create a SSO client with additional configuration +// svc := sso.New(mySession, aws.NewConfig().WithRegion("us-west-2")) +func New(p client.ConfigProvider, cfgs ...*aws.Config) *SSO { + c := p.ClientConfig(EndpointsID, cfgs...) + if c.SigningNameDerived || len(c.SigningName) == 0 { + c.SigningName = "awsssoportal" + } + return newClient(*c.Config, c.Handlers, c.PartitionID, c.Endpoint, c.SigningRegion, c.SigningName, c.ResolvedRegion) +} + +// newClient creates, initializes and returns a new service client instance. +func newClient(cfg aws.Config, handlers request.Handlers, partitionID, endpoint, signingRegion, signingName, resolvedRegion string) *SSO { + svc := &SSO{ + Client: client.New( + cfg, + metadata.ClientInfo{ + ServiceName: ServiceName, + ServiceID: ServiceID, + SigningName: signingName, + SigningRegion: signingRegion, + PartitionID: partitionID, + Endpoint: endpoint, + APIVersion: "2019-06-10", + ResolvedRegion: resolvedRegion, + }, + handlers, + ), + } + + // Handlers + svc.Handlers.Sign.PushBackNamed(v4.SignRequestHandler) + svc.Handlers.Build.PushBackNamed(restjson.BuildHandler) + svc.Handlers.Unmarshal.PushBackNamed(restjson.UnmarshalHandler) + svc.Handlers.UnmarshalMeta.PushBackNamed(restjson.UnmarshalMetaHandler) + svc.Handlers.UnmarshalError.PushBackNamed( + protocol.NewUnmarshalErrorHandler(restjson.NewUnmarshalTypedError(exceptionFromCode)).NamedHandler(), + ) + + // Run custom client initialization if present + if initClient != nil { + initClient(svc.Client) + } + + return svc +} + +// newRequest creates a new request for a SSO operation and runs any +// custom request initialization. +func (c *SSO) newRequest(op *request.Operation, params, data interface{}) *request.Request { + req := c.NewRequest(op, params, data) + + // Run custom request initialization if present + if initRequest != nil { + initRequest(req) + } + + return req +} diff --git a/ecs-init/vendor/github.com/aws/aws-sdk-go/service/sso/ssoiface/interface.go b/ecs-init/vendor/github.com/aws/aws-sdk-go/service/sso/ssoiface/interface.go new file mode 100644 index 00000000000..818cab7cda9 --- /dev/null +++ b/ecs-init/vendor/github.com/aws/aws-sdk-go/service/sso/ssoiface/interface.go @@ -0,0 +1,86 @@ +// Code generated by private/model/cli/gen-api/main.go. DO NOT EDIT. + +// Package ssoiface provides an interface to enable mocking the AWS Single Sign-On service client +// for testing your code. +// +// It is important to note that this interface will have breaking changes +// when the service model is updated and adds new API operations, paginators, +// and waiters. +package ssoiface + +import ( + "github.com/aws/aws-sdk-go/aws" + "github.com/aws/aws-sdk-go/aws/request" + "github.com/aws/aws-sdk-go/service/sso" +) + +// SSOAPI provides an interface to enable mocking the +// sso.SSO service client's API operation, +// paginators, and waiters. This make unit testing your code that calls out +// to the SDK's service client's calls easier. +// +// The best way to use this interface is so the SDK's service client's calls +// can be stubbed out for unit testing your code with the SDK without needing +// to inject custom request handlers into the SDK's request pipeline. +// +// // myFunc uses an SDK service client to make a request to +// // AWS Single Sign-On. +// func myFunc(svc ssoiface.SSOAPI) bool { +// // Make svc.GetRoleCredentials request +// } +// +// func main() { +// sess := session.New() +// svc := sso.New(sess) +// +// myFunc(svc) +// } +// +// In your _test.go file: +// +// // Define a mock struct to be used in your unit tests of myFunc. +// type mockSSOClient struct { +// ssoiface.SSOAPI +// } +// func (m *mockSSOClient) GetRoleCredentials(input *sso.GetRoleCredentialsInput) (*sso.GetRoleCredentialsOutput, error) { +// // mock response/functionality +// } +// +// func TestMyFunc(t *testing.T) { +// // Setup Test +// mockSvc := &mockSSOClient{} +// +// myfunc(mockSvc) +// +// // Verify myFunc's functionality +// } +// +// It is important to note that this interface will have breaking changes +// when the service model is updated and adds new API operations, paginators, +// and waiters. Its suggested to use the pattern above for testing, or using +// tooling to generate mocks to satisfy the interfaces. +type SSOAPI interface { + GetRoleCredentials(*sso.GetRoleCredentialsInput) (*sso.GetRoleCredentialsOutput, error) + GetRoleCredentialsWithContext(aws.Context, *sso.GetRoleCredentialsInput, ...request.Option) (*sso.GetRoleCredentialsOutput, error) + GetRoleCredentialsRequest(*sso.GetRoleCredentialsInput) (*request.Request, *sso.GetRoleCredentialsOutput) + + ListAccountRoles(*sso.ListAccountRolesInput) (*sso.ListAccountRolesOutput, error) + ListAccountRolesWithContext(aws.Context, *sso.ListAccountRolesInput, ...request.Option) (*sso.ListAccountRolesOutput, error) + ListAccountRolesRequest(*sso.ListAccountRolesInput) (*request.Request, *sso.ListAccountRolesOutput) + + ListAccountRolesPages(*sso.ListAccountRolesInput, func(*sso.ListAccountRolesOutput, bool) bool) error + ListAccountRolesPagesWithContext(aws.Context, *sso.ListAccountRolesInput, func(*sso.ListAccountRolesOutput, bool) bool, ...request.Option) error + + ListAccounts(*sso.ListAccountsInput) (*sso.ListAccountsOutput, error) + ListAccountsWithContext(aws.Context, *sso.ListAccountsInput, ...request.Option) (*sso.ListAccountsOutput, error) + ListAccountsRequest(*sso.ListAccountsInput) (*request.Request, *sso.ListAccountsOutput) + + ListAccountsPages(*sso.ListAccountsInput, func(*sso.ListAccountsOutput, bool) bool) error + ListAccountsPagesWithContext(aws.Context, *sso.ListAccountsInput, func(*sso.ListAccountsOutput, bool) bool, ...request.Option) error + + Logout(*sso.LogoutInput) (*sso.LogoutOutput, error) + LogoutWithContext(aws.Context, *sso.LogoutInput, ...request.Option) (*sso.LogoutOutput, error) + LogoutRequest(*sso.LogoutInput) (*request.Request, *sso.LogoutOutput) +} + +var _ SSOAPI = (*sso.SSO)(nil) diff --git a/ecs-init/vendor/github.com/aws/aws-sdk-go/service/ssooidc/api.go b/ecs-init/vendor/github.com/aws/aws-sdk-go/service/ssooidc/api.go new file mode 100644 index 00000000000..04f6c811b63 --- /dev/null +++ b/ecs-init/vendor/github.com/aws/aws-sdk-go/service/ssooidc/api.go @@ -0,0 +1,2252 @@ +// Code generated by private/model/cli/gen-api/main.go. DO NOT EDIT. + +package ssooidc + +import ( + "fmt" + + "github.com/aws/aws-sdk-go/aws" + "github.com/aws/aws-sdk-go/aws/awsutil" + "github.com/aws/aws-sdk-go/aws/credentials" + "github.com/aws/aws-sdk-go/aws/request" + "github.com/aws/aws-sdk-go/private/protocol" +) + +const opCreateToken = "CreateToken" + +// CreateTokenRequest generates a "aws/request.Request" representing the +// client's request for the CreateToken operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See CreateToken for more information on using the CreateToken +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the CreateTokenRequest method. +// req, resp := client.CreateTokenRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/sso-oidc-2019-06-10/CreateToken +func (c *SSOOIDC) CreateTokenRequest(input *CreateTokenInput) (req *request.Request, output *CreateTokenOutput) { + op := &request.Operation{ + Name: opCreateToken, + HTTPMethod: "POST", + HTTPPath: "/token", + } + + if input == nil { + input = &CreateTokenInput{} + } + + output = &CreateTokenOutput{} + req = c.newRequest(op, input, output) + req.Config.Credentials = credentials.AnonymousCredentials + return +} + +// CreateToken API operation for AWS SSO OIDC. +// +// Creates and returns access and refresh tokens for clients that are authenticated +// using client secrets. The access token can be used to fetch short-term credentials +// for the assigned AWS accounts or to access application APIs using bearer +// authentication. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for AWS SSO OIDC's +// API operation CreateToken for usage and error information. +// +// Returned Error Types: +// +// - InvalidRequestException +// Indicates that something is wrong with the input to the request. For example, +// a required parameter might be missing or out of range. +// +// - InvalidClientException +// Indicates that the clientId or clientSecret in the request is invalid. For +// example, this can occur when a client sends an incorrect clientId or an expired +// clientSecret. +// +// - InvalidGrantException +// Indicates that a request contains an invalid grant. This can occur if a client +// makes a CreateToken request with an invalid grant type. +// +// - UnauthorizedClientException +// Indicates that the client is not currently authorized to make the request. +// This can happen when a clientId is not issued for a public client. +// +// - UnsupportedGrantTypeException +// Indicates that the grant type in the request is not supported by the service. +// +// - InvalidScopeException +// Indicates that the scope provided in the request is invalid. +// +// - AuthorizationPendingException +// Indicates that a request to authorize a client with an access user session +// token is pending. +// +// - SlowDownException +// Indicates that the client is making the request too frequently and is more +// than the service can handle. +// +// - AccessDeniedException +// You do not have sufficient access to perform this action. +// +// - ExpiredTokenException +// Indicates that the token issued by the service is expired and is no longer +// valid. +// +// - InternalServerException +// Indicates that an error from the service occurred while trying to process +// a request. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/sso-oidc-2019-06-10/CreateToken +func (c *SSOOIDC) CreateToken(input *CreateTokenInput) (*CreateTokenOutput, error) { + req, out := c.CreateTokenRequest(input) + return out, req.Send() +} + +// CreateTokenWithContext is the same as CreateToken with the addition of +// the ability to pass a context and additional request options. +// +// See CreateToken for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *SSOOIDC) CreateTokenWithContext(ctx aws.Context, input *CreateTokenInput, opts ...request.Option) (*CreateTokenOutput, error) { + req, out := c.CreateTokenRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opCreateTokenWithIAM = "CreateTokenWithIAM" + +// CreateTokenWithIAMRequest generates a "aws/request.Request" representing the +// client's request for the CreateTokenWithIAM operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See CreateTokenWithIAM for more information on using the CreateTokenWithIAM +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the CreateTokenWithIAMRequest method. +// req, resp := client.CreateTokenWithIAMRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/sso-oidc-2019-06-10/CreateTokenWithIAM +func (c *SSOOIDC) CreateTokenWithIAMRequest(input *CreateTokenWithIAMInput) (req *request.Request, output *CreateTokenWithIAMOutput) { + op := &request.Operation{ + Name: opCreateTokenWithIAM, + HTTPMethod: "POST", + HTTPPath: "/token?aws_iam=t", + } + + if input == nil { + input = &CreateTokenWithIAMInput{} + } + + output = &CreateTokenWithIAMOutput{} + req = c.newRequest(op, input, output) + return +} + +// CreateTokenWithIAM API operation for AWS SSO OIDC. +// +// Creates and returns access and refresh tokens for clients and applications +// that are authenticated using IAM entities. The access token can be used to +// fetch short-term credentials for the assigned AWS accounts or to access application +// APIs using bearer authentication. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for AWS SSO OIDC's +// API operation CreateTokenWithIAM for usage and error information. +// +// Returned Error Types: +// +// - InvalidRequestException +// Indicates that something is wrong with the input to the request. For example, +// a required parameter might be missing or out of range. +// +// - InvalidClientException +// Indicates that the clientId or clientSecret in the request is invalid. For +// example, this can occur when a client sends an incorrect clientId or an expired +// clientSecret. +// +// - InvalidGrantException +// Indicates that a request contains an invalid grant. This can occur if a client +// makes a CreateToken request with an invalid grant type. +// +// - UnauthorizedClientException +// Indicates that the client is not currently authorized to make the request. +// This can happen when a clientId is not issued for a public client. +// +// - UnsupportedGrantTypeException +// Indicates that the grant type in the request is not supported by the service. +// +// - InvalidScopeException +// Indicates that the scope provided in the request is invalid. +// +// - AuthorizationPendingException +// Indicates that a request to authorize a client with an access user session +// token is pending. +// +// - SlowDownException +// Indicates that the client is making the request too frequently and is more +// than the service can handle. +// +// - AccessDeniedException +// You do not have sufficient access to perform this action. +// +// - ExpiredTokenException +// Indicates that the token issued by the service is expired and is no longer +// valid. +// +// - InternalServerException +// Indicates that an error from the service occurred while trying to process +// a request. +// +// - InvalidRequestRegionException +// Indicates that a token provided as input to the request was issued by and +// is only usable by calling IAM Identity Center endpoints in another region. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/sso-oidc-2019-06-10/CreateTokenWithIAM +func (c *SSOOIDC) CreateTokenWithIAM(input *CreateTokenWithIAMInput) (*CreateTokenWithIAMOutput, error) { + req, out := c.CreateTokenWithIAMRequest(input) + return out, req.Send() +} + +// CreateTokenWithIAMWithContext is the same as CreateTokenWithIAM with the addition of +// the ability to pass a context and additional request options. +// +// See CreateTokenWithIAM for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *SSOOIDC) CreateTokenWithIAMWithContext(ctx aws.Context, input *CreateTokenWithIAMInput, opts ...request.Option) (*CreateTokenWithIAMOutput, error) { + req, out := c.CreateTokenWithIAMRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opRegisterClient = "RegisterClient" + +// RegisterClientRequest generates a "aws/request.Request" representing the +// client's request for the RegisterClient operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See RegisterClient for more information on using the RegisterClient +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the RegisterClientRequest method. +// req, resp := client.RegisterClientRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/sso-oidc-2019-06-10/RegisterClient +func (c *SSOOIDC) RegisterClientRequest(input *RegisterClientInput) (req *request.Request, output *RegisterClientOutput) { + op := &request.Operation{ + Name: opRegisterClient, + HTTPMethod: "POST", + HTTPPath: "/client/register", + } + + if input == nil { + input = &RegisterClientInput{} + } + + output = &RegisterClientOutput{} + req = c.newRequest(op, input, output) + req.Config.Credentials = credentials.AnonymousCredentials + return +} + +// RegisterClient API operation for AWS SSO OIDC. +// +// Registers a client with IAM Identity Center. This allows clients to initiate +// device authorization. The output should be persisted for reuse through many +// authentication requests. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for AWS SSO OIDC's +// API operation RegisterClient for usage and error information. +// +// Returned Error Types: +// +// - InvalidRequestException +// Indicates that something is wrong with the input to the request. For example, +// a required parameter might be missing or out of range. +// +// - InvalidScopeException +// Indicates that the scope provided in the request is invalid. +// +// - InvalidClientMetadataException +// Indicates that the client information sent in the request during registration +// is invalid. +// +// - InternalServerException +// Indicates that an error from the service occurred while trying to process +// a request. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/sso-oidc-2019-06-10/RegisterClient +func (c *SSOOIDC) RegisterClient(input *RegisterClientInput) (*RegisterClientOutput, error) { + req, out := c.RegisterClientRequest(input) + return out, req.Send() +} + +// RegisterClientWithContext is the same as RegisterClient with the addition of +// the ability to pass a context and additional request options. +// +// See RegisterClient for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *SSOOIDC) RegisterClientWithContext(ctx aws.Context, input *RegisterClientInput, opts ...request.Option) (*RegisterClientOutput, error) { + req, out := c.RegisterClientRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +const opStartDeviceAuthorization = "StartDeviceAuthorization" + +// StartDeviceAuthorizationRequest generates a "aws/request.Request" representing the +// client's request for the StartDeviceAuthorization operation. The "output" return +// value will be populated with the request's response once the request completes +// successfully. +// +// Use "Send" method on the returned Request to send the API call to the service. +// the "output" return value is not valid until after Send returns without error. +// +// See StartDeviceAuthorization for more information on using the StartDeviceAuthorization +// API call, and error handling. +// +// This method is useful when you want to inject custom logic or configuration +// into the SDK's request lifecycle. Such as custom headers, or retry logic. +// +// // Example sending a request using the StartDeviceAuthorizationRequest method. +// req, resp := client.StartDeviceAuthorizationRequest(params) +// +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/sso-oidc-2019-06-10/StartDeviceAuthorization +func (c *SSOOIDC) StartDeviceAuthorizationRequest(input *StartDeviceAuthorizationInput) (req *request.Request, output *StartDeviceAuthorizationOutput) { + op := &request.Operation{ + Name: opStartDeviceAuthorization, + HTTPMethod: "POST", + HTTPPath: "/device_authorization", + } + + if input == nil { + input = &StartDeviceAuthorizationInput{} + } + + output = &StartDeviceAuthorizationOutput{} + req = c.newRequest(op, input, output) + req.Config.Credentials = credentials.AnonymousCredentials + return +} + +// StartDeviceAuthorization API operation for AWS SSO OIDC. +// +// Initiates device authorization by requesting a pair of verification codes +// from the authorization service. +// +// Returns awserr.Error for service API and SDK errors. Use runtime type assertions +// with awserr.Error's Code and Message methods to get detailed information about +// the error. +// +// See the AWS API reference guide for AWS SSO OIDC's +// API operation StartDeviceAuthorization for usage and error information. +// +// Returned Error Types: +// +// - InvalidRequestException +// Indicates that something is wrong with the input to the request. For example, +// a required parameter might be missing or out of range. +// +// - InvalidClientException +// Indicates that the clientId or clientSecret in the request is invalid. For +// example, this can occur when a client sends an incorrect clientId or an expired +// clientSecret. +// +// - UnauthorizedClientException +// Indicates that the client is not currently authorized to make the request. +// This can happen when a clientId is not issued for a public client. +// +// - SlowDownException +// Indicates that the client is making the request too frequently and is more +// than the service can handle. +// +// - InternalServerException +// Indicates that an error from the service occurred while trying to process +// a request. +// +// See also, https://docs.aws.amazon.com/goto/WebAPI/sso-oidc-2019-06-10/StartDeviceAuthorization +func (c *SSOOIDC) StartDeviceAuthorization(input *StartDeviceAuthorizationInput) (*StartDeviceAuthorizationOutput, error) { + req, out := c.StartDeviceAuthorizationRequest(input) + return out, req.Send() +} + +// StartDeviceAuthorizationWithContext is the same as StartDeviceAuthorization with the addition of +// the ability to pass a context and additional request options. +// +// See StartDeviceAuthorization for details on how to use this API operation. +// +// The context must be non-nil and will be used for request cancellation. If +// the context is nil a panic will occur. In the future the SDK may create +// sub-contexts for http.Requests. See https://golang.org/pkg/context/ +// for more information on using Contexts. +func (c *SSOOIDC) StartDeviceAuthorizationWithContext(ctx aws.Context, input *StartDeviceAuthorizationInput, opts ...request.Option) (*StartDeviceAuthorizationOutput, error) { + req, out := c.StartDeviceAuthorizationRequest(input) + req.SetContext(ctx) + req.ApplyOptions(opts...) + return out, req.Send() +} + +// You do not have sufficient access to perform this action. +type AccessDeniedException struct { + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` + + // Single error code. For this exception the value will be access_denied. + Error_ *string `locationName:"error" type:"string"` + + // Human-readable text providing additional information, used to assist the + // client developer in understanding the error that occurred. + Error_description *string `locationName:"error_description" type:"string"` + + Message_ *string `locationName:"message" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s AccessDeniedException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s AccessDeniedException) GoString() string { + return s.String() +} + +func newErrorAccessDeniedException(v protocol.ResponseMetadata) error { + return &AccessDeniedException{ + RespMetadata: v, + } +} + +// Code returns the exception type name. +func (s *AccessDeniedException) Code() string { + return "AccessDeniedException" +} + +// Message returns the exception's message. +func (s *AccessDeniedException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s *AccessDeniedException) OrigErr() error { + return nil +} + +func (s *AccessDeniedException) Error() string { + return fmt.Sprintf("%s: %s\n%s", s.Code(), s.Message(), s.String()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s *AccessDeniedException) StatusCode() int { + return s.RespMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s *AccessDeniedException) RequestID() string { + return s.RespMetadata.RequestID +} + +// Indicates that a request to authorize a client with an access user session +// token is pending. +type AuthorizationPendingException struct { + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` + + // Single error code. For this exception the value will be authorization_pending. + Error_ *string `locationName:"error" type:"string"` + + // Human-readable text providing additional information, used to assist the + // client developer in understanding the error that occurred. + Error_description *string `locationName:"error_description" type:"string"` + + Message_ *string `locationName:"message" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s AuthorizationPendingException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s AuthorizationPendingException) GoString() string { + return s.String() +} + +func newErrorAuthorizationPendingException(v protocol.ResponseMetadata) error { + return &AuthorizationPendingException{ + RespMetadata: v, + } +} + +// Code returns the exception type name. +func (s *AuthorizationPendingException) Code() string { + return "AuthorizationPendingException" +} + +// Message returns the exception's message. +func (s *AuthorizationPendingException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s *AuthorizationPendingException) OrigErr() error { + return nil +} + +func (s *AuthorizationPendingException) Error() string { + return fmt.Sprintf("%s: %s\n%s", s.Code(), s.Message(), s.String()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s *AuthorizationPendingException) StatusCode() int { + return s.RespMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s *AuthorizationPendingException) RequestID() string { + return s.RespMetadata.RequestID +} + +type CreateTokenInput struct { + _ struct{} `type:"structure"` + + // The unique identifier string for the client or application. This value comes + // from the result of the RegisterClient API. + // + // ClientId is a required field + ClientId *string `locationName:"clientId" type:"string" required:"true"` + + // A secret string generated for the client. This value should come from the + // persisted result of the RegisterClient API. + // + // ClientSecret is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by CreateTokenInput's + // String and GoString methods. + // + // ClientSecret is a required field + ClientSecret *string `locationName:"clientSecret" type:"string" required:"true" sensitive:"true"` + + // Used only when calling this API for the Authorization Code grant type. The + // short-term code is used to identify this authorization request. This grant + // type is currently unsupported for the CreateToken API. + Code *string `locationName:"code" type:"string"` + + // Used only when calling this API for the Device Code grant type. This short-term + // code is used to identify this authorization request. This comes from the + // result of the StartDeviceAuthorization API. + DeviceCode *string `locationName:"deviceCode" type:"string"` + + // Supports the following OAuth grant types: Device Code and Refresh Token. + // Specify either of the following values, depending on the grant type that + // you want: + // + // * Device Code - urn:ietf:params:oauth:grant-type:device_code + // + // * Refresh Token - refresh_token + // + // For information about how to obtain the device code, see the StartDeviceAuthorization + // topic. + // + // GrantType is a required field + GrantType *string `locationName:"grantType" type:"string" required:"true"` + + // Used only when calling this API for the Authorization Code grant type. This + // value specifies the location of the client or application that has registered + // to receive the authorization code. + RedirectUri *string `locationName:"redirectUri" type:"string"` + + // Used only when calling this API for the Refresh Token grant type. This token + // is used to refresh short-term tokens, such as the access token, that might + // expire. + // + // For more information about the features and limitations of the current IAM + // Identity Center OIDC implementation, see Considerations for Using this Guide + // in the IAM Identity Center OIDC API Reference (https://docs.aws.amazon.com/singlesignon/latest/OIDCAPIReference/Welcome.html). + // + // RefreshToken is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by CreateTokenInput's + // String and GoString methods. + RefreshToken *string `locationName:"refreshToken" type:"string" sensitive:"true"` + + // The list of scopes for which authorization is requested. The access token + // that is issued is limited to the scopes that are granted. If this value is + // not specified, IAM Identity Center authorizes all scopes that are configured + // for the client during the call to RegisterClient. + Scope []*string `locationName:"scope" type:"list"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CreateTokenInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CreateTokenInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *CreateTokenInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "CreateTokenInput"} + if s.ClientId == nil { + invalidParams.Add(request.NewErrParamRequired("ClientId")) + } + if s.ClientSecret == nil { + invalidParams.Add(request.NewErrParamRequired("ClientSecret")) + } + if s.GrantType == nil { + invalidParams.Add(request.NewErrParamRequired("GrantType")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetClientId sets the ClientId field's value. +func (s *CreateTokenInput) SetClientId(v string) *CreateTokenInput { + s.ClientId = &v + return s +} + +// SetClientSecret sets the ClientSecret field's value. +func (s *CreateTokenInput) SetClientSecret(v string) *CreateTokenInput { + s.ClientSecret = &v + return s +} + +// SetCode sets the Code field's value. +func (s *CreateTokenInput) SetCode(v string) *CreateTokenInput { + s.Code = &v + return s +} + +// SetDeviceCode sets the DeviceCode field's value. +func (s *CreateTokenInput) SetDeviceCode(v string) *CreateTokenInput { + s.DeviceCode = &v + return s +} + +// SetGrantType sets the GrantType field's value. +func (s *CreateTokenInput) SetGrantType(v string) *CreateTokenInput { + s.GrantType = &v + return s +} + +// SetRedirectUri sets the RedirectUri field's value. +func (s *CreateTokenInput) SetRedirectUri(v string) *CreateTokenInput { + s.RedirectUri = &v + return s +} + +// SetRefreshToken sets the RefreshToken field's value. +func (s *CreateTokenInput) SetRefreshToken(v string) *CreateTokenInput { + s.RefreshToken = &v + return s +} + +// SetScope sets the Scope field's value. +func (s *CreateTokenInput) SetScope(v []*string) *CreateTokenInput { + s.Scope = v + return s +} + +type CreateTokenOutput struct { + _ struct{} `type:"structure"` + + // A bearer token to access AWS accounts and applications assigned to a user. + // + // AccessToken is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by CreateTokenOutput's + // String and GoString methods. + AccessToken *string `locationName:"accessToken" type:"string" sensitive:"true"` + + // Indicates the time in seconds when an access token will expire. + ExpiresIn *int64 `locationName:"expiresIn" type:"integer"` + + // The idToken is not implemented or supported. For more information about the + // features and limitations of the current IAM Identity Center OIDC implementation, + // see Considerations for Using this Guide in the IAM Identity Center OIDC API + // Reference (https://docs.aws.amazon.com/singlesignon/latest/OIDCAPIReference/Welcome.html). + // + // A JSON Web Token (JWT) that identifies who is associated with the issued + // access token. + // + // IdToken is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by CreateTokenOutput's + // String and GoString methods. + IdToken *string `locationName:"idToken" type:"string" sensitive:"true"` + + // A token that, if present, can be used to refresh a previously issued access + // token that might have expired. + // + // For more information about the features and limitations of the current IAM + // Identity Center OIDC implementation, see Considerations for Using this Guide + // in the IAM Identity Center OIDC API Reference (https://docs.aws.amazon.com/singlesignon/latest/OIDCAPIReference/Welcome.html). + // + // RefreshToken is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by CreateTokenOutput's + // String and GoString methods. + RefreshToken *string `locationName:"refreshToken" type:"string" sensitive:"true"` + + // Used to notify the client that the returned token is an access token. The + // supported token type is Bearer. + TokenType *string `locationName:"tokenType" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CreateTokenOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CreateTokenOutput) GoString() string { + return s.String() +} + +// SetAccessToken sets the AccessToken field's value. +func (s *CreateTokenOutput) SetAccessToken(v string) *CreateTokenOutput { + s.AccessToken = &v + return s +} + +// SetExpiresIn sets the ExpiresIn field's value. +func (s *CreateTokenOutput) SetExpiresIn(v int64) *CreateTokenOutput { + s.ExpiresIn = &v + return s +} + +// SetIdToken sets the IdToken field's value. +func (s *CreateTokenOutput) SetIdToken(v string) *CreateTokenOutput { + s.IdToken = &v + return s +} + +// SetRefreshToken sets the RefreshToken field's value. +func (s *CreateTokenOutput) SetRefreshToken(v string) *CreateTokenOutput { + s.RefreshToken = &v + return s +} + +// SetTokenType sets the TokenType field's value. +func (s *CreateTokenOutput) SetTokenType(v string) *CreateTokenOutput { + s.TokenType = &v + return s +} + +type CreateTokenWithIAMInput struct { + _ struct{} `type:"structure"` + + // Used only when calling this API for the JWT Bearer grant type. This value + // specifies the JSON Web Token (JWT) issued by a trusted token issuer. To authorize + // a trusted token issuer, configure the JWT Bearer GrantOptions for the application. + // + // Assertion is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by CreateTokenWithIAMInput's + // String and GoString methods. + Assertion *string `locationName:"assertion" type:"string" sensitive:"true"` + + // The unique identifier string for the client or application. This value is + // an application ARN that has OAuth grants configured. + // + // ClientId is a required field + ClientId *string `locationName:"clientId" type:"string" required:"true"` + + // Used only when calling this API for the Authorization Code grant type. This + // short-term code is used to identify this authorization request. The code + // is obtained through a redirect from IAM Identity Center to a redirect URI + // persisted in the Authorization Code GrantOptions for the application. + Code *string `locationName:"code" type:"string"` + + // Supports the following OAuth grant types: Authorization Code, Refresh Token, + // JWT Bearer, and Token Exchange. Specify one of the following values, depending + // on the grant type that you want: + // + // * Authorization Code - authorization_code + // + // * Refresh Token - refresh_token + // + // * JWT Bearer - urn:ietf:params:oauth:grant-type:jwt-bearer + // + // * Token Exchange - urn:ietf:params:oauth:grant-type:token-exchange + // + // GrantType is a required field + GrantType *string `locationName:"grantType" type:"string" required:"true"` + + // Used only when calling this API for the Authorization Code grant type. This + // value specifies the location of the client or application that has registered + // to receive the authorization code. + RedirectUri *string `locationName:"redirectUri" type:"string"` + + // Used only when calling this API for the Refresh Token grant type. This token + // is used to refresh short-term tokens, such as the access token, that might + // expire. + // + // For more information about the features and limitations of the current IAM + // Identity Center OIDC implementation, see Considerations for Using this Guide + // in the IAM Identity Center OIDC API Reference (https://docs.aws.amazon.com/singlesignon/latest/OIDCAPIReference/Welcome.html). + // + // RefreshToken is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by CreateTokenWithIAMInput's + // String and GoString methods. + RefreshToken *string `locationName:"refreshToken" type:"string" sensitive:"true"` + + // Used only when calling this API for the Token Exchange grant type. This value + // specifies the type of token that the requester can receive. The following + // values are supported: + // + // * Access Token - urn:ietf:params:oauth:token-type:access_token + // + // * Refresh Token - urn:ietf:params:oauth:token-type:refresh_token + RequestedTokenType *string `locationName:"requestedTokenType" type:"string"` + + // The list of scopes for which authorization is requested. The access token + // that is issued is limited to the scopes that are granted. If the value is + // not specified, IAM Identity Center authorizes all scopes configured for the + // application, including the following default scopes: openid, aws, sts:identity_context. + Scope []*string `locationName:"scope" type:"list"` + + // Used only when calling this API for the Token Exchange grant type. This value + // specifies the subject of the exchange. The value of the subject token must + // be an access token issued by IAM Identity Center to a different client or + // application. The access token must have authorized scopes that indicate the + // requested application as a target audience. + // + // SubjectToken is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by CreateTokenWithIAMInput's + // String and GoString methods. + SubjectToken *string `locationName:"subjectToken" type:"string" sensitive:"true"` + + // Used only when calling this API for the Token Exchange grant type. This value + // specifies the type of token that is passed as the subject of the exchange. + // The following value is supported: + // + // * Access Token - urn:ietf:params:oauth:token-type:access_token + SubjectTokenType *string `locationName:"subjectTokenType" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CreateTokenWithIAMInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CreateTokenWithIAMInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *CreateTokenWithIAMInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "CreateTokenWithIAMInput"} + if s.ClientId == nil { + invalidParams.Add(request.NewErrParamRequired("ClientId")) + } + if s.GrantType == nil { + invalidParams.Add(request.NewErrParamRequired("GrantType")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetAssertion sets the Assertion field's value. +func (s *CreateTokenWithIAMInput) SetAssertion(v string) *CreateTokenWithIAMInput { + s.Assertion = &v + return s +} + +// SetClientId sets the ClientId field's value. +func (s *CreateTokenWithIAMInput) SetClientId(v string) *CreateTokenWithIAMInput { + s.ClientId = &v + return s +} + +// SetCode sets the Code field's value. +func (s *CreateTokenWithIAMInput) SetCode(v string) *CreateTokenWithIAMInput { + s.Code = &v + return s +} + +// SetGrantType sets the GrantType field's value. +func (s *CreateTokenWithIAMInput) SetGrantType(v string) *CreateTokenWithIAMInput { + s.GrantType = &v + return s +} + +// SetRedirectUri sets the RedirectUri field's value. +func (s *CreateTokenWithIAMInput) SetRedirectUri(v string) *CreateTokenWithIAMInput { + s.RedirectUri = &v + return s +} + +// SetRefreshToken sets the RefreshToken field's value. +func (s *CreateTokenWithIAMInput) SetRefreshToken(v string) *CreateTokenWithIAMInput { + s.RefreshToken = &v + return s +} + +// SetRequestedTokenType sets the RequestedTokenType field's value. +func (s *CreateTokenWithIAMInput) SetRequestedTokenType(v string) *CreateTokenWithIAMInput { + s.RequestedTokenType = &v + return s +} + +// SetScope sets the Scope field's value. +func (s *CreateTokenWithIAMInput) SetScope(v []*string) *CreateTokenWithIAMInput { + s.Scope = v + return s +} + +// SetSubjectToken sets the SubjectToken field's value. +func (s *CreateTokenWithIAMInput) SetSubjectToken(v string) *CreateTokenWithIAMInput { + s.SubjectToken = &v + return s +} + +// SetSubjectTokenType sets the SubjectTokenType field's value. +func (s *CreateTokenWithIAMInput) SetSubjectTokenType(v string) *CreateTokenWithIAMInput { + s.SubjectTokenType = &v + return s +} + +type CreateTokenWithIAMOutput struct { + _ struct{} `type:"structure"` + + // A bearer token to access AWS accounts and applications assigned to a user. + // + // AccessToken is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by CreateTokenWithIAMOutput's + // String and GoString methods. + AccessToken *string `locationName:"accessToken" type:"string" sensitive:"true"` + + // Indicates the time in seconds when an access token will expire. + ExpiresIn *int64 `locationName:"expiresIn" type:"integer"` + + // A JSON Web Token (JWT) that identifies the user associated with the issued + // access token. + // + // IdToken is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by CreateTokenWithIAMOutput's + // String and GoString methods. + IdToken *string `locationName:"idToken" type:"string" sensitive:"true"` + + // Indicates the type of tokens that are issued by IAM Identity Center. The + // following values are supported: + // + // * Access Token - urn:ietf:params:oauth:token-type:access_token + // + // * Refresh Token - urn:ietf:params:oauth:token-type:refresh_token + IssuedTokenType *string `locationName:"issuedTokenType" type:"string"` + + // A token that, if present, can be used to refresh a previously issued access + // token that might have expired. + // + // For more information about the features and limitations of the current IAM + // Identity Center OIDC implementation, see Considerations for Using this Guide + // in the IAM Identity Center OIDC API Reference (https://docs.aws.amazon.com/singlesignon/latest/OIDCAPIReference/Welcome.html). + // + // RefreshToken is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by CreateTokenWithIAMOutput's + // String and GoString methods. + RefreshToken *string `locationName:"refreshToken" type:"string" sensitive:"true"` + + // The list of scopes for which authorization is granted. The access token that + // is issued is limited to the scopes that are granted. + Scope []*string `locationName:"scope" type:"list"` + + // Used to notify the requester that the returned token is an access token. + // The supported token type is Bearer. + TokenType *string `locationName:"tokenType" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CreateTokenWithIAMOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s CreateTokenWithIAMOutput) GoString() string { + return s.String() +} + +// SetAccessToken sets the AccessToken field's value. +func (s *CreateTokenWithIAMOutput) SetAccessToken(v string) *CreateTokenWithIAMOutput { + s.AccessToken = &v + return s +} + +// SetExpiresIn sets the ExpiresIn field's value. +func (s *CreateTokenWithIAMOutput) SetExpiresIn(v int64) *CreateTokenWithIAMOutput { + s.ExpiresIn = &v + return s +} + +// SetIdToken sets the IdToken field's value. +func (s *CreateTokenWithIAMOutput) SetIdToken(v string) *CreateTokenWithIAMOutput { + s.IdToken = &v + return s +} + +// SetIssuedTokenType sets the IssuedTokenType field's value. +func (s *CreateTokenWithIAMOutput) SetIssuedTokenType(v string) *CreateTokenWithIAMOutput { + s.IssuedTokenType = &v + return s +} + +// SetRefreshToken sets the RefreshToken field's value. +func (s *CreateTokenWithIAMOutput) SetRefreshToken(v string) *CreateTokenWithIAMOutput { + s.RefreshToken = &v + return s +} + +// SetScope sets the Scope field's value. +func (s *CreateTokenWithIAMOutput) SetScope(v []*string) *CreateTokenWithIAMOutput { + s.Scope = v + return s +} + +// SetTokenType sets the TokenType field's value. +func (s *CreateTokenWithIAMOutput) SetTokenType(v string) *CreateTokenWithIAMOutput { + s.TokenType = &v + return s +} + +// Indicates that the token issued by the service is expired and is no longer +// valid. +type ExpiredTokenException struct { + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` + + // Single error code. For this exception the value will be expired_token. + Error_ *string `locationName:"error" type:"string"` + + // Human-readable text providing additional information, used to assist the + // client developer in understanding the error that occurred. + Error_description *string `locationName:"error_description" type:"string"` + + Message_ *string `locationName:"message" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ExpiredTokenException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ExpiredTokenException) GoString() string { + return s.String() +} + +func newErrorExpiredTokenException(v protocol.ResponseMetadata) error { + return &ExpiredTokenException{ + RespMetadata: v, + } +} + +// Code returns the exception type name. +func (s *ExpiredTokenException) Code() string { + return "ExpiredTokenException" +} + +// Message returns the exception's message. +func (s *ExpiredTokenException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s *ExpiredTokenException) OrigErr() error { + return nil +} + +func (s *ExpiredTokenException) Error() string { + return fmt.Sprintf("%s: %s\n%s", s.Code(), s.Message(), s.String()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s *ExpiredTokenException) StatusCode() int { + return s.RespMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s *ExpiredTokenException) RequestID() string { + return s.RespMetadata.RequestID +} + +// Indicates that an error from the service occurred while trying to process +// a request. +type InternalServerException struct { + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` + + // Single error code. For this exception the value will be server_error. + Error_ *string `locationName:"error" type:"string"` + + // Human-readable text providing additional information, used to assist the + // client developer in understanding the error that occurred. + Error_description *string `locationName:"error_description" type:"string"` + + Message_ *string `locationName:"message" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s InternalServerException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s InternalServerException) GoString() string { + return s.String() +} + +func newErrorInternalServerException(v protocol.ResponseMetadata) error { + return &InternalServerException{ + RespMetadata: v, + } +} + +// Code returns the exception type name. +func (s *InternalServerException) Code() string { + return "InternalServerException" +} + +// Message returns the exception's message. +func (s *InternalServerException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s *InternalServerException) OrigErr() error { + return nil +} + +func (s *InternalServerException) Error() string { + return fmt.Sprintf("%s: %s\n%s", s.Code(), s.Message(), s.String()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s *InternalServerException) StatusCode() int { + return s.RespMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s *InternalServerException) RequestID() string { + return s.RespMetadata.RequestID +} + +// Indicates that the clientId or clientSecret in the request is invalid. For +// example, this can occur when a client sends an incorrect clientId or an expired +// clientSecret. +type InvalidClientException struct { + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` + + // Single error code. For this exception the value will be invalid_client. + Error_ *string `locationName:"error" type:"string"` + + // Human-readable text providing additional information, used to assist the + // client developer in understanding the error that occurred. + Error_description *string `locationName:"error_description" type:"string"` + + Message_ *string `locationName:"message" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s InvalidClientException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s InvalidClientException) GoString() string { + return s.String() +} + +func newErrorInvalidClientException(v protocol.ResponseMetadata) error { + return &InvalidClientException{ + RespMetadata: v, + } +} + +// Code returns the exception type name. +func (s *InvalidClientException) Code() string { + return "InvalidClientException" +} + +// Message returns the exception's message. +func (s *InvalidClientException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s *InvalidClientException) OrigErr() error { + return nil +} + +func (s *InvalidClientException) Error() string { + return fmt.Sprintf("%s: %s\n%s", s.Code(), s.Message(), s.String()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s *InvalidClientException) StatusCode() int { + return s.RespMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s *InvalidClientException) RequestID() string { + return s.RespMetadata.RequestID +} + +// Indicates that the client information sent in the request during registration +// is invalid. +type InvalidClientMetadataException struct { + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` + + // Single error code. For this exception the value will be invalid_client_metadata. + Error_ *string `locationName:"error" type:"string"` + + // Human-readable text providing additional information, used to assist the + // client developer in understanding the error that occurred. + Error_description *string `locationName:"error_description" type:"string"` + + Message_ *string `locationName:"message" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s InvalidClientMetadataException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s InvalidClientMetadataException) GoString() string { + return s.String() +} + +func newErrorInvalidClientMetadataException(v protocol.ResponseMetadata) error { + return &InvalidClientMetadataException{ + RespMetadata: v, + } +} + +// Code returns the exception type name. +func (s *InvalidClientMetadataException) Code() string { + return "InvalidClientMetadataException" +} + +// Message returns the exception's message. +func (s *InvalidClientMetadataException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s *InvalidClientMetadataException) OrigErr() error { + return nil +} + +func (s *InvalidClientMetadataException) Error() string { + return fmt.Sprintf("%s: %s\n%s", s.Code(), s.Message(), s.String()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s *InvalidClientMetadataException) StatusCode() int { + return s.RespMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s *InvalidClientMetadataException) RequestID() string { + return s.RespMetadata.RequestID +} + +// Indicates that a request contains an invalid grant. This can occur if a client +// makes a CreateToken request with an invalid grant type. +type InvalidGrantException struct { + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` + + // Single error code. For this exception the value will be invalid_grant. + Error_ *string `locationName:"error" type:"string"` + + // Human-readable text providing additional information, used to assist the + // client developer in understanding the error that occurred. + Error_description *string `locationName:"error_description" type:"string"` + + Message_ *string `locationName:"message" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s InvalidGrantException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s InvalidGrantException) GoString() string { + return s.String() +} + +func newErrorInvalidGrantException(v protocol.ResponseMetadata) error { + return &InvalidGrantException{ + RespMetadata: v, + } +} + +// Code returns the exception type name. +func (s *InvalidGrantException) Code() string { + return "InvalidGrantException" +} + +// Message returns the exception's message. +func (s *InvalidGrantException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s *InvalidGrantException) OrigErr() error { + return nil +} + +func (s *InvalidGrantException) Error() string { + return fmt.Sprintf("%s: %s\n%s", s.Code(), s.Message(), s.String()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s *InvalidGrantException) StatusCode() int { + return s.RespMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s *InvalidGrantException) RequestID() string { + return s.RespMetadata.RequestID +} + +// Indicates that something is wrong with the input to the request. For example, +// a required parameter might be missing or out of range. +type InvalidRequestException struct { + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` + + // Single error code. For this exception the value will be invalid_request. + Error_ *string `locationName:"error" type:"string"` + + // Human-readable text providing additional information, used to assist the + // client developer in understanding the error that occurred. + Error_description *string `locationName:"error_description" type:"string"` + + Message_ *string `locationName:"message" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s InvalidRequestException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s InvalidRequestException) GoString() string { + return s.String() +} + +func newErrorInvalidRequestException(v protocol.ResponseMetadata) error { + return &InvalidRequestException{ + RespMetadata: v, + } +} + +// Code returns the exception type name. +func (s *InvalidRequestException) Code() string { + return "InvalidRequestException" +} + +// Message returns the exception's message. +func (s *InvalidRequestException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s *InvalidRequestException) OrigErr() error { + return nil +} + +func (s *InvalidRequestException) Error() string { + return fmt.Sprintf("%s: %s\n%s", s.Code(), s.Message(), s.String()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s *InvalidRequestException) StatusCode() int { + return s.RespMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s *InvalidRequestException) RequestID() string { + return s.RespMetadata.RequestID +} + +// Indicates that a token provided as input to the request was issued by and +// is only usable by calling IAM Identity Center endpoints in another region. +type InvalidRequestRegionException struct { + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` + + // Indicates the IAM Identity Center endpoint which the requester may call with + // this token. + Endpoint *string `locationName:"endpoint" type:"string"` + + // Single error code. For this exception the value will be invalid_request. + Error_ *string `locationName:"error" type:"string"` + + // Human-readable text providing additional information, used to assist the + // client developer in understanding the error that occurred. + Error_description *string `locationName:"error_description" type:"string"` + + Message_ *string `locationName:"message" type:"string"` + + // Indicates the region which the requester may call with this token. + Region *string `locationName:"region" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s InvalidRequestRegionException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s InvalidRequestRegionException) GoString() string { + return s.String() +} + +func newErrorInvalidRequestRegionException(v protocol.ResponseMetadata) error { + return &InvalidRequestRegionException{ + RespMetadata: v, + } +} + +// Code returns the exception type name. +func (s *InvalidRequestRegionException) Code() string { + return "InvalidRequestRegionException" +} + +// Message returns the exception's message. +func (s *InvalidRequestRegionException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s *InvalidRequestRegionException) OrigErr() error { + return nil +} + +func (s *InvalidRequestRegionException) Error() string { + return fmt.Sprintf("%s: %s\n%s", s.Code(), s.Message(), s.String()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s *InvalidRequestRegionException) StatusCode() int { + return s.RespMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s *InvalidRequestRegionException) RequestID() string { + return s.RespMetadata.RequestID +} + +// Indicates that the scope provided in the request is invalid. +type InvalidScopeException struct { + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` + + // Single error code. For this exception the value will be invalid_scope. + Error_ *string `locationName:"error" type:"string"` + + // Human-readable text providing additional information, used to assist the + // client developer in understanding the error that occurred. + Error_description *string `locationName:"error_description" type:"string"` + + Message_ *string `locationName:"message" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s InvalidScopeException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s InvalidScopeException) GoString() string { + return s.String() +} + +func newErrorInvalidScopeException(v protocol.ResponseMetadata) error { + return &InvalidScopeException{ + RespMetadata: v, + } +} + +// Code returns the exception type name. +func (s *InvalidScopeException) Code() string { + return "InvalidScopeException" +} + +// Message returns the exception's message. +func (s *InvalidScopeException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s *InvalidScopeException) OrigErr() error { + return nil +} + +func (s *InvalidScopeException) Error() string { + return fmt.Sprintf("%s: %s\n%s", s.Code(), s.Message(), s.String()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s *InvalidScopeException) StatusCode() int { + return s.RespMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s *InvalidScopeException) RequestID() string { + return s.RespMetadata.RequestID +} + +type RegisterClientInput struct { + _ struct{} `type:"structure"` + + // The friendly name of the client. + // + // ClientName is a required field + ClientName *string `locationName:"clientName" type:"string" required:"true"` + + // The type of client. The service supports only public as a client type. Anything + // other than public will be rejected by the service. + // + // ClientType is a required field + ClientType *string `locationName:"clientType" type:"string" required:"true"` + + // The list of scopes that are defined by the client. Upon authorization, this + // list is used to restrict permissions when granting an access token. + Scopes []*string `locationName:"scopes" type:"list"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s RegisterClientInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s RegisterClientInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *RegisterClientInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "RegisterClientInput"} + if s.ClientName == nil { + invalidParams.Add(request.NewErrParamRequired("ClientName")) + } + if s.ClientType == nil { + invalidParams.Add(request.NewErrParamRequired("ClientType")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetClientName sets the ClientName field's value. +func (s *RegisterClientInput) SetClientName(v string) *RegisterClientInput { + s.ClientName = &v + return s +} + +// SetClientType sets the ClientType field's value. +func (s *RegisterClientInput) SetClientType(v string) *RegisterClientInput { + s.ClientType = &v + return s +} + +// SetScopes sets the Scopes field's value. +func (s *RegisterClientInput) SetScopes(v []*string) *RegisterClientInput { + s.Scopes = v + return s +} + +type RegisterClientOutput struct { + _ struct{} `type:"structure"` + + // An endpoint that the client can use to request authorization. + AuthorizationEndpoint *string `locationName:"authorizationEndpoint" type:"string"` + + // The unique identifier string for each client. This client uses this identifier + // to get authenticated by the service in subsequent calls. + ClientId *string `locationName:"clientId" type:"string"` + + // Indicates the time at which the clientId and clientSecret were issued. + ClientIdIssuedAt *int64 `locationName:"clientIdIssuedAt" type:"long"` + + // A secret string generated for the client. The client will use this string + // to get authenticated by the service in subsequent calls. + // + // ClientSecret is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by RegisterClientOutput's + // String and GoString methods. + ClientSecret *string `locationName:"clientSecret" type:"string" sensitive:"true"` + + // Indicates the time at which the clientId and clientSecret will become invalid. + ClientSecretExpiresAt *int64 `locationName:"clientSecretExpiresAt" type:"long"` + + // An endpoint that the client can use to create tokens. + TokenEndpoint *string `locationName:"tokenEndpoint" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s RegisterClientOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s RegisterClientOutput) GoString() string { + return s.String() +} + +// SetAuthorizationEndpoint sets the AuthorizationEndpoint field's value. +func (s *RegisterClientOutput) SetAuthorizationEndpoint(v string) *RegisterClientOutput { + s.AuthorizationEndpoint = &v + return s +} + +// SetClientId sets the ClientId field's value. +func (s *RegisterClientOutput) SetClientId(v string) *RegisterClientOutput { + s.ClientId = &v + return s +} + +// SetClientIdIssuedAt sets the ClientIdIssuedAt field's value. +func (s *RegisterClientOutput) SetClientIdIssuedAt(v int64) *RegisterClientOutput { + s.ClientIdIssuedAt = &v + return s +} + +// SetClientSecret sets the ClientSecret field's value. +func (s *RegisterClientOutput) SetClientSecret(v string) *RegisterClientOutput { + s.ClientSecret = &v + return s +} + +// SetClientSecretExpiresAt sets the ClientSecretExpiresAt field's value. +func (s *RegisterClientOutput) SetClientSecretExpiresAt(v int64) *RegisterClientOutput { + s.ClientSecretExpiresAt = &v + return s +} + +// SetTokenEndpoint sets the TokenEndpoint field's value. +func (s *RegisterClientOutput) SetTokenEndpoint(v string) *RegisterClientOutput { + s.TokenEndpoint = &v + return s +} + +// Indicates that the client is making the request too frequently and is more +// than the service can handle. +type SlowDownException struct { + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` + + // Single error code. For this exception the value will be slow_down. + Error_ *string `locationName:"error" type:"string"` + + // Human-readable text providing additional information, used to assist the + // client developer in understanding the error that occurred. + Error_description *string `locationName:"error_description" type:"string"` + + Message_ *string `locationName:"message" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s SlowDownException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s SlowDownException) GoString() string { + return s.String() +} + +func newErrorSlowDownException(v protocol.ResponseMetadata) error { + return &SlowDownException{ + RespMetadata: v, + } +} + +// Code returns the exception type name. +func (s *SlowDownException) Code() string { + return "SlowDownException" +} + +// Message returns the exception's message. +func (s *SlowDownException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s *SlowDownException) OrigErr() error { + return nil +} + +func (s *SlowDownException) Error() string { + return fmt.Sprintf("%s: %s\n%s", s.Code(), s.Message(), s.String()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s *SlowDownException) StatusCode() int { + return s.RespMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s *SlowDownException) RequestID() string { + return s.RespMetadata.RequestID +} + +type StartDeviceAuthorizationInput struct { + _ struct{} `type:"structure"` + + // The unique identifier string for the client that is registered with IAM Identity + // Center. This value should come from the persisted result of the RegisterClient + // API operation. + // + // ClientId is a required field + ClientId *string `locationName:"clientId" type:"string" required:"true"` + + // A secret string that is generated for the client. This value should come + // from the persisted result of the RegisterClient API operation. + // + // ClientSecret is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by StartDeviceAuthorizationInput's + // String and GoString methods. + // + // ClientSecret is a required field + ClientSecret *string `locationName:"clientSecret" type:"string" required:"true" sensitive:"true"` + + // The URL for the Amazon Web Services access portal. For more information, + // see Using the Amazon Web Services access portal (https://docs.aws.amazon.com/singlesignon/latest/userguide/using-the-portal.html) + // in the IAM Identity Center User Guide. + // + // StartUrl is a required field + StartUrl *string `locationName:"startUrl" type:"string" required:"true"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s StartDeviceAuthorizationInput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s StartDeviceAuthorizationInput) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *StartDeviceAuthorizationInput) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "StartDeviceAuthorizationInput"} + if s.ClientId == nil { + invalidParams.Add(request.NewErrParamRequired("ClientId")) + } + if s.ClientSecret == nil { + invalidParams.Add(request.NewErrParamRequired("ClientSecret")) + } + if s.StartUrl == nil { + invalidParams.Add(request.NewErrParamRequired("StartUrl")) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetClientId sets the ClientId field's value. +func (s *StartDeviceAuthorizationInput) SetClientId(v string) *StartDeviceAuthorizationInput { + s.ClientId = &v + return s +} + +// SetClientSecret sets the ClientSecret field's value. +func (s *StartDeviceAuthorizationInput) SetClientSecret(v string) *StartDeviceAuthorizationInput { + s.ClientSecret = &v + return s +} + +// SetStartUrl sets the StartUrl field's value. +func (s *StartDeviceAuthorizationInput) SetStartUrl(v string) *StartDeviceAuthorizationInput { + s.StartUrl = &v + return s +} + +type StartDeviceAuthorizationOutput struct { + _ struct{} `type:"structure"` + + // The short-lived code that is used by the device when polling for a session + // token. + DeviceCode *string `locationName:"deviceCode" type:"string"` + + // Indicates the number of seconds in which the verification code will become + // invalid. + ExpiresIn *int64 `locationName:"expiresIn" type:"integer"` + + // Indicates the number of seconds the client must wait between attempts when + // polling for a session. + Interval *int64 `locationName:"interval" type:"integer"` + + // A one-time user verification code. This is needed to authorize an in-use + // device. + UserCode *string `locationName:"userCode" type:"string"` + + // The URI of the verification page that takes the userCode to authorize the + // device. + VerificationUri *string `locationName:"verificationUri" type:"string"` + + // An alternate URL that the client can use to automatically launch a browser. + // This process skips the manual step in which the user visits the verification + // page and enters their code. + VerificationUriComplete *string `locationName:"verificationUriComplete" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s StartDeviceAuthorizationOutput) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s StartDeviceAuthorizationOutput) GoString() string { + return s.String() +} + +// SetDeviceCode sets the DeviceCode field's value. +func (s *StartDeviceAuthorizationOutput) SetDeviceCode(v string) *StartDeviceAuthorizationOutput { + s.DeviceCode = &v + return s +} + +// SetExpiresIn sets the ExpiresIn field's value. +func (s *StartDeviceAuthorizationOutput) SetExpiresIn(v int64) *StartDeviceAuthorizationOutput { + s.ExpiresIn = &v + return s +} + +// SetInterval sets the Interval field's value. +func (s *StartDeviceAuthorizationOutput) SetInterval(v int64) *StartDeviceAuthorizationOutput { + s.Interval = &v + return s +} + +// SetUserCode sets the UserCode field's value. +func (s *StartDeviceAuthorizationOutput) SetUserCode(v string) *StartDeviceAuthorizationOutput { + s.UserCode = &v + return s +} + +// SetVerificationUri sets the VerificationUri field's value. +func (s *StartDeviceAuthorizationOutput) SetVerificationUri(v string) *StartDeviceAuthorizationOutput { + s.VerificationUri = &v + return s +} + +// SetVerificationUriComplete sets the VerificationUriComplete field's value. +func (s *StartDeviceAuthorizationOutput) SetVerificationUriComplete(v string) *StartDeviceAuthorizationOutput { + s.VerificationUriComplete = &v + return s +} + +// Indicates that the client is not currently authorized to make the request. +// This can happen when a clientId is not issued for a public client. +type UnauthorizedClientException struct { + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` + + // Single error code. For this exception the value will be unauthorized_client. + Error_ *string `locationName:"error" type:"string"` + + // Human-readable text providing additional information, used to assist the + // client developer in understanding the error that occurred. + Error_description *string `locationName:"error_description" type:"string"` + + Message_ *string `locationName:"message" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s UnauthorizedClientException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s UnauthorizedClientException) GoString() string { + return s.String() +} + +func newErrorUnauthorizedClientException(v protocol.ResponseMetadata) error { + return &UnauthorizedClientException{ + RespMetadata: v, + } +} + +// Code returns the exception type name. +func (s *UnauthorizedClientException) Code() string { + return "UnauthorizedClientException" +} + +// Message returns the exception's message. +func (s *UnauthorizedClientException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s *UnauthorizedClientException) OrigErr() error { + return nil +} + +func (s *UnauthorizedClientException) Error() string { + return fmt.Sprintf("%s: %s\n%s", s.Code(), s.Message(), s.String()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s *UnauthorizedClientException) StatusCode() int { + return s.RespMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s *UnauthorizedClientException) RequestID() string { + return s.RespMetadata.RequestID +} + +// Indicates that the grant type in the request is not supported by the service. +type UnsupportedGrantTypeException struct { + _ struct{} `type:"structure"` + RespMetadata protocol.ResponseMetadata `json:"-" xml:"-"` + + // Single error code. For this exception the value will be unsupported_grant_type. + Error_ *string `locationName:"error" type:"string"` + + // Human-readable text providing additional information, used to assist the + // client developer in understanding the error that occurred. + Error_description *string `locationName:"error_description" type:"string"` + + Message_ *string `locationName:"message" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s UnsupportedGrantTypeException) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s UnsupportedGrantTypeException) GoString() string { + return s.String() +} + +func newErrorUnsupportedGrantTypeException(v protocol.ResponseMetadata) error { + return &UnsupportedGrantTypeException{ + RespMetadata: v, + } +} + +// Code returns the exception type name. +func (s *UnsupportedGrantTypeException) Code() string { + return "UnsupportedGrantTypeException" +} + +// Message returns the exception's message. +func (s *UnsupportedGrantTypeException) Message() string { + if s.Message_ != nil { + return *s.Message_ + } + return "" +} + +// OrigErr always returns nil, satisfies awserr.Error interface. +func (s *UnsupportedGrantTypeException) OrigErr() error { + return nil +} + +func (s *UnsupportedGrantTypeException) Error() string { + return fmt.Sprintf("%s: %s\n%s", s.Code(), s.Message(), s.String()) +} + +// Status code returns the HTTP status code for the request's response error. +func (s *UnsupportedGrantTypeException) StatusCode() int { + return s.RespMetadata.StatusCode +} + +// RequestID returns the service's response RequestID for request. +func (s *UnsupportedGrantTypeException) RequestID() string { + return s.RespMetadata.RequestID +} diff --git a/ecs-init/vendor/github.com/aws/aws-sdk-go/service/ssooidc/doc.go b/ecs-init/vendor/github.com/aws/aws-sdk-go/service/ssooidc/doc.go new file mode 100644 index 00000000000..083568c616f --- /dev/null +++ b/ecs-init/vendor/github.com/aws/aws-sdk-go/service/ssooidc/doc.go @@ -0,0 +1,67 @@ +// Code generated by private/model/cli/gen-api/main.go. DO NOT EDIT. + +// Package ssooidc provides the client and types for making API +// requests to AWS SSO OIDC. +// +// IAM Identity Center OpenID Connect (OIDC) is a web service that enables a +// client (such as CLI or a native application) to register with IAM Identity +// Center. The service also enables the client to fetch the user’s access +// token upon successful authentication and authorization with IAM Identity +// Center. +// +// IAM Identity Center uses the sso and identitystore API namespaces. +// +// # Considerations for Using This Guide +// +// Before you begin using this guide, we recommend that you first review the +// following important information about how the IAM Identity Center OIDC service +// works. +// +// - The IAM Identity Center OIDC service currently implements only the portions +// of the OAuth 2.0 Device Authorization Grant standard (https://tools.ietf.org/html/rfc8628 +// (https://tools.ietf.org/html/rfc8628)) that are necessary to enable single +// sign-on authentication with the CLI. +// +// - With older versions of the CLI, the service only emits OIDC access tokens, +// so to obtain a new token, users must explicitly re-authenticate. To access +// the OIDC flow that supports token refresh and doesn’t require re-authentication, +// update to the latest CLI version (1.27.10 for CLI V1 and 2.9.0 for CLI +// V2) with support for OIDC token refresh and configurable IAM Identity +// Center session durations. For more information, see Configure Amazon Web +// Services access portal session duration (https://docs.aws.amazon.com/singlesignon/latest/userguide/configure-user-session.html). +// +// - The access tokens provided by this service grant access to all Amazon +// Web Services account entitlements assigned to an IAM Identity Center user, +// not just a particular application. +// +// - The documentation in this guide does not describe the mechanism to convert +// the access token into Amazon Web Services Auth (“sigv4”) credentials +// for use with IAM-protected Amazon Web Services service endpoints. For +// more information, see GetRoleCredentials (https://docs.aws.amazon.com/singlesignon/latest/PortalAPIReference/API_GetRoleCredentials.html) +// in the IAM Identity Center Portal API Reference Guide. +// +// For general information about IAM Identity Center, see What is IAM Identity +// Center? (https://docs.aws.amazon.com/singlesignon/latest/userguide/what-is.html) +// in the IAM Identity Center User Guide. +// +// See https://docs.aws.amazon.com/goto/WebAPI/sso-oidc-2019-06-10 for more information on this service. +// +// See ssooidc package documentation for more information. +// https://docs.aws.amazon.com/sdk-for-go/api/service/ssooidc/ +// +// # Using the Client +// +// To contact AWS SSO OIDC with the SDK use the New function to create +// a new service client. With that client you can make API requests to the service. +// These clients are safe to use concurrently. +// +// See the SDK's documentation for more information on how to use the SDK. +// https://docs.aws.amazon.com/sdk-for-go/api/ +// +// See aws.Config documentation for more information on configuring SDK clients. +// https://docs.aws.amazon.com/sdk-for-go/api/aws/#Config +// +// See the AWS SSO OIDC client SSOOIDC for more +// information on creating client for this service. +// https://docs.aws.amazon.com/sdk-for-go/api/service/ssooidc/#New +package ssooidc diff --git a/ecs-init/vendor/github.com/aws/aws-sdk-go/service/ssooidc/errors.go b/ecs-init/vendor/github.com/aws/aws-sdk-go/service/ssooidc/errors.go new file mode 100644 index 00000000000..e6242e4928d --- /dev/null +++ b/ecs-init/vendor/github.com/aws/aws-sdk-go/service/ssooidc/errors.go @@ -0,0 +1,115 @@ +// Code generated by private/model/cli/gen-api/main.go. DO NOT EDIT. + +package ssooidc + +import ( + "github.com/aws/aws-sdk-go/private/protocol" +) + +const ( + + // ErrCodeAccessDeniedException for service response error code + // "AccessDeniedException". + // + // You do not have sufficient access to perform this action. + ErrCodeAccessDeniedException = "AccessDeniedException" + + // ErrCodeAuthorizationPendingException for service response error code + // "AuthorizationPendingException". + // + // Indicates that a request to authorize a client with an access user session + // token is pending. + ErrCodeAuthorizationPendingException = "AuthorizationPendingException" + + // ErrCodeExpiredTokenException for service response error code + // "ExpiredTokenException". + // + // Indicates that the token issued by the service is expired and is no longer + // valid. + ErrCodeExpiredTokenException = "ExpiredTokenException" + + // ErrCodeInternalServerException for service response error code + // "InternalServerException". + // + // Indicates that an error from the service occurred while trying to process + // a request. + ErrCodeInternalServerException = "InternalServerException" + + // ErrCodeInvalidClientException for service response error code + // "InvalidClientException". + // + // Indicates that the clientId or clientSecret in the request is invalid. For + // example, this can occur when a client sends an incorrect clientId or an expired + // clientSecret. + ErrCodeInvalidClientException = "InvalidClientException" + + // ErrCodeInvalidClientMetadataException for service response error code + // "InvalidClientMetadataException". + // + // Indicates that the client information sent in the request during registration + // is invalid. + ErrCodeInvalidClientMetadataException = "InvalidClientMetadataException" + + // ErrCodeInvalidGrantException for service response error code + // "InvalidGrantException". + // + // Indicates that a request contains an invalid grant. This can occur if a client + // makes a CreateToken request with an invalid grant type. + ErrCodeInvalidGrantException = "InvalidGrantException" + + // ErrCodeInvalidRequestException for service response error code + // "InvalidRequestException". + // + // Indicates that something is wrong with the input to the request. For example, + // a required parameter might be missing or out of range. + ErrCodeInvalidRequestException = "InvalidRequestException" + + // ErrCodeInvalidRequestRegionException for service response error code + // "InvalidRequestRegionException". + // + // Indicates that a token provided as input to the request was issued by and + // is only usable by calling IAM Identity Center endpoints in another region. + ErrCodeInvalidRequestRegionException = "InvalidRequestRegionException" + + // ErrCodeInvalidScopeException for service response error code + // "InvalidScopeException". + // + // Indicates that the scope provided in the request is invalid. + ErrCodeInvalidScopeException = "InvalidScopeException" + + // ErrCodeSlowDownException for service response error code + // "SlowDownException". + // + // Indicates that the client is making the request too frequently and is more + // than the service can handle. + ErrCodeSlowDownException = "SlowDownException" + + // ErrCodeUnauthorizedClientException for service response error code + // "UnauthorizedClientException". + // + // Indicates that the client is not currently authorized to make the request. + // This can happen when a clientId is not issued for a public client. + ErrCodeUnauthorizedClientException = "UnauthorizedClientException" + + // ErrCodeUnsupportedGrantTypeException for service response error code + // "UnsupportedGrantTypeException". + // + // Indicates that the grant type in the request is not supported by the service. + ErrCodeUnsupportedGrantTypeException = "UnsupportedGrantTypeException" +) + +var exceptionFromCode = map[string]func(protocol.ResponseMetadata) error{ + "AccessDeniedException": newErrorAccessDeniedException, + "AuthorizationPendingException": newErrorAuthorizationPendingException, + "ExpiredTokenException": newErrorExpiredTokenException, + "InternalServerException": newErrorInternalServerException, + "InvalidClientException": newErrorInvalidClientException, + "InvalidClientMetadataException": newErrorInvalidClientMetadataException, + "InvalidGrantException": newErrorInvalidGrantException, + "InvalidRequestException": newErrorInvalidRequestException, + "InvalidRequestRegionException": newErrorInvalidRequestRegionException, + "InvalidScopeException": newErrorInvalidScopeException, + "SlowDownException": newErrorSlowDownException, + "UnauthorizedClientException": newErrorUnauthorizedClientException, + "UnsupportedGrantTypeException": newErrorUnsupportedGrantTypeException, +} diff --git a/ecs-init/vendor/github.com/aws/aws-sdk-go/service/ssooidc/service.go b/ecs-init/vendor/github.com/aws/aws-sdk-go/service/ssooidc/service.go new file mode 100644 index 00000000000..782bae3692d --- /dev/null +++ b/ecs-init/vendor/github.com/aws/aws-sdk-go/service/ssooidc/service.go @@ -0,0 +1,106 @@ +// Code generated by private/model/cli/gen-api/main.go. DO NOT EDIT. + +package ssooidc + +import ( + "github.com/aws/aws-sdk-go/aws" + "github.com/aws/aws-sdk-go/aws/client" + "github.com/aws/aws-sdk-go/aws/client/metadata" + "github.com/aws/aws-sdk-go/aws/request" + "github.com/aws/aws-sdk-go/aws/signer/v4" + "github.com/aws/aws-sdk-go/private/protocol" + "github.com/aws/aws-sdk-go/private/protocol/restjson" +) + +// SSOOIDC provides the API operation methods for making requests to +// AWS SSO OIDC. See this package's package overview docs +// for details on the service. +// +// SSOOIDC methods are safe to use concurrently. It is not safe to +// modify mutate any of the struct's properties though. +type SSOOIDC struct { + *client.Client +} + +// Used for custom client initialization logic +var initClient func(*client.Client) + +// Used for custom request initialization logic +var initRequest func(*request.Request) + +// Service information constants +const ( + ServiceName = "SSO OIDC" // Name of service. + EndpointsID = "oidc" // ID to lookup a service endpoint with. + ServiceID = "SSO OIDC" // ServiceID is a unique identifier of a specific service. +) + +// New creates a new instance of the SSOOIDC client with a session. +// If additional configuration is needed for the client instance use the optional +// aws.Config parameter to add your extra config. +// +// Example: +// +// mySession := session.Must(session.NewSession()) +// +// // Create a SSOOIDC client from just a session. +// svc := ssooidc.New(mySession) +// +// // Create a SSOOIDC client with additional configuration +// svc := ssooidc.New(mySession, aws.NewConfig().WithRegion("us-west-2")) +func New(p client.ConfigProvider, cfgs ...*aws.Config) *SSOOIDC { + c := p.ClientConfig(EndpointsID, cfgs...) + if c.SigningNameDerived || len(c.SigningName) == 0 { + c.SigningName = "sso-oauth" + } + return newClient(*c.Config, c.Handlers, c.PartitionID, c.Endpoint, c.SigningRegion, c.SigningName, c.ResolvedRegion) +} + +// newClient creates, initializes and returns a new service client instance. +func newClient(cfg aws.Config, handlers request.Handlers, partitionID, endpoint, signingRegion, signingName, resolvedRegion string) *SSOOIDC { + svc := &SSOOIDC{ + Client: client.New( + cfg, + metadata.ClientInfo{ + ServiceName: ServiceName, + ServiceID: ServiceID, + SigningName: signingName, + SigningRegion: signingRegion, + PartitionID: partitionID, + Endpoint: endpoint, + APIVersion: "2019-06-10", + ResolvedRegion: resolvedRegion, + }, + handlers, + ), + } + + // Handlers + svc.Handlers.Sign.PushBackNamed(v4.SignRequestHandler) + svc.Handlers.Build.PushBackNamed(restjson.BuildHandler) + svc.Handlers.Unmarshal.PushBackNamed(restjson.UnmarshalHandler) + svc.Handlers.UnmarshalMeta.PushBackNamed(restjson.UnmarshalMetaHandler) + svc.Handlers.UnmarshalError.PushBackNamed( + protocol.NewUnmarshalErrorHandler(restjson.NewUnmarshalTypedError(exceptionFromCode)).NamedHandler(), + ) + + // Run custom client initialization if present + if initClient != nil { + initClient(svc.Client) + } + + return svc +} + +// newRequest creates a new request for a SSOOIDC operation and runs any +// custom request initialization. +func (c *SSOOIDC) newRequest(op *request.Operation, params, data interface{}) *request.Request { + req := c.NewRequest(op, params, data) + + // Run custom request initialization if present + if initRequest != nil { + initRequest(req) + } + + return req +} diff --git a/ecs-init/vendor/github.com/aws/aws-sdk-go/service/sts/api.go b/ecs-init/vendor/github.com/aws/aws-sdk-go/service/sts/api.go index bfc4372f9fd..2c395f5f673 100644 --- a/ecs-init/vendor/github.com/aws/aws-sdk-go/service/sts/api.go +++ b/ecs-init/vendor/github.com/aws/aws-sdk-go/service/sts/api.go @@ -28,14 +28,13 @@ const opAssumeRole = "AssumeRole" // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // +// // Example sending a request using the AssumeRoleRequest method. +// req, resp := client.AssumeRoleRequest(params) // -// // Example sending a request using the AssumeRoleRequest method. -// req, resp := client.AssumeRoleRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } // // See also, https://docs.aws.amazon.com/goto/WebAPI/sts-2011-06-15/AssumeRole func (c *STS) AssumeRoleRequest(input *AssumeRoleInput) (req *request.Request, output *AssumeRoleOutput) { @@ -57,85 +56,65 @@ func (c *STS) AssumeRoleRequest(input *AssumeRoleInput) (req *request.Request, o // AssumeRole API operation for AWS Security Token Service. // // Returns a set of temporary security credentials that you can use to access -// AWS resources that you might not normally have access to. These temporary -// credentials consist of an access key ID, a secret access key, and a security -// token. Typically, you use AssumeRole within your account or for cross-account -// access. For a comparison of AssumeRole with other API operations that produce -// temporary credentials, see Requesting Temporary Security Credentials (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html) -// and Comparing the AWS STS API operations (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#stsapi_comparison) -// in the IAM User Guide. -// -// You cannot use AWS account root user credentials to call AssumeRole. You -// must use credentials for an IAM user or an IAM role to call AssumeRole. -// -// For cross-account access, imagine that you own multiple accounts and need -// to access resources in each account. You could create long-term credentials -// in each account to access those resources. However, managing all those credentials -// and remembering which one can access which account can be time consuming. -// Instead, you can create one set of long-term credentials in one account. -// Then use temporary security credentials to access all the other accounts -// by assuming roles in those accounts. For more information about roles, see -// IAM Roles (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles.html) -// in the IAM User Guide. -// -// Session Duration -// -// By default, the temporary security credentials created by AssumeRole last -// for one hour. However, you can use the optional DurationSeconds parameter -// to specify the duration of your session. You can provide a value from 900 -// seconds (15 minutes) up to the maximum session duration setting for the role. -// This setting can have a value from 1 hour to 12 hours. To learn how to view -// the maximum value for your role, see View the Maximum Session Duration Setting -// for a Role (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use.html#id_roles_use_view-role-max-session) -// in the IAM User Guide. The maximum session duration limit applies when you -// use the AssumeRole* API operations or the assume-role* CLI commands. However -// the limit does not apply when you use those operations to create a console -// URL. For more information, see Using IAM Roles (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use.html) +// Amazon Web Services resources. These temporary credentials consist of an +// access key ID, a secret access key, and a security token. Typically, you +// use AssumeRole within your account or for cross-account access. For a comparison +// of AssumeRole with other API operations that produce temporary credentials, +// see Requesting Temporary Security Credentials (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html) +// and Comparing the Amazon Web Services STS API operations (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#stsapi_comparison) // in the IAM User Guide. // -// Permissions +// # Permissions // // The temporary security credentials created by AssumeRole can be used to make -// API calls to any AWS service with the following exception: You cannot call -// the AWS STS GetFederationToken or GetSessionToken API operations. +// API calls to any Amazon Web Services service with the following exception: +// You cannot call the Amazon Web Services STS GetFederationToken or GetSessionToken +// API operations. // // (Optional) You can pass inline or managed session policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session) // to this operation. You can pass a single JSON policy document to use as an -// inline session policy. You can also specify up to 10 managed policies to -// use as managed session policies. The plain text that you use for both inline -// and managed session policies can't exceed 2,048 characters. Passing policies -// to this operation returns new temporary credentials. The resulting session's -// permissions are the intersection of the role's identity-based policy and -// the session policies. You can use the role's temporary credentials in subsequent -// AWS API calls to access resources in the account that owns the role. You -// cannot use session policies to grant more permissions than those allowed -// by the identity-based policy of the role that is being assumed. For more -// information, see Session Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session) +// inline session policy. You can also specify up to 10 managed policy Amazon +// Resource Names (ARNs) to use as managed session policies. The plaintext that +// you use for both inline and managed session policies can't exceed 2,048 characters. +// Passing policies to this operation returns new temporary credentials. The +// resulting session's permissions are the intersection of the role's identity-based +// policy and the session policies. You can use the role's temporary credentials +// in subsequent Amazon Web Services API calls to access resources in the account +// that owns the role. You cannot use session policies to grant more permissions +// than those allowed by the identity-based policy of the role that is being +// assumed. For more information, see Session Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session) // in the IAM User Guide. // -// To assume a role from a different account, your AWS account must be trusted -// by the role. The trust relationship is defined in the role's trust policy -// when the role is created. That trust policy states which accounts are allowed -// to delegate that access to users in the account. +// When you create a role, you create two policies: a role trust policy that +// specifies who can assume the role, and a permissions policy that specifies +// what can be done with the role. You specify the trusted principal that is +// allowed to assume the role in the role trust policy. +// +// To assume a role from a different account, your Amazon Web Services account +// must be trusted by the role. The trust relationship is defined in the role's +// trust policy when the role is created. That trust policy states which accounts +// are allowed to delegate that access to users in the account. // // A user who wants to access a role in a different account must also have permissions -// that are delegated from the user account administrator. The administrator -// must attach a policy that allows the user to call AssumeRole for the ARN -// of the role in the other account. If the user is in the same account as the -// role, then you can do either of the following: +// that are delegated from the account administrator. The administrator must +// attach a policy that allows the user to call AssumeRole for the ARN of the +// role in the other account. +// +// To allow a user to assume a role in the same account, you can do either of +// the following: // -// * Attach a policy to the user (identical to the previous user in a different -// account). +// - Attach a policy to the user that allows the user to call AssumeRole +// (as long as the role's trust policy trusts the account). // -// * Add the user as a principal directly in the role's trust policy. +// - Add the user as a principal directly in the role's trust policy. // -// In this case, the trust policy acts as an IAM resource-based policy. Users -// in the same account as the role do not need explicit permission to assume -// the role. For more information about trust policies and resource-based policies, -// see IAM Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html) +// You can do either because the role’s trust policy acts as an IAM resource-based +// policy. When a resource-based policy grants access to a principal in the +// same account, no additional identity-based policy is required. For more information +// about trust policies and resource-based policies, see IAM Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html) // in the IAM User Guide. // -// Tags +// # Tags // // (Optional) You can pass tag key-value pairs to your session. These tags are // called session tags. For more information about session tags, see Passing @@ -153,16 +132,16 @@ func (c *STS) AssumeRoleRequest(input *AssumeRoleInput) (req *request.Request, o // (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html#id_session-tags_role-chaining) // in the IAM User Guide. // -// Using MFA with AssumeRole +// # Using MFA with AssumeRole // // (Optional) You can include multi-factor authentication (MFA) information // when you call AssumeRole. This is useful for cross-account scenarios to ensure -// that the user that assumes the role has been authenticated with an AWS MFA -// device. In that scenario, the trust policy of the role being assumed includes -// a condition that tests for MFA authentication. If the caller does not include -// valid MFA information, the request to assume the role is denied. The condition -// in a trust policy that tests for MFA authentication might look like the following -// example. +// that the user that assumes the role has been authenticated with an Amazon +// Web Services MFA device. In that scenario, the trust policy of the role being +// assumed includes a condition that tests for MFA authentication. If the caller +// does not include valid MFA information, the request to assume the role is +// denied. The condition in a trust policy that tests for MFA authentication +// might look like the following example. // // "Condition": {"Bool": {"aws:MultiFactorAuthPresent": true}} // @@ -182,34 +161,36 @@ func (c *STS) AssumeRoleRequest(input *AssumeRoleInput) (req *request.Request, o // API operation AssumeRole for usage and error information. // // Returned Error Codes: -// * ErrCodeMalformedPolicyDocumentException "MalformedPolicyDocument" -// The request was rejected because the policy document was malformed. The error -// message describes the specific error. -// -// * ErrCodePackedPolicyTooLargeException "PackedPolicyTooLarge" -// The request was rejected because the total packed size of the session policies -// and session tags combined was too large. An AWS conversion compresses the -// session policy document, session policy ARNs, and session tags into a packed -// binary format that has a separate limit. The error message indicates by percentage -// how close the policies and tags are to the upper size limit. For more information, -// see Passing Session Tags in STS (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html) -// in the IAM User Guide. -// -// You could receive this error even though you meet other defined session policy -// and session tag limits. For more information, see IAM and STS Entity Character -// Limits (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html) -// in the IAM User Guide. -// -// * ErrCodeRegionDisabledException "RegionDisabledException" -// STS is not activated in the requested region for the account that is being -// asked to generate credentials. The account administrator must use the IAM -// console to activate STS in that region. For more information, see Activating -// and Deactivating AWS STS in an AWS Region (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html) -// in the IAM User Guide. -// -// * ErrCodeExpiredTokenException "ExpiredTokenException" -// The web identity token that was passed is expired or is not valid. Get a -// new identity token from the identity provider and then retry the request. +// +// - ErrCodeMalformedPolicyDocumentException "MalformedPolicyDocument" +// The request was rejected because the policy document was malformed. The error +// message describes the specific error. +// +// - ErrCodePackedPolicyTooLargeException "PackedPolicyTooLarge" +// The request was rejected because the total packed size of the session policies +// and session tags combined was too large. An Amazon Web Services conversion +// compresses the session policy document, session policy ARNs, and session +// tags into a packed binary format that has a separate limit. The error message +// indicates by percentage how close the policies and tags are to the upper +// size limit. For more information, see Passing Session Tags in STS (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html) +// in the IAM User Guide. +// +// You could receive this error even though you meet other defined session policy +// and session tag limits. For more information, see IAM and STS Entity Character +// Limits (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html#reference_iam-limits-entity-length) +// in the IAM User Guide. +// +// - ErrCodeRegionDisabledException "RegionDisabledException" +// STS is not activated in the requested region for the account that is being +// asked to generate credentials. The account administrator must use the IAM +// console to activate STS in that region. For more information, see Activating +// and Deactivating Amazon Web Services STS in an Amazon Web Services Region +// (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html) +// in the IAM User Guide. +// +// - ErrCodeExpiredTokenException "ExpiredTokenException" +// The web identity token that was passed is expired or is not valid. Get a +// new identity token from the identity provider and then retry the request. // // See also, https://docs.aws.amazon.com/goto/WebAPI/sts-2011-06-15/AssumeRole func (c *STS) AssumeRole(input *AssumeRoleInput) (*AssumeRoleOutput, error) { @@ -249,14 +230,13 @@ const opAssumeRoleWithSAML = "AssumeRoleWithSAML" // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // +// // Example sending a request using the AssumeRoleWithSAMLRequest method. +// req, resp := client.AssumeRoleWithSAMLRequest(params) // -// // Example sending a request using the AssumeRoleWithSAMLRequest method. -// req, resp := client.AssumeRoleWithSAMLRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } // // See also, https://docs.aws.amazon.com/goto/WebAPI/sts-2011-06-15/AssumeRoleWithSAML func (c *STS) AssumeRoleWithSAMLRequest(input *AssumeRoleWithSAMLInput) (req *request.Request, output *AssumeRoleWithSAMLOutput) { @@ -280,18 +260,19 @@ func (c *STS) AssumeRoleWithSAMLRequest(input *AssumeRoleWithSAMLInput) (req *re // // Returns a set of temporary security credentials for users who have been authenticated // via a SAML authentication response. This operation provides a mechanism for -// tying an enterprise identity store or directory to role-based AWS access -// without user-specific credentials or configuration. For a comparison of AssumeRoleWithSAML -// with the other API operations that produce temporary credentials, see Requesting -// Temporary Security Credentials (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html) -// and Comparing the AWS STS API operations (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#stsapi_comparison) +// tying an enterprise identity store or directory to role-based Amazon Web +// Services access without user-specific credentials or configuration. For a +// comparison of AssumeRoleWithSAML with the other API operations that produce +// temporary credentials, see Requesting Temporary Security Credentials (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html) +// and Comparing the Amazon Web Services STS API operations (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#stsapi_comparison) // in the IAM User Guide. // // The temporary security credentials returned by this operation consist of // an access key ID, a secret access key, and a security token. Applications -// can use these temporary security credentials to sign calls to AWS services. +// can use these temporary security credentials to sign calls to Amazon Web +// Services services. // -// Session Duration +// # Session Duration // // By default, the temporary security credentials created by AssumeRoleWithSAML // last for one hour. However, you can use the optional DurationSeconds parameter @@ -308,37 +289,47 @@ func (c *STS) AssumeRoleWithSAMLRequest(input *AssumeRoleWithSAMLInput) (req *re // URL. For more information, see Using IAM Roles (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use.html) // in the IAM User Guide. // -// Permissions +// Role chaining (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_terms-and-concepts.html#iam-term-role-chaining) +// limits your CLI or Amazon Web Services API role session to a maximum of one +// hour. When you use the AssumeRole API operation to assume a role, you can +// specify the duration of your role session with the DurationSeconds parameter. +// You can specify a parameter value of up to 43200 seconds (12 hours), depending +// on the maximum session duration setting for your role. However, if you assume +// a role using role chaining and provide a DurationSeconds parameter value +// greater than one hour, the operation fails. +// +// # Permissions // // The temporary security credentials created by AssumeRoleWithSAML can be used -// to make API calls to any AWS service with the following exception: you cannot -// call the STS GetFederationToken or GetSessionToken API operations. +// to make API calls to any Amazon Web Services service with the following exception: +// you cannot call the STS GetFederationToken or GetSessionToken API operations. // // (Optional) You can pass inline or managed session policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session) // to this operation. You can pass a single JSON policy document to use as an -// inline session policy. You can also specify up to 10 managed policies to -// use as managed session policies. The plain text that you use for both inline -// and managed session policies can't exceed 2,048 characters. Passing policies -// to this operation returns new temporary credentials. The resulting session's -// permissions are the intersection of the role's identity-based policy and -// the session policies. You can use the role's temporary credentials in subsequent -// AWS API calls to access resources in the account that owns the role. You -// cannot use session policies to grant more permissions than those allowed -// by the identity-based policy of the role that is being assumed. For more -// information, see Session Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session) +// inline session policy. You can also specify up to 10 managed policy Amazon +// Resource Names (ARNs) to use as managed session policies. The plaintext that +// you use for both inline and managed session policies can't exceed 2,048 characters. +// Passing policies to this operation returns new temporary credentials. The +// resulting session's permissions are the intersection of the role's identity-based +// policy and the session policies. You can use the role's temporary credentials +// in subsequent Amazon Web Services API calls to access resources in the account +// that owns the role. You cannot use session policies to grant more permissions +// than those allowed by the identity-based policy of the role that is being +// assumed. For more information, see Session Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session) // in the IAM User Guide. // -// Calling AssumeRoleWithSAML does not require the use of AWS security credentials. -// The identity of the caller is validated by using keys in the metadata document -// that is uploaded for the SAML provider entity for your identity provider. +// Calling AssumeRoleWithSAML does not require the use of Amazon Web Services +// security credentials. The identity of the caller is validated by using keys +// in the metadata document that is uploaded for the SAML provider entity for +// your identity provider. // -// Calling AssumeRoleWithSAML can result in an entry in your AWS CloudTrail -// logs. The entry includes the value in the NameID element of the SAML assertion. +// Calling AssumeRoleWithSAML can result in an entry in your CloudTrail logs. +// The entry includes the value in the NameID element of the SAML assertion. // We recommend that you use a NameIDType that is not associated with any personally // identifiable information (PII). For example, you could instead use the persistent // identifier (urn:oasis:names:tc:SAML:2.0:nameid-format:persistent). // -// Tags +// # Tags // // (Optional) You can configure your IdP to pass attributes into your SAML assertion // as session tags. Each session tag consists of a key name and an associated @@ -346,16 +337,17 @@ func (c *STS) AssumeRoleWithSAMLRequest(input *AssumeRoleWithSAMLInput) (req *re // in STS (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html) // in the IAM User Guide. // -// You can pass up to 50 session tags. The plain text session tag keys can’t +// You can pass up to 50 session tags. The plaintext session tag keys can’t // exceed 128 characters and the values can’t exceed 256 characters. For these // and additional limits, see IAM and STS Character Limits (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-limits.html#reference_iam-limits-entity-length) // in the IAM User Guide. // -// An AWS conversion compresses the passed session policies and session tags -// into a packed binary format that has a separate limit. Your request can fail -// for this limit even if your plain text meets the other requirements. The -// PackedPolicySize response element indicates by percentage how close the policies -// and tags for your request are to the upper size limit. +// An Amazon Web Services conversion compresses the passed inline session policy, +// managed policy ARNs, and session tags into a packed binary format that has +// a separate limit. Your request can fail for this limit even if your plaintext +// meets the other requirements. The PackedPolicySize response element indicates +// by percentage how close the policies and tags for your request are to the +// upper size limit. // // You can pass a session tag with the same key as a tag that is attached to // the role. When you do, session tags override the role's tags with the same @@ -372,27 +364,28 @@ func (c *STS) AssumeRoleWithSAMLRequest(input *AssumeRoleWithSAMLInput) (req *re // (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html#id_session-tags_role-chaining) // in the IAM User Guide. // -// SAML Configuration +// # SAML Configuration // // Before your application can call AssumeRoleWithSAML, you must configure your -// SAML identity provider (IdP) to issue the claims required by AWS. Additionally, -// you must use AWS Identity and Access Management (IAM) to create a SAML provider -// entity in your AWS account that represents your identity provider. You must -// also create an IAM role that specifies this SAML provider in its trust policy. +// SAML identity provider (IdP) to issue the claims required by Amazon Web Services. +// Additionally, you must use Identity and Access Management (IAM) to create +// a SAML provider entity in your Amazon Web Services account that represents +// your identity provider. You must also create an IAM role that specifies this +// SAML provider in its trust policy. // // For more information, see the following resources: // -// * About SAML 2.0-based Federation (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_saml.html) -// in the IAM User Guide. +// - About SAML 2.0-based Federation (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_saml.html) +// in the IAM User Guide. // -// * Creating SAML Identity Providers (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_create_saml.html) -// in the IAM User Guide. +// - Creating SAML Identity Providers (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_create_saml.html) +// in the IAM User Guide. // -// * Configuring a Relying Party and Claims (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_create_saml_relying-party.html) -// in the IAM User Guide. +// - Configuring a Relying Party and Claims (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_create_saml_relying-party.html) +// in the IAM User Guide. // -// * Creating a Role for SAML 2.0 Federation (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_create_for-idp_saml.html) -// in the IAM User Guide. +// - Creating a Role for SAML 2.0 Federation (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_create_for-idp_saml.html) +// in the IAM User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -402,45 +395,48 @@ func (c *STS) AssumeRoleWithSAMLRequest(input *AssumeRoleWithSAMLInput) (req *re // API operation AssumeRoleWithSAML for usage and error information. // // Returned Error Codes: -// * ErrCodeMalformedPolicyDocumentException "MalformedPolicyDocument" -// The request was rejected because the policy document was malformed. The error -// message describes the specific error. -// -// * ErrCodePackedPolicyTooLargeException "PackedPolicyTooLarge" -// The request was rejected because the total packed size of the session policies -// and session tags combined was too large. An AWS conversion compresses the -// session policy document, session policy ARNs, and session tags into a packed -// binary format that has a separate limit. The error message indicates by percentage -// how close the policies and tags are to the upper size limit. For more information, -// see Passing Session Tags in STS (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html) -// in the IAM User Guide. -// -// You could receive this error even though you meet other defined session policy -// and session tag limits. For more information, see IAM and STS Entity Character -// Limits (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html) -// in the IAM User Guide. -// -// * ErrCodeIDPRejectedClaimException "IDPRejectedClaim" -// The identity provider (IdP) reported that authentication failed. This might -// be because the claim is invalid. -// -// If this error is returned for the AssumeRoleWithWebIdentity operation, it -// can also mean that the claim has expired or has been explicitly revoked. -// -// * ErrCodeInvalidIdentityTokenException "InvalidIdentityToken" -// The web identity token that was passed could not be validated by AWS. Get -// a new identity token from the identity provider and then retry the request. -// -// * ErrCodeExpiredTokenException "ExpiredTokenException" -// The web identity token that was passed is expired or is not valid. Get a -// new identity token from the identity provider and then retry the request. -// -// * ErrCodeRegionDisabledException "RegionDisabledException" -// STS is not activated in the requested region for the account that is being -// asked to generate credentials. The account administrator must use the IAM -// console to activate STS in that region. For more information, see Activating -// and Deactivating AWS STS in an AWS Region (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html) -// in the IAM User Guide. +// +// - ErrCodeMalformedPolicyDocumentException "MalformedPolicyDocument" +// The request was rejected because the policy document was malformed. The error +// message describes the specific error. +// +// - ErrCodePackedPolicyTooLargeException "PackedPolicyTooLarge" +// The request was rejected because the total packed size of the session policies +// and session tags combined was too large. An Amazon Web Services conversion +// compresses the session policy document, session policy ARNs, and session +// tags into a packed binary format that has a separate limit. The error message +// indicates by percentage how close the policies and tags are to the upper +// size limit. For more information, see Passing Session Tags in STS (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html) +// in the IAM User Guide. +// +// You could receive this error even though you meet other defined session policy +// and session tag limits. For more information, see IAM and STS Entity Character +// Limits (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html#reference_iam-limits-entity-length) +// in the IAM User Guide. +// +// - ErrCodeIDPRejectedClaimException "IDPRejectedClaim" +// The identity provider (IdP) reported that authentication failed. This might +// be because the claim is invalid. +// +// If this error is returned for the AssumeRoleWithWebIdentity operation, it +// can also mean that the claim has expired or has been explicitly revoked. +// +// - ErrCodeInvalidIdentityTokenException "InvalidIdentityToken" +// The web identity token that was passed could not be validated by Amazon Web +// Services. Get a new identity token from the identity provider and then retry +// the request. +// +// - ErrCodeExpiredTokenException "ExpiredTokenException" +// The web identity token that was passed is expired or is not valid. Get a +// new identity token from the identity provider and then retry the request. +// +// - ErrCodeRegionDisabledException "RegionDisabledException" +// STS is not activated in the requested region for the account that is being +// asked to generate credentials. The account administrator must use the IAM +// console to activate STS in that region. For more information, see Activating +// and Deactivating Amazon Web Services STS in an Amazon Web Services Region +// (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html) +// in the IAM User Guide. // // See also, https://docs.aws.amazon.com/goto/WebAPI/sts-2011-06-15/AssumeRoleWithSAML func (c *STS) AssumeRoleWithSAML(input *AssumeRoleWithSAMLInput) (*AssumeRoleWithSAMLOutput, error) { @@ -480,14 +476,13 @@ const opAssumeRoleWithWebIdentity = "AssumeRoleWithWebIdentity" // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // +// // Example sending a request using the AssumeRoleWithWebIdentityRequest method. +// req, resp := client.AssumeRoleWithWebIdentityRequest(params) // -// // Example sending a request using the AssumeRoleWithWebIdentityRequest method. -// req, resp := client.AssumeRoleWithWebIdentityRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } // // See also, https://docs.aws.amazon.com/goto/WebAPI/sts-2011-06-15/AssumeRoleWithWebIdentity func (c *STS) AssumeRoleWithWebIdentityRequest(input *AssumeRoleWithWebIdentityInput) (req *request.Request, output *AssumeRoleWithWebIdentityOutput) { @@ -511,36 +506,38 @@ func (c *STS) AssumeRoleWithWebIdentityRequest(input *AssumeRoleWithWebIdentityI // // Returns a set of temporary security credentials for users who have been authenticated // in a mobile or web application with a web identity provider. Example providers -// include Amazon Cognito, Login with Amazon, Facebook, Google, or any OpenID -// Connect-compatible identity provider. +// include the OAuth 2.0 providers Login with Amazon and Facebook, or any OpenID +// Connect-compatible identity provider such as Google or Amazon Cognito federated +// identities (https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-identity.html). // // For mobile applications, we recommend that you use Amazon Cognito. You can -// use Amazon Cognito with the AWS SDK for iOS Developer Guide (http://aws.amazon.com/sdkforios/) -// and the AWS SDK for Android Developer Guide (http://aws.amazon.com/sdkforandroid/) -// to uniquely identify a user. You can also supply the user with a consistent -// identity throughout the lifetime of an application. -// -// To learn more about Amazon Cognito, see Amazon Cognito Overview (https://docs.aws.amazon.com/mobile/sdkforandroid/developerguide/cognito-auth.html#d0e840) -// in AWS SDK for Android Developer Guide and Amazon Cognito Overview (https://docs.aws.amazon.com/mobile/sdkforios/developerguide/cognito-auth.html#d0e664) -// in the AWS SDK for iOS Developer Guide. -// -// Calling AssumeRoleWithWebIdentity does not require the use of AWS security -// credentials. Therefore, you can distribute an application (for example, on -// mobile devices) that requests temporary security credentials without including -// long-term AWS credentials in the application. You also don't need to deploy -// server-based proxy services that use long-term AWS credentials. Instead, -// the identity of the caller is validated by using a token from the web identity -// provider. For a comparison of AssumeRoleWithWebIdentity with the other API -// operations that produce temporary credentials, see Requesting Temporary Security -// Credentials (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html) -// and Comparing the AWS STS API operations (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#stsapi_comparison) +// use Amazon Cognito with the Amazon Web Services SDK for iOS Developer Guide +// (http://aws.amazon.com/sdkforios/) and the Amazon Web Services SDK for Android +// Developer Guide (http://aws.amazon.com/sdkforandroid/) to uniquely identify +// a user. You can also supply the user with a consistent identity throughout +// the lifetime of an application. +// +// To learn more about Amazon Cognito, see Amazon Cognito identity pools (https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-identity.html) +// in Amazon Cognito Developer Guide. +// +// Calling AssumeRoleWithWebIdentity does not require the use of Amazon Web +// Services security credentials. Therefore, you can distribute an application +// (for example, on mobile devices) that requests temporary security credentials +// without including long-term Amazon Web Services credentials in the application. +// You also don't need to deploy server-based proxy services that use long-term +// Amazon Web Services credentials. Instead, the identity of the caller is validated +// by using a token from the web identity provider. For a comparison of AssumeRoleWithWebIdentity +// with the other API operations that produce temporary credentials, see Requesting +// Temporary Security Credentials (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html) +// and Comparing the Amazon Web Services STS API operations (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#stsapi_comparison) // in the IAM User Guide. // // The temporary security credentials returned by this API consist of an access // key ID, a secret access key, and a security token. Applications can use these -// temporary security credentials to sign calls to AWS service API operations. +// temporary security credentials to sign calls to Amazon Web Services service +// API operations. // -// Session Duration +// # Session Duration // // By default, the temporary security credentials created by AssumeRoleWithWebIdentity // last for one hour. However, you can use the optional DurationSeconds parameter @@ -555,27 +552,28 @@ func (c *STS) AssumeRoleWithWebIdentityRequest(input *AssumeRoleWithWebIdentityI // URL. For more information, see Using IAM Roles (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use.html) // in the IAM User Guide. // -// Permissions +// # Permissions // // The temporary security credentials created by AssumeRoleWithWebIdentity can -// be used to make API calls to any AWS service with the following exception: -// you cannot call the STS GetFederationToken or GetSessionToken API operations. +// be used to make API calls to any Amazon Web Services service with the following +// exception: you cannot call the STS GetFederationToken or GetSessionToken +// API operations. // // (Optional) You can pass inline or managed session policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session) // to this operation. You can pass a single JSON policy document to use as an -// inline session policy. You can also specify up to 10 managed policies to -// use as managed session policies. The plain text that you use for both inline -// and managed session policies can't exceed 2,048 characters. Passing policies -// to this operation returns new temporary credentials. The resulting session's -// permissions are the intersection of the role's identity-based policy and -// the session policies. You can use the role's temporary credentials in subsequent -// AWS API calls to access resources in the account that owns the role. You -// cannot use session policies to grant more permissions than those allowed -// by the identity-based policy of the role that is being assumed. For more -// information, see Session Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session) +// inline session policy. You can also specify up to 10 managed policy Amazon +// Resource Names (ARNs) to use as managed session policies. The plaintext that +// you use for both inline and managed session policies can't exceed 2,048 characters. +// Passing policies to this operation returns new temporary credentials. The +// resulting session's permissions are the intersection of the role's identity-based +// policy and the session policies. You can use the role's temporary credentials +// in subsequent Amazon Web Services API calls to access resources in the account +// that owns the role. You cannot use session policies to grant more permissions +// than those allowed by the identity-based policy of the role that is being +// assumed. For more information, see Session Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session) // in the IAM User Guide. // -// Tags +// # Tags // // (Optional) You can configure your IdP to pass attributes into your web identity // token as session tags. Each session tag consists of a key name and an associated @@ -583,16 +581,17 @@ func (c *STS) AssumeRoleWithWebIdentityRequest(input *AssumeRoleWithWebIdentityI // in STS (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html) // in the IAM User Guide. // -// You can pass up to 50 session tags. The plain text session tag keys can’t +// You can pass up to 50 session tags. The plaintext session tag keys can’t // exceed 128 characters and the values can’t exceed 256 characters. For these // and additional limits, see IAM and STS Character Limits (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-limits.html#reference_iam-limits-entity-length) // in the IAM User Guide. // -// An AWS conversion compresses the passed session policies and session tags -// into a packed binary format that has a separate limit. Your request can fail -// for this limit even if your plain text meets the other requirements. The -// PackedPolicySize response element indicates by percentage how close the policies -// and tags for your request are to the upper size limit. +// An Amazon Web Services conversion compresses the passed inline session policy, +// managed policy ARNs, and session tags into a packed binary format that has +// a separate limit. Your request can fail for this limit even if your plaintext +// meets the other requirements. The PackedPolicySize response element indicates +// by percentage how close the policies and tags for your request are to the +// upper size limit. // // You can pass a session tag with the same key as a tag that is attached to // the role. When you do, the session tag overrides the role tag with the same @@ -609,7 +608,7 @@ func (c *STS) AssumeRoleWithWebIdentityRequest(input *AssumeRoleWithWebIdentityI // (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html#id_session-tags_role-chaining) // in the IAM User Guide. // -// Identities +// # Identities // // Before your application can call AssumeRoleWithWebIdentity, you must have // an identity token from a supported identity provider and create a role that @@ -617,9 +616,9 @@ func (c *STS) AssumeRoleWithWebIdentityRequest(input *AssumeRoleWithWebIdentityI // the identity provider that is associated with the identity token. In other // words, the identity provider must be specified in the role's trust policy. // -// Calling AssumeRoleWithWebIdentity can result in an entry in your AWS CloudTrail +// Calling AssumeRoleWithWebIdentity can result in an entry in your CloudTrail // logs. The entry includes the Subject (http://openid.net/specs/openid-connect-core-1_0.html#Claims) -// of the provided Web Identity Token. We recommend that you avoid using any +// of the provided web identity token. We recommend that you avoid using any // personally identifiable information (PII) in this field. For example, you // could instead use a GUID or a pairwise identifier, as suggested in the OIDC // specification (http://openid.net/specs/openid-connect-core-1_0.html#SubjectIDTypes). @@ -627,24 +626,24 @@ func (c *STS) AssumeRoleWithWebIdentityRequest(input *AssumeRoleWithWebIdentityI // For more information about how to use web identity federation and the AssumeRoleWithWebIdentity // API, see the following resources: // -// * Using Web Identity Federation API Operations for Mobile Apps (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_oidc_manual.html) -// and Federation Through a Web-based Identity Provider (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#api_assumerolewithwebidentity). +// - Using Web Identity Federation API Operations for Mobile Apps (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_oidc_manual.html) +// and Federation Through a Web-based Identity Provider (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#api_assumerolewithwebidentity). // -// * Web Identity Federation Playground (https://aws.amazon.com/blogs/aws/the-aws-web-identity-federation-playground/). -// Walk through the process of authenticating through Login with Amazon, -// Facebook, or Google, getting temporary security credentials, and then -// using those credentials to make a request to AWS. +// - Web Identity Federation Playground (https://aws.amazon.com/blogs/aws/the-aws-web-identity-federation-playground/). +// Walk through the process of authenticating through Login with Amazon, +// Facebook, or Google, getting temporary security credentials, and then +// using those credentials to make a request to Amazon Web Services. // -// * AWS SDK for iOS Developer Guide (http://aws.amazon.com/sdkforios/) and -// AWS SDK for Android Developer Guide (http://aws.amazon.com/sdkforandroid/). -// These toolkits contain sample apps that show how to invoke the identity -// providers. The toolkits then show how to use the information from these -// providers to get and use temporary security credentials. +// - Amazon Web Services SDK for iOS Developer Guide (http://aws.amazon.com/sdkforios/) +// and Amazon Web Services SDK for Android Developer Guide (http://aws.amazon.com/sdkforandroid/). +// These toolkits contain sample apps that show how to invoke the identity +// providers. The toolkits then show how to use the information from these +// providers to get and use temporary security credentials. // -// * Web Identity Federation with Mobile Applications (http://aws.amazon.com/articles/web-identity-federation-with-mobile-applications). -// This article discusses web identity federation and shows an example of -// how to use web identity federation to get access to content in Amazon -// S3. +// - Web Identity Federation with Mobile Applications (http://aws.amazon.com/articles/web-identity-federation-with-mobile-applications). +// This article discusses web identity federation and shows an example of +// how to use web identity federation to get access to content in Amazon +// S3. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -654,52 +653,55 @@ func (c *STS) AssumeRoleWithWebIdentityRequest(input *AssumeRoleWithWebIdentityI // API operation AssumeRoleWithWebIdentity for usage and error information. // // Returned Error Codes: -// * ErrCodeMalformedPolicyDocumentException "MalformedPolicyDocument" -// The request was rejected because the policy document was malformed. The error -// message describes the specific error. -// -// * ErrCodePackedPolicyTooLargeException "PackedPolicyTooLarge" -// The request was rejected because the total packed size of the session policies -// and session tags combined was too large. An AWS conversion compresses the -// session policy document, session policy ARNs, and session tags into a packed -// binary format that has a separate limit. The error message indicates by percentage -// how close the policies and tags are to the upper size limit. For more information, -// see Passing Session Tags in STS (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html) -// in the IAM User Guide. -// -// You could receive this error even though you meet other defined session policy -// and session tag limits. For more information, see IAM and STS Entity Character -// Limits (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html) -// in the IAM User Guide. -// -// * ErrCodeIDPRejectedClaimException "IDPRejectedClaim" -// The identity provider (IdP) reported that authentication failed. This might -// be because the claim is invalid. -// -// If this error is returned for the AssumeRoleWithWebIdentity operation, it -// can also mean that the claim has expired or has been explicitly revoked. -// -// * ErrCodeIDPCommunicationErrorException "IDPCommunicationError" -// The request could not be fulfilled because the identity provider (IDP) that -// was asked to verify the incoming identity token could not be reached. This -// is often a transient error caused by network conditions. Retry the request -// a limited number of times so that you don't exceed the request rate. If the -// error persists, the identity provider might be down or not responding. -// -// * ErrCodeInvalidIdentityTokenException "InvalidIdentityToken" -// The web identity token that was passed could not be validated by AWS. Get -// a new identity token from the identity provider and then retry the request. -// -// * ErrCodeExpiredTokenException "ExpiredTokenException" -// The web identity token that was passed is expired or is not valid. Get a -// new identity token from the identity provider and then retry the request. -// -// * ErrCodeRegionDisabledException "RegionDisabledException" -// STS is not activated in the requested region for the account that is being -// asked to generate credentials. The account administrator must use the IAM -// console to activate STS in that region. For more information, see Activating -// and Deactivating AWS STS in an AWS Region (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html) -// in the IAM User Guide. +// +// - ErrCodeMalformedPolicyDocumentException "MalformedPolicyDocument" +// The request was rejected because the policy document was malformed. The error +// message describes the specific error. +// +// - ErrCodePackedPolicyTooLargeException "PackedPolicyTooLarge" +// The request was rejected because the total packed size of the session policies +// and session tags combined was too large. An Amazon Web Services conversion +// compresses the session policy document, session policy ARNs, and session +// tags into a packed binary format that has a separate limit. The error message +// indicates by percentage how close the policies and tags are to the upper +// size limit. For more information, see Passing Session Tags in STS (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html) +// in the IAM User Guide. +// +// You could receive this error even though you meet other defined session policy +// and session tag limits. For more information, see IAM and STS Entity Character +// Limits (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html#reference_iam-limits-entity-length) +// in the IAM User Guide. +// +// - ErrCodeIDPRejectedClaimException "IDPRejectedClaim" +// The identity provider (IdP) reported that authentication failed. This might +// be because the claim is invalid. +// +// If this error is returned for the AssumeRoleWithWebIdentity operation, it +// can also mean that the claim has expired or has been explicitly revoked. +// +// - ErrCodeIDPCommunicationErrorException "IDPCommunicationError" +// The request could not be fulfilled because the identity provider (IDP) that +// was asked to verify the incoming identity token could not be reached. This +// is often a transient error caused by network conditions. Retry the request +// a limited number of times so that you don't exceed the request rate. If the +// error persists, the identity provider might be down or not responding. +// +// - ErrCodeInvalidIdentityTokenException "InvalidIdentityToken" +// The web identity token that was passed could not be validated by Amazon Web +// Services. Get a new identity token from the identity provider and then retry +// the request. +// +// - ErrCodeExpiredTokenException "ExpiredTokenException" +// The web identity token that was passed is expired or is not valid. Get a +// new identity token from the identity provider and then retry the request. +// +// - ErrCodeRegionDisabledException "RegionDisabledException" +// STS is not activated in the requested region for the account that is being +// asked to generate credentials. The account administrator must use the IAM +// console to activate STS in that region. For more information, see Activating +// and Deactivating Amazon Web Services STS in an Amazon Web Services Region +// (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html) +// in the IAM User Guide. // // See also, https://docs.aws.amazon.com/goto/WebAPI/sts-2011-06-15/AssumeRoleWithWebIdentity func (c *STS) AssumeRoleWithWebIdentity(input *AssumeRoleWithWebIdentityInput) (*AssumeRoleWithWebIdentityOutput, error) { @@ -739,14 +741,13 @@ const opDecodeAuthorizationMessage = "DecodeAuthorizationMessage" // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // +// // Example sending a request using the DecodeAuthorizationMessageRequest method. +// req, resp := client.DecodeAuthorizationMessageRequest(params) // -// // Example sending a request using the DecodeAuthorizationMessageRequest method. -// req, resp := client.DecodeAuthorizationMessageRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } // // See also, https://docs.aws.amazon.com/goto/WebAPI/sts-2011-06-15/DecodeAuthorizationMessage func (c *STS) DecodeAuthorizationMessageRequest(input *DecodeAuthorizationMessageInput) (req *request.Request, output *DecodeAuthorizationMessageOutput) { @@ -768,37 +769,40 @@ func (c *STS) DecodeAuthorizationMessageRequest(input *DecodeAuthorizationMessag // DecodeAuthorizationMessage API operation for AWS Security Token Service. // // Decodes additional information about the authorization status of a request -// from an encoded message returned in response to an AWS request. +// from an encoded message returned in response to an Amazon Web Services request. // // For example, if a user is not authorized to perform an operation that he // or she has requested, the request returns a Client.UnauthorizedOperation -// response (an HTTP 403 response). Some AWS operations additionally return -// an encoded message that can provide details about this authorization failure. +// response (an HTTP 403 response). Some Amazon Web Services operations additionally +// return an encoded message that can provide details about this authorization +// failure. // -// Only certain AWS operations return an encoded authorization message. The -// documentation for an individual operation indicates whether that operation -// returns an encoded message in addition to returning an HTTP code. +// Only certain Amazon Web Services operations return an encoded authorization +// message. The documentation for an individual operation indicates whether +// that operation returns an encoded message in addition to returning an HTTP +// code. // // The message is encoded because the details of the authorization status can -// constitute privileged information that the user who requested the operation +// contain privileged information that the user who requested the operation // should not see. To decode an authorization status message, a user must be -// granted permissions via an IAM policy to request the DecodeAuthorizationMessage -// (sts:DecodeAuthorizationMessage) action. +// granted permissions through an IAM policy (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html) +// to request the DecodeAuthorizationMessage (sts:DecodeAuthorizationMessage) +// action. // // The decoded message includes the following type of information: // -// * Whether the request was denied due to an explicit deny or due to the -// absence of an explicit allow. For more information, see Determining Whether -// a Request is Allowed or Denied (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_evaluation-logic.html#policy-eval-denyallow) -// in the IAM User Guide. +// - Whether the request was denied due to an explicit deny or due to the +// absence of an explicit allow. For more information, see Determining Whether +// a Request is Allowed or Denied (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_evaluation-logic.html#policy-eval-denyallow) +// in the IAM User Guide. // -// * The principal who made the request. +// - The principal who made the request. // -// * The requested action. +// - The requested action. // -// * The requested resource. +// - The requested resource. // -// * The values of condition keys in the context of the user's request. +// - The values of condition keys in the context of the user's request. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions // with awserr.Error's Code and Message methods to get detailed information about @@ -808,10 +812,10 @@ func (c *STS) DecodeAuthorizationMessageRequest(input *DecodeAuthorizationMessag // API operation DecodeAuthorizationMessage for usage and error information. // // Returned Error Codes: -// * ErrCodeInvalidAuthorizationMessageException "InvalidAuthorizationMessageException" -// The error returned if the message passed to DecodeAuthorizationMessage was -// invalid. This can happen if the token contains invalid characters, such as -// linebreaks. +// - ErrCodeInvalidAuthorizationMessageException "InvalidAuthorizationMessageException" +// The error returned if the message passed to DecodeAuthorizationMessage was +// invalid. This can happen if the token contains invalid characters, such as +// linebreaks. // // See also, https://docs.aws.amazon.com/goto/WebAPI/sts-2011-06-15/DecodeAuthorizationMessage func (c *STS) DecodeAuthorizationMessage(input *DecodeAuthorizationMessageInput) (*DecodeAuthorizationMessageOutput, error) { @@ -851,14 +855,13 @@ const opGetAccessKeyInfo = "GetAccessKeyInfo" // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // +// // Example sending a request using the GetAccessKeyInfoRequest method. +// req, resp := client.GetAccessKeyInfoRequest(params) // -// // Example sending a request using the GetAccessKeyInfoRequest method. -// req, resp := client.GetAccessKeyInfoRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } // // See also, https://docs.aws.amazon.com/goto/WebAPI/sts-2011-06-15/GetAccessKeyInfo func (c *STS) GetAccessKeyInfoRequest(input *GetAccessKeyInfoInput) (req *request.Request, output *GetAccessKeyInfoOutput) { @@ -888,12 +891,12 @@ func (c *STS) GetAccessKeyInfoRequest(input *GetAccessKeyInfoInput) (req *reques // in the IAM User Guide. // // When you pass an access key ID to this operation, it returns the ID of the -// AWS account to which the keys belong. Access key IDs beginning with AKIA -// are long-term credentials for an IAM user or the AWS account root user. Access -// key IDs beginning with ASIA are temporary credentials that are created using -// STS operations. If the account in the response belongs to you, you can sign -// in as the root user and review your root user access keys. Then, you can -// pull a credentials report (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_getting-report.html) +// Amazon Web Services account to which the keys belong. Access key IDs beginning +// with AKIA are long-term credentials for an IAM user or the Amazon Web Services +// account root user. Access key IDs beginning with ASIA are temporary credentials +// that are created using STS operations. If the account in the response belongs +// to you, you can sign in as the root user and review your root user access +// keys. Then, you can pull a credentials report (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_getting-report.html) // to learn which IAM user owns the keys. To learn who requested the temporary // credentials for an ASIA access key, view the STS events in your CloudTrail // logs (https://docs.aws.amazon.com/IAM/latest/UserGuide/cloudtrail-integration.html) @@ -948,14 +951,13 @@ const opGetCallerIdentity = "GetCallerIdentity" // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // +// // Example sending a request using the GetCallerIdentityRequest method. +// req, resp := client.GetCallerIdentityRequest(params) // -// // Example sending a request using the GetCallerIdentityRequest method. -// req, resp := client.GetCallerIdentityRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } // // See also, https://docs.aws.amazon.com/goto/WebAPI/sts-2011-06-15/GetCallerIdentity func (c *STS) GetCallerIdentityRequest(input *GetCallerIdentityInput) (req *request.Request, output *GetCallerIdentityOutput) { @@ -980,11 +982,11 @@ func (c *STS) GetCallerIdentityRequest(input *GetCallerIdentityInput) (req *requ // call the operation. // // No permissions are required to perform this operation. If an administrator -// adds a policy to your IAM user or role that explicitly denies access to the -// sts:GetCallerIdentity action, you can still perform this operation. Permissions -// are not required because the same information is returned when an IAM user -// or role is denied access. To view an example response, see I Am Not Authorized -// to Perform: iam:DeleteVirtualMFADevice (https://docs.aws.amazon.com/IAM/latest/UserGuide/troubleshoot_general.html#troubleshoot_general_access-denied-delete-mfa) +// attaches a policy to your identity that explicitly denies access to the sts:GetCallerIdentity +// action, you can still perform this operation. Permissions are not required +// because the same information is returned when access is denied. To view an +// example response, see I Am Not Authorized to Perform: iam:DeleteVirtualMFADevice +// (https://docs.aws.amazon.com/IAM/latest/UserGuide/troubleshoot_general.html#troubleshoot_general_access-denied-delete-mfa) // in the IAM User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -1031,14 +1033,13 @@ const opGetFederationToken = "GetFederationToken" // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // +// // Example sending a request using the GetFederationTokenRequest method. +// req, resp := client.GetFederationTokenRequest(params) // -// // Example sending a request using the GetFederationTokenRequest method. -// req, resp := client.GetFederationTokenRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } // // See also, https://docs.aws.amazon.com/goto/WebAPI/sts-2011-06-15/GetFederationToken func (c *STS) GetFederationTokenRequest(input *GetFederationTokenInput) (req *request.Request, output *GetFederationTokenOutput) { @@ -1060,16 +1061,24 @@ func (c *STS) GetFederationTokenRequest(input *GetFederationTokenInput) (req *re // GetFederationToken API operation for AWS Security Token Service. // // Returns a set of temporary security credentials (consisting of an access -// key ID, a secret access key, and a security token) for a federated user. -// A typical use is in a proxy application that gets temporary security credentials -// on behalf of distributed applications inside a corporate network. You must -// call the GetFederationToken operation using the long-term security credentials -// of an IAM user. As a result, this call is appropriate in contexts where those -// credentials can be safely stored, usually in a server-based application. +// key ID, a secret access key, and a security token) for a user. A typical +// use is in a proxy application that gets temporary security credentials on +// behalf of distributed applications inside a corporate network. +// +// You must call the GetFederationToken operation using the long-term security +// credentials of an IAM user. As a result, this call is appropriate in contexts +// where those credentials can be safeguarded, usually in a server-based application. // For a comparison of GetFederationToken with the other API operations that // produce temporary credentials, see Requesting Temporary Security Credentials // (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html) -// and Comparing the AWS STS API operations (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#stsapi_comparison) +// and Comparing the Amazon Web Services STS API operations (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#stsapi_comparison) +// in the IAM User Guide. +// +// Although it is possible to call GetFederationToken using the security credentials +// of an Amazon Web Services account root user rather than an IAM user that +// you create for the purpose of a proxy application, we do not recommend it. +// For more information, see Safeguard your root user credentials and don't +// use them for everyday tasks (https://docs.aws.amazon.com/IAM/latest/UserGuide/best-practices.html#lock-away-credentials) // in the IAM User Guide. // // You can create a mobile-based or browser-based app that can authenticate @@ -1080,36 +1089,31 @@ func (c *STS) GetFederationTokenRequest(input *GetFederationTokenInput) (req *re // (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#api_assumerolewithwebidentity) // in the IAM User Guide. // -// You can also call GetFederationToken using the security credentials of an -// AWS account root user, but we do not recommend it. Instead, we recommend -// that you create an IAM user for the purpose of the proxy application. Then -// attach a policy to the IAM user that limits federated users to only the actions -// and resources that they need to access. For more information, see IAM Best -// Practices (https://docs.aws.amazon.com/IAM/latest/UserGuide/best-practices.html) -// in the IAM User Guide. -// -// Session duration +// # Session duration // // The temporary credentials are valid for the specified duration, from 900 // seconds (15 minutes) up to a maximum of 129,600 seconds (36 hours). The default -// session duration is 43,200 seconds (12 hours). Temporary credentials that -// are obtained by using AWS account root user credentials have a maximum duration -// of 3,600 seconds (1 hour). +// session duration is 43,200 seconds (12 hours). Temporary credentials obtained +// by using the root user credentials have a maximum duration of 3,600 seconds +// (1 hour). // -// Permissions +// # Permissions // // You can use the temporary credentials created by GetFederationToken in any -// AWS service except the following: +// Amazon Web Services service with the following exceptions: +// +// - You cannot call any IAM operations using the CLI or the Amazon Web Services +// API. This limitation does not apply to console sessions. // -// * You cannot call any IAM operations using the AWS CLI or the AWS API. +// - You cannot call any STS operations except GetCallerIdentity. // -// * You cannot call any STS operations except GetCallerIdentity. +// You can use temporary credentials for single sign-on (SSO) to the console. // // You must pass an inline or managed session policy (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session) // to this operation. You can pass a single JSON policy document to use as an -// inline session policy. You can also specify up to 10 managed policies to -// use as managed session policies. The plain text that you use for both inline -// and managed session policies can't exceed 2,048 characters. +// inline session policy. You can also specify up to 10 managed policy Amazon +// Resource Names (ARNs) to use as managed session policies. The plaintext that +// you use for both inline and managed session policies can't exceed 2,048 characters. // // Though the session policy parameters are optional, if you do not pass a policy, // then the resulting federated user session has no permissions. When you pass @@ -1129,13 +1133,21 @@ func (c *STS) GetFederationTokenRequest(input *GetFederationTokenInput) (req *re // by the policy. These permissions are granted in addition to the permissions // granted by the session policies. // -// Tags +// # Tags // // (Optional) You can pass tag key-value pairs to your session. These are called // session tags. For more information about session tags, see Passing Session // Tags in STS (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html) // in the IAM User Guide. // +// You can create a mobile-based or browser-based app that can authenticate +// users using a web identity provider like Login with Amazon, Facebook, Google, +// or an OpenID Connect-compatible identity provider. In this case, we recommend +// that you use Amazon Cognito (http://aws.amazon.com/cognito/) or AssumeRoleWithWebIdentity. +// For more information, see Federation Through a Web-based Identity Provider +// (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#api_assumerolewithwebidentity) +// in the IAM User Guide. +// // An administrator must grant you the permissions necessary to pass session // tags. The administrator can also create granular permissions to allow you // to pass only specific session tags. For more information, see Tutorial: Using @@ -1157,30 +1169,32 @@ func (c *STS) GetFederationTokenRequest(input *GetFederationTokenInput) (req *re // API operation GetFederationToken for usage and error information. // // Returned Error Codes: -// * ErrCodeMalformedPolicyDocumentException "MalformedPolicyDocument" -// The request was rejected because the policy document was malformed. The error -// message describes the specific error. -// -// * ErrCodePackedPolicyTooLargeException "PackedPolicyTooLarge" -// The request was rejected because the total packed size of the session policies -// and session tags combined was too large. An AWS conversion compresses the -// session policy document, session policy ARNs, and session tags into a packed -// binary format that has a separate limit. The error message indicates by percentage -// how close the policies and tags are to the upper size limit. For more information, -// see Passing Session Tags in STS (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html) -// in the IAM User Guide. -// -// You could receive this error even though you meet other defined session policy -// and session tag limits. For more information, see IAM and STS Entity Character -// Limits (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html) -// in the IAM User Guide. -// -// * ErrCodeRegionDisabledException "RegionDisabledException" -// STS is not activated in the requested region for the account that is being -// asked to generate credentials. The account administrator must use the IAM -// console to activate STS in that region. For more information, see Activating -// and Deactivating AWS STS in an AWS Region (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html) -// in the IAM User Guide. +// +// - ErrCodeMalformedPolicyDocumentException "MalformedPolicyDocument" +// The request was rejected because the policy document was malformed. The error +// message describes the specific error. +// +// - ErrCodePackedPolicyTooLargeException "PackedPolicyTooLarge" +// The request was rejected because the total packed size of the session policies +// and session tags combined was too large. An Amazon Web Services conversion +// compresses the session policy document, session policy ARNs, and session +// tags into a packed binary format that has a separate limit. The error message +// indicates by percentage how close the policies and tags are to the upper +// size limit. For more information, see Passing Session Tags in STS (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html) +// in the IAM User Guide. +// +// You could receive this error even though you meet other defined session policy +// and session tag limits. For more information, see IAM and STS Entity Character +// Limits (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html#reference_iam-limits-entity-length) +// in the IAM User Guide. +// +// - ErrCodeRegionDisabledException "RegionDisabledException" +// STS is not activated in the requested region for the account that is being +// asked to generate credentials. The account administrator must use the IAM +// console to activate STS in that region. For more information, see Activating +// and Deactivating Amazon Web Services STS in an Amazon Web Services Region +// (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html) +// in the IAM User Guide. // // See also, https://docs.aws.amazon.com/goto/WebAPI/sts-2011-06-15/GetFederationToken func (c *STS) GetFederationToken(input *GetFederationTokenInput) (*GetFederationTokenOutput, error) { @@ -1220,14 +1234,13 @@ const opGetSessionToken = "GetSessionToken" // This method is useful when you want to inject custom logic or configuration // into the SDK's request lifecycle. Such as custom headers, or retry logic. // +// // Example sending a request using the GetSessionTokenRequest method. +// req, resp := client.GetSessionTokenRequest(params) // -// // Example sending a request using the GetSessionTokenRequest method. -// req, resp := client.GetSessionTokenRequest(params) -// -// err := req.Send() -// if err == nil { // resp is now filled -// fmt.Println(resp) -// } +// err := req.Send() +// if err == nil { // resp is now filled +// fmt.Println(resp) +// } // // See also, https://docs.aws.amazon.com/goto/WebAPI/sts-2011-06-15/GetSessionToken func (c *STS) GetSessionTokenRequest(input *GetSessionTokenInput) (req *request.Request, output *GetSessionTokenOutput) { @@ -1248,54 +1261,62 @@ func (c *STS) GetSessionTokenRequest(input *GetSessionTokenInput) (req *request. // GetSessionToken API operation for AWS Security Token Service. // -// Returns a set of temporary credentials for an AWS account or IAM user. The -// credentials consist of an access key ID, a secret access key, and a security -// token. Typically, you use GetSessionToken if you want to use MFA to protect -// programmatic calls to specific AWS API operations like Amazon EC2 StopInstances. -// MFA-enabled IAM users would need to call GetSessionToken and submit an MFA -// code that is associated with their MFA device. Using the temporary security -// credentials that are returned from the call, IAM users can then make programmatic -// calls to API operations that require MFA authentication. If you do not supply -// a correct MFA code, then the API returns an access denied error. For a comparison -// of GetSessionToken with the other API operations that produce temporary credentials, -// see Requesting Temporary Security Credentials (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html) -// and Comparing the AWS STS API operations (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#stsapi_comparison) +// Returns a set of temporary credentials for an Amazon Web Services account +// or IAM user. The credentials consist of an access key ID, a secret access +// key, and a security token. Typically, you use GetSessionToken if you want +// to use MFA to protect programmatic calls to specific Amazon Web Services +// API operations like Amazon EC2 StopInstances. +// +// MFA-enabled IAM users must call GetSessionToken and submit an MFA code that +// is associated with their MFA device. Using the temporary security credentials +// that the call returns, IAM users can then make programmatic calls to API +// operations that require MFA authentication. An incorrect MFA code causes +// the API to return an access denied error. For a comparison of GetSessionToken +// with the other API operations that produce temporary credentials, see Requesting +// Temporary Security Credentials (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html) +// and Comparing the Amazon Web Services STS API operations (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#stsapi_comparison) // in the IAM User Guide. // -// Session Duration +// No permissions are required for users to perform this operation. The purpose +// of the sts:GetSessionToken operation is to authenticate the user using MFA. +// You cannot use policies to control authentication operations. For more information, +// see Permissions for GetSessionToken (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_control-access_getsessiontoken.html) +// in the IAM User Guide. +// +// # Session Duration // -// The GetSessionToken operation must be called by using the long-term AWS security -// credentials of the AWS account root user or an IAM user. Credentials that -// are created by IAM users are valid for the duration that you specify. This -// duration can range from 900 seconds (15 minutes) up to a maximum of 129,600 -// seconds (36 hours), with a default of 43,200 seconds (12 hours). Credentials -// based on account credentials can range from 900 seconds (15 minutes) up to -// 3,600 seconds (1 hour), with a default of 1 hour. +// The GetSessionToken operation must be called by using the long-term Amazon +// Web Services security credentials of an IAM user. Credentials that are created +// by IAM users are valid for the duration that you specify. This duration can +// range from 900 seconds (15 minutes) up to a maximum of 129,600 seconds (36 +// hours), with a default of 43,200 seconds (12 hours). Credentials based on +// account credentials can range from 900 seconds (15 minutes) up to 3,600 seconds +// (1 hour), with a default of 1 hour. // -// Permissions +// # Permissions // // The temporary security credentials created by GetSessionToken can be used -// to make API calls to any AWS service with the following exceptions: +// to make API calls to any Amazon Web Services service with the following exceptions: // -// * You cannot call any IAM API operations unless MFA authentication information -// is included in the request. +// - You cannot call any IAM API operations unless MFA authentication information +// is included in the request. // -// * You cannot call any STS API except AssumeRole or GetCallerIdentity. +// - You cannot call any STS API except AssumeRole or GetCallerIdentity. // -// We recommend that you do not call GetSessionToken with AWS account root user -// credentials. Instead, follow our best practices (https://docs.aws.amazon.com/IAM/latest/UserGuide/best-practices.html#create-iam-users) -// by creating one or more IAM users, giving them the necessary permissions, -// and using IAM users for everyday interaction with AWS. +// The credentials that GetSessionToken returns are based on permissions associated +// with the IAM user whose credentials were used to call the operation. The +// temporary credentials have the same permissions as the IAM user. // -// The credentials that are returned by GetSessionToken are based on permissions -// associated with the user whose credentials were used to call the operation. -// If GetSessionToken is called using AWS account root user credentials, the -// temporary credentials have root user permissions. Similarly, if GetSessionToken -// is called using the credentials of an IAM user, the temporary credentials -// have the same permissions as the IAM user. +// Although it is possible to call GetSessionToken using the security credentials +// of an Amazon Web Services account root user rather than an IAM user, we do +// not recommend it. If GetSessionToken is called using root user credentials, +// the temporary credentials have root user permissions. For more information, +// see Safeguard your root user credentials and don't use them for everyday +// tasks (https://docs.aws.amazon.com/IAM/latest/UserGuide/best-practices.html#lock-away-credentials) +// in the IAM User Guide // // For more information about using GetSessionToken to create temporary credentials, -// go to Temporary Credentials for Users in Untrusted Environments (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#api_getsessiontoken) +// see Temporary Credentials for Users in Untrusted Environments (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_request.html#api_getsessiontoken) // in the IAM User Guide. // // Returns awserr.Error for service API and SDK errors. Use runtime type assertions @@ -1306,12 +1327,13 @@ func (c *STS) GetSessionTokenRequest(input *GetSessionTokenInput) (req *request. // API operation GetSessionToken for usage and error information. // // Returned Error Codes: -// * ErrCodeRegionDisabledException "RegionDisabledException" -// STS is not activated in the requested region for the account that is being -// asked to generate credentials. The account administrator must use the IAM -// console to activate STS in that region. For more information, see Activating -// and Deactivating AWS STS in an AWS Region (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html) -// in the IAM User Guide. +// - ErrCodeRegionDisabledException "RegionDisabledException" +// STS is not activated in the requested region for the account that is being +// asked to generate credentials. The account administrator must use the IAM +// console to activate STS in that region. For more information, see Activating +// and Deactivating Amazon Web Services STS in an Amazon Web Services Region +// (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html) +// in the IAM User Guide. // // See also, https://docs.aws.amazon.com/goto/WebAPI/sts-2011-06-15/GetSessionToken func (c *STS) GetSessionToken(input *GetSessionTokenInput) (*GetSessionTokenOutput, error) { @@ -1338,14 +1360,23 @@ func (c *STS) GetSessionTokenWithContext(ctx aws.Context, input *GetSessionToken type AssumeRoleInput struct { _ struct{} `type:"structure"` - // The duration, in seconds, of the role session. The value can range from 900 - // seconds (15 minutes) up to the maximum session duration setting for the role. - // This setting can have a value from 1 hour to 12 hours. If you specify a value - // higher than this setting, the operation fails. For example, if you specify + // The duration, in seconds, of the role session. The value specified can range + // from 900 seconds (15 minutes) up to the maximum session duration set for + // the role. The maximum session duration setting can have a value from 1 hour + // to 12 hours. If you specify a value higher than this setting or the administrator + // setting (whichever is lower), the operation fails. For example, if you specify // a session duration of 12 hours, but your administrator set the maximum session - // duration to 6 hours, your operation fails. To learn how to view the maximum - // value for your role, see View the Maximum Session Duration Setting for a - // Role (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use.html#id_roles_use_view-role-max-session) + // duration to 6 hours, your operation fails. + // + // Role chaining limits your Amazon Web Services CLI or Amazon Web Services + // API role session to a maximum of one hour. When you use the AssumeRole API + // operation to assume a role, you can specify the duration of your role session + // with the DurationSeconds parameter. You can specify a parameter value of + // up to 43200 seconds (12 hours), depending on the maximum session duration + // setting for your role. However, if you assume a role using role chaining + // and provide a DurationSeconds parameter value greater than one hour, the + // operation fails. To learn how to view the maximum value for your role, see + // View the Maximum Session Duration Setting for a Role (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_use.html#id_roles_use_view-role-max-session) // in the IAM User Guide. // // By default, the value is set to 3600 seconds. @@ -1355,7 +1386,7 @@ type AssumeRoleInput struct { // to the federation endpoint for a console sign-in token takes a SessionDuration // parameter that specifies the maximum length of the console session. For more // information, see Creating a URL that Enables Federated Users to Access the - // AWS Management Console (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_enable-console-custom-url.html) + // Amazon Web Services Management Console (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_enable-console-custom-url.html) // in the IAM User Guide. DurationSeconds *int64 `min:"900" type:"integer"` @@ -1367,8 +1398,8 @@ type AssumeRoleInput struct { // of the trusting account might send an external ID to the administrator of // the trusted account. That way, only someone with the ID can assume the role, // rather than everyone in the account. For more information about the external - // ID, see How to Use an External ID When Granting Access to Your AWS Resources - // to a Third Party (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_create_for-user_externalid.html) + // ID, see How to Use an External ID When Granting Access to Your Amazon Web + // Services Resources to a Third Party (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_create_for-user_externalid.html) // in the IAM User Guide. // // The regex used to validate this parameter is a string of characters consisting @@ -1381,23 +1412,25 @@ type AssumeRoleInput struct { // This parameter is optional. Passing policies to this operation returns new // temporary credentials. The resulting session's permissions are the intersection // of the role's identity-based policy and the session policies. You can use - // the role's temporary credentials in subsequent AWS API calls to access resources - // in the account that owns the role. You cannot use session policies to grant - // more permissions than those allowed by the identity-based policy of the role - // that is being assumed. For more information, see Session Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session) + // the role's temporary credentials in subsequent Amazon Web Services API calls + // to access resources in the account that owns the role. You cannot use session + // policies to grant more permissions than those allowed by the identity-based + // policy of the role that is being assumed. For more information, see Session + // Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session) // in the IAM User Guide. // - // The plain text that you use for both inline and managed session policies - // can't exceed 2,048 characters. The JSON policy characters can be any ASCII - // character from the space character to the end of the valid character list - // (\u0020 through \u00FF). It can also include the tab (\u0009), linefeed (\u000A), - // and carriage return (\u000D) characters. - // - // An AWS conversion compresses the passed session policies and session tags - // into a packed binary format that has a separate limit. Your request can fail - // for this limit even if your plain text meets the other requirements. The - // PackedPolicySize response element indicates by percentage how close the policies - // and tags for your request are to the upper size limit. + // The plaintext that you use for both inline and managed session policies can't + // exceed 2,048 characters. The JSON policy characters can be any ASCII character + // from the space character to the end of the valid character list (\u0020 through + // \u00FF). It can also include the tab (\u0009), linefeed (\u000A), and carriage + // return (\u000D) characters. + // + // An Amazon Web Services conversion compresses the passed inline session policy, + // managed policy ARNs, and session tags into a packed binary format that has + // a separate limit. Your request can fail for this limit even if your plaintext + // meets the other requirements. The PackedPolicySize response element indicates + // by percentage how close the policies and tags for your request are to the + // upper size limit. Policy *string `min:"1" type:"string"` // The Amazon Resource Names (ARNs) of the IAM managed policies that you want @@ -1405,27 +1438,39 @@ type AssumeRoleInput struct { // as the role. // // This parameter is optional. You can provide up to 10 managed policy ARNs. - // However, the plain text that you use for both inline and managed session - // policies can't exceed 2,048 characters. For more information about ARNs, - // see Amazon Resource Names (ARNs) and AWS Service Namespaces (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) - // in the AWS General Reference. - // - // An AWS conversion compresses the passed session policies and session tags - // into a packed binary format that has a separate limit. Your request can fail - // for this limit even if your plain text meets the other requirements. The - // PackedPolicySize response element indicates by percentage how close the policies - // and tags for your request are to the upper size limit. + // However, the plaintext that you use for both inline and managed session policies + // can't exceed 2,048 characters. For more information about ARNs, see Amazon + // Resource Names (ARNs) and Amazon Web Services Service Namespaces (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) + // in the Amazon Web Services General Reference. + // + // An Amazon Web Services conversion compresses the passed inline session policy, + // managed policy ARNs, and session tags into a packed binary format that has + // a separate limit. Your request can fail for this limit even if your plaintext + // meets the other requirements. The PackedPolicySize response element indicates + // by percentage how close the policies and tags for your request are to the + // upper size limit. // // Passing policies to this operation returns new temporary credentials. The // resulting session's permissions are the intersection of the role's identity-based // policy and the session policies. You can use the role's temporary credentials - // in subsequent AWS API calls to access resources in the account that owns - // the role. You cannot use session policies to grant more permissions than - // those allowed by the identity-based policy of the role that is being assumed. - // For more information, see Session Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session) + // in subsequent Amazon Web Services API calls to access resources in the account + // that owns the role. You cannot use session policies to grant more permissions + // than those allowed by the identity-based policy of the role that is being + // assumed. For more information, see Session Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session) // in the IAM User Guide. PolicyArns []*PolicyDescriptorType `type:"list"` + // A list of previously acquired trusted context assertions in the format of + // a JSON array. The trusted context assertion is signed and encrypted by Amazon + // Web Services STS. + // + // The following is an example of a ProvidedContext value that includes a single + // trusted context assertion and the ARN of the context provider from which + // the trusted context assertion was generated. + // + // [{"ProviderArn":"arn:aws:iam::aws:contextProvider/IdentityCenter","ContextAssertion":"trusted-context-assertion"}] + ProvidedContexts []*ProvidedContext `type:"list"` + // The Amazon Resource Name (ARN) of the role to assume. // // RoleArn is a required field @@ -1439,7 +1484,7 @@ type AssumeRoleInput struct { // account that owns the role. The role session name is also used in the ARN // of the assumed role principal. This means that subsequent cross-account API // requests that use the temporary security credentials will expose the role - // session name to the external account in their AWS CloudTrail logs. + // session name to the external account in their CloudTrail logs. // // The regex used to validate this parameter is a string of characters consisting // of upper- and lower-case alphanumeric characters with no spaces. You can @@ -1459,22 +1504,42 @@ type AssumeRoleInput struct { // also include underscores or any of the following characters: =,.@- SerialNumber *string `min:"9" type:"string"` + // The source identity specified by the principal that is calling the AssumeRole + // operation. + // + // You can require users to specify a source identity when they assume a role. + // You do this by using the sts:SourceIdentity condition key in a role trust + // policy. You can use source identity information in CloudTrail logs to determine + // who took actions with a role. You can use the aws:SourceIdentity condition + // key to further control access to Amazon Web Services resources based on the + // value of source identity. For more information about using source identity, + // see Monitor and control actions taken with assumed roles (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_control-access_monitor.html) + // in the IAM User Guide. + // + // The regex used to validate this parameter is a string of characters consisting + // of upper- and lower-case alphanumeric characters with no spaces. You can + // also include underscores or any of the following characters: =,.@-. You cannot + // use a value that begins with the text aws:. This prefix is reserved for Amazon + // Web Services internal use. + SourceIdentity *string `min:"2" type:"string"` + // A list of session tags that you want to pass. Each session tag consists of // a key name and an associated value. For more information about session tags, - // see Tagging AWS STS Sessions (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html) + // see Tagging Amazon Web Services STS Sessions (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html) // in the IAM User Guide. // - // This parameter is optional. You can pass up to 50 session tags. The plain - // text session tag keys can’t exceed 128 characters, and the values can’t - // exceed 256 characters. For these and additional limits, see IAM and STS Character + // This parameter is optional. You can pass up to 50 session tags. The plaintext + // session tag keys can’t exceed 128 characters, and the values can’t exceed + // 256 characters. For these and additional limits, see IAM and STS Character // Limits (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-limits.html#reference_iam-limits-entity-length) // in the IAM User Guide. // - // An AWS conversion compresses the passed session policies and session tags - // into a packed binary format that has a separate limit. Your request can fail - // for this limit even if your plain text meets the other requirements. The - // PackedPolicySize response element indicates by percentage how close the policies - // and tags for your request are to the upper size limit. + // An Amazon Web Services conversion compresses the passed inline session policy, + // managed policy ARNs, and session tags into a packed binary format that has + // a separate limit. Your request can fail for this limit even if your plaintext + // meets the other requirements. The PackedPolicySize response element indicates + // by percentage how close the policies and tags for your request are to the + // upper size limit. // // You can pass a session tag with the same key as a tag that is already attached // to the role. When you do, session tags override a role tag with the same @@ -1489,15 +1554,16 @@ type AssumeRoleInput struct { // Additionally, if you used temporary credentials to perform this operation, // the new session inherits any transitive session tags from the calling session. // If you pass a session tag with the same key as an inherited tag, the operation - // fails. To view the inherited tags for a session, see the AWS CloudTrail logs. - // For more information, see Viewing Session Tags in CloudTrail (https://docs.aws.amazon.com/IAM/latest/UserGuide/session-tags.html#id_session-tags_ctlogs) + // fails. To view the inherited tags for a session, see the CloudTrail logs. + // For more information, see Viewing Session Tags in CloudTrail (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html#id_session-tags_ctlogs) // in the IAM User Guide. Tags []*Tag `type:"list"` // The value provided by the MFA device, if the trust policy of the role being - // assumed requires MFA (that is, if the policy includes a condition that tests - // for MFA). If the role being assumed requires MFA and if the TokenCode value - // is missing or expired, the AssumeRole call returns an "access denied" error. + // assumed requires MFA. (In other words, if the policy includes a condition + // that tests for MFA). If the role being assumed requires MFA and if the TokenCode + // value is missing or expired, the AssumeRole call returns an "access denied" + // error. // // The format for this parameter, as described by its regex pattern, is a sequence // of six numeric digits. @@ -1517,12 +1583,20 @@ type AssumeRoleInput struct { TransitiveTagKeys []*string `type:"list"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s AssumeRoleInput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s AssumeRoleInput) GoString() string { return s.String() } @@ -1554,6 +1628,9 @@ func (s *AssumeRoleInput) Validate() error { if s.SerialNumber != nil && len(*s.SerialNumber) < 9 { invalidParams.Add(request.NewErrParamMinLen("SerialNumber", 9)) } + if s.SourceIdentity != nil && len(*s.SourceIdentity) < 2 { + invalidParams.Add(request.NewErrParamMinLen("SourceIdentity", 2)) + } if s.TokenCode != nil && len(*s.TokenCode) < 6 { invalidParams.Add(request.NewErrParamMinLen("TokenCode", 6)) } @@ -1567,6 +1644,16 @@ func (s *AssumeRoleInput) Validate() error { } } } + if s.ProvidedContexts != nil { + for i, v := range s.ProvidedContexts { + if v == nil { + continue + } + if err := v.Validate(); err != nil { + invalidParams.AddNested(fmt.Sprintf("%s[%v]", "ProvidedContexts", i), err.(request.ErrInvalidParams)) + } + } + } if s.Tags != nil { for i, v := range s.Tags { if v == nil { @@ -1608,6 +1695,12 @@ func (s *AssumeRoleInput) SetPolicyArns(v []*PolicyDescriptorType) *AssumeRoleIn return s } +// SetProvidedContexts sets the ProvidedContexts field's value. +func (s *AssumeRoleInput) SetProvidedContexts(v []*ProvidedContext) *AssumeRoleInput { + s.ProvidedContexts = v + return s +} + // SetRoleArn sets the RoleArn field's value. func (s *AssumeRoleInput) SetRoleArn(v string) *AssumeRoleInput { s.RoleArn = &v @@ -1626,6 +1719,12 @@ func (s *AssumeRoleInput) SetSerialNumber(v string) *AssumeRoleInput { return s } +// SetSourceIdentity sets the SourceIdentity field's value. +func (s *AssumeRoleInput) SetSourceIdentity(v string) *AssumeRoleInput { + s.SourceIdentity = &v + return s +} + // SetTags sets the Tags field's value. func (s *AssumeRoleInput) SetTags(v []*Tag) *AssumeRoleInput { s.Tags = v @@ -1645,7 +1744,8 @@ func (s *AssumeRoleInput) SetTransitiveTagKeys(v []*string) *AssumeRoleInput { } // Contains the response to a successful AssumeRole request, including temporary -// AWS credentials that can be used to make AWS requests. +// Amazon Web Services credentials that can be used to make Amazon Web Services +// requests. type AssumeRoleOutput struct { _ struct{} `type:"structure"` @@ -1668,14 +1768,39 @@ type AssumeRoleOutput struct { // packed size is greater than 100 percent, which means the policies and tags // exceeded the allowed space. PackedPolicySize *int64 `type:"integer"` + + // The source identity specified by the principal that is calling the AssumeRole + // operation. + // + // You can require users to specify a source identity when they assume a role. + // You do this by using the sts:SourceIdentity condition key in a role trust + // policy. You can use source identity information in CloudTrail logs to determine + // who took actions with a role. You can use the aws:SourceIdentity condition + // key to further control access to Amazon Web Services resources based on the + // value of source identity. For more information about using source identity, + // see Monitor and control actions taken with assumed roles (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_control-access_monitor.html) + // in the IAM User Guide. + // + // The regex used to validate this parameter is a string of characters consisting + // of upper- and lower-case alphanumeric characters with no spaces. You can + // also include underscores or any of the following characters: =,.@- + SourceIdentity *string `min:"2" type:"string"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s AssumeRoleOutput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s AssumeRoleOutput) GoString() string { return s.String() } @@ -1698,6 +1823,12 @@ func (s *AssumeRoleOutput) SetPackedPolicySize(v int64) *AssumeRoleOutput { return s } +// SetSourceIdentity sets the SourceIdentity field's value. +func (s *AssumeRoleOutput) SetSourceIdentity(v string) *AssumeRoleOutput { + s.SourceIdentity = &v + return s +} + type AssumeRoleWithSAMLInput struct { _ struct{} `type:"structure"` @@ -1721,7 +1852,7 @@ type AssumeRoleWithSAMLInput struct { // to the federation endpoint for a console sign-in token takes a SessionDuration // parameter that specifies the maximum length of the console session. For more // information, see Creating a URL that Enables Federated Users to Access the - // AWS Management Console (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_enable-console-custom-url.html) + // Amazon Web Services Management Console (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_enable-console-custom-url.html) // in the IAM User Guide. DurationSeconds *int64 `min:"900" type:"integer"` @@ -1730,23 +1861,25 @@ type AssumeRoleWithSAMLInput struct { // This parameter is optional. Passing policies to this operation returns new // temporary credentials. The resulting session's permissions are the intersection // of the role's identity-based policy and the session policies. You can use - // the role's temporary credentials in subsequent AWS API calls to access resources - // in the account that owns the role. You cannot use session policies to grant - // more permissions than those allowed by the identity-based policy of the role - // that is being assumed. For more information, see Session Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session) + // the role's temporary credentials in subsequent Amazon Web Services API calls + // to access resources in the account that owns the role. You cannot use session + // policies to grant more permissions than those allowed by the identity-based + // policy of the role that is being assumed. For more information, see Session + // Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session) // in the IAM User Guide. // - // The plain text that you use for both inline and managed session policies - // can't exceed 2,048 characters. The JSON policy characters can be any ASCII - // character from the space character to the end of the valid character list - // (\u0020 through \u00FF). It can also include the tab (\u0009), linefeed (\u000A), - // and carriage return (\u000D) characters. - // - // An AWS conversion compresses the passed session policies and session tags - // into a packed binary format that has a separate limit. Your request can fail - // for this limit even if your plain text meets the other requirements. The - // PackedPolicySize response element indicates by percentage how close the policies - // and tags for your request are to the upper size limit. + // The plaintext that you use for both inline and managed session policies can't + // exceed 2,048 characters. The JSON policy characters can be any ASCII character + // from the space character to the end of the valid character list (\u0020 through + // \u00FF). It can also include the tab (\u0009), linefeed (\u000A), and carriage + // return (\u000D) characters. + // + // An Amazon Web Services conversion compresses the passed inline session policy, + // managed policy ARNs, and session tags into a packed binary format that has + // a separate limit. Your request can fail for this limit even if your plaintext + // meets the other requirements. The PackedPolicySize response element indicates + // by percentage how close the policies and tags for your request are to the + // upper size limit. Policy *string `min:"1" type:"string"` // The Amazon Resource Names (ARNs) of the IAM managed policies that you want @@ -1754,24 +1887,25 @@ type AssumeRoleWithSAMLInput struct { // as the role. // // This parameter is optional. You can provide up to 10 managed policy ARNs. - // However, the plain text that you use for both inline and managed session - // policies can't exceed 2,048 characters. For more information about ARNs, - // see Amazon Resource Names (ARNs) and AWS Service Namespaces (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) - // in the AWS General Reference. - // - // An AWS conversion compresses the passed session policies and session tags - // into a packed binary format that has a separate limit. Your request can fail - // for this limit even if your plain text meets the other requirements. The - // PackedPolicySize response element indicates by percentage how close the policies - // and tags for your request are to the upper size limit. + // However, the plaintext that you use for both inline and managed session policies + // can't exceed 2,048 characters. For more information about ARNs, see Amazon + // Resource Names (ARNs) and Amazon Web Services Service Namespaces (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) + // in the Amazon Web Services General Reference. + // + // An Amazon Web Services conversion compresses the passed inline session policy, + // managed policy ARNs, and session tags into a packed binary format that has + // a separate limit. Your request can fail for this limit even if your plaintext + // meets the other requirements. The PackedPolicySize response element indicates + // by percentage how close the policies and tags for your request are to the + // upper size limit. // // Passing policies to this operation returns new temporary credentials. The // resulting session's permissions are the intersection of the role's identity-based // policy and the session policies. You can use the role's temporary credentials - // in subsequent AWS API calls to access resources in the account that owns - // the role. You cannot use session policies to grant more permissions than - // those allowed by the identity-based policy of the role that is being assumed. - // For more information, see Session Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session) + // in subsequent Amazon Web Services API calls to access resources in the account + // that owns the role. You cannot use session policies to grant more permissions + // than those allowed by the identity-based policy of the role that is being + // assumed. For more information, see Session Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session) // in the IAM User Guide. PolicyArns []*PolicyDescriptorType `type:"list"` @@ -1786,21 +1920,33 @@ type AssumeRoleWithSAMLInput struct { // RoleArn is a required field RoleArn *string `min:"20" type:"string" required:"true"` - // The base-64 encoded SAML authentication response provided by the IdP. + // The base64 encoded SAML authentication response provided by the IdP. // // For more information, see Configuring a Relying Party and Adding Claims (https://docs.aws.amazon.com/IAM/latest/UserGuide/create-role-saml-IdP-tasks.html) // in the IAM User Guide. // + // SAMLAssertion is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by AssumeRoleWithSAMLInput's + // String and GoString methods. + // // SAMLAssertion is a required field - SAMLAssertion *string `min:"4" type:"string" required:"true"` + SAMLAssertion *string `min:"4" type:"string" required:"true" sensitive:"true"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s AssumeRoleWithSAMLInput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s AssumeRoleWithSAMLInput) GoString() string { return s.String() } @@ -1886,7 +2032,8 @@ func (s *AssumeRoleWithSAMLInput) SetSAMLAssertion(v string) *AssumeRoleWithSAML } // Contains the response to a successful AssumeRoleWithSAML request, including -// temporary AWS credentials that can be used to make AWS requests. +// temporary Amazon Web Services credentials that can be used to make Amazon +// Web Services requests. type AssumeRoleWithSAMLOutput struct { _ struct{} `type:"structure"` @@ -1908,10 +2055,17 @@ type AssumeRoleWithSAMLOutput struct { // The value of the Issuer element of the SAML assertion. Issuer *string `type:"string"` - // A hash value based on the concatenation of the Issuer response value, the - // AWS account ID, and the friendly name (the last part of the ARN) of the SAML - // provider in IAM. The combination of NameQualifier and Subject can be used - // to uniquely identify a federated user. + // A hash value based on the concatenation of the following: + // + // * The Issuer response value. + // + // * The Amazon Web Services account ID. + // + // * The friendly name (the last part of the ARN) of the SAML provider in + // IAM. + // + // The combination of NameQualifier and Subject can be used to uniquely identify + // a user. // // The following pseudocode shows how the hash value is calculated: // @@ -1925,6 +2079,26 @@ type AssumeRoleWithSAMLOutput struct { // exceeded the allowed space. PackedPolicySize *int64 `type:"integer"` + // The value in the SourceIdentity attribute in the SAML assertion. + // + // You can require users to set a source identity value when they assume a role. + // You do this by using the sts:SourceIdentity condition key in a role trust + // policy. That way, actions that are taken with the role are associated with + // that user. After the source identity is set, the value cannot be changed. + // It is present in the request for all actions that are taken by the role and + // persists across chained role (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_terms-and-concepts#iam-term-role-chaining) + // sessions. You can configure your SAML identity provider to use an attribute + // associated with your users, like user name or email, as the source identity + // when calling AssumeRoleWithSAML. You do this by adding an attribute to the + // SAML assertion. For more information about using source identity, see Monitor + // and control actions taken with assumed roles (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_control-access_monitor.html) + // in the IAM User Guide. + // + // The regex used to validate this parameter is a string of characters consisting + // of upper- and lower-case alphanumeric characters with no spaces. You can + // also include underscores or any of the following characters: =,.@- + SourceIdentity *string `min:"2" type:"string"` + // The value of the NameID element in the Subject element of the SAML assertion. Subject *string `type:"string"` @@ -1939,12 +2113,20 @@ type AssumeRoleWithSAMLOutput struct { SubjectType *string `type:"string"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s AssumeRoleWithSAMLOutput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s AssumeRoleWithSAMLOutput) GoString() string { return s.String() } @@ -1985,6 +2167,12 @@ func (s *AssumeRoleWithSAMLOutput) SetPackedPolicySize(v int64) *AssumeRoleWithS return s } +// SetSourceIdentity sets the SourceIdentity field's value. +func (s *AssumeRoleWithSAMLOutput) SetSourceIdentity(v string) *AssumeRoleWithSAMLOutput { + s.SourceIdentity = &v + return s +} + // SetSubject sets the Subject field's value. func (s *AssumeRoleWithSAMLOutput) SetSubject(v string) *AssumeRoleWithSAMLOutput { s.Subject = &v @@ -2017,7 +2205,7 @@ type AssumeRoleWithWebIdentityInput struct { // to the federation endpoint for a console sign-in token takes a SessionDuration // parameter that specifies the maximum length of the console session. For more // information, see Creating a URL that Enables Federated Users to Access the - // AWS Management Console (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_enable-console-custom-url.html) + // Amazon Web Services Management Console (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_providers_enable-console-custom-url.html) // in the IAM User Guide. DurationSeconds *int64 `min:"900" type:"integer"` @@ -2026,23 +2214,25 @@ type AssumeRoleWithWebIdentityInput struct { // This parameter is optional. Passing policies to this operation returns new // temporary credentials. The resulting session's permissions are the intersection // of the role's identity-based policy and the session policies. You can use - // the role's temporary credentials in subsequent AWS API calls to access resources - // in the account that owns the role. You cannot use session policies to grant - // more permissions than those allowed by the identity-based policy of the role - // that is being assumed. For more information, see Session Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session) + // the role's temporary credentials in subsequent Amazon Web Services API calls + // to access resources in the account that owns the role. You cannot use session + // policies to grant more permissions than those allowed by the identity-based + // policy of the role that is being assumed. For more information, see Session + // Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session) // in the IAM User Guide. // - // The plain text that you use for both inline and managed session policies - // can't exceed 2,048 characters. The JSON policy characters can be any ASCII - // character from the space character to the end of the valid character list - // (\u0020 through \u00FF). It can also include the tab (\u0009), linefeed (\u000A), - // and carriage return (\u000D) characters. - // - // An AWS conversion compresses the passed session policies and session tags - // into a packed binary format that has a separate limit. Your request can fail - // for this limit even if your plain text meets the other requirements. The - // PackedPolicySize response element indicates by percentage how close the policies - // and tags for your request are to the upper size limit. + // The plaintext that you use for both inline and managed session policies can't + // exceed 2,048 characters. The JSON policy characters can be any ASCII character + // from the space character to the end of the valid character list (\u0020 through + // \u00FF). It can also include the tab (\u0009), linefeed (\u000A), and carriage + // return (\u000D) characters. + // + // An Amazon Web Services conversion compresses the passed inline session policy, + // managed policy ARNs, and session tags into a packed binary format that has + // a separate limit. Your request can fail for this limit even if your plaintext + // meets the other requirements. The PackedPolicySize response element indicates + // by percentage how close the policies and tags for your request are to the + // upper size limit. Policy *string `min:"1" type:"string"` // The Amazon Resource Names (ARNs) of the IAM managed policies that you want @@ -2050,32 +2240,34 @@ type AssumeRoleWithWebIdentityInput struct { // as the role. // // This parameter is optional. You can provide up to 10 managed policy ARNs. - // However, the plain text that you use for both inline and managed session - // policies can't exceed 2,048 characters. For more information about ARNs, - // see Amazon Resource Names (ARNs) and AWS Service Namespaces (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) - // in the AWS General Reference. - // - // An AWS conversion compresses the passed session policies and session tags - // into a packed binary format that has a separate limit. Your request can fail - // for this limit even if your plain text meets the other requirements. The - // PackedPolicySize response element indicates by percentage how close the policies - // and tags for your request are to the upper size limit. + // However, the plaintext that you use for both inline and managed session policies + // can't exceed 2,048 characters. For more information about ARNs, see Amazon + // Resource Names (ARNs) and Amazon Web Services Service Namespaces (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) + // in the Amazon Web Services General Reference. + // + // An Amazon Web Services conversion compresses the passed inline session policy, + // managed policy ARNs, and session tags into a packed binary format that has + // a separate limit. Your request can fail for this limit even if your plaintext + // meets the other requirements. The PackedPolicySize response element indicates + // by percentage how close the policies and tags for your request are to the + // upper size limit. // // Passing policies to this operation returns new temporary credentials. The // resulting session's permissions are the intersection of the role's identity-based // policy and the session policies. You can use the role's temporary credentials - // in subsequent AWS API calls to access resources in the account that owns - // the role. You cannot use session policies to grant more permissions than - // those allowed by the identity-based policy of the role that is being assumed. - // For more information, see Session Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session) + // in subsequent Amazon Web Services API calls to access resources in the account + // that owns the role. You cannot use session policies to grant more permissions + // than those allowed by the identity-based policy of the role that is being + // assumed. For more information, see Session Policies (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session) // in the IAM User Guide. PolicyArns []*PolicyDescriptorType `type:"list"` - // The fully qualified host component of the domain name of the identity provider. + // The fully qualified host component of the domain name of the OAuth 2.0 identity + // provider. Do not specify this value for an OpenID Connect identity provider. // - // Specify this value only for OAuth 2.0 access tokens. Currently www.amazon.com - // and graph.facebook.com are the only supported identity providers for OAuth - // 2.0 access tokens. Do not include URL schemes and port numbers. + // Currently www.amazon.com and graph.facebook.com are the only supported identity + // providers for OAuth 2.0 access tokens. Do not include URL schemes and port + // numbers. // // Do not specify this value for OpenID Connect ID tokens. ProviderId *string `min:"4" type:"string"` @@ -2101,18 +2293,31 @@ type AssumeRoleWithWebIdentityInput struct { // The OAuth 2.0 access token or OpenID Connect ID token that is provided by // the identity provider. Your application must get this token by authenticating // the user who is using your application with a web identity provider before - // the application makes an AssumeRoleWithWebIdentity call. + // the application makes an AssumeRoleWithWebIdentity call. Only tokens with + // RSA algorithms (RS256) are supported. + // + // WebIdentityToken is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by AssumeRoleWithWebIdentityInput's + // String and GoString methods. // // WebIdentityToken is a required field - WebIdentityToken *string `min:"4" type:"string" required:"true"` + WebIdentityToken *string `min:"4" type:"string" required:"true" sensitive:"true"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s AssumeRoleWithWebIdentityInput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s AssumeRoleWithWebIdentityInput) GoString() string { return s.String() } @@ -2207,7 +2412,8 @@ func (s *AssumeRoleWithWebIdentityInput) SetWebIdentityToken(v string) *AssumeRo } // Contains the response to a successful AssumeRoleWithWebIdentity request, -// including temporary AWS credentials that can be used to make AWS requests. +// including temporary Amazon Web Services credentials that can be used to make +// Amazon Web Services requests. type AssumeRoleWithWebIdentityOutput struct { _ struct{} `type:"structure"` @@ -2242,6 +2448,29 @@ type AssumeRoleWithWebIdentityOutput struct { // in the AssumeRoleWithWebIdentity request. Provider *string `type:"string"` + // The value of the source identity that is returned in the JSON web token (JWT) + // from the identity provider. + // + // You can require users to set a source identity value when they assume a role. + // You do this by using the sts:SourceIdentity condition key in a role trust + // policy. That way, actions that are taken with the role are associated with + // that user. After the source identity is set, the value cannot be changed. + // It is present in the request for all actions that are taken by the role and + // persists across chained role (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_terms-and-concepts#iam-term-role-chaining) + // sessions. You can configure your identity provider to use an attribute associated + // with your users, like user name or email, as the source identity when calling + // AssumeRoleWithWebIdentity. You do this by adding a claim to the JSON web + // token. To learn more about OIDC tokens and claims, see Using Tokens with + // User Pools (https://docs.aws.amazon.com/cognito/latest/developerguide/amazon-cognito-user-pools-using-tokens-with-identity-providers.html) + // in the Amazon Cognito Developer Guide. For more information about using source + // identity, see Monitor and control actions taken with assumed roles (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_control-access_monitor.html) + // in the IAM User Guide. + // + // The regex used to validate this parameter is a string of characters consisting + // of upper- and lower-case alphanumeric characters with no spaces. You can + // also include underscores or any of the following characters: =,.@- + SourceIdentity *string `min:"2" type:"string"` + // The unique user identifier that is returned by the identity provider. This // identifier is associated with the WebIdentityToken that was submitted with // the AssumeRoleWithWebIdentity call. The identifier is typically unique to @@ -2251,12 +2480,20 @@ type AssumeRoleWithWebIdentityOutput struct { SubjectFromWebIdentityToken *string `min:"6" type:"string"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s AssumeRoleWithWebIdentityOutput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s AssumeRoleWithWebIdentityOutput) GoString() string { return s.String() } @@ -2291,6 +2528,12 @@ func (s *AssumeRoleWithWebIdentityOutput) SetProvider(v string) *AssumeRoleWithW return s } +// SetSourceIdentity sets the SourceIdentity field's value. +func (s *AssumeRoleWithWebIdentityOutput) SetSourceIdentity(v string) *AssumeRoleWithWebIdentityOutput { + s.SourceIdentity = &v + return s +} + // SetSubjectFromWebIdentityToken sets the SubjectFromWebIdentityToken field's value. func (s *AssumeRoleWithWebIdentityOutput) SetSubjectFromWebIdentityToken(v string) *AssumeRoleWithWebIdentityOutput { s.SubjectFromWebIdentityToken = &v @@ -2311,19 +2554,27 @@ type AssumedRoleUser struct { Arn *string `min:"20" type:"string" required:"true"` // A unique identifier that contains the role ID and the role session name of - // the role that is being assumed. The role ID is generated by AWS when the - // role is created. + // the role that is being assumed. The role ID is generated by Amazon Web Services + // when the role is created. // // AssumedRoleId is a required field AssumedRoleId *string `min:"2" type:"string" required:"true"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s AssumedRoleUser) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s AssumedRoleUser) GoString() string { return s.String() } @@ -2340,7 +2591,7 @@ func (s *AssumedRoleUser) SetAssumedRoleId(v string) *AssumedRoleUser { return s } -// AWS credentials for API authentication. +// Amazon Web Services credentials for API authentication. type Credentials struct { _ struct{} `type:"structure"` @@ -2356,8 +2607,12 @@ type Credentials struct { // The secret access key that can be used to sign requests. // + // SecretAccessKey is a sensitive parameter and its value will be + // replaced with "sensitive" in string returned by Credentials's + // String and GoString methods. + // // SecretAccessKey is a required field - SecretAccessKey *string `type:"string" required:"true"` + SecretAccessKey *string `type:"string" required:"true" sensitive:"true"` // The token that users must pass to the service API to use the temporary credentials. // @@ -2365,12 +2620,20 @@ type Credentials struct { SessionToken *string `type:"string" required:"true"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s Credentials) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s Credentials) GoString() string { return s.String() } @@ -2408,12 +2671,20 @@ type DecodeAuthorizationMessageInput struct { EncodedMessage *string `min:"1" type:"string" required:"true"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s DecodeAuthorizationMessageInput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s DecodeAuthorizationMessageInput) GoString() string { return s.String() } @@ -2441,21 +2712,29 @@ func (s *DecodeAuthorizationMessageInput) SetEncodedMessage(v string) *DecodeAut } // A document that contains additional information about the authorization status -// of a request from an encoded message that is returned in response to an AWS -// request. +// of a request from an encoded message that is returned in response to an Amazon +// Web Services request. type DecodeAuthorizationMessageOutput struct { _ struct{} `type:"structure"` - // An XML document that contains the decoded message. + // The API returns a response with the decoded message. DecodedMessage *string `type:"string"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s DecodeAuthorizationMessageOutput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s DecodeAuthorizationMessageOutput) GoString() string { return s.String() } @@ -2485,12 +2764,20 @@ type FederatedUser struct { FederatedUserId *string `min:"2" type:"string" required:"true"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s FederatedUser) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s FederatedUser) GoString() string { return s.String() } @@ -2519,12 +2806,20 @@ type GetAccessKeyInfoInput struct { AccessKeyId *string `min:"16" type:"string" required:"true"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s GetAccessKeyInfoInput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s GetAccessKeyInfoInput) GoString() string { return s.String() } @@ -2554,16 +2849,24 @@ func (s *GetAccessKeyInfoInput) SetAccessKeyId(v string) *GetAccessKeyInfoInput type GetAccessKeyInfoOutput struct { _ struct{} `type:"structure"` - // The number used to identify the AWS account. + // The number used to identify the Amazon Web Services account. Account *string `type:"string"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s GetAccessKeyInfoOutput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s GetAccessKeyInfoOutput) GoString() string { return s.String() } @@ -2578,12 +2881,20 @@ type GetCallerIdentityInput struct { _ struct{} `type:"structure"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s GetCallerIdentityInput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s GetCallerIdentityInput) GoString() string { return s.String() } @@ -2593,11 +2904,11 @@ func (s GetCallerIdentityInput) GoString() string { type GetCallerIdentityOutput struct { _ struct{} `type:"structure"` - // The AWS account ID number of the account that owns or contains the calling - // entity. + // The Amazon Web Services account ID number of the account that owns or contains + // the calling entity. Account *string `type:"string"` - // The AWS ARN associated with the calling entity. + // The Amazon Web Services ARN associated with the calling entity. Arn *string `min:"20" type:"string"` // The unique identifier of the calling entity. The exact value depends on the @@ -2607,12 +2918,20 @@ type GetCallerIdentityOutput struct { UserId *string `type:"string"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s GetCallerIdentityOutput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s GetCallerIdentityOutput) GoString() string { return s.String() } @@ -2641,9 +2960,9 @@ type GetFederationTokenInput struct { // The duration, in seconds, that the session should last. Acceptable durations // for federation sessions range from 900 seconds (15 minutes) to 129,600 seconds // (36 hours), with 43,200 seconds (12 hours) as the default. Sessions obtained - // using AWS account root user credentials are restricted to a maximum of 3,600 - // seconds (one hour). If the specified duration is longer than one hour, the - // session obtained by using root user credentials defaults to one hour. + // using root user credentials are restricted to a maximum of 3,600 seconds + // (one hour). If the specified duration is longer than one hour, the session + // obtained by using root user credentials defaults to one hour. DurationSeconds *int64 `min:"900" type:"integer"` // The name of the federated user. The name is used as an identifier for the @@ -2662,8 +2981,8 @@ type GetFederationTokenInput struct { // // You must pass an inline or managed session policy (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session) // to this operation. You can pass a single JSON policy document to use as an - // inline session policy. You can also specify up to 10 managed policies to - // use as managed session policies. + // inline session policy. You can also specify up to 10 managed policy Amazon + // Resource Names (ARNs) to use as managed session policies. // // This parameter is optional. However, if you do not pass any session policies, // then the resulting federated user session has no permissions. @@ -2682,17 +3001,18 @@ type GetFederationTokenInput struct { // by the policy. These permissions are granted in addition to the permissions // that are granted by the session policies. // - // The plain text that you use for both inline and managed session policies - // can't exceed 2,048 characters. The JSON policy characters can be any ASCII - // character from the space character to the end of the valid character list - // (\u0020 through \u00FF). It can also include the tab (\u0009), linefeed (\u000A), - // and carriage return (\u000D) characters. - // - // An AWS conversion compresses the passed session policies and session tags - // into a packed binary format that has a separate limit. Your request can fail - // for this limit even if your plain text meets the other requirements. The - // PackedPolicySize response element indicates by percentage how close the policies - // and tags for your request are to the upper size limit. + // The plaintext that you use for both inline and managed session policies can't + // exceed 2,048 characters. The JSON policy characters can be any ASCII character + // from the space character to the end of the valid character list (\u0020 through + // \u00FF). It can also include the tab (\u0009), linefeed (\u000A), and carriage + // return (\u000D) characters. + // + // An Amazon Web Services conversion compresses the passed inline session policy, + // managed policy ARNs, and session tags into a packed binary format that has + // a separate limit. Your request can fail for this limit even if your plaintext + // meets the other requirements. The PackedPolicySize response element indicates + // by percentage how close the policies and tags for your request are to the + // upper size limit. Policy *string `min:"1" type:"string"` // The Amazon Resource Names (ARNs) of the IAM managed policies that you want @@ -2701,12 +3021,13 @@ type GetFederationTokenInput struct { // // You must pass an inline or managed session policy (https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#policies_session) // to this operation. You can pass a single JSON policy document to use as an - // inline session policy. You can also specify up to 10 managed policies to - // use as managed session policies. The plain text that you use for both inline - // and managed session policies can't exceed 2,048 characters. You can provide - // up to 10 managed policy ARNs. For more information about ARNs, see Amazon - // Resource Names (ARNs) and AWS Service Namespaces (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) - // in the AWS General Reference. + // inline session policy. You can also specify up to 10 managed policy Amazon + // Resource Names (ARNs) to use as managed session policies. The plaintext that + // you use for both inline and managed session policies can't exceed 2,048 characters. + // You can provide up to 10 managed policy ARNs. For more information about + // ARNs, see Amazon Resource Names (ARNs) and Amazon Web Services Service Namespaces + // (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) + // in the Amazon Web Services General Reference. // // This parameter is optional. However, if you do not pass any session policies, // then the resulting federated user session has no permissions. @@ -2725,11 +3046,12 @@ type GetFederationTokenInput struct { // by the policy. These permissions are granted in addition to the permissions // that are granted by the session policies. // - // An AWS conversion compresses the passed session policies and session tags - // into a packed binary format that has a separate limit. Your request can fail - // for this limit even if your plain text meets the other requirements. The - // PackedPolicySize response element indicates by percentage how close the policies - // and tags for your request are to the upper size limit. + // An Amazon Web Services conversion compresses the passed inline session policy, + // managed policy ARNs, and session tags into a packed binary format that has + // a separate limit. Your request can fail for this limit even if your plaintext + // meets the other requirements. The PackedPolicySize response element indicates + // by percentage how close the policies and tags for your request are to the + // upper size limit. PolicyArns []*PolicyDescriptorType `type:"list"` // A list of session tags. Each session tag consists of a key name and an associated @@ -2737,17 +3059,18 @@ type GetFederationTokenInput struct { // in STS (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html) // in the IAM User Guide. // - // This parameter is optional. You can pass up to 50 session tags. The plain - // text session tag keys can’t exceed 128 characters and the values can’t - // exceed 256 characters. For these and additional limits, see IAM and STS Character + // This parameter is optional. You can pass up to 50 session tags. The plaintext + // session tag keys can’t exceed 128 characters and the values can’t exceed + // 256 characters. For these and additional limits, see IAM and STS Character // Limits (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-limits.html#reference_iam-limits-entity-length) // in the IAM User Guide. // - // An AWS conversion compresses the passed session policies and session tags - // into a packed binary format that has a separate limit. Your request can fail - // for this limit even if your plain text meets the other requirements. The - // PackedPolicySize response element indicates by percentage how close the policies - // and tags for your request are to the upper size limit. + // An Amazon Web Services conversion compresses the passed inline session policy, + // managed policy ARNs, and session tags into a packed binary format that has + // a separate limit. Your request can fail for this limit even if your plaintext + // meets the other requirements. The PackedPolicySize response element indicates + // by percentage how close the policies and tags for your request are to the + // upper size limit. // // You can pass a session tag with the same key as a tag that is already attached // to the user you are federating. When you do, session tags override a user @@ -2761,12 +3084,20 @@ type GetFederationTokenInput struct { Tags []*Tag `type:"list"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s GetFederationTokenInput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s GetFederationTokenInput) GoString() string { return s.String() } @@ -2844,7 +3175,8 @@ func (s *GetFederationTokenInput) SetTags(v []*Tag) *GetFederationTokenInput { } // Contains the response to a successful GetFederationToken request, including -// temporary AWS credentials that can be used to make AWS requests. +// temporary Amazon Web Services credentials that can be used to make Amazon +// Web Services requests. type GetFederationTokenOutput struct { _ struct{} `type:"structure"` @@ -2868,12 +3200,20 @@ type GetFederationTokenOutput struct { PackedPolicySize *int64 `type:"integer"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s GetFederationTokenOutput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s GetFederationTokenOutput) GoString() string { return s.String() } @@ -2902,9 +3242,9 @@ type GetSessionTokenInput struct { // The duration, in seconds, that the credentials should remain valid. Acceptable // durations for IAM user sessions range from 900 seconds (15 minutes) to 129,600 // seconds (36 hours), with 43,200 seconds (12 hours) as the default. Sessions - // for AWS account owners are restricted to a maximum of 3,600 seconds (one - // hour). If the duration is longer than one hour, the session for AWS account - // owners defaults to one hour. + // for Amazon Web Services account owners are restricted to a maximum of 3,600 + // seconds (one hour). If the duration is longer than one hour, the session + // for Amazon Web Services account owners defaults to one hour. DurationSeconds *int64 `min:"900" type:"integer"` // The identification number of the MFA device that is associated with the IAM @@ -2912,8 +3252,8 @@ type GetSessionTokenInput struct { // user has a policy that requires MFA authentication. The value is either the // serial number for a hardware device (such as GAHT12345678) or an Amazon Resource // Name (ARN) for a virtual device (such as arn:aws:iam::123456789012:mfa/user). - // You can find the device for an IAM user by going to the AWS Management Console - // and viewing the user's security credentials. + // You can find the device for an IAM user by going to the Amazon Web Services + // Management Console and viewing the user's security credentials. // // The regex used to validate this parameter is a string of characters consisting // of upper- and lower-case alphanumeric characters with no spaces. You can @@ -2931,12 +3271,20 @@ type GetSessionTokenInput struct { TokenCode *string `min:"6" type:"string"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s GetSessionTokenInput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s GetSessionTokenInput) GoString() string { return s.String() } @@ -2979,7 +3327,8 @@ func (s *GetSessionTokenInput) SetTokenCode(v string) *GetSessionTokenInput { } // Contains the response to a successful GetSessionToken request, including -// temporary AWS credentials that can be used to make AWS requests. +// temporary Amazon Web Services credentials that can be used to make Amazon +// Web Services requests. type GetSessionTokenOutput struct { _ struct{} `type:"structure"` @@ -2991,12 +3340,20 @@ type GetSessionTokenOutput struct { Credentials *Credentials `type:"structure"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s GetSessionTokenOutput) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s GetSessionTokenOutput) GoString() string { return s.String() } @@ -3014,17 +3371,25 @@ type PolicyDescriptorType struct { // The Amazon Resource Name (ARN) of the IAM managed policy to use as a session // policy for the role. For more information about ARNs, see Amazon Resource - // Names (ARNs) and AWS Service Namespaces (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) - // in the AWS General Reference. + // Names (ARNs) and Amazon Web Services Service Namespaces (https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) + // in the Amazon Web Services General Reference. Arn *string `locationName:"arn" min:"20" type:"string"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s PolicyDescriptorType) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s PolicyDescriptorType) GoString() string { return s.String() } @@ -3048,10 +3413,71 @@ func (s *PolicyDescriptorType) SetArn(v string) *PolicyDescriptorType { return s } +// Contains information about the provided context. This includes the signed +// and encrypted trusted context assertion and the context provider ARN from +// which the trusted context assertion was generated. +type ProvidedContext struct { + _ struct{} `type:"structure"` + + // The signed and encrypted trusted context assertion generated by the context + // provider. The trusted context assertion is signed and encrypted by Amazon + // Web Services STS. + ContextAssertion *string `min:"4" type:"string"` + + // The context provider ARN from which the trusted context assertion was generated. + ProviderArn *string `min:"20" type:"string"` +} + +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ProvidedContext) String() string { + return awsutil.Prettify(s) +} + +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". +func (s ProvidedContext) GoString() string { + return s.String() +} + +// Validate inspects the fields of the type to determine if they are valid. +func (s *ProvidedContext) Validate() error { + invalidParams := request.ErrInvalidParams{Context: "ProvidedContext"} + if s.ContextAssertion != nil && len(*s.ContextAssertion) < 4 { + invalidParams.Add(request.NewErrParamMinLen("ContextAssertion", 4)) + } + if s.ProviderArn != nil && len(*s.ProviderArn) < 20 { + invalidParams.Add(request.NewErrParamMinLen("ProviderArn", 20)) + } + + if invalidParams.Len() > 0 { + return invalidParams + } + return nil +} + +// SetContextAssertion sets the ContextAssertion field's value. +func (s *ProvidedContext) SetContextAssertion(v string) *ProvidedContext { + s.ContextAssertion = &v + return s +} + +// SetProviderArn sets the ProviderArn field's value. +func (s *ProvidedContext) SetProviderArn(v string) *ProvidedContext { + s.ProviderArn = &v + return s +} + // You can pass custom key-value pair attributes when you assume a role or federate // a user. These are called session tags. You can then use the session tags -// to control access to resources. For more information, see Tagging AWS STS -// Sessions (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html) +// to control access to resources. For more information, see Tagging Amazon +// Web Services STS Sessions (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html) // in the IAM User Guide. type Tag struct { _ struct{} `type:"structure"` @@ -3077,12 +3503,20 @@ type Tag struct { Value *string `type:"string" required:"true"` } -// String returns the string representation +// String returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s Tag) String() string { return awsutil.Prettify(s) } -// GoString returns the string representation +// GoString returns the string representation. +// +// API parameter values that are decorated as "sensitive" in the API will not +// be included in the string output. The member name will be present, but the +// value will be replaced with "sensitive". func (s Tag) GoString() string { return s.String() } diff --git a/ecs-init/vendor/github.com/aws/aws-sdk-go/service/sts/doc.go b/ecs-init/vendor/github.com/aws/aws-sdk-go/service/sts/doc.go index cb1debbaa45..ea1d9eb0ccf 100644 --- a/ecs-init/vendor/github.com/aws/aws-sdk-go/service/sts/doc.go +++ b/ecs-init/vendor/github.com/aws/aws-sdk-go/service/sts/doc.go @@ -3,18 +3,17 @@ // Package sts provides the client and types for making API // requests to AWS Security Token Service. // -// AWS Security Token Service (STS) enables you to request temporary, limited-privilege -// credentials for AWS Identity and Access Management (IAM) users or for users -// that you authenticate (federated users). This guide provides descriptions -// of the STS API. For more information about using this service, see Temporary -// Security Credentials (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp.html). +// Security Token Service (STS) enables you to request temporary, limited-privilege +// credentials for users. This guide provides descriptions of the STS API. For +// more information about using this service, see Temporary Security Credentials +// (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp.html). // // See https://docs.aws.amazon.com/goto/WebAPI/sts-2011-06-15 for more information on this service. // // See sts package documentation for more information. // https://docs.aws.amazon.com/sdk-for-go/api/service/sts/ // -// Using the Client +// # Using the Client // // To contact AWS Security Token Service with the SDK use the New function to create // a new service client. With that client you can make API requests to the service. diff --git a/ecs-init/vendor/github.com/aws/aws-sdk-go/service/sts/errors.go b/ecs-init/vendor/github.com/aws/aws-sdk-go/service/sts/errors.go index a233f542ef2..b680bbd5d70 100644 --- a/ecs-init/vendor/github.com/aws/aws-sdk-go/service/sts/errors.go +++ b/ecs-init/vendor/github.com/aws/aws-sdk-go/service/sts/errors.go @@ -42,8 +42,9 @@ const ( // ErrCodeInvalidIdentityTokenException for service response error code // "InvalidIdentityToken". // - // The web identity token that was passed could not be validated by AWS. Get - // a new identity token from the identity provider and then retry the request. + // The web identity token that was passed could not be validated by Amazon Web + // Services. Get a new identity token from the identity provider and then retry + // the request. ErrCodeInvalidIdentityTokenException = "InvalidIdentityToken" // ErrCodeMalformedPolicyDocumentException for service response error code @@ -57,16 +58,16 @@ const ( // "PackedPolicyTooLarge". // // The request was rejected because the total packed size of the session policies - // and session tags combined was too large. An AWS conversion compresses the - // session policy document, session policy ARNs, and session tags into a packed - // binary format that has a separate limit. The error message indicates by percentage - // how close the policies and tags are to the upper size limit. For more information, - // see Passing Session Tags in STS (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html) + // and session tags combined was too large. An Amazon Web Services conversion + // compresses the session policy document, session policy ARNs, and session + // tags into a packed binary format that has a separate limit. The error message + // indicates by percentage how close the policies and tags are to the upper + // size limit. For more information, see Passing Session Tags in STS (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_session-tags.html) // in the IAM User Guide. // // You could receive this error even though you meet other defined session policy // and session tag limits. For more information, see IAM and STS Entity Character - // Limits (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html) + // Limits (https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_iam-quotas.html#reference_iam-limits-entity-length) // in the IAM User Guide. ErrCodePackedPolicyTooLargeException = "PackedPolicyTooLarge" @@ -76,7 +77,8 @@ const ( // STS is not activated in the requested region for the account that is being // asked to generate credentials. The account administrator must use the IAM // console to activate STS in that region. For more information, see Activating - // and Deactivating AWS STS in an AWS Region (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html) + // and Deactivating Amazon Web Services STS in an Amazon Web Services Region + // (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html) // in the IAM User Guide. ErrCodeRegionDisabledException = "RegionDisabledException" ) diff --git a/ecs-init/vendor/github.com/aws/aws-sdk-go/service/sts/service.go b/ecs-init/vendor/github.com/aws/aws-sdk-go/service/sts/service.go index d34a6855331..12327d05332 100644 --- a/ecs-init/vendor/github.com/aws/aws-sdk-go/service/sts/service.go +++ b/ecs-init/vendor/github.com/aws/aws-sdk-go/service/sts/service.go @@ -39,31 +39,37 @@ const ( // aws.Config parameter to add your extra config. // // Example: -// mySession := session.Must(session.NewSession()) // -// // Create a STS client from just a session. -// svc := sts.New(mySession) +// mySession := session.Must(session.NewSession()) // -// // Create a STS client with additional configuration -// svc := sts.New(mySession, aws.NewConfig().WithRegion("us-west-2")) +// // Create a STS client from just a session. +// svc := sts.New(mySession) +// +// // Create a STS client with additional configuration +// svc := sts.New(mySession, aws.NewConfig().WithRegion("us-west-2")) func New(p client.ConfigProvider, cfgs ...*aws.Config) *STS { c := p.ClientConfig(EndpointsID, cfgs...) - return newClient(*c.Config, c.Handlers, c.PartitionID, c.Endpoint, c.SigningRegion, c.SigningName) + if c.SigningNameDerived || len(c.SigningName) == 0 { + c.SigningName = EndpointsID + // No Fallback + } + return newClient(*c.Config, c.Handlers, c.PartitionID, c.Endpoint, c.SigningRegion, c.SigningName, c.ResolvedRegion) } // newClient creates, initializes and returns a new service client instance. -func newClient(cfg aws.Config, handlers request.Handlers, partitionID, endpoint, signingRegion, signingName string) *STS { +func newClient(cfg aws.Config, handlers request.Handlers, partitionID, endpoint, signingRegion, signingName, resolvedRegion string) *STS { svc := &STS{ Client: client.New( cfg, metadata.ClientInfo{ - ServiceName: ServiceName, - ServiceID: ServiceID, - SigningName: signingName, - SigningRegion: signingRegion, - PartitionID: partitionID, - Endpoint: endpoint, - APIVersion: "2011-06-15", + ServiceName: ServiceName, + ServiceID: ServiceID, + SigningName: signingName, + SigningRegion: signingRegion, + PartitionID: partitionID, + Endpoint: endpoint, + APIVersion: "2011-06-15", + ResolvedRegion: resolvedRegion, }, handlers, ), diff --git a/ecs-init/vendor/github.com/aws/aws-sdk-go/service/sts/stsiface/interface.go b/ecs-init/vendor/github.com/aws/aws-sdk-go/service/sts/stsiface/interface.go index e2e1d6efe55..bf06b2e7d08 100644 --- a/ecs-init/vendor/github.com/aws/aws-sdk-go/service/sts/stsiface/interface.go +++ b/ecs-init/vendor/github.com/aws/aws-sdk-go/service/sts/stsiface/interface.go @@ -23,37 +23,37 @@ import ( // can be stubbed out for unit testing your code with the SDK without needing // to inject custom request handlers into the SDK's request pipeline. // -// // myFunc uses an SDK service client to make a request to -// // AWS Security Token Service. -// func myFunc(svc stsiface.STSAPI) bool { -// // Make svc.AssumeRole request -// } +// // myFunc uses an SDK service client to make a request to +// // AWS Security Token Service. +// func myFunc(svc stsiface.STSAPI) bool { +// // Make svc.AssumeRole request +// } // -// func main() { -// sess := session.New() -// svc := sts.New(sess) +// func main() { +// sess := session.New() +// svc := sts.New(sess) // -// myFunc(svc) -// } +// myFunc(svc) +// } // // In your _test.go file: // -// // Define a mock struct to be used in your unit tests of myFunc. -// type mockSTSClient struct { -// stsiface.STSAPI -// } -// func (m *mockSTSClient) AssumeRole(input *sts.AssumeRoleInput) (*sts.AssumeRoleOutput, error) { -// // mock response/functionality -// } +// // Define a mock struct to be used in your unit tests of myFunc. +// type mockSTSClient struct { +// stsiface.STSAPI +// } +// func (m *mockSTSClient) AssumeRole(input *sts.AssumeRoleInput) (*sts.AssumeRoleOutput, error) { +// // mock response/functionality +// } // -// func TestMyFunc(t *testing.T) { -// // Setup Test -// mockSvc := &mockSTSClient{} +// func TestMyFunc(t *testing.T) { +// // Setup Test +// mockSvc := &mockSTSClient{} // -// myfunc(mockSvc) +// myfunc(mockSvc) // -// // Verify myFunc's functionality -// } +// // Verify myFunc's functionality +// } // // It is important to note that this interface will have breaking changes // when the service model is updated and adds new API operations, paginators, diff --git a/ecs-init/vendor/modules.txt b/ecs-init/vendor/modules.txt index 87aa6a30cf9..edaae32a2e4 100644 --- a/ecs-init/vendor/modules.txt +++ b/ecs-init/vendor/modules.txt @@ -9,10 +9,11 @@ github.com/Microsoft/go-winio/pkg/guid # github.com/NVIDIA/gpu-monitoring-tools v0.0.0-20180829222009-86f2a9fac6c5 ## explicit github.com/NVIDIA/gpu-monitoring-tools/bindings/go/nvml -# github.com/aws/aws-sdk-go v1.36.0 -## explicit; go 1.11 +# github.com/aws/aws-sdk-go v1.51.3 +## explicit; go 1.19 github.com/aws/aws-sdk-go/aws github.com/aws/aws-sdk-go/aws/arn +github.com/aws/aws-sdk-go/aws/auth/bearer github.com/aws/aws-sdk-go/aws/awserr github.com/aws/aws-sdk-go/aws/awsutil github.com/aws/aws-sdk-go/aws/client @@ -22,6 +23,7 @@ github.com/aws/aws-sdk-go/aws/credentials github.com/aws/aws-sdk-go/aws/credentials/ec2rolecreds github.com/aws/aws-sdk-go/aws/credentials/endpointcreds github.com/aws/aws-sdk-go/aws/credentials/processcreds +github.com/aws/aws-sdk-go/aws/credentials/ssocreds github.com/aws/aws-sdk-go/aws/credentials/stscreds github.com/aws/aws-sdk-go/aws/csm github.com/aws/aws-sdk-go/aws/defaults @@ -47,14 +49,19 @@ github.com/aws/aws-sdk-go/private/protocol github.com/aws/aws-sdk-go/private/protocol/eventstream github.com/aws/aws-sdk-go/private/protocol/eventstream/eventstreamapi github.com/aws/aws-sdk-go/private/protocol/json/jsonutil +github.com/aws/aws-sdk-go/private/protocol/jsonrpc github.com/aws/aws-sdk-go/private/protocol/query github.com/aws/aws-sdk-go/private/protocol/query/queryutil github.com/aws/aws-sdk-go/private/protocol/rest +github.com/aws/aws-sdk-go/private/protocol/restjson github.com/aws/aws-sdk-go/private/protocol/restxml github.com/aws/aws-sdk-go/private/protocol/xml/xmlutil github.com/aws/aws-sdk-go/service/s3 github.com/aws/aws-sdk-go/service/s3/s3iface github.com/aws/aws-sdk-go/service/s3/s3manager +github.com/aws/aws-sdk-go/service/sso +github.com/aws/aws-sdk-go/service/sso/ssoiface +github.com/aws/aws-sdk-go/service/ssooidc github.com/aws/aws-sdk-go/service/sts github.com/aws/aws-sdk-go/service/sts/stsiface # github.com/cihub/seelog v0.0.0-20170130134532-f561c5e57575